From b8299e028cf0b31433ca84e789f46d3b29d1f4fa Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Mon, 12 Mar 2007 00:00:00 -0500 Subject: [PATCH] postfix-2.4.0-RC5 --- postfix/HISTORY | 18 ++ postfix/README_FILES/SASL_README | 158 ++++++++++-------- postfix/README_FILES/TUNING_README | 2 +- postfix/TODO | 4 + postfix/conf/access | 79 +++++---- postfix/conf/aliases | 4 +- postfix/conf/canonical | 15 +- postfix/conf/header_checks | 227 ++++++++++++------------- postfix/conf/virtual | 103 ++++++------ postfix/html/SASL_README.html | 182 ++++++++++---------- postfix/html/TUNING_README.html | 23 +-- postfix/html/access.5.html | 79 +++++---- postfix/html/aliases.5.html | 4 +- postfix/html/bounce.5.html | 4 +- postfix/html/canonical.5.html | 15 +- postfix/html/cidr_table.5.html | 1 - postfix/html/header_checks.5.html | 229 +++++++++++++------------- postfix/html/postconf.5.html | 5 +- postfix/html/virtual.5.html | 101 ++++++------ postfix/man/man5/access.5 | 22 +-- postfix/man/man5/aliases.5 | 4 +- postfix/man/man5/bounce.5 | 3 +- postfix/man/man5/canonical.5 | 14 +- postfix/man/man5/cidr_table.5 | 1 - postfix/man/man5/header_checks.5 | 5 +- postfix/man/man5/postconf.5 | 5 +- postfix/man/man5/virtual.5 | 7 + postfix/proto/SASL_README.html | 182 ++++++++++---------- postfix/proto/TUNING_README.html | 3 +- postfix/proto/access | 22 +-- postfix/proto/aliases | 4 +- postfix/proto/bounce | 3 +- postfix/proto/canonical | 14 +- postfix/proto/cidr_table | 1 - postfix/proto/header_checks | 5 +- postfix/proto/postconf.proto | 5 +- postfix/proto/virtual | 7 + postfix/src/cleanup/cleanup_init.c | 2 +- postfix/src/cleanup/cleanup_message.c | 2 +- postfix/src/cleanup/cleanup_out.c | 3 +- postfix/src/global/mail_version.h | 4 +- postfix/src/smtp/Makefile.in | 44 +---- postfix/src/smtp/legacy.c | 205 ----------------------- postfix/src/smtp/levels.c | 194 ---------------------- postfix/src/smtp/smtp_proto.c | 9 +- postfix/src/util/attr_print0.c | 2 +- postfix/src/util/attr_print64.c | 2 +- postfix/src/util/attr_print_plain.c | 2 +- postfix/src/util/sane_accept.c | 6 +- 49 files changed, 861 insertions(+), 1174 deletions(-) delete mode 100644 postfix/src/smtp/legacy.c delete mode 100644 postfix/src/smtp/levels.c diff --git a/postfix/HISTORY b/postfix/HISTORY index b1fa92ed0..0ed26a406 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -13321,6 +13321,24 @@ Apologies for any names omitted. reported "illegal seek" instead of "file too large". File: postdrop/postdrop.c. +20070310 + + Cleanup: specify "undisclosed_recipients_header =" to disable + Postfix's "To: undisclosed-recipients:;" header for mail + that lists no recipient. The To: header is not required as + of RFC 2822. The undisclosed_recipients_header parameter + value can now be an empty string, a value that was not + allowed with earlier Postfix versions. With Postfix 2.5 it + will be empty by default. Files: cleanup/cleanup.c, + cleanup/cleanup_message.c. + +20070312 + + Backwards compatibility: don't pad short message header + records when Milter support is turned off. This maintains + compatibility with Postfix versions that pre-date Milter + support. File: cleanup/cleanup_out.c. + Wish list: Update message content length when adding/removing headers. diff --git a/postfix/README_FILES/SASL_README b/postfix/README_FILES/SASL_README index 5cf940db4..efc0eebfe 100644 --- a/postfix/README_FILES/SASL_README +++ b/postfix/README_FILES/SASL_README @@ -86,18 +86,18 @@ Notes: BBuuiillddiinngg tthhee CCyyrruuss SSAASSLL lliibbrraarryy -Postfix appears to work with cyrus-sasl-1.5.5 or cyrus-sasl-2.1.1, which are +Postfix appears to work with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, which are available from: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ IMPORTANT: if you install the Cyrus SASL libraries as per the default, you will -have to symlink /usr/lib/sasl -> /usr/local/lib/sasl for version 1.5.5 or /usr/ -lib/sasl2 -> /usr/local/lib/sasl2 for version 2.1.1. +have to symlink /usr/lib/sasl -> /usr/local/lib/sasl for version 1.5.x or /usr/ +lib/sasl2 -> /usr/local/lib/sasl2 for version 2.1.x. -Reportedly, Microsoft Internet Explorer version 5 requires the non-standard -SASL LOGIN authentication method. To enable this authentication method, specify -``./configure --enable-login''. +Reportedly, Microsoft Outlook (Express) requires the non-standard LOGIN +authentication method. To enable this authentication method, specify ``./ +configure --enable-login''. BBuuiillddiinngg PPoossttffiixx wwiitthh CCyyrruuss SSAASSLL ssuuppppoorrtt @@ -106,13 +106,13 @@ include, and that the Cyrus SASL libraries are in /usr/local/lib. On some systems this generates the necessary Makefile definitions: -(for Cyrus SASL version 1.5.5): +(for Cyrus SASL version 1.5.x): % make tidy # if you have left-over files from a previous build % make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \ -I/usr/local/include" AUXLIBS="-L/usr/local/lib -lsasl" -(for Cyrus SASL version 2.1.1): +(for Cyrus SASL version 2.1.x): % make tidy # if you have left-over files from a previous build % make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \ @@ -121,14 +121,14 @@ On some systems this generates the necessary Makefile definitions: On Solaris 2.x you need to specify run-time link information, otherwise ld.so will not find the SASL shared library: -(for Cyrus SASL version 1.5.5): +(for Cyrus SASL version 1.5.x): % make tidy # if you have left-over files from a previous build % make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \ -I/usr/local/include" AUXLIBS="-L/usr/local/lib \ -R/usr/local/lib -lsasl" -(for Cyrus SASL version 2.1.1): +(for Cyrus SASL version 2.1.x): % make tidy # if you have left-over files from a previous build % make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \ @@ -158,8 +158,8 @@ Note: the SASL login names will be shared with the entire world. Older Microsoft SMTP client software implements a non-standard version of the AUTH protocol syntax, and expects that the SMTP server replies to EHLO with -"250 AUTH=stuff" instead of "250 AUTH stuff". To accommodate such clients (in -addition to conformant clients) use the following: +"250 AUTH=mechanism-list" instead of "250 AUTH mechanism-list". To accommodate +such clients (in addition to conformant clients) use the following: /etc/postfix/main.cf: broken_sasl_auth_clients = yes @@ -201,71 +201,83 @@ authentication server. CCyyrruuss SSAASSLL ccoonnffiigguurraattiioonn ffoorr tthhee PPoossttffiixx SSMMTTPP sseerrvveerr -In /usr/local/lib/sasl/smtpd.conf (Cyrus SASL version 1.5.5) or /usr/local/lib/ -sasl2/smtpd.conf (Cyrus SASL version 2.1.1) you need to specify how the server -should validate client passwords. +You need to configure how the Cyrus SASL library should authenticate a client's +username and password. These settings must be stored in a separate +configuration file. + +The name of the configuration file (default: smtpd.conf) will be constructed +from a value sent by Postfix to the Cyrus SASL library, which adds the suffix +.conf. The value is configured using one of the following variables: + + /etc/postfix/main.cf: + # Postfix 2.3 and later + smtpd_sasl_path = smtpd + # Postfix < 2.3 + smtpd_sasl_application_name = smtpd + +Cyrus SASL searches for the configuration file in /usr/local/lib/sasl/ (Cyrus +SASL version 1.5.5) or /usr/local/lib/sasl2/ (Cyrus SASL version 2.1.x). Note: some Postfix distributions are modified and look for the smtpd.conf file -in /etc/postfix. +in /etc/postfix/sasl. Note: some Cyrus SASL distributions look for the smtpd.conf file in /etc/sasl2. - * To authenticate against the UNIX password database, try: + * To authenticate against the UNIX password database, use: - (Cyrus SASL version 1.5.5) + (Cyrus SASL version 1.5.x) /usr/local/lib/sasl/smtpd.conf: pwcheck_method: pwcheck - (Cyrus SASL version 2.1.1) - - /usr/local/lib/sasl2/smtpd.conf: - pwcheck_method: pwcheck - - The name of the file in /usr/local/lib/sasl (Cyrus SASL version 1.5.5) or / - usr/local/lib/sasl2 (Cyrus SASL version 2.1.1) used by the SASL library for - configuration can be set with: - - /etc/postfix/main.cf: - smtpd_sasl_application_name = smtpd (Postfix < 2.3) - smtpd_sasl_path = smtpd (Postfix 2.3 and later) - - The pwcheck daemon is contained in the cyrus-sasl source tarball. - - IMPORTANT: postfix processes need to have group read+execute permission for - the /var/pwcheck directory, otherwise authentication attempts will fail. + IMPORTANT: pwcheck establishes a UNIX domain socket in /var/pwcheck and + waits for authentication requests. Postfix processes must have + read+execute permission to this directory or authentication attempts + will fail. - * Alternately, in Cyrus SASL 1.5.26 and later (including 2.1.1), try: + The pwcheck daemon is contained in the cyrus-sasl source tarball. (Cyrus SASL version 1.5.26) /usr/local/lib/sasl/smtpd.conf: pwcheck_method: saslauthd - (Cyrus SASL version 2.1.1) + (Cyrus SASL version 2.1.x) /usr/local/lib/sasl2/smtpd.conf: pwcheck_method: saslauthd + mech_list: PLAIN LOGIN The saslauthd daemon is also contained in the cyrus-sasl source tarball. It is more flexible than the pwcheck daemon, in that it can authenticate against PAM and various other sources. To use PAM, start saslauthd with "- a pam". + IMPORTANT: saslauthd usually establishes a UNIX domain socket in /var/run/ + saslauthd and waits for authentication requests. postfix processes must + have read+execute permission to this directory or authentication attempts + will fail. + + Note: The directory where saslauthd puts the socket is configurable. See + the command-line option "-m /path/to/socket" in the saslauthd --help + listing. + * To authenticate against Cyrus SASL's own password database: - (Cyrus SASL version 1.5.5) + (Cyrus SASL version 1.5.x) /usr/local/lib/sasl/smtpd.conf: - pwcheck_method: sasldb + pwcheck_method: sasldb - (Cyrus SASL version 2.1.1) + (Cyrus SASL version 2.1.x) /usr/local/lib/sasl2/smtpd.conf: - pwcheck_method: auxprop + pwcheck_method: auxprop + auxprop_plugin: sasldb + mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 This will use the Cyrus SASL password file (default: /etc/sasldb in version - 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained with the + 1.5.x, or /etc/sasldb2 in version 2.1.x), which is maintained with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL software). On some poorly-supported systems the saslpasswd command needs to be run multiple times before it stops complaining. The Postfix SMTP server needs @@ -279,17 +291,17 @@ Note: some Cyrus SASL distributions look for the smtpd.conf file in /etc/sasl2. EXAMPLE: - (Cyrus SASL version 1.5.5) + (Cyrus SASL version 1.5.x) % saslpasswd -c -u `postconf -h myhostname` exampleuser - (Cyrus SASL version 2.1.1) + (Cyrus SASL version 2.1.x) % saslpasswd2 -c -u `postconf -h myhostname` exampleuser You can find out SASL's idea about the realms of the users in sasldb with - sasldblistusers (Cyrus SASL version 1.5.5) or sasldblistusers2 (Cyrus SASL - version 2.1.1). + sasldblistusers (Cyrus SASL version 1.5.x) or sasldblistusers2 (Cyrus SASL + version 2.1.x). On the Postfix side, you can have only one realm per smtpd instance, and only the users belonging to that realm would be able to authenticate. The @@ -298,21 +310,19 @@ Note: some Cyrus SASL distributions look for the smtpd.conf file in /etc/sasl2. /etc/postfix/main.cf: smtpd_sasl_local_domain = $myhostname -IMPORTANT: all users must be able to authenticate using ALL authentication -mechanisms advertised by Postfix, otherwise the negotiation might end up with -an unsupported mechanism, and authentication would fail. For example if you -configure SASL to use saslauthd for authentication against PAM (pluggable -authentication modules), only the PLAIN and LOGIN mechanisms are supported and -stand a chance to succeed, yet the SASL library would also advertise other -mechanisms, such as DIGEST-MD5. This happens because those mechanisms are made -available by other plugins, and the SASL library have no way to know that your -only valid authentication source is PAM. Thus you might need to limit the list -of mechanisms advertised by Postfix. +IMPORTANT: The Cyrus SASL password verification services pwcheck and saslauthd +can only support the plaintext mechanisms PLAIN or LOGIN. However, the Cyrus +SASL library doesn't know this, and will happily advertise other authentication +mechanisms that the SASL library implements, such as DIGEST-MD5. As a result, +if an SMTP client chooses any mechanism other than PLAIN or LOGIN while pwcheck +or saslauthd are used, authentication will fail. Thus you may need to limit the +list of mechanisms advertised by Postfix. * With older Cyrus SASL versions you remove the corresponding library files from the SASL plug-in directory (and again whenever the system is updated). - * With Cyrus SASL version 2.1.1 or later: + * With Cyrus SASL version 2.1.x or later the mech_list variable can specify a + list of authentication mechanisms that Cyrus SASL may offer: /usr/local/lib/sasl2/smtpd.conf: mech_list: plain login @@ -320,14 +330,14 @@ of mechanisms advertised by Postfix. For the same reasons you might want to limit the list of plugins used for authentication. - * With Cyrus SASL version 1.5.5 your only choice is to delete the + * With Cyrus SASL version 1.5.x your only choice is to delete the corresponding library files from the SASL plug-in directory. - * With SASL version 2.1.1: + * With SASL version 2.1.x: /usr/local/lib/sasl2/smtpd.conf: - pwcheck_method: auxprop - auxprop_plugin: sql + pwcheck_method: auxprop + auxprop_plugin: sql To run software chrooted with SASL support is an interesting exercise. It probably is not worth the trouble. @@ -371,15 +381,17 @@ base64-encoded form. TTrroouubbllee sshhoooottiinngg tthhee SSAASSLL iinntteerrnnaallss In the Cyrus SASL sources you'll find a subdirectory named "sample". Run make -there, "su" to the user postfix (or whatever your mail_owner directive is set -to): +there, then create a symbolic link from sample.conf to smtpd.conf in your Cyrus +SASL library directory /usr/local/lib/sasl2. "su" to the user postfix (or +whatever your mail_owner directive is set to): % su postfix -then run the resulting sample server and client in separate terminals. Strace / -ktrace / truss the server to see what makes it unhappy, and fix the problem. -Repeat the previous step until you can successfully authenticate with the -sample client. Only then get back to Postfix. +then run the resulting sample server and client in separate terminals. The +sample applications send log messages to the syslog facility auth. Check the +log to fix the problem or run strace / ktrace / truss on the server to see what +makes it unhappy. Repeat the previous step until you can successfully +authenticate with the sample client. Only then get back to Postfix. EEnnaabblliinngg SSAASSLL aauutthheennttiiccaattiioonn iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt @@ -401,6 +413,11 @@ that is specified with the relayhost parameter or with a transport(5) table. [mail.myisp.net] username:password [mail.myisp.net]:submission username:password +The Postfix SASL client password file is opened before the SMTP server enters +the optional chroot jail, so you can keep the file in /etc/postfix and set +permissions read / write only for root to keep the username:password +combinations away from other system users. + Postfix version 2.3 supports-per-sender SASL password information. To search the Postfix SASL password by sender before it searches by destination, specify: @@ -424,9 +441,6 @@ plaintext authentication specify, for example: /etc/postfix/main.cf: smtp_sasl_security_options = noanonymous -The Postfix SASL client password file is opened before the SMTP server enters -the optional chroot jail, so you can keep the file in /etc/postfix. - Note: Some SMTP servers support authentication mechanisms that, although available on the client system, may not in practice work or possess the appropriate credentials to authenticate to the server. It is possible via the @@ -437,7 +451,7 @@ mechanisms that the smtp(8) client will take into consideration: smtp_sasl_mechanism_filter = !gssapi, !external, static:all In the above example, Postfix will decline to use mechanisms that require -special infrastructure such as Kerberos. +special infrastructure such as Kerberos or TLS. The Postfix SMTP client is backwards compatible with SMTP servers that use the non-standard "AUTH=method..." syntax in response to the EHLO command; there is @@ -458,4 +472,6 @@ CCrreeddiittss smtpd_sasl_path. * The Dovecot SMTP server-only plug-in was originally implemented by Timo Sirainen of Procontrol, Finland. + * Patrick Ben Koetter revised this document for Postfix 2.4 and made much + needed updates. diff --git a/postfix/README_FILES/TUNING_README b/postfix/README_FILES/TUNING_README index c544ffc2a..000f98d21 100644 --- a/postfix/README_FILES/TUNING_README +++ b/postfix/README_FILES/TUNING_README @@ -141,7 +141,7 @@ Postfix version 2.0 and earlier: MMeeaassuurreess aaggaaiinnsstt cclliieennttss tthhaatt mmaakkee ttoooo mmaannyy ccoonnnneeccttiioonnss -Note: this feature is not included with Postfix version 2.1. +Note: the anvil(8) service was introduced with Postfix version 2.2. The Postfix smtpd(8) server can limit the number of simultaneous connections from the same SMTP client, as well as the number of connections that a client diff --git a/postfix/TODO b/postfix/TODO index 843574f18..2b036642d 100644 --- a/postfix/TODO +++ b/postfix/TODO @@ -17,3 +17,7 @@ What needs to be done before Postfix 2.4.0 is finished: - Remove MacOS X examples. They have not been updated. - Is "postmap -qf" still needed with regexp/pcre maps? + +- Update TUNING_README smtpd_client_*_limit feature list (add TLS). + +- Update TUNING_README file descriptor tuning. diff --git a/postfix/conf/access b/postfix/conf/access index 2e26b50b6..54bc7188e 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -11,11 +11,12 @@ # postmap -q - /etc/postfix/access

