VSTRING during vstream_fflush(); added a simple 'allow'
filter for vstream_control() requests; added a unit test.
File: util/vstream.c.
+
+20180812
+
+ Feature: smtp_reject_footer_maps (as well as the postscreen
+ variant postscreen_reject_footer_maps). This is indexed
+ with the SMTP server response text, and overrides the footer
+ specified with smtp_reject_footer. Files: global/mail_params.h,
+ mantools/postlink, postscreen/postscreen.c,
+ postscreen/postscreen_send.c, postscreen/postscreen_smtpd.c,
+ proto/postconf.proto, smtpd/smtpd.c, smtpd/smtpd_chat.c.
+
+ Minor wordsmithing. File: makedefs.
tidy: clean
rm -f Makefile */Makefile src/*/Makefile
- cp Makefile.init Makefile
+ cp -p Makefile.init Makefile
rm -f README_FILES/RELEASE_NOTES
ln -s ../RELEASE_NOTES README_FILES
rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* \
Wish list:
- Add 'retire after max_use * max_idle' support to the
- event-server, so that tlsproxy processes will terminate
- even on a busy server. This can build on the retirement
- support for the dnsblog server.
+ In postscreen, don't fork after 'postfix reload' when
+ psc_check_queue_length (and psc_post_queue_length?) is zero.
+
+ In smtp_stream.c, replace `ssize_t err' with `int err'.
+
+ In ehlo_mask.c, replace "EHLO_MASK_SMTPUTF8" with "SMTPUTF8".
With smtpd_reject_footer=$foo in master.cf, and foo defined
in main.cf, postconf complains about an unused setting in
to template Makefiles. These macros implement an internal interface
and are subject to change without notice.
+<b>NAME=VALUE OVERRIDES</b>
Default settings can be overruled by specifying them as environment
variables (or as name=value pairs on the "make" command line). Use
quotes if variables contain whitespace or shell meta characters.
of the make(1) command.
<b>AUXLIBS=</b><i>object</i><b>_</b><i>library...</i>
- Specifies one or more non-default object libraries. Postfix 2.12
+ Specifies one or more non-default object libraries. Postfix 3.0
and later specify some of their database library dependencies
with <a href="CDB_README.html">AUXLIBS_CDB</a>, <a href="LDAP_README.html">AUXLIBS_LDAP</a>, <a href="LMDB_README.html">AUXLIBS_LMDB</a>, <a href="MYSQL_README.html">AUXLIBS_MYSQL</a>,
<a href="PCRE_README.html">AUXLIBS_PCRE</a>, <a href="PGSQL_README.html">AUXLIBS_PGSQL</a>, <a href="SDBM_README.html">AUXLIBS_SDBM</a>, and <a href="SQLITE_README.html">AUXLIBS_SQLITE</a>,
<p> This feature is available in Postfix 2.8 and later. </p>
+</DD>
+
+<DT><b><a name="postscreen_reject_footer_maps">postscreen_reject_footer_maps</a>
+(default: $<a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>)</b></DT><DD>
+
+<p> Optional lookup table for information that is appended after a 4XX
+or 5XX <a href="postscreen.8.html">postscreen(8)</a> server response. See <a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a> for
+further details. </p>
+
+<p> This feature is available in Postfix 3.4 and later. </p>
+
+
</DD>
<DT><b><a name="postscreen_tls_security_level">postscreen_tls_security_level</a>
<dt><b><a name="reject_unknown_client_hostname">reject_unknown_client_hostname</a></b> (with Postfix < 2.3: reject_unknown_client)</dt>
<dd>Reject the request when 1) the client IP address->name mapping
-fails, 2) the name->address mapping fails, or 3) the name->address
+fails, or 2) the name->address mapping fails, or 3) the name->address
mapping does not match the client IP address. <br> This is a
stronger restriction than the <a href="postconf.5.html#reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a>
feature, which triggers only under condition 1) above. <br> The
<p> This feature supports a limited number of $name attributes in
the footer text. These are replaced by their current value for the
-SMTP session: </p>
+SMTP session. </p>
+
+<p> Note: specify $$name in footer text that is looked up from
+<a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>:-based <a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>, otherwise the
+Postfix server not use the footer text and will log a warning
+instead. </p>
<dl>
<p> This feature is available in Postfix 2.8 and later. </p>
+</DD>
+
+<DT><b><a name="smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables, indexed by the complete Postfix SMTP server 4xx or
+5xx response, with reject footer templates. See <a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>
+for details. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> This feature is available in Postfix 3.4 and later. </p>
+
+
</DD>
<DT><b><a name="smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a>
<b><a href="postconf.5.html#dns_ncache_ttl_fix_enable">dns_ncache_ttl_fix_enable</a> (no)</b>
Enable a workaround for future libc incompatibility.
