From 78fe66320c18087215c42243c41620efb6972c98 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Sun, 3 Nov 2013 00:00:00 -0500 Subject: [PATCH] postfix-2.11-20131103 --- postfix/HISTORY | 17 ++ postfix/README_FILES/ADDRESS_REWRITING_README | 6 +- postfix/README_FILES/BACKSCATTER_README | 4 +- postfix/README_FILES/DATABASE_README | 12 +- postfix/README_FILES/MULTI_INSTANCE_README | 26 +- postfix/README_FILES/RESTRICTION_CLASS_README | 6 +- postfix/README_FILES/SASL_README | 26 +- postfix/README_FILES/SCHEDULER_README | 8 +- postfix/README_FILES/SMTPD_ACCESS_README | 20 +- postfix/README_FILES/TLS_README | 10 +- postfix/WISHLIST | 2 - postfix/html/ADDRESS_REWRITING_README.html | 22 +- postfix/html/BACKSCATTER_README.html | 4 +- postfix/html/BUILTIN_FILTER_README.html | 8 +- postfix/html/DATABASE_README.html | 12 +- postfix/html/MULTI_INSTANCE_README.html | 26 +- postfix/html/RESTRICTION_CLASS_README.html | 6 +- postfix/html/SASL_README.html | 26 +- postfix/html/SCHEDULER_README.html | 10 +- postfix/html/SMTPD_ACCESS_README.html | 20 +- postfix/html/TLS_README.html | 10 +- postfix/html/postconf.5.html | 10 +- postfix/proto/Makefile.in | 223 +++++++++--------- postfix/src/global/mail_version.h | 2 +- postfix/src/util/dict_lmdb.c | 21 +- 25 files changed, 286 insertions(+), 251 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index c84e536aa..c4ad5ede7 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -19034,3 +19034,20 @@ Apologies for any names omitted. Documentation: added SASL_README example for check_sasl_access. File: proto/SASL_README.html. + +20131102 + + Security violation: by default, LMDB 0.9.9 writes fragments + of uninitialized heap memory to a world-readable database + file. This is a basic memory disclosure vulnerability: + memory content that a program does not intend to share ends + up in a world-readable file. The content of uninitialized + heap memory depends on program execution history. That + history includes code execution in other libraries that are + linked into the program. To work around this problem we + disable the use of malloc() in LMDB. However, that does not + address several disclosures of stack memory. File: + util/dict_lmdb.c. + + Cleanup: expand TAB characters when generating HTML and + README files. Files: proto/Makefile.in. diff --git a/postfix/README_FILES/ADDRESS_REWRITING_README b/postfix/README_FILES/ADDRESS_REWRITING_README index ceae94d8d..abd4d6a44 100644 --- a/postfix/README_FILES/ADDRESS_REWRITING_README +++ b/postfix/README_FILES/ADDRESS_REWRITING_README @@ -655,9 +655,9 @@ Example: smtp_generic_maps = hash:/etc/postfix/generic /etc/postfix/generic: - his@localdomain.local hisaccount@hisisp.example - her@localdomain.local heraccount@herisp.example - @localdomain.local hisaccount+local@hisisp.example + his@localdomain.local hisaccount@hisisp.example + her@localdomain.local heraccount@herisp.example + @localdomain.local hisaccount+local@hisisp.example When mail is sent to a remote host via SMTP, this replaces his@localdomain.local by his ISP mail address, replaces her@localdomain.local diff --git a/postfix/README_FILES/BACKSCATTER_README b/postfix/README_FILES/BACKSCATTER_README index 21f243644..12f50a234 100644 --- a/postfix/README_FILES/BACKSCATTER_README +++ b/postfix/README_FILES/BACKSCATTER_README @@ -119,7 +119,7 @@ this: endif /^Message-ID:.* ]*Message-ID:.* ]*Message-ID:.*@(porcupine\.org)/ - reject forged domain name in Message-ID: header: $1 + reject forged domain name in Message-ID: header: $1 Notes: diff --git a/postfix/README_FILES/DATABASE_README b/postfix/README_FILES/DATABASE_README index 53af00125..0ba1778f1 100644 --- a/postfix/README_FILES/DATABASE_README +++ b/postfix/README_FILES/DATABASE_README @@ -151,16 +151,16 @@ font. # Note 1: commands are specified after a TAB character. # Note 2: use postalias(1) for local aliases, postmap(1) for the rest. aliases.db: aliases.in - postalias aliases.in - mv aliases.in.db aliases.db + postalias aliases.in + mv aliases.in.db aliases.db access.db: access.in - postmap access.in - mv access.in.db access.db + postmap access.in + mv access.in.db access.db virtual.db: virtual.in - postmap virtual.in - mv virtual.in.db virtual.db + postmap virtual.in + mv virtual.in.db virtual.db ...etcetera... # vvii aacccceessss..iinn diff --git a/postfix/README_FILES/MULTI_INSTANCE_README b/postfix/README_FILES/MULTI_INSTANCE_README index 6186d59cb..9d2c82e77 100644 --- a/postfix/README_FILES/MULTI_INSTANCE_README +++ b/postfix/README_FILES/MULTI_INSTANCE_README @@ -157,13 +157,13 @@ submission null client: # a template file. The build process expands the template into # "mtaadmin+root=mta1" # - root