Building the Cyrus SASL library

-

Postfix appears to work with cyrus-sasl-1.5.5 or cyrus-sasl-2.1.1, +

Postfix appears to work with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, which are available from:

@@ -160,11 +160,11 @@ which are available from:

IMPORTANT: if you install the Cyrus SASL libraries as per the default, you will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl -for version 1.5.5 or /usr/lib/sasl2 -> /usr/local/lib/sasl2 for -version 2.1.1.

+for version 1.5.x or /usr/lib/sasl2 -> /usr/local/lib/sasl2 for +version 2.1.x.

-

Reportedly, Microsoft Internet Explorer version 5 requires the -non-standard SASL LOGIN authentication method. To enable this +

Reportedly, Microsoft Outlook (Express) requires the +non-standard LOGIN authentication method. To enable this authentication method, specify ``./configure --enable-login''.

Building Postfix with Cyrus SASL support

@@ -178,7 +178,7 @@ and that the Cyrus SASL libraries are in /usr/local/lib.

-
(for Cyrus SASL version 1.5.5): +
(for Cyrus SASL version 1.5.x): 
 % make tidy # if you have left-over files from a previous build
@@ -186,7 +186,7 @@ and that the Cyrus SASL libraries are in /usr/local/lib. 

     -I/usr/local/include" AUXLIBS="-L/usr/local/lib -lsasl"
-
(for Cyrus SASL version 2.1.1): +
(for Cyrus SASL version 2.1.x): 
 % make tidy # if you have left-over files from a previous build
@@ -201,7 +201,7 @@ otherwise ld.so will not find the SASL shared library: 

 
 

 
-
 (for Cyrus SASL version 1.5.5):
+
 (for Cyrus SASL version 1.5.x):
 

 
 % make tidy # if you have left-over files from a previous build
@@ -210,7 +210,7 @@ otherwise ld.so will not find the SASL shared library: 

     -R/usr/local/lib -lsasl"
 

 
-
 (for Cyrus SASL version 2.1.1):
+
 (for Cyrus SASL version 2.1.x):
 

 
 % make tidy # if you have left-over files from a previous build
@@ -258,8 +258,9 @@ SMTP server
 
 
 Older Microsoft SMTP client software implements a non-standard
 version of the AUTH protocol syntax, and expects that the SMTP
-server replies to EHLO with "250 AUTH=stuff" instead of "250 AUTH
-stuff".  To accommodate such clients (in addition to conformant
+server replies to EHLO with "250 AUTH=mechanism-list" instead of
+"250 AUTH mechanism-list".  To accommodate such clients (in addition
+to conformant
 clients) use the following: 

 
 

@@ -318,22 +319,41 @@ the Dovecot authentication server. 

 
Cyrus SASL configuration for the Postfix
 SMTP server

 
-
 In /usr/local/lib/sasl/smtpd.conf (Cyrus SASL version 1.5.5) or
-/usr/local/lib/sasl2/smtpd.conf (Cyrus SASL version 2.1.1) you need to
-specify how the server should validate client passwords. 

+
 You need to configure how the Cyrus SASL library should
+authenticate a client's username and password. These settings must
+be stored in a separate configuration file. 

+
+
 The name of the configuration file (default: smtpd.conf) will
+be constructed from a value sent by Postfix to the Cyrus SASL
+library, which adds the suffix .conf. The value is configured using
+one of the following variables: 

+
+

+
+/etc/postfix/main.cf:
+    # Postfix 2.3 and later
+    smtpd_sasl_path = smtpd
+    # Postfix < 2.3
+    smtpd_sasl_application_name = smtpd
+

+

+
+
 Cyrus SASL searches for the configuration file in /usr/local/lib/sasl/
+(Cyrus SASL version 1.5.5) or /usr/local/lib/sasl2/ (Cyrus SASL
+version 2.1.x). 

 
 
 Note: some Postfix distributions are modified and look for 
-the smtpd.conf file in /etc/postfix. 

+the smtpd.conf file in /etc/postfix/sasl. 

 
 
 Note: some Cyrus SASL distributions look for the smtpd.conf
 file in /etc/sasl2. 

 
 
    
 
-
  •  
     To authenticate against the UNIX password database, try: 
    
+
  •  
     To authenticate against the UNIX password database, use: 
    
 
 
    
-
     (Cyrus SASL version 1.5.5)
+
     (Cyrus SASL version 1.5.x)
 
    
 
     /usr/local/lib/sasl/smtpd.conf:
@@ -341,39 +361,13 @@ file in /etc/sasl2. 
    
 
 
    
 
-
     (Cyrus SASL version 2.1.1)
-
    
-
    -/usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method: pwcheck
-
    
-
-
    
-
-
     The name of the file in /usr/local/lib/sasl (Cyrus SASL version
-1.5.5) or /usr/local/lib/sasl2 (Cyrus SASL version 2.1.1) used by
-the SASL
-library for configuration can be set with: 
    
-
-
    
-
    -/etc/postfix/main.cf:
-    smtpd_sasl_application_name = smtpd (Postfix < 2.3)
-    smtpd_sasl_path = smtpd (Postfix 2.3 and later)
-
    
-
    
+
     IMPORTANT: pwcheck establishes a UNIX domain socket in /var/pwcheck
+and waits for authentication requests. Postfix processes must have
+read+execute permission to this directory or authentication attempts
+will fail. 
    
 
 
     The pwcheck daemon is contained in the cyrus-sasl source tarball. 
    
 
-
     IMPORTANT: postfix processes need to have group read+execute
-permission for the /var/pwcheck directory, otherwise authentication
-attempts will fail. 
    
-
-
  •  
     Alternately, in Cyrus SASL 1.5.26 and later (including
-2.1.1), try: 
    
-
-
    
-
 
     (Cyrus SASL version 1.5.26)
 
    
 
    @@ -381,11 +375,12 @@ attempts will fail. 
    
     pwcheck_method: saslauthd
 
    
 
-
     (Cyrus SASL version 2.1.1)
+
     (Cyrus SASL version 2.1.x)
 
    
 
     /usr/local/lib/sasl2/smtpd.conf:
     pwcheck_method: saslauthd
+    mech_list: PLAIN LOGIN
 
    
 
 
    
@@ -395,27 +390,38 @@ tarball.  It is more flexible than the pwcheck daemon, in that it
 can authenticate against PAM and various other sources. To use PAM,
 start saslauthd with "-a pam". 
    
 
+
     IMPORTANT: saslauthd usually establishes a UNIX domain socket
+in /var/run/saslauthd and waits for authentication requests. postfix
+processes must have read+execute permission to this directory or
+authentication attempts will fail. 
    
+
+
     Note: The directory where saslauthd puts the socket is configurable.
+See the command-line option "-m /path/to/socket" in the saslauthd
+--help listing. 
    
+
 
  •  
     To authenticate against Cyrus SASL's own password database: 
    
 
 
    
-
     (Cyrus SASL version 1.5.5)
+
     (Cyrus SASL version 1.5.x)
 
    
 
     /usr/local/lib/sasl/smtpd.conf:
-    pwcheck_method:  sasldb
+    pwcheck_method: sasldb
 
    
 
-
     (Cyrus SASL version 2.1.1)
+
     (Cyrus SASL version 2.1.x)
 
    
 
     /usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method:  auxprop
+    pwcheck_method: auxprop
+    auxprop_plugin: sasldb
+    mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
 
    
 
 
    
 
 
     This will use the Cyrus SASL password file (default: /etc/sasldb in
-version 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained
+version 1.5.x, or /etc/sasldb2 in version 2.1.x), which is maintained
 with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL
 software). On some poorly-supported systems the saslpasswd command needs
 to be run multiple times before it stops complaining.  The Postfix SMTP
@@ -430,13 +436,13 @@ domain (realm) to a fully qualified domain name. 
    
 
     EXAMPLE: 
    
 
 
    
-
     (Cyrus SASL version 1.5.5)
+
     (Cyrus SASL version 1.5.x)
 
    
 
     % saslpasswd -c -u `postconf -h myhostname` exampleuser
 
    
 
-
     (Cyrus SASL version 2.1.1)
+
     (Cyrus SASL version 2.1.x)
 
    
 
     % saslpasswd2 -c -u `postconf -h myhostname` exampleuser
@@ -445,8 +451,8 @@ domain (realm) to a fully qualified domain name. 
    
 
    
 
 
     You can find out SASL's idea about the realms of the users
-in sasldb with sasldblistusers (Cyrus SASL version 1.5.5) or
-sasldblistusers2 (Cyrus SASL version 2.1.1). 
    
+in sasldb with sasldblistusers (Cyrus SASL version 1.5.x) or
+sasldblistusers2 (Cyrus SASL version 2.1.x). 
    
 
 
     On the Postfix side, you can have only one realm per smtpd
 instance, and only the users belonging to that realm would be able to
@@ -462,18 +468,14 @@ realm used by smtpd: 
    
 
 

 
-
 IMPORTANT: all users must be able to authenticate using ALL
-authentication mechanisms advertised by Postfix, otherwise the
-negotiation might end up with an unsupported mechanism, and
-authentication would fail.  For example if you configure SASL to
-use saslauthd for authentication against PAM (pluggable
-authentication modules), only the PLAIN and LOGIN mechanisms are
-supported and stand a chance to succeed, yet the SASL library would also
-advertise other mechanisms, such as DIGEST-MD5.  This happens because
-those mechanisms are made available by other plugins, and the SASL
-library have no way to know that your only valid authentication source
-is PAM.  Thus you might need to limit the list of mechanisms advertised
-by Postfix. 

+
 IMPORTANT: The Cyrus SASL password verification services pwcheck
+and saslauthd can only support the plaintext mechanisms PLAIN or
+LOGIN.  However, the Cyrus SASL library doesn't know this, and will
+happily advertise other authentication mechanisms that the SASL
+library implements, such as DIGEST-MD5. As a result, if an SMTP
+client chooses any mechanism other than PLAIN or LOGIN while pwcheck
+or saslauthd are used, authentication will fail. Thus you may need
+to limit the list of mechanisms advertised by Postfix. 

 
 
     
 
@@ -481,7 +483,9 @@ by Postfix. 
    
 library files from the SASL plug-in directory (and again whenever
 the system is updated). 
    
 
-
  •  
     With Cyrus SASL version 2.1.1 or later: 
    
+
  •  
     With Cyrus SASL version 2.1.x or later the mech_list variable
+can specify a list of authentication mechanisms that Cyrus SASL may
+offer: 
    
 
 
    
 
    @@ -497,17 +501,17 @@ used for authentication. 
    
 
 
      
 
-
    •  
       With Cyrus SASL version 1.5.5 your only choice is to
+
    •  
       With Cyrus SASL version 1.5.x your only choice is to
 delete the corresponding library files from the SASL plug-in 
 directory. 
      
 
-
    •  
       With SASL version 2.1.1: 
      
+
    •  
       With SASL version 2.1.x: 
      
 
 
      
 
       /usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method:  auxprop
-    auxprop_plugin:  sql
+    pwcheck_method: auxprop
+    auxprop_plugin: sql
 
      
 
      
 
@@ -570,8 +574,10 @@ to recover from the base64-encoded form. 
      
 
      Trouble shooting the SASL internals
      
 
 
       In the Cyrus SASL sources you'll find a subdirectory named
-"sample".  Run make there, "su" to the user postfix (or
-whatever your mail_owner directive is set to):
+"sample".  Run make there, then create a symbolic link from sample.conf
+to smtpd.conf in your Cyrus SASL library directory /usr/local/lib/sasl2.
+"su" to the user postfix (or whatever your mail_owner
+directive is set to): 
      
 
 
      
 
      @@ -580,10 +586,11 @@ whatever your mail_owner directi
 
      
 
 
       then run the resulting sample server and client in separate
-terminals.  Strace / ktrace / truss the server to see what makes
-it unhappy, and fix the problem.  Repeat the previous step until
-you can successfully authenticate with the sample client.  Only
-then get back to Postfix. 
      
+terminals.  The sample applications send log messages to the syslog
+facility auth.  Check the log to fix the problem or run strace /
+ktrace / truss on the server to see what makes it unhappy. Repeat
+the previous step until you can successfully authenticate with the
+sample client. Only then get back to Postfix. 
      
