From: Wietse Venema Date: Sat, 30 Sep 2000 05:00:00 +0000 (-0500) Subject: snapshot-20000930 X-Git-Tag: v20010228~33 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ea2a87834525e4e6a58b43d4a5b06769b029234;p=thirdparty%2Fpostfix.git snapshot-20000930 --- diff --git a/postfix/ETRN_README b/postfix/ETRN_README index dba879d8d..1ec262c40 100644 --- a/postfix/ETRN_README +++ b/postfix/ETRN_README @@ -17,7 +17,10 @@ But first you need to configure Postfix to provide fast ETRN service. - Add a "flush" service entry to /etc/postfix/master.cf if you were running an older Postfix version: - flush unix n - n - 0 flushd + flush unix - - n - 0 flush + + That is, the same line as bounce, except that bounce is replaced + by flush, twice. - Execute "postconf hash_queue_names" and verify that the output includes at the very least the "active", "bounce", "defer", and diff --git a/postfix/Makefile.in b/postfix/Makefile.in index 6cf1ec72b..af71aa2b8 100644 --- a/postfix/Makefile.in +++ b/postfix/Makefile.in @@ -6,7 +6,7 @@ DIRS = src/util src/global src/dns src/master src/postfix src/smtpstone \ src/lmtp src/trivial-rewrite src/qmgr src/smtp src/bounce src/pipe \ src/showq src/postalias src/postcat src/postconf src/postdrop \ src/postkick src/postlock src/postlog src/postmap src/postsuper \ - src/nqmgr src/spawn src/flushd # src/base64 proto man html + src/nqmgr src/spawn src/flush # src/base64 proto man html default: update diff --git a/postfix/conf/master.cf b/postfix/conf/master.cf index 0f9ba3718..693b7c71f 100644 --- a/postfix/conf/master.cf +++ b/postfix/conf/master.cf @@ -73,9 +73,9 @@ qmgr fifo n - n 300 1 qmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce +flush unix - - n - 0 flush smtp unix - - n - - smtp showq unix n - n - - showq -flush unix n - n - 0 flushd error unix - - n - - error local unix - n n - - local lmtp unix - - n - - lmtp diff --git a/postfix/html/Makefile.in b/postfix/html/Makefile.in index 35f235000..8a342e1fc 100644 --- a/postfix/html/Makefile.in +++ b/postfix/html/Makefile.in @@ -5,7 +5,7 @@ SHELL = /bin/sh DAEMONS = bounce.8.html cleanup.8.html defer.8.html error.8.html local.8.html \ lmtp.8.html master.8.html pickup.8.html pipe.8.html qmgr.8.html \ showq.8.html smtp.8.html smtpd.8.html trivial-rewrite.8.html \ - nqmgr.8.html spawn.8.html flushd.8.html + nqmgr.8.html spawn.8.html flush.8.html COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \ postconf.1.html postfix.1.html postkick.1.html postlock.1.html \ postlog.1.html postdrop.1.html postmap.1.html sendmail.1.html \ @@ -36,7 +36,7 @@ defer.8.html: bounce.8.html error.8.html: ../src/error/error.c srctoman $? | nroff -man | man2html | postlink >$@ -flushd.8.html: ../src/flushd/flushd.c +flush.8.html: ../src/flush/flush.c srctoman $? | nroff -man | man2html | postlink >$@ cleanup.8.html: ../src/cleanup/cleanup.c diff --git a/postfix/html/flush.8.html b/postfix/html/flush.8.html new file mode 100644 index 000000000..3cf6c207f --- /dev/null +++ b/postfix/html/flush.8.html @@ -0,0 +1,134 @@ +

+
+
+
+FLUSH(8)                                                 FLUSH(8)
+
+
+NAME
+       flush - Postfix fast flush daemon
+
+SYNOPSIS
+       flush [generic Postfix daemon options]
+
+DESCRIPTION
+       The flush server maintains so-called "fast flush" logfiles
+       with information about what messages are queued for a spe-
+       cific  site.  This program expects to be run from the mas-
+       ter(8) process manager.
+
+       This server implements the following requests:
+
+       FLUSH_REQ_ENABLE sitename
+              Enable fast flush logging for the specified site.
+
+       FLUSH_REQ_APPEND sitename queue_id
+              Append queue_id to the fast flush log for the spec-
+              ified site.
+
+       FLUSH_REQ_SEND sitename
+              Arrange  for  the delivery of all messages that are
+              listed in the fast flush logfile for the  specified
+              site.   After the logfile is processed, the file is
+              truncated to length zero.
+
+       The response to the client is one of:
+
+       FLUSH_STAT_OK
+              The request completed normally.
+
+       FLUSH_STAT_BAD
+              The flush server rejected the request (bad  request
+              name, bad request parameter value).
+
+       FLUSH_STAT_UNKNOWN
+              The specified site has no fast flush log.
+
+       Fast  flush  logfiles  are  truncated  only  after a flush
+       request. In order to prevent fast flush logs from  growing
+       too  large, and to prevent them from accumulating too much
+       outdated information, the flush service generates  a  pro-
+       active   flush   request  once  every  every  1000  append
+       requests. This should not impact operation.
+
+SECURITY
+       The fast flush server is not security-sensitive.  It  does
+       not  talk  to  the  network, and it does not talk to local
+       users.  The fast flush server can run  chrooted  at  fixed
+       low privilege.
+
+DIAGNOSTICS
+       Problems and transactions are logged to syslogd(8).
+
+
+
+                                                                1
+
+
+
+
+
+FLUSH(8)                                                 FLUSH(8)
+
+
+BUGS
+       In  reality,  this  server schedules delivery of messages,
+       regardless of their destination. This limitation is due to
+       the fact that one queue runner has to handle mail for mul-
+       tiple destinations.
+
+CONFIGURATION PARAMETERS
+       The following main.cf parameters are  especially  relevant
+       to  this  program. See the Postfix main.cf file for syntax
+       details and for default values.  Use  the  postfix  reload
+       command after a configuration change.
+
+       line_length_limit
+              Maximal  length  of  strings in a fast flush client
+              request.
+
+SEE ALSO
+       smtpd(8) Postfix SMTP server
+       qmgr(8) Postfix queue manager
+       syslogd(8) system logging
+
+LICENSE
+       The Secure Mailer license must be  distributed  with  this
+       software.
