From: Wietse Venema Date: Thu, 24 May 2007 05:00:00 +0000 (-0500) Subject: postfix-2.5-20070524 X-Git-Tag: v2.5.0-RC1~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5abebda659811ade1f61f4dcfb75f0b616ea2cdc;p=thirdparty%2Fpostfix.git postfix-2.5-20070524 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 64187a232..3b57177c4 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -13548,8 +13548,30 @@ Apologies for any names omitted. transports. Cause: insufficient documentation. Files: error/error.c, discard/discard.c. +20070520 + + Bugfix (problem introduced Postfix 2.3): when DSN support + was introduced it broke "agressive" recipient duplicate + elimination with "enable_original_recipient = no". File: + cleanup/cleanup_out_recipient.c. + +20070523 + + Feature: cyrus_sasl_config_path to specify a search path + for Cyrus SASL configuration files (currently used only to + locate the smtpd.conf file). Based on code by Victor + Duchovni. Files: smtpd/smtpd.c xsasl/xsasl_cyrus_server.c, + (and xsasl/xsasl_cyrus_client.c for future expansion). + Wish list: + Update attr_print/scan() so they can send/receive file + descriptors. This simplifies kludgy code in many daemons. + + Make adding date/from/etc. conditional. Perhaps on header + rewrite context? Do we need a more powerful concept than + local_header_rewrite_clients/remote_header_rewrite_domain? + Would there be a problem adding $smtpd_mumble_restrictions and $smtpd_sender_login_maps to the default proxy_read_maps settings? diff --git a/postfix/README_FILES/XFORWARD_README b/postfix/README_FILES/XFORWARD_README index 47b12fe09..dd6aa39c2 100644 --- a/postfix/README_FILES/XFORWARD_README +++ b/postfix/README_FILES/XFORWARD_README @@ -19,7 +19,7 @@ transmit client or message attributes incrementally. It is not implemented by passing additional parameters via the MAIL FROM command, because doing so would require extending the MAIL FROM command length limit by another 600 or more characters beyond the space that is already needed to support other extensions -such as AUTH. +such as AUTH and DSN. XXFFOORRWWAARRDD CCoommmmaanndd ssyynnttaaxx @@ -31,8 +31,8 @@ XFORWARD. The keyword is followed by the names of the attributes that the XFORWARD implementation supports. The client may send the XFORWARD request at any time except in the middle of a -mail delivery transaction (i.e. between MAIL and DOT). The command may be -pipelined when the server supports ESMTP command pipelining. +mail delivery transaction (i.e. between MAIL and RSET or DOT). The command may +be pipelined when the server supports ESMTP command pipelining. The syntax of XFORWARD requests is described below. Upper case and quoted strings specify terminals, lowercase strings specify meta terminals, and SP is @@ -93,7 +93,7 @@ XXFFOORRWWAARRDD SSeerrvveerr rreessppoonnssee Upon receipt of a correctly formatted XFORWARD command, the server stores the specified attribute values, and erases the attributes whose value was specified as [UNAVAILABLE]. All XFORWARD attributes are reset to the real client -information after the MAIL FROM command completes. +information after the MAIL FROM transaction completes (i.e. after RSET or DOT). XXFFOORRWWAARRDD SSeerrvveerr rreeppllyy ccooddeess @@ -149,7 +149,8 @@ SSMMTTPP ccoonnnneeccttiioonn ccaacchhiinngg SMTP connection caching makes it possible to deliver multiple messages within the same SMTP session. The XFORWARD attributes are reset after the MAIL FROM -command completes, so there is no risk of information leakage. +transaction completes (after RSET or DOT), so there is no risk of information +leakage. RReeffeerreenncceess diff --git a/postfix/html/XFORWARD_README.html b/postfix/html/XFORWARD_README.html index 8f6677eff..1847d3cdd 100644 --- a/postfix/html/XFORWARD_README.html +++ b/postfix/html/XFORWARD_README.html @@ -41,7 +41,7 @@ It is not implemented by passing additional parameters via the MAIL FROM command, because doing so would require extending the MAIL FROM command length limit by another 600 or more characters beyond the space that is already needed to support other extensions such -as AUTH.

+as AUTH and DSN.

XFORWARD Command syntax

@@ -54,9 +54,8 @@ attributes that the XFORWARD implementation supports.

The client may send the XFORWARD request at any time except in the middle of a mail delivery transaction (i.e. between MAIL and -DOT). The command may be pipelined when the server supports -ESMTP command pipelining. -

+RSET or DOT). The command may be pipelined when the server supports +ESMTP command pipelining.

