From 5bd120f7229bdbdce000baae76daa3be079c801d Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Sat, 6 Mar 2010 00:00:00 -0500 Subject: [PATCH] postfix-2.8-20100306 --- postfix/HISTORY | 12 ++++++ postfix/README_FILES/BACKSCATTER_README | 2 + postfix/README_FILES/SASL_README | 43 +++++++++++++------ postfix/html/BACKSCATTER_README.html | 2 + postfix/html/SASL_README.html | 51 +++++++++++++++++------ postfix/html/lmtp.8.html | 30 ++++++++------ postfix/html/postconf.5.html | 55 ++++++++++++++++++++++--- postfix/html/smtp.8.html | 30 ++++++++------ postfix/html/smtpd.8.html | 4 +- postfix/man/man5/postconf.5 | 40 +++++++++++++++--- postfix/man/man8/smtp.8 | 4 ++ postfix/man/man8/smtpd.8 | 3 +- postfix/mantools/postlink | 2 + postfix/proto/BACKSCATTER_README.html | 2 + postfix/proto/SASL_README.html | 51 +++++++++++++++++------ postfix/proto/postconf.proto | 46 ++++++++++++++++++--- postfix/src/dns/dns.h | 3 ++ postfix/src/dns/dns_rr.c | 51 ++++++++++++++++++++--- postfix/src/dns/test_dns_lookup.c | 2 +- postfix/src/global/mail_params.h | 13 ++++++ postfix/src/global/mail_version.h | 2 +- postfix/src/smtp/lmtp_params.c | 1 + postfix/src/smtp/smtp.c | 27 ++++++++++++ postfix/src/smtp/smtp.h | 2 + postfix/src/smtp/smtp_addr.c | 11 +++-- postfix/src/smtp/smtp_params.c | 1 + postfix/src/smtpd/smtpd.c | 3 +- postfix/src/smtpd/smtpd_check.c | 16 +++++-- 28 files changed, 414 insertions(+), 95 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index c703d0d1b..52daefc20 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -15729,3 +15729,15 @@ Apologies for any names omitted. The tcp_table(5) interface is now part of the stable release. The last protocol change was in Postfix 2.1. File: util/dict_open.c. + +20100305 + + Feature: reject_rhsbl_reverse_client, to reject a remote + SMTP client based on its unverified reverse hostname. Code + by Noel Jones. Files: smtpd/smtpd_check.c, proto/postconf.proto. + + Feature: smtp_address_preference (default: ipv6) to control + the order in which the Postfix SMTP client will connect to + a destination that has IPv6 and IPv4 addresses with equal + MX preference. Files: global/mail_params.c, smtp/smtp.c, + smtp/smtp_params.c, smtp/smtp_addr.c, proto/postconf.proto. diff --git a/postfix/README_FILES/BACKSCATTER_README b/postfix/README_FILES/BACKSCATTER_README index 5a7db47e3..7209a2072 100644 --- a/postfix/README_FILES/BACKSCATTER_README +++ b/postfix/README_FILES/BACKSCATTER_README @@ -106,6 +106,7 @@ this: body_checks = pcre:/etc/postfix/body_checks /etc/postfix/header_checks: + # Do not indent the text between "if" and "endif". if /^Received:/ /^Received: +from +(porcupine\.org) +/ reject forged client name in Received: header: $1 @@ -120,6 +121,7 @@ this: reject forged domain name in Message-ID: header: $1 /etc/postfix/body_checks: + # Do not indent the text between "if" and "endif". if /^[> ]*Received:/ /^[> ]*Received: +from +(porcupine\.org) / reject forged client name in Received: header: $1 diff --git a/postfix/README_FILES/SASL_README b/postfix/README_FILES/SASL_README index 27de01c40..0b890cfff 100644 --- a/postfix/README_FILES/SASL_README +++ b/postfix/README_FILES/SASL_README @@ -701,6 +701,7 @@ capability twice - once for compliant and once for broken clients: % tteellnneett sseerrvveerr..eexxaammppllee..ccoomm 2255 ... + 220 server.example.com ESMTP Postfix EEHHLLOO cclliieenntt..eexxaammppllee..ccoomm 250-server.example.com 250-PIPELINING @@ -885,7 +886,7 @@ TTeessttiinngg SSAASSLL aauutthheennttiiccaattiioonn i To test the server side, connect (for example, with telnet) to the Postfix SMTP server port and you should be able to have a conversation as shown below. -Information sent by the client (that is, you) is shown in bold font. +Information sent by the client (that is, you) is shown in bboolldd font. % tteellnneett sseerrvveerr..eexxaammppllee..ccoomm 2255 ... @@ -1119,21 +1120,37 @@ such cases the SMTP client will log the following error message: This same error message will also be logged when the libplain.so or liblogin.so modules are not installed in the /usr/lib/sasl2 directory. -The less secure approach is to lower the security standards and permit -plaintext authentication mechanisms: +The insecure approach is to lower the security standards and permit plaintext +authentication mechanisms: /etc/postfix/main.cf: smtp_sasl_security_options = noanonymous -If the remote server supports TLS, you can protect the plaintext username and -password by turning on TLS in the Postfix SMTP client (see: TLS_README), and -configuring the client as discussed next. +The more secure approach is to protect the plaintext username and password with +TLS session encryption. To find out if the remote SMTP server supports TLS, +connect to the server and see if it announces STARTTLS support as shown in the +example. Information sent by the client (that is, you) is shown in bboolldd font. + + % tteellnneett sseerrvveerr..eexxaammppllee..ccoomm 2255 + ... + 220 server.example.com ESMTP Postfix + EEHHLLOO cclliieenntt..eexxaammppllee..ccoomm + 250-server.example.com + 250-PIPELINING + 250-SIZE 10240000 + 250-STARTTLS + ... + +Instead of port 25 (smtp), specify port 587 (submission) where appriopriate. EEnnccrryypptteedd SSMMTTPP sseessssiioonn ((TTLLSS)) -A separate parameter controls Postfix SASL mechanism policy during a TLS- -encrypted SMTP session. The default is to copy the settings from the -unencrypted session: +To turn on TLS in the Postfix SMTP client, see TLS_README for configuration +details. + +The smtp_sasl_tls_security_options parameter controls Postfix SASL mechanism +policy during a TLS-encrypted SMTP session. The default is to copy the settings +from the unencrypted session: /etc/postfix/main.cf: smtp_sasl_tls_security_options = $smtp_sasl_security_options @@ -1147,10 +1164,10 @@ encrypted connection: PPoossttffiixx SSMMTTPP//LLMMTTPP cclliieenntt ppoolliiccyy -- SSAASSLL mmeecchhaanniissmm nnaammeess -Unfortunately, Postfix needs a second client policy for SASL mechanism -selection. Reason: the Cyrus SASL library will choose the most secure -authentication mechanism that both the SMTP client and server implement - even -if one of the parties was not configured for that mechanism. +Given the SASL security options of the previous section, the Cyrus SASL library +will choose the most secure authentication mechanism that both the SMTP client +and server implement. Unfortunately, that authentication mechanism may fail +because the client or server is not configured to use that mechanism. To prevent this, the Postfix SMTP client can filter the names of the authentication mechanisms from the remote SMTP server. Used correctly, the diff --git a/postfix/html/BACKSCATTER_README.html b/postfix/html/BACKSCATTER_README.html index a10bc64fb..5c16db14e 100644 --- a/postfix/html/BACKSCATTER_README.html +++ b/postfix/html/BACKSCATTER_README.html @@ -183,6 +183,7 @@ patterns like this:

body_checks = pcre:/etc/postfix/body_checks /etc/postfix/header_checks: + # Do not indent the text between "if" and "endif". if /^Received:/ /^Received: +from +(porcupine\.org) +/ reject forged client name in Received: header: $1 @@ -196,6 +197,7 @@ patterns like this:

reject forged domain name in Message-ID: header: $1 /etc/postfix/body_checks: + # Do not indent the text between "if" and "endif". if /^[> ]*Received:/ /^[> ]*Received: +from +(porcupine\.org) / reject forged client name in Received: header: $1 diff --git a/postfix/html/SASL_README.html b/postfix/html/SASL_README.html index d55fb0031..25458d65a 100644 --- a/postfix/html/SASL_README.html +++ b/postfix/html/SASL_README.html @@ -1184,6 +1184,7 @@ clients: 

 % telnet server.example.com 25
 ...
+220 server.example.com ESMTP Postfix
 EHLO client.example.com
 250-server.example.com
 250-PIPELINING
@@ -1439,7 +1440,8 @@ version 2.3 and later): 

 
 To test the server side, connect (for example, with
 telnet) to the Postfix SMTP server port and you should
 be able to have a conversation as shown below. Information sent by
-the client (that is, you) is shown in bold font. 

+the client (that is, you) is shown in bold font.
+

 
 

 
@@ -1796,7 +1798,7 @@ not installed in the /usr/lib/sasl2 directory. 

 
 

 
-
 The less secure approach is to lower the security standards and
+
 The insecure approach is to lower the security standards and
 permit plaintext authentication mechanisms: 

 
 

@@ -1806,15 +1808,38 @@ permit plaintext authentication mechanisms:
-

If the remote server supports TLS, you can protect the plaintext -username and password by turning on TLS in the Postfix SMTP client -(see: TLS_README), and configuring the client as discussed next. +

The more secure approach is to protect the plaintext username +and password with TLS session encryption. To find out if the remote +SMTP server supports TLS, connect to the server and see if it +announces STARTTLS support as shown in the example. Information +sent by the client (that is, you) is shown in bold +font.

+ +
+
+% telnet server.example.com 25
+...
+220 server.example.com ESMTP Postfix
+EHLO client.example.com
+250-server.example.com
+250-PIPELINING
+250-SIZE 10240000
+250-STARTTLS
+...
+
+
+ +

Instead of port 25 (smtp), specify port 587 (submission) where +appriopriate.

Encrypted SMTP session (TLS)

-

A separate parameter controls Postfix SASL mechanism policy -during a TLS-encrypted SMTP session. The default is to copy the -settings from the unencrypted session:

+

To turn on TLS in the Postfix SMTP client, see TLS_README for +configuration details.

+ +

The smtp_sasl_tls_security_options parameter controls Postfix +SASL mechanism policy during a TLS-encrypted SMTP session. The +default is to copy the settings from the unencrypted session: 

@@ -1837,11 +1862,11 @@ only over a TLS-encrypted connection: 

 
Postfix SMTP/LMTP client policy -
 SASL mechanism names

 
-
 Unfortunately, Postfix needs a second client policy for SASL
-mechanism selection.  Reason: the Cyrus SASL library will choose
-the most secure authentication mechanism that both the SMTP client
-and server implement - even if one of the parties was not configured
-for that mechanism. 

+
 Given the SASL security options of the previous section, the
+Cyrus SASL library will choose the most secure authentication
+mechanism that both the SMTP client and server implement.  Unfortunately,
+that authentication mechanism may fail because the client or server
+is not configured to use that mechanism.

 
 
 To prevent this, the Postfix SMTP client can filter the names
 of the authentication mechanisms from the remote SMTP server.  Used
diff --git a/postfix/html/lmtp.8.html b/postfix/html/lmtp.8.html
index 724ec30ed..6ba1cbace 100644
--- a/postfix/html/lmtp.8.html
+++ b/postfix/html/lmtp.8.html
@@ -775,49 +775,55 @@ SMTP(8)                                                                SMTP(8)
               tem  receives  mail on by way of a proxy or network
               address translation unit.
 
+       smtp_address_preference (ipv6)
+              The address type ("ipv6", "ipv4" or "any") that the
+              Postfix SMTP client will try first, when a destina-
+              tion has IPv6 and  IPv4  addresses  with  equal  MX
+              preference.
+
        smtp_bind_address (empty)
-              An optional  numerical  network  address  that  the
-              Postfix  SMTP  client should bind to when making an
+              An  optional  numerical  network  address  that the
+              Postfix SMTP client should bind to when  making  an
               IPv4 connection.
 
        smtp_bind_address6 (empty)
-              An optional  numerical  network  address  that  the
-              Postfix  SMTP  client should bind to when making an
+              An  optional  numerical  network  address  that the
+              Postfix SMTP client should bind to when  making  an
               IPv6 connection.
 
        smtp_helo_name ($myhostname)
-              The hostname to send in the SMTP EHLO or HELO  com-
+              The  hostname to send in the SMTP EHLO or HELO com-
               mand.
 
        lmtp_lhlo_name ($myhostname)
               The hostname to send in the LMTP LHLO command.
 
        smtp_host_lookup (dns)
-              What  mechanisms  the  Postfix  SMTP client uses to
+              What mechanisms the Postfix  SMTP  client  uses  to
               look up a host's IP address.
 
        smtp_randomize_addresses (yes)
-              Randomize the order  of  equal-preference  MX  host
+              Randomize  the  order  of  equal-preference MX host
               addresses.
 
        syslog_facility (mail)
               The syslog facility of Postfix logging.
 
        syslog_name (see 'postconf -d' output)
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available with Postfix 2.2 and earlier:
 
        fallback_relay (empty)
-              Optional  list of relay hosts for SMTP destinations
+              Optional list of relay hosts for SMTP  destinations
               that can't be found or that are unreachable.
 
        Available with Postfix 2.3 and later:
 
        smtp_fallback_relay ($fallback_relay)
-              Optional list of relay hosts for SMTP  destinations
+              Optional  list of relay hosts for SMTP destinations
               that can't be found or that are unreachable.
 
