From: Wietse Venema Date: Tue, 20 Mar 2007 05:00:00 +0000 (-0500) Subject: postfix-2.4.0-RC7 X-Git-Tag: v2.4.0-RC7^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b98446f146c98b5f6f69f4e01d4e3232800a3970;p=thirdparty%2Fpostfix.git postfix-2.4.0-RC7 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index bd0bb978b..54ec6b0ff 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -13366,8 +13366,22 @@ Apologies for any names omitted. after code freeze, and requires too much time for testing. File: src/global/mail_version.h and every main program file. +20070320 + + Bugfix (introduced between 20070120 and 20070121): the + cleanup server stored no "delayed mail warning" queue file + records with "sendmail -t", and no header_checks filter/redirect + records or content encoding records with other mail. File: + global/rec_type.h. + Wish list: + Bind all deliveries to the same local delivery process, + making Postfix perform as poorly as monolithic mailers, + but giving a possibility to eliminate duplicate deliveries. + + Maybe declare loop when resolve_local(mxhost) is true? + Update message content length when adding/removing headers. Need scache size limit. diff --git a/postfix/conf/access b/postfix/conf/access index 54bc7188e..ad5c548c4 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -11,35 +11,34 @@ # postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is -# specified with the smtpd_null_access_lookup_key parameter +# Note: lookup of the null sender address is not possible +# with some types of lookup table. By default, Postfix uses +# <> as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter # in the Postfix main.cf file. # # EMAIL ADDRESS EXTENSION # When a mail address localpart contains the optional recip- -# ient delimiter (e.g., user+foo@domain), the lookup order -# becomes: user+foo@domain, user@domain, domain, user+foo@, +# ient delimiter (e.g., user+foo@domain), the lookup order +# becomes: user+foo@domain, user@domain, domain, user+foo@, # and user@. # # HOST NAME/ADDRESS PATTERNS # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, the following +# networked tables such as NIS, LDAP or SQL, the following # lookup patterns are examined in the order as listed: # # domain.tld @@ -104,9 +103,9 @@ # # The pattern domain.tld also matches subdomains, but # only when the string smtpd_access_maps is listed in -# the Postfix parent_domain_matches_subdomains con- +# the Postfix parent_domain_matches_subdomains con- # figuration setting. Otherwise, specify .domain.tld -# (note the initial dot) in order to match subdo- +# (note the initial dot) in order to match subdo- # mains. # # net.work.addr.ess @@ -115,21 +114,21 @@ # # net.work # -# net Matches the specified IPv4 host address or subnet- -# work. An IPv4 host address is a sequence of four +# net Matches the specified IPv4 host address or subnet- +# work. An IPv4 host address is a sequence of four # decimal octets separated by ".". # -# Subnetworks are matched by repeatedly truncating +# Subnetworks are matched by repeatedly truncating # the last ".octet" from the remote IPv4 host address -# string until a match is found in the access table, +# string until a match is found in the access table, # or until further truncation is not possible. # # NOTE 1: The information in the access map should be # in canonical form, with unnecessary null characters -# eliminated. Address information must not be +# eliminated. Address information must not be # enclosed with "[]" characters. # -# NOTE 2: use the cidr lookup table type to specify +# NOTE 2: use the cidr lookup table type to specify # network/netmask patterns. See cidr_table(5) for # details. # @@ -139,12 +138,12 @@ # # net:work # -# net Matches the specified IPv6 host address or subnet- -# work. An IPv6 host address is a sequence of three -# to eight hexadecimal octet pairs separated by ":". +# net Matches the specified IPv6 host address or subnet- +# work. An IPv6 host address is a sequence of three +# to eight hexadecimal octet pairs separated by ":". # -# Subnetworks are matched by repeatedly truncating -# the last ":octetpair" from the remote IPv6 host +# Subnetworks are matched by repeatedly truncating +# the last ":octetpair" from the remote IPv6 host # address string until a match is found in the access # table, or until further truncation is not possible. # @@ -154,10 +153,10 @@ # # NOTE 2: The information in the access map should be # in canonical form, with unnecessary null characters -# eliminated. Address information must not be +# eliminated. Address information must not be # enclosed with "[]" characters. # -# NOTE 3: use the cidr lookup table type to specify +# NOTE 3: use the cidr lookup table type to specify # network/netmask patterns. See cidr_table(5) for # details. # @@ -168,48 +167,48 @@ # # all-numerical # An all-numerical result is treated as OK. This for- -# mat is generated by address-based relay authoriza- +# mat is generated by address-based relay authoriza- # tion schemes such as pop-before-smtp. # # REJECT ACTIONS -# Postfix