The syntax of XFORWARD requests is described below. Upper case and quoted strings specify terminals, lowercase strings specify @@ -139,7 +138,7 @@ unencoded information.

server stores the specified attribute values, and erases the attributes whose value was specified as [UNAVAILABLE]. All XFORWARD attributes are reset to the real client information after the MAIL -FROM command completes.

+FROM transaction completes (i.e. after RSET or DOT).

XFORWARD Server reply codes

@@ -206,8 +205,8 @@ must be restricted to authorized clients.

SMTP connection caching makes it possible to deliver multiple messages within the same SMTP session. The XFORWARD attributes are -reset after the MAIL FROM command completes, so there is no risk -of information leakage.

+reset after the MAIL FROM transaction completes (after RSET or DOT), +so there is no risk of information leakage.

References

diff --git a/postfix/html/bounce.5.html b/postfix/html/bounce.5.html index 0f872ac05..54214f5a4 100644 --- a/postfix/html/bounce.5.html +++ b/postfix/html/bounce.5.html @@ -139,49 +139,50 @@ BOUNCE(5) BOUNCE(5) o Template message header names can be specified in upper case, lower case or mixed case. Postfix - always uses the spelling as shown in the example - above. + always produces bounce message header labels of the + form "From:" and "Subject:". o Template message headers must not span multiple lines. - o Template message headers must not contain main.cf - $parameters. + o Template message headers do not support $parameter + expansions. o Template message headers must contain ASCII charac- - ters only. + ters only, and must not contain ASCII null charac- + ters. TEMPLATE MESSAGE TEXT FORMAT - The second portion of a bounce template consists of mes- - sage text. As the above example shows, template message - text may contain main.cf $parameters. Besides the parame- + The second portion of a bounce template consists of mes- + sage text. As the above example shows, template message + text may contain main.cf $parameters. Besides the parame- ters that are defined in main.cf, the following parameters - are treated specially depending on the suffix that is + are treated specially depending on the suffix that is appended to their name. delay_warning_time_suffix - Expands into the value of the delay_warning_time - parameter, expressed in the time unit specified by - suffix, which is one of seconds, minutes, hours, + Expands into the value of the delay_warning_time + parameter, expressed in the time unit specified by + suffix, which is one of seconds, minutes, hours, days, or weeks. maximal_queue_lifetime_suffix - Expands into the value of the maximal_queue_life- - time parameter, expressed in the time unit speci- + Expands into the value of the maximal_queue_life- + time parameter, expressed in the time unit speci- fied by suffix. See above under delay_warning_time for possible suffix values. - The usage and specification of template message text is + The usage and specification of template message text is subject to the following restrictions: o The template message text is not sent in Postmaster copies of delivery status notifications. - o If the template message text contains non-ASCII + o If the template message text contains non-ASCII characters, Postfix requires that the Charset: tem- - plate header is updated. Specify an appropriate + plate header is updated. Specify an appropriate superset of US-ASCII. A superset is needed because - Postfix appends ASCII text after the message tem- + Postfix appends ASCII text after the message tem- plate when it sends a delivery status notification. SEE ALSO @@ -189,11 +190,11 @@ BOUNCE(5) BOUNCE(5) postconf(5), configuration parameters LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. HISTORY - The Postfix bounce template format was originally devel- + The Postfix bounce template format was originally devel- oped by Nicolas Riendeau. AUTHOR(S) diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index c1fbb218b..81330c88d 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -1445,6 +1445,20 @@ in a header_checks(5) or cyrus_sasl_config_path +(default: empty)
+ +

Search path for Cyrus SASL application configuration files, +currently used only to locate the $smtpd_sasl_path.conf file. +Specify zero or more directories separated by a colon character, +or an empty value to use Cyrus SASL's built-in search path.

+ +

This feature is available in Postfix 2.5 and later when compiled +with Cyrus SASL 2.1.22 or later.

