sync w/ 1.1.11

gnu/dist/postfix/conf/main.cf

@@ -1,3 +1,5 @@
+#	$NetBSD: main.cf,v 1.4 2002/06/08 22:49:51 itojun Exp $
+#
 # Global Postfix configuration file. This file lists only a subset
 # of all 100+ parameters. See the sample-xxx.cf files for a full list.
 # 
@@ -65,15 +67,15 @@ mail_owner = postfix
 # from gethostname(). $myhostname is used as a default value for many
 # other configuration parameters.
 #
-#myhostname = host.domain.name
-#myhostname = virtual.domain.name
+#myhostname = host.domain.tld
+#myhostname = virtual.domain.tld
 
 # The mydomain parameter specifies the local internet domain name.
 # The default is to use $myhostname minus the first component.
 # $mydomain is used as a default value for many other configuration
 # parameters.
 #
-#mydomain = domain.name
+#mydomain = domain.tld
 
 # SENDING MAIL
 # 
@@ -225,9 +227,10 @@ mail_owner = postfix
 # REJECTING UNKNOWN LOCAL USERS
 #
 # The local_recipient_maps parameter specifies optional lookup tables
-# with all users that are local with respect to $mydestination and
-# $inet_interfaces.  If this parameter is defined, then the SMTP server
-# will reject mail for unknown local users.
+# with all names (not addresses) of users that are local with respect
+# to $mydestination and $inet_interfaces.  If this parameter is
+# defined, then the SMTP server will reject mail for unknown local
+# users.
 #
 # If you use the default Postfix local delivery agent for local
 # delivery, uncomment the definition below.
@@ -416,6 +419,7 @@ mail_owner = postfix
 # REJECT text.... The text is sent to the originator.
 # IGNORE the header line is silently discarded.
 # WARN   the header is logged (not rejected) with a warning message.
+# WARN text... as above, and the text is logged, too.
 #
 # These patterns do not apply to MIME headers in the message body.
 #
@@ -427,14 +431,14 @@ mail_owner = postfix
 #
 # Postfix maintains per-destination logfiles with information about
 # deferred mail, so that mail can be flushed quickly with the SMTP
-# "ETRN domain.name" command, or by executing "sendmail -qRdomain.name".
+# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
 # 
 # By default, Postfix maintains deferred mail logfile information
 # only for destinations that Postfix is willing to relay to (as
 # specified in the relay_domains parameter). For other destinations,
 # Postfix attempts to deliver ALL queued mail after receiving the
-# SMTP "ETRN domain.name" command, or after execution of "sendmail
-# -qRdomain.name". This can be slow when a lot of mail is queued.
+# SMTP "ETRN domain.tld" command, or after execution of "sendmail
+# -qRdomain.tld". This can be slow when a lot of mail is queued.
 # 
 # The fast_flush_domains parameter controls what destinations are
 # eligible for this "fast ETRN/sendmail -qR" service.

