Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

postfix 2.3.2

This commit is contained in:
rpaulo 2006-08-01 00:02:30 +00:00
parent ded0447fa8
commit a9b05de333
58 changed files with 858 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
gnu/dist/postfix/HISTORY vendored
View File

@ -12188,17 +12188,18 @@ Apologies for any names omitted.
20060510
Preliminary TLS_README and postconf(5) changes completed.
Victor Duchovni.
Added smtp_tls_policy_maps and smtp_tls_protocols features
to the smtp/lmtp client, changed smtp_tls_cipherlist to
only apply when TLS is mandatory.
only apply when TLS is mandatory. Victor Duchovni.
20060512
Destinations that share a common server may have distinct
TLS protocol and cipherlist requirements, with mandatory
TLS add the protocol and cipherlist values to the TLS session
lookup key.
lookup key. Victor Duchovni.
20060516
@ -12228,14 +12229,14 @@ Apologies for any names omitted.
The smtp_tls_policy_maps table now implements parent domain
matching for destinations that are bare domains (without
enclosin [] or optional :port suffix). This allows one to
enclosing [] or optional :port suffix). This allows one to
set TLS policy for a domain and all sub-domains. Victor
Duchovni.
20060519
The same parameter can bind to different variables in
different daemons, ignore the variable name when eliminating
different daemons. Ignore the variable name when eliminating
duplicates in extract.awk. Victor Duchovni.
20060523
@ -12482,7 +12483,7 @@ Apologies for any names omitted.
after an opportunistic TLS handshake fails. Specify
"smtp_sasl_auth_enforce = no" to deliver mail anyway. File:
smtp/smtp_proto.c. See workaround 20060711 for sender-dependent
SASL passwords.
SASL passwords. This was undone with the 20060719 workaround.
20060709
@ -12523,9 +12524,10 @@ Apologies for any names omitted.
after the header label and ":" in an interesting manner.
It eats one space (not tab). File: milter/milter8.c.
Workaround: if sender-depedendent SASL passwords are enabled,
Workaround: if sender-dependent SASL passwords are enabled,
don't defer delivery when a SASL password exists but the
server doesn't announce SASL support. File: smtp/smtp_proto.c.
This was undone with the 20060719 workaround.
Cleanup: format of cleanup milter reject messages. File:
cleanup_milter.c.
@ -12533,3 +12535,105 @@ Apologies for any names omitted.
Bugfix: file/memory leak if a transfer of multiple milters
from smtpd to cleanup broke in the middle. Found by Coverity.
File: milter/milter.c.
20060716
Bugfix: "sendmail -bs" panic caused by a missing
SMTPD_STATE_ALONE() guard before a milter_abort() call.
File: smtpd/smtpd.c.
Bugfix (bug introduced with Postfix 2.2): the Postfix SMTP
client enforced Mandatory TLS only when talking to an ESMTP
server; enforcement did not happen if Postfix could somehow
be forced to send HELO instead of EHLO. Victor Duchovni.
File: src/smtp/smtp_proto.c.
20060718
Bugfix (bug introduced 20060711): null pointer bug when
rejecting SMTP mail with Milter application. File:
cleanup/cleanup_milter.c.
Workaround (problem introduced in 200605/200606 TLS update):
the Postfix SMTP server now issues TLS session IDs even
when TLS session caching is turned off, otherwise MS Outlook
fails to deliver mail. There may also be interoperability
issues with other MTAs that we haven't discovered yet.
Specify "smtpd_tls_always_issue_session_ids = no" to disable
the workaround. Victor Duchovni. Files: smtpd/smtpd.c,
tls/tls_server.c.
20060719
Cleanup: the smtp_sasl_auth_enforce feature is gone. It was
meant to work around a problem that was introduced with
plaintext fallback after a failed TLS handshake. Unfortunately,
it created more problems than it solved. We now address the
underlying problem more directly as described next. File:
smtp/smtp_proto.c.
Safety: don't fall back to plaintext delivery after failed
TLS handshake, when the Postfix SMTP client would have
attempted to log in with SASL after successful TLS handshake.
This avoids undesirable behavior regardless of whether the
server does support SASL over plaintext (unexpected password
disclosure) and whether the server doesn't support SASL
over plaintext (insufficient mail relay permission). Files:
smtp/smtp_connect.c, smtp/smtp_session.c, smtp/smtp_proto.c.
20060720
Compatibility: replace %% in milter replies by %, and strip
single (i.e. invalid) % characters. File: milter/milter8.c.
Compatibility: $_ macro support for Milter applications.
Files: smtpd/smtpd.c, smtpd/smtpd_milter.c,
cleanup/cleanup_state.c, cleanup/cleanup_milter.c.
20060721
Safety: disable Milter processing after "postsuper -r". If
the mail has been filtered there is no need to do it again.
Moreover, when mail has passed through an external content
filter, we don't have sufficient information to reproduce
the exact same SMTP events and Sendmail macros that Milters
received when the mail originally arrived in Postfix. This
change does not affect Milter applications that run behind
an after-queue content filter. File: pickup/pickup.c.
Bugfix: Milters received a truncated ORCPT=xxx parameter
due to destructive parsing of something that didn't have
to be preserved before Milter support was added to Postfix.
File: smtpd/smtpd.c.
20060724
Bugfix: when updating the same header multiple times, the
Postfix Milter client created a queue file that caused
delivery agents to loop. File: cleanup/cleanup_milter.c.
20060725
Bugfix: damaged queue file record after a Milter request
to modify a message header when 1) it was the last header
in the unmodified message, and 2) the old header was less
than 15 characters long. File: cleanup/cleanup_milter.c.
Bugfix: don't panic in smtp_rcpt_cleanup() after detecting
a damaged queue file record. File: smtp/smtp_proto.c.
20060726
Bugfix: the 20051013 change to enforce the message size
limit in the SMTP server didn't work for size limits close
enough to INT_MAX. File: smtpd/smtpd.c.
Bugfix: after an SMTP client was rejected with "smtpd_delay_reject
= no", the SMTP server would panic as it generated spurious
Milter requests for unrecognized commands. File: smtpd/smtpd.c.
20060727
Cleanup: change redundant milter_abort() and milter_disc_event()
calls into NO-OPs. This avoids unnecessary panic() events
for completely harmless conditions. File: milter/milter8.c.

2
gnu/dist/postfix/Makefile.in vendored
View File

@ -61,6 +61,8 @@ depend_update:
tidy: clean
rm -f Makefile */Makefile src/*/Makefile
cp Makefile.init Makefile
rm -f README_FILES/RELEASE_NOTES
ln -s ../RELEASE_NOTES README_FILES
rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* \
junk */junk */*/junk \
*core */*core */*/*core \

2
gnu/dist/postfix/README_FILES/DB_README vendored
View File

@ -74,7 +74,7 @@ BBuuiillddiinngg PPoossttffiixx oonn BBSSDD ssyysstteem
Some BSD systems ship with multiple Berkeley DB implementations. Normally,
Postfix builds with the default DB version that ships with the system.
To build Postfix on BSD systems with a specific DB version, use a variant of
To build Postfix on BSD systems with a non-default DB version, use a variant of
the following commands:
% make tidy

2
gnu/dist/postfix/README_FILES/DSN_README vendored
View File

@ -11,7 +11,7 @@ delivery notifications.
Specifically, DSN support gives an email sender the ability to specify:
* What notifications are sent: success, failure, delay, or none. Normally,
Postfix informs the sender only mail when delivery is delayed or when
Postfix informs the sender only when mail delivery is delayed or when
delivery fails.
* What content is returned in case of failure: only the message headers, or

10
gnu/dist/postfix/README_FILES/FILTER_README vendored
View File

@ -344,12 +344,10 @@ the Postfix master.cf file:
real client name IP address. See smtp(8) and XFORWARD_README for more
information.
* With "-o disable_mime_output_conversion=yes", the scan delivery agent will
not convert 8BITMIME mail to quoted-printable form while delivering to the
content filter, as that would invalidate domainkeys and other digital
signatures. This workaround is needed because some SMTP-based content
filters don't announce 8BITMIME support, even though they can handle it
just fine.
* The "-o disable_mime_output_conversion=yes" is a workaround that prevents
the breaking of domainkeys and other digital signatures. This is needed
because some SMTP-based content filters don't announce 8BITMIME support,
even though they can handle it just fine.
AAddvvaanncceedd ccoonntteenntt ffiilltteerr:: rruunnnniinngg tthhee ccoonntteenntt ffiilltteerr

13
gnu/dist/postfix/README_FILES/LINUX_README vendored
View File

@ -5,10 +5,15 @@ PPoossttffiixx aanndd LLiinnuuxx
BBeerrkkeelleeyy DDBB iissssuueess
Warning: if you can't compile Postfix because the file "db.h" isn't found, then
you MUST install the Berkeley DB development package (package name: db???-
devel-???) that comes with your Linux system. Only that package contains the
files that correspond to the Berkeley DB version that is used by the system
library routines.
you MUST install the Berkeley DB development package (name: db???-devel-???)
that matches your system library. You can find out what is installed with the
rpm command. For example:
$ rrppmm --qqff //uussrr//lliibb//lliibbddbb..ssoo
db4-4.3.29-2
This means that you need to install db4-devel-4.3.29-2 (on some systems,
specify /lib/libdb.so in the rpm query).
DO NOT download some Berkeley DB version from the network. Every Postfix
program will dump core when it is built with a different Berkeley DB version

11
gnu/dist/postfix/README_FILES/MILTER_README vendored
View File

@ -104,7 +104,7 @@ On other platforms you have two options:
Sendmail source code instead:
$ ggzzccaatt sseennddmmaaiill--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd sseennddmmaaiill--xx..yy..zz
$ ccdd sseennddmmaaiill--xx..yy..zz//lliibbmmiilltteerr
$ mmaakkee
[...lots of output omitted...]
@ -316,6 +316,9 @@ workarounds section below for solutions.
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|j |Always |value of myhostname |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|_ |Always |The validated client name |
| | |and address |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|{auth_authen} |MAIL, DATA, EOM |SASL login name |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|{auth_author} |MAIL, DATA, EOM |SASL sender |
@ -382,9 +385,9 @@ message).
WWoorrkkaarroouunnddss
Content filters may break domain key etc. signatures. If you use an SMTP-based
filter as described in FILTER_README, then you should add a line to master.cf
with "disable_mime_output_conversion = yes", as described in the advanced
content filter example.
content filter, then you should add a line to master.cf with "-
o disable_mime_output_conversion=yes" (note: no spaces around the "="), as
described in the advanced content filter example.
Sendmail Milter applications were originally developed for the Sendmail version
8 MTA, which has a different architecture than Postfix. The result is that some

5
gnu/dist/postfix/README_FILES/SASL_README vendored
View File

@ -71,13 +71,14 @@ no need to link extra libraries into Postfix.
To generate the necessary Makefiles, execute the following in the Postfix top-
level directory:
% make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SASL_SERVER=\"dovecot\"'
% make makefiles CCARGS='-DUSE_SASL_AUTH -
DDEF_SASL_SERVER_TYPE=\"dovecot\"'
After this, proceed with "make" as described in the INSTALL document.
Notes:
* The "-DDEF_SASL_SERVER" stuff is not necessary; it just makes Postfix
* The "-DDEF_SASL_SERVER_TYPE" stuff is not necessary; it just makes Postfix
configuration a little more convenient because you don't have to specify
the SASL plug-in type in the Postfix main.cf file.