 SEE ALSO
@@ -838,7 +844,7 @@ SMTP(8)                                                                SMTP(8)
        TLS_README, Postfix STARTTLS howto
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index bf10f6f58..f245be210 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -3529,6 +3529,17 @@ This feature is available in Postfix 2.1 and later.
 this length; upon delivery, long lines are reconstructed.  

 
 
+
+
+
lmtp_address_preference
+(default: ipv6)

+
+
 The LMTP-specific version of the smtp_address_preference
+configuration parameter.  See there for details. 

+
+
 This feature is available in Postfix 2.8 and later.  

+
+
 

 
 
lmtp_assume_final
@@ -4696,8 +4707,9 @@ This feature is available in Postfix 2.1 and later.
 

 Optional shell program for local(8) delivery to non-Postfix command.
 By default, non-Postfix commands are executed directly; commands
-are given to given to /bin/sh only when they contain shell meta
-characters or shell built-in commands.  

+are given to given to the default shell (typically, /bin/sh) only
+when they contain shell meta characters or shell built-in commands.
+

 
 
 "sendmail's restricted shell" (smrsh) is what most people will
 use in order to restrict what programs can be run from e.g. .forward
@@ -4713,6 +4725,7 @@ Example:
 
 
 local_command_shell = /some/where/smrsh -c
+local_command_shell = /bin/bash -c
 

 
 
@@ -5380,7 +5393,8 @@ Obsolete feature: use the reject_rbl
 

 The numerical Postfix SMTP server response code when a remote SMTP
 client request is blocked by the reject_rbl_client, reject_rhsbl_client,
-reject_rhsbl_sender or reject_rhsbl_recipient restriction.
+reject_rhsbl_reverse_client, reject_rhsbl_sender or
+reject_rhsbl_recipient restriction.
 

 
 

@@ -8149,6 +8163,19 @@ This feature is available in Postfix 2.0 and later.
 

 
 
+
+
+
smtp_address_preference
+(default: ipv6)

+
+
 The address type ("ipv6", "ipv4" or "any") that the Postfix
+SMTP client will try first, when a destination has IPv6 and IPv4
+addresses with equal MX preference. This feature has no effect
+unless the inet_protocols setting enables both IPv4 and IPv6.  

+
+
 This feature is available in Postfix 2.8 and later.  

+
+
 

 
 
smtp_always_send_ehlo
@@ -11135,7 +11162,19 @@ A record "d.d.d.d" under rbl_domain (Postfix version
 the request when the client hostname is listed with
 any A record under rbl_domain. See the reject_rbl_client
 description above for additional RBL related configuration parameters.
-This feature is available in Postfix 2.0 and later.  
+This feature is available in Postfix 2.0 and later; with Postfix
+version 2.8 and later, reject_rhsbl_reverse_client will usually
+produce better results.  
+
+
reject_rhsbl_reverse_client rbl_domain=d.d.d.d

+
+
Reject the request when the unverified reverse client hostname
+is listed with the A record "d.d.d.d" under rbl_domain.
+If no "=d.d.d.d" is specified, reject the request when the
+unverified reverse client hostname is listed with any A record under
+rbl_domain. See the reject_rbl_client description above for
+additional RBL related configuration parameters.  This feature is
+available in Postfix 2.8 and later.  

 
 
reject_unknown_client_hostname (with Postfix < 2.3: reject_unknown_client)

 
@@ -11400,6 +11439,12 @@ in any SMTP command context, described under smtpd_client_restrictions, smtpd_helo_restrictions,
 smtpd_sender_restrictions or smtpd_recipient_restrictions.
 
+
  • However, no recipient information is available in the case of
+multi-recipient mail. Acting on only one recipient would be misleading,
+because any decision will affect all recipients equally. Acting on
+all recipients would require a possibly very large amount of memory,
+and would also be misleading for the reasons mentioned before.  
    
+
 
 
 
    
@@ -11508,7 +11553,7 @@ restriction lists" for a discussion of evaluation context and time.
 
 
     This feature is available in Postfix 2.2 and later. 
    
 
-
     See smtpd_data_restrictions for syntax details. 
    
+
     See smtpd_data_restrictions for details and limitations. 
    
 
 
 
diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html
index 724ec30ed..6ba1cbace 100644
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@@ -775,49 +775,55 @@ SMTP(8)                                                                SMTP(8)
               tem  receives  mail on by way of a proxy or network
               address translation unit.
 
+       smtp_address_preference (ipv6)
+              The address type ("ipv6", "ipv4" or "any") that the
+              Postfix SMTP client will try first, when a destina-
+              tion has IPv6 and  IPv4  addresses  with  equal  MX
+              preference.
+
        smtp_bind_address (empty)
-              An optional  numerical  network  address  that  the
-              Postfix  SMTP  client should bind to when making an
+              An  optional  numerical  network  address  that the
+              Postfix SMTP client should bind to when  making  an
               IPv4 connection.
 
        smtp_bind_address6 (empty)
-              An optional  numerical  network  address  that  the
-              Postfix  SMTP  client should bind to when making an
+              An  optional  numerical  network  address  that the
+              Postfix SMTP client should bind to when  making  an
               IPv6 connection.
 
        smtp_helo_name ($myhostname)
-              The hostname to send in the SMTP EHLO or HELO  com-
+              The  hostname to send in the SMTP EHLO or HELO com-
               mand.
 
        lmtp_lhlo_name ($myhostname)
               The hostname to send in the LMTP LHLO command.
 
        smtp_host_lookup (dns)
-              What  mechanisms  the  Postfix  SMTP client uses to
+              What mechanisms the Postfix  SMTP  client  uses  to
               look up a host's IP address.
 
        smtp_randomize_addresses (yes)
-              Randomize the order  of  equal-preference  MX  host
+              Randomize  the  order  of  equal-preference MX host
               addresses.
 
        syslog_facility (mail)
               The syslog facility of Postfix logging.
 
        syslog_name (see 'postconf -d' output)
-              The  mail  system  name  that  is  prepended to the
-              process name in syslog  records,  so  that  "smtpd"
+              The mail system  name  that  is  prepended  to  the
+              process  name  in  syslog  records, so that "smtpd"
               becomes, for example, "postfix/smtpd".
 
        Available with Postfix 2.2 and earlier:
 
        fallback_relay (empty)
-              Optional  list of relay hosts for SMTP destinations
+              Optional list of relay hosts for SMTP  destinations
               that can't be found or that are unreachable.
 
        Available with Postfix 2.3 and later:
 
        smtp_fallback_relay ($fallback_relay)
-              Optional list of relay hosts for SMTP  destinations
+              Optional  list of relay hosts for SMTP destinations
               that can't be found or that are unreachable.
 
