Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Postfix 2.0.19

This commit is contained in:
heas 2004-03-27 16:09:35 +00:00
parent 7b58653939
commit c7fd7e15fb
122 changed files with 1800 additions and 872 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gnu/dist/postfix/0README vendored
View File

@ -46,10 +46,10 @@ Web sites:
Mail addresses (PLEASE send questions to the mailing list)
postfix-XXX@postfix.org Postfix mailing lists
postfix-users@postfix.org Postfix users mailing list
wietse@porcupine.org the original author
In order to subscribe to a mailing list, see http://www.postfix.org/.
In order to subscribe to the mailing list, see http://www.postfix.org/.
Acknowledgments
===============

1
gnu/dist/postfix/COMPATIBILITY vendored
View File

@ -31,7 +31,6 @@ mailertable yes (it's called transport)
mailq yes
majordomo yes (edit approve script to delete /^delivered-to:/i)
mime yes (including 8bit to quoted-printable conversion)
mime conversion not yet; postfix uses just-send-eight
mysql tables yes (contributed)
netinfo tables yes (contributed)
newaliases yes (main alias database only)

308
gnu/dist/postfix/HISTORY vendored
View File

@ -1262,12 +1262,12 @@ Apologies for any names omitted.
reorganization of the way queue scans were done. The queue
manager socket now has become public.
10091002
19981002
SMTPD now logs "lost connection after end-of-message" instead
of "lost connection after DATA".
10091005
19981005
More bullet proofing: timeouts on all triggers.
@ -6928,7 +6928,7 @@ Apologies for any names omitted.
File: util/dict_regexp.c.
200209010
20020910
Bugfix: the SMTP client produced suprious warnings about
trouble with fallback_relay hosts. File: smtp/smtp_connect.c.
@ -6936,7 +6936,7 @@ Apologies for any names omitted.
Robustness: don't wait with detecting broken SMTP connections
until reading input. Leandro Santi. File: smtpd/smtpd_chat.c.
200209011
20020911
Workaround: IRIX 6 can't do ioctl FIONREAD on pipes. This
breaks the in_flow_delay feature. File: util/sys_defs.h.
@ -7682,8 +7682,308 @@ Apologies for any names omitted.
systems against exploitation of the remote buffer overflow
vulnerability described in CERT advisory CA-2003-07.
20030311-19
Bugfix: the access map actions HOLD, DISCARD and FILTER
were broken with smtpd_delay_reject=no and with ETRN. Fixing
this required re-architecting of the actions code. Files:
smtpd/smtpd.[hc], smtpd/smtpd_check.c, smtpd/smtpd_state.c.
20030315
Bugfix: the postsuper manual page documented support for
the -c command line option, but it was not implemented.
File: postsuper/postsuper.c.
Bugfix: the Postfix 2.0 recipient map checking code broke
the VRFY command, causing it to reply with status code 252
for non-existent addresses. This required re-architecting
the recipient table lookup code. File: smtpd/smtpd_check.c.
20030410
Safety: log a fatal error when a net/mask pattern has a
non-zero host part, so that mail delivery is deferred.
File: util/match_ops.c.
20030411
Bugfix: extraneous warning about out-of-order original
recipient records by Patrik Rak. Files: *qmgr/qmgr_message.c.
20030415
Workaround: log a warning and reset incoming queue file
time stamps when the file system clock is ahead of the
local clock, instead of ignoring new mail until the next
queue scan. The file system clock drift detection executes
only once per process instance, to minimize the performance
impact. File: global/mail_stream.c.
20030416
Bugfix: missing partial last line when 1) someone submits
8-bit mail not ending in newline via /usr/sbin/sendmail
and 2) MIME input processing is turned off, and 3) MIME
8bit->7bit conversion is requested upon delivery via SMTP.
20030424
Cleanup: readlline() did not terminate the result before
complaining about lines starting with whitespace.
Cleanup: eliminated valid_hostname warning for invalid
queue file names. File: global/mail_queue.c.
Bugfix: the Postfix sendmail command applied the message
size limit when running as newaliases. The limiting code
is now moved to the message enqueuing branch of the code.
File: sendmail/sendmail.c.
20030429
Bugfix: "," was not recognized in proxy_read_maps settings.
Fix by Leandro Santi. File: proxymap/proxymap.c.
20030502
Bugfix: defer delivery after .forward etc. file read error.
File: local/token.c. Problem reported by Ben Rosengart,
Panix.
20030520
Cleanup: future time stamps in Received: headers and negative
delays in delivery agent logging after "postdrop -r",
because deferred queue files had future file modification
times. File: src/postsuper/postsuper.c.
20030521
Cleanup: nqmgr warnings about "recipient count mismatch"
after "postdrop -r", because the cleanup server did not
count the "already done" recipients. Problem reported by
Richard Stockton, Gramma Software. Files:
cleanup/cleanup_envelope.c, cleanup/cleanup_extracted.c
20030528
Compatibility: "sendmail -q<time>" without -bd option now
exits immediately, instead of waiting for input on the
standard input stream and screwing up system boot sequences.
File: sendmail/sendmail.c.
Bugfix: the Postfix LMTP client used the wrong service
name, causing trouble with SASL 2.1.13. Daniel Schales,
Louisiana Tech. File: lmtp/lmtp_sasl_glue.c.
Workaround: IRIX select() reports that a non-blocking file
descriptor is writable while write() transfers zero bytes.
File: global/pipe_command.c.
Feature: "postcat -q" (search the queue for the named file)
support copied from snapshot release because I can't see
people suffer. File: postcat/postcat.c.
20030530
Bugfix: client access denied with smtpd_delay_reject=no
broke "sendmail -bs". Fix by Victor Duchovni, Morgan Stanley.
File: smtpd/smtpd.c.
20030531
Compatibility: allow <@site,@site:address> route addresses
in SMTP commands. File: smtpd/smtpd.c.
20030605
Bugfix: the "dead host" backoff timer in the MySQL client
didn't work. Fix by Leandro Santi. File: util/dict_mysql.c.
Safety: stricter checks on what queue file records the
postdrop submission command accepts (idea copied from
snapshot). File: postdrop/postdrop.c.
Workaround: turned off non-blocking write to pipe because
too many systems give a weird write() result. File:
global/pipe_command.c.
20030609
Workaround: Solaris blocking socket read() may hang. Hernan
Perez Masci and Leandro Santi. File: smtpd/smtpd.c.
20030611
Bugfix: the stricter postdrop input filter broke "sendmail
-bs". Found by Lutz Jaenicke. File: smtpd/smtpd.c.
20030616
Cleanup: more accurate "postfix check" warning for files
that miss one or more of the required mode 02111 execute
permission bits. Matthias Andree. File: conf/postfix-script.
20030618
Workaround: after "postfix reload", the master daemon now
warns when inet_interfaces has changed, and ignores the
change, instead of passing incorrect information to the
smtp server. File: master/master_ent.c.
20030620
Bugfix: after the last change to postdrop, postcat no longer
recognized maildrop queue files as valid. File: postcat/postcat.c.
20030621
Workaround: the safe_open(O_CREAT) race condition exploit
avoiding code tries a little harder when it encounters a
race condition. File: util/safe_open.c.
20030629
Cleanup: replaced references to "simulated virtual domains"
by "virtual alias domains". Victor Duchovni, Morgan Stanley.
20030711
Bugfix: the LMTP session caching code did not reset the
EHLO server feature list when it needed to reconnect.
Problem found by Tobias Erbsland.
20030717
Documentation: corrected the command time limit parameter
syntax in the spawn(8) manual page.
20030811
Cleanup: produce a warning when host:port specifies a badly
formatted numerical port. Files: util/find_inet.c,
smtp/smtp_connect.c, lmtp/lmtp_connect.c.
20030905
Workaround: Solaris 8 select() claims that a non-blocking
socket is readable and then read() fails with EAGAIN. Files:
util/timed_read.c and as precautionary measure,
util/timed_write.c.
20030908
The 20030905 workaround triggers too many warnings. TCP
sockets are back to blocking, and keepalives are turned on
to kill off dead sockets, as suggested by Leandro Santi.
Files: master/{single,multi}_server.c, smtpd/smtpd.c,
util/sys_defs.h.
20030909
Bugfix: the LMTP session caching code had problems with
SASL authentication after the first connection, and pipelining
was working poorly. Fix by Viktor Dukhovni, Morgan Stanley.
Files: lmtp/lmtp.c, lmtp/lmtp_proto.c.
20030912
Workaround: besides SMTP server sockets, SMTP client sockets
can also hang on Solaris, as reported by Leandro Santi. In
order to deal with this at the root, all connection management
is now done by sane_accept() and sane_connect(). Both turn
on keepalives on Solaris.
20030913
Safety: set-gid commands don't trust TZ. File: msg_syslog.c.
20031027
Portability: MacOS X Bind8 compatibility. File: makedefs.
20031110
Cleanup: don't report that $queue_directory/etc/filename
differs from /etc/filename when /etc/filename does not
exist. File: conf/postfix-script.
20031126
Bugfix: "panic: mymalloc: requested length 0" when master.cf
specified an invalid host name or address. Postfix now
logs more specific information. File: master/master_ent.c.
Reported by several people.
20031215
Safety: updated mail_queue_id_ok() for long fast flush
logfile names. File: global/mail_queue.c.
Robustness: save and restore the resolver _res.options
settings before and after DNS lookup, to avoid surprises
in third-party code. This may eliminate some "localhost
not found" problems. File: dns/dns_lookup.c.
20031222
Cleanup: shaved half the worst-case bits off the cleanup
duplicate address filter footprint. After discussion with
Victor Duchovni. File: cleanup/cleanup_out_recipient.c.
20031223
Bugfix: restore errno after write failure in SIGCHLD handler.
Leandro Santi. File: master/master_sig.c.
20040104
Workaround: MacOSX dumps core on the 20030913 TZ censoring
code. We explictly set TZ=UTC, which will produce incorrect
results when "mailq" formatting is moved from the showq
daemon to the postqueue command. File: msg_syslog.c.
Bugfix: vstring_get() etc. now return VSTREAM_EOF when they
terminate prematurely, instead of returning the last
character stored. This avoids mis-leading warnings. File:
global/vstring_vstream.c.
20040115
Performance: allow delivery concurrency to increase even
while mail is deferred, as long as the delivery agent does
not report really serious trouble with the destination.
Files: *qmgr/qmgr_deliver.c.
20040122
UNDO the 20040104 change (vstring_get() etc. return
VSTREAM_EOF when they terminate prematurely, instead of
returning the last character stored, to avoid mis-leading
warnings). File: global/vstring_vstream.c.
Portability: test -e is not portable. File: conf/postfix-script.
20040302
Bugfix: the pickup daemon now strokes the watchdog frequently
to prevent the watchdog from barking when mail arrives
faster than it can be picked up. File: pickup/pickup.c.
20040311
Bugfix: bad address syntax caused map lookup with zero-length
keys. Problem reported by Andrei Koulik. Files:
util/match_ops.c, src/trivial-rewrite/transport.c.
Open problems:
Doc: mention the proxy_interfaces parameter everywhere the
inet_interfaces and mydestination parameters are mentioned.
Low: smtp-source may block when sending large test messages.
Low: after successful delivery, per-queue window += 1/window,
after failure, queue window -= 1 (Victor).

