From: Wietse Venema <wietse@porcupine.org>
Date: Tue, 20 Jan 2004 05:00:00 +0000 (-0500)
Subject: postfix-2.0.17-20040120
X-Git-Tag: v2.1-RC1-20040331~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63f4ae5ddebaee7cbf310c3b0e34732f8611d83d;p=thirdparty%2Fpostfix.git

postfix-2.0.17-20040120
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 234dca77c..b96dbdbab 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -8749,6 +8749,10 @@ Apologies for any names omitted.
 	address).  This is useful as a catch-all pattern at the
 	end of a table.  Files:  util/dict_cidr.c, util/match_ops.c.
 
+	Cleanup: don't report that $queue_directory/etc/filename
+	differs from /etc/filename when /etc/filename does not
+	exist.  File: conf/postfix-script.
+
 20031112
 
 	Feature: client_connection_status_update_time parameter
@@ -9026,13 +9030,13 @@ Apologies for any names omitted.
 
 20040115
 
-	Bugfix: allow delivery concurrency to increase even while
-	mail is deferred, as long as the delivery agent does not
-	report really serious trouble with the destination.  Files:
-	*qmgr/qmgr_deliver.c.
+	Performance: allow delivery concurrency to increase even
+	while mail is deferred, as long as the delivery agent does
+	not report really serious trouble with the destination.
+	Files:  *qmgr/qmgr_deliver.c.
 
 	Cleanup: in postfix-files, symbolic links and hard links
-	are now first-class entries with explicit mention of
+	are now first-class citizens with explicit mention of
 	source and destination pathnames. Files: postfix-install,
 	conf/postfix-files, conf/post-install.
 
@@ -9051,10 +9055,32 @@ Apologies for any names omitted.
 	Documentation: finished the HOSTING_README file with an
 	overview of methods to host domains with Postfix.
 
+20040119
+
+	Bugfix: anvil (count and rate limiting) server race condition
+	could result in dangling pointer.  Postfix erases memory
+	after allocating and before freeing, so it is extremely
+	unlikely that this could be used to bring harmful data into
+	the anvil server. File anvil/anvil.c.
+
+20040120
+
+	Cleanup: new header_checks(5) and body_checks(5) manual
+	pages.  The sample-regexp* and sample-pcre* files are no
+	longer needed and have been removed, as are the default
+	*_table configuration files.
+
+	Cleanup: support for the non-standard Errors-To: header
+	is removed. File: cleanup/cleanup_message.c.
+
 Open problems:
 
-	High: when virtual aliasing is turned off after content
-	filtering, local submissions may escape virtual aliasing.
+	Med: silly queue file bit so that the queue manager doesn't
+	skip files when fast flush is requested while a queue scan
+	is in progress.
+
+	Med: postsuper -r should do something with recipients in
+	bounce logfiles.
 
 	Low: qmgr_move should not reset time stamps on queue files
 	without shared lock (i.e. not open by a delivery agent).
@@ -9062,9 +9088,6 @@ Open problems:
 	Low: postsuper re-run after renaming files, but only a
 	limited number of times.
 
-	Doc: mention the proxy_interfaces parameter everywhere the
-	inet_interfaces and mydestination parameters are mentioned.
-
 	Low: smtp-source may block when sending large test messages.
 
 	Med: make qmgr recipient bounce/defer activity asynchronous
@@ -9076,9 +9099,6 @@ Open problems:
 	Med: find a way to log the sender address when MAIL FROM
 	is rejected due to lack of disk space.
 
-	Low: after successful delivery, per-queue window += 1/window,
-	after failure, queue window -= 1 (Victor).
-
 	Low: revise other local delivery agent duplicate filters.
 
 	Low: all table lookups should consistently use internalized
@@ -9116,7 +9136,8 @@ Open problems:
 	Low: postconf -e edits parameters that postconf won't list.
 
 	Low: while converting 8bit text to quoted-printable, perhaps
-	use =46rom instead of >From.
+	use =46rom to avoid having to produce >From when delivering
+	to mailbox.
 
 	virtual_mailbox_path expression like forward_path, so that
 	people can specify prefix and suffix.
diff --git a/postfix/Makefile.in.stable b/postfix/Makefile.in.stable
index 063b27442..981909ac9 100644
--- a/postfix/Makefile.in.stable
+++ b/postfix/Makefile.in.stable
@@ -7,7 +7,7 @@ DIRS	= src/util src/global src/dns src/master src/postfix src/smtpstone \
 	src/pipe src/showq src/postalias src/postcat src/postconf src/postdrop \
 	src/postkick src/postlock src/postlog src/postmap src/postqueue \
 	src/postsuper src/qmqpd src/spawn src/flush src/verify \
-	src/virtual src/proxymap src/anvil
+	src/virtual src/proxymap
 MANDIRS	= proto man html
 
 default: update
diff --git a/postfix/README_FILES/ADDRESS_CLASS_README b/postfix/README_FILES/ADDRESS_CLASS_README
index 07658ccba..65f02feb5 100644
--- a/postfix/README_FILES/ADDRESS_CLASS_README
+++ b/postfix/README_FILES/ADDRESS_CLASS_README
@@ -32,7 +32,7 @@ Class   Description
 -------------------------------------------------------------------
 local   For UNIX accounts and for traditional /etc/aliases
         Domain names are listed in $mydestination (or match the IP
-            address listed with $inet_interfaces)
+            address listed with $inet_interfaces or $proxy_interfaces)
         Known recipients are listed in $local_recipient_maps (this
             information is currently used by the Postfix SMTP server
             only; if $local_recipient_maps is empty, the Postfix
diff --git a/postfix/README_FILES/HOSTING_README b/postfix/README_FILES/HOSTING_README
index 11e381d37..246ffb610 100644
--- a/postfix/README_FILES/HOSTING_README
+++ b/postfix/README_FILES/HOSTING_README
@@ -1,13 +1,14 @@
 Purpose of this document
 ========================
 
-This document gives an overview of how to use Postfix for hosting
-multiple Internet domains, both for final delivery on the machine
-itself and for the purpose of forwarding to destinations elsewhere.
-
-It not only describes delivery mechanisms that are already built
-into Postfix, but also gives pointers for using non-Postfix mail
-delivery software.
+This document gives an overview of how Postfix can be used for
+hosting multiple Internet domains, both for final delivery on the
+machine itself and for the purpose of forwarding to destinations
+elsewhere.
+
+The text not only describes delivery mechanisms that are built into
+Postfix, but also gives pointers for using non-Postfix mail delivery
+software.
 
 The following topics are covered:
 
diff --git a/postfix/README_FILES/LOCAL_RECIPIENT_README b/postfix/README_FILES/LOCAL_RECIPIENT_README
index e616a23d0..f9a5ec1d8 100644
--- a/postfix/README_FILES/LOCAL_RECIPIENT_README
+++ b/postfix/README_FILES/LOCAL_RECIPIENT_README
@@ -22,7 +22,8 @@ Configuring the local_recipient_maps parameter
 
 The local_recipient_maps parameter specifies lookup tables with
 all names or addresses of local recipients. A recipient address is
-local when the address domain matches $mydestination or $inet_interfaces.
+local when the address domain matches $mydestination, $inet_interfaces
+or $proxy_interfaces.
 
 The right-hand side of the lookup tables is conveniently ignored.
 In the left-hand side, specify a bare username, an @domain.tld
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index 9ac807625..5d7088d23 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -12,24 +12,55 @@ snapshot release).  Patches change the patchlevel and the release
 date. Snapshots change only the release date, unless they include
 the same bugfixes as a patch release.
 
-Incompatible changes with Postfix snapshot 2.0.16-2004XXXX
+Incompatible changes with Postfix snapshot 2.0.17-2004120
 ==========================================================
 
+The new queue manager nqmgr has become the default qmgr queue
+manager. For a limited time the old queue manager remains available
+under the name oqmgr. The name nqmgr still works but will cause a
+warning to be logged.
+
 Queue files creates with "sendmail -v" are no longer compatible
 with earlier Postfix 2.x versions. A new record type, "killed",
-was introduced in order to avoid repeated mail delivery notification
-reports with mail that could not be delivered due to a temproary
-error condition.
+was introduced in order to avoid repeated mail delivery reports
+from mail that could not be delivered due to a temporary error
+condition.
 
 The format of the postfix-files file has changed. There is a new
 type for hard links. With hard or symbolic link entries, the first
 field is now the destination pathname and the "owner" field is now
 the origin pathname, while "group" and "permissions" are ignored.
 
-The SMTP server no longer accepts sender addresses that match a
-local, virtual or relay domain while the address is not listed as
-valid in the corresponding local, virtual or relay recipient table.
-This is not configurable.
+The SMTP server now rejects non-existent sender addresses in a
+local, virtual or relay domain; that is, a sender address must
+pass the same "user unknown" test as a recipient would have to
+pass.  This is not configurable.
+
+Support for the non-standard Errors-To: message header is removed.
+This also helps to stop potential attacks that rely on bouncing
+mail to a destination that is not directly reachable by the attacker.
+
+The sample-regexp/pcre-* files are replaced by header_checks(5)
+and body_checks(5) manual pages that give more complete information.
+
+The LDAP and SQL clients have been moved to the global directory
+in order to eliminate reversed dependencies.
+
+Major changes with Postfix snapshot 2.0.17-20040120
+===================================================
+
+The new queue manager nqmgr has become the default qmgr queue
+manager. For a limited time the old queue manager remains available
+under the name oqmgr. The name nqmgr still works but will cause a
+warning to be logged.
+
+The HOSTING_README file now documents most of the methods that can
+be used to host domains with a Postfix MTA.
+
+New header_checks(5) and body_checks(5) manual pages that give a
+more complete description than the old sample configuration files.
+
+Slightly more agressive delivery to sites that defer a lot of mail.
 
 Incompatible changes with Postfix snapshot 2.0.16-20031226
 ==========================================================
@@ -39,8 +70,7 @@ addresses (user@1.2.3.4).  This is not configurable. The form
 user@[ipaddress] is still allowed.
 
 Bounce messages now have a separate queue life time.  This is
-controlled by the bounce_queue_lifetime parameter. The default is
-$maximal_queue_life_time.
+controlled by the bounce_queue_lifetime parameter.
 
 Incompatible changes with Postfix snapshot 2.0.16-20031223
 ==========================================================
diff --git a/postfix/SNAPSHOT b/postfix/SNAPSHOT
new file mode 100644
index 000000000..617eeba5a
--- /dev/null
+++ b/postfix/SNAPSHOT
@@ -0,0 +1,6 @@
+Features to be disabled for the stable 2.1 release:
+
+name		#ifdef	module	man html config sample
+======================================================
+tcp_table
+anvil
diff --git a/postfix/conf/canonical b/postfix/conf/canonical
index 4cea8b406..66ceacad9 100644
--- a/postfix/conf/canonical
+++ b/postfix/conf/canonical
@@ -82,68 +82,69 @@
 #        user address
 #               user@site is replaced by address when site is equal
 #               to  $myorigin,  when  site is listed in $mydestina-
-#               tion, or when it is listed in $inet_interfaces.
+#               tion, or when it is listed in  $inet_interfaces  or
+#               $proxy_interfaces.
 # 
-#               This form is useful for replacing  login  names  by
+#               This  form  is  useful for replacing login names by
 #               Firstname.Lastname.
 # 
 #        @domain address
-#               Every  address  in  domain  is replaced by address.
+#               Every address in domain  is  replaced  by  address.
 #               This form has the lowest precedence.
 # 
-#        In all the above forms, when address has the form  @other-
+#        In  all the above forms, when address has the form @other-
 #        domain, the result is the same user in otherdomain.
 # 
 # ADDRESS EXTENSION
 #        When a mail address localpart contains the optional recip-
-#        ient delimiter (e.g., user+foo@domain), the  lookup  order
+#        ient  delimiter  (e.g., user+foo@domain), the lookup order
 #        becomes: user+foo@domain, user@domain, user+foo, user, and
 #        @domain.
 # 
-#        The  propagate_unmatched_extensions   parameter   controls
-#        whether  an  unmatched  address extension (+foo) is propa-
+#        The   propagate_unmatched_extensions   parameter  controls
+#        whether an unmatched address extension  (+foo)  is  propa-
 #        gated to the result of table lookup.
 # 
 # REGULAR EXPRESSION TABLES
-#        This section describes how the table lookups  change  when
+#        This  section  describes how the table lookups change when
 #        the table is given in the form of regular expressions. For
-#        a description of regular expression lookup  table  syntax,
+#        a  description  of regular expression lookup table syntax,
 #        see regexp_table(5) or pcre_table(5).
 # 
-#        Each  pattern  is  a regular expression that is applied to
+#        Each pattern is a regular expression that  is  applied  to
 #        the entire address being looked up. Thus, user@domain mail
-#        addresses  are  not  broken up into their user and @domain
+#        addresses are not broken up into their  user  and  @domain
 #        constituent parts, nor is user+foo broken up into user and
 #        foo.
 # 
-#        Patterns  are  applied  in  the  order as specified in the
-#        table, until a pattern is found that  matches  the  search
+#        Patterns are applied in the  order  as  specified  in  the
+#        table,  until  a  pattern is found that matches the search
 #        string.
 # 
-#        Results  are  the  same as with indexed file lookups, with
-#        the additional feature that parenthesized substrings  from
+#        Results are the same as with indexed  file  lookups,  with
+#        the  additional feature that parenthesized substrings from
 #        the pattern can be interpolated as $1, $2 and so on.
 # 
 # TCP-BASED TABLES
-#        This  section  describes how the table lookups change when
+#        This section describes how the table lookups  change  when
 #        lookups are directed to a TCP-based server. For a descrip-
-#        tion   of  the  TCP  client/server  lookup  protocol,  see
+#        tion  of  the  TCP  client/server  lookup  protocol,   see
 #        tcp_table(5).
 # 
 #        Each lookup operation uses the entire address once.  Thus,
-#        user@domain  mail  addresses  are not broken up into their
+#        user@domain mail addresses are not broken  up  into  their
 #        user and @domain constituent parts, nor is user+foo broken
 #        up into user and foo.
 # 
 #        Results are the same as with indexed file lookups.
 # 
 # BUGS
-#        The  table format does not understand quoting conventions.
+#        The table format does not understand quoting  conventions.
 # 
 # CONFIGURATION PARAMETERS
-#        The following main.cf parameters are  especially  relevant
-#        to  this  topic.  See  the Postfix main.cf file for syntax
-#        details and for default values.  Use  the  postfix  reload
+#        The  following  main.cf parameters are especially relevant
+#        to this topic. See the Postfix  main.cf  file  for  syntax
+#        details  and  for  default  values. Use the postfix reload
 #        command after a configuration change.
 # 
 #        canonical_maps
@@ -158,34 +159,39 @@
 #               header sender addresses.
 # 
 #        propagate_unmatched_extensions
-#               A  list  of  address rewriting or forwarding mecha-
-#               nisms that propagate an address extension from  the
-#               original  address  to  the result.  Specify zero or
-#               more of  canonical,  virtual,  alias,  forward,  or
+#               A list of address rewriting  or  forwarding  mecha-
+#               nisms  that propagate an address extension from the
+#               original address to the result.   Specify  zero  or
+#               more  of  canonical,  virtual,  alias,  forward, or
 #               include.
 # 
 #        Other parameters of interest:
 # 
 #        inet_interfaces
-#               The  network  interface  addresses that this system
+#               The network interface addresses  that  this  system
 #               receives mail on.  You need to stop and start Post-
 #               fix when this parameter changes.
 # 
+#        proxy_interfaces
+#               Other interfaces that this machine receives mail on
+#               by way of a proxy agent or network address transla-
+#               tor.
+# 
 #        masquerade_classes
-#               List  of  address  classes subject to masquerading:
-#               zero or more of  envelope_sender,  envelope_recipi-
+#               List of address classes  subject  to  masquerading:
+#               zero  or  more of envelope_sender, envelope_recipi-
 #               ent, header_sender, header_recipient.
 # 
 #        masquerade_domains
-#               List  of  domains  that hide their subdomain struc-
+#               List of domains that hide  their  subdomain  struc-
 #               ture.
 # 
 #        masquerade_exceptions
-#               List of user names that are not subject to  address
+#               List  of user names that are not subject to address
 #               masquerading.
 # 
 #        mydestination
-#               List  of  domains  that  this mail system considers
+#               List of domains that  this  mail  system  considers
 #               local.
 # 
 #        myorigin
@@ -204,7 +210,7 @@
 #        tcp_table(5) TCP client/server table lookup protocol
 # 
 # LICENSE
-#        The Secure Mailer license must be  distributed  with  this
+#        The  Secure  Mailer  license must be distributed with this
 #        software.
 # 
 # AUTHOR(S)
diff --git a/postfix/conf/cidr_table b/postfix/conf/cidr_table
deleted file mode 100644
index 2f3e55798..000000000
--- a/postfix/conf/cidr_table
+++ /dev/null
@@ -1,79 +0,0 @@
-# CIDR_TABLE(5)                                       CIDR_TABLE(5)
-# 
-# NAME
-#        cidr_table - format of Postfix CIDR tables
-# 
-# SYNOPSIS
-#        postmap -q "string" cidr:/etc/postfix/filename
-# 
-#        postmap -q - cidr:/etc/postfix/filename <inputfile
-# 
-# DESCRIPTION
-#        The  Postfix  mail  system  uses  optional  access control
-#        tables.  These tables are usually in  dbm  or  db  format.
-#        Alternatively,  access  control tables can be specified in
-#        CIDR form.
-# 
-#        To find out what types of lookup tables your Postfix  sys-
-#        tem supports use the postconf -m command.
-# 
-#        To   test  lookup  tables,  use  the  postmap  command  as
-#        described in the SYNOPSIS above.
-# 
-# TABLE FORMAT
-#        The general form of a Postfix CIDR table is:
-# 
-#        network_address/network_mask     result
-#               When a search string matches the specified  network
-#               block,  use the corresponding result value. Specify
-#               0.0.0.0/0 to match every address.
-# 
-#        network_address     result
-#               When a search string matches the specified  network
-#               address, use the corresponding result value.
-# 
-#        blank lines and comments
-#               Empty  lines and whitespace-only lines are ignored,
-#               as are lines whose first  non-whitespace  character
-#               is a `#'.
-# 
-#        multi-line text
-#               A  logical  line starts with non-whitespace text. A
-#               line that starts with whitespace continues a  logi-
-#               cal line.
-# 
-# SEARCH ORDER
-#        Patterns  are  applied  in  the  order as specified in the
-#        table, until a pattern is found that  matches  the  search
-#        string.
-# 
-# EXAMPLE SMTPD ACCESS MAP
-#        /etc/postfix/main.cf:
-#            smtpd_client_restrictions = ... cidr:/etc/postfix/client.cidr ...
-# 
-#        /etc/postfix/client.cidr:
-#            # Rule order matters. Put more specific whitelist entries
-#            # before more general blacklist entries.
-#            192.168.1.1             OK
-#            192.168.0.0/16          REJECT
-# 
-# SEE ALSO
-#        regexp_table(5) format of regular expression tables
-#        pcre_table(5) format of PCRE tables
-#        tcp_table(5) TCP client/server table lookup protocol
-# 
-# AUTHOR(S)
-#        The CIDR table lookup code was originally written by:
-#        Jozsef Kadlecsik
-#        kadlec@blackhole.kfki.hu
-#        KFKI Research Institute for Particle and Nuclear Physics
-#        POB. 49
-#        1525 Budapest, Hungary
-# 
-#        Adopted and adapted by:
-#        Wietse Venema
-#        IBM T.J. Watson Research
-#        P.O. Box 704
-#        Yorktown Heights, NY 10598, USA
-# 
-#                                                     CIDR_TABLE(5)
diff --git a/postfix/conf/header_checks b/postfix/conf/header_checks
new file mode 100644
index 000000000..9a473a8c5
--- /dev/null
+++ b/postfix/conf/header_checks
@@ -0,0 +1,259 @@
+# HEADER_CHECKS(5)                                 HEADER_CHECKS(5)
+# 
+# NAME
+#        header_checks - Postfix built-in header/body inspection
+# 
+# SYNOPSIS
+#        header_checks = pcre:/etc/postfix/header_checks
+#        mime_header_checks = pcre:/etc/postfix/mime_header_checks
+#        nested_header_checks = pcre:/etc/postfix/nested_header_checks
+# 
+#        body_checks = pcre:/etc/postfix/body_checks
+# 
+#        postmap -q "string" pcre:/etc/postfix/filename
+#        postmap -q - pcre:/etc/postfix/filename <inputfile
+# 
+# DESCRIPTION
+#        Postfix  provides  a  simple  built-in  content inspection
+#        mechanism that examines incoming mail one  message  header
+#        or  one  message  body  line  at  a time.  This feature is
+#        implemented by the Postfix cleanup(8) server.
+# 
+#        Postfix header or body_checks are designed to stop a flood
+#        of mail from worms and viruses. They are not meant to be a
+#        substitute for content filters that decode attachments and
+#        that do other sophisticated content analyses.
+# 
+#        Postfix supports four built-in content inspection classes:
+# 
+#        header_checks
+#               These are applied to each  primary  message  header
+#               (except for the MIME related headers).
+# 
+#        mime_header_checks (default: $header_checks)
+#               These  are applied each MIME related message header
+#               only.
+# 
+#        nested_header_checks (default: $header_checks)
+#               These  are  applied  to  each  message  header   of
+#               attached email messages.
+# 
+#        body_checks
+#               These  are  applied to every other line of content,
+#               including multi-part message boundaries.
+# 
+#        Note: message headers are examined one logical header at a
+#        time,  even  when  a  message header spans multiple lines.
+#        Body lines are always examined one line at a time.
+# 
+# REGEXP AND PCRE TABLE FORMAT
+#        Header and body_checks rules are normally specified in the
+#        form of regular expression lookup tables. The best perfor-
+#        mance is  obtained  with  pcre  (Perl  Compatible  Regular
+#        Expression)  tables,  but the slower regexp (POSIX regular
+#        expressions) support is more  widely  available.  Use  the
+#        command postconf -m to find out what types of lookup table
+#        your Postfix system supports.
+# 
+#        The general format of a header or body_checks table is:
+# 
+#        /pattern/flags action
+#               When pattern matches the input string, execute  the
+#               corresponding  action. See below for a list of pos-
+#               sible actions.
+# 
+#        !/pattern/flags action
+#               When pattern does not match the input string,  exe-
+#               cute the corresponding action.
+# 
+#        if /pattern/flags
+# 
+#        endif  Match the input string against the patterns between
+#               if and endif, if and only if the input string  also
+#               matches pattern. The if..endif can nest.
+# 
+#               Note:  do not prepend whitespace to patterns inside
+#               if..endif.
+# 
+#        if !/pattern/flags
+# 
+#        endif  Match the input string against the patterns between
+#               if  and endif, if and only if the input string does
+#               not match pattern. The if..endif can nest.
+# 
+#        blank lines and comments
+#               Empty lines and whitespace-only lines are  ignored,
+#               as  are  lines whose first non-whitespace character
+#               is a `#'.
+# 
+#        multi-line text
+#               A pattern/action line  starts  with  non-whitespace
+#               text.  A line that starts with whitespace continues
+#               a logical line.
+# 
+#        For a discussion of pattern syntax and flags details,  see
+#        regexp_table(5) or pcre_table(5), respectively.
+# 
+# TABLE SEARCH ORDER
+#        For  each  line of message input, the patterns are applied
+#        in the order as specified in the table. When a pattern  is
+#        found  that  matches  the  input  line,  the corresponding
+#        action is  executed  and  then  the  next  input  line  is
+#        inspected.
+# 
+# TEXT SUBSTITUTION
+#        Substitution  of  substrings  from  the matched expression
+#        into the action string is possible using the  conventional
+#        Perl  syntax  ($1,  $2,  etc.).   The macros in the result
+#        string may need to be written as  ${n}  or  $(n)  if  they
+#        aren't followed by whitespace.
+# 
+#        Note:  since negated patterns (those preceded by !) return
+#        a result when the expression does not match, substitutions
+#        are not available for negated patterns.
+# 
+# ACTIONS
+#        Action names are case insensitive. They are shown in upper
+#        case for consistency with other Postfix documentation.
+# 
+#        DISCARD optional text...
+#               Claim successful delivery and silently discard  the
+#               message.   Log the optional text if specified, oth-
+#               erwise log a generic message.
+# 
+#               Note:  this  action  disables  further  header   or
+#               body_checks  inspection  of the current message and
+#               affects all recipients.
+# 
+#        DUNNO  Pretend that the search string was not  found,  and
+#               inspect  the  next  input  line. This action can be
+#               used to shorten the table search.
+# 
+#               For backwards compatibility reasons,  Postfix  also
+#               accepts  OK but it is (and always has been) treated
+#               as DUNNO.
+# 
+#        FILTER transport:destination
+#               Write a content filter request record to the  queue
+#               file  and  inspect  the next input line.  After the
+#               message is queued, it  will  be  sent  through  the
+#               specified  external  content filter.  More informa-
+#               tion about external content filters is in the Post-
+#               fix FILTER_README file.
+# 
+#               Note:   this  action  overrides  the  main.cf  con-
+#               tent_filter setting, and affects all recipients  of
+#               the  message.  In  the  case  that  multiple FILTER
+#               actions fire, the only last one is executed.
+# 
+#        HOLD optional text...
+#               Arrange for the message to be placed  on  the  hold
+#               queue,  and  inspect the next input line.  The mes-
+#               sage remains on hold until someone  either  deletes
+#               it  or  releases it for delivery.  Log the optional
+#               text if specified, otherwise log a generic message.
+# 
+#               Mail  that  is  placed on hold can be examined with
+#               the postcat(1) command, and  can  be  destroyed  or
+#               released with the postsuper(1) command.
+# 
+#               Note:  this  action  affects  all recipients of the
+#               message.
+# 
+#        IGNORE Delete the current line from the input and  inspect
+#               the next input line.
+# 
+#        REDIRECT user@domain
+#               Write  a  message  redirection request to the queue
+#               file and inspect the next  input  line.  After  the
+#               message is queued, it will be sent to the specified
+#               address instead of the intended recipient(s).
+# 
+#               Note: this action overrides the FILTER action,  and
+#               affects  all recipients of the message. If multiple
+#               REDIRECT actions fire only the  last  one  is  exe-
+#               cuted.
+# 
+#        REJECT optional text...
+#               Reject  the  entire  message.  Reply  with optional
+#               text... when the optional text is specified, other-
+#               wise reply with a generic error message.
+# 
+#               Note:   this  action  disables  further  header  or
+#               body_checks inspection of the current  message  and
+#               affects all recipients.
+# 
+#        WARN optional text...
+#               Log  a  warning with the optional text... (or log a
+#               generic message) and inspect the next  input  line.
+#               This action is useful for debugging and for testing
+#               a pattern before taking more drastic actions.
+# 
+# BUGS
+#        Many people overlook the main limitations  of  header  and
+#        body_checks  rules.   These  rules  operate on one logical
+#        message header or body line at a time, and a decision made
+#        for one line is not carried over to the next line.
+# 
+# CONFIGURATION PARAMETERS
+#        body_checks
+#               Lookup tables with content filter rules for message
+#               body lines.  These filters see one physical line at
+#               a  time,  in  chunks  of at most $line_length_limit
+#               bytes.
+# 
+#        body_checks_size_limit
+#               The amount of  content  per  message  body  segment
+#               (attachment) that is subjected to $body_checks fil-
+#               tering.
+# 
+#        header_checks
+# 
+#        mime_header_checks (default: $header_checks)
+# 
+#        nested_header_checks (default: $header_checks)
+#               Lookup tables with content filter rules for message
+#               header  lines:  respectively,  these are applied to
+#               the primary message  headers  (not  including  MIME
+#               headers),  to the MIME headers anywhere in the mes-
+#               sage, and to the initial headers of  attached  mes-
+#               sages.
+# 
+#               Note:  these filters see one logical message header
+#               at a time, even when a message header spans  multi-
+#               ple  lines.  Message  headers  that are longer than
+#               $header_size_limit characters are truncated.
+# 
+#        disable_mime_input_processing
+#               While receiving mail, give no special treatment  to
+#               MIME  related  message  headers; all text after the
+#               initial message headers is considered to be part of
+#               the  message body. This means that header_checks is
+#               applied to all the  primary  message  headers,  and
+#               that body_checks is applied to the remainder of the
+#               message.
+# 
+#               Note: when used in this  manner,  body_checks  will
+#               process  a  multi-line message header one line at a
+#               time.
+# 
+# SEE ALSO
+#        cleanup(8) canonicalize and enqueue Postfix message
+#        pcre_table(5) format of PCRE tables
+#        regexp_table(5) format of POSIX regular expression tables
+#        postconf(1) Postfix configuration utility
+#        postmap(1) Postfix lookup table management
+#        postsuper(1) Postfix janitor
+#        postcat(1) show Postfix queue file contents
+# 
+# LICENSE
+#        The Secure Mailer license must be  distributed  with  this
+#        software.
+# 
+# AUTHOR(S)
+#        Wietse Venema
+#        IBM T.J. Watson Research
+#        P.O. Box 704
+#        Yorktown Heights, NY 10598, USA
+# 
+#                                                  HEADER_CHECKS(5)
diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf
index 766f11733..c72bf165c 100644
--- a/postfix/conf/main.cf
+++ b/postfix/conf/main.cf
@@ -164,7 +164,7 @@ mail_owner = postfix
 #
 # The local_recipient_maps parameter specifies optional lookup tables
 # with all names or addresses of users that are local with respect
-# to $mydestination and $inet_interfaces.
+# to $mydestination, $inet_interfaces or $proxy_interfaces.
 #
 # If this parameter is defined, then the SMTP server will reject
 # mail for unknown local users. This parameter is defined by default.
@@ -205,8 +205,8 @@ mail_owner = postfix
 
