From: Wietse Venema <wietse@porcupine.org>
Date: Thu, 17 Jul 2003 05:00:00 +0000 (-0500)
Subject: postfix-2.0.14-20030717
X-Git-Tag: v2.1-RC1-20040331~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9212761d9f258f9e8ecb3af8fe633dc25db5ce8d;p=thirdparty%2Fpostfix.git

postfix-2.0.14-20030717
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index f210ba68d..45dcf3d8c 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -8397,6 +8397,14 @@ Apologies for any names omitted.
 	Safety: always truncate SMTP server error replies to 512
 	bytes.  File: smtpd/smtpd_check.c.
 
+20030717
+
+	Documentation: added description of policy_time_limit to 
+	the SMTPD_POLICY_README document.
+
+	Documentation: corrected the command time limit parameter
+	syntax in the spawn(8) manual page.
+
 Open problems:
 
 	Low: smtp-source may block when sending large test messages.
diff --git a/postfix/README_FILES/SMTPD_POLICY_README b/postfix/README_FILES/SMTPD_POLICY_README
index 5469ef45f..e3800d9f5 100644
--- a/postfix/README_FILES/SMTPD_POLICY_README
+++ b/postfix/README_FILES/SMTPD_POLICY_README
@@ -86,10 +86,15 @@ smtpd_recipient_restrictions:
         reject_unauth_destination 
         check_policy_service unix:private/policy 
         ...
+    policy_time_limit = 3600
 
 NOTE: specify "check_policy_service" AFTER "reject_unauth_destination"
 or else your system could become an open relay.
 
+NOTE: Postfix by default kills a command after 1000 seconds. This
+is too short for a policy daemon that may run for as long as an
+SMTP client is connected to an SMTP server process.
+
 NOTE: Solaris UNIX-domain sockets do not work very well. Use TCP
 sockets instead:
 
@@ -99,6 +104,7 @@ sockets instead:
         reject_unauth_destination 
         check_policy_service inet:localhost:9998
         ...
+    localhost:9998_time_limit = 3600
 
 Other client-side configuration parmeters:
 
@@ -174,6 +180,7 @@ that often appear in forged email.
         ...
     restriction_classes = greylist
     greylist = check_policy_service unix:private/policy
+    policy_time_limit = 3600
 
 /etc/postfix/sender_access:
     aol.com     greylist
@@ -202,6 +209,7 @@ database relatively quickly.
         check_sender_access hash:/etc/postfix/sender_access
         check_policy_service unix:private/policy
         ...
+    policy_time_limit = 3600
 
 /etc/postfix/sender_access:
     securityfocus.com OK
diff --git a/postfix/html/spawn.8.html b/postfix/html/spawn.8.html
index 498058fb1..d29aaac0f 100644
--- a/postfix/html/spawn.8.html
+++ b/postfix/html/spawn.8.html
@@ -67,21 +67,21 @@ SPAWN(8)                                                 SPAWN(8)
        command after a configuration change.
 
 <b>Miscellaneous</b>
-       <b>export</b><i>_</i><b>environment</b>
+       <b>export_environment</b>
               List of names of environment parameters that can be
               exported to non-Postfix processes.
 
-       <b>mail</b><i>_</i><b>owner</b>
+       <b>mail_owner</b>
               The  process  privileges  used while not running an
               external command.
 
 <b>Resource control</b>
-       <i>service_</i><b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b>
+       <i>service</i><b>_time_limit</b>
               The amount of time the command is  allowed  to  run
-              before it is killed with force. The <i>service</i> name is
-              the name of the entry in the  <b>master.cf</b>  file.  The
+              before  it  is  killed  with  force. <i>service</i> is the
+              first field of the entry in the <b>master.cf</b> file. The
               default  time  limit  is  given  by the global <b>com-</b>
-              <b>mand</b><i>_</i><b>time</b><i>_</i><b>limit</b> configuration parameter.
+              <b>mand_time_limit</b> configuration parameter.
 
 <b>SEE ALSO</b>
        <a href="master.8.html">master(8)</a> process manager
diff --git a/postfix/man/man8/spawn.8 b/postfix/man/man8/spawn.8
index 05878a6c2..530b87314 100644
--- a/postfix/man/man8/spawn.8
+++ b/postfix/man/man8/spawn.8
@@ -84,9 +84,9 @@ The process privileges used while not running an external command.
 .SH Resource control
 .ad
 .fi
-.IP \fIservice\fB_command_time_limit\fR
+.IP \fIservice\fB_time_limit\fR
 The amount of time the command is allowed to run before it is
-killed with force. The \fIservice\fR name is the name of the entry
+killed with force. \fIservice\fR is the first field of the entry
 in the \fBmaster.cf\fR file. The default time limit is given by the
 global \fBcommand_time_limit\fR configuration parameter.
 .SH SEE ALSO
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 0fdb03384..302e6f98f 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20030716"
+#define MAIL_RELEASE_DATE	"20030717"
 
 #define VAR_MAIL_VERSION	"mail_version"
 #define DEF_MAIL_VERSION	"2.0.14-" MAIL_RELEASE_DATE
diff --git a/postfix/src/spawn/spawn.c b/postfix/src/spawn/spawn.c
index 3e0ab78de..25ea31854 100644
--- a/postfix/src/spawn/spawn.c
+++ b/postfix/src/spawn/spawn.c
@@ -68,9 +68,9 @@
 /* .SH Resource control
 /* .ad
 /* .fi
-/* .IP \fIservice\fB_command_time_limit\fR
+/* .IP \fIservice\fB_time_limit\fR
 /*	The amount of time the command is allowed to run before it is
-/*	killed with force. The \fIservice\fR name is the name of the entry
+/*	killed with force. \fIservice\fR is the first field of the entry
 /*	in the \fBmaster.cf\fR file. The default time limit is given by the
 /*	global \fBcommand_time_limit\fR configuration parameter.
 /* SEE ALSO