From 9261467a4c6b518008d079c33bfa1d01d8a04089 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Tue, 12 Aug 2003 00:00:00 -0500 Subject: [PATCH] postfix-2.0.14-20030812 --- postfix/.indent.pro | 1 + postfix/HISTORY | 21 ++++ postfix/conf/access | 144 +++++++++++------------- postfix/conf/canonical | 78 ++++++------- postfix/conf/main.cf | 6 +- postfix/conf/pcre_table | 93 ++++++++-------- postfix/conf/regexp_table | 37 ++++--- postfix/conf/relocated | 64 +++++------ postfix/conf/sample-filter.cf | 31 ++++-- postfix/conf/sample-pcre-access.cf | 5 +- postfix/conf/sample-pcre-body.cf | 8 +- postfix/conf/sample-pcre-header.cf | 8 +- postfix/conf/sample-regexp-access.cf | 4 +- postfix/conf/sample-regexp-body.cf | 7 +- postfix/conf/sample-regexp-header.cf | 7 +- postfix/conf/sample-resource.cf | 4 +- postfix/conf/sample-smtpd.cf | 4 +- postfix/conf/transport | 132 +++++++++++----------- postfix/conf/virtual | 3 +- postfix/html/access.5.html | 144 +++++++++++------------- postfix/html/canonical.5.html | 102 ++++++++--------- postfix/html/cleanup.8.html | 86 +++++++------- postfix/html/faq.html | 10 +- postfix/html/pcre_table.5.html | 93 ++++++++-------- postfix/html/pipe.8.html | 48 ++++---- postfix/html/postmap.1.html | 6 +- postfix/html/regexp_table.5.html | 39 ++++--- postfix/html/relocated.5.html | 78 ++++++------- postfix/html/smtpd.8.html | 2 +- postfix/html/transport.5.html | 160 +++++++++++++-------------- postfix/html/uce.html | 8 +- postfix/html/virtual.5.html | 23 ++-- postfix/man/man1/postmap.1 | 6 +- postfix/man/man5/access.5 | 11 +- postfix/man/man5/canonical.5 | 2 +- postfix/man/man5/pcre_table.5 | 8 +- postfix/man/man5/regexp_table.5 | 10 +- postfix/man/man5/relocated.5 | 8 +- postfix/man/man5/transport.5 | 2 +- postfix/man/man5/virtual.5 | 3 +- postfix/man/man8/cleanup.8 | 2 +- postfix/man/man8/smtpd.8 | 2 +- postfix/proto/access | 11 +- postfix/proto/canonical | 2 +- postfix/proto/pcre_table | 8 +- postfix/proto/regexp_table | 10 +- postfix/proto/relocated | 8 +- postfix/proto/transport | 2 +- postfix/proto/virtual | 3 +- postfix/src/cleanup/cleanup.c | 2 +- postfix/src/global/mail_version.h | 2 +- postfix/src/lmtp/lmtp_connect.c | 2 +- postfix/src/pipe/pipe.c | 80 ++++++++++---- postfix/src/postmap/postmap.c | 6 +- postfix/src/smtp/smtp_connect.c | 2 +- postfix/src/smtpd/smtpd.c | 2 +- postfix/src/smtpd/smtpd_check.c | 29 +---- postfix/src/util/Makefile.in | 3 + postfix/src/util/find_inet.c | 3 +- postfix/src/util/sane_accept.c | 3 +- 60 files changed, 879 insertions(+), 809 deletions(-) diff --git a/postfix/.indent.pro b/postfix/.indent.pro index f146bceba..35ef0bc9f 100644 --- a/postfix/.indent.pro +++ b/postfix/.indent.pro @@ -115,6 +115,7 @@ -TPICKUP_INFO -TPIPE_ATTR -TPIPE_PARAMS +-TPIPE_STATE -TPLMYSQL -TPLPGSQL -TPOST_MAIL_STATE diff --git a/postfix/HISTORY b/postfix/HISTORY index a2fec501e..ae2d125b8 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -8419,14 +8419,35 @@ Apologies for any names omitted. and dict_mysql modules. These maps must be opened in read-only mode. +20030731 + + Bugfix: virtual(8) was changed to use mail_addr_find() + instead of virtual8_maps_find(), but the SMTP server's + virtual mailbox recipient validation was not updated. + 20030804 Bugfix: the 20030712 safety against invalid DNS results was broken. Reported by Ralf Hildebrandt. File: dns/dns_lookup.c. +20030805-12 + + Safety: the pipe daemon now defers delivery with a warning + when it is given a non-existent command-line macro name. + File: pipe/pipe.c. + +20030811 + + Cleanup: produce a warning when host:port specifies a badly + formatted numerical port. Files: util/find_inet.c, + smtp/smtp_connect.c, lmtp/lmtp_connect.c. + Open problems: + Doc: mention the proxy_interfaces parameter everywhere the + inet_interfaces and mydestination parameters are mentioned. + Low: smtp-source may block when sending large test messages. Med: make qmgr recipient bounce/defer activity asynchronous diff --git a/postfix/conf/access b/postfix/conf/access index aa6e33db8..e95204eb9 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -35,59 +35,59 @@ # and "TCP-BASED TABLES". # # TABLE FORMAT -# The format of the access table is as follows: +# The input format for the postmap(1) command is as follows: # # pattern action # When pattern matches a mail address, domain or host # address, perform the corresponding action. # # blank lines and comments -# Empty lines and whitespace-only lines are ignored, -# as are lines whose first non-whitespace character +# Empty lines and whitespace-only lines are ignored, +# as are lines whose first non-whitespace character # is a `#'. # # multi-line text -# A logical line starts with non-whitespace text. A -# line that starts with whitespace continues a logi- +# A logical line starts with non-whitespace text. A +# line that starts with whitespace continues a logi- # cal line. # # EMAIL ADDRESS PATTERNS # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, the following -# lookup patterns are examined in the order as listed: +# networked tables such as NIS, LDAP or SQL, patterns are +# tried in the order as listed below: # # user@domain # Matches the specified mail address. # # domain.tld -# Matches domain.tld as the domain part of an email +# Matches domain.tld as the domain part of an email # address. # # The pattern domain.tld also matches subdomains, but # only when the string smtpd_access_maps is listed in -# the Postfix parent_domain_matches_subdomains con- +# the Postfix parent_domain_matches_subdomains con- # figuration setting. Otherwise, specify .domain.tld -# (note the initial dot) in order to match subdo- +# (note the initial dot) in order to match subdo- # mains. # -# user@ Matches all mail addresses with the specified user +# user@ Matches all mail addresses with the specified user # part. # -# Note: lookup of the null sender address is not possible -# with some types of lookup table. By default, Postfix uses -# <> as the lookup key for such addresses. The value is -# specified with the smtpd_null_access_lookup_key parameter +# Note: lookup of the null sender address is not possible +# with some types of lookup table. By default, Postfix uses +# <> as the lookup key for such addresses. The value is +# specified with the smtpd_null_access_lookup_key parameter # in the Postfix main.cf file. # # EMAIL ADDRESS EXTENSION # When a mail address localpart contains the optional recip- -# ient delimiter (e.g., user+foo@domain), the lookup order -# becomes: user+foo@domain, user@domain, domain, user+foo@, +# ient delimiter (e.g., user+foo@domain), the lookup order +# becomes: user+foo@domain, user@domain, domain, user+foo@, # and user@. # # HOST NAME/ADDRESS PATTERNS # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, the following +# networked tables such as NIS, LDAP or SQL, the following # lookup patterns are examined in the order as listed: # # domain.tld @@ -95,9 +95,9 @@ # # The pattern domain.tld also matches subdomains, but # only when the string smtpd_access_maps is listed in -# the Postfix parent_domain_matches_subdomains con- +# the Postfix parent_domain_matches_subdomains con- # figuration setting. Otherwise, specify .domain.tld -# (note the initial dot) in order to match subdo- +# (note the initial dot) in order to match subdo- # mains. # # net.work.addr.ess @@ -106,98 +106,88 @@ # # net.work # -# net Matches any host address in the specified network. -# A network address is a sequence of one or more +# net Matches any host address in the specified network. +# A network address is a sequence of one or more # octets separated by ".". # -# NOTE: use the cidr lookup table type to specify +# NOTE: use the cidr lookup table type to specify # network/netmask patterns. See cidr_table(5) for # details. # # ACTIONS # [45]NN text -# Reject the address etc. that matches the pattern, +# Reject the address etc. that matches the pattern, # and respond with the numerical code and text. # -# REJECT -# # REJECT optional text... -# Reject the address etc. that matches the pattern. -# Reply with $reject_code optional text... when the -# optional text is specified, otherwise reply with a +# Reject the address etc. that matches the pattern. +# Reply with $reject_code optional text... when the +# optional text is specified, otherwise reply with a # generic error response message. # -# DEFER_IF_REJECT -# # DEFER_IF_REJECT optional text... -# Defer the request if some later restriction would +# Defer the request if some later restriction would # result in a REJECT action. Reply with "450 optional # text... when the optional text is specified, other- # wise reply with a generic error response message. # -# DEFER_IF_PERMIT -# # DEFER_IF_PERMIT optional text... -# Defer the request if some later restriction would +# Defer the request if some later restriction would # result in a PERMIT action (there is an implied PER- -# MIT at the end of each restriction list). Reply -# with "450 optional text... when the optional text -# is specified, otherwise reply with a generic error +# MIT at the end of each restriction list). Reply +# with "450 optional text... when the optional text +# is specified, otherwise reply with a generic error # response message. # # OK Accept the address etc. that matches the pattern. # # all-numerical # An all-numerical result is treated as OK. This for- -# mat is generated by address-based relay authoriza- +# mat is generated by address-based relay authoriza- # tion schemes. # -# DUNNO Pretend that the lookup key was not found in this +# DUNNO Pretend that the lookup key was not found in this # table. This prevents Postfix from trying substrings -# of the lookup key (such as a subdomain name, or a +# of the lookup key (such as a subdomain name, or a # network address subnetwork). # -# HOLD -# # HOLD optional text... -# Place the message on the hold queue, where it will -# sit until someone either deletes it or releases it -# for delivery. Log the optional text if specified, +# Place the message on the hold queue, where it will +# sit until someone either deletes it or releases it +# for delivery. Log the optional text if specified, # otherwise log a generic message. # -# Mail that is placed on hold can be examined with -# the postcat(1) command, and can be destroyed or +# Mail that is placed on hold can be examined with +# the postcat(1) command, and can be destroyed or # released with the postsuper(1) command. # -# Note: this action currently affects all recipients +# Note: this action currently affects all recipients # of the message. # -# DISCARD -# # DISCARD optional text... -# Claim successful delivery and silently discard the -# message. Log the optional text if specified, oth- +# Claim successful delivery and silently discard the +# message. Log the optional text if specified, oth- # erwise log a generic message. # -# Note: this action currently affects all recipients +# Note: this action currently affects all recipients # of the message. # # FILTER transport:destination -# After the message is queued, send the entire mes- -# sage through a content filter. More information +# After the message is queued, send the entire mes- +# sage through a content filter. More information # about content filters is in the Postfix FIL- # TER_README file. # -# Note: this action overrides the main.cf con- +# Note: this action overrides the main.cf con- # tent_filter setting, and currently affects all # recipients of the message. # # REDIRECT user@domain -# After the message is queued, send the message to +# After the message is queued, send the message to # the specified address instead of the intended # recipient(s). # -# Note: this action overrides the FILTER action, and +# Note: this action overrides the FILTER action, and # currently affects all recipients of the message. # # restriction... @@ -205,46 +195,46 @@ # reject_unauth_destination, and so on). # # REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # the table is given in the form of regular expressions. For -# a description of regular expression lookup table syntax, +# a description of regular expression lookup table syntax, # see regexp_table(5) or pcre_table(5). # -# Each pattern is a regular expression that is applied to +# Each pattern is a regular expression that is applied to # the entire string being looked up. Depending on the appli- -# cation, that string is an entire client hostname, an +# cation, that string is an entire client hostname, an # entire client IP address, or an entire mail address. Thus, # no parent domain or parent network search is done, -# user@domain mail addresses are not broken up into their +# user@domain mail addresses are not broken up into their # user@ and domain constituent parts, nor is user+foo broken # up into user and foo. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Actions are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from +# Actions are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from # the pattern can be interpolated as $1, $2 and so on. # # TCP-BASED TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see +# tion of the TCP client/server lookup protocol, see # tcp_table(5). # -# Each lookup operation uses the entire query string once. -# Depending on the application, that string is an entire +# Each lookup operation uses the entire query string once. +# Depending on the application, that string is an entire # client hostname, an entire client IP address, or an entire -# mail address. Thus, no parent domain or parent network -# search is done, user@domain mail addresses are not broken -# up into their user@ and domain constituent parts, nor is +# mail address. Thus, no parent domain or parent network +# search is done, user@domain mail addresses are not broken +# up into their user@ and domain constituent parts, nor is # user+foo broken up into user and foo. # # Actions are the same as with indexed file lookups. # # BUGS -# The table format does not understand quoting conventions. +# The table format does not understand quoting conventions. # # SEE ALSO # postmap(1) create lookup table @@ -255,7 +245,7 @@ # tcp_table(5) TCP client/server table lookup protocol # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/conf/canonical b/postfix/conf/canonical index 1b5d58fbb..d24d5732d 100644 --- a/postfix/conf/canonical +++ b/postfix/conf/canonical @@ -50,97 +50,97 @@ # aliasing. Use the aliases(5) map for that purpose. # # TABLE FORMAT -# The format of the canonical table is as follows: +# The input format for the postmap(1) command is as follows: # # pattern result -# When pattern matches a mail address, replace it by +# When pattern matches a mail address, replace it by # the corresponding result. # # blank lines and comments -# Empty lines and whitespace-only lines are ignored, -# as are lines whose first non-whitespace character +# Empty lines and whitespace-only lines are ignored, +# as are lines whose first non-whitespace character # is a `#'. # # multi-line text -# A logical line starts with non-whitespace text. A -# line that starts with whitespace continues a logi- +# A logical line starts with non-whitespace text. A +# line that starts with whitespace continues a logi- # cal line. # # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, patterns are +# networked tables such as NIS, LDAP or SQL, patterns are # tried in the order as listed below: # # user@domain address -# user@domain is replaced by address. This form has +# user@domain is replaced by address. This form has # the highest precedence. # -# This is useful to clean up addresses produced by -# legacy mail systems. It can also be used to pro- -# duce Firstname.Lastname style addresses, but see +# This is useful to clean up addresses produced by +# legacy mail systems. It can also be used to pro- +# duce Firstname.Lastname style addresses, but see # below for a simpler solution. # # user address # user@site is replaced by address when site is equal -# to $myorigin, when site is listed in $mydestina- +# to $myorigin, when site is listed in $mydestina- # tion, or when it is listed in $inet_interfaces. # -# This form is useful for replacing login names by +# This form is useful for replacing login names by # Firstname.Lastname. # # @domain address -# Every address in domain is replaced by address. +# Every address in domain is replaced by address. # This form has the lowest precedence. # -# In all the above forms, when address has the form @other- +# In all the above forms, when address has the form @other- # domain, the result is the same user in otherdomain. # # ADDRESS EXTENSION # When a mail address localpart contains the optional recip- -# ient delimiter (e.g., user+foo@domain), the lookup order +# ient delimiter (e.g., user+foo@domain), the lookup order # becomes: user+foo@domain, user@domain, user+foo, user, and -# @domain. An unmatched address extension (+foo) is propa- +# @domain. An unmatched address extension (+foo) is propa- # gated to the result of table lookup. # # REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # the table is given in the form of regular expressions. For -# a description of regular expression lookup table syntax, +# a description of regular expression lookup table syntax, # see regexp_table(5) or pcre_table(5). # -# Each pattern is a regular expression that is applied to +# Each pattern is a regular expression that is applied to # the entire address being looked up. Thus, user@domain mail -# addresses are not broken up into their user and @domain +# addresses are not broken up into their user and @domain # constituent parts, nor is user+foo broken up into user and # foo. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Results are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from +# Results are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from # the pattern can be interpolated as $1, $2 and so on. # # TCP-BASED TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see +# tion of the TCP client/server lookup protocol, see # tcp_table(5). # # Each lookup operation uses the entire address once. Thus, -# user@domain mail addresses are not broken up into their +# user@domain mail addresses are not broken up into their # user and @domain constituent parts, nor is user+foo broken # up into user and foo. # # Results are the same as with indexed file lookups. # # BUGS -# The table format does not understand quoting conventions. +# The table format does not understand quoting conventions. # # CONFIGURATION PARAMETERS -# The following main.cf parameters are especially relevant -# to this topic. See the Postfix main.cf file for syntax -# details and for default values. Use the postfix reload +# The following main.cf parameters are especially relevant +# to this topic. See the Postfix main.cf file for syntax +# details and for default values. Use the postfix reload # command after a configuration change. # # canonical_maps @@ -157,25 +157,25 @@ # Other parameters of interest: # # inet_interfaces -# The network interface addresses that this system +# The network interface addresses that this system # receives mail on. You need to stop and start Post- # fix when this parameter changes. # # masquerade_classes -# List of address classes subject to masquerading: -# zero or more of envelope_sender, envelope_recipi- +# List of address classes subject to masquerading: +# zero or more of envelope_sender, envelope_recipi- # ent, header_sender, header_recipient. # # masquerade_domains -# List of domains that hide their subdomain struc- +# List of domains that hide their subdomain struc- # ture. # # masquerade_exceptions -# List of user names that are not subject to address +# List of user names that are not subject to address # masquerading. # # mydestination -# List of domains that this mail system considers +# List of domains that this mail system considers # local. # # myorigin @@ -194,7 +194,7 @@ # tcp_table(5) TCP client/server table lookup protocol # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index c139cee41..fd7a99836 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -1,5 +1,5 @@ # Global Postfix configuration file. This file lists only a subset -# of all 250+ parameters. See the sample-xxx.cf files for a full list. +# of all 300+ parameters. See the sample-xxx.cf files for a full list. # # The general format is lines with parameter = value pairs. Lines # that begin with whitespace continue the previous line. A value can @@ -327,8 +327,8 @@ unknown_local_recipient_reject_code = 450 # # A Postfix process will pause for $in_flow_delay seconds before # accepting a new message, when the message arrival rate exceeds the -# message delivery rate. With the default 50 SMTP server process -# limit, this limits the mail inflow to 50 messages a second more +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more # than the number of messages delivered per second. # # Specify 0 to disable the feature. Valid delays are 0..10. diff --git a/postfix/conf/pcre_table b/postfix/conf/pcre_table index b49af90a3..56f424411 100644 --- a/postfix/conf/pcre_table +++ b/postfix/conf/pcre_table @@ -43,103 +43,106 @@ # # if !