From: Wietse Venema Date: Fri, 24 Jan 2003 05:00:00 +0000 (-0500) Subject: postfix-2.0.3 X-Git-Tag: v2.0.3^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d232d8d210258091b39002e11d4ad6fd5292ba5c;p=thirdparty%2Fpostfix.git postfix-2.0.3 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 786f0e0fa..15b835c9a 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -7556,7 +7556,7 @@ Apologies for any names omitted. Bugfix: transport_errno was not reset upon successful transport map wildcard lookup after an earlier failure. - Reported by Victor Duchovny. File: trivial-rewrite/transport.c. + Reported by Victor Duchovni. File: trivial-rewrite/transport.c. Cleanup: unnecessary warnings from the proxymap client after proxymap server disconnect. File: global/dict_proxy.c. @@ -7578,6 +7578,48 @@ Apologies for any names omitted. service. It should not try to open any user/domain/uce related tables at all. File: smtpd/smtpd.c. +20030118 + + Typos: some hyperlinks referred to flushd, which is the + name that was used before the flush service was released. + Reported by Victor Duchovni. + + Cleanup: smtpd no longer needed to open relocated_maps. + +20030119 + + Cleanup: bounce messages used "X-Postfix" even when mail_name + was set to something other than the default "Postfix" name. + File: bounce/bounce-notify_util.c. + +20030120 + + Bugfix: wrong FILTER_README instructions for disabling + virtual alias mapping in the cleanup server before the + content filter. + + Bugfix: wrong FILTER_README instructions for destination-dependent + filtering, because relay_domains was specified incorrectly. + +20030122 + + Bugfix: 20021207 (move relocated table lookup from queue + manager to trivial-rewrite server) broke relocated table + lookup results with mail not rejected at the SMTP port. + Files: *qmgr/qmgr_deliver.c, *qmgr/qmgr_message.c. + +20030123 + + Bugfix: a widely used maildir filename algorithm was broken. + Postfix now uses TIME.DEVICE_INODE.HOST. Files: local/maildir.c, + virtual/maildir.c. + +20030124 + + Cleanup: removed the address syntax check from the queue + manager, since a better test was implemented recently in + the trivial-rewrite server. Files: *qmgr/qmgr_message.c. + Open problems: Low: after successful delivery, per-queue window += 1/window, diff --git a/postfix/README_FILES/FILTER_README b/postfix/README_FILES/FILTER_README index 433b35aa9..63f99ee9a 100644 --- a/postfix/README_FILES/FILTER_README +++ b/postfix/README_FILES/FILTER_README @@ -298,6 +298,9 @@ As the example below shows, things quickly become very complex, because a lot of main.cf like information gets listed in the master.cf file. This makes the system hard to understand. +Even worse, details change as Postfix evolves and different +configuration parameters are implemented by different programs. + If you need to squeeze out more performance, it is probably simpler to run multiple Postfix instances, one before and one after the content filter. That way, each instance can have simple main.cf @@ -308,24 +311,24 @@ As before, we will set up a content filtering program that receives SMTP mail via localhost port 10025, and that submits SMTP mail back into Postfix via localhost port 10026. - ................................... - : Postfix : - ----->smtpd \ : - : -cleanup-\ /local----> - ---->pickup / -queue- : - : cleanup2/ | \smtp-----> - : ^ v : - : | v : - : smtpd scan : - : 10026 | : - .......................|........... - ^ | - | v - ....|............. - : | 10025 : - : filter : - : : - .................. + ....................................... + : Postfix : + ----->smtpd \ : + : -pre-cleanup-\ /local----> + ---->pickup / -queue- : + : -cleanup-/ | \smtp-----> + : bounces/ ^ v : + : and locally | v : + : forwarded smtpd scan : + : messages 10026 | : + ...........................