From: Wietse Venema Date: Wed, 28 Feb 2001 05:00:00 +0000 (-0500) Subject: postfix-20010228 X-Git-Tag: v20010228^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97d2eb1a1324b3aa4af06efbf2996acba5313d0c;p=thirdparty%2Fpostfix.git postfix-20010228 --- diff --git a/postfix/.indent.pro b/postfix/.indent.pro index 7223e9d27..c35b4962f 100644 --- a/postfix/.indent.pro +++ b/postfix/.indent.pro @@ -27,6 +27,7 @@ -TDICT_ENV -TDICT_HT -TDICT_LDAP +-TDICT_DEBUG -TDICT_MYSQL -TDICT_NI -TDICT_NIS diff --git a/postfix/0README b/postfix/0README index c399b2519..8538cebe2 100644 --- a/postfix/0README +++ b/postfix/0README @@ -2,8 +2,13 @@ Purpose of this document ======================== This document provides a road map of the Postfix mail system source -code distribution. I suggest that you take a few minutes to read -this file, and then proceed with the INSTALL instructions. +code distribution. I suggest that you + +- take a few minutes to read this file, + +- review the RELEASE_NOTES file for incompatible changes, + +- and then proceed with the INSTALL instructions. Introduction ============ @@ -21,9 +26,7 @@ Purpose of the Postfix mail system ================================== Postfix aims to be an alternative to the widely-used sendmail -program. Sendmail is responsible for 70% of all e-mail delivered -on the Internet. With an estimated 100 million users, that's an -estimated 10 billion (10^10) messages daily. A stunning number. +program. Although IBM supported the Postfix development, it abstains from control over its evolution. The goal is to have Postfix installed @@ -40,7 +43,6 @@ On-line resources devoted to the Postfix mail system Web sites: http://www.postfix.org/ current release information - http://www.ibm.com/alphaworks/ original distribution site (obsolete) Mail addresses (PLEASE send questions to the mailing list) @@ -72,15 +74,6 @@ you are welcome to send a postcard to: Roadmap of the Postfix source distribution ========================================== -Point your browser at html/index.html for Postfix documentation, -for manual pages, and for the unavoidable Postfix FAQ. Expect to -see updated versions on-line at http://www.postfix.org/ - -Point your MANPATH environment variable at the `man' directory (use -an absolute path) for UNIX-style on-line manual pages. These pages -are also available through the HTML interface, which allows you to -navigate faster. - The RELEASE_NOTES file describes new features, and lists incompatible changes with respect to previous Postfix versions. @@ -92,10 +85,17 @@ not yet implement, and how well it works with other software. The HISTORY file gives a detailed log of changes to the software. +Point your browser at html/index.html for Postfix documentation, +for manual pages, and for the unavoidable Postfix FAQ. Expect to +see updated versions on-line at http://www.postfix.org/ + +Point your MANPATH environment variable at the `man' directory (use +an absolute path) for UNIX-style on-line manual pages. These pages +are also available through the HTML interface, which allows you to +navigate faster. + The PORTING file discusses how to go about porting Postfix to other -UNIX platforms. Some people are looking into a port to Windows NT. -We'll see. This software uses every trick in the book that I learned -about UNIX. +UNIX platforms. The TODO file lists things that still need to be done. If you want to set your teeth into one of those problems, drop me a note at @@ -146,6 +146,7 @@ Postfix daemons: src/smtp/ SMTP client src/smtpd/ SMTP server src/trivial-rewrite/ Address rewriting and resolving + src/virtual/ virtual mailbox-only delivery agent Test programs: diff --git a/postfix/COMPATIBILITY b/postfix/COMPATIBILITY index 4c161b920..bb754a363 100644 --- a/postfix/COMPATIBILITY +++ b/postfix/COMPATIBILITY @@ -7,20 +7,21 @@ aliases yes (can enable/disable mail to /file or |command) bare newlines yes (but will send CRLF) blacklisting yes (client name/addr; helo hostname; mail from; rcpt to) -content filter no +content filter yes db tables yes (compile time option) dbm tables yes (compile time option) delivered-to yes -dsn not yet +dsn not yet (bounces have DSN form) errors-to: yes esmtp yes etrn support yes (uses per-destination log or flushes entire queue) -fcntl locking yes (compile time) -flock locking yes (compile time) +fcntl locking yes (runtime configurable) +flock locking yes (runtime configurable) home mailbox yes ident lookup no ldap tables yes (contributed) -luser relay not yet +luser relay yes +lmtp support yes (client) m4 config no mail to command yes (configurable for .forward, aliases, :include:) mail to file yes (configurable for .forward, aliases, :include:) @@ -30,6 +31,7 @@ mailq yes majordomo yes (edit approve script to delete /delivered-to/i) mime conversion not yet; postfix uses just-send-eight missing <> yes (most common address forms) +mysql tables yes (contributed) netinfo tables yes (contributed) newaliases yes (main alias database only) nis tables yes @@ -38,8 +40,10 @@ pipeline option yes (server and client) pop/imap yes (with third-party daemons that use /var[/spool]/mail) rbl support yes return-receipt: not yet +sasl support yes (compile time option) +sendmail -bt no sendmail -q yes -sendmail -qRxxx no +sendmail -qRxxx yes sendmail -qSxxx no sendmail -qtime ignored sendmail -v no @@ -49,7 +53,7 @@ smarthost yes tcp wrapper no (use built-in blacklist facility) user+extension yes (also: .forward+extension) user-extension yes (also: .forward-extension) -user.lock yes (compile time) +user.lock yes (runtime configurable) uucp support yes (sends user@domain recipients) virtual domains yes year 2000 safe yes diff --git a/postfix/DEBUG_README b/postfix/DEBUG_README index 4e8f2cea2..cd2593eb6 100644 --- a/postfix/DEBUG_README +++ b/postfix/DEBUG_README @@ -18,8 +18,21 @@ from or to the loopback interface: You can specify one or more hosts, domains, addresses or net/masks. -3 - Making daemon programs more verbose -======================================= +2b - Record the SMTP connection with a sniffer +============================================== + +This example uses tcpdump. In order to record a conversation you +need to specify a large enough buffer or else you will miss some +or all of the packet payload. + + tcpdump -w /file/name -s 2000 host hostname and port 25 + +Run this for a while, stop with Ctrl-C when done. To view the data +use a binary viewer, or use my tcpdumpx utility that is available +from ftp://ftp.porcupine.org/pub/debugging. + +3 - Making Postfix daemon programs more verbose +=============================================== Append one or more -v options to selected daemon definitions in /etc/postfix/master.cf and type "postfix reload". This will cause diff --git a/postfix/FILTER_README b/postfix/FILTER_README index 243c2f4c9..adb7d28fd 100644 --- a/postfix/FILTER_README +++ b/postfix/FILTER_README @@ -1,6 +1,6 @@ This is a very first implementation of Postfix content filtering. A Postfix content filter receives unfiltered mail from Postfix and -re-injects filtered mail back into Postfix. +either bounces the mail or re-injects filtered mail back into Postfix. It involves an incompatible change to queue file formats. Older Postfix versions will reject mail that needs to be content filtered, @@ -24,32 +24,34 @@ The example assumes that only mail arriving via SMTP needs to be content filtered. .................................. - . Postfix . - ------smtpd \ /local----- - . -cleanup->queue- . - -----pickup / \smtp------ - ^ . | . - | . \pipe-----+ + : Postfix : + ----->smtpd \ /local----> + : -cleanup->queue- : + ---->pickup / \smtp-----> + ^ : | : + | : \pipe-----+ | .................................. | | | | | +------sendmail<-------filter<---------+ -Create a dedicated local user account called "filter". The user -will never log in, and can be given a "*" password and non-existent -shell and home. +1 - Create a dedicated local user account called "filter". The + user will never log in, and can be given a "*" password and + non-existent shell and home directory. This user handles all + potentially dangerous mail content - that is why it should be + a separate account. -Create a directory /var/spool/filter that is accessible only to -the "filter" user. This is where the content filtering will store -its temporary files. +2 - Create a directory /var/spool/filter that is accessible only + to the "filter" user. This is where the content filtering will + store its temporary files. -Define a content filtering entry in the Postfix master file: +3 - Define a content filtering entry in the Postfix master file: /etc/postfix/master.cf: - filter unix - n n - - pipe - user=filter argv=/some/where/filter -f ${sender} -- ${recipient} + filter unix - n n - - pipe + flags=R user=filter argv=/some/where/filter -f ${sender} -- ${recipient} -The filter program can start out as a simple shell script like this: +The /some/where/filter program can be a simple shell script like this: #!/bin/sh @@ -85,20 +87,11 @@ content is OK, it is given as input to Postfix sendmail, and the exit status of the filter command is whatever exit status Postfix sendmail produces. -The problem with content filters like this is that they are not -very robust, because the software does not talk a well-defined -protocol with Postfix. If the filter shell script aborts because -the shell runs into some memory allocation problem, the script will -not produce a nice exit status as per /usr/include/sysexits.h and -mail will probably bounce. The same lack of robustness is possible -when the content filtering software itself runs into a resource -problem. - I suggest that you play with this script for a while until you are -satisfied with the results. Run it as root or as the filter user, -with a real message (headers+body) as input: +satisfied with the results. Run it as the filter user, with a real +message (headers+body) as input: - # /some/where/filter -f sender recipient... queue- . - -----pickup / ^ | \smtp------ - . | v . - . smtpd smtp . - . 10026 | . + : Postfix : + ----->smtpd \ /local----> + : -cleanup->queue- : + ---->pickup / ^ | \smtp-----> + : | v : + : smtpd smtp : + : 10026 | : ......................|........... ^ | | v ....|............ - . | 10025 . - . filtering . - . . + : | 10025 : + : filter : + : : ................. To enable content filtering in this manner, specify in main.cf a @@ -174,12 +175,13 @@ up to 10 content filtering processes on demand: "filter" is a dedicated local user account. The user will never log in, and can be given a "*" password and non-existent shell and -home. +home directory. This user handles all potentially dangerous mail +content - that is why it should be a separate account. -The spawn server is part of Postfix but is not installed by default. -Edit the top-level Makefile.in file, run "make makefiles", "make", -and "make install". The manual page isn't installed by default, -either. See the spawn.c source file. +In the above example, Postfix listens on port localhost:10025. If +you want to have your filter listening on port localhost:10025 +instead of Postfix, then you must run your filter as a stand-alone +program. The /some/where/filter command is most likely a PERL script. PERL has modules that make talking SMTP easy. The command-line specifies @@ -192,7 +194,8 @@ it can be used with other mailers too, which is a nice spin-off. The simplest content filter just copies SMTP commands and data between its inputs and outputs. If it has a problem, all it has to do is to reply to an input of `.' with `550 content rejected', and -to disconnect its output side instead of sending `.'. +to disconnect without sending `.' on the connection that injects +mail back into Postfix. The job of the content filter is to either bounce mail with a suitable diagnostic, or to feed the mail back into Postfix through diff --git a/postfix/HISTORY b/postfix/HISTORY index b254bea66..4a6572894 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -3987,13 +3987,6 @@ Apologies for any names omitted. Bugfix: the code for masquerade_exceptions was case sensitive. Reported by Eduard Vopicka. File: cleanup/cleanup_masquerade.c. -20000526 - - Feature: experimental queue manager by Patrik Rak with a - fancy pre-emptive scheduling algorithm that improves delivery - performance of mail with few recipients. This queue manager - is made available as "nqmgr". - 20000528 Feature: the SMTP client SASL password file can contain @@ -4026,9 +4019,6 @@ Apologies for any names omitted. Added a simple shell-script based content filtering example to the FILTER_README file. - Content filtering support for nqmgr by Patrik Rak. File: - nqmgr/qmgr_message.c. - Renamed "content inspection" etc. to "content filtering" in anticipation of a new hook for content inspection that only inspects mail without re-injecting it into Postfix. @@ -4261,9 +4251,6 @@ Apologies for any names omitted. 20000922 - nqmgr update from Patrik Rak for the changed queue manager - to delivery agent protocol. - Lame feature: syslog_facility parameter to control where syslogd sends Postfix logging (default: syslog_facility = mail). However, errors during command-line parsing are @@ -4475,11 +4462,6 @@ Apologies for any names omitted. Bugfix: the recipient home directory test broke mailbox_transport support for non-UNIX recipients. File: local/recipient.c. -20001117 - - Robustness: additional integrity tests for the nqmgr by - Patrik Rak. File: nqmgr/qmgr_message.c. - 20001118 Bugfix: the new LDAP client code did not work properly if @@ -4733,7 +4715,6 @@ Apologies for any names omitted. Feature: SASL support for the LMTP client. Recent CYRUS software requires this for Postfix over TCP sockets. - This was just a cloning operation. 20010120 @@ -4745,5 +4726,196 @@ Apologies for any names omitted. 20010121 + Workaround: specify "broken_sasl_auth_clients = yes" in + order to support old Microsoft clients that implement + a non-standard version of RFC 2554 (AUTH command). + Workaround: Lotus Domino 5.0.4 violates RFC 2554 and replies to EHLO with AUTH=LOGIN. File: smtp/smtp_proto.c. + +20010125 + + Code cleanup: wrote creator/destructor for dictionary + objects that provides default methods that trap all attempts + to perform an unimplemented operation. Based on an ansatz + by Laurent Wacrenier (teaser.fr). Files: util/dict*.[hc]. + + Code cleanup: INSTALL.sh does not ask questions when stdin + is not connected to a tty (as in: make install instances across line boundaries. + sed(1) is an amazing tool. File: mantools/postlink. + +20010204 + + Laid the ground work for logging of table accesses. This + will give more insight into how Postfix uses its lookup + tables. User interface comes later. File: util/dict_debug.c. + +20010216 + + Bugfix: the pipe delivery agent expanded $size as if it + were a recipient, instead of expanding it as $nexthop or + as $sender. Reported by Michael Tokarev. File: pipe/pipe.c. + +20010221 + + Bugfix: poor LMTP performance for domains that are listed + in $mydestination, because Postfix would send one recipient + at a time, with multiple deliveries of recipients of the + same message in parallel; a similar problem could exist + with virus scanning and with firewall relay hosts that + forward mail for $mydestination to an inside machine. This + behavior is now changed to depend on the transport-specific + xxx_destination_recipient_limit parameter. This also means + that you can now get qmail behavior for SMTP deliveries by + setting smtp_destination_recipient_limit=1. File: + {qmgr,nqmgr}/qmgr_message.c. + + Workaround: Solaris socketpair() can fail with EINTR. Added + a sane_socketpair.c module that joins the ranks of the other + sane_whatever workarounds. Reported by Andrew McNamara. + File: util/sane_socketpair.[hc] + +20010222 + + Documentation: the default main.cf file has a prominent + warning that mynetworks should be properly configured in + order to reject unauthorized mail relay requests from + strangers. + + Documentation: the INSTALL document, section "mandatory + configuration file edits" has a section that explains that + mynetworks should be properly configured in order to reject + unauthorized mail relay requests from strangers. + +20010223 + + Documentation: the basic.html document has a section that + explains that mynetworks should be properly configured in + order to reject unauthorized mail relay requests from + strangers. + + Feature: new "mynetworks_style" parameter that controls + how mynetworks (trusted networks) is derived from the + inet_interfaces (machine interfaces) setting. Specify + "class" for entire class A, B, C networks; "subnet" for + the local subnets only; or "host" for maximal privacy. + Files: util/inet_addr_local.