version 2.3 and later support enhanced status -# codes as defined in RFC 3463. When no code is specified -# at the beginning of the text below, Postfix inserts a -# default enhanced status code of "5.7.1" in the case of -# reject actions, and "4.7.1" in the case of defer actions. +# Postfix version 2.3 and later support enhanced status +# codes as defined in RFC 3463. When no code is specified +# at the beginning of the text below, Postfix inserts a +# default enhanced status code of "5.7.1" in the case of +# reject actions, and "4.7.1" in the case of defer actions. # See "ENHANCED STATUS CODES" below. # # 4NN text # # 5NN text -# Reject the address etc. that matches the pattern, +# Reject the address etc. that matches the pattern, # and respond with the numerical three-digit code and -# text. 4NN means "try again later", while 5NN means +# text. 4NN means "try again later", while 5NN means # "do not try again". # -# The reply code "421" causes Postfix to disconnect +# The reply code "421" causes Postfix to disconnect # immediately (Postfix version 2.3 and later). # # REJECT optional text... -# Reject the address etc. that matches the pattern. -# Reply with $reject_code optional text... when the -# optional text is specified, otherwise reply with a +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a # generic error response message. # # DEFER_IF_REJECT optional text... -# Defer the request if some later restriction would -# result in a REJECT action. Reply with "450 4.7.1 -# optional text... when the optional text is speci- +# Defer the request if some later restriction would +# result in a REJECT action. Reply with "450 4.7.1 +# optional text... when the optional text is speci- # fied, otherwise reply with a generic error response # message. # # This feature is available in Postfix 2.1 and later. # # DEFER_IF_PERMIT optional text... -# Defer the request if some later restriction would -# result in a an explicit or implicit PERMIT action. -# Reply with "450 4.7.1 optional text... when the -# optional text is specified, otherwise reply with a +# Defer the request if some later restriction would +# result in a an explicit or implicit PERMIT action. +# Reply with "450 4.7.1 optional text... when the +# optional text is specified, otherwise reply with a # generic error response message. # # This feature is available in Postfix 2.1 and later. @@ -220,53 +219,54 @@ # reject_unauth_destination, and so on). # # DISCARD optional text... -# Claim successful delivery and silently discard the -# message. Log the optional text if specified, oth- +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- # erwise log a generic message. # -# Note: this action currently affects all recipients -# of the message. To discard only one recipient -# without discarding the entire message, use the +# Note: this action currently affects all recipients +# of the message. To discard only one recipient +# without discarding the entire message, use the # transport(5) table to direct mail to the discard(8) # service. # # This feature is available in Postfix 2.0 and later. # -# DUNNO Pretend that the lookup key was not found. This -# prevents Postfix from trying substrings of the -# lookup key (such as a subdomain name, or a network +# DUNNO Pretend that the lookup key was not found. This +# prevents Postfix from trying substrings of the +# lookup key (such as a subdomain name, or a network # address subnetwork). # # This feature is available in Postfix 2.0 and later. # # FILTER transport:destination -# After the message is queued, send the entire mes- +# After the message is queued, send the entire mes- # sage through the specified external content filter. -# The transport:destination syntax is described in -# the transport(5) manual page. More information -# about external content filters is in the Postfix +# The transport:destination syntax is described in +# the transport(5) manual page. More information +# about external content filters is in the Postfix # FILTER_README file. # -# Note: this action overrides the main.cf con- +# Note: this action overrides the main.cf con- # tent_filter setting, and currently affects all # recipients of the message. # # This feature is available in Postfix 2.0 and later. # # HOLD optional text... -# Place the message on the hold queue, where it will -# sit until someone either deletes it or releases it -# for delivery. Log the optional text if specified, +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, # otherwise log a generic message. # -# Mail that is placed on hold can be examined with -# the postcat(1) command, and can be destroyed or +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or # released with the postsuper(1) command. # -# Note: use "postsuper -r" to release mail that was -# kept on hold for a significant fraction of $maxi- +# Note: use "postsuper -r" to release mail that was +# kept on hold for a significant fraction of $maxi- # mal_queue_lifetime or $bounce_queue_lifetime, or -# longer. +# longer. Use "postsuper -H" only for mail