 # The unknown_local_recipient_reject_code specifies the SMTP server
 # response code when a recipient domain matches $mydestination or
-# $inet_interfaces, while $local_recipient_maps is non-empty and the
-# recipient address or address local-part is not found.
+# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
+# and the recipient address or address local-part is not found.
 #
 # The default setting is 550 (reject mail) but it is safer to start
 # with 450 (try again later) until you are certain that your
@@ -272,7 +272,7 @@ unknown_local_recipient_reject_code = 450
 # 
 # In addition to the above, the Postfix SMTP server by default accepts mail
 # that Postfix is final destination for:
-# - destinations that match $inet_interfaces,
+# - destinations that match $inet_interfaces or $proxy_interfaces,
 # - destinations that match $mydestination
 # - destinations that match $virtual_alias_domains,
 # - destinations that match $virtual_mailbox_domains.
@@ -481,8 +481,9 @@ unknown_local_recipient_reject_code = 450
 #fallback_transport =
 
 # The luser_relay parameter specifies an optional destination address
-# for unknown recipients.  By default, mail for unknown@$mydestination
-# and unknown@[$inet_interfaces] is returned as undeliverable.
+# for unknown recipients.  By default, mail for unknown@$mydestination,
+# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
+# as undeliverable.
 #
 # The following expansions are done on luser_relay: $user (recipient
 # username), $shell (recipient shell), $home (recipient home directory),
diff --git a/postfix/conf/pcre_table b/postfix/conf/pcre_table
deleted file mode 100644
index c9ea78eb1..000000000
--- a/postfix/conf/pcre_table
+++ /dev/null
@@ -1,198 +0,0 @@
-# PCRE_TABLE(5)                                       PCRE_TABLE(5)
-# 
-# NAME
-#        pcre_table - format of Postfix PCRE tables
-# 
-# SYNOPSIS
-#        postmap -q "string" pcre:/etc/postfix/filename
-# 
-#        postmap -q - pcre:/etc/postfix/filename <inputfile
-# 
-# DESCRIPTION
-#        The  Postfix  mail system uses optional tables for address
-#        rewriting or mail routing. These tables are usually in dbm
-#        or  db  format. Alternatively, lookup tables can be speci-
-#        fied in Perl Compatible Regular Expression form.
-# 
-#        To find out what types of lookup tables your Postfix  sys-
-#        tem supports use the postconf -m command.
-# 
-#        To   test  lookup  tables,  use  the  postmap  command  as
-#        described in the SYNOPSIS above.
-# 
-# TABLE FORMAT
-#        The general form of a PCRE table is:
-# 
-#        /pattern/flags result
-#               When pattern matches the input string, use the cor-
-#               responding result value.
-# 
-#        !/pattern/flags result
-#               When  pattern  does not match the input string, use
-#               the corresponding result value.
-# 
-#        if /pattern/flags
-# 
-#        endif  Match the input string against the patterns between
-#               if  and endif, if and only if the input string also
-#               matches pattern. The if..endif can nest.
-# 
-#               Note: do not prepend whitespace to patterns  inside
-#               if..endif.
-# 
-#        if !/pattern/flags
-# 
-#        endif  Match the input string against the patterns between
-#               if and endif, if and only if the input string  does
-#               not match pattern. The if..endif can nest.
-# 
-#        blank lines and comments
-#               Empty  lines and whitespace-only lines are ignored,
-#               as are lines whose first  non-whitespace  character
-#               is a `#'.
-# 
-#        multi-line text
-#               A  logical  line starts with non-whitespace text. A
-#               line that starts with whitespace continues a  logi-
-#               cal line.
-# 
-#        Each  pattern  is  a  perl-like  regular  expression.  The
-#        expression delimiter can be any character, except  whites-
-#        pace  or  characters that have special meaning (tradition-
-#        ally the forward slash is used).  The  regular  expression
-#        can contain whitespace.
-# 
-#        By default, matching is case-insensitive, and newlines are
-#        not treated as special characters. The  behavior  is  con-
-#        trolled  by  flags,  which are toggled by appending one or
-#        more of the following characters after the pattern:
-# 
-#        i (default: on)
-#               Toggles the  case  sensitivity  flag.  By  default,
-#               matching is case insensitive.
-# 
-#        m (default: off)
-#               Toggles  the PCRE_MULTILINE flag. When this flag is
-#               on, the ^ and $  metacharacters  match  immediately
-#               after  and  immediately before a newline character,
-#               respectively, in addition to matching at the  start
-#               and end of the subject string.
-# 
-#        s (default: on)
-#               Toggles the PCRE_DOTALL flag. When this flag is on,
-#               the .  metacharacter matches the newline character.
-#               With  Postfix  versions prior to 20020528, The flag
-#               is off by default, which is inconvenient for multi-
-#               line message header matching.
-# 
-#        x (default: off)
-#               Toggles  the  pcre extended flag. When this flag is
-#               on, whitespace in the  pattern  (other  than  in  a
-#               character class) and characters between a # outside
-#               a character class and the  next  newline  character
-#               are  ignored.  An escaping backslash can be used to
-#               include a whitespace or # character as part of  the
-#               pattern.
-# 
-#        A (default: off)
-#               Toggles  the PCRE_ANCHORED flag.  When this flag is
-#               on, the pattern is forced to  be  "anchored",  that
-#               is, it is constrained to match only at the start of
-#               the string which is being  searched  (the  "subject
-#               string").  This  effect  can  also  be  achieved by
-#               appropriate constructs in the pattern itself.
-# 
-#        E (default: off)
-#               Toggles the  PCRE_DOLLAR_ENDONLY  flag.  When  this
-#               flag  is  on,  a  $  metacharacter  in  the pattern
-#               matches only at the  end  of  the  subject  string.
-#               Without  this  flag,  a dollar also matches immedi-
-#               ately before the final character if it is a newline
-#               character (but not before any other newline charac-
-#               ters). This flag is ignored if PCRE_MULTILINE  flag
-#               is set.
-# 
-#        U (default: off)
-#               Toggles the ungreedy matching flag.  When this flag
-#               is on, the  pattern  matching  engine  inverts  the
-#               "greediness"  of  the  quantifiers so that they are
-#               not greedy by default, but become  greedy  if  fol-
-#               lowed  by  "?".   This  flag can also set by a (?U)
-#               modifier within the pattern.
-# 
-#        X (default: off)
-#               Toggles the PCRE_EXTRA flag.  When this flag is on,
-#               any  backslash  in  a pattern that is followed by a
-#               letter that has no special meaning causes an error,
-#               thus reserving these combinations for future expan-
-#               sion.
-# 
-# SEARCH ORDER
-#        Patterns are applied in the  order  as  specified  in  the
-#        table,  until  a  pattern  is found that matches the input
-#        string.
-# 
-#        Each pattern  is  applied  to  the  entire  input  string.
-#        Depending  on  the  application,  that string is an entire
-#        client hostname, an entire client IP address, or an entire
-#        mail  address.   Thus,  no parent domain or parent network
-#        search is done, and user@domain  mail  addresses  are  not
-#        broken  up  into  their user and domain constituent parts,
-#        nor is user+foo broken up into user and foo.
-# 
-# TEXT SUBSTITUTION
-#        Substitution of substrings  from  the  matched  expression
-#        into  the result string is possible using the conventional
-#        perl syntax ($1, $2, etc.).   The  macros  in  the  result
-#        string  may  need  to  be  written as ${n} or $(n) if they
-#        aren't followed by whitespace.
-# 
-#        Note: since negated patterns (those preceded by !)  return
-#        a result when the expression does not match, substitutions
-#        are not available for negated patterns.
-# 
-# EXAMPLE SMTPD ACCESS MAP
-#        # Protect your outgoing majordomo exploders
-#        /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
-# 
-#        # Bounce friend@whatever, except when whatever is our domain (you would
-#        # be better just bouncing all friend@ mail - this is just an example).
-#        /^(friend@(?!my\.domain$).*)$/  550 Stick this in your pipe $1
-# 
-#        # A multi-line entry. The text is sent as one line.
-#        #
-#        /^noddy@my\.domain$/
-#         550 This user is a funny one. You really don't want to send mail to
-#         them as it only makes their head spin.
-# 
-# EXAMPLE HEADER FILTER MAP
-#        /^Subject: make money fast/     REJECT
-#        /^To: friend@public\.com/       REJECT
-# 
-# EXAMPLE BODY FILTER MAP
-#        # First skip over base 64 encoded text to save CPU cycles.
-#        # Requires PCRE version 3.
-#        ~^[[:alnum:]+/]{60,}$~          OK
-# 
-#        # Put your own body patterns here.
-# 
-# SEE ALSO
-#        regexp_table(5) format of POSIX regular expression tables
-#        cidr_table(5) format of CIDR tables
-#        tcp_table(5) TCP client/server table lookup protocol
-# 
-# AUTHOR(S)
-#        The PCRE table lookup code was originally written by:
-#        Andrew McNamara
-#        andrewm@connect.com.au
-#        connect.com.au Pty. Ltd.
-#        Level 3, 213 Miller St
-#        North Sydney, NSW, Australia
-# 
-#        Adopted and adapted by:
-#        Wietse Venema
-#        IBM T.J. Watson Research
-#        P.O. Box 704
-#        Yorktown Heights, NY 10598, USA
-# 
-#                                                     PCRE_TABLE(5)
diff --git a/postfix/conf/postfix-files b/postfix/conf/postfix-files
index f9ec61dec..30410ec39 100644
--- a/postfix/conf/postfix-files
+++ b/postfix/conf/postfix-files
@@ -99,17 +99,18 @@ $config_directory/LICENSE:f:root:-:644
 $config_directory/access:f:root:-:644:p
 $config_directory/aliases:f:root:-:644:p
 $config_directory/canonical:f:root:-:644:p
-$config_directory/cidr_table:f:root:-:644:p
+$config_directory/cidr_table:f:root:-:644:o
+$config_directory/header_checks:f:root:-:644:p
 $config_directory/install.cf:f:root:-:644:o
 $config_directory/main.cf:f:root:-:644:p
 $config_directory/main.cf.default:f:root:-:644
 $config_directory/makedefs.out:f:root:-:644
 $config_directory/master.cf:f:root:-:644:p
-$config_directory/pcre_table:f:root:-:644:p
+$config_directory/pcre_table:f:root:-:644:o
 $config_directory/postfix-files:f:root:-:644
-$config_directory/regexp_table:f:root:-:644:p
+$config_directory/regexp_table:f:root:-:644:o
 $config_directory/relocated:f:root:-:644:p
-$config_directory/tcp_table:f:root:-:644:p
+$config_directory/tcp_table:f:root:-:644:o
 $config_directory/transport:f:root:-:644:p
 $config_directory/virtual:f:root:-:644:p
 $config_directory/postfix-script:f:root:-:755
@@ -132,8 +133,10 @@ $manpage_directory/man1/postsuper.1:f:root:-:644
 $manpage_directory/man1/sendmail.1:f:root:-:644
 $manpage_directory/man5/access.5:f:root:-:644
 $manpage_directory/man5/aliases.5:f:root:-:644
+$manpage_directory/man5/body_checks.5:f:root:-:644
 $manpage_directory/man5/canonical.5:f:root:-:644
 $manpage_directory/man5/cidr_table.5:f:root:-:644
+$manpage_directory/man5/header_checks.5:f:root:-:644
 $manpage_directory/man5/pcre_table.5:f:root:-:644
 $manpage_directory/man5/regexp_table.5:f:root:-:644
 $manpage_directory/man5/relocated.5:f:root:-:644
@@ -176,15 +179,15 @@ $sample_directory/sample-lmtp.cf:f:root:-:644
 $sample_directory/sample-local.cf:f:root:-:644
 $sample_directory/sample-mime.cf:f:root:-:644
 $sample_directory/sample-misc.cf:f:root:-:644
-$sample_directory/sample-pcre-access.cf:f:root:-:644
-$sample_directory/sample-pcre-body.cf:f:root:-:644
-$sample_directory/sample-pcre-header.cf:f:root:-:644
+$sample_directory/sample-pcre-access.cf:f:root:-:644:o
+$sample_directory/sample-pcre-body.cf:f:root:-:644:o
+$sample_directory/sample-pcre-header.cf:f:root:-:644:o
 $sample_directory/sample-pgsql-aliases.cf:f:root:-:644
 $sample_directory/sample-qmqpd.cf:f:root:-:644
 $sample_directory/sample-rate.cf:f:root:-:644
-$sample_directory/sample-regexp-access.cf:f:root:-:644
-$sample_directory/sample-regexp-body.cf:f:root:-:644
-$sample_directory/sample-regexp-header.cf:f:root:-:644
+$sample_directory/sample-regexp-access.cf:f:root:-:644:o
+$sample_directory/sample-regexp-body.cf:f:root:-:644:o
+$sample_directory/sample-regexp-header.cf:f:root:-:644:o
 $sample_directory/sample-relocated.cf:f:root:-:644
 $sample_directory/sample-resource.cf:f:root:-:644
 $sample_directory/sample-rewrite.cf:f:root:-:644
diff --git a/postfix/conf/regexp_table b/postfix/conf/regexp_table
deleted file mode 100644
index 493142841..000000000
--- a/postfix/conf/regexp_table
+++ /dev/null
@@ -1,158 +0,0 @@
-# REGEXP_TABLE(5)                                   REGEXP_TABLE(5)
-# 
-# NAME
-#        regexp_table - format of Postfix regular expression tables
-# 
-# SYNOPSIS
-#        postmap -q "string" regexp:/etc/postfix/filename
-# 
-#        postmap -q - regexp:/etc/postfix/filename <inputfile
-# 
-# DESCRIPTION
-#        The Postfix mail system uses optional tables  for  address
-#        rewriting or mail routing. These tables are usually in dbm
-#        or db format. Alternatively, lookup tables can  be  speci-
-#        fied in POSIX regular expression form.
-# 
-#        To  find out what types of lookup tables your Postfix sys-
-#        tem supports use the postconf -m command.
-# 
-#        To  test  lookup  tables,  use  the  postmap  command   as
-#        described in the SYNOPSIS above.
-# 
-# TABLE FORMAT
-#        The general form of a Postfix regular expression table is:
-# 
-#        /pattern/flags result
-#               When pattern matches the input string, use the cor-
-#               responding result value.
-# 
-#        !/pattern/flags result
-#               When  pattern  does not match the input string, use
-#               the corresponding result value.
-# 
-#        if /pattern/flags
-# 
-#        endif  Match the input string against the patterns between
-#               if and endif, if and only if that same input string
-#               also matches pattern. The if..endif can nest.
-# 
-#               Note: do not prepend whitespace to patterns  inside
-#               if..endif.
-# 
-#        if !/pattern/flags
-# 
-#        endif  Match the input string against the patterns between
-#               if and endif, if and only if that same input string
-#               does not match pattern. The if..endif can nest.
-# 
-#        blank lines and comments
-#               Empty  lines and whitespace-only lines are ignored,
-#               as are lines whose first  non-whitespace  character
-#               is a `#'.
-# 
-#        multi-line text
-#               A  logical  line starts with non-whitespace text. A
-#               line that starts with whitespace continues a  logi-
-#               cal line.
-# 
-#        Each pattern is a regular expression enclosed by a pair of
-#        delimiters.  The regular expression syntax is described in
-#        re_format(7).  The expression delimiter can be any charac-
-#        ter, except whitespace or  characters  that  have  special
-#        meaning  (traditionally  the  forward  slash is used). The
-#        regular expression can contain whitespace.
-# 
-#        By default, matching is case-insensitive, and newlines are
-#        not  treated  as  special characters. The behavior is con-
-#        trolled by flags, which are toggled by  appending  one  or
-#        more of the following characters after the pattern:
-# 
-#        i (default: on)
-#               Toggles  the  case  sensitivity  flag.  By default,
-#               matching is case insensitive.
-# 
-#        x (default: on)
-#               Toggles the extended  expression  syntax  flag.  By
-#               default,  support for extended expression syntax is
-#               enabled.
-# 
-#        m (default: off)
-#               Toggle the multi-line mode flag. When this flag  is
-#               on,  the  ^  and $ metacharacters match immediately
-#               after and immediately before a  newline  character,
-#               respectively,  in addition to matching at the start
-#               and end of the input string.
-# 
-# TABLE SEARCH ORDER
-#        Patterns are applied in the  order  as  specified  in  the
-#        table,  until  a  pattern  is found that matches the input
-#        string.
-# 
-#        Each pattern  is  applied  to  the  entire  input  string.
-#        Depending  on  the  application,  that string is an entire
-#        client hostname, an entire client IP address, or an entire
-#        mail  address.   Thus,  no parent domain or parent network
-#        search is done, and user@domain  mail  addresses  are  not
-#        broken  up  into  their user and domain constituent parts,
-#        nor is user+foo broken up into user and foo.
-# 
-# TEXT SUBSTITUTION
-#        Substitution of substrings  from  the  matched  expression
-#        into the result string is possible using $1, $2, etc.. The
-#        macros in the result string may need to be written as ${n}
-#        or $(n) if they aren't followed by whitespace.
-# 
-#        Note:  since negated patterns (those preceded by !) return
-#        a result when the expression does not match, substitutions
-#        are not available for negated patterns.
-# 
-# EXAMPLE SMTPD ACCESS MAP
-#        # Disallow sender-specified routing. This is a must if you relay mail
-#        # for other domains.
-#        /[%!@].*[%!@]/       550 Sender-specified routing rejected
-# 
-#        # Postmaster is OK, that way they can talk to us about how to fix
-#        # their problem.
-#        /^postmaster@/       OK
-# 
-#        # Protect your outgoing majordomo exploders
-#        if !/^owner-/
-#        /^(.*)-outgoing@(.*)$/   550 Use ${1}@${2} instead
-#        endif
-# 
-# EXAMPLE HEADER FILTER MAP
-#        # These were once common in junk mail.
-#        /^Subject: make money fast/     REJECT
-#        /^To: friend@public\.com/       REJECT
-# 
-# EXAMPLE BODY FILTER MAP
-#        # First skip over base 64 encoded text to save CPU cycles.
-#        ~^[[:alnum:]+/]{60,}$~          OK
-# 
-#        # Put your own body patterns here.
-# 
-# SEE ALSO
-#        pcre_table(5) format of PCRE tables
-#        cidr_table(5) format of CIDR tables
-#        tcp_table(5) TCP client/server table lookup protocol
-# 
-# AUTHOR(S)
-#        The regexp table lookup code was originally written by:
-#        LaMont Jones
-#        lamont@hp.com
-# 
-#        That code was based on the PCRE dictionary contributed by:
-#        Andrew McNamara
-#        andrewm@connect.com.au
-#        connect.com.au Pty. Ltd.
-#        Level 3, 213 Miller St
-#        North Sydney, NSW, Australia
-# 
-#        Adopted and adapted by:
-#        Wietse Venema
-#        IBM T.J. Watson Research
-#        P.O. Box 704
-#        Yorktown Heights, NY 10598, USA
-# 
-#                                                   REGEXP_TABLE(5)
diff --git a/postfix/conf/relocated b/postfix/conf/relocated
index ffb983a9b..0dfaebc1e 100644
--- a/postfix/conf/relocated
+++ b/postfix/conf/relocated
@@ -58,7 +58,7 @@
 # 
 #        user   Matches user@site when site is $myorigin, when site
 #               is listed in $mydestination, or when site is listed
-#               in $inet_interfaces.
+#               in $inet_interfaces or $proxy_interfaces.
 # 
 #        @domain
 #               Matches  every address in domain. This form has the
@@ -131,6 +131,11 @@
 #        myorigin
 #               The domain that is appended to locally-posted mail.
 # 
+#        proxy_interfaces
+#               Other interfaces that this machine receives mail on
+#               by way of a proxy agent or network address transla-
+#               tor.
+# 
 # SEE ALSO
 #        postmap(1) create lookup table
 #        pcre_table(5) format of PCRE tables
diff --git a/postfix/conf/sample-local.cf b/postfix/conf/sample-local.cf
index e15bff232..04801315e 100644
--- a/postfix/conf/sample-local.cf
+++ b/postfix/conf/sample-local.cf
@@ -39,8 +39,8 @@ require_home_directory = no
 #
 