[hc], global/own_inet_addr.[hc], + global/mynetworks.[hc], postconf/postconf.c. + + Portability: MACOSX patches by Gerben Wierda. + + Portability: Solaris /dev/null is a symlink, which tripped + up the code to safely open a file before local delivery. We now + grudgingly allow symlinks owned by root. File: util/safe_open.c. + +20010224 + + Bugfix: "postconf mynetworks" ignored the inet_interfaces + setting. That was a very old one. File: postconf/postconf.c. + + INCOMPATIBLE CHANGE: POSTFIX NO LONGER RELAYS MAIL FOR + CLIENTS IN THE ENTIRE CLASS A/B/C NETWORK. POSTFIX BY + DEFAULT RELAYS MAIL FOR CLIENTS IN THE LOCAL SUBNETWORK. + Specify "mynetworks_style = class" to get the old behavior. + +20010225 + + Portability: master sigchld handler based on writing to a + pipe, so that the master wakes up from select(). Based on + code by Erik Forsberg, Linkoping University, Sweden. File: + master/master_sig.c. Disabled until after the major release. + + Code cleanup: Postfix should now run with no alias database. + + Code cleanup: local_destination_recipient_limit and + local_destination_concurrency_limit have become first-class + configuration parameters. Files: global/mail_params.h, + *qmgr/qmgr.c, postconf/postconf.c. + +20010226 + + Documentation suggestions by Lars Hecking and Richard + Huxton, Matthias Andree and many others. + + Code cleanup: some queue/transport operations need to be + moved, after the code cleanup of the recipient/concurrency + limit handling. Patrik Rak. Files: *qmgr/qmgr_message.c. diff --git a/postfix/INSTALL b/postfix/INSTALL index 49cf95a8a..20d58268c 100644 --- a/postfix/INSTALL +++ b/postfix/INSTALL @@ -66,12 +66,15 @@ If your system is supported, it is one of Linux RedHat 4.x Linux RedHat 5.x Linux RedHat 6.x + Linux RedHat 7.x Linux Slackware 3.5 Linux Slackware 4.0 Linux Slackware 7.0 Linux SuSE 5.x Linux SuSE 6.x + Linux SuSE 7.x Mac OS X server + Mac OS X Public Beta NEXTSTEP 3.x NetBSD 1.x OPENSTEP 4.x @@ -83,7 +86,7 @@ If your system is supported, it is one of Rhapsody 5.x SunOS 4.1.x SunOS 5.4..5.8 (Solaris 2.4..8) - Ultrix 4.x + Ultrix 4.x (well, that was long ago) or something closely resemblant. @@ -202,7 +205,8 @@ In order to install or upgrade Postfix: - Run the INSTALL.sh script as the super-user: - # sh INSTALL.sh + # make install (interactive version, first time install) + # make install &2 +test "$need_config" = 1 || exit 0 + +ALIASES=`bin/postconf -h alias_database | sed 's/^[^:]*://'` +cat <&2 - Warning: you still need to edit myorigin/mydestination in - $CONFIG_DIRECTORY/main.cf. See also html/faq.html for dialup + Warning: you still need to edit myorigin/mydestination/mynetworks + in $CONFIG_DIRECTORY/main.cf. See also html/faq.html for dialup sites or for sites inside a firewalled network. - BTW: Edit your alias database and be sure to set up aliases - for root and postmaster, then run $NEWALIASES_PATH. + BTW: Check your $ALIASES file and be sure to set up aliases + for root and postmaster that direct mail to a real person, then + run $NEWALIASES_PATH. EOF diff --git a/postfix/LDAP_README b/postfix/LDAP_README index 07660e031..e185ad0e6 100644 --- a/postfix/LDAP_README +++ b/postfix/LDAP_README @@ -26,6 +26,14 @@ Postfix source tree should work: % make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \ AUXLIBS="-L/usr/local/lib -lldap -L/usr/local/lib -llber" +On Solaris 2.x you may have to specify run-time link information, +otherwise ld.so will not find some of the shared libraries: + + % make tidy + % make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" \ + AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lldap \ + -L/usr/local/lib -R/usr/local/lib -llber" + The 'make tidy' command is needed only if you have previously built Postfix without LDAP support. @@ -86,11 +94,12 @@ parameter below, "server_host", would be defined in main.cf as substitute for the address Postfix is trying to resolve, e.g. ldapsource_query_filter = (&(mail=%s)(paid_up=true)) - domain (No default; you must configure this.) + domain (Default is to ignore this.) This is a list of domain names, paths to files, or dictionaries. - If specified, only lookups ending in a domain on this list will - be searched. This can significantly reduce the query load on the - LDAP server. + If specified, only lookups for the domains on this list will be + performed. This means that the LDAP map won't get searched for + 'user', nor will it get searched for any domain not listed. This + can significantly reduce the query load on the LDAP server. ldapsource_domain = postfix.org, hash:/etc/postfix/searchdomains result_attribute (maildrop) diff --git a/postfix/BEWARE b/postfix/LINUX_README similarity index 74% rename from postfix/BEWARE rename to postfix/LINUX_README index 1b0c41829..35a22a7a4 100644 --- a/postfix/BEWARE +++ b/postfix/LINUX_README @@ -1,3 +1,9 @@ +LINUX PORTABILITY +================= + +On RedHat Linux 7.0, you must install the db3-devel RPM before you +can compile the Postfix source code. + LINUX SYSLOGD PERFORMANCE ========================= diff --git a/postfix/LMTP_README b/postfix/LMTP_README index 1c44a1395..e6320db86 100644 --- a/postfix/LMTP_README +++ b/postfix/LMTP_README @@ -1,242 +1,247 @@ -[Based on information that was provided by Amous Gouaux] +[This file still needs to be updated - some information is obsolete] -Postfix LMTP support -==================== +1 - Postfix LMTP support +======================== LMTP stands for Local Mail Transfer Protocol, and is detailed in -RFC2033. This protocol is used to communicate with the final -delivery agent, which may be on the local host or a remote host. +RFC2033. Postfix uses this protocol to communicate with the final +delivery agent, which may run on the local host or a remote host. This protocol opens up interesting possibilities: one Postfix front -end system can drive multiple mailbox back end systems over LMTP. -As the mail load increases you add Postfix front end systems and -LMTP mailbox back end systems. You can use LDAP or mysql to share -the user database among the front end and back end systems. +end machine can drive multiple mailbox back end machines over LMTP. +As the mail load increases, you add more Postfix front end systems +and more LMTP mailbox back end systems. This is the model that I +had in mind when I began drafting the design for Postfix - a scalable +architecture that allows you to keep adding SMTP servers and mailbox +servers painlessly. + +Such a distributed architecture needs glue to keep things together. +You can use a networked database LDAP or mysql to share the user +database among the front end and back end systems. Use a replicated +database so that no machine becomes a single point of failure for +the entire mail infrastructure. Postfix LMTP support is based on a modified version of the Postfix SMTP client. The initial version was by Philip A. Prindeville of Mirapoint, Inc., USA. This code was modified further by Amos Gouaux -of University of Texas at Dallas, Richardson, USA. Wietse Venema -reduced the code to its present shape. +of University of Texas at Dallas, Richardson, USA, who also revised +much of the documentation. Wietse Venema reduced the code to its +present shape. -Overview -======== +2 - Overview +============ Most of the examples in this document involve the CMU Cyrus IMAP/POP server, available from: http://asg.web.cmu.edu/cyrus/ -While certainly not the only application that could make use of LMTP, -it tends to be the most discussed. These examples are based on the -forthcoming Cyrus 2.0.10, at least at the time of writing. The 2.x -branch of Cyrus places greater emphasis on LMTP delivery than the -previous releases. Those using older releases of Cyrus can find a -discussion in the appendix of this document. +While certainly not the only application that could make use of +LMTP, it tends to be the most discussed. These examples are based +on the forthcoming Cyrus 2.0.10, at least at the time of writing. +The 2.x branch of Cyrus places greater emphasis on LMTP delivery +than the previous releases. Those using older releases of Cyrus +can find a discussion in the appendix of this document. There are a variety of ways LMTP delivery can be configured in -Postfix. The two basic flavors are delivery over UNIX-domain sockets -and delivery over TCP sockets. Both flavors can be specified in -either the Postfix main.cf or in a transport map. The best approach -to use depends upon the arrangement of your servers and the desired -level of parallelization. Please be sure to study this entire -document as there are trade-offs in convenience and performance with -these different approaches. - -The precise syntax for UNIX-domain and TCP connection endpoints is -given in the lmtp(8) manual page. +Postfix. The two basic flavors are delivery over UNIX-domain +sockets and delivery over TCP sockets. + o Connections over UNIX-domain sockets limit delivery to LMTP + servers running on the same machine. -Using main.cf configuration -=========================== + o Connections over TCP sockets allow you to deliver to LMTP + servers across a local network. -This is the simplest LMTP configuration. The settings -local_transport, mailbox_transport, and fallback_transport can -support the following connections: - -1. LMTP over TCP sockets. +The precise syntax for UNIX-domain and TCP connection endpoints is +given in the lmtp(8) manual page. Examples are also given in the +text below. - mailbox_transport = lmtp +Both socket flavors can be specified in either the Postfix main.cf +file (see section 5) or in a Postfix transport map (section 6). +What is the best approach for you depends upon the arrangement of +your servers and the desired level of parallelization. - Instead of delivering local mail to a mail box such as - /var/mail/$user, a connection will be made over TCP to an LMTP - server. Currently the default port for this connection is 24, - but this can be customized in the "/etc/services" file. +Please be sure to study this entire document as there are trade-offs +in convenience and in performance with these different approaches. - NOTE: +3 - LMTP over UNIX-domain sockets +================================= - With connections over TCP sockets, some Cyrus implementations - insist on SASL-style authentication, which is not currently - supported by the Postfix LMTP client. See the examples below - for additional details. +A UNIX-domain socket is specified as the socket type ("unix") and +a name in the local file system: + unix:/path/name -2. LMTP over UNIX-domain sockets. +The "/path/name" part should be the name of a socket created by +the LMTP server on the local machine. See the specific examples +later in this document. - mailbox_transport = lmtp:unix:/path/name +NOTE: - In this case the LMTP connection will be made over a UNIX-domain - socket. This "/path/name" should be the socket created by the - LMTP server on the local machine. + If you run the lmtp client chrooted, the interpretation of the + /path/name is relative to the Postfix queue directory (typically, + /var/spool/postfix). - NOTE 1: + By default, the Postfix LMTP client does not run chrooted. + With LMTP delivery to the local machine there is no good reason + to run the Postfix LMTP client chrooted. - If you configured Cyrus using the "--with-libwrap" option, be - sure to allow access to the "lmtpd" service from "0.0.0.0". - Otherwise LMTP deliveries over UNIX-domain sockets will be - blocked. See the examples below for more on using libwrap. +4 - LMTP over TCP sockets +========================= - NOTE 2: +A TCP destination is specified as the socket type ("inet"), the +destination hostname and the TCP port: - If you run the lmtp client chrooted, the interpretation of - the /path/name is relative to the Postfix queue directory - (typically, /var/spool/postfix). + inet:hostname:port - NOTE 3: +The "inet:" part can be omitted, as it is the default socket type. - By default, the Postfix LMTP client does not run chrooted. - With LMTP delivery to the local machine there is no good - reason to run the Postfix LMTP client chrooted. +The destination port can be omitted as well. Currently the default +TCP port number for this type of connection is 24, but this can be +customized in the "/etc/services" file. Specific examples are +given later in this document. +NOTE: -Examples: + With connections over TCP sockets, later Cyrus LMTP server + implementations insist on SASL-style authentication. This means + that Postfix must be built with SASL support (see SASL_README). + The examples below show how to enable this in the Postfix LMTP + client. -1. LMTP over UNIX-domain sockets. + Some Cyrus LMTP server implementations do not allow SASL-style + authentication via plaintext passwords. You will have to jump + some extra hoops in order to enable MD5 password support, or + you will have to wait until this restriction is relaxed. - To utilize UNIX-domain sockets for the communication between - Postfix and Cyrus, the corresponding configuration files should - look something like this: - /etc/cyrus.conf: +5 - Configuring LMTP using main.cf configuration +================================================ - SERVICES { - ... - lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1 - ... - } - - /etc/postfix/main.cf: +This is the simplest LMTP configuration. - mailbox_transport = lmtp:unix:/var/imap/socket/lmtp +5.1 - Delivery mechanisms +------------------------- - In this case, mail that is resolved to be local will be delivered - to the Cyrus lmtpd server via the socket "/var/imap/socket/lmtp". +Postfix main.cf supports three mechanisms to deliver mail over +LMTP. Each method can use UNIX-domain or TCP sockets as described +in a later section. - If you configured Cyrus using the "--with-libwrap" option, you - will need the following: - - /etc/hosts.allow: - - lmtpd : 0.0.0.0 - -2. LMTP over TCP sockets. - - For this example, suppose the following files are configured - thusly: - - /etc/cyrus.conf: - - SERVICES { - ... - lmtp cmd="lmtpd -a" listen="127.0.0.1:lmtp" prefork=0 - ... - } +main.cf mechanism 1 +------------------- -XXX does this mean that connections will be accepted only on 127.0.0.1? +mailbox_transport = lmtp:unix:/path/name (UNIX-domain socket example) +mailbox_transport = lmtp:hostname:port (TCP socket example) - /etc/services: +Mail that resolves as local (domain is listed in $mydestination) +is given to the Postfix local delivery agent. The Postfix local +delivery agent expands aliases and .forward files, and delegates +mailbox delivery to the LMTP server. - lmtp 2003/tcp +main.cf mechanism 2 +------------------- - /etc/postfix/main.cf: +local_transport = lmtp:unix:/path/name (UNIX-domain socket example) +local_transport = lmtp:hostname:port (TCP socket example) - mailbox_transport = lmtp +Mail that resolves as local (domain is listed in $mydestination) +is directly given to the LMTP server. The mail is not processed +by the Postfix local delivery agent; therefore aliases and .forward +files are not processed. - /etc/postfix/master.cf: +main.cf mechanism 3 +------------------- - lmtp unix - - n - - lmtp +fallback_transport = lmtp:unix:/path/name (UNIX-domain socket example) +fallback_transport = lmtp:hostname:port (TCP socket example) - Mail that Postfix resolves to be local will be delivered via TCP - to the Cyrus LMTP server. Postfix will make a connection to port - 2003 on the local host, subsequently transmitting the message to - the lmtpd server managed by the Cyrus master process. Since - Postfix does not currently support LMTP-AUTH, the "-a" lmtpd - option is required. +Mail that resolves as local (domain is listed in $mydestination) +is given to the Postfix local delivery agent. The Postfix local +delivery agent processes aliases and .forward files, and delivers +to /var[/spool]/mail/$user for users that have a UNIX account. +Mail for other local users is delegated to the LMTP server. - CAUTION: +5.2 - Examples +-------------- - If you run lmtpd with the "-a" option, be certain that you - restrict what systems can connect to this service. This can - be done in either one of two ways: +5.2.1 - LMTP over UNIX-domain sockets +------------------------------------- - a. Compile Cyrus with libwrap support, configuring - "/etc/hosts.allow" to restrict access to this service to - only your mail server. +To utilize UNIX-domain sockets for the communication between +Postfix and Cyrus, the corresponding configuration