From: Wietse Venema Date: Sun, 27 Feb 2005 05:00:00 +0000 (-0500) Subject: postfix-2.2-20050227 X-Git-Tag: v2.2.0-RC1~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ec20d1d05a971ba2fefba60cd40c131068c5495;p=thirdparty%2Fpostfix.git postfix-2.2-20050227 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index f7443a0c0..02f7b445b 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -10392,6 +10392,19 @@ Apologies for any names omitted. Bugfix: typo in tls_server.c, breaking CApath. Fix by Philipp Morger. File: tls/tls_server.c. +20050227 + + Bugfix (bug introduced 20040331): with SIGHUP ignored, the + postdrop signal handler would effectively ignore SIGINT, + SIGQUIT and SIGTERM. Simplified the overly-conservative + protection against nested signals in postdrop, and added + some future proofing comments. File: postdrop/postdrop.c + + Cleanup: when address rewriting is enabled, don't change + the capitalization of header labels, i.e. don't replace + FROM: or CC: by From: or Cc:. Files: cleanup/cleanup_message.c, + smtp/smtp_proto.c. + Open problems: Med: disable header address rewriting after XCLIENT? diff --git a/postfix/README_FILES/AAAREADME b/postfix/README_FILES/AAAREADME index 9b2bf9ad6..b3e9c9d4c 100644 --- a/postfix/README_FILES/AAAREADME +++ b/postfix/README_FILES/AAAREADME @@ -69,6 +69,7 @@ OOtthheerr ttooppiiccss * postconf(5): All main.cf parameters * LOCAL_RECIPIENT_README: Rejecting Unknown Local Recipients * ADDRESS_CLASS_README: Address Classes + * CONNECTION_CACHE_README: Connection cache howto * PACKAGE_README: Guidelines for Package Builders * SCHEDULER_README: Queue Scheduler * XCLIENT_README: XCLIENT Command diff --git a/postfix/README_FILES/ADDRESS_VERIFICATION_README b/postfix/README_FILES/ADDRESS_VERIFICATION_README index e9c119dff..9f96c817a 100644 --- a/postfix/README_FILES/ADDRESS_VERIFICATION_README +++ b/postfix/README_FILES/ADDRESS_VERIFICATION_README @@ -73,14 +73,17 @@ postconf(5) for details. LLiimmiittaattiioonnss ooff aaddddrreessss vveerriiffiiccaattiioonn - * Postfix probes the nearest MTA for the address that is being verified, - without actually sending mail to that address. If the nearest MTA accepts - the address, then Postfix assumes that the address is deliverable, even - when the address will bounce AFTER that MTA accepts it. - - * Sites like AOL may blacklist you when you are probing them too often (a - probe is an SMTP session that does not deliver mail), or when you are - probing them too often for a non-existent address. + * When verifying a remote address, Postfix probes the nearest MTA for that + address, without actually delivering mail to it. If the nearest MTA accepts + the address, then Postfix assumes that the address is deliverable. In + reality, mail for a remote address can bounce AFTER the nearest MTA accepts + the recipient address. + + * Some sites may blacklist you when you are probing them too often (a probe + is an SMTP session that does not deliver mail), or when you are probing + them too often for a non-existent address. This is one reason why you + should use sender address verification sparingly, if at all, when your site + receives lots of email. * Normally, address verification probe messages follow the same path as regular mail. However, some sites send mail to the Internet via an diff --git a/postfix/README_FILES/CONNECTION_CACHE_README b/postfix/README_FILES/CONNECTION_CACHE_README new file mode 100644 index 000000000..5e8abe15a --- /dev/null +++ b/postfix/README_FILES/CONNECTION_CACHE_README @@ -0,0 +1,180 @@ +PPoossttffiixx CCoonnnneeccttiioonn CCaacchhee + +------------------------------------------------------------------------------- + +IInnttrroodduuccttiioonn + +This document describes the Postfix connection cache implementation, which is +available with Postfix version 2.2 and later. + +Topics covered in this document: + + * What SMTP connection caching can do for you + * Connection cache implementation + * Connection cache configuration + * Connection cache safety mechanisms + * Connection cache limitations + * Connection cache statistics + +WWhhaatt SSMMTTPP ccoonnnneeccttiioonn ccaacchhiinngg ccaann ddoo ffoorr yyoouu + +With SMTP connection caching, Postfix can deliver multiple messages over the +same SMTP connection. By default, Postfix 2.2 reuses an SMTP connection +automatically when a destination has high volume of mail in the active queue. + +SMTP Connection caching is a performance feature. Whether or not it actually +improves performance depends on the conditions: + + * SMTP Connection caching can greatly improve performance when delivering + mail to a destination with multiple mail servers, because it can help + Postfix to skip over a non-responding server. + + * Otherwise, the benefits of SMTP connection caching are minor: it eliminates + the latency of the TCP handshake (SYN, SYN+ACK, ACK), plus the latency of + the SMTP initial handshake (220 greeting, EHLO