gnu/dist/postfix/makedefs

@@ -117,6 +117,11 @@ case "$SYSTEM.$RELEASE" in
 		    5.[0-4]) CCARGS="$CCARGS -DMISSING_USLEEP";;
 			  *) CCARGS="$CCARGS -DHAS_POSIX_REGEXP";;
 		esac
+		# Work around broken str*casecmp(). Do it all here instead
+		# of having half the solution in the sys_defs.h file.
+		CCARGS="$CCARGS -Dstrcasecmp=fix_strcasecmp \
+			-Dstrncasecmp=fix_strncasecmp"
+		STRCASE="strcasecmp.o"
 		# Avoid common types of braindamage
 		case "$LD_LIBRARY_PATH" in
 		?*) echo "Don't set LD_LIBRARY_PATH" 1>&2; exit 1;;
@@ -182,16 +187,16 @@ case "$SYSTEM.$RELEASE" in
 		    echo "See the RELEASE_NOTES file for more information." 1>&2
 		    exit 1
 		fi
-		# See where GDBM's ndbm.h include file sits.
-		if [ -f /usr/include/gdbm-ndbm.h ]
-		then
-		    CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm-ndbm.h>'"
-		    GDBM_LIBS=gdbm
-		elif [ -f /usr/include/gdbm/ndbm.h ]
-		then
-		    CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'"
-		    GDBM_LIBS=gdbm
-		fi
+		# GDBM locks the DBM .pag file after open. This breaks postmap.
+		# if [ -f /usr/include/gdbm-ndbm.h ]
+		# then
+		#     CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm-ndbm.h>'"
+		#     GDBM_LIBS=gdbm
+		# elif [ -f /usr/include/gdbm/ndbm.h ]
+		# then
+		#     CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'"
+		#     GDBM_LIBS=gdbm
+		# fi
 		SYSLIBS="-ldb"
 		for name in nsl resolv $GDBM_LIBS
 		do
@@ -303,5 +308,6 @@ CC	= $CC $CCARGS
 OPT	= $OPT
 DEBUG	= $DEBUG
 AWK	= $AWK
+STRCASE = $STRCASE
 EXPORT	= AUXLIBS="$AUXLIBS" CCARGS="$CCARGS" OPT="$OPT" DEBUG="$DEBUG"
 EOF

gnu/dist/postfix/src/cleanup/cleanup.h

@@ -47,6 +47,7 @@ typedef struct CLEANUP_STATE {
     int     err_mask;			/* allowed badness */
     VSTRING *header_buf;		/* multi-record header */
     int     headers_seen;		/* which headers were seen */
+    int     long_header;		/* multi-record physical header line */
     int     hop_count;			/* count of received: headers */
     ARGV   *recipients;			/* recipients from regular headers */
     ARGV   *resent_recip;		/* recipients from resent headers */

gnu/dist/postfix/src/global/Makefile.in

@@ -57,7 +57,7 @@ HDRS	= been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
 	rewrite_clnt.h sent.h smtp_stream.h split_addr.h string_list.h \
 	sys_exits.h timed_ipc.h tok822.h xtext.h bounce_log.h flush_clnt.h \
 	mbox_conf.h mbox_open.h abounce.h qmqp_proto.h verp_sender.h \
-	match_parent_style.h
+	match_parent_style.h quote_flags.h
 TESTSRC	= rec2stream.c stream2rec.c recdump.c
 WARN	= -W -Wformat -Wimplicit -Wmissing-prototypes \
 	-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
@@ -579,6 +579,7 @@ mail_copy.o: ../../include/vstring.h
 mail_copy.o: ../../include/vstring_vstream.h
 mail_copy.o: ../../include/stringops.h
 mail_copy.o: quote_822_local.h
+mail_copy.o: quote_flags.h
 mail_copy.o: record.h
 mail_copy.o: rec_type.h
 mail_copy.o: mail_queue.h
@@ -884,11 +885,13 @@ quote_821_local.o: ../../include/sys_defs.h
 quote_821_local.o: ../../include/vstring.h
 quote_821_local.o: ../../include/vbuf.h
 quote_821_local.o: quote_821_local.h
+quote_821_local.o: quote_flags.h
 quote_822_local.o: quote_822_local.c
 quote_822_local.o: ../../include/sys_defs.h
 quote_822_local.o: ../../include/vstring.h
 quote_822_local.o: ../../include/vbuf.h
 quote_822_local.o: quote_822_local.h
+quote_822_local.o: quote_flags.h
 rec2stream.o: rec2stream.c
 rec2stream.o: ../../include/sys_defs.h
 rec2stream.o: ../../include/vstring.h
@@ -968,6 +971,7 @@ rewrite_clnt.o: ../../include/vstring_vstream.h
 rewrite_clnt.o: ../../include/events.h
 rewrite_clnt.o: ../../include/iostuff.h
 rewrite_clnt.o: quote_822_local.h
+rewrite_clnt.o: quote_flags.h
 rewrite_clnt.o: mail_proto.h
 rewrite_clnt.o: ../../include/attr.h
 rewrite_clnt.o: mail_params.h
@@ -1036,6 +1040,8 @@ tok822_parse.o: ../../include/sys_defs.h
 tok822_parse.o: ../../include/vstring.h
 tok822_parse.o: ../../include/vbuf.h
 tok822_parse.o: ../../include/msg.h
+tok822_parse.o: quote_822_local.h
+tok822_parse.o: quote_flags.h
 tok822_parse.o: tok822.h
 tok822_parse.o: resolve_clnt.h
 tok822_resolve.o: tok822_resolve.c