mtaadmin+root=mta1 + root mtaadmin+root=mta1 /etc/postfix/virtual: # Caretaker aliases: # - root mtaadmin - postmaster root + root mtaadmin + postmaster root You would typically also add a Makefile, to automatically run postmap(1) commands when source files change. This Makefile also creates a "generic" @@ -175,13 +175,13 @@ database when none exists. all: virtual.cdb generic.cdb generic: Makefile - @echo Creating $@ - @rm -f $@.tmp - @printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp - @mv $@.tmp generic + @echo Creating $@ + @rm -f $@.tmp + @printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp + @mv $@.tmp generic %.cdb: % - postmap cdb:$< + postmap cdb:$< Construct the "virtual" and "generic" databases (the latter is created by running "make"), then start and test the null-client: @@ -439,7 +439,7 @@ include: # Avoid splitting the envelope and scanning messages multiple times. # Match the re-injection server's recipient limit. # - smtp_destination_recipient_limit = 1000 + smtp_destination_recipient_limit = 1000 # Tolerate occasional high latency in the content filter. # @@ -875,9 +875,9 @@ If you want to override the conventional values of the instance installation parameters, specify their values on the command-line: # postmulti [-I postfix-myinst] [-G mygroup] -e create \ - "config_directory = /path/to/config_directory" \ - "queue_directory = /path/to/queue_directory" \ - "data_directory = /path/to/data_directory" + "config_directory = /path/to/config_directory" \ + "queue_directory = /path/to/queue_directory" \ + "data_directory = /path/to/data_directory" A note on the --II and --GG options above. These are always used to assign a name or group name to an instance, while the --ii and --gg options always select @@ -924,7 +924,7 @@ match this name if necessary): Otherwise, you must specify the location of its configuration directory: # postmulti [-I postfix-myinst] [-G mygroup] -e import \ - "config_directory = /path/of/config_directory" + "config_directory = /path/of/config_directory" When the instance is imported, you can assign a name or a group. As with "create", you can control the placement of the new instance in the start order diff --git a/postfix/README_FILES/RESTRICTION_CLASS_README b/postfix/README_FILES/RESTRICTION_CLASS_README index 109c3d40b..f4fbe8fa7 100644 --- a/postfix/README_FILES/RESTRICTION_CLASS_README +++ b/postfix/README_FILES/RESTRICTION_CLASS_README @@ -30,9 +30,9 @@ Example: smtpd_recipient_restrictions = permit_mynetworks - # reject_unauth_destination is not needed here if the mail - # relay policy is specified with smtpd_relay_restrictions - # (available with Postfix 2.10 and later). + # reject_unauth_destination is not needed here if the mail + # relay policy is specified with smtpd_relay_restrictions + # (available with Postfix 2.10 and later). reject_unauth_destination check_recipient_access hash:/etc/postfix/recipient_access ... diff --git a/postfix/README_FILES/SASL_README b/postfix/README_FILES/SASL_README index da81b1e0e..59489414c 100644 --- a/postfix/README_FILES/SASL_README +++ b/postfix/README_FILES/SASL_README @@ -846,19 +846,19 @@ authenticated SMTP clients to send mail to remote destinations. Examples: # preferably specified under smtpd_relay_restrictions. /etc/postfix/main.cf: smtpd_relay_restrictions = - permit_mynetworks - ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd - reject_unauth_destination + permit_mynetworks + ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd + reject_unauth_destination # Older configurations combine relay control and spam control under # smtpd_recipient_restrictions. To use this example with Postfix >= # 2.10 specify "smtpd_relay_restrictions=". /etc/postfix/main.cf: smtpd_recipient_restrictions = - permit_mynetworks - ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd - reject_unauth_destination - ...other rules... + permit_mynetworks + ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd + reject_unauth_destination + ...other rules... EEnnvveellooppee sseennddeerr aaddddrreessss aauutthhoorriizzaattiioonn @@ -878,7 +878,7 @@ authenticated client is allowed to use a particular envelope sender address: smtpd_recipient_restrictions = ... rreejjeecctt__sseennddeerr__llooggiinn__mmiissmmaattcchh - permit_sasl_authenticated + permit_sasl_authenticated ... The controlled_envelope_senders table specifies the binding between a sender @@ -915,14 +915,14 @@ credentials have been compromised. /etc/postfix/main.cf: smtpd_recipient_restrictions = - permit_mynetworks - check_sasl_access hash:/etc/postfix/sasl_access - permit_sasl_authenticated - ... + permit_mynetworks + check_sasl_access hash:/etc/postfix/sasl_access + permit_sasl_authenticated + ... /etc/postfix/sasl_access: # Use this when smtpd_sasl_local_domain is empty. - username HOLD + username HOLD # Use this when smtpd_sasl_local_domain=example.com. username@example.com HOLD diff --git a/postfix/README_FILES/SCHEDULER_README b/postfix/README_FILES/SCHEDULER_README index 35510f325..3223d2ada 100644 --- a/postfix/README_FILES/SCHEDULER_README +++ b/postfix/README_FILES/SCHEDULER_README @@ -594,10 +594,10 @@ The first approximation of the new scheduling algorithm is like this: if transport process limit reached continue foreach transport's job (in the order of the transport's job list) do - foreach job's peer (round-robin-by-destination) - if peer->queue->concurrency < peer->queue->window - return next peer entry. - done + foreach job's peer (round-robin-by-destination) + if peer->queue->concurrency < peer->queue->window + return next peer entry. + done done done diff --git a/postfix/README_FILES/SMTPD_ACCESS_README b/postfix/README_FILES/SMTPD_ACCESS_README index f7547237a..2cc15b6d9 100644 --- a/postfix/README_FILES/SMTPD_ACCESS_README +++ b/postfix/README_FILES/SMTPD_ACCESS_README @@ -134,20 +134,20 @@ Examples of simple restriction lists are: # Relay control (Postfix 2.10 and later): local clients and # authenticated clients may specify any destination domain. smtpd_relay_restrictions = permit_mynetworks, - permit_sasl_authenticated, - reject_unauth_destination + permit_sasl_authenticated, + reject_unauth_destination # Spam control: exclude local clients and authenticated clients # from DNSBL lookups. smtpd_recipient_restrictions = permit_mynetworks, - permit_sasl_authenticated, - # reject_unauth_destination is not needed here if the mail - # relay policy is specified under smtpd_relay_restrictions - # (available with Postfix 2.10 and later). - reject_unauth_destination - reject_rbl_client zen.spamhaus.org, - reject_rhsbl_helo dbl.spamhaus.org, - reject_rhsbl_sender dbl.spamhaus.org + permit_sasl_authenticated, + # reject_unauth_destination is not needed here if the mail + # relay policy is specified under smtpd_relay_restrictions + # (available with Postfix 2.10 and later). + reject_unauth_destination + reject_rbl_client zen.spamhaus.org, + reject_rhsbl_helo dbl.spamhaus.org, + reject_rhsbl_sender dbl.spamhaus.org # Block clients that speak too early. smtpd_data_restrictions = reject_unauth_pipelining diff --git a/postfix/README_FILES/TLS_README b/postfix/README_FILES/TLS_README index 697d614ab..93ea07b42 100644 --- a/postfix/README_FILES/TLS_README +++ b/postfix/README_FILES/TLS_README @@ -1140,7 +1140,7 @@ the example above, we show two matching fingerprints: smtp_tls_fingerprint_digest = md5 /etc/postfix/tls_policy: - example.com fingerprint + example.com fingerprint match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 @@ -1753,8 +1753,8 @@ Example: [mail.example.org]:587 secure match=nexthop # Postfix 2.5 and later [thumb.example.org] fingerprint - match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 - match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 + match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 + match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 # Postfix 2.6 and later example.info may protocols=!SSLv2 ciphers=medium exclude=3DES @@ -2135,14 +2135,14 @@ indicates a super-user shell. /etc/postfix/main.cf: smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_tls_session_cache_database = - btree:/var/lib/postfix/smtp_tls_session_cache + btree:/var/lib/postfix/smtp_tls_session_cache smtp_tls_security_level = may smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_cert_file = /etc/postfix/foo-cert.pem smtpd_tls_key_file = /etc/postfix/foo-key.pem smtpd_tls_received_header = yes smtpd_tls_session_cache_database = - btree:/var/lib/postfix/smtpd_tls_session_cache + btree:/var/lib/postfix/smtpd_tls_session_cache tls_random_source = dev:/dev/urandom smtpd_tls_security_level = may diff --git a/postfix/WISHLIST b/postfix/WISHLIST index be55ea52c..5afdd4ed5 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -15,8 +15,6 @@ Wish list: Things to do after the stable release: - Why does postlink no longer hyperlink static:all? - Begin code revision, after DANE support stabilizes. This should be one pass that changes only names and no code. diff --git a/postfix/html/ADDRESS_REWRITING_README.html b/postfix/html/ADDRESS_REWRITING_README.html index 015db2ef5..ee8a670fe 100644 --- a/postfix/html/ADDRESS_REWRITING_README.html +++ b/postfix/html/ADDRESS_REWRITING_README.html @@ -434,7 +434,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