 # The local_transport parameter specifies the name of the transport
-# for delivery to destinations that match $mydestination or
-# $inet_interfaces.
+# for delivery to destinations that match $mydestination,
+# $inet_interfaces or $proxy_interfaces.
 #
 # By default, local mail is delivered to the transport called "local",
 # which is just the name of a service that is defined the master.cf file.
@@ -127,8 +127,9 @@ default_privs = nobody
 home_mailbox = 
 
 # The luser_relay parameter specifies an optional destination address
-# for unknown recipients.  By default, mail for unknown@$mydestination
-# and unknown@[$inet_interfaces] is returned as undeliverable.
+# for unknown recipients.  By default, mail for unknown@$mydestination,
+# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned
+# as undeliverable.
 #
 # The following expansions are done on luser_relay: $user (recipient
 # username), $shell (recipient shell), $home (recipient home directory),
diff --git a/postfix/conf/sample-misc.cf b/postfix/conf/sample-misc.cf
index 4d010158e..ae88757c2 100644
--- a/postfix/conf/sample-misc.cf
+++ b/postfix/conf/sample-misc.cf
@@ -52,9 +52,9 @@ berkeley_db_read_buffer_size = 131072
 
 # The default_transport parameter specifies the default message
 # delivery transport for domains that do not match mydestination,
-# inet_interfaces, virtual_alias_domains, virtual_mailbox_domains,
-# relay_domains, and for which no transport is explicitly given in
-# the optional transport(5) table.
+# inet_interfaces, proxy_interfaces, virtual_alias_domains,
+# virtual_mailbox_domains, relay_domains, and for which no transport
+# is explicitly given in the optional transport(5) table.
 #
 # Specify a string of the form transport:nexthop, where transport is
 # the name of a mail delivery transport defined in master.cf.  Either
@@ -253,7 +253,7 @@ max_use = 100
 #
 # The local machine is always the final destination for mail addressed
 # to user@[the.net.work.address] of an interface that the mail system
-# receives mail on (see the inet_interfaces parameter).
+# receives mail on (parameters: inet_interfaces and proxy_interfaces).
 #
 # Specify a list of host or domain names, /file/name or type:table
 # patterns, separated by commas and/or whitespace. A /file/name
diff --git a/postfix/conf/sample-pcre-access.cf b/postfix/conf/sample-pcre-access.cf
deleted file mode 100644
index 83df35673..000000000
--- a/postfix/conf/sample-pcre-access.cf
+++ /dev/null
@@ -1,63 +0,0 @@
-# 
-#	Sample pcre (PERL-compatible regular expression) map file for
-#	SMTPD access control. See pcre_table(5) and access(5) for
-#	syntax descriptions.
-#
-#	The first field is a perl-like regular expression. The expression
-#	delimiter can be any character except whitespace, or characters
-#	that have special meaning to the regexp library (traditionally
-#	the forward slash is used). The regular expression can contain
-#	whitespace.
-#
-#	When the regular expression is prefixed by `!', the pattern
-#	succeeds when it does not match.
-#
-#	By default, matching is case-INsensitive, although following
-#	the second slash with an 'i' will reverse this. Other flags are
-#	supported, but the only other useful one is 'U', which makes
-#	matching ungreedy (see PCRE documentation and source for more
-#	info).
-#
-#       A block of table entries may be "enclosed" by a line with    
-#       `if /pattern/flags' and a line with `endif'.  This causes
-#       the block of table entries to be examined only when the
-#       search string matches the pattern. The `if..endif' may
-#       be nested. There currently is no `else' operator.
-#
-#	The second field is the "replacement" string - the text
-#	returned by the match. When used for smtpd checks, this would
-#	be a helpful message to misguided users (or an offensive
-#	message to spammers), although it could also be a domain name
-#	or other data for use as a transport, virtual, or other map.
-#
-#	Substitution of sub-strings from the matched expression is
-#	possible using the conventional perl syntax. The macros in the
-#	replacement string may need to be protected with curly braces
-#	if they aren't followed by whitespace (see the examples
-#	below).
-#
-#	Lines starting with whitespace are continuation lines - they are
-#	appended to the previous line (there should be no whitespace
-#	before your regular expression!)
-#
-#	This code was originally developed for SPAM control. However
-#	it seems that it can be used equally well for address rewriting
-#	by virtual or canonical lookups. Using this for aliases might 
-#	be stretching things, though.
-#
-
-# Protect your outgoing majordomo exploders
-#
-/^(?!owner-)(.*)-outgoing@(.*)/		550 Use ${1}@${2} instead
-
-
-# Bounce friend@whatever, except when whatever is our domain (you would
-# be better just bouncing all friend@ mail - this is just an example).
-#
-/^friend@(?!my\.domain)/		550 Stick this in your pipe $0
-
-# A multi-line response
-#
-/^noddy@my\.domain$/
- 550 This user is a funny one. You really don't want to send mail to them
- as it only makes their head spin. 
diff --git a/postfix/conf/sample-pcre-body.cf b/postfix/conf/sample-pcre-body.cf
deleted file mode 100644
index 7b0c6ec31..000000000
--- a/postfix/conf/sample-pcre-body.cf
+++ /dev/null
@@ -1,81 +0,0 @@
-#
-#	Sample pcre (PERL-compatible regular expression) map file for
-#	mail body filtering. See pcre_table(5) for syntax description.
-#
-#	Mail body lines are filtered one line at a time. MIME headers are
-#	filtered as message headers, i.e. not as part of the mail body.
-#
-#	The first field is a perl-like regular expression. The expression
-#	delimiter can be any character except whitespace, or characters
-#	that have special meaning to the regexp library (traditionally
-#	the forward slash is used). The regular expression can contain
-#	whitespace.
-#
-#	When the regular expression is prefixed by `!', the pattern
-#	succeeds when it does not match.
-#
-#	By default, matching is case-INsensitive, although following
-#	the second slash with an 'i' will reverse this. Other flags are
-#	supported, but the only other useful one is 'U', which makes
-#	matching ungreedy (see PCRE documentation and source for more
-#	info).
-#
-#       A block of table entries may be "enclosed" by a line with    
-#       `if /pattern/flags' and a line with `endif'.  This causes
-#       the block of table entries to be examined only when the
-#       search string matches the pattern. The `if..endif' may
-#       be nested. There currently is no `else' operator.
-#
-#	The second field is the "replacement" string - the text
-#	returned by the match.
-#
-#	REJECT [optional text...]
-#			Reject the entire message. The optional text is sent to
-#			the originator and is logged to the maillog file.
-#	OK		Skip all further body patterns for this body line.
-#	IGNORE		Silently discard the body line.
-#	WARN [optional text...]
-#			Log the body line and the optional text. This is
-#			useful for testing. When the pattern is good, change the
-#			WARN into a REJECT or into a DISCARD.
-#	HOLD [optional text...]
-#			Place the message on the hold queue. Mail on hold can
-#			be inspected with the postcat command, and can be
-#			destroyed or taken off hold (i.e. delivered) with the
-#			postsuper command.  The matched body line is logged
-#			together with the optional text.
-#	DISCARD [optional text...]
-#			Claim successful delivery and silently discard the
-#			message.  The matched body line is logged together
-#			with the optional text.
-#	FILTER transport:nexthop
-#			After the message is queued, send the entire
-#			message through a content filter. This
-#			requires different cleanup servers before
-#			and after the filter, with header/body
-#			checks turned off in the second cleanup
-#			server. More information about content filters
-#			is in the Postfix FILTER_README file. This feature
-#			overrides the main.cf content_filter setting.
-#	REDIRECT user@domain
-#			Send the message to the specified address instead
-#			of the intended recipient(s). This feature overrides
-#			the FILTER action.
-#
-#	Substitution of sub-strings from the matched expression is
-#	possible using the conventional perl syntax. The macros in the
-#	replacement string may need to be protected with curly braces
-#	if they aren't followed by whitespace (see the examples
-#	below).
-#
-#	Lines starting with whitespace are continuation lines - they are
-#	appended to the previous line (there should be no whitespace
-#	before your regular expression!)
-#
-
-# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
-# Expressions by Liviu Daia, amended by Victor Duchovni.
-# Requires PCRE version 3.
-~^[[:alnum:]+/]{60,}\s*$~	OK
-
-# Your own body patterns go here.
diff --git a/postfix/conf/sample-pcre-header.cf b/postfix/conf/sample-pcre-header.cf
deleted file mode 100644
index 2a187de1c..000000000
--- a/postfix/conf/sample-pcre-header.cf
+++ /dev/null
@@ -1,78 +0,0 @@
-# 
-#	Sample pcre (PERL-compatible regular expression) map file for
-#	message header filtering. See pcre_table(5) for syntax description.
-#
-#	Message headers are filtered one at a time. This filter understands
-#	multi-line message headers, including MIME headers in the message
-#	body.
-#
-#	The first field is a perl-like regular expression. The expression
-#	delimiter can be any character except whitespace, or characters
-#	that have special meaning to the regexp library (traditionally
-#	the forward slash is used). The regular expression can contain
-#	whitespace.
-#
-#	When the regular expression is prefixed by `!', the pattern
-#	succeeds when it does not match.
-#
-#	By default, matching is case-INsensitive, although following
-#	the second slash with an 'i' will reverse this. Other flags are
-#	supported, but the only other useful one is 'U', which makes
-#	matching ungreedy (see PCRE documentation and source for more
-#	info).
-#
-#       A block of table entries may be "enclosed" by a line with    
-#       `if /pattern/flags' and a line with `endif'.  This causes
-#       the block of table entries to be examined only when the
-#       search string matches the pattern. The `if..endif' may
-#       be nested. There currently is no `else' operator.
-#
-#	The second field is the "replacement" string - the text
-#	returned by the match. 
-#
-#       REJECT [optional text...]
-#                       Reject the entire message. The optional text is sent to
-#                       the originator and is logged to the maillog file.
-#	OK		Skip all further header patterns for this header line.
-#       IGNORE		Silently ignore the message header.
-#       WARN [optional text...]
-#                       Log the message header and the optional text. This is
-#                       useful for testing. When the pattern is good, change the
-#                       WARN into a REJECT or into a DISCARD.
-#       HOLD [optional text...]
-#                       Place the message on the hold queue. Mail on hold can
-#                       be inspected with the postcat command, and can be
-#                       destroyed or taken off hold (i.e. delivered) with the
-#                       postsuper command.  The matched header is logged
-#                       together with the optional text.
-#       DISCARD [optional text...]
-#                       Claim successful delivery and silently discard the
-#                       message.  The matched header is logged together with
-#                       the optional text.
-#       FILTER transport:nexthop
-#                       After the message is queued, send the entire
-#                       message through a content filter. This
-#                       requires different cleanup servers before
-#                       and after the filter, with header/body
-#                       checks turned off in the second cleanup
-#                       server. More information about content filters
-#                       is in the Postfix FILTER_README file. This feature
-#			overrides the main.cf content_filter setting.
-#	REDIRECT user@domain
-#			Send the message to the specified address instead
-#			of the intended recipient(s). This feature overrides
-#			the FILTER action.
-#
-#	Substitution of sub-strings from the matched expression is
-#	possible using the conventional perl syntax. The macros in the
-#	replacement string may need to be protected with curly braces
-#	if they aren't followed by whitespace (see the examples
-#	below).
-#
-#	Lines starting with whitespace are continuation lines - they are
-#	appended to the previous line (there should be no whitespace
-#	before your regular expression!)
-#
-
-/^Subject: Make Money Fast/	REJECT
-/^To: friend@public.com/	REJECT
diff --git a/postfix/conf/sample-regexp-access.cf b/postfix/conf/sample-regexp-access.cf
deleted file mode 100644
index f2721930d..000000000
--- a/postfix/conf/sample-regexp-access.cf
+++ /dev/null
@@ -1,35 +0,0 @@
-# Sample regexp SMTPD access lookup "table". See regexp_table(5)
-# and access(5) for a description of the syntax.
-#
-# The general format of a table entry is PATTERN RESULT.
-#
-# The pattern format is `/regexp/flags' or `!/regexp/flags' where regexp
-# is a regular expression as found in re_format(7), and flags are
-#   i: toggle ignore case (REG_ICASE - default is to ignore case)
-#   x: toggle extended expression (REG_EXTENDED - default is extended)
-#   m: toggle multiline mode (REG_NEWLINE - default is non-multiline mode)
-#
-# In order for a line to match, the regexp must match. If the regexp
-# is prefixed with !, it must not match.  The first line with a successful
-# (non)match wins, terminating processing of the ruleset.
-#
-# A block of table entries may be "enclosed" by a line with `if
-# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when the
-# search string produces a successful (non)match. The `if..endif' may
-# be nested. There currently is no `else' operator.
-#
-# The syntax of access table results is described in the Postfix
-# access(5) manual page.
-
-# Disallow sender-specified routing. This is a must if you relay mail
-#for other domains.
-/[%!@].*@/				550 Sender-specified routing rejected
-
-# Postmaster is OK, that way they can talk to us about how to fix their problem.
-/^postmaster@/				OK
-
-# Protect your outgoing majordomo exploders
-if !/^owner-.*/
-/^(.*)-outgoing@(.*)$/			550 Use ${1}@${2} instead
-endif
diff --git a/postfix/conf/sample-regexp-body.cf b/postfix/conf/sample-regexp-body.cf
deleted file mode 100644
index b8a438c55..000000000
--- a/postfix/conf/sample-regexp-body.cf
+++ /dev/null
@@ -1,57 +0,0 @@
-# Sample regexp message body filter lookup "table". See regexp_table(5)
-# for a description of the syntax.
-#
-# Mail body lines are filtered one line at a time. MIME headers are
-# filtered as message headers, i.e. not as part of the mail body.
-#
-# The general format of a table entry is PATTERN RESULT.
-#
-# The pattern format is `/regexp/flags' or `!/regexp/flags' where regexp
-# is a regular expression as found in re_format(7), and flags are
-#   i: toggle ignore case (REG_ICASE - default is to ignore case)
-#   x: toggle extended expression (REG_EXTENDED - default is extended)
-#   m: toggle multiline mode (REG_NEWLINE - default is non-multiline mode)
-#
-# In order for a line to match, the regexp must match. If the regexp
-# is prefixed with !, it must not match.  The first line with a successful
-# (non)match wins, terminating processing of the ruleset.
-#
-# A block of table entries may be "enclosed" by a line with `if
-# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when the
-# search string produces a successful (non)match. The `if..endif' may
-# be nested. There currently is no `else' operator.
-#
-# The result is one of the following:
-# REJECT [optional text...]
-#       Reject the entire message. The optional text is sent to the
-#       originator and is logged to the maillog file.
-# OK	Skip all further body patterns for this body line.
-# IGNORE Silently discard the body line.
-# WARN [optional text...]
-#       Log the body line and the optional text. This is useful
-#       for testing. When the pattern is OK, change the WARN into a
-#       REJECT or into a DISCARD.
-# HOLD [optional text...]
-#       Place the message on the hold queue. Mail on hold can be
-#       inspected with the postcat command, and can be destroyed or
-#       taken off hold (i.e. delivered) with the postsuper command.
-#       The matched body line is logged together with the optional text.
-# DISCARD [optional text...]
-#       Claim successful delivery and silently discard the message.
-#       The matched body line is logged together with the optional text.
-# FILTER transport:nexthop
-#       After the message is queued, send the entire message through
-#       a content filter. This requires different cleanup servers
-#       before and after the filter, with header/body checks turned
-#       off in the second cleanup server. This overrides the main.cf
-#	content filter setting.
-# REDIRECT user@domain
-#	Send the message to the specified address instead of the
-#	intended recipient(s). This overrides the FILTER action.
-
-# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
-# Expressions by Liviu Daia. Amended by Victor Duchovni.
-~^[[:alnum:]+/]{60,}[[:space:]]*$~	OK
-
-# Your own body patterns go here.
diff --git a/postfix/conf/sample-regexp-header.cf b/postfix/conf/sample-regexp-header.cf
deleted file mode 100644
index 3c49952ba..000000000
--- a/postfix/conf/sample-regexp-header.cf
+++ /dev/null
@@ -1,54 +0,0 @@
-# Sample regexp message header filter lookup "table". See regexp_table(5)
-# for a description of the syntax.
-#
-# Message headers are filtered one at a time. This filter understands
-# multi-line mail headers, including MIME headers in the message body.
-#
-# The general format of a table entry is PATTERN RESULT. 
-#
-# The pattern format is `/regexp/flags' or `!/regexp/flags' where regexp
-# is a regular expression as found in re_format(7), and flags are
-#   i: toggle ignore case (REG_ICASE - default is to ignore case)
-#   x: toggle extended expression (REG_EXTENDED - default is extended)
-#   m: toggle multiline mode (REG_NEWLINE - default is non-multiline mode)
-#
-# In order for a line to match, the regexp must match. If the regexp
-# is prefixed with !, it must not match.  The first line with a successful
-# (non)match wins, terminating processing of the ruleset.
-#
-# A block of table entries may be "enclosed" by a line with `if
-# /pattern/flags' or `if !/pattern/flags' and a line with `endif'.
-# This causes the block of table entries to be examined only when the
-# search string produces a successful (non)match. The `if..endif' may
-# be nested. There currently is no `else' operator.
-#
-# The result is one of the following:
-# REJECT [optional text...]
-#       Reject the entire message. The optional text is sent to the
-#       originator and is logged to the maillog file.
-# OK	Skip all further header patterns for this header line.
-# IGNORE Silently discard the message header.
-# WARN [optional text...]
-#       Log the message header and the optional text. This is useful
-#       for testing. When the pattern is good, change the WARN into a
-#       REJECT or into a DISCARD.
-# HOLD [optional text...]
-#       Place the message on the hold queue. Mail on hold can be
-#       inspected with the postcat command, and can be destroyed or
-#       taken off hold (i.e. delivered) with the postsuper command.
-#       The matched header is logged together with the optional text.
-# DISCARD [optional text...]
-#       Claim successful delivery and silently discard the message.
-#       The matched header is logged together with the optional text.
-# FILTER transport:nexthop
-#       After the message is queued, send the entire message through
-#       a content filter. This requires different cleanup servers
-#       before and after the filter, with header/body checks turned
-#       off in the second cleanup server. This overrides the main.cf
-#	content filter setting.
-# REDIRECT user@domain
-#	Send the message to the specified address instead of the
-#	intended recipient(s). This overrides the FILTER action.
-
-/^Subject: Make Money Fast/	REJECT
-/^To: friend@public.com/	REJECT
diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf
index 9f46fbc4c..3844d8e37 100644
--- a/postfix/conf/sample-smtpd.cf
+++ b/postfix/conf/sample-smtpd.cf
@@ -8,7 +8,7 @@
 #
 # The local_recipient_maps parameter specifies optional lookup tables
 # with all names or addresses of users that are local with respect
-# to $mydestination and $inet_interfaces.
+# to $mydestination, $inet_interfaces or $proxy_interfaces.
 #
 # If this parameter is defined, then the SMTP server will reject
 # mail for unknown local users. This parameter is defined by default.
@@ -49,8 +49,8 @@ local_recipient_maps = proxy:unix:passwd.byname $alias_maps
 
 # The unknown_local_recipient_reject_code parameter specifies the
 # SMTP server response code when a recipient domain matches $mydestination
-# or $inet_interfaces, while $local_recipient_maps is non-empty and
-# the recipient address or address local-part is not found.
+# or ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
+# and the recipient address or address local-part is not found.
 #
 # The default setting is 550 (reject mail) but it is safer to start
 # with 450 (try again later) until you are certain that your
@@ -94,7 +94,8 @@ unknown_local_recipient_reject_code = 550
 # 2)  user		owner, owner, ...
 #
 # This matches user@site when site is equal to $myorigin, when site
-# is listed in $mydestination, or when it is listed in $inet_interfaces.
+# is listed in $mydestination, or when it is listed in $inet_interfaces
+# or $proxy_interfaces.
 #
 # 3)  @domain		owner, owner, ...
 #
@@ -558,7 +559,7 @@ smtpd_sender_restrictions =
 #
 # In addition to the above, the Postfix SMTP server by default accepts mail
 # that Postfix is final destination for:
-# - destinations that match $inet_interfaces,
+# - destinations that match $inet_interfaces or $proxy_interfaces,
 # - destinations that match $mydestination
 # - destinations that match $virtual_alias_domains,
 # - destinations that match $virtual_mailbox_domains.
@@ -577,13 +578,13 @@ smtpd_sender_restrictions =
 #   reject_rhsbl_recipient domain.tld: reject recipient domain name if it is
 #	listed in an A record under domain.tld.
 #   permit_auth_destination: permit mail
-#	- to destinations matching $inet_interfaces, $mydestination,
-#	  $virtual_alias_domains, or $virtual_mailbox_domains.
+#	- to destinations matching $inet_interfaces, $proxy_interfaces,
+#	  $mydestination, $virtual_alias_domains, or $virtual_mailbox_domains.
 #	- to destinations matching $relay_domains or subdomain thereof,
 #	  except for addresses with sender-specified routing.
 #  *reject_unauth_destination: reject mail unless it is sent
-#	- to destinations matching $inet_interfaces, $mydestination,
-#	  $virtual_alias_domains, or $virtual_mailbox_domains.
+#	- to destinations matching $inet_interfaces, $proxy_interfaces,
+#	  $mydestination, $virtual_alias_domains, or $virtual_mailbox_domains.
 #	- to destinations matching $relay_domains or subdomain thereof,
 #	  except for addresses with sender-specified routing.
 #   reject_unauth_pipelining: reject mail from improperly pipelining spamware
@@ -661,7 +662,7 @@ allow_untrusted_routing = no
 #
 # In addition to the above, the Postfix SMTP server by default accepts mail
 # that Postfix is final destination for:
-# - destinations that match $inet_interfaces,
+# - destinations that match $inet_interfaces or $proxy_interfaces,
 # - destinations that match $mydestination
 # - destinations that match $virtual_alias_domains,
 # - destinations that match $virtual_mailbox_domains.
diff --git a/postfix/conf/tcp_table b/postfix/conf/tcp_table
deleted file mode 100644
index bb58ce363..000000000
--- a/postfix/conf/tcp_table
+++ /dev/null
@@ -1,100 +0,0 @@
-# TCP_TABLE(5)                                         TCP_TABLE(5)
-# 
-# NAME
-#        tcp_table - Postfix client/server table lookup protocol
-# 
-# SYNOPSIS
-#        postmap -q "string" tcp:host:port
-# 
-#        postmap -q - tcp:host:port <inputfile
-# 
-# DESCRIPTION
-#        The  Postfix  mail system uses optional tables for address
-#        rewriting or mail routing. These tables are usually in dbm
-#        or db format. Alternatively, table lookups can be directed
-#        to a TCP server.
-# 
-#        To find out what types of lookup tables your Postfix  sys-
-#        tem supports use the postconf -m command.
-# 
-#        To   test  lookup  tables,  use  the  postmap  command  as
-#        described in the SYNOPSIS above.
-# 
-# PROTOCOL DESCRIPTION
-#        The TCP map class implements a very simple  protocol:  the
-#        client  sends  a  request, and the server sends one reply.
-#        Requests and replies are sent as one line of  ASCII  text,
-#        terminated  by  the  ASCII  newline character. Request and
-#        reply parameters (see below) are separated by  whitespace.
-# 
-#        Send  and receive operations must complete in 100 seconds.
-# 
-# REQUEST FORMAT
-#        Each request specifies a command, a lookup key, and possi-
-#        bly a lookup result.
-# 
-#        get SPACE key NEWLINE
-#               Look up data under the specified key.
-# 
-#        put SPACE key SPACE value NEWLINE
-#               This request is currently not implemented.
-# 
-# REPLY FORMAT
-#        Each  reply specifies a status code and text. Replies must
-#        be no longer than 4096 characters  including  the  newline
-#        terminator.
-# 
-#        500 SPACE text NEWLINE
-#               In  case  of  a  lookup request, the requested data
-#               does not exist.  In case of an update request,  the
-#               request  was  rejected.   The  text  describes  the
-#               nature of the problem.
-# 
-#        400 SPACE text NEWLINE
-#               This  indicates  an  error  condition.   The   text
-#               describes  the  nature  of  the problem. The client
-#               should retry the request later.
-# 
-#        200 SPACE text NEWLINE
-#               The request was successful. In the case of a lookup
-#               request,  the  text  contains an encoded version of
-#               the requested data.
-# 
-# ENCODING
-#        In request and reply parameters,  the  character  %,  each
-#        non-printing character, and each whitespace character must
-#        be replaced by %XX, where XX is  the  corresponding  ASCII
-#        hexadecimal  character value. The hexadecimal codes can be
-#        specified in any case (upper, lower, mixed).
-# 
-#        The Postfix client always encodes a request.   The  server
-#        may  omit  the encoding as long as the reply is guaranteed
-#        to not contain the % or NEWLINE character.
-# 
-# SECURITY
-#        Do not use TCP lookup tables for  security  critical  pur-
-#        poses.   The client-server connection is not protected and
-#        the server is not authenticated.
-# 
-# SEE ALSO
-#        regexp_table(5) format of regular expression tables
-#        pcre_table(5) format of PCRE tables
-#        cidr_table(5) format of CIDR tables
-# 
-# BUGS
-#        Only the lookup method is currently implemented.
-# 
-#        The client does not hang up when the  connection  is  idle
-#        for a long time.
-# 
-# LICENSE
-#        The  Secure  Mailer  license must be distributed with this
-#        software.
-# 
-# AUTHOR(S)
-#        Wietse Venema
-#        IBM T.J. Watson Research
-#        P.O. Box 704
-#        Yorktown Heights, NY 10598, USA
-# 
-#                                                      TCP_TABLE(5)
diff --git a/postfix/conf/virtual b/postfix/conf/virtual
index 9baed6d5d..2d185a113 100644
--- a/postfix/conf/virtual
+++ b/postfix/conf/virtual
@@ -83,7 +83,7 @@
 #               Mail for user@site is redirected  to  address  when
 #               site  is equal to $myorigin, when site is listed in
 #               $mydestination,   or   when   it   is   listed   in
-#               $inet_interfaces.
+#               $inet_interfaces or $proxy_interfaces.
 # 
 #               This  functionality  overlaps with functionality of
 #               the local aliases(5) database.  The  difference  is
@@ -234,6 +234,11 @@
 #               Give special treatment to owner-xxx and xxx-request
 #               addresses.
 # 
+#        proxy_interfaces
+#               Other interfaces that this machine receives mail on
+#               by way of a proxy agent or network address transla-
+#               tor.
+# 
 # SEE ALSO
 #        cleanup(8) canonicalize and enqueue mail
 #        postmap(1) create mapping table
diff --git a/postfix/html/Makefile.in b/postfix/html/Makefile.in
index 411ed0b39..6730aa36c 100644
--- a/postfix/html/Makefile.in
+++ b/postfix/html/Makefile.in
@@ -13,7 +13,7 @@ COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \
 	postqueue.1.html postsuper.1.html
 CONFIG	= access.5.html aliases.5.html canonical.5.html relocated.5.html \
 	transport.5.html virtual.5.html pcre_table.5.html regexp_table.5.html \
-	cidr_table.5.html tcp_table.5.html
+	cidr_table.5.html tcp_table.5.html header_checks.5.html
 