files should +look something like this: - b. In the cyrus.conf file, for the "listen" argument to the - "lmtp" service, specify the address (in this case - localhost), that the service should bind to. This can - also be convenient if you have a private network between - your Postfix server and your Cyrus server. +/etc/cyrus.conf: - If neither of these actions are taken, anybody will be able - to drop junk into your Cyrus message store! + SERVICES { + ... + lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1 + ... + } +/etc/postfix/main.cf: -3. LMTP over TCP sockets, using hosts.allow. + mailbox_transport = lmtp:unix:/var/imap/socket/lmtp - While similar to the previous example, this one varies in how the - lmtpd service is protected from unauthorized use. Instead of - binding the lmtpd service to a specific Internet address, access - will be controlled using the "/etc/hosts.allow" tcp_wrappers - configuration file. The tcp_wrappers package is available from: +In this case, the Postfix local delivery agent expands aliases +and .forward files, and delegates mailbox delivery to the Cyrus +lmtpd server via the socket "/var/imap/socket/lmtp". - ftp://ftp.porcupine.org/pub/security/index.html +5.2.2 - LMTP over TCP sockets +----------------------------- - To take advantage of tcp_wrappers, Cyrus will need to be - configured using the "--with-libwrap" option. See the Cyrus - documentation for more details. +For this example, suppose the following files are configured +thusly: - Here are excerpts of the pertinent files: +/etc/cyrus.conf: - /etc/hosts.allow: + SERVICES { + ... + lmtp cmd="lmtpd" listen="127.0.0.1:lmtp" prefork=0 + ... + } - lmtpd : localhost : ALLOW - lmtpd : ALL@ALL : DENY +/etc/services: - /etc/cyrus.conf: + lmtp 24/tcp - SERVICES { - ... - lmtp cmd="lmtpd -a" listen="lmtp" prefork=0 - ... - } +/etc/postfix/main.cf: - /etc/services: + mailbox_transport = lmtp:localhost + lmtp_sasl_auth_enable = yes + lmtp_sasl_password_maps = hash:/etc/postfix/lmtp_sasl_pass - lmtp 2003/tcp +/etc/postfix/master.cf: - /etc/postfix/main.cf: + lmtp unix - - n - - lmtp - mailbox_transport = lmtp +/etc/postfix/lmtp_sasl_pass: + localhost.my.domain username:password - The syntax shown in the hosts.allow excerpt above is valid if - tcp_wrappers is compiled using a "make" argument of: +Instead of "hash", use the map type of your choice. Some systems +use "dbm" instead. Use "postconf -m" to find out what map types +are supported. - STYLE=-DPROCESS_OPTIONS +With the above settings, the Postfix local delivery agent expands +aliases and .forward files, and delegates mailbox delivery to the +the Cyrus LMTP server. Postfix makes a connection to port 24 on +the local host, subsequently transmitting the message to the lmtpd +server managed by the Cyrus master process. - See the tcp_wrappers hosts_options(5) man page for more details. +6 - Configuring LMTP using transport map configuration +====================================================== -Using transport map configuration -================================= +This approach is quite similar to specifying the LMTP service in +the Postfix main.cf configuration file. However, now we will use +a transport map to route mail to the appropriate LMTP server, +instead of depending on delegation by the Postfix local delivery +agent. -This approach is quite similar to specifying the LMTP service in the -Postfix main.cf configuration file. However, now we will use a -transport map to route mail to the appropriate LMTP server. Why -might this approach be useful? This could be handy if you wish to -route mail for multiple domains to their respective mail retrieval +Why might this approach be useful? This could be handy if you wish +to route mail for multiple domains to their respective mail retrieval (IMAP/POP) server. Example: /etc/postfix/transport: @@ -253,51 +258,55 @@ route mail for multiple domains to their respective mail retrieval transport_maps = hash:/etc/postfix/transport +For details of the Cyrus LMTP server configuration, see section 5. + Instead of "hash", use the map type of your choice. Some systems use "dbm" instead. Use "postconf -m" to find out what map types are supported. -Performance considerations -========================== +7 - Performance considerations +============================== Hopefully the preceding discussion has seemed pretty straight forward. Now things get interesting. After reading the following -you will see that there are more factors to consider when setting up -LMTP services. +you will see that there are more factors to consider when setting +up LMTP services. -Single instance message store -============================= +8 - Single instance message store +================================= Presently this topic is more pertinent to sites running Cyrus, but may be a factor with other applications as well. Since 1.6.22, Cyrus has had the feature that if a message containing -multiple recipients is received via the LMTP protocol, and all these -recipients were on the same Cyrus partition, only one instance of -this message would be written to the file system. The other +multiple recipients is received via the LMTP protocol, and all +these recipients were on the same Cyrus partition, only one instance +of this message would be written to the file system. The other recipients would then see a hard link of this single instance. -Depending on your user base, this can be considerable motivation to -using LMTP. - -However, there is a catch: currently the Postfix local delivery -mechanisms are only designed to handle one recipient at a time, which -in most cases is more than adequate. So, if you wish to support -single instance message store delivery, you will have to use a -transport table to map these users to the appropriate LMTP -destination. - -While the simplest thing to do would be to list the entire domain in -the transport map for LMTP delivery, this by-passes alias expansion -for otherwise local addresses. If the site is to run software via -aliases, like most Mailing List Management (MLM) software, a more -complex solution is required. Fortunately, a virtual table should do -the trick. +Depending on your user base, this can be considerable motivation +to using LMTP. + +However, there is a catch: the Postfix local delivery agent is +designed to deliver one recipient at a time, which in most cases +is more than adequate. So, if you wish to support single instance +message store delivery, you will have to use a virtual table to +map these users to the appropriate LMTP destination (at the time +of writing, the Postfix transport table supports only per-domain +routing, and not per-recipient routing). + +While the simplest thing to do would be to list the entire domain +in the transport map for LMTP delivery, this by-passes alias +expansion for otherwise local addresses (see section 5.1, delivery +mechanism 2). If the site is to run software via aliases, like +most Mailing List Management (MLM) software, a more complex solution +is required. A virtual table should do the trick. As an example, suppose we wanted to support single instance message -store delivery for the domain "example.org". The configuration files -for this domain could look something like this: +store delivery for the hosted (not local) domain "example.org". +The configuration files for this domain could look something like +this: /etc/postfix/virtual: @@ -334,21 +343,22 @@ for this domain could look something like this: Breaking things down, we begin with the address "mlist@example.org", which represents a mailing list. By placing an entry in the virtual map to direct this mail to "mlist@localhost", we can override the -transport map that would by default route all "@example.org" mail to -a LMTP server via a UNIX-domain socket. +transport map that would by default route all "@example.org" mail +to a LMTP server via a UNIX-domain socket. -To summarize, all mail that is to be processed by an alias entry must -first be diverted with a virtual table entry so that it does not fall -into the more general routing established by the transport table. +To summarize, all mail that is to be processed by an alias entry +must first be diverted with a virtual table entry so that it does +not fall into the more general routing established by the transport +table. -Improving connection caching performance -======================================== +9 - Improving connection caching performance +============================================ After delivering a message via LMTP, Postfix will keep the connection open for a while, so that it can be reused for a subsequent delivery. This reduces overhead of LMTP servers that create one process per -connection. +connection. For LMTP connection caching to work, the Postfix LMTP client should not switch destination hosts. This is no problem when you run only @@ -356,7 +366,7 @@ one LMTP server. However, if you run multiple LMTP servers, this can be an issue. You can prevent the LMTP client from switching between servers by -configuring a separate mail delivery transport for each LMTP server: +configuring a separate LMTP delivery transport for each LMTP server: /etc/postfix/master.cf: @@ -374,8 +384,8 @@ mail lmtp2 transport for the LMTP server #2, and so on. bar.com lmtp2:lmtp2host -Appendix: Older Cyrus versions -============================== +10 - Appendix: Older Cyrus versions +=================================== First of all, if you are using a Cyrus 2.x version prior to 2.0.10, it would be good to upgrade. The previous 2.x releases were beta @@ -399,7 +409,7 @@ configure inetd. This involves the following file edits: /etc/services: - lmtp 2003/tcp + lmtp 24/tcp /etc/inetd.conf: @@ -454,14 +464,3 @@ you will notice the one significant difference with the Postfix configuration is the lack of mention of the UNIX-domain sockets. That is because delivery over UNIX-domain sockets is new with Cyrus 2.x, yet another reason to upgrade. :-) - - - -# Local Variables: -# mode: text -# mode: flyspell -# fill-column: 69 -# End: - - - diff --git a/postfix/LMTP_README.old b/postfix/LMTP_README.old deleted file mode 100644 index 873c6c3d1..000000000 --- a/postfix/LMTP_README.old +++ /dev/null @@ -1,125 +0,0 @@ -BEGIN WARNING -============= - -The information in this file is outdated. The Postfix LMTP server -can now make connections over UNIX-domain sockets. - -With connections over TCP sockets, some Cyrus implementations insist -on SASL-style authentication, which is not supported by the Postfix -LMTP client. In that case, use UNIX-domain sockets instead. - -The precise syntax for UNIX-domain and TCP connection endpoints is -given in the lmtp(8) manual page. - -Examples: - - /etc/postfix/transport: - domain1.name lmtp1:unix:/path/name - domain2.name lmtp2:lmtp2host - - /etc/postfix/master.cf: - lmtp1 unix - - n - - lmtp - lmtp2 unix - - n - - lmtp - -The first example (domain1) uses UNIX-domain connections, the second -example (domain2) uses TCP. - -For optimal use of connection caching, specify separate mail delivery -transports for each domain that receives mail via LMTP: - -END WARNING -=========== - -Postfix LMTP support -==================== - -Postfix LMTP support is based on a modified version of the Postfix -SMTP client. The initial version was by Philip A. Prindeville of -Mirapoint, Inc., USA. This code was modified further by Amos Gouaux -of University of Texas at Dallas, Richardson, USA. Wietse Venema -reduced the code to its present shape. - -Postfix can be configured to talk to a local or remote LMTP server. -Most people will run the LMTP server on the same machine that runs -Postfix. However, a remote LMTP server can be useful if Postfix -runs on mail relay server(s) that feed incoming mail directly to -the appropriate mailbox server(s). This way, mailbox servers do -not need to run an SMTP server at all. Tidy all the way around. - -Configuring the mailbox server (local or remote) -================================================ - -On the mailbox server, in this case a CMU Cyrus imapd/popd server, -add the following to /etc/services: - - pop3 110/tcp # Cyrus POP3 - imap 143/tcp # Cyrus IMAP4 - lmtp 24/tcp - -Next, put the following in /etc/inetd.conf: - - lmtp stream tcp nowait cyrus /usr/sbin/tcpd /usr/local/cyrus/bin/deliver -e -l - -/usr/sbin/tcpd is from the tcp_wrappers package. You want this to -make sure only your mail relay(s) can talk to the LMTP server. -Postfix by default does multiple deliveries per LMTP session -(connection caching), so do not worry about the overhead of -tcp_wrapping the LMTP port. - -On some systems, tcpd is built into inetd, so you do not have to -specify tcpd in the inetd.conf file. Instead of tcpd/inetd, xinetd -can do a similar job of logging and access control. - -Configuring Postfix -=================== - -Similar changes to /etc/services: - - lmtp 24/tcp - -You may have to add the following entry to /etc/postfix/master.cf: - - lmtp unix - - n - - lmtp - -NOTE: Root privileges are not necessary! - -Put this in /etc/postfix/transport: - - inbox.domain.org lmtp:inbox.domain.org - -Naturally, this means we also need in /etc/postfix/main.cf: - - transport_maps = hash:/etc/postfix/transport - -Instead of "hash", use the map type of your choice. Some systems -use "dbm" instead. Use "postconf -m" to find out what map types -are supported. - -Improving connection caching performance -======================================== - -After delivering a message via LMTP, Postfix will keep the connection -open for a while, so that it can be reused for a subsequent delivery. -This reduces overhead of LMTP servers that create one process per -connection. - -For LMTP connection caching to work, the Postfix LMTP client should -not switch destination hosts. This is no problem when you run only -one LMTP server. However, if you run multiple LMTP servers, this -can be an issue. - -You can prevent the LMTP client from switching between servers by -configuring a separate mail delivery transport for each LMTP server: - - /etc/postfix/master.cf: - lmtp1 unix - - n - - lmtp - lmtp2 unix - - n - - lmtp - . . . . . . . . - -Configure transport table entries such that the lmtp1 mail delivery -transport is used for all deliveries to the LMTP server #1, the -mail lmtp2 transport for the LMTP server #2, and so on. - - /etc/postfix/transport: - foo.com lmtp1:lmtp1host - bar.com lmtp2:lmtp2host diff --git a/postfix/PCRE_README b/postfix/PCRE_README index d3b4fc9fa..6f97edcfa 100644 --- a/postfix/PCRE_README +++ b/postfix/PCRE_README @@ -19,8 +19,8 @@ from: You will need to add -DHAS_PCRE and a -I for the PCRE header to CCARGS, and add the path to the PCRE library to AUXLIBS, for example: - make -f Makefile.init makefiles 'CCARGS=-DHAS_PCRE -I../../pcre-2.08' \ - 'AUXLIBS=../../pcre-2.08/libpcre.a' + make -f Makefile.init makefiles 'CCARGS=-DHAS_PCRE -I../../../pcre-2.08' \ + 'AUXLIBS=../../../pcre-2.08/libpcre.a' [note: pcre versions before 2.06 are no longer compatible -- Wietse] diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index af3e6c7bf..9fcf519b3 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -1,77 +1,233 @@ -REJECT by header/body_checks are now flagged as policy violations -rather than bounces, for consistency in postmaster notifications. +This is the first official Postfix release that is not called BETA. +May it help the people who cannot get BETA software past their +management. -Major changes with snapshot-20001217 -==================================== +Release 20010228 differs from snapshot 20010228 in that the virtual +delivery agent and nqmgr queue manager are left out. That software +will become part of the official release when it has not changed +in a while. -This release involves little change in functionality and a lot of -small changes to lots of files. The code is put out as a separate -snapshot release so that I have a tested baseline for further work. +In the text below, incompatible changes are labeled with the Postfix +version that introduced the change. If you upgrade from a later +Postfix version, then you do not have to worry about that particular +incompatibility. -All time-related configuration parameters now accept a one-letter -suffix to indicate the time unit (s: second, m: minute, h: hour, -d: day, w: week). The exceptions are the LDAP and MYSQL modules -which are maintained separately. +Major incompatible changes with release-20010228 +================================================ -The mysql client was partially rewritten in order to elimimate some -memory allocation/deallocation problems. The code needs more