diff --git a/gnu/dist/postfix/FILTER_README b/gnu/dist/postfix/FILTER_README index adb7d28fdcda..7190790fdba4 100644 --- a/gnu/dist/postfix/FILTER_README +++ b/gnu/dist/postfix/FILTER_README @@ -128,9 +128,9 @@ for transit mail that arrives and leaves via SMTP, provided that you create no temporary files. Each temporary file adds another factor to the performance loss. -We will set up a content filtering program listening on localhost -port 10025 that receives mail via the SMTP protocol, and that -submits mail back into Postfix via localhost port 10026. +We will set up a content filtering program that receives SMTP mail +via localhost port 10025, and that submits SMTP mail back into +Postfix via localhost port 10026. .................................. : Postfix : @@ -162,7 +162,7 @@ transport table. The content filtering records are added by the smtpd and pickup servers. When a queue file has content filtering information, the queue -manager will deliver the mail to the specified content filtering +manager will deliver the mail to the specified content filter regardless of its final destination. The content filter can be set up with the Postfix spawn service, @@ -183,6 +183,9 @@ you want to have your filter listening on port localhost:10025 instead of Postfix, then you must run your filter as a stand-alone program. +Note: the localhost port 10025 SMTP server filter should announce +itself as "220 localhost...", to silence warnings in the log. + The /some/where/filter command is most likely a PERL script. PERL has modules that make talking SMTP easy. The command-line specifies that mail should be sent back into Postfix via localhost port 10026. diff --git a/gnu/dist/postfix/HISTORY b/gnu/dist/postfix/HISTORY index 4a6572894117..cae862b27465 100644 --- a/gnu/dist/postfix/HISTORY +++ b/gnu/dist/postfix/HISTORY @@ -4919,3 +4919,53 @@ Apologies for any names omitted. Code cleanup: some queue/transport operations need to be moved, after the code cleanup of the recipient/concurrency limit handling. Patrik Rak. Files: *qmgr/qmgr_message.c. + +20010313 + + Bugfix: the RFC 822 untokenizer quoted newlines inside + comments. File: global/tok822_parse.c. + +20010316 + + Cleanup: removed an extraneous warning when a queue file + write error happened. + +20010321 + + Workaround: LMTP connection caching never worked for + destinations starting with unix: or inet:. File: + lmtp/lmtp_connect.c. + +20010322 + + Portability: Solaris <2.6 does not have srandom() and + random() in libc. File: util/rand_sleep.c. It does not have + to be cryptographically strong. + + Bugfix: the fast ETRN flush server could not handle [ipaddr] + or domain names with one-character hostname part. This + fix changes the destination to logfile name mapping, so + that you need to populate the new files with "sendmail -q". + The old files go away automatically. File: flush/flush.c. + +20010327 + + Speed up mailq (sendmail -bp) display by flushing output + after each file. File: showq/showq.c. + + Portability: missing string.h includes, %p wants (void *), + Lamont Jones, HP. + +20010328 + + Bugfix: swapped logic caused cleanup to stall when the + queue file size exceeded the file size limit by less than + one the VSTREAM buffer size, so that the "file too big" + was detected after flushing the last queue file record. + File: cleanup/cleanup.c. + +20010329 + + Portability: workaround for missing prototype problem in + dict_ldap.c. This module should move to the global directory, + because it depends on Postfix main.cf parameter information. diff --git a/gnu/dist/postfix/INSTALL b/gnu/dist/postfix/INSTALL index 20d58268c25c..427a4528ce8c 100644 --- a/gnu/dist/postfix/INSTALL +++ b/gnu/dist/postfix/INSTALL @@ -249,6 +249,11 @@ or, if you feel nostalgic, use the Postfix sendmail command: and watch your syslog file for any error messages. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + +Typical logfile names are: /var/log/maillog or /var/log/syslog. +See /etc/syslog.conf for actual logfile names. + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. @@ -290,6 +295,11 @@ or, if you feel nostalgic, use the Postfix sendmail program: and watch your syslog file for any error messages. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + +Typical logfile names are: /var/log/maillog or /var/log/syslog. +See /etc/syslog.conf for actual logfile names. + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. @@ -323,6 +333,11 @@ But the good old sendmail way works just as well: and watch the syslog file for any complaints from the mail system. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + +Typical logfile names are: /var/log/maillog or /var/log/syslog. +See /etc/syslog.conf for actual logfile names. + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. @@ -509,5 +524,11 @@ idea to run every night before the syslog files are rotated: # postfix check # egrep '(reject|warning|error|fatal|panic):' /some/log/file +Typical logfile names are: /var/log/maillog or /var/log/syslog. +See /etc/syslog.conf for actual logfile names. + +The first line (postfix check) causes Postfix to report file +permission/ownership discrepancies. + The second line looks for problem reports from the mail software, and reports how effective the anti-relay and anti-UCE blocks are. diff --git a/gnu/dist/postfix/MYSQL_README b/gnu/dist/postfix/MYSQL_README index e5c0c27f8a42..faecf80a2631 100644 --- a/gnu/dist/postfix/MYSQL_README +++ b/gnu/dist/postfix/MYSQL_README @@ -3,7 +3,8 @@ We've written code to add a mysql map type. It utilizes the mysql client library, which can be obtained from: - http://www.tcx.se/download.html + http://www.mysql.com/downloads/ + http://sourceforge.net/projects/mysql/ In order to build postfix with mysql map support, you will need to add -DHAS_MYSQL and -I for the directory containing the mysql headers, and diff --git a/gnu/dist/postfix/RELEASE_NOTES b/gnu/dist/postfix/RELEASE_NOTES index 9fcf519b35b8..12117471b378 100644 --- a/gnu/dist/postfix/RELEASE_NOTES +++ b/gnu/dist/postfix/RELEASE_NOTES @@ -1,17 +1,23 @@ -This is the first official Postfix release that is not called BETA. -May it help the people who cannot get BETA software past their -management. - -Release 20010228 differs from snapshot 20010228 in that the virtual -delivery agent and nqmgr queue manager are left out. That software -will become part of the official release when it has not changed -in a while. +Release 20010228 is the first official Postfix release that is not +called BETA. May it help the people who cannot get BETA software +past their management. In the text below, incompatible changes are labeled with the Postfix version that introduced the change. If you upgrade from a later Postfix version, then you do not have to worry about that particular incompatibility. +Major incompatible changes with release-20010228 Patch 01 +========================================================= + +This release changes the names of the "fast ETRN" logfiles with +delayed mail per destination. These files are maintained by the +Postfix "fast flush" daemon. The old scheme failed with addresses +of the form user@[ip.address] and