that will +# not expire within a few delivery attempts. # # Note: this action currently affects all recipients # of the message. diff --git a/postfix/conf/header_checks b/postfix/conf/header_checks index 94ea08c78..65469c57a 100644 --- a/postfix/conf/header_checks +++ b/postfix/conf/header_checks @@ -13,45 +13,48 @@ # postmap -fq - pcre:/etc/postfix/filename postmap -q - /etc/postfix/access <inputfile DESCRIPTION - The Postfix SMTP server supports access control on infor- - mation about remote SMTP clients or information received - in SMTP commands: host names, network addresses, envelope - sender or recipient addresses. See header_checks(5) or - body_checks(5) for access control on the content of email - messages. - - Normally, the access(5) table is specified as a text file - that serves as input to the postmap(1) command. The - result, an indexed file in dbm or db format, is used for - fast searching by the mail system. Execute the command - "postmap /etc/postfix/access" to rebuild an indexed file + The Postfix SMTP server supports access control on remote + SMTP client information: host names, network addresses, + and envelope sender or recipient addresses. See + header_checks(5) or body_checks(5) for access control on + the content of email messages. + + Normally, the access(5) table is specified as a text file + that serves as input to the postmap(1) command. The + result, an indexed file in dbm or db format, is used for + fast searching by the mail system. Execute the command + "postmap /etc/postfix/access" to rebuild an indexed file after changing the corresponding text file. - When the table is provided via other means such as NIS, - LDAP or SQL, the same lookups are done as for ordinary + When the table is provided via other means such as NIS, + LDAP or SQL, the same lookups are done as for ordinary indexed files. - Alternatively, the table can be provided as a regular- + Alternatively, the table can be provided as a regular- expression map where patterns are given as regular expres- - sions, or lookups can be directed to TCP-based server. In - those cases, the lookups are done in a slightly different - way as described below under "REGULAR EXPRESSION TABLES" + sions, or lookups can be directed to TCP-based server. In + those cases, the lookups are done in a slightly different + way as described below under "REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES". CASE FOLDING - The search string is folded to lowercase before database - lookup. As of Postfix 2.3, the search string is not case - folded with database types such as regexp: or pcre: whose + The search string is folded to lowercase before database + lookup. As of Postfix 2.3, the search string is not case + folded with database types such as regexp: or pcre: whose lookup fields can match both upper and lower case. TABLE FORMAT @@ -56,53 +55,53 @@ ACCESS(5) ACCESS(5) address, perform the corresponding action. blank lines and comments - Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. multi-line text - A logical line starts with non-whitespace text. A - line that starts with whitespace continues a logi- + A logical line starts with non-whitespace text. A + line that starts with whitespace continues a logi- cal line. EMAIL ADDRESS PATTERNS With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user@domain Matches the specified mail address. domain.tld - Matches domain.tld as the domain part of an email + Matches domain.tld as the domain part of an email address. The pattern domain.tld also matches subdomains, but only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- - figuration setting (note that this is the default - for some versions of Postfix). Otherwise, specify - .domain.tld (note the initial dot) in order to + the Postfix parent_domain_matches_subdomains con- + figuration setting (note that this is the default + for some versions of Postfix). Otherwise, specify + .domain.tld (note the initial dot) in order to match subdomains. - user@ Matches all mail addresses with the specified user + user@ Matches all mail addresses with the specified user part. - Note: lookup of the null sender address is not possible - with some types of lookup table. By default, Postfix uses - <> as the lookup key for such addresses. The value is - specified with the smtpd_null_access_lookup_key parameter + Note: lookup of the null sender address is not possible + with some types of lookup table. By default, Postfix uses + <> as the lookup key for such addresses. The value is + specified with the smtpd_null_access_lookup_key parameter in the Postfix main.cf file. EMAIL ADDRESS EXTENSION When a mail address localpart contains the optional recip- - ient delimiter (e.g., user+foo@domain), the lookup order - becomes: user+foo@domain, user@domain, domain, user+foo@, + ient delimiter (e.g., user+foo@domain), the lookup order + becomes: user+foo@domain, user@domain, domain, user+foo@, and user@. HOST NAME/ADDRESS PATTERNS With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, the following + networked tables