 AWK	= awk '{ print; if (NR == 1) print ".pl 9999" }'
 
@@ -191,11 +191,15 @@ aliases.5.html: ../proto/aliases
 	PATH=../mantools:$$PATH; \
 	srctoman - $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@
 
+canonical.5.html: ../proto/canonical
+	PATH=../mantools:$$PATH; \
+	srctoman - $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@
+
 cidr_table.5.html: ../proto/cidr_table
 	PATH=../mantools:$$PATH; \
 	srctoman - $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@
 
-canonical.5.html: ../proto/canonical
+header_checks.5.html: ../proto/header_checks
 	PATH=../mantools:$$PATH; \
 	srctoman - $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@
 
diff --git a/postfix/html/anvil.8.html b/postfix/html/anvil.8.html
index 43b1c110b..eac1785e7 100644
--- a/postfix/html/anvil.8.html
+++ b/postfix/html/anvil.8.html
@@ -2,7 +2,7 @@
 ANVIL(8)                                                 ANVIL(8)
 
 <b>NAME</b>
-       anvil - Postfix connection count and rate management
+       anvil - Postfix client count and rate management
 
 <b>SYNOPSIS</b>
        <b>anvil</b> [generic Postfix daemon options]
diff --git a/postfix/html/canonical.5.html b/postfix/html/canonical.5.html
index b767e0fcf..48ac4e496 100644
--- a/postfix/html/canonical.5.html
+++ b/postfix/html/canonical.5.html
@@ -83,68 +83,69 @@ CANONICAL(5)                                         CANONICAL(5)
        <i>user address</i>
               <i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
               to  $<b>myorigin</b>,  when  <i>site</i> is listed in $<b>mydestina-</b>
-              <b>tion</b>, or when it is listed in $<b>inet_interfaces</b>.
+              <b>tion</b>, or when it is listed in  $<b>inet_interfaces</b>  or
+              $<b>proxy_interfaces</b>.
 
-              This form is useful for replacing  login  names  by
+              This  form  is  useful for replacing login names by
               <i>Firstname.Lastname</i>.
 
        @<i>domain address</i>
-              Every  address  in  <i>domain</i>  is replaced by <i>address</i>.
+              Every address in <i>domain</i>  is  replaced  by  <i>address</i>.
               This form has the lowest precedence.
 
-       In all the above forms, when <i>address</i> has the form  @<i>other-</i>
+       In  all the above forms, when <i>address</i> has the form @<i>other-</i>
        <i>domain</i>, the result is the same user in <i>otherdomain</i>.
 
 <b>ADDRESS EXTENSION</b>
        When a mail address localpart contains the optional recip-
-       ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the  lookup  order
+       ient  delimiter  (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
        becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
        @<i>domain</i>.
 
-       The  <b>propagate_unmatched_extensions</b>   parameter   controls
-       whether  an  unmatched  address extension (<i>+foo</i>) is propa-
+       The   <b>propagate_unmatched_extensions</b>   parameter  controls
+       whether an unmatched address extension  (<i>+foo</i>)  is  propa-
        gated to the result of table lookup.
 
 <b>REGULAR EXPRESSION TABLES</b>
-       This section describes how the table lookups  change  when
+       This  section  describes how the table lookups change when
        the table is given in the form of regular expressions. For
-       a description of regular expression lookup  table  syntax,
+       a  description  of regular expression lookup table syntax,
        see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
 
-       Each  pattern  is  a regular expression that is applied to
+       Each pattern is a regular expression that  is  applied  to
        the entire address being looked up. Thus, <i>user@domain</i> mail
-       addresses  are  not  broken up into their <i>user</i> and <i>@domain</i>
+       addresses are not broken up into their  <i>user</i>  and  <i>@domain</i>
        constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
        <i>foo</i>.
 
-       Patterns  are  applied  in  the  order as specified in the
-       table, until a pattern is found that  matches  the  search
+       Patterns are applied in the  order  as  specified  in  the
+       table,  until  a  pattern is found that matches the search
        string.
 
-       Results  are  the  same as with indexed file lookups, with
-       the additional feature that parenthesized substrings  from
+       Results are the same as with indexed  file  lookups,  with
+       the  additional feature that parenthesized substrings from
        the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
 
 <b>TCP-BASED TABLES</b>
-       This  section  describes how the table lookups change when
+       This section describes how the table lookups  change  when
        lookups are directed to a TCP-based server. For a descrip-
-       tion   of  the  TCP  client/server  lookup  protocol,  see
+       tion  of  the  TCP  client/server  lookup  protocol,   see
        <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
 
        Each lookup operation uses the entire address once.  Thus,
-       <i>user@domain</i>  mail  addresses  are not broken up into their
+       <i>user@domain</i> mail addresses are not broken  up  into  their
        <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
        up into <i>user</i> and <i>foo</i>.
 
        Results are the same as with indexed file lookups.
 
 <b>BUGS</b>
-       The  table format does not understand quoting conventions.
+       The table format does not understand quoting  conventions.
 
 <b>CONFIGURATION PARAMETERS</b>
-       The following <b>main.cf</b> parameters are  especially  relevant
-       to  this  topic.  See  the Postfix <b>main.cf</b> file for syntax
-       details and for default values.  Use  the  <b>postfix  reload</b>
+       The  following  <b>main.cf</b> parameters are especially relevant
+       to this topic. See the Postfix  <b>main.cf</b>  file  for  syntax
+       details  and  for  default  values. Use the <b>postfix reload</b>
        command after a configuration change.
 
        <b>canonical_maps</b>
@@ -159,34 +160,39 @@ CANONICAL(5)                                         CANONICAL(5)
               header sender addresses.
 
        <b>propagate_unmatched_extensions</b>
-              A  list  of  address rewriting or forwarding mecha-
-              nisms that propagate an address extension from  the
-              original  address  to  the result.  Specify zero or
-              more of  <b>canonical</b>,  <b>virtual</b>,  <b>alias</b>,  <b>forward</b>,  or
+              A list of address rewriting  or  forwarding  mecha-
+              nisms  that propagate an address extension from the
+              original address to the result.   Specify  zero  or
+              more  of  <b>canonical</b>,  <b>virtual</b>,  <b>alias</b>,  <b>forward</b>, or
               <b>include</b>.
 
        Other parameters of interest:
 
        <b>inet_interfaces</b>
-              The  network  interface  addresses that this system
+              The network interface addresses  that  this  system
               receives mail on.  You need to stop and start Post-
               fix when this parameter changes.
 
+       <b>proxy_interfaces</b>
+              Other interfaces that this machine receives mail on
+              by way of a proxy agent or network address transla-
+              tor.
+
        <b>masquerade_classes</b>
-              List  of  address  classes subject to masquerading:
-              zero or more of  <b>envelope_sender</b>,  <b>envelope_recipi-</b>
+              List of address classes  subject  to  masquerading:
+              zero  or  more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
               <b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>.
 
        <b>masquerade_domains</b>
-              List  of  domains  that hide their subdomain struc-
+              List of domains that hide  their  subdomain  struc-
               ture.
 
        <b>masquerade_exceptions</b>
-              List of user names that are not subject to  address
+              List  of user names that are not subject to address
               masquerading.
 
        <b>mydestination</b>
-              List  of  domains  that  this mail system considers
+              List of domains that  this  mail  system  considers
               local.
 
        <b>myorigin</b>
@@ -205,7 +211,7 @@ CANONICAL(5)                                         CANONICAL(5)
        <a href="tcp_table.5.html">tcp_table(5)</a> TCP client/server table lookup protocol
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html
index c283ca901..4cad09cbf 100644
--- a/postfix/html/cleanup.8.html
+++ b/postfix/html/cleanup.8.html
@@ -239,7 +239,9 @@ CLEANUP(8)                                             CLEANUP(8)
               sion.
 
 <b>SEE ALSO</b>
+       <a href="body_checks.5.html">body_checks(5)</a> body parts content inspection
        <a href="canonical.5.html">canonical(5)</a> canonical address lookup table format
+       <a href="header_checks.5.html">header_checks(5)</a> message header content inspection
        <a href="qmgr.8.html">qmgr(8)</a> queue manager daemon
        syslogd(8) system logging
        <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> address rewriting
diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html
new file mode 100644
index 000000000..d54482bb7
--- /dev/null
+++ b/postfix/html/header_checks.5.html
@@ -0,0 +1,261 @@
+<html> <body> <pre>
+HEADER_CHECKS(5)                                 HEADER_CHECKS(5)
+
+<b>NAME</b>
+       header_checks - Postfix built-in header/body inspection
+
+<b>SYNOPSIS</b>
+       <b>header_checks = pcre:/etc/postfix/header_checks</b>
+       <b>mime_header_checks = pcre:/etc/postfix/mime_header_checks</b>
+       <b>nested_header_checks = pcre:/etc/postfix/nested_header_checks</b>
+
+       <b>body_checks = pcre:/etc/postfix/body_checks</b>
+
+       <b>postmap -q "</b><i>string</i><b>" pcre:/etc/postfix/</b><i>filename</i>
+       <b>postmap -q - pcre:/etc/postfix/</b><i>filename &</i>lt;<i>inputfile</i>
+
+<b>DESCRIPTION</b>
+       Postfix  provides  a  simple  built-in  content inspection
+       mechanism that examines incoming mail one  message  header
+       or  one  message  body  line  at  a time.  This feature is
+       implemented by the Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server.
+
+       Postfix header or body_checks are designed to stop a flood
+       of mail from worms and viruses. They are not meant to be a
+       substitute for content filters that decode attachments and
+       that do other sophisticated content analyses.
+
+       Postfix supports four built-in content inspection classes:
+
+       <b>header_checks</b>
+              These are applied to each  primary  message  header
+              (except for the MIME related headers).
+
+       <b>mime_header_checks</b> (default: <b>$header_checks</b>)
+              These  are applied each MIME related message header
+              only.
+
+       <b>nested_header_checks</b> (default: <b>$header_checks</b>)
+              These  are  applied  to  each  message  header   of
+              attached email messages.
+
+       <b>body_checks</b>
+              These  are  applied to every other line of content,
+              including multi-part message boundaries.
+
+       Note: message headers are examined one logical header at a
+       time,  even  when  a  message header spans multiple lines.
+       Body lines are always examined one line at a time.
+
+<b>REGEXP AND PCRE TABLE FORMAT</b>
+       Header and body_checks rules are normally specified in the
+       form of regular expression lookup tables. The best perfor-
+       mance is  obtained  with  <b>pcre</b>  (Perl  Compatible  Regular
+       Expression)  tables,  but the slower <b>regexp</b> (POSIX regular
+       expressions) support is more  widely  available.  Use  the
+       command <b>postconf -m</b> to find out what types of lookup table
+       your Postfix system supports.
+
+       The general format of a header or body_checks table is:
+
+       <b>/</b><i>pattern</i><b>/</b><i>flags action</i>
+              When <i>pattern</i> matches the input string, execute  the
+              corresponding  <i>action</i>. See below for a list of pos-
+              sible actions.
+
+       <b>!/</b><i>pattern</i><b>/</b><i>flags action</i>
+              When <i>pattern</i> does <b>not</b> match the input string,  exe-
+              cute the corresponding <i>action</i>.
+
+       <b>if /</b><i>pattern</i><b>/</b><i>flags</i>
+
+       <b>endif</b>  Match the input string against the patterns between
+              <b>if</b> and <b>endif</b>, if and only if the input string  also
+              matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
+
+              Note:  do not prepend whitespace to patterns inside
+              <b>if</b>..<b>endif</b>.
+
+       <b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
+
+       <b>endif</b>  Match the input string against the patterns between
+              <b>if</b>  and <b>endif</b>, if and only if the input string does
+              <b>not</b> match <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
+
+       blank lines and comments
+              Empty lines and whitespace-only lines are  ignored,
+              as  are  lines whose first non-whitespace character
+              is a `#'.
+
+       multi-line text
+              A pattern/action line  starts  with  non-whitespace
+              text.  A line that starts with whitespace continues
+              a logical line.
+
+       For a discussion of pattern syntax and flags details,  see
+       <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>, respectively.
+
+<b>TABLE SEARCH ORDER</b>
+       For  each  line of message input, the patterns are applied
+       in the order as specified in the table. When a pattern  is
+       found  that  matches  the  input  line,  the corresponding
+       action is  executed  and  then  the  next  input  line  is
+       inspected.
+
+<b>TEXT SUBSTITUTION</b>
+       Substitution  of  substrings  from  the matched expression
+       into the <i>action</i> string is possible using the  conventional
+       Perl  syntax  ($1,  $2,  etc.).   The macros in the result
+       string may need to be written as  ${n}  or  $(n)  if  they
+       aren't followed by whitespace.
+
+       Note:  since negated patterns (those preceded by <b>!</b>) return
+       a result when the expression does not match, substitutions
+       are not available for negated patterns.
+
+<b>ACTIONS</b>
+       Action names are case insensitive. They are shown in upper
+       case for consistency with other Postfix documentation.
+
+       <b>DISCARD</b> <i>optional text...</i>
+              Claim successful delivery and silently discard  the
+              message.   Log the optional text if specified, oth-
+              erwise log a generic message.
+
+              Note:  this  action  disables  further  header   or
+              body_checks  inspection  of the current message and
+              affects all recipients.
+
+       <b>DUNNO</b>  Pretend that the search string was not  found,  and
+              inspect  the  next  input  line. This action can be
+              used to shorten the table search.
+
+              For backwards compatibility reasons,  Postfix  also
+              accepts  <b>OK</b> but it is (and always has been) treated
+              as <b>DUNNO</b>.
+
+       <b>FILTER</b> <i>transport:destination</i>
+              Write a content filter request record to the  queue
+              file  and  inspect  the next input line.  After the
+              message is queued, it  will  be  sent  through  the
+              specified  external  content filter.  More informa-
+              tion about external content filters is in the Post-
+              fix FILTER_README file.
+
+              Note:   this  action  overrides  the  <b>main.cf  con-</b>
+              <b>tent_filter</b> setting, and affects all recipients  of
+              the  message.  In  the  case  that  multiple <b>FILTER</b>
+              actions fire, the only last one is executed.
+
+       <b>HOLD</b> <i>optional text...</i>
+              Arrange for the message to be placed  on  the  <b>hold</b>
+              queue,  and  inspect the next input line.  The mes-
+              sage remains on <b>hold</b> until someone  either  deletes
+              it  or  releases it for delivery.  Log the optional
+              text if specified, otherwise log a generic message.
+
+              Mail  that  is  placed on hold can be examined with
+              the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and  can  be  destroyed  or
+              released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
+
+              Note:  this  action  affects  all recipients of the
+              message.
+
+       <b>IGNORE</b> Delete the current line from the input and  inspect
+              the next input line.
+
+       <b>REDIRECT</b> <i>user@domain</i>
+              Write  a  message  redirection request to the queue
+              file and inspect the next  input  line.  After  the
+              message is queued, it will be sent to the specified
+              address instead of the intended recipient(s).
+
+              Note: this action overrides the <b>FILTER</b> action,  and
+              affects  all recipients of the message. If multiple
+              <b>REDIRECT</b> actions fire only the  last  one  is  exe-
+              cuted.
+
+       <b>REJECT</b> <i>optional text...</i>
+              Reject  the  entire  message.  Reply  with <i>optional</i>
+              <i>text...</i> when the optional text is specified, other-
+              wise reply with a generic error message.
+
+              Note:   this  action  disables  further  header  or
+              body_checks inspection of the current  message  and
+              affects all recipients.
+
+       <b>WARN</b> <i>optional text...</i>
+              Log  a  warning with the <i>optional text...</i> (or log a
+              generic message) and inspect the next  input  line.
+              This action is useful for debugging and for testing
+              a pattern before taking more drastic actions.
+
+<b>BUGS</b>
+       Many people overlook the main limitations  of  header  and
+       body_checks  rules.   These  rules  operate on one logical
+       message header or body line at a time, and a decision made
+       for one line is not carried over to the next line.
+
+<b>CONFIGURATION PARAMETERS</b>
+       <b>body_checks</b>
+              Lookup tables with content filter rules for message
+              body lines.  These filters see one physical line at
+              a  time,  in  chunks  of at most <b>$line_length_limit</b>
+              bytes.
+
+       <b>body_checks_size_limit</b>
+              The amount of  content  per  message  body  segment
+              (attachment) that is subjected to <b>$body_checks</b> fil-
+              tering.
+
+       <b>header_checks</b>
+
+       <b>mime_header_checks</b> (default: <b>$header_checks</b>)
+
+       <b>nested_header_checks</b> (default: <b>$header_checks</b>)
+              Lookup tables with content filter rules for message
+              header  lines:  respectively,  these are applied to
+              the primary message  headers  (not  including  MIME
+              headers),  to the MIME headers anywhere in the mes-
+              sage, and to the initial headers of  attached  mes-
+              sages.
+
+              Note:  these filters see one logical message header
+              at a time, even when a message header spans  multi-
+              ple  lines.  Message  headers  that are longer than
+              <b>$header_size_limit</b> characters are truncated.
+
+       <b>disable_mime_input_processing</b>
+              While receiving mail, give no special treatment  to
+              MIME  related  message  headers; all text after the
+              initial message headers is considered to be part of
+              the  message body. This means that <b>header_checks</b> is
+              applied to all the  primary  message  headers,  and
+              that <b>body_checks</b> is applied to the remainder of the
+              message.
+
+              Note: when used in this  manner,  <b>body_checks</b>  will
+              process  a  multi-line message header one line at a
+              time.
+
+<b>SEE ALSO</b>
+       <a href="cleanup.8.html">cleanup(8)</a> canonicalize and enqueue Postfix message
+       <a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
+       <a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
+       <a href="postconf.1.html">postconf(1)</a> Postfix configuration utility
+       <a href="postmap.1.html">postmap(1)</a> Postfix lookup table management
+       <a href="postsuper.1.html">postsuper(1)</a> Postfix janitor
+       <a href="postcat.1.html">postcat(1)</a> show Postfix queue file contents
+
+<b>LICENSE</b>
+       The Secure Mailer license must be  distributed  with  this
+       software.
+
+<b>AUTHOR(S)</b>
+       Wietse Venema
+       IBM T.J. Watson Research
+       P.O. Box 704
+       Yorktown Heights, NY 10598, USA
+
+                                                 HEADER_CHECKS(5)
+</pre> </body> </html>
diff --git a/postfix/html/relocated.5.html b/postfix/html/relocated.5.html
index a880035b2..5e5ed977d 100644
--- a/postfix/html/relocated.5.html
+++ b/postfix/html/relocated.5.html
@@ -1,4 +1,4 @@
-<html> <head> </head> <body> <pre>
+<html> <body> <pre>
 RELOCATED(5)                                         RELOCATED(5)
 
 <b>NAME</b>
@@ -59,7 +59,7 @@ RELOCATED(5)                                         RELOCATED(5)
 
        <i>user</i>   Matches <i>user</i>@<i>site</i> when <i>site</i> is $<b>myorigin</b>, when <i>site</i>
               is listed in $<b>mydestination</b>, or when <i>site</i> is listed
-              in $<b>inet_interfaces</b>.
+              in $<b>inet_interfaces</b> or $<b>proxy_interfaces</b>.
 
        @<i>domain</i>
               Matches  every address in <i>domain</i>. This form has the
@@ -132,6 +132,11 @@ RELOCATED(5)                                         RELOCATED(5)
        <b>myorigin</b>
               The domain that is appended to locally-posted mail.
 
+       <b>proxy_interfaces</b>
+              Other interfaces that this machine receives mail on
+              by way of a proxy agent or network address transla-
+              tor.
+
 <b>SEE ALSO</b>
        <a href="postmap.1.html">postmap(1)</a> create lookup table
        <a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 9e5db190c..cf983556f 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -267,10 +267,10 @@ SMTPD(8)                                                 SMTPD(8)
 
        <b>unknown_local_recipient_reject_code</b>
               The response code when a client specifies a recipi-
-              ent   whose   domain   matches   <b>$mydestination</b>  or
-              <b>$inet_interfaces</b>,  while  <b>$local_recipient_maps</b>  is
-              non-empty  and  does not list the recipient address
-              or address local-part.
+              ent    whose    domain    matches   <b>$mydestination</b>,
+              <b>$inet_interfaces</b>   or   <b>$proxy_interfaces</b>,    while
+              <b>$local_recipient_maps</b>  is  non-empty  and  does not
+              list the recipient address or address local-part.
 
        <b>unknown_relay_recipient_reject_code</b>
               The response code when a client specifies a recipi-
diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html
index 6d6f272f6..44e09a844 100644
--- a/postfix/html/trivial-rewrite.8.html
+++ b/postfix/html/trivial-rewrite.8.html
@@ -1,4 +1,4 @@
-<html> <head> </head> <body> <pre>
+<html> <body> <pre>
 TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
 
 <b>NAME</b>
@@ -40,52 +40,50 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
        <b>verify</b> Resolve  an  address  for address verification pur-
               poses.
 
-<b>DEFAULT</b> <b>DELIVERY</b> <b>METHODS</b>
+<b>DEFAULT DELIVERY METHODS</b>
        By default, Postfix uses one  of  the  following  delivery
        methods.   This  may be overruled with the optional <a href="transport.5.html">trans-</a>
        <a href="transport.5.html">port(5)</a> table.  The default delivery method is selected by
        matching  the  recipient address domain against one of the
        following:
 
-       <b>$mydestination</b>
-
-       <b>$inet</b><i>_</i><b>interfaces</b>
+       <b>$mydestination</b>, <b>$inet_interfaces</b>, <b>$proxy_interfaces</b>
               The transport and optional  nexthop  are  specified
-              with  <b>$local</b><i>_</i><b>transport</b>.  The default nexthop is the
+              with  <b>$local_transport</b>.  The default nexthop is the
               recipient domain.
 