+ Available in Postfix version 3.4 and later:
+
+ <b><a href="postconf.5.html#postscreen_reject_footer_maps">postscreen_reject_footer_maps</a> ($<a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a>)</b>
+ Optional lookup table for information that is appended after a
+ 4XX or 5XX <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server response.
+
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#postscreen_expansion_filter">postscreen_expansion_filter</a> (see 'postconf -d' output)</b>
List of characters that are permitted in
<a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a> attribute expansions.
<b><a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a> ($<a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a>)</b>
- Optional information that is appended after a 4XX or 5XX
+ Optional information that is appended after a 4XX or 5XX
<a href="postscreen.8.html"><b>postscreen</b>(8)</a> server response.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
- Safety net to keep mail queued that would otherwise be returned
+ Safety net to keep mail queued that would otherwise be returned
to the sender.
<b>BEFORE-POSTSCREEN PROXY AGENT</b>
Available in Postfix version 2.10 and later:
<b><a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> (empty)</b>
- The name of the proxy protocol used by an optional
+ The name of the proxy protocol used by an optional
before-postscreen proxy agent.
<b><a href="postconf.5.html#postscreen_upstream_proxy_timeout">postscreen_upstream_proxy_timeout</a> (5s)</b>
- The time limit for the proxy protocol specified with the
+ The time limit for the proxy protocol specified with the
<a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> parameter.
<b>PERMANENT WHITE/BLACKLIST TEST</b>
- This test is executed immediately after a remote SMTP client connects.
- If a client is permanently whitelisted, the client will be handed off
+ This test is executed immediately after a remote SMTP client connects.
+ If a client is permanently whitelisted, the client will be handed off
immediately to a Postfix SMTP server process.
<b><a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>)</b>
<b><a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> (ignore)</b>
The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client is
- permanently blacklisted with the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> parame-
+ permanently blacklisted with the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> parame-
ter.
<b>MAIL EXCHANGER POLICY TESTS</b>
- When <a href="postscreen.8.html"><b>postscreen</b>(8)</a> is configured to monitor all primary and backup MX
- addresses, it can refuse to whitelist clients that connect to a backup
+ When <a href="postscreen.8.html"><b>postscreen</b>(8)</a> is configured to monitor all primary and backup MX
+ addresses, it can refuse to whitelist clients that connect to a backup
MX address only. For small sites, this requires configuring primary and
- backup MX addresses on the same MTA. Larger sites would have to share
- the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> cache between primary and backup MTAs, which would
+ backup MX addresses on the same MTA. Larger sites would have to share
+ the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> cache between primary and backup MTAs, which would
introduce a common point of failure.
<b><a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> (<a href="DATABASE_README.html#types">static</a>:all)</b>
- A list of local <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server IP addresses where a
- non-whitelisted
remote SMTP client can obtain <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s
+ A list of local <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server IP addresses where a
+ non-whitelisted
remote SMTP client can obtain <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s
temporary whitelist status.
<b>BEFORE 220 GREETING TESTS</b>
- These tests are executed before the remote SMTP client receives the
+ These tests are executed before the remote SMTP client receives the
"220 servername" greeting. If no tests remain after the successful com-
- pletion of this phase, the client will be handed off immediately to a
+ pletion of this phase, the client will be handed off immediately to a
Postfix SMTP server process.
<b><a href="postconf.5.html#dnsblog_service_name">dnsblog_service_name</a> (dnsblog)</b>
The name of the <a href="dnsblog.8.html"><b>dnsblog</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
<b><a href="postconf.5.html#postscreen_dnsbl_action">postscreen_dnsbl_action</a> (ignore)</b>
- The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client's
+ The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client's
combined DNSBL score is equal to or greater than a threshold (as
- defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> and
+ defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> and
<a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> parameters).
<b><a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> (empty)</b>
- A mapping from actual DNSBL domain name which includes a secret
- password, to the DNSBL domain name that postscreen will reply
+ A mapping from actual DNSBL domain name which includes a secret
+ password, to the DNSBL domain name that postscreen will reply
with when it rejects mail.
<b><a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> (empty)</b>
factors.
<b><a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> (1)</b>
- The inclusive lower bound for blocking a remote SMTP client,
- based on its combined DNSBL score as defined with the
+ The inclusive lower bound for blocking a remote SMTP client,
+ based on its combined DNSBL score as defined with the
<a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.
<b><a href="postconf.5.html#postscreen_greet_action">postscreen_greet_action</a> (ignore)</b>
- The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
- speaks before its turn within the time specified with the
+ The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
+ speaks before its turn within the time specified with the
<a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a> parameter.