 
 
      Enabling SASL authentication in the
 Postfix SMTP client
      
@@ -612,6 +619,12 @@ table. 
      
 
    
 
    
 
+
     The Postfix SASL client password file is opened before the SMTP
+server enters the optional chroot jail, so you can keep the file
+in /etc/postfix and set permissions read / write only for root to
+keep the username:password combinations away from other system
+users. 
    
+
 
     Postfix version 2.3 supports-per-sender SASL password
 information. To search the Postfix SASL password by sender 
 before it searches by destination, specify: 
    
@@ -645,10 +658,6 @@ for example:
-

The Postfix SASL client password file is opened before the SMTP server -enters the optional chroot jail, so you can keep the file in -/etc/postfix.

-

Note: Some SMTP servers support authentication mechanisms that, although available on the client system, may not in practice work or possess the appropriate credentials to authenticate to the server. It @@ -664,7 +673,7 @@ into consideration:

In the above example, Postfix will decline to use mechanisms -that require special infrastructure such as Kerberos.

+that require special infrastructure such as Kerberos or TLS.

The Postfix SMTP client is backwards compatible with SMTP servers that use the non-standard "AUTH=method..." syntax in response @@ -694,6 +703,9 @@ smtpd_sasl_application_name into smtpd

  • The Dovecot SMTP server-only plug-in was originally implemented by Timo Sirainen of Procontrol, Finland. +
  • Patrick Ben Koetter revised this document for Postfix 2.4 and +made much needed updates. + diff --git a/postfix/html/TUNING_README.html b/postfix/html/TUNING_README.html index cf7e2a3ea..6a837a4dc 100644 --- a/postfix/html/TUNING_README.html +++ b/postfix/html/TUNING_README.html @@ -134,7 +134,7 @@ file contains bad information, or some packet filter is blocking the DNS requests or replies.

  • If the number of smtpd(8) processes has reached the process -limit as specified in master.cf, new SMTP clients must wait until +limit as specified in master.cf, new SMTP clients must wait until a process becomes available. Increase the number of processes if memory permits. See the instructions given under "Tuning the number of Postfix processes". @@ -159,7 +159,7 @@ by turning off the delay: 

    -/etc/postfix/main.cf:
+/etc/postfix/main.cf:
     # Not needed with Postfix 2.1
     smtpd_error_sleep_time = 0
    @@ -224,7 +224,8 @@ seconds or $smtpd_error_sleep_t

    Measures against clients that make too many connections

    -

    Note: this feature is not included with Postfix version 2.1.

    +

    Note: the anvil(8) service was introduced with Postfix version +2.2.

    The Postfix smtpd(8) server can limit the number of simultaneous connections from the same SMTP client, as well as the number of @@ -342,7 +343,7 @@ channel.

  • The default_destination_concurrency_limit parameter (default: 20) controls how many messages may be sent to the same destination simultaneously. You can override this setting for specific message -delivery transports by taking the name of the master.cf entry +delivery transports by taking the name of the master.cf entry and appending "_destination_concurrency_limit".

    @@ -404,8 +405,8 @@ as 5s or even 1s can be used to prevent congestion when one or more, but not all MX hosts are down.

    If necessary, set a higher transport_destination_concurrency_limit -(in main.cf since this is a queue manager parameter) and a lower -smtp_connection_timeout (with a "-o" override in master.cf since +(in main.cf since this is a queue manager parameter) and a lower +smtp_connection_timeout (with a "-o" override in master.cf since this parameter has no per-transport name) for the relay transport and any transports dedicated for specific high volume destinations.

    @@ -530,30 +531,30 @@ smtp server processes, and so on. This may overwhelm systems with little memory, as well as networks with low bandwidth.

    You can change the global process limit by specifying a -non-default default_process_limit in the main.cf file. For example, +non-default default_process_limit in the main.cf file. For example, to run up to 10 smtp client processes, 10 smtp server processes, and so on: 

    -/etc/postfix/main.cf:
+/etc/postfix/main.cf:
     default_process_limit = 10

    You need to execute "postfix reload" to make the change effective. The limits are enforced by the Postfix master(8) daemon which does -not automatically read main.cf when it changes.

    +not automatically read main.cf when it changes.

    You can override the process limit for specific Postfix daemons -by editing the master.cf file. For example, if you do not wish to +by editing the master.cf file. For example, if you do not wish to receive 100 SMTP messages at the same time, but do not want to change the process limits for local mail deliveries, you could specify: 

    -/etc/postfix/master.cf:
+/etc/postfix/master.cf:
     # ====================================================================
     # service type  private unpriv  chroot  wakeup  maxproc command + args
     #               (yes)   (yes)   (yes)   (never) (100)
diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html
index 091f212a2..b5e51e79e 100644
--- a/postfix/html/access.5.html
+++ b/postfix/html/access.5.html
@@ -17,11 +17,12 @@ ACCESS(5)                                                            ACCESS(5)
        postmap -q - /etc/postfix/access <inputfile
 
 DESCRIPTION
-       The  Postfix SMTP server access(5) table specifies actions
-       that are triggered by information  from  or  about  remote
-       SMTP  clients:  host  names,  network  addresses, or email
-       addresses. An action may grant or deny access, or  it  may
-       change  the way that an email transaction will be handled.
+       The  Postfix SMTP server supports access control on infor-
+       mation about remote SMTP clients or  information  received
+       in  SMTP commands: host names, network addresses, envelope
+       sender or recipient addresses.   See  header_checks(5)  or
+       body_checks(5)  for access control on the content of email
+       messages.
 
        Normally, the access(5) table is specified as a text  file
        that  serves  as  input  to  the  postmap(1) command.  The
@@ -203,18 +204,19 @@ ACCESS(5)                                                            ACCESS(5)
 
        DEFER_IF_REJECT optional text...
               Defer the request if some later  restriction  would
-              result in a REJECT action. Reply with "450 optional
-              text... when the optional text is specified, other-
-              wise reply with a generic error response message.
+              result  in  a  REJECT action. Reply with "450 4.7.1
+              optional text... when the optional text  is  speci-
+              fied, otherwise reply with a generic error response
+              message.
 
               This feature is available in Postfix 2.1 and later.
 
        DEFER_IF_PERMIT optional text...
-              Defer the request if some later  restriction  would
-              result  in a an explicit or implicit PERMIT action.
-              Reply with "450 optional text... when the  optional
-              text  is  specified, otherwise reply with a generic
-              error response message.
+              Defer  the  request if some later restriction would
+              result in a an explicit or implicit PERMIT  action.
+              Reply  with  "450  4.7.1  optional text... when the
+              optional text is specified, otherwise reply with  a
+              generic error response message.
 
               This feature is available in Postfix 2.1 and later.
 
@@ -224,68 +226,65 @@ ACCESS(5)                                                            ACCESS(5)
               reject_unauth_destination, and so on).
 
        DISCARD optional text...
-              Claim successful delivery and silently discard  the
-              message.   Log the optional text if specified, oth-
+              Claim  successful delivery and silently discard the
+              message.  Log the optional text if specified,  oth-
               erwise log a generic message.
 
-              Note: this action currently affects all  recipients
-              of  the  message.   To  discard  only one recipient
-              without discarding  the  entire  message,  use  the
+              Note:  this action currently affects all recipients
+              of the message.   To  discard  only  one  recipient
+              without  discarding  the  entire  message,  use the
               transport(5) table to direct mail to the discard(8)
               service.
 
               This feature is available in Postfix 2.0 and later.
 
-       DUNNO  Pretend  that  the  lookup  key was not found. This
-              prevents Postfix  from  trying  substrings  of  the
-              lookup  key (such as a subdomain name, or a network
+       DUNNO  Pretend that the lookup key  was  not  found.  This
+              prevents  Postfix  from  trying  substrings  of the
+              lookup key (such as a subdomain name, or a  network
               address subnetwork).
 
               This feature is available in Postfix 2.0 and later.
 
        FILTER transport:destination
-              After  the  message is queued, send the entire mes-
+              After the message is queued, send the  entire  mes-
               sage through the specified external content filter.
-              The  transport:destination  syntax  is described in
-              the transport(5)  manual  page.   More  information
-              about  external  content  filters is in the Postfix
+              The transport:destination syntax  is  described  in
+              the  transport(5)  manual  page.   More information
+              about external content filters is  in  the  Postfix
               FILTER_README file.
 
-              Note:  this  action  overrides  the  main.cf   con-
+              Note:   this  action  overrides  the  main.cf  con-
               tent_filter  setting,  and  currently  affects  all
               recipients of the message.
 
               This feature is available in Postfix 2.0 and later.
 
        HOLD optional text...
-              Place  the message on the hold queue, where it will
-              sit until someone either deletes it or releases  it
-              for  delivery.  Log the optional text if specified,
+              Place the message on the hold queue, where it  will
+              sit  until someone either deletes it or releases it
+              for delivery.  Log the optional text if  specified,
               otherwise log a generic message.
 
-              Mail that is placed on hold can  be  examined  with
-              the  postcat(1)  command,  and  can be destroyed or
+              Mail  that  is  placed on hold can be examined with
+              the postcat(1) command, and  can  be  destroyed  or
               released with the postsuper(1) command.
 
-              Note: use "postsuper -r" to release mail  that  was
-              kept  on  hold for a significant fraction of $maxi-
+              Note:  use  "postsuper -r" to release mail that was
+              kept on hold for a significant fraction  of  $maxi-
               mal_queue_lifetime  or  $bounce_queue_lifetime,  or
               longer.
 
-              Note:  this action currently affects all recipients
+              Note: this action currently affects all  recipients
               of the message.
 
               This feature is available in Postfix 2.0 and later.
 
        PREPEND headername: headervalue
-              Prepend  the  specified  message header to the mes-
-              sage.  When this action  executes  multiple  times,
-              the  first prepended header appears before the sec-
+              Prepend the specified message header  to  the  mes-
+              sage.   When more than one PREPEND action executes,
+              the first prepended header appears before the  sec-
               ond etc. prepended header.
 
-              Note: this action does not support multi-line  mes-
-              sage headers.
-
               Note:  this  action must execute before the message
               content is received; it cannot execute in the  con-
               text of smtpd_end_of_data_restrictions.
diff --git a/postfix/html/aliases.5.html b/postfix/html/aliases.5.html
index ab5cae5bd..30cddaa27 100644
--- a/postfix/html/aliases.5.html
+++ b/postfix/html/aliases.5.html
@@ -82,8 +82,8 @@ ALIASES(5)                                                          ALIASES(5)
               When the command fails, a limited amount of command
               output is mailed back  to  the  sender.   The  file
               /usr/include/sysexits.h  defines  the expected exit
-              status codes. For example, use |"exit 67" to  simu-
-              late  a  "user  unknown"  error,  and  |"exit 0" to
+              status codes. For example, use "|exit 67" to  simu-
+              late  a  "user  unknown"  error,  and  "|exit 0" to
               implement an expensive black hole.
 
        :include:/file/name
diff --git a/postfix/html/bounce.5.html b/postfix/html/bounce.5.html
index e6c23320c..261a91cc3 100644
--- a/postfix/html/bounce.5.html
+++ b/postfix/html/bounce.5.html
@@ -31,8 +31,8 @@ BOUNCE(5)                                                            BOUNCE(5)
        bounce template formats.
 
 GENERAL PROCEDURE
-       To create customized bounce template file, create a tempo-
-       rary  copy  of the file /etc/postfix/bounce.cf.default and
+       To create a customized bounce template file, create a tem-
+       porary copy of the file /etc/postfix/bounce.cf.default and
        edit the temporary file.
 
        To preview the results of $name expansions in the template
diff --git a/postfix/html/canonical.5.html b/postfix/html/canonical.5.html
index 5ace31dc6..c43a1df35 100644
--- a/postfix/html/canonical.5.html
+++ b/postfix/html/canonical.5.html
@@ -59,11 +59,9 @@ CANONICAL(5)                                                      CANONICAL(5)
        addresses produced by legacy mail systems.
 
        The canonical(5) mapping is not to be confused  with  vir-
-       tual  domain support. Use the virtual(5) map for that pur-
-       pose.
-
-       The canonical(5) mapping is not to be confused with  local
-       aliasing.  Use the aliases(5) map for that purpose.
+       tual  alias  support or with local aliasing. To change the
+       destination but not the headers,  use  the  virtual(5)  or
+       aliases(5) map instead.
 
 CASE FOLDING
        The  search  string is folded to lowercase before database
@@ -115,6 +113,13 @@ CANONICAL(5)                                                      CANONICAL(5)
               Replace other addresses in domain by address.  This
               form has the lowest precedence.
 
+              Note:  @domain  is  a  wild-card. When this form is
+              applied to recipient addresses,  the  Postfix  SMTP
+              server  accepts  mail  for any recipient in domain,
+              regardless of whether that recipient exists.   This
+              may turn your mail system into a backscatter source
+              that returns undeliverable spam to innocent people.
+
 RESULT ADDRESS REWRITING
        The lookup result is subject to address rewriting:
 
diff --git a/postfix/html/cidr_table.5.html b/postfix/html/cidr_table.5.html
index 440e58ef9..4a8011240 100644
--- a/postfix/html/cidr_table.5.html
+++ b/postfix/html/cidr_table.5.html
@@ -93,7 +93,6 @@ CIDR_TABLE(5)                                                    CIDR_TABLE(5)
 AUTHOR(S)
        The CIDR table lookup code was originally written by:
        Jozsef Kadlecsik
-       kadlec@blackhole.kfki.hu
        KFKI Research Institute for Particle and Nuclear Physics
        POB. 49
        1525 Budapest, Hungary
diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html
index 4fd5a9ed0..95ef69361 100644
--- a/postfix/html/header_checks.5.html
+++ b/postfix/html/header_checks.5.html
@@ -22,41 +22,42 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
        Postfix  provides  a  simple  built-in  content inspection
        mechanism that examines incoming mail one  message  header
        or one message body line at a time. Each input is compared
-       against a list of patterns, and when a match is found  the
-       corresponding  action is executed.  This feature is imple-
-       mented by the Postfix cleanup(8) server.
+       against a list of patterns.  When a  match  is  found  the
+       corresponding action is executed, and the matching process
+       is repeated for the next  input  line.   This  feature  is
+       implemented by the Postfix cleanup(8) server.
 
-       For examples, see the EXAMPLES section at the end of  this
+       For  examples, see the EXAMPLES section at the end of this
        manual page.
 
        Postfix header or body_checks are designed to stop a flood
-       of mail from worms or viruses; they do not decode  attach-
-       ments,  and  they do not unzip archives. See the documents
-       referenced below in the README FILES section if  you  need
+       of  mail from worms or viruses; they do not decode attach-
+       ments, and they do not unzip archives. See  the  documents
+       referenced  below  in the README FILES section if you need
        more sophisticated content analysis.
 
        Postfix supports four built-in content inspection classes:
 
        header_checks
-              These  are  applied  to  initial  message   headers
-              (except  for  the  headers  that are processed with
+              These   are  applied  to  initial  message  headers
+              (except for the headers  that  are  processed  with
               mime_header_checks).
 
        mime_header_checks (default: $header_checks)
-              These are applied to MIME related  message  headers
+              These  are  applied to MIME related message headers
               only.
 
