From: Wietse Venema Date: Wed, 22 Jun 2005 05:00:00 +0000 (-0500) Subject: postfix-2.3-20050622 X-Git-Tag: v2.3-RC1~72 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=980a7193caf22d1cd1fff70271841ce2d5dec425;p=thirdparty%2Fpostfix.git postfix-2.3-20050622 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 37c414d4a..3e2285b59 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -10905,6 +10905,24 @@ Apologies for any names omitted. UNIX, but not for AIX4 and IRIX6. Albert Chin. File: util/sys_defs.h. +20050622 + + Cleanup: the DNS lookup code now accommodates name server + replies longer than 4 kbytes, with a hard upper limit of + 32kbytes. For safety reasons, the number of MX host addresses + that the SMTP client will try was reduced from unlimited + to just 5, so that Postfix won't spend forever trying to + connect to dozens and dozens of bogus MX hosts. Files: + dns/dns_lookup.c, global/mail_params.h. + + Cleanup: the code that handles a 4xx or 5xx SMTP server + greeting was moved from the connection management module + to the protocol engine, for cleaner error handling. This + means that the failed session now counts towards the limit + on the total number of SMTP sessions per domain name (default: + smtp_mx_session_limit = 2). Files: smtp/smtp_connect.c, + smtp/smtp_proto.c. + Open problems: Laptop friendliness: make the qmgr remember when the next @@ -10921,7 +10939,8 @@ Open problems: eliminate the hack that uses one character lookahead to find out if the server wants to talk to us. - Low: replace_sender/replace_recipient actions in access maps? + Low: replace_sender/replace_recipient actions in access + maps? Feature: need "soft-bounce before fall-back relay" for SOHO type operations, so they can send direct mail without having diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index d0efd59c6..626d09d2e 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -6201,11 +6201,12 @@ The default time unit is s (seconds).
smtp_mx_address_limit -(default: 0)
+(default: 5)

The maximal number of MX (mail exchanger) IP addresses that can -result from mail exchanger lookups, or zero (no limit). +result from mail exchanger lookups, or zero (no limit). Prior to +Postfix 2.3, this limit was disabled.

diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index ada85a810..734f9a921 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -238,7 +238,7 @@ SENDMAIL(1) SENDMAIL(1) This feature is available in Postfix 2.3 and later. - -V (with Postfix 2.3 use -XV) + -XV (Postfix 2.2 and earlier: -V) Variable Envelope Return Path. Given an envelope sender address of the form owner-listname@origin, each recipient user@domain receives mail with a @@ -250,33 +250,11 @@ SENDMAIL(1) SENDMAIL(1) the default_verp_delimiters configuration parame- ter. - -Vxy (with Postfix 2.3 use -XVxy) - As -V, but uses x and y as the VERP delimiter char- - acters, instead of the characters specified with - the default_verp_delimiters configuration parame- - ter. - - -XV Variable Envelope Return Path. Given an envelope - sender address of the form owner-listname@origin, - each recipient user@domain receives mail with a - personalized envelope sender address. - - By default, the personalized envelope sender - address is owner-listname+user=domain@origin. The - default + and = characters are configurable with - the default_verp_delimiters configuration parame- - ter. - - This feature is available in Postfix version 2.3 - and later. - - -XVxy As -V, but uses x and y as the VERP delimiter char- - acters, instead of the characters specified with - the default_verp_delimiters configuration parame- - ter. - - This feature is available in Postfix version 2.3 - and later. + -XVxy (Postfix 2.2 and earlier: -Vxy) + As -XV, but uses x and y as the VERP delimiter + characters, instead of the characters specified + with the default_verp_delimiters configuration + parameter. -v Send an email report of the first delivery attempt (Postfix versions 2.1 and later). Mail delivery diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html index 3c3e391bc..be81081f0 100644 --- a/postfix/html/smtp.8.html +++ b/postfix/html/smtp.8.html @@ -348,7 +348,7 @@ SMTP(8) SMTP(8) Available in Postfix version 2.1 and later: - smtp_mx_address_limit (0) + smtp_mx_address_limit (5) The maximal number of MX (mail exchanger) IP addresses that can result from mail exchanger lookups, or zero (no limit). diff --git a/postfix/man/man1/sendmail.1 b/postfix/man/man1/sendmail.1 index 72f446fd3..928248351 100644 --- a/postfix/man/man1/sendmail.1 +++ b/postfix/man/man1/sendmail.1 @@ -190,7 +190,7 @@ Specify the envelope ID for notification by servers that support DSN. This feature is available in Postfix 2.3 and later. -.IP "\fB-V\fR (with Postfix 2.3 use \fB-XV\fR)" +.IP "\fB-XV\fR (Postfix 2.2 and earlier: \fB-V\fR)" Variable Envelope Return Path. Given an envelope sender address of the form \fIowner-listname\fR@\fIorigin\fR, each recipient \fIuser\fR@\fIdomain\fR receives mail with a personalized envelope @@ -200,28 +200,10 @@ By default, the personalized envelope sender address is \fIowner-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default \fB+\fR and \fB=\fR characters are configurable with the \fBdefault_verp_delimiters\fR configuration parameter. -.IP "\fB-V\fIxy\fR (with Postfix 2.3 use \fB-XV\fIxy\fR)" -As \fB-V\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter +.IP "\fB-XV\fIxy\fR (Postfix 2.2 and earlier: \fB-V\fIxy\fR)" +As \fB-XV\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter characters, instead of the characters specified with the \fBdefault_verp_delimiters\fR configuration parameter. -.IP \fB-XV\fR -Variable Envelope Return Path. Given an envelope sender address -of the form \fIowner-listname\fR@\fIorigin\fR, each recipient -\fIuser\fR@\fIdomain\fR receives mail with a personalized envelope -sender address. -.sp -By default, the personalized envelope sender address is -\fIowner-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default -\fB+\fR and \fB=\fR characters are configurable with the -\fBdefault_verp_delimiters\fR configuration parameter. -.sp -This feature is available in Postfix version 2.3 and later. -.IP \fB-XV\fIxy\fR -As \fB-V\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter -characters, instead of the characters specified with the -\fBdefault_verp_delimiters\fR configuration parameter. -.sp -This feature is available in Postfix version 2.3 and later. .IP \fB-v\fR Send an email report of the first delivery attempt (Postfix versions 2.1 and later). Mail delivery diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index ea2cd1198..c0fe6d3bf 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -3434,9 +3434,10 @@ for receiving the server response. .PP Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). -.SH smtp_mx_address_limit (default: 0) +.SH smtp_mx_address_limit (default: 5) The maximal number of MX (mail exchanger) IP addresses that can -result from mail exchanger lookups, or zero (no limit). +result from mail exchanger lookups, or zero (no limit). Prior to +Postfix 2.3, this limit was disabled. .PP This feature is available in Postfix 2.1 and later. .SH smtp_mx_session_limit (default: 2) diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8 index 686b7cfa8..29f41ca17 100644 --- a/postfix/man/man8/smtp.8 +++ b/postfix/man/man8/smtp.8 @@ -284,7 +284,7 @@ The SMTP client time limit for sending the QUIT command, and for receiving the server response. .PP Available in Postfix version 2.1 and later: -.IP "\fBsmtp_mx_address_limit (0)\fR" +.IP "\fBsmtp_mx_address_limit (5)\fR" The maximal number of MX (mail exchanger) IP addresses that can result from mail exchanger lookups, or zero (no limit). .IP "\fBsmtp_mx_session_limit (2)\fR" diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 2a1cb2dd6..ffdc3f8db 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -3824,11 +3824,12 @@ Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds).

-%PARAM smtp_mx_address_limit 0 +%PARAM smtp_mx_address_limit 5

The maximal number of MX (mail exchanger) IP addresses that can -result from mail exchanger lookups, or zero (no limit). +result from mail exchanger lookups, or zero (no limit). Prior to +Postfix 2.3, this limit was disabled.