20
gnu/dist/postfix/INSTALL vendored
View File

@ -144,15 +144,19 @@ configuration directory other than /etc/postfix, use:
Be sure to get the quotes right. These details matter a lot.
Other parameters whose defaults can be specified in this way are:
Parameters whose defaults can be specified in this way are:
Macro name default value for
-------------------------------------
DEF_COMMAND_DIR command_directory
DEF_DAEMON_DIR daemon_directory
DEF_SENDMAIL_PATH sendmail_path
DEF_MAILQ_PATH mailq_path
DEF_NEWALIAS_PATH newaliases_path
Macro name default value for typical default
-----------------------------------------------------------
DEF_COMMAND_DIR command_directory /usr/sbin
DEF_CONFIG_DIR config_directory /etc/postfix
DEF_DAEMON_DIR daemon_directory /usr/libexec/postfix
DEF_MAILQ_PATH mailq_path /usr/bin/mailq
DEF_MANPAGE_DIR manpage_directory /usr/local/man
DEF_NEWALIAS_PATH newaliases_path /usr/bin/newaliases
DEF_README_DIR readme_directory no (do not install)
DEF_SAMPLE_DIR sample_directory /etc/postfix
DEF_SENDMAIL_PATH sendmail_path /usr/sbin/sendmail
In order to build Postfix for very large applications, where you
expect to run more than 1000 delivery processes, you may need to

13
gnu/dist/postfix/README_FILES/FILTER_README vendored
View File

@ -236,8 +236,9 @@ program.
Note: the localhost port 10025 SMTP server filter should announce
itself as "220 localhost...". Postfix aborts delivery when it
connects to an SMTP server that uses the same hostname, because
that normally means you have a mail delivery loop problem.
connects to an SMTP server that uses the same hostname as Postfix
("host <servername> greeted me with my own hostname"), because that
normally means you have a mail delivery loop problem.
The example here assumes that the /some/where/filter command is a
PERL script. PERL has modules that make talking SMTP easy. The
@ -280,9 +281,9 @@ mail.
The "-o local_recipient_maps=" and "-o relay_recipient_maps=" avoid
unnecessary table lookups.
The "-o myhostname=localhost.domain.tld" avoids a possible problem
if your content filter is based on a proxy that simply relays SMTP
commands.
The "-o myhostname=localhost.domain.tld" avoids false alarms ("host
<servername> greeted me with my own hostname") if your content
filter is based on a proxy that simply relays SMTP commands.
The "-o smtpd_xxx_restrictions" and "-o mynetworks=127.0.0.0/8"
turn off UCE controls that would only waste time here.
@ -504,7 +505,7 @@ Limitations:
precedence over filters specified with the main.cf content_filter
parameter.
- Only the last FILTER action from smtpd access maps or in
- Only the last FILTER action from smtpd access maps or from
header/body_checks takes effect.
- The same content filter is applied to all the recipients of a

16
gnu/dist/postfix/README_FILES/SASL_README vendored
View File

@ -50,7 +50,8 @@ UCE restriction.
SASL authentication information is not passed on via message headers
or via SMTP. It is no-one's business what username and authentication
method the poster was using in order to access the mail server.
method the poster was using in order to access the mail server. The
people who need to know can find the information in the maillog file.
When sending mail, Postfix looks up the server hostname or destination
domain (the address remote part) in a table, and if a username/password
@ -227,6 +228,19 @@ can use one of the following commands:
mmencode is part of the metamail software.
MIME::Base64 is available from www.cpan.org.
Trouble shooting the SASL internals
===================================
[based on text by Liviu Daia]
In the Cyrus SASL sources you'll find a subdirectory named "sample".
Run make there, then run the resulting sample server and client in
separate terminals. Strace / ktrace / truss the server to see what
makes it unhappy, fix the problem, then write the authors thanking
them for providing such useful logging. Repeat the previous step
until you can successfully authenticate with the sample client.
Only then get back to Postfix.
Enabling SASL authentication in the Postfix SMTP client
=======================================================

23
gnu/dist/postfix/README_FILES/VIRTUAL_README vendored
View File

@ -8,7 +8,7 @@ Purpose of this software
You can use the virtual delivery agent for mailbox delivery of some
or all domains that are handled by a machine.
This mechanism is different from simulated virtual domains. Those
This mechanism is different from virtual alias domains. Those
are implemented by translating every recipient address into a
different address. For that, see the virtual(5) manual page.
@ -24,12 +24,13 @@ It looks up the user mailbox location, uid and gid via separate
maps, and the mailbox location map can specify either mailbox or
maildir delivery (controlled by trailing slash on mailbox name).
The agent does not support user+foo address extensions, aliases or
.forward files (use the virtual table instead), and therefore
doesn't support file or program aliases. This choice was made to
simplify and streamline the code (it allowed me to dispense with
70% of local's code - mostly the bits that are a security headache)
- if you need this functionality, this agent isn't for you.
The agent allows but ignores user+foo address extensions, does not
support aliases or .forward files (use the virtual table instead),
and therefore doesn't support file or program aliases. This choice
was made to simplify and streamline the code (it allowed me to
dispense with 70% of local's code - mostly the bits that are a
security headache) - if you need this functionality, this agent
isn't for you.
It also doesn't support writing to a common spool as root and then
chowning the mailbox to the user - I felt this functionality didn't
@ -67,7 +68,7 @@ virtual_mailbox_domains
Specifies the list of domains that should be delivered to the
$virtual_transport delivery agent (default: virtual). As of
version 1.2, Postfix is smart enough that you don't have to
version 2.0, Postfix is smart enough that you don't have to
list every virtual domain in a Postfix transport map.
virtual_mailbox_maps
@ -160,9 +161,9 @@ Example 1: using the virtual delivery agent for all local mail
==============================================================
This example does not use the Postfix local delivery agent at all.
With this configuration Postfix does no user+foo address extension,
no alias expansion, no .forward file expansion, and no lookups of
recipients in /etc/passwd.
With this configuration Postfix does no alias expansion, no .forward
file expansion, no lookups of recipients in /etc/passwd, and allows
but ignores user+foo address extensions.
Instead of "hash" specify "dbm" or "btree", depending on your system
type. The command "postconf -m" displays possible lookup table

29
gnu/dist/postfix/RELEASE_NOTES vendored
View File

@ -24,6 +24,23 @@ snapshot release). Patches change the patchlevel and the release
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
Incompatible changes with Postfix version 2.0.8 (released 20030415)
===================================================================
Too many people mess up their net/mask patterns, causing open
mail relay problems. Postfix processes now abort when given a
net/mask pattern with a non-zero host portion (for example,
168.100.189.2/28), and suggest to specify the proper net/mask
pattern instead (for example, 168.100.189.0/28).
Major changes with Postfix version 2.0.8 (released 20030415)
============================================================
Workaround for file system clock drift that caused Postfix to ignore
new mail (this could happen with file systems mounted from a server).
Postfix now logs a warning and proceeds with only slightly reduced
performance, instead of ignoring new mail.
Incompatible changes with Postfix version 2.0.6 (released 20030305)
===================================================================
@ -193,7 +210,10 @@ more flexible "reject_rbl_client" feature instead.
[Obsolete 20021209] The "check_relay_domains" restriction is going
away. The SMTP server logs a warning and suggests using the more
robust "reject_unauth_destination" instead.
robust "reject_unauth_destination" instead. This means that Postfix
by default no longer grants relay permissions on the basis of the
client hostname, and that relay clients must be authorized via
other means such as permit_mynetworks.
[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
@ -313,7 +333,7 @@ mail relay traffic from outbound traffic. This eliminates a problem
where inbound mail deliveries could become resource starved in the
presence of a high volume of outbound mail.
[Feature 20021013] The body_checks_max_size parameter limits the
[Feature 20021013] The body_checks_size_limit parameter limits the
amount of text per message body segment (or attachment, if you
prefer to use that term) that is subjected to body_checks inspection.
The default limit is 50 kbytes. This speeds up the processing of
@ -466,7 +486,8 @@ or html/uce.html for details.
IP address blacklisting. Based on code by LaMont Jones. The old
"reject_maps_rbl" is now implemented as a wrapper around the
reject_rbl_client code, and logs a warning that "reject_maps_rbl"
is going away.
is going away. To upgrade, specify "reject_rbl_client domainname"
once for each domain name that is listed in maps_rbl_domains.
[Feature 20020923] "reject_rhsbl_sender rbl.domain.tld" for sender
domain blacklisting. Also: reject_rhsbl_client and reject_rhsbl_recipient
@ -724,7 +745,7 @@ mime_header_checks (for MIME headers), and nested_header_checks
(for headers of attached email messages except MIME headers). By
default, all headers are matched with header_checks.
[Feature 20021013] The body_checks_max_size parameter limits the
[Feature 20021013] The body_checks_size_limit parameter limits the
amount of text per message body segment (or attachment, if you
prefer to use that term) that is subjected to body_checks inspection.
The default limit is 50 kbytes. This speeds up the processing of

85
gnu/dist/postfix/conf/access vendored
View File

@ -33,81 +33,86 @@
# different way as described below.
#
# TABLE FORMAT
# The format of the access table is as follows:
# The input format for the postmap(1) command is as follows:
#
# pattern action
# When pattern matches a mail address, domain or host
# address, perform the corresponding action.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# EMAIL ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain
# Matches the specified mail address.
#
# domain.tld
# Matches domain.tld as the domain part of an email
# Matches domain.tld as the domain part of an email
# address.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# mains.
#
# user@ Matches all mail addresses with the specified user
# part.
#
# Note: lookup of the null sender address is not possible
# with some types of lookup table. By default, Postfix uses
# <> as the lookup key for such addresses. The value is
# specified with the smtpd_null_access_lookup_key parameter
# in the Postfix main.cf file.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, domain, user+foo@,
# and user@.
#
# HOST NAME/ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# domain.tld
# Matches domain.tld.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# mains.
#
# user@ Matches all mail addresses with the specified user
# part.
#
# Note: lookup of the null sender address is not possible
# with some types of lookup table. By default, Postfix uses
# <> as the lookup key for such addresses. The value is
# specified with the smtpd_null_access_lookup_key parameter
# in the Postfix main.cf file.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, domain, user+foo@,
# and user@.
#
# HOST NAME/ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# domain.tld
# Matches domain.tld.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# mains.
#
# net.work.addr.ess
#
# net.work.addr
#
# net.work
#
# net Matches any host address in the specified network.
# A network address is a sequence of one or more
# net Matches any host address in the specified network.
# A network address is a sequence of one or more
# octets separated by ".".
#
# Note: CIDR notation (network/netmask) is not sup-
# ported with lookups from indexed files such as DB
# or DBM, or from networked tables such as NIS, LDAP
# or SQL.
#
# ACTIONS
# [45]NN text
# Reject the address etc. that matches the pattern,