/pattern/flags # -# endif Examine the lines between if..endif only if pattern -# matches (does not match). The if..endif can nest. -# Do not prepend whitespace to patterns inside +# endif Match the search string against the patterns +# between if and endif, if and only if the search +# string matches (does not match) pattern. The +# if..endif can nest. +# +# Note: do not prepend whitespace to patterns inside # if..endif. # # Each pattern is a perl-like regular expression. The -# expression delimiter can be any character, except whites- -# pace or characters that have special meaning (tradition- -# ally the forward slash is used). The regular expression +# expression delimiter can be any character, except whites- +# pace or characters that have special meaning (tradition- +# ally the forward slash is used). The regular expression # can contain whitespace. # # By default, matching is case-insensitive, and newlines are -# not treated as special characters. The behavior is con- -# trolled by flags, which are toggled by appending one or +# not treated as special characters. The behavior is con- +# trolled by flags, which are toggled by appending one or # more of the following characters after the pattern: # # i (default: on) -# Toggles the case sensitivity flag. By default, +# Toggles the case sensitivity flag. By default, # matching is case insensitive. # # m (default: off) -# Toggles the PCRE_MULTILINE flag. When this flag is -# on, the ^ and $ metacharacters match immediately -# after and immediately before a newline character, -# respectively, in addition to matching at the start +# Toggles the PCRE_MULTILINE flag. When this flag is +# on, the ^ and $ metacharacters match immediately +# after and immediately before a newline character, +# respectively, in addition to matching at the start # and end of the subject string. # # s (default: on) # Toggles the PCRE_DOTALL flag. When this flag is on, # the . metacharacter matches the newline character. -# With Postfix versions prior to 20020528, The flag +# With Postfix versions prior to 20020528, The flag # is off by default, which is inconvenient for multi- # line message header matching. # # x (default: off) -# Toggles the pcre extended flag. When this flag is -# on, whitespace in the pattern (other than in a +# Toggles the pcre extended flag. When this flag is +# on, whitespace in the pattern (other than in a # character class) and characters between a # outside -# a character class and the next newline character -# are ignored. An escaping backslash can be used to -# include a whitespace or # character as part of the +# a character class and the next newline character +# are ignored. An escaping backslash can be used to +# include a whitespace or # character as part of the # pattern. # # A (default: off) -# Toggles the PCRE_ANCHORED flag. When this flag is -# on, the pattern is forced to be "anchored", that +# Toggles the PCRE_ANCHORED flag. When this flag is +# on, the pattern is forced to be "anchored", that # is, it is constrained to match only at the start of -# the string which is being searched (the "subject -# string"). This effect can also be achieved by +# the string which is being searched (the "subject +# string"). This effect can also be achieved by # appropriate constructs in the pattern itself. # # E (default: off) -# Toggles the PCRE_DOLLAR_ENDONLY flag. When this -# flag is on, a $ metacharacter in the pattern -# matches only at the end of the subject string. -# Without this flag, a dollar also matches immedi- +# Toggles the PCRE_DOLLAR_ENDONLY flag. When this +# flag is on, a $ metacharacter in the pattern +# matches only at the end of the subject string. +# Without this flag, a dollar also matches immedi- # ately before the final character if it is a newline # character (but not before any other newline charac- -# ters). This flag is ignored if PCRE_MULTILINE flag +# ters). This flag is ignored if PCRE_MULTILINE flag # is set. # # U (default: off) # Toggles the ungreedy matching flag. When this flag -# is on, the pattern matching engine inverts the -# "greediness" of the quantifiers so that they are -# not greedy by default, but become greedy if fol- -# lowed by "?". This flag can also set by a (?U) +# is on, the pattern matching engine inverts the +# "greediness" of the quantifiers so that they are +# not greedy by default, but become greedy if fol- +# lowed by "?". This flag can also set by a (?U) # modifier within the pattern. # # X (default: off) # Toggles the PCRE_EXTRA flag. When this flag is on, -# any backslash in a pattern that is followed by a +# any backslash in a pattern that is followed by a # letter that has no special meaning causes an error, # thus reserving these combinations for future expan- # sion. # # SEARCH ORDER -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Each pattern is applied to the entire lookup key string. -# Depending on the application, that string is an entire +# Each pattern is applied to the entire lookup key string. +# Depending on the application, that string is an entire # client hostname, an entire client IP address, or an entire -# mail address. Thus, no parent domain or parent network -# search is done, and user@domain mail addresses are not -# broken up into their user and domain constituent parts, +# mail address. Thus, no parent domain or parent network +# search is done, and user@domain mail addresses are not +# broken up into their user and domain constituent parts, # nor is user+foo broken up into user and foo. # # TEXT SUBSTITUTION -# Substitution of substrings from the matched expression -# into the result string is possible using the conventional -# perl syntax ($1, $2, etc.). The macros in the result -# string may need to be written as ${n} or $(n) if they +# Substitution of substrings from the matched expression +# into the result string is possible using the conventional +# perl syntax ($1, $2, etc.). The macros in the result +# string may need to be written as ${n} or $(n) if they # aren't followed by whitespace. # -# Note: since negated patterns (those preceded by !) return +# Note: since negated patterns (those preceded by !) return # a result when the expression does not match, substitutions # are not available for negated patterns. # diff --git a/postfix/conf/regexp_table b/postfix/conf/regexp_table index e70a2e1eb..56b7ad7db 100644 --- a/postfix/conf/regexp_table +++ b/postfix/conf/regexp_table @@ -43,44 +43,47 @@ # # if !/pattern/flags # -# endif Examine the lines between if..endif only if pattern -# matches (does not match). The if..endif can nest. -# Do not prepend whitespace to patterns inside +# endif Match the search string against the patterns +# between if and endif, if and only if the search +# string matches (does not match) pattern. The +# if..endif can nest. +# +# Note: do not prepend whitespace to patterns inside # if..endif. # # Each pattern is a regular expression enclosed by a pair of # delimiters. The regular expression syntax is described in # re_format(7). The expression delimiter can be any charac- -# ter, except whitespace or characters that have special -# meaning (traditionally the forward slash is used). The +# ter, except whitespace or characters that have special +# meaning (traditionally the forward slash is used). The # regular expression can contain whitespace. # # By default, matching is case-insensitive, although follow- -# ing the second slash with an `i' flag will reverse this. -# Other flags are `x' (disable extended expression syntax), -# and `m' (enable multi-line mode, that is, treat newline +# ing the second slash with an `i' flag will reverse this. +# Other flags are `x' (disable extended expression syntax), +# and `m' (enable multi-line mode, that is, treat newline # characters as special). # # TABLE SEARCH ORDER -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Each pattern is applied to the entire lookup key string. -# Depending on the application, that string is an entire +# Each pattern is applied to the entire lookup key string. +# Depending on the application, that string is an entire # client hostname, an entire client IP address, or an entire -# mail address. Thus, no parent domain or parent network -# search is done, and user@domain mail addresses are not -# broken up into their user and domain constituent parts, +# mail address. Thus, no parent domain or parent network +# search is done, and user@domain mail addresses are not +# broken up into their user and domain constituent parts, # nor is user+foo broken up into user and foo. # # TEXT SUBSTITUTION -# Substitution of substrings from the matched expression +# Substitution of substrings from the matched expression # into the result string is possible using $1, $2, etc.. The # macros in the result string may need to be written as ${n} # or $(n) if they aren't followed by whitespace. # -# Note: since negated patterns (those preceded by !) return +# Note: since negated patterns (those preceded by !) return # a result when the expression does not match, substitutions # are not available for negated patterns. # diff --git a/postfix/conf/relocated b/postfix/conf/relocated index 24fe58497..ffb983a9b 100644 --- a/postfix/conf/relocated +++ b/postfix/conf/relocated @@ -32,28 +32,28 @@ # Table lookups are case insensitive. # # TABLE FORMAT -# The format of the table is as follows: +# The input format for the postmap(1) command is as follows: # # o An entry has one of the following form: -# key new_location -# Where new_location specifies contact information -# such as an email address, or perhaps a street +# pattern new_location +# Where new_location specifies contact information +# such as an email address, or perhaps a street # address or telephone number. # -# o Empty lines and whitespace-only lines are ignored, -# as are lines whose first non-whitespace character +# o Empty lines and whitespace-only lines are ignored, +# as are lines whose first non-whitespace character # is a `#'. # -# o A logical line starts with non-whitespace text. A -# line that starts with whitespace continues a logi- +# o A logical line starts with non-whitespace text. A +# line that starts with whitespace continues a logi- # cal line. # # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, the key field -# is one of the following: +# networked tables such as NIS, LDAP or SQL, patterns are +# tried in the order as listed below: # # user@domain -# Matches user@domain. This form has precedence over +# Matches user@domain. This form has precedence over # all other forms. # # user Matches user@site when site is $myorigin, when site @@ -61,57 +61,57 @@ # in $inet_interfaces. # # @domain -# Matches every address in domain. This form has the +# Matches every address in domain. This form has the # lowest precedence. # # ADDRESS EXTENSION # When a mail address localpart contains the optional recip- -# ient delimiter (e.g., user+foo@domain), the lookup order +# ient delimiter (e.g., user+foo@domain), the lookup order # becomes: user+foo@domain, user@domain, user+foo, user, and # @domain. # # REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when -# the table is given in the form of regular expressions or -# when lookups are directed to a TCP-based server. For a +# This section describes how the table lookups change when +# the table is given in the form of regular expressions or +# when lookups are directed to a TCP-based server. For a # description of regular expression lookup table syntax, see # regexp_table(5) or pcre_table(5). For a description of the # TCP client/server table lookup protocol, see tcp_table(5). # -# Each pattern is a regular expression that is applied to +# Each pattern is a regular expression that is applied to # the entire address being looked up. Thus, user@domain mail -# addresses are not broken up into their user and @domain +# addresses are not broken up into their user and @domain # constituent parts, nor is user+foo broken up into user and # foo. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Results are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from +# Results are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from # the pattern can be interpolated as $1, $2 and so on. # # TCP-BASED TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see +# tion of the TCP client/server lookup protocol, see # tcp_table(5). # # Each lookup operation uses the entire address once. Thus, -# user@domain mail addresses are not broken up into their +# user@domain mail addresses are not broken up into their # user and @domain constituent parts, nor is user+foo broken # up into user and foo. # # Results are the same as with indexed file lookups. # # BUGS -# The table format does not understand quoting conventions. +# The table format does not understand quoting conventions. # # CONFIGURATION PARAMETERS -# The following main.cf parameters are especially relevant -# to this topic. See the Postfix main.cf file for syntax -# details and for default values. Use the postfix reload +# The following main.cf parameters are especially relevant +# to this topic. See the Postfix main.cf file for syntax +# details and for default values. Use the postfix reload # command after a configuration change. # # relocated_maps @@ -120,12 +120,12 @@ # Other parameters of interest: # # inet_interfaces -# The network interface addresses that this system +# The network interface addresses that this system # receives mail on. You need to stop and start Post- # fix when this parameter changes. # # mydestination -# List of domains that this mail system considers +# List of domains that this mail system considers # local. # # myorigin @@ -138,7 +138,7 @@ # tcp_table(5) TCP client/server table lookup protocol # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/conf/sample-filter.cf b/postfix/conf/sample-filter.cf index 8c2182d98..6424d8732 100644 --- a/postfix/conf/sample-filter.cf +++ b/postfix/conf/sample-filter.cf @@ -18,10 +18,11 @@ # REJECT [optional text...] # Reject the entire message. The optional text is sent to the # originator and is logged to the maillog file. +# OK Skip all further header patterns for this header line. # IGNORE Silently discard the header line. # WARN [optional text...] # Log the message header and the optional text. This is useful -# for testing. When the pattern is OK, change the WARN into a +# for testing. When the pattern is good, change the WARN into a # REJECT or into a DISCARD. # HOLD [optional text...] # Place the message on the hold queue. Mail on hold can be @@ -65,10 +66,11 @@ header_checks = regexp:/etc/postfix/header_checks # REJECT [optional text...] # Reject the entire message. The optional text is sent to the # originator and is logged to the maillog file. +# OK Skip all further header patterns for this header line. # IGNORE Silently discard the body line # WARN [optional text...] # Log the body line and the optional text. This is useful -# for testing. When the pattern is OK, change the WARN into a +# for testing. When the pattern is good, change the WARN into a # REJECT or into a DISCARD. # HOLD [optional text...] # Place the message on the hold queue. Mail on hold can be @@ -105,11 +107,23 @@ mime_header_checks = $header_checks # When a pattern matches, what happens next depends on the associated # action that is specified in the right-hand side of the table: # -# REJECT the entire message is rejected. -# REJECT text.... The text is sent to the originator. -# IGNORE the header line is silently discarded. -# WARN the header is logged (not rejected) with a warning message. -# WARN text... as above, and the text is logged, too. +# REJECT [optional text...] +# Reject the entire message. The optional text is sent to the +# originator and is logged to the maillog file. +# OK Skip all further header patterns for this header line. +# IGNORE Silently discard the body line +# WARN [optional text...] +# Log the body line and the optional text. This is useful +# for testing. When the pattern is good, change the WARN into a +# REJECT or into a DISCARD. +# HOLD [optional text...] +# Place the message on the hold queue. Mail on hold can be +# inspected with the postcat command, and can be destroyed or +# taken off hold (i.e. delivered) with the postsuper command. +# The matched body line is logged with the optional text. +# DISCARD [optional text...] +# Claim successful delivery and silently discard the message. +# The matched body line is logged with the optional text. # FILTER transport:nexthop # after the message is queued, the message is sent through # a content filter. This requires different cleanup servers @@ -117,6 +131,9 @@ mime_header_checks = $header_checks # off in the second cleanup server. More info about content # filtering is in the Postfix FILTER_README file. This feature # overrides the main.cf content_filter setting. +# REDIRECT user@domain +# Send the message to the specified address instead of the +# intended recipient(s). This feature overrides the FILTER action. # # By default, the same patterns are applied as for header_checks. # diff --git a/postfix/conf/sample-pcre-access.cf b/postfix/conf/sample-pcre-access.cf index 03aa27a8c..83df35673 100644 --- a/postfix/conf/sample-pcre-access.cf +++ b/postfix/conf/sample-pcre-access.cf @@ -9,6 +9,9 @@ # the forward slash is used). The regular expression can contain # whitespace. # +# When the regular expression is prefixed by `!', the pattern +# succeeds when it does not match. +# # By default, matching is case-INsensitive, although following # the second slash with an 'i' will reverse this. Other flags are # supported, but the only other useful one is 'U', which makes @@ -18,7 +21,7 @@ # A block of table entries may be "enclosed" by a line with # `if /pattern/flags' and a line with `endif'. This causes # the block of table entries to be examined only when the -# pattern produces a successful match. The `if..endif' may +# search string matches the pattern. The `if..endif' may # be nested. There currently is no `else' operator. # # The second field is the "replacement" string - the text diff --git a/postfix/conf/sample-pcre-body.cf b/postfix/conf/sample-pcre-body.cf index 0ece30ca0..7b0c6ec31 100644 --- a/postfix/conf/sample-pcre-body.cf +++ b/postfix/conf/sample-pcre-body.cf @@ -11,6 +11,9 @@ # the forward slash is used). The regular expression can contain # whitespace. # +# When the regular