gnu/dist/postfix/src/global/mail_params.h

@@ -742,9 +742,9 @@ extern char *var_smtp_bind_addr;
 #define DEF_SMTP_RAND_ADDR	1
 extern bool var_smtp_rand_addr;
 
-#define VAR_SMTP_BREAK_LINES	"smtp_break_lines"
-#define DEF_SMTP_BREAK_LINES	1
-extern bool var_smtp_break_lines;
+#define VAR_SMTP_LINE_LIMIT	"smtp_line_length_limit"
+#define DEF_SMTP_LINE_LIMIT	990
+extern int var_smtp_line_limit;
 
 #define VAR_SMTP_PIX_THRESH	"smtp_pix_workaround_threshold_time"
 #define DEF_SMTP_PIX_THRESH	"500s"
@@ -1275,7 +1275,7 @@ extern int var_fflush_refresh;
 extern char *var_import_environ;
 
 #define VAR_EXPORT_ENVIRON		"export_environment"
-#define DEF_EXPORT_ENVIRON		"TZ"
+#define DEF_EXPORT_ENVIRON		"TZ MAIL_CONFIG"
 extern char *var_export_environ;
 
  /*
@@ -1419,6 +1419,17 @@ extern int var_fault_inj_code;
 #define DEF_README_DIR			"no"
 #endif
 
+ /*
+  * Safety: resolve the unquoted address (technically incorrect), instead of
+  * resolving the quoted address (technically incorrect). This prevents mail
+  * relay loopholes with "user@domain"@domain when you're relaying mail for a
+  * Sendmail system or when receiving mail for a local virtual domain with an
+  * @domain catch-all rule.
+  */
+#define VAR_RESOLVE_DEQUOTED		"resolve_dequoted_address"
+#define DEF_RESOLVE_DEQUOTED		1
+extern bool var_resolve_dequoted;
+
 /* LICENSE
 /* .ad
 /* .fi

gnu/dist/postfix/src/global/tok822_parse.c

@@ -107,6 +107,7 @@
 
 /* Global library. */
 
+#include "quote_822_local.h"
 #include "tok822.h"
 
  /*
@@ -221,6 +222,7 @@ VSTRING *tok822_internalize(VSTRING *vp, TOK822 *tree, int flags)
 
 VSTRING *tok822_externalize(VSTRING *vp, TOK822 *tree, int flags)
 {
+    VSTRING *tmp;
     TOK822 *tp;
 
     if (flags & TOK822_STR_WIPE)
@@ -235,8 +237,20 @@ VSTRING *tok822_externalize(VSTRING *vp, TOK822 *tree, int flags)
 		continue;
 	    }
 	    break;
+
+	    /*
+	     * XXX In order to correctly externalize an address, it is not
+	     * sufficient to quote individual atoms. There are higher-level
+	     * rules that say when an address localpart needs to be quoted.
+	     * We wing it with the quote_822_local() routine, which ignores
+	     * the issue of atoms in the domain part that would need quoting.
+	     */
 	case TOK822_ADDR:
-	    tok822_externalize(vp, tp->head, TOK822_STR_NONE);
+	    tmp = vstring_alloc(100);
+	    tok822_internalize(tmp, tp->head, TOK822_STR_TERM);
+	    quote_822_local_flags(vp, vstring_str(tmp),
+				  QUOTE_FLAG_8BITCLEAN | QUOTE_FLAG_APPEND);
+	    vstring_free(tmp);
 	    break;
 	case TOK822_ATOM:
 	case TOK822_COMMENT:

gnu/dist/postfix/src/qmgr/qmgr_message.c

@@ -389,8 +389,17 @@ static int qmgr_message_sort_compare(const void *p1, const void *p2)
 