+
+AUTHOR(S)
+       Wietse Venema
+       IBM T.J. Watson Research
+       P.O. Box 704
+       Yorktown Heights, NY 10598, USA
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+                                                                2
+
+
+

diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index dbc6f4870..cf722acc2 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -187,10 +187,10 @@ SENDMAIL(1) SENDMAIL(1) -qRsite Schedule immediate delivery of all mail that is - queued for the named site. This functionality is - available only for sites that have a so-called fast - flush logfile as described in flushd(8). For other - sites, use the slower sendmail -q command instead. + queued for the named site. Depending on the desti- + nation, this uses "fast flush" service, or it has + the same effect as sendmail -q. This functionality + is implemented by connecting to the local SMTP @@ -203,26 +203,29 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) + server. See smtpd(8) for more information about the + "fast flush" service. + -qSsite - This command is not implemented. Use the slower + This command is not implemented. Use the slower sendmail -q command instead. - -t Extract recipients from message headers. This - requires that no recipients be specified on the + -t Extract recipients from message headers. This + requires that no recipients be specified on the command line. -v Enable verbose logging for debugging purposes. Mul- - tiple -v options make the software increasingly + tiple -v options make the software increasingly verbose. SECURITY - By design, this program is not set-user (or group) id. - However, it must handle data from untrusted users or - untrusted machines. Thus, the usual precautions need to + By design, this program is not set-user (or group) id. + However, it must handle data from untrusted users or + untrusted machines. Thus, the usual precautions need to be taken against malicious inputs. DIAGNOSTICS - Problems are logged to syslogd(8) and to the standard + Problems are logged to syslogd(8) and to the standard error stream. ENVIRONMENT @@ -234,7 +237,7 @@ SENDMAIL(1) SENDMAIL(1) MAIL_DEBUG Enable debugging with an external command, as spec- - ified with the debugger_command configuration + ified with the debugger_command configuration parameter. FILES @@ -242,22 +245,19 @@ SENDMAIL(1) SENDMAIL(1) /etc/postfix, configuration files CONFIGURATION PARAMETERS - See the Postfix main.cf file for syntax details and for - default values. Use the postfix reload command after a + See the Postfix main.cf file for syntax details and for + default values. Use the postfix reload command after a configuration change. alias_database - Default alias database(s) for newaliases. The - default value for this parameter is system-spe- + Default alias database(s) for newaliases. The + default value for this parameter is system-spe- cific. bounce_size_limit The amount of original message context that is sent along with a non-delivery notification. - database_type - Default alias etc. database type. On many UNIX - 4 @@ -269,60 +269,60 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) - systems the default type is either dbm or hash. + database_type + Default alias etc. database type. On many UNIX sys- + tems the default type is either dbm or hash. debugger_command Command that is executed after a Postfix daemon has initialized. debug_peer_level - Increment in verbose logging level when a remote + Increment in verbose logging level when a remote host matches a pattern in the debug_peer_list parameter. debug_peer_list - List of domain or network patterns. When a remote - host matches a pattern, increase the verbose log- - ging level by the amount specified in the + List of domain or network patterns. When a remote + host matches a pattern, increase the verbose log- + ging level by the amount specified in the debug_peer_level parameter. fork_attempts - Number of attempts to fork() a process before giv- + Number of attempts to fork() a process before giv- ing up. fork_delay - Delay in seconds between successive fork() + Delay in seconds between successive fork() attempts. hopcount_limit Limit the number of Received: message headers. mail_owner - The owner of the mail queue and of most Postfix + The owner of the mail queue and of most Postfix processes. command_directory - Directory with Postfix support commands (default: + Directory with Postfix support commands (default: $program_directory). daemon_directory - Directory with Postfix daemon programs (default: + Directory with Postfix daemon programs (default: $program_directory). queue_directory - Top-level directory of the Postfix queue. This is + Top-level directory of the Postfix queue. This is also the root directory of Postfix daemons that run chrooted. queue_run_delay - The time between successive scans of the deferred + The time between successive scans of the deferred queue. SEE ALSO pickup(8) mail pickup daemon postalias(1) maintain alias database - postdrop(1) privileged posting agent - postfix(1) mail system control @@ -335,6 +335,8 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) + postdrop(1) privileged posting agent + postfix(1) mail system control postkick(1) kick a Postfix daemon qmgr(8) queue manager showq(8) list mail queue @@ -343,7 +345,7 @@ SENDMAIL(1) SENDMAIL(1) syslogd(8) system logging LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -387,8 +389,6 @@ SENDMAIL(1) SENDMAIL(1) - - diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index 10e377381..ffe2ec8b3 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -237,14 +237,6 @@ SMTPD(8) SMTPD(8) SMTP session before it is penalized with tarpit delays. -ETRN service - smtpd_etrn_restrictions - Restrict what domain names can be used in ETRN com- - mands, and what clients may issue ETRN commands. - The restrictions are like the UCE restrictions - below. Fast ETRN service is limited to destinations - that list this MTA as mail exchanger. - UCE control restrictions smtpd_client_restrictions Restrict what clients may connect to this mail sys- @@ -258,6 +250,14 @@ SMTPD(8) SMTPD(8) Restrict what client hostnames are allowed in HELO and EHLO commands. + smtpd_sender_restrictions + Restrict what sender addresses are allowed in MAIL + FROM commands. + + smtpd_recipient_restrictions + Restrict what recipient addresses are allowed in + RCPT TO commands. + 4 @@ -269,59 +269,59 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) - smtpd_sender_restrictions - Restrict what sender addresses are allowed in MAIL - FROM commands. - - smtpd_recipient_restrictions - Restrict what recipient addresses are allowed in - RCPT TO commands. + smtpd_etrn_restrictions + Restrict what domain names can be used in ETRN com- + mands, and what clients may issue ETRN commands. allow_untrusted_routing - Allow untrusted clients to specify addresses with - sender-specified routing. Enabling this opens up - nasty relay loopholes involving trusted backup MX + Allow untrusted clients to specify addresses with + sender-specified routing. Enabling this opens up + nasty relay loopholes involving trusted backup MX hosts. restriction_classes - Declares the name of zero or more