-       <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
+       <b>$virtual_alias_domains</b>
               The  recipient  address  is   undeliverable   (user
               unknown).   By definition, all known addresses in a
               virtual  alias  domain   are   aliased   to   other
               addresses.
 
-       <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
+       <b>$virtual_mailbox_domains</b>
               The  transport  and  optional nexthop are specified
-              with <b>$virtual</b><i>_</i><b>transport</b>.  The  default  nexthop  is
+              with <b>$virtual_transport</b>.  The  default  nexthop  is
               the recipient domain.
 
-       <b>$relay</b><i>_</i><b>domains</b>
+       <b>$relay_domains</b>
               The  transport  and  optional nexthop are specified
-              with <b>$relay</b><i>_</i><b>transport</b>. This overrides the  optional
+              with <b>$relay_transport</b>. This overrides the  optional
               nexthop  information that is specified with <b>$relay-</b>
               <b>host</b>.  The default nexthop is the recipient domain.
 
        none of the above
               The  transport  and  optional nexthop are specified
-              with  <b>$default</b><i>_</i><b>transport</b>.    This   overrides   the
+              with  <b>$default_transport</b>.    This   overrides   the
               optional nexthop information that is specified with
               <b>$relayhost</b>.  The default nexthop is  the  recipient
               domain.
 
-<b>SERVER</b> <b>PROCESS</b> <b>MANAGEMENT</b>
+<b>SERVER PROCESS MANAGEMENT</b>
        The trivial-rewrite servers run under control by the Post-
        fix master server.  Each server can handle multiple simul-
        taneous  connections.   When  all servers are busy while a
        client connects, the master creates a new server  process,
        provided  that the trivial-rewrite server process limit is
        not  exceeded.   Each  trivial-rewrite  server  terminates
-       after serving at least <b>$max</b><i>_</i><b>use</b> clients of after <b>$max</b><i>_</i><b>idle</b>
+       after serving at least <b>$max_use</b> clients of after <b>$max_idle</b>
        seconds of idle time.
 
 <b>STANDARDS</b>
@@ -102,42 +100,44 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
        Problems and transactions are logged to <b>syslogd</b>(8).
 
 <b>BUGS</b>
-<b>CONFIGURATION</b> <b>PARAMETERS</b>
+<b>CONFIGURATION PARAMETERS</b>
        The following <b>main.cf</b> parameters are  especially  relevant
        to  this  program. See the Postfix <b>main.cf</b> file for syntax
-       details and for default values.  Use  the  <b>postfix</b>  <b>reload</b>
+       details and for default values.  Use  the  <b>postfix  reload</b>
        command after a configuration change.
 
 <b>Miscellaneous</b>
-       <b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
+       <b>empty_address_recipient</b>
               The  recipient  that  is  substituted  for the null
               address.
 
-       <b>inet</b><i>_</i><b>interfaces</b>
+       <b>inet_interfaces</b>
+
+       <b>proxy_interfaces</b>
               The  network  interfaces  that  this  mail   system
               receives  mail  on.   This  information  is used to
               determine if <i>user</i>@[<i>net.work.addr.ess</i>] is  local  or
               remote.   Mail  for  local  users  is  given to the
-              <b>$local</b><i>_</i><b>transport</b>.
+              <b>$local_transport</b>.
 
        <b>mydestination</b>
-              List of domains that are given to the <b>$local</b><i>_</i><b>trans-</b>
+              List of domains that are given to the <b>$local_trans-</b>
               <b>port</b>.
 
-       <b>virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
+       <b>virtual_alias_domains</b>
               List  of  virtual  alias  domains (domains with all
               recipients aliased to some other  local  or  remote
               domain).
 
-       <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
+       <b>virtual_mailbox_domains</b>
               List  of  domains  that  are  given  to  the  <b>$vir-</b>
-              <b>tual</b><i>_</i><b>transport</b>.
+              <b>tual_transport</b>.
 
-       <b>relay</b><i>_</i><b>domains</b>
-              List of domains that are given to the <b>$relay</b><i>_</i><b>trans-</b>
+       <b>relay_domains</b>
+              List of domains that are given to the <b>$relay_trans-</b>
               <b>port</b>.
 
-       <b>resolve</b><i>_</i><b>unquoted</b><i>_</i><b>address</b>
+       <b>resolve_unquoted_address</b>
               When resolving an address, do not quote the address
               localpart as per <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>, so that additional  <b>@</b>,  <b>%</b>
               or  <b>!</b>   characters  remain visible. This is techni-
@@ -145,7 +145,7 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
               attacks  when forwarding mail to a Sendmail primary
               MX host.
 
-       <b>relocated</b><i>_</i><b>maps</b>
+       <b>relocated_maps</b>
               Tables with contact information for users, hosts or
               domains that no longer exist. See <a href="relocated.5.html"><b>relocated</b>(5)</a>.
 
@@ -154,83 +154,83 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
               The domain that locally-posted mail appears to come
               from.
 
-       <b>allow</b><i>_</i><b>percent</b><i>_</i><b>hack</b>
+       <b>allow_percent_hack</b>
               Rewrite <i>user</i>%<i>domain</i> to <i>user</i>@<i>domain</i>.
 
-       <b>append</b><i>_</i><b>at</b><i>_</i><b>myorigin</b>
+       <b>append_at_myorigin</b>
               Rewrite <i>user</i> to <i>user</i>@<b>$myorigin</b>.
 
-       <b>append</b><i>_</i><b>dot</b><i>_</i><b>mydomain</b>
+       <b>append_dot_mydomain</b>
               Rewrite <i>user</i>@<i>host</i> to <i>user</i>@<i>host</i>.<b>$mydomain</b>.
 
-       <b>swap</b><i>_</i><b>bangpath</b>
+       <b>swap_bangpath</b>
               Rewrite <i>site</i>!<i>user</i> to <i>user</i>@<i>site</i>.
 
 <b>Routing</b>
-       <b>local</b><i>_</i><b>transport</b>
+       <b>local_transport</b>
               Where to deliver mail for destinations  that  match
-              <b>$mydestination</b>  or  <b>$inet</b><i>_</i><b>interfaces</b>.   The default
-              transport is <b>local:$myhostname</b>.
+              <b>$mydestination</b>,  <b>$inet_interfaces</b>  or <b>$proxy_inter-</b>
+              <b>faces</b>.  The default transport is <b>local:$myhostname</b>.
 
-              Syntax is <i>transport</i>:<i>nexthop</i>; see  <a href="transport.5.html"><b>transport</b>(5)</a>  for
+              Syntax  is  <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
               details. The :<i>nexthop</i> part is optional.
 
-       <b>virtual</b><i>_</i><b>transport</b>
-              Where  to  deliver  mail for non-local domains that
-              match <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>.  The default trans-
+       <b>virtual_transport</b>
+              Where to deliver mail for  non-local  domains  that
+              match <b>$virtual_mailbox_domains</b>.  The default trans-
               port is <b>virtual</b>.
 
-              Syntax  is  <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+              Syntax is <i>transport</i>:<i>nexthop</i>; see  <a href="transport.5.html"><b>transport</b>(5)</a>  for
               details. The :<i>nexthop</i> part is optional.
 
-       <b>relay</b><i>_</i><b>transport</b>
-              Where to deliver mail for  non-local  domains  that
-              match  <b>$relay</b><i>_</i><b>domains</b>.   The  default  transport is
+       <b>relay_transport</b>
+              Where  to  deliver  mail for non-local domains that
+              match <b>$relay_domains</b>.   The  default  transport  is
               <b>relay</b> (which normally is a clone of the <b>smtp</b> trans-
               port).
 
-              Syntax  is  <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+              Syntax is <i>transport</i>:<i>nexthop</i>; see  <a href="transport.5.html"><b>transport</b>(5)</a>  for
               details. The :<i>nexthop</i> part is optional.
 
-       <b>default</b><i>_</i><b>transport</b>
-              Where to deliver all  other  non-local  mail.   The
+       <b>default_transport</b>
+              Where  to  deliver  all  other non-local mail.  The
               default transport is <b>smtp</b>.
 
-              Syntax  is  <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+              Syntax is <i>transport</i>:<i>nexthop</i>; see  <a href="transport.5.html"><b>transport</b>(5)</a>  for
               details. The :<i>nexthop</i> part is optional.
 
-       <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
-              List of Postfix features that use  <i>domain.tld</i>  pat-
-              terns   to  match  <i>sub.domain.tld</i>  (as  opposed  to
+       <b>parent_domain_matches_subdomains</b>
+              List  of  Postfix features that use <i>domain.tld</i> pat-
+              terns  to  match  <i>sub.domain.tld</i>  (as  opposed   to
               requiring <i>.domain.tld</i> patterns).
 
        <b>relayhost</b>
-              The default host to send non-local mail to when  no
-              host   is   specified   with   <b>$relay</b><i>_</i><b>transport</b>  or
-              <b>$default</b><i>_</i><b>transport</b>, and when the recipient  address
+              The  default host to send non-local mail to when no
+              host  is   specified   with   <b>$relay_transport</b>   or
+              <b>$default_transport</b>,  and when the recipient address
               does not match the optional the <a href="transport.5.html"><b>transport</b>(5)</a> table.
 
-       <b>transport</b><i>_</i><b>maps</b>
-              List of tables with <i>recipient</i> or <i>domain</i> to  (<i>trans-</i>
-              <i>port,</i> <i>nexthop</i>) mappings.
+       <b>transport_maps</b>
+              List  of tables with <i>recipient</i> or <i>domain</i> to (<i>trans-</i>
+              <i>port, nexthop</i>) mappings.
 
-<b>Address</b> <b>verification</b>
+<b>Address verification</b>
        By default, address verification probes use the same route
-       as regular mail. To override specific aspects  of  message
-       routing  for  address  verification probes, specify one or
-       more  of  the  following:  <b>address</b><i>_</i><b>verify</b><i>_</i><b>local</b><i>_</i><b>transport</b>,
-       <b>address</b><i>_</i><b>verify</b><i>_</i><b>virtual</b><i>_</i><b>transport</b>,             <b>address</b><i>_</i><b>ver-</b>
-       <b>ify</b><i>_</i><b>relay</b><i>_</i><b>transport</b>,     <b>address</b><i>_</i><b>verify</b><i>_</i><b>default</b><i>_</i><b>transport</b>,
-       <b>address</b><i>_</i><b>verify</b><i>_</i><b>relayhost</b>, <b>address</b><i>_</i><b>verify</b><i>_</i><b>transport</b><i>_</i><b>maps</b>.
-
-<b>SEE</b> <b>ALSO</b>
+       as  regular  mail. To override specific aspects of message
+       routing for address verification probes,  specify  one  or
+       more  of  the  following:  <b>address_verify_local_transport</b>,
+       <b>address_verify_virtual_transport</b>,             <b>address_ver-</b>
+       <b>ify_relay_transport</b>,     <b>address_verify_default_transport</b>,
+       <b>address_verify_relayhost</b>, <b>address_verify_transport_maps</b>.
+
+<b>SEE ALSO</b>
        <a href="master.8.html">master(8)</a> process manager
        syslogd(8) system logging
        <a href="transport.5.html">transport(5)</a> transport table format
        <a href="relocated.5.html">relocated(5)</a> format of the "user has moved" table
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/html/uce.html b/postfix/html/uce.html
index 9498a5697..04c01dd56 100644
--- a/postfix/html/uce.html
+++ b/postfix/html/uce.html
@@ -93,9 +93,7 @@ restrictions</a>
 
 </ul>
 
-<a name="header_checks">
-
-<h2> Header filtering</h2>
+<a name="header_checks"> <h2> Header filtering</h2> </a>
 
 The <b>header_checks</b> parameter restricts what is allowed in
 message headers. Patterns are applied to entire logical message
@@ -108,8 +106,6 @@ primary message headers, for MIME headers (including headers at
 the start of multipart body parts), and for the headers at the
 beginning of attached email messages.
 
-<p>
-
 <dl>
 
 <dt>Default:
@@ -120,76 +116,12 @@ beginning of attached email messages.
 
 <dt>Syntax:
 
-<dd>Specify a list of zero or more lookup tables. Whenever a header
-matches a table, the action depends on the lookup result:
-
-<p>
-
-<dl>
-
-<dt>REJECT <dd>
-
-<dt>REJECT text... <dd>
-
-Reject the message, log the header and the optional text,
-and send the optional text to the originator.
-
-<dt>DUNNO <dd>
-
-<dt>DUNNO text... <dd>Skip all further header patterns for this header line.
-This has the same effect as OK, which is deprecated.
-
-<dt>IGNORE <dd>
-
-<dt>IGNORE text... <dd> Delete the header line from the message.
-
-<dt>WARN <dd>
-
-<dt>WARN text... <dd> 
+<dd>Specify a list of zero or more lookup tables with pattern +
+action rules. 
 
-Log (but do not reject) the header with a warning, and log the
-optional text.
-
-<dt>HOLD <dd>
-
-<dt>HOLD text... <dd>
-
-Place the message on the <b>hold</b> queue. Mail on hold can be
-inspected with the <a href="postcat.1.html">postcat</a> command,
-and can be destroyed or taken off hold with the <a
-href="postsuper.1.html">postsuper</a> command.  
-The optional text is logged together with the matched text.
-
-<dt>DISCARD <dd> 
-
-<dt>DISCARD text... <dd>
-
-Claim successful delivery and silently discard the message.
-The optional text is logged together with the matched text.
-
-<dt>FILTER <i>transport</i>:<i>nexthop</i> <dd>
-After the message is queued, send the entire message through
-a content filter. This requires different cleanup servers
-before and after the filter, with header/body checks turned
-off in the second cleanup server. More details about content
-filtering are in the Postfix FILTER_README file. This feature
-overrides the main.cf <b>content_filter</b> setting.
-
-<dt>REDIRECT <i>user</i>@<i>domain</i> <dd>
-After the message is queued, send the message to the
-specified address instead of the intended recipients.
-overrides the FILTER action.
-
-</dl>
-
-<p>
-
-<i>At present, specifying a header pattern with OK serves no useful
-purpose. A rule ending in OK affects only the header being matched.
-The next header may still result in a REJECT match, causing the
-mail still to be rejected.</i>
-
-</dl>
+A complete discussion of header_checks table format, including
+actions, can be found in the <a href="header_checks.5.html">
+header_checks</a>(5) manual page.
 
 <p>
 
@@ -205,11 +137,9 @@ mail still to be rejected.</i>
 
 <dd> <tt>/^to: *friend@public\.com$/ REJECT</tt>
 
-<p>
-
-<a name="body_checks">
+</dl>
 
-<h2> Body filtering</h2>
+<a name="body_checks"> <h2> Body filtering</h2> </a>
 
 The <b>body_checks</b> parameter restricts what text is
 is allowed in message body lines.
@@ -231,76 +161,11 @@ There is no multi-line concept as with message headers.
 
 <dt>Syntax:
 
-<dd>Specify a list of zero or more lookup tables. Whenever a body
-line matches a table, the action depends on the lookup result:
-
-<p>
-
-<dl>
-
-<dt>REJECT <dd>
-
-<dt>REJECT text... <dd>
-
-Reject the message, log the body line and the optional text,
-and send the optional text to the originator.
-
-<dt>WARN <dd>
-
-<dt>WARN text... <dd> 
-
-Log (but do not reject) the body line with a warning, and log the
-optional text.
-
-<dt>DUNNO <dd>
-
-<dt>DUNNO text... <dd>Skip all further body patterns for this body line.
-This has the same effect as OK, which is deprecated.
-
-<dt>IGNORE <dd>
-
-<dt>IGNORE text... <dd> Delete the body line from the message.
+<dd>Specify a list of zero or more lookup tables with pattern +
+action rules. 
 
-<dt>HOLD <dd> 
-
-<dt>HOLD text... <dd>
-
-Place the message on the <b>hold</b> queue. Mail on hold can be
-inspected with the <a href="postcat.1.html">postcat</a> command,
-and can be destroyed or taken off hold with the <a
-href="postsuper.1.html">postsuper</a> command.
-The optional text is logged together with the matched text.
-
-<dt>DISCARD <dd> 
-
-<dt>DISCARD text... <dd> 
-
-Claim successful delivery and silently discard the message.
-The optional text is logged together with the matched text.
-
-<dt>FILTER <i>transport</i>:<i>nexthop</i> <dd>
-After the message is queued, send the entire message through
-a content filter. This requires different cleanup servers
-before and after the filter, with header/body checks turned
-off in the second cleanup server. More details about content
-filtering are in the Postfix FILTER_README file. This feature
-overrides the main.cf <b>content_filter</b> setting.
-
-<dt>REDIRECT <i>user</i>@<i>domain</i> <dd>
-After the message is queued, send the message to the 
-specified address instead of the intended recipients.
-overrides the FILTER action.
-
-</dl>
-
-<p>
-
-<i>At present, specifying a pattern with OK serves no useful
-purpose. A rule ending in OK affects only the line being matched.
-The next line may still result in a REJECT match, causing the
-mail still to be rejected.</i>
-
-</dl>
+A complete discussion of body_checks table format can be found in
+the <a href="header_checks.5.html"> body_checks</a>(5) manual page.
 
 <p>
 
@@ -310,11 +175,10 @@ mail still to be rejected.</i>
 
 <dd> <b>body_checks = pcre:/etc/postfix/body_checks</b>
 
-<p>
-
-<a name="smtpd_client_restrictions">
+</dl>
 
-<h2> Client hostname/address restrictions</h2>
+<a name="smtpd_client_restrictions"> <h2> Client hostname/address
+restrictions</h2> </a>
 
 The <b>smtpd_client_restrictions</b> parameter restricts what
 clients this system accepts SMTP connections from.
@@ -382,27 +246,23 @@ reject_unknown_client</b>
 
 <dl>
 
-<a name="reject_unknown_client">
-
-<dt> <b>reject_unknown_client</b> <dd> Reject the request when the
-client IP address has no PTR (address to name) record in the DNS,
-or when the PTR record does not have a matching A (name to address)
-record.  The <b>unknown_client_reject_code</b> parameter specifies
-the response code to rejected requests (default:  <b>450</b>).
+<dt> <a name="reject_unknown_client"> <b>reject_unknown_client</b>
+</a> <dd> Reject the request when the client IP address has no PTR
+(address to name) record in the DNS, or when the PTR record does
+not have a matching A (name to address) record.  The
+<b>unknown_client_reject_code</b> parameter specifies the response
+code to rejected requests (default:  <b>450</b>).
 
 <p>
 
-<a name="permit_mynetworks">
-
-<dt> <b>permit_mynetworks</b> <dd> Permit the request when the
-client IP address matches any network listed in <a
-href="basic.html#mynetworks"> $mynetworks</a>.
+<dt> <a name="permit_mynetworks"> <b>permit_mynetworks</b> </a>
+<dd> Permit the request when the client IP address matches any
+network listed in <a href="basic.html#mynetworks"> $mynetworks</a>.
 
 <p>
 
-<a name="reject_rbl_client">
-
-<dt> <b>reject_rbl_client</b> <i>domain.tld=127.0.0.2</i>
+<dt> <a name="reject_rbl_client"> <b>reject_rbl_client</b> </a>
+<i>domain.tld=127.0.0.2</i>
 
 <dt> <b>reject_rbl_client</b> <i>domain.tld</i> <dd> Reject the
 request when the reversed client network address is listed with an
@@ -420,9 +280,8 @@ indexed by RBL domain.
 
 <p>
 
-<a name="reject_rhsbl_client">
-
-<dt> <b>reject_rhsbl_client</b> <i>domain.tld=127.0.0.2</i>
+<dt> <a name="reject_rhsbl_client"> <b>reject_rhsbl_client</b> </a>
+<i>domain.tld=127.0.0.2</i>
 
 <dt> <b>reject_rhsbl_client</b> <i>domain.tld</i> <dd> Reject the
 request when the client hostname is listed with an A record under
@@ -434,9 +293,8 @@ specific address from a multi-valued result.
 
 <p>
 
-<a name="check_client_access">
-
-<dt> <b>check_client_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_client_access"> <b>check_client_access</b> </a>
+<i>maptype</i>:<i>mapname</i>
 
 <dt> <i>maptype</i>:<i>mapname</i> <dd> Search the named <a
 href="access.5.html">access database</a> for the client hostname, parent
@@ -463,9 +321,7 @@ significant octets.
 
 </dl>
 
-<a name="smtpd_helo_required">
-
-<h2> Require HELO (EHLO) command</h2>
+<a name="smtpd_helo_required"> <h2> Require HELO (EHLO) command</h2> </a>
 
 The <b>smtpd_helo_required</b> parameter determines if clients must
 send a <b>HELO</b> (or <b>EHLO</b>) command at the beginning of an
@@ -498,9 +354,8 @@ does not require the use of <b>HELO</b> (<b>EHLO</b>).
 
 </dl>
 
-<a name="smtpd_helo_restrictions">
-
-<h2> HELO (EHLO) hostname restrictions</h2>
+<a name="smtpd_helo_restrictions"> <h2> HELO (EHLO) hostname
+restrictions</h2> </a>
 
 The <b>smtpd_helo_restrictions</b> parameter restricts what hostnames
 clients may send with the <b>HELO</b> (<b>EHLO</b>) command.  Some
@@ -561,37 +416,31 @@ reject_invalid_hostname</b>
 
 <dl>
 
-<a name="reject_invalid_hostname">
-
-<dt> <b>reject_invalid_hostname</b> <dd> Reject the request when
-the client HELO or EHLO parameter has a bad hostname syntax. The
-<b>invalid_hostname_reject_code</b> specifies the response code to
-rejected requests (default:  501).
+<dt> <a name="reject_invalid_hostname"> <b>reject_invalid_hostname</b>
+</a> <dd> Reject the request when the client HELO or EHLO parameter
+has a bad hostname syntax. The <b>invalid_hostname_reject_code</b>
+specifies the response code to rejected requests (default:  501).
 
 <p>
 
-<a name="reject_unknown_hostname">
-
-<dt> <b>reject_unknown_hostname</b> <dd> Reject the request when
-the hostname in the client HELO (EHLO) command has no DNS A or MX
-record. The <b>unknown_hostname_reject_code</b> specifies the
-response code to rejected requests (default:  <b>450</b>).
+<dt> <a name="reject_unknown_hostname"> <b>reject_unknown_hostname</b>
+</a> <dd> Reject the request when the hostname in the client HELO
+(EHLO) command has no DNS A or MX record. The
+<b>unknown_hostname_reject_code</b> specifies the response code to
+rejected requests (default:  <b>450</b>).
 
 <p>
 
-<a name="reject_non_fqdn_hostname">
-
-<dt> <b>reject_non_fqdn_hostname</b> <dd> Reject the request when
-the hostname in the client HELO (EHLO) command is not in fully-qualified
-domain form, as required by the RFC. The <b>non_fqdn_reject_code</b>
-specifies the response code to rejected requests (default:
-<b>504</b>).
+<dt> <a name="reject_non_fqdn_hostname"> <b>reject_non_fqdn_hostname</b>
+</a> <dd> Reject the request when the hostname in the client HELO
+(EHLO) command is not in fully-qualified domain form, as required
+by the RFC. The <b>non_fqdn_reject_code</b> specifies the response
+code to rejected requests (default:  <b>504</b>).
 
 <p>
 
-<a name="check_helo_access">
-
-<dt> <b>check_helo_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_helo_access"> <b>check_helo_access</b> </a>
+<i>maptype</i>:<i>mapname</i>
 
 <dt> <i>maptype</i>:<i>mapname</i> <dd> Search the named <a
 href="access.5.html">access database</a> for the <b>HELO</b> hostname
@@ -599,13 +448,11 @@ or parent domains.
 
 <p>
 
-<a name="check_helo_ns_access">
+<dt> <a name="check_helo_ns_access"> <b>check_helo_ns_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
-<dt> <b>check_helo_ns_access</b> <i>maptype</i>:<i>mapname</i>
-
-<a name="check_helo_mx_access">
-
-<dt> <b>check_helo_mx_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_helo_mx_access"> <b>check_helo_mx_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
 <dd> Apply the specified <a href="access.5.html">access database</a>
 to the DNS (or MX) servers for the host or domain name given with
@@ -615,9 +462,8 @@ the HELO (or EHLO) command.
 