expression is prefixed by `!', the pattern +# succeeds when it does not match. +# # By default, matching is case-INsensitive, although following # the second slash with an 'i' will reverse this. Other flags are # supported, but the only other useful one is 'U', which makes @@ -20,7 +23,7 @@ # A block of table entries may be "enclosed" by a line with # `if /pattern/flags' and a line with `endif'. This causes # the block of table entries to be examined only when the -# pattern produces a successful match. The `if..endif' may +# search string matches the pattern. The `if..endif' may # be nested. There currently is no `else' operator. # # The second field is the "replacement" string - the text @@ -29,10 +32,11 @@ # REJECT [optional text...] # Reject the entire message. The optional text is sent to # the originator and is logged to the maillog file. +# OK Skip all further body patterns for this body line. # IGNORE Silently discard the body line. # WARN [optional text...] # Log the body line and the optional text. This is -# useful for testing. When the pattern is OK, change the +# useful for testing. When the pattern is good, change the # WARN into a REJECT or into a DISCARD. # HOLD [optional text...] # Place the message on the hold queue. Mail on hold can diff --git a/postfix/conf/sample-pcre-header.cf b/postfix/conf/sample-pcre-header.cf index 58fde1226..2a187de1c 100644 --- a/postfix/conf/sample-pcre-header.cf +++ b/postfix/conf/sample-pcre-header.cf @@ -12,6 +12,9 @@ # the forward slash is used). The regular expression can contain # whitespace. # +# When the regular expression is prefixed by `!', the pattern +# succeeds when it does not match. +# # By default, matching is case-INsensitive, although following # the second slash with an 'i' will reverse this. Other flags are # supported, but the only other useful one is 'U', which makes @@ -21,7 +24,7 @@ # A block of table entries may be "enclosed" by a line with # `if /pattern/flags' and a line with `endif'. This causes # the block of table entries to be examined only when the -# pattern produces a successful match. The `if..endif' may +# search string matches the pattern. The `if..endif' may # be nested. There currently is no `else' operator. # # The second field is the "replacement" string - the text @@ -30,10 +33,11 @@ # REJECT [optional text...] # Reject the entire message. The optional text is sent to # the originator and is logged to the maillog file. +# OK Skip all further header patterns for this header line. # IGNORE Silently ignore the message header. # WARN [optional text...] # Log the message header and the optional text. This is -# useful for testing. When the pattern is OK, change the +# useful for testing. When the pattern is good, change the # WARN into a REJECT or into a DISCARD. # HOLD [optional text...] # Place the message on the hold queue. Mail on hold can diff --git a/postfix/conf/sample-regexp-access.cf b/postfix/conf/sample-regexp-access.cf index 10df2529d..f2721930d 100644 --- a/postfix/conf/sample-regexp-access.cf +++ b/postfix/conf/sample-regexp-access.cf @@ -15,8 +15,8 @@ # # A block of table entries may be "enclosed" by a line with `if # /pattern/flags' or `if !/pattern/flags' and a line with `endif'. -# This causes the block of table entries to be examined only when -# the pattern produces a successful (non)match. The `if..endif' may +# This causes the block of table entries to be examined only when the +# search string produces a successful (non)match. The `if..endif' may # be nested. There currently is no `else' operator. # # The syntax of access table results is described in the Postfix diff --git a/postfix/conf/sample-regexp-body.cf b/postfix/conf/sample-regexp-body.cf index 89357f397..b8a438c55 100644 --- a/postfix/conf/sample-regexp-body.cf +++ b/postfix/conf/sample-regexp-body.cf @@ -18,15 +18,16 @@ # # A block of table entries may be "enclosed" by a line with `if # /pattern/flags' or `if !/pattern/flags' and a line with `endif'. -# This causes the block of table entries to be examined only when -# the pattern produces a successful (non)match. The `if..endif' may +# This causes the block of table entries to be examined only when the +# search string produces a successful (non)match. The `if..endif' may # be nested. There currently is no `else' operator. # # The result is one of the following: # REJECT [optional text...] # Reject the entire message. The optional text is sent to the # originator and is logged to the maillog file. -# IGNORE Silently ignore the body line. +# OK Skip all further body patterns for this body line. +# IGNORE Silently discard the body line. # WARN [optional text...] # Log the body line and the optional text. This is useful # for testing. When the pattern is OK, change the WARN into a diff --git a/postfix/conf/sample-regexp-header.cf b/postfix/conf/sample-regexp-header.cf index 10e529009..3c49952ba 100644 --- a/postfix/conf/sample-regexp-header.cf +++ b/postfix/conf/sample-regexp-header.cf @@ -18,18 +18,19 @@ # # A block of table entries may be "enclosed" by a line with `if # /pattern/flags' or `if !/pattern/flags' and a line with `endif'. -# This causes the block of table entries to be examined only when -# the pattern produces a successful (non)match. The `if..endif' may +# This causes the block of table entries to be examined only when the +# search string produces a successful (non)match. The `if..endif' may # be nested. There currently is no `else' operator. # # The result is one of the following: # REJECT [optional text...] # Reject the entire message. The optional text is sent to the # originator and is logged to the maillog file. +# OK Skip all further header patterns for this header line. # IGNORE Silently discard the message header. # WARN [optional text...] # Log the message header and the optional text. This is useful -# for testing. When the pattern is OK, change the WARN into a +# for testing. When the pattern is good, change the WARN into a # REJECT or into a DISCARD. # HOLD [optional text...] # Place the message on the hold queue. Mail on hold can be diff --git a/postfix/conf/sample-resource.cf b/postfix/conf/sample-resource.cf index 54c63394a..03b14fd75 100644 --- a/postfix/conf/sample-resource.cf +++ b/postfix/conf/sample-resource.cf @@ -100,7 +100,7 @@ message_size_limit = 10240000 # The qmgr_message_active_limit parameter limits the number of # messages in the active queue. # -qmgr_message_active_limit = 10000 +qmgr_message_active_limit = 20000 # The qmgr_message_recipient_limit parameter limits the number of # in-memory recipients. This limit is used before any of the message @@ -110,7 +110,7 @@ qmgr_message_active_limit = 10000 # This parameter also limits the size of the short-term, in-memory # destination status cache. # -qmgr_message_recipient_limit = 10000 +qmgr_message_recipient_limit = 20000 # (nqmgr only) # The default_recipient_limit parameter is the default value for diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf index b2d5168ad..bb45d9587 100644 --- a/postfix/conf/sample-smtpd.cf +++ b/postfix/conf/sample-smtpd.cf @@ -137,9 +137,7 @@ smtpd_banner = $myhostname ESMTP $mail_name # check_client_access maptype:mapname # look up client name, parent domains, client address, # or networks obtained by stripping octets. -# Skip this lookup table if the result is DUNNO. -# Reject the ETRN command if the result is REJECT text... or "[45]xx text" -# Permit the ETRN command if the result is OK or all numerical. +# see access(5) for possible lookup results. # reject_rbl_client domain.tld: reject if the reverse client network # address is listed in an A record under domain.tld. # Append e.g., "=127.0.0.2" to the RBL domain name to select a specific diff --git a/postfix/conf/transport b/postfix/conf/transport index 118665f14..d5f240fdb 100644 --- a/postfix/conf/transport +++ b/postfix/conf/transport @@ -54,35 +54,35 @@ # and "TCP-BASED TABLES". # # TABLE FORMAT -# The format of the transport table is as follows: +# The input format for the postmap(1) command is as follows: # # pattern result # When pattern matches the recipient address or # domain, use the corresponding result. # # blank lines and comments -# Empty lines and whitespace-only lines are ignored, -# as are lines whose first non-whitespace character +# Empty lines and whitespace-only lines are ignored, +# as are lines whose first non-whitespace character # is a `#'. # # multi-line text -# A logical line starts with non-whitespace text. A -# line that starts with whitespace continues a logi- +# A logical line starts with non-whitespace text. A +# line that starts with whitespace continues a logi- # cal line. # -# The pattern specifies an email address, a domain name, or -# a domain name hierarchy, as described in section "TABLE +# The pattern specifies an email address, a domain name, or +# a domain name hierarchy, as described in section "TABLE # LOOKUP". # -# The result is of the form transport:nexthop. The trans- -# port field specifies a mail delivery transport such as -# smtp or local. The nexthop field specifies where and how +# The result is of the form transport:nexthop. The trans- +# port field specifies a mail delivery transport such as +# smtp or local. The nexthop field specifies where and how # to deliver mail. More details are given in section "RESULT # FORMAT". # # TABLE LOOKUP # With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, patterns are +# networked tables such as NIS, LDAP or SQL, patterns are # tried in the order as listed below: # # user+extension@domain transport:nexthop @@ -94,148 +94,148 @@ # to nexthop. # # domain transport:nexthop -# Mail for domain is delivered through transport to +# Mail for domain is delivered through transport to # nexthop. # # .domain transport:nexthop -# Mail for any subdomain of domain is delivered -# through transport to nexthop. This applies only +# Mail for any subdomain of domain is delivered +# through transport to nexthop. This applies only # when the string transport_maps is not listed in the # parent_domain_matches_subdomains configuration set- -# ting. Otherwise, a domain name matches itself and +# ting. Otherwise, a domain name matches itself and # its subdomains. # # Note 1: the special pattern * represents any address (i.e. # it functions as the wild-card pattern). # -# Note 2: the null recipient address is looked up as +# Note 2: the null recipient address is looked up as # $empty_address_recipient@$myhostname (default: mailer-dae- # mon@hostname). # # RESULT FORMAT -# The transport field specifies the name of a mail delivery +# The transport field specifies the name of a mail delivery # transport (the first name of a mail delivery service entry # in the Postfix master.cf file). # -# The interpretation of the nexthop field is transport +# The interpretation of the nexthop field is transport # dependent. In the case of SMTP, specify host:service for a -# non-default server port, and use [host] or [host]:port in -# order to disable MX (mail exchanger) DNS lookups. The [] +# non-default server port, and use [host] or [host]:port in +# order to disable MX (mail exchanger) DNS lookups. The [] # form is required when you specify an IP address instead of # a hostname. # -# A null transport and null nexthop result means "do not -# change": use the delivery transport and nexthop informa- -# tion that would be used when the entire transport table +# A null transport and null nexthop result means "do not +# change": use the delivery transport and nexthop informa- +# tion that would be used when the entire transport table # did not exist. # -# A non-null transport field with a null nexthop field +# A non-null transport field with a null nexthop field # resets the nexthop information to the recipient domain. # -# A null transport field with non-null nexthop field does +# A null transport field with non-null nexthop field does # not modify the transport information. # # EXAMPLES -# In order to deliver internal mail directly, while using a -# mail relay for all other mail, specify a null entry for -# internal destinations (do not change the delivery trans- -# port or the nexthop information) and specify a wildcard +# In order to deliver internal mail directly, while using a +# mail relay for all other mail, specify a null entry for +# internal destinations (do not change the delivery trans- +# port or the nexthop information) and specify a wildcard # for all other destinations. # # my.domain : # .my.domain : # * smtp:outbound-relay.my.domain # -# In order to send mail for foo.org and its subdomains via +# In order to send mail for foo.org and its subdomains via # the uucp transport to the UUCP host named foo: # # foo.org uucp:foo # .foo.org uucp:foo # -# When no nexthop host name is specified, the destination -# domain name is used instead. For example, the following -# directs mail for user@foo.org via the slow transport to a -# mail exchanger for foo.org. The slow transport could be -# something that runs at most one delivery process at a +# When no nexthop host name is specified, the destination +# domain name is used instead. For example, the following +# directs mail for user@foo.org via the slow transport to a +# mail exchanger for foo.org. The slow transport could be +# something that runs at most one delivery process at a # time: # # foo.org slow: # # When no transport is specified, Postfix uses the transport # that matches the address domain class (see TRANSPORT FIELD -# discussion above). The following sends all mail for +# discussion above). The following sends all mail for # foo.org and its subdomains to host gateway.foo.org: # # foo.org :[gateway.foo.org] # .foo.org :[gateway.foo.org] # -# In the above example, the [] are used to suppress MX -# lookups. The result would likely point to your local +# In the above example, the [] are used to suppress MX +# lookups. The result would likely point to your local # machine. # -# In the case of delivery via SMTP, one may specify host- +# In the case of delivery via SMTP, one may specify host- # name:service instead of just a host: # # foo.org smtp:bar.org:2025 # -# This directs mail for user@foo.org to host bar.org port -# 2025. Instead of a numerical port a symbolic name may be -# used. Specify [] around the hostname in order to disable +# This directs mail for user@foo.org to host bar.org port +# 2025. Instead of a numerical port a symbolic name may be +# used. Specify [] around the hostname in order to disable # MX lookups. # # The error mailer can be used to bounce mail: # -# .foo.org error:mail for *.foo.org is not deliv- +# .foo.org error:mail for *.foo.org is not deliv- # erable # -# This causes all mail for user@anything.foo.org to be +# This causes all mail for user@anything.foo.org to be # bounced. # # REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # the table is given in the form of regular expressions. For -# a description of regular expression lookup table syntax, +# a description of regular expression lookup table syntax, # see regexp_table(5) or pcre_table(5). # -# Each pattern is a regular expression that is applied to -# the entire address being looked up. Thus, -# some.domain.hierarchy is not looked up up via its parent -# domains, nor is user+foo@domain looked up as user@domain. +# Each pattern is a regular expression that is applied to +# the entire address being looked up. Thus, +# some.domain.hierarchy is not looked up up via its parent +# domains, nor is user+foo@domain looked up as user@domain. # -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search +# Patterns are applied in the order as specified in the +# table, until a pattern is found that matches the search # string. # -# Results are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from +# Results are the same as with indexed file lookups, with +# the additional feature that parenthesized substrings from # the pattern can be interpolated as $1, $2 and so on. # # TCP-BASED TABLES -# This section describes how the table lookups change when +# This section describes how the table lookups change when # lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see +# tion of the TCP client/server lookup protocol, see # tcp_table(5). # -# Each lookup operation uses the entire recipient address -# once. Thus, some.domain.hierarchy is not looked up via -# its parent domains, nor is user+foo@domain looked up as +# Each lookup operation uses the entire recipient address +# once. Thus, some.domain.hierarchy is not looked up via +# its parent domains, nor is user+foo@domain looked up as # user@domain. # # Results are the same as with indexed file lookups. # # CONFIGURATION PARAMETERS -# The following main.cf parameters are especially relevant -# to this topic. See the Postfix main.cf file for syntax -# details and for default values. Use the postfix reload +# The following main.cf parameters are especially relevant +# to this topic. See the Postfix main.cf file for syntax +# details and for default values. Use the postfix reload # command after a configuration change. # # empty_address_recipient -# The address that is looked up instead of the null +# The address that is looked up instead of the null # sender address. # # parent_domain_matches_subdomains -# List of Postfix features that use domain.tld pat- -# terns to match sub.domain.tld (as opposed to +# List of Postfix features that use domain.tld pat- +# terns to match sub.domain.tld (as opposed to # requiring .domain.tld patterns). # # transport_maps @@ -249,7 +249,7 @@ # tcp_table(5) TCP client/server table lookup protocol # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/conf/virtual b/postfix/conf/virtual index a65ddbd62..17493baa3 100644 --- a/postfix/conf/virtual +++ b/postfix/conf/virtual @@ -55,8 +55,7 @@ # and "TCP-BASED TABLES". # # TABLE FORMAT -# The format of the virtual table is as follows, mappings -# being tried in the order as listed in this manual page: +# The input format for the postmap(1) command is as follows: # # pattern result # When pattern matches a mail address, replace it by diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 2c290f818..fa66e44ea 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -36,59 +36,59 @@ ACCESS(5) ACCESS(5) and "TCP-BASED TABLES". TABLE FORMAT - The format of the access table is as follows: + The input format for the postmap(1) command is as follows: pattern action When pattern matches a mail address, domain or host address, perform the corresponding action. blank lines and comments - Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. multi-line text - A logical line starts with non-whitespace text. A - line that starts with whitespace continues a logi- + A logical line starts with non-whitespace text. A + line that starts with whitespace continues a logi- cal line. EMAIL ADDRESS PATTERNS With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, the following - lookup patterns are examined in the order as listed: + networked tables such as NIS, LDAP or SQL, patterns are + tried in the order as listed below: user@domain Matches the specified mail address. domain.tld - Matches domain.tld as the domain part of an email + Matches domain.tld as the domain part of an email address. The pattern domain.tld also matches subdomains, but only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- + the Postfix parent_domain_matches_subdomains con- figuration setting. Otherwise, specify .domain.tld - (note the initial dot) in order to match subdo- + (note the initial dot) in order to match subdo- mains. - user@ Matches all mail addresses with the specified user + user@ Matches all mail addresses with the specified user part. - Note: lookup of the null sender address is not possible - with some types of lookup table. By default, Postfix