such as NIS, LDAP or SQL, the following lookup patterns are examined in the order as listed: domain.tld @@ -110,9 +109,9 @@ ACCESS(5) ACCESS(5) The pattern domain.tld also matches subdomains, but only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- + the Postfix parent_domain_matches_subdomains con- figuration setting. Otherwise, specify .domain.tld - (note the initial dot) in order to match subdo- + (note the initial dot) in order to match subdo- mains. net.work.addr.ess @@ -121,21 +120,21 @@ ACCESS(5) ACCESS(5) net.work - net Matches the specified IPv4 host address or subnet- - work. An IPv4 host address is a sequence of four + net Matches the specified IPv4 host address or subnet- + work. An IPv4 host address is a sequence of four decimal octets separated by ".". - Subnetworks are matched by repeatedly truncating + Subnetworks are matched by repeatedly truncating the last ".octet" from the remote IPv4 host address - string until a match is found in the access table, + string until a match is found in the access table, or until further truncation is not possible. NOTE 1: The information in the access map should be in canonical form, with unnecessary null characters - eliminated. Address information must not be + eliminated. Address information must not be enclosed with "[]" characters. - NOTE 2: use the cidr lookup table type to specify + NOTE 2: use the cidr lookup table type to specify network/netmask patterns. See cidr_table(5) for details. @@ -145,12 +144,12 @@ ACCESS(5) ACCESS(5) net:work - net Matches the specified IPv6 host address or subnet- - work. An IPv6 host address is a sequence of three - to eight hexadecimal octet pairs separated by ":". + net Matches the specified IPv6 host address or subnet- + work. An IPv6 host address is a sequence of three + to eight hexadecimal octet pairs separated by ":". - Subnetworks are matched by repeatedly truncating - the last ":octetpair" from the remote IPv6 host + Subnetworks are matched by repeatedly truncating + the last ":octetpair" from the remote IPv6 host address string until a match is found in the access table, or until further truncation is not possible. @@ -160,10 +159,10 @@ ACCESS(5) ACCESS(5) NOTE 2: The information in the access map should be in canonical form, with unnecessary null characters - eliminated. Address information must not be + eliminated. Address information must not be enclosed with "[]" characters. - NOTE 3: use the cidr lookup table type to specify + NOTE 3: use the cidr lookup table type to specify network/netmask patterns. See cidr_table(5) for details. @@ -174,48 +173,48 @@ ACCESS(5) ACCESS(5) all-numerical An all-numerical result is treated as OK. This for- - mat is generated by address-based relay authoriza- + mat is generated by address-based relay authoriza- tion schemes such as pop-before-smtp. REJECT ACTIONS - Postfix version 2.3 and later support enhanced status - codes as defined in RFC 3463. When no code is specified - at the beginning of the text below, Postfix inserts a - default enhanced status code of "5.7.1" in the case of - reject actions, and "4.7.1" in the case of defer actions. + Postfix version 2.3 and later support enhanced status + codes as defined in RFC 3463. When no code is specified + at the beginning of the text below, Postfix inserts a + default enhanced status code of "5.7.1" in the case of + reject actions, and "4.7.1" in the case of defer actions. See "ENHANCED STATUS CODES" below. 4NN text 5NN text - Reject the address etc. that matches the pattern, + Reject the address etc. that matches the pattern, and respond with the numerical three-digit code and - text. 4NN means "try again later", while 5NN means + text. 4NN means "try again later", while 5NN means "do not try again". - The reply code "421" causes Postfix to disconnect + The reply code "421" causes Postfix to disconnect immediately (Postfix version 2.3 and later). REJECT optional text... - Reject the address etc. that matches the pattern. - Reply with $reject_code optional text... when the - optional text is specified, otherwise reply with a + Reject the address etc. that matches the pattern. + Reply with $reject_code optional text... when the + optional text is specified, otherwise reply with a generic error response message. DEFER_IF_REJECT optional text... - Defer the request if some later restriction would - result in a REJECT action. Reply with "450 4.7.1 - optional text... when the optional text is speci- + Defer the request if some later restriction would + result in a REJECT action. Reply with "450 4.7.1 + optional text... when the optional text is speci- fied, otherwise reply with a generic error response message. This feature is available in Postfix 2.1 and later. DEFER_IF_PERMIT optional text... - Defer the request if some later restriction would - result in a an explicit or implicit PERMIT action. - Reply with "450 4.7.1 optional text... when the - optional text is specified, otherwise reply with a + Defer the request if some later restriction would + result in a an explicit or