72
gnu/dist/postfix/conf/canonical vendored
View File

@ -48,84 +48,84 @@
# aliasing. Use the aliases(5) map for that purpose.
#
# TABLE FORMAT
# The format of the canonical table is as follows:
# The input format for the postmap(1) command is as follows:
#
# pattern result
# When pattern matches a mail address, replace it by
# When pattern matches a mail address, replace it by
# the corresponding result.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, patterns are
# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain address
# user@domain is replaced by address. This form has
# user@domain is replaced by address. This form has
# the highest precedence.
#
# This is useful to clean up addresses produced by
# legacy mail systems. It can also be used to pro-
# duce Firstname.Lastname style addresses, but see
# This is useful to clean up addresses produced by
# legacy mail systems. It can also be used to pro-
# duce Firstname.Lastname style addresses, but see
# below for a simpler solution.
#
# user address
# user@site is replaced by address when site is equal
# to $myorigin, when site is listed in $mydestina-
# to $myorigin, when site is listed in $mydestina-
# tion, or when it is listed in $inet_interfaces.
#
# This form is useful for replacing login names by
# This form is useful for replacing login names by
# Firstname.Lastname.
#
# @domain address
# Every address in domain is replaced by address.
# Every address in domain is replaced by address.
# This form has the lowest precedence.
#
# In all the above forms, when address has the form @other-
# In all the above forms, when address has the form @other-
# domain, the result is the same user in otherdomain.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain. An unmatched address extension (+foo) is propa-
# @domain. An unmatched address extension (+foo) is propa-
# gated to the result of table lookup.
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
# addresses are not broken up into their user and @domain
# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# BUGS
# The table format does not understand quoting conventions.
# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax
# details and for default values. Use the postfix reload
# The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax
# details and for default values. Use the postfix reload
# command after a configuration change.
#
# canonical_maps
@ -142,25 +142,25 @@
# Other parameters of interest:
#
# inet_interfaces
# The network interface addresses that this system
# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# masquerade_classes
# List of address classes subject to masquerading:
# zero or more of envelope_sender, envelope_recipi-
# List of address classes subject to masquerading:
# zero or more of envelope_sender, envelope_recipi-
# ent, header_sender, header_recipient.
#
# masquerade_domains
# List of domains that hide their subdomain struc-
# List of domains that hide their subdomain struc-
# ture.
#
# masquerade_exceptions
# List of user names that are not subject to address
# List of user names that are not subject to address
# masquerading.
#
# mydestination
# List of domains that this mail system considers
# List of domains that this mail system considers
# local.
#
# myorigin
@ -178,7 +178,7 @@
# regexp_table(5) format of POSIX regular expression tables
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

93
gnu/dist/postfix/conf/pcre_table vendored
View File

@ -40,102 +40,105 @@
#
# if /pattern/flags
#
# endif Examine the lines between if..endif only if pattern
# matches. The if..endif can nest. Do not prepend
# whitespace to patterns inside if..endif.
# endif Match the search string against the patterns
# between if and endif, if and only if the search
# string matches pattern. The if..endif can nest.
#
# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# Each pattern is a perl-like regular expression. The
# expression delimiter can be any character, except whites-
# pace or characters that have special meaning (tradition-
# ally the forward slash is used). The regular expression
# expression delimiter can be any character, except whites-
# pace or characters that have special meaning (tradition-
# ally the forward slash is used). The regular expression
# can contain whitespace.
#
# By default, matching is case-insensitive, and newlines are
# not treated as special characters. The behavior is con-
# trolled by flags, which are toggled by appending one or
# not treated as special characters. The behavior is con-
# trolled by flags, which are toggled by appending one or
# more of the following characters after the pattern:
#
# i (default: on)
# Toggles the case sensitivity flag. By default,
# Toggles the case sensitivity flag. By default,
# matching is case insensitive.
#
# m (default: off)
# Toggles the PCRE_MULTILINE flag. When this flag is
# on, the ^ and $ metacharacters match immediately
# after and immediately before a newline character,
# respectively, in addition to matching at the start
# Toggles the PCRE_MULTILINE flag. When this flag is
# on, the ^ and $ metacharacters match immediately
# after and immediately before a newline character,
# respectively, in addition to matching at the start
# and end of the subject string.
#
# s (default: on)
# Toggles the PCRE_DOTALL flag. When this flag is on,
# the . metacharacter matches the newline character.
# With Postfix versions prior to 20020528, The flag
# With Postfix versions prior to 20020528, The flag
# is off by default, which is inconvenient for multi-
# line message header matching.
#
# x (default: off)
# Toggles the pcre extended flag. When this flag is
# on, whitespace in the pattern (other than in a
# Toggles the pcre extended flag. When this flag is
# on, whitespace in the pattern (other than in a
# character class) and characters between a # outside
# a character class and the next newline character
# are ignored. An escaping backslash can be used to
# include a whitespace or # character as part of the
# a character class and the next newline character
# are ignored. An escaping backslash can be used to
# include a whitespace or # character as part of the
# pattern.
#
# A (default: off)
# Toggles the PCRE_ANCHORED flag. When this flag is
# on, the pattern is forced to be "anchored", that
# Toggles the PCRE_ANCHORED flag. When this flag is
# on, the pattern is forced to be "anchored", that
# is, it is constrained to match only at the start of
# the string which is being searched (the "subject
# string"). This effect can also be achieved by
# the string which is being searched (the "subject
# string"). This effect can also be achieved by
# appropriate constructs in the pattern itself.
#
# E (default: off)
# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
# flag is on, a $ metacharacter in the pattern
# matches only at the end of the subject string.
# Without this flag, a dollar also matches immedi-
# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
# flag is on, a $ metacharacter in the pattern
# matches only at the end of the subject string.
# Without this flag, a dollar also matches immedi-
# ately before the final character if it is a newline
# character (but not before any other newline charac-
# ters). This flag is ignored if PCRE_MULTILINE flag
# ters). This flag is ignored if PCRE_MULTILINE flag
# is set.
#
# U (default: off)
# Toggles the ungreedy matching flag. When this flag
# is on, the pattern matching engine inverts the
# "greediness" of the quantifiers so that they are
# not greedy by default, but become greedy if fol-
# lowed by "?". This flag can also set by a (?U)
# is on, the pattern matching engine inverts the
# "greediness" of the quantifiers so that they are
# not greedy by default, but become greedy if fol-
# lowed by "?". This flag can also set by a (?U)
# modifier within the pattern.
#
# X (default: off)
# Toggles the PCRE_EXTRA flag. When this flag is on,
# any backslash in a pattern that is followed by a
# any backslash in a pattern that is followed by a
# letter that has no special meaning causes an error,
# thus reserving these combinations for future expan-
# sion.
#
# Each pattern is applied to the entire lookup key string.
# Depending on the application, that string is an entire
# Each pattern is applied to the entire lookup key string.
# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
# mail address. Thus, no parent domain or parent network
# search is done, and user@domain mail addresses are not
# broken up into their user and domain constituent parts,
# mail address. Thus, no parent domain or parent network
# search is done, and user@domain mail addresses are not
# broken up into their user and domain constituent parts,
# nor is user+foo broken up into user and foo.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Substitution of substrings from the matched expression
# into the result string is possible using the conventional
# perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# Substitution of substrings from the matched expression
# into the result string is possible using the conventional
# perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# aren't followed by whitespace.
#
# EXAMPLE SMTPD ACCESS MAP
# # Protect your outgoing majordomo exploders
# /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
# /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
#
# # Bounce friend@whatever, except when whatever is our domain (you would
# # be better just bouncing all friend@ mail - this is just an example).

8
gnu/dist/postfix/conf/postfix-script vendored
View File

@ -181,7 +181,7 @@ check)
find $command_directory/postqueue $command_directory/postdrop \
-prune ! -perm -02111 \
-exec $WARN not set-gid: {} \;
-exec $WARN not set-gid or not owner+group+world executable: {} \;
for name in `ls -d $queue_directory/* | \
egrep '/(bin|etc|lib|usr)$'` ; \
@ -200,8 +200,10 @@ check)
do
test -d $dir && find $dir -type f -print | while read path
do
cmp -s $path /$path ||
$WARN $queue_directory/$path and /$path differ
test -f /$path && {
cmp -s $path /$path ||
$WARN $queue_directory/$path and /$path differ
}
done
done

35
gnu/dist/postfix/conf/regexp_table vendored
View File

@ -44,37 +44,40 @@
#
# if !/pattern/flags
#
# endif Examine the lines between if..endif only if pattern
# matches (does not match). The if..endif can nest.
# Do not prepend whitespace to patterns inside
# endif Match the search string against the patterns
# between if and endif, if and only if the search
# string matches (does not match) pattern. The
# if..endif can nest.
#
# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# Each pattern is a regular expression enclosed by a pair of
# delimiters. The regular expression syntax is described in
# re_format(7). The expression delimiter can be any charac-
# ter, except whitespace or characters that have special
# meaning (traditionally the forward slash is used). The
# ter, except whitespace or characters that have special
# meaning (traditionally the forward slash is used). The
# regular expression can contain whitespace.
#
# By default, matching is case-insensitive, although follow-
# ing the second slash with an `i' flag will reverse this.
# Other flags are `x' (disable extended expression syntax),
# and `m' (enable multi-line mode, that is, treat newline
# ing the second slash with an `i' flag will reverse this.
# Other flags are `x' (disable extended expression syntax),
# and `m' (enable multi-line mode, that is, treat newline
# characters as special).
#
# Each pattern is applied to the entire lookup key string.
# Depending on the application, that string is an entire
# Each pattern is applied to the entire lookup key string.
# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
# mail address. Thus, no parent domain or parent network
# search is done, and user@domain mail addresses are not
# broken up into their user and domain constituent parts,
# mail address. Thus, no parent domain or parent network
# search is done, and user@domain mail addresses are not
# broken up into their user and domain constituent parts,
# nor is user+foo broken up into user and foo.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Substitution of substrings from the matched expression
# Substitution of substrings from the matched expression
# into the result string is possible using $1, $2, etc.. The
# macros in the result string may need to be written as ${n}
# or $(n) if they aren't followed by whitespace.