34
gnu/dist/postfix/README_FILES/TLS_README vendored
View File

@ -323,8 +323,8 @@ port<>25 and OE (5.01 Mac on all ports).
It is strictly discouraged to use this mode from main.cf. If you want to
support this service, enable a special port in master.cf and specify "-
o smtpd_tls_wrappermode = yes" as an smtpd(8) command line option. Port 465
(smtps) was once chosen for this feature.
o smtpd_tls_wrappermode=yes" (note: no space around the "=") as an smtpd(8)
command line option. Port 465 (smtps) was once chosen for this feature.
Example:
@ -426,6 +426,17 @@ Example:
/etc/postfix/main.cf:
smtpd_tls_session_cache_timeout = 3600s
When the Postfix SMTP server does not save TLS sessions to an external cache
database, client-side session caching is unlikely to be useful. To prevent such
wastage, the Postfix SMTP server can be configured to not issue TLS session
ids. By default the Postfix SMTP server always issues TLS session ids. This
works around known interoperability issues with some MUAs, and prevents
possible interoperability issues with other MTAs.
Example:
smtpd_tls_always_issue_session_ids = no
SSeerrvveerr aacccceessss ccoonnttrrooll
Postfix TLS support introduces three additional features for Postfix SMTP
@ -1421,15 +1432,18 @@ perfect match between the server hostname and the server certificate, there is
no guarantee that Postfix is connected to the right server. To avoid this
loophole, take all of the following steps:
1. Use a dedicated transport for all secure-channel deliveries.
1. Use a dedicated message delivery transport (for example, "securetls") as
illustrated below.
2. Eliminate MX lookups. Specify local transport(5) table entries for
sensitive domains with explicit smtp:[mailhost] or smtp:[mailhost]:port
destinations (you can assure security of this table unlike DNS); in the
smtp_tls_per_site table, specify the value "MUST" for the key [mailhost] or
smtp:[mailhost]:port. This prevents false hostname information in DNS MX
records from changing Postfix's notion of the server hostname that is used
for TLS policy lookup and server certificate verification.
sensitive domains with explicit securetls:[mailhost] or securetls:
[mailhost]:port destinations (you can assure security of this table unlike
DNS). This prevents false hostname information in DNS MX records from
changing Postfix's notion of the server hostname that is used for TLS
policy lookup and server certificate verification. The "securetls"
transport is configured to enforce TLS with peername verification, and to
disable the SMTP connection cache which could interfere with enforcement of
smtp_tls_per_site policies.
3. Disallow CNAME hostname overrides. In main.cf, specify
"smtp_cname_overrides_servername = no". This prevents false hostname
@ -1459,8 +1473,6 @@ the need for per-site table entries for secure-channel destinations.
/etc/postfix/master.cf:
securetls unix - - n - 100 smtp
-o smtp_connection_cache_on_demand=no
-o smtp_connection_cache_destinations=
-o smtp_enforce_tls=yes
-o smtp_tls_enforce_peername=yes

2
gnu/dist/postfix/html/DB_README.html vendored
View File

@ -112,7 +112,7 @@ Berkeley DB versions</a></h2>
Normally, Postfix builds with the default DB version that ships
with the system. </p>
<p> To build Postfix on BSD systems with a specific DB version,
<p> To build Postfix on BSD systems with a non-default DB version,
use a variant of the following commands: </p>
<blockquote>

6
gnu/dist/postfix/html/DSN_README.html vendored
View File

@ -30,7 +30,7 @@ specify: </p>
<ul>
<li> <p> What notifications are sent: success, failure, delay, or
none. Normally, Postfix informs the sender only mail when delivery
none. Normally, Postfix informs the sender only when mail delivery
is delayed or when delivery fails. </p>
<li> <p> What content is returned in case of failure: only the
@ -83,7 +83,7 @@ strangers (see below for how to turn this off for all clients):
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> =
<a href="cidr_table.5.html">cidr</a>:/etc/postfix/esmtp_access
@ -100,7 +100,7 @@ use the <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> = silent-discard, dsn
</pre>
</blockquote>

10
gnu/dist/postfix/html/FILTER_README.html vendored
View File

@ -634,12 +634,10 @@ after-filter smtpd process, so that filtered mail is logged with
the real client name IP address. See <a href="smtp.8.html">smtp(8)</a> and <a href="XFORWARD_README.html">XFORWARD_README</a>
for more information. </p>
<li> <p> With "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes", the scan
delivery agent will not convert 8BITMIME mail to quoted-printable
form while delivering to the content filter, as that would invalidate
domainkeys and other digital signatures. This workaround is needed
because some SMTP-based content filters don't announce 8BITMIME
support, even though they can handle it just fine. </p>
<li> <p> The "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes" is a workaround
that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
</ul>

15
gnu/dist/postfix/html/LINUX_README.html vendored
View File

@ -21,11 +21,20 @@
<p> Warning: if you can't compile Postfix because the file "db.h"
isn't found, then you MUST install the Berkeley DB development
package (package name: db???-devel-???) that comes with your Linux
system. Only that package contains the files that correspond to the
Berkeley DB version that is used by the system library routines.
package (name: db???-devel-???) that matches your system library.
You can find out what is installed with the rpm command. For example:
</p>
<blockquote>
<pre>
$ <b>rpm -qf /usr/lib/libdb.so</b>
db4-4.3.29-2
</pre>
</blockquote>
<p> This means that you need to install db4-devel-4.3.29-2 (on
some systems, specify <tt>/lib/libdb.so</tt> in the rpm query). </p>
<p> DO NOT download some Berkeley DB version from the network.
Every Postfix program will dump core when it is built with a different
Berkeley DB version than the version that is used by the system

11
gnu/dist/postfix/html/MILTER_README.html vendored
View File

@ -228,7 +228,7 @@ library from Sendmail source code instead: </p>
<blockquote>
<pre>
$ <b>gzcat sendmail-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd sendmail-<i>x.y.z</i></b>
$ <b>cd sendmail-<i>x.y.z</i>/libmilter</b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
@ -521,6 +521,9 @@ href="#workarounds">workarounds</a> section below for solutions.
<tr> <td> j </td> <td> Always </td> <td> value of <a href="postconf.5.html#myhostname">myhostname</a> </td>
</tr>
<tr> <td> _ </td> <td> Always </td> <td> The validated client name
and address </td> </tr>
<tr> <td> {auth_authen} </td> <td> MAIL, DATA, EOM </td> <td> SASL
login name </td> </tr>
@ -613,9 +616,9 @@ TO </td> </tr>
<h2><a name="workarounds">Workarounds</a></h2>
<p> Content filters may break domain key etc. signatures. If you
use an SMTP-based filter as described in <a href="FILTER_README.html">FILTER_README</a>, then you
should add a line to <a href="master.5.html">master.cf</a> with "<a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>
= yes", as described in the <a
use an SMTP-based content filter, then you should add a line to
<a href="master.5.html">master.cf</a> with "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes" (note: no
spaces around the "="), as described in the <a
href="FILTER_README.html#advanced_filter">advanced content filter</a>
example. </p>

4
gnu/dist/postfix/html/SASL_README.html vendored
View File

@ -127,7 +127,7 @@ in the Postfix top-level directory: </p>
<blockquote>
<pre>
% make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SASL_SERVER=\"dovecot\"'
% make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SASL_SERVER_TYPE=\"dovecot\"'
</pre>
</blockquote>
@ -138,7 +138,7 @@ in the Postfix top-level directory: </p>
<ul>
<li> <p> The "-DDEF_SASL_SERVER" stuff is not necessary; it just
<li> <p> The "-DDEF_SASL_SERVER_TYPE" stuff is not necessary; it just
makes Postfix configuration a little more convenient because you
don't have to specify the SASL plug-in type in the Postfix <a href="postconf.5.html">main.cf</a>
file. </p>

51
gnu/dist/postfix/html/TLS_README.html vendored
View File

@ -490,8 +490,9 @@ and OE (5.01 Mac on all ports). </p>
<p> It is strictly discouraged to use this mode from <a href="postconf.5.html">main.cf</a>. If
you want to support this service, enable a special port in <a href="master.5.html">master.cf</a>
and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> = yes" as an <a href="smtpd.8.html">smtpd(8)</a> command
line option. Port 465 (smtps) was once chosen for this feature.
and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" (note: no space around
the "=") as an <a href="smtpd.8.html">smtpd(8)</a> command line option. Port 465 (smtps) was
once chosen for this feature.
</p>
<p> Example: </p>
@ -631,6 +632,22 @@ recommends a maximum of 24 hours. </p>
</pre>
</blockquote>
<p> When the Postfix SMTP server does not save TLS sessions to an
external cache database, client-side session caching is unlikely
to be useful. To prevent such wastage, the Postfix SMTP server can
be configured to not issue TLS session ids. By default the Postfix
SMTP server always issues TLS session ids. This works around known
interoperability issues with some MUAs, and prevents possible
interoperability issues with other MTAs. </p>
<p> Example: </p>
<blockquote>
<pre>
<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> = no
</pre>
</blockquote>
<h3><a name="server_access">Server access control</a> </h3>
<p> Postfix TLS support introduces three additional features for
@ -1822,10 +1839,10 @@ the following information: </p>
<dl>
<dt> remote SMTP server hostname </dt> <dd> This is simply the DNS
name of the server that the Postfix SMTP client connects to; this name
may be obtained from other DNS lookups, such as MX lookups or CNAME
lookups. Use of the hostname lookup key is discouraged; always use the
next-hop destination instead. </dd>
name of the server that the Postfix SMTP client connects to; this
name may be obtained from other DNS lookups, such as MX lookups or
CNAME lookups. Use of the hostname lookup key is discouraged; always
use the next-hop destination instead. </dd>
<dt> next-hop destination </dt> <dd> This is normally the domain portion
of the recipient address, but it may be overridden by information from
@ -1924,17 +1941,19 @@ steps: </p>
<ol>
<li> <p> Use a dedicated transport for all secure-channel deliveries. </p>
<li> <p> Use a dedicated message delivery transport (for example,
"securetls") as illustrated below. </p>
<li> <p> Eliminate MX lookups. Specify local <a href="transport.5.html">transport(5)</a> table
entries for sensitive domains with explicit <a href="smtp.8.html">smtp</a>:[<i>mailhost</i>]
or <a href="smtp.8.html">smtp</a>:[<i>mailhost</i>]:<i>port</i> destinations (you can assure
security of this table unlike DNS); in the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a>
table, specify the value "MUST" for the key [<i>mailhost</i>] or
<a href="smtp.8.html">smtp</a>:[<i>mailhost</i>]:<i>port</i>. This prevents false hostname
information in DNS MX records from changing Postfix's notion of the
server hostname that is used for TLS policy lookup and server certificate
verification. </p>
entries for sensitive domains with explicit securetls:[<i>mailhost</i>]
or securetls:[<i>mailhost</i>]:<i>port</i> destinations (you can
assure security of this table unlike DNS). This prevents false
hostname information in DNS MX records from changing Postfix's
notion of the server hostname that is used for TLS policy lookup
and server certificate verification. The "securetls" transport is
configured to enforce TLS with peername verification, and to disable
the SMTP connection cache which could interfere with enforcement
of <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> policies. </p>
<li> <p> Disallow CNAME hostname overrides. In <a href="postconf.5.html">main.cf</a>, specify
"<a href="postconf.5.html#smtp_cname_overrides_servername">smtp_cname_overrides_servername</a> = no". This prevents false hostname
@ -1971,8 +1990,6 @@ destinations. </p>
/etc/postfix/<a href="master.5.html">master.cf</a>:
securetls unix - - n - 100 smtp
-o <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>=no
-o <a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>=
-o <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>=yes
-o <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>=yes
</pre>

17
gnu/dist/postfix/html/lmtp.8.html vendored
View File

@ -293,13 +293,6 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a> (yes)</b>
If sender-dependent SASL passwords are turned off,
defer mail delivery when an SMTP server does not
support SASL authentication, while <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_pass</a>-
<a href="postconf.5.html#smtp_sasl_password_maps">word_maps</a> contains SASL login/password information
for that server.
<b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
Enable sender-dependent authentication in the Post-
fix SMTP client; this is available only with SASL
@ -387,6 +380,16 @@ SMTP(8) SMTP(8)
offers STARTTLS, when TLS is not already enabled
for that server.
<b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client
TLS security policy by next-hop destination; when a
non-empty value is specified, this overrides the
obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
<b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (SSLv3, TLSv1)</b>
List of TLS protocols that the Postfix SMTP client
will use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
The verification depth for remote SMTP server cer-
tificates.

