From: Wietse Venema Date: Wed, 20 Oct 2004 05:00:00 +0000 (-0500) Subject: postfix-2.2-20041020 X-Git-Tag: v2.2.0-RC1~35 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9979d1f3306451b4ba367ac5771af687169314bc;p=thirdparty%2Fpostfix.git postfix-2.2-20041020 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 640ded713..6d892e6aa 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -9791,11 +9791,10 @@ Apologies for any names omitted. The new "none" address rewriting context does not modify message header addresses at all. - Postfix uses the "local" rewriting context for mail from - the machine itself, from clients listed with the - local_rewrite_context_clients parameter (default: - $inet_interfaces $mynetworks) and from SASL authenticated - clients. + Postfix uses the "local" rewriting context for mail posted + with Postfix sendmail, from clients listed with the + local_rewrite_context_clients parameter (default: $mynetworks) + and from SASL authenticated clients. The context specified with remote_rewrite_context_name is used for all other clients. The default setting is backwards diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 86a10ec85..26b78eade 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -10,9 +10,14 @@ issued for snapshot releases. Incompatible changes with snapshot Postfix-2.2-20041019 ======================================================= +You must reload or restart Postfix, because the protocol between +queue manager and delivery agents has changed. If you forget this, +mail will remain queued until you restart/reload Postfix. + Support for return addresses in the non-standard Errors-To: message headers is removed. It was already disabled by default with Postfix -version 2.1. +version 2.1. Since it is non-standard, there was no guarantee that +it would have effect on other MTAs. Major changes with snapshot Postfix-2.2-20041019 ================================================ @@ -36,17 +41,15 @@ and whether headers are rewritten at all. The "local" address rewriting context is used for mail submitted with the Postfix sendmail command, for mail from clients that match -$local_header_rewrite_context_clients (default: $inet_interfaces -$mynetworks), and for mail from SASL authenticated clients. It is -not automatically used for pop-before-smtp clients; you'll have to -specify their lookup table via the local_header_rewrite_context_clients -parameter. +$local_header_rewrite_context_clients (default: $mynetworks), and +for mail from SASL authenticated clients. It is not automatically +used for pop-before-smtp clients; you'll have to specify their +lookup table via the local_header_rewrite_context_clients parameter. The smtpd_remote_header_rewrite_context parameter specifies the -address -rewriting context for remote mail. The backwards compatible default -is "local". Purists will specify "none", so that Postfix does not -modify headers (not even with canonical mappings or address +address rewriting context for remote mail. The backwards compatible +default is "local". Purists will specify "none", so that Postfix +does not modify headers (not even with canonical mappings or address masquerading). Postix always uses the "local" context for envelope addresses, diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 91dc67b4d..a49dd406e 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -3083,24 +3083,34 @@ into concurrency per domain.

local_header_rewrite_context_clients -(default: $inet_interfaces -$mynetworks)
+(default: $mynetworks)

Append the domain names in $myorigin and $mydomain to incomplete message header addresses from these clients.

Specify a list of network addresses or network/netmask patterns, -separated by comma or whitespace. The list is matched left to right, -and the search stops on the first match. Specify !address or -!network/netmask to exclude an address or network block from the -list. A network mask specifies the number of bits in the network -part of a host address. Continue long lines by starting the next -line with whitespace.

+separated by comma or whitespace. Continue long lines by starting +the next line with whitespace.

+ +

A network mask specifies the number of bits in the network part +of a host address. You can also specify "/file/name" or "type:table" +patterns. A "/file/name" pattern is replaced by its contents; a +"type:table" lookup table is matched when a client name or address +matches a lookup key (the lookup result is ignored).

+ +

The list is matched left to right, and the search stops on the +first match. Specify "!pattern" to exclude an address or network +block from the list.

+ +

+Examples: +

-

You can also specify "/file/name" or "type:table" patterns. -A "/file/name" pattern is replaced by its contents; a "type:table" -lookup table is matched when a client name or address matches a -lookup key (the lookup result is ignored).

+
+local_header_rewrite_context_clients = $mynetworks
+local_header_rewrite_context_clients = !192.168.0.1 $mynetworks
+local_header_rewrite_context_clients = static:all
+
@@ -3967,22 +3977,25 @@ If you specify the mynetworks list by h Postfix ignores the mynetworks_style setting.

-

-Specify a list of network/netmask patterns, separated by commas -and/or whitespace. The mask specifies the number of bits in the -network part of a host address. You can also specify "/file/name" -or "type:table" patterns. A "/file/name" pattern is replaced by -its contents; a "type:table" lookup table is matched when a table -entry matches a lookup string (the lookup result is ignored). -Continue long lines by starting the next line with whitespace. -

+

Specify a list of network addresses or network/netmask patterns, +separated by commas and/or whitespace. Continue long lines by +starting the next line with whitespace.