user@a.domain.name. In order to +populate the new "fast ETRN" logfiles, execute the command "sendmail +-q". The old "fast ETRN" logfiles go away by themselves (default: +after 7 days). + Major incompatible changes with release-20010228 ================================================ diff --git a/gnu/dist/postfix/SASL_README b/gnu/dist/postfix/SASL_README index 6567ab4e0cef..801d4f9afa5e 100644 --- a/gnu/dist/postfix/SASL_README +++ b/gnu/dist/postfix/SASL_README @@ -111,7 +111,16 @@ In order to allow mail relaying by authenticated clients: permit_mynetworks permit_sasl_authenticated ... In /usr/local/lib/sasl/smtpd.conf you need to specify how the server -should validate client passwords. For example: +should validate client passwords. + +In order to authenticate against the UNIX password database, try: + + /usr/local/lib/sasl/smtpd.conf: + pwcheck_method: pwcheck + +The pwcheck daemon is contained in the cyrus-sasl source tarball. + +In order to authenticate against SASL's own password database: /usr/local/lib/sasl/smtpd.conf: pwcheck_method: sasldb @@ -129,20 +138,11 @@ IMPORTANT: To get sasldb running, make sure that you set the SASL domain EXAMPLE: saslpasswd -c -u `postconf -h myhostname` exampleuser -Instead of the SASL-specific password file you can configure the -Postfix SMTP server to validate client passwords against the UNIX -shadow password file: +To run software chrooted with SASL support is an interesting +exercise. It probably is not worth the trouble. - /usr/local/lib/sasl/smtpd.conf: - pwcheck_method: shadow - -However this requires that Postfix has read access to the UNIX shadow -password file, which is normally readable only by root. Shadow -password support has been found to work for Solaris 2.7 and RedHat -6.1 but not with FreeBSD 3.4. - -To run software chrooted with SASL support is an interesting exercise. -This is one of the many problems with the present SASL support. +Testing SASL authentication in the Postfix SMTP server +====================================================== To test the whole mess, connect to the SMTP server, and you should be able to have a conversation like this: diff --git a/gnu/dist/postfix/conf/access b/gnu/dist/postfix/conf/access index 78f93f18859e..59a855eb32b6 100644 --- a/gnu/dist/postfix/conf/access +++ b/gnu/dist/postfix/conf/access @@ -76,7 +76,7 @@ # octets separated by ".". # # ACTIONS -# [45]XX text +# [45]NN text # Reject the address etc. that matches the pattern, # and respond with the numerical code and text. # @@ -86,7 +86,7 @@ # OK Accept the address etc. that matches the pattern. # # restriction... -# Apply the named UCE restriction (permit, reject, +# Apply the named UCE restriction(s) (permit, reject, # reject_unauth_destination, and so on). # # REGULAR EXPRESSION TABLES diff --git a/gnu/dist/postfix/conf/main.cf b/gnu/dist/postfix/conf/main.cf index ee1c90c708ab..fb75a55a289f 100644 --- a/gnu/dist/postfix/conf/main.cf +++ b/gnu/dist/postfix/conf/main.cf @@ -226,14 +226,12 @@ mail_owner = postfix # $inet_interfaces. If this parameter is defined, then the SMTP server # will reject mail for unknown local users. # -# The local_recipient_maps parameter accepts tables with bare usernames -# such as unix:passwd.byname and alias maps. +# If you use the default Postfix local delivery agent for local +# delivery, uncomment the definition below. # # Beware: if the Postfix SMTP server runs chrooted, you may have to -# copy the passwd database into the jail. This is system dependent. -# -# FOR THIS TO WORK, DO NOT SPECIFY VIRTUAL DOMAINS IN MYDESTINATION. -# MYDESTINATION MUST LIST NON-VIRTUAL DOMAINS ONLY. +# copy the passwd (not shadow) database into the jail. This is +# system dependent. # #local_recipient_maps = $alias_maps unix:passwd.byname diff --git a/gnu/dist/postfix/conf/sample-compatibility.cf b/gnu/dist/postfix/conf/sample-compatibility.cf index 329ee4cf3221..868ee5df0f9c 100644 --- a/gnu/dist/postfix/conf/sample-compatibility.cf +++ b/gnu/dist/postfix/conf/sample-compatibility.cf @@ -4,6 +4,16 @@ # This file contains example settings of Postfix configuration # parameters that control compatibility with broken software. +# The broken_sasl_auth_clients controls inter-operability with SMTP +# clients that do not recognize that Postfix supports RFC 2554 (AUTH +# command). Examples of such clients are MicroSoft Outlook Express +# version 4 and MicroSoft Exchange version 5.0. +# +# Specify broken_sasl_auth_clients=yes to have Postfix advertise +# AUTH support in a non-standard way. +# +broken_sasl_auth_clients = no + # The ignore_mx_lookup_error parameter controls what happens when a # name server fails to respond to an MX lookup request. By default, # Postfix defers delivery and tries again after some delay. Specify diff --git a/gnu/dist/postfix/examples/chroot-setup/HPUX10 b/gnu/dist/postfix/examples/chroot-setup/HPUX10 index ca54c658ba3f..c8869446b886 100644 --- a/gnu/dist/postfix/examples/chroot-setup/HPUX10 +++ b/gnu/dist/postfix/examples/chroot-setup/HPUX10 @@ -19,3 +19,5 @@ cd ${POSTFIX_DIR} mkdir etc cp /etc/services etc +mkdir -p usr/lib +cp /usr/lib/tztab usr/lib diff --git a/gnu/dist/postfix/examples/chroot-setup/LINUX2 b/gnu/dist/postfix/examples/chroot-setup/LINUX2 index f65f12d90100..cd63d099bbc0 100644 --- a/gnu/dist/postfix/examples/chroot-setup/LINUX2 +++ b/gnu/dist/postfix/examples/chroot-setup/LINUX2 @@ -39,7 +39,10 @@ # remove /etc/localtime in case it's a broken symlink # restrict find to maxdepth 1 (faster) -# Log: LINUX2,v +# $Log: LINUX2,v $ +# Revision 1.1.1.3 2001/04/02 10:55:36 itojun +# postfix 20010228-pl01 +# # Revision 1.4 2001/01/15 09:36:35 emma # add note it was successfully tested on Debian sid # diff --git a/gnu/dist/postfix/html/access.5.html b/gnu/dist/postfix/html/access.5.html index 0818d204c6f0..89db2dcb3a77 100644 --- a/gnu/dist/postfix/html/access.5.html +++ b/gnu/dist/postfix/html/access.5.html @@ -87,7 +87,7 @@ ACCESS(5) ACCESS(5) octets separated by ".". ACTIONS - [45]XX text + [45]NN text Reject the address etc. that matches the pattern, and respond with the numerical code and text. @@ -97,7 +97,7 @@ ACCESS(5) ACCESS(5) OK Accept the address etc. that matches the pattern. restriction... - Apply the named UCE restriction (permit, reject, + Apply the named UCE restriction(s) (permit, reject, reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES diff --git a/gnu/dist/postfix/html/faq.html b/gnu/dist/postfix/html/faq.html index d48c5be2f10e..d65089113674 100644 --- a/gnu/dist/postfix/html/faq.html +++ b/gnu/dist/postfix/html/faq.html @@ -24,6 +24,8 @@
  • POP or IMAP problems +
  • Problems with specific Operating Systems +
  • Postfix warnings and error messages
  • Example configurations @@ -74,8 +76,18 @@
  • What does "fatal: open database /etc/aliases.db" mean? +
  • What does "fatal: unknown service: smtp/tcp" mean? +
  • sendmail has set-uid root file permissions, or is run from a set-uid root process +
  • sendmail: unable to find out your login name + + +
  • Mail for unknown users in +virtual domains fails with "mail loops back to myself" + +
  • Postfix refuses mail for virtual +domains with "relay access denied"