     /*
      * Compare most significant to least significant recipient attributes.
+     * The comparison function must be transitive, so NULL values need to be
+     * assigned an ordinal (we set NULL last).
      */
-    if ((queue1 = rcpt1->queue) != 0 && (queue2 = rcpt2->queue) != 0) {
+
+    queue1 = rcpt1->queue;
+    queue2 = rcpt2->queue;
+    if (queue1 != 0 && queue2 == 0)
+	return (-1);
+    if (queue1 == 0 && queue2 != 0)
+	return (1);
+    if (queue1 != 0 && queue2 != 0) {
 
 	/*
 	 * Compare message transport.
@@ -409,8 +418,13 @@ static int qmgr_message_sort_compare(const void *p1, const void *p2)
     /*
      * Compare recipient domain.
      */
-    if ((at1 = strrchr(rcpt1->address, '@')) != 0
-	&& (at2 = strrchr(rcpt2->address, '@')) != 0
+    at1 = strrchr(rcpt1->address, '@');
+    at2 = strrchr(rcpt2->address, '@');
+    if (at1 == 0 && at2 != 0)
+	return (1);
+    if (at1 != 0 && at2 == 0)
+	return (-1);
+    if (at1 != 0 && at2 != 0
 	&& (result = strcasecmp(at1, at2)) != 0)
 	return (result);
 
@@ -588,7 +602,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	    queue = 0;
 	}
 	if (transport->recipient_limit == 1) {
-	    VSTRING_SPACE(reply.nexthop, len + 1);
+	    VSTRING_SPACE(reply.nexthop, len + 2);
 	    memmove(STR(reply.nexthop) + len + 1, STR(reply.nexthop),
 		    LEN(reply.nexthop) + 1);
 	    memcpy(STR(reply.nexthop), STR(reply.recipient), len);

gnu/dist/postfix/src/smtpd/smtpd.c

@@ -181,9 +181,9 @@
 /* .ad
 /* .fi
 /* .IP \fBparent_domain_matches_subdomains\fR
-/*	List of Postfix features that use \fIdomain.name\fR patterns
-/*	to match \fIsub.domain.name\fR (as opposed to
-/*	requiring \fI.domain.name\fR patterns).
+/*	List of Postfix features that use \fIdomain.tld\fR patterns
+/*	to match \fIsub.domain.tld\fR (as opposed to
+/*	requiring \fI.domain.tld\fR patterns).
 /* .IP \fBsmtpd_client_restrictions\fR
 /*	Restrict what clients may connect to this mail system.
 /* .IP \fBsmtpd_helo_required\fR
@@ -617,8 +617,7 @@ static char *extract_addr(SMTPD_STATE *state, SMTPD_TOKEN *arg,
      * Report trouble. Log a warning only if we are going to sleep+reject so
      * that attackers can't flood our logfiles.
      */
-    if ((naddr < 1 && !allow_empty_addr)
-	|| naddr > 1
+    if (naddr > 1
 	|| (strict_rfc821 && (non_addr || *STR(arg->vstrval) != '<'))) {
 	msg_warn("Illegal address syntax from %s in %s command: %s",
 		 state->namaddr, state->where, STR(arg->vstrval));
@@ -637,6 +636,16 @@ static char *extract_addr(SMTPD_STATE *state, SMTPD_TOKEN *arg,
 	vstring_strcpy(arg->vstrval, "");
     arg->strval = STR(arg->vstrval);
 