work, -and needs to be tested in a real production environment. +[snapshot-20010225] POSTFIX NO LONGER RELAYS MAIL FOR CLIENTS IN +THE ENTIRE CLASS A/B/C NETWORK. To get the old behavior, specify +"mynetworks_style = class" in the main.cf file. The default +(mynetworks_style = subnet) is to relay for clients in the local +IP subnet. See conf/main.cf. -The local_transport and default_transport configuration parameters -can now be specified in transport:destination notation, just like -the mailbox_transport and fallback_transport parameters. The -:destination part is optional. However, these parameters take only -one destination, unlike relayhost and fallback-relay which take -any number of destinations. +[snapshot-20001005, snapshot-20010225] You must execute "postfix +stop" before installing this release. Some recommended parameter +settings have changed, and a new entry must be added to the master.cf +file before you can start Postfix again. -Incompatible changes with snapshot-20001210 -=========================================== +1 - The recommended Postfix configuration no longer uses flat + directories for the "incoming" "active", "bounce", and "defer" + queue directories. The "flush" directory for the new "flush" + service directory should not be flat either. -If this release does not work for you, you can go back to a previous -Postfix version without losing your mail, subject to the "incompatible -changes" listed for previous Postfix releases below. - -When delivering to /file/name (as directed in an alias or .forward -file), the local delivery agent now logs a warning when it is unable -to create a /file/name.lock file. Mail is still delivered as before. - -The "sun_mailtool_compatibility" feature is going away (a compatibility -mode that turns off kernel locks on mailbox files). It still works, -but a warning is logged. Instead of using "sun_mailtool_compatibility", -specify the mailbox locking strategy as "mailbox_delivery_lock = -dotlock". - -The Postfix SMTP client now skips SMTP server replies that do not -start with "CODE SPACE" or with "CODE HYPHEN" and flags them as -protocol errors. Older Postfix SMTP clients silently treated "CODE -TEXT" as "CODE SPACE TEXT", i.e. as a valid SMTP reply. - -This snapshot does not yet change default relay settings. That -change alone affects a dozen files, most of which documentation. -This may be an incompatibility with some people's expectations, -but such are my rules - between code freeze and release no major -functionality changes are allowed. - -Several interfaces of libutil and libglobal routines have changed. -This may break third-party code written for Postfix. In particular, -the safe_open() routine has changed, the way the preferred locking -method is specified in the sys_defs.h file, as well as all routines -that perform file locking. When compiling third-party code written -for Postfix, the incompatibilities will be detected by the compiler -provided that #include file dependencies are properly maintained. - -Major changes with snapshot-20001210 -==================================== + Upon start-up, Postfix checks if the hash_queue_names configuration + parameter is properly set up, and will add any queue directory + names that are missing. + +2 - In order to improve performance of one-to-one mail deliveries + the queue manager will now look at up to 10000 queue files + (was: 1000). The default qmgr_message_active_limit setting + was changed accordingly. + + If you have a non-default qmgr_message_active_limit in main.cf, + you may want adjust it. + +3 - The new "flush" service needs to be configured in master.cf. + + Upon start-up, Postfix checks if the new "flush" service is + configured in the master.cf file, and will add an entry if it + is missing. + +Should you wish to back out to a previous Postfix release there is +no need to undo the above queue configuration changes. + +[snapshot-20000921] The protocol between queue manager and delivery +agents has changed. This means that you cannot mix the Postfix +queue manager or delivery agents with those of Postfix versions +prior to 20000921. This change does not affect Postfix queue file +formats. + +[snapshot-20000529] This release introduces an incompatible queue +file format change ONLY when content filtering is enabled (see text +in FILTER_README). Old Postfix queue files will work fine, but +queue files with the new content filtering info will not work with +Postfix versions before 20000529. Postfix logs a warning and moves +incompatible queue files to the "corrupt" mail queue subdirectory. + +Minor incompatible changes with release-20010228 +================================================ + +[snapshot-20010225] The incoming and deferred queue directories +are now hashed by default. This improves the performance considerably +under heavy load, at the cost of a small but noticeable slowdown +when one runs "mailq" on an unloaded system. + +[snapshot-20010222] Postfix no longer automatically delivers +recipients one at a time when their domain is listed in $mydestination. +This change solves delivery performance problems with delivery via +LMTP, with virus scanning, and with firewall relays that forward +all mail for $mydestination to an inside host. + +The "one recipient at a time" delivery behavior is now controlled +by the per-transport recipient limit (xxx_destination_recipient_limit, +where xxx is the name of the delivery mechanism). This parameter +controls the number of recipients that can be sent in one delivery +(surprise). + +The setting of the per-transport recipient limit also controls the +meaning of the per-transport destination concurrency limit (named +xxx_destination_concurrency_limit, where xxx is again the name of +the delivery mechanism): + + 1) When the per-transport recipient limit is 1 (i.e., send one + recipient per delivery), the per-transport destination concurrency + limit controls the number of simultaneous deliveries to the + same recipient. This is the default behavior for delivery via + the Postfix local delivery agent. + + 2) When the per-transport recipient limit is > 1 (i.e., send + multiple recipients per delivery), the per-transport destination + concurrency limit controls the number of simultaneous deliveries + to the same domain. This is the default behavior for all other + Postfix delivery agents. + +[snapshot-20010128] The Postfix local delivery agent now enforces +mailbox file size limits (default: mailbox_size_limit = 51200000). +This limit affects all file write access by the local delivery +agent or by a process run by the local delivery agent. The purpose +of this parameter is to act as a safety for run-away software. It +cannot be a substitute for a file quota management system. Specify +a limit of 0 to disable. + +[snapshot-20010128] REJECT in header/body_checks is now flagged as +policy violation rather than bounce, for consistency in postmaster +notifications. + +[snapshot-20010128] The default RBL (real-time blackhole lists) +domain examples have been changed from *.vix.com to *.mail-abuse.org. + +[snapshot-20001210] Several interfaces of libutil and libglobal +routines have changed. This may break third-party code written +for Postfix. In particular, the safe_open() routine has changed, +the way the preferred locking method is specified in the sys_defs.h +file, as well as all routines that perform file locking. When +compiling third-party code written for Postfix, the incompatibilities +will be detected by the compiler provided that #include file +dependencies are properly maintained. + +[snapshot-20001210] When delivering to /file/name (as directed in +an alias or .forward file), the local delivery agent now logs a +warning when it is unable to create a /file/name.lock file. Mail +is still delivered as before. + +[snapshot-20001210] The "sun_mailtool_compatibility" feature is +going away (a compatibility mode that turns off kernel locks on +mailbox files). It still works, but a warning is logged. Instead +of using "sun_mailtool_compatibility", specify the mailbox locking +strategy as "mailbox_delivery_lock = dotlock". + +[snapshot-20001210] The Postfix SMTP client now skips SMTP server +replies that do not start with "CODE SPACE" or with "CODE HYPHEN" +and flags them as protocol errors. Older Postfix SMTP clients +silently treated "CODE TEXT" as "CODE SPACE TEXT", i.e. as a valid +SMTP reply. + +[snapshot-20001121] On RedHat Linux 7.0, you must install the +db3-devel RPM before you can compile the Postfix source code. + +[snapshot-20000924] The postmaster address in the "sorry" text at +the top of bounced mail is now just postmaster, not postmaster@machine. +The idea is to refer users to their own postmaster. + +[snapshot-20000921] The notation of [host:port] in transport tables +etc. is going away but it is still supported. The preferred form +is now [host]:port. This change is necessary to support IPV6 +address forms which use ":" as part of a numeric IP address. In a +future release, Postfix will log a warning when it encounters the +[host:port] form. + +[snapshot-20000921] In mail headers, Errors-To:, Reply-To: and +Return-Receipt: addresses are now rewritten as a sender address +(was: recipient). + +[snapshot-20000921] Postfix no longer inserts Sender: message +headers. + +[snapshot-20000921] The queue manager now logs the original number +of recipients when opening a queue file (example: from=<>, size=3502, +nrcpt=1). + +[snapshot-20000921] The local delivery agent no longer appends a +blank line to mail that is delivered to external command. + +[snapshot-20000921] The pipe delivery agent no longer appends a +blank line when the F flag is specified (in the master.cf file). +Specify the B flag if you need that blank line. + +[snapshot-20000507] As required by RFC 822, Postfix now inserts a +generic destination message header when no destination header is +present. The text is specified via the undisclosed_recipients_header +configuration parameter (default: "To: undisclosed-recipients:;"). + +[snapshot-20000507] The Postfix sendmail command treats a line with +only `.' as the end of input, for the sake of sendmail compatibility. +To disable this feature, specify the sendmail-compatible `-i' or +`-oi' flags on the sendmail command line. + +[snapshot-20000507] For the sake of Sendmail compatibility, the +Postfix SMTP client skips over SMTP servers that greet with a 4XX +or 5XX reply code, treating them as unreachable servers. To obtain +prior behavior (4XX=retry, 5XX=bounce), specify "smtp_skip_4xx_greeting += no" and "smtp_skip_5xx_greeting = no". + +Major changes with release-20010228 +=================================== + +Postfix produces DSN formatted bounced/delayed mail notifications. +The human-readable text still exists, so that users will not have +to be unnecessarily confused by all the ugliness of RFC 1894. Full +DSN support will be later. + +This release introduces full content filtering through an external +process. This involves an incompatible change in queue file format. +Mail is delivered to content filtering software via an existing +mail delivery agent, and is re-injected into Postfix via an existing +mail submission agent. See examples in the FILTER_README file. +Depending on how the filter is implemented, you can expect to lose +a factor of 2 to 4 in delivery performance of SMTP transit mail, +more if the content filtering software needs lots of CPU or memory. + +Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick +and dirty emergency content filter that looks at non-header lines +one line at a time (including MIME headers inside the message body). +Details in conf/sample-filter.cf. + +The header_checks and body_checks features can be used to strip +out unwanted data. Specify IGNORE on the right-hand side and the +data will disappear from the mail. -This snapshot includes bugfixes that were already released as -patches 12 and 13 for the 19991231 "stable" release: +Support for SASL (RFC 2554) authentication in the SMTP server and +in the SMTP and LMTP clients. See the SASL_README file for more +details. This file still needs better examples. - - The queue manager could deadlock for 10 seconds when bouncing - mail under extreme load from one-to-one mass mailings. +Postfix now ships with an LMTP delivery agent that can deliver over +local/remote TCP sockets and over local UNIX-domain sockets. The +LMTP_README file gives example, but still needs to be revised. - - Local delivery performance was substandard, because the per-user - concurrency limit accidentally applied to the entire local - domain. +Fast "ETRN" and "sendmail -qR". Postfix maintains per-destination +logfiles with information about what mail is queued for selected +destinations. See the file ETRN_README for details. The mailbox locking style is now fully configurable at runtime. The new configuration parameter is called "mailbox_delivery_lock". @@ -82,11 +238,14 @@ mailbox locking style is system dependent. This change affects all mailbox and all "/file/name" deliveries by the Postfix local delivery agent. -The new "import_environment" and "export_environment" configuration -parameters now provide explicit control over what environment -variables Postfix will import, and what environment variables -Postfix will pass on to a non-Postfix process. This is better than -hard-coding my debugging environment into public releases. +Minor changes with release-20010228 +=================================== + +You can now specify multiple SMTP destinations in the relayhost +and fallback_relay configuration parameters. The destinations are +tried in the specified order. Specify host or host:port (perform +MX record lookups), [host] or [host]:port (no MX record lookups), +[address] or [address]:port (numerical IP address). The "mailbox_transport" and "fallback_transport" parameters now understand the form "transport:nexthop", with suitable defaults @@ -94,25 +253,12 @@ when either transport or nexthop are omitted, just like in the Postfix transport map. This allows you to specify for example, "mailbox_transport = lmtp:unix:/file/name". -The MYSQL client now supports server connections over UNIX-domain -sockets. Code provided by Piotr Klaban. See the file MYSQL_README -for examples of "host" syntax. - -Incompatible changes with snapshot-20001121 -=========================================== - -If this release does not work for you, you can go back to a previous -Postfix version without losing your mail, subject to the "incompatible -changes" listed for previous Postfix releases below. - -Major changes with snapshot-20001121 -==================================== - -Support for RedHat Linux 7.0. On RedHat Linux 7.0, you must install -the db3-devel RPM before you can compile the Postfix source code. - -The mailbox_transport feature works again. It was broken when the -"require_home_directory" feature was added. +The local_transport and default_transport configuration parameters +can now be specified in transport:destination notation, just like +the mailbox_transport and fallback_transport parameters. The +:destination part is optional. However, these parameters take only +one destination, unlike relayhost and fallback-relay which take +any number of destinations. More general virtual domain support. Postfix now supports both Sendmail-style virtual domains and Postfix-style virtual domains. @@ -131,270 +277,43 @@ in main.cf to prevent the SMTP server from bouncing mail while you are testing configurations. Until this release the SMTP server was not aware of soft bounces. -Incompatible changes with snapshot-20001029 -=========================================== - -If this release does not work for you, you can go back to a previous -Postfix version without losing your mail, subject to the "incompatible -changes" listed for previous Postfix releases below. - -Berkeley DB support has changed for Solaris, HP-UX, UNIXWARE, IRIX. -On these systems, Postfix must no longer use DB 1.85 compatibility -mode, because that mode loses the file lock while building a table, -so that table lookups fail and mail is lost. See the DB_README file -for instructions on how to build Postfix with third-party Berkeley -DB support. - -The "fast ETRN" policy configuration has changed. You now specify -the list of eligible "fast ETRN" domains with the fast_flush_domains -parameter (default: $relay_domains). In order to disable the feature, -specify an empty value (fast_flush_domains =). - -Major changes with snapshot-20001029 -==================================== - -This release ships with an updated LDAP client module