+ +
daemon_directory diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index 6c70ca80b..01f4b58db 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -333,6 +333,13 @@ SMTPD(8) SMTPD(8) The SASL plug-in type that the Postfix SMTP server should use for authentication. + Available in Postfix version 2.5 and later: + + cyrus_sasl_config_path (empty) + Search path for Cyrus SASL application configura- + tion files, currently used only to locate the + $smtpd_sasl_path.conf file. + STARTTLS SUPPORT CONTROLS Detailed information about STARTTLS configuration may be found in the TLS_README document. @@ -921,42 +928,43 @@ SMTPD(8) SMTPD(8) The delay between queries for the completion of an address verification request in progress. - address_verify_sender (postmaster) + address_verify_sender ($double_bounce_sender) The sender address to use in address verification - probes. + probes; prior to Postfix 2.5 the default was "post- + master". unverified_sender_reject_code (450) - The numerical Postfix SMTP server response code - when a recipient address is rejected by the + The numerical Postfix SMTP server response code + when a recipient address is rejected by the reject_unverified_sender restriction. unverified_recipient_reject_code (450) - The numerical Postfix SMTP server response when a + The numerical Postfix SMTP server response when a recipient address is rejected by the reject_unveri- fied_recipient restriction. ACCESS CONTROL RESPONSES - The following parameters control numerical SMTP reply + The following parameters control numerical SMTP reply codes and/or text responses. access_map_reject_code (554) - The numerical Postfix SMTP server response code - when a client is rejected by an access(5) map + The numerical Postfix SMTP server response code + when a client is rejected by an access(5) map restriction. defer_code (450) - The numerical Postfix SMTP server response code - when a remote SMTP client request is rejected by + The numerical Postfix SMTP server response code + when a remote SMTP client request is rejected by the "defer" restriction. invalid_hostname_reject_code (501) - The numerical Postfix SMTP server response code - when the client HELO or EHLO command parameter is - rejected by the reject_invalid_helo_hostname + The numerical Postfix SMTP server response code + when the client HELO or EHLO command parameter is + rejected by the reject_invalid_helo_hostname restriction. maps_rbl_reject_code (554) - The numerical Postfix SMTP server response code + The numerical Postfix SMTP server response code when a remote SMTP client request is blocked by the reject_rbl_client, reject_rhsbl_client, reject_rhsbl_sender or reject_rhsbl_recipient @@ -964,53 +972,53 @@ SMTPD(8) SMTPD(8) non_fqdn_reject_code (504) The numerical Postfix SMTP server reply code when a - client request is rejected by the + client request is rejected by the reject_non_fqdn_helo_hostname, reject_non_fqdn_sender or reject_non_fqdn_recipient restriction. plaintext_reject_code (450) - The numerical Postfix SMTP server response code - when a request is rejected by the reject_plain- + The numerical Postfix SMTP server response code + when a request is rejected by the reject_plain- text_session restriction. reject_code (554) - The numerical Postfix SMTP server response code - when a remote SMTP client request is rejected by + The numerical Postfix SMTP server response code + when a remote SMTP client request is rejected by the "reject" restriction. relay_domains_reject_code (554) - The numerical Postfix SMTP server response code - when a client request is rejected by the + The numerical Postfix SMTP server response code + when a client request is rejected by the reject_unauth_destination recipient restriction. unknown_address_reject_code (450) - The numerical Postfix SMTP server response code - when a sender or recipient address is rejected by + The numerical Postfix SMTP server response code + when a sender or recipient address is rejected by the reject_unknown_sender_domain or reject_unknown_recipient_domain restriction. unknown_client_reject_code (450) - The numerical Postfix SMTP server response code - when a client without valid address <=> name map- + The numerical Postfix SMTP server response code + when a client without valid address <=> name map- ping is rejected by the reject_unknown_client_host- name restriction. unknown_hostname_reject_code (450) - The numerical Postfix SMTP server response code - when the hostname specified with the HELO or EHLO - command is rejected by the + The numerical Postfix SMTP server response code + when the hostname specified with the HELO or EHLO + command is rejected by the reject_unknown_helo_hostname restriction. Available in Postfix version 2.0 and later: default_rbl_reply (see 'postconf -d' output) - The default SMTP server response template for a - request that is rejected by an RBL-based restric- + The default SMTP server response template for a + request that is rejected by an RBL-based restric- tion. multi_recipient_bounce_reject_code (550) - The numerical Postfix SMTP server response code + The numerical Postfix SMTP server response code when a remote SMTP client request is blocked by the reject_multi_recipient_bounce restriction. @@ -1019,16 +1027,16 @@ SMTPD(8) SMTPD(8) MISCELLANEOUS CONTROLS config_directory (see 'postconf -d' output) - The default location of the Postfix main.cf and + The default location of the Postfix main.cf and master.cf configuration files. daemon_timeout (18000s) - How much time a Postfix daemon process may take to - handle a request before it is terminated by a + How much time a Postfix daemon process may take to + handle a request before it is terminated by a built-in watchdog timer. command_directory (see 'postconf -d' output) - The location of all postfix administrative com- + The location of all postfix administrative com- mands. double_bounce_sender (double-bounce) @@ -1049,37 +1057,37 @@ SMTPD(8) SMTPD(8) and most Postfix daemon processes. max_idle (100s) - The maximum amount of time that an idle Postfix - daemon process waits for an incoming connection + The maximum amount of time that an idle Postfix + daemon process waits for an incoming connection before terminating voluntarily. max_use (100) - The maximal number of incoming connections that a - Postfix daemon process will service before termi- + The maximal number of incoming connections that a + Postfix daemon process will service before termi- nating voluntarily. myhostname (see 'postconf -d' output) The internet hostname of this mail system. mynetworks (see 'postconf -d' output) - The list of "trusted" SMTP clients that have more + The list of "trusted" SMTP clients that have more privileges than "strangers". myorigin ($myhostname) The domain name that locally-posted mail appears to - come from, and that locally posted mail is deliv- + come from, and that locally posted mail is deliv- ered to. process_id (read-only) - The process ID of a Postfix command or daemon + The process ID of a Postfix command or daemon process. process_name (read-only) - The process name of a Postfix command or daemon + The process name of a Postfix command or daemon process. queue_directory (see 'postconf -d' output) - The location of the Postfix top-level queue direc- + The location of the Postfix top-level queue direc- tory. recipient_delimiter (empty) @@ -1087,22 +1095,22 @@ SMTPD(8) SMTPD(8) sions (user+foo). smtpd_banner ($myhostname ESMTP $mail_name) - The text that follows the 220 status code in the + The text that follows the 220 status code in the SMTP greeting banner. syslog_facility (mail) The syslog facility of Postfix logging. syslog_name (postfix) - The mail system name that is prepended to the - process name in syslog records, so that "smtpd" + The mail system name that is prepended to the + process name in syslog records, so that "smtpd" becomes, for example, "postfix/smtpd". Available in Postfix version 2.2 and later: smtpd_forbidden_commands (CONNECT, GET, POST) - List of commands that causes the Postfix SMTP - server to immediately terminate the session with a + List of commands that causes the Postfix SMTP + server to immediately terminate the session with a 221 code. SEE ALSO @@ -1132,7 +1140,7 @@ SMTPD(8) SMTPD(8) XFORWARD_README, Postfix XFORWARD extension LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/man/man5/bounce.5 b/postfix/man/man5/bounce.5 index a2a2a9dd9..2fddcac5e 100644 --- a/postfix/man/man5/bounce.5 +++ b/postfix/man/man5/bounce.5 @@ -147,14 +147,16 @@ The usage and specification of template message headers is subject to the following restrictions: .IP \(bu Template message header names can be specified in upper -case, lower case or mixed case. Postfix always uses the -spelling as shown in the example above. +case, lower case or mixed case. Postfix always produces +bounce message header labels of the form "\fBFrom:\fR" and +"\fBSubject:\fR". .IP \(bu Template message headers must not span multiple lines. .IP \(bu -Template message headers must not contain main.cf $parameters. +Template message headers do not support $parameter expansions. .IP \(bu -Template message headers must contain ASCII characters only. +Template message headers must contain ASCII characters only, +and must not contain ASCII null characters. .SH "TEMPLATE MESSAGE TEXT FORMAT" .na .nf diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 1d3dfac0a..18c15d9ac 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -788,6 +788,14 @@ This parameter uses the same syntax as the right-hand side of a Postfix \fBtransport\fR(5) table. This setting has a lower precedence than a content filter that is specified with an \fBaccess\fR(5) table or in a \fBheader_checks\fR(5) or \fBbody_checks\fR(5) table. +.SH cyrus_sasl_config_path (default: empty) +Search path for Cyrus SASL application configuration files, +currently used only to locate the $smtpd_sasl_path.conf file. +Specify zero or more directories separated by a colon character, +or an empty value to use Cyrus SASL's built-in search path. +.PP +This feature is available in Postfix 2.5 and later when compiled +with Cyrus SASL 2.1.22 or later. .SH daemon_directory (default: see "postconf -d" output) The directory with Postfix support programs and daemon programs. These should not be invoked directly by humans. The directory must diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index 3ee6d1deb..09f917c2d 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -298,6 +298,11 @@ the SASL plug-in implementation that is selected with .IP "\fBsmtpd_sasl_type (cyrus)\fR" The SASL plug-in type that the Postfix SMTP server should use for authentication. +.PP +Available in Postfix version 2.5 and later: +.IP "\fBcyrus_sasl_config_path (empty)\fR" +Search path for Cyrus SASL application configuration files, +currently used only to locate the $smtpd_sasl_path.conf file. .SH "STARTTLS SUPPORT CONTROLS" .na .nf @@ -742,8 +747,9 @@ of an address verification request in progress. .IP "\fBaddress_verify_poll_delay (3s)\fR" The delay between queries for the completion of an address verification request in progress. -.IP "\fBaddress_verify_sender (postmaster)\fR" -The sender address to use in address verification probes. +.IP "\fBaddress_verify_sender ($double_bounce_sender)\fR" +The sender address to use in address verification probes; prior +to Postfix 2.5 the default was "postmaster". .IP "\fBunverified_sender_reject_code (450)\fR" The numerical Postfix SMTP server response code when a recipient address is rejected by the reject_unverified_sender restriction. diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index 6d4320497..537258876 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -481,6 +481,7 @@ while (<>) { s;\bsmtpd_reject_unlisted_sender\b;$&;g; s;\bsmtpd_restriction_classes\b;$&;g; s;\bsmtpd_sasl_path\b;$&;g; + s;\bcyrus_sasl_config_path\b;$&;g; s;\bsmtpd_sasl_auth_enable\b;$&;g; s;\bsmtpd_sasl_authenticated_header\b;$&;g; s;\bsmtpd_sasl_exceptions_networks\b;$&;g; diff --git a/postfix/proto/XFORWARD_README.html b/postfix/proto/XFORWARD_README.html index 2fb064e6c..01c373f08 100644 --- a/postfix/proto/XFORWARD_README.html +++ b/postfix/proto/XFORWARD_README.html @@ -41,7 +41,7 @@ It is not implemented by passing additional parameters via the MAIL FROM command, because doing so would require extending the MAIL FROM command length limit by another 600 or more characters beyond the space that is already needed to support other extensions such -as AUTH.