<b><a href="postconf.5.html#postscreen_greet_banner">postscreen_greet_banner</a> ($<a href="postconf.5.html#smtpd_banner">smtpd_banner</a>)</b>
- The <i>text</i> in the optional "220-<i>text</i>..." server response that
+ The <i>text</i> in the optional "220-<i>text</i>..." server response that
<a href="postscreen.8.html"><b>postscreen</b>(8)</a> sends ahead of the real Postfix SMTP server's "220
- text..." response, in an attempt to confuse bad SMTP clients so
+ text..." response, in an attempt to confuse bad SMTP clients so
that they speak before their turn (pre-greet).
<b><a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a> (normal: 6s, overload: 2s)</b>
- The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will wait for an SMTP
- client to send a command before its turn, and for DNS blocklist
+ The amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will wait for an SMTP
+ client to send a command before its turn, and for DNS blocklist
lookup results to arrive (default: up to 2 seconds under stress,
up to 6 seconds otherwise).
<b><a href="postconf.5.html#smtpd_service_name">smtpd_service_name</a> (smtpd)</b>
- The internal service that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> hands off allowed con-
+ The internal service that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> hands off allowed con-
nections to.
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#postscreen_dnsbl_whitelist_threshold">postscreen_dnsbl_whitelist_threshold</a> (0)</b>
- Allow a remote SMTP client to skip "before" and "after 220
- greeting" protocol tests, based on its combined DNSBL score as
+ Allow a remote SMTP client to skip "before" and "after 220
+ greeting" protocol tests, based on its combined DNSBL score as
defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.
Available in Postfix version 3.0 and later:
<b>AFTER 220 GREETING TESTS</b>
These tests are executed after the remote SMTP client receives the "220
- servername" greeting. If a client passes all tests during this phase,
- it will receive a 4XX response to all RCPT TO commands. After the
- client reconnects, it will be allowed to talk directly to a Postfix
+ servername" greeting. If a client passes all tests during this phase,
+ it will receive a 4XX response to all RCPT TO commands. After the
+ client reconnects, it will be allowed to talk directly to a Postfix
SMTP server process.
<b><a href="postconf.5.html#postscreen_bare_newline_action">postscreen_bare_newline_action</a> (ignore)</b>
- The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
- sends a bare newline character, that is, a newline not preceded
+ The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
+ sends a bare newline character, that is, a newline not preceded
by carriage return.
<b><a href="postconf.5.html#postscreen_bare_newline_enable">postscreen_bare_newline_enable</a> (no)</b>
- Enable
"bare newline" SMTP protocol tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
+ Enable
"bare newline" SMTP protocol tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
server.
<b><a href="postconf.5.html#postscreen_disable_vrfy_command">postscreen_disable_vrfy_command</a> ($<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a>)</b>
mencing a MAIL transaction.
<b><a href="postconf.5.html#postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a> (drop)</b>
- The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
+ The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
sends non-SMTP commands as specified with the <a href="postconf.5.html#postscreen_forbidden_commands">postscreen_forbid</a>-
<a href="postconf.5.html#postscreen_forbidden_commands">den_commands</a> parameter.
Enable "non-SMTP command" tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> server.
<b><a href="postconf.5.html#postscreen_pipelining_action">postscreen_pipelining_action</a> (enforce)</b>
- The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
+ The action that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> takes when a remote SMTP client
sends multiple commands instead of sending one command and wait-
ing for the server to respond.
<b><a href="postconf.5.html#postscreen_pipelining_enable">postscreen_pipelining_enable</a> (no)</b>
- Enable
"pipelining" SMTP protocol tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
+ Enable
"pipelining" SMTP protocol tests in the <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
server.
<b>CACHE CONTROLS</b>
<b><a href="postconf.5.html#postscreen_dnsbl_max_ttl">postscreen_dnsbl_max_ttl</a></b>
<b>(${<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>?{$<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>}:{1}}h)</b>
- The maximum amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the
- result from a successful DNS-based reputation test before a
+ The maximum amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the
+ result from a successful DNS-based reputation test before a
client IP address is required to pass that test again.
<b><a href="postconf.5.html#postscreen_dnsbl_min_ttl">postscreen_dnsbl_min_ttl</a> (60s)</b>
- The minimum amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the
- result from a successful DNS-based reputation test before a
+ The minimum amount of time that <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will use the
+ result from a successful DNS-based reputation test before a
client IP address is required to pass that test again.
<b><a href="postconf.5.html#postscreen_greet_ttl">postscreen_greet_ttl</a> (1d)</b>
<b>RESOURCE CONTROLS</b>
<b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b>
- Upon input, long lines are chopped up into pieces of at most
+ Upon input, long lines are chopped up into pieces of at most
this length; upon delivery, long lines are reconstructed.
<b><a href="postconf.5.html#postscreen_client_connection_count_limit">postscreen_client_connection_count_limit</a> ($<a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connec</a>-</b>
<b><a href="postconf.5.html#smtpd_client_connection_count_limit">tion_count_limit</a>)</b>
- How many simultaneous connections any remote SMTP client is
+ How many simultaneous connections any remote SMTP client is
allowed to have with the <a href="postscreen.8.html"><b>postscreen</b>(8)</a> daemon.