+    /*
+     * Report trouble. Log a warning only if we are going to sleep+reject so
+     * that attackers can't flood our logfiles.
+     */
+    if (arg->strval[0] == 0 && !allow_empty_addr) {
+	msg_warn("Illegal address syntax from %s in %s command: %s",
+		 state->namaddr, state->where, STR(arg->vstrval));
+	err = "501 Bad address syntax";
+    }
+
     /*
      * Cleanup.
      */
@@ -981,7 +990,7 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
 	if (first) {
 	    if (strncmp(start + strspn(start, ">"), "From ", 5) == 0) {
 		rec_fprintf(state->cleanup, curr_rec_type,
-			    "Mailbox-Line: %s", start);
+			    "X-Mailbox-Line: %s", start);
 		continue;
 	    }
 	    first = 0;
@@ -1038,7 +1047,7 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
 	smtpd_chat_reply(state, "554 Error: too many hops");
     } else if ((state->err & CLEANUP_STAT_CONT) != 0) {
 	state->error_mask |= MAIL_ERROR_POLICY;
-	smtpd_chat_reply(state, "552 Error: %s", LEN(why) ?
+	smtpd_chat_reply(state, "550 Error: %s", LEN(why) ?
 			 STR(why) : "content rejected");
     } else if ((state->err & CLEANUP_STAT_WRITE) != 0) {
 	state->error_mask |= MAIL_ERROR_RESOURCE;
@@ -1295,6 +1304,7 @@ typedef struct SMTPD_CMD {
 } SMTPD_CMD;
 
 #define SMTPD_CMD_FLAG_LIMIT    (1<<0)	/* limit usage */
+#define SMTPD_CMD_FLAG_HEADER	(1<<1)	/* RFC 2822 mail header */
 
 static SMTPD_CMD smtpd_cmd_table[] = {
     "HELO", helo_cmd, SMTPD_CMD_FLAG_LIMIT,
@@ -1312,6 +1322,9 @@ static SMTPD_CMD smtpd_cmd_table[] = {
     "VRFY", vrfy_cmd, SMTPD_CMD_FLAG_LIMIT,
     "ETRN", etrn_cmd, SMTPD_CMD_FLAG_LIMIT,
     "QUIT", quit_cmd, 0,
+    "Received:", 0, SMTPD_CMD_FLAG_HEADER,
+    "Subject:", 0, SMTPD_CMD_FLAG_HEADER,
+    "From:", 0, SMTPD_CMD_FLAG_HEADER,
     0,
 };
 
@@ -1393,6 +1406,12 @@ static void smtpd_proto(SMTPD_STATE *state)
 		state->error_count++;
 		continue;
 	    }
+	    if (cmdp->flags & SMTPD_CMD_FLAG_HEADER) {
+		msg_warn("%s sent message header instead of SMTP command: %.100s",
+			 state->namaddr, vstring_str(state->buffer));
+		smtpd_chat_reply(state, "221 Error: I can break rules, too. Goodbye.");
+		break;
+	    }
 	    if (state->access_denied && cmdp->action != quit_cmd) {
 		smtpd_chat_reply(state, "503 Error: access denied for %s",
 				 state->namaddr);	/* RFC 2821 Sec 3.1 */
@@ -1405,7 +1424,6 @@ static void smtpd_proto(SMTPD_STATE *state)
 	    if ((cmdp->flags & SMTPD_CMD_FLAG_LIMIT)
 		&& state->junk_cmds++ > var_smtpd_junk_cmd_limit)
 		state->error_count++;
-
 	    if (cmdp->action == quit_cmd)
 		break;
 	}

gnu/dist/postfix/src/smtpd/smtpd_check.c

@@ -1020,6 +1020,12 @@ static int permit_auth_destination(SMTPD_STATE *state, char *recipient)
 	return (SMTPD_CHECK_OK);
     domain += 1;
 
+    /*
+     * Skip source-routed non-local or virtual mail (uncertain destination).
+     */
+    if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
+	return (SMTPD_CHECK_DUNNO);
+
     /*
      * Permit final delivery: the destination matches mydestination, 
      * virtual_maps, or virtual_mailbox_maps.
@@ -1027,12 +1033,6 @@ static int permit_auth_destination(SMTPD_STATE *state, char *recipient)
     if (resolve_final(state, recipient, domain))
 	return (SMTPD_CHECK_OK);
 