    @@ -186,6 +198,8 @@ domains with "relay access denied"

  • Postfix does not try all the MX addresses +
  • What does "fatal: unknown service: smtp/tcp" mean? +

    Local (non-virtual) delivery

    @@ -311,6 +325,36 @@ mailbox
    +

    + +

    Problems with specific Operating Systems

    + +

    + +

    + +

    Problems with Compaq

    + +
    + +

    Problems with IRIX

    + +
    +

    POP or IMAP problems

    @@ -970,6 +1014,30 @@ PERMISSION_SECURITY="secure local"
    +

    sendmail: unable to find out your login name

    + +This message is logged when submitting mail from a process with a +userid that does not exist in the UNIX password file. Postfix uses +this information in order to set the envelope sender address. + +

    + +The envelope sender address is also the default value for the From: +header address, when none is specified in the message. + +

    + +To fix, specify the envelope sender address on the sendmail command +line: + +

    +
    +sendmail -f user@domain ...
    +
    +
    + +
    +

    Running hundreds of Postfix processes on FreeBSD

    With hundreds of Postfix processes, the kernel will eventually @@ -1112,32 +1180,41 @@ depending on the interface that it is supposed to handle.

    Postfix responds slowly to incoming SMTP connections

    -
    +Question: -
    Question: +
    -
    My Postfix server is too slow. When I telnet to the SMTP port +My Postfix server is too slow. When I telnet to the SMTP port (telnet hostname 25), the response comes after 40 seconds. On the other hand, when I telnet to the the POP port (telnet hostname 110) the response comes with no delay. -

    - -

    Answer: - -
    - -This is a DNS configuration problem. Postfix tries to resolve the -SMTP client IP address to a hostname. Apparently, your POP server -does not look up POP clients. +

    -The fix is to properly configure the naming service. If you can't -have every host in the DNS, then configure the mail server to look -in /etc/hosts before the DNS, and specify the clients in /etc/hosts. +Answer: -

    +
    + +You have a name service problem. + +

    + +Postfix calls the C library routines gethostbyname() and +gethostbyaddr() in order to find out the SMTP client hostname. +These library routines use several system configuration files in +order to satisfy the request. They may in fact end up calling the +DNS for reasons that are not under control by Postfix. + +

    + +Depending on your system, these controlling files can be named +/etc/nsswitch.conf, /etc/svcorder, /etc/host.conf +or otherwise. Those files specify whether the C library routines +will use local /etc/hosts before or after DNS. + +


    @@ -1733,6 +1810,35 @@ use the command postconf mail_version. Execute the command postfix reload to make the change effective immediately. +

    What does "fatal: unknown service: smtp/tcp" +mean?

    + +The Postfix /etc/postfix/master.cf file specifies that the +Postfix SMTP client runs inside a chroot environment. However, +the files necessary for that mode of operation are not installed +below /var/spool/postfix. + +

    + +Enabling chroot operation adds a non-trivial barrier for +system penetrators. + +

    + +Two solutions: + +


    Root's mail is delivered to nobody

    @@ -2300,6 +2406,11 @@ virtual domain.

    +Sendmail-style virtual domains are not supported in Postfix versions +released before 20001118. + +

    + Be sure to follow instructions in the virtual manual page. @@ -2909,6 +3020,36 @@ href="http://www.isc.org/"> http://www.isc.org/.


    +

    Compaq mail blackhole problem

    + +On some Compaq Tru64 UNIX configurations, Postfix will receive mail +and then nothing happens. The mail does not even show up with the +mailq command. + +

    + +Postfix sets the execute bit on a queue file to indicate that it +is done receiving a message. As long as a queue file does not have +the execute bit set, Postfix will ignore it as "mail still being +received". + +

    + +With enhanced security enabled, Compaq Tru64 UNIX has a feature +that disallows non-superuser attempts to set the execute bit on a +queuefile. Unfortunately, Postfix is never informed that such +attempts fail, and mail seems to disappear into a black hole. + +

    + +Postfix could be modified to use some other bit than the execute +bit, but that might equally well fail on other systems. Another +possibility is to allow non-superusers to set the execute bit on +files, and to mount the Postfix queue file system with the +noexec option or equivalent. + +


    +
    Up one level | Postfix FAQ diff --git a/gnu/dist/postfix/html/pipe.8.html b/gnu/dist/postfix/html/pipe.8.html index 207286715c55..4c79983a0374 100644 --- a/gnu/dist/postfix/html/pipe.8.html +++ b/gnu/dist/postfix/html/pipe.8.html @@ -13,11 +13,9 @@ PIPE(8) PIPE(8) DESCRIPTION The pipe daemon processes requests from the Postfix queue - manager to deliver messages to external commands. Each - delivery request specifies a queue file, a sender address, - a domain or host to deliver to, and one or more recipi- - ents. This program expects to be run from the master(8) - process manager. + manager to deliver messages to external commands. This + program expects to be run from the master(8) process man- + ager. The pipe daemon updates queue files and marks recipients as finished, or it informs the queue manager that delivery @@ -25,40 +23,42 @@ PIPE(8) PIPE(8) reports are sent to the bounce(8) or defer(8) daemon as appropriate. +SINGLE-RECIPIENT DELIVERY + Some external commands cannot handle more than one recipi- + ent per delivery request. Examples of such transports are + pagers, fax machines, and so on. + + To prevent Postfix from sending multiple recipients per + delivery request, specify + + transport_destination_recipient_limit = 1 + + in the Postfix main.cf file, where transport is the name + in the first column of the Postfix master.cf entry for the + pipe-based delivery transport. + COMMAND ATTRIBUTE SYNTAX The external command attributes are given in the master.cf file at the end of a service definition. The syntax is as follows: flags=BFR.> (optional) - Optional message processing flags. By default, a + Optional message processing flags. By default, a message is copied unchanged. - B Append a blank line at the end of each mes- - sage. This is required by some mail user - agents that recognize "From " lines only + B Append a blank line at the end of each mes- + sage. This is required by some mail user + agents that recognize "From " lines only when preceded by a blank line. - F Prepend a "From sender time_stamp" envelope - header to the message content. This is + F Prepend a "From sender time_stamp" envelope + header to the message content. This is expected by, for example, UUCP software. - R Prepend a Return-Path: message header with + R Prepend a Return-Path: message header with the envelope sender address. - . Prepend . to lines starting with ".". This - is needed by, for example, BSMTP software. - - > Prepend > to lines starting with "From ". - This is expected by, for example, UUCP soft- - ware. - - user=username (required) - - user=username:groupname - The external command is executed with the rights of - the specified username. The software refuses to - execute commands with root privileges, or with the + . Prepend . to lines starting with ".". This @@ -71,14 +71,26 @@ PIPE(8) PIPE(8) PIPE(8) PIPE(8) - privileges of the mail system owner. If groupname - is specified, the corresponding group ID is used + is needed by, for example, BSMTP software. + + > Prepend > to lines starting with "From ". + This is expected by, for example, UUCP soft- + ware. + + user=username (required) + + user=username:groupname + The external command is executed with the rights of + the specified username. The