+as AUTH and DSN.

XFORWARD Command syntax

@@ -54,9 +54,8 @@ attributes that the XFORWARD implementation supports.

The client may send the XFORWARD request at any time except in the middle of a mail delivery transaction (i.e. between MAIL and -DOT). The command may be pipelined when the server supports -ESMTP command pipelining. -

+RSET or DOT). The command may be pipelined when the server supports +ESMTP command pipelining.

The syntax of XFORWARD requests is described below. Upper case and quoted strings specify terminals, lowercase strings specify @@ -139,7 +138,7 @@ unencoded information.

server stores the specified attribute values, and erases the attributes whose value was specified as [UNAVAILABLE]. All XFORWARD attributes are reset to the real client information after the MAIL -FROM command completes.

+FROM transaction completes (i.e. after RSET or DOT).

XFORWARD Server reply codes

@@ -206,8 +205,8 @@ must be restricted to authorized clients.

SMTP connection caching makes it possible to deliver multiple messages within the same SMTP session. The XFORWARD attributes are -reset after the MAIL FROM command completes, so there is no risk -of information leakage.

+reset after the MAIL FROM transaction completes (after RSET or DOT), +so there is no risk of information leakage.

References

diff --git a/postfix/proto/bounce b/postfix/proto/bounce index e1944196e..98e96d4cf 100644 --- a/postfix/proto/bounce +++ b/postfix/proto/bounce @@ -135,14 +135,16 @@ # subject to the following restrictions: # .IP \(bu # Template message header names can be specified in upper -# case, lower case or mixed case. Postfix always uses the -# spelling as shown in the example above. +# case, lower case or mixed case. Postfix always produces +# bounce message header labels of the form "\fBFrom:\fR" and +# "\fBSubject:\fR". # .IP \(bu # Template message headers must not span multiple lines. # .IP \(bu -# Template message headers must not contain main.cf $parameters. +# Template message headers do not support $parameter expansions. # .IP \(bu -# Template message headers must contain ASCII characters only. +# Template message headers must contain ASCII characters only, +# and must not contain ASCII null characters. # TEMPLATE MESSAGE TEXT FORMAT # .ad # .fi diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 1f613d6f4..06481d697 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -9399,6 +9399,16 @@ configuration file or rendezvous point.

This feature is available in Postfix 2.3 and later. In earlier releases it was called smtpd_sasl_application.

+%PARAM cyrus_sasl_config_path + +

Search path for Cyrus SASL application configuration files, +currently used only to locate the $smtpd_sasl_path.conf file. +Specify zero or more directories separated by a colon character, +or an empty value to use Cyrus SASL's built-in search path.

+ +

This feature is available in Postfix 2.5 and later when compiled +with Cyrus SASL 2.1.22 or later.