 SEE ALSO
@@ -838,7 +844,7 @@ SMTP(8)                                                                SMTP(8)
        TLS_README, Postfix STARTTLS howto
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 1e08cc9bc..791043b6e 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -1071,8 +1071,8 @@ SMTPD(8)                                                              SMTPD(8)
               The numerical Postfix  SMTP  server  response  code
               when a remote SMTP client request is blocked by the
               reject_rbl_client,             reject_rhsbl_client,
-              reject_rhsbl_sender    or    reject_rhsbl_recipient
-              restriction.
+              reject_rhsbl_reverse_client, reject_rhsbl_sender or
+              reject_rhsbl_recipient restriction.
 
        non_fqdn_reject_code (504)
               The numerical Postfix SMTP server reply code when a
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 811b82f92..ce8c53971 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -1974,6 +1974,11 @@ This feature is available in Postfix 2.1 and later.
 .SH line_length_limit (default: 2048)
 Upon input, long lines are chopped up into pieces of at most
 this length; upon delivery, long lines are reconstructed.
+.SH lmtp_address_preference (default: ipv6)
+The LMTP-specific version of the smtp_address_preference
+configuration parameter.  See there for details.
+.PP
+This feature is available in Postfix 2.8 and later.
 .SH lmtp_assume_final (default: no)
 When an LMTP server announces no DSN support, assume that the
 server performs final delivery, and send "delivered" delivery status
@@ -2535,8 +2540,8 @@ This feature is available in Postfix 2.1 and later.
 .SH local_command_shell (default: empty)
 Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
 By default, non-Postfix commands are executed directly; commands
-are given to given to /bin/sh only when they contain shell meta
-characters or shell built-in commands.
+are given to given to the default shell (typically, /bin/sh) only
+when they contain shell meta characters or shell built-in commands.
 .PP
 "sendmail's restricted shell" (smrsh) is what most people will
 use in order to restrict what programs can be run from e.g. .forward
@@ -2552,6 +2557,7 @@ Example:
 .na
 .ft C
 local_command_shell = /some/where/smrsh -c
+local_command_shell = /bin/bash -c
 .fi
 .ad
 .ft R
@@ -2958,7 +2964,8 @@ Obsolete feature: use the reject_rbl_client feature instead.
 .SH maps_rbl_reject_code (default: 554)
 The numerical Postfix SMTP server response code when a remote SMTP
 client request is blocked by the reject_rbl_client, reject_rhsbl_client,
-reject_rhsbl_sender or reject_rhsbl_recipient restriction.
+reject_rhsbl_reverse_client, reject_rhsbl_sender or
+reject_rhsbl_recipient restriction.
 .PP
 Do not change this unless you have a complete understanding of RFC 2821.
 .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient)
@@ -4615,6 +4622,13 @@ The name of the \fBshowq\fR(8) service. This service produces mail queue
 status reports.
 .PP
 This feature is available in Postfix 2.0 and later.
+.SH smtp_address_preference (default: ipv6)
+The address type ("ipv6", "ipv4" or "any") that the Postfix
+SMTP client will try first, when a destination has IPv6 and IPv4
+addresses with equal MX preference. This feature has no effect
+unless the inet_protocols setting enables both IPv4 and IPv6.
+.PP
+This feature is available in Postfix 2.8 and later.
 .SH smtp_always_send_ehlo (default: yes)
 Always send EHLO at the start of an SMTP session.
 .PP
@@ -6804,7 +6818,17 @@ A record "\fId.d.d.d\fR" under \fIrbl_domain\fR (Postfix version
 the request when the client hostname is listed with
 any A record under \fIrbl_domain\fR. See the reject_rbl_client
 description above for additional RBL related configuration parameters.
-This feature is available in Postfix 2.0 and later.
+This feature is available in Postfix 2.0 and later; with Postfix
+version 2.8 and later, reject_rhsbl_reverse_client will usually
+produce better results.
+.IP "\fBreject_rhsbl_reverse_client \fIrbl_domain=d.d.d.d\fR\fR"
+Reject the request when the unverified reverse client hostname
+is listed with the A record "\fId.d.d.d\fR" under \fIrbl_domain\fR.
+If no "\fI=d.d.d.d\fR" is specified, reject the request when the
+unverified reverse client hostname is listed with any A record under
+\fIrbl_domain\fR. See the reject_rbl_client description above for
+additional RBL related configuration parameters.  This feature is
+available in Postfix 2.8 and later.
 .IP "\fBreject_unknown_client_hostname\fR (with Postfix < 2.3: reject_unknown_client)"
 Reject the request when 1) the client IP address->name mapping
 fails, 2) the name->address mapping fails, or 3) the name->address
@@ -7037,6 +7061,12 @@ in any SMTP command context, described under smtpd_client_restrictions.
 SMTP command specific restrictions described under
 smtpd_client_restrictions, smtpd_helo_restrictions,
 smtpd_sender_restrictions or smtpd_recipient_restrictions.
+.IP \(bu
+However, no recipient information is available in the case of
+multi-recipient mail. Acting on only one recipient would be misleading,
+because any decision will affect all recipients equally. Acting on
+all recipients would require a possibly very large amount of memory,
+and would also be misleading for the reasons mentioned before.
 .PP
 Examples:
 .PP
@@ -7104,7 +7134,7 @@ restriction lists" for a discussion of evaluation context and time.
 .PP
 This feature is available in Postfix 2.2 and later.
 .PP
-See smtpd_data_restrictions for syntax details.
+See smtpd_data_restrictions for details and limitations.
 .SH smtpd_enforce_tls (default: no)
 Mandatory TLS: announce STARTTLS support to SMTP clients,
 and require that clients use TLS encryption.  According to RFC 2487
diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8
index 37c0290a4..46fe5a65c 100644
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@@ -608,6 +608,10 @@ The process name of a Postfix command or daemon process.
 .IP "\fBproxy_interfaces (empty)\fR"
 The network interface addresses that this mail system receives mail
 on by way of a proxy or network address translation unit.
+.IP "\fBsmtp_address_preference (ipv6)\fR"
+The address type ("ipv6", "ipv4" or "any") that the Postfix
+SMTP client will try first, when a destination has IPv6 and IPv4
+addresses with equal MX preference.
 .IP "\fBsmtp_bind_address (empty)\fR"
 An optional numerical network address that the Postfix SMTP client
 should bind to when making an IPv4 connection.
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index ec5ba6abc..ab8b34cde 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -849,7 +849,8 @@ restriction.
 .IP "\fBmaps_rbl_reject_code (554)\fR"
 The numerical Postfix SMTP server response code when a remote SMTP
 client request is blocked by the reject_rbl_client, reject_rhsbl_client,
-reject_rhsbl_sender or reject_rhsbl_recipient restriction.
+reject_rhsbl_reverse_client, reject_rhsbl_sender or
+reject_rhsbl_recipient restriction.
 .IP "\fBnon_fqdn_reject_code (504)\fR"
 The numerical Postfix SMTP server reply code when a client request
 is rejected by the reject_non_fqdn_helo_hostname, reject_non_fqdn_sender
diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink
index de775e6e1..a18537b77 100755
--- a/postfix/mantools/postlink
+++ b/postfix/mantools/postlink
@@ -627,6 +627,7 @@ while (<>) {
     s;\bsmtp_nested_header_checks\b;$&;g;
     s;\bsmtp_body_checks\b;$&;g;
     s;\bsmtp_reply_filter\b;$&;g;
+    s;\bsmtp_address_preference\b;$&;g;
     s;\bsmtpd_enforce_tls\b;$&;g;
     s;\bsmtpd_sasl_tls_security_options\b;$&;g;
     s;\bsmtpd_sasl_type\b;$&;g;
@@ -827,6 +828,7 @@ while (<>) {
     s;\breject_unknown_forward_client_hostname\b;$&;g;
     s;\breject_rbl_client\b;$&;g;
     s;\breject_rhsbl_client\b;$&;g;
+    s;\breject_rhsbl_reverse_client\b;$&;g;
 