that has better -group support by Lamont Jones, and that has several other enhancements. -Review the LDAP_README file for more information. - -The LMTP client can now make connections over UNIX-domain sockets -in addition to IPV4. For connections over UNIX-domain sockets, -specify a transport table entry like: - - domain.name lmtp:unix:/path/name - -IPV4-based servers are still the default. The LMTP_README file -still needs to be revised to account for this change. This is -best done by someone who actually uses the Postfix LMTP client. - -You can now specify multiple SMTP destinations in the relayhost -and fallback_relay configuration parameters. The destinations are -tried in the specified order. Specify host or host:port (perform -MX record lookups), [host] or [host]:port (no MX record lookups), -[address] or [address]:port (numerical IP address). - -Incompatible changes with snapshot-20001005 -=========================================== - -If this release does not work for you, you can go back to a previous -Postfix version without losing your mail, subject to the "incompatible -changes" listed for previous Postfix releases below. - -You must execute "postfix stop" before installing this release. -Some recommended parameter settings have changed, and a new entry -must be added to the master.cf file before you can start Postfix -again. - -1 - The recommended Postfix configuration no longer uses flat - directories for the "active", "bounce", and "defer" queue - directories. The "flush" directory for the new "flush" service - directory should not be flat either. - - Upon start-up, Postfix checks if the hash_queue_names configuration - parameter is properly set up, and will add any queue directory - names that are missing. - -2 - In order to improve performance of one-to-one mail deliveries - the queue manager will now look at up to 10000 queue files - (was: 1000). The default qmgr_message_active_limit setting - was changed accordingly. - - If you have a non-default qmgr_message_active_limit in main.cf, - you may want adjust it. - -3 - The new "flush" service needs to be configured in master.cf. +Workarounds for non-standard RFC 2554 (AUTH command) implementations. +Specify "broken_sasl_auth_clients = yes" to enable SMTP server +support for old Microsoft client applications. The Postfix SMTP +client supports non-standard RFC 2554 servers by default. - Upon start-up, Postfix checks if the new "flush" service is - configured in the master.cf file, and will add an entry if it - is missing. - -Should you wish to back out to a previous Postfix release there is -no need to undo the above changes. +All time-related configuration parameters now accept a one-letter +suffix to indicate the time unit (s: second, m: minute, h: hour, +d: day, w: week). The exceptions are the LDAP and MYSQL modules +which are maintained separately. -Major changes with snapshot-20001005 -==================================== +New "import_environment" and "export_environment" configuration +parameters provide explicit control over what environment variables +Postfix will import, and what environment variables Postfix will +pass on to a non-Postfix process. In order to improve performance of one-to-one deliveries, Postfix by default now looks at up to 10000 messages at a time (was: 1000). -Until now, Postfix did a rather lame effort at implementing the -SMTP ETRN command - it attempted to deliver all mail in the queue, -regardless of its destination. This is slow if your mail server -queues mail for lots of different destinations. - -This release introduces fast "ETRN" and "sendmail -qR". These -deliver only mail that is queued for the specified destination, -without requiring Postfix to open every file in the mail queue. - -Postfix now maintains per-destination logfiles with information -about what mail is queued for specific destinations. By default, -these logfiles are maintained only for destinations that Postfix -is willing to relay to (as controlled by the relay_domains parameter). - -The maintenance policy for deferred mail logfiles is selected with -the "fast_flush_policy" configuration parameter. Possible values -are: "all" (maintain logs for all destinations), "relay" (maintain -logs for relay destinations) or "none" (maintain no logs). - -Postfix falls back to the old slow ETRN for destinations that are -not eligible for the fast "ETRN" and "sendmail -qR" service. - -See the file ETRN_README for details. - -Incompatible changes with snapshot-20000924 -=========================================== - -The postmaster address in the "sorry" text at the top of bounced -mail is now just postmaster, not postmaster@sending.machine. The -idea is to refer users to their own postmaster. - -Major changes with snapshot-20000924 -==================================== - -DSN formatted bounced/delayed mail notifications, finally. The -human-readable text still exists, so that users will not have to -be unnecessarily confused by all the ugliness of RFC 1894. - -Major changes with snapshot-20000923 -==================================== - -The nqmgr (experimental smarter queue manager) has been updated. -It no longer worked after the change in queue manager to delivery -agent protocol. - Specify "syslog_facility = log_local1" etc. to separate the logging from multiple Postfix instances. However, a non-default logging facility takes effect only after process initialization. Errors during command-line parsing are still logged with the default syslog facility, as are errors while processing the main.cf file. -Incompatible changes with snapshot-20000921 -=========================================== - -After "make install" you need to execute "postfix reload". The -protocol between queue manager and delivery agents has changed. -This does not affect the format of existing queue files. You just -cannot mix this Postfix version's queue managers or delivery agents -with older Postfix versions. - -The notation of [host:port] in transport tables etc. is going away -but it is still supported. The preferred form is now [host]:port. -This change is necessary to support IPV6 address forms which use -":" as part of a numeric IP address. In a future release, Postfix -will log a warning when it encounters the [host:port] form. - -In mail headers, Errors-To:, Reply-To: and Return-Receipt: addresses -are now rewritten as a sender address (was: recipient). - -Postfix no longer inserts Sender: message headers. - -The queue manager now logs the original number of recipients when -opening a queue file (example: from=<>, size=3502, nrcpt=1). - -The local delivery agent no longer appends a blank line to mail -that is delivered to external command. - -The pipe delivery agent no longer appends a blank line when the F -flag is specified (in the master.cf file). Specify the B flag if -you need that blank line. - -Major changes with snapshot-20000921 -==================================== - Postfix now strips out Content-Length: headers in incoming mail to avoid confusion in mail user agents. -The header_checks and body_checks features can now be used to strip -out unwanted data. Specify IGNORE and the data will disappear. - Specify "require_home_directory = yes" to prevent mail from being -delivered to a user whose home directory is not mounted. +delivered to a user whose home directory is not mounted. This +feature is implemented by the Postfix local delivery agent. The pipe mailer has a size limit (size=nnn) command-line argument. -Incompatible changes with snapshot-20000531 -=========================================== - -All references to "content inspection" have been replaced by "content -filtering", in anticipation of hooks for true content inspection -that does not re-inject mail back into Postfix. - -Incompatible changes with snapshot-20000529 -=========================================== - -This version introduces an incompatible queue file format change -when content filtering is enabled. Old Postfix queue files will -work fine, but new queue files with content filtering info will -not work with old Postfix versions. They log a warning and move -incompatible queue files to the "corrupt" mail queue subdirectory. - -Major changes with snapshot-20000529 -==================================== - -This version introduces full content filtering through an external -process. This involves an incompatible change in queue file format. -Mail is delivered to content filtering software via an existing -mail delivery agent, and is re-injected into Postfix via an existing -mail submission agent. See examples in the FILTER_README file. -Depending on how the filter is implemented, you can expect to lose -a factor of 2 to 4 in delivery performance of SMTP transit mail, -more if the content filtering software needs lots of CPU or memory. - -Major changes with snapshot-20000528 -==================================== - -Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick -and dirty emergency content filter that looks at non-header lines -one line at a time (including MIME headers inside the message body). -Details in conf/sample-filter.cf. - -This version introduces a new queue manager with a clever scheduler -by Patrik Rak that allow mailing list deliveries be pre-empted by -non-list mail, while preserving correct average delivery delays. -The queue manager is build as nqmgr. It needs further testing. - -Major changes with snapshot-20000514 -==================================== - -LaMont Jones and Patrik Rak reported two different scenarios in -which pipelined SMTP sessions could time out forever. Postfix now -automatically flushes delayed SMTP commands/replies to prevent -sender delays from accumulating too much. For example, client-side -delays happen when a client does DNS lookups to replace hostname -aliases in a MAIL FROM or RCPT TO commands; server-side delays -happen when an UCE restriction involves DNS lookup, or when a server -generates a tarpit delay. - -Incompatible changes with snapshot-20000507 -=========================================== - -As required by RFC 822, Postfix now inserts a generic destination -message header when no destination header is present. The text is -specified via the undisclosed_recipients_header configuration -parameter (default: "To: undisclosed-recipients:;"). - -The Postfix sendmail command treats a line with only `.' as -the end of input, for the sake of sendmail compatibility. To disable -this feature, specify the sendmail-compatible `-i' or `-oi' flags -on the sendmail command line. - -For the sake of Sendmail compatibility, the Postfix SMTP client -skips over SMTP servers that greet with a 4XX or 5XX reply code, -treating them as unreachable servers. To obtain prior behavior -(4XX=retry, 5XX=bounce), specify "smtp_skip_4xx_greeting = no" and -"smtp_skip_5xx_greeting = no". - -The read/write interface underneath VSTREAMs has been extended with -parameters that specify a read/write timeout and application context. -This should make it easier to plug in encryption modules such as TLS. - -Major changes with snapshot-20000507 -==================================== - -Better documentation of Postfix lookup tables, including descriptions -of how to use regular expressions in Postfix lookup tables. - -Updated mysql and LDAP client code with fixes and improvements. +The pipe delivery agent has a configurable end-of-line attribute. +Specify "pipe ... eol=\r\n" for delivery mechanisms that require +CRLF record delimiters. The eol attribute understands the following +C-style escape sequences: \a \b \f \n \r \t \v \nnn \\. In master.cf you can selectively override main.cf configuration parameters, for example: "smtpd -o myhostname=foo.com". @@ -404,35 +323,6 @@ connections to a specific local interface. Or override the default setting in master.cf with "smtp -o smtp_bind_address=x.x.x.x". For now, you must specify a numeric IP address. -Preliminary LMTP client support over TCP with connection caching. -Support for LMTP over UNIX-domain sockets will be added later as -an enhancement to the transport table syntax. See the LMTP_README -file for more details. - -By the way, LMTP client-side connection caching is a good example -for how to do the same in the SMTP client. - -Preliminary support for SASL authentication, both in the SMTP server -and in the SMTP client. See the SASL_README file for more details. - -The pipe delivery agent has a configurable end-of-line attribute. -Specify "pipe ... eol=\r\n" for delivery mechanisms that require -CRLF record delimiters. The eol attribute understands the following -C-style escape sequences: \a \b \f \n \r \t \v \nnn \\. - -Incompatible changes with snapshot-20000309 -=========================================== - -This release is mainly to have a reference point after reorganizing -the cleanup daemon, and before adding some major contributions from -other people. - -Major changes with snapshot-20000309 -==================================== - -Questionable feature: with "smtp_skip_5xx_greeting = yes", Postfix -emulates behavior found in some other MTAs. - Questionable feature: with "smtp_always_send_ehlo = yes", the SMTP client sends EHLO regardless of the content of the SMTP server's greeting. @@ -441,60 +331,9 @@ Specify "-d key" to postalias or postmap in order to remove one key. This still needs to be generalized to multi-key removal (e.g., read keys from stdin). -The manual pages in Postfix configuration files no longer contain -troff formatting codes. The text is now generated from prototype -files in a new "proto" subdirectory. - -Incompatible changes with postfix-19991231: -=========================================== - -- The SMTP server no longer forwards mail from untrusted clients -with sender-specified routing (stuff[@%!]stuff[@%!]stuff) through -destinations that are authorized by the relay_domains parameter. -This closes a loophole that exploits trust relationships between -hosts. Example: a trusted backup MX host forwards junk mail to -a primary MX host which forwards the junk to the Internet. Specify -"allow_untrusted_routing = yes" to restore the old behavior. - -- The SMTP server no longer forwards mail with sender-specified -routing (stuff[@%!]stuff[@%!]stuff) through destinations that are -authorized by the permit_mx_backup feature. This change is under -control by the allow_untrusted_routing parameter discussed above. - -- In order to support the above, the data structure and protocol -of the trivial-rewrite service was changed. This means you must -re-compile and re-link existing software that uses the Postfix -resolve_clnt interface. - -- As a side effect of the above, an address from an untrusted client -with @ in the localpart (user@remote@here) no longer bounces with -"user unknown" but instead is rejected with "relay access denied". - -- Incompatible SMTPD access map changes: - - An all-numeric right-hand side now means OK. This is for better - cooperation with out-of-band authentication mechanisms such as - POP before SMTP etc. - - An empty right-hand sides still mean OK, but Postfix will log a - warning in order to discourage such usage. - - You can no longer use virtual, canonical or aliases tables as - SMTPD access maps. Use the local_recipient_maps feature instead. - -- Recipient addresses may no longer begin with `-'. In order to -get the old behavior, specify "allow_min_user = yes" in main.cf. - -- Incompatible transport map changes: - - Transport map entries override mydestination. If you use transport - maps, it is better to always have explicit entries for all domain - names you have in $mydestination. See the html/faq.html sections - for firewalls and intranets. - - The nexthop information given to a local delivery agent may have - changed. This information was never intended to be used as a - next-hop destination. +Comments in Postfix configuration files no longer contain troff +formatting codes. The text is now generated from prototype files +in a new "proto" subdirectory. Major changes with postfix-19991231: ==================================== diff --git a/postfix/RESTRICTION_CLASS b/postfix/RESTRICTION_CLASS index 22f3d324c..f623d2878 100644 --- a/postfix/RESTRICTION_CLASS +++ b/postfix/RESTRICTION_CLASS @@ -5,11 +5,11 @@ The Postfix SMTP server allows you to specify UCE restrictions on the right-hand side of SMTPD access tables, so that you can have different UCE restrictions for different clients or users. -The only anomalies in this scheme are that (1) message header checks -are still the same for every message, and (2) you must use a -restriction class name (see below) if you want to specify a