+ %PARAM smtp_sasl_path

Implementation-specific information that the Postfix SMTP client diff --git a/postfix/src/cleanup/cleanup_out_recipient.c b/postfix/src/cleanup/cleanup_out_recipient.c index 476dc44b5..25ffb9052 100644 --- a/postfix/src/cleanup/cleanup_out_recipient.c +++ b/postfix/src/cleanup/cleanup_out_recipient.c @@ -127,13 +127,20 @@ void cleanup_out_recipient(CLEANUP_STATE *state, * Distinguish between different original recipient addresses that map * onto the same mailbox. The recipient will use our original recipient * message header to figure things out. + * + * Postfix 2.2 compatibility: when ignoring differences in Postfix original + * recipient information, also ignore differences in DSN attributes. We + * do, however, keep the DSN attributes of the recipient that survives + * duplicate elimination. */ #define STREQ(x, y) (strcmp((x), (y)) == 0) if ((state->flags & CLEANUP_FLAG_MAP_OK) == 0 || cleanup_virt_alias_maps == 0) { - if (been_here(state->dups, "%s\n%d\n%s\n%s", - dsn_orcpt, dsn_notify, orcpt, recip) == 0) { + if ((var_enable_orcpt ? + been_here(state->dups, "%s\n%d\n%s\n%s", + dsn_orcpt, dsn_notify, orcpt, recip) : + been_here_fixed(state->dups, recip)) == 0) { if (dsn_notify) cleanup_out_format(state, REC_TYPE_ATTR, "%s=%d", MAIL_ATTR_DSN_NOTIFY, dsn_notify); @@ -181,6 +188,11 @@ void cleanup_out_recipient(CLEANUP_STATE *state, * notifications. The queue manager will flush the trace (and bounce) * logfile, possibly after it has generated its own success or failure * notification records. + * + * Postfix 2.2 compatibility: when ignoring differences in Postfix original + * recipient information, also ignore differences in DSN attributes. We + * do, however, keep the DSN attributes of the recipient that survives + * duplicate elimination. */ else { RECIPIENT rcpt; @@ -198,8 +210,10 @@ void cleanup_out_recipient(CLEANUP_STATE *state, dsn_notify & ~DSN_NOTIFY_SUCCESS); } for (cpp = argv->argv; *cpp; cpp++) { - if (been_here(state->dups, "%s\n%d\n%s\n%s", - dsn_orcpt, dsn_notify, orcpt, *cpp) == 0) { + if ((var_enable_orcpt ? + been_here(state->dups, "%s\n%d\n%s\n%s", + dsn_orcpt, dsn_notify, orcpt, *cpp) : + been_here_fixed(state->dups, *cpp)) == 0) { if (dsn_notify) cleanup_out_format(state, REC_TYPE_ATTR, "%s=%d", MAIL_ATTR_DSN_NOTIFY, dsn_notify); diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 54995c2e4..fe236bf16 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -1383,6 +1383,10 @@ extern char *var_smtpd_sasl_opts; #define DEF_SMTPD_SASL_PATH "smtpd" extern char *var_smtpd_sasl_path; +#define VAR_CYRUS_CONF_PATH "cyrus_sasl_config_path" +#define DEF_CYRUS_CONF_PATH "" +extern char *var_cyrus_conf_path; + #define VAR_SMTPD_SASL_TLS_OPTS "smtpd_sasl_tls_security_options" #define DEF_SMTPD_SASL_TLS_OPTS "$" VAR_SMTPD_SASL_OPTS extern char *var_smtpd_sasl_tls_opts; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 9cf7727a8..2e40735c9 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20070516" +#define MAIL_RELEASE_DATE "20070524" #define MAIL_VERSION_NUMBER "2.5" #ifdef SNAPSHOT diff --git a/postfix/src/master/multi_server.c b/postfix/src/master/multi_server.c index 9e69fd913..3d3bcac5d 100644 --- a/postfix/src/master/multi_server.c +++ b/postfix/src/master/multi_server.c @@ -12,9 +12,8 @@ /* void (*service)(VSTREAM *stream, char *service_name, char **argv); /* int key; /* -/* void multi_server_disconnect(stream, argv) +/* void multi_server_disconnect(stream) /* VSTREAM *stream; -/* char **argv; /* /* void multi_server_drain() /* DESCRIPTION @@ -97,7 +96,7 @@ /* Function to be executed prior to accepting a new connection. /* .sp /* Only the last instance of this parameter type is remembered. -/* .IP "MAIL_SERVER_PRE_DISCONN (VSTREAM *, void *(char *service_name, char **argv))" +/* .IP "MAIL_SERVER_PRE_DISCONN (VSTREAM *, char *service_name, char **argv)" /* A pointer to a function that is called /* by the multi_server_disconnect() function (see below). /* .sp diff --git a/postfix/src/smtp/lmtp_params.c b/postfix/src/smtp/lmtp_params.c index c25587935..3a40791c6 100644 --- a/postfix/src/smtp/lmtp_params.c +++ b/postfix/src/smtp/lmtp_params.c @@ -46,6 +46,7 @@ VAR_LMTP_TCP_PORT, DEF_LMTP_TCP_PORT, &var_lmtp_tcp_port, 0, 0, VAR_LMTP_PIX_BUG_WORDS, DEF_LMTP_PIX_BUG_WORDS, &var_smtp_pix_bug_words, 0, 0, VAR_LMTP_PIX_BUG_MAPS, DEF_LMTP_PIX_BUG_MAPS, &var_smtp_pix_bug_maps, 0, 0, + VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0, 0, }; static CONFIG_TIME_TABLE lmtp_time_table[] = { diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c index 2e854c596..120dd62e2 100644 --- a/postfix/src/smtp/smtp.c +++ b/postfix/src/smtp/smtp.c @@ -711,6 +711,7 @@ int var_scache_proto_tmout; bool var_smtp_cname_overr; char *var_smtp_pix_bug_words; char *var_smtp_pix_bug_maps; +char *var_cyrus_conf_path; /* * Global variables. diff --git a/postfix/src/smtp/smtp_params.c b/postfix/src/smtp/smtp_params.c index e604298b1..463c20813 100644 --- a/postfix/src/smtp/smtp_params.c +++ b/postfix/src/smtp/smtp_params.c @@ -47,6 +47,7 @@ VAR_LMTP_TCP_PORT, DEF_LMTP_TCP_PORT, &var_lmtp_tcp_port, 0, 0, VAR_SMTP_PIX_BUG_WORDS, DEF_SMTP_PIX_BUG_WORDS, &var_smtp_pix_bug_words, 0, 0, VAR_SMTP_PIX_BUG_MAPS, DEF_SMTP_PIX_BUG_MAPS, &var_smtp_pix_bug_maps, 0, 0, + VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0, 0, }; static CONFIG_TIME_TABLE smtp_time_table[] = { diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index 7c94a7256..4bcab36d8 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -268,6 +268,11 @@ /* .IP "\fBsmtpd_sasl_type (cyrus)\fR" /* The SASL plug-in type that the Postfix SMTP server should use /* for authentication. +/* .PP +/* Available in Postfix version 2.5 and later: +/* .IP "\fBcyrus_sasl_config_path (empty)\fR" +/* Search path for Cyrus SASL application configuration files, +/* currently used only to locate the $smtpd_sasl_path.conf file. /* STARTTLS SUPPORT CONTROLS /* .ad /* .fi @@ -692,8 +697,9 @@ /* .IP "\fBaddress_verify_poll_delay (3s)\fR" /* The delay between queries for the completion of an address /* verification request in progress. -/* .IP "\fBaddress_verify_sender (postmaster)\fR" -/* The sender address to use in address verification probes. +/* .IP "\fBaddress_verify_sender ($double_bounce_sender)\fR" +/* The sender address to use in address verification probes; prior +/* to Postfix 2.5 the default was "postmaster". /* .IP "\fBunverified_sender_reject_code (450)\fR" /* The numerical Postfix SMTP server response code when a recipient /* address is rejected by the reject_unverified_sender restriction. @@ -1010,6 +1016,7 @@ bool var_smtpd_sasl_enable; bool var_smtpd_sasl_auth_hdr; char *var_smtpd_sasl_opts; char *var_smtpd_sasl_path; +char *var_cyrus_conf_path; char *var_smtpd_sasl_realm; char *var_smtpd_sasl_exceptions_networks; char *var_smtpd_sasl_type; @@ -4526,6 +4533,7 @@ int main(int argc, char **argv) VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0, VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts, 