<b><a href="postconf.5.html#postscreen_command_count_limit">postscreen_command_count_limit</a> (20)</b>
- The limit on the total number of commands per SMTP session for
+ The limit on the total number of commands per SMTP session for
<a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine.
<b><a href="postconf.5.html#postscreen_command_time_limit">postscreen_command_time_limit</a> (normal: 300s, overload: 10s)</b>
- The time limit to read an entire command line with
+ The time limit to read an entire command line with
<a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine.
<b><a href="postconf.5.html#postscreen_post_queue_limit">postscreen_post_queue_limit</a> ($<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b>
- The number of clients that can be waiting for service from a
+ The number of clients that can be waiting for service from a
real Postfix SMTP server process.
<b><a href="postconf.5.html#postscreen_pre_queue_limit">postscreen_pre_queue_limit</a> ($<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b>
- The number of non-whitelisted clients that can be waiting for a
- decision whether they will receive service from a real Postfix
+ The number of non-whitelisted clients that can be waiting for a
+ decision whether they will receive service from a real Postfix
SMTP server process.
<b><a href="postconf.5.html#postscreen_watchdog_timeout">postscreen_watchdog_timeout</a> (10s)</b>
- How much time a <a href="postscreen.8.html"><b>postscreen</b>(8)</a> process may take to respond to a
- remote SMTP client command or to perform a cache operation
+ How much time a <a href="postscreen.8.html"><b>postscreen</b>(8)</a> process may take to respond to a
+ remote SMTP client command or to perform a cache operation
before it is terminated by a built-in watchdog timer.
<b>STARTTLS CONTROLS</b>
The name of the <a href="tlsproxy.8.html"><b>tlsproxy</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
<b>OBSOLETE STARTTLS SUPPORT CONTROLS</b>
- These parameters are supported for compatibility with <a href="smtpd.8.html"><b>smtpd</b>(8)</a> legacy
+ These parameters are supported for compatibility with <a href="smtpd.8.html"><b>smtpd</b>(8)</a> legacy
parameters.
<b><a href="postconf.5.html#postscreen_use_tls">postscreen_use_tls</a> ($<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b>
- Opportunistic TLS: announce STARTTLS support to remote SMTP
+ Opportunistic TLS: announce STARTTLS support to remote SMTP
clients, but do not require that clients use TLS encryption.
<b><a href="postconf.5.html#postscreen_enforce_tls">postscreen_enforce_tls</a> ($<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b>
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
- The maximal number of digits after the decimal point when log-
+ The maximal number of digits after the decimal point when log-
ging sub-second delay values.
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative commands.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix daemon process
+ The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Available in Postfix 3.3 and later:
<b>HISTORY</b>
This service was introduced with Postfix version 2.8.
- Many ideas in <a href="postscreen.8.html"><b>postscreen</b>(8)</a> were explored in earlier work by Michael
+ Many ideas in <a href="postscreen.8.html"><b>postscreen</b>(8)</a> were explored in earlier work by Michael
Tokarev, in OpenBSD spamd, and in MailChannels Traffic Control.
<b>AUTHOR(S)</b>
<b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b>
The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process.
+ Available in Postfix 3.4 and later:
+
+ <b><a href="postconf.5.html#smtpd_reject_footer_maps">smtpd_reject_footer_maps</a> (empty)</b>
+ Lookup tables, indexed by the complete Postfix SMTP server 4xx
+ or 5xx response, with reject footer templates.
+
<b>SEE ALSO</b>
<a href="anvil.8.html">anvil(8)</a>, connection/rate limiting
<a href="cleanup.8.html">cleanup(8)</a>, message canonicalization
# output stream that can be prepended to template Makefiles.
# These macros implement an internal interface and are subject
# to change without notice.
-#
+# NAME=VALUE OVERRIDES
+# .ad
+# .fi
# Default settings can be overruled by specifying them as
# environment variables (or as name=value pairs on the "make"
# command line). Use quotes if variables contain whitespace
# of the make(1) command.
# .IP \fBAUXLIBS=\fIobject_library...\fR
# Specifies one or more non-default object libraries. Postfix
-# 2.12 and later specify some of their database library
+# 3.0 and later specify some of their database library
# dependencies with AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB,
# AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, AUXLIBS_SDBM,
# and AUXLIBS_SQLITE, respectively.
output stream that can be prepended to template Makefiles.
These macros implement an internal interface and are subject
to change without notice.
-
+.SH "NAME=VALUE OVERRIDES"
+.na
+.nf
+.ad
+.fi
Default settings can be overruled by specifying them as
environment variables (or as name=value pairs on the "make"
command line). Use quotes if variables contain whitespace
of the make(1) command.