parameters that - contain a list of UCE restrictions. The names of - these parameters can then be used instead of the + Declares the name of zero or more parameters that + contain a list of UCE restrictions. The names of + these parameters can then be used instead of the restriction lists that they represent. maps_rbl_domains - List of DNS domains that publish the addresses of + List of DNS domains that publish the addresses of blacklisted hosts. relay_domains - Restrict what domains or networks this mail system + Restrict what domains or networks this mail system will relay mail from or to. UCE control responses access_map_reject_code - Server response when a client violates an access + Server response when a client violates an access database restriction. invalid_hostname_reject_code - Server response when a client violates the + Server response when a client violates the reject_invalid_hostname restriction. maps_rbl_reject_code - Server response when a client violates the + Server response when a client violates the maps_rbl_domains restriction. reject_code - Response code when the client matches a reject + Response code when the client matches a reject restriction. relay_domains_reject_code - Server response when a client attempts to violate + Server response when a client attempts to violate the mail relay policy. unknown_address_reject_code - Server response when a client violates the + Server response when a client violates the reject_unknown_address restriction. + unknown_client_reject_code + Server response when a client without address to + name mapping violates the reject_unknown_clients + restriction. @@ -335,13 +335,8 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) - unknown_client_reject_code - Server response when a client without address to - name mapping violates the reject_unknown_clients - restriction. - unknown_hostname_reject_code - Server response when a client violates the + Server response when a client violates the reject_unknown_hostname restriction. SEE ALSO @@ -350,7 +345,7 @@ SMTPD(8) SMTPD(8) syslogd(8) system logging LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -386,6 +381,11 @@ SMTPD(8) SMTPD(8) + + + + + diff --git a/postfix/man/Makefile.in b/postfix/man/Makefile.in index f82ef9269..8e258047d 100644 --- a/postfix/man/Makefile.in +++ b/postfix/man/Makefile.in @@ -5,7 +5,7 @@ SHELL = /bin/sh DAEMONS = man8/bounce.8 man8/defer.8 man8/cleanup.8 man8/error.8 man8/local.8 \ man8/lmtp.8 man8/master.8 man8/pickup.8 man8/pipe.8 man8/qmgr.8 \ man8/showq.8 man8/smtp.8 man8/smtpd.8 man8/trivial-rewrite.8 \ - man8/nqmgr.8 man8/spawn.8 man8/flushd.8 + man8/nqmgr.8 man8/spawn.8 man8/flush.8 COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \ man1/postkick.1 man1/postlock.1 man1/postlog.1 man1/postdrop.1 \ man1/postmap.1 man1/sendmail.1 man1/mailq.1 man1/newaliases.1 \ @@ -38,7 +38,7 @@ man8/cleanup.8: ../src/cleanup/cleanup.c man8/error.8: ../src/error/error.c ../mantools/srctoman $? >$@ -man8/flushd.8: ../src/flushd/flushd.c +man8/flush.8: ../src/flush/flush.c ../mantools/srctoman $? >$@ man8/local.8: ../src/local/local.c diff --git a/postfix/man/man1/sendmail.1 b/postfix/man/man1/sendmail.1 index 879301ec2..417b264ec 100644 --- a/postfix/man/man1/sendmail.1 +++ b/postfix/man/man1/sendmail.1 @@ -137,10 +137,11 @@ The interval between queue runs. Use the \fBqueue_run_delay\fR configuration parameter instead. .IP \fB-qR\fIsite\fR Schedule immediate delivery of all mail that is queued for the named -\fIsite\fR. -This functionality is available only for sites that have a so-called -\fBfast flush\fR logfile as described in \fBflushd\fR(8). For other -sites, use the slower \fBsendmail -q\fR command instead. +\fIsite\fR. Depending on the destination, this uses "fast flush" +service, or it has the same effect as \fBsendmail -q\fR. +This functionality is implemented by connecting to the local SMTP +server. See smtpd(8) for more information about the "fast flush" +service. .IP \fB-qS\fIsite\fR This command is not implemented. Use the slower \fBsendmail -q\fR command instead. diff --git a/postfix/man/man8/flush.8 b/postfix/man/man8/flush.8 new file mode 100644 index 000000000..38bd0ae0a --- /dev/null +++ b/postfix/man/man8/flush.8 @@ -0,0 +1,92 @@ +.TH FLUSH 8 +.ad +.fi +.SH NAME +flush +\- +Postfix fast flush daemon +.SH SYNOPSIS +.na +.nf +\fBflush\fR [generic Postfix daemon options] +.SH DESCRIPTION +.ad +.fi +The flush server maintains so-called "fast flush" logfiles with +information about what messages are queued for a specific site. +This program expects to be run from the \fBmaster\fR(8) process +manager. + +This server implements the following requests: +.IP "\fBFLUSH_REQ_ENABLE\fI sitename\fR" +Enable fast flush logging for the specified site. +.IP "\fBFLUSH_REQ_APPEND\fI sitename queue_id\fR" +Append \fIqueue_id\fR to the fast flush log for the +specified site. +.IP "\fBFLUSH_REQ_SEND\fI sitename\fR" +Arrange for the delivery of all messages that are listed in the fast +flush logfile for the specified site. After the logfile is processed, +the file is truncated to length zero. +.PP +The response to the client is one of: +.IP \fBFLUSH_STAT_OK\fR +The request completed normally. +.IP \fBFLUSH_STAT_BAD\fR +The flush server rejected the request (bad request name, bad +request parameter value). +.IP \fBFLUSH_STAT_UNKNOWN\fR +The specified site has no fast flush log. +.PP +Fast flush logfiles are truncated only after a flush request. In +order to prevent fast flush logs from growing too large, and to +prevent them from accumulating too much outdated information, the +flush service generates a pro-active flush request once every +every 1000 append requests. This should not impact operation. +.SH SECURITY +.na +.nf +.ad +.fi +The fast flush server is not security-sensitive. It does not +talk to the network, and it does not talk to local users. +The fast flush server can run chrooted at fixed low privilege. +.SH DIAGNOSTICS +.ad +.fi +Problems and transactions are logged to \fBsyslogd\fR(8). +.SH BUGS +.ad +.fi +In reality, this server schedules delivery of messages, regardless +of their destination. This limitation is due to the fact that +one queue runner has to handle mail for multiple destinations. +.SH CONFIGURATION PARAMETERS +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. See the Postfix \fBmain.cf\fR file for syntax details +and for default values. Use the \fBpostfix reload\fR command after +a configuration change. +.IP \fBline_length_limit\fR +Maximal length of strings in a fast flush client request. +.SH SEE ALSO +.na +.nf +smtpd(8) Postfix SMTP server +qmgr(8) Postfix queue manager +syslogd(8) system logging +.SH LICENSE +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH AUTHOR(S) +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index ca306d627..943d2dc6c 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -174,14 +174,6 @@ Disconnect after a client has made this number of errors. Limit the number of times a client can issue a junk command such as NOOP, VRFY, ETRN or RSET in one SMTP session before it is penalized with tarpit delays. -.SH "ETRN service" -.ad -.fi -.IP \fBsmtpd_etrn_restrictions\fR -Restrict what domain