lookup -table on the right-hand side of an access table (this is because -Postfix needs to open those tables ahead of time). +The only anomalies in this scheme are that (1) message header_checks +and body_checks are still the same for every message, and (2) you +must use a restriction class name (see below) if you want to specify +a lookup table on the right-hand side of an access table (this is +because Postfix needs to open those tables ahead of time). Restriction classes allow you to give easy-to-remember names to groups of UCE restrictions (such as permissive, restrictive, and diff --git a/postfix/SASL_README b/postfix/SASL_README index d793787e8..6567ab4e0 100644 --- a/postfix/SASL_README +++ b/postfix/SASL_README @@ -62,11 +62,14 @@ Reportedly, Microsoft Internet Explorer version 5 requires the non-standard SASL LOGIN authentication method. To enable this authentication method, specify ``./configure --enable-login''. -Reportedly, older Microsoft software mis-implements the AUTH -protocol, and requires that the server replies to EHLO with -"250-AUTH=stuff..." instead of "250-AUTH stuff...". To accomodate -such clients, set "allow_broken_auth_clients = yes" in the main.cf -file. +Older Microsoft SMTP client software implements a non-standard +version of the AUTH protocol syntax, and expects that the SMTP +server replies to EHLO with "250 AUTH=stuff" instead of "250 AUTH +stuff". To accomodate such clients in addition to conformant +clients, set "broken_sasl_auth_clients = yes" in the main.cf file. + +The Postfix SMTP client is backwards compatible with SMTP servers +that use the non-standard AUTH protocol syntax. Building Postfix with SASL authentication support ================================================= @@ -78,14 +81,14 @@ and that the Cyrus SASL libraries are in /usr/local/lib. On some systems this generates the necessary Makefile definitions: % make tidy # if you have left-over files from a previous build - % make makefiles CCARGS=-DUSE_SASL_AUTH" -I/usr/local/include" \ + % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include" \ AUXLIBS="-L/usr/local/lib -lsasl" On Solaris 2.x you need to specify run-time link information, otherwise ld.so will not find the SASL shared library: % make tidy # if you have left-over files from a previous build - % make makefiles CCARGS=-DUSE_SASL_AUTH" -I/usr/local/include" \ + % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include" \ AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lsasl" Enabling SASL authentication in the Postfix SMTP server diff --git a/postfix/TODO b/postfix/TODO index 280c4c224..04708b4df 100644 --- a/postfix/TODO +++ b/postfix/TODO @@ -7,55 +7,30 @@ expanded via :include:). postconf -f filename -more general relocated feature - perhaps better to bounce recipients +get rid of the relocated feature - perhaps better to bounce recipients at the SMTP port. -use $mydomain when hostname is not FQDN. - -generic daemon that listens on fifo and runs command - make sendmail/smtpd/cleanup output directory/fifo configurable if postdrop scrutinizes input, skip the overhead in the pickup daemon. -luser relay - add a threshold to sendmail etc. stderr logging, so that class "info" messages don't go to stderr. -need a configurable mailbox locking method with system-specific -default, so people don't have to recompile just to turn of fcntl() -locks to work around SUN mailtool. - implement an UCE control to accept mail if the sender domain sender lists us as MX host (rafal wiosna). By the same token, implement a control to accept mail when the client hostname/parent domain lists us as their MX host. -with recipient delimiter enabled, append the unmatched recipient -of @virtual.domain patterns as extension to right-hand recipient, -for qmail-like virtual mapping. - received: headers should be generated by the cleanup daemon, and client attributes ("with", "from", etc.) should be passed along with the message. This guarantees that forwarded/aliased mail gets stamped with the queue ID. -trivial-rewrite etc.: after reload, close the listen socket and -wait until all clients disconnect. - -In qmgr_entry.c, turn off random walk by default. - toss double-bounce mail even when mail for the local machine is redirected to another box. See mail_addr_double_bounce(). -represent peer as object, not as name + addr arguments - -ignore sender: header when different from envelope? - -smtp client: optionally log every MX host contacted - remote showq access (cookie in maildrop or print some text to inform the user) @@ -63,48 +38,23 @@ defer: explain mail was bounced after N days multiple rewrite processes? -log relay address in addition to host. - gethostbyaddr() uses native name services, which can be slow. can we detect a client that ignores error responses? way to block inbound mail based on recipient suffix? -when client begins with non-SMTP data, log warning - -when non-SMTP follows ".", log warning. - -On linux syslogd needs -/file/name - can Postfix implement one switchboard instead of having all these little lookup tables? make canonical/virtual/etc. table lookup order configurable -allow /file/name or maptype_mapname in $mydestination - -make protocol errors soft errore? There are a lot of broken mailers -out there that sometimes croak and sometimes work. - -require @ in sender/rcpt (another restriction) - -figure out a way to pump recipients into qmgr before concurrency -starts to drop. - pass on client etc/ attributes along with message to delivery agent -pass on configurable info into external process environment - scrutinize file opens in delivery agents just like in qmgr (better: open the file and see if someone compromised the vmailer account and is racing against us). -cleanup: don't run out of memory with large amounts of bcc addresses - -cleanup: permit non-empty extra segment, so that mail posting -software can pass in bcc recipients. - suspend/resume signals + master status (suspended/running) in PID file. Maybe use FIFO instead. But, that means requests do not arrive when the master is stuck. @@ -134,24 +84,9 @@ access. trivial-rewrite: optionally, use DNS to fully qualify hostnames. -smtp: optionally deal with MX records containing an address instead -of a name. - pickup/cleanup/qmgr/local: add options record to control internal features such as canonical/virtual mapping, VERPs etcetera. -smtpd: when deciding if a destination is local, also look at the -virtual map. Perhaps we should move canonical and virtual lookups -back into the rewrite service, but under a different name, so they -do not get in the way if we do not want them. - -Queue manager: do not allocate queue slots when a destination -already has more than some threshold. This is to prevent a dead or -slow destination from filling up the queue manager's active queue, -preventing delivery to other destinations. However, such `fairness' -strategies should not cause Postfix to lose the benchmark race, so -we must be fair and smart at the same time :-) - Add hook for (domain, user database) support. This is needed if you have lots of real domains and can't afford a separate master.cf delivery agent entry for each domain. @@ -159,9 +94,6 @@ delivery agent entry for each domain. Add support for DBZ databases, using the code from INN. Reportedly, GDB handles large numbers of keys poorly. -Make the number of time bits in the queue ID configurable, or at -least a little larger. - Change the front-end to cleanup protocol so that the front-end sends the expected message size, and so that the cleanup service can report if there is enough space. This is useful only for the @@ -196,40 +128,11 @@ postfix-script: detect and/or build missing alias database. In order to do this we must extract the alias_maps parameter from the main.cf file, and create any missing files with the right ownerships. -SunOS 5.4 sendmail seems to include the null byte in alias keys -and values, like almost every UNIX system; SunOS 5.5 sendmail does -not include these nulls. Need to add support for SunOS 5.4. NIS -alias maps always include the null terminator... - implement the return-receipt-to notification service. -Implement real address rewriting. - -default alias for mail to non-existent users. How useful is this -when the postmaster already gets notices of mail that could not be -delivered by the local mail system? And how do we pass around the -original envelope recipient once it has been "aliased" to the -address for non-existent users? - -owner-default alias to capture all mailing list errors. Or perhaps -they should just set up the appropriate owner-foo aliases in their -alias database? - -make mail_params module the main config interface; no calls from -config.c to routines in mail_params.c - -resolve/rewrite clients should share connection - -postfix-script: make sure permissions of queue (and anything below) -are sane. - bounce/defer: provide attribute-value interface, for better logging (expanded-from etc.) and non-delivery reports. -Postfix-Options: header, to turn on qmail-like VERPs. But, these -must be accessible only for locally-posted mail (not mail that -arrives via UUCP). - Maintain per-client short-term host status, so we can slow down unreasonable clients @@ -248,27 +151,10 @@ True ETRN means kick the host out of the queue manager's "dead hosts" table & move mail from the "hold" queue for that site to the incoming queue. -Option to make a copy of all mail passing through the mail system. - -The message ID is built by concatenating the time of day in seconds -with the queue id. We must ensure that a queue id is unique for at -least one second, otherwise multiple messages will have the same -message ID. Queue ids will always collide after a while. The NFS -generation number for the queue file would be useful, but there is -no portable interface to get it, and we cannot depend on the system -having NFS support enabled. If a 1-microsecond resolution is -sufficient, we could compose the queue ID from the inode number -plus 6 decimal digits or 5 hex ones for the time in microseconds. -Or, use a smarter encoding with more bits per character. - postfix-script: make sure that each queue file matches its file id or we might lose mail. postfix-script: do database fixups as the unprivileged user -Put a version file in the conf directory or add option to vmail -control command to print the version (requires vmconf tool that -can query main.cf.). - Maintain a pool of pre-allocated queue files, to eliminate file creation and deletion overhead. diff --git a/postfix/UUCP_README b/postfix/UUCP_README index ba5b04540..e6fbd56e4 100644 --- a/postfix/UUCP_README +++ b/postfix/UUCP_README @@ -2,3 +2,5 @@ In order to receive mail via UUCP, your system needs to have an rmail command installed. A minimal rmail command can be found in the "auxiliary/rmail" directory. Install the command, mode 755, in a place that can be found by the UUCP "uuxqt" command. + +In order to send mail via UUCP, see html/faq.html. diff --git a/postfix/VIRTUAL_README b/postfix/VIRTUAL_README deleted file mode 100644 index 255312529..000000000 --- a/postfix/VIRTUAL_README +++ /dev/null @@ -1,154 +0,0 @@ -[Code contribued by Andrew McNamara ] - -Code created by Andrew McNamara and adapted to -snapshot 20001121 by Xavier Beaudouin. - -Code is maintened now by Xavier Beaudouin - -[Original Message] -I've run out of time to fiddle further at the moment, so I've decided to -post my virtual local delivery agent. Note that this is still a work in -progress, so don't bet your business on it. - -I'll repeat what I said last time: - - This code is designed for ISP's who offer virtual mail hosting. It - looks up the location, uid and gid of user mailboxes via separate maps, - and the mailbox location map can specify either mailbox or maildir - delivery (controlled by trailing slash on mailbox name). - - The agent does not support aliases or .forwards (use the virtual table - instead), and therefore doesn't support file or program aliases. This - choice was made to simplify and streamline the code (it allowed me to - dispense with 70% of local's code - mostly the bits that are a security - headache) - if you need this functionality, this agent isn't for you. - - It also doesn't support writing to a common spool as root and then - chowning the mailbox to the user - I felt this functionality didn't fit - with my overall aims. - -Some other notes: - -- It's still called "virtual" - I had some concerns that this would - confuse people, but I'll leave that call up to Wietse - if he wants - to integrate it, he can specify the name. - -- I've retained the three separate map lookups at this time. When - postfix supports maps that return multiple values, we can consider - changing it then. - -- Specify "virtual:" as the target in the transport table for domains - for which you want this agent used. - -- The attached file is a gzipped tar that should be unpacked in the - base postfix directory (where the INSTALL and HISTORY files live) - - it adds a "virtual" subdirectory, and a "virtual.patch" file. The - patch updates the top level Makefile.in to build the new agent, and - global/mail_params.h to add the new config parameters. - -New config options are: - -virtual_mailbox_base - - Specifies a path that is prepended to all mailbox paths. This is - a safety measure to ensure an out of control map doesn't litter the - filesystem with mailboxes (or worse). While it could be set to "/", - this isn't recommended. - -virtual_mailbox_maps - - Recipients are looked up in this map to determine the path to their - mailbox. If the returned path ends in a slash ("/"), maildir-style - delivery is carried out, otherwise the path is assumed to specify a - mailbox file. Note that virtual_mailbox_base is unconditionally - prepended to this path. - -virtual_minimum_uid - - Specifies a minimum uid that will be accepted as a return from a - virtual_uid_maps lookup. Returned values less than this will be - rejected, and the message will be deferred. - -virtual_uid_maps - - Recipients are looked up in this map to determine the UID to be - used when writing to the target mailbox. - -virtual_gid_maps - - Recipients are looked up in this map to determine the GID to be - used when writing to the target mailbox. - -virtual_usedotlock - - Use dot-locking when writing to mailboxes - defaults to off. - -[ - Exemple configuration - ] - -In main.cf file : ---/--- - virtual_mailbox_base = /var/mail/vhosts - virtual_mailbox_maps = dbm:/etc/postfix/vmailbox - virtual_minimum_uid = 100 - virtual_uid_maps = dbm:/etc/postfix/vuid - virtual_gid_maps = dbm:/etc/postfix/vgid - virtual_usedotlock = no ---/--- - -In vmailbox file : - ---/--- -testuser@fakedom.com testuser/ ---/--- - -In vuid file : - ---/--- -testuser@fakedom.com 5000 ---/--- - -In vgid file : - ---/--- -testuser@fakedom.com 5000 ---/--- - -Don't forget to add in master.cf the entry for the agent, that should be -like : - ---/--- -virtual unix - n n - - virtual ---/--- - -NOTES : -------- - -1- Don't forget to add dbm:/etc/posfix/vmailbox into your -local_recipent_maps in main.cf like : - ---/--- -local_recipient_maps = $alias_maps dbm:/etc/posfix/vmailbox unix:passwd.byname ---/--- - -2- If you use only the virtual localdelivery you can add the following line -into main.cf - ---/--- -mailbox_transport = virtual ---/--- - -Otherwise you can use transport_maps : - -In main.cf file : - ---/--- -transport_maps=dbm:/etc/postfix/transport ---/--- - -In transport file : - ---/--- -fakedom.com virtual: ---/--- - - diff --git a/postfix/conf/access b/postfix/conf/access index a8a9d354f..78f93f188 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -83,35 +83,36 @@ # REJECT Reject the address etc. that matches the pattern. A # generic error response message is generated. # -# OK +# OK Accept the address etc. that matches the pattern. # -# Any other text -# Accept the address etc. that matches the pattern. +# restriction... +# Apply the named UCE restriction (permit, reject, +# reject_unauth_destination, and so on). # # REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # the table is given in the form of regular expressions. For -# a description of regular expression lookup table syntax, +# a description of regular expression lookup table syntax, # see regexp_table(5) or pcre_table(5). # -# Each pattern is a regular expression that is applied to +# Each pattern is a regular expression that is applied to # the entire string being looked up. Depending on the appli- -# cation, that string is an entire client hostname, an +# cation, that string is an entire client hostname, an # entire client IP address, or an entire mail address. Thus, -# no parent domain or parent network search is done, and -# user@domain mail addresses are not broken up into their +# no parent domain or parent network search is done, and +# user@domain mail addresses are not broken up into their # user@ and domain constituent parts. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Actions are the same as with normal indexed file lookups, -# with the additional feature that parenthesized substrings -# from the pattern can be interpolated as $1, $2 and so on. +# Actions are the same as with normal indexed file lookups, +# with the additional feature that parenthesized substrings +# from the pattern can be interpolated as $1, $2 and so on. # # BUGS -# The table format does not understand quoting conventions. +# The table format does not understand quoting conventions. # # 2 # @@ -124,7 +125,7 @@ # regexp_table(5) format of POSIX regular expression tables # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index 38ae9fcd8..ee1c90c70 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -4,6 +4,9 @@ # The general format is lines with parameter = value pairs. Lines # that begin with whitespace continue the previous line. A value can # contain references to other $names or ${name}s. +# +# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF +# POSTFIX STILL WORKS AFTER EVERY CHANGE. # SOFT BOUNCE # @@ -115,14 +118,85 @@ mail_owner = postfix # a name matches a lookup key. Continue long lines by starting the # next line with whitespace. # -# DO NOT LIST VIRTUAL DOMAINS HERE. LIST THEM IN THE VIRTUAL FILE -# INSTEAD. BE SURE TO READ THE ENTIRE VIRTUAL MANUAL PAGE. -# #mydestination = $myhostname, localhost.$mydomain #mydestination = $myhostname, localhost.$mydomain $mydomain #mydestination = $myhostname, localhost.$mydomain, $mydomain, # mail.$mydomain, www.$mydomain, ftp.$mydomain +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in file sample-smtpd.cf. +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +# mynetworks_style = class +# mynetworks_style = subnet +# mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks + +# The relay_domains parameter restricts what clients this mail system +# will relay mail from, or what destinations this system will relay +# mail to. See the smtpd_recipient_restrictions restriction in the +# file sample-smtpd.cf for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients whose IP address matches $mynetworks, +# - from "trusted" clients matching $relay_domains or subdomains thereof, +# - from untrusted clients to destinations that match $relay_domains +# or subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_maps. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction in the file sample-smtpd.cf. +# +#relay_domains = $mydestination + # INTERNET OR INTRANET # The relayhost parameter specifies the default host to send mail to @@ -322,53 +396,6 @@ mail_owner = postfix #header_checks = regexp:/etc/postfix/filename #header_checks = pcre:/etc/postfix/filename -# The relay_domains parameter restricts what clients this mail system -# will relay mail from, or what destinations this system will relay -# mail to. See the smtpd_recipient_restrictions restriction in the -# file sample-smtpd.cf. -# -# By default, Postfix relays mail -# - from trusted clients whose IP address matches $mynetworks, -# - from trusted clients matching $relay_domains or subdomains thereof, -# - from untrusted clients to destinations that match $relay_domains -# or subdomains thereof, except addresses with sender-specified routing. -# The default relay_domains value is $mydestination. -# -# In addition to the above, the Postfix SMTP server by default accepts mail -# that Postfix is final destination for: -# - destinations that match $inet_interfaces, -# - destinations that match $mydestination -# - destinations that match $virtual_maps. -# These destinations do not need to be listed in $relay_domains. -# -# Specify a list of hosts or domains, /file/name patterns or type:name -# lookup tables, separated by commas and/or whitespace. Continue -# long lines by starting the next line with whitespace. A file name -# is replaced by its contents; a type:name table is matched when a -# (parent) domain appears as lookup key. -# -# NOTE: Postfix will not automatically forward mail for domains that -# list this system as their primary or backup MX host. See the -# permit_mx_backup restriction in the file sample-smtpd.cf. -# -#relay_domains = $mydestination - -# The mynetworks parameter specifies the list of networks that are -# local to this machine. The list is used by the anti-UCE software -# to distinguish local clients from strangers. See permit_mynetworks -# and smtpd_recipient_restrictions in the file sample-smtpd.cf file. -# -# The default is a list of all networks attached to the machine: a -# complete class A network (X.0.0.0/8), a complete class B network -# (X.X.0.0/16), and so on. If you want stricter control, specify a -# list of network/mask patterns, where the mask specifies the number -# of bits in the network part of a host address. You can also specify -# the absolute pathname of a pattern file instead of listing the -# patterns here. -# -#mynetworks = 168.100.189.0/28, 127.0.0.0/8 -#mynetworks = $config_directory/mynetworks - # FAST ETRN SERVICE # # Postfix maintains per-destination logfiles with information about @@ -411,10 +438,11 @@ mail_owner = postfix # raise eyebrows. # # Each message delivery transport has its XXX_destination_concurrency_limit -# parameter. The default is $default_destination_concurrency_limit. +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. -local_destination_concurrency_limit = 2 -default_destination_concurrency_limit = 10 +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 10 # DEBUGGING CONTROL # diff --git a/postfix/conf/master.cf b/postfix/conf/master.cf index 15deb0142..e00d7c683 100644 --- a/postfix/conf/master.cf +++ b/postfix/conf/master.cf @@ -80,6 +80,7 @@ smtp unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error local unix - n n - - local +virtual unix - n n - - virtual lmtp unix - - n - - lmtp cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} diff --git a/postfix/conf/postfix-script-nosgid b/postfix/conf/postfix-script-nosgid index 25235a208..2c5d43ae2 100755 --- a/postfix/conf/postfix-script-nosgid +++ b/postfix/conf/postfix-script-nosgid @@ -145,7 +145,9 @@ reload) exit 1 } $INFO refreshing the Postfix mail system + $command_directory/postsuper active || exit 1 kill -HUP `sed 1q pid/master.pid` + $command_directory/postsuper & ;; flush) @@ -245,6 +247,8 @@ EOF (echo "$found" | grep bounce >/dev/null) || missing="$missing bounce" (echo "$found" | grep defer >/dev/null) || missing="$missing defer" (echo "$found" | grep flush >/dev/null) || missing="$missing flush" + (echo "$found" | grep incoming>/dev/null)|| missing="$missing incoming" + (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" test -n "$missing" && { $WARN fixing main.cf hash_queue_names for missing $missing $command_directory/postconf -e hash_queue_names="$found$missing" @@ -252,7 +256,8 @@ EOF # See if all queue files are in the right place. - $command_directory/postsuper || exit 1 + $command_directory/postsuper active + $command_directory/postsuper & find corrupt -type f -exec $WARN damaged message: {} \; diff --git a/postfix/conf/postfix-script-sgid b/postfix/conf/postfix-script-sgid index 2cf7f5c38..a635ef679 100755 --- a/postfix/conf/postfix-script-sgid +++ b/postfix/conf/postfix-script-sgid @@ -145,7 +145,9 @@ reload) exit 1 } $INFO refreshing the Postfix mail system + $command_directory/postsuper active || exit 1 kill -HUP `sed 1q pid/master.pid` + $command_directory/postsuper & ;; flush) @@ -246,6 +248,8 @@ EOF (echo "$found" | grep bounce >/dev/null) || missing="$missing bounce" (echo "$found" | grep defer >/dev/null) || missing="$missing defer" (echo "$found" | grep flush >/dev/null) || missing="$missing flush" + (echo "$found" | grep incoming>/dev/null)|| missing="$missing incoming" + (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" test -n "$missing" && { $WARN fixing main.cf hash_queue_names for missing $missing $command_directory/postconf -e hash_queue_names="$found$missing" @@ -253,8 +257,8 @@ EOF # See if all queue files are in the right place. - - $command_directory/postsuper || exit 1 + $command_directory/postsuper active + $command_directory/postsuper & find corrupt -type f -exec $WARN damaged message: {} \; diff --git a/postfix/conf/sample-ldap.cf b/postfix/conf/sample-ldap.cf index 00620b311..4f8a504d6 100644 --- a/postfix/conf/sample-ldap.cf +++ b/postfix/conf/sample-ldap.cf @@ -67,3 +67,8 @@ # ldap_open(3) man page. # #ldap_dereference = 0 + +# The ldap_domain parameter limits the LDAP searches to just things in +# (exactly) the specified list of domains. +# +#ldap_domain = diff --git a/postfix/conf/sample-local.cf b/postfix/conf/sample-local.cf index d7b7e0268..f8ac3329a 100644 --- a/postfix/conf/sample-local.cf +++ b/postfix/conf/sample-local.cf @@ -187,7 +187,7 @@ mailbox_transport = fallback_transport = # -# RATE CONTROLS +# RESOURCE CONTROLS # # The local_destination_concurrency_limit parameter limits the number @@ -200,6 +200,13 @@ fallback_transport = # local_destination_concurrency_limit = 2 +# The mailbox_size_limit parameter controls the maximal size of a +# mailbox or maildir file (in fact, it limits the size of any file +# that is written to upon local delivery) The default is 50 MBytes. +# This limit must not be set smaller than the message size limit. +# +mailbox_size_limit = 51200000 + # The local_destination_recipient_limit parameter limits the number # of recipients per local message delivery. The default limit is # taken from the default_destination_recipient_limit parameter. diff --git a/postfix/conf/sample-misc.cf b/postfix/conf/sample-misc.cf index ed7b57db4..14f9e19b2 100644 --- a/postfix/conf/sample-misc.cf +++ b/postfix/conf/sample-misc.cf @@ -211,23 +211,41 @@ mydestination = $myhostname, localhost.$mydomain # myorigin = $mydomain myorigin = $myhostname -# The mynetworks parameter specifies the list of networks that are -# local to this machine. The list is used by the anti-UCE software -# to distinguish local clients from strangers. See permit_mynetworks -# in the sample-smtpd.cf file. -# -# The mynetworks parameter specifies the list of networks that are -# local to this machine. The list is used by the anti-UCE software -# to distinguish local clients from strangers. See permit_mynetworks -# and smtpd_recipient_restrictions in the file sample-smtpd.cf file. -# -# The default is a list of all networks attached to the machine: a -# complete class A network (X.0.0.0/8), a complete class B network -# (X.X.0.0/16), and so on. If you want stricter control, specify a -# list of network/mask patterns, where the mask specifies the number -# of bits in the network part of a host address. You can also specify -# the absolute pathname of a pattern file instead of listing the -# patterns here. +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in file sample-smtpd.cf. +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +# mynetworks_style = class +# mynetworks_style = subnet +# mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. # #mynetworks = 168.100.189.0/28, 127.0.0.0/8 diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf index 56f301800..ec7714d60 100644 --- a/postfix/conf/sample-smtpd.cf +++ b/postfix/conf/sample-smtpd.cf @@ -101,6 +101,45 @@ smtpd_hard_error_limit = 100 # UCE RESTRICTIONS # +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in file sample-smtpd.cf. +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +# mynetworks_style = class +mynetworks_style = subnet +# mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks + # The smtpd_client_restrictions parameter specifies optional restrictions # on SMTP client host names and addresses. # diff --git a/postfix/conf/sample-virtual.cf b/postfix/conf/sample-virtual.cf new file mode 100644 index 000000000..d660d6b79 --- /dev/null +++ b/postfix/conf/sample-virtual.cf @@ -0,0 +1,23 @@ +# DO NOT EDIT THIS FILE. EDIT THE MAIN.CF FILE INSTEAD. THE STUFF +# HERE JUST SERVES AS AN EXAMPLE. +# +# This file contains example settings of Postfix configuration +# parameters that control virtual database lookups. + +# The virtual_maps parameter specifies optional lookup tables to +# redirect specific addresses or even complete domains to another +# address. This is typically used to implement virtual domain support. +# +# By default, no address redirection is done. +# +# If you use this feature, run "postmap /etc/postfix/virtual" to +# build the necessary DBM or DB file after change. +# +# It may take a minute or so before the change becomes visible. +# Use "postfix reload" to eliminate the delay. +# +# virtual_maps = dbm:/etc/postfix/virtual +# virtual_maps = hash:/etc/postfix/virtual +# virtual_maps = hash:/etc/postfix/virtual, nis:virtual +# virtual_maps = hash:/etc/postfix/virtual, netinfo:/virtual +virtual_maps = diff --git a/postfix/html/Makefile.in b/postfix/html/Makefile.in index 9374acc1a..8f7e91ac1 100644 --- a/postfix/html/Makefile.in +++ b/postfix/html/Makefile.in @@ -5,7 +5,7 @@ SHELL = /bin/sh DAEMONS = bounce.8.html cleanup.8.html defer.8.html error.8.html local.8.html \ lmtp.8.html master.8.html pickup.8.html pipe.8.html qmgr.8.html \ showq.8.html smtp.8.html smtpd.8.html trivial-rewrite.8.html \ - spawn.8.html flush.8.html + spawn.8.html flush.8.html # nqmgr.8.html virtual.8.html COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \ postconf.1.html postfix.1.html postkick.1.html postlock.1.html \ postlog.1.html postdrop.1.html postmap.1.html sendmail.1.html \ @@ -51,6 +51,12 @@ local.8.html: ../src/local/local.c master.8.html: ../src/master/master.c srctoman $? | nroff -man | man2html | postlink >$@ +nqmgr.8.html: ../src/nqmgr/qmgr.c + srctoman $? | sed -e 's/qmgr[^_]/n&/' \ + -e 's/qmgr$$/n&/' \ + -e 's/QMGR[^_]/N&/' | \ + nroff -man | man2html | postlink >$@ + pickup.8.html: ../src/pickup/pickup.c srctoman $? | nroff -man | man2html | postlink >$@ @@ -72,6 +78,9 @@ smtp.8.html: ../src/smtp/smtp.c smtpd.8.html: ../src/smtpd/smtpd.c srctoman $? | nroff -man | man2html | postlink >$@ +virtual.8.html: ../src/virtual/virtual.c + srctoman $? | nroff -man | man2html | postlink >$@ + trivial-rewrite.8.html: ../src/trivial-rewrite/trivial-rewrite.c srctoman $? | nroff -man | man2html | postlink >$@ diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 383ba957e..0818d204c 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -94,36 +94,36 @@ ACCESS(5) ACCESS(5) REJECT Reject the address etc. that matches the pattern. A generic error response message is generated. - OK + OK Accept the address etc. that matches the pattern. - Any other text - Accept the address etc. that matches the pattern. + restriction... + Apply the named UCE restriction (permit, reject, + reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, + a description of regular expression lookup table syntax, see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire string being looked up. Depending on the appli- - cation, that string is an entire client hostname, an + cation, that string is an entire client hostname, an entire client IP address, or an entire mail address. Thus, - no parent domain or parent network search is done, and - user@domain mail addresses are not broken up into their + no parent domain or parent network search is done, and + user@domain mail addresses are not broken up into their user@ and domain constituent parts. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Actions are the same as with normal indexed file lookups, - with the additional feature that parenthesized substrings - from the pattern can be interpolated as $1, $2 and so on. + Actions are the same as with normal indexed file lookups, + with the additional feature that parenthesized substrings + from the pattern can be interpolated as $1, $2 and so on. BUGS - The table format does not understand quoting conventions. - + The table format does not understand quoting conventions. @@ -144,7 +144,7 @@ ACCESS(5) ACCESS(5) regexp_table(5) format of POSIX regular expression tables LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/backstage.html b/postfix/html/backstage.html index 5ce551c04..577a3c032 100644 --- a/postfix/html/backstage.html +++ b/postfix/html/backstage.html @@ -57,6 +57,22 @@ or in order to resolve a destination. queue status. This is the program behind the mailq command. +