56
gnu/dist/postfix/html/postconf.5.html vendored
View File

@ -3556,17 +3556,6 @@ Enable SASL authentication in the Postfix LMTP client.
</p>
</DD>
<DT><b><a name="lmtp_sasl_auth_enforce">lmtp_sasl_auth_enforce</a>
(default: yes)</b></DT><DD>
<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a>
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="lmtp_sasl_mechanism_filter">lmtp_sasl_mechanism_filter</a>
@ -7590,19 +7579,6 @@ Example:
</pre>
</DD>
<DT><b><a name="smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a>
(default: yes)</b></DT><DD>
<p> If sender-dependent SASL passwords are turned off, defer mail
delivery when an SMTP server does not support SASL authentication,
while <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> contains SASL login/password information
for that server. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
@ -9819,7 +9795,7 @@ null sender address.
<DT><b><a name="smtpd_peername_lookup">smtpd_peername_lookup</a>
(default: yes)</b></DT><DD>
<p> Attempt to look up the Postfix SMTP client hostname, and verify that
<p> Attempt to look up the remote SMTP client hostname, and verify that
the name matches the client IP address. A client name is set to
"unknown" when it cannot be looked up or verified, or when name
lookup is disabled. Turning off name lookup reduces delays due to
@ -10780,6 +10756,36 @@ feature is therefore not recommended. </p>
<p> This feature is available in Postfix 2.2 and later. </p>
</DD>
<DT><b><a name="smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>
(default: yes)</b></DT><DD>
<p> Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
is empty). This behavior is compatible with Postfix &lt; 2.3. </p>
<p> With Postfix 2.3 and later the Postfix SMTP server can disable
session id generation when TLS session caching is turned off. This
keeps clients from caching sessions that almost certainly cannot
be re-used. </p>
<p> By default, the Postfix SMTP server always generates TLS session
ids. This works around a known defect in mail client applications
such as MS Outlook, and may also prevent interoperability issues
with other MTAs. </p>
<p> Example: </p>
<blockquote>
<pre>
<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> = no
</pre>
</blockquote>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>

4
gnu/dist/postfix/html/postfix-manuals.html vendored
View File

@ -113,9 +113,9 @@ the following convention: </p>
<li> <a href="bounce.5.html">bounce(5)</a>, Postfix bounce message templates
<li> <a href="master.5.html">master(5)</a>, Postfix master.cf file syntax
<li> <a href="master.5.html">master(5)</a>, Postfix <a href="master.5.html">master.cf</a> file syntax
<li> <a href="postconf.5.html">postconf(5)</a>, Postfix main.cf file syntax
<li> <a href="postconf.5.html">postconf(5)</a>, Postfix <a href="postconf.5.html">main.cf</a> file syntax
</ul>

34
gnu/dist/postfix/html/postfix.1.html vendored
View File

@ -62,7 +62,7 @@ POSTFIX(1) POSTFIX(1)
<b>postfix-files</b> file.
Specify <i>name</i>=<i>value</i> to override and update specific
main.cf configuration parameters. Use this, for
<a href="postconf.5.html">main.cf</a> configuration parameters. Use this, for
example, to change the <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> or <b><a href="postconf.5.html#setgid_group">setgid_group</a></b>
setting for an already installed Postfix system.
@ -71,13 +71,13 @@ POSTFIX(1) POSTFIX(1)
<b>fix/post-install set-permissions</b>".
<b>upgrade-configuration [</b><i>name</i>=<i>value ...</i><b>]</b>
Update the <b>main.cf</b> and <b>master.cf</b> files with infor-
Update the <a href="postconf.5.html"><b>main.cf</b></a> and <a href="master.5.html"><b>master.cf</b></a> files with infor-
mation that Postfix needs in order to run: add or
update services, and add or update configuration
parameter settings.
Specify <i>name</i>=<i>value</i> to override and update specific
main.cf configuration parameters.
<a href="postconf.5.html">main.cf</a> configuration parameters.
This feature is available in Postfix 2.1 and later.
With Postfix 2.0 and earlier, use "<b>/etc/post-</b>
@ -86,7 +86,7 @@ POSTFIX(1) POSTFIX(1)
The following options are implemented:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
Read the <b>main.cf</b> and <b>master.cf</b> configuration files
Read the <a href="postconf.5.html"><b>main.cf</b></a> and <a href="master.5.html"><b>master.cf</b></a> configuration files
in the named directory instead of the default con-
figuration directory. Use this to distinguish
between multiple Postfix instances on the same
@ -118,7 +118,7 @@ POSTFIX(1) POSTFIX(1)
present.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> configuration parameters are
The following <a href="postconf.5.html"><b>main.cf</b></a> configuration parameters are
exported as environment variables with the same names:
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
@ -130,8 +130,8 @@ POSTFIX(1) POSTFIX(1)
daemon programs.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
master.cf configuration files.
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
@ -173,8 +173,8 @@ POSTFIX(1) POSTFIX(1)
Other configuration parameters:
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
master.cf configuration files.
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment parameters that a Postfix
@ -190,8 +190,8 @@ POSTFIX(1) POSTFIX(1)
becomes, for example, "postfix/smtpd".
<b>FILES</b>
/etc/postfix/main.cf, Postfix configuration parameters
/etc/postfix/master.cf, Postfix daemon processes
/etc/postfix/<a href="postconf.5.html">main.cf</a>, Postfix configuration parameters
/etc/postfix/<a href="master.5.html">master.cf</a>, Postfix daemon processes
/etc/postfix/postfix-files, file/directory permissions
/etc/postfix/postfix-script, administrative commands
/etc/postfix/post-install, post-installation configuration
@ -214,8 +214,8 @@ POSTFIX(1) POSTFIX(1)
Postfix configuration:
<a href="bounce.5.html">bounce(5)</a>, Postfix bounce message templates
<a href="master.5.html">master(5)</a>, Postfix master.cf file syntax
<a href="postconf.5.html">postconf(5)</a>, Postfix main.cf file syntax
<a href="master.5.html">master(5)</a>, Postfix <a href="master.5.html">master.cf</a> file syntax
<a href="postconf.5.html">postconf(5)</a>, Postfix <a href="postconf.5.html">main.cf</a> file syntax
Table-driven mechanisms:
<a href="access.5.html">access(5)</a>, Postfix SMTP access control table
@ -283,6 +283,14 @@ POSTFIX(1) POSTFIX(1)
P.O. Box 704
Yorktown Heights, NY 10598, USA
TLS support by:
Lutz Jaenicke
Brandenburg University of Technology
Cottbus, Germany
Victor Duchovni
Morgan Stanley
SASL support originally by:
Till Franke
SuSE Rhein/Main AG

42
gnu/dist/postfix/html/postsuper.1.html vendored
View File

@ -30,7 +30,7 @@ POSTSUPER(1) POSTSUPER(1)
Options:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
The <b>main.cf</b> configuration file is in the named
The <a href="postconf.5.html"><b>main.cf</b></a> configuration file is in the named
directory instead of the default configuration
directory. See also the MAIL_CONFIG environment
setting below.
@ -136,12 +136,32 @@ POSTSUPER(1) POSTSUPER(1)
case.
A requeued message is moved to the <b>maildrop</b> queue,
from where it is copied by the pickup daemon to a
new file whose name is guaranteed to match the new
queue file inode number. The new queue file is sub-
jected again to mail address rewriting and substi-
tution. This is useful when rewriting rules or vir-
tual mappings have changed.
from where it is copied by the <a href="pickup.8.html"><b>pickup</b>(8)</a> and
<a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemons to a new queue file. In many
respects its handling differs from that of a new
local submission.
<b>o</b> The message is not subjected to the
<a href="postconf.5.html#smtpd_milters">smtpd_milters</a> or <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a> settings.
When mail has passed through an external
content filter, this would produce incorrect
results with Milter applications that depend
on original SMTP connection state informa-
tion.
<b>o</b> The message is subjected again to mail
address rewriting and substitution. This is
useful when rewriting rules or virtual map-
pings have changed.
The address rewriting context (local or
remote) is the same as when the message was
received.
<b>o</b> The message is subjected to the same <a href="postconf.5.html#content_filter">con</a>-
<a href="postconf.5.html#content_filter">tent_filter</a> settings (if any) as used for
new local mail submissions. This is useful
when <a href="postconf.5.html#content_filter">content_filter</a> settings have changed.
Warning: Postfix queue IDs are reused. There is a
very small possibility that <a href="postsuper.1.html"><b>postsuper</b>(1)</a> requeues
@ -180,21 +200,21 @@ POSTSUPER(1) POSTSUPER(1)
<b>ENVIRONMENT</b>
MAIL_CONFIG
Directory with the <b>main.cf</b> file.
Directory with the <a href="postconf.5.html"><b>main.cf</b></a> file.
<b>BUGS</b>
Mail that is not sanitized by Postfix (i.e. mail in the
<b>maildrop</b> queue) cannot be placed "on hold".
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
master.cf configuration files.
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> (1)</b>
The number of subdirectory levels for queue direc-

17
gnu/dist/postfix/html/smtp.8.html vendored
View File

@ -293,13 +293,6 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a> (yes)</b>
If sender-dependent SASL passwords are turned off,
defer mail delivery when an SMTP server does not
support SASL authentication, while <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_pass</a>-
<a href="postconf.5.html#smtp_sasl_password_maps">word_maps</a> contains SASL login/password information
for that server.
<b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
Enable sender-dependent authentication in the Post-
fix SMTP client; this is available only with SASL
@ -387,6 +380,16 @@ SMTP(8) SMTP(8)
offers STARTTLS, when TLS is not already enabled
for that server.
<b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client
TLS security policy by next-hop destination; when a
non-empty value is specified, this overrides the
obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
<b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (SSLv3, TLSv1)</b>
List of TLS protocols that the Postfix SMTP client
will use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
The verification depth for remote SMTP server cer-
tificates.

18
gnu/dist/postfix/html/smtpd.8.html vendored
View File

@ -130,6 +130,13 @@ SMTPD(8) SMTPD(8)
Postpone the start of an SMTP mail transaction
until a valid RCPT TO command is received.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b>
Force the Postfix SMTP server to issue a TLS ses-
sion id, even when TLS session caching is turned
off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> is empty).
<b>ADDRESS REWRITING CONTROLS</b>
See the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document for a detailed
discussion of Postfix address rewriting.
@ -355,6 +362,11 @@ SMTPD(8) SMTPD(8)
authority (CA) that issued the Postfix SMTP server
certificate.
<b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b>
Force the Postfix SMTP server to issue a TLS ses-
sion id, even when TLS session caching is turned
off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> is empty).
<b><a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> (no)</b>
Ask a remote SMTP client for a client certificate.
@ -694,9 +706,9 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtpd_peername_lookup">smtpd_peername_lookup</a> (yes)</b>
Attempt to look up the Postfix SMTP client host-
name, and verify that the name matches the client
IP address.
Attempt to look up the remote SMTP client hostname,
and verify that the name matches the client IP
address.
The per SMTP client connection count and request rate lim-
its are implemented in co-operation with the <a href="anvil.8.html"><b>anvil</b>(8)</a> ser-

10
gnu/dist/postfix/man/man1/postfix.1 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: postfix.1,v 1.1.1.8 2006/07/19 01:16:44 rpaulo Exp $
.\" $NetBSD: postfix.1,v 1.1.1.9 2006/08/01 00:02:54 rpaulo Exp $
.\"
.TH POSTFIX 1
.ad
@ -261,6 +261,14 @@ IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
TLS support by:
Lutz Jaenicke
Brandenburg University of Technology
Cottbus, Germany
Victor Duchovni
Morgan Stanley
SASL support originally by:
Till Franke
SuSE Rhein/Main AG

32
gnu/dist/postfix/man/man1/postsuper.1 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: postsuper.1,v 1.1.1.8 2006/07/19 01:16:44 rpaulo Exp $
.\" $NetBSD: postsuper.1,v 1.1.1.9 2006/08/01 00:02:55 rpaulo Exp $
.\"
.TH POSTSUPER 1
.ad
@ -129,13 +129,31 @@ the program reads queue IDs from standard input.
Specify \fB-r ALL\fR to requeue all messages. As a safety
measure, the word \fBALL\fR must be specified in upper case.
.sp
A requeued message is moved to the \fBmaildrop\fR queue, from
where it is copied by the pickup daemon to a new file whose name
is guaranteed to match the new queue file inode number. The
new queue file is subjected again to mail address rewriting and
substitution. This is useful when rewriting rules or virtual
mappings have changed.
A requeued message is moved to the \fBmaildrop\fR queue,
from where it is copied by the \fBpickup\fR(8) and
\fBcleanup\fR(8) daemons to a new queue file. In many
respects its handling differs from that of a new local
submission.
.RS
.IP \(bu
The message is not subjected to the smtpd_milters or
non_smtpd_milters settings. When mail has passed through
an external content filter, this would produce incorrect
results with Milter applications that depend on original
SMTP connection state information.
.IP \(bu
The message is subjected again to mail address rewriting
and substitution. This is useful when rewriting rules or
virtual mappings have changed.
.sp
The address rewriting context (local or remote) is the same
as when the message was received.
.IP \(bu
The message is subjected to the same content_filter settings
(if any) as used for new local mail submissions. This is
useful when content_filter settings have changed.
.RE
.IP
Warning: Postfix queue IDs are reused.
There is a very small possibility that \fBpostsuper\fR(1) requeues
the wrong message file when it is executed while the Postfix mail