-

-Examples: -

+

The netmask specifies the number of bits in the network part +of a host address. You can also specify "/file/name" or "type:table" +patterns. A "/file/name" pattern is replaced by its contents; a +"type:table" lookup table is matched when a table entry matches a +lookup string (the lookup result is ignored).

+ +

The list is matched left to right, and the search stops on the +first match. Specify "!pattern" to exclude an address or network +block from the list.

+ +

Examples: 

 mynetworks = 168.100.189.0/28, 127.0.0.0/8
+mynetworks = !192.168.0.1, 192.168.0.0/28
 mynetworks = $config_directory/mynetworks
 mynetworks = hash:/etc/postfix/network_table
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index ebb5c37b4..a4aee5498 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -110,8 +110,7 @@ SMTPD(8) SMTPD(8) Available in Postfix version 2.2 and later: - local_header_rewrite_context_clients ($inet_interfaces - $mynetworks) + local_header_rewrite_context_clients ($mynetworks) Append the domain names in $myorigin and $mydomain to incomplete message header addresses from these clients. diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 5537e4ad4..ed6453d35 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -1564,25 +1564,35 @@ the entry in the master.cf file. Setting this parameter to a value > 1 changes the meaning of local_destination_concurrency_limit from concurrency per recipient into concurrency per domain. -
\fBlocal_header_rewrite_context_clients -(default: $inet_interfaces -$mynetworks)\fR
-.PP +.SH local_header_rewrite_context_clients (default: $mynetworks) Append the domain names in $myorigin and $mydomain to incomplete message header addresses from these clients. .PP Specify a list of network addresses or network/netmask patterns, -separated by comma or whitespace. The list is matched left to right, -and the search stops on the first match. Specify !address or -!network/netmask to exclude an address or network block from the -list. A network mask specifies the number of bits in the network -part of a host address. Continue long lines by starting the next -line with whitespace. -.PP -You can also specify "/file/name" or "type:table" patterns. -A "/file/name" pattern is replaced by its contents; a "type:table" -lookup table is matched when a client name or address matches a -lookup key (the lookup result is ignored). +separated by comma or whitespace. Continue long lines by starting +the next line with whitespace. +.PP +A network mask specifies the number of bits in the network part +of a host address. You can also specify "/file/name" or "type:table" +patterns. A "/file/name" pattern is replaced by its contents; a +"type:table" lookup table is matched when a client name or address +matches a lookup key (the lookup result is ignored). +.PP +The list is matched left to right, and the search stops on the +first match. Specify "!pattern" to exclude an address or network +block from the list. +.PP +Examples: +.PP +.nf +.na +.ft C +local_header_rewrite_context_clients = $mynetworks +local_header_rewrite_context_clients = !192.168.0.1 $mynetworks +local_header_rewrite_context_clients = static:all +.fi +.ad +.ft R .SH local_recipient_maps (default: proxy:unix:passwd.byname $alias_maps) Lookup tables with all names or addresses of local recipients: a recipient address is local when its domain matches $mydestination, @@ -2058,13 +2068,19 @@ information. If you specify the mynetworks list by hand, Postfix ignores the mynetworks_style setting. .PP -Specify a list of network/netmask patterns, separated by commas -and/or whitespace. The mask specifies the number of bits in the -network part of a host address. You can also specify "/file/name" -or "type:table" patterns. A "/file/name" pattern is replaced by -its contents; a "type:table" lookup table is matched when a table -entry matches a lookup string (the lookup result is ignored). -Continue long lines by starting the next line with whitespace. +Specify a list of network addresses or network/netmask patterns, +separated by commas and/or whitespace. Continue long lines by +starting the next line with whitespace. +.PP +The netmask specifies the number of bits in the network part +of a host address. You can also specify "/file/name" or "type:table" +patterns. A "/file/name" pattern is replaced by its contents; a +"type:table" lookup table is matched when a table entry matches a +lookup string (the lookup result is ignored). +.PP +The list is matched left to right, and the search stops on the +first match. Specify "!pattern" to exclude an address or network +block from the list. .PP Examples: .PP @@ -2072,6 +2088,7 @@ Examples: .na .ft C mynetworks = 168.100.189.0/28, 127.0.0.0/8 +mynetworks = !192.168.0.1, 192.168.0.0/28 mynetworks = $config_directory/mynetworks mynetworks = hash:/etc/postfix/network_table .fi diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index 617c75dc3..df2827404 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -112,7 +112,7 @@ Enable or disable recipient validation, built-in content filtering, or address mapping. .PP Available in Postfix version 2.2 and later: -.IP "\fBlocal_header_rewrite_context_clients ($inet_interfaces $mynetworks)\fR" +.IP "\fBlocal_header_rewrite_context_clients ($mynetworks)\fR" Append the domain names in $myorigin and $mydomain to incomplete message header addresses from these clients. .IP "\fBremote_header_rewrite_context_name (local)\fR" diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index f0d306f12..bc3a9e116 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -2481,22 +2481,25 @@ If you specify the mynetworks list by hand, Postfix ignores the mynetworks_style setting.