56
gnu/dist/postfix/conf/relocated vendored
View File

@ -30,28 +30,28 @@
# Table lookups are case insensitive.
#
# TABLE FORMAT
# The format of the table is as follows:
# The input format for the postmap(1) command is as follows:
#
# o An entry has one of the following form:
# key new_location
# Where new_location specifies contact information
# such as an email address, or perhaps a street
# pattern new_location
# Where new_location specifies contact information
# such as an email address, or perhaps a street
# address or telephone number.
#
# o Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# o Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# o A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# o A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the key field
# is one of the following:
# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain
# Matches user@domain. This form has precedence over
# Matches user@domain. This form has precedence over
# all other forms.
#
# user Matches user@site when site is $myorigin, when site
@ -59,42 +59,42 @@
# in $inet_interfaces.
#
# @domain
# Matches every address in domain. This form has the
# Matches every address in domain. This form has the
# lowest precedence.
#
# ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain.
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail
# addresses are not broken up into their user and @domain
# addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and
# foo.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# BUGS
# The table format does not understand quoting conventions.
# The table format does not understand quoting conventions.
#
# CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax
# details and for default values. Use the postfix reload
# The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax
# details and for default values. Use the postfix reload
# command after a configuration change.
#
# relocated_maps
@ -103,12 +103,12 @@
# Other parameters of interest:
#
# inet_interfaces
# The network interface addresses that this system
# The network interface addresses that this system
# receives mail on. You need to stop and start Post-
# fix when this parameter changes.
#
# mydestination
# List of domains that this mail system considers
# List of domains that this mail system considers
# local.
#
# myorigin
@ -120,7 +120,7 @@
# regexp_table(5) format of POSIX regular expression tables
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

41
gnu/dist/postfix/conf/transport vendored
View File

@ -16,25 +16,44 @@
# relay hosts. The mapping is used by the trivial-rewrite(8)
# daemon.
#
# Normally, the transport table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# postmap /etc/postfix/transport in order to rebuild the
# This mapping overrides the default routing that is built
# into Postfix:
#
# mydestination
# A list of domains that is by default delivered via
# $local_transport.
#
# virtual_mailbox_domains
# A list of domains that is by default delivered via
# $virtual_transport.
#
# relay_domains
# A list of domains that is by default delivered via
# $relay_transport.
#
# any other destination
# Mail for any other destination is by default deliv-
# ered via $default_transport.
#
# Normally, the transport table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# postmap /etc/postfix/transport in order to rebuild the
# indexed file after changing the transport table.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions. In that case, the lookups are done in a slightly
# different way as described in section "REGULAR EXPRESSION
# sions. In that case, the lookups are done in a slightly
# different way as described in section "REGULAR EXPRESSION
# TABLES".
#
# TABLE FORMAT
# The format of the transport table is as follows:
# The input format for the postmap(1) command is as follows:
#
# pattern result
# When pattern matches the recipient address or

3
gnu/dist/postfix/conf/virtual vendored
View File

@ -53,8 +53,7 @@
# different way as described below.
#
# TABLE FORMAT
# The format of the virtual table is as follows, mappings
# being tried in the order as listed in this manual page:
# The input format for the postmap(1) command is as follows:
#
# pattern result
# When pattern matches a mail address, replace it by

85
gnu/dist/postfix/html/access.5.html vendored
View File

@ -34,64 +34,34 @@ ACCESS(5) ACCESS(5)
different way as described below.
<b>TABLE</b> <b>FORMAT</b>
The format of the access table is as follows:
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern</i> <i>action</i>
When <i>pattern</i> matches a mail address, domain or host
address, perform the corresponding <i>action</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
cal line.
<b>EMAIL</b> <b>ADDRESS</b> <b>PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, the following
lookup patterns are examined in the order as listed:
networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i>
Matches the specified mail address.
<i>domain.tld</i>
Matches <i>domain.tld</i> as the domain part of an email
Matches <i>domain.tld</i> as the domain part of an email
address.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
(note the initial dot) in order to match subdo-
mains.
<i>user</i>@ Matches all mail addresses with the specified user
part.
Note: lookup of the null sender address is not possible
with some types of lookup table. By default, Postfix uses
&lt;&gt; as the lookup key for such addresses. The value is
specified with the <b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b> parameter
in the Postfix <b>main.cf</b> file.
<b>ADDRESS</b> <b>EXTENSION</b>
When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
and <i>user</i>@.
<b>HOST</b> <b>NAME/ADDRESS</b> <b>PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, the following
lookup patterns are examined in the order as listed:
<i>domain.tld</i>
Matches <i>domain.tld</i>.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
@ -99,16 +69,51 @@ ACCESS(5) ACCESS(5)
(note the initial dot) in order to match subdo-
mains.
<i>user</i>@ Matches all mail addresses with the specified user
part.
Note: lookup of the null sender address is not possible
with some types of lookup table. By default, Postfix uses
&lt;&gt; as the lookup key for such addresses. The value is
specified with the <b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b> parameter
in the Postfix <b>main.cf</b> file.
<b>ADDRESS</b> <b>EXTENSION</b>
When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
and <i>user</i>@.
<b>HOST</b> <b>NAME/ADDRESS</b> <b>PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, the following
lookup patterns are examined in the order as listed:
<i>domain.tld</i>
Matches <i>domain.tld</i>.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
(note the initial dot) in order to match subdo-
mains.
<i>net.work.addr.ess</i>
<i>net.work.addr</i>
<i>net.work</i>
<i>net</i> Matches any host address in the specified network.
A network address is a sequence of one or more
<i>net</i> Matches any host address in the specified network.
A network address is a sequence of one or more
octets separated by ".".
Note: CIDR notation (network/netmask) is not sup-
ported with lookups from indexed files such as DB
or DBM, or from networked tables such as NIS, LDAP
or SQL.
<b>ACTIONS</b>
[<b>45</b>]<i>NN</i> <i>text</i>
Reject the address etc. that matches the pattern,

7
gnu/dist/postfix/html/basic.html vendored
View File

@ -355,9 +355,10 @@ top-level domain).
<a name="mynetworks"> <h2> My own networks </h2> </a>
The <b>mynetworks</b> parameter lists all networks that this machine
somehow trusts. This information can be used by the <a href="uce.html">
anti-UCE</a> features to recognize trusted SMTP clients that are
allowed to relay mail through Postfix.
somehow trusts. This information can be used by the <a
href="uce.html#smtpd_recipient_restrictions"> anti-UCE</a> features
to recognize trusted SMTP clients that are allowed to relay mail
through Postfix.
<p>

72
gnu/dist/postfix/html/canonical.5.html vendored
View File

@ -49,84 +49,84 @@ CANONICAL(5) CANONICAL(5)
aliasing. Use the <a href="aliases.5.html"><b>aliases</b>(5)</a> map for that purpose.
<b>TABLE</b> <b>FORMAT</b>
The format of the <b>canonical</b> table is as follows:
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern</i> <i>result</i>
When <i>pattern</i> matches a mail address, replace it by
When <i>pattern</i> matches a mail address, replace it by
the corresponding <i>result</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
cal line.
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, patterns are
networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i> <i>address</i>
<i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
<i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
the highest precedence.
This is useful to clean up addresses produced by
legacy mail systems. It can also be used to pro-
duce <i>Firstname.Lastname</i> style addresses, but see
This is useful to clean up addresses produced by
legacy mail systems. It can also be used to pro-
duce <i>Firstname.Lastname</i> style addresses, but see
below for a simpler solution.
<i>user</i> <i>address</i>
<i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
<b>tion</b>, or when it is listed in $<b>inet</b><i>_</i><b>interfaces</b>.
This form is useful for replacing login names by
This form is useful for replacing login names by
<i>Firstname.Lastname</i>.
@<i>domain</i> <i>address</i>
Every address in <i>domain</i> is replaced by <i>address</i>.
Every address in <i>domain</i> is replaced by <i>address</i>.
This form has the lowest precedence.
In all the above forms, when <i>address</i> has the form @<i>other-</i>
In all the above forms, when <i>address</i> has the form @<i>other-</i>
<i>domain</i>, the result is the same user in <i>otherdomain</i>.
<b>ADDRESS</b> <b>EXTENSION</b>
When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
@<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup.
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
Each pattern is a regular expression that is applied to
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
addresses are not broken up into their <i>user</i> and <i>@domain</i>
addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>BUGS</b>
The table format does not understand quoting conventions.
The table format does not understand quoting conventions.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>canonical</b><i>_</i><b>maps</b>
@ -143,25 +143,25 @@ CANONICAL(5) CANONICAL(5)
Other parameters of interest:
<b>inet</b><i>_</i><b>interfaces</b>
The network interface addresses that this system
The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
<b>masquerade</b><i>_</i><b>classes</b>
List of address classes subject to masquerading:
zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
List of address classes subject to masquerading:
zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
<b>ent</b>, <b>header</b><i>_</i><b>sender</b>, <b>header</b><i>_</i><b>recipient</b>.
<b>masquerade</b><i>_</i><b>domains</b>
List of domains that hide their subdomain struc-
List of domains that hide their subdomain struc-
ture.
<b>masquerade</b><i>_</i><b>exceptions</b>
List of user names that are not subject to address
List of user names that are not subject to address
masquerading.
<b>mydestination</b>
List of domains that this mail system considers
List of domains that this mail system considers
local.
<b>myorigin</b>
@ -179,7 +179,7 @@ CANONICAL(5) CANONICAL(5)
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

6
gnu/dist/postfix/html/cleanup.8.html vendored
View File

@ -133,7 +133,7 @@ CLEANUP(8) CLEANUP(8)
ple, bounces from qmail or from old versions of
Postfix).
<b>strict</b><i>_</i><b>mime</b><i>_</i><b>domain</b><i>_</i><b>encoding</b>
<b>strict</b><i>_</i><b>mime</b><i>_</i><b>encoding</b><i>_</i><b>domain</b>
Reject mail with invalid <b>Content-Transfer-Encoding:</b>
information for message/* or multipart/*. This
blocks mail from poorly written software.
@ -196,8 +196,8 @@ CLEANUP(8) CLEANUP(8)
a message header.
<b>header</b><i>_</i><b>size</b><i>_</i><b>limit</b>
Limits the amount of memory in bytes used to pro-
cess a message header.
Limits the amount of memory in bytes used to store
a message header.
<b>in</b><i>_</i><b>flow</b><i>_</i><b>delay</b>
Amount of time to pause before accepting a message,

35
gnu/dist/postfix/html/faq.html vendored
View File

@ -209,7 +209,7 @@ domains with "relay access denied"</a>
<li><a href="#relay_restrict">Restricting what users can send mail to off-site destinations</a>
<li><a href="#backup">Configuring Postfix as backup MX host</a>
<li><a href="#backup">Configuring Postfix as MX host for a remote site</a>
</ul>
@ -1441,7 +1441,20 @@ the address does resolve to a name.
<p>
You run the Postfix SMTP server inside a <b>chroot</b> jail for
extra security, but some configuration files are missing. In order
extra security, but some configuration files are missing or have
incorrect information. The command "postfix check" will report
what files may have incorrect information. For example:
<blockquote>
<pre>
warning: /var/spool/postfix/etc/resolv.conf and /etc/resolv.conf differ
warning: /var/spool/postfix/etc/localtime and /etc/localtime differ
</pre>
</blockquote>
<p>
In order
to run inside a chroot jail, the Postfix SMTP client and server
need copies of system configuration files inside the Postfix queue
directory. The exact list of files is very system dependent, but
@ -1685,7 +1698,7 @@ host.
<hr>
<a name="backup"><h3>Configuring Postfix as backup MX host</h3></a>
<a name="backup"><h3>Configuring Postfix as MX host for a remote site</h3></a>
When you are <b>secondary mx</b> for a <b>remote site</b> this is
all you need:
@ -1703,6 +1716,10 @@ all you need:
<p>
<blink><b>DO NOT LIST the.backed-up.domain.tld in MYDESTINATION</b></blink>
<p>
When you are <b>primary mx</b> for a <b>remote site</b> you also
need:
@ -1713,7 +1730,7 @@ need:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
the.backed-up.domain.tld smtp:[their.mail.host.tld]
the.backed-up.domain.tld relay:[their.mail.host.tld]
</pre>
<p>
@ -1772,7 +1789,8 @@ for the <b>/etc/resolv.conf</b> file.
Check out your Postfix <b>master.cf</b> file. If the SMTP client
runs chrooted, then it needs a bunch of files inside the Postfix
queue directory. Examples are in the source distribution in the
<b>examples</b> subdirectory.
<b>examples</b> subdirectory. See also the other FAQ entry on
<a href="#numerical_log">name service trouble</a>.
</ul>
@ -2618,8 +2636,9 @@ the <b>virtual_mailbox_maps</b> parameter.
<p>
If you want to deliver the domain as a Postfix simulated <a
href="virtual.8.html">virtual</a>(5) domain, then you should list
If you want to deliver the domain as a <a href="virtual.8.html">
virtual</a>(5) alias domain, where each address is aliased to
a real local or remote address, then you should list
the virtual domain name in the tables specified with the
<b>virtual_alias_domains</b> parameter instead.
@ -2638,7 +2657,7 @@ Solutions:
<ul>
<li>Specify a simulated virtual domain as per the
<li>Specify a virtual alias domain as per the
<a href="virtual.5.html">virtual(5)</a> manual page.
<p>