names can be used in \fBETRN\fR commands, -and what clients may issue \fBETRN\fR commands. The restrictions -are like the UCE restrictions below. Fast \fBETRN\fR service is -limited to destinations that list this MTA as mail exchanger. .SH "UCE control restrictions" .ad .fi @@ -197,6 +189,9 @@ Restrict what client hostnames are allowed in \fBHELO\fR and Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands. .IP \fBsmtpd_recipient_restrictions\fR Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands. +.IP \fBsmtpd_etrn_restrictions\fR +Restrict what domain names can be used in \fBETRN\fR commands, +and what clients may issue \fBETRN\fR commands. .IP \fBallow_untrusted_routing\fR Allow untrusted clients to specify addresses with sender-specified routing. Enabling this opens up nasty relay loopholes involving diff --git a/postfix/src/bounce/Makefile.in b/postfix/src/bounce/Makefile.in index 97bb71431..c0b91e553 100644 --- a/postfix/src/bounce/Makefile.in +++ b/postfix/src/bounce/Makefile.in @@ -101,12 +101,13 @@ bounce_notify_service.o: ../../include/vstream.h bounce_notify_service.o: ../../include/vbuf.h bounce_notify_service.o: ../../include/name_mask.h bounce_notify_service.o: ../../include/mail_params.h +bounce_notify_service.o: ../../include/mail_queue.h +bounce_notify_service.o: ../../include/vstring.h bounce_notify_service.o: ../../include/post_mail.h bounce_notify_service.o: ../../include/cleanup_user.h bounce_notify_service.o: ../../include/mail_addr.h bounce_notify_service.o: ../../include/mail_error.h bounce_notify_service.o: bounce_service.h -bounce_notify_service.o: ../../include/vstring.h bounce_notify_service.o: ../../include/bounce_log.h bounce_notify_util.o: bounce_notify_util.c bounce_notify_util.o: ../../include/sys_defs.h diff --git a/postfix/src/flushd/.indent.pro b/postfix/src/flush/.indent.pro similarity index 100% rename from postfix/src/flushd/.indent.pro rename to postfix/src/flush/.indent.pro diff --git a/postfix/src/flushd/.printfck b/postfix/src/flush/.printfck similarity index 100% rename from postfix/src/flushd/.printfck rename to postfix/src/flush/.printfck diff --git a/postfix/src/flushd/Makefile.in b/postfix/src/flush/Makefile.in similarity index 65% rename from postfix/src/flushd/Makefile.in rename to postfix/src/flush/Makefile.in index 7345e631c..1409de758 100644 --- a/postfix/src/flushd/Makefile.in +++ b/postfix/src/flush/Makefile.in @@ -1,6 +1,6 @@ SHELL = /bin/sh -SRCS = flushd.c -OBJS = flushd.o +SRCS = flush.c +OBJS = flush.o HDRS = TESTSRC = WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \ @@ -9,7 +9,7 @@ WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \ DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE) CFLAGS = $(DEBUG) $(OPT) $(DEFS) TESTPROG= -PROG = flushd +PROG = flush INC_DIR = ../../include LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a @@ -53,24 +53,24 @@ depend: $(MAKES) @$(EXPORT) make -f Makefile.in Makefile 1>&2 # do not edit below this line - it is generated by 'make depend' -flushd.o: flushd.c -flushd.o: ../../include/sys_defs.h -flushd.o: ../../include/msg.h -flushd.o: ../../include/events.h -flushd.o: ../../include/vstream.h -flushd.o: ../../include/vbuf.h -flushd.o: ../../include/vstring.h -flushd.o: ../../include/vstring_vstream.h -flushd.o: ../../include/myflock.h -flushd.o: ../../include/valid_hostname.h -flushd.o: ../../include/htable.h -flushd.o: ../../include/dict.h -flushd.o: ../../include/argv.h -flushd.o: ../../include/mail_params.h -flushd.o: ../../include/mail_queue.h -flushd.o: ../../include/mail_proto.h -flushd.o: ../../include/iostuff.h -flushd.o: ../../include/mail_flush.h -flushd.o: ../../include/mail_conf.h -flushd.o: ../../include/maps.h -flushd.o: ../../include/mail_server.h +flush.o: flush.c +flush.o: ../../include/sys_defs.h +flush.o: ../../include/msg.h +flush.o: ../../include/events.h +flush.o: ../../include/vstream.h +flush.o: ../../include/vbuf.h +flush.o: ../../include/vstring.h +flush.o: ../../include/vstring_vstream.h +flush.o: ../../include/myflock.h +flush.o: ../../include/valid_hostname.h +flush.o: ../../include/htable.h +flush.o: ../../include/dict.h +flush.o: ../../include/argv.h +flush.o: ../../include/mail_params.h +flush.o: ../../include/mail_queue.h +flush.o: ../../include/mail_proto.h +flush.o: ../../include/iostuff.h +flush.o: ../../include/mail_flush.h +flush.o: ../../include/mail_conf.h +flush.o: ../../include/maps.h +flush.o: ../../include/mail_server.h diff --git a/postfix/src/flushd/flushd.c b/postfix/src/flush/flush.c similarity index 83% rename from postfix/src/flushd/flushd.c rename to postfix/src/flush/flush.c index 324794c3b..c2a9780ba 100644 --- a/postfix/src/flushd/flushd.c +++ b/postfix/src/flush/flush.c @@ -1,10 +1,10 @@ /*++ /* NAME -/* flushd 8 +/* flush 8 /* SUMMARY /* Postfix fast flush daemon /* SYNOPSIS -/* \fBflushd\fR [generic Postfix daemon options] +/* \fBflush\fR [generic Postfix daemon options] /* DESCRIPTION /* The flush server maintains so-called "fast flush" logfiles with /* information about what messages are queued for a specific site. @@ -12,7 +12,9 @@ /* manager. /* /* This server implements the following requests: -/* .IP "\fBFLUSH_REQ_ADD\fI sitename queue_id\fR" +/* .IP "\fBFLUSH_REQ_ENABLE\fI sitename\fR" +/* Enable fast flush logging for the specified site. +/* .IP "\fBFLUSH_REQ_APPEND\fI sitename queue_id\fR" /* Append \fIqueue_id\fR to the fast flush log for the /* specified site. /* .IP "\fBFLUSH_REQ_SEND\fI sitename\fR" @@ -37,12 +39,8 @@ /* SECURITY /* .ad /* .fi -/* The fast flush server is moderately security-sensitive. It does not -/* talk to the network, but it does talk to local unprivileged users, in -/* order to emulate "sendmail -qRsite" behavior. For this reason all -/* strings in a request are truncated at \fIline_length_limit\fR, -/* before they are subjected to further validation. -/* +/* The fast flush server is not security-sensitive. It does not +/* talk to the network, and it does not talk to local users. /* The fast flush server can run chrooted at fixed low privilege. /* DIAGNOSTICS /* Problems and transactions are logged to \fBsyslogd\fR(8). @@ -110,9 +108,9 @@ /* Application-specific. */ #define STR(x) vstring_str(x) -#define FLUSHD_DUP_FILTER_SIZE 10000 /* graceful degradation */ -#define FLUSHD_COMMAND_TIMEOUT 60 /* don't get stuck */ -#define FLUSHD_CHECK_RATE 1000 /* don't accumulate cruft */ +#define FLUSH_DUP_FILTER_SIZE 10000 /* graceful degradation */ +#define FLUSH_COMMAND_TIMEOUT 60 /* don't get stuck */ +#define FLUSH_CHECK_RATE 1000 /* don't accumulate cruft */ /* flush_append - append queue ID to per-site fast flush log */ @@ -171,8 +169,8 @@ static int flush_site(const char *site) VSTREAM *log; struct utimbuf tbuf; static char qmgr_trigger[] = { - QMGR_REQ_SCAN_DEFERRED, /* scan deferred queue */ QMGR_REQ_SCAN_INCOMING, /* scan incoming queue */ + QMGR_REQ_FLUSH_DEAD, /* flush dead site/transport cache */ }; HTABLE *dup_filter; @@ -216,27 +214,25 @@ static int flush_site(const char *site) STR(queue_id), site); continue; } - if (dup_filter->used >= FLUSHD_DUP_FILTER_SIZE + if (dup_filter->used >= FLUSH_DUP_FILTER_SIZE || htable_find(dup_filter, STR(queue_id)) == 0) { if (msg_verbose) msg_info("%s: site %s: update %s time stamps", myname, site, STR(queue_file)); - if (dup_filter->used <= FLUSHD_DUP_FILTER_SIZE) + if (dup_filter->used <= FLUSH_DUP_FILTER_SIZE) htable_enter(dup_filter, STR(queue_id), 0); mail_queue_path(queue_file, MAIL_QUEUE_DEFERRED, STR(queue_id)); - if (utime(STR(queue_file), &tbuf) == 0) - continue; - if (errno != ENOENT) - msg_fatal("%s: update %s time stamps: %m", - myname, STR(queue_file)); - - mail_queue_path(queue_file, MAIL_QUEUE_INCOMING, STR(queue_id)); - if (utime(STR(queue_file), &tbuf) == 0) - continue; - if (errno != ENOENT) - msg_fatal("%s: update %s time stamps: %m", - myname, STR(queue_file)); + if (utime(STR(queue_file), &tbuf) < 0) { + if (errno != ENOENT) + msg_warn("%s: update %s time stamps: %m", + myname, STR(queue_file)); + } else if (mail_queue_rename(STR(queue_id), MAIL_QUEUE_DEFERRED, + MAIL_QUEUE_INCOMING) < 0 + && errno != ENOENT) + msg_warn("%s: rename from %s to %s: %m", + STR(queue_file), MAIL_QUEUE_DEFERRED, + MAIL_QUEUE_INCOMING); } else { if (msg_verbose) msg_info("%s: site %s: skip file %s as duplicate", @@ -270,6 +266,29 @@ static int flush_site(const char *site) return (FLUSH_STAT_OK); } +/* flush_enable - enable fast flush logging for site */ + +static int flush_enable(const char *site) +{ + char *myname = "flush_enable"; + VSTREAM *log; + + if (msg_verbose) + msg_info("%s: site %s", myname, site); + + /* + * Open or create the logfile. Multiple requests may arrive in parallel, + * so allow for the possibility that the file already exists. + */ + if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_CREAT | O_RDWR, 0600)) == 0) + msg_fatal("%s: open fast flush log for site %s: %m", myname, site); + + if (vstream_fclose(log) != 0) + msg_warn("write fast flush log for site %s: %m", site); + + return (FLUSH_STAT_OK); +} + /* flush_service - perform service for client */ static void flush_service(VSTREAM *client_stream, char *unused_service, @@ -287,14 +306,6 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, if (argv[0]) msg_fatal("unexpected command-line argument: %s", argv[0]); - /* - * Vandalism control. Read no unlimited amounts of garbage from a public - * socket. Of course we also have to make sure the content is sane. - */ - vstring_ctl(request, VSTRING_CTL_MAXLEN, var_line_limit, VSTRING_CTL_END); - vstring_ctl(site, VSTRING_CTL_MAXLEN, var_line_limit, VSTRING_CTL_END); - vstream_control(client_stream, VSTREAM_CTL_TIMEOUT, FLUSHD_COMMAND_TIMEOUT, - VSTREAM_CTL_END); /* * This routine runs whenever a client connects to the UNIX-domain socket * dedicated to the fast flush service. What we see below is a little @@ -310,16 +321,16 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, if (mail_scan(client_stream, "%s %s", request, site) == 2 && valid_hostname(STR(site))) { - if (STREQ(STR(request), FLUSH_REQ_ADD)) { + if (STREQ(STR(request), FLUSH_REQ_APPEND)) { queue_id = vstring_alloc(10); - vstring_ctl(queue_id, VSTRING_CTL_MAXLEN, var_line_limit, - VSTRING_CTL_END); if (mail_scan(client_stream, "%s", queue_id) == 1 && mail_queue_id_ok(STR(queue_id))) status = flush_append(STR(site), STR(queue_id)); vstring_free(queue_id); } else if (STREQ(STR(request), FLUSH_REQ_SEND)) { status = flush_site(STR(site)); + } else if (STREQ(STR(request), FLUSH_REQ_ENABLE)) { + status = flush_enable(STR(site)); } } mail_print(client_stream, "%d", status); @@ -330,8 +341,8 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, * contain too much outdated information. Flush our reply to the client * so that it does not have to wait while the pro-active flush happens. */ - if (status == FLUSH_STAT_OK && STREQ(STR(request), FLUSH_REQ_ADD) - && (++counter + event_time() + getpid()) % FLUSHD_CHECK_RATE == 0) { + if (status == FLUSH_STAT_OK && STREQ(STR(request), FLUSH_REQ_APPEND) + && (++counter + event_time() + getpid()) % FLUSH_CHECK_RATE == 0) { vstream_fflush(client_stream); if (msg_verbose) msg_info("site %s: time for a pro-active flush", STR(site)); diff --git a/postfix/src/global/Makefile.in b/postfix/src/global/Makefile.in index b09b2ec4a..7c0498826 100644 --- a/postfix/src/global/Makefile.in +++ b/postfix/src/global/Makefile.in @@ -310,6 +310,8 @@ defer.o: mail_queue.h defer.o: ../../include/vstream.h defer.o: mail_proto.h defer.o: ../../include/iostuff.h +defer.o: mail_params.h +defer.o: mail_flush.h defer.o: bounce.h defer.o: defer.h deliver_completed.o: deliver_completed.c diff --git a/postfix/src/global/defer.c b/postfix/src/global/defer.c index 70735497a..788af005b 100644 --- a/postfix/src/global/defer.c +++ b/postfix/src/global/defer.c @@ -42,6 +42,8 @@ /* defer_append() appends a record to the per-message defer log, /* with the reason for delayed delivery to the named recipient. /* The result is a convenient non-zero value. +/* When the fast flush cache is enabled, the fast flush server is +/* notified of deferred mail. /* /* vdefer_append() implements an alternative client interface. /* @@ -102,6 +104,7 @@ #include #include /* 44BSD stdarg.h uses abort() */ #include +#include /* Utility library. */ @@ -112,9 +115,13 @@ #include "mail_queue.h" #include "mail_proto.h" +#include "mail_params.h" +#include "mail_flush.h" #include "bounce.h" #include "defer.h" +#define STR(x) vstring_str(x) + /* defer_append - defer message delivery */ int defer_append(int flags, const char *id, const char *recipient, @@ -136,6 +143,7 @@ int vdefer_append(int flags, const char *id, const char *recipient, { VSTRING *why = vstring_alloc(100); int delay = time((time_t *) 0) - entry; + const char *rcpt_domain; vstring_vsprintf(why, fmt, ap); if (mail_command_write(MAIL_CLASS_PRIVATE, MAIL_SERVICE_DEFER, @@ -145,6 +153,15 @@ int vdefer_append(int flags, const char *id, const char *recipient, msg_info("%s: to=<%s>, relay=%s, delay=%d, status=deferred (%s)", id, recipient, relay, delay, vstring_str(why)); vstring_free(why); + + /* + * Notify the fast flush service. + */ + if (var_enable_fflush + && (rcpt_domain = strrchr(recipient, '@')) != 0 + && *++rcpt_domain != 0) + mail_flush_append(rcpt_domain, id); + return (-1); } diff --git a/postfix/src/global/deliver_request.c b/postfix/src/global/deliver_request.c index 8930b40cc..2dfafef8b 100644 --- a/postfix/src/global/deliver_request.c +++ b/postfix/src/global/deliver_request.c @@ -40,6 +40,8 @@ /* opens the queue file, and acquires a shared lock. /* A null result means that the client sent bad information or that /* it went away unexpectedly. +/* If the fast flush service is enabled, deliver_request_read() +/* initializes the client-side fast flush duplicate filter. /* /* The \fBflags\fR structure member is the bit-wise OR of zero or more /* of the following: @@ -63,9 +65,6 @@ /* closes the queue file, /* and destroys the DELIVER_REQUEST structure. The result is /* non-zero when the status could not be reported to the client. -/* -/* When the fast flush cache is enabled, the fast flush server is -/* notified of deferred mail. /* DIAGNOSTICS /* Warnings: bad data sent by the client. Fatal errors: out of /* memory, queue file open errors. @@ -102,11 +101,11 @@ #include "mail_queue.h" #include "mail_proto.h" +#include "mail_params.h" +#include "mail_flush.h" #include "mail_open_ok.h" #include "recipient_list.h" #include "deliver_request.h" -#include "mail_flush.h" -#include "mail_params.h" /* deliver_request_initial - send initial status code */ @@ -317,8 +316,16 @@ DELIVER_REQUEST *deliver_request_read(VSTREAM *stream) request = deliver_request_alloc(); if (deliver_request_get(stream, request) < 0) { deliver_request_free(request); - request = 0; + return (0); } + + /* + * Make sure the mail flush dupfilter sees no false positive if we're + * repeatedly delivering the same message. + */ + if (var_enable_fflush) + mail_flush_append_init(); + return (request); } @@ -328,12 +335,7 @@ int deliver_request_done(VSTREAM *stream, DELIVER_REQUEST *request, int stat { int err; - /* - * Optionally add this message to the fast flush log for this site. - */ err = deliver_request_final(stream, request->hop_status, status); - if (var_enable_fflush) - mail_flush_append(request->nexthop, request->queue_id); deliver_request_free(request); return (err); } diff --git a/postfix/src/global/mail_flush.c b/postfix/src/global/mail_flush.c index 921f0c367..ba307de1e 100644 --- a/postfix/src/global/mail_flush.c +++ b/postfix/src/global/mail_flush.c @@ -8,12 +8,17 @@ /* /* int mail_flush_deferred() /* +/* int mail_flush_enable(site) +/* const char *site; +/* /* int mail_flush_site(site) /* const char *site; /* /* int mail_flush_append(site, queue_id) /* const char *site; /* const char *queue_id; +/* +/* void mail_flush_append_init() /* DESCRIPTION /* This module deals with delivery of delayed mail. /* @@ -25,12 +30,24 @@ /* for a given site, and are created on demand when, for example, /* an eligible SMTP client issues the ETRN command. /* +/* mail_flush_enable() enables the "fast flush" service for +/* the named site. +/* /* mail_flush_site() uses the "fast flush" service to trigger /* delivery of messages queued for the specified site. /* /* mail_flush_append() appends a record to the "fast flush" -/* logfile of the specified site, with the queue ID of mail -/* that should still be delivered. +/* logfile for the specified site, with the queue ID of mail +/* that still should be delivered. This routine uses a little +/* duplicate filter to avoid appending multiple identical +/* records when one has to defer multi-recipient mail. +/* +/* mail_flush_append_init() initializes a duplicate filter that is used +/* by mail_flush_append(). mail_flush_append_init() must be called once +/* before calling mail_flush_append() and must be called whenever +/* the application opens a new queue file, to prevent false +/* positives with the duplicate filter when repeated attempts +/* are made to deliver the same message. /* DIAGNOSTICS /* The result codes and their meaning are (see mail_flush(5h)): /* .IP MAIL_FLUSH_OK @@ -63,6 +80,7 @@ #include #include +#include /* Global library. */ @@ -70,6 +88,14 @@ #include #include +/* Application-specific. */ + +#define STR(x) vstring_str(x) + +static VSTRING *mail_flush_saved_site; +static VSTRING *mail_flush_saved_id; +static int mail_flush_saved_status; + /* mail_flush_deferred - flush deferred queue */ int mail_flush_deferred(void) @@ -88,6 +114,32 @@ int mail_flush_deferred(void) qmgr_trigger, sizeof(qmgr_trigger))); } +/* mail_flush_append_init - initialize repeat filter */ + +void mail_flush_append_init(void) +{ + if (mail_flush_saved_site == 0) { + mail_flush_saved_site = vstring_alloc(10); + mail_flush_saved_id = vstring_alloc(10); + } + vstring_strcpy(mail_flush_saved_site, ""); + vstring_strcpy(mail_flush_saved_id, ""); +} + +/* mail_flush_cached - see if request repeats */ + +static int mail_flush_cached(const char *site, const char *queue_id) +{ + if (strcmp(STR(mail_flush_saved_site), site) == 0 + && strcmp(STR(mail_flush_saved_id), queue_id) == 0) { + return (1); + } else { + vstring_strcpy(mail_flush_saved_site, site); + vstring_strcpy(mail_flush_saved_id, queue_id); + return (0); + } +} + /* mail_flush_clnt - generic fast flush service client */ static int mail_flush_clnt(const char *format,...) @@ -99,7 +151,7 @@ static int mail_flush_clnt(const char *format,...) /* * Connect to the fast flush service over local IPC. */ - if ((flush = mail_connect(MAIL_CLASS_PUBLIC, MAIL_SERVICE_FLUSH, + if ((flush = mail_connect(MAIL_CLASS_PRIVATE, MAIL_SERVICE_FLUSH, BLOCKING)) == 0) return (FLUSH_STAT_FAIL); @@ -128,6 +180,22 @@ static int mail_flush_clnt(const char *format,...) return (status); } +/* mail_flush_enable - enable fast flush logging for site */ + +int mail_flush_enable(const char *site) +{ + char *myname = "mail_flush_enable"; + int status; + + if (msg_verbose) + msg_info("%s: site %s", myname, site); + status = mail_flush_clnt("%s %s", FLUSH_REQ_ENABLE, site); + if (msg_verbose) + msg_info("%s: site %s status %d", myname, site, status); + + return (status); +} + /* mail_flush_site - flush deferred mail for site */ int mail_flush_site(const char *site) @@ -149,13 +217,15 @@ int mail_flush_site(const char *site) int mail_flush_append(const char *site, const char *queue_id) { char *myname = "mail_flush_append"; - int status; if (msg_verbose) msg_info("%s: site %s id %s", myname, site, queue_id); - status = mail_flush_clnt("%s %s %s", FLUSH_REQ_ADD, site, queue_id); + if (mail_flush_cached(site, queue_id) == 0) + mail_flush_saved_status = + mail_flush_clnt("%s %s %s", FLUSH_REQ_APPEND, site, queue_id); if (msg_verbose) - msg_info("%s: site %s id %s status %d", myname, site, queue_id, status); + msg_info("%s: site %s id %s status %d", myname, site, queue_id, + mail_flush_saved_status); - return (status); + return (mail_flush_saved_status); } diff --git a/postfix/src/global/mail_flush.h b/postfix/src/global/mail_flush.h index baaabe6ae..00a351623 100644 --- a/postfix/src/global/mail_flush.h +++ b/postfix/src/global/mail_flush.h @@ -15,14 +15,17 @@ * External interface. */ extern int mail_flush_deferred(void); +extern int mail_flush_enable(const char *); extern int mail_flush_site(const char *); extern int mail_flush_append(const char *, const char *); +extern void mail_flush_append_init(void); /* * Mail flush server requests. */ -#define FLUSH_REQ_ADD "add" /* add queue ID to site log */ +#define FLUSH_REQ_APPEND "append"/* append queue ID to site log */ #define FLUSH_REQ_SEND "send" /* flush mail queued for site */ +#define FLUSH_REQ_ENABLE "enable"/* flush mail queued for site */ /* * Mail flush server status codes. diff --git a/postfix/src/global/mail_params.c b/postfix/src/global/mail_params.c index 05daccb46..83bd44185 100644 --- a/postfix/src/global/mail_params.c +++ b/postfix/src/global/mail_params.c @@ -165,7 +165,7 @@ time_t var_starttime; int var_ownreq_special; int var_daemon_timeout; char *var_syslog_facility; -int var_enable_fflush; +int var_enable_fflush; /* check_myhostname - lookup hostname and validate */ diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 4b19bb828..51328ea5d 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -1065,7 +1065,8 @@ extern void mail_params_init(void); extern char *var_filter_xport; /* -Fast flush service support. */ + * Fast flush service support. + */ #define VAR_ENABLE_FFLUSH "enable_fast_flush" #define DEF_ENABLE_FFLUSH 0 extern bool var_enable_fflush; diff --git a/postfix/src/global/mail_queue.c