 <p>
 
-<a name="reject_rhsbl_helo">
-
-<dt> <b>reject_rhsbl_helo</b> <i>domain.tld=127.0.0.2</i>
+<dt> <a name="reject_rhsbl_helo"> <b>reject_rhsbl_helo</b> </a>
+<i>domain.tld=127.0.0.2</i>
 
 <dt> <b>reject_rhsbl_helo</b> <i>domain.tld</i> <dd> Reject the
 request when the HELO (or EHLO) hostname is listed with an A record
@@ -654,9 +500,8 @@ indexed by RBL domain.
 
 </dl>
 
-<a name="strict_rfc821_envelopes">
-
-<h2> Require strict RFC 821-style envelope addresses </h2>
+<a name="strict_rfc821_envelopes"> <h2> Require strict RFC 821-style
+envelope addresses </h2> </a>
 
 The <b>strict_rfc821_envelopes</b> parameter controls how tolerant
 Postfix is with respect to addresses given in MAIL FROM or RCPT TO
@@ -690,9 +535,8 @@ software out there on the Internet.
 
 </dl>
 
-<a name="smtpd_sender_restrictions">
-
-<h2> Sender address restrictions</h2>
+<a name="smtpd_sender_restrictions"> <h2> Sender address
+restrictions</h2> </a>
 
 The <b>smtpd_sender_restrictions</b> parameter restricts what sender
 addresses this system accepts in MAIL FROM commands.
@@ -751,9 +595,8 @@ reject_unknown_sender_domain</b>
 
 <dl compact>
 
-<a name="reject_unknown_sender_domain">
-
-<dt> <b>reject_unknown_sender_domain</b> <dd> Reject the request
+<dt> <a name="reject_unknown_sender_domain">
+<b>reject_unknown_sender_domain</b> </a> <dd> Reject the request
 when the sender mail address has no DNS A or MX record. The
 <b>unknown_address_reject_code </b> parameter specifies the response
 code for rejected requests (default:  <b>450</b>).  The response
@@ -761,25 +604,22 @@ is always <b>450</b> in case of a temporary DNS error.
 
 <p>
 
-<a name="reject_unverified_sender">
-
-<dt> <b>reject_unverified_sender</b> <dd> Reject the request when
-mail to the sender address is known to bounce, or when the sender
-address destination is not reachable.  Address verification
-information is managed by the <a href="verify.8.html"> verify</a>(8)
-server.  The <b>unverified_sender_reject_code </b> parameter
-specifies the response when an address is known to bounce (default:
-450, change into 550 when you are confident that it is safe to do
-so). Postfix replies with 450 when an address probe failed due to
-a temporary problem.
+<dt> <a name="reject_unverified_sender"> <b>reject_unverified_sender</b>
+</a> <dd> Reject the request when mail to the sender address is
+known to bounce, or when the sender address destination is not
+reachable.  Address verification information is managed by the <a
+href="verify.8.html"> verify</a>(8) server.  The
+<b>unverified_sender_reject_code </b> parameter specifies the
+response when an address is known to bounce (default:  450, change
+into 550 when you are confident that it is safe to do so). Postfix
+replies with 450 when an address probe failed due to a temporary
+problem.
 
 <p>
 
-<a name="reject_rhsbl_sender">
-
-<dt> <b>reject_rhsbl_sender</b> <i>domain.tld</i> <dd> Reject the
-request when the sender mail address domain is listed with an A
-record under <i>domain.tld</i>.
+<dt> <a name="reject_rhsbl_sender"> <b>reject_rhsbl_sender</b> </a>
+<i>domain.tld</i> <dd> Reject the request when the sender mail
+address domain is listed with an A record under <i>domain.tld</i>.
 
 The <b> maps_rbl_reject_code</b> parameter specifies the response
 code for rejected requests (default:  <b>554</b>), the <b><a
@@ -789,23 +629,20 @@ rbl_reply_maps </a></b> parameter specifies tables with server replies
 indexed by RBL domain.
 <p>
 
-<a name="check_sender_access">
-
-<dt> <b>check_sender_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_sender_access"> <b>check_sender_access</b> </a>
+<i>maptype</i>:<i>mapname</i>
 
 <dt> <i>maptype</i>:<i>mapname</i> <dd> Search the named <a
 href="access.5.html">access database</a> for the sender mail address,
-sender domain and parent domain, or <i>localpart</i>@. 
+sender domain and parent domain, or <i>localpart</i>@.
 
 <p>
 
-<a name="check_sender_ns_access">
-
-<dt> <b>check_sender_ns_access</b> <i>maptype</i>:<i>mapname</i>
-
-<a name="check_sender_mx_access">
+<dt> <a name="check_sender_ns_access"> <b>check_sender_ns_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
-<dt> <b>check_sender_mx_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_sender_mx_access"> <b>check_sender_mx_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
 <dd> Apply the specified <a href="access.5.html">access database</a>
 to the DNS (or MX) servers for the host or domain name given with
@@ -815,11 +652,10 @@ the MAIL FROM command.
 
 <p>
 
-<a name="reject_unlisted_sender">
-
-<dt> <b>reject_unlisted_sender</b> <dd> Reject the request when
-the sender address matches one of the domain lists below, but
-is not listed in one of the corresponding address lists:
+<dt> <a name="reject_unlisted_sender"> <b>reject_unlisted_sender</b>
+</a> <dd> Reject the request when the sender address matches one
+of the domain lists below, but is not listed in one of the
+corresponding address lists:
 
 <blockquote>
 
@@ -827,8 +663,9 @@ is not listed in one of the corresponding address lists:
 
 <tr><th>Domain list</th> <th>Address list</th> 
 
-</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a> or
-<a href="basic.html#inet_interfaces">$inet_interfaces</a></td> 
+</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a>,
+<a href="basic.html#inet_interfaces">$inet_interfaces</a> or
+<a href="basic.html#proxy_interfaces">$proxy_interfaces</a></td> 
 <td>$local_recipient_maps</td>
 
 </tr><tr><td>$virtual_alias_domains</td> <td>$virtual_alias_maps</td> 
@@ -851,18 +688,16 @@ restriction at the end of all sender restrictions.
 
 <p>
 
-<a name="reject_non_fqdn_sender">
-
-<dt> <b>reject_non_fqdn_sender</b> <dd> Reject the request when
-the address in the client MAIL FROM command is not in fully-qualified
-domain form. The <b>non_fqdn_reject_code</b> specifies the
-response code to rejected requests (default:  <b>504</b>).
+<dt> <a name="reject_non_fqdn_sender"> <b>reject_non_fqdn_sender</b>
+</a> <dd> Reject the request when the address in the client MAIL
+FROM command is not in fully-qualified domain form. The
+<b>non_fqdn_reject_code</b> specifies the response code to rejected
+requests (default:  <b>504</b>).
 
 <p>
 
-<a name="reject_sender_login_mismatch">
-
-<dt> <b>reject_sender_login_mismatch</b>
+<dt> <a name="reject_sender_login_mismatch">
+<b>reject_sender_login_mismatch</b> </a>
 
 <dd> Reject the request when <a href="#smtpd_sender_login_maps">
 $smtpd_sender_login_maps</a> specifies an owner for the MAIL FROM
@@ -872,9 +707,8 @@ client login name doesn't own the MAIL FROM address.
 
 <p>
 
-<a name="reject_authenticated_sender_login_mismatch">
-
-<dt> <b>reject_authenticated_sender_login_mismatch</b>
+<dt> <a name="reject_authenticated_sender_login_mismatch">
+<b>reject_authenticated_sender_login_mismatch</b> </a>
 
 <dd> Reject the request when the client is (SASL) logged in but
 the client login name doesn't own the MAIL FROM address according
@@ -882,9 +716,8 @@ to <a href="#smtpd_sender_login_maps">$smtpd_sender_login_maps</a>.
 
 <p>
 
-<a name="reject_unauthenticated_sender_login_mismatch">
-
-<dt> <b>reject_unauthenticated_sender_login_mismatch</b>
+<dt> <a name="reject_unauthenticated_sender_login_mismatch">
+<b>reject_unauthenticated_sender_login_mismatch</b> </a>
 
 <dd> Reject the request when <a href="#smtpd_sender_login_maps">
 $smtpd_sender_login_maps</a> specifies an owner for the address,
@@ -910,9 +743,8 @@ but the client is not (SASL) logged in.
 
 </dl>
 
-<a name="smtpd_recipient_restrictions">
-
-<h2> Recipient address restrictions</h2>
+<a name="smtpd_recipient_restrictions"> <h2> Recipient address
+restrictions</h2> </a>
 
 The <b>smtpd_recipient_restrictions</b> parameter restricts what
 recipient addresses this system accepts in RCPT TO commands.
@@ -953,7 +785,8 @@ destination:
 <ul>
 
 <li>to destinations that match <a
-href="basic.html#inet_interfaces">$inet_interfaces</a>,
+href="basic.html#inet_interfaces">$inet_interfaces</a> or <a
+href="basic.html#proxy_interfaces">$proxy_interfaces</a>,
 
 <li>to destinations that match <a
 href="basic.html#mydestination">$mydestination</a>,
@@ -1003,10 +836,8 @@ to receive mail otherwise. </i>
 
 <dl>
 
-<a name="permit_auth_destination">
-
-<dt> <b>permit_auth_destination</b> <dd> 
-Permit the request when one of the following is true:
+<dt> <a name="permit_auth_destination"> <b>permit_auth_destination</b>
+</a> <dd> Permit the request when one of the following is true:
 
 <ul>
 
@@ -1018,6 +849,7 @@ and the address contains no sender-specified routing
 <li>Postfix is the final destination:  any destination that matches
 <a href="basic.html#mydestination">$mydestination</a>, <a
 href="basic.html#inet_interfaces">$inet_interfaces</a>, <a
+href="basic.html#proxy_interfaces">$proxy_interfaces</a>, <a
 href="virtual.5.html">$virtual_alias_domains</a>, or <a
 href="virtual.8.html">$virtual_mailbox_domains</a>.
 
@@ -1025,10 +857,8 @@ href="virtual.8.html">$virtual_mailbox_domains</a>.
 
 <p>
 
-<a name="reject_unauth_destination">
-
-<dt> <b>reject_unauth_destination</b> <dd> 
-Reject the request unless one of the following is true:
+<dt> <a name="reject_unauth_destination"> <b>reject_unauth_destination</b>
+</a> <dd> Reject the request unless one of the following is true:
 
 <ul>
 
@@ -1040,6 +870,7 @@ and the address contains no sender-specified routing
 <li>Postfix is the final destination:  any destination that matches
 <a href="basic.html#mydestination">$mydestination</a>, <a
 href="basic.html#inet_interfaces">$inet_interfaces</a>, <a
+href="basic.html#proxy_interfaces">$proxy_interfaces</a>, <a
 href="virtual.5.html">$virtual_alias_domains</a>, or <a
 href="virtual.8.html">$virtual_mailbox_domains</a>.
 
@@ -1050,14 +881,12 @@ code for rejected requests (default:  <b>554</b>).
 
 <p>
 
-<a name="permit_mx_backup">
-
-<dt> <b>permit_mx_backup</b> <dd> Permit the request when the local
-mail system is MX host for the resolved destination. 
-This includes the case that the local mail system is the final
-destination.  However, the SMTP server will not forward mail with
-addresses that have sender-specified routing information (example:
-<i>user@elsewhere@domain</i>),
+<dt> <a name="permit_mx_backup"> <b>permit_mx_backup</b> </a> <dd>
+Permit the request when the local mail system is MX host for the
+resolved destination.  This includes the case that the local mail
+system is the final destination.  However, the SMTP server will
+not forward mail with addresses that have sender-specified routing
+information (example:  <i>user@elsewhere@domain</i>),
 
 <p>
 
@@ -1070,7 +899,8 @@ primary MX hosts match a list of network blocks.
 Relevant configuration parameters:  <a
 href="#permit_mx_backup_networks">permit_mx_backup_networks</a>,
 <a href="basic.html#mydestination"> $mydestination</a>, <a
-href="basic.html#inet_interfaces"> $inet_interfaces</a>.
+href="basic.html#inet_interfaces"> $inet_interfaces</a>, <a
+href="basic.html#proxy_interfaces"> $proxy_interfaces</a>.
 
 <p>
 
@@ -1082,13 +912,11 @@ address, recipient domain or parent domain, or <i>localpart</i>@.
 
 <p>
 
-<a name="check_recipient_ns_access">
-
-<dt> <b>check_recipient_ns_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_recipient_ns_access"> <b>check_recipient_ns_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
-<a name="check_recipient_mx_access">
-
-<dt> <b>check_recipient_mx_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_recipient_mx_access"> <b>check_recipient_mx_access</b>
+</a> <i>maptype</i>:<i>mapname</i>
 
 <dd> Apply the specified <a href="access.5.html">access database</a>
 to the DNS servers (or MX hosts) for the host or domain name given
@@ -1098,11 +926,10 @@ with the RCPT TO command.
 
 <p>
 
-<a name="reject_unlisted_recipient">
-
-<dt> <b>reject_unlisted_recipient</b> <dd> Reject the request when
-the recipient address matches one of the domain lists below, but
-is not listed in one of the corresponding lookup tables:
+<dt> <a name="reject_unlisted_recipient"> <b>reject_unlisted_recipient</b>
+</a> <dd> Reject the request when the recipient address matches
+one of the domain lists below, but is not listed in one of the
+corresponding lookup tables:
 
 <blockquote>
 
@@ -1110,8 +937,9 @@ is not listed in one of the corresponding lookup tables:
 
 <tr><th>Domain list</th> <th>Address list</th> 
 
-</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a> or
-<a href="basic.html#inet_interfaces">$inet_interfaces</a></td> 
+</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a>,
+<a href="basic.html#inet_interfaces">$inet_interfaces</a> or <a
+href="basic.html#proxy_interfaces">$proxy_interfaces</a></td> 
 <td>$local_recipient_maps</td>
 
 </tr><tr><td>$virtual_alias_domains</td> <td>$virtual_alias_maps</td> 
@@ -1140,9 +968,8 @@ eventually be removed from Postfix.
 
 <p>
 
-<a name="reject_multi_recipient_bounce">
-
-<dt> <b>reject_multi_recipient_bounce</b> <dd> Reject the request
+<dt> <a name="reject_multi_recipient_bounce">
+<b>reject_multi_recipient_bounce</b> </a> <dd> Reject the request
 when the envelope sender is the null address, and the message has
 multiple envelope recipients. The <b>multi_recipient_bounce_reject_code
 </b> parameter specifies the response code for rejected requests
@@ -1150,9 +977,8 @@ multiple envelope recipients. The <b>multi_recipient_bounce_reject_code
 
 <p>
 
-<a name="reject_unknown_recipient_domain">
-
-<dt> <b>reject_unknown_recipient_domain</b> <dd> Reject the request
+<dt> <a name="reject_unknown_recipient_domain">
+<b>reject_unknown_recipient_domain</b> </a> <dd> Reject the request
 when the recipient mail address has no DNS A or MX record. The
 <b>unknown_address_reject_code </b> parameter specifies the response
 code for rejected requests (default:  <b>450</b>).  The response
@@ -1160,11 +986,10 @@ is always <b>450</b> in case of a temporary DNS error.
 
 <p>
 
-<a name="reject_unverified_recipient">
-
-<dt> <b>reject_unverified_recipient</b> <dd> Reject the request when
-mail to the recipient address is known to bounce, or when the recipient
-address destination is not reachable.  Address verification
+<dt> <a name="reject_unverified_recipient">
+<b>reject_unverified_recipient</b> </a> <dd> Reject the request
+when mail to the recipient address is known to bounce, or when the
+recipient address destination is not reachable.  Address verification
 information is managed by the <a href="verify.8.html"> verify</a>(8)
 server.  The <b>unverified_recipient_reject_code </b> parameter
 specifies the response when an address is known to bounce (default:
@@ -1174,11 +999,9 @@ a temporary problem.
 
 <p>
 
-<a name="reject_rhsbl_recipient">
-
-<dt> <b>reject_rhsbl_recipient</b> <i>domain.tld</i> <dd> Reject the
-request when the recipient mail address domain is listed with an A
-record under <i>domain.tld</i>.
+<dt> <a name="reject_rhsbl_recipient"> <b>reject_rhsbl_recipient</b>
+</a> <i>domain.tld</i> <dd> Reject the request when the recipient
+mail address domain is listed with an A record under <i>domain.tld</i>.
 
 The <b> maps_rbl_reject_code</b> parameter specifies the response
 code for rejected requests (default:  <b>554</b>), the <b><a
@@ -1189,12 +1012,11 @@ indexed by RBL domain.
 
 <p>
 
-<a name="reject_non_fqdn_recipient">
-
-<dt> <b>reject_non_fqdn_recipient</b> <dd> Reject the request when
-the address in the client RCPT TO command is not in fully-qualified
-domain form. The <b>non_fqdn_reject_code</b> specifies the
-response code to rejected requests (default:  <b>504</b>).
+<dt> <a name="reject_non_fqdn_recipient"> <b>reject_non_fqdn_recipient</b>
+</a> <dd> Reject the request when the address in the client RCPT
+TO command is not in fully-qualified domain form. The
+<b>non_fqdn_reject_code</b> specifies the response code to rejected
+requests (default:  <b>504</b>).
 
 <p>
 
@@ -1216,9 +1038,8 @@ response code to rejected requests (default:  <b>504</b>).
 
 </dl>
 
-<a name="smtpd_etrn_restrictions">
-
-<h2> ETRN command restrictions</h2>
+<a name="smtpd_etrn_restrictions"> <h2> ETRN command restrictions</h2>
+</a>
 
 Not really an UCE restriction, the <b>smtpd_etrn_restrictions</b>
 parameter restricts what domains can be specified in ETRN commands,
@@ -1265,9 +1086,8 @@ hash:/etc/postfix/etrn_access, reject</b>
 
 <dl>
 
-<a name="check_etrn_access">
-
-<dt> <b>check_etrn_access</b> <i>maptype</i>:<i>mapname</i>
+<dt> <a name="check_etrn_access"> <b>check_etrn_access</b> </a>
+<i>maptype</i>:<i>mapname</i>
 
 <dt> <i>maptype</i>:<i>mapname</i> <dd> Search the named <a
 href="access.5.html">access database</a> for the domain specified
@@ -1293,9 +1113,7 @@ in the ETRN command, or its parent domains.
 
 </dl>
 
-<a name="generic">
-
-<h2> Generic restrictions</h2>
+<a name="generic"> <h2> Generic restrictions</h2> </a>
 
 The following restrictions can use used for client hostnames or
 addresses, for HELO (EHLO) hostnames, for sender mail addresses
@@ -1309,56 +1127,46 @@ Restrictions:
 
 <dl>
 
-<a name="permit">
-
-<dt> <b>permit</b> <dd> Permit the request. This restriction
-is useful at the end of a restriction list, to make the default
-policy explicit. 
+<dt> <a name="permit"> <b>permit</b> </a> <dd> Permit the request.
+This restriction is useful at the end of a restriction list, to
+make the default policy explicit.
 
 <p>
 
-<a name="defer">
-
-<dt> <b>defer</b> <dd> Defer the request. The client is told to
-try again later. This restriction is useful at the end of a
-restriction list, to make the default policy explicit.
+<dt> <a name="defer"> <b>defer</b> </a> <dd> Defer the request.
+The client is told to try again later. This restriction is useful
+at the end of a restriction list, to make the default policy
+explicit.
 
 <p>
 
-<a name="reject">
-
-<dt> <b>reject</b> <dd> Reject the request. This restriction
-is useful at the end of a restriction list, to make the default
-policy explicit. The <b>reject_code</b> configuration parameter
-specifies the response code to rejected requests (default:
+<dt> <a name="reject"> <b>reject</b> </a> <dd> Reject the request.
+This restriction is useful at the end of a restriction list, to
+make the default policy explicit. The <b>reject_code</b> configuration
+parameter specifies the response code to rejected requests (default:
 <b>554</b>).
 
 <p>
 
-<a name="warn_if_reject">
-
-<dt> <b>warn_if_reject</b>
-<dd> Change the meaning of the next restriction, so that it logs
-a warning instead of rejecting a request (look for logfile records
+<dt> <a name="warn_if_reject"> <b>warn_if_reject</b> </a> <dd>
+Change the meaning of the next restriction, so that it logs a
+warning instead of rejecting a request (look for logfile records
 that contain "reject_warning").  This is useful for testing new
 restrictions in a "live" environment without risking unnecessary
 loss of mail.
 
 <p>
 
-<a name="reject_unauth_pipelining">
-
-<dt> <b>reject_unauth_pipelining</b> <dd> Reject the request when
-the client sends SMTP commands ahead of time without knowing that
-Postfix actually supports SMTP command pipelining.  This stops mail
-from bulk mail software that improperly uses SMTP command pipelining
-to speed up deliveries.
+<dt> <a name="reject_unauth_pipelining"> <b>reject_unauth_pipelining</b>
+</a> <dd> Reject the request when the client sends SMTP commands
+ahead of time without knowing that Postfix actually supports SMTP
+command pipelining.  This stops mail from bulk mail software that
+improperly uses SMTP command pipelining to speed up deliveries.
 
 <p>
 
-<a name="check_policy_service">
-
-<dt> <b>check_policy_service inet</b>:<i>host</i>:<i>port</i>
+<dt> <a name="check_policy_service"> <b>check_policy_service
+inet</b>:<i>host</i>:<i>port</i> </a>
 
 <dt> <b>check_policy_service unix</b>:<i>pathname</i>
 
@@ -1368,8 +1176,8 @@ queue file name, the protocol state (CONNECT, HELO, EHLO, MAIL,
 RCPT, ETRN), the client network address, the hostname given in the
 HELO or EHLO command, the sender email address, the recipient email
 address. The server is expected to reply with an action just like
-the actions found in a Postfix <a href="access.5.html"> access</a>
-table.
+the actions found in a Postfix <a href="access.5.html"> access
+database</a>.
 
 <p>
 
@@ -1385,15 +1193,12 @@ Example:
 
 </dl>
 
-<a name="additional">
-
-<h2> Additional UCE control parameters</h2>
+<a name="additional"> <h2> Additional UCE control parameters</h2>
+</a>
 
 <dl>
 
-<a name="default_rbl_reply">
-
-<dt> <b>default_rbl_reply</b>
+<dt> <a name="default_rbl_reply"> <b>default_rbl_reply</b> </a>
 
 <dd>The default reply template that is used when an SMTP client
 request is blocked by a <b>reject_rbl</b> or <b>reject_rhsbl</b>
@@ -1494,9 +1299,8 @@ $<i>name</i> is empty.
 
 <dl>
 
-<a name="permit_mx_backup_networks">
-
-<dt> <b>permit_mx_backup_networks</b>
+<dt> <a name="permit_mx_backup_networks"> <b>permit_mx_backup_networks</b>
+</a>
 
 <dd>Restrict the use of the <a href="#permit_mx_backup">
 permit_mx_backup</a> relay control feature to destinations whose
@@ -1542,9 +1346,7 @@ of listing the patterns in the <b>main.cf</b> file.
 
 <dl>
 
-<a name="rbl_reply_maps">
-
-<dt> <b>rbl_reply_maps</b>
+<dt> <a name="rbl_reply_maps"> <b>rbl_reply_maps</b> </a>
 
 <dd> This parameter specifies lookup tables with RBL reply templates
 indexed by RBL domain name. If no template is found, the
@@ -1579,9 +1381,7 @@ default_rbl_reply </a> parameter description.
 
 <dl>
 
-<a name="relay_domains">
-
-<dt> <b>relay_domains</b>
+<dt> <a name="relay_domains"> <b>relay_domains</b> </a>
 
 <dd> This parameter controls the behavior of the <a
 href="#reject_unauth_destination"> reject_unauth_destination</a>
@@ -1639,9 +1439,8 @@ tables listed in <b>$relay_domains.</b>
 
 <dl>
 
-<a name="smtpd_sender_login_maps">
-
-<dt> <b>smtpd_sender_login_maps</b>
+<dt> <a name="smtpd_sender_login_maps"> <b>smtpd_sender_login_maps</b>
+</a>
 
 <dd>This parameter specifies ownership of MAIL FROM addresses, as
 used by the <a
@@ -1690,7 +1489,8 @@ search order is:
 <a href="basic.html#myorigin"> $myorigin</a>, when <i>site</i> is
 listed in <a href="basic.html#mydestination"> $mydestination</a>,
 or when it is listed in <a href="basic.html#inet_interfaces">
-$inet_interfaces</a>.
+$inet_interfaces</a> or <a href="basic.html#proxy_interfaces">
+$proxy_interfaces</a>.
 