93
gnu/dist/postfix/html/pcre_table.5.html vendored
View File

@ -41,102 +41,105 @@ PCRE_TABLE(5) PCRE_TABLE(5)
<b>if</b> <b>/</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
matches. The <b>if</b>..<b>endif</b> can nest. Do not prepend
whitespace to patterns inside <b>if</b>..<b>endif</b>.
<b>endif</b> Match the search string against the patterns
between <b>if</b> and <b>endif</b>, if and only if the search
string matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
Each pattern is a perl-like regular expression. The
expression delimiter can be any character, except whites-
pace or characters that have special meaning (tradition-
ally the forward slash is used). The regular expression
expression delimiter can be any character, except whites-
pace or characters that have special meaning (tradition-
ally the forward slash is used). The regular expression
can contain whitespace.
By default, matching is case-insensitive, and newlines are
not treated as special characters. The behavior is con-
trolled by flags, which are toggled by appending one or
not treated as special characters. The behavior is con-
trolled by flags, which are toggled by appending one or
more of the following characters after the pattern:
<b>i</b> (default: on)
Toggles the case sensitivity flag. By default,
Toggles the case sensitivity flag. By default,
matching is case insensitive.
<b>m</b> (default: off)
Toggles the PCRE_MULTILINE flag. When this flag is
on, the <b>^</b> and <b>$</b> metacharacters match immediately
after and immediately before a newline character,
respectively, in addition to matching at the start
Toggles the PCRE_MULTILINE flag. When this flag is
on, the <b>^</b> and <b>$</b> metacharacters match immediately
after and immediately before a newline character,
respectively, in addition to matching at the start
and end of the subject string.
<b>s</b> (default: on)
Toggles the PCRE_DOTALL flag. When this flag is on,
the <b>.</b> metacharacter matches the newline character.
With Postfix versions prior to 20020528, The flag
With Postfix versions prior to 20020528, The flag
is off by default, which is inconvenient for multi-
line message header matching.
<b>x</b> (default: off)
Toggles the pcre extended flag. When this flag is
on, whitespace in the pattern (other than in a
Toggles the pcre extended flag. When this flag is
on, whitespace in the pattern (other than in a
character class) and characters between a <b>#</b> outside
a character class and the next newline character
are ignored. An escaping backslash can be used to
include a whitespace or <b>#</b> character as part of the
a character class and the next newline character
are ignored. An escaping backslash can be used to
include a whitespace or <b>#</b> character as part of the
pattern.
<b>A</b> (default: off)
Toggles the PCRE_ANCHORED flag. When this flag is
on, the pattern is forced to be "anchored", that
Toggles the PCRE_ANCHORED flag. When this flag is
on, the pattern is forced to be "anchored", that
is, it is constrained to match only at the start of
the string which is being searched (the "subject
string"). This effect can also be achieved by
the string which is being searched (the "subject
string"). This effect can also be achieved by
appropriate constructs in the pattern itself.
<b>E</b> (default: off)
Toggles the PCRE_DOLLAR_ENDONLY flag. When this
flag is on, a <b>$</b> metacharacter in the pattern
matches only at the end of the subject string.
Without this flag, a dollar also matches immedi-
Toggles the PCRE_DOLLAR_ENDONLY flag. When this
flag is on, a <b>$</b> metacharacter in the pattern
matches only at the end of the subject string.
Without this flag, a dollar also matches immedi-
ately before the final character if it is a newline
character (but not before any other newline charac-
ters). This flag is ignored if PCRE_MULTILINE flag
ters). This flag is ignored if PCRE_MULTILINE flag
is set.
<b>U</b> (default: off)
Toggles the ungreedy matching flag. When this flag
is on, the pattern matching engine inverts the
"greediness" of the quantifiers so that they are
not greedy by default, but become greedy if fol-
lowed by "?". This flag can also set by a (?U)
is on, the pattern matching engine inverts the
"greediness" of the quantifiers so that they are
not greedy by default, but become greedy if fol-
lowed by "?". This flag can also set by a (?U)
modifier within the pattern.
<b>X</b> (default: off)
Toggles the PCRE_EXTRA flag. When this flag is on,
any backslash in a pattern that is followed by a
any backslash in a pattern that is followed by a
letter that has no special meaning causes an error,
thus reserving these combinations for future expan-
sion.
Each pattern is applied to the entire lookup key string.
Depending on the application, that string is an entire
Each pattern is applied to the entire lookup key string.
Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
mail address. Thus, no parent domain or parent network
search is done, and <i>user@domain</i> mail addresses are not
broken up into their <i>user</i> and <i>domain</i> constituent parts,
mail address. Thus, no parent domain or parent network
search is done, and <i>user@domain</i> mail addresses are not
broken up into their <i>user</i> and <i>domain</i> constituent parts,
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
Substitution of substrings from the matched expression
into the result string is possible using the conventional
perl syntax ($1, $2, etc.). The macros in the result
string may need to be written as ${n} or $(n) if they
Substitution of substrings from the matched expression
into the result string is possible using the conventional
perl syntax ($1, $2, etc.). The macros in the result
string may need to be written as ${n} or $(n) if they
aren't followed by whitespace.
<b>EXAMPLE</b> <b>SMTPD</b> <b>ACCESS</b> <b>MAP</b>
# Protect your outgoing majordomo exploders
/^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
/^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
# Bounce friend@whatever, except when whatever is our domain (you would
# be better just bouncing all friend@ mail - this is just an example).

6
gnu/dist/postfix/html/postalias.1.html vendored
View File

@ -63,14 +63,14 @@ POSTALIAS(1) POSTALIAS(1)
root privileges and runs as the source file owner
instead.
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
first value found on the standard output stream.
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream and
prints one line of <i>key:</i> <i>value</i> output for each key
writes one line of <i>key:</i> <i>value</i> output for each key
that was found. The exit status is zero when at
least one of the requested keys was found.

36
gnu/dist/postfix/html/postcat.1.html vendored
View File

@ -5,25 +5,47 @@ POSTCAT(1) POSTCAT(1)
postcat - show Postfix queue file contents
<b>SYNOPSIS</b>
<b>postcat</b> [<b>-v</b>] [<i>files</i>...]
<b>postcat</b> [<b>-vq</b>] [<b>-c</b> <i>config_dir</i>] [<i>files</i>...]
<b>DESCRIPTION</b>
The <b>postcat</b> command prints the contents of the named Post-
fix queue <i>files</i> in human-readable form. If no <i>files</i> are
specified on the command line, the program reads from
standard input.
The <b>postcat</b> command prints the contents of the named <i>files</i>
in human-readable form. The files are expected to be in
Postfix queue file format. If no <i>files</i> are specified on
the command line, the program reads from standard input.
Options:
<b>-c</b> <i>config_dir</i>
The <b>main.cf</b> configuration file is in the named
directory instead of the default configuration
directory.
<b>-q</b> Search the Postfix queue for the named <i>files</i>
instead of taking the names literally.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
tiple <b>-v</b> options make the software increasingly
tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
Problems are reported to the standard error stream.
<b>ENVIRONMENT</b>
<b>MAIL</b><i>_</i><b>CONFIG</b>
Directory with Postfix configuration files.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
See the Postfix <b>main.cf</b> file for syntax details and for
default values. Use the <b>postfix</b> <b>reload</b> command after a
configuration change.
<b>queue</b><i>_</i><b>directory</b>
Top-level directory of the Postfix queue. This is
also the root directory of Postfix daemons that run
chrooted.
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

6
gnu/dist/postfix/html/postmap.1.html vendored
View File

@ -84,14 +84,14 @@ POSTMAP(1) POSTMAP(1)
privileges and runs as the source file owner
instead.
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
first value found on the standard output stream.
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream and
prints one line of <i>key</i> <i>value</i> output for each key
writes one line of <i>key</i> <i>value</i> output for each key
that was found. The exit status is zero when at
least one of the requested keys was found.

4
gnu/dist/postfix/html/proxymap.8.html vendored
View File

@ -88,7 +88,9 @@ PROXYMAP(8) PROXYMAP(8)
The proxymap server opens only tables that are approved
via the <b>proxy</b><i>_</i><b>read</b><i>_</i><b>maps</b> configuration parameter, does not
talk to users, and can run at fixed low privilege,
chrooted or not.
chrooted or not. However, running the proxymap server
chrooted severely limits usability, because it can open
only chrooted tables.
The proxymap server is not a trusted daemon process, and
must not be used to look up sensitive information such as

35
gnu/dist/postfix/html/regexp_table.5.html vendored
View File

@ -45,37 +45,40 @@ REGEXP_TABLE(5) REGEXP_TABLE(5)
<b>if</b> <b>!/</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
matches (does not match). The <b>if</b>..<b>endif</b> can nest.
Do not prepend whitespace to patterns inside
<b>endif</b> Match the search string against the patterns
between <b>if</b> and <b>endif</b>, if and only if the search
string matches (does not match) <i>pattern</i>. The
<b>if</b>..<b>endif</b> can nest.
Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
Each pattern is a regular expression enclosed by a pair of
delimiters. The regular expression syntax is described in
<i>re_format</i>(7). The expression delimiter can be any charac-
ter, except whitespace or characters that have special
meaning (traditionally the forward slash is used). The
ter, except whitespace or characters that have special
meaning (traditionally the forward slash is used). The
regular expression can contain whitespace.
By default, matching is case-insensitive, although follow-
ing the second slash with an `i' flag will reverse this.
Other flags are `x' (disable extended expression syntax),
and `m' (enable multi-line mode, that is, treat newline
ing the second slash with an `i' flag will reverse this.
Other flags are `x' (disable extended expression syntax),
and `m' (enable multi-line mode, that is, treat newline
characters as special).
Each pattern is applied to the entire lookup key string.
Depending on the application, that string is an entire
Each pattern is applied to the entire lookup key string.
Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
mail address. Thus, no parent domain or parent network
search is done, and <i>user@domain</i> mail addresses are not
broken up into their <i>user</i> and <i>domain</i> constituent parts,
mail address. Thus, no parent domain or parent network
search is done, and <i>user@domain</i> mail addresses are not
broken up into their <i>user</i> and <i>domain</i> constituent parts,
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
Substitution of substrings from the matched expression
Substitution of substrings from the matched expression
into the result string is possible using $1, $2, etc.. The
macros in the result string may need to be written as ${n}
or $(n) if they aren't followed by whitespace.