command, EHLO response). + + * SMTP Connection caching gives no gains with respect to SMTP session tear- + down. The Postfix smtp(8) client normally does not wait for the server's + reply to the QUIT command, and it never waits for the TCP final handshake + to complete. + + * SMTP Connection caching introduces some overhead: the client needs to send + an RSET command to find out if a connection is still usable, before it can + send the next MAIL FROM command. + +For other potential issues with SMTP connection caching, see the discussion of +limitations at the end of this document. + +CCoonnnneeccttiioonn ccaacchhee iimmpplleemmeennttaattiioonn + +For an overview of how Postfix delivers mail, see the Postfix architecture +OVERVIEW document. + +The Postfix connection cache is shared among Postfix mail delivering processes. +This maximizes the opportunity to reuse an open connection. Other MTAs such as +Sendmail or exim have a non-shared connection cache. Here, a connection can be +reused only by the mail delivering process that creates the connection. To get +the same performance improvement as with a shared connection cache, non-shared +connections need to be kept open for a longer time. + + Internet <-- smtp(8) <-> scache(8) <-> smtp(8) --> Internet + + +The scache(8) server, introduced with Postfix version 2.2, maintains the shared +connection cache. With Postfix version 2.2, only the smtp(8) client has support +to access this cache. + +When SMTP connection caching is enabled (see next section), the smtp(8) client +does not disconnect after a mail transaction, but gives the connection to the +scache(8) server which keeps the connection open for a limited amount of time. + +After handing over the open connection to the scache(8) server, the smtp(8) +client continues with some other mail delivery request. Meanwhile, any smtp(8) +client process can ask the scache(8) server for that cached connection and +reuse it for mail delivery. + +The connection cache can be searched by destination domain name (the right-hand +side of the recipient address) and by the IP address of the host at the other +end of the connection. This allows Postfix to reuse a connection even when the +remote host is mail server for domains with different names. + +CCoonnnneeccttiioonn ccaacchhee ccoonnffiigguurraattiioonn + +The Postfix smtp(8) client supports two connection caching strategies: + + * On-demand connection caching. This is enabled by default, and is controlled + with the smtp_connection_cache_on_demand configuration parameter. When this + feature is enabled, the Postfix smtp(8) client automatically saves a + connection to the connection cache when a destination has a high volume of + mail in the active queue. + + Example: + + /etc/postfix/main.cf: + smtp_connection_cache_on_demand = yes + + * Per-destination connection caching. This is enabled by explicitly listing + specific destinations with the smtp_connection_cache_destinations + configuration parameter. After completing delivery to a selected + destination, the Postfix smtp(8) client always saves the connection to the + connection cache. + + Specify a comma or white space separated list of destinations or pseudo- + destinations: + + o if mail is sent without a relay host: a domain name (the right-hand + side of an email address, without the [] around a numeric IP address), + + o if mail is sent via a relay host: a relay host name (without the [] or + non-default TCP port), as specified in main.cf or in the transport map, + + o a /file/name with domain names and/or relay host names as defined + above, + + o a "type:table" with domain names and/or relay host names on the left- + hand side. The right-hand side result from "type:table" lookups is + ignored. + + Examples: + + /etc/postfix/main.cf: + smtp_connection_cache_destinations = $relayhost + smtp_connection_cache_destinations = hotmail.com, ... + smtp_connection_cache_destinations = static:all (not recommended) + +CCoonnnneeccttiioonn ccaacchhee ssaaffeettyy mmeecchhaanniissmmss + +Connection caching must be used wisely. It is anti-social to keep an unused +SMTP connection open for a significant amount of time, and it is unwise to send +huge numbers of messages through the same connection. In order to avoid +problems with SMTP connection caching, Postfix implements the following safety +mechanisms: + + * The Postfix scache(8) server keeps a connection open for only a limited + time. The time limit is specified with the smtp_connection_cache_time_limit + and with the connection_cache_ttl_limit configuration parameters. This + prevents anti-social behavior. + + * The Postfix smtp(8) client reuses a session for only a limited number of + times. This avoids triggering bugs in implementations that do not correctly + handle multiple deliveries per session. The use count is limited with the + smtp_connection_cache_reuse_limit configuration parameter. + + * The connection cache