uses - <> as the lookup key for such addresses. The value is - specified with the smtpd_null_access_lookup_key parameter + Note: lookup of the null sender address is not possible + with some types of lookup table. By default, Postfix uses + <> as the lookup key for such addresses. The value is + specified with the smtpd_null_access_lookup_key parameter in the Postfix main.cf file. EMAIL ADDRESS EXTENSION When a mail address localpart contains the optional recip- - ient delimiter (e.g., user+foo@domain), the lookup order - becomes: user+foo@domain, user@domain, domain, user+foo@, + ient delimiter (e.g., user+foo@domain), the lookup order + becomes: user+foo@domain, user@domain, domain, user+foo@, and user@. HOST NAME/ADDRESS PATTERNS With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, the following + networked tables such as NIS, LDAP or SQL, the following lookup patterns are examined in the order as listed: domain.tld @@ -96,9 +96,9 @@ ACCESS(5) ACCESS(5) The pattern domain.tld also matches subdomains, but only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- + the Postfix parent_domain_matches_subdomains con- figuration setting. Otherwise, specify .domain.tld - (note the initial dot) in order to match subdo- + (note the initial dot) in order to match subdo- mains. net.work.addr.ess @@ -107,98 +107,88 @@ ACCESS(5) ACCESS(5) net.work - net Matches any host address in the specified network. - A network address is a sequence of one or more + net Matches any host address in the specified network. + A network address is a sequence of one or more octets separated by ".". - NOTE: use the cidr lookup table type to specify + NOTE: use the cidr lookup table type to specify network/netmask patterns. See cidr_table(5) for details. ACTIONS [45]NN text - Reject the address etc. that matches the pattern, + Reject the address etc. that matches the pattern, and respond with the numerical code and text. - REJECT - REJECT optional text... - Reject the address etc. that matches the pattern. - Reply with $reject_code optional text... when the - optional text is specified, otherwise reply with a + Reject the address etc. that matches the pattern. + Reply with $reject_code optional text... when the + optional text is specified, otherwise reply with a generic error response message. - DEFER_IF_REJECT - DEFER_IF_REJECT optional text... - Defer the request if some later restriction would + Defer the request if some later restriction would result in a REJECT action. Reply with "450 optional text... when the optional text is specified, other- wise reply with a generic error response message. - DEFER_IF_PERMIT - DEFER_IF_PERMIT optional text... - Defer the request if some later restriction would + Defer the request if some later restriction would result in a PERMIT action (there is an implied PER- - MIT at the end of each restriction list). Reply - with "450 optional text... when the optional text - is specified, otherwise reply with a generic error + MIT at the end of each restriction list). Reply + with "450 optional text... when the optional text + is specified, otherwise reply with a generic error response message. OK Accept the address etc. that matches the pattern. all-numerical An all-numerical result is treated as OK. This for- - mat is generated by address-based relay authoriza- + mat is generated by address-based relay authoriza- tion schemes. - DUNNO Pretend that the lookup key was not found in this + DUNNO Pretend that the lookup key was not found in this table. This prevents Postfix from trying substrings - of the lookup key (such as a subdomain name, or a + of the lookup key (such as a subdomain name, or a network address subnetwork). - HOLD - HOLD optional text... - Place the message on the hold queue, where it will - sit until someone either deletes it or releases it - for delivery. Log the optional text if specified, + Place the message on the hold queue, where it will + sit until someone either deletes it or releases it + for delivery. Log the optional text if specified, otherwise log a generic message. - Mail that is placed on hold can be examined with - the postcat(1) command, and can be destroyed or + Mail that is placed on hold can be examined with + the postcat(1) command, and can be destroyed or released with the postsuper(1) command. - Note: this action currently affects all recipients + Note: this action currently affects all recipients of the message. - DISCARD - DISCARD optional text... - Claim successful delivery and silently discard the - message. Log the optional text if specified, oth- + Claim successful delivery and silently discard the + message. Log the optional text if specified, oth- erwise log a generic message. - Note: this action currently affects all recipients + Note: this action currently affects all recipients of the message. FILTER transport:destination - After the message is queued, send the entire mes- - sage through a content filter. More information + After the message is queued, send the entire mes- + sage through a content filter. More information about content filters is in the Postfix FIL- TER_README file. - Note: this action overrides the main.cf con- + Note: this action overrides the main.cf con- tent_filter setting, and currently affects all recipients of the message. REDIRECT user@domain - After the message is queued, send the message to + After the message is queued, send the message to the specified address instead of the intended recipient(s). - Note: this action overrides the FILTER action, and + Note: this action overrides the FILTER action, and currently affects all recipients of the message. restriction... @@ -206,46 +196,46 @@ ACCESS(5) ACCESS(5) reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, + a description of regular expression lookup table syntax, see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire string being looked up. Depending on the appli- - cation, that string is an entire client hostname, an + cation, that string is an entire client hostname, an entire client IP address, or an entire mail address. Thus, no parent domain or parent network search is done, - user@domain mail addresses are not broken up into their + user@domain mail addresses are not broken up into their user@ and domain constituent parts, nor is user+foo broken up into user and foo. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Actions are the same as with indexed file lookups, with - the additional feature that parenthesized substrings from + Actions are the same as with indexed file lookups, with + the additional feature that parenthesized substrings from the pattern can be interpolated as $1, $2 and so on. TCP-BASED TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- - tion of the TCP client/server lookup protocol, see + tion of the TCP client/server lookup protocol, see tcp_table(5). - Each lookup operation uses the entire query string once. - Depending on the application, that string is an entire + Each lookup operation uses the entire query string once. + Depending on the application, that string is an entire client hostname, an entire client IP address, or an entire - mail address. Thus, no parent domain or parent network - search is done, user@domain mail addresses are not broken - up into their user@ and domain constituent parts, nor is + mail address. Thus, no parent domain or parent network + search is done, user@domain mail addresses are not broken + up into their user@ and domain constituent parts, nor is user+foo broken up into user and foo. Actions are the same as with indexed file lookups. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. SEE ALSO postmap(1) create lookup table @@ -256,7 +246,7 @@ ACCESS(5) ACCESS(5) tcp_table(5) TCP client/server table lookup protocol LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/canonical.5.html b/postfix/html/canonical.5.html index b37810ef9..a09bf0683 100644 --- a/postfix/html/canonical.5.html +++ b/postfix/html/canonical.5.html @@ -51,138 +51,138 @@ CANONICAL(5) CANONICAL(5) aliasing. Use the aliases(5) map for that purpose. TABLE FORMAT - The format of the canonical table is as follows: + The input format for the postmap(1) command is as follows: pattern result - When pattern matches a mail address, replace it by + When pattern matches a mail address, replace it by the corresponding result. blank lines and comments - Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. multi-line text - A logical line starts with non-whitespace text. A - line that starts with whitespace continues a logi- + A logical line starts with non-whitespace text. A + line that starts with whitespace continues a logi- cal line. With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user@domain address - user@domain is replaced by address. This form has + user@domain is replaced by address. This form has the highest precedence. - This is useful to clean up addresses produced by - legacy mail systems. It can also be used to pro- - duce Firstname.Lastname style addresses, but see + This is useful to clean up addresses produced by + legacy mail systems. It can also be used to pro- + duce Firstname.Lastname style addresses, but see below for a simpler solution. user address user@site is replaced by address when site is equal - to $myorigin, when site is listed in $mydestina- - tion, or when it is listed in $inet_interfaces. + to $myorigin, when site is listed in $mydestina- + tion, or when it is listed in $inet_interfaces. - This form is useful for replacing login names by + This form is useful for replacing login names by Firstname.Lastname. @domain address - Every address in domain is replaced by address. + Every address in domain is replaced by address. This form has the lowest precedence. - In all the above forms, when address has the form @other- + In all the above forms, when address has the form @other- domain, the result is the same user in otherdomain. ADDRESS EXTENSION When a mail address localpart contains the optional recip- - ient delimiter (e.g., user+foo@domain), the lookup order + ient delimiter (e.g., user+foo@domain), the lookup order becomes: user+foo@domain, user@domain, user+foo, user, and - @domain. An unmatched address extension (+foo) is propa- + @domain. An unmatched address extension (+foo) is propa- gated to the result of table lookup. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, - see regexp_table(5) or pcre_table(5). + a description of regular expression lookup table syntax, + see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire address being looked up. Thus, user@domain mail - addresses are not broken up into their user and @domain + addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Results are the same as with indexed file lookups, with - the additional feature that parenthesized substrings from + Results are the same as with indexed file lookups, with + the additional feature that parenthesized substrings from the pattern can be interpolated as $1, $2 and so on. TCP-BASED TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- - tion of the TCP client/server lookup protocol, see - tcp_table(5). + tion of the TCP client/server lookup protocol, see + tcp_table(5). Each lookup operation uses the entire address once. Thus, - user@domain mail addresses are not broken up into their + user@domain mail addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. Results are the same as with indexed file lookups. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this topic. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this topic. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. - canonical_maps + canonical_maps List of canonical mapping tables. - recipient_canonical_maps + recipient_canonical_maps Address mapping lookup table for envelope and header recipient addresses. - sender_canonical_maps + sender_canonical_maps Address mapping lookup table for envelope and header sender addresses. Other parameters of interest: - inet_interfaces - The network interface addresses that this system + inet_interfaces + The network interface addresses that this system receives mail on. You need to stop and start Post- fix when this parameter changes. - masquerade_classes - List of address classes subject to masquerading: - zero or more of envelope_sender, envelope_recipi- - ent, header_sender, header_recipient. + masquerade_classes + List of address classes subject to masquerading: + zero or more of envelope_sender, envelope_recipi- + ent, header_sender, header_recipient. - masquerade_domains - List of domains that hide their subdomain struc- + masquerade_domains + List of domains that hide their subdomain struc- ture. - masquerade_exceptions - List of user names that are not subject to address + masquerade_exceptions + List of user names that are not subject to address masquerading. mydestination - List of domains that this mail system considers + List of domains that this mail system considers local. myorigin The domain that is appended to locally-posted mail. - owner_request_special + owner_request_special Give special treatment to owner-xxx and xxx-request addresses. @@ -195,7 +195,7 @@ CANONICAL(5) CANONICAL(5) tcp_table(5) TCP client/server table lookup protocol LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html index ca73d0c6f..10ec2edd7 100644 --- a/postfix/html/cleanup.8.html +++ b/postfix/html/cleanup.8.html @@ -38,8 +38,8 @@ CLEANUP(8) CLEANUP(8) o Optionally, masquerade envelope sender addresses and message header addresses (i.e. strip host or domain information below all domains listed in the - masquerade_domains parameter, except for user names - listed in masquerade_exceptions). By default, + masquerade_domains parameter, except for user names + listed in masquerade_exceptions). By default, address masquerading does not affect envelope recipients. @@ -72,20 +72,20 @@ CLEANUP(8) CLEANUP(8) command after a configuration change. Content filtering - body_checks + body_checks Lookup tables with content filters for message body lines. These filters see physical lines one at a time, in chunks of at most line_length_limit bytes. - body_checks_size_limit + body_checks_size_limit The amount of content per message body segment that - is subjected to $body_checks filtering. + is subjected to $body_checks filtering. - header_checks + header_checks - mime_header_checks (default: $header_checks) + mime_header_checks (default: $header_checks) - nested_header_checks (default: $header_checks) + nested_header_checks (default: $header_checks) Lookup tables with content filters for message header lines: respectively, these are applied to the primary message headers (not including MIME @@ -95,33 +95,33 @@ CLEANUP(8) CLEANUP(8) time, including headers that span multiple lines. MIME Processing - disable_mime_input_processing + disable_mime_input_processing While receiving, give no special treatment to Con- tent-Type: message headers; all text after the ini- tial message headers is considered to be part of the message body. - mime_boundary_length_limit + mime_boundary_length_limit The amount of space that will be allocated for MIME multipart boundary strings. The MIME processor is unable to distinguish between boundary strings that - do not differ in the first $mime_bound- - ary_length_limit characters. + do not differ in the first $mime_bound- + ary_length_limit characters. - mime_nesting_limit + mime_nesting_limit The maximal nesting level of multipart mail that the MIME processor can handle. Refuse mail that is nested deeper. - strict_8bitmime - Turn on both strict_7bit_headers and strict_8bit- - mime_body. + strict_8bitmime + Turn on both strict_7bit_headers and strict_8bit- + mime_body. - strict_7bit_headers + strict_7bit_headers Reject mail with 8-bit text in message headers. This blocks mail from poorly written applications. - strict_8bitmime_body + strict_8bitmime_body Reject mail with 8-bit text in content that claims to be 7-bit, or in content that has no explicit content encoding information. This blocks mail @@ -133,27 +133,27 @@ CLEANUP(8) CLEANUP(8) ple, bounces from qmail or from old versions of Postfix). - strict_mime_domain_encoding + strict_mime_domain_encoding Reject mail with invalid Content-Transfer-Encoding: information for message/* or multipart/*. This blocks mail from poorly written software. Miscellaneous - always_bcc + always_bcc Address to send a copy of each message that enters the system. - sender_bcc_maps + sender_bcc_maps Automatic BCC recipient lookup table, indexed by sender address. The BCC address is added when the message enters the system. - recipient_bcc_maps + recipient_bcc_maps Automatic BCC recipient lookup table, indexed by recipient address. The BCC address is added when the message enters the system. - enable_original_recipient + enable_original_recipient Enable support for the X-Original-To: message header, which is needed for multi-recipient mail- boxes. When this is enabled, Postfix performs @@ -161,73 +161,73 @@ CLEANUP(8) CLEANUP(8) rewritten recipient) pairs, instead of looking at the rewritten recipient only. - hopcount_limit + hopcount_limit Limit the number of Received: message headers. - undisclosed_recipients_header + undisclosed_recipients_header The header line that is inserted when no recipients were specified in (Resent-)To: or (Resent-)Cc: mes- sage headers. Address transformations - empty_address_recipient + empty_address_recipient The destination for undeliverable mail from <>. This substitution is done before all other address rewriting. - canonical_maps + canonical_maps Address mapping lookup table for sender and recipi- ent addresses in envelopes and headers. - recipient_canonical_maps + recipient_canonical_maps Address mapping lookup table for envelope and header recipient addresses. - sender_canonical_maps + sender_canonical_maps Address mapping lookup table for envelope and header sender addresses. - masquerade_classes + masquerade_classes List of address classes subject to masquerading: - zero or more of envelope_sender, envelope_recipi- - ent, header_sender, header_recipient. + zero or more of envelope_sender, envelope_recipi- + ent, header_sender, header_recipient. - masquerade_domains + masquerade_domains List of domains that hide their subdomain struc- ture. - masquerade_exceptions + masquerade_exceptions List of user names that are not subject to address masquerading. - virtual_alias_maps + virtual_alias_maps Address mapping lookup table for envelope recipient addresses. Resource controls - duplicate_filter_limit + duplicate_filter_limit Limits the number of envelope recipients that are remembered. - header_address_token_limit + header_address_token_limit Limits the number of address tokens used to process a message header. - header_size_limit - Limits the amount of memory in bytes used to pro- - cess a message header. + header_size_limit + Limits the amount of memory in bytes used to store + a message header. - in_flow_delay + in_flow_delay Amount of time to pause before accepting a message, when the message arrival rate exceeds the message delivery rate. - virtual_alias_expansion_limit + virtual_alias_expansion_limit Limit the number of actual recipients produced by virtual alias expansion from each original recipi- ent. - virtual_alias_recursion_limit + virtual_alias_recursion_limit Limit the recursion depth of virtual alias expan- sion. diff --git a/postfix/html/faq.html b/postfix/html/faq.html index 3a81f15ce..17e7a3133 100644 --- a/postfix/html/faq.html +++ b/postfix/html/faq.html @@ -209,7 +209,7 @@ domains with "relay access denied"
  • Restricting what users can send mail to off-site destinations -
  • Configuring Postfix as backup MX host +
  • Configuring Postfix as MX host for a remote site @@ -1685,7 +1685,7 @@ host.