diff --git a/postfix/src/bounce/bounce_notify_util.c b/postfix/src/bounce/bounce_notify_util.c index 8eb459077..ae42a3e18 100644 --- a/postfix/src/bounce/bounce_notify_util.c +++ b/postfix/src/bounce/bounce_notify_util.c @@ -684,7 +684,7 @@ int bounce_recipient_dsn(VSTREAM *bounce, BOUNCE_INFO *bounce_info) * MTA can't use that same information in its own DSNs. * * Postfix always reports an Original-Recipient field, because it is more - * more useful and more inconsistent. + * more useful and more consistent. */ if (bounce_info->log_handle->rcpt.dsn_orcpt) { post_mail_fprintf(bounce, "Original-Recipient: %s", diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c index e4d02abf9..6bb49f0aa 100644 --- a/postfix/src/dns/dns_lookup.c +++ b/postfix/src/dns/dns_lookup.c @@ -142,10 +142,12 @@ /* * Structure to keep track of things while decoding a name server reply. */ -#define DNS_REPLY_SIZE 4096 /* in case we're using TCP */ +#define DEF_DNS_REPLY_SIZE 4096 /* in case we're using TCP */ +#define MAX_DNS_REPLY_SIZE 32768 /* in case we're using TCP */ typedef struct DNS_REPLY { - unsigned char buf[DNS_REPLY_SIZE]; /* raw reply data */ + unsigned char *buf; /* raw reply data */ + size_t buf_len; /* reply buffer length */ int query_count; /* number of queries */ int answer_count; /* number of answers */ unsigned char *query_start; /* start of query data */ @@ -165,6 +167,14 @@ static int dns_query(const char *name, int type, int flags, int len; unsigned long saved_options; + /* + * Initialize the reply buffer. + */ + if (reply->buf == 0) { + reply->buf = mymalloc(DEF_DNS_REPLY_SIZE); + reply->buf_len = DEF_DNS_REPLY_SIZE; + } + /* * Initialize the name service. */ @@ -183,53 +193,59 @@ static int dns_query(const char *name, int type, int flags, if ((flags & USER_FLAGS) != flags) msg_panic("dns_query: bad flags: %d", flags); saved_options = (_res.options & USER_FLAGS); - _res.options &= ~saved_options; - _res.options |= flags; /* * Perform the lookup. Claim that the information cannot be found if and * only if the name server told us so. */ - len = res_search((char *) name, C_IN, type, reply->buf, sizeof(reply->buf)); - _res.options &= ~flags; - _res.options |= saved_options; - if (len < 0) { - if (why) - vstring_sprintf(why, "Host or domain name not found. " - "Name service error for name=%s type=%s: %s", + for (;;) { + _res.options &= ~saved_options; + _res.options |= flags; + len = res_search((char *) name, C_IN, type, reply->buf, reply->buf_len); + _res.options &= ~flags; + _res.options |= saved_options; + if (len < 0) { + if (why) + vstring_sprintf(why, "Host or domain name not found. " + "Name service error for name=%s type=%s: %s", name, dns_strtype(type), dns_strerror(h_errno)); - if (msg_verbose) - msg_info("dns_query: %s (%s): %s", - name, dns_strtype(type), dns_strerror(h_errno)); - switch (h_errno) { - case NO_RECOVERY: - return (DNS_FAIL); - case HOST_NOT_FOUND: - case NO_DATA: - return (DNS_NOTFOUND); - default: - return (DNS_RETRY); + if (msg_verbose) + msg_info("dns_query: %s (%s): %s", + name, dns_strtype(type), dns_strerror(h_errno)); + switch (h_errno) { + case NO_RECOVERY: + return (DNS_FAIL); + case HOST_NOT_FOUND: + case NO_DATA: + return (DNS_NOTFOUND); + default: + return (DNS_RETRY); + } } + if (msg_verbose) + msg_info("dns_query: %s (%s): OK", name, dns_strtype(type)); + + reply_header = (HEADER *) reply->buf; + if (reply_header->tc == 0 || reply->buf_len >= MAX_DNS_REPLY_SIZE) + break; + reply->buf = myrealloc(reply->buf, 2 * reply->buf_len); + reply->buf_len *= 2; } - if (msg_verbose) - msg_info("dns_query: %s (%s): OK", name, dns_strtype(type)); /* * Paranoia. */ - if (len > sizeof(reply->buf)) { + if (len > reply->buf_len) { msg_warn("reply length %d > buffer length %d for name=%s type=%s", - len, (int) sizeof(reply->buf), name, dns_strtype(type)); - len = sizeof(reply->buf); + len, (int) reply->buf_len, name, dns_strtype(type)); + len = reply->buf_len; } /* * Initialize the reply structure. Some structure members are filled on * the fly while the reply is being parsed. */ - if ((reply->end = reply->buf + len) > reply->buf + sizeof(reply->buf)) - reply->end = reply->buf + sizeof(reply->buf); - reply_header = (HEADER *) reply->buf; + reply->end = reply->buf + len; reply->query_start = reply->buf + sizeof(HEADER); reply->answer_start = 0; reply->query_count = ntohs(reply_header->qdcount); @@ -525,7 +541,7 @@ int dns_lookup(const char *name, unsigned type, unsigned flags, { char cname[DNS_NAME_LEN]; int c_len = sizeof(cname); - DNS_REPLY reply; + static DNS_REPLY reply; int count; int status; diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 830cd83e6..2ce578b70 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -201,7 +201,7 @@ extern bool var_disable_dns; extern int var_smtp_dns_lookup; #define VAR_SMTP_MXADDR_LIMIT "smtp_mx_address_limit" -#define DEF_SMTP_MXADDR_LIMIT 0 +#define DEF_SMTP_MXADDR_LIMIT 5 extern int var_smtp_mxaddr_limit; #define VAR_SMTP_MXSESS_LIMIT "smtp_mx_session_limit" diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 024d70e32..43c5fdafd 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20050621" +#define MAIL_RELEASE_DATE "20050622" #define MAIL_VERSION_NUMBER "2.3" #define VAR_MAIL_VERSION "mail_version" diff --git a/postfix/src/sendmail/sendmail.c b/postfix/src/sendmail/sendmail.c index 2df53fb43..ba4470351 100644 --- a/postfix/src/sendmail/sendmail.c +++ b/postfix/src/sendmail/sendmail.c @@ -184,7 +184,7 @@ /* support DSN. /* /* This feature is available in Postfix 2.3 and later. -/* .IP "\fB-V\fR (with Postfix 2.3 use \fB-XV\fR)" +/* .IP "\fB-XV\fR (Postfix 2.2 and earlier: \fB-V\fR)" /* Variable Envelope Return Path. Given an envelope sender address /* of the form \fIowner-listname\fR@\fIorigin\fR, each recipient /* \fIuser\fR@\fIdomain\fR receives mail with a personalized envelope @@ -194,28 +194,10 @@ /* \fIowner-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default /* \fB+\fR and \fB=\fR characters are configurable with the /* \fBdefault_verp_delimiters\fR configuration parameter. -/* .IP "\fB-V\fIxy\fR (with Postfix 2.3 use \fB-XV\fIxy\fR)" -/* As \fB-V\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter +/* .IP "\fB-XV\fIxy\fR (Postfix 2.2 and earlier: \fB-V\fIxy\fR)" +/* As \fB-XV\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter /* characters, instead of the characters specified with the /* \fBdefault_verp_delimiters\fR configuration parameter. -/* .IP \fB-XV\fR -/* Variable Envelope Return Path. Given an envelope sender address -/* of the form \fIowner-listname\fR@\fIorigin\fR, each recipient -/* \fIuser\fR@\fIdomain\fR receives mail with a personalized envelope -/* sender address. -/* .sp -/* By default, the personalized envelope sender address is -/* \fIowner-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default -/* \fB+\fR and \fB=\fR characters are configurable with the -/* \fBdefault_verp_delimiters\fR configuration parameter. -/* .sp -/* This feature is available in Postfix version 2.3 and later. -/* .IP \fB-XV\fIxy\fR -/* As \fB-V\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter -/* characters, instead of the characters specified with the -/* \fBdefault_verp_delimiters\fR configuration parameter. -/* .sp -/* This feature is available in Postfix version 2.3 and later. /* .IP \fB-v\fR /* Send an email report of the first delivery attempt (Postfix /* versions 2.1 and later). Mail delivery diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c index a35f264a5..5f7693092 100644 --- a/postfix/src/smtp/smtp.c +++ b/postfix/src/smtp/smtp.c @@ -256,7 +256,7 @@ /* receiving the server response. /* .PP /* Available in Postfix version 2.1 and later: -/* .IP "\fBsmtp_mx_address_limit (0)\fR" +/* .IP "\fBsmtp_mx_address_limit (5)\fR" /* The maximal number of MX (mail exchanger) IP addresses that can /* result from mail exchanger lookups, or zero (no limit). /* .IP "\fBsmtp_mx_session_limit (2)\fR" diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c index f5176174a..da041c0be 100644 --- a/postfix/src/smtp/smtp_connect.c +++ b/postfix/src/smtp/smtp_connect.c @@ -103,25 +103,6 @@ #include #include -/* smtp_salvage - salvage the server reply