               This feature is available in Postfix 2.0 and later.
 
        nested_header_checks (default: $header_checks)
-              These are applied to message  headers  of  attached
-              email  messages  (except  for  the headers that are
+              These  are  applied  to message headers of attached
+              email messages (except for  the  headers  that  are
               processed with mime_header_checks).
 
               This feature is available in Postfix 2.0 and later.
 
        body_checks
-              These  are  applied to all other content, including
+              These are applied to all other  content,  including
               multi-part message boundaries.
 
               With Postfix versions before 2.0, all content after
@@ -64,73 +65,73 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
               tent.
 
        Note: message headers are examined one logical header at a
-       time,  even  when  a  message header spans multiple lines.
+       time, even when a message  header  spans  multiple  lines.
        Body lines are always examined one line at a time.
 
 TABLE FORMAT
-       This document assumes that header  and  body_checks  rules
-       are  specified  in  the form of Postfix regular expression
-       lookup tables. Usually the best  performance  is  obtained
+       This  document  assumes  that header and body_checks rules
+       are specified in the form of  Postfix  regular  expression
+       lookup  tables.  Usually  the best performance is obtained
        with pcre (Perl Compatible Regular Expression) tables, but
-       the slower regexp (POSIX regular expressions)  support  is
-       more  widely  available.  Use the command "postconf -m" to
-       find out what lookup table types your Postfix system  sup-
+       the  slower  regexp (POSIX regular expressions) support is
+       more widely available.  Use the command "postconf  -m"  to
+       find  out what lookup table types your Postfix system sup-
        ports.
 
        The general format of Postfix regular expression tables is
-       given below.  For a  discussion  of  specific  pattern  or
-       flags   syntax,   see  pcre_table(5)  or  regexp_table(5),
+       given  below.   For  a  discussion  of specific pattern or
+       flags  syntax,  see  pcre_table(5)   or   regexp_table(5),
        respectively.
 
        /pattern/flags action
-              When pattern matches the input string, execute  the
-              corresponding  action. See below for a list of pos-
+              When  pattern matches the input string, execute the
+              corresponding action. See below for a list of  pos-
               sible actions.
 
        !/pattern/flags action
-              When pattern does not match the input string,  exe-
+              When  pattern does not match the input string, exe-
               cute the corresponding action.
 
        if /pattern/flags
 
        endif  Match the input string against the patterns between
-              if and endif, if and only if the input string  also
+              if  and endif, if and only if the input string also
               matches pattern. The if..endif can nest.
 
-              Note:  do not prepend whitespace to patterns inside
+              Note: do not prepend whitespace to patterns  inside
               if..endif.
 
        if !/pattern/flags
 
        endif  Match the input string against the patterns between
-              if  and endif, if and only if the input string does
+              if and endif, if and only if the input string  does
               not match pattern. The if..endif can nest.
 
        blank lines and comments
-              Empty lines and whitespace-only lines are  ignored,
-              as  are  lines whose first non-whitespace character
+              Empty  lines and whitespace-only lines are ignored,
+              as are lines whose first  non-whitespace  character
               is a `#'.
 
        multi-line text
-              A pattern/action line  starts  with  non-whitespace
-              text.  A line that starts with whitespace continues
+              A  pattern/action  line  starts with non-whitespace
+              text. A line that starts with whitespace  continues
               a logical line.
 
 TABLE SEARCH ORDER
-       For each line of message input, the patterns  are  applied
-       in  the order as specified in the table. When a pattern is
-       found that  matches  the  input  line,  the  corresponding
-       action  is  executed  and  then  the  next  input  line is
+       For  each  line of message input, the patterns are applied
+       in the order as specified in the table. When a pattern  is
+       found  that  matches  the  input  line,  the corresponding
+       action is  executed  and  then  the  next  input  line  is
        inspected.
 
 TEXT SUBSTITUTION
-       Substitution of substrings  from  the  matched  expression
-       into  the action string is possible using the conventional
-       Perl syntax ($1, $2, etc.).   The  macros  in  the  result
-       string  may  need  to  be  written as ${n} or $(n) if they
+       Substitution  of  substrings  from  the matched expression
+       into the action string is possible using the  conventional
+       Perl  syntax  ($1,  $2,  etc.).   The macros in the result
+       string may need to be written as  ${n}  or  $(n)  if  they
        aren't followed by whitespace.
 
-       Note: since negated patterns (those preceded by !)  return
+       Note:  since negated patterns (those preceded by !) return
        a result when the expression does not match, substitutions
        are not available for negated patterns.
 
@@ -139,12 +140,12 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
        case for consistency with other Postfix documentation.
 
        DISCARD optional text...
-              Claim  successful delivery and silently discard the
-              message.  Log the optional text if specified,  oth-
+              Claim successful delivery and silently discard  the
+              message.   Log the optional text if specified, oth-
               erwise log a generic message.
 
-              Note:   this  action  disables  further  header  or
-              body_checks inspection of the current  message  and
+              Note:  this  action  disables  further  header   or
+              body_checks  inspection  of the current message and
               affects all recipients.  To discard only one recip-
               ient without discarding the entire message, use the
               transport(5) table to direct mail to the discard(8)
@@ -152,53 +153,53 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
 
               This feature is available in Postfix 2.0 and later.
 
-       DUNNO  Pretend  that the input line did not match any pat-
-              tern, and inspect the next input line. This  action
+       DUNNO  Pretend that the input line did not match any  pat-
+              tern,  and inspect the next input line. This action
               can be used to shorten the table search.
 
-              For  backwards  compatibility reasons, Postfix also
-              accepts OK but it is (and always has been)  treated
+              For backwards compatibility reasons,  Postfix  also
+              accepts  OK but it is (and always has been) treated
               as DUNNO.
 
               This feature is available in Postfix 2.1 and later.
 
        FILTER transport:destination
-              Write a content filter request to  the  queue  file
-              and  inspect  the  next input line.  After the com-
-              plete message is received it will be  sent  through
+              Write  a  content  filter request to the queue file
+              and inspect the next input line.   After  the  com-
+              plete  message  is received it will be sent through
               the specified external content filter.  More infor-
-              mation about external content  filters  is  in  the
+              mation  about  external  content  filters is in the
               Postfix FILTER_README file.
 
-              Note:   this  action  overrides  the  main.cf  con-
-              tent_filter setting, and affects all recipients  of
-              the  message.  In  the  case  that  multiple FILTER
+              Note:  this  action  overrides  the  main.cf   con-
+              tent_filter  setting, and affects all recipients of
+              the message.  In  the  case  that  multiple  FILTER
               actions fire, only the last one is executed.
 
               This feature is available in Postfix 2.0 and later.
 
        HOLD optional text...
-              Arrange  for  the  message to be placed on the hold
-              queue, and inspect the next input line.   The  mes-
-              sage  remains  on hold until someone either deletes
-              it or releases it for delivery.  Log  the  optional
+              Arrange for the message to be placed  on  the  hold
+              queue,  and  inspect the next input line.  The mes-
+              sage remains on hold until someone  either  deletes
+              it  or  releases it for delivery.  Log the optional
               text if specified, otherwise log a generic message.
 
-              Mail that is placed on hold can  be  examined  with
-              the  postcat(1)  command,  and  can be destroyed or
+              Mail  that  is  placed on hold can be examined with
+              the postcat(1) command, and  can  be  destroyed  or
               released with the postsuper(1) command.
 
-              Note: use "postsuper -r" to release mail  that  was
-              kept  on  hold for a significant fraction of $maxi-
+              Note:  use  "postsuper -r" to release mail that was
+              kept on hold for a significant fraction  of  $maxi-
               mal_queue_lifetime  or  $bounce_queue_lifetime,  or
               longer.
 
-              Note:  this  action  affects  all recipients of the
+              Note: this action affects  all  recipients  of  the
               message.
 
               This feature is available in Postfix 2.0 and later.
 
-       IGNORE Delete  the current line from the input and inspect
+       IGNORE Delete the current line from the input and  inspect
               the next input line.
 
        PREPEND text...
@@ -207,18 +208,18 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
 
               Notes:
 
-              o      The  prepended  text is output on a separate
+              o      The prepended text is output on  a  separate
                      line,  immediately  before  the  input  that
                      triggered the PREPEND action.
 
               o      The prepended text is not considered part of
-                     the input  stream:  it  is  not  subject  to
+                     the  input  stream:  it  is  not  subject to
                      header/body checks or address rewriting, and
                      it does not affect the way that Postfix adds
                      missing message headers.
 
               o      When prepending text before a message header
-                     line, the prepended text must begin  with  a
+                     line,  the  prepended text must begin with a
                      valid message header label.
 
               o      This action cannot be used to prepend multi-
@@ -227,46 +228,46 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
               This feature is available in Postfix 2.1 and later.
 
        REDIRECT user@domain
-              Write  a  message  redirection request to the queue
-              file and inspect the next  input  line.  After  the
+              Write a message redirection request  to  the  queue
+              file  and  inspect  the  next input line. After the
               message is queued, it will be sent to the specified
               address instead of the intended recipient(s).
 
-              Note: this action overrides the FILTER action,  and
-              affects  all recipients of the message. If multiple
-              REDIRECT actions fire, only the last  one  is  exe-
+              Note:  this action overrides the FILTER action, and
+              affects all recipients of the message. If  multiple
+              REDIRECT  actions  fire,  only the last one is exe-
               cuted.
 
               This feature is available in Postfix 2.1 and later.
 
        REPLACE text...
-              Replace the current line with  the  specified  text
+              Replace  the  current  line with the specified text
               and inspect the next input line.
 
               This feature is available in Postfix 2.2 and later.
-              The description below applies to Postfix 2.2.2  and
+              The  description below applies to Postfix 2.2.2 and
               later.
 
               Notes:
 
-              o      When  replacing  a  message header line, the
-                     replacement text must  begin  with  a  valid
+              o      When replacing a message  header  line,  the
+                     replacement  text  must  begin  with a valid
                      header label.
 
-              o      The  replaced text remains part of the input
-                     stream. Unlike the result from  the  PREPEND
-                     action,  a  replaced  message  header may be
-                     subject to address rewriting and may  affect
-                     the  way  that  Postfix adds missing message
+              o      The replaced text remains part of the  input
+                     stream.  Unlike  the result from the PREPEND
+                     action, a replaced  message  header  may  be
+                     subject  to address rewriting and may affect
+                     the way that Postfix  adds  missing  message
                      headers.
 
        REJECT optional text...
-              Reject the  entire  message.  Reply  with  optional
+              Reject  the  entire  message.  Reply  with optional
               text... when the optional text is specified, other-
               wise reply with a generic error message.
 
-              Note:  this  action  disables  further  header   or
-              body_checks  inspection  of the current message and
+              Note:   this  action  disables  further  header  or
+              body_checks inspection of the current  message  and
               affects all recipients.
 
               Postfix version 2.3 and later support enhanced sta-
@@ -275,26 +276,26 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
               enhanced status code of "5.7.1".
 
        WARN optional text...
-              Log  a  warning with the optional text... (or log a
-              generic message) and inspect the next  input  line.
+              Log a warning with the optional text... (or  log  a
+              generic  message)  and inspect the next input line.
               This action is useful for debugging and for testing
               a pattern before applying more drastic actions.
 
 BUGS
-       Many people overlook the main limitations  of  header  and
-       body_checks  rules.   These  rules  operate on one logical
-       message header or one body line at a time, and a  decision
-       made  for  one  line is not carried over to the next line.
+       Many  people  overlook  the main limitations of header and
+       body_checks rules.  These rules  operate  on  one  logical
+       message  header or one body line at a time, and a decision
+       made for one line is not carried over to  the  next  line.
        If text in the message body is encoded (RFC 2045) then the
-       rules  have  to specified for the encoded form.  Likewise,
+       rules have to specified for the encoded  form.   Likewise,
        when message headers are encoded (RFC 2047) then the rules
        need to be specified for the encoded form.
 
-       Message  headers added by the cleanup(8) daemon itself are
+       Message headers added by the cleanup(8) daemon itself  are
        excluded from inspection. Examples of such message headers
        are From:, To:, Message-ID:, Date:.
 
-       Message  headers  deleted by the cleanup(8) daemon will be
+       Message headers deleted by the cleanup(8) daemon  will  be
        examined before they are deleted. Examples are: Bcc:, Con-
        tent-Length:, Return-Path:.
 
@@ -302,11 +303,11 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
        body_checks
               Lookup tables with content filter rules for message
               body lines.  These filters see one physical line at
-              a  time,  in  chunks  of at most $line_length_limit
+              a time, in chunks  of  at  most  $line_length_limit
               bytes.
 
        body_checks_size_limit
-              The amount of  content  per  message  body  segment
+              The  amount  of  content  per  message body segment
               (attachment) that is subjected to $body_checks fil-
               tering.
 
@@ -316,35 +317,35 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
 
        nested_header_checks (default: $header_checks)
               Lookup tables with content filter rules for message
-              header  lines:  respectively,  these are applied to
-              the initial message  headers  (not  including  MIME
-              headers),  to the MIME headers anywhere in the mes-
-              sage, and to the initial headers of  attached  mes-
+              header lines: respectively, these  are  applied  to
+              the  initial  message  headers  (not including MIME
+              headers), to the MIME headers anywhere in the  mes-
+              sage,  and  to the initial headers of attached mes-
               sages.
 
-              Note:  these filters see one logical message header
-              at a time, even when a message header spans  multi-
-              ple  lines.  Message  headers  that are longer than
+              Note: these filters see one logical message  header
+              at  a time, even when a message header spans multi-
+              ple lines. Message headers  that  are  longer  than
               $header_size_limit characters are truncated.
 
        disable_mime_input_processing
-              While receiving mail, give no special treatment  to
-              MIME  related  message  headers; all text after the
+              While  receiving mail, give no special treatment to
+              MIME related message headers; all  text  after  the
               initial message headers is considered to be part of
-              the  message body. This means that header_checks is
-              applied to all the  initial  message  headers,  and
+              the message body. This means that header_checks  is
+              applied  to  all  the  initial message headers, and
               that body_checks is applied to the remainder of the
               message.
 
-              Note: when used in this  manner,  body_checks  will
-              process  a  multi-line message header one line at a
+              Note:  when  used  in this manner, body_checks will
+              process a multi-line message header one line  at  a
               time.
 
 EXAMPLES
-       Header pattern to block attachments  with  bad  file  name
+       Header  pattern  to  block  attachments with bad file name
        extensions.
 
-       /etc/postfix/main.cf:
+       /etc/postfix/main.cf:
            header_checks = regexp:/etc/postfix/header_checks
 
        /etc/postfix/header_checks:
@@ -354,7 +355,7 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
        Body pattern to stop a specific HTML browser vulnerability
        exploit.
 