software refuses to + execute commands with root privileges, or with the + privileges of the mail system owner. If groupname + is specified, the corresponding group ID is used instead of the group ID of username. eol=string (default: \n) - The output record delimiter. Typically one would - use either \r\n or \n. The usual C-style backslash - escape sequences are recognized: \a \b \f \n \r \t + The output record delimiter. Typically one would + use either \r\n or \n. The usual C-style backslash + escape sequences are recognized: \a \b \f \n \r \t \v \octal and \\. size=size_limit (optional) @@ -86,45 +98,33 @@ PIPE(8) PIPE(8) will be bounced back to the sender. argv=command... (required) - The command to be executed. This must be specified + The command to be executed. This must be specified as the last command attribute. The command is exe- cuted directly, i.e. without interpretation of - shell meta characters by a shell command inter- + shell meta characters by a shell command inter- preter. In the command argument vector, the following macros are recognized and replaced with correspond- - ing information from the Postfix queue manager + ing information from the Postfix queue manager delivery request: ${extension} - This macro expands to the extension part of - a recipient address. For example, with an + This macro expands to the extension part of + a recipient address. For example, with an address user+foo@domain the extension is - foo. A command-line argument that contains - ${extension} expands into as many command- + foo. + + A command-line argument that contains + ${extension} expands into as many command- line arguments as there are recipients. ${mailbox} - This macro expands to the complete local - part of a recipient address. For example, - with an address user+foo@domain the mailbox - is user+foo. A command-line argument that - contains ${mailbox} expands into as many - command-line arguments as there are recipi- - ents. + This macro expands to the complete local + part of a recipient address. For example, + with an address user+foo@domain the mailbox + is user+foo. - ${nexthop} - This macro expands to the next-hop hostname. - - ${recipient} - This macro expands to the complete recipient - address. A command-line argument that con- - tains ${recipient} expands into as many com- - mand-line arguments as there are recipients. - - ${sender} - This macro expands to the envelope sender @@ -137,60 +137,60 @@ PIPE(8) PIPE(8) PIPE(8) PIPE(8) + A command-line argument that contains + ${mailbox} expands into as many command-line + arguments as there are recipients. + + ${nexthop} + This macro expands to the next-hop hostname. + + ${recipient} + This macro expands to the complete recipient + address. + + A command-line argument that contains + ${recipient} expands into as many command- + line arguments as there are recipients. + + ${sender} + This macro expands to the envelope sender address. ${size} - This macro expands to Postfix's idea of the - message size, which is an approximation of + This macro expands to Postfix's idea of the + message size, which is an approximation of the size of the message as delivered. ${user} This macro expands to the username part of a - recipient address. For example, with an + recipient address. For example, with an address user+foo@domain the username part is - user. A command-line argument that contains - ${user} expands into as many command-line + user. + + A command-line argument that contains + ${user} expands into as many command-line arguments as there are recipients. - In addition to the form ${name}, the forms $name and - $(name) are also recognized. Specify $$ where a single $ + In addition to the form ${name}, the forms $name and + $(name) are also recognized. Specify $$ where a single $ is wanted. DIAGNOSTICS - Command exit status codes are expected to follow the con- + Command exit status codes are expected to follow the con- ventions defined in <sysexits.h>. - Problems and transactions are logged to syslogd(8). Cor- - rupted message files are marked so that the queue manager + Problems and transactions are logged to syslogd(8). Cor- + rupted message files are marked so that the queue manager can move them to the corrupt queue for further inspection. SECURITY - This program needs a dual personality 1) to access the - private Postfix queue and IPC mechanisms, and 2) to exe- + This program needs a dual personality 1) to access the + private Postfix queue and IPC mechanisms, and 2) to exe- cute external commands as the specified user. It is there- fore security sensitive. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload - command after a configuration change. - -Miscellaneous - export_environment - List of names of environment parameters that can be - exported to non-Postfix processes. - - mail_owner - The process privileges used while not running an - external command. - -Resource controls - In the text below, transport is the first field in a mas- - ter.cf entry. - - transport_destination_concurrency_limit - Limit the number of parallel deliveries to the same + The following main.cf parameters are especially relevant @@ -203,23 +203,42 @@ PIPE(8) PIPE(8) PIPE(8) PIPE(8) - destination, for delivery via the named transport. - The default limit is taken from the default_desti- - nation_concurrency_limit parameter. The limit is + to this program. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload + command after a configuration change. + +Miscellaneous + export_environment + List of names of environment parameters that can be + exported to non-Postfix processes. + + mail_owner + The process privileges used while not running an + external command. + +Resource controls + In the text below, transport is the first field in a mas- + ter.cf entry. + + transport_destination_concurrency_limit + Limit the number of parallel deliveries to the same + destination, for delivery via the named transport. + The default limit is taken from the default_desti- + nation_concurrency_limit parameter. The limit is enforced by the Postfix queue manager. transport_destination_recipient_limit - Limit the number of recipients per message deliv- - ery, for delivery via the named transport. The - default limit is taken from the default_destina- - tion_recipient_limit parameter. The limit is + Limit the number of recipients per message deliv- + ery, for delivery via the named transport. The + default limit is taken from the default_destina- + tion_recipient_limit parameter. The limit is enforced by the Postfix queue manager. transport_time_limit - Limit the time for delivery to external command, - for delivery via the named transport. The default - limit is taken from the command_time_limit parame- - ter. The limit is enforced by the Postfix queue + Limit the time for delivery to external command, + for delivery via the named transport. The default + limit is taken from the command_time_limit parame- + ter. The limit is enforced by the Postfix queue manager. SEE ALSO @@ -229,7 +248,7 @@ PIPE(8) PIPE(8) syslogd(8) system logging LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -239,25 +258,6 @@ PIPE(8) PIPE(8) Yorktown Heights, NY 10598, USA - - - - - - - - - - - - - - - - - - - 4 diff --git a/gnu/dist/postfix/html/uce.html b/gnu/dist/postfix/html/uce.html index 6333a381cfa9..b756a43be30a 100644 --- a/gnu/dist/postfix/html/uce.html +++ b/gnu/dist/postfix/html/uce.html @@ -109,8 +109,8 @@ is allowed in message headers.
    Syntax:
    Specify a list of zero or more lookup tables. Whenever a header -matches a table, a REJECT result means reject the message, and a -SKIP result means delete the header from the message. +matches a table, a REJECT result means reject the message, and an +IGNORE result means delete the header from the message.