56
gnu/dist/postfix/html/relocated.5.html vendored
View File

@ -31,28 +31,28 @@ RELOCATED(5) RELOCATED(5)
Table lookups are case insensitive.
<b>TABLE</b> <b>FORMAT</b>
The format of the table is as follows:
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<b>o</b> An entry has one of the following form:
<i>key</i> <i>new_location</i>
Where <i>new_location</i> specifies contact information
such as an email address, or perhaps a street
<i>pattern</i> <i>new_location</i>
Where <i>new_location</i> specifies contact information
such as an email address, or perhaps a street
address or telephone number.
<b>o</b> Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
<b>o</b> Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
<b>o</b> A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
<b>o</b> A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
cal line.
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, the <i>key</i> field
is one of the following:
networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i>
Matches <i>user</i>@<i>domain</i>. This form has precedence over
Matches <i>user</i>@<i>domain</i>. This form has precedence over
all other forms.
<i>user</i> Matches <i>user</i>@<i>site</i> when <i>site</i> is $<b>myorigin</b>, when <i>site</i>
@ -60,42 +60,42 @@ RELOCATED(5) RELOCATED(5)
in $<b>inet</b><i>_</i><b>interfaces</b>.
@<i>domain</i>
Matches every address in <i>domain</i>. This form has the
Matches every address in <i>domain</i>. This form has the
lowest precedence.
<b>ADDRESS</b> <b>EXTENSION</b>
When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>.
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
Each pattern is a regular expression that is applied to
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail
addresses are not broken up into their <i>user</i> and <i>@domain</i>
addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>BUGS</b>
The table format does not understand quoting conventions.
The table format does not understand quoting conventions.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>relocated</b><i>_</i><b>maps</b>
@ -104,12 +104,12 @@ RELOCATED(5) RELOCATED(5)
Other parameters of interest:
<b>inet</b><i>_</i><b>interfaces</b>
The network interface addresses that this system
The network interface addresses that this system
receives mail on. You need to stop and start Post-
fix when this parameter changes.
<b>mydestination</b>
List of domains that this mail system considers
List of domains that this mail system considers
local.
<b>myorigin</b>
@ -121,7 +121,7 @@ RELOCATED(5) RELOCATED(5)
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

4
gnu/dist/postfix/html/rewrite.html vendored
View File

@ -310,8 +310,8 @@ href="cleanup.8.html">cleanup</a> daemon uses the <a
href="virtual.5.html">virtual alias</a> table to redirect mail for all
recipients, local or remote. The mapping affects only envelope
recipients; it has no effect on message headers or envelope senders.
Virtual alias lookups are useful to redirect mail for simulated
virtual domains to real user mailboxes, and to redirect mail for
Virtual alias lookups are useful to redirect mail for virtual
alias domains to real user mailboxes, and to redirect mail for
domains that no longer exist. Virtual alias lookups can also be
used to transform <i> Firstname.Lastname </i> back into UNIX login
names, although it seems that local <a href="#aliases">aliases</a>

135
gnu/dist/postfix/html/smtp.8.html vendored
View File

@ -25,11 +25,6 @@ SMTP(8) SMTP(8)
preference, and connects to each listed address until it
finds a server that responds.
When the domain or host is specified as a comma/whitespace
separated list, the SMTP client repeats the above process
for all destinations until it finds a server that
responds.
Once the SMTP client has received the server greeting ban-
ner, no error will cause it to proceed to the next address
on the mail exchanger list. Instead, the message is either
@ -37,7 +32,7 @@ SMTP(8) SMTP(8)
<b>SECURITY</b>
The SMTP client is moderately security-sensitive. It talks
to SMTP servers and to DNS servers on the network. The
to SMTP servers and to DNS servers on the network. The
SMTP client can be run chrooted at fixed low privilege.
<b>STANDARDS</b>
@ -53,73 +48,73 @@ SMTP(8) SMTP(8)
<a href="http://www.faqs.org/rfcs/rfc2920.html">RFC 2920</a> (SMTP Pipelining)
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
rupted message files are marked so that the queue manager
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue for further inspection.
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
the postmaster is notified of bounces, protocol problems,
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
the postmaster is notified of bounces, protocol problems,
and of other trouble.
<b>BUGS</b>
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Miscellaneous</b>
<b>best</b><i>_</i><b>mx</b><i>_</i><b>transport</b>
Name of the delivery transport to use when the
local machine is the most-preferred mail exchanger
(by default, a mailer loop is reported, and the
Name of the delivery transport to use when the
local machine is the most-preferred mail exchanger
(by default, a mailer loop is reported, and the
message is bounced).
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
Verbose logging level increment for hosts that
Verbose logging level increment for hosts that
match a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b> parameter.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
List of domain or network patterns. When a remote
host matches a pattern, increase the verbose log-
ging level by the amount specified in the
List of domain or network patterns. When a remote
host matches a pattern, increase the verbose log-
ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
<b>disable</b><i>_</i><b>dns</b><i>_</i><b>lookups</b>
Disable DNS lookups. This means that mail must be
Disable DNS lookups. This means that mail must be
forwarded via a smart relay host.
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
Recipient of protocol/policy/resource/software
Recipient of protocol/policy/resource/software
error notices.
<b>fallback</b><i>_</i><b>relay</b>
Hosts to hand off mail to if a message destination
Hosts to hand off mail to if a message destination
is not found or if a destination is unreachable.
<b>ignore</b><i>_</i><b>mx</b><i>_</i><b>lookup</b><i>_</i><b>error</b>
When a name server fails to respond to an MX query,
search for an A record instead deferring mail
search for an A record instead deferring mail
delivery.
<b>inet</b><i>_</i><b>interfaces</b>
The network interface addresses that this mail sys-
tem receives mail on. When any of those addresses
tem receives mail on. When any of those addresses
appears in the list of mail exchangers for a remote
destination, the list is truncated to avoid mail
destination, the list is truncated to avoid mail
delivery loops. See also the <b>proxy</b><i>_</i><b>interfaces</b>
parameter.
<b>notify</b><i>_</i><b>classes</b>
When this parameter includes the <b>protocol</b> class,
send mail to the postmaster with transcripts of
When this parameter includes the <b>protocol</b> class,
send mail to the postmaster with transcripts of
SMTP sessions with protocol errors.
<b>proxy</b><i>_</i><b>interfaces</b>
Network interfaces that this mail system receives
Network interfaces that this mail system receives
mail on by way of a proxy or network address trans-
lator. When any of those addresses appears in the
list of mail exchangers for a remote destination,
lator. When any of those addresses appears in the
list of mail exchangers for a remote destination,
the list is truncated to avoid mail delivery loops.
See also the <b>inet</b><i>_</i><b>interfaces</b> parameter.
@ -130,65 +125,65 @@ SMTP(8) SMTP(8)
Never send EHLO at the start of a connection.
<b>smtp</b><i>_</i><b>bind</b><i>_</i><b>address</b>
Numerical source network address to bind to when
Numerical source network address to bind to when
making a connection.
<b>smtp</b><i>_</i><b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
Length limit for SMTP message content lines. Zero
means no limit. Some SMTP servers misbehave on
Length limit for SMTP message content lines. Zero
means no limit. Some SMTP servers misbehave on
long lines.
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>name</b>
The hostname to be used in HELO and EHLO commands.
The hostname to be used in HELO and EHLO commands.
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>4xx</b><i>_</i><b>greeting</b>
Skip servers that greet us with a 4xx status code.
Skip servers that greet us with a 4xx status code.
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>5xx</b><i>_</i><b>greeting</b>
Skip servers that greet us with a 5xx status code.
Skip servers that greet us with a 5xx status code.
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>quit</b><i>_</i><b>response</b>
Do not wait for the server response after sending
Do not wait for the server response after sending
QUIT.
<b>smtp</b><i>_</i><b>pix</b><i>_</i><b>workaround</b><i>_</i><b>delay</b><i>_</i><b>time</b>
The time to pause before sending .&lt;CR&gt;&lt;LF&gt;, while
working around the CISCO PIX firewall
The time to pause before sending .&lt;CR&gt;&lt;LF&gt;, while
working around the CISCO PIX firewall
&lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt; bug.
<b>smtp</b><i>_</i><b>pix</b><i>_</i><b>workaround</b><i>_</i><b>threshold</b><i>_</i><b>time</b>
The time a message must be queued before the CISCO
PIX firewall &lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt; bug workaround is
The time a message must be queued before the CISCO
PIX firewall &lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt; bug workaround is
turned on.
<b>MIME</b> <b>Conversion</b>
<b>disable</b><i>_</i><b>mime</b><i>_</i><b>output</b><i>_</i><b>conversion</b>
Disable the conversion of 8BITMIME format to 7BIT
format when the remote system does not advertise
Disable the conversion of 8BITMIME format to 7BIT
format when the remote system does not advertise
8BITMIME support.
<b>mime</b><i>_</i><b>boundary</b><i>_</i><b>length</b><i>_</i><b>limit</b>
The amount of space that will be allocated for MIME
multipart boundary strings. The MIME processor is
multipart boundary strings. The MIME processor is
unable to distinguish between boundary strings that
do not differ in the first <b>$mime</b><i>_</i><b>bound-</b>
<b>ary</b><i>_</i><b>length</b><i>_</i><b>limit</b> characters.
<b>mime</b><i>_</i><b>nesting</b><i>_</i><b>limit</b>
The maximal nesting level of multipart mail that
the MIME processor can handle. Refuse mail that is
The maximal nesting level of multipart mail that
the MIME processor can handle. Refuse mail that is
nested deeper, when converting from 8BITMIME format
to 7BIT format.
<b>Authentication</b> <b>controls</b>
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>enable</b>
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
(SASL). By default, Postfix is built without SASL
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
(SASL). By default, Postfix is built without SASL
support.
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>password</b><i>_</i><b>maps</b>
Lookup tables with per-host or domain <i>name</i>:<i>password</i>
entries. No entry for a host means no attempt to
entries. No entry for a host means no attempt to
authenticate.
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>security</b><i>_</i><b>options</b>
@ -212,47 +207,47 @@ SMTP(8) SMTP(8)
<b>Resource</b> <b>controls</b>
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
Limit the number of parallel deliveries to the same
destination. The default limit is taken from the
destination. The default limit is taken from the
<b>default</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter.
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
Limit the number of recipients per message deliv-
ery. The default limit is taken from the
Limit the number of recipients per message deliv-
ery. The default limit is taken from the
<b>default</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter.
<b>Timeout</b> <b>controls</b>
The default time unit is seconds; an explicit time unit
can be specified by appending a one-letter suffix to the
value: s (seconds), m (minutes), h (hours), d (days) or w
The default time unit is seconds; an explicit time unit
can be specified by appending a one-letter suffix to the
value: s (seconds), m (minutes), h (hours), d (days) or w
(weeks).
<b>smtp</b><i>_</i><b>connect</b><i>_</i><b>timeout</b>
Timeout for completing a TCP connection. When no
connection can be made within the deadline, the
SMTP client tries the next address on the mail
Timeout for completing a TCP connection. When no
connection can be made within the deadline, the
SMTP client tries the next address on the mail
exchanger list.
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
Timeout for receiving the SMTP greeting banner.
When the server drops the connection without send-
Timeout for receiving the SMTP greeting banner.
When the server drops the connection without send-
ing a greeting banner, or when it sends no greeting
banner within the deadline, the SMTP client tries
banner within the deadline, the SMTP client tries
the next address on the mail exchanger list.
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
Timeout for sending the <b>HELO</b> command, and for
Timeout for sending the <b>HELO</b> command, and for
receiving the server response.
<b>smtp</b><i>_</i><b>mail</b><i>_</i><b>timeout</b>
Timeout for sending the <b>MAIL</b> <b>FROM</b> command, and for
Timeout for sending the <b>MAIL</b> <b>FROM</b> command, and for
receiving the server response.
<b>smtp</b><i>_</i><b>rcpt</b><i>_</i><b>timeout</b>
Timeout for sending the <b>RCPT</b> <b>TO</b> command, and for
Timeout for sending the <b>RCPT</b> <b>TO</b> command, and for
receiving the server response.
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>init</b><i>_</i><b>timeout</b>
Timeout for sending the <b>DATA</b> command, and for
Timeout for sending the <b>DATA</b> command, and for
receiving the server response.
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>xfer</b><i>_</i><b>timeout</b>
@ -260,12 +255,12 @@ SMTP(8) SMTP(8)
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>done</b><i>_</i><b>timeout</b>
Timeout for sending the "<b>.</b>" command, and for
receiving the server response. When no response is
received, a warning is logged that the mail may be
receiving the server response. When no response is
received, a warning is logged that the mail may be
delivered multiple times.
<b>smtp</b><i>_</i><b>quit</b><i>_</i><b>timeout</b>
Timeout for sending the <b>QUIT</b> command, and for
Timeout for sending the <b>QUIT</b> command, and for
receiving the server response.
<b>SEE</b> <b>ALSO</b>
@ -275,7 +270,7 @@ SMTP(8) SMTP(8)
syslogd(8) system logging
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