explicitly labels each cached connection with + destination domain and IP address information. A connection cache lookup + succeeds only when the correct information is specified. This prevents mis- + delivery of mail. + +CCoonnnneeccttiioonn ccaacchhee lliimmiittaattiioonnss + +Postfix SMTP connection caching conflicts with certain applications: + + * The Postfix shared connection cache cannot be used with TLS, because saved + TLS session information can be used only when a new connection is created + (this limitation does not exist in connection caching implementations that + reuse a connection only in the process that creates it). For this reason, + the Postfix smtp(8) client always closes the connection after completing an + attempt to deliver mail over TLS. + + * Postfix connection caching currently does not support multiple SASL + accounts per mail server. Specifically, Postfix connection caching assumes + that a SASL credential is valid for all hostnames or domain names that + deliver via the same mail server IP address and TCP port, and assume that + the SASL credential does not depend on the message originator. + +CCoonnnneeccttiioonn ccaacchhee ssttaattiissttiiccss + +The scache(8) connection cache server logs statistics about the peak cache size +and the cache hit rates. This information is logged every +connection_cache_status_update_time seconds, when the process terminates after +the maximal idle time is exceeded, or when Postfix is reloaded. + + * Hit rates for connection cache lookups by domain will tell you how useful + connection caching is. + + * Connection cache lookups by network address will always fail, unless you're + sending mail to different domains that share the same MX hosts. + + * No statistics are logged when no attempts are made to access the connection + cache. + diff --git a/postfix/README_FILES/IPV6_README b/postfix/README_FILES/IPV6_README index 684026341..62b0c3405 100644 --- a/postfix/README_FILES/IPV6_README +++ b/postfix/README_FILES/IPV6_README @@ -56,6 +56,11 @@ where you must not. It is a good idea to use "[]" only in the few places where you have to. Check out the postconf(5) manual whenever you do IPv6 related configuration work with Postfix. + * Instead of hard-coding 127.0.0.1 and ::1 loopback addresses in master.cf, + specify "inet_interfaces = loopback-only" in main.cf. This way you can use + the same master.cf file regardless of whether or not Postfix will run on an + IPv6-enabled system. + * The first new parameter is called inet_protocols. This specifies what protocols Postfix will use when it makes or accepts network connections, and also controls what DNS lookups Postfix will use when it makes network diff --git a/postfix/README_FILES/LINUX_README b/postfix/README_FILES/LINUX_README index 395331c9e..4781906c0 100644 --- a/postfix/README_FILES/LINUX_README +++ b/postfix/README_FILES/LINUX_README @@ -4,18 +4,21 @@ PPoossttffiixx aanndd LLiinnuuxx BBeerrkkeelleeyy DDBB iissssuueess -On RedHat Linux 7.0 you must install the db3-devel RPM before you can compile -the Postfix source code. +Warning: if you can't compile Postfix because the file "db.h" isn't found, then +you MUST install the Berkeley DB development package (package name: db???- +devel-???) that comes with your Linux system. Only that package contains the +files that correspond to the Berkeley DB version that is used by the system +library routines. -Warning: do not use multiple Berkeley DB versions. Every Postfix program will -dump core when it is built with a different Berkeley DB version than the -version that is used by the system library routines. See the DB_README file for -further information. +DO NOT download some Berkeley DB version from the network. Every Postfix +program will dump core when it is built with a different Berkeley DB version +than the version that is used by the system library routines. See the DB_README +file for further information. PPrrooccmmaaiill iissssuueess -On RedHat Linux 7.1 pprrooccmmaaiill no longer has permission to write the mail spool -directory. Workaround: chmod 1777 /var/spool/mail. +On RedHat Linux 7.1 and later pprrooccmmaaiill no longer has permission to write the +mail spool directory. Workaround: chmod 1777 /var/spool/mail. SSyyssllooggdd ppeerrffoorrmmaannccee diff --git a/postfix/README_FILES/OVERVIEW b/postfix/README_FILES/OVERVIEW index 0c3e55beb..1d9ae180f 100644 --- a/postfix/README_FILES/OVERVIEW +++ b/postfix/README_FILES/OVERVIEW @@ -106,7 +106,7 @@ unnumbered names inside shaded areas represent Postfix queues. of Postfix mail delivery. It contacts the smtp(8), lmtp(8), local(8), virtual(8), pipe(8), discard(8) or error(8) delivery agents, and sends a delivery request for one or more recipient addresses. The discard(8) and - error(8) delivery agents are special: they discard or bounce all mail, they + error(8) delivery agents are special: they discard or bounce all mail, and are not shown in the