14
gnu/dist/postfix/man/man8/smtp.8 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: smtp.8,v 1.1.1.11 2006/07/19 01:16:49 rpaulo Exp $
.\" $NetBSD: smtp.8,v 1.1.1.12 2006/08/01 00:03:05 rpaulo Exp $
.\"
.TH SMTP 8
.ad
@ -264,11 +264,6 @@ If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms.
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsmtp_sasl_auth_enforce (yes)\fR"
If sender-dependent SASL passwords are turned off, defer mail
delivery when an SMTP server does not support SASL authentication,
while smtp_sasl_password_maps contains SASL login/password information
for that server.
.IP "\fBsmtp_sender_dependent_authentication (no)\fR"
Enable sender-dependent authentication in the Postfix SMTP client; this is
available only with SASL authentication, and disables SMTP connection
@ -329,6 +324,13 @@ Enable additional Postfix SMTP client logging of TLS activity.
.IP "\fBsmtp_tls_note_starttls_offer (no)\fR"
Log the hostname of a remote SMTP server that offers STARTTLS,
when TLS is not already enabled for that server.
.IP "\fBsmtp_tls_policy_maps (empty)\fR"
Optional lookup tables with the Postfix SMTP client TLS security
policy by next-hop destination; when a non-empty value is specified,
this overrides the obsolete smtp_tls_per_site parameter.
.IP "\fBsmtp_tls_mandatory_protocols (SSLv3, TLSv1)\fR"
List of TLS protocols that the Postfix SMTP client will use
with mandatory TLS encryption.
.IP "\fBsmtp_tls_scert_verifydepth (5)\fR"
The verification depth for remote SMTP server certificates.
.IP "\fBsmtp_tls_secure_cert_match (nexthop, dot-nexthop)\fR"

14
gnu/dist/postfix/man/man8/smtpd.8 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: smtpd.8,v 1.1.1.12 2006/07/19 01:16:49 rpaulo Exp $
.\" $NetBSD: smtpd.8,v 1.1.1.13 2006/08/01 00:03:05 rpaulo Exp $
.\"
.TH SMTPD 8
.ad
@ -126,6 +126,12 @@ to a remote SMTP client.
.IP "\fBsmtpd_delay_open_until_valid_rcpt (yes)\fR"
Postpone the start of an SMTP mail transaction until a valid
RCPT TO command is received.
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsmtpd_tls_always_issue_session_ids (yes)\fR"
Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (smtpd_tls_session_cache_database
is empty).
.SH "ADDRESS REWRITING CONTROLS"
.na
.nf
@ -312,6 +318,10 @@ The file with the certificate of the certification authority
.IP "\fBsmtpd_tls_CAfile (empty)\fR"
The file with the certificate of the certification authority
(CA) that issued the Postfix SMTP server certificate.
.IP "\fBsmtpd_tls_always_issue_session_ids (yes)\fR"
Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (smtpd_tls_session_cache_database
is empty).
.IP "\fBsmtpd_tls_ask_ccert (no)\fR"
Ask a remote SMTP client for a client certificate.
.IP "\fBsmtpd_tls_auth_only (no)\fR"
@ -564,7 +574,7 @@ before it is flushed upon receipt of EHLO, RSET, or end of DATA.
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsmtpd_peername_lookup (yes)\fR"
Attempt to look up the Postfix SMTP client hostname, and verify that
Attempt to look up the remote SMTP client hostname, and verify that
the name matches the client IP address.
.PP
The per SMTP client connection count and request rate limits are

3
gnu/dist/postfix/mantools/postlink vendored
View File

@ -253,7 +253,6 @@ while (<>) {
s;\blmtp_rcpt_timeout\b;<a href="postconf.5.html#lmtp_rcpt_timeout">$&</a>;g;
s;\blmtp_rset_timeout\b;<a href="postconf.5.html#lmtp_rset_timeout">$&</a>;g;
s;\blmtp_sasl_auth_enable\b;<a href="postconf.5.html#lmtp_sasl_auth_enable">$&</a>;g;
s;\blmtp_sasl_auth_enforce\b;<a href="postconf.5.html#lmtp_sasl_auth_enforce">$&</a>;g;
s;\blmtp_sasl_password_maps\b;<a href="postconf.5.html#lmtp_sasl_password_maps">$&</a>;g;
s;\blmtp_sasl_security_options\b;<a href="postconf.5.html#lmtp_sasl_security_options">$&</a>;g;
s;\blmtp_sasl_type\b;<a href="postconf.5.html#lmtp_sasl_type">$&</a>;g;
@ -526,7 +525,6 @@ while (<>) {
s;\bsmtp_[-</Bb>]*\n* *[<Bb>]*sasl_[-</Bb>]*\n* *[<Bb>]*tls_[-</Bb>]*\n* *[<Bb>]*secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_security_options">$&</a>;g;
s;\bsmtp_sasl_tls_verified_secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_verified_security_options">$&</a>;g;
s;\bsmtp_sasl_type\b;<a href="postconf.5.html#smtp_sasl_type">$&</a>;g;
s;\bsmtp_sasl_auth_enforce\b;<a href="postconf.5.html#smtp_sasl_auth_enforce">$&</a>;g;
s;\bsmtp_starttls_timeout\b;<a href="postconf.5.html#smtp_starttls_timeout">$&</a>;g;
s;\bsmtp_tls_CAfile\b;<a href="postconf.5.html#smtp_tls_CAfile">$&</a>;g;
s;\bsmtp_tls_CApath\b;<a href="postconf.5.html#smtp_tls_CApath">$&</a>;g;
@ -577,6 +575,7 @@ while (<>) {
s;\bsmtpd_tls_req_ccert\b;<a href="postconf.5.html#smtpd_tls_req_ccert">$&</a>;g;
s;\bsmtpd_tls_session_cache_database\b;<a href="postconf.5.html#smtpd_tls_session_cache_database">$&</a>;g;
s;\bsmtpd_tls_session_cache_timeout\b;<a href="postconf.5.html#smtpd_tls_session_cache_timeout">$&</a>;g;
s;\bsmtpd_tls_always_issue_session_ids\b;<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">$&</a>;g;
s;\bsmtpd_tls_wrappermode\b;<a href="postconf.5.html#smtpd_tls_wrappermode">$&</a>;g;
s;\bsmtpd_use_tls\b;<a href="postconf.5.html#smtpd_use_tls">$&</a>;g;
s;\btls_daemon_random_bytes\b;<a href="postconf.5.html#tls_daemon_random_bytes">$&</a>;g;

2
gnu/dist/postfix/proto/DB_README.html vendored
View File

@ -112,7 +112,7 @@ Berkeley DB versions</a></h2>
Normally, Postfix builds with the default DB version that ships
with the system. </p>
<p> To build Postfix on BSD systems with a specific DB version,
<p> To build Postfix on BSD systems with a non-default DB version,
use a variant of the following commands: </p>
<blockquote>

2
gnu/dist/postfix/proto/DSN_README.html vendored
View File

@ -30,7 +30,7 @@ specify: </p>
<ul>
<li> <p> What notifications are sent: success, failure, delay, or
none. Normally, Postfix informs the sender only mail when delivery
none. Normally, Postfix informs the sender only when mail delivery
is delayed or when delivery fails. </p>
<li> <p> What content is returned in case of failure: only the

10
gnu/dist/postfix/proto/FILTER_README.html vendored
View File

@ -634,12 +634,10 @@ after-filter smtpd process, so that filtered mail is logged with
the real client name IP address. See smtp(8) and XFORWARD_README
for more information. </p>
<li> <p> With "-o disable_mime_output_conversion=yes", the scan
delivery agent will not convert 8BITMIME mail to quoted-printable
form while delivering to the content filter, as that would invalidate
domainkeys and other digital signatures. This workaround is needed
because some SMTP-based content filters don't announce 8BITMIME
support, even though they can handle it just fine. </p>
<li> <p> The "-o disable_mime_output_conversion=yes" is a workaround
that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
</ul>

15
gnu/dist/postfix/proto/LINUX_README.html vendored
View File

@ -21,11 +21,20 @@
<p> Warning: if you can't compile Postfix because the file "db.h"
isn't found, then you MUST install the Berkeley DB development
package (package name: db???-devel-???) that comes with your Linux
system. Only that package contains the files that correspond to the
Berkeley DB version that is used by the system library routines.
package (name: db???-devel-???) that matches your system library.
You can find out what is installed with the rpm command. For example:
</p>
<blockquote>
<pre>
$ <b>rpm -qf /usr/lib/libdb.so</b>
db4-4.3.29-2
</pre>
</blockquote>
<p> This means that you need to install db4-devel-4.3.29-2 (on
some systems, specify <tt>/lib/libdb.so</tt> in the rpm query). </p>
<p> DO NOT download some Berkeley DB version from the network.
Every Postfix program will dump core when it is built with a different
Berkeley DB version than the version that is used by the system

11
gnu/dist/postfix/proto/MILTER_README.html vendored
View File

@ -228,7 +228,7 @@ library from Sendmail source code instead: </p>
<blockquote>
<pre>
$ <b>gzcat sendmail-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd sendmail-<i>x.y.z</i></b>
$ <b>cd sendmail-<i>x.y.z</i>/libmilter</b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
@ -521,6 +521,9 @@ href="#workarounds">workarounds</a> section below for solutions.
<tr> <td> j </td> <td> Always </td> <td> value of myhostname </td>
</tr>
<tr> <td> _ </td> <td> Always </td> <td> The validated client name
and address </td> </tr>
<tr> <td> {auth_authen} </td> <td> MAIL, DATA, EOM </td> <td> SASL
login name </td> </tr>
@ -613,9 +616,9 @@ TO </td> </tr>
<h2><a name="workarounds">Workarounds</a></h2>
<p> Content filters may break domain key etc. signatures. If you
use an SMTP-based filter as described in FILTER_README, then you
should add a line to master.cf with "disable_mime_output_conversion
= yes", as described in the <a
use an SMTP-based content filter, then you should add a line to
master.cf with "-o disable_mime_output_conversion=yes" (note: no
spaces around the "="), as described in the <a
href="FILTER_README.html#advanced_filter">advanced content filter</a>
example. </p>

4
gnu/dist/postfix/proto/SASL_README.html vendored
View File

@ -127,7 +127,7 @@ in the Postfix top-level directory: </p>
<blockquote>
<pre>
% make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SASL_SERVER=\"dovecot\"'
% make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SASL_SERVER_TYPE=\"dovecot\"'
</pre>
</blockquote>
@ -138,7 +138,7 @@ INSTALL document. </p>
<ul>
<li> <p> The "-DDEF_SASL_SERVER" stuff is not necessary; it just
<li> <p> The "-DDEF_SASL_SERVER_TYPE" stuff is not necessary; it just
makes Postfix configuration a little more convenient because you
don't have to specify the SASL plug-in type in the Postfix main.cf
file. </p>