|........... + ^ | + | v + ....|............. + : | 10025 : + : filter : + : : + .................. To enable content filtering in this manner, specify in main.cf a new parameter: @@ -335,32 +338,34 @@ new parameter: /etc/postfix/master.cf: # -# This is the usual input "smtpd" already present in master.cf +# These are the usual input "smtpd" and local "pickup" servers already +# present in master.cf. We add an option to select a non-default +# cleanup service (defined further below). # -smtp inet n - n - - smtpd +smtp inet n - n - - smtpd + -o cleanup_service=pre-cleanup +pickup fifo n - n 60 1 pickup + -o cleanup_service=pre-cleanup # # ------------------------------------------------------------------ # # This is the cleanup daemon that handles messages in front of # the content filter. It does header_checks and body_checks (if -# any), but does no virtual alias or canonical address mapping. +# any), but does no virtual alias or canonical address mapping, +# so that mail passes through your content filter with the original +# recipient addresses mostly intact. # # Virtual alias or canonical address mapping happens in the second # cleanup phase after the content filter. This gives the content_filter # access to *largely* unmodified addresses for maximum flexibility. # -# Turning off append_myorigin/append_dot_mydomain address rewriting -# before the content filter would require two instances of the -# trivial-rewrite daemon. If you want to go to this trouble then -# you're clearly better off with two complete Postfix instances: one -# in front of and one behind the content filter. -# -# Note that some sites may specifically want to do the opposite: -# perform rewrites in front of the content_filter which would -# then see only cleaned up addresses. In that case the "-o" parameter -# settings below should be moved to the second "cleanup" instance. +# Some sites may specifically want to perform canonical or virtual +# address mapping in front of the content_filter. In that case you +# still have to enable address rewriting in the after-filter cleanup +# instance, in order to correctly process forwarded mail or bounced +# mail. # -cleanup unix n - n - 0 cleanup +pre-cleanup unix n - n - 0 cleanup -o canonical_maps= -o sender_canonical_maps= -o recipient_canonical_maps= @@ -386,9 +391,8 @@ scan unix - - n - 10 smtp # parameter to avoid loops, and use a different hostname to avoid # triggering the Postfix SMTP loop detection code. # -# This "smtpd" uses a separate cleanup that does no header or -# body checks, but does do the various address rewrites disabled -# in the first cleanup. +# This "smtpd" uses the normal cleanup service which is also used +# for bounces and for internally forwarded mail. # # The parameters from mynetworks onward disable all access # control other than insisting on connections from one of the IP @@ -401,7 +405,6 @@ localhost:10026 inet n - n - - smtpd -o myhostname=localhost.domain.tld -o local_recipient_maps= -o relay_recipient_maps= - -o cleanup_service_name=cleanup2 -o mynetworks=127.0.0.0/8 -o mynetworks_style=host -o smtpd_restriction_classes= @@ -416,18 +419,17 @@ localhost:10026 inet n - n - - smtpd # # ------------------------------------------------------------------ # -# This is the second cleanup daemon. No header or body checks, -# because those have already been taken care of by the cleanup instance -# before the content filter. The second cleanup instance does all the -# virtual alias and canonical address mapping that was disabled in -# the first cleanup instance. -# -# If it is preferable to do the virtual alias and canonical address -# mapping before the content filter, delete the "-o" lines that -# disable canonical and virtual mappings in the above cleanup daemon -# instance and insert them here. +# This is the normal cleanup daemon for use after content filtering. +# No header or body checks, because those have already been taken +# care of by the pre-cleanup service before the content filter. +# +# The normal cleanup instance does all the virtual alias and canonical +# address mapping that was disabled in the pre-cleanup instance before +# the content filter. This rewriting must be done even when you didn't +# disable address rewriting in the pre-cleanup instance, in order to +# correctly process bounces and locally forwarded mail. # -cleanup2 unix n - n - 0 cleanup +cleanup unix n - n - 0 cleanup -o header_checks= -o mime_header_checks= -o nested_header_checks= @@ -478,32 +480,6 @@ SMTP server addresses in master.cf: 1.2.3.5:smtp inet n - n - - smtpd -o content_filter=foo:bar -Different content filters for different MX domains -================================================== - -This is a variant on the previous example. You configure ONE -Postfix instance with multiple SMTP server addresses. Each -SMTP server invokes a different content filter. - -/etc/postfix.master.cf: - # MX server for destinations that use the foo:bar content filter. - 1.2.3.5:smtp inet n - n - - smtpd - -o content_filter=foo:bar - -o relay_domains=/etc/postfix/foo-bar-domains - -o smtpd_recipient_restrictions=reject_unauth_destination - - # MX server for destinations that use the bar:baz content filter. - 1.2.3.6:smtp inet n - n - - smtpd - -o content_filter=bar:baz - -o relay_domains=/etc/postfix/bar-baz-domains - -o smtpd_recipient_restrictions=reject_unauth_destination - - # SMTP servers for internal users only. - 1.2.3.4:smtp inet n - n - - smtpd - -o smtpd_recipient_restrictions=permit_mynetworks,reject - 127.0.0.1:smtp inet n - n - - smtpd - -o smtpd_recipient_restrictions=permit_mynetworks,reject - Getting really nasty ==================== diff --git a/postfix/README_FILES/LOCAL_RECIPIENT_README b/postfix/README_FILES/LOCAL_RECIPIENT_README index 49d69a0aa..7c693f2cd 100644 --- a/postfix/README_FILES/LOCAL_RECIPIENT_README +++ b/postfix/README_FILES/LOCAL_RECIPIENT_README @@ -41,7 +41,7 @@ delivery agent for local delivery, where recipients are either UNIX accounts or local aliases: /etc/postfix/main.cf: - local_recipient_maps = unix:passwd.byname $alias_maps + local_recipient_maps = proxymap:unix:passwd.byname $alias_maps You need to update the local_recipient_maps setting if one of the following is true: diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index 11a99cc36..a8a5f1141 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -182,6 +182,8 @@ mail_owner = postfix # - You use the "luser_relay", "mailbox_transport", or "fallback_transport" # feature of the Postfix local delivery agent (see sample-local.cf). # +# Details are described in the LOCAL_RECIPIENT_README file. +# # Beware: if the Postfix SMTP server runs chrooted, you probably have # to access the passwd file via the proxymap service, in order to # overcome chroot restrictions. The alternative, having a copy of diff --git a/postfix/conf/master.cf b/postfix/conf/master.cf index f800ed961..eb9960c2f 100644 --- a/postfix/conf/master.cf +++ b/postfix/conf/master.cf @@ -66,28 +66,28 @@ # DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES. # # ========================================================================== -# service type private unpriv chroot wakeup maxproc command + args -# (yes) (yes) (yes) (never) (100) +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) # ========================================================================== -smtp inet n - n - - smtpd -#628 inet n - n - - qmqpd -pickup fifo n - n 60 1 pickup -cleanup unix n - n - 0 cleanup -qmgr fifo n - n 300 1 qmgr -#qmgr fifo n - n 300 1 nqmgr -rewrite unix - - n - - trivial-rewrite -bounce unix - - n - 0 bounce -defer unix - - n - 0 bounce -flush unix n - n 1000? 