implicit PERMIT action. + Reply with "450 4.7.1 optional text... when the + optional text is specified, otherwise reply with a generic error response message. This feature is available in Postfix 2.1 and later. @@ -226,53 +225,54 @@ ACCESS(5) ACCESS(5) reject_unauth_destination, and so on). DISCARD optional text... - Claim successful delivery and silently discard the - message. Log the optional text if specified, oth- + Claim successful delivery and silently discard the + message. Log the optional text if specified, oth- erwise log a generic message. - Note: this action currently affects all recipients - of the message. To discard only one recipient - without discarding the entire message, use the + Note: this action currently affects all recipients + of the message. To discard only one recipient + without discarding the entire message, use the transport(5) table to direct mail to the discard(8) service. This feature is available in Postfix 2.0 and later. - DUNNO Pretend that the lookup key was not found. This - prevents Postfix from trying substrings of the - lookup key (such as a subdomain name, or a network + DUNNO Pretend that the lookup key was not found. This + prevents Postfix from trying substrings of the + lookup key (such as a subdomain name, or a network address subnetwork). This feature is available in Postfix 2.0 and later. FILTER transport:destination - After the message is queued, send the entire mes- + After the message is queued, send the entire mes- sage through the specified external content filter. - The transport:destination syntax is described in - the transport(5) manual page. More information - about external content filters is in the Postfix + The transport:destination syntax is described in + the transport(5) manual page. More information + about external content filters is in the Postfix FILTER_README file. - Note: this action overrides the main.cf con- + Note: this action overrides the main.cf con- tent_filter setting, and currently affects all recipients of the message. This feature is available in Postfix 2.0 and later. HOLD optional text... - Place the message on the hold queue, where it will - sit until someone either deletes it or releases it - for delivery. Log the optional text if specified, + Place the message on the hold queue, where it will + sit until someone either deletes it or releases it + for delivery. Log the optional text if specified, otherwise log a generic message. - Mail that is placed on hold can be examined with - the postcat(1) command, and can be destroyed or + Mail that is placed on hold can be examined with + the postcat(1) command, and can be destroyed or released with the postsuper(1) command. - Note: use "postsuper -r" to release mail that was - kept on hold for a significant fraction of $maxi- + Note: use "postsuper -r" to release mail that was + kept on hold for a significant fraction of $maxi- mal_queue_lifetime or $bounce_queue_lifetime, or - longer. + longer. Use "postsuper -H" only for mail that will + not expire within a few delivery attempts. Note: this action currently affects all recipients of the message. diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html index 95ef69361..a456be7c9 100644 --- a/postfix/html/header_checks.5.html +++ b/postfix/html/header_checks.5.html @@ -19,45 +19,48 @@ HEADER_CHECKS(5) HEADER_CHECKS(5) postmap -fq - pcre:/etc/postfix/filename <inputfile DESCRIPTION - Postfix provides a simple built-in content inspection - mechanism that examines incoming mail one message header - or one message body line at a time. Each input is compared - against a list of patterns. When a match is found the + The Postfix cleanup(8) server supports access control on + the content of message headers and message body lines. + See access(5) for access control on remote SMTP client + information. + + Each message header or message body line is compared + against a list of patterns. When a match is found the corresponding action is executed, and the matching process - is repeated for the next input line. This feature is - implemented by the Postfix cleanup(8) server. + is repeated for the next message header or message body + line. - For examples, see the EXAMPLES section at the end of this + For examples, see the EXAMPLES section at the end of this manual page. Postfix header or body_checks are designed to stop a flood - of mail from worms or viruses; they do not decode attach- - ments, and they do not unzip archives. See the documents - referenced below in the README FILES section if you need + of mail from worms or viruses; they do not decode attach- + ments, and they do not unzip archives. See the documents + referenced below in the README FILES section if you need more sophisticated content analysis. Postfix supports four built-in content inspection classes: header_checks - These are applied to initial message headers - (except for the headers that are processed with + These are applied to initial message headers + (except for the headers that are processed with mime_header_checks). mime_header_checks (default: $header_checks) - These are applied to MIME related message headers + These are applied to MIME related message headers only. This feature is available in Postfix 2.0 and later. nested_header_checks (default: $header_checks) - These are applied to message headers of attached - email messages (except for the headers that are + These are applied to message headers of attached + email messages (except for the headers that are processed with mime_header_checks). This feature is available in Postfix 2.0 and later. body_checks - These are applied to all other content, including + These are applied to all other content, including multi-part message boundaries. With Postfix versions before 2.0, all content after @@ -65,73 +68,73 @@ HEADER_CHECKS(5) HEADER_CHECKS(5) tent. Note: message headers are examined one logical header at a - time, even when a message header spans multiple lines. + time, even when a message header spans multiple lines. Body lines are always examined one line at a time. TABLE FORMAT - This document assumes that header and body_checks rules - are specified in the form of Postfix regular expression - lookup tables. Usually the best performance is obtained + This document assumes that header and body_checks rules + are specified in the form of Postfix regular expression + lookup tables. Usually the best performance is obtained with pcre (Perl Compatible Regular Expression) tables, but - the slower regexp (POSIX regular expressions) support is - more widely available. Use the command "postconf -m" to - find out what lookup table types your Postfix system sup- + the slower regexp (POSIX regular expressions) support is + more widely available. Use the command "postconf -m" to + find out what lookup table types your Postfix system sup- ports. The general format of Postfix regular expression tables is - given below. For a discussion of specific pattern or - flags syntax, see pcre_table(5) or regexp_table(5), + given below. For a discussion of specific pattern or + flags syntax, see pcre_table(5) or regexp_table(5), respectively. /pattern/flags action - When pattern matches the input string, execute the - corresponding action. See below for a list of pos- + When pattern matches the input string, execute the + corresponding action. See below for a list of pos- sible actions. !/pattern/flags action - When pattern does not match the input string, exe- + When pattern does not match the input string, exe- cute the corresponding action. if /pattern/flags endif Match the input string against the patterns between - if and endif, if and only if the input string also + if and endif, if and only if the input string also matches pattern. The if..endif can nest. - Note: do not prepend whitespace to patterns inside + Note: do not prepend whitespace to patterns inside if..endif. if !/pattern/flags endif Match the input string against the patterns between - if and endif, if and only if the input string does + if and endif, if and only if the input string does not match pattern. The if..endif can nest. blank lines and comments - Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. multi-line text - A pattern/action line starts with non-whitespace - text. A line that starts with whitespace continues + A pattern/action line starts with non-whitespace + text. A line that starts with whitespace continues a logical line. TABLE SEARCH ORDER - For each line of message input, the patterns are applied - in the order as specified in the table. When a pattern is - found that matches the input line, the corresponding - action is executed and then the next input line is + For each line of message input, the patterns are applied + in the order as specified in the table. When a pattern is + found that matches the input line, the corresponding + action is executed and then the next input line is inspected. TEXT SUBSTITUTION - Substitution of substrings from the matched expression - into the action string is possible using the conventional - Perl syntax ($1, $2, etc.). The macros in the result - string may need to be written as ${n} or $(n) if they + Substitution of substrings from the matched expression + into the action string is possible using the conventional + Perl syntax ($1, $2, etc.). The macros in the result + string may need to be written as ${n} or $(n) if they aren't followed by whitespace. - Note: since negated patterns (those preceded by !) return + Note: since negated patterns (those preceded by !) return a result when the expression does not match, substitutions are not available for negated patterns. @@ -140,12 +143,12 @@ HEADER_CHECKS(5) HEADER_CHECKS(5) case for consistency with other Postfix documentation. DISCARD optional text... - Claim successful delivery and silently discard the - message. Log the optional text if specified, oth- + Claim successful delivery and silently discard the + message. Log the optional text if specified, oth- erwise log a generic message. - Note: this action disables further header or - body_checks inspection of the current message