-       /etc/postfix/main.cf:
+       /etc/postfix/main.cf:
            body_checks = regexp:/etc/postfix/body_checks
 
        /etc/postfix/body_checks:
@@ -379,7 +380,7 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
        BACKSCATTER_README, blocking returned forged mail
 
 LICENSE
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 AUTHOR(S)
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 55605a71a..dd6ae5ed2 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -6438,7 +6438,10 @@ Do not change this unless you have a complete understanding of relay_domains. Specify @domain as a wild-card for
-domains that do not have a valid recipient list. Technically, tables
+domains that have no valid recipient list, and become a source of
+backscatter mail: Postfix accepts spam for non-existent recipients
+and then floods innocent people with undeliverable mail.  Technically,
+tables
 listed with $relay_recipient_maps are used as lists: Postfix needs
 to know only if a lookup string is found or not, but it does not
 use the result from table lookup.  
    
diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html
index 7df786e30..06450986b 100644
--- a/postfix/html/virtual.5.html
+++ b/postfix/html/virtual.5.html
@@ -109,15 +109,22 @@ VIRTUAL(5)                                                          VIRTUAL(5)
               Redirect mail for other users in domain to address.
               This form has the lowest precedence.
 
+              Note:  @domain  is a wild-card. With this form, the
+              Postfix SMTP server accepts mail for any  recipient
+              in  domain,  regardless  of  whether that recipient
+              exists.  This may turn  your  mail  system  into  a
+              backscatter  source that returns undeliverable spam
+              to innocent people.
+
 RESULT ADDRESS REWRITING
        The lookup result is subject to address rewriting:
 
-       o      When  the  result  has  the  form @otherdomain, the
-              result becomes the same user in otherdomain.   This
+       o      When the result  has  the  form  @otherdomain,  the
+              result  becomes the same user in otherdomain.  This
               works only for the first address in a multi-address
               lookup result.
 
-       o      When "append_at_myorigin=yes", append  "@$myorigin"
+       o      When  "append_at_myorigin=yes", append "@$myorigin"
               to addresses without "@domain".
 
        o      When "append_dot_mydomain=yes", append ".$mydomain"
@@ -125,29 +132,29 @@ VIRTUAL(5)                                                          VIRTUAL(5)
 
 ADDRESS EXTENSION
        When a mail address localpart contains the optional recip-
-       ient  delimiter  (e.g., user+foo@domain), the lookup order
+       ient delimiter (e.g., user+foo@domain), the  lookup  order
        becomes: user+foo@domain, user@domain, user+foo, user, and
        @domain.
 
-       The   propagate_unmatched_extensions   parameter  controls
-       whether an unmatched address extension  (+foo)  is  propa-
+       The  propagate_unmatched_extensions   parameter   controls
+       whether  an  unmatched  address extension (+foo) is propa-
        gated to the result of table lookup.
 
 VIRTUAL ALIAS DOMAINS
-       Besides  virtual aliases, the virtual alias table can also
+       Besides virtual aliases, the virtual alias table can  also
        be used to implement virtual alias domains. With a virtual
-       alias  domain,  all  recipient  addresses  are  aliased to
+       alias domain,  all  recipient  addresses  are  aliased  to
        addresses in other domains.
 
        Virtual alias domains are not to be confused with the vir-
        tual mailbox domains that are implemented with the Postfix
        virtual(8)  mail  delivery  agent.  With  virtual  mailbox
-       domains,  each recipient address can have its own mailbox.
+       domains, each recipient address can have its own  mailbox.
 
-       With a virtual alias domain, the virtual  domain  has  its
-       own  user  name  space. Local (i.e. non-virtual) usernames
-       are not visible in a virtual alias domain. In  particular,
-       local  aliases(5)  and local mailing lists are not visible
+       With  a  virtual  alias domain, the virtual domain has its
+       own user name space. Local  (i.e.  non-virtual)  usernames
+       are  not visible in a virtual alias domain. In particular,
+       local aliases(5) and local mailing lists are  not  visible
        as localname@virtual-alias.domain.
 
        Support for a virtual alias domain looks like:
@@ -155,8 +162,8 @@ VIRTUAL(5)                                                          VIRTUAL(5)
        /etc/postfix/main.cf:
            virtual_alias_maps = hash:/etc/postfix/virtual
 
-           Note: some systems use dbm databases instead of  hash.
-           See  the output from "postconf -m" for available data-
+           Note:  some systems use dbm databases instead of hash.
+           See the output from "postconf -m" for available  data-
            base types.
 
        /etc/postfix/virtual:
@@ -165,95 +172,95 @@ VIRTUAL(5)                                                          VIRTUAL(5)
            user1@virtual-alias.domain   address1
            user2@virtual-alias.domain   address2, address3
 
-       The virtual-alias.domain anything entry is required for  a
+       The  virtual-alias.domain anything entry is required for a
        virtual alias domain. Without this entry, mail is rejected
-       with "relay access denied", or bounces  with  "mail  loops
+       with  "relay  access  denied", or bounces with "mail loops
        back to myself".
 
-       Do  not  specify virtual alias domain names in the main.cf
+       Do not specify virtual alias domain names in  the  main.cf
        mydestination or relay_domains configuration parameters.
 
-       With a virtual  alias  domain,  the  Postfix  SMTP  server
-       accepts   mail  for  known-user@virtual-alias.domain,  and
-       rejects  mail  for  unknown-user@virtual-alias.domain   as
+       With  a  virtual  alias  domain,  the  Postfix SMTP server
+       accepts  mail  for  known-user@virtual-alias.domain,   and
+       rejects   mail  for  unknown-user@virtual-alias.domain  as
        undeliverable.
 
-       Instead  of  specifying  the virtual alias domain name via
-       the virtual_alias_maps table, you may also specify it  via
+       Instead of specifying the virtual alias  domain  name  via
+       the  virtual_alias_maps table, you may also specify it via
        the main.cf virtual_alias_domains configuration parameter.
-       This latter parameter uses the same syntax as the  main.cf
+       This  latter parameter uses the same syntax as the main.cf
        mydestination configuration parameter.
 
 REGULAR EXPRESSION TABLES
-       This  section  describes how the table lookups change when
+       This section describes how the table lookups  change  when
        the table is given in the form of regular expressions. For
-       a  description  of regular expression lookup table syntax,
+       a description of regular expression lookup  table  syntax,
        see regexp_table(5) or pcre_table(5).
 
-       Each pattern is a regular expression that  is  applied  to
+       Each  pattern  is  a regular expression that is applied to
        the entire address being looked up. Thus, user@domain mail
-       addresses are not broken up into their  user  and  @domain
+       addresses  are  not  broken up into their user and @domain
        constituent parts, nor is user+foo broken up into user and
        foo.
 
-       Patterns are applied in the order as specified in the  ta-
-       ble,  until  a  pattern  is  found that matches the search
+       Patterns  are applied in the order as specified in the ta-
+       ble, until a pattern is  found  that  matches  the  search
        string.
 
-       Results are the same as with indexed  file  lookups,  with
-       the  additional feature that parenthesized substrings from
+       Results  are  the  same as with indexed file lookups, with
+       the additional feature that parenthesized substrings  from
        the pattern can be interpolated as $1, $2 and so on.
 
 TCP-BASED TABLES
-       This section describes how the table lookups  change  when
+       This  section  describes how the table lookups change when
        lookups are directed to a TCP-based server. For a descrip-
        tion of the TCP client/server lookup protocol, see tcp_ta-
        ble(5).  This feature is not available up to and including
        Postfix version 2.4.
 
        Each lookup operation uses the entire address once.  Thus,
-       user@domain  mail  addresses  are not broken up into their
+       user@domain mail addresses are not broken  up  into  their
        user and @domain constituent parts, nor is user+foo broken
        up into user and foo.
 
        Results are the same as with indexed file lookups.
 
 BUGS
-       The  table format does not understand quoting conventions.
+       The table format does not understand quoting  conventions.
 
 CONFIGURATION PARAMETERS
-       The following main.cf parameters are  especially  relevant
-       to  this  topic.  See  the Postfix main.cf file for syntax
-       details and for default values. Use the  "postfix  reload"
+       The  following  main.cf parameters are especially relevant
+       to this topic. See the Postfix  main.cf  file  for  syntax
+       details  and  for default values. Use the "postfix reload"
        command after a configuration change.
 
        virtual_alias_maps
               List of virtual aliasing tables.
 
        virtual_alias_domains
-              List  of  virtual alias domains. This uses the same
+              List of virtual alias domains. This uses  the  same
               syntax as the mydestination parameter.
 
        propagate_unmatched_extensions
-              A list of address rewriting  or  forwarding  mecha-
-              nisms  that propagate an address extension from the
-              original address to the result.   Specify  zero  or
-              more   of   canonical,   virtual,  alias,  forward,
+              A  list  of  address rewriting or forwarding mecha-
+              nisms that propagate an address extension from  the
+              original  address  to  the result.  Specify zero or
+              more  of  canonical,   virtual,   alias,   forward,
               include, or generic.
 
        Other parameters of interest:
 
        inet_interfaces
-              The network interface addresses  that  this  system
+              The  network  interface  addresses that this system
               receives mail on.  You need to stop and start Post-
               fix when this parameter changes.
 
        mydestination
-              List of domains that  this  mail  system  considers
+              List  of  domains  that  this mail system considers
               local.
 
        myorigin
-              The  domain  that  is  appended to any address that
+              The domain that is appended  to  any  address  that
               does not have a domain.
 
        owner_request_special
@@ -277,7 +284,7 @@ VIRTUAL(5)                                                          VIRTUAL(5)
        VIRTUAL_README, domain hosting guide
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5
index 525d2022a..4ff930f31 100644
--- a/postfix/man/man5/access.5
+++ b/postfix/man/man5/access.5
@@ -16,11 +16,11 @@ Postfix SMTP server access table
 .SH DESCRIPTION
 .ad
 .fi
-The Postfix SMTP server \fBaccess\fR(5) table specifies
-actions that are triggered by information from or about
-remote SMTP clients: host names, network addresses, or email
-addresses. An action may grant or deny access, or it may
-change the way that an email transaction will be handled.
+The Postfix SMTP server supports access control on information
+about remote SMTP clients or information received in SMTP
+commands: host names, network addresses, envelope sender
+or recipient addresses.  See header_checks(5) or body_checks(5)
+for access control on the content of email messages.
 
 Normally, the \fBaccess\fR(5) table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
@@ -193,7 +193,8 @@ Reject the address etc. that matches the pattern. Reply with
 specified, otherwise reply with a generic error response message.
 .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR
 Defer the request if some later restriction would result in a
-REJECT action. Reply with "\fB450\fI optional text...\fR when the
+REJECT action. Reply with "\fB450 4.7.1 \fI optional
+text...\fR when the
 optional text is specified, otherwise reply with a generic error
 response message.
 .sp
@@ -201,7 +202,7 @@ This feature is available in Postfix 2.1 and later.
 .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR
 Defer the request if some later restriction would result in a
 an explicit or implicit PERMIT action.
-Reply with "\fB450\fI optional text...\fR when the
+Reply with "\fB450 4.7.1 \fI optional text...\fR when the
 optional text is specified, otherwise reply with a generic error
 response message.
 .sp
@@ -260,10 +261,9 @@ Note: this action currently affects all recipients of the message.
 This feature is available in Postfix 2.0 and later.
 .IP "\fBPREPEND \fIheadername: headervalue\fR"
 Prepend the specified message header to the message.
-When this action executes multiple times, the first prepended
-header appears before the second etc. prepended header.
-.sp
-Note: this action does not support multi-line message headers.
+When more than one PREPEND action executes, the first
+prepended header appears before the second etc. prepended
+header.
 .sp
 Note: this action must execute before the message content
 is received; it cannot execute in the context of
diff --git a/postfix/man/man5/aliases.5 b/postfix/man/man5/aliases.5
index 7f067da6c..05ca24b90 100644
--- a/postfix/man/man5/aliases.5
+++ b/postfix/man/man5/aliases.5
@@ -75,8 +75,8 @@ quotes. See \fBlocal\fR(8) for details of delivery to command.
 When the command fails, a limited amount of command output is
 mailed back to the sender.  The file \fB/usr/include/sysexits.h\fR
 defines the expected exit status codes. For example, use
-\fB|"exit 67"\fR to simulate a "user unknown" error, and
-\fB|"exit 0"\fR to implement an expensive black hole.
+\fB"|exit 67"\fR to simulate a "user unknown" error, and
+\fB"|exit 0"\fR to implement an expensive black hole.
 .IP \fB:include:\fI/file/name\fR
 Mail is sent to the destinations listed in the named file.
 Lines in \fB:include:\fR files have the same syntax
diff --git a/postfix/man/man5/bounce.5 b/postfix/man/man5/bounce.5
index 4c6215ab3..25bbfda41 100644
--- a/postfix/man/man5/bounce.5
+++ b/postfix/man/man5/bounce.5
@@ -32,7 +32,8 @@ bounce template formats.
 .nf
 .ad
 .fi
-To create customized bounce template file, create a temporary
+To create a customized bounce template file, create a
+temporary
 copy of the file \fB/etc/postfix/bounce.cf.default\fR and
 edit the temporary file.
 
diff --git a/postfix/man/man5/canonical.5 b/postfix/man/man5/canonical.5
index aeaee934f..6f1083051 100644
--- a/postfix/man/man5/canonical.5
+++ b/postfix/man/man5/canonical.5
@@ -55,10 +55,9 @@ names by \fIFirstname.Lastname\fR, or to clean up addresses produced
 by legacy mail systems.
 
 The \fBcanonical\fR(5) mapping is not to be confused with \fIvirtual
-domain\fR support. Use the \fBvirtual\fR(5) map for that purpose.
-
-The \fBcanonical\fR(5) mapping is not to be confused with local aliasing.
-Use the \fBaliases\fR(5) map for that purpose.
+alias\fR support or with local aliasing. To change the destination
+but not the headers, use the \fBvirtual\fR(5) or \fBaliases\fR(5)
+map instead.
 .SH "CASE FOLDING"
 .na
 .nf
@@ -109,6 +108,13 @@ This form is useful for replacing login names by
 .IP "@\fIdomain address\fR"
 Replace other addresses in \fIdomain\fR by \fIaddress\fR.
 This form has the lowest precedence.
+.sp
+Note: @\fIdomain\fR is a wild-card. When this form is applied
+to recipient addresses, the Postfix SMTP server accepts
+mail for any recipient in \fIdomain\fR, regardless of whether
+that recipient exists.  This may turn your mail system into
+a backscatter source that returns undeliverable spam to
+innocent people.
 .SH "RESULT ADDRESS REWRITING"
 .na
 .nf
diff --git a/postfix/man/man5/cidr_table.5 b/postfix/man/man5/cidr_table.5
index cb4ac93b5..b5ba2ee7e 100644
--- a/postfix/man/man5/cidr_table.5
+++ b/postfix/man/man5/cidr_table.5
@@ -102,7 +102,6 @@ DATABASE_README, Postfix lookup table overview
 .nf
 The CIDR table lookup code was originally written by:
 Jozsef Kadlecsik
-kadlec@blackhole.kfki.hu
 KFKI Research Institute for Particle and Nuclear Physics
 POB. 49
 1525 Budapest, Hungary
diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5
index ada401686..62cc1c8ce 100644
--- a/postfix/man/man5/header_checks.5
+++ b/postfix/man/man5/header_checks.5
@@ -24,8 +24,9 @@ Postfix built-in header/body inspection
 .fi
 Postfix provides a simple built-in content inspection mechanism that
 examines incoming mail one message header or one message body line
-at a time. Each input is compared against a list of patterns, and
-when a match is found the corresponding action is executed.
+at a time. Each input is compared against a list of patterns.
+When a match is found the corresponding action is executed, and
+the matching process is repeated for the next input line.
 This feature is implemented by the Postfix \fBcleanup\fR(8) server.
 