0, 0, VAR_SMTPD_SASL_PATH, DEF_SMTPD_SASL_PATH, &var_smtpd_sasl_path, 1, 0, + VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0, VAR_SMTPD_SASL_REALM, DEF_SMTPD_SASL_REALM, &var_smtpd_sasl_realm, 0, 0, VAR_SMTPD_SASL_EXCEPTIONS_NETWORKS, DEF_SMTPD_SASL_EXCEPTIONS_NETWORKS, &var_smtpd_sasl_exceptions_networks, 0, 0, VAR_FILTER_XPORT, DEF_FILTER_XPORT, &var_filter_xport, 0, 0, diff --git a/postfix/src/xsasl/Makefile.in b/postfix/src/xsasl/Makefile.in index 65aeb6894..56dd1d637 100644 --- a/postfix/src/xsasl/Makefile.in +++ b/postfix/src/xsasl/Makefile.in @@ -91,6 +91,7 @@ xsasl_client.o: xsasl.h xsasl_client.o: xsasl_client.c xsasl_client.o: xsasl_cyrus.h xsasl_cyrus_client.o: ../../include/argv.h +xsasl_cyrus_client.o: ../../include/mail_params.h xsasl_cyrus_client.o: ../../include/msg.h xsasl_cyrus_client.o: ../../include/mymalloc.h xsasl_cyrus_client.o: ../../include/stringops.h @@ -132,6 +133,7 @@ xsasl_dovecot_server.o: ../../include/iostuff.h xsasl_dovecot_server.o: ../../include/mail_params.h xsasl_dovecot_server.o: ../../include/msg.h xsasl_dovecot_server.o: ../../include/mymalloc.h +xsasl_dovecot_server.o: ../../include/name_mask.h xsasl_dovecot_server.o: ../../include/split_at.h xsasl_dovecot_server.o: ../../include/stringops.h xsasl_dovecot_server.o: ../../include/sys_defs.h diff --git a/postfix/src/xsasl/xsasl_cyrus_client.c b/postfix/src/xsasl/xsasl_cyrus_client.c index e38ab380d..1b6f0257d 100644 --- a/postfix/src/xsasl/xsasl_cyrus_client.c +++ b/postfix/src/xsasl/xsasl_cyrus_client.c @@ -65,6 +65,11 @@ #include #include + /* + * Global library. + */ +#include + /* * Application-specific */ @@ -212,7 +217,7 @@ static int xsasl_cyrus_client_get_passwd(sasl_conn_t *conn, void *context, /* xsasl_cyrus_client_init - initialize Cyrus SASL library */ XSASL_CLIENT_IMPL *xsasl_cyrus_client_init(const char *unused_client_type, - const char *unused_path_info) + const char *unused_path_info) { XSASL_CLIENT_IMPL *xp; int sasl_status; @@ -252,6 +257,20 @@ XSASL_CLIENT_IMPL *xsasl_cyrus_client_init(const char *unused_client_type, } #endif + if (*var_cyrus_conf_path) { +#ifdef SASL_PATH_TYPE_CONFIG /* Cyrus SASL 2.1.22 */ + if (set_sasl_path(SASL_PATH_TYPE_CONFIG, + var_cyrus_conf_path) != SASL_OK) + msg_warn("failed to set Cyrus SASL configuration path: \"%s\"", + var_cyrus_conf_path); +#else + msg_warn("%s is not empty, but setting the Cyrus SASL configuration " + "path is not supported with SASL library version %d.%d.%d", + VAR_CYRUS_CONF_PATH, SASL_VERSION_MAJOR, + SASL_VERSION_MINOR, SASL_VERSION_STEP); +#endif + } + /* * Initialize the SASL library. */ diff --git a/postfix/src/xsasl/xsasl_cyrus_server.c b/postfix/src/xsasl/xsasl_cyrus_server.c index 69f2fba0d..0cd6aa383 100644 --- a/postfix/src/xsasl/xsasl_cyrus_server.c +++ b/postfix/src/xsasl/xsasl_cyrus_server.c @@ -213,6 +213,20 @@ XSASL_SERVER_IMPL *xsasl_cyrus_server_init(const char *unused_server_type, } #endif + if (*var_cyrus_conf_path) { +#ifdef SASL_PATH_TYPE_CONFIG /* Cyrus SASL 2.1.22 */ + if (set_sasl_path(SASL_PATH_TYPE_CONFIG, + var_cyrus_conf_path) != SASL_OK) + msg_warn("failed to set Cyrus SASL configuration path: \"%s\"", + var_cyrus_conf_path); +#else + msg_warn("%s is not empty, but setting the Cyrus SASL configuration " + "path is not supported with SASL library version %d.%d.%d", + VAR_CYRUS_CONF_PATH, SASL_VERSION_MAJOR, + SASL_VERSION_MINOR, SASL_VERSION_STEP); +#endif + } + /* * Initialize the library: load SASL plug-in routines, etc. */