     # Access restrictions - helo
 
diff --git a/postfix/proto/BACKSCATTER_README.html b/postfix/proto/BACKSCATTER_README.html
index ccd75b518..bdb557b22 100644
--- a/postfix/proto/BACKSCATTER_README.html
+++ b/postfix/proto/BACKSCATTER_README.html
@@ -183,6 +183,7 @@ patterns like this: 
    
     body_checks = pcre:/etc/postfix/body_checks
 
 /etc/postfix/header_checks:
+    # Do not indent the text between "if" and "endif".
     if /^Received:/
     /^Received: +from +(porcupine\.org) +/
         reject forged client name in Received: header: $1
@@ -196,6 +197,7 @@ patterns like this: 
    
 	reject forged domain name in Message-ID: header: $1
 
 /etc/postfix/body_checks:
+    # Do not indent the text between "if" and "endif".
     if /^[> ]*Received:/
     /^[> ]*Received: +from +(porcupine\.org) /
         reject forged client name in Received: header: $1
diff --git a/postfix/proto/SASL_README.html b/postfix/proto/SASL_README.html
index 1920f03cf..909092f42 100644
--- a/postfix/proto/SASL_README.html
+++ b/postfix/proto/SASL_README.html
@@ -1184,6 +1184,7 @@ clients: 
    
 
     % telnet server.example.com 25
 ...
+220 server.example.com ESMTP Postfix
 EHLO client.example.com
 250-server.example.com
 250-PIPELINING
@@ -1439,7 +1440,8 @@ version 2.3 and later): 
    
 
     To test the server side, connect (for example, with
 telnet) to the Postfix SMTP server port and you should
 be able to have a conversation as shown below. Information sent by
-the client (that is, you) is shown in bold font. 
    
+the client (that is, you) is shown in bold font.
+
    
 
 
    
 
    @@ -1796,7 +1798,7 @@ not installed in the /usr/lib/sasl2 directory. 
    
 
 
    
 
-
     The less secure approach is to lower the security standards and
+
     The insecure approach is to lower the security standards and
 permit plaintext authentication mechanisms: 
    
 
 
    
@@ -1806,15 +1808,38 @@ permit plaintext authentication mechanisms:
    • -

    If the remote server supports TLS, you can protect the plaintext -username and password by turning on TLS in the Postfix SMTP client -(see: TLS_README), and configuring the client as discussed next. +

    The more secure approach is to protect the plaintext username +and password with TLS session encryption. To find out if the remote +SMTP server supports TLS, connect to the server and see if it +announces STARTTLS support as shown in the example. Information +sent by the client (that is, you) is shown in bold +font.

    + +
    +
    +% telnet server.example.com 25
+...
+220 server.example.com ESMTP Postfix
+EHLO client.example.com
+250-server.example.com
+250-PIPELINING
+250-SIZE 10240000
+250-STARTTLS
+...
+
    +
    + +

    Instead of port 25 (smtp), specify port 587 (submission) where +appriopriate.

    Encrypted SMTP session (TLS)

    -

    A separate parameter controls Postfix SASL mechanism policy -during a TLS-encrypted SMTP session. The default is to copy the -settings from the unencrypted session:

    +

    To turn on TLS in the Postfix SMTP client, see TLS_README for +configuration details.

    + +

    The smtp_sasl_tls_security_options parameter controls Postfix +SASL mechanism policy during a TLS-encrypted SMTP session. The +default is to copy the settings from the unencrypted session: 

    @@ -1837,11 +1862,11 @@ only over a TLS-encrypted connection: 
    
 
    Postfix SMTP/LMTP client policy -
 SASL mechanism names
    
 
-
     Unfortunately, Postfix needs a second client policy for SASL
-mechanism selection.  Reason: the Cyrus SASL library will choose
-the most secure authentication mechanism that both the SMTP client
-and server implement - even if one of the parties was not configured
-for that mechanism. 
    
+
     Given the SASL security options of the previous section, the
+Cyrus SASL library will choose the most secure authentication
+mechanism that both the SMTP client and server implement.  Unfortunately,
+that authentication mechanism may fail because the client or server
+is not configured to use that mechanism.
    
 
 
     To prevent this, the Postfix SMTP client can filter the names
 of the authentication mechanisms from the remote SMTP server.  Used
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 10677e9d1..5a88698f4 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -2183,8 +2183,9 @@ This feature is available in Postfix 2.1 and later.
 
    
 Optional shell program for local(8) delivery to non-Postfix command.
 By default, non-Postfix commands are executed directly; commands
-are given to given to /bin/sh only when they contain shell meta
-characters or shell built-in commands.  
    
+are given to given to the default shell (typically, /bin/sh) only
+when they contain shell meta characters or shell built-in commands.
+
    
 
 
     "sendmail's restricted shell" (smrsh) is what most people will
 use in order to restrict what programs can be run from e.g. .forward
@@ -2200,6 +2201,7 @@ Example:
 
 
     local_command_shell = /some/where/smrsh -c
+local_command_shell = /bin/bash -c
 
    
 
 %PARAM local_destination_concurrency_limit 2
@@ -2594,7 +2596,8 @@ This limit must not be smaller than the message size limit.
 
    
 The numerical Postfix SMTP server response code when a remote SMTP
 client request is blocked by the reject_rbl_client, reject_rhsbl_client,
-reject_rhsbl_sender or reject_rhsbl_recipient restriction.
+reject_rhsbl_reverse_client, reject_rhsbl_sender or
+reject_rhsbl_recipient restriction.
 
    
 
 
    
@@ -4888,7 +4891,19 @@ A record "d.d.d.d" under rbl_domain (Postfix version
 the request when the client hostname is listed with
 any A record under rbl_domain. See the reject_rbl_client
 description above for additional RBL related configuration parameters.
-This feature is available in Postfix 2.0 and later.  
+This feature is available in Postfix 2.0 and later; with Postfix
+version 2.8 and later, reject_rhsbl_reverse_client will usually
+produce better results.  
+
+
    reject_rhsbl_reverse_client rbl_domain=d.d.d.d
    
+
+
    Reject the request when the unverified reverse client hostname
+is listed with the A record "d.d.d.d" under rbl_domain.
+If no "=d.d.d.d" is specified, reject the request when the
+unverified reverse client hostname is listed with any A record under
+rbl_domain. See the reject_rbl_client description above for
+additional RBL related configuration parameters.  This feature is
+available in Postfix 2.8 and later.  
    