 For examples, see the EXAMPLES section at the end of this
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 5b61670cf..6f67cfb3b 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -3545,7 +3545,10 @@ Do not change this unless you have a complete understanding of RFC 821.
 .SH relay_recipient_maps (default: empty)
 Optional lookup tables with all valid addresses in the domains
 that match $relay_domains. Specify @domain as a wild-card for
-domains that do not have a valid recipient list. Technically, tables
+domains that have no valid recipient list, and become a source of
+backscatter mail: Postfix accepts spam for non-existent recipients
+and then floods innocent people with undeliverable mail.  Technically,
+tables
 listed with $relay_recipient_maps are used as lists: Postfix needs
 to know only if a lookup string is found or not, but it does not
 use the result from table lookup.
diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5
index 64d048f56..5c3cb1da2 100644
--- a/postfix/man/man5/virtual.5
+++ b/postfix/man/man5/virtual.5
@@ -103,6 +103,13 @@ mapping can be applied to non-local addresses.
 .IP "@\fIdomain address, address, ...\fR"
 Redirect mail for other users in \fIdomain\fR to \fIaddress\fR.
 This form has the lowest precedence.
+.sp
+Note: @\fIdomain\fR is a wild-card. With this form, the
+Postfix SMTP server accepts
+mail for any recipient in \fIdomain\fR, regardless of whether
+that recipient exists.  This may turn your mail system into
+a backscatter source that returns undeliverable spam to
+innocent people.
 .SH "RESULT ADDRESS REWRITING"
 .na
 .nf
diff --git a/postfix/proto/SASL_README.html b/postfix/proto/SASL_README.html
index b9c662aaf..fd3441892 100644
--- a/postfix/proto/SASL_README.html
+++ b/postfix/proto/SASL_README.html
@@ -149,7 +149,7 @@ their CCARGS and AUXLIBS into the above command line. 
    
 
 
    Building the Cyrus SASL library
    
 
-
     Postfix appears to work with cyrus-sasl-1.5.5 or cyrus-sasl-2.1.1, 
+
     Postfix appears to work with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, 
 which are available from: 
    
 
 
    
@@ -160,11 +160,11 @@ ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/
 
 
     IMPORTANT: if you install the Cyrus SASL libraries as per the
 default, you will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl
-for version 1.5.5 or /usr/lib/sasl2 -> /usr/local/lib/sasl2 for
-version 2.1.1. 
    
+for version 1.5.x or /usr/lib/sasl2 -> /usr/local/lib/sasl2 for
+version 2.1.x. 
    
 
-
     Reportedly, Microsoft Internet Explorer version 5 requires the
-non-standard SASL LOGIN authentication method. To enable this
+
     Reportedly, Microsoft Outlook (Express) requires the
+non-standard LOGIN authentication method. To enable this
 authentication method, specify ``./configure --enable-login''. 
    
 
 
    Building Postfix with Cyrus SASL support
    
@@ -178,7 +178,7 @@ and that the Cyrus SASL libraries are in /usr/local/lib. 
    
 
 
    
 
-
     (for Cyrus SASL version 1.5.5):
+
     (for Cyrus SASL version 1.5.x):
 
    
 
     % make tidy # if you have left-over files from a previous build
@@ -186,7 +186,7 @@ and that the Cyrus SASL libraries are in /usr/local/lib. 
    
     -I/usr/local/include" AUXLIBS="-L/usr/local/lib -lsasl"
 
    
 
-
     (for Cyrus SASL version 2.1.1):
+
     (for Cyrus SASL version 2.1.x):
 
    
 
     % make tidy # if you have left-over files from a previous build
@@ -201,7 +201,7 @@ otherwise ld.so will not find the SASL shared library: 
    
 
 
    
 
-
     (for Cyrus SASL version 1.5.5):
+
     (for Cyrus SASL version 1.5.x):
 
    
 
     % make tidy # if you have left-over files from a previous build
@@ -210,7 +210,7 @@ otherwise ld.so will not find the SASL shared library: 
    
     -R/usr/local/lib -lsasl"
 
    
 
-
     (for Cyrus SASL version 2.1.1):
+
     (for Cyrus SASL version 2.1.x):
 
    
 
     % make tidy # if you have left-over files from a previous build
@@ -258,8 +258,9 @@ SMTP server
 
 
     Older Microsoft SMTP client software implements a non-standard
 version of the AUTH protocol syntax, and expects that the SMTP
-server replies to EHLO with "250 AUTH=stuff" instead of "250 AUTH
-stuff".  To accommodate such clients (in addition to conformant
+server replies to EHLO with "250 AUTH=mechanism-list" instead of
+"250 AUTH mechanism-list".  To accommodate such clients (in addition
+to conformant
 clients) use the following: 
    
 
 
    
@@ -318,22 +319,41 @@ the Dovecot authentication server. 
    
 
    Cyrus SASL configuration for the Postfix
 SMTP server
    
 
-
     In /usr/local/lib/sasl/smtpd.conf (Cyrus SASL version 1.5.5) or
-/usr/local/lib/sasl2/smtpd.conf (Cyrus SASL version 2.1.1) you need to
-specify how the server should validate client passwords. 
    
+
     You need to configure how the Cyrus SASL library should
+authenticate a client's username and password. These settings must
+be stored in a separate configuration file. 
    
+
+
     The name of the configuration file (default: smtpd.conf) will
+be constructed from a value sent by Postfix to the Cyrus SASL
+library, which adds the suffix .conf. The value is configured using
+one of the following variables: 
    
+
+
    
+
    +/etc/postfix/main.cf:
+    # Postfix 2.3 and later
+    smtpd_sasl_path = smtpd
+    # Postfix < 2.3
+    smtpd_sasl_application_name = smtpd
+
    
+
    
+
+
     Cyrus SASL searches for the configuration file in /usr/local/lib/sasl/
+(Cyrus SASL version 1.5.5) or /usr/local/lib/sasl2/ (Cyrus SASL
+version 2.1.x). 
    
 
 
     Note: some Postfix distributions are modified and look for 
-the smtpd.conf file in /etc/postfix. 
    
+the smtpd.conf file in /etc/postfix/sasl. 
    
 
 
     Note: some Cyrus SASL distributions look for the smtpd.conf
 file in /etc/sasl2. 
    
 
 
      
 
-
    •  
       To authenticate against the UNIX password database, try: 
      
+
    •  
       To authenticate against the UNIX password database, use: 
      
 
 
      
-
       (Cyrus SASL version 1.5.5)
+
       (Cyrus SASL version 1.5.x)
 
      
 
       /usr/local/lib/sasl/smtpd.conf:
@@ -341,39 +361,13 @@ file in /etc/sasl2. 
      
 
 
      
 
-
       (Cyrus SASL version 2.1.1)
-
      
-
      -/usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method: pwcheck
-
      
-
-
      
-
-
       The name of the file in /usr/local/lib/sasl (Cyrus SASL version
-1.5.5) or /usr/local/lib/sasl2 (Cyrus SASL version 2.1.1) used by
-the SASL
-library for configuration can be set with: 
      
-
-
      
-
      -/etc/postfix/main.cf:
-    smtpd_sasl_application_name = smtpd (Postfix < 2.3)
-    smtpd_sasl_path = smtpd (Postfix 2.3 and later)
-
      
-
      
+
       IMPORTANT: pwcheck establishes a UNIX domain socket in /var/pwcheck
+and waits for authentication requests. Postfix processes must have
+read+execute permission to this directory or authentication attempts
+will fail. 
      
 
 
       The pwcheck daemon is contained in the cyrus-sasl source tarball. 
      
 
-
       IMPORTANT: postfix processes need to have group read+execute
-permission for the /var/pwcheck directory, otherwise authentication
-attempts will fail. 
      
-
-
    •  
       Alternately, in Cyrus SASL 1.5.26 and later (including
-2.1.1), try: 
      
-
-
      
-
 
       (Cyrus SASL version 1.5.26)
 
      
 
      @@ -381,11 +375,12 @@ attempts will fail. 
      
     pwcheck_method: saslauthd
 
      
 
-
       (Cyrus SASL version 2.1.1)
+
       (Cyrus SASL version 2.1.x)
 
      
 
       /usr/local/lib/sasl2/smtpd.conf:
     pwcheck_method: saslauthd
+    mech_list: PLAIN LOGIN
 
      
 
 
      
@@ -395,27 +390,38 @@ tarball.  It is more flexible than the pwcheck daemon, in that it
 can authenticate against PAM and various other sources. To use PAM,
 start saslauthd with "-a pam". 
      
 
+
       IMPORTANT: saslauthd usually establishes a UNIX domain socket
+in /var/run/saslauthd and waits for authentication requests. Postfix
+processes must have read+execute permission to this directory or
+authentication attempts will fail. 
      
+
+
       Note: The directory where saslauthd puts the socket is configurable.
+See the command-line option "-m /path/to/socket" in the saslauthd
+--help listing. 
      
+
 
    •  
       To authenticate against Cyrus SASL's own password database: 
      
 
 
      
-
       (Cyrus SASL version 1.5.5)
+
       (Cyrus SASL version 1.5.x)
 
      
 
       /usr/local/lib/sasl/smtpd.conf:
-    pwcheck_method:  sasldb
+    pwcheck_method: sasldb
 
      
 
-
       (Cyrus SASL version 2.1.1)
+
       (Cyrus SASL version 2.1.x)
 
      
 
       /usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method:  auxprop
+    pwcheck_method: auxprop
+    auxprop_plugin: sasldb
+    mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
 
      
 
 
      
 
 
       This will use the Cyrus SASL password file (default: /etc/sasldb in
-version 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained
+version 1.5.x, or /etc/sasldb2 in version 2.1.x), which is maintained
 with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL
 software). On some poorly-supported systems the saslpasswd command needs
 to be run multiple times before it stops complaining.  The Postfix SMTP
@@ -430,13 +436,13 @@ domain (realm) to a fully qualified domain name. 
      
 
       EXAMPLE: 
      
 
 
      
-
       (Cyrus SASL version 1.5.5)
+
       (Cyrus SASL version 1.5.x)
 
      
 
       % saslpasswd -c -u `postconf -h myhostname` exampleuser
 
      
 
-
       (Cyrus SASL version 2.1.1)
+
       (Cyrus SASL version 2.1.x)
 
      
 
       % saslpasswd2 -c -u `postconf -h myhostname` exampleuser
@@ -445,8 +451,8 @@ domain (realm) to a fully qualified domain name. 
      
 
      
 
 
       You can find out SASL's idea about the realms of the users
-in sasldb with sasldblistusers (Cyrus SASL version 1.5.5) or
-sasldblistusers2 (Cyrus SASL version 2.1.1). 
      
+in sasldb with sasldblistusers (Cyrus SASL version 1.5.x) or
+sasldblistusers2 (Cyrus SASL version 2.1.x). 
      
 
 
       On the Postfix side, you can have only one realm per smtpd
 instance, and only the users belonging to that realm would be able to
@@ -462,18 +468,14 @@ realm used by smtpd: 
      
 
 
    
 
-
     IMPORTANT: all users must be able to authenticate using ALL
-authentication mechanisms advertised by Postfix, otherwise the
-negotiation might end up with an unsupported mechanism, and
-authentication would fail.  For example if you configure SASL to
-use saslauthd for authentication against PAM (pluggable
-authentication modules), only the PLAIN and LOGIN mechanisms are
-supported and stand a chance to succeed, yet the SASL library would also
-advertise other mechanisms, such as DIGEST-MD5.  This happens because
-those mechanisms are made available by other plugins, and the SASL
-library have no way to know that your only valid authentication source
-is PAM.  Thus you might need to limit the list of mechanisms advertised
-by Postfix. 
    
+
     IMPORTANT: The Cyrus SASL password verification services pwcheck
+and saslauthd can only support the plaintext mechanisms PLAIN or
+LOGIN.  However, the Cyrus SASL library doesn't know this, and will
+happily advertise other authentication mechanisms that the SASL
+library implements, such as DIGEST-MD5. As a result, if an SMTP
+client chooses any mechanism other than PLAIN or LOGIN while pwcheck
+or saslauthd are used, authentication will fail. Thus you may need
+to limit the list of mechanisms advertised by Postfix. 
    
 
 
       
 
@@ -481,7 +483,9 @@ by Postfix. 
      
 library files from the SASL plug-in directory (and again whenever
 the system is updated). 
      
 
-
    •  
       With Cyrus SASL version 2.1.1 or later: 
      
+
    •  
       With Cyrus SASL version 2.1.x or later the mech_list variable
+can specify a list of authentication mechanisms that Cyrus SASL may
+offer: 
      
 
 
      
 
      @@ -497,17 +501,17 @@ used for authentication. 
      
 
 
        
 
-
      •  
         With Cyrus SASL version 1.5.5 your only choice is to
+
      •  
         With Cyrus SASL version 1.5.x your only choice is to
 delete the corresponding library files from the SASL plug-in 
 directory. 
        
 
-
      •  
         With SASL version 2.1.1: 
        
+
      •  
         With SASL version 2.1.x: 
        
 
 
        
 
         /usr/local/lib/sasl2/smtpd.conf:
-    pwcheck_method:  auxprop
-    auxprop_plugin:  sql
+    pwcheck_method: auxprop
+    auxprop_plugin: sql
 
        
 
        
 
@@ -570,8 +574,10 @@ to recover from the base64-encoded form. 
        
 
        Trouble shooting the SASL internals
        
 
 
         In the Cyrus SASL sources you'll find a subdirectory named
-"sample".  Run make there, "su" to the user postfix (or
-whatever your mail_owner directive is set to):
+"sample".  Run make there, then create a symbolic link from sample.conf
+to smtpd.conf in your Cyrus SASL library directory /usr/local/lib/sasl2.
+"su" to the user postfix (or whatever your mail_owner
+directive is set to): 
        
 
 
        
 
        @@ -580,10 +586,11 @@ whatever your mail_owner directive is set to):
 
        
 
 
         then run the resulting sample server and client in separate
-terminals.  Strace / ktrace / truss the server to see what makes
-it unhappy, and fix the problem.  Repeat the previous step until
-you can successfully authenticate with the sample client.  Only
-then get back to Postfix. 
        
+terminals.  The sample applications send log messages to the syslog
+facility auth.  Check the log to fix the problem or run strace /
+ktrace / truss on the server to see what makes it unhappy. Repeat
+the previous step until you can successfully authenticate with the
+sample client. Only then get back to Postfix. 
        
 
 
        Enabling SASL authentication in the
 Postfix SMTP client
        
@@ -612,6 +619,12 @@ table. 
        
 
      
 
      
 
+
       The Postfix SASL client password file is opened before the SMTP
+server enters the optional chroot jail, so you can keep the file
+in /etc/postfix and set permissions read / write only for root to
+keep the username:password combinations away from other system
+users. 
      
+
 
       Postfix version 2.3 supports-per-sender SASL password
 information. To search the Postfix SASL password by sender 
 before it searches by destination, specify: 
      
@@ -645,10 +658,6 @@ for example: 
      
 
    
 
    
 
-
     The Postfix SASL client password file is opened before the SMTP server
-enters the optional chroot jail, so you can keep the file in
-/etc/postfix. 
    