figure above. The queue manager maintains a small active queue with the messages that it diff --git a/postfix/RELEASE_NOTES-2.1 b/postfix/RELEASE_NOTES-2.1 index 7226f4bee..c25b28b4b 100644 --- a/postfix/RELEASE_NOTES-2.1 +++ b/postfix/RELEASE_NOTES-2.1 @@ -240,7 +240,7 @@ Major changes - client rate limiting ------------------------------------ Note: this feature is not included with Postfix 2.1, but it is -documented is here so that the information will not be lost. +documented here so that the information will not be lost. [Feature 20031111] Preliminary defense against SMTP clients that hammer an SMTP server with too many connections. By default, the diff --git a/postfix/RELEASE_NOTES-2.2 b/postfix/RELEASE_NOTES-2.2 new file mode 100644 index 000000000..54ba7b6ce --- /dev/null +++ b/postfix/RELEASE_NOTES-2.2 @@ -0,0 +1,433 @@ +The stable Postfix release is called postfix-2.2.x where 2=major +release number, 2=minor release number, x=patchlevel. The stable +release never changes except for patches that address bugs or +emergencies. Patches change the patchlevel and the release date. + +New features are developed in snapshot releases. These are called +postfix-2.3-yyyymmdd where yyyymmdd is the release date (yyyy=year, +mm=month, dd=day). Patches are never issued for snapshot releases; +instead, a new snapshot is released. + +The mail_release_date configuration parameter (format: yyyymmdd) +specifies the release date of a stable release or snapshot release. + +Main changes with Postfix version 2.2 +------------------------------------- + +This is a summary of the changes. These and more are detailed in +the following sections of this document. + +- TLS and IPv6 support are now built into Postfix, based on code +from third-party patches. + +- SMTP client-side connection reuse. This can dramatically speed +up deliveries to high-volume destinations that have good and +non-responding mail servers. + +- By default, message header address rewriting is now disabled for +SMTP mail from other systems. Thus, spam from poorly written +software no longer looks like it came from a local user. + +- When your machine does not have its own domain name, Postfix can +now replace your "home network" email address by your ISP account +in outgoing SMTP mail, while leaving your email address unchanged +when sending mail to someone on the local machine. + +- Compatibility workarounds: you can now selectively turn off ESMTP +features such as AUTH or STARTTLS in the Postfix SMTP client or +server, without having to "dumb down" other mail deliveries, and +without having to use transport maps for outgoing mail. + +- Remote SMTP client resource control (the anvil server). This +allows you to limit the number of connections, or the number of +MAIL FROM and RCPT TO commands that an SMTP client can send per +unit time. + +- Support for CDB, SDBM and NIS+ databases is now built into Postfix +(but the CDB and SDBM libraries are not). + +- New SMTP access control features, and more. + +Major changes - critical +------------------------ + +BEFORE upgrading from an older release you MUST stop Postfix, unless +you're running a Postfix 2.2 snapshot release that already has +Postfix 2.2 IPV6 and TLS support. + +AFTER upgrading from an older release DO NOT copy the old +master.cf/main.cf files over the new files. Instead, you MUST let +the Postfix installation procedure update the existing configuration +files with new service entries. + +[Incompat 20041118] The master-child protocol has changed. The +Postfix master daemon will log warnings about partial status updates +if you don't stop and start Postfix. + +[Incompat 20041023, 20041009] The queue manager to delivery agent +protocol has changed. Mail will remain queued if you do not restart +the queue manager. + +[Incompat 20050111] The upgrade procedure adds the tlsmgr service +to the master.cf file. This service entry is not compatible with +the Postfix/TLS patch. + +[Feature 20040919] The upgrade procedure adds the discard service +to the master.cf file. + +[Feature 20040720] The upgrade procedure adds the scache (connection +cache) service to the master.cf file. + +Major changes - IPv6 support +---------------------------- + +[Feature 20050111] Postfix version 2.2 IP version 6 support based +on the Postfix/IPv6 patch by Dean Strik and others. IPv6 support +is always compiled into Postfix on systems that have Postfix +compatible IPv6 support. On other systems Postfix will simply use +IP version 4 just like it did before. See the IPV6_README document +for what systems are supported, and how to turn on IPv6 in main.cf. + +[Incompat 20050111] Postfix version 2.2 IPv6 support differs from +the Postfix/IPv6 patch by Dean Strik in a few minor ways. + +- Network protocol support including DNS lookup is selected with +the inet_protocols parameter instead of the inet_interfaces parameter. +This is needed so that Postfix will not attempt to deliver mail