 
 
    reject_unknown_client_hostname (with Postfix < 2.3: reject_unknown_client)
    
 
@@ -7765,6 +7780,12 @@ in any SMTP command context, described under smtpd_client_restrictions.
 smtpd_client_restrictions, smtpd_helo_restrictions,
 smtpd_sender_restrictions or smtpd_recipient_restrictions.
 
+
  • However, no recipient information is available in the case of
+multi-recipient mail. Acting on only one recipient would be misleading,
+because any decision will affect all recipients equally. Acting on
+all recipients would require a possibly very large amount of memory,
+and would also be misleading for the reasons mentioned before.  
    
+
 
 
 
    
@@ -7786,7 +7807,7 @@ restriction lists" for a discussion of evaluation context and time.
 
 
     This feature is available in Postfix 2.2 and later. 
    
 
-
     See smtpd_data_restrictions for syntax details. 
    
+
     See smtpd_data_restrictions for details and limitations. 
    
 
 %PARAM smtpd_delay_reject yes
 
@@ -12833,3 +12854,18 @@ destination with each content_filter value or FILTER action. 
    
 
 
     This feature is available in Postfix 2.7 and later.  
    
 
+%PARAM smtp_address_preference ipv6
+
+
     The address type ("ipv6", "ipv4" or "any") that the Postfix
+SMTP client will try first, when a destination has IPv6 and IPv4
+addresses with equal MX preference. This feature has no effect
+unless the inet_protocols setting enables both IPv4 and IPv6.  
    
+
+
     This feature is available in Postfix 2.8 and later.  
    
+
+%PARAM lmtp_address_preference ipv6
+
+
     The LMTP-specific version of the smtp_address_preference
+configuration parameter.  See there for details. 
    
+
+
     This feature is available in Postfix 2.8 and later.  
    
diff --git a/postfix/src/dns/dns.h b/postfix/src/dns/dns.h
index e95fa67c0..b19d5f0cd 100644
--- a/postfix/src/dns/dns.h
+++ b/postfix/src/dns/dns.h
@@ -113,6 +113,9 @@ extern void dns_rr_free(DNS_RR *);
 extern DNS_RR *dns_rr_copy(DNS_RR *);
 extern DNS_RR *dns_rr_append(DNS_RR *, DNS_RR *);
 extern DNS_RR *dns_rr_sort(DNS_RR *, int (*) (DNS_RR *, DNS_RR *));
+extern int dns_rr_compare_pref_ipv6(DNS_RR *, DNS_RR *);
+extern int dns_rr_compare_pref_ipv4(DNS_RR *, DNS_RR *);
+extern int dns_rr_compare_pref_any(DNS_RR *, DNS_RR *);
 extern int dns_rr_compare_pref(DNS_RR *, DNS_RR *);
 extern DNS_RR *dns_rr_shuffle(DNS_RR *);
 extern DNS_RR *dns_rr_remove(DNS_RR *, DNS_RR *);
diff --git a/postfix/src/dns/dns_rr.c b/postfix/src/dns/dns_rr.c
index e2027ba47..ef0b66377 100644
--- a/postfix/src/dns/dns_rr.c
+++ b/postfix/src/dns/dns_rr.c
@@ -31,7 +31,15 @@
 /*	DNS_RR	*list
 /*	int	(*compar)(DNS_RR *, DNS_RR *);
 /*
-/*	int	dns_rr_compare_pref(DNS_RR *a, DNS_RR *b)
+/*	int	dns_rr_compare_pref_ipv6(DNS_RR *a, DNS_RR *b)
+/*	DNS_RR	*list
+/*	DNS_RR	*list
+/*
+/*	int	dns_rr_compare_pref_ipv4(DNS_RR *a, DNS_RR *b)
+/*	DNS_RR	*list
+/*	DNS_RR	*list
+/*
+/*	int	dns_rr_compare_pref_any(DNS_RR *a, DNS_RR *b)
 /*	DNS_RR	*list
 /*	DNS_RR	*list
 /*
@@ -65,8 +73,8 @@
 /*	order according to a user-specified criterion. The result is the
 /*	sorted list.
 /*
-/*	dns_rr_compare_pref() is a dns_rr_sort() helper to sort records
-/*	by their MX preference.
+/*	dns_rr_compare_pref_XXX() are dns_rr_sort() helpers to sort
+/*	records by their MX preference and by their address family.
 /*
 /*	dns_rr_shuffle() randomly permutes a list of resource records.
 /*
@@ -166,9 +174,9 @@ DNS_RR *dns_rr_append(DNS_RR *list, DNS_RR *rr)
     return (list);
 }
 
-/* dns_rr_compare_pref - compare resource records by preference */
+/* dns_rr_compare_pref_ipv6 - compare records by preference, ipv6 preferred */
 
-int     dns_rr_compare_pref(DNS_RR *a, DNS_RR *b)
+int     dns_rr_compare_pref_ipv6(DNS_RR *a, DNS_RR *b)
 {
     if (a->pref != b->pref)
 	return (a->pref - b->pref);
@@ -183,6 +191,39 @@ int     dns_rr_compare_pref(DNS_RR *a, DNS_RR *b)
     return 0;
 }
 
+/* dns_rr_compare_pref_ipv4 - compare records by preference, ipv4 preferred */
+
+int     dns_rr_compare_pref_ipv4(DNS_RR *a, DNS_RR *b)
+{
+    if (a->pref != b->pref)
+	return (a->pref - b->pref);
+#ifdef HAS_IPV6
+    if (a->type == b->type)
+	return 0;
+    if (a->type == T_AAAA)
+	return (+1);
+    if (b->type == T_AAAA)
+	return (-1);
+#endif
+    return 0;
+}
+
+/* dns_rr_compare_pref_any - compare records by preference, protocol-neutral */
+
+int     dns_rr_compare_pref_any(DNS_RR *a, DNS_RR *b)
+{
+    if (a->pref != b->pref)
+	return (a->pref - b->pref);
+    return 0;
+}
+
+/* dns_rr_compare_pref - binary compatibility helper after name change */
+
+int     dns_rr_compare_pref(DNS_RR *a, DNS_RR *b)
+{
+    return (dns_rr_compare_pref_ipv6(a, b));
+}
+
 /* dns_rr_sort_callback - glue function */
 