 <p>
 
diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html
index fdeb53c3e..44b6a6aff 100644
--- a/postfix/html/virtual.5.html
+++ b/postfix/html/virtual.5.html
@@ -83,8 +83,8 @@ VIRTUAL(5)                                             VIRTUAL(5)
        <i>user address, address, ...</i>
               Mail for <i>user</i>@<i>site</i> is redirected  to  <i>address</i>  when
               <i>site</i>  is equal to $<b>myorigin</b>, when <i>site</i> is listed in
-              $mydestination,   or   when   it   is   listed   in
-              $<i>inet</i><b>_</b><i>interfaces</i>.
+              $<b>mydestination</b>,   or   when   it   is   listed   in
+              $<b>inet_interfaces</b> or $<b>proxy_interfaces</b>.
 
               This  functionality  overlaps with functionality of
               the local <i>aliases</i>(5) database.  The  difference  is
@@ -235,6 +235,11 @@ VIRTUAL(5)                                             VIRTUAL(5)
               Give special treatment to <b>owner-</b><i>xxx</i> and <i>xxx</i><b>-request</b>
               addresses.
 
+       <b>proxy_interfaces</b>
+              Other interfaces that this machine receives mail on
+              by way of a proxy agent or network address transla-
+              tor.
+
 <b>SEE ALSO</b>
        <a href="cleanup.8.html">cleanup(8)</a> canonicalize and enqueue mail
        <a href="postmap.1.html">postmap(1)</a> create mapping table
diff --git a/postfix/man/Makefile.in b/postfix/man/Makefile.in
index 76a54d4df..c7c132154 100644
--- a/postfix/man/Makefile.in
+++ b/postfix/man/Makefile.in
@@ -13,7 +13,7 @@ COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \
 	man1/postqueue.1 man1/postsuper.1
 CONFIG	= man5/access.5 man5/aliases.5 man5/canonical.5 man5/relocated.5 \
 	man5/transport.5 man5/virtual.5 man5/pcre_table.5 man5/regexp_table.5 \
-	man5/cidr_table.5 man5/tcp_table.5
+	man5/cidr_table.5 man5/tcp_table.5 man5/header_checks.5
 TOOLS	= man1/smtp-sink.1 man1/smtp-source.1 man1/qmqp-sink.1 \
 	man1/qmqp-source.1
 
@@ -156,6 +156,9 @@ man5/canonical.5: ../proto/canonical
 man5/cidr_table.5: ../proto/cidr_table
 	../mantools/srctoman - $? >$@
 
+man5/header_checks.5: ../proto/header_checks
+	../mantools/srctoman - $? >$@
+
 man5/pcre_table.5: ../proto/pcre_table
 	../mantools/srctoman - $? >$@
 
diff --git a/postfix/man/man5/body_checks.5 b/postfix/man/man5/body_checks.5
new file mode 100644
index 000000000..d7c939e7e
--- /dev/null
+++ b/postfix/man/man5/body_checks.5
@@ -0,0 +1 @@
+.so man5/header_checks.5
diff --git a/postfix/man/man5/canonical.5 b/postfix/man/man5/canonical.5
index 99a1da1ae..90307e16d 100644
--- a/postfix/man/man5/canonical.5
+++ b/postfix/man/man5/canonical.5
@@ -79,7 +79,8 @@ addresses, but see below for a simpler solution.
 .IP "\fIuser address\fR"
 \fIuser\fR@\fIsite\fR is replaced by \fIaddress\fR when \fIsite\fR is
 equal to $\fBmyorigin\fR, when \fIsite\fR is listed in
-$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR.
+$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR
+or $\fBproxy_interfaces\fR.
 .sp
 This form is useful for replacing login names by
 \fIFirstname.Lastname\fR.
@@ -169,6 +170,9 @@ Other parameters of interest:
 .IP \fBinet_interfaces\fR
 The network interface addresses that this system receives mail on.
 You need to stop and start Postfix when this parameter changes.
+.IP \fBproxy_interfaces\fR
+Other interfaces that this machine receives mail on by way of a
+proxy agent or network address translator.
 .IP \fBmasquerade_classes\fR
 List of address classes subject to masquerading: zero or more of
 \fBenvelope_sender\fR, \fBenvelope_recipient\fR, \fBheader_sender\fR,
diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5
new file mode 100644
index 000000000..1b09d1b5d
--- /dev/null
+++ b/postfix/man/man5/header_checks.5
@@ -0,0 +1,243 @@
+.TH HEADER_CHECKS 5 
+.ad
+.fi
+.SH NAME
+header_checks
+\-
+Postfix built-in header/body inspection
+.SH SYNOPSIS
+.na
+.nf
+\fBheader_checks = pcre:/etc/postfix/header_checks\fR
+.br
+\fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
+.br
+\fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
+.sp
+\fBbody_checks = pcre:/etc/postfix/body_checks\fR
+.sp
+\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+.br
+\fBpostmap -q - pcre:/etc/postfix/\fIfilename <\fIinputfile\fR
+.SH DESCRIPTION
+.ad
+.fi
+Postfix provides a simple built-in content inspection mechanism that
+examines incoming mail one message header or one message body line
+at a time.
+This feature is implemented by the Postfix \fBcleanup\fR(8) server.
+
+Postfix header or body_checks are designed to stop a flood of mail
+from worms and viruses. They are not meant to be a substitute for
+content filters that decode attachments and that do other
+sophisticated content analyses.
+
+Postfix supports four built-in content inspection classes:
+.IP \fBheader_checks\fR
+These are applied to each primary message header (except for
+the MIME related headers).
+.IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
+These are applied each MIME related message header only.
+.IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
+These are applied to each message header of attached email messages.
+.IP \fBbody_checks\fR
+These are applied to every other line of content, including multi-part
+message boundaries.
+.PP
+Note: message headers are examined one logical header at a time,
+even when a message header spans multiple lines. Body lines are
+always examined one line at a time.
+.SH REGEXP AND PCRE TABLE FORMAT
+.na
+.nf
+.ad
+.fi
+Header and body_checks rules are normally specified in the form of
+regular expression lookup tables. The best performance is obtained
+with \fBpcre\fR (Perl Compatible Regular Expression) tables, but
+the slower \fBregexp\fR (POSIX regular expressions) support is
+more widely available. Use the command \fBpostconf -m\fR to find
+out what types of lookup table your Postfix system supports.
+
+The general format of a header or body_checks table is:
+.IP "\fB/\fIpattern\fB/\fIflags action\fR"
+When \fIpattern\fR matches the input string, execute
+the corresponding \fIaction\fR. See below for a list
+of possible actions.
+.IP "\fB!/\fIpattern\fB/\fIflags action\fR"
+When \fIpattern\fR does \fBnot\fR match the input string,
+execute the corresponding \fIaction\fR.
+.IP "\fBif /\fIpattern\fB/\fIflags\fR"
+.IP "\fBendif\fR"
+Match the input string against the patterns between \fBif\fR
+and \fBendif\fR, if and only if the input string also matches
+\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+.sp
+Note: do not prepend whitespace to patterns inside
+\fBif\fR..\fBendif\fR.
+.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
+.IP "\fBendif\fR"
+Match the input string against the patterns between \fBif\fR
+and \fBendif\fR, if and only if the input string does \fBnot\fR
+match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+.IP "blank lines and comments"
+Empty lines and whitespace-only lines are ignored, as
+are lines whose first non-whitespace character is a `#'.
+.IP "multi-line text"
+A pattern/action line starts with non-whitespace text. A line that
+starts with whitespace continues a logical line.
+.PP
+For a discussion of pattern syntax and flags details,
+see \fBregexp_table\fR(5) or \fBpcre_table\fR(5), respectively.
+.SH TABLE SEARCH ORDER
+.na
+.nf
+.ad
+.fi
+For each line of message input, the patterns are applied in the
+order as specified in the table. When a pattern is found that matches
+the input line, the corresponding action is executed and then the
+next input line is inspected.
+.SH TEXT SUBSTITUTION
+.na
+.nf
+.ad
+.fi
+Substitution of substrings from the matched expression into the
+\fIaction\fR
+string is possible using the conventional Perl syntax ($1, $2, etc.).
+The macros in the result string may need to be written as ${n}
+or $(n) if they aren't followed by whitespace.
+
+Note: since negated patterns (those preceded by \fB!\fR) return a
+result when the expression does not match, substitutions are not
+available for negated patterns.
+.SH ACTIONS
+.na
+.nf
+.ad
+.fi
+Action names are case insensitive. They are shown in upper case
+for consistency with other Postfix documentation.
+.IP "\fBDISCARD \fIoptional text...\fR
+Claim successful delivery and silently discard the message.
+Log the optional text if specified, otherwise log a generic
+message.
+.sp
+Note: this action disables further header or body_checks inspection
+of the current message and affects all recipients.
+.IP \fBDUNNO\fR
+Pretend that the search string was not found, and inspect the
+next input line. This action can be used to shorten the table search.
+.sp
+For backwards compatibility reasons, Postfix also accepts
+\fBOK\fR but it is (and always has been) treated as \fBDUNNO\fR.
+.IP "\fBFILTER \fItransport:destination\fR"
+Write a content filter request record to the queue file and
+inspect the next input line.
+After the message is queued, it will be sent through
+the specified external content filter.  More information about
+external content filters is in the Postfix FILTER_README file.
+.sp
+Note: this action overrides the \fBmain.cf content_filter\fR setting,
+and affects all recipients of the message. In the case that multiple
+\fBFILTER\fR actions fire, the only last one is executed.
+.IP "\fBHOLD \fIoptional text...\fR"
+Arrange for the message to be placed on the \fBhold\fR queue,
+and inspect the next input line.  The message remains on \fBhold\fR
+until someone either deletes it or releases it for delivery.
+Log the optional text if specified, otherwise log a generic
+message.
+
+Mail that is placed on hold can be examined with the
+\fBpostcat\fR(1) command, and can be destroyed or released with
+the \fBpostsuper\fR(1) command.
+.sp
+Note: this action affects all recipients of the message.
+.IP \fBIGNORE\fR
+Delete the current line from the input and inspect
+the next input line.
+.IP "\fBREDIRECT \fIuser@domain\fR"
+Write a message redirection request to the queue file and
+inspect the next input line. After the message is queued,
+it will be sent to the specified address instead of the
+intended recipient(s).
+.sp
+Note: this action overrides the \fBFILTER\fR action, and affects
+all recipients of the message. If multiple \fBREDIRECT\fR actions
+fire only the last one is executed.
+.IP "\fBREJECT \fIoptional text...\fR
+Reject the entire message. Reply with \fIoptional text...\fR when
+the optional text is specified, otherwise reply with a generic error
+message.
+.sp
+Note: this action disables further header or body_checks inspection
+of the current message and affects all recipients.
+.IP "\fBWARN \fIoptional text...\fR
+Log a warning with the \fIoptional text...\fR (or log a
+generic message) and inspect the next input line. This
+action is useful for debugging and for testing a pattern
+before taking more drastic actions.
+.SH BUGS
+.ad
+.fi
+Many people overlook the main limitations of header and body_checks
+rules.  These rules operate on one logical message header or body
+line at a time, and a decision made for one line is not carried over
+to the next line.
+.SH CONFIGURATION PARAMETERS
+.na
+.nf
+.ad
+.fi
+.IP \fBbody_checks\fR
+Lookup tables with content filter rules for message body lines.
+These filters see one physical line at a time, in chunks of
+at most \fB$line_length_limit\fR bytes.
+.IP \fBbody_checks_size_limit\fP
+The amount of content per message body segment (attachment) that is
+subjected to \fB$body_checks\fR filtering.
+.IP \fBheader_checks\fR
+.IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
+.IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
+Lookup tables with content filter rules for message header lines:
+respectively, these are applied to the primary message headers
+(not including MIME headers), to the MIME headers anywhere in
+the message, and to the initial headers of attached messages.
+.sp
+Note: these filters see one logical message header at a time, even
+when a message header spans multiple lines. Message headers that
+are longer than \fB$header_size_limit\fR characters are truncated.
+.IP \fBdisable_mime_input_processing\fR
+While receiving mail, give no special treatment to MIME related
+message headers; all text after the initial message headers is
+considered to be part of the message body. This means that
+\fBheader_checks\fR is applied to all the primary message headers,
+and that \fBbody_checks\fR is applied to the remainder of the
+message.
+.sp
+Note: when used in this manner, \fBbody_checks\fR will process
+a multi-line message header one line at a time.
+.SH SEE ALSO
+.na
+.nf
+cleanup(8) canonicalize and enqueue Postfix message
+pcre_table(5) format of PCRE tables
+regexp_table(5) format of POSIX regular expression tables
+postconf(1) Postfix configuration utility
+postmap(1) Postfix lookup table management
+postsuper(1) Postfix janitor
+postcat(1) show Postfix queue file contents
+.SH LICENSE
+.na
+.nf
+.ad
+.fi
+The Secure Mailer license must be distributed with this software.
+.SH AUTHOR(S)
+.na
+.nf
+Wietse Venema
+IBM T.J. Watson Research
+P.O. Box 704
+Yorktown Heights, NY 10598, USA
diff --git a/postfix/man/man5/relocated.5 b/postfix/man/man5/relocated.5
index 285f837b5..9765a2bb7 100644
--- a/postfix/man/man5/relocated.5
+++ b/postfix/man/man5/relocated.5
@@ -61,7 +61,7 @@ other forms.
 .IP \fIuser\fR
 Matches \fIuser\fR@\fIsite\fR when \fIsite\fR is $\fBmyorigin\fR,
 when \fIsite\fR is listed in $\fBmydestination\fR, or when \fIsite\fR
-is listed in $\fBinet_interfaces\fR.
+is listed in $\fBinet_interfaces\fR or $\fBproxy_interfaces\fR.
 .IP @\fIdomain\fR
 Matches every address in \fIdomain\fR. This form has the lowest
 precedence.
@@ -136,6 +136,9 @@ You need to stop and start Postfix when this parameter changes.
 List of domains that this mail system considers local.
 .IP \fBmyorigin\fR
 The domain that is appended to locally-posted mail.
+.IP \fBproxy_interfaces\fR
+Other interfaces that this machine receives mail on by way of a
+proxy agent or network address translator.
 .SH SEE ALSO
 .na
 .nf
diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5
index c95c5dc0b..d18de7848 100644
--- a/postfix/man/man5/virtual.5
+++ b/postfix/man/man5/virtual.5
@@ -77,7 +77,8 @@ This form has the highest precedence.
 .IP "\fIuser address, address, ...\fR"
 Mail for \fIuser\fR@\fIsite\fR is redirected to \fIaddress\fR when
 \fIsite\fR is equal to $\fBmyorigin\fR, when \fIsite\fR is listed in
-$\fRmydestination\fR, or when it is listed in $\fIinet_interfaces\fR.
+$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR
+or $\fBproxy_interfaces\fR.
 .sp
 This functionality overlaps with functionality of the local
 \fIaliases\fR(5) database. The difference is that \fBvirtual\fR
@@ -232,6 +233,9 @@ The domain that is appended to any address that does not have a domain.
 .IP \fBowner_request_special\fR
 Give special treatment to \fBowner-\fIxxx\fR and \fIxxx\fB-request\fR
 addresses.
+.IP \fBproxy_interfaces\fR
+Other interfaces that this machine receives mail on by way of a
+proxy agent or network address translator.
 .SH SEE ALSO
 .na
 .nf
diff --git a/postfix/man/man8/anvil.8 b/postfix/man/man8/anvil.8
index 6130aa415..9bc27cfd6 100644
--- a/postfix/man/man8/anvil.8
+++ b/postfix/man/man8/anvil.8
@@ -4,7 +4,7 @@
 .SH NAME
 anvil
 \-
-Postfix connection count and rate management
+Postfix client count and rate management
 .SH SYNOPSIS
 .na
 .nf
diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8
index 63c7c2d17..9c16b8dd2 100644
--- a/postfix/man/man8/cleanup.8
+++ b/postfix/man/man8/cleanup.8
@@ -196,7 +196,9 @@ Limit the recursion depth of virtual alias expansion.
 .SH SEE ALSO
 .na
 .nf
+body_checks(5) body parts content inspection
 canonical(5) canonical address lookup table format
+header_checks(5) message header content inspection
 qmgr(8) queue manager daemon
 syslogd(8) system logging
 trivial-rewrite(8) address rewriting
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index 89583d3d3..0e4dc731d 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -226,7 +226,8 @@ responses. The extra detail makes trouble shooting easier
 but also reveals information that is nobody elses business.
 .IP \fBunknown_local_recipient_reject_code\fR
 The response code when a client specifies a recipient whose domain
-matches \fB$mydestination\fR or \fB$inet_interfaces\fR, while
+matches \fB$mydestination\fR, \fB$inet_interfaces\fR or
+\fB$proxy_interfaces\fR, while
 \fB$local_recipient_maps\fR is non-empty and does not list
 the recipient address or address local-part.
 .IP \fBunknown_relay_recipient_reject_code\fR
diff --git a/postfix/man/man8/trivial-rewrite.8 b/postfix/man/man8/trivial-rewrite.8
index cd3be7f91..6dc073a7b 100644
--- a/postfix/man/man8/trivial-rewrite.8
+++ b/postfix/man/man8/trivial-rewrite.8
@@ -43,8 +43,7 @@ By default, Postfix uses one of the following delivery methods.
 This may be overruled with the optional transport(5) table.
 The default delivery method is selected by matching the
 recipient address domain against one of the following:
-.IP \fB$mydestination\fR
-.IP \fB$inet_interfaces\fR
+.IP "\fB$mydestination\fR, \fB$inet_interfaces\fR, \fB$proxy_interfaces\fR"
 The transport and optional nexthop
 are specified with \fB$local_transport\fR.
 The default nexthop is the recipient domain.
@@ -116,6 +115,7 @@ a configuration change.
 .IP \fBempty_address_recipient\fR
 The recipient that is substituted for the null address.
 .IP \fBinet_interfaces\fR
+.IP \fBproxy_interfaces\fR
 The network interfaces that this mail system receives mail on.
 This information is used to determine if
 \fIuser\fR@[\fInet.work.addr.ess\fR] is local or remote.
@@ -155,8 +155,8 @@ Rewrite \fIsite\fR!\fIuser\fR to \fIuser\fR@\fIsite\fR.
 .ad
 .fi
 .IP \fBlocal_transport\fR
-Where to deliver mail for destinations that match \fB$mydestination\fR
-or \fB$inet_interfaces\fR.
+Where to deliver mail for destinations that match \fB$mydestination\fR,
+\fB$inet_interfaces\fR or \fB$proxy_interfaces\fR.
 The default transport is \fBlocal:$myhostname\fR.
 .sp
 Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink
index aa56c2cc6..a0dc6e31e 100755
--- a/postfix/mantools/postlink
+++ b/postfix/mantools/postlink
@@ -54,6 +54,8 @@ exec sed '
 	s/[<bB>]*virtual[</bB>]*(8)/<a href="virtual.8.html">&<\/a>/
 	s/[<bB>]*cidr_table[</bB>]*(5)/<a href="cidr_table.5.html">&<\/a>/
 	s/[<bB>]*tcp_table[</bB>]*(5)/<a href="tcp_table.5.html">&<\/a>/
+	s/[<bB>]*body_checks[</bB>]*(5)/<a href="body_checks.5.html">&<\/a>/
+	s/[<bB>]*header_checks[</bB>]*(5)/<a href="header_checks.5.html">&<\/a>/
 	s/\(<a href="[^"]*">\)\([<bB>]*[a-z0-9-]*[-</bB>]*\)\(\n *\)\([<bB>]*[a-z0-9-]*[</bB>]*([0-9])\)\(<\/a>\)/\1\2\5\3\1\4\5/
 	s/http:\/\/[^ ,]*/<a href="&">&<\/a>/
 	s/RFC *\([0-9]*\)/<a href="http:\/\/www.faqs.org\/rfcs\/rfc\1.html">&<\/a>/
diff --git a/postfix/proto/Makefile.in b/postfix/proto/Makefile.in
index a5b3de8ce..7d063b14d 100644
--- a/postfix/proto/Makefile.in
+++ b/postfix/proto/Makefile.in
@@ -3,8 +3,7 @@ SHELL	= /bin/sh
 # For now, just hard-coded rules.
 
 CONFIG	= ../conf/access ../conf/aliases ../conf/canonical ../conf/relocated \
-	../conf/transport ../conf/virtual ../conf/pcre_table \
-	../conf/regexp_table ../conf/cidr_table ../conf/tcp_table
+	../conf/transport ../conf/virtual ../conf/header_checks
 
 AWK	= awk '{ print; if (NR == 1) print ".pl 9999" }'
 
@@ -33,6 +32,9 @@ clobber:
 ../conf/cidr_table: cidr_table
 	srctoman - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@
 
+../conf/header_checks: header_checks
+	srctoman - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@
+
 ../conf/pcre_table: pcre_table
 	srctoman - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@
 