before disconnecting */ - -static VSTRING *smtp_salvage(VSTREAM *stream) -{ - int len = vstream_peek(stream); - VSTRING *buf = vstring_alloc(len); - - /* - * We know the server replied with 4... or 5...; salvage whatever we have - * received in the VSTREAM buffer and sanitize any non-printable crud. - */ - vstream_fread(stream, STR(buf), len); - VSTRING_AT_OFFSET(buf, len); /* XXX not public interface */ - VSTRING_TERMINATE(buf); - translit(STR(buf), "\r\n", " "); - printable(STR(buf), '?'); - return (buf); -} - /* smtp_connect_addr - connect to explicit address */ static SMTP_SESSION *smtp_connect_addr(const char *dest, DNS_RR *addr, @@ -252,7 +233,7 @@ static SMTP_SESSION *smtp_connect_addr(const char *dest, DNS_RR *addr, /* * Skip this host if it takes no action within some time limit. XXX Some - * MTAs use 426 for to indicate a timeout error. + * MTAs use 426 to indicate a timeout error. */ if (read_wait(sock, var_smtp_helo_tmout) < 0) { smtp_dsn_update(why, DSN_BY_LOCAL_MTA, @@ -280,26 +261,8 @@ static SMTP_SESSION *smtp_connect_addr(const char *dest, DNS_RR *addr, vstream_ungetc(stream, ch); /* - * Skip this host if it sends a 4xx or 5xx greeting. This prevents us - * from counting it towards the MX session limit. Unfortunately, this - * also means that we have to salvage the server's response ourself so - * that it can be included in logging or in non-delivery reports. It does - * not hurt if we keep the test for a 4xx or 5xx greeting in smtp_helo(). - * - * Do not propagate the server's DSN code. We are skipping this problem! + * Bundle up what we have into a nice SMTP_SESSION object. */ - if (ch == '4' || (ch == '5' && var_smtp_skip_5xx_greeting)) { - VSTRING *salvage_buf = smtp_salvage(stream); - - smtp_dsn_update(why, DSN_BY_LOCAL_MTA, - "4.3.0", 420, "420 Connection rejected by server", - "connect to %s[%s]: server refused to talk to me: %s", - addr->name, hostaddr.buf, STR(salvage_buf)); - vstring_free(salvage_buf); - smtp_errno = SMTP_ERR_RETRY; - vstream_fclose(stream); - return (0); - } return (smtp_session_alloc(stream, dest, addr->name, hostaddr.buf, port, sess_flags)); } diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index c1c6e4e1b..856c4c10c 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -277,9 +277,10 @@ int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags) switch ((resp = smtp_chat_resp(session))->code / 100) { case 2: break; - case 4: case 5: - /* Handled in smtp_connect(). */ + if (var_smtp_skip_5xx_greeting) + STR(resp->dsn_buf)[0] = '4'; + /* FALLTHROUGH */ default: return (smtp_site_fail(state, session->host, resp, "host %s refused to talk to me: %s", diff --git a/postfix/src/tls/tls.h b/postfix/src/tls/tls.h index 26d6efba2..8674d0c3f 100644 --- a/postfix/src/tls/tls.h +++ b/postfix/src/tls/tls.h @@ -116,7 +116,7 @@ extern void tls_session_stop(SSL_CTX *, VSTREAM *, int, int, tls_info_t *); #include extern VSTRING *tls_session_passivate(SSL_SESSION *); -extern SSL_SESSION *tls_session_activate(char *, int); +extern SSL_SESSION *tls_session_activate(const char *, int); /* * tls_stream.c. diff --git a/postfix/src/tls/tls_misc.c b/postfix/src/tls/tls_misc.c index 2efb820d2..8f59b43fb 100644 --- a/postfix/src/tls/tls_misc.c +++ b/postfix/src/tls/tls_misc.c @@ -73,6 +73,7 @@ #include #include +#include #ifdef USE_TLS diff --git a/postfix/src/tls/tls_session.c b/postfix/src/tls/tls_session.c index 8caf341f0..4c809232f 100644 --- a/postfix/src/tls/tls_session.c +++ b/postfix/src/tls/tls_session.c @@ -145,15 +145,15 @@ VSTRING *tls_session_passivate(SSL_SESSION *session) /* tls_session_activate - activate passivated session */ -SSL_SESSION *tls_session_activate(char *session_data, int session_data_len) +SSL_SESSION *tls_session_activate(const char *session_data, int session_data_len) { SSL_SESSION *session; - unsigned char *ptr; + const unsigned char *ptr; /* * Activate the SSL_SESSION object. */ - ptr = (unsigned char *) session_data; + ptr = (const unsigned char *) session_data; session = d2i_SSL_SESSION((SSL_SESSION **) 0, &ptr, session_data_len); if (!session) tls_print_errors();