b/postfix/src/global/mail_queue.c index 62f8c0305..8bf28e7a6 100644 --- a/postfix/src/global/mail_queue.c +++ b/postfix/src/global/mail_queue.c @@ -243,10 +243,10 @@ int mail_queue_rename(const char *queue_id, const char *old_queue, * Try the operation. If it fails, see if it is because of missing * intermediate directories. */ - error = rename(mail_queue_path(old_buf, old_queue, queue_id), - mail_queue_path(new_buf, new_queue, queue_id)); + error = sane_rename(mail_queue_path(old_buf, old_queue, queue_id), + mail_queue_path(new_buf, new_queue, queue_id)); if (error != 0 && mail_queue_mkdirs(STR(new_buf)) == 0) - error = rename(STR(old_buf), STR(new_buf)); + error = sane_rename(STR(old_buf), STR(new_buf)); /* * Cleanup. @@ -270,11 +270,12 @@ int mail_queue_name_ok(const char *queue_name) { const char *cp; + if (strlen(queue_name) > 100) + return (0); + for (cp = queue_name; *cp; cp++) if (!ISALNUM(*cp)) return (0); - if (strlen(queue_name) > 100) - return (0); return (1); } @@ -288,19 +289,29 @@ int mail_queue_id_ok(const char *queue_id) return (0); /* - * Must be in valid hostname form. + * OK if in in time+inum form. */ - if ((strchr(queue_id, '.') || strchr(queue_id, '-')) - && valid_hostname(queue_id)) - return (1); + for (cp = queue_id; /* void */ ; cp++) { + if (*cp == 0) + return (1); + if (!ISALNUM(*cp)) + break; + } /* - * Must be in time+inum form. + * BAD if in time.pid form. */ - for (cp = queue_id; *cp; cp++) - if (!ISALNUM(*cp)) + for (cp = queue_id; /* void */ ; cp++) { + if (*cp == 0) return (0); - return (1); + if (!ISDIGIT(*cp) && *cp != '.') + break; + } + + /* + * OK if in valid hostname form. + */ + return (valid_hostname(queue_id)); } /* mail_queue_enter - make mail queue entry with locally-unique name */ diff --git a/postfix/src/global/mail_scan.c b/postfix/src/global/mail_scan.c index dfe96e237..0538c40bf 100644 --- a/postfix/src/global/mail_scan.c +++ b/postfix/src/global/mail_scan.c @@ -33,8 +33,6 @@ /* White space in the format string is ignored. /* .IP %s /* The corresponding argument has type (VSTRING *). -/* If the string has a size limit, no more characters will be read -/* into the string than is specified via that size limit. /* .IP %d /* The corresponding argument has type (int *). /* .IP %ld @@ -100,7 +98,6 @@ /* Global library. */ #include "mail_proto.h" -#include "mail_params.h" /* * Provision for the user to register type-specific input conversion @@ -148,8 +145,7 @@ void mail_scan_register(int letter, const char *name, MAIL_SCAN_FN scanner) static int mail_scan_any(VSTREAM *stream, VSTRING *vp, char *what) { - if ((vp->maxlen ? vstring_fgets_null_bound(vp, stream, vp->maxlen) - : vstring_fgets_null(vp, stream)) == 0) { + if (vstring_fgets_null(vp, stream) == 0) { msg_warn("mail_scan_any: got EOF; expected: %s", what); return (-1); } @@ -234,10 +230,9 @@ int mail_vscan(VSTREAM *stream, const char *fmt, va_list ap) static VSTRING *tmp; MAIL_SCAN *tp; - if (tmp == 0) { + if (tmp == 0) tmp = vstring_alloc(100); - tmp->maxlen = var_line_limit; /* good enough for numbers */ - } + for (count = 0, error = 0, cp = fmt; error == 0 && *cp != 0; cp++) { if (ISSPACE(*cp)) continue; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 819c8aef1..59d4e8e79 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -15,7 +15,7 @@ * Version of this program. */ #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "Snapshot-20000929" +#define DEF_MAIL_VERSION "Snapshot-20000930" extern char *var_mail_version; /* LICENSE diff --git a/postfix/src/nqmgr/Makefile.in b/postfix/src/nqmgr/Makefile.in index 376304e05..2dbf6abc5 100644 --- a/postfix/src/nqmgr/Makefile.in +++ b/postfix/src/nqmgr/Makefile.in @@ -95,6 +95,7 @@ qmgr_active.o: ../../include/recipient_list.h qmgr_active.o: ../../include/bounce.h qmgr_active.o: ../../include/defer.h qmgr_active.o: ../../include/rec_type.h +qmgr_active.o: ../../include/mail_flush.h qmgr_active.o: qmgr.h qmgr_active.o: ../../include/scan_dir.h qmgr_active.o: ../../include/maps.h diff --git a/postfix/src/nqmgr/qmgr_active.c b/postfix/src/nqmgr/qmgr_active.c index 9ba5a7dab..8fa1cfbb9 100644 --- a/postfix/src/nqmgr/qmgr_active.c +++ b/postfix/src/nqmgr/qmgr_active.c @@ -103,6 +103,7 @@ #include #include #include +#include /* Application-specific. */ @@ -226,6 +227,13 @@ void qmgr_active_feed(QMGR_SCAN *scan_info, const char *queue_id) */ if (message->refcount == 0) qmgr_active_done(message); + + /* + * Make sure the mail flush dupfilter sees no false positive if we're + * repeatedly trying to deliver the same message. + */ + else if (var_enable_fflush) + mail_flush_append_init(); } } diff --git a/postfix/src/nqmgr/qmgr_defer.c b/postfix/src/nqmgr/qmgr_defer.c index 504a5b821..72d30aac9 100644 --- a/postfix/src/nqmgr/qmgr_defer.c +++ b/postfix/src/nqmgr/qmgr_defer.c @@ -79,8 +79,6 @@ /* Global library. */ #include -#include -#include /* Application-specific. */ @@ -140,8 +138,6 @@ void qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason) recipient = entry->rcpt_list.info + nrcpt; qmgr_defer_recipient(message, recipient->address, reason); } - if (var_enable_fflush) - mail_flush_append(queue->name, message->queue_id); qmgr_entry_done(entry, QMGR_QUEUE_TODO); } } diff --git a/postfix/src/qmgr/Makefile.in b/postfix/src/qmgr/Makefile.in index ad3320b48..23c7d75cd 100644 --- a/postfix/src/qmgr/Makefile.in +++ b/postfix/src/qmgr/Makefile.in @@ -93,6 +93,7 @@ qmgr_active.o: ../../include/recipient_list.h qmgr_active.o: ../../include/bounce.h qmgr_active.o: ../../include/defer.h qmgr_active.o: ../../include/rec_type.h +qmgr_active.o: ../../include/mail_flush.h qmgr_active.o: qmgr.h qmgr_active.o: ../../include/scan_dir.h qmgr_active.o: ../../include/maps.h diff --git a/postfix/src/qmgr/qmgr_active.c b/postfix/src/qmgr/qmgr_active.c index 9ba5a7dab..8fa1cfbb9 100644 --- a/postfix/src/qmgr/qmgr_active.c +++ b/postfix/src/qmgr/qmgr_active.c @@ -103,6 +103,7 @@ #include #include #include +#include /* Application-specific. */ @@ -226,6 +227,13 @@ void qmgr_active_feed(QMGR_SCAN *scan_info, const char *queue_id) */ if (message->refcount == 0) qmgr_active_done(message); + + /* + * Make sure the mail flush dupfilter sees no false positive if we're + * repeatedly trying to deliver the same message. + */ + else if (var_enable_fflush) + mail_flush_append_init(); } } diff --git a/postfix/src/qmgr/qmgr_defer.c b/postfix/src/qmgr/qmgr_defer.c index c6292390e..8be8e7247 100644 --- a/postfix/src/qmgr/qmgr_defer.c +++ b/postfix/src/qmgr/qmgr_defer.c @@ -74,8 +74,6 @@ /* Global library. */ #include -#include -#include /* Application-specific. */ @@ -135,8 +133,6 @@ void qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason) recipient = entry->rcpt_list.info + nrcpt; qmgr_defer_recipient(message, recipient->address, reason); } - if (var_enable_fflush) - mail_flush_append(queue->name, message->queue_id); qmgr_entry_done(entry, QMGR_QUEUE_TODO); } } diff --git a/postfix/src/qmgr/qmgr_message.c b/postfix/src/qmgr/qmgr_message.c index 3732e2990..31f1a0e38 100644 --- a/postfix/src/qmgr/qmgr_message.c +++ b/postfix/src/qmgr/qmgr_message.c @@ -501,7 +501,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) } else if (dict_errno != 