.IP \fBAUXLIBS=\fIobject_library...\fR
Specifies one or more non\-default object libraries. Postfix
-2.12 and later specify some of their database library
+3.0 and later specify some of their database library
dependencies with AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB,
AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, AUXLIBS_SDBM,
and AUXLIBS_SQLITE, respectively.
response. See smtpd_reject_footer for further details.
.PP
This feature is available in Postfix 2.8 and later.
+.SH postscreen_reject_footer_maps (default: $smtpd_reject_footer_maps)
+Optional lookup table for information that is appended after a 4XX
+or 5XX \fBpostscreen\fR(8) server response. See smtpd_reject_footer_maps for
+further details.
+.PP
+This feature is available in Postfix 3.4 and later.
.SH postscreen_tls_security_level (default: $smtpd_tls_security_level)
The SMTP TLS security level for the \fBpostscreen\fR(8) server; when
a non\-empty value is specified, this overrides the obsolete parameters
.br
.IP "\fBreject_unknown_client_hostname\fR (with Postfix < 2.3: reject_unknown_client)"
Reject the request when 1) the client IP address\->name mapping
-fails, 2) the name\->address mapping fails, or 3) the name\->address
+fails, or 2) the name\->address mapping fails, or 3) the name\->address
mapping does not match the client IP address.
.br
This is a
.PP
This feature supports a limited number of $name attributes in
the footer text. These are replaced by their current value for the
-SMTP session:
+SMTP session.
+.PP
+Note: specify $$name in footer text that is looked up from
+regexp: or pcre:\-based smtpd_reject_footer_maps, otherwise the
+Postfix server not use the footer text and will log a warning
+instead.
.IP "\fBclient_address\fR"
The Client IP address that
is logged in the maillog file.
text (Postfix 2.10 and later).
.PP
This feature is available in Postfix 2.8 and later.
+.SH smtpd_reject_footer_maps (default: empty)
+Lookup tables, indexed by the complete Postfix SMTP server 4xx or
+5xx response, with reject footer templates. See smtpd_reject_footer_maps
+for details.
+.PP
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+.PP
+This feature is available in Postfix 3.4 and later.
.SH smtpd_reject_unlisted_recipient (default: yes)
Request that the Postfix SMTP server rejects mail for unknown
recipient addresses, even when no explicit reject_unlisted_recipient
Available in Postfix version 3.1 and later:
.IP "\fBdns_ncache_ttl_fix_enable (no)\fR"
Enable a workaround for future libc incompatibility.
+.PP
+Available in Postfix version 3.4 and later:
+.IP "\fBpostscreen_reject_footer_maps ($smtpd_reject_footer_maps)\fR"
+Optional lookup table for information that is appended after a 4XX
+or 5XX \fBpostscreen\fR(8) server response.
.SH "TROUBLE SHOOTING CONTROLS"
.na
.nf
Available in Postfix 3.3 and later:
.IP "\fBservice_name (read\-only)\fR"
The master.cf service name of a Postfix daemon process.
+.PP
+Available in Postfix 3.4 and later:
+.IP "\fBsmtpd_reject_footer_maps (empty)\fR"
+Lookup tables, indexed by the complete Postfix SMTP server 4xx or
+5xx response, with reject footer templates.
.SH "SEE ALSO"
.na
.nf
s;\bsmtpd_tls_wrappermode\b;<a href="postconf.5.html#smtpd_tls_wrappermode">$&</a>;g;
s;\bsmtpd_use_tls\b;<a href="postconf.5.html#smtpd_use_tls">$&</a>;g;
s;\bsmtpd_reject_footer\b;<a href="postconf.5.html#smtpd_reject_footer">$&</a>;g;
+ s;\bsmtpd_reject_footer_maps\b;<a href="postconf.5.html#smtpd_reject_footer_maps">$&</a>;g;
s;\bsmtpd_per_record_deadline\b;<a href="postconf.5.html#smtpd_per_record_deadline">$&</a>;g;
s;\bsmtpd_upstream_proxy_protocol\b;<a href="postconf.5.html#smtpd_upstream_proxy_protocol">$&</a>;g;
s;\bsmtpd_upstream_proxy_timeout\b;<a href="postconf.5.html#smtpd_upstream_proxy_timeout">$&</a>;g;
s;\bpostscreen_discard_ehlo_keywords\b;<a href="postconf.5.html#postscreen_discard_ehlo_keywords">$&</a>;g;
s;\bpostscreen_expansion_filter\b;<a href="postconf.5.html#postscreen_expansion_filter">$&</a>;g;
s;\bpostscreen_reject_footer\b;<a href="postconf.5.html#postscreen_reject_footer">$&</a>;g;
+ s;\bpostscreen_reject_footer_maps\b;<a href="postconf.5.html#postscreen_reject_footer_maps">$&</a>;g;
s;\bpostscreen_command_filter\b;<a href="postconf.5.html#postscreen_command_filter">$&</a>;g;