and + Note: this action disables further header or + body_checks inspection of the current message and affects all recipients. To discard only one recip- ient without discarding the entire message, use the transport(5) table to direct mail to the discard(8) @@ -153,46 +156,47 @@ HEADER_CHECKS(5) HEADER_CHECKS(5) This feature is available in Postfix 2.0 and later. - DUNNO Pretend that the input line did not match any pat- - tern, and inspect the next input line. This action + DUNNO Pretend that the input line did not match any pat- + tern, and inspect the next input line. This action can be used to shorten the table search. - For backwards compatibility reasons, Postfix also - accepts OK but it is (and always has been) treated + For backwards compatibility reasons, Postfix also + accepts OK but it is (and always has been) treated as DUNNO. This feature is available in Postfix 2.1 and later. FILTER transport:destination - Write a content filter request to the queue file - and inspect the next input line. After the com- - plete message is received it will be sent through + Write a content filter request to the queue file + and inspect the next input line. After the com- + plete message is received it will be sent through the specified external content filter. More infor- - mation about external content filters is in the + mation about external content filters is in the Postfix FILTER_README file. - Note: this action overrides the main.cf con- - tent_filter setting, and affects all recipients of - the message. In the case that multiple FILTER + Note: this action overrides the main.cf con- + tent_filter setting, and affects all recipients of + the message. In the case that multiple FILTER actions fire, only the last one is executed. This feature is available in Postfix 2.0 and later. HOLD optional text... - Arrange for the message to be placed on the hold - queue, and inspect the next input line. The mes- - sage remains on hold until someone either deletes - it or releases it for delivery. Log the optional + Arrange for the message to be placed on the hold + queue, and inspect the next input line. The mes- + sage remains on hold until someone either deletes + it or releases it for delivery. Log the optional text if specified, otherwise log a generic message. - Mail that is placed on hold can be examined with - the postcat(1) command, and can be destroyed or + Mail that is placed on hold can be examined with + the postcat(1) command, and can be destroyed or released with the postsuper(1) command. - Note: use "postsuper -r" to release mail that was - kept on hold for a significant fraction of $maxi- + Note: use "postsuper -r" to release mail that was + kept on hold for a significant fraction of $maxi- mal_queue_lifetime or $bounce_queue_lifetime, or - longer. + longer. Use "postsuper -H" only for mail that will + not expire within a few delivery attempts. Note: this action affects all recipients of the message. diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index 4ff930f31..c52fbe13b 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -16,11 +16,12 @@ Postfix SMTP server access table .SH DESCRIPTION .ad .fi -The Postfix SMTP server supports access control on information -about remote SMTP clients or information received in SMTP -commands: host names, network addresses, envelope sender -or recipient addresses. See header_checks(5) or body_checks(5) -for access control on the content of email messages. +The Postfix SMTP server supports access control on remote +SMTP client information: host names, network addresses, and +envelope sender +or recipient addresses. See \fBheader_checks\fR(5) or +\fBbody_checks\fR(5) for access control on the content of +email messages. Normally, the \fBaccess\fR(5) table is specified as a text file that serves as input to the \fBpostmap\fR(1) command. @@ -254,7 +255,8 @@ the \fBpostsuper\fR(1) command. .sp Note: use "\fBpostsuper -r\fR" to release mail that was kept on hold for a significant fraction of \fB$maximal_queue_lifetime\fR -or \fB$bounce_queue_lifetime\fR, or longer. +or \fB$bounce_queue_lifetime\fR, or longer. Use "\fBpostsuper -H\fR" +only for mail that will not expire within a few delivery attempts. .sp Note: this action currently affects all recipients of the message. .sp diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5 index 62cc1c8ce..bc0f4f17c 100644 --- a/postfix/man/man5/header_checks.5 +++ b/postfix/man/man5/header_checks.5 @@ -22,12 +22,16 @@ Postfix built-in header/body inspection .SH DESCRIPTION .ad .fi -Postfix provides a simple built-in content inspection mechanism that -examines incoming mail one message header or one message body line -at a time. Each input is compared against a list of patterns. +The Postfix \fBcleanup\fR(8) server supports access control +on the content of message headers and message body lines. +See \fBaccess\fR(5) for access control on remote SMTP client +information. + +Each message header or message body line is compared against +a list of patterns. When a match is found the