-

-Specify a list of network/netmask patterns, separated by commas -and/or whitespace. The mask specifies the number of bits in the -network part of a host address. You can also specify "/file/name" -or "type:table" patterns. A "/file/name" pattern is replaced by -its contents; a "type:table" lookup table is matched when a table -entry matches a lookup string (the lookup result is ignored). -Continue long lines by starting the next line with whitespace. -

+

Specify a list of network addresses or network/netmask patterns, +separated by commas and/or whitespace. Continue long lines by +starting the next line with whitespace.

-

-Examples: -

+

The netmask specifies the number of bits in the network part +of a host address. You can also specify "/file/name" or "type:table" +patterns. A "/file/name" pattern is replaced by its contents; a +"type:table" lookup table is matched when a table entry matches a +lookup string (the lookup result is ignored).

-
+
 The list is matched left to right, and the search stops on the
+first match.  Specify "!pattern" to exclude an address or network
+block from the list.  

+
+
 Examples:  

+
+
 
 mynetworks = 168.100.189.0/28, 127.0.0.0/8
+mynetworks = !192.168.0.1, 192.168.0.0/28
 mynetworks = $config_directory/mynetworks
 mynetworks = hash:/etc/postfix/network_table
 

@@ -7215,24 +7218,35 @@ remote clients, when $remote_header_rewrite_context_name is set to
 "invalid".  This is one way to avoid appending your own domain to
 addresses in spam from poorly written software. 

 
-%PARAM local_header_rewrite_context_clients $inet_interfaces
-$mynetworks
+%PARAM local_header_rewrite_context_clients $mynetworks
 
 
 Append the domain names in $myorigin and $mydomain to incomplete
 message header addresses from these clients.  

 
 
 Specify a list of network addresses or network/netmask patterns,
-separated by comma or whitespace. The list is matched left to right,
-and the search stops on the first match.  Specify !address or
-!network/netmask to exclude an address or network block from the
-list.  A network mask specifies the number of bits in the network
-part of a host address. Continue long lines by starting the next
-line with whitespace. 

-
-
 You can also specify "/file/name" or "type:table" patterns.
-A "/file/name" pattern is replaced by its contents; a "type:table"
-lookup table is matched when a client name or address matches a
-lookup key (the lookup result is ignored). 

+separated by comma or whitespace. Continue long lines by starting
+the next line with whitespace. 

+
+
 A network mask specifies the number of bits in the network part
+of a host address.  You can also specify "/file/name" or "type:table"
+patterns.  A "/file/name" pattern is replaced by its contents; a
+"type:table" lookup table is matched when a client name or address
+matches a lookup key (the lookup result is ignored). 

+
+
 The list is matched left to right, and the search stops on the
+first match.  Specify "!pattern" to exclude an address or network
+block from the list.  

+
+
+

+Examples:
+

+
+
+local_header_rewrite_context_clients = $mynetworks
+local_header_rewrite_context_clients = !192.168.0.1 $mynetworks
+local_header_rewrite_context_clients = static:all
+

 
 %PARAM remote_header_rewrite_context_name local
 
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 1c59cc3be..cfc481674 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -2104,8 +2104,7 @@ extern char *var_remote_rwr_name;
 #define REWRITE_NONE	"none"
 
 #define VAR_LOC_RWR_CLIENTS		"local_header_rewrite_context_clients"
-#define DEF_LOC_RWR_CLIENTS		"$" VAR_INET_INTERFACES \
-					" $" VAR_MYNETWORKS
+#define DEF_LOC_RWR_CLIENTS		"$" VAR_MYNETWORKS
 extern char *var_local_rwr_clients;
 
 /* LICENSE
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 98f0e7092..ac7e02019 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only.
   */
-#define MAIL_RELEASE_DATE	"20041019"
+#define MAIL_RELEASE_DATE	"20041020"
 #define MAIL_VERSION_NUMBER	"2.2"
 
