From: Wietse Venema Date: Sun, 6 Nov 2011 05:00:00 +0000 (-0500) Subject: postfix-2.9-20111106 X-Git-Tag: v2.9.0-RC1~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e45fb4ab5172509d3c6743f06d4f107916536f6;p=thirdparty%2Fpostfix.git postfix-2.9-20111106 --- diff --git a/postfix/.indent.pro b/postfix/.indent.pro index 560988d1e..48488243b 100644 --- a/postfix/.indent.pro +++ b/postfix/.indent.pro @@ -108,6 +108,7 @@ -TDSN_BUF -TDSN_SPLIT -TDSN_STAT +-TDYNAMIC_TABLE -TEDIT_FILE -TEVENT_MASK -TEXPAND_ATTR diff --git a/postfix/HISTORY b/postfix/HISTORY index 71df8695f..72d11daa4 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -17025,10 +17025,30 @@ Apologies for any names omitted. Bugfix (introduced: Postfix 2.8): postscreen sent non-compliant SMTP responses (220- followed by 421) when it could not - hand off a connection to a real smtpd process, causing - undefined behavior in the remote SMTP client. The fix - redirects the client to the dummy SMTP engine which sends - the 421 reply at the first legitimate opportunity. Problem - reported by Ralf Hildebrandt. Files: postscreen/postscreen_send.c, + hand off a connection to a real smtpd process, causing some + remote SMTP clients to bounce mail. The fix redirects the + client to the dummy SMTP engine which sends the 421 reply + at the first legitimate opportunity. Problem reported by + Ralf Hildebrandt. Files: postscreen/postscreen_send.c, postscreen/postscreen_smtpd.c, postscreen/postscreen.h. +20111102 + + Workaround: to improve inter-operability with broken remote + SMTP servers, the Postfix SMTP client by default no longer + appends the "AUTH=<>" option to the MAIL FROM command. + Specify "smtp_send_dummy_mail_auth = yes" to restore the + old behavior. + +20111106 + + Feature: "postconf -M" support to show Postfix's idea of + what is in the master.cf file. File: postconf/postconf.c. + + Work in progress: extract mail delivery transport names + from master.cf, and provide better postconf(1) support to + manipulate main.cf parameters with transport-dependent + names. + + Feature: postconf "-f" option to "nicely" format long lines + from main.cf or master.cf. File: postconf/postconf.c. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index a021021b3..a813583f2 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -14,7 +14,15 @@ specifies the release date of a stable release or snapshot release. If you upgrade from Postfix 2.7 or earlier, read RELEASE_NOTES-2.8 before proceeding. -Incompatible changes with snapshot 201110XX +Incompatible changes with snapshot 20111106 +=========================================== + +To work around broken remote SMTP servers, the Postfix SMTP client +by default no longer appends the "AUTH=<>" option to the MAIL FROM +command. Specify "smtp_send_dummy_mail_auth = yes" to restore the +old behavior. + +Incompatible changes with snapshot 20111012 =========================================== For consistency with the SMTP standard, the smtp_line_length_limit diff --git a/postfix/html/lmtp.8.html b/postfix/html/lmtp.8.html index 479bf42b2..cdaee931f 100644 --- a/postfix/html/lmtp.8.html +++ b/postfix/html/lmtp.8.html @@ -168,7 +168,7 @@ SMTP(8) SMTP(8) Defer mail delivery when no MX record resolves to an IP address. - smtp_line_length_limit (990) + smtp_line_length_limit (998) The maximal length of message header and body lines that Postfix will send via SMTP. @@ -305,6 +305,11 @@ SMTP(8) SMTP(8) SMTP message content line, or TLS protocol mes- sage). + smtp_send_dummy_mail_auth (no) + Whether or not to append the "AUTH=<>" option to + the MAIL FROM command in SASL-authenticated SMTP + sessions. + MIME PROCESSING CONTROLS Available in Postfix version 2.0 and later: @@ -388,6 +393,13 @@ SMTP(8) SMTP(8) delivery instead of returning mail as undeliver- able. + Available in Postfix version 2.9 and later: + + smtp_send_dummy_mail_auth (no) + Whether or not to append the "AUTH=<>" option to + the MAIL FROM command in SASL-authenticated SMTP + sessions. + STARTTLS SUPPORT CONTROLS Detailed information about STARTTLS configuration may be found in the TLS_README document. diff --git a/postfix/html/mailq.1.html b/postfix/html/mailq.1.html index 9cec093fd..3b6255593 100644 --- a/postfix/html/mailq.1.html +++ b/postfix/html/mailq.1.html @@ -324,7 +324,7 @@ SENDMAIL(1) SENDMAIL(1) COMPATIBILITY CONTROLS Available with Postfix 2.9 and later: - sendmail_fix_line_endings (always) + sendmail_fix_line_endings (always) Controls how the Postfix sendmail command converts email message line endings from <CR><LF> into UNIX format (<LF>). diff --git a/postfix/html/newaliases.1.html b/postfix/html/newaliases.1.html index 9cec093fd..3b6255593 100644 --- a/postfix/html/newaliases.1.html +++ b/postfix/html/newaliases.1.html @@ -324,7 +324,7 @@ SENDMAIL(1) SENDMAIL(1) COMPATIBILITY CONTROLS Available with Postfix 2.9 and later: - sendmail_fix_line_endings (always) + sendmail_fix_line_endings (always) Controls how the Postfix sendmail command converts email message line endings from <CR><LF> into UNIX format (<LF>). diff --git a/postfix/html/postconf.1.html b/postfix/html/postconf.1.html index ea7d04144..34c1219e4 100644 --- a/postfix/html/postconf.1.html +++ b/postfix/html/postconf.1.html @@ -10,9 +10,9 @@ POSTCONF(1) POSTCONF(1) postconf - Postfix configuration utility SYNOPSIS - postconf [-dhnv] [-c config_dir] [parameter ...] + postconf [-dfhnv] [-c config_dir] [parameter ...] - postconf [-aAmlv] [-c config_dir] + postconf [-aAflmMv] [-c config_dir] postconf [-ev] [-c config_dir] [parameter=value ...] @@ -21,10 +21,10 @@ POSTCONF(1) POSTCONF(1) postconf [-btv] [-c config_dir] [template_file] DESCRIPTION - The postconf(1) command displays the values of configura- - tion parameters by default. It can also change parameter - values, or display other configuration information about - the Postfix mail system. + The postconf(1) command displays the values of main.cf + configuration parameters by default. It can also change + parameter values, or display other configuration informa- + tion about the Postfix mail system. Options: @@ -62,7 +62,7 @@ POSTCONF(1) POSTCONF(1) sages, with $name expressions replaced by actual values. To override the built-in message text, specify a template file at the end of the command - line, or specify a template file in main.cf with + line, or specify a template file in main.cf with the bounce_template_file parameter. To force selection of the built-in message text templates, specify an empty template file name (in shell lan- @@ -76,8 +76,8 @@ POSTCONF(1) POSTCONF(1) directory instead of the default configuration directory. - -d Print default parameter settings instead of actual - settings. + -d Print main.cf default parameter settings instead of + actual settings. -e Edit the main.cf configuration file. The file is copied to a temporary file then renamed into place. @@ -88,8 +88,16 @@ POSTCONF(1) POSTCONF(1) With Postfix version 2.8 and later, the -e is no longer needed. - -h Show parameter values only; do not prepend the - "name = " label that normally precedes the value. + -f When printing main.cf or master.cf configuration + file entries, fold long lines for human readabil- + ity. + + This feature is available with Postfix 2.9 and + later. + + -h Show main.cf parameter values only; do not prepend + the "name = " label that normally precedes the + value. -l List the names of all supported mailbox locking methods. Postfix supports the following methods: @@ -219,15 +227,21 @@ POSTCONF(1) POSTCONF(1) Other table types may exist depending on how Post- fix was built. - -n Print parameter settings that are not left at their - built-in default value, because they are explicitly - specified in main.cf. + -M Show master.cf file contents instead of main.cf + file contents. Combine with -f to fold long lines + for human readability. + + This feature is available with Postfix 2.9 and + later. + + -n Print main.cf parameter settings that are explic- + itly specified in main.cf. -t [template_file] Display the templates for delivery status notifica- tion (DSN) messages. To override the built-in tem- plates, specify a template file at the end of the - command line, or specify a template file in main.cf + command line, or specify a template file in main.cf with the bounce_template_file parameter. To force selection of the built-in templates, specify an empty template file name (in shell language: ""). diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 45d1e652c..35aa2c307 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -4431,6 +4431,17 @@ for authentication. The available types are listed with the