    -

    Configuring Postfix as backup MX host

     +

    Configuring Postfix as MX host for a remote site

     When you are secondary mx for a remote site this is all you need: @@ -1703,6 +1703,10 @@ all you need:

    +DO NOT LIST the.backed-up.domain.tld in MYDESTINATION + +

    + When you are primary mx for a remote site you also need: @@ -1713,7 +1717,7 @@ need: transport_maps = hash:/etc/postfix/transport /etc/postfix/transport: - the.backed-up.domain.tld smtp:[their.mail.host.tld] + the.backed-up.domain.tld relay:[their.mail.host.tld]

    diff --git a/postfix/html/pcre_table.5.html b/postfix/html/pcre_table.5.html index c4deb2007..6e82d1179 100644 --- a/postfix/html/pcre_table.5.html +++ b/postfix/html/pcre_table.5.html @@ -44,103 +44,106 @@ PCRE_TABLE(5) PCRE_TABLE(5) if !/pattern/flags - endif Examine the lines between if..endif only if pattern - matches (does not match). The if..endif can nest. - Do not prepend whitespace to patterns inside + endif Match the search string against the patterns + between if and endif, if and only if the search + string matches (does not match) pattern. The + if..endif can nest. + + Note: do not prepend whitespace to patterns inside if..endif. Each pattern is a perl-like regular expression. The - expression delimiter can be any character, except whites- - pace or characters that have special meaning (tradition- - ally the forward slash is used). The regular expression + expression delimiter can be any character, except whites- + pace or characters that have special meaning (tradition- + ally the forward slash is used). The regular expression can contain whitespace. By default, matching is case-insensitive, and newlines are - not treated as special characters. The behavior is con- - trolled by flags, which are toggled by appending one or + not treated as special characters. The behavior is con- + trolled by flags, which are toggled by appending one or more of the following characters after the pattern: i (default: on) - Toggles the case sensitivity flag. By default, + Toggles the case sensitivity flag. By default, matching is case insensitive. m (default: off) - Toggles the PCRE_MULTILINE flag. When this flag is - on, the ^ and $ metacharacters match immediately - after and immediately before a newline character, - respectively, in addition to matching at the start + Toggles the PCRE_MULTILINE flag. When this flag is + on, the ^ and $ metacharacters match immediately + after and immediately before a newline character, + respectively, in addition to matching at the start and end of the subject string. s (default: on) Toggles the PCRE_DOTALL flag. When this flag is on, the . metacharacter matches the newline character. - With Postfix versions prior to 20020528, The flag + With Postfix versions prior to 20020528, The flag is off by default, which is inconvenient for multi- line message header matching. x (default: off) - Toggles the pcre extended flag. When this flag is - on, whitespace in the pattern (other than in a + Toggles the pcre extended flag. When this flag is + on, whitespace in the pattern (other than in a character class) and characters between a # outside - a character class and the next newline character - are ignored. An escaping backslash can be used to - include a whitespace or # character as part of the + a character class and the next newline character + are ignored. An escaping backslash can be used to + include a whitespace or # character as part of the pattern. A (default: off) - Toggles the PCRE_ANCHORED flag. When this flag is - on, the pattern is forced to be "anchored", that + Toggles the PCRE_ANCHORED flag. When this flag is + on, the pattern is forced to be "anchored", that is, it is constrained to match only at the start of - the string which is being searched (the "subject - string"). This effect can also be achieved by + the string which is being searched (the "subject + string"). This effect can also be achieved by appropriate constructs in the pattern itself. E (default: off) - Toggles the PCRE_DOLLAR_ENDONLY flag. When this - flag is on, a $ metacharacter in the pattern - matches only at the end of the subject string. - Without this flag, a dollar also matches immedi- + Toggles the PCRE_DOLLAR_ENDONLY flag. When this + flag is on, a $ metacharacter in the pattern + matches only at the end of the subject string. + Without this flag, a dollar also matches immedi- ately before the final character if it is a newline character (but not before any other newline charac- - ters). This flag is ignored if PCRE_MULTILINE flag + ters). This flag is ignored if PCRE_MULTILINE flag is set. U (default: off) Toggles the ungreedy matching flag. When this flag - is on, the pattern matching engine inverts the - "greediness" of the quantifiers so that they are - not greedy by default, but become greedy if fol- - lowed by "?". This flag can also set by a (?U) + is on, the pattern matching engine inverts the + "greediness" of the quantifiers so that they are + not greedy by default, but become greedy if fol- + lowed by "?". This flag can also set by a (?U) modifier within the pattern. X (default: off) Toggles the PCRE_EXTRA flag. When this flag is on, - any backslash in a pattern that is followed by a + any backslash in a pattern that is followed by a letter that has no special meaning causes an error, thus reserving these combinations for future expan- sion. SEARCH ORDER - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Each pattern is applied to the entire lookup key string. - Depending on the application, that string is an entire + Each pattern is applied to the entire lookup key string. + Depending on the application, that string is an entire client hostname, an entire client IP address, or an entire - mail address. Thus, no parent domain or parent network - search is done, and user@domain mail addresses are not - broken up into their user and domain constituent parts, + mail address. Thus, no parent domain or parent network + search is done, and user@domain mail addresses are not + broken up into their user and domain constituent parts, nor is user+foo broken up into user and foo. TEXT SUBSTITUTION - Substitution of substrings from the matched expression - into the result string is possible using the conventional - perl syntax ($1, $2, etc.). The macros in the result - string may need to be written as ${n} or $(n) if they + Substitution of substrings from the matched expression + into the result string is possible using the conventional + perl syntax ($1, $2, etc.). The macros in the result + string may need to be written as ${n} or $(n) if they aren't followed by whitespace. - Note: since negated patterns (those preceded by !) return + Note: since negated patterns (those preceded by !) return a result when the expression does not match, substitutions are not available for negated patterns. diff --git a/postfix/html/pipe.8.html b/postfix/html/pipe.8.html index 16ef33cca..7ca8f1288 100644 --- a/postfix/html/pipe.8.html +++ b/postfix/html/pipe.8.html @@ -24,7 +24,7 @@ PIPE(8) PIPE(8) reports are sent to the bounce(8) or defer(8) daemon as appropriate. -SINGLE-RECIPIENT DELIVERY +SINGLE-RECIPIENT DELIVERY Some external commands cannot handle more than one recipi- ent per delivery request. Examples of such transports are pagers, fax machines, and so on. @@ -32,13 +32,13 @@ PIPE(8) PIPE(8) To prevent Postfix from sending multiple recipients per delivery request, specify - transport_destination_recipient_limit = 1 + transport_destination_recipient_limit = 1 in the Postfix main.cf file, where transport is the name in the first column of the Postfix master.cf entry for the pipe-based delivery transport. -COMMAND ATTRIBUTE SYNTAX +COMMAND ATTRIBUTE SYNTAX The external command attributes are given in the master.cf file at the end of a service definition. The syntax is as follows: @@ -54,17 +54,17 @@ PIPE(8) PIPE(8) D Prepend a "Delivered-To: recipient" message header with the envelope recipient address. - Note: for this to work, the transport_desti- - nation_recipient_limit must be 1. + Note: for this to work, the transport_desti- + nation_recipient_limit must be 1. - F Prepend a "From sender time_stamp" envelope + F Prepend a "From sender time_stamp" envelope header to the message content. This is expected by, for example, UUCP software. O Prepend an "X-Original-To: recipient" mes- sage header with the recipient address as given to Postfix. Note: for this to work, - the transport_destination_recipient_limit + the transport_destination_recipient_limit must be 1. R Prepend a Return-Path: message header with @@ -116,10 +116,10 @@ PIPE(8) PIPE(8) eol=string (optional, default: \n) The output record delimiter. Typically one would use either \r\n or \n. The usual C-style backslash - escape sequences are recognized: \a \b \f \n \r \t - \v \octal and \\. + escape sequences are recognized: \a \b \f \n \r \t + \v \octal and \\. - size=size_limit (optional) + size=size_limit (optional) Messages greater in size than this limit (in bytes) will be bounced back to the sender. @@ -221,47 +221,47 @@ PIPE(8) PIPE(8) cute external commands as the specified user. It is there- fore security sensitive. -CONFIGURATION PARAMETERS +CONFIGURATION PARAMETERS The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + details and for default values. Use the postfix reload command after a configuration change. Miscellaneous - export_environment + export_environment List of names of environment parameters that can be exported to non-Postfix processes. - mail_owner + mail_owner The process privileges used while not running an external command. -Resource controls +Resource controls In the text below, transport is the first field in a mas- ter.cf entry. - transport_destination_concurrency_limit + transport_destination_concurrency_limit Limit the number of parallel deliveries to the same destination, for delivery via the named transport. - The default limit is taken from the default_desti- - nation_concurrency_limit parameter. The limit is + The default limit is taken from the default_desti- + nation_concurrency_limit parameter. The limit is enforced by the Postfix queue manager. - transport_destination_recipient_limit + transport_destination_recipient_limit Limit the number of recipients per message deliv- ery, for delivery via the named transport. The - default limit is taken from the default_destina- - tion_recipient_limit parameter. The limit is + default limit is taken from the default_destina- + tion_recipient_limit parameter. The limit is enforced by the Postfix queue manager. - transport_time_limit + transport_time_limit Limit the time for delivery to external command, for delivery via the named transport. The default - limit is taken from the command_time_limit parame- + limit is taken from the command_time_limit parame- ter. The limit is enforced by the pipe delivery agent. -SEE ALSO +SEE ALSO bounce(8) non-delivery status reports master(8) process manager qmgr(8) queue manager diff --git a/postfix/html/postmap.1.html b/postfix/html/postmap.1.html index b5a5c97a9..82413da06 100644 --- a/postfix/html/postmap.1.html +++ b/postfix/html/postmap.1.html @@ -89,14 +89,14 @@ POSTMAP(1) POSTMAP(1) ate a new file with default access permissions (mode 0644). - -q key Search the specified maps for key and print the - first value found on the standard output stream. + -q key Search the specified maps for key and write the + first value found to the standard output stream. The exit status is zero when the requested informa- tion was found. If a key value of - is specified, the program reads key values from the standard input stream and - prints one line of key value output for each key + writes one line of key value output for each key that was found. The exit status is zero when at least one of the requested keys was found. diff --git a/postfix/html/regexp_table.5.html b/postfix/html/regexp_table.5.html index 3e683f9ae..a0ab127b8 100644 --- a/postfix/html/regexp_table.5.html +++ b/postfix/html/regexp_table.5.html @@ -44,44 +44,47 @@ REGEXP_TABLE(5) REGEXP_TABLE(5) if !/pattern/flags - endif Examine the lines between if..endif only if pattern - matches (does not match). The if..endif can nest. - Do not prepend whitespace to patterns inside + endif Match the search string against the patterns + between if and endif, if and only if the search + string matches (does not match) pattern. The + if..endif can nest. + + Note: do not prepend whitespace to patterns inside if..endif. Each pattern is a regular expression enclosed by a pair of delimiters. The regular expression syntax is described in - re_format(7). The expression delimiter can be any charac- - ter, except whitespace or characters that have special - meaning (traditionally the forward slash is used). The + re_format(7). The expression delimiter can be any charac- + ter, except whitespace or characters that have special + meaning (traditionally the forward slash is used). The regular expression can contain whitespace. By default, matching is case-insensitive, although follow- - ing the second slash with an `i' flag will reverse this. - Other flags are `x' (disable extended expression syntax), - and `m' (enable multi-line mode, that is, treat newline + ing the second slash with an `i' flag will reverse this. + Other flags are `x' (disable extended expression syntax), + and `m' (enable multi-line mode, that is, treat newline characters as special). TABLE SEARCH ORDER - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Each pattern is applied to the entire lookup key string. - Depending on the application, that string is an entire + Each pattern is applied to the entire lookup key string. + Depending on the application, that string is an entire client hostname, an entire client IP address, or an entire - mail address. Thus, no parent domain or parent network - search is done, and user@domain mail addresses are not - broken up into their user and domain constituent parts, + mail address. Thus, no parent domain or parent network + search is done, and user@domain mail addresses are not + broken up into their user and domain constituent parts, nor is user+foo broken up into user and foo. TEXT SUBSTITUTION - Substitution of substrings from the matched expression + Substitution of substrings from the matched expression into the result string is possible using $1, $2, etc.. The macros in the result string may need to be written as ${n} or $(n) if they aren't followed by whitespace. - Note: since negated patterns (those preceded by !) return + Note: since negated patterns (those preceded by !) return a result when the expression does not match, substitutions are not available for negated patterns. diff --git a/postfix/html/relocated.5.html b/postfix/html/relocated.5.html index 381871aac..a880035b2 100644 --- a/postfix/html/relocated.5.html +++ b/postfix/html/relocated.5.html @@ -9,7 +9,7 @@ RELOCATED(5) RELOCATED(5) DESCRIPTION The optional relocated table provides the information that - is used in "user has moved to new_location" bounce mes- + is used in "user has moved to new_location" bounce mes- sages. Normally, the relocated table is specified as a text file @@ -33,100 +33,100 @@ RELOCATED(5) RELOCATED(5) Table lookups are case insensitive. TABLE FORMAT - The format of the table is as follows: + The input format for the postmap(1) command is as follows: o An entry has one of the following form: - key new_location - Where new_location specifies contact information - such as an email address, or perhaps a street + pattern new_location + Where new_location specifies contact information + such as an email address, or perhaps a street address or telephone number. - o Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + o Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. - o A logical line starts with non-whitespace text. A - line that starts with whitespace continues a logi- + o A logical line starts with non-whitespace text. A + line that starts with whitespace continues a logi- cal line. With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, the key field - is one of the following: + networked tables such as NIS, LDAP or SQL, patterns are + tried in the order as listed below: user@domain - Matches user@domain. This form has precedence over + Matches user@domain. This form has precedence over all other forms. user Matches user@site when site is $myorigin, when site is listed in $mydestination, or when site is listed - in $inet_interfaces. + in $inet_interfaces. @domain - Matches every address in domain. This form has the + Matches every address in domain. This form has the lowest precedence. ADDRESS EXTENSION When a mail address localpart contains the optional recip- - ient delimiter (e.g., user+foo@domain), the lookup order + ient delimiter (e.g., user+foo@domain), the lookup order becomes: user+foo@domain, user@domain, user+foo, user, and @domain. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when - the table is given in the form of regular expressions or - when lookups are directed to a TCP-based server. For a + This section describes how the table lookups change when + the table is given in the form of regular expressions or + when lookups are directed to a TCP-based server. For a description of regular expression lookup table syntax, see - regexp_table(5) or pcre_table(5). For a description of the - TCP client/server table lookup protocol, see tcp_table(5). + regexp_table(5) or pcre_table(5). For a description of the + TCP client/server table lookup protocol, see tcp_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire address being looked up. Thus, user@domain mail - addresses are not broken up into their user and @domain + addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Results are the same as with indexed file lookups, with - the additional feature that parenthesized substrings from + Results are the same as with indexed file lookups, with + the additional feature that parenthesized substrings from the pattern can be interpolated as $1, $2 and so on. TCP-BASED TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- - tion of the TCP client/server lookup protocol, see - tcp_table(5). + tion of the TCP client/server lookup protocol, see + tcp_table(5). Each lookup operation uses the entire address once. Thus, - user@domain mail addresses are not broken up into their + user@domain mail addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. Results are the same as with indexed file lookups. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this topic. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this topic. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. - relocated_maps + relocated_maps List of lookup tables for relocated users or sites. Other parameters of interest: - inet_interfaces - The network interface addresses that this system + inet_interfaces + The network interface addresses that this system receives mail on. You need to stop and start Post- fix when this parameter changes. mydestination - List of domains that this mail system considers + List of domains that this mail system considers local. myorigin @@ -139,7 +139,7 @@ RELOCATED(5) RELOCATED(5) tcp_table(5) TCP client/server table lookup protocol LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index 08359c941..864b182a4 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -124,7 +124,7 @@ SMTPD(8) SMTPD(8) the SMTP proxy server. Authentication controls - enable_sasl_authentication + smtpd_sasl_auth_enable Enable per-session authentication as per RFC 2554 (SASL). This functionality is available only when explicitly selected at program build time and diff --git a/postfix/html/transport.5.html b/postfix/html/transport.5.html index 4cff48c1a..838c9a5be 100644 --- a/postfix/html/transport.5.html +++ b/postfix/html/transport.5.html @@ -22,19 +22,19 @@ TRANSPORT(5) TRANSPORT(5) mydestination A list of domains that is by default delivered via - $local_transport. + $local_transport. - virtual_mailbox_domains + virtual_mailbox_domains A list of domains that is by default delivered via - $virtual_transport. + $virtual_transport. - relay_domains + relay_domains A list of domains that is by default delivered via - $relay_transport. + $relay_transport. any other destination Mail for any other destination is by default deliv- - ered via $default_transport. + ered via $default_transport. Normally, the transport table is specified as a text file that serves as input to the postmap(1) command. The @@ -55,35 +55,35 @@ TRANSPORT(5) TRANSPORT(5) and "TCP-BASED TABLES". TABLE FORMAT - The format of the transport table is as follows: + The input format for the postmap(1) command is as follows: pattern result When pattern matches the recipient address or domain, use the corresponding result. blank lines and comments - Empty lines and whitespace-only lines are ignored, - as are lines whose first non-whitespace character + Empty lines and whitespace-only lines are ignored, + as are lines whose first non-whitespace character is a `#'. multi-line text - A logical line starts with non-whitespace text. A - line that starts with whitespace continues a logi- + A logical line starts with non-whitespace text. A + line that starts with whitespace continues a logi- cal line. - The pattern specifies an email address, a domain name, or - a domain name hierarchy, as described in section "TABLE + The pattern specifies an email address, a domain name, or + a domain name hierarchy, as described in section "TABLE LOOKUP". - The result is of the form transport:nexthop. The trans- - port field specifies a mail delivery transport such as - smtp or local. The nexthop field specifies where and how + The result is of the form transport:nexthop. The trans- + port field specifies a mail delivery transport such as + smtp or local. The nexthop field specifies where and how to deliver mail. More details are given in section "RESULT FORMAT". TABLE LOOKUP With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user+extension@domain transport:nexthop @@ -95,151 +95,151 @@ TRANSPORT(5) TRANSPORT(5) to nexthop. domain transport:nexthop - Mail for domain is delivered through transport to + Mail for domain is delivered through transport to nexthop. .domain transport:nexthop - Mail for any subdomain of domain is delivered - through transport to nexthop. This applies only - when the string transport_maps is not listed in the - parent_domain_matches_subdomains configuration set- - ting. Otherwise, a domain name matches itself and + Mail for any subdomain of domain is delivered + through transport to nexthop. This applies only + when the string transport_maps is not listed in the + parent_domain_matches_subdomains configuration set- + ting. Otherwise, a domain name matches itself and its subdomains. Note 1: the special pattern * represents any address (i.e. it functions as the wild-card pattern). - Note 2: the null recipient address is looked up as - $empty_address_recipient@$myhostname (default: mailer-dae- + Note 2: the null recipient address is looked up as + $empty_address_recipient@$myhostname (default: mailer-dae- mon@hostname). RESULT FORMAT - The transport field specifies the name of a mail delivery + The transport field specifies the name of a mail delivery transport (the first name of a mail delivery service entry in the Postfix master.cf file). - The interpretation of the nexthop field is transport + The interpretation of the nexthop field is transport dependent. In the case of SMTP, specify host:service for a - non-default server port, and use [host] or [host]:port in - order to disable MX (mail exchanger) DNS lookups. The [] + non-default server port, and use [host] or [host]:port in + order to disable MX (mail exchanger) DNS lookups. The [] form is required when you specify an IP address instead of a hostname. - A null transport and null nexthop result means "do not - change": use the delivery transport and nexthop informa- - tion that would be used when the entire transport table + A null transport and null nexthop result means "do not + change": use the delivery transport and nexthop informa- + tion that would be used when the entire transport table did not exist. - A non-null transport field with a null nexthop field + A non-null transport field with a null nexthop field resets the nexthop information to the recipient domain. - A null transport field with non-null nexthop field does + A null transport field with non-null nexthop field does not modify the transport information. EXAMPLES - In order to deliver internal mail directly, while using a - mail relay for all other mail, specify a null entry for - internal destinations (do not change the delivery trans- - port or the nexthop information) and specify a wildcard + In order to deliver internal mail directly, while using a + mail relay for all other mail, specify a null entry for + internal destinations (do not change the delivery trans- + port or the nexthop information) and specify a wildcard for all other destinations. my.domain : .my.domain : * smtp:outbound-relay.my.domain - In order to send mail for foo.org and its subdomains via + In order to send mail for foo.org and its subdomains via the uucp transport to the UUCP host named foo: foo.org uucp:foo .foo.org uucp:foo - When no nexthop host name is specified, the destination - domain name is used instead. For example, the following - directs mail for user@foo.org via the slow transport to a - mail exchanger for foo.org. The slow transport could be - something that runs at most one delivery process at a + When no nexthop host name is specified, the destination + domain name is used instead. For example, the following + directs mail for user@foo.org via the slow transport to a + mail exchanger for foo.org. The slow transport could be + something that runs at most one delivery process at a time: foo.org slow: When no transport is specified, Postfix uses the transport that matches the address domain class (see TRANSPORT FIELD - discussion above). The following sends all mail for + discussion above). The following sends all mail for foo.org and its subdomains to host gateway.foo.org: foo.org :[gateway.foo.org] .foo.org :[gateway.foo.org] - In the above example, the [] are used to suppress MX - lookups. The result would likely point to your local + In the above example, the [] are used to suppress MX + lookups. The result would likely point to your local machine. - In the case of delivery via SMTP, one may specify host- + In the case of delivery via SMTP, one may specify host- name:service instead of just a host: foo.org smtp:bar.org:2025 - This directs mail for user@foo.org to host bar.org port - 2025. Instead of a numerical port a symbolic name may be - used. Specify [] around the hostname in order to disable + This directs mail for user@foo.org to host bar.org port + 2025. Instead of a numerical port a symbolic name may be + used. Specify [] around the hostname in order to disable MX lookups. The error mailer can be used to bounce mail: - .foo.org error:mail for *.foo.org is not deliv- + .foo.org error:mail for *.foo.org is not deliv- erable - This causes all mail for user@anything.foo.org to be + This causes all mail for user@anything.foo.org to be bounced. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, - see regexp_table(5) or pcre_table(5). + a description of regular expression lookup table syntax, + see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to - the entire address being looked up. Thus, - some.domain.hierarchy is not looked up up via its parent - domains, nor is user+foo@domain looked up as user@domain. + Each pattern is a regular expression that is applied to + the entire address being looked up. Thus, + some.domain.hierarchy is not looked up up via its parent + domains, nor is user+foo@domain looked up as user@domain. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Results are the same as with indexed file lookups, with - the additional feature that parenthesized substrings from + Results are the same as with indexed file lookups, with + the additional feature that parenthesized substrings from the pattern can be interpolated as $1, $2 and so on. TCP-BASED TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- - tion of the TCP client/server lookup protocol, see - tcp_table(5). + tion of the TCP client/server lookup protocol, see + tcp_table(5). - Each lookup operation uses the entire recipient address - once. Thus, some.domain.hierarchy is not looked up via - its parent domains, nor is user+foo@domain looked up as + Each lookup operation uses the entire recipient address + once. Thus, some.domain.hierarchy is not looked up via + its parent domains, nor is user+foo@domain looked up as user@domain. Results are the same as with indexed file lookups. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this topic. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this topic. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. - empty_address_recipient - The address that is looked up instead of the null + empty_address_recipient + The address that is looked up instead of the null sender address. - parent_domain_matches_subdomains - List of Postfix features that use domain.tld pat- - terns to match sub.domain.tld (as opposed to + parent_domain_matches_subdomains + List of Postfix features that use domain.tld pat- + terns to match sub.domain.tld (as opposed to requiring .domain.tld patterns). - transport_maps + transport_maps List of transport lookup tables. SEE ALSO @@ -250,7 +250,7 @@ TRANSPORT(5) TRANSPORT(5) tcp_table(5) TCP client/server table lookup protocol LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/uce.html b/postfix/html/uce.html index 556006555..dfc4f9d89 100644 --- a/postfix/html/uce.html +++ b/postfix/html/uce.html @@ -134,7 +134,9 @@ matches a table, the action depends on the lookup result: Reject the message, log the header and the optional text, and send the optional text to the originator. -

    IGNORE
    Delete the header from the message. +
    OK
    Skip all further header patterns for this header line. + +
    IGNORE
    Delete the header line from the message.
    WARN
    @@ -245,7 +247,9 @@ and send the optional text to the originator. Log (but do not reject) the body line with a warning, and log the optional text. -
    IGNORE
    Delete the matched line from the message. +
    OK
    Skip all further body patterns for this body line. + +
    IGNORE
    Delete the body line from the message.
