From: Wietse Venema Date: Thu, 7 Nov 2002 05:00:00 +0000 (-0500) Subject: postfix-1.1.11-20021107 X-Git-Tag: v2.0.0~19 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f152091d4efdb7a3afca55b70c2a147616d9120;p=thirdparty%2Fpostfix.git postfix-1.1.11-20021107 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index f997e9218..c934dc62c 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -7165,6 +7165,30 @@ Apologies for any names omitted. indices in replacement text, and silently treated $text as $0. Found by Michael Tokarev. File: dict_pcre.c. +20021107 + + The behavior of the SMTP server's defer_if_permit flag has + changed. The flag is still set when an UCE reject restriction + fails due to a temporary (DNS) problem, to prevent unwanted + mail from slipping through. However, the flag is no longer + tested at the end of client, helo or sender restrictions. + Instead, the flag is now tested at the end of the ETRN and + recipient restrictions only. + + The behavior of the warn_if_reject restriction has changed. + It no longer activates any already made defer_if_permit or + defer_if_reject decisions (the defer_if_reject flag is set + when some UCE permit restriction fails due to a temporary + (DNS) problem, to avoid loss of legitimate mail). + + Instead of setting the defer_if_permit flag, a failing + reject restriction after warn_if_reject now merely logs + that it would have caused mail to be deferred. + + A failing permit restriction after warn_if_reject still + raises the defer_if_reject flag, to avoid loss of legitimate + mail. + Open problems: Low: revise other local delivery agent duplicate filters. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 624f52c8b..d70c61e9a 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -12,6 +12,29 @@ snapshot release). Patches change the patchlevel and the release date. Snapshots change only the release date, unless they include the same bugfixes as a patch release. +Incompatible changes with Postfix snapshot 1.1.11-20021107 +========================================================== + +The behavior of the SMTP server's defer_if_permit flag has changed. +The flag is still set when an UCE reject restriction fails due to +a temporary (DNS) problem, to prevent unwanted mail from slipping +through. However, the flag is no longer tested at the end of client, +helo or sender restrictions. Instead, the flag is now tested at +the end of the ETRN and recipient restrictions only. + +The behavior of the warn_if_reject restriction has changed. It no +longer activates any pending defer_if_permit or defer_if_reject +decisions (the defer_if_reject flag is set when some UCE permit +restriction fails due to a temporary (DNS) problem, to avoid loss +of legitimate mail). + +Instead of setting the defer_if_permit flag, a failing reject +restriction after warn_if_reject now merely logs that it would have +caused mail to be deferred. + +A failing permit restriction after warn_if_reject still raises the +defer_if_reject flag, to avoid loss of legitimate mail. + Incompatible changes with Postfix snapshot 1.1.11-20021028 ========================================================== diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 0d7643fbc..4e106f1be 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "20021106" +#define MAIL_RELEASE_DATE "20021107" #define VAR_MAIL_VERSION "mail_version" #define DEF_MAIL_VERSION "1.1.11-" MAIL_RELEASE_DATE diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 969cb6fea..57f9f323d 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -435,6 +435,14 @@ static int generic_checks(SMTPD_STATE *, ARGV *, const char *, const char *, con * results happen with: * * reject_unknown_client, hostname-based white-list, reject + * + * XXX Don't raise the defer_if_permit flag with a failing reject-style + * restriction that follows warn_if_reject. Instead, log the warning for the + * resulting defer message. + * + * XXX Do raise the defer_if_reject flag with a failing permit-style + * restriction that follows warn_if_reject. Otherwise, we could reject + * legitimate mail. */ static void PRINTFLIKE(3, 4) defer_if(SMTPD_DEFER *, int, const char *,...); @@ -442,8 +450,12 @@ static void PRINTFLIKE(3, 4) defer_if(SMTPD_DEFER *, int, const char *,...); defer_if(&(state)->defer_if_reject, (class), (fmt), (a1), (a2)) #define DEFER_IF_REJECT3(state, class, fmt, a1, a2, a3) \ defer_if(&(state)->defer_if_reject, (class), (fmt), (a1), (a2), (a3)) -#define DEFER_IF_PERMIT2(state, class, fmt, a1, a2) \ - defer_if(&(state)->defer_if_permit, (class), (fmt), (a1), (a2)) +#define DEFER_IF_PERMIT2(state, class, fmt, a1, a2) do { \ + if ((state)->warn_if_reject == 0) \ + defer_if(&(state)->defer_if_permit, (class), (fmt), (a1), (a2)); \ + else \ + (void) smtpd_check_reject((state), (class), (fmt), (a1), (a2)); \ + } while (0) /* * Cached RBL lookup state. @@ -747,21 +759,6 @@ static int smtpd_check_reject(SMTPD_STATE *state, int error_class, int warn_if_reject; const char *whatsup; - /* - * defer_if_whatever has precedence over warn_if_reject, so as to - * minimize confusion. Bummer. There goes transparency. - */ - if (state->warn_if_reject && state->defer_if_reject.active) { - state->warn_if_reject = state->defer_if_reject.active = 0; - return (smtpd_check_reject(state, state->defer_if_reject.class, - "%s", STR(state->defer_if_reject.reason))); - } - if (state->warn_if_reject && state->defer_if_permit.active) { - state->warn_if_reject = state->defer_if_permit.active = 0; - return (smtpd_check_reject(state, state->defer_if_permit.class, - "%s", STR(state->defer_if_permit.reason))); - } - /* * Do not reject mail if we were asked to warn only. However, * configuration errors cannot be converted into warnings. @@ -1687,7 +1684,7 @@ static int check_table_result(SMTPD_STATE *state, const char *table, if (STREQUAL(value, "REJECT", cmd_len)) { return (smtpd_check_reject(state, MAIL_ERROR_POLICY, "%d <%s>: %s rejected: %s", - var_access_map_code, reply_name, reply_class, + var_access_map_code, reply_name, reply_class, *cmd_text ? cmd_text : "Access denied")); } @@ -1788,7 +1785,7 @@ static int check_table_result(SMTPD_STATE *state, const char *table, /* * Don't get carried away with recursion. */ - if (state->recursion++ > 100) { + if (state->recursion > 100) { msg_warn("SMTPD access map %s entry %s causes unreasonable recursion", table, value); longjmp(smtpd_check_buf, smtpd_check_reject(state, MAIL_ERROR_SOFTWARE, @@ -2550,7 +2547,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions, int status = 0; ARGV *list; int found; - int saved_recursion = state->recursion; + int saved_recursion = state->recursion++; if (msg_verbose) msg_info("%s: START", myname); @@ -2824,16 +2821,6 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions, state->recursion = saved_recursion; - /* - * Force this permission into deferral because of some earlier temporary - * error that may have prevented us from rejecting mail, and report the - * earlier problem instead. - */ - if (status == SMTPD_CHECK_OK || status == SMTPD_CHECK_DUNNO) { - if (state->defer_if_permit.active) - status = smtpd_check_reject(state, state->defer_if_permit.class, - "%s", STR(state->defer_if_permit.reason)); - } return (status); } @@ -2850,12 +2837,17 @@ char *smtpd_check_client(SMTPD_STATE *state) return (0); #define SMTPD_CHECK_RESET() { \ - state->recursion = 1; \ + state->recursion = 0; \ state->warn_if_reject = 0; \ state->defer_if_reject.active = 0; \ - state->defer_if_permit.active = 0; \ } + /* + * This is cleared before client restrictions, and is tested after + * recipient and etrn restrictions. + */ + state->defer_if_permit.active = 0; + /* * Apply restrictions in the order as specified. */ @@ -3000,6 +2992,14 @@ char *smtpd_check_rcpt(SMTPD_STATE *state, char *recipient) status = generic_checks(state, rcpt_restrctions, recipient, SMTPD_NAME_RECIPIENT, CHECK_RECIP_ACL); + /* + * Force permission into deferral when some earlier temporary error may + * have prevented us from rejecting mail, and report the earlier problem. + */ + if (status != SMTPD_CHECK_REJECT && state->defer_if_permit.active) + status = smtpd_check_reject(state, state->defer_if_permit.class, + "%s", STR(state->defer_if_permit.reason)); + SMTPD_CHECK_RCPT_RETURN(status == SMTPD_CHECK_REJECT ? STR(error_text) : 0); } @@ -3045,6 +3045,14 @@ char *smtpd_check_etrn(SMTPD_STATE *state, char *domain) status = generic_checks(state, etrn_restrctions, domain, SMTPD_NAME_ETRN, CHECK_ETRN_ACL); + /* + * Force permission into deferral when some earlier temporary error may + * have prevented us from rejecting mail, and report the earlier problem. + */ + if (status != SMTPD_CHECK_REJECT && state->defer_if_permit.active) + status = smtpd_check_reject(state, state->defer_if_permit.class, + "%s", STR(state->defer_if_permit.reason)); + SMTPD_CHECK_ETRN_RETURN(status == SMTPD_CHECK_REJECT ? STR(error_text) : 0); } diff --git a/postfix/src/smtpd/smtpd_state.c b/postfix/src/smtpd/smtpd_state.c index d7c6cadce..b1d217f87 100644 --- a/postfix/src/smtpd/smtpd_state.c +++ b/postfix/src/smtpd/smtpd_state.c @@ -92,7 +92,9 @@ void smtpd_state_init(SMTPD_STATE *state, VSTREAM *stream) state->recursion = 0; state->msg_size = 0; state->junk_cmds = 0; + state->defer_if_reject.active = 0; state->defer_if_reject.reason = 0; + state->defer_if_permit.active = 0; state->defer_if_permit.reason = 0; state->expand_buf = 0;