0 flush -proxymap unix - - n - - proxymap -smtp unix - - n - - smtp -relay unix - - n - - smtp -# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 -showq unix n - n - - showq -error unix - - n - - error -local unix - n n - - local -virtual unix - n n - - virtual -lmtp unix - - n - - lmtp +smtp inet n - n - - smtpd +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 nqmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +smtp unix - - n - - smtp +relay unix - - n - - smtp +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp # # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. @@ -99,12 +99,12 @@ maildrop unix - n n - - pipe # # The Cyrus deliver program has changed incompatibly, multiple times. # -old-cyrus unix - n n - - pipe +old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux) -cyrus unix - n n - - pipe +cyrus unix - n n - - pipe user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} -uucp unix - n n - - pipe +uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) diff --git a/postfix/html/postqueue.1.html b/postfix/html/postqueue.1.html index 8c4bd6129..bbe42bd9e 100644 --- a/postfix/html/postqueue.1.html +++ b/postfix/html/postqueue.1.html @@ -54,11 +54,11 @@ POSTQUEUE(1) POSTQUEUE(1) -s site Schedule immediate delivery of all mail that is queued for the named site. The site must be eligi- - ble for the "fast flush" service. See flush(8) for + ble for the "fast flush" service. See flush(8) for more information about the "fast flush" service. This option implements the traditional sendmail - -qRsite command, by contacting the Postfix flush(8) + -qRsite command, by contacting the Postfix flush(8) daemon. -v Enable verbose logging for debugging purposes. Mul- @@ -115,7 +115,7 @@ POSTQUEUE(1) POSTQUEUE(1) postsuper(1) privileged queue operations qmgr(8) queue manager showq(8) list mail queue - flush(8) fast flush service + flush(8) fast flush service LICENSE The Secure Mailer license must be distributed with this diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index b96c79529..42d8ecf42 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -197,7 +197,7 @@ SENDMAIL(1) SENDMAIL(1) queued for the named site. This option accepts only site names that are eligible for the "fast flush" service, and is implemented by executing the - postqueue(1) command. See flush(8) for more infor- + postqueue(1) command. See flush(8) for more infor- mation about the "fast flush" service. -qSsite @@ -328,7 +328,7 @@ SENDMAIL(1) SENDMAIL(1) postqueue(1) mail queue control qmgr(8) queue manager smtpd(8) SMTP server - flush(8) fast flush service + flush(8) fast flush service syslogd(8) system logging LICENSE diff --git a/postfix/makedefs b/postfix/makedefs index 37cf8d989..0531121f6 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -204,9 +204,13 @@ case "$SYSTEM.$RELEASE" in SYSLIBS="-ldb" for name in nsl resolv $GDBM_LIBS do - test -e /usr/lib/lib$name.a -o -e /usr/lib/lib$name.so \ - -o -e /lib/lib$name.a -o -e /lib/lib$name.so \ - && SYSLIBS="$SYSLIBS -l$name" + for lib in /usr/lib64 /lib64 /usr/lib /lib + do + test -e $lib/lib$name.a -o -e $lib/lib$name.so && { + SYSLIBS="$SYSLIBS -l$name" + break + } + done done ;; IRIX*.5.