Rewrite "site!user" to "user@site"
@@ -448,7 +448,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

Rewrite "user%domain" to "user@domain"
@@ -461,7 +461,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

@@ -478,7 +478,7 @@ from remote SMTP clients only if the client matches the domain name specified with the remote_header_rewrite_domain configuration parameter, if one is specified. To get the behavior before Postfix 2.2, specify "local_header_rewrite_clients = -static:all".

+static:all".

If your machine is not the main machine for $myorigin and you wish to have some users delivered locally without going via that @@ -502,7 +502,7 @@ from remote SMTP clients only if the client matches the domain name specified with the remote_header_rewrite_domain configuration parameter, if one is specified. To get the behavior before Postfix 2.2, specify "local_header_rewrite_clients = -static:all".

+static:all".

Some will argue that rewriting "host" to "host.domain" is bad. That is why it can be turned off. Others like the convenience @@ -519,7 +519,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

@@ -537,7 +537,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

Address rewriting is done for local and remote addresses. The mapping is useful to @@ -621,7 +621,7 @@ from remote SMTP clients only if the client matches the local_header_rewrite_clients parameter, or if the remote_header_rewrite_domain configuration parameter specifies a non-empty value. To get the behavior before Postfix 2.2, specify -"local_header_rewrite_clients = static:all".

+"local_header_rewrite_clients = static:all".

Address masquerading is disabled by default, and is implemented by the cleanup(8) server. To enable, edit the masquerade_domains @@ -995,9 +995,9 @@ local machine.

smtp_generic_maps = hash:/etc/postfix/generic /etc/postfix/generic: - his@localdomain.local hisaccount@hisisp.example - her@localdomain.local heraccount@herisp.example - @localdomain.local hisaccount+local@hisisp.example + his@localdomain.local hisaccount@hisisp.example + her@localdomain.local heraccount@herisp.example + @localdomain.local hisaccount+local@hisisp.example diff --git a/postfix/html/BACKSCATTER_README.html b/postfix/html/BACKSCATTER_README.html index 631e15235..2638260bc 100644 --- a/postfix/html/BACKSCATTER_README.html +++ b/postfix/html/BACKSCATTER_README.html @@ -195,7 +195,7 @@ patterns like this:

endif /^Message-ID:.* <!&!/ DUNNO /^Message-ID:.*@(porcupine\.org)/ - reject forged domain name in Message-ID: header: $1 + reject forged domain name in Message-ID: header: $1 /etc/postfix/body_checks: # Do not indent the patterns between "if" and "endif". @@ -209,7 +209,7 @@ patterns like this:

endif /^[> ]*Message-ID:.* <!&!/ DUNNO /^[> ]*Message-ID:.*@(porcupine\.org)/ - reject forged domain name in Message-ID: header: $1 + reject forged domain name in Message-ID: header: $1 diff --git a/postfix/html/BUILTIN_FILTER_README.html b/postfix/html/BUILTIN_FILTER_README.html index 22418cdce..0e75f9f71 100644 --- a/postfix/html/BUILTIN_FILTER_README.html +++ b/postfix/html/BUILTIN_FILTER_README.html @@ -78,13 +78,13 @@ built-in content inspection works:

-> - - Delivery
agents + + Delivery
agents -> - - Network or
local mailbox + + Network or
local mailbox diff --git a/postfix/html/DATABASE_README.html b/postfix/html/DATABASE_README.html index 299b8e6bc..f7a6ef73a 100644 --- a/postfix/html/DATABASE_README.html +++ b/postfix/html/DATABASE_README.html @@ -225,16 +225,16 @@ all: aliases.db access.db virtual.db ...etcetera... # Note 1: commands are specified after a TAB character. # Note 2: use postalias(1) for local aliases, postmap(1) for the rest. aliases.db: aliases.in - postalias aliases.in - mv aliases.in.db aliases.db + postalias aliases.in + mv aliases.in.db aliases.db access.db: access.in - postmap access.in - mv access.in.db access.db + postmap access.in + mv access.in.db access.db virtual.db: virtual.in - postmap virtual.in - mv virtual.in.db virtual.db + postmap virtual.in + mv virtual.in.db virtual.db ...etcetera... # vi access.in diff --git a/postfix/html/MULTI_INSTANCE_README.html b/postfix/html/MULTI_INSTANCE_README.html index 37a708577..2444e1dd9 100644 --- a/postfix/html/MULTI_INSTANCE_README.html +++ b/postfix/html/MULTI_INSTANCE_README.html @@ -209,13 +209,13 @@ href="STANDARD_CONFIGURATION_README.html#null_client">null client: # a template file. The build process expands the template into # "mtaadmin+root=mta1" # - root mtaadmin+root=mta1 + root mtaadmin+root=mta1 /etc/postfix/virtual: # Caretaker aliases: # - root mtaadmin - postmaster root + root mtaadmin + postmaster root @@ -231,13 +231,13 @@ creates a "generic" database when none exists.