0) { qmgr_defer_recipient(message, recipient->address, "relocated map lookup failure"); -XXX mail_flush_append continue; } } @@ -590,7 +589,6 @@ XXX mail_flush_append if (*cpp) { qmgr_defer_recipient(message, recipient->address, "deferred transport"); -XXX mail_flush_append continue; } } @@ -618,7 +616,6 @@ XXX mail_flush_append */ if ((transport->flags & QMGR_TRANSPORT_STAT_DEAD) != 0) { qmgr_defer_recipient(message, recipient->address, transport->reason); -XXX mail_flush_append continue; } @@ -636,7 +633,6 @@ XXX mail_flush_append */ if (queue->window == 0) { qmgr_defer_recipient(message, recipient->address, queue->reason); -XXX mail_flush_append continue; } @@ -653,7 +649,6 @@ XXX mail_flush_append qmgr_message_count : var_qmgr_active_limit)) { qmgr_defer_recipient(message, recipient->address, "site destination queue overflow"); -XXX mail_flush_append continue; } } diff --git a/postfix/src/sendmail/Makefile.in b/postfix/src/sendmail/Makefile.in index 66f780f0b..66a63f31f 100644 --- a/postfix/src/sendmail/Makefile.in +++ b/postfix/src/sendmail/Makefile.in @@ -85,4 +85,3 @@ sendmail.o: ../../include/tok822.h sendmail.o: ../../include/resolve_clnt.h sendmail.o: ../../include/mail_flush.h sendmail.o: ../../include/mail_stream.h -sendmail.o: ../../include/sys_exits.h diff --git a/postfix/src/sendmail/sendmail.c b/postfix/src/sendmail/sendmail.c index 874877627..6adb08719 100644 --- a/postfix/src/sendmail/sendmail.c +++ b/postfix/src/sendmail/sendmail.c @@ -131,10 +131,11 @@ /* configuration parameter instead. /* .IP \fB-qR\fIsite\fR /* Schedule immediate delivery of all mail that is queued for the named -/* \fIsite\fR. -/* This functionality is available only for sites that have a so-called -/* \fBfast flush\fR logfile as described in \fBflushd\fR(8). For other -/* sites, use the slower \fBsendmail -q\fR command instead. +/* \fIsite\fR. Depending on the destination, this uses "fast flush" +/* service, or it has the same effect as \fBsendmail -q\fR. +/* This functionality is implemented by connecting to the local SMTP +/* server. See smtpd(8) for more information about the "fast flush" +/* service. /* .IP \fB-qS\fIsite\fR /* This command is not implemented. Use the slower \fBsendmail -q\fR /* command instead. @@ -246,13 +247,13 @@ #include #include #include +#include /* Utility library. */ #include #include #include -#include #include #include #include @@ -263,6 +264,7 @@ #include #include #include +#include /* Global library. */ @@ -280,6 +282,7 @@ #include #include #include +#include /* Application-specific. */ @@ -557,26 +560,75 @@ static void flush_queue(void) msg_warn("Cannot flush mail queue - mail system is down"); } +/* chat - send command and examine reply */ + +static void chat(VSTREAM *fp, VSTRING *buf, const char *fmt,...) +{ + va_list ap; + + smtp_get(buf, fp, var_line_limit); + if (STR(buf)[0] != '2') + msg_fatal("server rejected request: %s", STR(buf)); + + if (msg_verbose) + msg_info("<<< %s", STR(buf)); + + if (msg_verbose) { + va_start(ap, fmt); + vstring_vsprintf(buf, fmt, ap); + va_end(ap); + msg_info(">>> %s", STR(buf)); + } + va_start(ap, fmt); + smtp_vprintf(fp, fmt, ap); + va_end(ap); +} + /* flush_site - flush mail for site */ static void flush_site(const char *site) { - int code; + VSTRING *buf = vstring_alloc(10); + VSTREAM *fp; + int sock; + int status; - switch (code = mail_flush_site(site)) { - default: - msg_panic("flush_site: unknown result code %d", code); - case FLUSH_STAT_OK: - break; - case FLUSH_STAT_UNKNOWN: - msg_fatal("No \"sendmail -qR\" support available for %s - use \"sendmail -q\" instead", site); - break; - case FLUSH_STAT_BAD: - msg_fatal("invalid request: %s", site); - case FLUSH_STAT_FAIL: - msg_warn("Cannot flush mail queue - mail system is down"); - break; + /* + * Make connection to the local SMTP server. Translate "connection + * refused" into something less misleading. + */ + vstring_sprintf(buf, "%s:smtp", var_myhostname); + if ((sock = inet_connect(STR(buf), BLOCKING, 10)) < 0) { + if (errno == ECONNREFUSED) + msg_fatal("mail service at %s is down", var_myhostname); + msg_fatal("connect to mail service at %s: %m", var_myhostname); } + fp = vstream_fdopen(sock, O_RDWR); + + /* + * Prepare for trouble. + */ + vstream_control(fp, VSTREAM_CTL_EXCEPT, VSTREAM_CTL_END); + status = vstream_setjmp(fp); + if (status != 0) { + switch (status) { + case SMTP_ERR_EOF: + msg_fatal("server at %s aborted connection", var_myhostname); + case SMTP_ERR_TIME: + msg_fatal("timeout while talking to server at %s", var_myhostname); + } + } + smtp_timeout_setup(fp, 60); + + /* + * Chat with the SMTP server. + */ + chat(fp, buf, "helo %s", var_myhostname); + chat(fp, buf, "etrn %s", site); + chat(fp, buf, "quit"); + + vstream_fclose(fp); + vstring_free(buf); } /* sendmail_cleanup - callback for the runtime error handler */ diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index ef52089c6..25dc3a39f 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -104,7 +104,7 @@ /* The "fast flush" cache keeps a record of what mail is queued up for /* specific destinations. /* Currently, "fast flush" support is available only for destinations -/* that the local MTA is willing to relay mail to (i.e. the policy +/* that the local MTA is willing to relay mail to (i.e. the policy /* is hard coded). /* .IP \fBerror_notice_recipient\fR /* Recipient of protocol/policy/resource/software error notices. @@ -160,14 +160,6 @@ /* Limit the number of times a client can issue a junk command /* such as NOOP, VRFY, ETRN or RSET in one SMTP session before /* it is penalized with tarpit delays. -/* .SH "ETRN service" -/* .ad -/* .fi -/* .IP \fBsmtpd_etrn_restrictions\fR -/* Restrict what domain names can be used in \fBETRN\fR commands, -/* and what clients may issue \fBETRN\fR commands. The restrictions -/* are like the UCE restrictions below. Fast \fBETRN\fR service is -/* limited to destinations that list this MTA as mail exchanger. /* .SH "UCE control restrictions" /* .ad /* .fi @@ -183,6 +175,9 @@ /* Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands. /* .IP \fBsmtpd_recipient_restrictions\fR /* Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands. +/* .IP \fBsmtpd_etrn_restrictions\fR +/* Restrict what domain names can be used in \fBETRN\fR commands, +/* and what clients may issue \fBETRN\fR commands. /* .IP \fBallow_untrusted_routing\fR /* Allow untrusted clients to specify addresses with sender-specified /* routing. Enabling this opens up nasty relay loopholes involving @@ -1116,13 +1111,12 @@ static int etrn_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) switch (mail_flush_site(argv[1].strval)) { case FLUSH_STAT_UNKNOWN: if (smtpd_check_etrn_cache_policy_ok(state, argv[1].strval)) { - if ((fp = mail_queue_open(MAIL_QUEUE_FLUSH, argv[1].strval, - O_CREAT | O_APPEND | O_WRONLY, 0600)) == 0) { - msg_warn("create fast ETRN cache for %s: %m", argv[1].strval); + if (mail_flush_enable(argv[1].strval) != FLUSH_STAT_OK) { + msg_warn("can't create fast ETRN cache for %s", argv[1].strval); } else { - vstream_fclose(fp); msg_info("created fast ETRN cache for %s (client=%s)", argv[1].strval, state->namaddr); + vstream_fclose(fp); } } else { msg_info("refused fast ETRN service for %s (client=%s)",