 static int (*dns_rr_sort_user) (DNS_RR *, DNS_RR *);
diff --git a/postfix/src/dns/test_dns_lookup.c b/postfix/src/dns/test_dns_lookup.c
index b34edaeac..9771fc545 100644
--- a/postfix/src/dns/test_dns_lookup.c
+++ b/postfix/src/dns/test_dns_lookup.c
@@ -91,7 +91,7 @@ int     main(int argc, char **argv)
     if (argc != 3)
 	msg_fatal("usage: %s types name", argv[0]);
     types_argv = argv_split(argv[1], ", \t\r\n");
-    types = (int *) mymalloc(sizeof(*types) * (types_argv->argc + 1));
+    types = (unsigned *) mymalloc(sizeof(*types) * (types_argv->argc + 1));
     for (i = 0; i < types_argv->argc; i++)
 	if ((types[i] = dns_type(types_argv->argv[i])) == 0)
 	    msg_fatal("invalid query type: %s", types_argv->argv[i]);
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 6952706dc..90b3b7a75 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -903,6 +903,7 @@ extern int var_hash_queue_depth;
 #define INET_PROTO_NAME_IPV4	"ipv4"
 #define INET_PROTO_NAME_IPV6	"ipv6"
 #define INET_PROTO_NAME_ALL	"all"
+#define INET_PROTO_NAME_ANY	"any"
 #define VAR_INET_PROTOCOLS	"inet_protocols"
 extern char *var_inet_protocols;
 
@@ -2124,6 +2125,7 @@ extern int var_map_defer_code;
 #define REJECT_RBL		"reject_rbl"	/* LaMont compatibility */
 #define REJECT_RBL_CLIENT	"reject_rbl_client"
 #define REJECT_RHSBL_CLIENT	"reject_rhsbl_client"
+#define REJECT_RHSBL_REVERSE_CLIENT	"reject_rhsbl_reverse_client"
 #define REJECT_RHSBL_HELO	"reject_rhsbl_helo"
 #define REJECT_RHSBL_SENDER	"reject_rhsbl_sender"
 #define REJECT_RHSBL_RECIPIENT	"reject_rhsbl_recipient"
@@ -3081,6 +3083,17 @@ extern char *var_smtp_body_chks;
 #define VAR_LMTP_BODY_CHKS	"lmtp_body_checks"
 #define DEF_LMTP_BODY_CHKS	""
 
+#define VAR_SMTP_ADDR_PREF	"smtp_address_preference"
+#ifdef HAS_IPV6
+#define DEF_SMTP_ADDR_PREF	INET_PROTO_NAME_IPV6
+#else
+#define DEF_SMTP_ADDR_PREF	INET_PROTO_NAME_IPV4
+#endif
+extern char *var_smtp_addr_pref;
+
+#define VAR_LMTP_ADDR_PREF	"lmtp_address_preference"
+#define DEF_LMTP_ADDR_PREF	DEF_SMTP_ADDR_PREF
+
  /*
   * Scheduler concurrency feedback algorithms.
   */
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index c2e976e10..01f2bf605 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20100213"
+#define MAIL_RELEASE_DATE	"20100306"
 #define MAIL_VERSION_NUMBER	"2.8"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/smtp/lmtp_params.c b/postfix/src/smtp/lmtp_params.c
index f822ddefe..29c08475c 100644
--- a/postfix/src/smtp/lmtp_params.c
+++ b/postfix/src/smtp/lmtp_params.c
@@ -52,6 +52,7 @@
 	VAR_LMTP_NEST_CHKS, DEF_LMTP_NEST_CHKS, &var_smtp_nest_chks, 0, 0,
 	VAR_LMTP_BODY_CHKS, DEF_LMTP_BODY_CHKS, &var_smtp_body_chks, 0, 0,
 	VAR_LMTP_RESP_FILTER, DEF_LMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
+	VAR_LMTP_ADDR_PREF, DEF_LMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
 	0,
     };
     static const CONFIG_TIME_TABLE lmtp_time_table[] = {
diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c
index 84a62f5e1..e00c91d33 100644
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@@ -570,6 +570,10 @@
 /* .IP "\fBproxy_interfaces (empty)\fR"
 /*	The network interface addresses that this mail system receives mail
 /*	on by way of a proxy or network address translation unit.
+/* .IP "\fBsmtp_address_preference (ipv6)\fR"
+/*	The address type ("ipv6", "ipv4" or "any") that the Postfix
+/*	SMTP client will try first, when a destination has IPv6 and IPv4
+/*	addresses with equal MX preference.
 /* .IP "\fBsmtp_bind_address (empty)\fR"
 /*	An optional numerical network address that the Postfix SMTP client
 /*	should bind to when making an IPv4 connection.
@@ -745,6 +749,7 @@ char   *var_scache_service;
 bool    var_smtp_cache_demand;
 char   *var_smtp_ehlo_dis_words;
 char   *var_smtp_ehlo_dis_maps;
+char   *var_smtp_addr_pref;
 
 char   *var_smtp_tls_level;
 bool    var_smtp_use_tls;
@@ -825,6 +830,11 @@ TLS_APPL_STATE *smtp_tls_ctx;
 
 #endif
 
+ /*
+  * IPv6 preference.
+  */
+static int smtp_addr_pref;
+
 /* deliver_message - deliver message with extreme prejudice */
 
 static int deliver_message(const char *service, DELIVER_REQUEST *request)
@@ -854,6 +864,7 @@ static int deliver_message(const char *service, DELIVER_REQUEST *request)
     state->request = request;
     state->src = request->fp;
     state->service = service;
+    state->misc_flags = smtp_addr_pref;
     SMTP_RCPT_INIT(state);
 
     /*
@@ -941,6 +952,12 @@ static void post_init(char *unused_name, char **unused_argv)
 static void pre_init(char *unused_name, char **unused_argv)
 {
     int     use_tls;
+    static const NAME_CODE addr_pref_map[] = {
+	INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6,
+	INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4,
+	INET_PROTO_NAME_ANY, 0,
+	0, -1,
+    };
 
     /*
      * Turn on per-peer debugging.
@@ -1072,6 +1089,16 @@ static void pre_init(char *unused_name, char **unused_argv)
 	smtp_chat_resp_filter =
 	    dict_open(var_smtp_resp_filter, O_RDONLY,
 		      DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
+
+    /*
+     * Address family preference.
+     */
+    if (*var_smtp_addr_pref) {
+	smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE,
+				   var_smtp_addr_pref);
+	if (smtp_addr_pref < 0)
+	    msg_fatal("bad %s value: %s", VAR_SMTP_ADDR_PREF, var_smtp_addr_pref);
+    }
 }
 
 /* pre_accept - see if tables have changed */
diff --git a/postfix/src/smtp/smtp.h b/postfix/src/smtp/smtp.h
index f636fe778..c8a4dd3d1 100644
--- a/postfix/src/smtp/smtp.h
+++ b/postfix/src/smtp/smtp.h
@@ -146,6 +146,8 @@ typedef struct SMTP_STATE {
 #define SMTP_MISC_FLAG_CONN_LOAD	(1<<6)
 #define SMTP_MISC_FLAG_CONN_STORE	(1<<7)
 #define SMTP_MISC_FLAG_COMPLETE_SESSION	(1<<8)
+#define SMTP_MISC_FLAG_PREF_IPV6	(1<<9)
+#define SMTP_MISC_FLAG_PREF_IPV4	(1<<10)
 