via +IPv6 when the system has no IPv6 connectivity. + +- The lmtp_bind_address6 feature was omitted. The Postfix LMTP +client will be absorbed into the SMTP client, so there is no reason +to keep adding features to the LMTP client. + +- The CIDR-based address matching code was rewritten. The new +behavior is believed to be closer to expectation. The results may +be incompatible with that of the Postfix/IPv6 patch. + +[Incompat 20050117] The Postfix SMTP server now requires that IPv6 +addresses in SMTP commands are specified as [ipv6:ipv6address], as +described in RFC 2821. + +Major changes - TLS support +--------------------------- + +[Feature 20041210] Postfix version 2.2 TLS support, based on the +Postfix/TLS patch by Lutz Jaenicke. TLS support is not compiled +in by default. For more information about Postfix 2.2 TLS support, +see the TLS_README document. + +[Feature 20050209] The Postfix SMTP server policy delegation protocol +now supplies TLS client certificate information after successful +verification. The new policy delegation protocol attribute names +are ccert_subject, ccert_issuer and ccert_fingerprint. + +[Feature 20050208] New "check_ccert_maps maptype:mapname" feature +to enforce access control based on hexadecimal client certificate +fingerprints. + +[Incompat 20041210] Postfix version 2.2 TLS support differs from +the Postfix/TLS patch by Lutz Jaenicke in a few minor ways. + +- main.cf: Use btree instead of sdbm for TLS session cache databases. + + Session caches are now accessed only by the tlsmgr(8) process, + so there are no concurrency issues. Although Postfix still has + an SDBM client, the SDBM library (1000 lines of code) is no longer + included with Postfix. + + TLS session caches can use any database that can store objects + of several kbytes or more, and that implements the sequence + operation. In most cases, btree databases should be adequate. + + NOTE: You cannot use dbm databases. TLS session objects are too + large. + +- master.cf: Specify unix instead of fifo for the tlsmgr service type. + This change is automatically made by the Postfix upgrade procedure. + + The smtp(8) and smtpd(8) processes use a client-server protocol + in order to access the tlsmgr(8)'s pseudo-random number generation + (PRNG) pool, and in order to access the TLS session cache databases. + Such a protocol cannot be run across fifos. + +Major changes - SMTP client connection cache +-------------------------------------------- + +[Feature 20040720] SMTP client-side connection caching. Instead of +disconnecting immediately after a mail transaction, the Postfix +SMTP client can save the open connection to the scache(8) connection +cache daemon, so that any SMTP client process can reuse that session +for another mail transaction. See the CONNECTION_CACHE_README +document for a description of configuration and implementation. + +This feature introduces the scache (connection cache) server, which +is added to your master.cf file when you upgrade Postfix. + +[Feature 20040729] Opportunistic SMTP connection caching. When a +destination has a high volume of mail in the active queue, SMTP +connection caching is enabled automatically. This is controlled +with a new configuration parameter "smtp_connection_cache_on_demand" +(default: yes). + +[Feature 20040723] Per-destination SMTP connection caching. This +is enabled with the smtp_connection_cache_destinations parameter. +The parameter requires "bare" domain names or IP addresses without +"[]" or TCP port, to avoid a syntax conflict between host:port and +maptype:mapname entries. + +[Feature 20040721] The scache(8) connection cache manager logs cache +hit and miss statistics every $connection_cache_status_update_time +seconds (default: 600s). It reports the hit and miss rates for +lookups by domain, as well as for lookups by network address. + +Major changes - address rewriting +--------------------------------- + +[Feature 20050206] Support for address rewriting in outgoing SMTP +mail (headers and envelopes). This is useful for sites that have a +fantasy Internet domain name such as localdomain.local. Mail +addresses that use fantasy domain names are often rejected by mail +servers. + +The smtp_generic_maps feature allows you to replace a local mail +address (user@localdomain.local) by a valid Internet address +(account@isp.example) when mail is sent across the Internet. The +feature has no effect on mail that is sent between accounts on the +local machine. The syntax is described in generic(5) and a detailed +example is in the STANDARD_CONFIGURATION_README document, the section +titled "Postfix on hosts without a real Internet hostname". + +[Feature 20041023] By default, Postfix no longer appends its own +domain to addresses in message headers from remote clients. Thus, +spam from poorly written software no longer looks like it came from +a local user. + +Postfix either does not rewrite remote message headers at all, or +it rewrites headers and appends the domain name that is specified +with the remote_header_rewrite_domain parameter (like "domain.invalid"). + +To get the behavior of earlier Postfix versions (always append +Postfix's own domain to incomplete addresses in message headers) +specify: + +/etc/postfix/main.cf: + local_header_rewrite_clients = static:all + +Postfix always appends its own domain information to addresses in +message headers from Postfix sendmail and from local SMTP clients. + +By default, Postfix considers an SMTP client local (and thus updates +message header addresses with the Postfix's own domain) when the +client IP address matches the local machine's interface addresses, +or when mail is submitted with the Postfix sendmail(1) command. + +If you must rewrite headers from other clients then you can specify, +for example, + +/etc/postfix/main.cf: + local_header_rewrite_clients = permit_mynetworks, + permit_sasl_authenticated, permit_tls_clientcerts, + check_address_map hash:/etc/postfix/pop-before-smtp + +Postfix always appends local domain information to envelope addresses +(as opposed to header addresses), because an unqualified envelope +address is effectively local for the purpose of delivery, and for +the purpose of replying to it. + +Full details are given in ADDRESS_REWRITING_README, and in the +postconf(5) manual. For best results, point your browser at the +ADDRESS_REWRITING_README.html file and navigate to the section +titled " To rewrite message headers or not, or to label as invalid". + +[Incompat 20050212] When header address rewriting is enabled, Postfix +now updates a message header only when at least one address in that +header is modified. Older Postfix versions first parse and then +un-parse a header so that there may be subtle changes in formatting, +such as the amount of whitespace between tokens. + +[Incompat 20050227] When header address rewriting is enabled, Postfix +no longer changes header label capitalization, i.e. FROM: or CC: +are no longer replaced by From: or Cc:. + +[Feature 20040827] Finer control over canonical mapping with +canonical_classes, sender_canonical_classes and +recipient_canonical_classes. These specify one or more of +envelope_sender, header_sender, envelope_recipient or header_recipient. +The default settings are backwards compatible. + +Major changes - SMTP compatibility controls +------------------------------------------- + +[Feature 20041218] Fine control for SMTP inter-operability problems, +by discarding keywords that are sent or received with the EHLO +handshake. Typically one would discard "pipelining", "starttls", +or "auth" to work around systems with a broken implementation. +Specify a list of EHLO keywords with the smtp(d)_discard_ehlo_keywords +parameters, or specify one or more lookup tables, indexed by remote +network address, with the smtp(d)_discard_ehlo_keyword_address_maps +parameters. + +Note: this feature only discards words from the EHLO conversation; +it does not turn off the actual features in the SMTP server. + +Major changes - database support +-------------------------------- + +[Feature 20041210] You can now dump an entire database with the new +postmap/postalias "-s" option. This works only for database types +with Postfix sequence operator support: hash, btree, dbm, and sdbm. + +[Feature 20041208] Support for CDB databases by Michael Tokarev. +This supports both Michael's tinycdb and Daniel Bernstein's cdb +implementations, but neither of the two implementations is bundled +with Postfix. + +[Feature 20041023] The NIS+ client by Geoff Gibbs is now part of +the Postfix source tree. Details are given in the nisplus_table(5) +manual page. + +[Feature 20040827] Easier use of the proxymap(8) service with the +virtual(8) delivery agent. The virtual(8) delivery agent will +silently open maps directly when those maps can't be proxied for +security reasons. This means you can now specify "virtual_mailbox_maps += proxy:mysql:whatever" without triggering a fatal error in the +virtual(8) delivery agent. + +Major changes - remote SMTP client resource control +--------------------------------------------------- + +[Incompat 20041009] The smtpd_client_connection_limit_exceptions +parameter is renamed to smtpd_client_event_limit_exceptions. Besides +connections it now also applies to per-client message rate and +recipient rate limits. + +[Feature 20041009] Per SMTP client message rate and recipient rate +limits. These limit the number of MAIL FROM or RCPT TO requests +regardless of whether or not Postfix would have accepted them +otherwise. The user interface (smtpd_client_message_rate_limit and +smtpd_client_recipient_rate_limit) is similar to that of the existing +per SMTP client connection rate limit, and the same warnings apply: +these features are to be used to stop abuse, and must not be used +to regulate legitimate mail. More details can be found in the +postconf(5) manual. + +Major