-
 
     Note: Some SMTP servers support authentication mechanisms that,
 although available on the client system, may not in practice work or
 possess the appropriate credentials to authenticate to the server. It
@@ -664,7 +673,7 @@ into consideration:

    In the above example, Postfix will decline to use mechanisms -that require special infrastructure such as Kerberos.

    +that require special infrastructure such as Kerberos or TLS.

    The Postfix SMTP client is backwards compatible with SMTP servers that use the non-standard "AUTH=method..." syntax in response @@ -694,6 +703,9 @@ smtpd_sasl_application_name into smtpd_sasl_path.

  • The Dovecot SMTP server-only plug-in was originally implemented by Timo Sirainen of Procontrol, Finland. +
  • Patrick Ben Koetter revised this document for Postfix 2.4 and +made much needed updates. + diff --git a/postfix/proto/TUNING_README.html b/postfix/proto/TUNING_README.html index 9882044aa..0ad9830bc 100644 --- a/postfix/proto/TUNING_README.html +++ b/postfix/proto/TUNING_README.html @@ -224,7 +224,8 @@ seconds or $smtpd_error_sleep_time, whichever is more.

    Measures against clients that make too many connections

    -

    Note: this feature is not included with Postfix version 2.1.

    +

    Note: the anvil(8) service was introduced with Postfix version +2.2.

    The Postfix smtpd(8) server can limit the number of simultaneous connections from the same SMTP client, as well as the number of diff --git a/postfix/proto/access b/postfix/proto/access index ca229c60b..87fd4d879 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -10,11 +10,11 @@ # # \fBpostmap -q - /etc/postfix/access <\fIinputfile\fR # DESCRIPTION -# The Postfix SMTP server \fBaccess\fR(5) table specifies -# actions that are triggered by information from or about -# remote SMTP clients: host names, network addresses, or email -# addresses. An action may grant or deny access, or it may -# change the way that an email transaction will be handled. +# The Postfix SMTP server supports access control on information +# about remote SMTP clients or information received in SMTP +# commands: host names, network addresses, envelope sender +# or recipient addresses. See header_checks(5) or body_checks(5) +# for access control on the content of email messages. # # Normally, the \fBaccess\fR(5) table is specified as a text file # that serves as input to the \fBpostmap\fR(1) command. @@ -173,7 +173,8 @@ # specified, otherwise reply with a generic error response message. # .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR # Defer the request if some later restriction would result in a -# REJECT action. Reply with "\fB450\fI optional text...\fR when the +# REJECT action. Reply with "\fB450 4.7.1 \fI optional +# text...\fR when the # optional text is specified, otherwise reply with a generic error # response message. # .sp @@ -181,7 +182,7 @@ # .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR # Defer the request if some later restriction would result in a # an explicit or implicit PERMIT action. -# Reply with "\fB450\fI optional text...\fR when the +# Reply with "\fB450 4.7.1 \fI optional text...\fR when the # optional text is specified, otherwise reply with a generic error # response message. # .sp @@ -265,10 +266,9 @@ # This feature is available in Postfix 2.0 and later. # .IP "\fBPREPEND \fIheadername: headervalue\fR" # Prepend the specified message header to the message. -# When this action executes multiple times, the first prepended -# header appears before the second etc. prepended header. -# .sp -# Note: this action does not support multi-line message headers. +# When more than one PREPEND action executes, the first +# prepended header appears before the second etc. prepended +# header. # .sp # Note: this action must execute before the message content # is received; it cannot execute in the context of diff --git a/postfix/proto/aliases b/postfix/proto/aliases index 4aab46b31..2ac242c9f 100644 --- a/postfix/proto/aliases +++ b/postfix/proto/aliases @@ -69,8 +69,8 @@ # When the command fails, a limited amount of command output is # mailed back to the sender. The file \fB/usr/include/sysexits.h\fR # defines the expected exit status codes. For example, use -# \fB|"exit 67"\fR to simulate a "user unknown" error, and -# \fB|"exit 0"\fR to implement an expensive black hole. +# \fB"|exit 67"\fR to simulate a "user unknown" error, and +# \fB"|exit 0"\fR to implement an expensive black hole. # .IP \fB:include:\fI/file/name\fR # Mail is sent to the destinations listed in the named file. # Lines in \fB:include:\fR files have the same syntax diff --git a/postfix/proto/bounce b/postfix/proto/bounce index 842cad9b8..113fea84f 100644 --- a/postfix/proto/bounce +++ b/postfix/proto/bounce @@ -24,7 +24,8 @@ # GENERAL PROCEDURE # .ad # .fi -# To create customized bounce template file, create a temporary +# To create a customized bounce template file, create a +# temporary # copy of the file \fB/etc/postfix/bounce.cf.default\fR and # edit the temporary file. # diff --git a/postfix/proto/canonical b/postfix/proto/canonical index d0112fa1f..cc65ec407 100644 --- a/postfix/proto/canonical +++ b/postfix/proto/canonical @@ -49,10 +49,9 @@ # by legacy mail systems. # # The \fBcanonical\fR(5) mapping is not to be confused with \fIvirtual -# domain\fR support. Use the \fBvirtual\fR(5) map for that purpose. -# -# The \fBcanonical\fR(5) mapping is not to be confused with local aliasing. -# Use the \fBaliases\fR(5) map for that purpose. +# alias\fR support or with local aliasing. To change the destination +# but not the headers, use the \fBvirtual\fR(5) or \fBaliases\fR(5) +# map instead. # CASE FOLDING # .ad # .fi @@ -97,6 +96,13 @@ # .IP "@\fIdomain address\fR" # Replace other addresses in \fIdomain\fR by \fIaddress\fR. # This form has the lowest precedence. +# .sp +# Note: @\fIdomain\fR is a wild-card. When this form is applied +# to recipient addresses, the Postfix SMTP server accepts +# mail for any recipient in \fIdomain\fR, regardless of whether +# that recipient exists. This may turn your mail system into +# a backscatter source that returns undeliverable spam to +# innocent people. # RESULT ADDRESS REWRITING # .ad # .fi diff --git a/postfix/proto/cidr_table b/postfix/proto/cidr_table index 75b0c5ab5..68b3a08e6 100644 --- a/postfix/proto/cidr_table +++ b/postfix/proto/cidr_table @@ -84,7 +84,6 @@ # AUTHOR(S) # The CIDR table lookup code was originally written by: # Jozsef Kadlecsik -# kadlec@blackhole.kfki.hu # KFKI Research Institute for Particle and Nuclear Physics # POB. 49 # 1525 Budapest, Hungary diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks index 97da52b72..406147011 100644 --- a/postfix/proto/header_checks +++ b/postfix/proto/header_checks @@ -18,8 +18,9 @@ # DESCRIPTION # Postfix provides a simple built-in content inspection mechanism that # examines incoming mail one message header or one message body line -# at a time. Each input is compared against a list of patterns, and -# when a match is found the corresponding action is executed. +# at a time. Each input is compared against a list of patterns. +# When a match is found the corresponding action is executed, and +# the matching process is repeated for the next input line. # This feature is implemented by the Postfix \fBcleanup\fR(8) server. # # For examples, see the EXAMPLES section at the end of this diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 0c8da3d8b..e8d4b9e55 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -3319,7 +3319,10 @@ Do not change this unless you have a complete understanding of RFC 821.

    Optional lookup tables with all valid addresses in the domains that match $relay_domains. Specify @domain as a wild-card for -domains that do not have a valid recipient list. Technically, tables +domains that have no valid recipient list, and become a source of +backscatter mail: Postfix accepts spam for non-existent recipients +and then floods innocent people with undeliverable mail. Technically, +tables listed with $relay_recipient_maps are used as lists: Postfix needs to know only if a lookup string is found or not, but it does not use the result from table lookup.