+ +

  • The flush daemon improves the +performance of the SMTP ETRN request, and of its command-line +equivalent, sendmail -qRdestination, for selected +destinations. For other destinations, Postfix silently falls +back to the equivalent of sendmail -q. + +

    + +

  • The spawn daemon listens on a TCP +port, UNIX-domain socket or FIFO, and runs non-Postfix commands on +request, with the socket or FIFO connected to the standard input, +output and error streams. It is currently used only in an example +of the Postfix external content filtering system. +
    diff --git a/postfix/html/basic.html b/postfix/html/basic.html index 19635f6f9..3333296b7 100644 --- a/postfix/html/basic.html +++ b/postfix/html/basic.html @@ -32,6 +32,9 @@ three parameters before you can use the Postfix mail system:
  • What domains to receive mail for +

    + +

  • What clients to relay mail for @@ -158,6 +161,25 @@ hostnames of the machine, including $myhostname, and localhost.$mydomain. +

    What clients to relay mail for

    + +By default, Postfix will relay mail for clients in authorized +networks and in authorized domains. + +

    + +Authorized client networks are defined by the mynetworks parameter. The default is to +authorize all clients in the IP subnetworks that the local machine +is attached to. + +

    + +Authorized client domains are by defined by the relay_domains configuration +parameter. The default setting trusts clients with hostnames below +the domain(s) listed in mydestination. +

    What trouble to report to the postmaster

    @@ -286,17 +308,59 @@ top-level domain).

    My own networks

    The mynetworks parameter lists all networks that this machine -is attached to. This information can be used by the -anti-UCE features to distinguish between local systems and -strangers. +somehow trusts. This information can be used by the +anti-UCE features to recognize trusted SMTP clients that are +allowed to relay mail through Postfix. + +

    + +You can specify the list of trusted networks in the main.cf +file, or you can let Postfix deduce the list for you. The default +is to let Postfix do the work for you. + +

    + +

    + +
    Default: + +
    mynetworks_style = subnet + +

    + +

    The meaning of the styles is as follows:

    -By default, mynetworks is set to the class A, B or C networks -that the machine is attached to. For example, for my machines at -home, the result is: 168.100.0.0/16 127.0.0.0/8. However, -network 168.100 is owned by my ISP. Of course I do not want -to consider all their customer systems as local, so I use instead: +

    + +
    class
    Trust SMTP clients in the class A/B/C networks +that Postfix is connected to. Don't do this with a dialup site +- it would cause Postfix to "trust" your entire provider's network. +Instead, specify an explicit mynetworks list by hand, as described +below. + +

    + +

    subnet (default)
    Trust SMTP clients in the IP +subnetworks that Postfix is connected to. + +

    + +

    host
    Trust only the local machine. + +
    + +
    + +

    + +Alternatively, you can specify the mynetworks list by hand, +in which case Postfix ignores the mynetworks_style setting. +To specify the list of trusted networks by hand, specify network +blocks in CIDR (network/mask) notation, for example: + +

    @@ -304,6 +368,11 @@ to consider all their customer systems as local, so I use instead:
    +

    + +You can also specify the absolute pathname of a pattern file instead +of listing the patterns in the main.cf file. +

    My own network addresses

    The inet_interfaces parameter specifies all network interface @@ -316,9 +385,14 @@ as if it is addressed to a domain listed in $mydestination. The default is to listen on all active interfaces. If you run mailers on virtual interfaces, you will have to specify what -interfaces to listen on. This includes the non-virtual mailer that -receives mail for the machine itself as well: it should never listen -on the virtual interfaces or you would have a mailer loop. +interfaces to listen on. + +

    + +You even have to specify explicit machine interfaces for the +non-virtual mailer that receives mail for the machine itself: the +non-virtual mailer should never listen on the virtual interfaces +or you would have a mailer loop.

    diff --git a/postfix/html/delivering.html b/postfix/html/delivering.html index a39b603af..ed2a9e533 100644 --- a/postfix/html/delivering.html +++ b/postfix/html/delivering.html @@ -108,6 +108,20 @@ such as the popular procmail program.

    +

  • The virtual delivery agent is a +very much stripped down version of the local delivery agent that +delivers to mailboxes only. This is the most secure Postfix delivery +agent, because it does not aliases expansions and no .forward file +expansions. + +

    + +This delivery agent can deliver mail for multiple domains, which +makes it especially suitable for hosting lots of small domains on +a single machine. + +

    +

  • The SMTP client looks up a list of mail exchangers for the destination host, sorts the list by preference, and tries each address in turn until it finds a server @@ -116,6 +130,15 @@ client processes running in parallel.

    +

  • The LMTP client speaks a protocol +similar to SMTP. The client can connect to local or remote mailbox +servers such as Cyrus. All the queue management is done by Postfix. +The advantage of this setup is that one Postfix machine can feed +multiple mailbox servers over LMTP. The opposite is true as well: +one mailbox server can be fed over LMTP by multiple Postfix machines. + +

    +

  • The pipe mailer is the outbound interface to other mail transports (the sendmail program is the inbound interface). diff --git a/postfix/html/error.8.html b/postfix/html/error.8.html index 2a3d401f8..d36ab9919 100644 --- a/postfix/html/error.8.html +++ b/postfix/html/error.8.html @@ -16,8 +16,8 @@ ERROR(8) ERROR(8) requests from the queue manager. Each request specifies a queue file, a sender address, a domain or host name that is treated as the reason for non-delivery, and recipient - information. This program expects to be run from the mas- - ter(8) process manager. + information. This program expects to be run from the mas- + ter(8) process manager. The error mailer client forces all recipients to bounce, using the domain or host information as the reason for diff --git a/postfix/html/faq.html b/postfix/html/faq.html index db0cfd95b..d48c5be2f 100644 --- a/postfix/html/faq.html +++ b/postfix/html/faq.html @@ -22,10 +22,16 @@