s;\bpostscreen_whitelist_interfaces\b;<a href="postconf.5.html#postscreen_whitelist_interfaces">$&</a>;g;
s;\bpostscreen_upstream_proxy_protocol\b;<a href="postconf.5.html#postscreen_upstream_proxy_protocol">$&</a>;g;
<dt><b><a name="reject_unknown_client_hostname">reject_unknown_client_hostname</a></b> (with Postfix < 2.3: reject_unknown_client)</dt>
<dd>Reject the request when 1) the client IP address->name mapping
-fails, 2) the name->address mapping fails, or 3) the name->address
+fails, or 2) the name->address mapping fails, or 3) the name->address
mapping does not match the client IP address. <br> This is a
stronger restriction than the reject_unknown_reverse_client_hostname
feature, which triggers only under condition 1) above. <br> The
<p> This feature supports a limited number of $name attributes in
the footer text. These are replaced by their current value for the
-SMTP session: </p>
+SMTP session. </p>
+
+<p> Note: specify $$name in footer text that is looked up from
+regexp: or pcre:-based smtpd_reject_footer_maps, otherwise the
+Postfix server will not use the footer text and will log a warning
+instead. </p>
<dl>
<p> This feature is available in Postfix 2.8 and later. </p>
+%PARAM smtpd_reject_footer_maps
+
+<p> Lookup tables, indexed by the complete Postfix SMTP server 4xx or
+5xx response, with reject footer templates. See smtpd_reject_footer_maps
+for details. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> This feature is available in Postfix 3.4 and later. </p>
+
%PARAM postscreen_expansion_filter see "postconf -d" output
<p> List of characters that are permitted in postscreen_reject_footer
<p> This feature is available in Postfix 2.8 and later. </p>
+%PARAM postscreen_reject_footer_maps $smtpd_reject_footer_maps
+
+<p> Optional lookup table for information that is appended after a 4XX
+or 5XX postscreen(8) server response. See smtpd_reject_footer_maps for
+further details. </p>
+
+<p> This feature is available in Postfix 3.4 and later. </p>
+
%PARAM postscreen_command_filter $smtpd_command_filter
<p> A mechanism to transform commands from remote SMTP clients.
#define DEF_PSC_REJ_FOOTER "$" VAR_SMTPD_REJ_FOOTER
extern char *var_psc_rej_footer;
+#define VAR_PSC_REJ_FTR_MAPS "postscreen_reject_footer"
+#define DEF_PSC_REJ_FTR_MAPS "$" VAR_SMTPD_REJ_FTR_MAPS
+extern char *var_psc_rej_ftr_maps;
+
#define VAR_PSC_EXP_FILTER "postscreen_expansion_filter"
#define DEF_PSC_EXP_FILTER "$" VAR_SMTPD_EXP_FILTER
extern char *var_psc_exp_filter;
#define DEF_SMTPD_REJ_FOOTER ""
extern char *var_smtpd_rej_footer;
+#define VAR_SMTPD_REJ_FTR_MAPS "smtpd_reject_footer_maps"
+#define DEF_SMTPD_REJ_FTR_MAPS ""
+extern char *var_smtpd_rej_ftr_maps;
+
/*
* Per-record time limit support.
*/
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20180708"
+#define MAIL_RELEASE_DATE "20180819"
#define MAIL_VERSION_NUMBER "3.4"
#ifdef SNAPSHOT
/* Available in Postfix version 3.1 and later:
/* .IP "\fBdns_ncache_ttl_fix_enable (no)\fR"
/* Enable a workaround for future libc incompatibility.
+/* .PP
+/* Available in Postfix version 3.4 and later:
+/* .IP "\fBpostscreen_reject_footer_maps ($smtpd_reject_footer_maps)\fR"
+/* Optional lookup table for information that is appended after a 4XX
+/* or 5XX \fBpostscreen\fR(8) server response.
/* TROUBLE SHOOTING CONTROLS
/* .ad
/* .fi
char *var_smtpd_rej_footer;
char *var_psc_rej_footer;
+char *var_psc_rej_ftr_maps;
int var_smtpd_cconn_limit;
int var_psc_cconn_limit;
VAR_TLSPROXY_SERVICE, DEF_TLSPROXY_SERVICE, &var_tlsproxy_service, 1, 0,
VAR_PSC_WLIST_IF, DEF_PSC_WLIST_IF, &var_psc_wlist_if, 0, 0,
VAR_PSC_UPROXY_PROTO, DEF_PSC_UPROXY_PROTO, &var_psc_uproxy_proto, 0, 0,
+ VAR_PSC_REJ_FTR_MAPS, DEF_PSC_REJ_FTR_MAPS, &var_psc_rej_ftr_maps, 0, 0,
0,
};
static const CONFIG_INT_TABLE int_table[] = {
* postscreen_send.c
*/
#define PSC_SEND_REPLY psc_send_reply /* legacy macro */
+extern void pcs_send_pre_jail_init(void);
extern int psc_send_reply(PSC_STATE *, const char *);
extern void psc_send_socket(PSC_STATE *);
/* SYNOPSIS
/* #include <postscreen.h>
/*
+/* void pcs_send_pre_jail_init(void)
+/*
/* int psc_send_reply(state, text)
/* PSC_STATE *state;
/* const char *text;
/* void psc_send_socket(state)
/* PSC_STATE *state;
/* DESCRIPTION
+/* pcs_send_pre_jail_init() performs one-time initialization.