    diff --git a/gnu/dist/postfix/man/man5/access.5 b/gnu/dist/postfix/man/man5/access.5 index 851a1390fac4..6488c0b7911e 100644 --- a/gnu/dist/postfix/man/man5/access.5 +++ b/gnu/dist/postfix/man/man5/access.5 @@ -69,7 +69,7 @@ address is a sequence of one or more octets separated by ".". .nf .ad .fi -.IP "[\fB45\fR]\fIXX text\fR" +.IP "[\fB45\fR]\fINN text\fR" Reject the address etc. that matches the pattern, and respond with the numerical code and text. .IP \fBREJECT\fR @@ -78,7 +78,7 @@ error response message is generated. .IP \fBOK\fR Accept the address etc. that matches the pattern. .IP \fIrestriction...\fR -Apply the named UCE restriction (\fBpermit\fR, \fRreject\fR, +Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR, \fBreject_unauth_destination\fR, and so on). .SH REGULAR EXPRESSION TABLES .na diff --git a/gnu/dist/postfix/man/man8/pipe.8 b/gnu/dist/postfix/man/man8/pipe.8 index 7fb5787bac94..0ab6673ef49a 100644 --- a/gnu/dist/postfix/man/man8/pipe.8 +++ b/gnu/dist/postfix/man/man8/pipe.8 @@ -13,9 +13,7 @@ Postfix delivery to external command .ad .fi The \fBpipe\fR daemon processes requests from the Postfix queue -manager to deliver messages to external commands. Each delivery -request specifies a queue file, a sender address, a domain or host -to deliver to, and one or more recipients. +manager to deliver messages to external commands. This program expects to be run from the \fBmaster\fR(8) process manager. @@ -23,6 +21,24 @@ The \fBpipe\fR daemon updates queue files and marks recipients as finished, or it informs the queue manager that delivery should be tried again at a later time. Delivery problem reports are sent to the \fBbounce\fR(8) or \fBdefer\fR(8) daemon as appropriate. +.SH SINGLE-RECIPIENT DELIVERY +.na +.nf +.ad +.fi +Some external commands cannot handle more than one recipient +per delivery request. Examples of such transports are pagers, +fax machines, and so on. + +To prevent Postfix from sending multiple recipients per delivery +request, specify + +.ti +4 +\fItransport\fB_destination_recipient_limit = 1\fR + +in the Postfix \fBmain.cf\fR file, where \fItransport\fR +is the name in the first column of the Postfix \fBmaster.cf\fR +entry for the pipe-based delivery transport. .SH COMMAND ATTRIBUTE SYNTAX .na .nf @@ -82,18 +98,21 @@ manager delivery request: This macro expands to the extension part of a recipient address. For example, with an address \fIuser+foo@domain\fR the extension is \fIfoo\fR. +.sp A command-line argument that contains \fB${\fBextension\fR}\fR expands into as many command-line arguments as there are recipients. .IP \fB${\fBmailbox\fR}\fR This macro expands to the complete local part of a recipient address. For example, with an address \fIuser+foo@domain\fR the mailbox is \fIuser+foo\fR. +.sp A command-line argument that contains \fB${\fBmailbox\fR}\fR expands into as many command-line arguments as there are recipients. .IP \fB${\fBnexthop\fR}\fR This macro expands to the next-hop hostname. .IP \fB${\fBrecipient\fR}\fR This macro expands to the complete recipient address. +.sp A command-line argument that contains \fB${\fBrecipient\fR}\fR expands into as many command-line arguments as there are recipients. .IP \fB${\fBsender\fR}\fR @@ -105,6 +124,7 @@ is an approximation of the size of the message as delivered. This macro expands to the username part of a recipient address. For example, with an address \fIuser+foo@domain\fR the username part is \fIuser\fR. +.sp A command-line argument that contains \fB${\fBuser\fR}\fR expands into as many command-line arguments as there are recipients. .RE diff --git a/gnu/dist/postfix/proto/access b/gnu/dist/postfix/proto/access index 23b4fd96015f..a319352cd567 100644 --- a/gnu/dist/postfix/proto/access +++ b/gnu/dist/postfix/proto/access @@ -57,7 +57,7 @@ # ACTIONS # .ad # .fi -# .IP "[\fB45\fR]\fIXX text\fR" +# .IP "[\fB45\fR]\fINN text\fR" # Reject the address etc. that matches the pattern, and respond with # the numerical code and text. # .IP \fBREJECT\fR @@ -66,7 +66,7 @@ # .IP \fBOK\fR # Accept the address etc. that matches the pattern. # .IP \fIrestriction...\fR -# Apply the named UCE restriction (\fBpermit\fR, \fRreject\fR, +# Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR, # \fBreject_unauth_destination\fR, and so on). # REGULAR EXPRESSION TABLES # .ad diff --git a/gnu/dist/postfix/src/cleanup/cleanup.c b/gnu/dist/postfix/src/cleanup/cleanup.c index 4777063ced48..70476aa2ec28 100644 --- a/gnu/dist/postfix/src/cleanup/cleanup.c +++ b/gnu/dist/postfix/src/cleanup/cleanup.c @@ -215,8 +215,8 @@ static void cleanup_service(VSTREAM *src, char *unused_service, char **argv) if (CLEANUP_OUT_OK(state) == 0 && type > 0) { if ((state->errs & CLEANUP_STAT_CONT) == 0) msg_warn("%s: skipping further client input", state->queue_id); - while ((type = rec_get(src, buf, 0)) > 0 - && type != REC_TYPE_END) + while (type != REC_TYPE_END + && (type = rec_get(src, buf, 0)) > 0) /* void */ ; } diff --git a/gnu/dist/postfix/src/cleanup/cleanup_extracted.c b/gnu/dist/postfix/src/cleanup/cleanup_extracted.c index 1a4982fa1db2..243404be1c4d 100644 --- a/gnu/dist/postfix/src/cleanup/cleanup_extracted.c +++ b/gnu/dist/postfix/src/cleanup/cleanup_extracted.c @@ -182,7 +182,6 @@ static void cleanup_extracted_process(CLEANUP_STATE *state, int type, char *buf, * straightforward. */ if (vstream_fflush(state->dst)) { - msg_warn("%s: write queue file: %m", state->queue_id); if (errno == EFBIG) { msg_warn("%s: queue file size limit exceeded", state->queue_id); state->errs |= CLEANUP_STAT_SIZE; diff --git a/gnu/dist/postfix/src/flush/Makefile.in b/gnu/dist/postfix/src/flush/Makefile.in index 432d5e572d2a..19b51de28098 100644 --- a/gnu/dist/postfix/src/flush/Makefile.in +++ b/gnu/dist/postfix/src/flush/Makefile.in @@ -62,7 +62,6 @@ flush.o: ../../include/vbuf.h flush.o: ../../include/vstring.h flush.o: ../../include/vstring_vstream.h flush.o: ../../include/myflock.h -flush.o: ../../include/valid_hostname.h flush.o: ../../include/htable.h flush.o: ../../include/dict.h flush.o: ../../include/argv.h diff --git a/gnu/dist/postfix/src/flush/flush.c b/gnu/dist/postfix/src/flush/flush.c index d35cc5813f91..c8c76c0d09a1 100644 --- a/gnu/dist/postfix/src/flush/flush.c +++ b/gnu/dist/postfix/src/flush/flush.c @@ -129,6 +129,8 @@ #include #include #include +#include +#include /* Utility library. */ @@ -138,7 +140,6 @@ #include #include #include -#include #include #include #include @@ -163,7 +164,9 @@ /* Application-specific. */ /* - * Tunable parameters. + * Tunable parameters. The fast_flush_domains parameter is not defined here, + * because it is also used by the global library, and therefore is owned by + * the library. */ int var_fflush_refresh; int var_fflush_purge; @@ -175,17 +178,52 @@ static DOMAIN_LIST *flush_domains; /* * Some hard-wired policy: how many queue IDs we remember while we're - * flushing a logfile. + * flushing a logfile (duplicate elimination). Sites with 1000+ emails + * queued should arrange for permanent connectivity. */ #define FLUSH_DUP_FILTER_SIZE 10000 /* graceful degradation */ /* * Silly little macros. */ - #define STR(x) vstring_str(x) #define STREQ(x,y) (strcmp(x,y) == 0) + /* + * Forward declarations resulting from breaking up routines according to + * name space: domain names versus safe-to-use pathnames. + */ +static int flush_add_path(const char *, const char *); +static int flush_send_path(const char *); + +/* flush_site_to_path - convert domain or [addr] to harmless string */ + +static VSTRING *flush_site_to_path(VSTRING *path, const char *site) +{ + int ch; + + /* + * Allocate buffer on the fly; caller still needs to clean up. + */ + if (path == 0) + path = vstring_alloc(10); + + /* + * Mask characters that could upset the name-to-queue-file mapping code. + */ + while ((ch = *(unsigned const char *) site++) != 0) + if (ISALNUM(ch)) + VSTRING_ADDCH(path, ch); + else + VSTRING_ADDCH(path, '_'); + VSTRING_TERMINATE(path); + + if (msg_verbose) + msg_info("site %s to path %s", site, STR(path)); + + return (path); +} + /* flush_policy_ok - check logging policy */ static int flush_policy_ok(const char *site) @@ -193,12 +231,13 @@ static int flush_policy_ok(const char *site) return (domain_list_match(flush_domains, site)); } -/* flush_add_service - append queue ID to per-site fast flush log */ +/* flush_add_service - append queue ID to per-site fast flush logfile */ static int flush_add_service(const char *site, const char *queue_id) { char *myname = "flush_add_service"; - VSTREAM *log; + VSTRING *site_path; + int status; if (msg_verbose) msg_info("%s: site %s queue_id %s", myname, site, queue_id); @@ -209,13 +248,35 @@ static int flush_add_service(const char *site, const char *queue_id) if (flush_policy_ok(site) == 0) return (FLUSH_STAT_OK); + /* + * Map site to path and update log. + */ + site_path = flush_site_to_path((VSTRING *) 0, site); + status = flush_add_path(STR(site_path), queue_id); + vstring_free(site_path); + + return (status); +} + +/* flush_add_path - add record to log */ + +static int flush_add_path(const char *path, const char *queue_id) +{ + char *myname = "flush_add_path"; + VSTREAM *log; + + /* + * Sanity check. + */ + if (!mail_queue_id_ok(path)) + return (FLUSH_STAT_BAD); + /* * Open the logfile or bust. */ - if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, site, + if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, path, O_CREAT | O_APPEND | O_WRONLY, 0600)) == 0) - msg_fatal("%s: open fast flush log for site %s: %m", - myname, site); + msg_fatal("%s: open fast flush logfile %s: %m", myname, path); /* * We must lock the logfile, so that we don't lose information due to @@ -223,24 +284,25 @@ static int flush_add_service(const char *site, const char *queue_id) * will eventually take care of the problem, but it will take a while. */ if (myflock(vstream_fileno(log), INTERNAL_LOCK, MYFLOCK_OP_EXCLUSIVE) < 0) - msg_fatal("%s: lock fast flush log for site %s: %m", myname, site); + msg_fatal("%s: lock fast flush logfile %s: %m", myname, path); /* - * Append the queue ID. With 15 bits if microsecond time, a queue ID is + * Append the queue ID. With 15 bits of microsecond time, a queue ID is * not recycled often enough for false hits to be a problem. If it does, * then we could add other signature information, such as the file size * in bytes. */ vstream_fprintf(log, "%s\n", queue_id); + if (vstream_fflush(log)) + msg_warn("write fast flush logfile %s: %m", path); /* * Clean up. */ if (myflock(vstream_fileno(log), INTERNAL_LOCK, MYFLOCK_OP_NONE) < 0) - msg_fatal("%s: unlock fast flush log for site %s: %m", - myname, site); + msg_fatal("%s: unlock fast flush logfile %s: %m", myname, path); if (vstream_fclose(log) != 0) - msg_warn("write fast flush log for site %s: %m", site); + msg_warn("write fast flush logfile %s: %m", path); return (FLUSH_STAT_OK); } @@ -250,16 +312,8 @@ static int flush_add_service(const char *site, const char *queue_id) static int flush_send_service(const char *site) { char *myname = "flush_send_service"; - VSTRING *queue_id; - VSTRING *queue_file; - VSTREAM *log; - struct utimbuf tbuf; - static char qmgr_trigger[] = { - QMGR_REQ_SCAN_INCOMING, /* scan incoming queue */ - QMGR_REQ_FLUSH_DEAD, /* flush dead site/transport cache */ - }; - HTABLE *dup_filter; - int count; + VSTRING *site_path; + int status; if (msg_verbose) msg_info("%s: site %s", myname, site); @@ -270,13 +324,45 @@ static int flush_send_service(const char *site) if (flush_policy_ok(site) == 0) return (mail_flush_deferred()); + /* + * Map site name to path name and flush the log. + */ + site_path = flush_site_to_path((VSTRING *) 0, site); + status = flush_send_path(STR(site_path)); + vstring_free(site_path); + + return (status); +} + +/* flush_send_path - flush logfile file */ + +static int flush_send_path(const char *path) +{ + const char *myname = "flush_send_path"; + VSTRING *queue_id; + VSTRING *queue_file; + VSTREAM *log; + struct utimbuf tbuf; + static char qmgr_trigger[] = { + QMGR_REQ_SCAN_INCOMING, /* scan incoming queue */ + QMGR_REQ_FLUSH_DEAD, /* flush dead site/transport cache */ + }; + HTABLE *dup_filter; + int count; + + /* + * Sanity check. + */ + if (!mail_queue_id_ok(path)) + return (FLUSH_STAT_BAD); + /* * Open the logfile. If the file does not exist, then there is no queued * mail for this destination. */ - if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_RDWR, 0600)) == 0) { + if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, path, O_RDWR, 0600)) == 0) { if (errno != ENOENT) - msg_fatal("%s: open fast flush log for site %s: %m", myname, site); + msg_fatal("%s: open fast flush logfile %s: %m", myname, path); return (FLUSH_STAT_OK); } @@ -287,7 +373,7 @@ static int flush_send_service(const char *site) * watchdog will take care of it. */ if (myflock(vstream_fileno(log), INTERNAL_LOCK, MYFLOCK_OP_EXCLUSIVE) < 0) - msg_fatal("%s: lock fast flush log for site %s: %m", myname, site); + msg_fatal("%s: lock fast flush logfile %s: %m", myname, path); /* * This is the part that dominates running time: schedule the listed @@ -312,15 +398,15 @@ static int flush_send_service(const char *site) tbuf.actime = tbuf.modtime = event_time(); for (count = 0; vstring_get_nonl(queue_id, log) != VSTREAM_EOF; count++) { if (!mail_queue_id_ok(STR(queue_id))) { - msg_warn("bad queue id \"%.30s...\" in fast flush log for site %s", - STR(queue_id), site); + msg_warn("bad queue id \"%.30s...\" in fast flush logfile %s", + STR(queue_id), path); continue; } if (dup_filter->used >= FLUSH_DUP_FILTER_SIZE || htable_find(dup_filter, STR(queue_id)) == 0) { if (msg_verbose) - msg_info("%s: site %s: update %s time stamps", - myname, site, STR(queue_id)); + msg_info("%s: logfile %s: update queue file %s time stamps", + myname, path, STR(queue_id)); if (dup_filter->used <= FLUSH_DUP_FILTER_SIZE) htable_enter(dup_filter, STR(queue_id), 0); @@ -344,8 +430,8 @@ static int flush_send_service(const char *site) } } else { if (msg_verbose) - msg_info("%s: site %s: skip file %s as duplicate", - myname, site, STR(queue_file)); + msg_info("%s: logfile %s: skip queue file %s as duplicate", + myname, path, STR(queue_file)); } } htable_free(dup_filter, (void (*) (char *)) 0); @@ -356,19 +442,18 @@ static int flush_send_service(const char *site) * Truncate the fast flush log. */ if (count > 0 && ftruncate(vstream_fileno(log), (off_t) 0) < 0) - msg_fatal("%s: truncate fast flush log for site %s: %m", myname, site); + msg_fatal("%s: truncate fast flush logfile %s: %m", myname, path); /* * Request delivery and clean up. */ if (myflock(vstream_fileno(log), INTERNAL_LOCK, MYFLOCK_OP_NONE) < 0) - msg_fatal("%s: unlock fast flush log for site %s: %m", - myname, site); + msg_fatal("%s: unlock fast flush logfile %s: %m", myname, path); if (vstream_fclose(log) != 0) - msg_warn("read fast flush log for site %s: %m", site); + msg_warn("%s: read fast flush logfile %s: %m", myname, path); if (count > 0) { if (msg_verbose) - msg_info("%s: requesting delivery for site %s", myname, site); + msg_info("%s: requesting delivery for logfile %s", myname, path); mail_trigger(MAIL_CLASS_PUBLIC, MAIL_SERVICE_QUEUE, qmgr_trigger, sizeof(qmgr_trigger)); } @@ -381,23 +466,15 @@ static int flush_refresh_service(int max_age) { char *myname = "flush_refresh_service"; SCAN_DIR *scan; - char *site; + char *site_path; struct stat st; VSTRING *path = vstring_alloc(10); scan = scan_dir_open(MAIL_QUEUE_FLUSH); - while ((site = mail_scan_dir_next(scan)) != 0) { - if (!mail_queue_id_ok(site)) + while ((site_path = mail_scan_dir_next(scan)) != 0) { + if (!mail_queue_id_ok(site_path)) continue; /* XXX grumble. */ - mail_queue_path(path, MAIL_QUEUE_FLUSH, site); - if (flush_policy_ok(site) == 0) { - if (unlink(STR(path)) < 0) - msg_warn("remove %s: %m", STR(path)); - else if (msg_verbose) - msg_info("%s: spurious fast flush logfile name: %s", - myname, site); - continue; - } + mail_queue_path(path, MAIL_QUEUE_FLUSH, site_path); if (stat(STR(path), &st) < 0) { if (errno != ENOENT) msg_warn("%s: stat %s: %m", myname, STR(path)); @@ -408,20 +485,20 @@ static int flush_refresh_service(int max_age) if (st.st_size == 0) { if (st.st_mtime + var_fflush_purge < event_time()) { if (unlink(STR(path)) < 0) - msg_warn("remove %s: %m", STR(path)); + msg_warn("remove logfile %s: %m", STR(path)); else if (msg_verbose) msg_info("%s: unlink %s, empty and unchanged for %d days", myname, STR(path), var_fflush_purge / 86400); } else if (msg_verbose) - msg_info("%s: skip site %s - empty log", myname, site); + msg_info("%s: skip logfile %s - empty log", myname, site_path); } else if (st.st_atime + max_age < event_time()) { if (msg_verbose) - msg_info("%s: flush site %s", myname, site); - flush_send_service(site); + msg_info("%s: flush logfile %s", myname, site_path); + flush_send_path(site_path); } else { if (msg_verbose) - msg_info("%s: skip site %s, unread for <%d hours(s) ", - myname, site, max_age / 3600); + msg_info("%s: skip logfile %s, unread for <%d hours(s) ", + myname, site_path, max_age / 3600); } } scan_dir_close(scan); @@ -454,9 +531,7 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, * This routine runs whenever a client connects to the UNIX-domain socket * dedicated to the fast flush service. What we see below is a little * protocol to (1) read a request from the client (the name of the site) - * and (2) acknowledge that we have received the request. Since the site - * name maps onto the file system, make sure the site name is a valid - * SMTP hostname. + * and (2) acknowledge that we have received the request. * * All connection-management stuff is handled by the common code in * single_server.c. @@ -466,14 +541,12 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, site = vstring_alloc(10); queue_id = vstring_alloc(10); if (mail_command_read(client_stream, "%s %s", site, queue_id) == 2 - && valid_hostname(STR(site), DONT_GRIPE) && mail_queue_id_ok(STR(queue_id))) status = flush_add_service(lowercase(STR(site)), STR(queue_id)); mail_print(client_stream, "%d", status); } else if (STREQ(STR(request), FLUSH_REQ_SEND)) { site = vstring_alloc(10); - if (mail_command_read(client_stream, "%s", site) == 1 - && valid_hostname(STR(site), DONT_GRIPE)) + if (mail_command_read(client_stream, "%s", site) == 1) status = flush_send_service(lowercase(STR(site))); mail_print(client_stream, "%d", status); } else if (STREQ(STR(request), FLUSH_REQ_REFRESH) diff --git a/gnu/dist/postfix/src/global/mail_version.h b/gnu/dist/postfix/src/global/mail_version.h index 075638f2bead..bb9dffda2e81 100644 --- a/gnu/dist/postfix/src/global/mail_version.h +++ b/gnu/dist/postfix/src/global/mail_version.h @@ -15,7 +15,7 @@ * Version of this program. */ #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "Release-20010228" +#define DEF_MAIL_VERSION "Postfix-20010228-pl01" extern char *var_mail_version; /* LICENSE diff --git a/gnu/dist/postfix/src/global/rewrite_clnt.c b/gnu/dist/postfix/src/global/rewrite_clnt.c index dfb4cbce53c8..ba9049ad3b6d 100644 --- a/gnu/dist/postfix/src/global/rewrite_clnt.c +++ b/gnu/dist/postfix/src/global/rewrite_clnt.c @@ -46,6 +46,7 @@ #include #include #include +#include /* Utility library. */ diff --git a/gnu/dist/postfix/src/global/tok822_parse.in b/gnu/dist/postfix/src/global/tok822_parse.in index ebc564c75e49..28620abc4689 100644 --- a/gnu/dist/postfix/src/global/tok822_parse.in +++ b/gnu/dist/postfix/src/global/tok822_parse.in @@ -11,3 +11,5 @@ wietse\ venema@porcupine.org wietse@[stuff wietse@["stuff] named group: foo@bar, baz@barf; +wietse@foo (wietse + venema) diff --git a/gnu/dist/postfix/src/global/tok822_parse.ref b/gnu/dist/postfix/src/global/tok822_parse.ref index debfc9c3bdc2..dc35bff57b72 100644 --- a/gnu/dist/postfix/src/global/tok822_parse.ref +++ b/gnu/dist/postfix/src/global/tok822_parse.ref @@ -264,3 +264,27 @@ Externalized, newlines inserted: named group: foo@bar, baz@barf; +>>>wietse@foo (wietse + venema)<<< + +Parse tree: + address + atom "wietse" + OP "@" + atom "foo" + comment + text "wietse + venema" + +Internalized: +wietse@foo (wietse + venema) + +Externalized, no newlines inserted: +wietse@foo (wietse + venema) + +Externalized, newlines inserted: +wietse@foo (wietse + venema) + diff --git a/gnu/dist/postfix/src/lmtp/lmtp.c b/gnu/dist/postfix/src/lmtp/lmtp.c index 09572082adef..49b89f403bd0 100644 --- a/gnu/dist/postfix/src/lmtp/lmtp.c +++ b/gnu/dist/postfix/src/lmtp/lmtp.c @@ -330,6 +330,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv) /* * Disconnect if we're going to a different destination. Discard * transcript and status information for sending QUIT. + * + * XXX Should transform nexthop into canonical form (unix:/path or + * inet:host:port) before doing connection cache lookup. See also the + * connection cache updating code in lmtp_connect.c. */ if (strcasecmp(state->session->dest, request->nexthop) != 0) { lmtp_quit(state); diff --git a/gnu/dist/postfix/src/lmtp/lmtp_connect.c b/gnu/dist/postfix/src/lmtp/lmtp_connect.c index d48837000aa4..cb7e24663844 100644 --- a/gnu/dist/postfix/src/lmtp/lmtp_connect.c +++ b/gnu/dist/postfix/src/lmtp/lmtp_connect.c @@ -116,7 +116,8 @@ static LMTP_SESSION *lmtp_connect_sock(int, struct sockaddr *, int, /* lmtp_connect_unix - connect to UNIX-domain address */ -static LMTP_SESSION *lmtp_connect_unix(const char *addr, VSTRING *why) +static LMTP_SESSION *lmtp_connect_unix(const char *addr, + const char *destination, VSTRING *why) { #undef sun char *myname = "lmtp_connect_unix"; @@ -156,7 +157,7 @@ static LMTP_SESSION *lmtp_connect_unix(const char *addr, VSTRING *why) msg_info("%s: trying: %s...", myname, addr); return (lmtp_connect_sock(sock, (struct sockaddr *) & sun, sizeof(sun), - addr, addr, addr, why)); + addr, addr, destination, why)); } /* lmtp_connect_addr - connect to explicit address */ @@ -358,13 +359,19 @@ LMTP_SESSION *lmtp_connect(const char *destination, VSTRING *why) * XXX Ad-hoc transport parsing and connection management. Some or all * should be moved away to a reusable library routine so that every * program benefits from it. + * + * XXX Should transform destination into canonical form (unix:/path or + * inet:host:port before entering it into the connection cache. See also + * the connection cache lookup code in lmtp.c. */ if (strncmp(destination, "unix:", 5) == 0) - return (lmtp_connect_unix(destination + 5, why)); + return (lmtp_connect_unix(destination + 5, destination, why)); if (strncmp(destination, "inet:", 5) == 0) - destination += 5; - dest_buf = lmtp_parse_destination(destination, def_service, - &host, &port); + dest_buf = lmtp_parse_destination(destination + 5, def_service, + &host, &port); + else + dest_buf = lmtp_parse_destination(destination, def_service, + &host, &port); if (msg_verbose) msg_info("%s: connecting to %s port %d", myname, host, ntohs(port)); session = lmtp_connect_host(host, port, destination, why); diff --git a/gnu/dist/postfix/src/master/master_conf.c b/gnu/dist/postfix/src/master/master_conf.c index 1bb8ba10057c..2c24cdb9c504 100644 --- a/gnu/dist/postfix/src/master/master_conf.c +++ b/gnu/dist/postfix/src/master/master_conf.c @@ -36,6 +36,7 @@ #include #include +#include /* Utility library. */ diff --git a/gnu/dist/postfix/src/master/master_sig.c b/gnu/dist/postfix/src/master/master_sig.c index ca501e91873f..509a4a54d1ec 100644 --- a/gnu/dist/postfix/src/master/master_sig.c +++ b/gnu/dist/postfix/src/master/master_sig.c @@ -152,7 +152,7 @@ static void master_sigchld(int sig) static void master_sigdeath(int sig) { - char *myname = "master_sigsetup"; + char *myname = "master_sigdeath"; struct sigaction action; pid_t pid = getpid(); diff --git a/gnu/dist/postfix/src/master/master_status.c b/gnu/dist/postfix/src/master/master_status.c index 40ad1508a64d..de0cc4d28c31 100644 --- a/gnu/dist/postfix/src/master/master_status.c +++ b/gnu/dist/postfix/src/master/master_status.c @@ -113,7 +113,7 @@ static void master_status_event(int event, char *context) } if (proc->serv != serv) msg_panic("%s: pointer corruption: %p != %p", - myname, (char *) proc->serv, (char *) serv); + myname, (void *) proc->serv, (void *) serv); /* * Update our idea of the child process status. Allow redundant status diff --git a/gnu/dist/postfix/src/pipe/pipe.c b/gnu/dist/postfix/src/pipe/pipe.c index ee9154c6df6a..79004fb40e06 100644 --- a/gnu/dist/postfix/src/pipe/pipe.c +++ b/gnu/dist/postfix/src/pipe/pipe.c @@ -7,9 +7,7 @@ /* \fBpipe\fR [generic Postfix daemon options] command_attributes... /* DESCRIPTION /* The \fBpipe\fR daemon processes requests from the Postfix queue -/* manager to deliver messages to external commands. Each delivery -/* request specifies a queue file, a sender address, a domain or host -/* to deliver to, and one or more recipients. +/* manager to deliver messages to external commands. /* This program expects to be run from the \fBmaster\fR(8) process /* manager. /* @@ -17,6 +15,22 @@ /* as finished, or it informs the queue manager that delivery should /* be tried again at a later time. Delivery problem reports are sent /* to the \fBbounce\fR(8) or \fBdefer\fR(8) daemon as appropriate. +/* SINGLE-RECIPIENT DELIVERY +/* .ad +/* .fi +/* Some external commands cannot handle more than one recipient +/* per delivery request. Examples of such transports are pagers, +/* fax machines, and so on. +/* +/* To prevent Postfix from sending multiple recipients per delivery +/* request, specify +/* +/* .ti +4 +/* \fItransport\fB_destination_recipient_limit = 1\fR +/* +/* in the Postfix \fBmain.cf\fR file, where \fItransport\fR +/* is the name in the first column of the Postfix \fBmaster.cf\fR +/* entry for the pipe-based delivery transport. /* COMMAND ATTRIBUTE SYNTAX /* .ad /* .fi @@ -74,18 +88,21 @@ /* This macro expands to the extension part of a recipient address. /* For example, with an address \fIuser+foo@domain\fR the extension is /* \fIfoo\fR. +/* .sp /* A command-line argument that contains \fB${\fBextension\fR}\fR expands /* into as many command-line arguments as there are recipients. /* .IP \fB${\fBmailbox\fR}\fR /* This macro expands to the complete local part of a recipient address. /* For example, with an address \fIuser+foo@domain\fR the mailbox is /* \fIuser+foo\fR. +/* .sp /* A command-line argument that contains \fB${\fBmailbox\fR}\fR /* expands into as many command-line arguments as there are recipients. /* .IP \fB${\fBnexthop\fR}\fR /* This macro expands to the next-hop hostname. /* .IP \fB${\fBrecipient\fR}\fR /* This macro expands to the complete recipient address. +/* .sp /* A command-line argument that contains \fB${\fBrecipient\fR}\fR /* expands into as many command-line arguments as there are recipients. /* .IP \fB${\fBsender\fR}\fR @@ -97,6 +114,7 @@ /* This macro expands to the username part of a recipient address. /* For example, with an address \fIuser+foo@domain\fR the username /* part is \fIuser\fR. +/* .sp /* A command-line argument that contains \fB${\fBuser\fR}\fR expands /* into as many command-line arguments as there are recipients. /* .RE diff --git a/gnu/dist/postfix/src/qmgr/qmgr_active.c b/gnu/dist/postfix/src/qmgr/qmgr_active.c index ec00584bd407..404c4eda986d 100644 --- a/gnu/dist/postfix/src/qmgr/qmgr_active.c +++ b/gnu/dist/postfix/src/qmgr/qmgr_active.c @@ -149,7 +149,7 @@ static void qmgr_active_defer(const char *queue_name, const char *queue_id, tbuf.actime = tbuf.modtime = event_time() + delay; path = mail_queue_path((VSTRING *) 0, queue_name, queue_id); - if (utime(path, &tbuf) < 0) + if (utime(path, &tbuf) < 0 && errno != ENOENT) msg_fatal("%s: update %s time stamps: %m", myname, path); if (mail_queue_rename(queue_id, queue_name, dest_queue)) { if (errno != ENOENT) diff --git a/gnu/dist/postfix/src/showq/showq.c b/gnu/dist/postfix/src/showq/showq.c index 06fdb1c2533e..55cab747a91f 100644 --- a/gnu/dist/postfix/src/showq/showq.c +++ b/gnu/dist/postfix/src/showq/showq.c @@ -273,6 +273,7 @@ static void showq_service(VSTREAM *client, char *unused_service, char **argv) } else if (errno != ENOENT) msg_fatal("open %s %s: %m", *queue, id); file_count++; + vstream_fflush(client); } vstream_fflush(client); } diff --git a/gnu/dist/postfix/src/util/dict_ldap.c b/gnu/dist/postfix/src/util/dict_ldap.c index e39fed3fb4b1..fc3a802137da 100644 --- a/gnu/dist/postfix/src/util/dict_ldap.c +++ b/gnu/dist/postfix/src/util/dict_ldap.c @@ -104,6 +104,10 @@ #include "dict.h" #include "dict_ldap.h" +/* AAARGH!! */ + +#include "../global/mail_conf.h" + /* * Structure containing all the configuration parameters for a given * LDAP source, plus its connection handle. diff --git a/gnu/dist/postfix/src/util/msg_syslog.c b/gnu/dist/postfix/src/util/msg_syslog.c index c2892d6286c5..fb93014572ad 100644 --- a/gnu/dist/postfix/src/util/msg_syslog.c +++ b/gnu/dist/postfix/src/util/msg_syslog.c @@ -48,6 +48,7 @@ #include #include #include +#include /* Application-specific. */ diff --git a/gnu/dist/postfix/src/util/rand_sleep.c b/gnu/dist/postfix/src/util/rand_sleep.c index 0173e9693f4a..d119f074f578 100644 --- a/gnu/dist/postfix/src/util/rand_sleep.c +++ b/gnu/dist/postfix/src/util/rand_sleep.c @@ -67,8 +67,8 @@ void rand_sleep(unsigned delay, unsigned variation) * Use the semi-crappy random number generator. */ if (my_pid == 0) - srandom((my_pid = getpid()) ^ time((time_t *) 0)); - usec = (delay - variation / 2) + variation * (double) random() / RAND_MAX; + srand((my_pid = getpid()) ^ time((time_t *) 0)); + usec = (delay - variation / 2) + variation * (double) rand() / RAND_MAX; doze(usec); } diff --git a/gnu/dist/postfix/src/util/watchdog.c b/gnu/dist/postfix/src/util/watchdog.c index 011b2fcb60af..14504e90de3c 100644 --- a/gnu/dist/postfix/src/util/watchdog.c +++ b/gnu/dist/postfix/src/util/watchdog.c @@ -133,7 +133,7 @@ static void watchdog_event(int unused_sig) if ((wp = watchdog_curr) == 0) msg_panic("%s: no instance", myname); if (msg_verbose) - msg_info("%s: %p %d", myname, (char *) wp, wp->trip_run); + msg_info("%s: %p %d", myname, (void *) wp, wp->trip_run); if (++(wp->trip_run) < WATCHDOG_STEPS) { alarm(wp->timeout); } else { @@ -169,7 +169,7 @@ WATCHDOG *watchdog_create(unsigned timeout, WATCHDOG_FN action, char *context) if (sigaction(SIGALRM, &sig_action, &wp->saved_action) < 0) msg_fatal("%s: sigaction(SIGALRM): %m", myname); if (msg_verbose) - msg_info("%s: %p %d", myname, (char *) wp, timeout); + msg_info("%s: %p %d", myname, (void *) wp, timeout); return (watchdog_curr = wp); } @@ -187,7 +187,7 @@ void watchdog_destroy(WATCHDOG *wp) alarm(wp->saved_time); myfree((char *) wp); if (msg_verbose) - msg_info("%s: %p", myname, (char *) wp); + msg_info("%s: %p", myname, (void *) wp); } /* watchdog_start - enable watchdog timer */ @@ -201,7 +201,7 @@ void watchdog_start(WATCHDOG *wp) wp->trip_run = 0; alarm(wp->timeout); if (msg_verbose) - msg_info("%s: %p", myname, (char *) wp); + msg_info("%s: %p", myname, (void *) wp); } /* watchdog_stop - disable watchdog timer */ @@ -214,7 +214,7 @@ void watchdog_stop(WATCHDOG *wp) msg_panic("%s: wrong watchdog instance", myname); alarm(0); if (msg_verbose) - msg_info("%s: %p", myname, (char *) wp); + msg_info("%s: %p", myname, (void *) wp); } /* watchdog_pat - pat the dog so it stays quiet */ @@ -226,7 +226,7 @@ void watchdog_pat(void) if (watchdog_curr) watchdog_curr->trip_run = 0; if (msg_verbose) - msg_info("%s: %p", myname, (char *) watchdog_curr); + msg_info("%s: %p", myname, (void *) watchdog_curr); } #ifdef TEST