-    /*
-     * Skip source-routed mail (uncertain destination).
-     */
-    if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
-	return (SMTPD_CHECK_DUNNO);
-
     /*
      * Permit if the destination matches the relay_domains list.
      */
@@ -1281,18 +1281,22 @@ static int permit_mx_backup(SMTPD_STATE *state, const char *recipient)
     if ((domain = strrchr(CONST_STR(reply->recipient), '@')) == 0)
 	return (SMTPD_CHECK_OK);
     domain += 1;
+
+    /*
+     * Skip source-routed non-local or virtual mail (uncertain destination).
+     */
+    if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
+	return (SMTPD_CHECK_DUNNO);
+
+    /*
+     * The destination is local, or it is a local virtual destination.
+     */
     if (resolve_final(state, recipient, domain))
 	return (SMTPD_CHECK_OK);
 
     if (msg_verbose)
 	msg_info("%s: not local: %s", myname, recipient);
 
-    /*
-     * Skip source-routed mail (uncertain destination).
-     */
-    if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
-	return (SMTPD_CHECK_DUNNO);
-
     /*
      * Skip numerical forms that didn't match the local system.
      */
@@ -1594,12 +1598,16 @@ static int check_domain_access(SMTPD_STATE *state, const char *table,
 
     /*
      * Try the name and its parent domains. Including top-level domains.
+     * 
+     * Helo names can end in ".". The test below avoids lookups of the empty
+     * key, because Berkeley DB cannot deal with it. [Victor Duchovni, Morgan
+     * Stanley].
      */
 #define CHK_DOMAIN_RETURN(x,y) { *found = y; myfree(low_domain); return(x); }
 
     if ((dict = dict_handle(table)) == 0)
 	msg_panic("%s: dictionary not found: %s", myname, table);
-    for (name = low_domain; /* void */ ; name = next) {
+    for (name = low_domain; *name != 0; name = next) {
 	if (flags == 0 || (flags & dict->flags) != 0) {
 	    if ((value = dict_get(dict, name)) != 0)
 		CHK_DOMAIN_RETURN(check_table_result(state, table, value,
@@ -1756,16 +1764,15 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
 	{ if (bare_addr) myfree(bare_addr); return(x); }
 
     /*
-     * Source-routed, non-local, recipient addresses are too suspicious for
-     * returning an "OK" result. The complicated expression below was brought
-     * to you by the keyboard of Victor Duchovni, Morgan Stanley and hacked
-     * up a bit by Wietse.
+     * Source-routed (non-local or virtual) recipient addresses are too
+     * suspicious for returning an "OK" result. The complicated expression
+     * below was brought to you by the keyboard of Victor Duchovni, Morgan
+     * Stanley and hacked up a bit by Wietse.
      */
-#define SUSPICIOUS(domain, reply, state, reply_name, reply_class) \
+#define SUSPICIOUS(reply, reply_class) \
 	(var_allow_untrust_route == 0 \
 	&& (reply->flags & RESOLVE_FLAG_ROUTED) \
-	&& strcmp(reply_class, SMTPD_NAME_RECIPIENT) == 0 \
-	&& !resolve_final(state, reply_name, domain))
+	&& strcmp(reply_class, SMTPD_NAME_RECIPIENT) == 0)
 
     /*
      * Look up user+foo@domain if the address has an extension, user@domain
@@ -1775,7 +1782,7 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
 			       found, reply_name, reply_class, def_acl)) != 0
 	|| *found)
 	CHECK_MAIL_ACCESS_RETURN(status == SMTPD_CHECK_OK
-	      && SUSPICIOUS(domain, reply, state, reply_name, reply_class) ?
+				 && SUSPICIOUS(reply, reply_class) ?
 				 SMTPD_CHECK_DUNNO : status);
 
     /*
@@ -1786,7 +1793,7 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
 			      found, reply_name, reply_class, def_acl)) != 0
 	    || *found)
 	    CHECK_MAIL_ACCESS_RETURN(status == SMTPD_CHECK_OK
-	      && SUSPICIOUS(domain, reply, state, reply_name, reply_class) ?
+				     && SUSPICIOUS(reply, reply_class) ?
 				     SMTPD_CHECK_DUNNO : status);
 