    diff --git a/postfix/proto/virtual b/postfix/proto/virtual index f5295e9a0..256b97716 100644 --- a/postfix/proto/virtual +++ b/postfix/proto/virtual @@ -91,6 +91,13 @@ # .IP "@\fIdomain address, address, ...\fR" # Redirect mail for other users in \fIdomain\fR to \fIaddress\fR. # This form has the lowest precedence. +# .sp +# Note: @\fIdomain\fR is a wild-card. With this form, the +# Postfix SMTP server accepts +# mail for any recipient in \fIdomain\fR, regardless of whether +# that recipient exists. This may turn your mail system into +# a backscatter source that returns undeliverable spam to +# innocent people. # RESULT ADDRESS REWRITING # .ad # .fi diff --git a/postfix/src/cleanup/cleanup_init.c b/postfix/src/cleanup/cleanup_init.c index 2791f32e6..13e792e52 100644 --- a/postfix/src/cleanup/cleanup_init.c +++ b/postfix/src/cleanup/cleanup_init.c @@ -202,7 +202,7 @@ CONFIG_STR_TABLE cleanup_str_table[] = { VAR_BODY_CHECKS, DEF_BODY_CHECKS, &var_body_checks, 0, 0, VAR_PROP_EXTENSION, DEF_PROP_EXTENSION, &var_prop_extension, 0, 0, VAR_ALWAYS_BCC, DEF_ALWAYS_BCC, &var_always_bcc, 0, 0, - VAR_RCPT_WITHELD, DEF_RCPT_WITHELD, &var_rcpt_witheld, 1, 0, + VAR_RCPT_WITHELD, DEF_RCPT_WITHELD, &var_rcpt_witheld, 0, 0, VAR_MASQ_CLASSES, DEF_MASQ_CLASSES, &var_masq_classes, 0, 0, VAR_SEND_BCC_MAPS, DEF_SEND_BCC_MAPS, &var_send_bcc_maps, 0, 0, VAR_RCPT_BCC_MAPS, DEF_RCPT_BCC_MAPS, &var_rcpt_bcc_maps, 0, 0, diff --git a/postfix/src/cleanup/cleanup_message.c b/postfix/src/cleanup/cleanup_message.c index be6b2ed1c..2087c0908 100644 --- a/postfix/src/cleanup/cleanup_message.c +++ b/postfix/src/cleanup/cleanup_message.c @@ -691,7 +691,7 @@ static void cleanup_header_done_callback(void *context) #define VISIBLE_RCPT ((1 << HDR_TO) | (1 << HDR_RESENT_TO) \ | (1 << HDR_CC) | (1 << HDR_RESENT_CC)) - if ((state->headers_seen & VISIBLE_RCPT) == 0) + if ((state->headers_seen & VISIBLE_RCPT) == 0 && *var_rcpt_witheld) cleanup_out_format(state, REC_TYPE_NORM, "%s", var_rcpt_witheld); /* diff --git a/postfix/src/cleanup/cleanup_out.c b/postfix/src/cleanup/cleanup_out.c index a5c5bf68d..904208071 100644 --- a/postfix/src/cleanup/cleanup_out.c +++ b/postfix/src/cleanup/cleanup_out.c @@ -198,7 +198,8 @@ void cleanup_out_header(CLEANUP_STATE *state, VSTRING *header_buf) } if (line == start) { cleanup_out_string(state, REC_TYPE_NORM, line); - if (line_len < REC_TYPE_PTR_PAYL_SIZE) + if ((state->milters || cleanup_milters) + && line_len < REC_TYPE_PTR_PAYL_SIZE) rec_pad(state->dst, REC_TYPE_DTXT, REC_TYPE_PTR_PAYL_SIZE - line_len); } else if (IS_SPACE_TAB(*line)) { diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index c2ffb7f67..cc2666ba6 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20070306" -#define MAIL_VERSION_NUMBER "2.4.0-RC4" +#define MAIL_RELEASE_DATE "20070312" +#define MAIL_VERSION_NUMBER "2.4.0-RC5" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/smtp/Makefile.in b/postfix/src/smtp/Makefile.in index 9b10ef251..94ef9d3c7 100644 --- a/postfix/src/smtp/Makefile.in +++ b/postfix/src/smtp/Makefile.in @@ -9,7 +9,7 @@ HDRS = smtp.h smtp_sasl.h smtp_addr.h smtp_reuse.h TESTSRC = DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE) CFLAGS = $(DEBUG) $(OPT) $(DEFS) -TESTPROG= smtp_unalias smtp_map11 legacy levels +TESTPROG= smtp_unalias smtp_map11 PROG = smtp INC_DIR = ../../include LIBS = ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libdns.a \ @@ -65,12 +65,6 @@ smtp_unalias: smtp_unalias.c $(LIBS) smtp_map11: smtp_map11.c $(LIBS) $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) $(SYSLIBS) -legacy: legacy.c $(LIBS) - $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) - -levels: levels.c $(LIBS) - $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) - # This needs trivial-rewrite service and myorigin==mydomain smtp_map11_test: smtp_map11 map11_map smtp_map11.ref ../postmap/postmap map11_map @@ -91,42 +85,6 @@ depend: $(MAKES) @$(EXPORT) make -f Makefile.in Makefile 1>&2 # do not edit below this line - it is generated by 'make depend' -legacy.o: ../../include/msg.h -legacy.o: ../../include/stringops.h -legacy.o: ../../include/sys_defs.h -legacy.o: ../../include/vbuf.h -legacy.o: ../../include/vstream.h -legacy.o: ../../include/vstring.h -legacy.o: ../../include/vstring_vstream.h -legacy.o: legacy.c -levels.o: ../../include/argv.h -levels.o: ../../include/attr.h -levels.o: ../../include/deliver_request.h -levels.o: ../../include/dict.h -levels.o: ../../include/dsn.h -levels.o: ../../include/dsn_buf.h -levels.o: ../../include/htable.h -levels.o: ../../include/maps.h -levels.o: ../../include/match_list.h -levels.o: ../../include/match_ops.h -levels.o: ../../include/msg.h -levels.o: ../../include/msg_stats.h -levels.o: ../../include/name_code.h -levels.o: ../../include/name_mask.h -levels.o: ../../include/recipient_list.h -levels.o: ../../include/resolve_clnt.h -levels.o: ../../include/scache.h -levels.o: ../../include/string_list.h -levels.o: ../../include/stringops.h -levels.o: ../../include/sys_defs.h -levels.o: ../../include/tls.h -levels.o: ../../include/tok822.h -levels.o: ../../include/vbuf.h -levels.o: ../../include/vstream.h -levels.o: ../../include/vstring.h -levels.o: ../../include/vstring_vstream.h -levels.o: levels.c -levels.o: smtp.h lmtp_params.o: lmtp_params.c smtp.o: ../../include/argv.h smtp.o: ../../include/attr.h diff --git a/postfix/src/smtp/legacy.c b/postfix/src/smtp/legacy.c deleted file mode 100644 index 867d02ce9..000000000 --- a/postfix/src/smtp/legacy.c +++ /dev/null @@ -1,205 +0,0 @@ - /* - * The old legacy TLS per-site policy engine, implemented with multiple - * boolean variables, stripped down for exhaustive comparison with the new - * legacy policy engine. - */ -/* System library. */ - -#include -#include -#include - -#ifdef STRCASECMP_IN_STRINGS_H -#include -#endif - -/* Utility library. */ - -#include -#include -#include -#include - - /* - * Global policy variables. - */ -int var_smtp_enforce_tls; -int var_smtp_tls_enforce_peername; -int var_smtp_use_tls; - - /* - * Simplified session structure. - */ -typedef struct { - int tls_use_tls; - int tls_enforce_tls; - int tls_enforce_peername; -} SMTP_SESSION; - - /* - * Per-site policies can override main.cf settings. - */ -typedef struct { - int dont_use; /* don't use TLS */ - int use; /* useless, see above */ - int enforce; /* must always use TLS */ - int enforce_peername; /* must verify certificate name */ -} SMTP_TLS_SITE_POLICY; - -/* smtp_tls_site_policy - look up per-site TLS policy */ - -static void smtp_tls_site_policy(SMTP_TLS_SITE_POLICY *policy, - const char *lookup) -{ - - /* - * Initialize the default policy. - */ - policy->dont_use = 0; - policy->use = 0; - policy->enforce = 0; - policy->enforce_peername = 0; - - /* - * Look up a non-default policy. - */ - if (strcasecmp(lookup, "-")) { - if (!strcasecmp(lookup, "NONE")) - policy->dont_use = 1; - else if (!strcasecmp(lookup, "MAY")) - policy->use = 1; - else if (!strcasecmp(lookup, "MUST")) - policy->enforce = policy->enforce_peername = 1; - else if (!strcasecmp(lookup, "MUST_NOPEERMATCH")) - policy->enforce = 1; - else - msg_fatal("unknown TLS policy '%s'", lookup); - } -} - -static void policy(SMTP_SESSION *session, const char *host, const char *dest) -{ - SMTP_TLS_SITE_POLICY host_policy; - SMTP_TLS_SITE_POLICY rcpt_policy; - - session->tls_use_tls = session->tls_enforce_tls = 0; - session->tls_enforce_peername = 0; - - /* - * Override the main.cf TLS policy with an optional per-site policy. - */ - smtp_tls_site_policy(&host_policy, host); - smtp_tls_site_policy(&rcpt_policy, dest); - - /* - * Fix 200601: a combined per-site (NONE + MAY) policy changed global - * MUST into NONE, and all weaker global policies into MAY. This was - * discovered with exhaustive simulation. Fix verified by comparing - * exhaustive simulation results with Postfix 2.3 which re-implements - * per-site policies from the ground up. - */ -#ifdef FIX200601 - if ((host_policy.dont_use || rcpt_policy.dont_use) - && (host_policy.use || rcpt_policy.use)) { - host_policy.use = rcpt_policy.use = 0; - host_policy.dont_use = rcpt_policy.dont_use = 1; - } -#endif - - /* - * Set up TLS enforcement for this session. - */ - if ((var_smtp_enforce_tls && !host_policy.dont_use && !rcpt_policy.dont_use) - || host_policy.enforce || rcpt_policy.enforce) - session->tls_enforce_tls = session->tls_use_tls = 1; - - /* - * Set up peername checking for this session. - * - * We want to make sure that a MUST* entry in the tls_per_site table always - * has precedence. MUST always must lead to a peername check, - * MUST_NOPEERMATCH must always disable it. Only when no explicit setting - * has been found, the default will be used. - * - * Fix 200601: a per-site MUST_NOPEERMATCH policy could not override a - * global MUST policy. Fix verified by comparing exhaustive simulation - * results with Postfix 2.3 which re-implements per-site policy from the - * ground up. - */ - if (host_policy.enforce && host_policy.enforce_peername) - session->tls_enforce_peername = 1; - else if (rcpt_policy.enforce && rcpt_policy.enforce_peername) - session->tls_enforce_peername = 1; - else if ( -#ifdef FIX200601 - !host_policy.enforce && !rcpt_policy.enforce && /* Fix 200601 */ -#endif - var_smtp_enforce_tls && var_smtp_tls_enforce_peername) - session->tls_enforce_peername = 1; - else if ((var_smtp_use_tls && !host_policy.dont_use && !rcpt_policy.dont_use) || host_policy.use || rcpt_policy.use) - session->tls_use_tls = 1; -} - -static void set_global_policy(const char *global) -{ - var_smtp_tls_enforce_peername = var_smtp_enforce_tls = var_smtp_use_tls = 0; - - if (strcasecmp(global, "must") == 0) { - var_smtp_enforce_tls = 1; /* XXX */ - var_smtp_tls_enforce_peername = 1; - } else if (strcasecmp(global, "must_nopeermatch") == 0) { - var_smtp_enforce_tls = 1; - } else if (strcasecmp(global, "may") == 0) { - var_smtp_use_tls = 1; - } else if (strcasecmp(global, "-") !=0) { - msg_fatal("unknown global policy: %s", global); - } -} - -static const char *print_policy(SMTP_SESSION *session) -{ - if (session->tls_enforce_peername && session->tls_enforce_tls) - return ("must"); - if (session->tls_enforce_tls) - return ("must_nopeermatch"); - if (session->tls_use_tls) - return ("may"); - return ("none"); -} - -int main(int argc, char **argv) -{ - SMTP_SESSION session; - VSTRING *buf = vstring_alloc(200); - char *cp; - const char *global; - const char *host; - const char *dest; - const char *result; - const char *sep = " \t\r\n"; - - vstream_printf("%-20s %-20s %-20s %s\n", - "host", "dest", "global", "result"); - while (vstring_get_nonl(buf, VSTREAM_IN) >= 0) { - cp = vstring_str(buf); - if (*cp == 0 || *cp == '#') { - vstream_printf("%s\n", cp); - } else { - if ((host = mystrtok(&cp, sep)) == 0) - msg_fatal("missing host policy"); - if ((dest = mystrtok(&cp, sep)) == 0) - msg_fatal("missing nexthop policy"); - if ((global = mystrtok(&cp, sep)) == 0) - msg_fatal("missing global policy"); - if (mystrtok(&cp, sep) != 0) - msg_fatal("garbage after global policy"); - set_global_policy(global); - policy(&session, host, dest); - result = print_policy(&session); - vstream_printf("%-20s %-20s %-20s %s\n", - host, dest, global, result); - } - vstream_fflush(VSTREAM_OUT); - } - exit(0); -} diff --git a/postfix/src/smtp/levels.c b/postfix/src/smtp/levels.c deleted file mode 100644 index 7ca90e605..000000000 --- a/postfix/src/smtp/levels.c +++ /dev/null @@ -1,194 +0,0 @@ - /* - * The new legacy TLS per-site policy engine, re-implemented in terms of - * enforcement levels, stripped down for exhaustive comparisons with the old - * legacy policy engine. - * - * This is the code that will be used in Postfix 2.3 so that sites can upgrade - * Postfix without being forced to change to the new TLS policy model. - */ - -/* System library. */ - -#include -#include -#include - -#ifdef STRCASECMP_IN_STRINGS_H -#include -#endif - -/* Utility library. */ - -#include -#include -#include -#include - - /* - * TLS levels - */ -#include - - /* - * Application-specific. - */ -#include - - /* - * Global policy variables. - */ -int var_smtp_enforce_tls; -int var_smtp_tls_enforce_peername; -int var_smtp_use_tls; - -/* smtp_tls_policy_lookup - look up per-site TLS policy */ - -static void smtp_tls_policy_lookup(int *site_level, const char *lookup) -{ - - /* - * Look up a non-default policy. In case of multiple lookup results, the - * precedence order is a permutation of the TLS enforcement level order: - * VERIFY, ENCRYPT, NONE, MAY, NOTFOUND. I.e. we override MAY with a more - * specific policy including NONE, otherwise we choose the stronger - * enforcement level. - */ - if (strcasecmp(lookup, "-")) { - if (!strcasecmp(lookup, "NONE")) { - /* NONE overrides MAY or NOTFOUND. */ - if (*site_level <= TLS_LEV_MAY) - *site_level = TLS_LEV_NONE; - } else if (!strcasecmp(lookup, "MAY")) { - /* MAY overrides NOTFOUND but not NONE. */ - if (*site_level < TLS_LEV_NONE) - *site_level = TLS_LEV_MAY; - } else if (!strcasecmp(lookup, "MUST_NOPEERMATCH")) { - if (*site_level < TLS_LEV_ENCRYPT) - *site_level = TLS_LEV_ENCRYPT; - } else if (!strcasecmp(lookup, "MUST")) { - if (*site_level < TLS_LEV_VERIFY) - *site_level = TLS_LEV_VERIFY; - } else { - msg_fatal("unknown TLS policy '%s'", lookup); - } - } -} - -static int policy(const char *host, const char *dest) -{ - int global_level; - int site_level; - int tls_level; - - /* - * Compute the global TLS policy. This is the default policy level when - * no per-site policy exists. It also is used to override a wild-card - * per-site policy. - */ - if (var_smtp_enforce_tls) - global_level = var_smtp_tls_enforce_peername ? - TLS_LEV_VERIFY : TLS_LEV_ENCRYPT; - else - global_level = var_smtp_use_tls ? - TLS_LEV_MAY : TLS_LEV_NONE; - - /* - * Compute the per-site TLS enforcement level. For compatibility with the - * original TLS patch, this algorithm is gives equal precedence to host - * and next-hop policies. - */ - site_level = TLS_LEV_NOTFOUND; - - smtp_tls_policy_lookup(&site_level, dest); - smtp_tls_policy_lookup(&site_level, host); - - /* - * Override a wild-card per-site policy with a more specific global - * policy. - * - * With the original TLS patch, 1) a per-site ENCRYPT could not override a - * global VERIFY, and 2) a combined per-site (NONE+MAY) policy produced - * inconsistent results: it changed a global VERIFY into NONE, while - * producing MAY with all weaker global policy settings. - * - * With the current implementation, a combined per-site (NONE+MAY) - * consistently overrides global policy with NONE, and global policy can - * override only a per-site MAY wildcard. That is, specific policies - * consistently override wildcard policies, and (non-wildcard) per-site - * policies consistently override global policies. - */ - if (site_level == TLS_LEV_NOTFOUND - || (site_level == TLS_LEV_MAY - && global_level > TLS_LEV_MAY)) - tls_level = global_level; - else - tls_level = site_level; - - return (tls_level); -} - -static void set_global_policy(const char *global) -{ - var_smtp_tls_enforce_peername = var_smtp_enforce_tls = var_smtp_use_tls = 0; - - if (strcasecmp(global, "must") == 0) { - var_smtp_enforce_tls = 1; /* XXX */ - var_smtp_tls_enforce_peername = 1; - } else if (strcasecmp(global, "must_nopeermatch") == 0) { - var_smtp_enforce_tls = 1; - } else if (strcasecmp(global, "may") == 0) { - var_smtp_use_tls = 1; - } else if (strcasecmp(global, "-") !=0) { - msg_fatal("unknown global policy: %s", global); - } -} - -static const char *print_policy(int level) -{ - if (level == TLS_LEV_VERIFY) - return ("must"); - if (level == TLS_LEV_ENCRYPT) - return ("must_nopeermatch"); - if (level == TLS_LEV_MAY) - return ("may"); - if (level == TLS_LEV_NONE) - return ("none"); - msg_panic("unknown policy level %d", level); -} - -int main(int argc, char **argv) -{ - VSTRING *buf = vstring_alloc(200); - char *cp; - const char *global; - const char *host; - const char *dest; - const char *result; - const char *sep = " \t\r\n"; - int level; - - vstream_printf("%-20s %-20s %-20s %s\n", - "host", "dest", "global", "result"); - while (vstring_get_nonl(buf, VSTREAM_IN) > 0) { - cp = vstring_str(buf); - if (*cp == 0 || *cp == '#') { - vstream_printf("%s\n", cp); - } else { - if ((host = mystrtok(&cp, sep)) == 0) - msg_fatal("missing host policy"); - if ((dest = mystrtok(&cp, sep)) == 0) - msg_fatal("missing nexthop policy"); - if ((global = mystrtok(&cp, sep)) == 0) - msg_fatal("missing global policy"); - if (mystrtok(&cp, sep) != 0) - msg_fatal("garbage after global policy"); - set_global_policy(global); - level = policy(host, dest); - result = print_policy(level); - vstream_printf("%-20s %-20s %-20s %s\n", - host, dest, global, result); - } - vstream_fflush(VSTREAM_OUT); - } - exit(0); -} diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index ed8d3f75e..2d1a12c5f 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -581,12 +581,11 @@ int smtp_helo(SMTP_STATE *state) * Send STARTTLS. Recurse when the server accepts STARTTLS, after * resetting the SASL and EHLO features lists. * - * XXX Reset the SASL mechanism list to avoid spurious warnings. We - * need a routine to reset the list instead of groping data here. + * Reset the SASL mechanism list to avoid spurious warnings. * - * XXX Should not there be an smtp_sasl_tls_security_options feature - * to allow different mechanisms across TLS tunnels than across - * plain-text connections? + * Use the smtp_sasl_tls_security_options feature to allow SASL + * mechanisms that may not be allowed with plain-text + * connections. */ smtp_chat_cmd(session, "STARTTLS"); if ((resp = smtp_chat_resp(session))->code / 100 == 2) { diff --git a/postfix/src/util/attr_print0.c b/postfix/src/util/attr_print0.c index 339388605..7c6767843 100644 --- a/postfix/src/util/attr_print0.c +++ b/postfix/src/util/attr_print0.c @@ -22,7 +22,7 @@ /* attr_scan0(). The stream is not flushed. /* /* attr_vprint0() provides an alternate interface that is convenient -/* for calling from within variadoc functions. +/* for calling from within variadic functions. /* /* Attributes are sent in the requested order as specified with the /* attr_print0() argument list. This routine satisfies the formatting diff --git a/postfix/src/util/attr_print64.c b/postfix/src/util/attr_print64.c index f9cd51e0a..5fd3ed93b 100644 --- a/postfix/src/util/attr_print64.c +++ b/postfix/src/util/attr_print64.c @@ -22,7 +22,7 @@ /* attr_scan64(). The stream is not flushed. /* /* attr_vprint64() provides an alternate interface that is convenient -/* for calling from within variadoc functions. +/* for calling from within variadic functions. /* /* Attributes are sent in the requested order as specified with the /* attr_print64() argument list. This routine satisfies the formatting diff --git a/postfix/src/util/attr_print_plain.c b/postfix/src/util/attr_print_plain.c index 61106f7e3..cc01c781f 100644 --- a/postfix/src/util/attr_print_plain.c +++ b/postfix/src/util/attr_print_plain.c @@ -22,7 +22,7 @@ /* attr_scan_plain(). The stream is not flushed. /* /* attr_vprint_plain() provides an alternate interface that is convenient -/* for calling from within variadoc functions. +/* for calling from within variadic functions. /* /* Attributes are sent in the requested order as specified with the /* attr_print_plain() argument list. This routine satisfies the formatting diff --git a/postfix/src/util/sane_accept.c b/postfix/src/util/sane_accept.c index d158f5e9f..5c49aa036 100644 --- a/postfix/src/util/sane_accept.c +++ b/postfix/src/util/sane_accept.c @@ -108,7 +108,11 @@ int sane_accept(int sock, struct sockaddr * sa, SOCKADDR_SIZE *len) * timer. */ #if defined(BROKEN_READ_SELECT_ON_TCP_SOCKET) && defined(SO_KEEPALIVE) - else if (sa && (sa->sa_family == AF_INET || sa->sa_family == AF_INET6)) { + else if (sa && (sa->sa_family == AF_INET +#ifdef HAS_IPV6 + || sa->sa_family == AF_INET6 +#endif + )) { int on = 1; (void) setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, -- 2.47.3