    HOLD
    diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html index 5ade18a85..6181cae1d 100644 --- a/postfix/html/virtual.5.html +++ b/postfix/html/virtual.5.html @@ -56,8 +56,7 @@ VIRTUAL(5) VIRTUAL(5) and "TCP-BASED TABLES". TABLE FORMAT - The format of the virtual table is as follows, mappings - being tried in the order as listed in this manual page: + The input format for the postmap(1) command is as follows: pattern result When pattern matches a mail address, replace it by @@ -85,7 +84,7 @@ VIRTUAL(5) VIRTUAL(5) Mail for user@site is redirected to address when site is equal to $myorigin, when site is listed in $mydestination, or when it is listed in - $inet_interfaces. + $inet_interfaces. This functionality overlaps with functionality of the local aliases(5) database. The difference is @@ -145,7 +144,7 @@ VIRTUAL(5) VIRTUAL(5) back to myself". Do not specify virtual alias domain names in the main.cf - mydestination or relay_domains configuration parameters. + mydestination or relay_domains configuration parameters. With a virtual alias domain, the Postfix SMTP server accepts mail for known-user@virtual-alias.domain, and @@ -153,8 +152,8 @@ VIRTUAL(5) VIRTUAL(5) undeliverable. Instead of specifying the virtual alias domain name via - the virtual_alias_maps table, you may also specify it via - the main.cf virtual_alias_domains configuration parameter. + the virtual_alias_maps table, you may also specify it via + the main.cf virtual_alias_domains configuration parameter. This latter parameter uses the same syntax as the main.cf mydestination configuration parameter. @@ -162,7 +161,7 @@ VIRTUAL(5) VIRTUAL(5) This section describes how the table lookups change when the table is given in the form of regular expressions. For a description of regular expression lookup table syntax, - see regexp_table(5) or pcre_table(5). + see regexp_table(5) or pcre_table(5). Each pattern is a regular expression that is applied to the entire address being looked up. Thus, user@domain mail @@ -182,7 +181,7 @@ VIRTUAL(5) VIRTUAL(5) This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- tion of the TCP client/server lookup protocol, see - tcp_table(5). + tcp_table(5). Each lookup operation uses the entire address once. Thus, user@domain mail addresses are not broken up into their @@ -200,16 +199,16 @@ VIRTUAL(5) VIRTUAL(5) details and for default values. Use the postfix reload command after a configuration change. - virtual_alias_maps + virtual_alias_maps List of virtual aliasing tables. - virtual_alias_domains + virtual_alias_domains List of virtual alias domains. This uses the same syntax as the mydestination parameter. Other parameters of interest: - inet_interfaces + inet_interfaces The network interface addresses that this system receives mail on. You need to stop and start Post- fix when this parameter changes. @@ -222,7 +221,7 @@ VIRTUAL(5) VIRTUAL(5) The domain that is appended to any address that does not have a domain. - owner_request_special + owner_request_special Give special treatment to owner-xxx and xxx-request addresses. diff --git a/postfix/man/man1/postmap.1 b/postfix/man/man1/postmap.1 index f9426a3c0..f4fa548fc 100644 --- a/postfix/man/man1/postmap.1 +++ b/postfix/man/man1/postmap.1 @@ -91,12 +91,12 @@ Do not inherit the file access permissions from the input file when creating a new file. Instead, create a new file with default access permissions (mode 0644). .IP "\fB-q \fIkey\fR" -Search the specified maps for \fIkey\fR and print the first value -found on the standard output stream. The exit status is zero +Search the specified maps for \fIkey\fR and write the first value +found to the standard output stream. The exit status is zero when the requested information was found. If a key value of \fB-\fR is specified, the program reads key -values from the standard input stream and prints one line of +values from the standard input stream and writes one line of \fIkey value\fR output for each key that was found. The exit status is zero when at least one of the requested keys was found. .IP \fB-r\fR diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index 2a174c219..9cb501d4a 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -41,7 +41,7 @@ done in a slightly different way as described below under .nf .ad .fi -The format of the access table is as follows: +The input format for the \fBpostmap\fR(1) command is as follows: .IP "\fIpattern action\fR" When \fIpattern\fR matches a mail address, domain or host address, perform the corresponding \fIaction\fR. @@ -57,8 +57,8 @@ starts with whitespace continues a logical line. .ad .fi With lookups from indexed files such as DB or DBM, or from networked -tables such as NIS, LDAP or SQL, the following lookup patterns are -examined in the order as listed: +tables such as NIS, LDAP or SQL, patterns are tried in the order as +listed below: .IP \fIuser\fR@\fIdomain\fR Matches the specified mail address. .IP \fIdomain.tld\fR @@ -119,18 +119,15 @@ network/netmask patterns. See cidr_table(5) for details. .IP "[\fB45\fR]\fINN text\fR" Reject the address etc. that matches the pattern, and respond with the numerical code and text. -.IP \fBREJECT\fR .IP "\fBREJECT \fIoptional text...\fR Reject the address etc. that matches the pattern. Reply with \fI$reject_code optional text...\fR when the optional text is specified, otherwise reply with a generic error response message. -.IP \fBDEFER_IF_REJECT\fR .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR Defer the request if some later restriction would result in a REJECT action. Reply with "\fB450\fI optional text...\fR when the optional text is specified, otherwise reply with a generic error response message. -.IP \fBDEFER_IF_PERMIT\fR .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR Defer the request if some later restriction would result in a PERMIT action (there is an implied PERMIT at the end of each @@ -146,7 +143,6 @@ generated by address-based relay authorization schemes. Pretend that the lookup key was not found in this table. This prevents Postfix from trying substrings of the lookup key (such as a subdomain name, or a network address subnetwork). -.IP \fBHOLD\fR .IP "\fBHOLD \fIoptional text...\fR" Place the message on the \fBhold\fR queue, where it will sit until someone either deletes it or releases it for delivery. @@ -158,7 +154,6 @@ Mail that is placed on hold can be examined with the the \fBpostsuper\fR(1) command. .sp Note: this action currently affects all recipients of the message. -.IP \fBDISCARD\fR .IP "\fBDISCARD \fIoptional text...\fR Claim successful delivery and silently discard the message. Log the optional text if specified, otherwise log a generic diff --git a/postfix/man/man5/canonical.5 b/postfix/man/man5/canonical.5 index 7a7c6f26f..09778b32f 100644 --- a/postfix/man/man5/canonical.5 +++ b/postfix/man/man5/canonical.5 @@ -55,7 +55,7 @@ Use the \fBaliases\fR(5) map for that purpose. .nf .ad .fi -The format of the \fBcanonical\fR table is as follows: +The input format for the \fBpostmap\fR(1) command is as follows: .IP "\fIpattern result\fR" When \fIpattern\fR matches a mail address, replace it by the corresponding \fIresult\fR. diff --git a/postfix/man/man5/pcre_table.5 b/postfix/man/man5/pcre_table.5 index 4a48ef933..ce1233c03 100644 --- a/postfix/man/man5/pcre_table.5 +++ b/postfix/man/man5/pcre_table.5 @@ -43,9 +43,11 @@ starts with whitespace continues a logical line. .IP "\fBif /\fIpattern\fB/\fIflags\fR" .IP "\fBif !/\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Examine the lines between \fBif\fR..\fBendif\fR only if -\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR -can nest. Do not prepend whitespace to patterns inside +Match the search string against the patterns between \fBif\fR +and \fBendif\fR, if and only if the search string matches (does +not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +.sp +Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. .PP Each pattern is a perl-like regular expression. The expression diff --git a/postfix/man/man5/regexp_table.5 b/postfix/man/man5/regexp_table.5 index 6f577817a..5b9b078e1 100644 --- a/postfix/man/man5/regexp_table.5 +++ b/postfix/man/man5/regexp_table.5 @@ -43,10 +43,12 @@ starts with whitespace continues a logical line. .IP "\fBif /\fIpattern\fB/\fIflags\fR" .IP "\fBif !/\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Examine the lines between \fBif\fR..\fBendif\fR only if -\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR -can nest. -Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. +Match the search string against the patterns between \fBif\fR +and \fBendif\fR, if and only if the search string matches (does +not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +.sp +Note: do not prepend whitespace to patterns inside +\fBif\fR..\fBendif\fR. .PP Each pattern is a regular expression enclosed by a pair of delimiters. The regular expression syntax is described in \fIre_format\fR(7). diff --git a/postfix/man/man5/relocated.5 b/postfix/man/man5/relocated.5 index 756574140..285f837b5 100644 --- a/postfix/man/man5/relocated.5 +++ b/postfix/man/man5/relocated.5 @@ -37,11 +37,11 @@ Table lookups are case insensitive. .nf .ad .fi -The format of the table is as follows: +The input format for the \fBpostmap\fR(1) command is as follows: .IP \(bu An entry has one of the following form: .ti +5 -\fIkey new_location\fR +\fIpattern new_location\fR .br Where \fInew_location\fR specifies contact information such as an email address, or perhaps a street address or telephone number. @@ -53,8 +53,8 @@ A logical line starts with non-whitespace text. A line that starts with whitespace continues a logical line. .PP With lookups from indexed files such as DB or DBM, or from networked -tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the -following: +tables such as NIS, LDAP or SQL, patterns are tried in the order as +listed below: .IP \fIuser\fR@\fIdomain\fR Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all other forms. diff --git a/postfix/man/man5/transport.5 b/postfix/man/man5/transport.5 index adebc271c..8a3708120 100644 --- a/postfix/man/man5/transport.5 +++ b/postfix/man/man5/transport.5 @@ -55,7 +55,7 @@ done in a slightly different way as described below under .nf .ad .fi -The format of the transport table is as follows: +The input format for the \fBpostmap\fR(1) command is as follows: .IP "\fIpattern result\fR" When \fIpattern\fR matches the recipient address or domain, use the corresponding \fIresult\fR. diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5 index dce50baa5..59fccdd09 100644 --- a/postfix/man/man5/virtual.5 +++ b/postfix/man/man5/virtual.5 @@ -57,8 +57,7 @@ done in a slightly different way as described below under .nf .ad .fi -The format of the virtual table is as follows, mappings being -tried in the order as listed in this manual page: +The input format for the \fBpostmap\fR(1) command is as follows: .IP "\fIpattern result\fR" When \fIpattern\fR matches a mail address, replace it by the corresponding \fIresult\fR. diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8 index 373af678e..8542c99dd 100644 --- a/postfix/man/man8/cleanup.8 +++ b/postfix/man/man8/cleanup.8 @@ -179,7 +179,7 @@ Limits the number of envelope recipients that are remembered. .IP \fBheader_address_token_limit\fR Limits the number of address tokens used to process a message header. .IP \fBheader_size_limit\fR -Limits the amount of memory in bytes used to process a message header. +Limits the amount of memory in bytes used to store a message header. .IP \fBin_flow_delay\fR Amount of time to pause before accepting a message, when the message arrival rate exceeds the message delivery rate. diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index 0f149af63..1e004fad2 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -122,7 +122,7 @@ the SMTP proxy server. The hostname to use when sending an EHLO command to the SMTP proxy server. .SH "Authentication controls" -.IP \fBenable_sasl_authentication\fR +.IP \fBsmtpd_sasl_auth_enable\fR Enable per-session authentication as per RFC 2554 (SASL). This functionality is available only when explicitly selected at program build time and explicitly enabled at runtime. diff --git a/postfix/proto/access b/postfix/proto/access index c330b9375..68c3c0b76 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -33,7 +33,7 @@ # TABLE FORMAT # .ad # .fi -# The format of the access table is as follows: +# The input format for the \fBpostmap\fR(1) command is as follows: # .IP "\fIpattern action\fR" # When \fIpattern\fR matches a mail address, domain or host address, # perform the corresponding \fIaction\fR. @@ -47,8 +47,8 @@ # .ad # .fi # With lookups from indexed files such as DB or DBM, or from networked -# tables such as NIS, LDAP or SQL, the following lookup patterns are -# examined in the order as listed: +# tables such as NIS, LDAP or SQL, patterns are tried in the order as +# listed below: # .IP \fIuser\fR@\fIdomain\fR # Matches the specified mail address. # .IP \fIdomain.tld\fR @@ -103,18 +103,15 @@ # .IP "[\fB45\fR]\fINN text\fR" # Reject the address etc. that matches the pattern, and respond with # the numerical code and text. -# .IP \fBREJECT\fR # .IP "\fBREJECT \fIoptional text...\fR # Reject the address etc. that matches the pattern. Reply with # \fI$reject_code optional text...\fR when the optional text is # specified, otherwise reply with a generic error response message. -# .IP \fBDEFER_IF_REJECT\fR # .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR # Defer the request if some later restriction would result in a # REJECT action. Reply with "\fB450\fI optional text...\fR when the # optional text is specified, otherwise reply with a generic error # response message. -# .IP \fBDEFER_IF_PERMIT\fR # .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR # Defer the request if some later restriction would result in a # PERMIT action (there is an implied PERMIT at the end of each @@ -130,7 +127,6 @@ # Pretend that the lookup key was not found in this table. This # prevents Postfix from trying substrings of the lookup key # (such as a subdomain name, or a network address subnetwork). -# .IP \fBHOLD\fR # .IP "\fBHOLD \fIoptional text...\fR" # Place the message on the \fBhold\fR queue, where it will sit # until someone either deletes it or releases it for delivery. @@ -142,7 +138,6 @@ # the \fBpostsuper\fR(1) command. # .sp # Note: this action currently affects all recipients of the message. -# .IP \fBDISCARD\fR # .IP "\fBDISCARD \fIoptional text...\fR # Claim successful delivery and silently discard the message. # Log the optional text if specified, otherwise log a generic diff --git a/postfix/proto/canonical b/postfix/proto/canonical index 60a547058..7245d920d 100644 --- a/postfix/proto/canonical +++ b/postfix/proto/canonical @@ -47,7 +47,7 @@ # TABLE FORMAT # .ad # .fi -# The format of the \fBcanonical\fR table is as follows: +# The input format for the \fBpostmap\fR(1) command is as follows: # .IP "\fIpattern result\fR" # When \fIpattern\fR matches a mail address, replace it by the # corresponding \fIresult\fR. diff --git a/postfix/proto/pcre_table b/postfix/proto/pcre_table index 4789ee16e..5c5fa8f6e 100644 --- a/postfix/proto/pcre_table +++ b/postfix/proto/pcre_table @@ -35,9 +35,11 @@ # .IP "\fBif /\fIpattern\fB/\fIflags\fR" # .IP "\fBif !/\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Examine the lines between \fBif\fR..\fBendif\fR only if -# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR -# can nest. Do not prepend whitespace to patterns inside +# Match the search string against the patterns between \fBif\fR +# and \fBendif\fR, if and only if the search string matches (does +# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# .sp +# Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. # .PP # Each pattern is a perl-like regular expression. The expression diff --git a/postfix/proto/regexp_table b/postfix/proto/regexp_table index 65ffde9a7..ca4b94067 100644 --- a/postfix/proto/regexp_table +++ b/postfix/proto/regexp_table @@ -35,10 +35,12 @@ # .IP "\fBif /\fIpattern\fB/\fIflags\fR" # .IP "\fBif !/\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Examine the lines between \fBif\fR..