51
gnu/dist/postfix/proto/TLS_README.html vendored
View File

@ -490,8 +490,9 @@ and OE (5.01 Mac on all ports). </p>
<p> It is strictly discouraged to use this mode from main.cf. If
you want to support this service, enable a special port in master.cf
and specify "-o smtpd_tls_wrappermode = yes" as an smtpd(8) command
line option. Port 465 (smtps) was once chosen for this feature.
and specify "-o smtpd_tls_wrappermode=yes" (note: no space around
the "=") as an smtpd(8) command line option. Port 465 (smtps) was
once chosen for this feature.
</p>
<p> Example: </p>
@ -631,6 +632,22 @@ recommends a maximum of 24 hours. </p>
</pre>
</blockquote>
<p> When the Postfix SMTP server does not save TLS sessions to an
external cache database, client-side session caching is unlikely
to be useful. To prevent such wastage, the Postfix SMTP server can
be configured to not issue TLS session ids. By default the Postfix
SMTP server always issues TLS session ids. This works around known
interoperability issues with some MUAs, and prevents possible
interoperability issues with other MTAs. </p>
<p> Example: </p>
<blockquote>
<pre>
smtpd_tls_always_issue_session_ids = no
</pre>
</blockquote>
<h3><a name="server_access">Server access control</a> </h3>
<p> Postfix TLS support introduces three additional features for
@ -1822,10 +1839,10 @@ the following information: </p>
<dl>
<dt> remote SMTP server hostname </dt> <dd> This is simply the DNS
name of the server that the Postfix SMTP client connects to; this name
may be obtained from other DNS lookups, such as MX lookups or CNAME
lookups. Use of the hostname lookup key is discouraged; always use the
next-hop destination instead. </dd>
name of the server that the Postfix SMTP client connects to; this
name may be obtained from other DNS lookups, such as MX lookups or
CNAME lookups. Use of the hostname lookup key is discouraged; always
use the next-hop destination instead. </dd>
<dt> next-hop destination </dt> <dd> This is normally the domain portion
of the recipient address, but it may be overridden by information from
@ -1924,17 +1941,19 @@ steps: </p>
<ol>
<li> <p> Use a dedicated transport for all secure-channel deliveries. </p>
<li> <p> Use a dedicated message delivery transport (for example,
"securetls") as illustrated below. </p>
<li> <p> Eliminate MX lookups. Specify local transport(5) table
entries for sensitive domains with explicit smtp:[<i>mailhost</i>]
or smtp:[<i>mailhost</i>]:<i>port</i> destinations (you can assure
security of this table unlike DNS); in the smtp_tls_per_site
table, specify the value "MUST" for the key [<i>mailhost</i>] or
smtp:[<i>mailhost</i>]:<i>port</i>. This prevents false hostname
information in DNS MX records from changing Postfix's notion of the
server hostname that is used for TLS policy lookup and server certificate
verification. </p>
entries for sensitive domains with explicit securetls:[<i>mailhost</i>]
or securetls:[<i>mailhost</i>]:<i>port</i> destinations (you can
assure security of this table unlike DNS). This prevents false
hostname information in DNS MX records from changing Postfix's
notion of the server hostname that is used for TLS policy lookup
and server certificate verification. The "securetls" transport is
configured to enforce TLS with peername verification, and to disable
the SMTP connection cache which could interfere with enforcement
of smtp_tls_per_site policies. </p>
<li> <p> Disallow CNAME hostname overrides. In main.cf, specify
"smtp_cname_overrides_servername = no". This prevents false hostname
@ -1971,8 +1990,6 @@ destinations. </p>
/etc/postfix/master.cf:
securetls unix - - n - 100 smtp
-o smtp_connection_cache_on_demand=no
-o smtp_connection_cache_destinations=
-o smtp_enforce_tls=yes
-o smtp_tls_enforce_peername=yes
</pre>

44
gnu/dist/postfix/proto/postconf.proto vendored
View File

@ -8941,7 +8941,7 @@ process instance while mail is being forwarded. </p>
%PARAM smtpd_peername_lookup yes
<p> Attempt to look up the Postfix SMTP client hostname, and verify that
<p> Attempt to look up the remote SMTP client hostname, and verify that
the name matches the client IP address. A client name is set to
"unknown" when it cannot be looked up or verified, or when name
lookup is disabled. Turning off name lookup reduces delays due to
@ -10367,22 +10367,6 @@ configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM smtp_sasl_auth_enforce yes
<p> If sender-dependent SASL passwords are turned off, defer mail
delivery when an SMTP server does not support SASL authentication,
while smtp_sasl_password_maps contains SASL login/password information
for that server. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM lmtp_sasl_auth_enforce yes
<p> The LMTP-specific version of the smtp_sasl_auth_enforce
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM smtpd_tls_security_level
<p> The SMTP TLS security level for the Postfix SMTP server; when
@ -10444,3 +10428,29 @@ notifications by the smtp(8) and smtpd(8) processes. </dd>
Postfix-generated email messages. The user is warned. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM smtpd_tls_always_issue_session_ids yes
<p> Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (smtpd_tls_session_cache_database
is empty). This behavior is compatible with Postfix &lt; 2.3. </p>
<p> With Postfix 2.3 and later the Postfix SMTP server can disable
session id generation when TLS session caching is turned off. This
keeps clients from caching sessions that almost certainly cannot
be re-used. </p>
<p> By default, the Postfix SMTP server always generates TLS session
ids. This works around a known defect in mail client applications
such as MS Outlook, and may also prevent interoperability issues
with other MTAs. </p>
<p> Example: </p>
<blockquote>
<pre>
smtpd_tls_always_issue_session_ids = no
</pre>
</blockquote>
<p> This feature is available in Postfix 2.3 and later. </p>

120
gnu/dist/postfix/src/cleanup/cleanup_milter.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup_milter.c,v 1.1.1.1 2006/07/19 01:17:20 rpaulo Exp $ */
/* $NetBSD: cleanup_milter.c,v 1.1.1.2 2006/08/01 00:03:43 rpaulo Exp $ */
/*++
/* NAME
@ -625,7 +625,12 @@ static const char *cleanup_patch_header(CLEANUP_STATE *state,
msg_warn("%s: seek file %s: %m", myname, cleanup_path);
CLEANUP_PATCH_HEADER_RETURN(cleanup_milter_error(state, errno));
}
CLEANUP_OUT_BUF(state, rec_type, buf);
/* The saved "append header" pointer record may still contain "0". */
if (saved_read_offset == state->append_hdr_pt_offset)
cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
(long) state->append_hdr_pt_target);
else
CLEANUP_OUT_BUF(state, rec_type, buf);
if (msg_verbose > 1)
msg_info("%s: %ld: write %.*s", myname, (long) write_offset,
LEN(buf) > 30 ? 30 : (int) LEN(buf), STR(buf));
@ -781,6 +786,10 @@ static const char *cleanup_upd_header(void *context, ssize_t index,
* The lookup result will never be a pointer record.
*
* Index 1 is the first matching header instance.
*
* XXX When a header is updated repeatedly we create jumps to jumps. To
* eliminate this, rewrite the loop below so that we can start with the
* pointer record that points to the header that's being edited.
*/
#define DONT_SAVE_RECORD 0
#define NO_PTR_BACKUP 0
@ -823,12 +832,16 @@ static const char *cleanup_upd_header(void *context, ssize_t index,
CLEANUP_UPD_HEADER_RETURN(cleanup_milter_error(state, errno));
}
if (rec_type == REC_TYPE_PTR) {
/* The "append header" pointer record content must be saved. */
if (saved_read_offset == state->append_hdr_pt_offset)
break;
if (jumped == 0) {
/* Enough contiguous space for writing a PTR record. */
avail_space += read_offset - saved_read_offset;
jumped = 1;
}
if (rec_goto(state->dst, STR(rec_buf)) < 0) {
if (rec_goto(state->dst, STR(rec_buf)) < 0
|| (read_offset = vstream_ftell(state->dst)) < 0) {
msg_warn("%s: read file %s: %m", myname, cleanup_path);
CLEANUP_UPD_HEADER_RETURN(cleanup_milter_error(state,
errno));
@ -1217,12 +1230,21 @@ static const char *cleanup_milter_eval(const char *name, void *ptr)
/*
* Connect macros.
*/
if (strcmp(name, S8_MAC__) == 0) {
vstring_sprintf(state->temp1, "%s [%s]",
state->reverse_name, state->client_addr);
if (strcasecmp(state->client_name, state->reverse_name) != 0)
vstring_strcat(state->temp1, " (may be forged)");
return (STR(state->temp1));
}
if (strcmp(name, S8_MAC_J) == 0)
return (var_myhostname);
if (strcmp(name, S8_MAC_CLIENT_ADDR) == 0)
return (nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_ADDR));
return (state->client_addr);
if (strcmp(name, S8_MAC_CLIENT_NAME) == 0)
return (nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_NAME));
return (state->client_name);
if (strcmp(name, S8_MAC_CLIENT_PTR) == 0)
return (state->reverse_name);
/*
* MAIL FROM macros.
@ -1279,6 +1301,12 @@ static const char *cleanup_milter_apply(CLEANUP_STATE *state, const char *event,
if (msg_verbose)
msg_info("%s: %s", myname, resp);
/*
* Sanity check.
*/
if (state->client_name == 0)
msg_panic("%s: missing client info initialization", myname);
/*
* We don't report errors that were already reported by the content
* editing call-back routines. See cleanup_milter_error() above.
@ -1356,6 +1384,38 @@ static const char *cleanup_milter_apply(CLEANUP_STATE *state, const char *event,
return (ret);
}
/* cleanup_milter_client_init - initialize real or ersatz client info */
static void cleanup_milter_client_init(CLEANUP_STATE *state)
{
const char *proto_attr;
/*
* Either the cleanup client specifies a name, address and protocol, or
* we have a local submission and pretend localhost/127.0.0.1/AF_INET.
*/
#define NO_CLIENT_PORT "0"
state->client_name = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_NAME);
state->reverse_name =
nvtable_find(state->attr, MAIL_ATTR_ACT_REVERSE_CLIENT_NAME);
state->client_addr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_ADDR);
state->client_port = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_PORT);
proto_attr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_AF);
if (state->client_name == 0 || state->client_addr == 0 || proto_attr == 0
|| !alldig(proto_attr)) {
state->client_name = "localhost";
state->client_addr = "127.0.0.1";
state->client_af = AF_INET;
} else
state->client_af = atoi(proto_attr);
if (state->reverse_name == 0)
state->reverse_name = state->client_name;
if (state->client_port == 0)
state->client_port = NO_CLIENT_PORT;
}
/* cleanup_milter_inspect - run message through mail filter */
void cleanup_milter_inspect(CLEANUP_STATE *state, MILTERS *milters)
@ -1366,6 +1426,12 @@ void cleanup_milter_inspect(CLEANUP_STATE *state, MILTERS *milters)
if (msg_verbose)
msg_info("enter %s", myname);
/*
* Initialize, in case we're called via smtpd(8).
*/
if (state->client_name == 0)
cleanup_milter_client_init(state);
/*
* Process mail filter replies. The reply format is verified by the mail
* filter library.
@ -1384,9 +1450,6 @@ void cleanup_milter_emul_mail(CLEANUP_STATE *state,
const char *addr)
{
const char *resp;
const char *proto_attr;
const char *client_port;
int client_af;
const char *helo;
const char *argv[2];
@ -1399,33 +1462,14 @@ void cleanup_milter_emul_mail(CLEANUP_STATE *state,
cleanup_ins_header, cleanup_del_header,
cleanup_add_rcpt, cleanup_del_rcpt,
cleanup_repl_body, (void *) state);
/*
* Either the cleanup client specifies a name, address and protocol, or
* we have a local submission and pretend localhost/127.0.0.1/AF_INET.
*/
#define NO_CLIENT_PORT "0"
state->client_name = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_NAME);
state->client_addr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_ADDR);
client_port = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_PORT);
proto_attr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_AF);
if (state->client_name == 0 || state->client_addr == 0 || proto_attr == 0
|| !alldig(proto_attr)) {
state->client_name = "localhost";
state->client_addr = "127.0.0.1";
client_af = AF_INET;
} else
client_af = atoi(proto_attr);
if (client_port == 0)
client_port = NO_CLIENT_PORT;
if (state->client_name == 0)
cleanup_milter_client_init(state);
/*
* Emulate SMTP events.
*/
if ((resp = milter_conn_event(milters, state->client_name, state->client_addr,
client_port, client_af)) != 0) {
state->client_port, state->client_af)) != 0) {
cleanup_milter_apply(state, "CONNECT", resp);
return;
}
@ -1455,9 +1499,16 @@ void cleanup_milter_emul_rcpt(CLEANUP_STATE *state,
MILTERS *milters,
const char *addr)
{
const char *myname = "cleanup_milter_emul_rcpt";
const char *resp;
const char *argv[2];
/*
* Sanity check.
*/
if (state->client_name == 0)
msg_panic("%s: missing client info initialization", myname);
/*
* CLEANUP_STAT_CONT and CLEANUP_STAT_DEFER both update the reason
* attribute, but CLEANUP_STAT_DEFER takes precedence. It terminates
@ -1481,8 +1532,15 @@ void cleanup_milter_emul_rcpt(CLEANUP_STATE *state,
void cleanup_milter_emul_data(CLEANUP_STATE *state, MILTERS *milters)
{
const char *myname = "cleanup_milter_emul_data";
const char *resp;
/*
* Sanity check.
*/
if (state->client_name == 0)
msg_panic("%s: missing client info initialization", myname);
if ((resp = milter_data_event(milters)) != 0)
cleanup_milter_apply(state, "DATA", resp);
}
@ -1718,7 +1776,7 @@ int main(int unused_argc, char **argv)
msg_warn("bad add_header argument count: %d", argv->argc);
} else {
flatten_args(arg_buf, argv->argv + 2);
cleanup_add_header(state, argv->argv[2], STR(arg_buf));
cleanup_add_header(state, argv->argv[1], STR(arg_buf));
}
} else if (strcmp(argv->argv[0], "ins_header") == 0) {
if (argv->argc < 3) {