This feature is available in Postfix 2.3 and later.

+ + +
lmtp_send_dummy_mail_auth +(default: no)
+ +

The LMTP-specific version of the smtp_send_dummy_mail_auth +configuration parameter. See there for details.

+ +

This feature is available in Postfix 2.9 and later.

+ +
lmtp_send_xforward_command @@ -10251,6 +10262,20 @@ for authentication. The available types are listed with the

This feature is available in Postfix 2.3 and later.

+ + +
smtp_send_dummy_mail_auth +(default: no)
+ +

Whether or not to append the "AUTH=<>" option to the MAIL +FROM command in SASL-authenticated SMTP sessions. The default is +not to send this, to avoid problems with broken remote SMTP servers. +Before Postfix 2.9 the behavior is as if "smtp_send_dummy_mail_auth += yes". + +

This feature is available in Postfix 2.9 and later.

+ +
smtp_send_xforward_command @@ -13266,8 +13291,8 @@ code for rejected requests (default: 554).
reject_unknown_recipient_domain
Reject the request when Postfix is not final destination for -the recipient domain, and the RCPT TO domain has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the recipient domain, and the RCPT TO domain has 1) no DNS A or MX +record or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later).
The unknown_address_reject_code parameter specifies the numerical response code for rejected requests (default: 450). The response @@ -13888,8 +13913,8 @@ Postfix version 2.1 and later.
reject_unknown_sender_domain
Reject the request when Postfix is not final destination for -the sender address, and the MAIL FROM address has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the sender address, and the MAIL FROM domain has 1) no DNS A or MX +record, or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later).
The unknown_address_reject_code parameter specifies the numerical response code for rejected requests (default: 450). The response diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index 9cec093fd..3b6255593 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -324,7 +324,7 @@ SENDMAIL(1) SENDMAIL(1) COMPATIBILITY CONTROLS Available with Postfix 2.9 and later: - sendmail_fix_line_endings (always) + sendmail_fix_line_endings (always) Controls how the Postfix sendmail command converts email message line endings from <CR><LF> into UNIX format (<LF>). diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html index 479bf42b2..cdaee931f 100644 --- a/postfix/html/smtp.8.html +++ b/postfix/html/smtp.8.html @@ -168,7 +168,7 @@ SMTP(8) SMTP(8) Defer mail delivery when no MX record resolves to an IP address. - smtp_line_length_limit (990) + smtp_line_length_limit (998) The maximal length of message header and body lines that Postfix will send via SMTP. @@ -305,6 +305,11 @@ SMTP(8) SMTP(8) SMTP message content line, or TLS protocol mes- sage). + smtp_send_dummy_mail_auth (no) + Whether or not to append the "AUTH=<>" option to + the MAIL FROM command in SASL-authenticated SMTP + sessions. + MIME PROCESSING CONTROLS Available in Postfix version 2.0 and later: @@ -388,6 +393,13 @@ SMTP(8) SMTP(8) delivery instead of returning mail as undeliver- able. + Available in Postfix version 2.9 and later: + + smtp_send_dummy_mail_auth (no) + Whether or not to append the "AUTH=<>" option to + the MAIL FROM command in SASL-authenticated SMTP + sessions. + STARTTLS SUPPORT CONTROLS Detailed information about STARTTLS configuration may be found in the TLS_README document. diff --git a/postfix/man/man1/postconf.1 b/postfix/man/man1/postconf.1 index eed34eb54..af9b6cf32 100644 --- a/postfix/man/man1/postconf.1 +++ b/postfix/man/man1/postconf.1 @@ -9,10 +9,10 @@ Postfix configuration utility .na .nf .fi -\fBpostconf\fR [\fB-dhnv\fR] [\fB-c \fIconfig_dir\fR] +\fBpostconf\fR [\fB-dfhnv\fR] [\fB-c \fIconfig_dir\fR] [\fIparameter ...\fR] -\fBpostconf\fR [\fB-aAmlv\fR] [\fB-c \fIconfig_dir\fR] +\fBpostconf\fR [\fB-aAflmMv\fR] [\fB-c \fIconfig_dir\fR] \fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR] [\fIparameter=value ...\fR] @@ -24,7 +24,7 @@ Postfix configuration utility .SH DESCRIPTION .ad .fi -The \fBpostconf\fR(1) command displays the values of +The \fBpostconf\fR(1) command displays the values of \fBmain.cf\fR configuration parameters by default. It can also change parameter values, or display other configuration information about the Postfix mail system. @@ -63,7 +63,7 @@ Display the message text that appears at the beginning of delivery status notification (DSN) messages, with $\fBname\fR expressions replaced by actual values. To override the built-in message text, specify a template file at the end -of the command line, or specify a template file in main.cf +of the command line, or specify a template file in \fBmain.cf\fR with the \fBbounce_template_file\fR parameter. To force selection of the built-in message text templates, specify an empty template file name (in shell language: ""). @@ -73,7 +73,8 @@ This feature is available with Postfix 2.3 and later. The \fBmain.cf\fR configuration file is in the named directory instead of the default configuration directory. .IP \fB-d\fR -Print default parameter settings instead of actual settings. +Print \fBmain.cf\fR default parameter settings instead of +actual settings. .IP \fB-e\fR Edit the \fBmain.cf\fR configuration file. The file is copied to a temporary file then renamed into place. Parameters and @@ -82,9 +83,14 @@ to protect shell metacharacters and whitespace. With Postfix version 2.8 and later, the \fB-e\fR is no longer needed. +.IP \fB-f\fR +When printing \fBmain.cf\fR or \fBmaster.cf\fR configuration file +entries, fold long lines for human readability. + +This feature is available with Postfix 2.9 and later. .IP \fB-h\fR -Show parameter values only; do not prepend the "\fIname = -\fR" label that normally precedes the value. +Show \fBmain.cf\fR parameter values only; do not prepend +the "\fIname = \fR" label that normally precedes the value. .IP \fB-l\fR List the names of all supported mailbox locking methods. Postfix supports the following methods: @@ -183,14 +189,20 @@ The result is a group file entry in \fBgroup\fR(5) format. .RE .IP Other table types may exist depending on how Postfix was built. +.IP \fB-M\fR +Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR +file contents. Combine with \fB-f\fR to fold long lines +for human readability. + +This feature is available with Postfix 2.9 and later. .IP \fB-n\fR -Print parameter