corresponding action is executed, and -the matching process is repeated for the next input line. -This feature is implemented by the Postfix \fBcleanup\fR(8) server. +the matching process is repeated for the next message header or +message body line. For examples, see the EXAMPLES section at the end of this manual page. @@ -179,7 +183,8 @@ the \fBpostsuper\fR(1) command. .sp Note: use "\fBpostsuper -r\fR" to release mail that was kept on hold for a significant fraction of \fB$maximal_queue_lifetime\fR -or \fB$bounce_queue_lifetime\fR, or longer. +or \fB$bounce_queue_lifetime\fR, or longer. Use "\fBpostsuper -H\fR" +only for mail that will not expire within a few delivery attempts. .sp Note: this action affects all recipients of the message. .sp diff --git a/postfix/proto/access b/postfix/proto/access index 87fd4d879..261ca8b2e 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -10,11 +10,12 @@ # # \fBpostmap -q - /etc/postfix/access <\fIinputfile\fR # DESCRIPTION -# The Postfix SMTP server supports access control on information -# about remote SMTP clients or information received in SMTP -# commands: host names, network addresses, envelope sender -# or recipient addresses. See header_checks(5) or body_checks(5) -# for access control on the content of email messages. +# The Postfix SMTP server supports access control on remote +# SMTP client information: host names, network addresses, and +# envelope sender +# or recipient addresses. See \fBheader_checks\fR(5) or +# \fBbody_checks\fR(5) for access control on the content of +# email messages. # # Normally, the \fBaccess\fR(5) table is specified as a text file # that serves as input to the \fBpostmap\fR(1) command. @@ -259,7 +260,8 @@ # .sp # Note: use "\fBpostsuper -r\fR" to release mail that was kept on # hold for a significant fraction of \fB$maximal_queue_lifetime\fR -# or \fB$bounce_queue_lifetime\fR, or longer. +# or \fB$bounce_queue_lifetime\fR, or longer. Use "\fBpostsuper -H\fR" +# only for mail that will not expire within a few delivery attempts. # .sp # Note: this action currently affects all recipients of the message. # .sp diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks index 406147011..5aa8c1533 100644 --- a/postfix/proto/header_checks +++ b/postfix/proto/header_checks @@ -16,12 +16,16 @@ # .br # \fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR # DESCRIPTION -# Postfix provides a simple built-in content inspection mechanism that -# examines incoming mail one message header or one message body line -# at a time. Each input is compared against a list of patterns. +# The Postfix \fBcleanup\fR(8) server supports access control +# on the content of message headers and message body lines. +# See \fBaccess\fR(5) for access control on remote SMTP client +# information. +# +# Each message header or message body line is compared against +# a list of patterns. # When a match is found the corresponding action is executed, and -# the matching process is repeated for the next input line. -# This feature is implemented by the Postfix \fBcleanup\fR(8) server. +# the matching process is repeated for the next message header or +# message body line. # # For examples, see the EXAMPLES section at the end of this # manual page. @@ -192,7 +196,8 @@ # .sp # Note: use "\fBpostsuper -r\fR" to release mail that was kept on # hold for a significant fraction of \fB$maximal_queue_lifetime\fR -# or \fB$bounce_queue_lifetime\fR, or longer. +# or \fB$bounce_queue_lifetime\fR, or longer. Use "\fBpostsuper -H\fR" +# only for mail that will not expire within a few delivery attempts. # .sp # Note: this action affects all recipients of the message. # .sp diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 652d50457..6acac2a2c 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20070317" -#define MAIL_VERSION_NUMBER "2.4.0-RC6" +#define MAIL_RELEASE_DATE "20070320" +#define MAIL_VERSION_NUMBER "2.4.0-RC7" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/global/rec_type.h b/postfix/src/global/rec_type.h index 80313b310..3edb5fcbd 100644 --- a/postfix/src/global/rec_type.h +++ b/postfix/src/global/rec_type.h @@ -57,7 +57,7 @@ #define REC_TYPE_CONT 'L' /* long data record */ #define REC_TYPE_NORM 'N' /* normal data record */ -#define REC_TYPE_DTXT 'w' /* deleted data record */ +#define REC_TYPE_DTXT 'w' /* padding (was: deleted data) */ #define REC_TYPE_XTRA 'X' /* start extracted records */ @@ -82,9 +82,12 @@ * contains pure recipient sequences only, then the queue manager will not * have to read all the queue file records before starting delivery. This is * often the case with list mail, where such optimization is desirable. + * + * XXX These definitions include the respective segment terminators to avoid + * special cases in the cleanup(8) envelope and extracted record processors. */ -#define REC_TYPE_ENV_RECIPIENT "DRO/Kon" -#define REC_TYPE_EXT_RECIPIENT "DRO/Kon" +#define REC_TYPE_ENV_RECIPIENT "MDRO/Kon" +#define REC_TYPE_EXT_RECIPIENT "EDRO/Kon" /* * The types of records that I expect to see while processing different