2
gnu/dist/postfix/src/cleanup/cleanup_milter.in1 vendored
View File

@ -9,4 +9,6 @@ ins_header 2 X-Test-Header test header value 2
del_header 2 X-Test-Header
ins_header 3 X-Test-Header test header value 3
upd_header 1 X X-replaced-header replacement header text
upd_header 1 X X-replaced-header replacement header text
upd_header 1 X X-replaced-header replacement header text
close

6
gnu/dist/postfix/src/cleanup/cleanup_milter.ref1 vendored
View File

@ -38,8 +38,10 @@
1353 pointer_record: 1193
1193 deleted_text: X-Test-Header: test header value 1
1229 pointer_record: 1370
1370 regular_text: X: X-replaced-header replacement header text
1416 pointer_record: 881
1370 pointer_record: 1433
1433 pointer_record: 1496
1496 regular_text: X: X-replaced-header replacement header text
1542 pointer_record: 881
881 regular_text: Y: 1234567
893 regular_text: Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org>
954 regular_text: Date: Sat, 13 May 2006 21:04:18 -0400 (EDT)

5
gnu/dist/postfix/src/cleanup/cleanup_state.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup_state.c,v 1.1.1.8 2006/07/19 01:17:20 rpaulo Exp $ */
/* $NetBSD: cleanup_state.c,v 1.1.1.9 2006/08/01 00:03:44 rpaulo Exp $ */
/*++
/* NAME
@ -111,7 +111,10 @@ CLEANUP_STATE *cleanup_state_alloc(VSTREAM *src)
state->verp_delims = 0;
state->milters = 0;
state->client_name = 0;
state->reverse_name = 0;
state->client_addr = 0;
state->client_af = 0;
state->client_port = 0;
return (state);
}

6
gnu/dist/postfix/src/global/mail_version.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: mail_version.h,v 1.1.1.23 2006/07/19 01:17:26 rpaulo Exp $ */
/* $NetBSD: mail_version.h,v 1.1.1.24 2006/08/01 00:03:53 rpaulo Exp $ */
#ifndef _MAIL_VERSION_H_INCLUDED_
#define _MAIL_VERSION_H_INCLUDED_
@ -22,8 +22,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20060711"
#define MAIL_VERSION_NUMBER "2.3.0"
#define MAIL_RELEASE_DATE "20060727"
#define MAIL_VERSION_NUMBER "2.3.2"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE

12
gnu/dist/postfix/src/milter/milter.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: milter.c,v 1.1.1.1 2006/07/19 01:17:32 rpaulo Exp $ */
/* $NetBSD: milter.c,v 1.1.1.2 2006/08/01 00:04:03 rpaulo Exp $ */
/*++
/* NAME
@ -143,7 +143,9 @@
/*
/* milter_disc_event() reports an SMTP client disconnection
/* event to the specified milter instances. No events can
/* reported after this call, not even abort() events.
/* reported after this call. To simplify usage, redundant calls
/* of this function are NO-OPs and don't raise a run-time
/* error.
/*
/* milter_helo_event() reports a HELO or EHLO event to the
/* specified milter instances, after sending the macros that
@ -180,9 +182,9 @@
/* by a preceding milter. This function must be called with
/* as argument an open Postfix queue file.
/*
/* milter_abort() cancels a mail transaction in progress. This
/* function is safe to call anywhere between connect and
/* disconnect events.
/* milter_abort() cancels a mail transaction in progress. To
/* simplify usage, redundant calls of this function are NO-OPs
/* and don't raise a run-time error.
/*
/* milter_send() sends a list of mail filters over the specified
/* stream. When given a null list pointer, a "no filter"

28
gnu/dist/postfix/src/milter/milter8.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: milter8.c,v 1.1.1.1 2006/07/19 01:17:33 rpaulo Exp $ */
/* $NetBSD: milter8.c,v 1.1.1.2 2006/08/01 00:04:04 rpaulo Exp $ */
/*++
/* NAME
@ -490,7 +490,7 @@ static void milter8_close_stream(MILTER8 *milter)
/* milter8_read_resp - receive command code now, receive data later */
static int milter8_read_resp(MILTER8 *milter, int event, unsigned char *command,
ssize_t *data_len)
ssize_t *data_len)
{
UINT32_TYPE len;
ssize_t pkt_len;
@ -965,6 +965,10 @@ static const char *milter8_event(MILTER8 *milter, int event,
#define IN_CONNECT_EVENT(e) ((e) == SMFIC_CONNECT || (e) == SMFIC_HELO)
for (;;) {
char *cp;
char *rp;
char ch;
if (milter8_read_resp(milter, event, &cmd, &data_size) != 0)
return (milter->def_reply);
if (msg_verbose)
@ -1083,6 +1087,11 @@ static const char *milter8_event(MILTER8 *milter, int event,
* Decision: "ddd d.d+.d+ text". This decision is final (i.e.
* Sendmail 8 changes receiver state). Note: the reply may be in
* multi-line SMTP format.
*
* XXX Sendmail compatibility: sendmail 8 uses the reply as a format
* string; therefore any '%' characters in the reply are doubled.
* Postfix doesn't use replies as format strings; we replace '%%'
* by '%', and remove single (i.e. invalid) '%' characters.
*/
case SMFIR_REPLYCODE:
if (milter8_read_data(milter, data_size,
@ -1099,6 +1108,15 @@ static const char *milter8_event(MILTER8 *milter, int event,
milter8_conf_error(milter);
return (milter->def_reply);
}
if ((rp = cp = strchr(STR(milter->buf), '%')) != 0) {
for (;;) {
if ((ch = *cp++) == '%')
ch = *cp++;
*rp++ = ch;
if (ch == 0)
break;
}
}
if (IN_CONNECT_EVENT(event)) {
#ifdef LIBMILTER_AUTO_DISCONNECT
milter8_close_stream(milter);
@ -1819,6 +1837,9 @@ static void milter8_abort(MILTER *m)
* has to open a new MTA-to-filter socket for each SMTP client.
*/
switch (milter->state) {
case MILTER8_STAT_CLOSED:
case MILTER8_STAT_READY:
return;
case MILTER8_STAT_ERROR:
case MILTER8_STAT_ACCEPT_CON:
case MILTER8_STAT_REJECT_CON:
@ -1853,6 +1874,9 @@ static void milter8_disc_event(MILTER *m)
* has to open a new MTA-to-filter socket for each SMTP client.
*/
switch (milter->state) {
case MILTER8_STAT_CLOSED:
case MILTER8_STAT_READY:
return;
case MILTER8_STAT_ERROR:
#ifdef LIBMILTER_AUTO_DISCONNECT
case MILTER8_STAT_ACCEPT_CON:

10
gnu/dist/postfix/src/milter/test-list vendored
View File

@ -1,3 +1,13 @@
# Reject with text
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c connect -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c helo -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c mail -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c rcpt -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c header -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c eoh -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c body -p inet:9999@127.0.0.1
./test-milter -C 1 -a "554 5.7.1 1% 2%% 3%%%" -c eom -p inet:9999@127.0.0.1
# Tempfail tests
./test-milter -C 1 -a tempfail -c connect -p inet:9999@127.0.0.1
./test-milter -C 1 -a tempfail -c helo -p inet:9999@127.0.0.1

24
gnu/dist/postfix/src/milter/test-milter.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: test-milter.c,v 1.1.1.1 2006/07/19 01:17:32 rpaulo Exp $ */
/* $NetBSD: test-milter.c,v 1.1.1.2 2006/08/01 00:04:03 rpaulo Exp $ */
/*
* Simple test mail filter program.
@ -98,17 +98,23 @@ static char *reply_code;
static char *reply_dsn;
static char *reply_message;
#ifdef SMFIR_INSHEADER
static char *ins_hdr;
static int ins_idx;
static char *ins_val;
#endif
#ifdef SMFIR_CHGHEADER
static char *chg_hdr;
static int chg_idx;
static char *chg_val;
#endif
static int test_reply(SMFICTX *ctx, int code)
{
(void) fflush(stdout); /* In case output redirected. */
(void) fflush(stdout); /* In case output redirected. */
if (code == SMFIR_REPLYCODE) {
if (smfi_setreply(ctx, reply_code, reply_dsn, reply_message) != MI_SUCCESS)
@ -216,10 +222,14 @@ static sfsistat test_body(SMFICTX *ctx, unsigned char *data, size_t data_len)
static sfsistat test_eom(SMFICTX *ctx)
{
printf("test_eom\n");
#ifdef SMFIR_INSHEADER
if (ins_hdr && smfi_insheader(ctx, ins_idx, ins_hdr, ins_val) == MI_FAILURE)
fprintf(stderr, "smfi_insheader failed");
#endif
#ifdef SMFIR_CHGHEADER
if (chg_hdr && smfi_chgheader(ctx, chg_hdr, chg_idx, chg_val) == MI_FAILURE)
fprintf(stderr, "smfi_chgheader failed");
#endif
return (test_reply(ctx, test_eom_reply));
}
@ -321,11 +331,16 @@ int main(int argc, char **argv)
}
break;
case 'i':
#ifdef SMFIR_INSHEADER
if (ins_hdr) {
fprintf(stderr, "too many -i options\n");
exit(1);
}
parse_hdr_info(optarg, &ins_idx, &ins_hdr, &ins_val);
#else
fprintf(stderr, "no libmilter support to insert header\n");
exit(1);
#endif
break;
case 'p':
if (smfi_setconn(optarg) == MI_FAILURE) {
@ -334,11 +349,16 @@ int main(int argc, char **argv)
}
break;
case 'r':
#ifdef SMFIR_CHGHEADER
if (chg_hdr) {
fprintf(stderr, "too many -r options\n");
exit(1);
}
parse_hdr_info(optarg, &chg_idx, &chg_hdr, &chg_val);
#else
fprintf(stderr, "no libmilter support to change header\n");
exit(1);
#endif
break;
case 'v':
verbose++;