all: virtual.cdb generic.cdb generic: Makefile - @echo Creating $@ - @rm -f $@.tmp - @printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp - @mv $@.tmp generic + @echo Creating $@ + @rm -f $@.tmp + @printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp + @mv $@.tmp generic %.cdb: % - postmap cdb:$< + postmap cdb:$< @@ -554,7 +554,7 @@ pre-filter input instance include:

# Avoid splitting the envelope and scanning messages multiple times. # Match the re-injection server's recipient limit. # - smtp_destination_recipient_limit = 1000 + smtp_destination_recipient_limit = 1000 # Tolerate occasional high latency in the content filter. # @@ -1126,9 +1126,9 @@ installation parameters, specify their values on the command-line: 

 # postmulti [-I postfix-myinst] [-G mygroup] -e create \
-	"config_directory = /path/to/config_directory" \
-	"queue_directory = /path/to/queue_directory" \
-	"data_directory = /path/to/data_directory"
+        "config_directory = /path/to/config_directory" \
+        "queue_directory = /path/to/queue_directory" \
+        "data_directory = /path/to/data_directory"
@@ -1191,7 +1191,7 @@ directory: 

 # postmulti [-I postfix-myinst] [-G mygroup] -e import \
-	"config_directory = /path/of/config_directory"
+        "config_directory = /path/of/config_directory"
diff --git a/postfix/html/RESTRICTION_CLASS_README.html b/postfix/html/RESTRICTION_CLASS_README.html index 6b85f8d8f..8858b92b8 100644 --- a/postfix/html/RESTRICTION_CLASS_README.html +++ b/postfix/html/RESTRICTION_CLASS_README.html @@ -49,9 +49,9 @@ care about these low-level details.

smtpd_recipient_restrictions = permit_mynetworks - # reject_unauth_destination is not needed here if the mail - # relay policy is specified with smtpd_relay_restrictions - # (available with Postfix 2.10 and later). + # reject_unauth_destination is not needed here if the mail + # relay policy is specified with smtpd_relay_restrictions + # (available with Postfix 2.10 and later). reject_unauth_destination check_recipient_access hash:/etc/postfix/recipient_access ... diff --git a/postfix/html/SASL_README.html b/postfix/html/SASL_README.html index 5c34030da..e39391fe7 100644 --- a/postfix/html/SASL_README.html +++ b/postfix/html/SASL_README.html @@ -1385,9 +1385,9 @@ Examples: # preferably specified under smtpd_relay_restrictions. /etc/postfix/main.cf: smtpd_relay_restrictions = - permit_mynetworks - permit_sasl_authenticated - reject_unauth_destination + permit_mynetworks + permit_sasl_authenticated + reject_unauth_destination 
@@ -1396,10 +1396,10 @@ Examples:
 # 2.10 specify "smtpd_relay_restrictions=".
 /etc/postfix/main.cf:
     smtpd_recipient_restrictions =
-	permit_mynetworks
-	permit_sasl_authenticated
-	reject_unauth_destination
-	...other rules...
+        permit_mynetworks
+        permit_sasl_authenticated
+        reject_unauth_destination
+        ...other rules...
@@ -1425,7 +1425,7 @@ use a particular envelope sender address:

smtpd_recipient_restrictions = ... reject_sender_login_mismatch - permit_sasl_authenticated + permit_sasl_authenticated ... @@ -1472,14 +1472,14 @@ REJECT mail from accounts whose credentials have been compromised. 
 /etc/postfix/main.cf:
     smtpd_recipient_restrictions = 
-	permit_mynetworks 
-	check_sasl_access hash:/etc/postfix/sasl_access
-	permit_sasl_authenticated
-	...
+        permit_mynetworks 
+        check_sasl_access hash:/etc/postfix/sasl_access
+        permit_sasl_authenticated
+        ...
 