*) SYSTYPE=IRIX5 diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index 859783fb9..75aa5d0b9 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -13,7 +13,7 @@ exec sed ' s/[]*cleanup[]*(8)/&<\/a>/ s/[]*defer[]*(8)/&<\/a>/ s/[]*error[]*(8)/&<\/a>/ - s/[]*flush[]*(8)/&<\/a>/ + s/[]*flush[]*(8)/&<\/a>/ s/[]*local[]*(8)/&<\/a>/ s/[]*mas[-]*\n*[ ]*ter[]*(8)/&<\/a>/ s/[]*pickup[]*(8)/&<\/a>/ diff --git a/postfix/src/bounce/bounce_notify_util.c b/postfix/src/bounce/bounce_notify_util.c index b8970025b..e3319b863 100644 --- a/postfix/src/bounce/bounce_notify_util.c +++ b/postfix/src/bounce/bounce_notify_util.c @@ -177,11 +177,11 @@ /* bounce_mail_alloc - initialize */ static BOUNCE_INFO *bounce_mail_alloc(const char *service, - const char *queue_name, - const char *queue_id, - const char *encoding, - int flush, - BOUNCE_LOG *log_handle) + const char *queue_name, + const char *queue_id, + const char *encoding, + int flush, + BOUNCE_LOG *log_handle) { BOUNCE_INFO *bounce_info; int rec_type; @@ -531,6 +531,8 @@ int bounce_header_dsn(VSTREAM *bounce, BOUNCE_INFO *bounce_info) int bounce_recipient_dsn(VSTREAM *bounce, BOUNCE_INFO *bounce_info) { + char *fixed_mail_name; + post_mail_fputs(bounce, ""); #if 0 post_mail_fprintf(bounce, "Original-Recipient: rfc822; %s", "whatever"); @@ -540,8 +542,12 @@ int bounce_recipient_dsn(VSTREAM *bounce, BOUNCE_INFO *bounce_info) post_mail_fprintf(bounce, "Action: %s", bounce_info->flush ? "failed" : "delayed"); post_mail_fprintf(bounce, "Status: %s", bounce_info->log_handle->status); - bounce_print_wrap(bounce, bounce_info, "Diagnostic-Code: X-Postfix; %s", - bounce_info->log_handle->text); + /* RFC 1894: diagnostic-type is an RFC 822 atom. */ + fixed_mail_name = mystrdup(var_mail_name); + translit(fixed_mail_name, " \t\r\n()<>@,;:\\\".[]", "-----------------"); + bounce_print_wrap(bounce, bounce_info, "Diagnostic-Code: X-%s; %s", + fixed_mail_name, bounce_info->log_handle->text); + myfree(fixed_mail_name); #if 0 post_mail_fprintf(bounce, "Last-Attempt-Date: %s", bounce_info->log_handle->log_time); diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 5982fcd2e..17cacc4b0 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,10 +20,10 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "20030115" +#define MAIL_RELEASE_DATE "20030124" #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "2.0.2" +#define DEF_MAIL_VERSION "2.0.3" extern char *var_mail_version; /* diff --git a/postfix/src/local/maildir.c b/postfix/src/local/maildir.c index 02899263f..cb5f63a77 100644 --- a/postfix/src/local/maildir.c +++ b/postfix/src/local/maildir.c @@ -40,7 +40,9 @@ /* System library. */ #include "sys_defs.h" +#include #include +#include #include /* Utility library. */ @@ -83,7 +85,8 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path) int mail_copy_status; int deliver_status; int copy_flags; - static int count; + struct stat st; + time_t starttime = time((time_t *) 0); /* * Make verbose logging easier to understand. @@ -124,20 +127,33 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path) * use starttime.pid_count.host, where starttime is the time that your * process started, and count is the number of messages you've * delivered." + * + * Well, that stopped working on fast machines, and on operating systems + * that randomize process ID values. When creating a file in tmp/ we use + * the process ID because it still is an exclusive resource. When moving + * the file to new/ we use the device number and inode number. I do not + * care if this breaks on a remote AFS file system, because people should + * know better. */ #define STR vstring_str set_eugid(usr_attr.uid, usr_attr.gid); - vstring_sprintf(buf, "%ld.%d_%d.%s", (long) var_starttime, - var_pid, count++, get_hostname()); + vstring_sprintf(buf, "%lu.%d.%s", + (unsigned long) starttime, var_pid, get_hostname()); tmpfile = concatenate(tmpdir, STR(buf), (char *) 0); - newfile = concatenate(newdir, STR(buf), (char *) 0); + newfile = 0; if ((dst = vstream_fopen(tmpfile, O_WRONLY | O_CREAT | O_EXCL, 0600)) == 0 && (errno != ENOENT || make_dirs(tmpdir, 0700) < 0 || (dst = vstream_fopen(tmpfile, O_WRONLY | O_CREAT | O_EXCL, 0600)) == 0)) { vstring_sprintf(why, "create %s: %m", tmpfile); + } else if (fstat(vstream_fileno(dst), &st) < 0) { + vstring_sprintf(why, "create %s: %m", tmpfile); } else { + vstring_sprintf(buf, "%lu.