\fBendif\fR only if -# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR -# can nest. -# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. +# Match the search string against the patterns between \fBif\fR +# and \fBendif\fR, if and only if the search string matches (does +# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# .sp +# Note: do not prepend whitespace to patterns inside +# \fBif\fR..\fBendif\fR. # .PP # Each pattern is a regular expression enclosed by a pair of delimiters. # The regular expression syntax is described in \fIre_format\fR(7). diff --git a/postfix/proto/relocated b/postfix/proto/relocated index 05dc2d311..fb0740d3f 100644 --- a/postfix/proto/relocated +++ b/postfix/proto/relocated @@ -29,11 +29,11 @@ # TABLE FORMAT # .ad # .fi -# The format of the table is as follows: +# The input format for the \fBpostmap\fR(1) command is as follows: # .IP \(bu # An entry has one of the following form: # .ti +5 -# \fIkey new_location\fR +# \fIpattern new_location\fR # .br # Where \fInew_location\fR specifies contact information such as # an email address, or perhaps a street address or telephone number. @@ -45,8 +45,8 @@ # starts with whitespace continues a logical line. # .PP # With lookups from indexed files such as DB or DBM, or from networked -# tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the -# following: +# tables such as NIS, LDAP or SQL, patterns are tried in the order as +# listed below: # .IP \fIuser\fR@\fIdomain\fR # Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all # other forms. diff --git a/postfix/proto/transport b/postfix/proto/transport index 79f6442c3..917bbcff2 100644 --- a/postfix/proto/transport +++ b/postfix/proto/transport @@ -47,7 +47,7 @@ # TABLE FORMAT # .ad # .fi -# The format of the transport table is as follows: +# The input format for the \fBpostmap\fR(1) command is as follows: # .IP "\fIpattern result\fR" # When \fIpattern\fR matches the recipient address or domain, use the # corresponding \fIresult\fR. diff --git a/postfix/proto/virtual b/postfix/proto/virtual index bb218b1ea..2df396de3 100644 --- a/postfix/proto/virtual +++ b/postfix/proto/virtual @@ -49,8 +49,7 @@ # TABLE FORMAT # .ad # .fi -# The format of the virtual table is as follows, mappings being -# tried in the order as listed in this manual page: +# The input format for the \fBpostmap\fR(1) command is as follows: # .IP "\fIpattern result\fR" # When \fIpattern\fR matches a mail address, replace it by the # corresponding \fIresult\fR. diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c index 56f689018..50db85b85 100644 --- a/postfix/src/cleanup/cleanup.c +++ b/postfix/src/cleanup/cleanup.c @@ -165,7 +165,7 @@ /* .IP \fBheader_address_token_limit\fR /* Limits the number of address tokens used to process a message header. /* .IP \fBheader_size_limit\fR -/* Limits the amount of memory in bytes used to process a message header. +/* Limits the amount of memory in bytes used to store a message header. /* .IP \fBin_flow_delay\fR /* Amount of time to pause before accepting a message, when the /* message arrival rate exceeds the message delivery rate. diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 6256a10c4..344cba796 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "200307804" +#define MAIL_RELEASE_DATE "20030812" #define VAR_MAIL_VERSION "mail_version" #define DEF_MAIL_VERSION "2.0.14-" MAIL_RELEASE_DATE diff --git a/postfix/src/lmtp/lmtp_connect.c b/postfix/src/lmtp/lmtp_connect.c index 35afabbba..63321e496 100644 --- a/postfix/src/lmtp/lmtp_connect.c +++ b/postfix/src/lmtp/lmtp_connect.c @@ -320,7 +320,7 @@ static char *lmtp_parse_destination(const char *destination, char *def_service, * aren't going to have lmtp defined as a service, use a default value * instead of just blowing up. */ - if ((port = atoi(service)) != 0) + if (alldig(service) && (port = atoi(service)) != 0) *portp = htons(port); else if ((sp = getservbyname(service, protocol)) != 0) *portp = sp->s_port; diff --git a/postfix/src/pipe/pipe.c b/postfix/src/pipe/pipe.c index 5a0de2882..e9840e8f0 100644 --- a/postfix/src/pipe/pipe.c +++ b/postfix/src/pipe/pipe.c @@ -289,6 +289,9 @@ /* * The mini symbol table name and keys used for expanding macros in * command-line arguments. + * + * XXX Update the parse_callback() routine when something gets added here, + * even when the macro is not recipient dependent. */ #define PIPE_DICT_TABLE "pipe_command" /* table name */ #define PIPE_DICT_NEXTHOP "nexthop" /* key */ @@ -307,7 +310,6 @@ #define PIPE_FLAG_USER (1<<1) #define PIPE_FLAG_EXTENSION (1<<2) #define PIPE_FLAG_MAILBOX (1<<3) -#define PIPE_FLAG_SIZE (1<<4) /* * Additional flags. These are colocated with mail_copy() flags. Allow some @@ -349,6 +351,14 @@ typedef struct { off_t size_limit; /* max size in bytes we will accept */ } PIPE_ATTR; + /* + * Structure for command-line parameter macro expansion. + */ +typedef struct { + const char *service; /* for warnings */ + int expand_flag; /* callback result */ +} PIPE_STATE; + /* * Silly little macros. */ @@ -358,20 +368,38 @@ typedef struct { static int parse_callback(int type, VSTRING *buf, char *context) { - int *expand_flag = (int *) context; + PIPE_STATE *state = (PIPE_STATE *) context; + struct cmd_flags { + const char *name; + int flags; + }; + static struct cmd_flags cmd_flags[] = { + PIPE_DICT_NEXTHOP, 0, + PIPE_DICT_RCPT, PIPE_FLAG_RCPT, + PIPE_DICT_SENDER, 0, + PIPE_DICT_USER, PIPE_FLAG_USER, + PIPE_DICT_EXTENSION, PIPE_FLAG_EXTENSION, + PIPE_DICT_MAILBOX, PIPE_FLAG_MAILBOX, + PIPE_DICT_SIZE, 0, + 0, 0, + }; + struct cmd_flags *p; /* * See if this command-line argument references a special macro. */ if (type == MAC_PARSE_VARNAME) { - if (strcmp(vstring_str(buf), PIPE_DICT_RCPT) == 0) - *expand_flag |= PIPE_FLAG_RCPT; - else if (strcmp(vstring_str(buf), PIPE_DICT_USER) == 0) - *expand_flag |= PIPE_FLAG_USER; - else if (strcmp(vstring_str(buf), PIPE_DICT_EXTENSION) == 0) - *expand_flag |= PIPE_FLAG_EXTENSION; - else if (strcmp(vstring_str(buf), PIPE_DICT_MAILBOX) == 0) - *expand_flag |= PIPE_FLAG_MAILBOX; + for (p = cmd_flags; /* see below */ ; p++) { + if (p->name == 0) { + msg_warn("file %s/%s: service %s: unknown macro name: \"%s\"", + var_config_dir, MASTER_CONF_FILE, + state->service, vstring_str(buf)); + return (MAC_PARSE_ERROR); + } else if (strcmp(vstring_str(buf), p->name) == 0) { + state->expand_flag |= p->flags; + return (0); + } + } } return (0); } @@ -413,12 +441,13 @@ static void morph_recipient(VSTRING *buf, const char *address, int flags) /* expand_argv - expand macros in the argument vector */ -static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) +static ARGV *expand_argv(const char *service, char **argv, + RECIPIENT_LIST *rcpt_list, int flags) { VSTRING *buf = vstring_alloc(100); ARGV *result; char **cpp; - int expand_flag; + PIPE_STATE state; int i; char *ext; @@ -436,12 +465,15 @@ static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) * would screw up mail addresses that contain $ characters. */ #define NO 0 +#define EARLY_RETURN(x) { argv_free(result); vstring_free(buf); return (x); } result = argv_alloc(1); for (cpp = argv; *cpp; cpp++) { - expand_flag = 0; - mac_parse(*cpp, parse_callback, (char *) &expand_flag); - if (expand_flag == 0) { /* no $recipient etc. */ + state.service = service; + state.expand_flag = 0; + if (mac_parse(*cpp, parse_callback, (char *) &state) & MAC_PARSE_ERROR) + EARLY_RETURN(0); + if (state.expand_flag == 0) { /* no $recipient etc. */ argv_add(result, dict_eval(PIPE_DICT_TABLE, *cpp, NO), ARGV_END); } else { /* contains $recipient etc. */ for (i = 0; i < rcpt_list->len; i++) { @@ -449,7 +481,7 @@ static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) /* * This argument contains $recipient. */ - if (expand_flag & PIPE_FLAG_RCPT) { + if (state.expand_flag & PIPE_FLAG_RCPT) { morph_recipient(buf, rcpt_list->info[i].address, flags); dict_update(PIPE_DICT_TABLE, PIPE_DICT_RCPT, STR(buf)); } @@ -466,7 +498,7 @@ static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) * skipping empty user parts will also prevent other * expansions of this specific command-line argument. */ - if (expand_flag & PIPE_FLAG_USER) { + if (state.expand_flag & PIPE_FLAG_USER) { morph_recipient(buf, rcpt_list->info[i].address, flags & PIPE_OPT_FOLD_FLAGS); if (split_at_right(STR(buf), '@') == 0) @@ -484,7 +516,7 @@ static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) * extension: anything between the leftmost extension * delimiter and the rightmost @. The extension may be blank. */ - if (expand_flag & PIPE_FLAG_EXTENSION) { + if (state.expand_flag & PIPE_FLAG_EXTENSION) { morph_recipient(buf, rcpt_list->info[i].address, flags & PIPE_OPT_FOLD_FLAGS); if (split_at_right(STR(buf), '@') == 0) @@ -500,7 +532,7 @@ static ARGV *expand_argv(char **argv, RECIPIENT_LIST *rcpt_list, int flags) * This argument contains $mailbox. Extract the mailbox name: * anything to the left of the rightmost @. */ - if (expand_flag & PIPE_FLAG_MAILBOX) { + if (state.expand_flag & PIPE_FLAG_MAILBOX) { morph_recipient(buf, rcpt_list->info[i].address, flags & PIPE_OPT_FOLD_FLAGS); if (split_at_right(STR(buf), '@') == 0) @@ -888,7 +920,15 @@ static int deliver_message(DELIVER_REQUEST *request, char *service, char **argv) vstring_sprintf(buf, "%ld", (long) request->data_size); dict_update(PIPE_DICT_TABLE, PIPE_DICT_SIZE, STR(buf)); vstring_free(buf); - expanded_argv = expand_argv(attr.command, rcpt_list, attr.flags); + + if ((expanded_argv = expand_argv(service, attr.command, + rcpt_list, attr.flags)) == 0) { + deliver_status = eval_command_status(PIPE_STAT_DEFER, service, + request, request->fp, + "mailer configuration error"); + DELIVER_MSG_CLEANUP(); + return (deliver_status); + } export_env = argv_split(var_export_environ, ", \t\r\n"); command_status = pipe_command(request->fp, why, diff --git a/postfix/src/postmap/postmap.c b/postfix/src/postmap/postmap.c index 98341f4f2..03aa9ed5a 100644 --- a/postfix/src/postmap/postmap.c +++ b/postfix/src/postmap/postmap.c @@ -81,12 +81,12 @@ /* when creating a new file. Instead, create a new file with default /* access permissions (mode 0644). /* .IP "\fB-q \fIkey\fR" -/* Search the specified maps for \fIkey\fR and print the first value -/* found on the standard output stream. The exit status is zero +/* Search the specified maps for \fIkey\fR and write the first value +/* found to the standard output stream. The exit status is zero /* when the requested information was found. /* /* If a key value of \fB-\fR is specified, the program reads key -/* values from the standard input stream and prints one line of +/* values from the standard input stream and writes one line of /* \fIkey value\fR output for each key that was found. The exit /* status is zero when at least one of the requested keys was found. /* .IP \fB-r\fR diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c index 3e458429c..bdfb00ca3 100644 --- a/postfix/src/smtp/smtp_connect.c +++ b/postfix/src/smtp/smtp_connect.c @@ -345,7 +345,7 @@ static char *smtp_parse_destination(char *destination, char *def_service, /* * Convert service to port number, network byte order. */ - if ((port = atoi(service)) != 0) { + if (alldig(service) && (port = atoi(service)) != 0) { *portp = htons(port); } else { if ((sp = getservbyname(service, protocol)) == 0) diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index b869ef026..d77b8fd4e 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -108,7 +108,7 @@ /* The hostname to use when sending an EHLO command to the /* SMTP proxy server. /* .SH "Authentication controls" -/* .IP \fBenable_sasl_authentication\fR +/* .IP \fBsmtpd_sasl_auth_enable\fR /* Enable per-session authentication as per RFC 2554 (SASL). /* This functionality is available only when explicitly selected /* at program build time and explicitly enabled at runtime. diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index b2e8a3dcf..bd9f8b2a6 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -926,20 +926,6 @@ static void reject_dict_retry(SMTPD_STATE *state, const char *reply_name) 451, reply_name)); } -/* checkv8_maps_find - reject with temporary failure if dict lookup fails */ - -static const char *checkv8_maps_find(SMTPD_STATE *state, const char *reply_name, - MAPS *maps, const char *key) -{ - const char *result; - - dict_errno = 0; - if ((result = virtual8_maps_find(maps, key)) == 0 - && dict_errno == DICT_ERR_RETRY) - reject_dict_retry(state, reply_name); - return (result); -} - /* check_mail_addr_find - reject with temporary failure if dict lookup fails */ static const char *check_mail_addr_find(SMTPD_STATE *state, @@ -1902,8 +1888,8 @@ static int check_table_result(SMTPD_STATE *state, const char *table, } /* - * DEFER_IF_PERMIT means NO, eventually. Use optional text or generate a - * generic error response. + * DEFER_IF_PERMIT changes "permit" into "maybe". Use optional text or + * generate a generic error response. */ if (STREQUAL(value, DEFER_IF_PERMIT, cmd_len)) { DEFER_IF_PERMIT3(state, MAIL_ERROR_POLICY, @@ -1914,8 +1900,8 @@ static int check_table_result(SMTPD_STATE *state, const char *table, } /* - * DEFER_IF_REJECT means NO, eventually. Use optional text or generate a - * generic error response. + * DEFER_IF_REJECT changes "reject" into "maybe". Use optional text or + * generate a generic error response. */ if (STREQUAL(value, DEFER_IF_REJECT, cmd_len)) { DEFER_IF_REJECT3(state, MAIL_ERROR_POLICY, @@ -2776,7 +2762,7 @@ static int check_policy_service(SMTPD_STATE *state, const char *server, if (attr_clnt_request(policy_clnt, ATTR_FLAG_NONE, /* Query attributes. */ - ATTR_TYPE_STR, MAIL_ATTR_REQ, "smtpd_access_policy", + ATTR_TYPE_STR, MAIL_ATTR_REQ, "smtpd_access_policy", ATTR_TYPE_STR, MAIL_ATTR_PROTO_STATE, state->where, ATTR_TYPE_STR, MAIL_ATTR_PROTO_NAME, state->protocol, ATTR_TYPE_STR, MAIL_ATTR_CLIENT_ADDR, state->addr, @@ -3488,9 +3474,6 @@ static int check_rcpt_maps(SMTPD_STATE *state, const char *recipient) #define NOMATCH(map, rcpt) (MATCH(map, rcpt) == 0) -#define NOMATCHV8(map, rcpt) \ - (checkv8_maps_find(state, recipient, map, rcpt) == 0) - /* * XXX We assume the recipient address is OK if it matches a canonical * map or virtual alias map. Eventually, the address resolver should give @@ -3556,7 +3539,7 @@ static int check_rcpt_maps(SMTPD_STATE *state, const char *recipient) */ if ((reply->flags & RESOLVE_CLASS_VIRTUAL) && *var_virt_mailbox_maps - && NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))) + && NOMATCH(virt_mailbox_maps, CONST_STR(reply->recipient))) return (smtpd_check_reject(state, MAIL_ERROR_BOUNCE, "%d <%s>: User unknown%s", var_virt_mailbox_code, recipient, diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in index 2ef76b329..3bffdf56f 100644 --- a/postfix/src/util/Makefile.in +++ b/postfix/src/util/Makefile.in @@ -822,6 +822,9 @@ file_limit.o: iostuff.h find_inet.o: find_inet.c find_inet.o: sys_defs.h find_inet.o: msg.h +find_inet.o: stringops.h +find_inet.o: vstring.h +find_inet.o: vbuf.h find_inet.o: find_inet.h fsspace.o: fsspace.c fsspace.o: sys_defs.h diff --git a/postfix/src/util/find_inet.c b/postfix/src/util/find_inet.c index c97fd12b6..df1bfc079 100644 --- a/postfix/src/util/find_inet.c +++ b/postfix/src/util/find_inet.c @@ -49,6 +49,7 @@ /* Application-specific. */ #include "msg.h" +#include "stringops.h" #include "find_inet.h" #ifndef INADDR_NONE @@ -82,7 +83,7 @@ int find_inet_port(const char *service, const char *protocol) struct servent *sp; int port; - if ((port = atoi(service)) != 0) { + if (alldig(service) && (port = atoi(service)) != 0) { return (htons(port)); } else { if ((sp = getservbyname(service, protocol)) == 0) diff --git a/postfix/src/util/sane_accept.c b/postfix/src/util/sane_accept.c index c95c7434e..a28e5bf93 100644 --- a/postfix/src/util/sane_accept.c +++ b/postfix/src/util/sane_accept.c @@ -76,8 +76,7 @@ int sane_accept(int sock, struct sockaddr * sa, SOCKADDR_SIZE *len) * client has disconnected in the mean time. The data that was sent with * connect() write() close() is lost, even though the write() and close() * reported successful completion. This was fixed shortly before FreeBSD - * 4.3. However, other systems may make that same mistake again, so we're - * adding a special warning. + * 4.3. * * XXX HP-UX 11 returns ENOBUFS when the client has disconnected in the mean * time. -- 2.47.3