 /etc/postfix/sasl_access:
      # Use this when smtpd_sasl_local_domain is empty.
-     username	HOLD
+     username   HOLD
      # Use this when smtpd_sasl_local_domain=example.com.
      username@example.com HOLD
diff --git a/postfix/html/SCHEDULER_README.html b/postfix/html/SCHEDULER_README.html index 0fc20d84a..06922f398 100644 --- a/postfix/html/SCHEDULER_README.html +++ b/postfix/html/SCHEDULER_README.html @@ -1,5 +1,5 @@ + "http://www.w3.org/TR/html4/loose.dtd"> @@ -877,10 +877,10 @@ do if transport process limit reached continue foreach transport's job (in the order of the transport's job list) do - foreach job's peer (round-robin-by-destination) - if peer->queue->concurrency < peer->queue->window - return next peer entry. - done + foreach job's peer (round-robin-by-destination) + if peer->queue->concurrency < peer->queue->window + return next peer entry. + done done done diff --git a/postfix/html/SMTPD_ACCESS_README.html b/postfix/html/SMTPD_ACCESS_README.html index 6d8a81a52..87c810305 100644 --- a/postfix/html/SMTPD_ACCESS_README.html +++ b/postfix/html/SMTPD_ACCESS_README.html @@ -190,20 +190,20 @@ described in the postconf(5) manual page.

# Relay control (Postfix 2.10 and later): local clients and # authenticated clients may specify any destination domain. smtpd_relay_restrictions = permit_mynetworks, - permit_sasl_authenticated, - reject_unauth_destination + permit_sasl_authenticated, + reject_unauth_destination # Spam control: exclude local clients and authenticated clients # from DNSBL lookups. smtpd_recipient_restrictions = permit_mynetworks, - permit_sasl_authenticated, - # reject_unauth_destination is not needed here if the mail - # relay policy is specified under smtpd_relay_restrictions - # (available with Postfix 2.10 and later). - reject_unauth_destination - reject_rbl_client zen.spamhaus.org, - reject_rhsbl_helo dbl.spamhaus.org, - reject_rhsbl_sender dbl.spamhaus.org + permit_sasl_authenticated, + # reject_unauth_destination is not needed here if the mail + # relay policy is specified under smtpd_relay_restrictions + # (available with Postfix 2.10 and later). + reject_unauth_destination + reject_rbl_client zen.spamhaus.org, + reject_rhsbl_helo dbl.spamhaus.org, + reject_rhsbl_sender dbl.spamhaus.org # Block clients that speak too early. smtpd_data_restrictions = reject_unauth_pipelining diff --git a/postfix/html/TLS_README.html b/postfix/html/TLS_README.html index c460a195a..c15cae3b2 100644 --- a/postfix/html/TLS_README.html +++ b/postfix/html/TLS_README.html @@ -1528,7 +1528,7 @@ As in the example above, we show two matching fingerprints: 

 /etc/postfix/tls_policy:
-    example.com	fingerprint
+    example.com fingerprint
         match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
         match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
@@ -2299,8 +2299,8 @@ Example: [mail.example.org]:587 secure match=nexthop # Postfix 2.5 and later [thumb.example.org] fingerprint - match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 - match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 + match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 + match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 # Postfix 2.6 and later example.info may protocols=!SSLv2 ciphers=medium exclude=3DES @@ -2791,14 +2791,14 @@ but don't require them from all clients.

/etc/postfix/main.cf: smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_tls_session_cache_database = - btree:/var/lib/postfix/smtp_tls_session_cache + btree:/var/lib/postfix/smtp_tls_session_cache smtp_tls_security_level = may smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_cert_file = /etc/postfix/foo-cert.pem smtpd_tls_key_file = /etc/postfix/foo-key.pem smtpd_tls_received_header = yes smtpd_tls_session_cache_database = - btree:/var/lib/postfix/smtpd_tls_session_cache + btree:/var/lib/postfix/smtpd_tls_session_cache tls_random_source = dev:/dev/urandom smtpd_tls_security_level = may diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 2c013792f..28a3b3e6d 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -7018,7 +7018,7 @@ to the configured before/after 220 greeting tests. 
 /etc/postfix/main.cf:
     postscreen_access_list = permit_mynetworks,
-		cidr:/etc/postfix/postscreen_access.cidr
+                cidr:/etc/postfix/postscreen_access.cidr
     postscreen_blacklist_action = enforce
@@ -7341,7 +7341,7 @@ the file is read). 

 /etc/postfix/dnsbl_reply:
-   secret.zen.spamhaus.org	zen.spamhaus.org
+   secret.zen.spamhaus.org      zen.spamhaus.org

This feature is available in Postfix 2.8.