25
gnu/dist/postfix/src/pickup/pickup.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: pickup.c,v 1.1.1.12 2006/07/19 01:17:35 rpaulo Exp $ */
/* $NetBSD: pickup.c,v 1.1.1.13 2006/08/01 00:04:06 rpaulo Exp $ */
/*++
/* NAME
@ -223,9 +223,7 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
* mail system against unreasonable inputs. This also requires that we
* limit the size of envelope records written by the local posting agent.
*
* Allow attribute records if the queue file is owned by the mail system
* (postsuper -r) or if the attribute specifies the MIME body type
* (sendmail -B).
* Records with named attributes are filtered by postdrop(1).
*
* We must allow PTR records here because of "postsuper -r".
*/
@ -251,6 +249,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
/*
* XXX Workaround: REC_TYPE_FILT (used in envelopes) == REC_TYPE_CONT
* (used in message content).
*
* As documented in postsuper(1), ignore content filter record.
*/
if (*expected != REC_TYPE_CONTENT[0]) {
if (type == REC_TYPE_FILT)
@ -324,7 +324,7 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup,
}
/*
* Add content inspection transport.
* Add content inspection transport. See also postsuper(1).
*/
if (*var_filter_xport)
rec_fprintf(cleanup, REC_TYPE_FILT, "%s", var_filter_xport);
@ -346,7 +346,10 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup,
* For messages belonging to $mail_owner also log the maildrop queue id.
* This supports message tracking for mail requeued via "postsuper -r".
*/
if (info->st.st_uid == var_owner_uid) {
#define MAIL_IS_REQUEUED(info) \
((info)->st.st_uid == var_owner_uid && ((info)->st.st_mode & S_IROTH) == 0)
if (MAIL_IS_REQUEUED(info)) {
msg_info("%s: uid=%d from=<%s> orig_id=%s", info->id,
(int) info->st.st_uid, info->sender,
((name = strrchr(info->path, '/')) != 0 ?
@ -444,6 +447,13 @@ static int pickup_file(PICKUP_INFO *info)
* bounces its copy of the message. because the original input file is
* not readable by the bounce service.
*
* If mail is re-injected with "postsuper -r", disable Milter applications.
* If they were run before the mail was queued then there is no need to
* run them again. Moreover, the queue file does not contain enough
* information to reproduce the exact same SMTP events and Sendmail
* macros that Milters received when the mail originally arrived in
* Postfix.
*
* The actual message copying code is in a separate routine, so that it is
* easier to implement the many possible error exits without forgetting
* to close files, or to release memory.
@ -451,6 +461,9 @@ static int pickup_file(PICKUP_INFO *info)
cleanup_flags =
input_transp_cleanup(CLEANUP_FLAG_BOUNCE | CLEANUP_FLAG_MASK_EXTERNAL,
pickup_input_transp_mask);
/* As documented in postsuper(1). */
if (MAIL_IS_REQUEUED(info))
cleanup_flags &= ~CLEANUP_FLAG_MILTER;
cleanup = mail_connect_wait(MAIL_CLASS_PUBLIC, var_cleanup_service);
if (attr_scan(cleanup, ATTR_FLAG_STRICT,

10
gnu/dist/postfix/src/postfix/postfix.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: postfix.c,v 1.1.1.7 2006/07/19 01:17:36 rpaulo Exp $ */
/* $NetBSD: postfix.c,v 1.1.1.8 2006/08/01 00:04:08 rpaulo Exp $ */
/*++
/* NAME
@ -241,6 +241,14 @@
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
/* TLS support by:
/* Lutz Jaenicke
/* Brandenburg University of Technology
/* Cottbus, Germany
/*
/* Victor Duchovni
/* Morgan Stanley
/*
/* SASL support originally by:
/* Till Franke
/* SuSE Rhein/Main AG

32
gnu/dist/postfix/src/postsuper/postsuper.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: postsuper.c,v 1.1.1.10 2006/07/19 01:17:37 rpaulo Exp $ */
/* $NetBSD: postsuper.c,v 1.1.1.11 2006/08/01 00:04:09 rpaulo Exp $ */
/*++
/* NAME
@ -123,13 +123,31 @@
/* Specify \fB-r ALL\fR to requeue all messages. As a safety
/* measure, the word \fBALL\fR must be specified in upper case.
/* .sp
/* A requeued message is moved to the \fBmaildrop\fR queue, from
/* where it is copied by the pickup daemon to a new file whose name
/* is guaranteed to match the new queue file inode number. The
/* new queue file is subjected again to mail address rewriting and
/* substitution. This is useful when rewriting rules or virtual
/* mappings have changed.
/* A requeued message is moved to the \fBmaildrop\fR queue,
/* from where it is copied by the \fBpickup\fR(8) and
/* \fBcleanup\fR(8) daemons to a new queue file. In many
/* respects its handling differs from that of a new local
/* submission.
/* .RS
/* .IP \(bu
/* The message is not subjected to the smtpd_milters or
/* non_smtpd_milters settings. When mail has passed through
/* an external content filter, this would produce incorrect
/* results with Milter applications that depend on original
/* SMTP connection state information.
/* .IP \(bu
/* The message is subjected again to mail address rewriting
/* and substitution. This is useful when rewriting rules or
/* virtual mappings have changed.
/* .sp
/* The address rewriting context (local or remote) is the same
/* as when the message was received.
/* .IP \(bu
/* The message is subjected to the same content_filter settings
/* (if any) as used for new local mail submissions. This is
/* useful when content_filter settings have changed.
/* .RE
/* .IP
/* Warning: Postfix queue IDs are reused.
/* There is a very small possibility that \fBpostsuper\fR(1) requeues
/* the wrong message file when it is executed while the Postfix mail

3
gnu/dist/postfix/src/smtp/lmtp_params.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: lmtp_params.c,v 1.1.1.1 2006/07/19 01:17:41 rpaulo Exp $ */
/* $NetBSD: lmtp_params.c,v 1.1.1.2 2006/08/01 00:04:14 rpaulo Exp $ */
static CONFIG_STR_TABLE lmtp_str_table[] = {
VAR_NOTIFY_CLASSES, DEF_NOTIFY_CLASSES, &var_notify_classes, 0, 0,
@ -97,6 +97,5 @@
#endif
VAR_LMTP_SENDER_AUTH, DEF_LMTP_SENDER_AUTH, &var_smtp_sender_auth,
VAR_LMTP_CNAME_OVERR, DEF_LMTP_CNAME_OVERR, &var_smtp_cname_overr,
VAR_LMTP_SASL_ENFORCE, DEF_LMTP_SASL_ENFORCE, &var_smtp_sasl_enforce,
0,
};

15
gnu/dist/postfix/src/smtp/smtp.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp.c,v 1.1.1.10 2006/07/19 01:17:42 rpaulo Exp $ */
/* $NetBSD: smtp.c,v 1.1.1.11 2006/08/01 00:04:15 rpaulo Exp $ */
/*++
/* NAME
@ -236,11 +236,6 @@
/* server's list of offered SASL mechanisms.
/* .PP
/* Available in Postfix version 2.3 and later:
/* .IP "\fBsmtp_sasl_auth_enforce (yes)\fR"
/* If sender-dependent SASL passwords are turned off, defer mail
/* delivery when an SMTP server does not support SASL authentication,
/* while smtp_sasl_password_maps contains SASL login/password information
/* for that server.
/* .IP "\fBsmtp_sender_dependent_authentication (no)\fR"
/* Enable sender-dependent authentication in the Postfix SMTP client; this is
/* available only with SASL authentication, and disables SMTP connection
@ -299,6 +294,13 @@
/* .IP "\fBsmtp_tls_note_starttls_offer (no)\fR"
/* Log the hostname of a remote SMTP server that offers STARTTLS,
/* when TLS is not already enabled for that server.
/* .IP "\fBsmtp_tls_policy_maps (empty)\fR"
/* Optional lookup tables with the Postfix SMTP client TLS security
/* policy by next-hop destination; when a non-empty value is specified,
/* this overrides the obsolete smtp_tls_per_site parameter.
/* .IP "\fBsmtp_tls_mandatory_protocols (SSLv3, TLSv1)\fR"
/* List of TLS protocols that the Postfix SMTP client will use
/* with mandatory TLS encryption.
/* .IP "\fBsmtp_tls_scert_verifydepth (5)\fR"
/* The verification depth for remote SMTP server certificates.
/* .IP "\fBsmtp_tls_secure_cert_match (nexthop, dot-nexthop)\fR"
@ -699,7 +701,6 @@ bool var_smtp_sender_auth;
char *var_lmtp_tcp_port;
int var_scache_proto_tmout;
bool var_smtp_cname_overr;
bool var_smtp_sasl_enforce;
/*
* Global variables.

3
gnu/dist/postfix/src/smtp/smtp_params.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp_params.c,v 1.1.1.1 2006/07/19 01:17:43 rpaulo Exp $ */
/* $NetBSD: smtp_params.c,v 1.1.1.2 2006/08/01 00:04:16 rpaulo Exp $ */
static CONFIG_STR_TABLE smtp_str_table[] = {
VAR_NOTIFY_CLASSES, DEF_NOTIFY_CLASSES, &var_notify_classes, 0, 0,
@ -101,6 +101,5 @@
#endif
VAR_SMTP_SENDER_AUTH, DEF_SMTP_SENDER_AUTH, &var_smtp_sender_auth,
VAR_SMTP_CNAME_OVERR, DEF_SMTP_CNAME_OVERR, &var_smtp_cname_overr,
VAR_SMTP_SASL_ENFORCE, DEF_SMTP_SASL_ENFORCE, &var_smtp_sasl_enforce,
0,
};