155
gnu/dist/postfix/html/smtpd.8.html vendored
View File

@ -62,28 +62,29 @@ SMTPD(8) SMTPD(8)
with comments that Sendmail allows.
<b>broken</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>clients</b>
Support older Microsoft clients that mis-implement
the AUTH protocol, and that expect an EHLO response
of "250 AUTH=list" instead of "250 AUTH list".
Support Microsoft clients that implement an older
version of the AUTH protocol, and that expect an
EHLO response of "250 AUTH=list" instead of "250
AUTH list".
<b>smtpd</b><i>_</i><b>noop</b><i>_</i><b>commands</b>
List of commands that are treated as NOOP (no oper-
ation) commands, without any parameter syntax
checking and without any state change. This list
ation) commands, without any parameter syntax
checking and without any state change. This list
overrides built-in command definitions.
<b>Content</b> <b>inspection</b> <b>controls</b>
<b>content</b><i>_</i><b>filter</b>
The name of a mail delivery transport that filters
The name of a mail delivery transport that filters
mail and that either bounces mail or re-injects the
result back into Postfix. This parameter uses the
same syntax as the right-hand side of a Postfix
result back into Postfix. This parameter uses the
same syntax as the right-hand side of a Postfix
transport table.
<b>Authentication</b> <b>controls</b>
<b>enable</b><i>_</i><b>sasl</b><i>_</i><b>authentication</b>
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
(SASL). This functionality is available only when
<b>smtpd</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>enable</b>
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
(SASL). This functionality is available only when
explicitly selected at program build time and
explicitly enabled at runtime.
@ -109,14 +110,14 @@ SMTPD(8) SMTPD(8)
Disallow anonymous logins.
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>maps</b>
Maps that specify the SASL login name that owns a
MAIL FROM sender address. Used by the
Maps that specify the SASL login name that owns a
MAIL FROM sender address. Used by the
<b>reject</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>mismatch</b> sender anti-spoofing
restriction.
<b>Miscellaneous</b>
<b>always</b><i>_</i><b>bcc</b>
Address to send a copy of each message that enters
Address to send a copy of each message that enters
the system.
<b>authorized</b><i>_</i><b>verp</b><i>_</i><b>clients</b>
@ -124,23 +125,23 @@ SMTPD(8) SMTPD(8)
that are authorized to use the XVERP extension.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
Increment in verbose logging level when a remote
Increment in verbose logging level when a remote
host matches a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
parameter.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
List of domain or network patterns. When a remote
host matches a pattern, increase the verbose log-
ging level by the amount specified in the
List of domain or network patterns. When a remote
host matches a pattern, increase the verbose log-
ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
<b>default</b><i>_</i><b>verp</b><i>_</i><b>delimiters</b>
The default VERP delimiter characters that are used
when the XVERP command is specified without
when the XVERP command is specified without
explicit delimiters.
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
Recipient of protocol/policy/resource/software
Recipient of protocol/policy/resource/software
error notices.
<b>hopcount</b><i>_</i><b>limit</b>
@ -149,18 +150,18 @@ SMTPD(8) SMTPD(8)
<b>notify</b><i>_</i><b>classes</b>
List of error classes. Of special interest are:
<b>policy</b> When a client violates any policy, mail a
<b>policy</b> When a client violates any policy, mail a
transcript of the entire SMTP session to the
postmaster.
<b>protocol</b>
When a client violates the SMTP protocol or
When a client violates the SMTP protocol or
issues an unimplemented command, mail a
transcript of the entire SMTP session to the
postmaster.
<b>smtpd</b><i>_</i><b>banner</b>
Text that follows the <b>220</b> status code in the SMTP
Text that follows the <b>220</b> status code in the SMTP
greeting banner.
<b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
@ -168,57 +169,57 @@ SMTPD(8) SMTPD(8)
expansion of rbl template responses and other text.
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
Restrict the number of recipients that the SMTP
Restrict the number of recipients that the SMTP
server accepts per message delivery.
<b>smtpd</b><i>_</i><b>timeout</b>
Limit the time to send a server response and to
Limit the time to send a server response and to
receive a client request.
<b>soft</b><i>_</i><b>bounce</b>
Change hard (5xx) reject responses into soft (4xx)
reject responses. This can be useful for testing
Change hard (5xx) reject responses into soft (4xx)
reject responses. This can be useful for testing
purposes.
<b>verp</b><i>_</i><b>delimiter</b><i>_</i><b>filter</b>
The characters that Postfix accepts as VERP delim-
The characters that Postfix accepts as VERP delim-
iter characters.
<b>Known</b> <b>versus</b> <b>unknown</b> <b>recipients</b>
<b>show</b><i>_</i><b>user</b><i>_</i><b>unknown</b><i>_</i><b>table</b><i>_</i><b>name</b>
Whether or not to reveal the table name in the
"User unknown" responses. The extra detail makes
trouble shooting easier but also reveals informa-
Whether or not to reveal the table name in the
"User unknown" responses. The extra detail makes
trouble shooting easier but also reveals informa-
tion that is nobody elses business.
<b>unknown</b><i>_</i><b>local</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
ent whose domain matches <b>$mydestination</b> or
ent whose domain matches <b>$mydestination</b> or
<b>$inet</b><i>_</i><b>interfaces</b>, while <b>$local</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is
non-empty and does not list the recipient address
non-empty and does not list the recipient address
or address local-part.
<b>unknown</b><i>_</i><b>relay</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
ent whose domain matches <b>$relay</b><i>_</i><b>domains</b>, while
<b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
<b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
list the recipient address.
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>alias</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
while the recipient is not listed in <b>$vir-</b>
ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
while the recipient is not listed in <b>$vir-</b>
<b>tual</b><i>_</i><b>alias</b><i>_</i><b>maps</b>.
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
while the recipient is not listed in <b>$virtual</b><i>_</i><b>mail-</b>
<b>box</b><i>_</i><b>maps</b>.
<b>Resource</b> <b>controls</b>
<b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
Limit the amount of memory in bytes used for the
Limit the amount of memory in bytes used for the
handling of partial input lines.
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
@ -226,8 +227,8 @@ SMTPD(8) SMTPD(8)
ing on-disk storage for envelope information.
<b>queue</b><i>_</i><b>minfree</b>
Minimal amount of free space in bytes in the queue
file system for the SMTP server to accept any mail
Minimal amount of free space in bytes in the queue
file system for the SMTP server to accept any mail
at all.
<b>smtpd</b><i>_</i><b>history</b><i>_</i><b>flush</b><i>_</i><b>threshold</b>
@ -242,23 +243,23 @@ SMTPD(8) SMTPD(8)
<b>smtpd</b><i>_</i><b>soft</b><i>_</i><b>error</b><i>_</i><b>limit</b>
When an SMTP client has made this number of errors,
wait <i>error_count</i> seconds before responding to any
wait <i>error_count</i> seconds before responding to any
client request.
<b>smtpd</b><i>_</i><b>hard</b><i>_</i><b>error</b><i>_</i><b>limit</b>
Disconnect after a client has made this number of
Disconnect after a client has made this number of
errors.
<b>smtpd</b><i>_</i><b>junk</b><i>_</i><b>command</b><i>_</i><b>limit</b>
Limit the number of times a client can issue a junk
command such as NOOP, VRFY, ETRN or RSET in one
SMTP session before it is penalized with tarpit
command such as NOOP, VRFY, ETRN or RSET in one
SMTP session before it is penalized with tarpit
delays.
<b>UCE</b> <b>control</b> <b>restrictions</b>
<b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b>smtpd</b><i>_</i><b>client</b><i>_</i><b>restrictions</b>
@ -266,19 +267,19 @@ SMTPD(8) SMTPD(8)
tem.
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>required</b>
Require that clients introduce themselves at the
Require that clients introduce themselves at the
beginning of an SMTP session.
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>restrictions</b>
Restrict what client hostnames are allowed in <b>HELO</b>
Restrict what client hostnames are allowed in <b>HELO</b>
and <b>EHLO</b> commands.
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>restrictions</b>
Restrict what sender addresses are allowed in <b>MAIL</b>
Restrict what sender addresses are allowed in <b>MAIL</b>
<b>FROM</b> commands.
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>restrictions</b>
Restrict what recipient addresses are allowed in
Restrict what recipient addresses are allowed in
<b>RCPT</b> <b>TO</b> commands.
<b>smtpd</b><i>_</i><b>etrn</b><i>_</i><b>restrictions</b>
@ -286,73 +287,73 @@ SMTPD(8) SMTPD(8)
mands, and what clients may issue <b>ETRN</b> commands.
<b>smtpd</b><i>_</i><b>data</b><i>_</i><b>restrictions</b>
Restrictions on the <b>DATA</b> command. Currently, the
only restriction that makes sense here is
Restrictions on the <b>DATA</b> command. Currently, the
only restriction that makes sense here is
<b>reject</b><i>_</i><b>unauth</b><i>_</i><b>pipelining</b>.
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
Allow untrusted clients to specify addresses with
sender-specified routing. Enabling this opens up
nasty relay loopholes involving trusted backup MX
Allow untrusted clients to specify addresses with
sender-specified routing. Enabling this opens up
nasty relay loopholes involving trusted backup MX
hosts.
<b>smtpd</b><i>_</i><b>restriction</b><i>_</i><b>classes</b>
Declares the name of zero or more parameters that
contain a list of UCE restrictions. The names of
these parameters can then be used instead of the
Declares the name of zero or more parameters that
contain a list of UCE restrictions. The names of
these parameters can then be used instead of the
restriction lists that they represent.
<b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b>
The lookup key to be used in SMTPD access tables
instead of the null sender address. A null sender
The lookup key to be used in SMTPD access tables
instead of the null sender address. A null sender
address cannot be looked up.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b> (deprecated)
List of DNS domains that publish the addresses of
List of DNS domains that publish the addresses of
blacklisted hosts. This is used with the deprecated
<b>reject</b><i>_</i><b>maps</b><i>_</i><b>rbl</b> restriction.
<b>permit</b><i>_</i><b>mx</b><i>_</i><b>backup</b><i>_</i><b>networks</b>
Only domains whose primary MX hosts match the
listed networks are eligible for the <b>per-</b>
Only domains whose primary MX hosts match the
listed networks are eligible for the <b>per-</b>
<b>mit</b><i>_</i><b>mx</b><i>_</i><b>backup</b> feature.
<b>relay</b><i>_</i><b>domains</b>
Restrict what domains this mail system will relay
mail to. The domains are routed to the delivery
Restrict what domains this mail system will relay
mail to. The domains are routed to the delivery
agent specified with the <b>relay</b><i>_</i><b>transport</b> setting.
<b>UCE</b> <b>control</b> <b>responses</b>
<b>access</b><i>_</i><b>map</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a client violates an access
Response code when a client violates an access
database restriction.
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b>
Default template reply when a request is RBL black-
listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
<b>defer</b><i>_</i><b>code</b>
Response code when a client request is rejected by
Response code when a client request is rejected by
the <b>defer</b> restriction.
<b>invalid</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a client violates the
Response code when a client violates the
<b>reject</b><i>_</i><b>invalid</b><i>_</i><b>hostname</b> restriction.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a request is RBL blacklisted.
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b>
Table with template responses for RBL blacklisted
requests, indexed by RBL domain name. These tem-
Table with template responses for RBL blacklisted
requests, indexed by RBL domain name. These tem-
plates are used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b> and
<b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
<b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
<b>reject</b><i>_</i><b>code</b>
Response code when the client matches a <b>reject</b>
Response code when the client matches a <b>reject</b>
restriction.
<b>relay</b><i>_</i><b>domains</b><i>_</i><b>reject</b><i>_</i><b>code</b>
@ -360,7 +361,7 @@ SMTPD(8) SMTPD(8)
mail relay policy.
<b>unknown</b><i>_</i><b>address</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a client violates the
Response code when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>address</b> restriction.
<b>unknown</b><i>_</i><b>client</b><i>_</i><b>reject</b><i>_</i><b>code</b>
@ -369,7 +370,7 @@ SMTPD(8) SMTPD(8)
tion.
<b>unknown</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a client violates the
Response code when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>hostname</b> restriction.
<b>SEE</b> <b>ALSO</b>
@ -379,7 +380,7 @@ SMTPD(8) SMTPD(8)
syslogd(8) system logging
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