@@ -11199,7 +11199,7 @@ As in the example above, we show two matching fingerprints: 

 /etc/postfix/tls_policy:
-    example.com	fingerprint
+    example.com fingerprint
         match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
         match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
@@ -11777,8 +11777,8 @@ Example: [mail.example.org]:587 secure match=nexthop # Postfix 2.5 and later [thumb.example.org] fingerprint - match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 - match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 + match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 + match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1

Note: The hostname strategy if listed in a non-default diff --git a/postfix/proto/Makefile.in b/postfix/proto/Makefile.in index e9a69cd15..adfcf2591 100644 --- a/postfix/proto/Makefile.in +++ b/postfix/proto/Makefile.in @@ -95,6 +95,7 @@ MAN = ../man/man5/postconf.5 AWK = awk '{ print; if (NR == 1) print ".pl 9999\n.ll 65" }' SRCTOMAN= ../mantools/srctoman POSTLINK= ../mantools/postlink +DETAB = pr -tre HT2READ = ../mantools/html2readme MAKEAAA = ../mantools/makereadme MAKESOHO= ../mantools/make_soho_readme @@ -138,341 +139,341 @@ clobber: $(SRCTOMAN) - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@ ../html/ADDRESS_CLASS_README.html: ADDRESS_CLASS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/ADDRESS_REWRITING_README.html: ADDRESS_REWRITING_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/ADDRESS_VERIFICATION_README.html: ADDRESS_VERIFICATION_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/BACKSCATTER_README.html: BACKSCATTER_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/CDB_README.html: CDB_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/CONNECTION_CACHE_README.html: CONNECTION_CACHE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/CONTENT_INSPECTION_README.html: CONTENT_INSPECTION_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/CYRUS_README.html: CYRUS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/BASIC_CONFIGURATION_README.html: BASIC_CONFIGURATION_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/BUILTIN_FILTER_README.html: BUILTIN_FILTER_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/DATABASE_README.html: DATABASE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/DB_README.html: DB_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/DEBUG_README.html: DEBUG_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/DSN_README.html: DSN_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/ETRN_README.html: ETRN_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/FILTER_README.html: FILTER_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/INSTALL.html: INSTALL.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/IPV6_README.html: IPV6_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/LDAP_README.html: LDAP_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/LINUX_README.html: LINUX_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/LOCAL_RECIPIENT_README.html: LOCAL_RECIPIENT_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/MAILDROP_README.html: MAILDROP_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/LMDB_README.html: LMDB_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/MEMCACHE_README.html: MEMCACHE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/MILTER_README.html: MILTER_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/MULTI_INSTANCE_README.html: MULTI_INSTANCE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/MYSQL_README.html: MYSQL_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/NFS_README.html: NFS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/OVERVIEW.html: OVERVIEW.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/PACKAGE_README.html: PACKAGE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/PCRE_README.html: PCRE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/PGSQL_README.html: PGSQL_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/POSTSCREEN_README.html: POSTSCREEN_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/QMQP_README.html: QMQP_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/QSHAPE_README.html: QSHAPE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/RESTRICTION_CLASS_README.html: RESTRICTION_CLASS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SASL_README.html: SASL_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SCHEDULER_README.html: SCHEDULER_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SMTPD_ACCESS_README.html: SMTPD_ACCESS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SMTPD_POLICY_README.html: SMTPD_POLICY_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SMTPD_PROXY_README.html: SMTPD_PROXY_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/SOHO_README.html: $(MAKESOHO) $(DEPSOHO) - $(MAKESOHO) | $(POSTLINK) >$@ + $(MAKESOHO) | $(POSTLINK) | $(DETAB) >$@ ../html/SQLITE_README.html: SQLITE_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/STANDARD_CONFIGURATION_README.html: STANDARD_CONFIGURATION_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/STRESS_README.html: STRESS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/TUNING_README.html: TUNING_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/UUCP_README.html: UUCP_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/ULTRIX_README.html: ULTRIX_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/VERP_README.html: VERP_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/VIRTUAL_README.html: VIRTUAL_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/XCLIENT_README.html: XCLIENT_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/XFORWARD_README.html: XFORWARD_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/TLS_README.html: TLS_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../html/TLS_LEGACY_README.html: TLS_LEGACY_README.html - $(POSTLINK) $? >$@ + $(POSTLINK) $? | $(DETAB) >$@ ../README_FILES/ADDRESS_CLASS_README: ADDRESS_CLASS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/ADDRESS_REWRITING_README: ADDRESS_REWRITING_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/ADDRESS_VERIFICATION_README: ADDRESS_VERIFICATION_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/BACKSCATTER_README: BACKSCATTER_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/BASIC_CONFIGURATION_README: BASIC_CONFIGURATION_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/BUILTIN_FILTER_README: BUILTIN_FILTER_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/CDB_README: CDB_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/CONNECTION_CACHE_README: CONNECTION_CACHE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/CONTENT_INSPECTION_README: CONTENT_INSPECTION_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/CYRUS_README: CYRUS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/DATABASE_README: DATABASE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/DB_README: DB_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/DEBUG_README: DEBUG_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/DSN_README: DSN_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/ETRN_README: ETRN_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/FILTER_README: FILTER_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/INSTALL: INSTALL.