changes - remote SMTP client access control +------------------------------------------------- + +[Feature 20050209] The Postfix SMTP server policy delegation protocol +now supplies TLS client certificate information after successful +verification. The new policy delegation protocol attribute names +are ccert_subject, ccert_issuer and ccert_fingerprint. + +[Feature 20050208] New "check_ccert_maps maptype:mapname" feature +to enforce access control based on hexadecimal client certificate +fingerprints. + +[Feature 20050203] New "permit_inet_interfaces" access restriction +to allow access from local IP addresses only. This is used for the +default, purist, setting of local_header_rewrite_clients (rewrite +only headers in mail from this machine). + +[Feature 20050203] New "sleep time-in-seconds" pseudo access +restriction to block zombie clients with reject_unauthorized_pipelining +before the Postfix SMTP server sends the SMTP greeting. See postconf(5) +for example. This feature is not available the stable Postfix 2.2 +release, but it is documented here so that it will not get lost. + +[Feature 20041118] New "smtpd_end_of_data_restrictions" feature +that is invoked after the client terminates the SMTP DATA command. +The syntax is the same as with "smtpd_data_restrictions". In the +SMTPD policy delegation request, the message size is the actual +byte count of the message content, instead of the message size +announced by the client in the MAIL FROM command. + +Major changes - SASL authentication +----------------------------------- + +[Feature 20040827] Better SMTP client control over the use of SASL +mechanisms. New smtp_sasl_mechanism_filter mechanism to shorten the +list of SASL mechanisms from a remote server to just those that the +local SASL library can actually use. + +Major changes - header/body patterns +------------------------------------ + +[Feature 20050205] REPLACE action in header_checks and body_checks, +to replace a message header or body line. See header_checks(5) for +details. + +Major changes - local delivery +------------------------------ + +[Feature 20040621] Control over the working directory when executing +an external command. With the pipe(8) mailer, specify directory=pathname, +and with local(8) specify "command_execution_directory = expression" +where "expression" is subject to $home etc. macro expansion. The +result of macro expansion is restricted by the set of characters +specified with execution_directory_expansion_filter. + +Major changes - mail delivery attributes +---------------------------------------- + +[Feature 20041218] More client attributes for delivery to command +with the local(8) and pipe(8) delivery agents: client_hostname, +client_address, client_protocol, client_helo, sasl_method, sasl_sender, +and sasl_username. With local(8), attribute names must be specified +in upper case. + +Major changes - package creation +-------------------------------- + +[Feature 20050203] To create a ready-to-install package for +distribution to other systems you can now use "make package" or +"make non-interactive-package", instead of invoking the internal +postfix-install script by hand. See the PACKAGE_README file for +details. + +Major changes - performance +--------------------------- + +[Incompat 20050117] Only the deferred and defer queue directories +are now hashed by default, instead of eight queue directories. This +may speed up Postfix boot time on low-traffic systems without +compromising performance under high load too much. Hashing must be +turned on for the defer and deferred queue directories, because +those directories contain lots of files when undeliverable mail is +backing up. + +[Incompat 20040720] The default SMTP/LMTP timeouts for sending RSET +are reduced to 20s. + +Major changes - miscellaneous +----------------------------- + +[Feature 20050203] Safety: Postfix no longer tries to send mail to +the fallback_relay when the local machine is MX host for the mail +destination. See the postconf(5) description of the fallback_relay +feature for details. + +[Incompat 20041023] Support for the non-standard Errors-To: return +addresses is now removed from Postfix. It was already disabled by +default with Postfix version 2.1. Since Errors-To: is non-standard, +there was no guarantee that it would have the desired effect with +other MTAs. + +[Feature 20040919] A new discard(8) mail delivery agent that makes +throwing away mail easier and more efficient. It's the Postfix +equivalent of /dev/null for mail deliveries. On the mail receiving +side, Postfix already has a /dev/null equivalent in the form of the +DISCARD action in access maps and header_body_checks. + +[Feature 20040919] Access control for local mail submission, for +listing the queue, and for flushing the queue. These features are +controlled with authorized_submit_users, authorized_mailq_users, +and with authorized_flush_users, respectively. The last two