%lu_%lu.%s", + (unsigned long) starttime, (unsigned long) st.st_dev, + (unsigned long) st.st_ino, get_hostname()); + newfile = concatenate(newdir, STR(buf), (char *) 0); if ((mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), dst, copy_flags, "\n", why)) == 0) { if (sane_link(tmpfile, newfile) < 0 @@ -172,6 +188,7 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path) myfree(tmpdir); myfree(curdir); myfree(tmpfile); - myfree(newfile); + if (newfile) + myfree(newfile); return (deliver_status); } diff --git a/postfix/src/nqmgr/qmgr_deliver.c b/postfix/src/nqmgr/qmgr_deliver.c index 759ab9fef..4f355d048 100644 --- a/postfix/src/nqmgr/qmgr_deliver.c +++ b/postfix/src/nqmgr/qmgr_deliver.c @@ -154,10 +154,15 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) * queue name is user@nexthop, so that we can implement per-recipient * concurrency limits. However, the delivery agent protocol expects * nexthop only, so we must strip off the recipient local part. + * + * XXX Should have separate fields for queue name and for destination, so + * that we don't have to make a special case for the error delivery agent + * (where nexthop is arbitrary text). See also: qmgr_message.c. */ flags = message->inspect_xport ? DEL_REQ_FLAG_BOUNCE : DEL_REQ_FLAG_DEFLT; - nexthop = (cp = strrchr(entry->queue->name, '@')) != 0 && cp[1] ? + nexthop = strcmp(entry->queue->transport->name, MAIL_SERVICE_ERROR) != 0 + && (cp = strrchr(entry->queue->name, '@')) != 0 && cp[1] ? cp + 1 : entry->queue->name; attr_print(stream, ATTR_FLAG_MORE, ATTR_TYPE_NUM, MAIL_ATTR_FLAGS, flags, diff --git a/postfix/src/nqmgr/qmgr_message.c b/postfix/src/nqmgr/qmgr_message.c index 83b7d5c9e..943d3b757 100644 --- a/postfix/src/nqmgr/qmgr_message.c +++ b/postfix/src/nqmgr/qmgr_message.c @@ -637,22 +637,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) resolve_clnt_init(&reply); for (recipient = list.info; recipient < list.info + list.len; recipient++) { - /* - * This may be a bit late in the game, but it is the most convenient - * place to scrutinize the destination address syntax. We have a - * complete queue file, so bouncing is easy. That luxury is not - * available to the cleanup service. The main issue is that we want - * to have this test in one place, instead of having to do this in - * every front-ent program. - */ - if ((at = strrchr(recipient->address, '@')) != 0 - && (at + 1)[strspn(at + 1, "[]0123456789.")] != 0 - && valid_hostname(at + 1, DONT_GRIPE) == 0) { - qmgr_bounce_recipient(message, recipient, - "bad host/domain syntax: \"%s\"", at + 1); - continue; - } - /* * Resolve the destination to (transport, nexthop, address). The * result address may differ from the one specified by the sender. @@ -736,9 +720,12 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) * on the recipient delimiter if one is defined, but doing a proper * job requires knowledge of local aliases. Yuck! I don't want to * duplicate delivery-agent specific knowledge in the queue manager. + * * XXX The nexthop field is overloaded to serve as destination and as * queue name. Should have separate fields for queue name and for - * destination. + * destination, so that we don't have to make a special case for the + * error delivery agent (where nexthop is arbitrary text). See also: + * qmgr_deliver.c. */ at = strrchr(STR(reply.recipient), '@'); len = (at ? (at - STR(reply.recipient)) : strlen(STR(reply.recipient))); @@ -753,7 +740,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) transport = qmgr_transport_create(STR(reply.transport)); queue = 0; } - if (transport->recipient_limit == 1) { + if (strcmp(transport->name, MAIL_SERVICE_ERROR) != 0 + && transport->recipient_limit == 1) { VSTRING_SPACE(reply.nexthop, len + 2); memmove(STR(reply.nexthop) + len + 1, STR(reply.nexthop), LEN(reply.nexthop) + 1); diff --git a/postfix/src/qmgr/qmgr_deliver.c b/postfix/src/qmgr/qmgr_deliver.c index 1986a0748..2bba1ab1e 100644 --- a/postfix/src/qmgr/qmgr_deliver.c +++ b/postfix/src/qmgr/qmgr_deliver.c @@ -149,10 +149,15 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) * queue name is user@nexthop, so that we can implement per-recipient * concurrency limits. However, the delivery agent protocol expects * nexthop only, so we must strip off the recipient local part. + * + * XXX Should have separate fields for queue name and for destination, so + * that we don't have to make a special case for the error delivery agent + * (where nexthop is arbitrary text). See also: qmgr_message.c. */ flags = message->inspect_xport ? DEL_REQ_FLAG_BOUNCE : DEL_REQ_FLAG_DEFLT; - nexthop = (cp = strrchr(entry->queue->name, '@')) != 0 && cp[1] ? + nexthop = strcmp(entry->queue->transport->name, MAIL_SERVICE_ERROR) != 0 + && (cp = strrchr(entry->queue->name, '@')) != 0 && cp[1] ? cp + 1 : entry->queue->name; attr_print(stream, ATTR_FLAG_MORE, ATTR_TYPE_NUM, MAIL_ATTR_FLAGS, flags, diff --git a/postfix/src/qmgr/qmgr_message.c b/postfix/src/qmgr/qmgr_message.c index 011f6020a..233477cd8 100644 --- a/postfix/src/qmgr/qmgr_message.c +++ b/postfix/src/qmgr/qmgr_message.c @@ -517,22 +517,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) resolve_clnt_init(&reply); for (recipient = list.info; recipient < list.info + list.len; recipient++) { - /* - * This may be a bit late in the game, but it is the most convenient - * place to scrutinize the destination address syntax. We have a - * complete queue file, so bouncing is easy. That luxury is not - * available to the cleanup service. The main issue is that we want - * to have this test in one place, instead of having to do this in - * every front-ent program. - */ - if ((at = strrchr(recipient->address, '@')) != 0 - && (at + 1)[strspn(at + 1, "[]0123456789.")] != 0 - && valid_hostname(at + 1, DONT_GRIPE) == 0) { - qmgr_bounce_recipient(message, recipient, - "bad host/domain syntax: \"%s\"", at + 1); - continue; - } - /* * Resolve the destination to (transport, nexthop, address). The * result address may differ from the one specified by the sender. @@ -616,9 +600,12 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) * on the recipient delimiter if one is defined, but doing a proper * job requires knowledge of local aliases. Yuck! I don't want to * duplicate delivery-agent specific knowledge in the queue manager. + * * XXX The nexthop field is overloaded to serve as destination and as * queue name. Should have separate fields for queue name and for - * destination. + * destination, so that we don't have to make a special case for the + * error delivery agent (where nexthop is arbitrary text). See also: + * qmgr_deliver.c. */ at = strrchr(STR(reply.recipient), '@'); len = (at ? (at - STR(reply.recipient)) : strlen(STR(reply.recipient))); @@ -633,7 +620,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message) transport = qmgr_transport_create(STR(reply.transport)); queue = 0; } - if (transport->recipient_limit == 1) { + if (strcmp(transport->name, MAIL_SERVICE_ERROR) != 0 + && transport->recipient_limit == 1) { VSTRING_SPACE(reply.nexthop, len + 2); memmove(STR(reply.nexthop) + len + 1, STR(reply.nexthop), LEN(reply.nexthop) + 1); diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c index b0d3681c5..173ec7461 100644 --- a/postfix/src/smtp/smtp_connect.c +++ b/postfix/src/smtp/smtp_connect.c @@ -371,8 +371,7 @@ SMTP_SESSION *smtp_connect(char *destination, VSTRING *why) /* * First try to deliver to the indicated destination, then try to deliver - * to the optional fall-back relays. Each can be a list of destinations - * by itself, with domain, host, [], numerical address, and port. + * to the optional fall-back relays. */ sites = argv_alloc(1); argv_add(sites, destination, (char *) 0); diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 990e3e236..49d473843 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -356,7 +356,6 @@ static MAPS *virt_mailbox_maps; static MAPS *relay_rcpt_maps; #ifdef TEST -static MAPS *relocated_maps; static STRING_LIST *virt_alias_doms; static STRING_LIST *virt_mailbox_doms; @@ -655,9 +654,6 @@ void smtpd_check_init(void) DICT_FLAG_LOCK); #ifdef TEST - relocated_maps = maps_create(VAR_RELOCATED_MAPS, var_relocated_maps, - DICT_FLAG_LOCK); - virt_alias_doms = string_list_init(MATCH_FLAG_NONE, var_virt_alias_doms); virt_mailbox_doms = string_list_init(MATCH_FLAG_NONE, var_virt_mailbox_doms); #endif @@ -3388,7 +3384,6 @@ char *var_virt_alias_maps; char *var_virt_alias_doms; char *var_virt_mailbox_maps; char *var_virt_mailbox_doms; -char *var_relocated_maps; char *var_local_rcpt_maps; char *var_perm_mx_networks; char *var_par_dom_match; @@ -3426,7 +3421,6 @@ static STRING_TABLE string_table[] = { VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, - VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, VAR_PERM_MX_NETWORKS, DEF_PERM_MX_NETWORKS, &var_perm_mx_networks, VAR_PAR_DOM_MATCH, DEF_PAR_DOM_MATCH, &var_par_dom_match, diff --git a/postfix/src/virtual/maildir.c b/postfix/src/virtual/maildir.c index de2637160..d44c309a9 100644 --- a/postfix/src/virtual/maildir.c +++ b/postfix/src/virtual/maildir.c @@ -35,6 +35,8 @@ /* System library. */ #include "sys_defs.h" +#include +#include #include #ifndef EDQUOT @@ -81,7 +83,8 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr) int mail_copy_status; int deliver_status; int copy_flags; - static int count; + struct stat st; + time_t starttime = time((time_t *) 0); /* * Make verbose logging easier to understand. @@ -121,20 +124,33 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr) * use starttime.pid_count.host, where starttime is the time that your * process started, and count is the number of messages you've * delivered." + * + * Well, that stopped working on fast machines, and on operating systems + * that randomize process ID values. When creating a file in tmp/ we use + * the process ID because it still is an exclusive resource. When moving + * the file to new/ we use the device number and inode number. I do not + * care if this breaks on a remote AFS file system, because people should + * know better. */ #define STR vstring_str set_eugid(usr_attr.uid, usr_attr.gid); - vstring_sprintf(buf, "%ld.%d_%d.%s", (long) var_starttime, - var_pid, count++, get_hostname()); + vstring_sprintf(buf, "%lu.%d.%s", + (unsigned long) starttime, var_pid, get_hostname()); tmpfile = concatenate(tmpdir, STR(buf), (char *) 0); - newfile = concatenate(newdir, STR(buf), (char *) 0); + newfile = 0; if ((dst = vstream_fopen(tmpfile, O_WRONLY | O_CREAT | O_EXCL, 0600)) == 0 && (errno != ENOENT || make_dirs(tmpdir, 0700) < 0 || (dst = vstream_fopen(tmpfile, O_WRONLY | O_CREAT | O_EXCL, 0600)) == 0)) { vstring_sprintf(why, "create %s: %m", tmpfile); + } else if (fstat(vstream_fileno(dst), &st) < 0) { + vstring_sprintf(why, "create %s: %m", tmpfile); } else { + vstring_sprintf(buf, "%lu.%lu_%lu.%s", + (unsigned long) starttime, (unsigned long) st.st_dev, + (unsigned long) st.st_ino, get_hostname()); + newfile = concatenate(newdir, STR(buf), (char *) 0); if ((mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), dst, copy_flags, "\n", why)) == 0) { if (sane_link(tmpfile, newfile) < 0 @@ -172,6 +188,7 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr) myfree(tmpdir); myfree(curdir); myfree(tmpfile); - myfree(newfile); + if (newfile) + myfree(newfile); return (deliver_status); }