 #define SMTP_MISC_FLAG_CONN_CACHE_MASK \
 	(SMTP_MISC_FLAG_CONN_LOAD | SMTP_MISC_FLAG_CONN_STORE)
diff --git a/postfix/src/smtp/smtp_addr.c b/postfix/src/smtp/smtp_addr.c
index b9c62fb81..efba64a4f 100644
--- a/postfix/src/smtp/smtp_addr.c
+++ b/postfix/src/smtp/smtp_addr.c
@@ -417,7 +417,7 @@ DNS_RR *smtp_domain_addr(char *name, int misc_flags, DSN_BUF *why,
 	    addr_list = smtp_host_addr(name, misc_flags, why);
 	break;
     case DNS_OK:
-	mx_names = dns_rr_sort(mx_names, dns_rr_compare_pref);
+	mx_names = dns_rr_sort(mx_names, dns_rr_compare_pref_any);
 	best_pref = (mx_names ? mx_names->pref : IMPOSSIBLE_PREFERENCE);
 	addr_list = smtp_addr_list(mx_names, why);
 	dns_rr_free(mx_names);
@@ -450,9 +450,14 @@ DNS_RR *smtp_domain_addr(char *name, int misc_flags, DSN_BUF *why,
 		}
 	    }
 	}
+#define SMTP_COMPARE_ADDR(flags) \
+	(((flags) & SMTP_MISC_FLAG_PREF_IPV6) ? dns_rr_compare_pref_ipv6 : \
+	 ((flags) & SMTP_MISC_FLAG_PREF_IPV4) ? dns_rr_compare_pref_ipv4 : \
+	 dns_rr_compare_pref_any)
+
 	if (addr_list && addr_list->next && var_smtp_rand_addr) {
 	    addr_list = dns_rr_shuffle(addr_list);
-	    addr_list = dns_rr_sort(addr_list, dns_rr_compare_pref);
+	    addr_list = dns_rr_sort(addr_list, SMTP_COMPARE_ADDR(misc_flags));
 	}
 	break;
     case DNS_NOTFOUND:
@@ -493,7 +498,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
 	    addr_list = dns_rr_shuffle(addr_list);
 	/* The following changes the order of equal-preference hosts. */
 	if (inet_proto_info()->ai_family_list[1] != 0)
-	    addr_list = dns_rr_sort(addr_list, dns_rr_compare_pref);
+	    addr_list = dns_rr_sort(addr_list, SMTP_COMPARE_ADDR(misc_flags));
     }
     if (msg_verbose)
 	smtp_print_addr(host, addr_list);
diff --git a/postfix/src/smtp/smtp_params.c b/postfix/src/smtp/smtp_params.c
index 112d0ecbe..7aca14e8d 100644
--- a/postfix/src/smtp/smtp_params.c
+++ b/postfix/src/smtp/smtp_params.c
@@ -53,6 +53,7 @@
 	VAR_SMTP_NEST_CHKS, DEF_SMTP_NEST_CHKS, &var_smtp_nest_chks, 0, 0,
 	VAR_SMTP_BODY_CHKS, DEF_SMTP_BODY_CHKS, &var_smtp_body_chks, 0, 0,
 	VAR_SMTP_RESP_FILTER, DEF_SMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
+	VAR_SMTP_ADDR_PREF, DEF_SMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
 	0,
     };
     static const CONFIG_TIME_TABLE smtp_time_table[] = {
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 307cdd406..91612d8d0 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -797,7 +797,8 @@
 /* .IP "\fBmaps_rbl_reject_code (554)\fR"
 /*	The numerical Postfix SMTP server response code when a remote SMTP
 /*	client request is blocked by the reject_rbl_client, reject_rhsbl_client,
-/*	reject_rhsbl_sender or reject_rhsbl_recipient restriction.
+/*	reject_rhsbl_reverse_client, reject_rhsbl_sender or
+/*	reject_rhsbl_recipient restriction.
 /* .IP "\fBnon_fqdn_reject_code (504)\fR"
 /*	The numerical Postfix SMTP server reply code when a client request
 /*	is rejected by the reject_non_fqdn_helo_hostname, reject_non_fqdn_sender
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index 7b7e53b3a..a83330fbd 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -1644,7 +1644,7 @@ static int permit_mx_backup(SMTPD_STATE *state, const char *recipient,
     /*
      * Separate MX list into primaries and backups.
      */
-    mx_list = dns_rr_sort(mx_list, dns_rr_compare_pref);
+    mx_list = dns_rr_sort(mx_list, dns_rr_compare_pref_any);
     for (middle = mx_list; /* see below */ ; middle = rest) {
 	rest = middle->next;
 	if (rest == 0)
@@ -3690,6 +3690,16 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 		    status = reject_rbl_domain(state, *cpp, state->name,
 					       SMTPD_NAME_CLIENT);
 	    }
+	} else if (strcasecmp(name, REJECT_RHSBL_REVERSE_CLIENT) == 0) {
+	    if (cpp[1] == 0)
+		msg_warn("restriction %s requires domain name argument",
+			 name);
+	    else {
+		cpp += 1;
+		if (strcasecmp(state->name, "unknown") != 0)
+		    status = reject_rbl_domain(state, *cpp, state->reverse_name,
+					       SMTPD_NAME_REV_CLIENT);
+	    }
 	} else if (is_map_command(state, name, CHECK_CCERT_ACL, &cpp)) {
 	    status = check_ccert_access(state, *cpp, def_acl);
 	} else if (is_map_command(state, name, CHECK_CLIENT_NS_ACL, &cpp)) {
@@ -4628,14 +4638,14 @@ char   *smtpd_check_queue(SMTPD_STATE *state)
 		 (unsigned long) var_queue_minfree,
 		 (unsigned long) var_message_limit);
     if (BLOCKS(var_queue_minfree) >= fsbuf.block_free
-	|| BLOCKS(var_message_limit) >= fsbuf.block_free / smtpd_space_multf) {
+     || BLOCKS(var_message_limit) >= fsbuf.block_free / smtpd_space_multf) {
 	(void) smtpd_check_reject(state, MAIL_ERROR_RESOURCE,
 				  452, "4.3.1",
 				  "Insufficient system storage");
 	msg_warn("not enough free space in mail queue: %lu bytes < "
 		 "%g*message size limit",
 		 (unsigned long) fsbuf.block_free * fsbuf.block_size,
-		smtpd_space_multf);
+		 smtpd_space_multf);
 	return (STR(error_text));
     }
     return (0);
-- 
2.47.3