+/*
/* psc_send_reply() sends the specified text to the specified
/* remote SMTP client. In case of an immediate error, it logs
/* a warning (except EPIPE) with the client address and port,
#include <mail_params.h>
#include <smtp_reply_footer.h>
#include <mail_proto.h>
+#include <maps.h>
/* Application-specific. */
#include <postscreen.h>
+static MAPS *psc_rej_ftr_maps;
+
/*
* This program screens all inbound SMTP connections, so it better not waste
* time.
#define PSC_SEND_SOCK_CONNECT_TIMEOUT 1
#define PSC_SEND_SOCK_NOTIFY_TIMEOUT 100
+/* pcs_send_pre_jail_init - initialize */
+
+void pcs_send_pre_jail_init(void)
+{
+ static int init_count = 0;
+
+ if (init_count++ != 0)
+ msg_panic("pcs_send_pre_jail_init: multiple calls");
+
+ /*
+ * SMTP server reject footer.
+ */
+ if (*var_psc_rej_ftr_maps)
+ psc_rej_ftr_maps = maps_create(VAR_SMTPD_REJ_FTR_MAPS,
+ var_psc_rej_ftr_maps,
+ DICT_FLAG_LOCK);
+}
+
+/* psc_get_footer - find that footer */
+
+static const char *psc_get_footer(PSC_STATE *state, const char *text,
+ ssize_t text_len)
+{
+ static VSTRING *footer_buf = 0;
+
+ if (footer_buf == 0)
+ footer_buf = vstring_alloc(100);
+ /* Strip the \r\n for consistency with smtpd. */
+ vstring_strncpy(footer_buf, text, text_len);
+ return (psc_maps_find(psc_rej_ftr_maps, STR(footer_buf), 0));
+}
+
/* psc_send_reply - send reply to remote SMTP client */
int psc_send_reply(PSC_STATE *state, const char *text)
{
ssize_t start;
int ret;
+ const char *footer;
+ ssize_t text_len = strlen(text) - 2;
if (msg_verbose)
msg_info("> [%s]:%s: %.*s", state->smtp_client_addr,
- state->smtp_client_port, (int) strlen(text) - 2, text);
+ state->smtp_client_port, (int) text_len, text);
/*
* Append the new text to earlier text that could not be sent because the
/*
* Append the optional reply footer.
*/
- if (*var_psc_rej_footer && (*text == '4' || *text == '5'))
- smtp_reply_footer(state->send_buf, start, var_psc_rej_footer,
+ if ((*text == '4' || *text == '5')
+ && ((psc_rej_ftr_maps != 0
+ && (footer = psc_get_footer(psc_rej_ftr_maps, text, text_len)) != 0)
+ || *(footer = var_psc_rej_footer) != 0))
+ smtp_reply_footer(state->send_buf, start, footer,
STR(psc_expand_filter), psc_expand_lookup,
(void *) state);
/*
* Initialize the reply footer.
*/
- if (*var_psc_rej_footer)
+ if (*var_psc_rej_footer || *var_psc_rej_ftr_maps)
psc_expand_init();
}
if (*var_psc_cmd_filter)
psc_cmd_filter = dict_open(var_psc_cmd_filter, O_RDONLY,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
+
+ /*
+ * SMTP server reply footer.
+ */
+ if (*var_psc_rej_ftr_maps)
+ pcs_send_pre_jail_init();
}
smtpd_chat.o: ../../include/mail_params.h
smtpd_chat.o: ../../include/mail_proto.h
smtpd_chat.o: ../../include/mail_stream.h
+smtpd_chat.o: ../../include/maps.h
smtpd_chat.o: ../../include/milter.h
smtpd_chat.o: ../../include/msg.h
smtpd_chat.o: ../../include/myaddrinfo.h
/* Available in Postfix 3.3 and later:
/* .IP "\fBservice_name (read-only)\fR"
/* The master.cf service name of a Postfix daemon process.
+/* .PP
+/* Available in Postfix 3.4 and later:
+/* .IP "\fBsmtpd_reject_footer_maps (empty)\fR"
+/* Lookup tables, indexed by the complete Postfix SMTP server 4xx or
+/* 5xx response, with reject footer templates.