 #define VAR_MAIL_VERSION	"mail_version"
diff --git a/postfix/src/global/rewrite_clnt.in b/postfix/src/global/rewrite_clnt.in
index a66fc2064..87a679610 100644
--- a/postfix/src/global/rewrite_clnt.in
+++ b/postfix/src/global/rewrite_clnt.in
@@ -1,16 +1,16 @@
-canonical !
-canonical a!
-canonical !b
-canonical a!b
-canonical %
-canonical a%
-canonical %b
-canonical a%b
-canonical @
-canonical a@
-canonical a@.
-canonical a@b
-canonical a@b.
+local !
+local a!
+local !b
+local a!b
+local %
+local a%
+local %b
+local a%b
+local @
+local a@
+local a@.
+local a@b
+local a@b.
 invalid !
 invalid a!
 invalid !b
diff --git a/postfix/src/global/rewrite_clnt.ref b/postfix/src/global/rewrite_clnt.ref
index 328d0e1a1..d846a4dd7 100644
--- a/postfix/src/global/rewrite_clnt.ref
+++ b/postfix/src/global/rewrite_clnt.ref
@@ -1,52 +1,52 @@
-rule       canonical
+rule       local
 address    !
 result     ""@
 
-rule       canonical
+rule       local
 address    a!
 result     ""@a.MYDOMAIN
 
-rule       canonical
+rule       local
 address    !b
 result     b@
 
-rule       canonical
+rule       local
 address    a!b
 result     b@a.MYDOMAIN
 
-rule       canonical
+rule       local
 address    %
 result     ""@
 
-rule       canonical
+rule       local
 address    a%
 result     a@
 
-rule       canonical
+rule       local
 address    %b
 result     ""@b.MYDOMAIN
 
-rule       canonical
+rule       local
 address    a%b
 result     a@b.MYDOMAIN
 
-rule       canonical
+rule       local
 address    @
 result     ""
 
-rule       canonical
+rule       local
 address    a@
 result     a@
 
-rule       canonical
+rule       local
 address    a@.
 result     a@.
 
-rule       canonical
+rule       local
 address    a@b
 result     a@b.MYDOMAIN
 
-rule       canonical
+rule       local
 address    a@b.
 result     a@b
 
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 041e65512..0f6d94535 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -94,7 +94,7 @@
 /*	filtering, or address mapping.
 /* .PP
 /*	Available in Postfix version 2.2 and later:
-/* .IP "\fBlocal_header_rewrite_context_clients ($inet_interfaces $mynetworks)\fR"
+/* .IP "\fBlocal_header_rewrite_context_clients ($mynetworks)\fR"
 /*	Append the domain names in $myorigin and $mydomain to incomplete
 /*	message header addresses from these clients.
 /* .IP "\fBremote_header_rewrite_context_name (local)\fR"
@@ -2372,6 +2372,8 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 	     * DOMAIN=local or remote.
 	     */
 	case SMTPD_STATE_XFORWARD_DOMAIN:
+	    if (STREQ(attr_value, XFORWARD_UNAVAILABLE))
+		attr_value = XFORWARD_DOM_LOCAL;
 	    context_name[1] = var_remote_rwr_name;
 	    if ((context_code = name_code(xforward_to_context,
 					  NAME_CODE_FLAG_NONE,
@@ -2717,12 +2719,6 @@ static void smtpd_service(VSTREAM *stream, char *service, char **argv)
     state.xforward_allowed =
 	namadr_list_match(xforward_hosts, state.name, state.addr);
 
-    /*
-     * Choose a default address rewriting context. This should be made more
-     * configurable.
-     */
-    smtpd_check_rewrite(&state);
-
     /*
      * See if we need to turn on verbose logging for this client.
      */
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index bcd65f166..593d42cfc 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -3378,11 +3378,10 @@ void    smtpd_check_rewrite(SMTPD_STATE *state)
 #define NOT_SASL_AUTHENTICATED	0
 
     /*
-     * XXX We want to be able to use !pattern to make exceptions, but then we
-     * should not confuse matters by mixing names with addresses.
+     * XXX We accept same syntax as mynetwork.
      */
     if (SMTPD_STAND_ALONE(state)
-	|| namadr_list_match(local_rewrite_clients, " ", state->addr)
+	|| namadr_list_match(local_rewrite_clients, state->name, state->addr)
 #ifdef USE_SASL_AUTH
 	|| permit_sasl_auth(state, SASL_AUTHENTICATED,
 			    NOT_SASL_AUTHENTICATED)