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/IPV6_README: IPV6_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/LDAP_README: LDAP_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/LINUX_README: LINUX_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/LOCAL_RECIPIENT_README: LOCAL_RECIPIENT_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/MAILDROP_README: MAILDROP_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/LMDB_README: LMDB_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/MEMCACHE_README: MEMCACHE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/MILTER_README: MILTER_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/MULTI_INSTANCE_README: MULTI_INSTANCE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/MYSQL_README: MYSQL_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/NFS_README: NFS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/OVERVIEW: OVERVIEW.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/PACKAGE_README: PACKAGE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/PCRE_README: PCRE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/PGSQL_README: PGSQL_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/POSTSCREEN_README: POSTSCREEN_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/QMQP_README: QMQP_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/QSHAPE_README: QSHAPE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/RESTRICTION_CLASS_README: RESTRICTION_CLASS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SASL_README: SASL_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SCHEDULER_README: SCHEDULER_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SMTPD_ACCESS_README: SMTPD_ACCESS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SMTPD_POLICY_README: SMTPD_POLICY_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SMTPD_PROXY_README: SMTPD_PROXY_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/SOHO_README: $(MAKESOHO) $(DEPSOHO) - $(MAKESOHO) | $(HT2READ) >$@ + $(MAKESOHO) | $(HT2READ) | $(DETAB) >$@ ../README_FILES/SQLITE_README: SQLITE_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/STANDARD_CONFIGURATION_README: STANDARD_CONFIGURATION_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/STRESS_README: STRESS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/TUNING_README: TUNING_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/UUCP_README: UUCP_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/ULTRIX_README: ULTRIX_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/VERP_README: VERP_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/VIRTUAL_README: VIRTUAL_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/XCLIENT_README: XCLIENT_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/XFORWARD_README: XFORWARD_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/TLS_README: TLS_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/TLS_LEGACY_README: TLS_LEGACY_README.html - $(HT2READ) $? >$@ + $(HT2READ) $? | $(DETAB) >$@ ../README_FILES/AAAREADME: ../html/index.html $(MAKEAAA) - $(MAKEAAA) ../html/index.html | $(HT2READ) >$@ + $(MAKEAAA) ../html/index.html | $(HT2READ) | $(DETAB) >$@ ../man/man5/postconf.5: postconf.man.prolog postconf.proto postconf.man.epilog \ ../mantools/xpostconf ../mantools/postconf2html ../mantools/postconf2man (cat postconf.man.prolog; ../mantools/xpostconf postconf.proto | \ ../mantools/postconf2html | ../mantools/postconf2man | \ - sed 's/\\e&/\\\&/'; cat postconf.man.epilog ) > $@ + sed 's/\\e&/\\\&/'; cat postconf.man.epilog ) | $(DETAB) > $@ ../html/postconf.5.html: postconf.html.prolog postconf.proto \ postconf.html.epilog ../mantools/xpostconf ../mantools/postconf2html \ ../mantools/postlink (cat postconf.html.prolog; ../mantools/xpostconf postconf.proto | \ ../mantools/postconf2html | ../mantools/postlink; \ - cat postconf.html.epilog ) > $@ + cat postconf.html.epilog ) | $(DETAB) > $@ diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 90692516b..04ddb62aa 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20131102" +#define MAIL_RELEASE_DATE "20131103" #define MAIL_VERSION_NUMBER "2.11" #ifdef SNAPSHOT diff --git a/postfix/src/util/dict_lmdb.c b/postfix/src/util/dict_lmdb.c index 1aa8412b6..aa6836042 100644 --- a/postfix/src/util/dict_lmdb.c +++ b/postfix/src/util/dict_lmdb.c @@ -551,12 +551,31 @@ DICT *dict_lmdb_open(const char *path, int open_flags, int dict_flags) mdb_path = concatenate(path, "." DICT_TYPE_LMDB, (char *) 0); /* - * Impedance adapters. + * Security violation. + * + * By default, LMDB 0.9.9 writes uninitialized heap memory to a + * world-readable database file. This is a basic memory disclosure + * vulnerability: memory content that a program does not intend to share + * ends up in a world-readable file. The content of uninitialized heap + * memory depends on program execution history. That history includes + * code execution in other libraries that are linked into the program. + * + * As a workaround we turn on MDB_WRITEMAP which disables the use of + * malloc() in LMDB. However, that does not address several disclosures + * of stack memory. */ mdb_flags = MDB_NOSUBDIR | MDB_NOLOCK; if (open_flags == O_RDONLY) mdb_flags |= MDB_RDONLY; + /* + * Replace with MDB_VERSION_FULL < MDB_VERINT(X, Y, Z) after this is + * fixed up-stream. + */ +#if 1 + mdb_flags |= MDB_WRITEMAP; +#endif + slmdb_flags = 0; if (dict_flags & DICT_FLAG_BULK_UPDATE) slmdb_flags |= SLMDB_FLAG_BULK; -- 2.47.3