settings that are not left at their built-in -default value, because they are explicitly specified in main.cf. +Print \fBmain.cf\fR parameter settings that are explicitly +specified in \fBmain.cf\fR. .IP "\fB-t\fR [\fItemplate_file\fR]" Display the templates for delivery status notification (DSN) messages. To override the built-in templates, specify a template file at the end of the command line, or specify a -template file in main.cf with the \fBbounce_template_file\fR +template file in \fBmain.cf\fR with the \fBbounce_template_file\fR parameter. To force selection of the built-in templates, specify an empty template file name (in shell language: ""). diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index c2b6dee9e..efb99f01e 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -2465,6 +2465,11 @@ for authentication. The available types are listed with the "\fBpostconf -A\fR" command. .PP This feature is available in Postfix 2.3 and later. +.SH lmtp_send_dummy_mail_auth (default: no) +The LMTP-specific version of the smtp_send_dummy_mail_auth +configuration parameter. See there for details. +.PP +This feature is available in Postfix 2.9 and later. .SH lmtp_send_xforward_command (default: no) Send an XFORWARD command to the LMTP server when the LMTP LHLO server response announces XFORWARD support. This allows an \fBlmtp\fR(8) @@ -6005,6 +6010,14 @@ for authentication. The available types are listed with the "\fBpostconf -A\fR" command. .PP This feature is available in Postfix 2.3 and later. +.SH smtp_send_dummy_mail_auth (default: no) +Whether or not to append the "AUTH=<>" option to the MAIL +FROM command in SASL-authenticated SMTP sessions. The default is +not to send this, to avoid problems with broken remote SMTP servers. +Before Postfix 2.9 the behavior is as if "smtp_send_dummy_mail_auth += yes". +.PP +This feature is available in Postfix 2.9 and later. .SH smtp_send_xforward_command (default: no) Send the non-standard XFORWARD command when the Postfix SMTP server EHLO response announces XFORWARD support. @@ -8307,8 +8320,8 @@ no sender-specified routing (user@elsewhere@domain). code for rejected requests (default: 554). .IP "\fBreject_unknown_recipient_domain\fR" Reject the request when Postfix is not final destination for -the recipient domain, and the RCPT TO domain has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the recipient domain, and the RCPT TO domain has 1) no DNS A or MX +record or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later). .br The @@ -8749,8 +8762,8 @@ unauthenticated clients only. This feature is available in Postfix version 2.1 and later. .IP "\fBreject_unknown_sender_domain\fR" Reject the request when Postfix is not final destination for -the sender address, and the MAIL FROM address has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the sender address, and the MAIL FROM domain has 1) no DNS A or MX +record, or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later). .br The diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8 index 2c9fc2675..89cb0ece4 100644 --- a/postfix/man/man8/smtp.8 +++ b/postfix/man/man8/smtp.8 @@ -164,7 +164,7 @@ Always send EHLO at the start of an SMTP session. Never send EHLO at the start of an SMTP session. .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR" Defer mail delivery when no MX record resolves to an IP address. -.IP "\fBsmtp_line_length_limit (990)\fR" +.IP "\fBsmtp_line_length_limit (998)\fR" The maximal length of message header and body lines that Postfix will send via SMTP. .IP "\fBsmtp_pix_workaround_delay_time (10s)\fR" @@ -263,6 +263,9 @@ Change the behavior of the smtp_*_timeout time limits, from a time limit per read or write system call, to a time limit to send or receive a complete record (an SMTP command line, SMTP response line, SMTP message content line, or TLS protocol message). +.IP "\fBsmtp_send_dummy_mail_auth (no)\fR" +Whether or not to append the "AUTH=<>" option to the MAIL +FROM command in SASL-authenticated SMTP sessions. .SH "MIME PROCESSING CONTROLS" .na .nf @@ -333,6 +336,11 @@ is removed. When a remote SMTP server rejects a SASL authentication request with a 535 reply code, defer mail delivery instead of returning mail as undeliverable. +.PP +Available in Postfix version 2.9 and later: +.IP "\fBsmtp_send_dummy_mail_auth (no)\fR" +Whether or not to append the "AUTH=<>" option to the MAIL +FROM command in SASL-authenticated SMTP sessions. .SH "STARTTLS SUPPORT CONTROLS" .na .nf diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index cbb5167b7..82c47044c 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -410,6 +410,7 @@ while (<>) { s;\bsender_de[-]*\n* *[]*pendent_relay[-]*\n*[ ]*host_maps\b;$&;g; s;\bempty_address_relayhost_maps_lookup_key\b;$&;g; s;\bsendmail_path\b;$&;g; + s;\bsendmail_fix_line_endings\b;$&;g; s;\bservice_throttle_time\b;$&;g; s;\bsetgid_group\b;$&;g; @@ -632,6 +633,7 @@ while (<>) { s;\bsmtp_reply_filter\b;$&;g; s;\bsmtp_address_preference\b;$&;g; s;\bsmtp_per_record_deadline\b;$&;g; + s;\bsmtp_send_dummy_mail_auth\b;$&;g; s;\bsmtpd_enforce_tls\b;$&;g; s;\bsmtpd_sasl_tls_security_options\b;$&;g; s;\bsmtpd_sasl_type\b;$&;g; diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index e25f9c6b0..7b55f390a 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -5754,8 +5754,8 @@ code for rejected requests (default: 554).
reject_unknown_recipient_domain
Reject the request when Postfix is not final destination for -the recipient domain, and the RCPT TO domain has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the recipient domain, and the RCPT TO domain has 1) no DNS A or MX +record or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later).
The unknown_address_reject_code parameter specifies the numerical response code for rejected requests (default: 450). The response @@ -6128,8 +6128,8 @@ Postfix version 2.1 and later.
reject_unknown_sender_domain
Reject the request when Postfix is not final destination for -the sender address, and the MAIL FROM address has no DNS A or MX -record, or when it has a malformed MX record such as a record with +the sender address, and the MAIL FROM domain has 1) no DNS A or MX +record, or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later).
The unknown_address_reject_code parameter specifies the numerical response code for rejected requests (default: 450). The response @@ -14231,3 +14231,20 @@ Postfix 2.8 and earlier.