controls +are always permitted for the super-user and for the mail system +owner. More information is in the postconf(5) manual. + +[Incompat 20040829] When no recipients are specified on the command +line or via the -t option, the Postfix sendmail command terminates +with status EX_USAGE and produces an error message instead of +accepting the mail first and bouncing it later. This gives more +direct feedback in case of a common client configuration error. + diff --git a/postfix/src/tls/TLS_ACKNOWLEDGEMENTS b/postfix/TLS_ACKNOWLEDGEMENTS similarity index 100% rename from postfix/src/tls/TLS_ACKNOWLEDGEMENTS rename to postfix/TLS_ACKNOWLEDGEMENTS diff --git a/postfix/src/tls/TLS_CHANGES b/postfix/TLS_CHANGES similarity index 100% rename from postfix/src/tls/TLS_CHANGES rename to postfix/TLS_CHANGES diff --git a/postfix/src/tls/TLS_TODO b/postfix/TLS_TODO similarity index 100% rename from postfix/src/tls/TLS_TODO rename to postfix/TLS_TODO diff --git a/postfix/conf/post-install b/postfix/conf/post-install index 8f5062dbe..95775d064 100644 --- a/postfix/conf/post-install +++ b/postfix/conf/post-install @@ -634,6 +634,20 @@ discard unix - - n - - discard EOF } + # Update the tlsmgr fifo->unix service. + + grep "^tlsmgr[ ]*fifo[ ]" \ + $config_directory/master.cf >/dev/null && { + echo Editing $config_directory/master.cf, updating the tlsmgr fifo->unix service + ed $config_directory/master.cf </dev/null || { diff --git a/postfix/conf/relocated b/postfix/conf/relocated index 2a34c0623..a14d03227 100644 --- a/postfix/conf/relocated +++ b/postfix/conf/relocated @@ -1,4 +1,4 @@ -# RELOCATED(5) RELOCATED(5) +# RELOCATED(5) RELOCATED(5) # # NAME # relocated - Postfix relocated table format @@ -78,41 +78,43 @@ # description of regular expression lookup table syntax, see # regexp_table(5) or pcre_table(5). For a description of the # TCP client/server table lookup protocol, see tcp_table(5). +# This feature is not available up to and including Postfix +# version 2.2. # -# Each pattern is a regular expression that is applied to +# Each pattern is a regular expression that is applied to # the entire address being looked up. Thus, user@domain mail -# addresses are not broken up into their user and @domain +# addresses are not broken up into their user and @domain # constituent parts, nor is user+foo broken up into user and # foo. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the ta- +# ble, until a pattern is found that matches the search # string. # -# Results are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from +# Results are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from # the pattern can be interpolated as $1, $2 and so on. # # TCP-BASED TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see -# tcp_table(5). This feature is not available up to and -# including Postfix version 2.2. +# tion of the TCP client/server lookup protocol, see tcp_ta- +# ble(5). This feature is not available up to and including +# Postfix version 2.2. # # Each lookup operation uses the entire address once. Thus, -# user@domain mail addresses are not broken up into their +# user@domain mail addresses are not broken up into their # user and @domain constituent parts, nor is user+foo broken # up into user and foo. # # Results are the same as with indexed file lookups. # # BUGS -# The table format does not understand quoting conventions. +# The table format does not understand quoting conventions. # # CONFIGURATION PARAMETERS -# The following main.cf parameters are especially relevant. -# The text below provides only a parameter summary. See +# The following main.cf parameters are especially relevant. +# The text below provides only a parameter summary. See # postconf(5) for more details including examples. # # relocated_maps @@ -121,12 +123,12 @@ # Other parameters of interest: # # inet_interfaces -# The network interface addresses that this system +# The network interface addresses that this system # receives mail on. You need to stop and start Post- # fix when this parameter changes. # # mydestination -# List of domains that this mail system considers +# List of domains that this mail system considers # local. # # myorigin @@ -143,13 +145,13 @@ # postconf(5), configuration parameters # # README FILES -# Use "postconf readme_directory" or "postconf html_direc- +# Use "postconf readme_directory" or "postconf html_direc- # tory" to locate this information. # DATABASE_README, Postfix lookup table overview # ADDRESS_REWRITING_README, address rewriting guide # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) @@ -158,4 +160,4 @@ # P.O. Box 704 # Yorktown Heights, NY 10598, USA # -# RELOCATED(5) +# RELOCATED(5) diff --git a/postfix/html/ADDRESS_VERIFICATION_README.html b/postfix/html/ADDRESS_VERIFICATION_README.html index f9cf6ee97..62f8b1e6f 100644 --- a/postfix/html/ADDRESS_VERIFICATION_README.html +++ b/postfix/html/ADDRESS_VERIFICATION_README.html @@ -174,16 +174,17 @@ details.