202
gnu/dist/postfix/src/smtp/smtp_proto.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp_proto.c,v 1.1.1.11 2006/07/19 01:17:43 rpaulo Exp $ */
/* $NetBSD: smtp_proto.c,v 1.1.1.12 2006/08/01 00:04:16 rpaulo Exp $ */
/*++
/* NAME
@ -361,7 +361,6 @@ int smtp_helo(SMTP_STATE *state)
"host %s refused to talk to me: %s",
session->namaddr,
translit(resp->str, "\n", " ")));
return (0);
}
} else {
where = "performing the LHLO handshake";
@ -374,93 +373,106 @@ int smtp_helo(SMTP_STATE *state)
}
/*
* Determine what server EHLO keywords to ignore, typically to avoid
* inter-operability problems.
* No early returns allowed, to ensure consistent handling of TLS and
* SASL policies.
*/
if (smtp_ehlo_dis_maps == 0
|| (ehlo_words = maps_find(smtp_ehlo_dis_maps, state->session->addr, 0)) == 0)
ehlo_words = var_smtp_ehlo_dis_words;
discard_mask = ehlo_mask(ehlo_words);
if (discard_mask && !(discard_mask & EHLO_MASK_SILENT))
msg_info("discarding EHLO keywords: %s", str_ehlo_mask(discard_mask));
if (session->features & SMTP_FEATURE_ESMTP) {
/*
* Pick up some useful features offered by the SMTP server. XXX Until we
* have a portable routine to convert from string to off_t with proper
* overflow detection, ignore the message size limit advertised by the
* SMTP server. Otherwise, we might do the wrong thing when the server
* advertises a really huge message size limit.
*
* XXX Allow for "code (SP|-) ehlo-keyword (SP|=) ehlo-param...", because
* MicroSoft implemented AUTH based on an old draft.
*/
lines = resp->str;
for (n = 0; (words = mystrtok(&lines, "\n")) != 0; /* see below */ ) {
if (mystrtok(&words, "- ") && (word = mystrtok(&words, " \t=")) != 0) {
if (n == 0) {
if (session->helo != 0)
myfree(session->helo);
/*
* Determine what server EHLO keywords to ignore, typically to avoid
* inter-operability problems.
*/
if (smtp_ehlo_dis_maps == 0
|| (ehlo_words = maps_find(smtp_ehlo_dis_maps,
state->session->addr, 0)) == 0)
ehlo_words = var_smtp_ehlo_dis_words;
discard_mask = ehlo_mask(ehlo_words);
if (discard_mask && !(discard_mask & EHLO_MASK_SILENT))
msg_info("discarding EHLO keywords: %s",
str_ehlo_mask(discard_mask));
/*
* XXX: Keep the original case: we don't expect a single SMTP
* server to randomly change the case of its helo response.
* If different capitalization is detected, we should assume
* disjoint TLS caches.
*/
session->helo = mystrdup(word);
if (strcasecmp(word, var_myhostname) == 0
&& (state->misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) != 0) {
msg_warn("host %s replied to HELO/EHLO with my own hostname %s",
session->namaddrport, var_myhostname);
if (session->features & SMTP_FEATURE_BEST_MX)
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
/*
* Pick up some useful features offered by the SMTP server. XXX Until
* we have a portable routine to convert from string to off_t with
* proper overflow detection, ignore the message size limit
* advertised by the SMTP server. Otherwise, we might do the wrong
* thing when the server advertises a really huge message size limit.
*
* XXX Allow for "code (SP|-) ehlo-keyword (SP|=) ehlo-param...",
* because MicroSoft implemented AUTH based on an old draft.
*/
lines = resp->str;
for (n = 0; (words = mystrtok(&lines, "\n")) != 0; /* see below */ ) {
if (mystrtok(&words, "- ")
&& (word = mystrtok(&words, " \t=")) != 0) {
if (n == 0) {
if (session->helo != 0)
myfree(session->helo);
/*
* XXX: Keep the original case: we don't expect a single
* SMTP server to randomly change the case of its helo
* response. If different capitalization is detected, we
* should assume disjoint TLS caches.
*/
session->helo = mystrdup(word);
if (strcasecmp(word, var_myhostname) == 0
&& (state->misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) != 0) {
msg_warn("host %s replied to HELO/EHLO"
" with my own hostname %s",
session->namaddrport, var_myhostname);
if (session->features & SMTP_FEATURE_BEST_MX)
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "5.4.6"),
"mail for %s loops back to myself",
request->nexthop));
else
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
request->nexthop));
else
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "4.4.6"),
"mail for %s loops back to myself",
request->nexthop));
}
} else if (strcasecmp(word, "8BITMIME") == 0) {
if ((discard_mask & EHLO_MASK_8BITMIME) == 0)
session->features |= SMTP_FEATURE_8BITMIME;
} else if (strcasecmp(word, "PIPELINING") == 0) {
if ((discard_mask & EHLO_MASK_PIPELINING) == 0)
session->features |= SMTP_FEATURE_PIPELINING;
} else if (strcasecmp(word, "XFORWARD") == 0) {
if ((discard_mask & EHLO_MASK_XFORWARD) == 0)
while ((word = mystrtok(&words, " \t")) != 0)
session->features |= name_code(xforward_features,
NAME_CODE_FLAG_NONE, word);
} else if (strcasecmp(word, "SIZE") == 0) {
if ((discard_mask & EHLO_MASK_SIZE) == 0) {
session->features |= SMTP_FEATURE_SIZE;
if ((word = mystrtok(&words, " \t")) != 0) {
if (!alldig(word))
msg_warn("bad EHLO SIZE limit \"%s\" from %s",
word, session->namaddrport);
else
session->size_limit = off_cvt_string(word);
request->nexthop));
}
} else if (strcasecmp(word, "8BITMIME") == 0) {
if ((discard_mask & EHLO_MASK_8BITMIME) == 0)
session->features |= SMTP_FEATURE_8BITMIME;
} else if (strcasecmp(word, "PIPELINING") == 0) {
if ((discard_mask & EHLO_MASK_PIPELINING) == 0)
session->features |= SMTP_FEATURE_PIPELINING;
} else if (strcasecmp(word, "XFORWARD") == 0) {
if ((discard_mask & EHLO_MASK_XFORWARD) == 0)
while ((word = mystrtok(&words, " \t")) != 0)
session->features |=
name_code(xforward_features,
NAME_CODE_FLAG_NONE, word);
} else if (strcasecmp(word, "SIZE") == 0) {
if ((discard_mask & EHLO_MASK_SIZE) == 0) {
session->features |= SMTP_FEATURE_SIZE;
if ((word = mystrtok(&words, " \t")) != 0) {
if (!alldig(word))
msg_warn("bad EHLO SIZE limit \"%s\" from %s",
word, session->namaddrport);
else
session->size_limit = off_cvt_string(word);
}
}
}
#ifdef USE_TLS
} else if (strcasecmp(word, "STARTTLS") == 0) {
/* Ignored later if we already sent STARTTLS. */
if ((discard_mask & EHLO_MASK_STARTTLS) == 0)
session->features |= SMTP_FEATURE_STARTTLS;
} else if (strcasecmp(word, "STARTTLS") == 0) {
/* Ignored later if we already sent STARTTLS. */
if ((discard_mask & EHLO_MASK_STARTTLS) == 0)
session->features |= SMTP_FEATURE_STARTTLS;
#endif
#ifdef USE_SASL_AUTH
} else if (var_smtp_sasl_enable && strcasecmp(word, "AUTH") == 0) {
if ((discard_mask & EHLO_MASK_AUTH) == 0)
smtp_sasl_helo_auth(session, words);
} else if (var_smtp_sasl_enable
&& strcasecmp(word, "AUTH") == 0) {
if ((discard_mask & EHLO_MASK_AUTH) == 0)
smtp_sasl_helo_auth(session, words);
#endif
} else if (strcasecmp(word, "DSN") == 0) {
if ((discard_mask & EHLO_MASK_DSN) == 0)
session->features |= SMTP_FEATURE_DSN;
} else if (strcasecmp(word, "DSN") == 0) {
if ((discard_mask & EHLO_MASK_DSN) == 0)
session->features |= SMTP_FEATURE_DSN;
}
n++;
}
n++;
}
}
if (msg_verbose)
@ -602,16 +614,6 @@ int smtp_helo(SMTP_STATE *state)
#ifdef USE_SASL_AUTH
if (var_smtp_sasl_enable && (session->features & SMTP_FEATURE_AUTH))
return (smtp_sasl_helo_login(state));
else if (var_smtp_sasl_enable
&& *var_smtp_sasl_passwd
&& !var_smtp_sender_auth
&& var_smtp_sasl_enforce
&& smtp_sasl_passwd_lookup(session) != 0)
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "4.7.0"),
"SASL login/password exists, but host %s "
"does not announce SASL authentication support",
session->namaddr));
#endif
return (0);
@ -746,11 +748,22 @@ static int smtp_start_tls(SMTP_STATE *state)
DONT_USE_DEAD_SESSION;
/*
* If TLS is optional, try again, this time without TLS.
* Specifically, this session is not final, don't defer any
* recipients yet.
* If TLS is optional, try delivery to the same server over a
* plaintext connection. Otherwise we would defer mail forever with
* destinations that have no alternate MX host.
*
* Don't fall back to plaintext if we were willing to use SASL-over-TLS
* authentication. If the server doesn't announce SASL support over
* plaintext connections, then we don't want delivery to fail with
* "relay access denied".
*/
if (session->tls_level == TLS_LEV_MAY)
if (session->tls_level == TLS_LEV_MAY
#ifdef USE_SASL_AUTH
&& !(var_smtp_sasl_enable
&& *var_smtp_sasl_passwd
&& smtp_sasl_passwd_lookup(session))
#endif
)
RETRY_AS_PLAINTEXT;
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "4.7.5"),
@ -976,6 +989,8 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
NOCLOBBER int mail_from_rejected;
NOCLOBBER int downgrading;
int mime_errs;
SMTP_RESP fake;
int fail_status;
/*
* Macros for readability.
@ -1685,7 +1700,12 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
if (rec_type != REC_TYPE_XTRA) {
msg_warn("%s: bad record type: %d in message content",
request->queue_id, rec_type);
RETURN(mark_corrupt(state->src));
fail_status = smtp_mesg_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "5.3.0"),
"unreadable mail queue entry");
if (fail_status == 0)
(void) mark_corrupt(state->src);
RETURN(fail_status);
}
}

8
gnu/dist/postfix/src/smtp/smtp_sasl_glue.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp_sasl_glue.c,v 1.1.1.7 2006/07/19 01:17:43 rpaulo Exp $ */
/* $NetBSD: smtp_sasl_glue.c,v 1.1.1.8 2006/08/01 00:04:16 rpaulo Exp $ */
/*++
/* NAME
@ -177,9 +177,13 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session)
&& (value = mail_addr_find(smtp_sasl_passwd_map,
state->request->sender, (char **) 0)) != 0)
|| (value = maps_find(smtp_sasl_passwd_map, session->host, 0)) != 0
|| (value = maps_find(smtp_sasl_passwd_map, session->dest, 0)) != 0) {
|| (value = maps_find(smtp_sasl_passwd_map, session->dest, 0)) != 0) {
if (session->sasl_username)
myfree(session->sasl_username);
session->sasl_username = mystrdup(value);
passwd = split_at(session->sasl_username, ':');
if (session->sasl_passwd)
myfree(session->sasl_passwd);
session->sasl_passwd = mystrdup(passwd ? passwd : "");
if (msg_verbose)
msg_info("%s: host `%s' user `%s' pass `%s'",

3
gnu/dist/postfix/src/smtpd/smtpd.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtpd.h,v 1.1.1.8 2006/07/19 01:17:45 rpaulo Exp $ */
/* $NetBSD: smtpd.h,v 1.1.1.9 2006/08/01 00:04:19 rpaulo Exp $ */
/*++
/* NAME
@ -147,6 +147,7 @@ typedef struct SMTPD_STATE {
char *dsn_envid; /* temporary MAIL FROM state */
int dsn_ret; /* temporary MAIL FROM state */
VSTRING *dsn_buf; /* scratch space for xtext expansion */
VSTRING *dsn_orcpt_buf; /* scratch space for ORCPT parsing */
/*
* Pass-through proxy client.

11
gnu/dist/postfix/src/smtpd/smtpd_milter.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtpd_milter.c,v 1.1.1.1 2006/07/19 01:17:47 rpaulo Exp $ */
/* $NetBSD: smtpd_milter.c,v 1.1.1.2 2006/08/01 00:04:21 rpaulo Exp $ */
/*++
/* NAME
@ -80,6 +80,15 @@ const char *smtpd_milter_eval(const char *name, void *ptr)
/*
* Connect macros.
*/
if (strcmp(name, S8_MAC__) == 0) {
if (state->expand_buf == 0)
state->expand_buf = vstring_alloc(10);
vstring_sprintf(state->expand_buf, "%s [%s]",
state->reverse_name, state->addr);
if (strcasecmp(state->name, state->reverse_name) != 0)
vstring_strcat(state->expand_buf, " (may be forged)");
return (STR(state->expand_buf));
}
if (strcmp(name, S8_MAC_J) == 0)
return (var_myhostname);
if (strcmp(name, S8_MAC_CLIENT_ADDR) == 0)

5
gnu/dist/postfix/src/smtpd/smtpd_state.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtpd_state.c,v 1.1.1.8 2006/07/19 01:17:47 rpaulo Exp $ */
/* $NetBSD: smtpd_state.c,v 1.1.1.9 2006/08/01 00:04:21 rpaulo Exp $ */
/*++
/* NAME
@ -139,6 +139,7 @@ void smtpd_state_init(SMTPD_STATE *state, VSTREAM *stream,
#endif
state->dsn_envid = 0;
state->dsn_buf = vstring_alloc(100);
state->dsn_orcpt_buf = vstring_alloc(100);
#ifdef USE_TLS
state->tls_use_tls = 0;
state->tls_enforce_tls = 0;
@ -214,6 +215,8 @@ void smtpd_state_reset(SMTPD_STATE *state)
vstring_free(state->instance);
if (state->dsn_buf)
vstring_free(state->dsn_buf);
if (state->dsn_orcpt_buf)
vstring_free(state->dsn_orcpt_buf);
#ifdef USE_SASL_AUTH
if (var_smtpd_sasl_enable)

5
gnu/dist/postfix/src/tls/tls.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: tls.h,v 1.1.1.2 2006/07/19 01:17:39 rpaulo Exp $ */
/* $NetBSD: tls.h,v 1.1.1.3 2006/08/01 00:04:11 rpaulo Exp $ */
#ifndef _TLS_H_INCLUDED_
#define _TLS_H_INCLUDED_
@ -19,7 +19,7 @@
#include <name_code.h>
/*
* TLS enforcement levels. Non-sentinel values also be used to indicate
* TLS enforcement levels. Non-sentinel values may also be used to indicate
* the actual security level of a session.
*/
#define TLS_LEV_NOTFOUND -1 /* sentinel */
@ -176,6 +176,7 @@ typedef struct {
int verifydepth;
const char *cache_type;
long scache_timeout;
int set_sessid;
const char *cert_file;
const char *key_file;
const char *dcert_file;

10
gnu/dist/postfix/src/tls/tls_server.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: tls_server.c,v 1.1.1.2 2006/07/19 01:17:40 rpaulo Exp $ */
/* $NetBSD: tls_server.c,v 1.1.1.3 2006/08/01 00:04:13 rpaulo Exp $ */
/*++
/* NAME
@ -449,7 +449,7 @@ SSL_CTX *tls_server_init(const tls_server_props *props)
tls_print_errors();
cachable = 0;
}
if (cachable) {
if (cachable || props->set_sessid) {
/*
* Initialize the session cache.
@ -476,8 +476,10 @@ SSL_CTX *tls_server_init(const tls_server_props *props)
SSL_CTX_set_session_cache_mode(server_ctx,
SSL_SESS_CACHE_SERVER |
SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_sess_set_get_cb(server_ctx, get_server_session_cb);
SSL_CTX_sess_set_new_cb(server_ctx, new_server_session_cb);
if (cachable) {
SSL_CTX_sess_set_get_cb(server_ctx, get_server_session_cb);
SSL_CTX_sess_set_new_cb(server_ctx, new_server_session_cb);
}
/*
* OpenSSL ignores timed-out sessions. We need to set the internal