This feature is available in Postfix 2.9 and later.

+ +%PARAM smtp_send_dummy_mail_auth no + +

Whether or not to append the "AUTH=<>" option to the MAIL +FROM command in SASL-authenticated SMTP sessions. The default is +not to send this, to avoid problems with broken remote SMTP servers. +Before Postfix 2.9 the behavior is as if "smtp_send_dummy_mail_auth += yes". + +

This feature is available in Postfix 2.9 and later.

+ +%PARAM lmtp_send_dummy_mail_auth no + +

The LMTP-specific version of the smtp_send_dummy_mail_auth +configuration parameter. See there for details.

+ +

This feature is available in Postfix 2.9 and later.

diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index ff2be2ebf..d551df81e 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -1603,6 +1603,10 @@ extern char *var_smtp_sasl_tls_opts; #define DEF_LMTP_SASL_TLSV_OPTS "$" VAR_LMTP_SASL_TLS_OPTS extern char *var_smtp_sasl_tlsv_opts; +#define VAR_SMTP_DUMMY_MAIL_AUTH "smtp_send_dummy_mail_auth" +#define DEF_SMTP_DUMMY_MAIL_AUTH 0 +extern bool var_smtp_dummy_mail_auth; + /* * LMTP server. The soft error limit determines how many errors an LMTP * client may make before we start to slow down; the hard error limit @@ -1670,6 +1674,10 @@ extern char *var_lmtp_sasl_opts; #define DEF_LMTP_SASL_PATH "" extern char *var_lmtp_sasl_path; +#define VAR_LMTP_DUMMY_MAIL_AUTH "lmtp_send_dummy_mail_auth" +#define DEF_LMTP_DUMMY_MAIL_AUTH 0 +extern bool var_lmtp_dummy_mail_auth; + /* * SASL-based relay etc. control. */ diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 75dfe5cb1..6200634bb 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20111025" +#define MAIL_RELEASE_DATE "20111106" #define MAIL_VERSION_NUMBER "2.9" #ifdef SNAPSHOT diff --git a/postfix/src/postconf/Makefile.in b/postfix/src/postconf/Makefile.in index 220c089e0..a6716db83 100644 --- a/postfix/src/postconf/Makefile.in +++ b/postfix/src/postconf/Makefile.in @@ -105,6 +105,7 @@ postconf.o: ../../include/msg_vstream.h postconf.o: ../../include/myflock.h postconf.o: ../../include/mymalloc.h postconf.o: ../../include/mynetworks.h +postconf.o: ../../include/readlline.h postconf.o: ../../include/safe.h postconf.o: ../../include/split_at.h postconf.o: ../../include/stringops.h diff --git a/postfix/src/postconf/postconf.c b/postfix/src/postconf/postconf.c index 6acedeff4..e30ced0dc 100644 --- a/postfix/src/postconf/postconf.c +++ b/postfix/src/postconf/postconf.c @@ -5,10 +5,10 @@ /* Postfix configuration utility /* SYNOPSIS /* .fi -/* \fBpostconf\fR [\fB-dhnv\fR] [\fB-c \fIconfig_dir\fR] +/* \fBpostconf\fR [\fB-dfhnv\fR] [\fB-c \fIconfig_dir\fR] /* [\fIparameter ...\fR] /* -/* \fBpostconf\fR [\fB-aAmlv\fR] [\fB-c \fIconfig_dir\fR] +/* \fBpostconf\fR [\fB-aAflmMv\fR] [\fB-c \fIconfig_dir\fR] /* /* \fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR] /* [\fIparameter=value ...\fR] @@ -18,7 +18,7 @@ /* /* \fBpostconf\fR [\fB-btv\fR] [\fB-c \fIconfig_dir\fR] [\fItemplate_file\fR] /* DESCRIPTION -/* The \fBpostconf\fR(1) command displays the values of +/* The \fBpostconf\fR(1) command displays the values of \fBmain.cf\fR /* configuration parameters by default. It can also change /* parameter values, or display other configuration information /* about the Postfix mail system. @@ -57,7 +57,7 @@ /* delivery status notification (DSN) messages, with $\fBname\fR /* expressions replaced by actual values. To override the /* built-in message text, specify a template file at the end -/* of the command line, or specify a template file in main.cf +/* of the command line, or specify a template file in \fBmain.cf\fR /* with the \fBbounce_template_file\fR parameter. /* To force selection of the built-in message text templates, /* specify an empty template file name (in shell language: ""). @@ -67,7 +67,8 @@ /* The \fBmain.cf\fR configuration file is in the named directory /* instead of the default configuration directory. /* .IP \fB-d\fR -/* Print default parameter settings instead of actual settings. +/* Print \fBmain.cf\fR default parameter settings instead of +/* actual settings. /* .IP \fB-e\fR /* Edit the \fBmain.cf\fR configuration file. The file is copied /* to a temporary file then renamed into place. Parameters and @@ -76,9 +77,14 @@ /* /* With Postfix version 2.8 and later, the \fB-e\fR is no /* longer needed. +/* .IP \fB-f\fR +/* When printing \fBmain.cf\fR or \fBmaster.cf\fR configuration file +/* entries, fold long lines for human readability. +/* +/* This feature is available with Postfix 2.9 and later. /* .IP \fB-h\fR -/* Show parameter values only; do not prepend the "\fIname = -/* \fR" label that normally precedes the value. +/* Show \fBmain.cf\fR parameter values only; do not prepend +/* the "\fIname = \fR" label that normally precedes the value. /* .IP \fB-l\fR /* List the names of all supported mailbox locking methods. /* Postfix supports the following methods: @@ -177,14 +183,20 @@ /* .RE /* .IP /* Other table types may exist depending on how Postfix was built. +/* .IP \fB-M\fR +/* Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR +/* file contents. Combine with \fB-f\fR to fold long lines +/* for human readability. +/* +/* This feature is available with Postfix 2.9 and later. /* .IP \fB-n\fR -/* Print parameter settings that are not left at their built-in -/* default value, because they are explicitly specified in main.cf. +/* Print \fBmain.cf\fR parameter settings that are explicitly +/* specified in \fBmain.cf\fR. /* .IP "\fB-t\fR [\fItemplate_file\fR]" /* Display the templates for delivery