/* SEE ALSO
/* anvil(8), connection/rate limiting
/* cleanup(8), message canonicalization
bool var_smtpd_tls_auth_only;
char *var_smtpd_cmd_filter;
char *var_smtpd_rej_footer;
+char *var_smtpd_rej_ftr_maps;
char *var_smtpd_acl_perm_log;
char *var_smtpd_dns_re_filter;
if (*var_smtpd_dns_re_filter)
dns_rr_filter_compile(VAR_SMTPD_DNS_RE_FILTER,
var_smtpd_dns_re_filter);
+
+ /*
+ * Reject footer.
+ */
+ if (*var_smtpd_rej_ftr_maps)
+ smtpd_chat_pre_jail_init();
}
/* post_jail_init - post-jail initialization */
VAR_SMTPD_POLICY_DEF_ACTION, DEF_SMTPD_POLICY_DEF_ACTION, &var_smtpd_policy_def_action, 1, 0,
VAR_SMTPD_POLICY_CONTEXT, DEF_SMTPD_POLICY_CONTEXT, &var_smtpd_policy_context, 0, 0,
VAR_SMTPD_DNS_RE_FILTER, DEF_SMTPD_DNS_RE_FILTER, &var_smtpd_dns_re_filter, 0, 0,
+ VAR_SMTPD_REJ_FTR_MAPS, DEF_SMTPD_REJ_FTR_MAPS, &var_smtpd_rej_ftr_maps, 0, 0,
0,
};
static const CONFIG_RAW_TABLE raw_table[] = {
/* #include <smtpd.h>
/* #include <smtpd_chat.h>
/*
+/* void smtpd_chat_pre_jail_init(void)
+/*
/* void smtpd_chat_query(state)
/* SMTPD_STATE *state;
/*
/* This module implements SMTP server support for request/reply
/* conversations, and maintains a limited SMTP transaction log.
/*
+/* smtpd_chat_pre_jail_init() performs one-time initialization.
+/*
/* smtpd_chat_query() receives a client request and appends a copy
/* to the SMTP transaction log.
/*
#include <mail_proto.h>
#include <mail_params.h>
#include <mail_addr.h>
+#include <maps.h>
#include <post_mail.h>
#include <mail_error.h>
#include <smtp_reply_footer.h>
#include "smtpd_expand.h"
#include "smtpd_chat.h"
+ /*
+ * Reject footer.
+ */
+static MAPS *smtpd_rej_ftr_maps;
+
#define STR vstring_str
#define LEN VSTRING_LEN
+/* smtpd_chat_pre_jail_init - initialize */
+
+void smtpd_chat_pre_jail_init(void)
+{
+ static int init_count = 0;
+
+ if (init_count++ != 0)
+ msg_panic("smtpd_chat_pre_jail_init: multiple calls");
+
+ /*
+ * SMTP server reject footer.
+ */
+ if (*var_smtpd_rej_ftr_maps)
+ smtpd_rej_ftr_maps = maps_create(VAR_SMTPD_REJ_FTR_MAPS,
+ var_smtpd_rej_ftr_maps,
+ DICT_FLAG_LOCK);
+}
+
/* smtp_chat_reset - reset SMTP transaction log */
void smtpd_chat_reset(SMTPD_STATE *state)
char *cp;
char *next;
char *end;
+ const char *footer;
/*
* Slow down clients that make errors. Sleep-on-anything slows down
vstring_vsprintf(state->buffer, format, ap);
va_end(ap);
- if (*var_smtpd_rej_footer
- && (*(cp = STR(state->buffer)) == '4' || *cp == '5'))
- smtp_reply_footer(state->buffer, 0, var_smtpd_rej_footer,
- STR(smtpd_expand_filter), smtpd_expand_lookup,
- (void *) state);
+ if ((*(cp = STR(state->buffer)) == '4' || *cp == '5')
+ && ((smtpd_rej_ftr_maps != 0
+ && (footer = maps_find(smtpd_rej_ftr_maps, cp, 0)) != 0)
+ || *(footer = var_smtpd_rej_footer) != 0))
+ smtp_reply_footer(state->buffer, 0, footer, STR(smtpd_expand_filter),
+ smtpd_expand_lookup, (void *) state);
/* All 5xx replies must have a 5.xx.xx detail code. */
for (cp = STR(state->buffer), end = cp + strlen(STR(state->buffer));;) {
/*
* External interface.
*/
+extern void smtpd_chat_pre_jail_init(void);
extern void smtpd_chat_reset(SMTPD_STATE *);
extern void smtpd_chat_query(SMTPD_STATE *);
extern void PRINTFLIKE(2, 3) smtpd_chat_reply(SMTPD_STATE *, const char *,...);
projects / thirdparty / postfix.git / commitdiff