     /*
@@ -1796,7 +1803,7 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
 			      found, reply_name, reply_class, def_acl)) != 0
 	|| *found)
 	CHECK_MAIL_ACCESS_RETURN(status == SMTPD_CHECK_OK
-	      && SUSPICIOUS(domain, reply, state, reply_name, reply_class) ?
+				 && SUSPICIOUS(reply, reply_class) ?
 				 SMTPD_CHECK_DUNNO : status);
 
     /*
@@ -1810,7 +1817,7 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
     myfree(local_at);
     if (status != 0 || *found)
 	CHECK_MAIL_ACCESS_RETURN(status == SMTPD_CHECK_OK
-	      && SUSPICIOUS(domain, reply, state, reply_name, reply_class) ?
+				 && SUSPICIOUS(reply, reply_class) ?
 				 SMTPD_CHECK_DUNNO : status);
 
     /*
@@ -1824,7 +1831,7 @@ static int check_mail_access(SMTPD_STATE *state, const char *table,
 	myfree(local_at);
 	if (status != 0 || *found)
 	    CHECK_MAIL_ACCESS_RETURN(status == SMTPD_CHECK_OK
-	      && SUSPICIOUS(domain, reply, state, reply_name, reply_class) ?
+				     && SUSPICIOUS(reply, reply_class) ?
 				     SMTPD_CHECK_DUNNO : status);
     }
 

gnu/dist/postfix/src/util/Makefile.in

@@ -26,7 +26,7 @@ SRCS	= alldig.c argv.c argv_split.c attr_print0.c attr_print64.c \
 	unix_connect.c unix_listen.c unix_trigger.c unsafe.c username.c \
 	valid_hostname.c vbuf.c vbuf_print.c vstream.c vstream_popen.c \
 	vstring.c vstring_vstream.c watchdog.c writable.c write_buf.c \
-	write_wait.c
+	write_wait.c strcasecmp.c
 OBJS	= alldig.o argv.o argv_split.o attr_print0.o attr_print64.o \
 	attr_scan0.o attr_scan64.o base64_code.o basename.o binhash.o \
 	chroot_uid.o clean_env.o close_on_exec.o concatenate.o ctable.o \
@@ -54,7 +54,7 @@ OBJS	= alldig.o argv.o argv_split.o attr_print0.o attr_print64.o \
 	unix_connect.o unix_listen.o unix_trigger.o unsafe.o username.o \
 	valid_hostname.o vbuf.o vbuf_print.o vstream.o vstream_popen.o \
 	vstring.o vstring_vstream.o watchdog.o writable.o write_buf.o \
-	write_wait.o
+	write_wait.o $(STRCASE)
 HDRS	= argv.h attr.h base64_code.h binhash.h chroot_uid.h clean_env.h \
 	connect.h ctable.h dict.h dict_db.h dict_dbm.h dict_env.h \
 	dict_ht.h dict_ldap.h dict_mysql.h dict_ni.h dict_nis.h \
@@ -1062,6 +1062,8 @@ stat_as.o: sys_defs.h
 stat_as.o: msg.h
 stat_as.o: set_eugid.h
 stat_as.o: stat_as.h
+strcasecmp.o: strcasecmp.c
+strcasecmp.o: sys_defs.h
 stream_connect.o: stream_connect.c
 stream_connect.o: sys_defs.h
 stream_connect.o: msg.h

gnu/dist/postfix/src/util/sys_defs.h

@@ -651,6 +651,7 @@ extern int h_errno;
 /* It's amazing what is all missing...	*/
 #define isascii(c)	((unsigned)(c)<=0177)
 extern int opterr;
+typedef unsigned short  mode_t;
 
 #define MISSING_PID_T
 #define MISSING_STRFTIME_E
@@ -701,6 +702,7 @@ extern int opterr;
 /* It's amazing what is all missing...	*/
 #define isascii(c)	((unsigned)(c)<=0177)
 extern int opterr;
+typedef unsigned short  mode_t;
 
 #define MISSING_PID_T
 #define MISSING_STRFTIME_E