status notification (DSN) /* messages. To override the built-in templates, specify a /* template file at the end of the command line, or specify a -/* template file in main.cf with the \fBbounce_template_file\fR +/* template file in \fBmain.cf\fR with the \fBbounce_template_file\fR /* parameter. To force selection of the built-in templates, /* specify an empty template file name (in shell language: /* ""). @@ -279,6 +291,7 @@ #include #include #include +#include /* Global library. */ @@ -305,10 +318,12 @@ #define SHOW_MAPS (1<<3) /* show map types */ #define EDIT_MAIN (1<<4) /* edit main.cf */ #define SHOW_LOCKS (1<<5) /* show mailbox lock methods */ -#define SHOW_EVAL (1<<6) /* expand right-hand sides */ +#define SHOW_EVAL (1<<6) /* expand main.cf right-hand sides */ #define SHOW_SASL_SERV (1<<7) /* show server auth plugin types */ #define SHOW_SASL_CLNT (1<<8) /* show client auth plugin types */ #define COMMENT_OUT (1<<9) /* #-out selected main.cf entries */ +#define SHOW_MASTER (1<<10) /* show master.cf entries */ +#define FOLD_LINE (1<<11) /* fold long *.cf entries */ /* * Lookup table for in-core parameter info. @@ -320,6 +335,11 @@ HTABLE *param_table; */ DICT *text_table; + /* + * Lookup table for master.cf info. + */ +ARGV **master_table; + /* * Declarations generated by scanning actual C source files. */ @@ -404,6 +424,14 @@ static const CONFIG_STR_FN_TABLE str_fn_table_2[] = { 0, }; + /* + * Line-wrapping support. + */ +#define LINE_LIMIT 80 /* try to fold longer lines */ +#define SEPARATORS " \t\r\n" +#define INDENT_LEN 4 /* indent long text by 4 */ +#define INDENT_TEXT " " + /* * XXX Global so that call-backs can see it. */ @@ -730,6 +758,104 @@ static void hash_parameters(void) htable_enter(param_table, lst->name, (char *) lst); } +/* read_master - read and digest the master.cf file */ + +static void read_master(void) +{ + char *path = concatenate(var_config_dir, "/", MASTER_CONF_FILE, (char *) 0); + VSTRING *buf = vstring_alloc(100); + ARGV *argv; + VSTREAM *fp; + int entry_count = 0; + int line_count = 0; + + /* + * We can't use the master_ent routines in their current form. They + * convert everything to internal form, and they skip disabled services. + * We need to be able to show default fields as "-", and we need to know + * about all service names so that we can generate dynamic parameter + * names (transport-dependent etc.). + */ +#define MASTER_BLANKS " \t\r\n" /* XXX */ +#define MASTER_FIELD_COUNT 8 /* XXX */ + + /* + * Initialize the in-memory master table. + */ + master_table = (ARGV **) mymalloc(sizeof(*master_table)); + + /* + * Skip blank lines and comment lines. + */ + if ((fp = vstream_fopen(path, O_RDONLY, 0)) == 0) + msg_fatal("open %s: %m", path); + while (readlline(buf, fp, &line_count) != 0) { + master_table = (ARGV **) myrealloc((char *) master_table, + (entry_count + 2) * sizeof(*master_table)); + argv = argv_split(STR(buf), MASTER_BLANKS); + if (argv->argc < MASTER_FIELD_COUNT) + msg_fatal("file %s: line %d: bad field count", path, line_count); + master_table[entry_count++] = argv; + } + master_table[entry_count] = 0; + vstream_fclose(fp); + myfree(path); + vstring_free(buf); +} + +/* print_line - show line possibly folded, and with normalized whitespace */ + +static void print_line(int mode, const char *fmt,...) +{ + va_list ap; + static VSTRING *buf = 0; + char *start; + char *next; + int line_len = 0; + int word_len; + + /* + * One-off initialization. + */ + if (buf == 0) + buf = vstring_alloc(100); + + /* + * Format the text. + */ + va_start(ap, fmt); + vstring_vsprintf(buf, fmt, ap); + va_end(ap); + + /* + * Normalize the whitespace. We don't use the line_wrap() routine because + * 1) that function does not normalize whitespace between words and 2) we + * want to normalize whitespace even when not wrapping lines. + * + * XXX Some parameters preserve whitespace: for example, smtpd_banner and + * smtpd_reject_footer. If we have to preserve whitespace between words, + * then perhaps readlline() can be changed to canonicalize whitespace + * that follows a newline. + */ + for (start = STR(buf); *(start += strspn(start, SEPARATORS)) != 0; start = next) { + word_len = strcspn(start, SEPARATORS); + if (*(next = start + word_len) != 0) + *next++ = 0; + if (word_len > 0 && line_len > 0) { + if ((mode & FOLD_LINE) == 0 || line_len + word_len < LINE_LIMIT) { + vstream_fputs(" ", VSTREAM_OUT); + line_len += 1; + } else { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + } + } + vstream_fputs(start, VSTREAM_OUT); + line_len += word_len; + } + vstream_fputs("\n", VSTREAM_OUT); +} + /* show_strval - show string-valued parameter */ static void show_strval(int mode, const char *name, const char *value) @@ -738,9 +864,9 @@ static void show_strval(int mode, const char *name, const char *value) value = mail_conf_eval(value); if (mode & SHOW_NAME) { - vstream_printf("%s = %s\n", name, value); + print_line(mode, "%s = %s\n", name, value); } else { - vstream_printf("%s\n", value); + print_line(mode, "%s\n", value); } } @@ -749,9 +875,9 @@ static void show_strval(int mode, const char *name, const char *value) static void show_intval(int mode, const char *name, int value) { if (mode & SHOW_NAME) { - vstream_printf("%s = %d\n", name, value); + print_line(mode, "%s = %d\n", name, value); } else { - vstream_printf("%d\n", value); + print_line(mode, "%d\n", value); } } @@ -760,9 +886,9 @@ static void show_intval(int mode, const char *name, int value) static void show_longval(int mode, const char *name, long value) { if (mode & SHOW_NAME) { - vstream_printf("%s = %ld\n", name, value); + print_line(mode, "%s = %ld\n", name, value); } else { - vstream_printf("%ld\n", value); + print_line(mode, "%ld\n", value); } } @@ -906,7 +1032,7 @@ static void print_str_fn_2(int mode, CONFIG_STR_FN_TABLE *csft) /* print_raw - print raw string parameter */ -static void print_raw(int mode, CONFIG_RAW_TABLE * rst) +static void print_raw(int mode, CONFIG_RAW_TABLE *rst) { const char *value; @@ -933,7 +1059,7 @@ static void print_raw(int mode, CONFIG_RAW_TABLE * rst) /* print_nint - print new integer parameter */ -static void print_nint(int mode, CONFIG_NINT_TABLE * rst) +static void print_nint(int mode, CONFIG_NINT_TABLE *rst) { const char *value; @@ -960,7 +1086,7 @@ static void print_nint(int mode, CONFIG_NINT_TABLE * rst) /* print_nbool - print new boolean parameter */ -static void print_nbool(int mode, CONFIG_NBOOL_TABLE * bst) +static void print_nbool(int mode, CONFIG_NBOOL_TABLE *bst) { const char *value; @@ -1078,6 +1204,107 @@ static void show_locks(void) argv_free(locks_argv); } +/* show_master - show master.cf entries */ + +static void show_master(int mode) +{ + ARGV **argvp; + ARGV *argv; + char *arg; + char *aval; + int line_len; + int field; + int in_daemon_options; + static int column_goal[] = { + 0, /* service */ + 11, /* type */ + 17, /* private */ + 25, /* unpriv */ + 33, /* chroot */ + 41, /* wakeup */ + 49, /* maxproc */ + 57, /* command */ + }; + +#define ADD_TEXT(text, len) do { \ + vstream_fputs(text, VSTREAM_OUT); line_len += len; } \ + while (0) +#define ADD_SPACE ADD_TEXT(" ", 1) + + for (argvp = master_table; (argv = *argvp) != 0; argvp++) { + + /* + * Show the standard fields at their preferred column position. Use + * single-space separation when some field does not fit. + */ + for (line_len = 0, field = 0; field < MASTER_FIELD_COUNT; field++) { + arg = argv->argv[field]; + if (line_len > 0) { + while (line_len < column_goal[field] - 1) + ADD_SPACE; + ADD_SPACE; + } + ADD_TEXT(arg, strlen(arg)); + } + + /* + * Format the daemon command-line options and non-option arguments. + * Here, we have no data-dependent preference for column positions, + * but we do have argument grouping preferences. + */ + in_daemon_options = 1; + for ( /* void */ ; argv->argv[field] != 0; field++) { + arg = argv->argv[field]; + if (in_daemon_options) { + + /* + * Try to show the generic options (-v -D) on the first line, + * and non-options on a later line. + */ + if (arg[0] != '-') { + in_daemon_options = 0; + if ((mode & FOLD_LINE) + && line_len > column_goal[MASTER_FIELD_COUNT - 1]) { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + } + } + + /* + * Try to avoid breaking "-o name=value" over multiple lines + * if it would fit on one line. + */ + else if ((mode & FOLD_LINE) + && line_len > INDENT_LEN && strcmp(arg, "-o") == 0 + && (aval = argv->argv[field + 1]) != 0 + && INDENT_LEN + 3 + strlen(aval) < LINE_LIMIT) { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + ADD_TEXT(arg, strlen(arg)); + arg = aval; + field += 1; + } + } + + /* + * Insert a line break when the next argument won't fit (unless, + * of course, we just inserted a line break). + */ + if (line_len > INDENT_LEN) { + if ((mode & FOLD_LINE) == 0 + || line_len + 1 + strlen(arg) < LINE_LIMIT) { + ADD_SPACE; + } else { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + } + } + ADD_TEXT(arg, strlen(arg)); + } + vstream_fputs("\n", VSTREAM_OUT); + } +} + /* show_sasl - show SASL plug-in types */ static void show_sasl(int what) @@ -1165,7 +1392,7 @@ int main(int argc, char **argv) /* * Parse JCL. */ - while ((ch = GETOPT(argc, argv, "aAbc:deE#hmlntv")) > 0) { + while ((ch = GETOPT(argc, argv, "aAbc:deEf#hlmMntv")) > 0) { switch (ch) { case 'a': cmd_mode |= SHOW_SASL_SERV; @@ -1189,6 +1416,9 @@ int main(int argc, char **argv) case 'e': cmd_mode |= EDIT_MAIN; break; + case 'f': + cmd_mode |= FOLD_LINE; + break; /* * People, this does not work unless you properly handle default @@ -1214,6 +1444,9 @@ int main(int argc, char **argv) case 'm': cmd_mode |= SHOW_MAPS; break; + case 'M': + cmd_mode |= SHOW_MASTER; + break; case 'n': cmd_mode |= SHOW_NONDEF; break; @@ -1227,20 +1460,20 @@ int main(int argc, char **argv) msg_verbose++; break; default: - msg_fatal("usage: %s [-a (server SASL types)] [-A (client SASL types)] [-b (bounce templates)] [-c config_dir] [-d (defaults)] [-e (edit)] [-# (comment-out)] [-h (no names)] [-l (lock types)] [-m (map types)] [-n (non-defaults)] [-v] [name...]", argv[0]); + msg_fatal("usage: %s [-a (server SASL types)] [-A (client SASL types)] [-b (bounce templates)] [-c config_dir] [-d (defaults)] [-e (edit)] [-f (fold lines)] [-# (comment-out)] [-h (no names)] [-l (lock types)] [-m (map types)] [-M (master.cf)] [-n (non-defaults)] [-v] [name...]", argv[0]); } } /* * Sanity check. */ - junk = (cmd_mode & (SHOW_DEFS | SHOW_NONDEF | SHOW_MAPS | SHOW_LOCKS | EDIT_MAIN | SHOW_SASL_SERV | SHOW_SASL_CLNT | COMMENT_OUT)); + junk = (cmd_mode & (SHOW_DEFS | SHOW_NONDEF | SHOW_MAPS | SHOW_LOCKS | EDIT_MAIN | SHOW_SASL_SERV | SHOW_SASL_CLNT | COMMENT_OUT | SHOW_MASTER)); if (junk != 0 && ((junk != SHOW_DEFS && junk != SHOW_NONDEF && junk != SHOW_MAPS && junk != SHOW_LOCKS && junk != EDIT_MAIN && junk != SHOW_SASL_SERV && junk != SHOW_SASL_CLNT - && junk != COMMENT_OUT) + && junk != COMMENT_OUT && junk != SHOW_MASTER) || ext_argv != 0)) - msg_fatal("specify one of -a, -A, -b, -d, -e, -#, -m, -l and -n"); + msg_fatal("specify one of -a, -A, -b, -d, -e, -#, -l, -m, -M and -n"); /* * Display