diff --git a/postfix/proto/canonical b/postfix/proto/canonical
index 3cc6ae707..a042cbd39 100644
--- a/postfix/proto/canonical
+++ b/postfix/proto/canonical
@@ -71,7 +71,8 @@
 # .IP "\fIuser address\fR"
 #	\fIuser\fR@\fIsite\fR is replaced by \fIaddress\fR when \fIsite\fR is
 #	equal to $\fBmyorigin\fR, when \fIsite\fR is listed in
-#	$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR.
+#	$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR
+#	or $\fBproxy_interfaces\fR.
 #	.sp
 #	This form is useful for replacing login names by
 #	\fIFirstname.Lastname\fR.
@@ -151,6 +152,9 @@
 # .IP \fBinet_interfaces\fR
 #	The network interface addresses that this system receives mail on.
 #	You need to stop and start Postfix when this parameter changes.
+# .IP \fBproxy_interfaces\fR
+#	Other interfaces that this machine receives mail on by way of a
+#	proxy agent or network address translator.
 # .IP \fBmasquerade_classes\fR
 #	List of address classes subject to masquerading: zero or more of
 #	\fBenvelope_sender\fR, \fBenvelope_recipient\fR, \fBheader_sender\fR, 
diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks
new file mode 100644
index 000000000..de9d487d3
--- /dev/null
+++ b/postfix/proto/header_checks
@@ -0,0 +1,220 @@
+#++
+# NAME
+#	header_checks 5
+# SUMMARY
+#	Postfix built-in header/body inspection
+# SYNOPSIS
+#	\fBheader_checks = pcre:/etc/postfix/header_checks\fR
+# .br
+#	\fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
+# .br
+#	\fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
+# .sp
+#	\fBbody_checks = pcre:/etc/postfix/body_checks\fR
+# .sp
+#	\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
+# .br
+#	\fBpostmap -q - pcre:/etc/postfix/\fIfilename <\fIinputfile\fR
+# DESCRIPTION
+#	Postfix provides a simple built-in content inspection mechanism that
+#	examines incoming mail one message header or one message body line
+#	at a time.
+#	This feature is implemented by the Postfix \fBcleanup\fR(8) server.
+#
+#	Postfix header or body_checks are designed to stop a flood of mail
+#	from worms and viruses. They are not meant to be a substitute for
+#	content filters that decode attachments and that do other
+#	sophisticated content analyses.
+#
+#	Postfix supports four built-in content inspection classes:
+# .IP \fBheader_checks\fR
+#	These are applied to each primary message header (except for
+#	the MIME related headers).
+# .IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
+#	These are applied each MIME related message header only.
+# .IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
+#	These are applied to each message header of attached email messages.
+# .IP \fBbody_checks\fR
+#	These are applied to every other line of content, including multi-part
+#	message boundaries.
+# .PP
+#	Note: message headers are examined one logical header at a time,
+#	even when a message header spans multiple lines. Body lines are
+#	always examined one line at a time.
+# REGEXP AND PCRE TABLE FORMAT
+# .ad
+# .fi
+#	Header and body_checks rules are normally specified in the form of
+#	regular expression lookup tables. The best performance is obtained
+#	with \fBpcre\fR (Perl Compatible Regular Expression) tables, but
+#	the slower \fBregexp\fR (POSIX regular expressions) support is
+#	more widely available. Use the command \fBpostconf -m\fR to find
+#	out what types of lookup table your Postfix system supports.
+#
+#	The general format of a header or body_checks table is:
+# .IP "\fB/\fIpattern\fB/\fIflags action\fR"
+#	When \fIpattern\fR matches the input string, execute
+#	the corresponding \fIaction\fR. See below for a list
+#	of possible actions.
+# .IP "\fB!/\fIpattern\fB/\fIflags action\fR"
+#	When \fIpattern\fR does \fBnot\fR match the input string,
+#	execute the corresponding \fIaction\fR.
+# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
+# .IP "\fBendif\fR"
+#	Match the input string against the patterns between \fBif\fR
+#	and \fBendif\fR, if and only if the input string also matches
+#	\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+# .sp
+#	Note: do not prepend whitespace to patterns inside
+#	\fBif\fR..\fBendif\fR.
+# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
+# .IP "\fBendif\fR"
+#	Match the input string against the patterns between \fBif\fR
+#	and \fBendif\fR, if and only if the input string does \fBnot\fR
+#	match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+# .IP "blank lines and comments"
+#	Empty lines and whitespace-only lines are ignored, as
+#	are lines whose first non-whitespace character is a `#'.
+# .IP "multi-line text"
+#	A pattern/action line starts with non-whitespace text. A line that
+#	starts with whitespace continues a logical line.
+# .PP
+#	For a discussion of pattern syntax and flags details,
+#	see \fBregexp_table\fR(5) or \fBpcre_table\fR(5), respectively.
+# TABLE SEARCH ORDER
+# .ad
+# .fi
+#	For each line of message input, the patterns are applied in the
+#	order as specified in the table. When a pattern is found that matches
+#	the input line, the corresponding action is executed and then the
+#	next input line is inspected.
+# TEXT SUBSTITUTION
+# .ad
+# .fi
+#	Substitution of substrings from the matched expression into the
+#	\fIaction\fR
+#	string is possible using the conventional Perl syntax ($1, $2, etc.).
+#	The macros in the result string may need to be written as ${n}
+#	or $(n) if they aren't followed by whitespace.
+#
+#	Note: since negated patterns (those preceded by \fB!\fR) return a
+#	result when the expression does not match, substitutions are not
+#	available for negated patterns.
+# ACTIONS
+# .ad
+# .fi
+#	Action names are case insensitive. They are shown in upper case
+#	for consistency with other Postfix documentation.
+# .IP "\fBDISCARD \fIoptional text...\fR
+#	Claim successful delivery and silently discard the message.
+#	Log the optional text if specified, otherwise log a generic
+#	message.
+# .sp
+#	Note: this action disables further header or body_checks inspection
+#	of the current message and affects all recipients.
+# .IP \fBDUNNO\fR
+#	Pretend that the search string was not found, and inspect the
+#	next input line. This action can be used to shorten the table search.
+# .sp
+#	For backwards compatibility reasons, Postfix also accepts
+#	\fBOK\fR but it is (and always has been) treated as \fBDUNNO\fR.
+# .IP "\fBFILTER \fItransport:destination\fR"
+#	Write a content filter request record to the queue file and
+#	inspect the next input line.
+#	After the message is queued, it will be sent through
+#	the specified external content filter.  More information about
+#	external content filters is in the Postfix FILTER_README file.
+# .sp
+#	Note: this action overrides the \fBmain.cf content_filter\fR setting,
+#	and affects all recipients of the message. In the case that multiple
+#	\fBFILTER\fR actions fire, the only last one is executed.
+# .IP "\fBHOLD \fIoptional text...\fR"
+#	Arrange for the message to be placed on the \fBhold\fR queue,
+#	and inspect the next input line.  The message remains on \fBhold\fR
+#	until someone either deletes it or releases it for delivery.
+#	Log the optional text if specified, otherwise log a generic
+#	message.
+#
+#	Mail that is placed on hold can be examined with the
+#	\fBpostcat\fR(1) command, and can be destroyed or released with
+#	the \fBpostsuper\fR(1) command.
+# .sp
+#	Note: this action affects all recipients of the message.
+# .IP \fBIGNORE\fR
+#	Delete the current line from the input and inspect
+#	the next input line.
+# .IP "\fBREDIRECT \fIuser@domain\fR"
+#	Write a message redirection request to the queue file and
+#	inspect the next input line. After the message is queued,
+#	it will be sent to the specified address instead of the
+#	intended recipient(s).
+# .sp
+#	Note: this action overrides the \fBFILTER\fR action, and affects
+#	all recipients of the message. If multiple \fBREDIRECT\fR actions
+#	fire only the last one is executed.
+# .IP "\fBREJECT \fIoptional text...\fR
+#	Reject the entire message. Reply with \fIoptional text...\fR when
+#	the optional text is specified, otherwise reply with a generic error
+#	message.
+# .sp
+#	Note: this action disables further header or body_checks inspection
+#	of the current message and affects all recipients.
+# .IP "\fBWARN \fIoptional text...\fR
+#	Log a warning with the \fIoptional text...\fR (or log a
+#	generic message) and inspect the next input line. This
+#	action is useful for debugging and for testing a pattern
+#	before taking more drastic actions.
+# BUGS
+#	Many people overlook the main limitations of header and body_checks
+#	rules.  These rules operate on one logical message header or body
+#	line at a time, and a decision made for one line is not carried over
+#	to the next line.
+# CONFIGURATION PARAMETERS
+# .ad
+# .fi
+# .IP \fBbody_checks\fR
+#	Lookup tables with content filter rules for message body lines.
+#	These filters see one physical line at a time, in chunks of
+#	at most \fB$line_length_limit\fR bytes.
+# .IP \fBbody_checks_size_limit\fP
+#	The amount of content per message body segment (attachment) that is
+#	subjected to \fB$body_checks\fR filtering.
+# .IP \fBheader_checks\fR
+# .IP "\fBmime_header_checks\fR (default: \fB$header_checks\fR)"
+# .IP "\fBnested_header_checks\fR (default: \fB$header_checks\fR)"
+#	Lookup tables with content filter rules for message header lines:
+#	respectively, these are applied to the primary message headers
+#	(not including MIME headers), to the MIME headers anywhere in
+#	the message, and to the initial headers of attached messages.
+# .sp
+#	Note: these filters see one logical message header at a time, even
+#	when a message header spans multiple lines. Message headers that
+#	are longer than \fB$header_size_limit\fR characters are truncated.
+# .IP \fBdisable_mime_input_processing\fR
+#	While receiving mail, give no special treatment to MIME related
+#	message headers; all text after the initial message headers is
+#	considered to be part of the message body. This means that
+#	\fBheader_checks\fR is applied to all the primary message headers,
+#	and that \fBbody_checks\fR is applied to the remainder of the
+#	message.
+# .sp
+#	Note: when used in this manner, \fBbody_checks\fR will process
+#	a multi-line message header one line at a time.
+# SEE ALSO
+#	cleanup(8) canonicalize and enqueue Postfix message
+#	pcre_table(5) format of PCRE tables
+#	regexp_table(5) format of POSIX regular expression tables
+#	postconf(1) Postfix configuration utility
+#	postmap(1) Postfix lookup table management
+#	postsuper(1) Postfix janitor
+#	postcat(1) show Postfix queue file contents
+# LICENSE
+# .ad
+# .fi
+#	The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+#	Wietse Venema
+#	IBM T.J. Watson Research
+#	P.O. Box 704
+#	Yorktown Heights, NY 10598, USA
+#--
diff --git a/postfix/proto/relocated b/postfix/proto/relocated
index fb0740d3f..1570226ea 100644
--- a/postfix/proto/relocated
+++ b/postfix/proto/relocated
@@ -53,7 +53,7 @@
 # .IP \fIuser\fR
 #	Matches \fIuser\fR@\fIsite\fR when \fIsite\fR is $\fBmyorigin\fR,
 #	when \fIsite\fR is listed in $\fBmydestination\fR, or when \fIsite\fR
-#	is listed in $\fBinet_interfaces\fR.
+#	is listed in $\fBinet_interfaces\fR or $\fBproxy_interfaces\fR.
 # .IP @\fIdomain\fR
 #	Matches every address in \fIdomain\fR. This form has the lowest
 #	precedence.
@@ -118,6 +118,9 @@
 #	List of domains that this mail system considers local.
 # .IP \fBmyorigin\fR
 #	The domain that is appended to locally-posted mail.
+# .IP \fBproxy_interfaces\fR
+#	Other interfaces that this machine receives mail on by way of a
+#	proxy agent or network address translator.
 # SEE ALSO
 #	postmap(1) create lookup table
 #	pcre_table(5) format of PCRE tables
diff --git a/postfix/proto/virtual b/postfix/proto/virtual
index 284b18796..0af316aa1 100644
--- a/postfix/proto/virtual
+++ b/postfix/proto/virtual
@@ -69,7 +69,8 @@
 # .IP "\fIuser address, address, ...\fR"
 #	Mail for \fIuser\fR@\fIsite\fR is redirected to \fIaddress\fR when
 #	\fIsite\fR is equal to $\fBmyorigin\fR, when \fIsite\fR is listed in
-#	$\fRmydestination\fR, or when it is listed in $\fIinet_interfaces\fR.
+#	$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR
+#	or $\fBproxy_interfaces\fR.
 #	.sp
 #	This functionality overlaps with functionality of the local
 #	\fIaliases\fR(5) database. The difference is that \fBvirtual\fR
@@ -212,6 +213,9 @@
 # .IP \fBowner_request_special\fR
 #	Give special treatment to \fBowner-\fIxxx\fR and \fIxxx\fB-request\fR
 #	addresses.
+# .IP \fBproxy_interfaces\fR
+#	Other interfaces that this machine receives mail on by way of a
+#	proxy agent or network address translator.
 # SEE ALSO
 #	cleanup(8) canonicalize and enqueue mail
 #	postmap(1) create mapping table
diff --git a/postfix/src/anvil/anvil.c b/postfix/src/anvil/anvil.c
index 4b0581f63..696c31393 100644
--- a/postfix/src/anvil/anvil.c
+++ b/postfix/src/anvil/anvil.c
@@ -2,7 +2,7 @@
 /* NAME
 /*	anvil 8
 /* SUMMARY
-/*	Postfix connection count and rate management
+/*	Postfix client count and rate management
 /* SYNOPSIS
 /*	\fBanvil\fR [generic Postfix daemon options]
 /* DESCRIPTION
diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c
index 5eb690e76..54b9c9631 100644
--- a/postfix/src/cleanup/cleanup.c
+++ b/postfix/src/cleanup/cleanup.c
@@ -180,7 +180,9 @@
 /* .IP \fBvirtual_alias_recursion_limit\fR
 /*	Limit the recursion depth of virtual alias expansion.
 /* SEE ALSO
+/*	body_checks(5) body parts content inspection
 /*	canonical(5) canonical address lookup table format
+/*	header_checks(5) message header content inspection
 /*	qmgr(8) queue manager daemon
 /*	syslogd(8) system logging
 /*	trivial-rewrite(8) address rewriting
diff --git a/postfix/src/cleanup/cleanup_message.c b/postfix/src/cleanup/cleanup_message.c
index 48f1178c4..151343e1e 100644
--- a/postfix/src/cleanup/cleanup_message.c
+++ b/postfix/src/cleanup/cleanup_message.c
@@ -192,12 +192,14 @@ static void cleanup_rewrite_sender(CLEANUP_STATE *state, HEADER_OPTS *hdr_opts,
 	if (hdr_opts->type == HDR_RESENT_FROM && state->resent_from == 0)
 	    state->resent_from =
 		cleanup_extract_internal(header_buf, *tpp);
+#if 0
 	if (hdr_opts->type == HDR_RETURN_RECEIPT_TO && !state->return_receipt)
 	    state->return_receipt =
 		cleanup_extract_internal(header_buf, *tpp);
 	if (hdr_opts->type == HDR_ERRORS_TO && !state->errors_to)
 	    state->errors_to =
 		cleanup_extract_internal(header_buf, *tpp);
+#endif
     }
     vstring_sprintf(header_buf, "%s: ", hdr_opts->name);
     tok822_externalize(header_buf, tree, TOK822_STR_HEAD);
diff --git a/postfix/src/global/mail_addr_find.c b/postfix/src/global/mail_addr_find.c
index a6c5024f2..c08f9dbcf 100644
--- a/postfix/src/global/mail_addr_find.c
+++ b/postfix/src/global/mail_addr_find.c
@@ -25,7 +25,7 @@
 /* .IP user
 /*	Look up \fIuser\fR when \fIdomain\fR is equal to $myorigin,
 /*	when \fIdomain\fR matches $mydestination, or when it matches
-/*	$inet_interfaces.
+/*	$inet_interfaces or $proxy_interfaces.
 /* .IP @domain
 /*	Look for an entry that matches the domain specified in \fIaddress\fR.
 /* .PP
@@ -128,7 +128,7 @@ const char *mail_addr_find(MAPS *path, const char *address, char **extp)
 
     /*
      * Try user+foo@$myorigin, user+foo@$mydestination or
-     * user+foo@[$inet_interfaces]. Then try with +foo stripped off.
+     * user+foo@[${proxy,inet}_interfaces]. Then try with +foo stripped off.
      */
     if (result == 0 && dict_errno == 0
 	&& (ratsign = strrchr(full_key, '@')) != 0
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index aa0a6e88c..f220878f7 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20040119"
+#define MAIL_RELEASE_DATE	"20040120"
 #define MAIL_VERSION_NUMBER	"2.0.17"
 
 #define VAR_MAIL_VERSION	"mail_version"
diff --git a/postfix/src/global/resolve_clnt.c b/postfix/src/global/resolve_clnt.c
index 33d134899..df55ab774 100644
--- a/postfix/src/global/resolve_clnt.c
+++ b/postfix/src/global/resolve_clnt.c
@@ -64,7 +64,8 @@
 /*	one of the following flags (this is preliminary code awaiting
 /*	more permanent implementation of address domain class handling):
 /* .IP RESOLVE_CLASS_LOCAL
-/*	The address domain matches $mydestination or $inet_interfaces.
+/*	The address domain matches $mydestination, $inet_interfaces
+/*	or $proxy_interfaces.
 /* .IP RESOLVE_CLASS_ALIAS
 /*	The address domain matches $virtual_alias_domains (virtual
 /*	alias domains, where each address is redirected to a real
diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c
index 824533d9b..9cc45268a 100644
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@@ -193,12 +193,12 @@
 /* .sp
 /*	Specify zero to disable the limit.
 /* .sp
-/*	Note: by default, equal preference MX addresses are sorted into 
+/*	Note: by default, equal preference MX addresses are sorted into
 /*	random order.
 /* .IP \fBsmtp_mx_session_limit\fR
 /*      An upper bound on the number of SMTP sessions per delivery request
 /*	before giving up or delivering to a fall-back relay host
-/*	(ignoring IP addresses that fail to complete the SMTP initial 
+/*	(ignoring IP addresses that fail to complete the SMTP initial
 /*	handshake).
 /* .sp
 /*	Specify zero to disable the limit.
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index f1f884921..527f2ddad 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -212,7 +212,8 @@
 /*	but also reveals information that is nobody elses business.
 /* .IP \fBunknown_local_recipient_reject_code\fR
 /*	The response code when a client specifies a recipient whose domain
-/*	matches \fB$mydestination\fR or \fB$inet_interfaces\fR, while
+/*	matches \fB$mydestination\fR, \fB$inet_interfaces\fR or
+/*	\fB$proxy_interfaces\fR, while
 /*	\fB$local_recipient_maps\fR is non-empty and does not list
 /*	the recipient address or address local-part.
 /* .IP \fBunknown_relay_recipient_reject_code\fR
@@ -468,7 +469,9 @@
 #include <lex_822.h>
 #include <namadr_list.h>
 #include <input_transp.h>
+#ifdef SNAPSHOT
 #include <anvil_clnt.h>
+#endif
 #include <flush_clnt.h>
 
 /* Single-threaded server skeleton. */
@@ -569,10 +572,14 @@ int     var_smtpd_policy_idle;
 int     var_smtpd_policy_ttl;
 char   *var_xclient_hosts;
 char   *var_xforward_hosts;
+
+#ifdef SNAPSHOT
 int     var_smtpd_crate_limit;
 int     var_smtpd_cconn_limit;
 char   *var_smtpd_hoggers;
 
+#endif
+
  /*
   * Silly little macros.
   */
@@ -603,9 +610,12 @@ static int xforward_allowed;
  /*
   * Client connection and rate limiting.
   */
+#ifdef SNAPSHOT
 ANVIL_CLNT *anvil_clnt;
 static NAMADR_LIST *hogger_list;
 
+#endif
+
  /*
   * Other application-specific globals.
   */
@@ -2181,6 +2191,7 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
 	 * events. For now we exclude xclient authorized hosts from
 	 * connection count/rate control.
 	 */
+#ifdef SNAPSHOT
 	if (SMTPD_STAND_ALONE(state) == 0
 	    && !xclient_allowed
 	    && anvil_clnt
@@ -2202,6 +2213,7 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
 		break;
 	    }
 	}
+#endif
 	/* XXX We use the real client for connect access control. */
 	if (SMTPD_STAND_ALONE(state) == 0
 	    && var_smtpd_delay_reject == 0
@@ -2273,11 +2285,13 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
      * For now we exclude xclient authorized hosts from connection count/rate
      * control.
      */
+#ifdef SNAPSHOT
     if (SMTPD_STAND_ALONE(state) == 0
 	&& !xclient_allowed
 	&& anvil_clnt
 	&& !namadr_list_match(hogger_list, state->name, state->addr))
 	anvil_clnt_disconnect(anvil_clnt, service, state->addr);
+#endif
 
     /*
      * Log abnormal session termination, in case postmaster notification has
@@ -2385,7 +2399,9 @@ static void pre_jail_init(char *unused_name, char **unused_argv)
     verp_clients = namadr_list_init(MATCH_FLAG_NONE, var_verp_clients);
     xclient_hosts = namadr_list_init(MATCH_FLAG_NONE, var_xclient_hosts);
     xforward_hosts = namadr_list_init(MATCH_FLAG_NONE, var_xforward_hosts);
+#ifdef SNAPSHOT
     hogger_list = namadr_list_init(MATCH_FLAG_NONE, var_smtpd_hoggers);
+#endif
     if (getuid() == 0 || getuid() == var_owner_uid)
 	smtpd_check_init();
     debug_peer_init();
@@ -2436,8 +2452,10 @@ static void post_jail_init(char *unused_name, char **unused_argv)
     /*
      * Connection rate management.
      */
+#ifdef SNAPSHOT
     if (var_smtpd_crate_limit || var_smtpd_cconn_limit)
 	anvil_clnt = anvil_clnt_create();
+#endif
 }
 
 /* main - the main program */
@@ -2469,8 +2487,10 @@ int     main(int argc, char **argv)
 	VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code, 0, 0,
 	VAR_RELAY_RCPT_CODE, DEF_RELAY_RCPT_CODE, &var_relay_rcpt_code, 0, 0,
 	VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count, 1, 0,
+#ifdef SNAPSHOT
 	VAR_SMTPD_CRATE_LIMIT, DEF_SMTPD_CRATE_LIMIT, &var_smtpd_crate_limit, 0, 0,
 	VAR_SMTPD_CCONN_LIMIT, DEF_SMTPD_CCONN_LIMIT, &var_smtpd_cconn_limit, 0, 0,
+#endif
 	0,
     };
     static CONFIG_TIME_TABLE time_table[] = {
@@ -2530,7 +2550,9 @@ int     main(int argc, char **argv)
 	VAR_INPUT_TRANSP, DEF_INPUT_TRANSP, &var_input_transp, 0, 0,
 	VAR_XCLIENT_HOSTS, DEF_XCLIENT_HOSTS, &var_xclient_hosts, 0, 0,
 	VAR_XFORWARD_HOSTS, DEF_XFORWARD_HOSTS, &var_xforward_hosts, 0, 0,
+#ifdef SNAPSHOT
 	VAR_SMTPD_HOGGERS, DEF_SMTPD_HOGGERS, &var_smtpd_hoggers, 0, 0,
+#endif
 	0,
     };
     static CONFIG_RAW_TABLE raw_table[] = {
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index ebc399840..0a97b6d43 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -177,12 +177,14 @@
 /*	Permit the request when the resolved recipient domain matches the
 /*	\fIrelay_domains\fR configuration parameter or a subdomain thereof,
 /*	or when the destination somehow resolves locally ($inet_interfaces,
+/*	$proxy_interfaces,
 /*	$mydestination, $virtual_alias_domains, or $virtual_mailbox_domains).
 /* .IP reject_unauth_destination
 /*	Reject the request when the resolved recipient domain does not match
 /*	the \fIrelay_domains\fR configuration parameter or a subdomain
 /*	thereof, and when the destination does not somehow resolve locally
-/*	($inet_interfaces, $mydestination, $virtual_alias_domains, or
+/*	($inet_interfaces, $proxy_interfaces,
+/*	$mydestination, $virtual_alias_domains, or
 /*	$virtual_mailbox_domains).
 /*	The \fIrelay_domains_reject_code\fR configuration parameter specifies
 /*	the reject status code (default: 554).
@@ -3853,7 +3855,7 @@ static int check_rcpt_maps(SMTPD_STATE *state, const char *recipient,
 
 	/*
 	 * Reject mail to unknown addresses in local domains (domains that
-	 * match $mydestination or $inet_interfaces).
+	 * match $mydestination or ${proxy,inet}_interfaces).
 	 */
     case RESOLVE_CLASS_LOCAL:
 	if (*var_local_rcpt_maps
diff --git a/postfix/src/trivial-rewrite/resolve.c b/postfix/src/trivial-rewrite/resolve.c
index cde47cc2c..26b95bca1 100644
--- a/postfix/src/trivial-rewrite/resolve.c
+++ b/postfix/src/trivial-rewrite/resolve.c
@@ -510,8 +510,8 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
      * 
      * XXX We depend on this mechanism to enforce per-recipient concurrencies
      * for local recipients. With "local_transport = local:$myhostname" we
-     * force mail for any domain in $mydestination/$inet_interfaces to share
-     * the same queue.
+     * force mail for any domain in $mydestination/${proxy,inet}_interfaces
+     * to share the same queue.
      */
     if ((destination = split_at(STR(channel), ':')) != 0 && *destination)
 	vstring_strcpy(nexthop, destination);
diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c
index b43249cda..daded3b59 100644
--- a/postfix/src/trivial-rewrite/trivial-rewrite.c
+++ b/postfix/src/trivial-rewrite/trivial-rewrite.c
@@ -35,8 +35,7 @@
 /*	This may be overruled with the optional transport(5) table.
 /*	The default delivery method is selected by matching the
 /*	recipient address domain against one of the following:
-/* .IP \fB$mydestination\fR
-/* .IP \fB$inet_interfaces\fR
+/* .IP "\fB$mydestination\fR, \fB$inet_interfaces\fR, \fB$proxy_interfaces\fR"
 /*	The transport and optional nexthop
 /*	are specified with \fB$local_transport\fR.
 /*	The default nexthop is the recipient domain.
@@ -96,6 +95,7 @@
 /* .IP \fBempty_address_recipient\fR
 /*	The recipient that is substituted for the null address.
 /* .IP \fBinet_interfaces\fR
+/* .IP \fBproxy_interfaces\fR
 /*	The network interfaces that this mail system receives mail on.
 /*	This information is used to determine if
 /*	\fIuser\fR@[\fInet.work.addr.ess\fR] is local or remote.
@@ -135,8 +135,8 @@
 /* .ad
 /* .fi
 /* .IP \fBlocal_transport\fR
-/*	Where to deliver mail for destinations that match \fB$mydestination\fR
-/*	or \fB$inet_interfaces\fR.
+/*	Where to deliver mail for destinations that match \fB$mydestination\fR,
+/*	\fB$inet_interfaces\fR or \fB$proxy_interfaces\fR.
 /*	The default transport is \fBlocal:$myhostname\fR.
 /* .sp
 /*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
@@ -177,9 +177,9 @@
 /* .SH Address verification
 /* .ad
 /* .fi
-/*	By default, address verification probes use the same route 
+/*	By default, address verification probes use the same route
 /*	as regular mail. To override specific aspects of message
-/*	routing for address verification probes, specify one or more 
+/*	routing for address verification probes, specify one or more
 /*	of the following:
 /*	\fBaddress_verify_local_transport\fR,
 /*	\fBaddress_verify_virtual_transport\fR,
@@ -350,11 +350,11 @@ static void pre_jail_init(char *unused_name, char **unused_argv)
     if (*RES_PARAM_VALUE(resolve_regular.transport_maps))
 	resolve_regular.transport_info =
 	    transport_pre_init(resolve_regular.transport_maps_name,
-			       RES_PARAM_VALUE(resolve_regular.transport_maps));
+			   RES_PARAM_VALUE(resolve_regular.transport_maps));
     if (*RES_PARAM_VALUE(resolve_verify.transport_maps))
 	resolve_verify.transport_info =
 	    transport_pre_init(resolve_verify.transport_maps_name,
-			       RES_PARAM_VALUE(resolve_verify.transport_maps));
+			    RES_PARAM_VALUE(resolve_verify.transport_maps));
 }
 
 /* post_jail_init - initialize after entering chroot jail */