bounce template information and exit. @@ -1278,6 +1511,15 @@ int main(int argc, char **argv) show_locks(); } + /* + * If showing master.cf entries, show them and exit + */ + else if (cmd_mode & SHOW_MASTER) { + mail_conf_read(); + read_master(); + show_master(cmd_mode); + } + /* * If showing SASL plug-in types, show them and exit */ diff --git a/postfix/src/postscreen/postscreen.h b/postfix/src/postscreen/postscreen.h index 3a190f7c3..dda8f3544 100644 --- a/postfix/src/postscreen/postscreen.h +++ b/postfix/src/postscreen/postscreen.h @@ -81,7 +81,7 @@ typedef struct { #define PSC_STATE_FLAG_NEW (1<<3) /* some test was never passed */ #define PSC_STATE_FLAG_BLIST_FAIL (1<<4) /* blacklisted */ #define PSC_STATE_FLAG_HANGUP (1<<5) /* NOT a test failure */ -#define PSC_STATE_FLAG_SMTPD_421 (1<<6) /* hang up after command */ +#define PSC_STATE_FLAG_SMTPD_X21 (1<<6) /* hang up after command */ #define PSC_STATE_FLAG_WLIST_FAIL (1<<7) /* do not whitelist */ /* @@ -435,8 +435,8 @@ extern void psc_smtpd_tests(PSC_STATE *); extern void psc_smtpd_init(void); extern void psc_smtpd_pre_jail_init(void); -#define PSC_SMTPD_421(state, reply) do { \ - (state)->flags |= PSC_STATE_FLAG_SMTPD_421; \ +#define PSC_SMTPD_X21(state, reply) do { \ + (state)->flags |= PSC_STATE_FLAG_SMTPD_X21; \ (state)->final_reply = (reply); \ psc_smtpd_tests(state); \ } while (0) diff --git a/postfix/src/postscreen/postscreen_send.c b/postfix/src/postscreen/postscreen_send.c index bb111965e..cbbbf97c7 100644 --- a/postfix/src/postscreen/postscreen_send.c +++ b/postfix/src/postscreen/postscreen_send.c @@ -35,10 +35,10 @@ /* work is finished including postscreen cache updates. /* /* In case of an immediate error, psc_send_socket() sends a 421 -/* reply to the remote SMTP client and closes the connection -/* if no partial SMTP greeting was sent. Otherwise, it redirects -/* the SMTP client to the dummy protocol engine which sends -/* 421 at the first legitimate opportunity and hangs up. +/* reply to the remote SMTP client and closes the connection. +/* If the 220- greeting was sent, sending 421 would be invalid; +/* instead, the client is redirected to the dummy SMTP engine +/* which sends the 421 reply at the first legitimate opportunity. /* LICENSE /* .ad /* .fi @@ -185,18 +185,13 @@ void psc_send_socket(PSC_STATE *state) * suspicious. Alternatively, we could send attributes along with the * socket with client reputation information, making everything even more * Postfix-specific. - * - * If the operation fails after the partial SMTP handshake was sent, - * redirect the client to the dummy SMTP engine, which finishes the - * partial SMTP handshake sends the bad news after the first client - * command. */ if ((server_fd = PASS_CONNECT(psc_smtpd_service_name, NON_BLOCKING, PSC_SEND_SOCK_CONNECT_TIMEOUT)) < 0) { msg_warn("cannot connect to service %s: %m", psc_smtpd_service_name); if (state->flags & PSC_STATE_FLAG_PREGR_TODO) { - PSC_SMTPD_421(state, "421 4.3.2 No system resources\r\n"); + PSC_SMTPD_X21(state, "421 4.3.2 No system resources\r\n"); } else { PSC_SEND_REPLY(state, "421 4.3.2 All server ports are busy\r\n"); psc_free_session_state(state); @@ -209,7 +204,7 @@ void psc_send_socket(PSC_STATE *state) psc_smtpd_service_name); (void) close(server_fd); if (state->flags & PSC_STATE_FLAG_PREGR_TODO) { - PSC_SMTPD_421(state, "421 4.3.2 No system resources\r\n"); + PSC_SMTPD_X21(state, "421 4.3.2 No system resources\r\n"); } else { PSC_SEND_REPLY(state, "421 4.3.2 No system resources\r\n"); psc_free_session_state(state); diff --git a/postfix/src/postscreen/postscreen_smtpd.c b/postfix/src/postscreen/postscreen_smtpd.c index 67db377f5..3eae5a585 100644 --- a/postfix/src/postscreen/postscreen_smtpd.c +++ b/postfix/src/postscreen/postscreen_smtpd.c @@ -13,7 +13,7 @@ /* void psc_smtpd_tests(state) /* PSC_STATE *state; /* -/* void PSC_SMTPD_421(state, final_reply) +/* void PSC_SMTPD_X21(state, final_reply) /* PSC_STATE *state; /* const char *final_reply; /* DESCRIPTION @@ -26,11 +26,9 @@ /* protocol tests and for collecting helo/sender/recipient /* information. /* -/* PSC_SMTPD_421() redirects the SMTP client to the dummy SMTP -/* protocol engine, completes the SMTP protocol handshake, -/* sends the specified final reply after the first non-QUIT -/* client command, and hangs up without doing any protocol -/* tests. The final reply must end in . +/* PSC_SMTPD_X21() redirects the SMTP client to an SMTP server +/* engine, which sends the specified final reply at the first +/* legitimate opportunity without doing any protocol tests. /* /* Unlike the Postfix SMTP server, this engine does not announce /* PIPELINING support. This exposes spambots that pipeline @@ -914,7 +912,7 @@ static void psc_smtpd_read_event(int event, char *context) if (strcasecmp(command, cmdp->name) == 0) break; - if ((state->flags & PSC_STATE_FLAG_SMTPD_421) + if ((state->flags & PSC_STATE_FLAG_SMTPD_X21) && cmdp->action != psc_quit_cmd) { PSC_CLEAR_EVENT_DROP_SESSION_STATE(state, psc_smtpd_time_event, state->final_reply); @@ -1104,10 +1102,11 @@ void psc_smtpd_tests(PSC_STATE *state) * * XXX Make "opportunistically" configurable for each test. */ - if ((state->flags & PSC_STATE_FLAG_SMTPD_421) == 0) - state->flags |= (PSC_STATE_FLAG_PIPEL_TODO | \ - PSC_STATE_FLAG_NSMTP_TODO | \ - PSC_STATE_FLAG_BARLF_TODO); + if ((state->flags & PSC_STATE_FLAG_SMTPD_X21) == 0) { + state->flags |= PSC_STATE_MASK_SMTPD_TODO; + } else { + state->flags &= ~PSC_STATE_MASK_SMTPD_TODO; + } /* * Send no SMTP banner to pregreeting clients. This eliminates a lot of diff --git a/postfix/src/smtp/lmtp_params.c b/postfix/src/smtp/lmtp_params.c index 3ec0c625c..58d9dfd02 100644 --- a/postfix/src/smtp/lmtp_params.c +++ b/postfix/src/smtp/lmtp_params.c @@ -109,5 +109,6 @@ VAR_LMTP_SASL_AUTH_SOFT_BOUNCE, DEF_LMTP_SASL_AUTH_SOFT_BOUNCE, &var_smtp_sasl_auth_soft_bounce, VAR_LMTP_ASSUME_FINAL, DEF_LMTP_ASSUME_FINAL, &var_lmtp_assume_final, VAR_LMTP_REC_DEADLINE, DEF_LMTP_REC_DEADLINE, &var_smtp_rec_deadline, + VAR_LMTP_DUMMY_MAIL_AUTH, DEF_LMTP_DUMMY_MAIL_AUTH, &var_smtp_dummy_mail_auth, 0, }; diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c index 7cbee76de..6d1c3c93c 100644 --- a/postfix/src/smtp/smtp.c +++ b/postfix/src/smtp/smtp.c @@ -142,7 +142,7 @@ /* Never send EHLO at the start of an SMTP session. /* .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR" /* Defer mail delivery when no MX record resolves to an IP address. -/* .IP "\fBsmtp_line_length_limit (990)\fR" +/* .IP "\fBsmtp_line_length_limit (998)\fR" /* The maximal length of message header and body lines that Postfix /* will send via SMTP. /* .IP "\fBsmtp_pix_workaround_delay_time (10s)\fR" @@ -241,6 +241,9 @@ /* time limit per read or write system call, to a time limit to send /* or receive a complete record (an SMTP command line, SMTP response /* line, SMTP message content line, or TLS protocol message). +/* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" +/* Whether or not to append the "AUTH=<>" option to the MAIL +/* FROM command in SASL-authenticated SMTP sessions. /* MIME PROCESSING CONTROLS /* .ad /* .fi @@ -305,6 +308,11 @@ /* When a remote SMTP server rejects a SASL authentication request /* with a 535 reply code, defer mail delivery instead of returning /* mail as undeliverable. +/* .PP +/* Available in Postfix version 2.9 and later: +/* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR" +/* Whether or not to append the "AUTH=<>" option to the MAIL +/* FROM command in SASL-authenticated SMTP sessions. /* STARTTLS SUPPORT CONTROLS /* .ad /* .fi @@ -830,6 +838,7 @@ char *var_smtp_resp_filter; bool var_lmtp_assume_final; char *var_smtp_dns_res_opt; bool var_smtp_rec_deadline; +bool var_smtp_dummy_mail_auth; /* Special handling of 535 AUTH errors. */ char *var_smtp_sasl_auth_cache_name; diff --git a/postfix/src/smtp/smtp_params.c b/postfix/src/smtp/smtp_params.c index b23b03a10..193894e64 100644 --- a/postfix/src/smtp/smtp_params.c +++ b/postfix/src/smtp/smtp_params.c @@ -113,5 +113,6 @@ VAR_SMTP_SASL_AUTH_SOFT_BOUNCE, DEF_SMTP_SASL_AUTH_SOFT_BOUNCE, &var_smtp_sasl_auth_soft_bounce, VAR_LMTP_ASSUME_FINAL, DEF_LMTP_ASSUME_FINAL, &var_lmtp_assume_final, VAR_SMTP_REC_DEADLINE, DEF_SMTP_REC_DEADLINE, &var_smtp_rec_deadline, + VAR_SMTP_DUMMY_MAIL_AUTH, DEF_SMTP_DUMMY_MAIL_AUTH, &var_smtp_dummy_mail_auth, 0, }; diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index 0ce010263..ae32f0a2b 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -1356,6 +1356,7 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state, */ #ifdef USE_SASL_AUTH if (var_smtp_sasl_enable + && var_smtp_dummy_mail_auth && (session->features & SMTP_FEATURE_AUTH)) vstring_strcat(next_command, " AUTH=<>"); #endif diff --git a/postfix/src/smtpstone/smtp-sink.c b/postfix/src/smtpstone/smtp-sink.c index 60750cc2d..bcdbefdc0 100644 --- a/postfix/src/smtpstone/smtp-sink.c +++ b/postfix/src/smtpstone/smtp-sink.c @@ -616,6 +616,7 @@ static void ehlo_response(SINK_STATE *state, const char *args) smtp_printf(state->stream, "250-XFORWARD NAME ADDR PROTO HELO"); if (!disable_enh_status) smtp_printf(state->stream, "250-ENHANCEDSTATUSCODES"); + /* RFC 821/2821/5321: Format is replycodeoptional-text */ smtp_printf(state->stream, "250 "); smtp_flush(state->stream); if (single_template) { diff --git a/postfix/src/util/vstream.c b/postfix/src/util/vstream.c index fb010eed6..0f12d203c 100644 --- a/postfix/src/util/vstream.c +++ b/postfix/src/util/vstream.c @@ -100,7 +100,12 @@ /* const char *VSTREAM_PATH(stream) /* VSTREAM *stream; /* -/* char *vstream_vfprintf(vp, format, ap) +/* char *vstream_vprintf(format, ap) +/* const char *format; +/* va_list *ap; +/* +/* char *vstream_vfprintf(stream, format, ap) +/* VSTREAM *stream; /* const char *format; /* va_list *ap; /* @@ -383,6 +388,8 @@ /* vstream_vfprintf() provides an alternate interface /* for formatting an argument list according to a format string. /* +/* vstream_vprintf() provides a similar alternative interface. +/* /* vstream_bufstat() provides input and output buffer status /* information. The command is one of the following: /* .IP VSTREAM_BST_IN_PEND @@ -1487,6 +1494,16 @@ void vstream_control(VSTREAM *stream, int name,...) va_end(ap); } +/* vstream_vprintf - formatted print to stdout */ + +VSTREAM *vstream_vprintf(const char *format, va_list ap) +{ + VSTREAM *vp = VSTREAM_OUT; + + vbuf_print(&vp->buf, format, ap); + return (vp); +} + /* vstream_vfprintf - formatted print engine */ VSTREAM *vstream_vfprintf(VSTREAM *vp, const char *format, va_list ap) diff --git a/postfix/src/util/vstream.h b/postfix/src/util/vstream.h index 907b26e7e..ddb8fda6a 100644 --- a/postfix/src/util/vstream.h +++ b/postfix/src/util/vstream.h @@ -167,6 +167,7 @@ extern int vstream_pclose(VSTREAM *); #define VSTREAM_POPEN_WAITPID_FN 7 /* child catcher, waitpid() compat. */ #define VSTREAM_POPEN_EXPORT 8 /* exportable environment */ +extern VSTREAM *vstream_vprintf(const char *, va_list); extern VSTREAM *vstream_vfprintf(VSTREAM *, const char *, va_list); extern ssize_t vstream_peek(VSTREAM *);