10
gnu/dist/postfix/html/spawn.8.html vendored
View File

@ -1,5 +1,4 @@
<html> <head> </head> <body> <pre>
SPAWN(8) SPAWN(8)
<b>NAME</b>
@ -77,10 +76,10 @@ SPAWN(8) SPAWN(8)
external command.
<b>Resource</b> <b>control</b>
<i>service_</i><b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b>
<i>service_</i><b>time</b><i>_</i><b>limit</b>
The amount of time the command is allowed to run
before it is killed with force. The <i>service</i> name is
the name of the entry in the <b>master.cf</b> file. The
before it is killed with force. <i>service</i> is the
first field of the entry in the <b>master.cf</b> file. The
default time limit is given by the global <b>com-</b>
<b>mand</b><i>_</i><b>time</b><i>_</i><b>limit</b> configuration parameter.
@ -98,6 +97,5 @@ SPAWN(8) SPAWN(8)
P.O. Box 704
Yorktown Heights, NY 10598, USA
1
SPAWN(8)
</pre> </body> </html>

41
gnu/dist/postfix/html/transport.5.html vendored
View File

@ -17,25 +17,44 @@ TRANSPORT(5) TRANSPORT(5)
relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
daemon.
Normally, the <b>transport</b> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
<b>postmap</b> <b>/etc/postfix/transport</b> in order to rebuild the
This mapping overrides the default routing that is built
into Postfix:
<b>mydestination</b>
A list of domains that is by default delivered via
<b>$local</b><i>_</i><b>transport</b>.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
A list of domains that is by default delivered via
<b>$virtual</b><i>_</i><b>transport</b>.
<b>relay</b><i>_</i><b>domains</b>
A list of domains that is by default delivered via
<b>$relay</b><i>_</i><b>transport</b>.
any other destination
Mail for any other destination is by default deliv-
ered via <b>$default</b><i>_</i><b>transport</b>.
Normally, the <b>transport</b> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
<b>postmap</b> <b>/etc/postfix/transport</b> in order to rebuild the
indexed file after changing the transport table.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
indexed files.
Alternatively, the table can be provided as a regular-
Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
sions. In that case, the lookups are done in a slightly
different way as described in section "REGULAR EXPRESSION
sions. In that case, the lookups are done in a slightly
different way as described in section "REGULAR EXPRESSION
TABLES".
<b>TABLE</b> <b>FORMAT</b>
The format of the transport table is as follows:
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern</i> <i>result</i>
When <i>pattern</i> matches the recipient address or

30
gnu/dist/postfix/html/uce.html vendored
View File

@ -134,7 +134,9 @@ matches a table, the action depends on the lookup result:
Reject the message, log the header and the optional text,
and send the optional text to the originator.
<dt>IGNORE <dd> Delete the header from the message.
<dt>OK <dd>Skip all further header patterns for this header line.
<dt>IGNORE <dd> Delete the header line from the message.
<dt>WARN <dd>
@ -240,7 +242,9 @@ and send the optional text to the originator.
Log (but do not reject) the body line with a warning, and log the
optional text.
<dt>IGNORE <dd> Delete the matched line from the message.
<dt>OK <dd>Skip all further body patterns for this body line.
<dt>IGNORE <dd> Delete the body line from the message.
<dt>HOLD <dd>
@ -344,8 +348,8 @@ reject_rbl_client relays.mail-abuse.org</b> (paid service)
<dd> <b>smtpd_client_restrictions = hash:/etc/postfix/access,
reject_rbl_client relays.ordb.org</b> (free service)
<dd> <b>smtpd_client_restrictions = hash:/etc/postfix/access,
reject_rhsbl_client dsn.rfc-ignorant.org</b> (free service)
<dd> <b>smtpd_sender_restrictions = hash:/etc/postfix/access,
reject_rhsbl_sender dsn.rfc-ignorant.org</b> (free service)
<dd> <b>smtpd_client_restrictions = permit_mynetworks,
reject_unknown_client</b>
@ -856,7 +860,7 @@ and the address contains no sender-specified routing
<li>Postfix is the final destination: any destination that matches
<a href="basic.html#mydestination">$mydestination</a>, <a
href="basic.html#inet_interfaces">$inet_interfaces</a>, <a
href="virtual.5.html">$virtual_alias_domains</a>, or
href="virtual.5.html">$virtual_alias_domains</a>, or <a
href="virtual.8.html">$virtual_mailbox_domains</a>.
</ul>
@ -930,19 +934,19 @@ lookup tables:
<table border="1">
<tr><th>Recipient domain matches <th>Recipient lookup table
<tr><th>Recipient domain matches</th> <th>Recipient lookup table</th>
<tr><td><a href="basic.html#mydestination"> $mydestination</a> or
<a href="basic.html#inet_interfaces">$inet_interfaces</a>
<td>$local_recipient_maps
</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a> or
<a href="basic.html#inet_interfaces">$inet_interfaces</a></td>
<td>$local_recipient_maps</td>
<tr><td>$virtual_alias_domains <td>$virtual_alias_maps
</tr><tr><td>$virtual_alias_domains</td> <td>$virtual_alias_maps</td>
<tr><td>$virtual_mailbox_domains <td>$virtual_mailbox_maps
</tr><tr><td>$virtual_mailbox_domains</td> <td>$virtual_mailbox_maps</td>
<tr><td>$relay_domains <td>$relay_recipient_maps
</tr><tr><td>$relay_domains</td> <td>$relay_recipient_maps</td>
</table>
</tr></table>
</blockquote>

9
gnu/dist/postfix/html/virtual.5.html vendored
View File

@ -54,8 +54,7 @@ VIRTUAL(5) VIRTUAL(5)
different way as described below.
<b>TABLE</b> <b>FORMAT</b>
The format of the virtual table is as follows, mappings
being tried in the order as listed in this manual page:
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern</i> <i>result</i>
When <i>pattern</i> matches a mail address, replace it by
@ -138,9 +137,9 @@ VIRTUAL(5) VIRTUAL(5)
<i>user2@virtual-alias.domain</i> <i>address2,</i> <i>address3</i>
The <i>virtual-alias.domain</i> <i>anything</i> entry is required for a
virtual alias domain. Without this entry, mail is rejected
with "relay access denied", or bounces with "mail loops
back to myself".
virtual alias domain. <b>Without</b> <b>this</b> <b>entry,</b> <b>mail</b> <b>is</b> <b>rejected</b>
<b>with</b> <b>"relay</b> <b>access</b> <b>denied",</b> <b>or</b> <b>bounces</b> <b>with</b> <b>"mail</b> <b>loops</b>
<b>back</b> <b>to</b> <b>myself".</b>
Do not specify virtual alias domain names in the <b>main.cf</b>
<b>mydestination</b> or <b>relay</b><i>_</i><b>domains</b> configuration parameters.

81
gnu/dist/postfix/html/virtual.8.html vendored
View File

@ -152,110 +152,109 @@ VIRTUAL(8) VIRTUAL(8)
<b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b>
Specifies a minimum uid that will be accepted as a
return from a <b>virtual</b><i>_</i><b>owner</b><i>_</i><b>maps</b> or <b>vir-</b>
<b>tual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned values less than
this will be rejected, and the message will be
deferred.
return from a <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned
values less than this will be rejected, and the
message will be deferred.
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
Recipients are looked up in these maps to determine
the user ID to be used when writing to the target
the user ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b>
Recipients are looked up in these maps to determine
the group ID to be used when writing to the target
the group ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>Locking</b> <b>controls</b>
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>lock</b>
How to lock UNIX-style mailboxes: one or more of
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
requires that the recipient UID or GID has write
How to lock UNIX-style mailboxes: one or more of
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
requires that the recipient UID or GID has write
access to the parent directory of the mailbox file.
This setting is ignored with <b>maildir</b> style deliv-
This setting is ignored with <b>maildir</b> style deliv-
ery, because such deliveries are safe without
explicit locks.
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
ing methods are available on your system.
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>attempts</b>
Limit the number of attempts to acquire an exclu-
Limit the number of attempts to acquire an exclu-
sive lock on a UNIX-style mailbox file.
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>delay</b>
Time (default: seconds) between successive attempts
to acquire an exclusive lock on a UNIX-style mail-
box file. The actual delay is slightly randomized.
to acquire an exclusive lock on a UNIX-style mail-
box file. The actual delay is slightly randomized.
<b>stale</b><i>_</i><b>lock</b><i>_</i><b>time</b>
Limit the time after which a stale lockfile is
removed (applicable to UNIX-style mailboxes only).
Limit the time after which a stale lockfile is
removed (applicable to UNIX-style mailboxes only).
<b>Resource</b> <b>controls</b>
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
Limit the number of parallel deliveries to the same
domain via the <b>virtual</b> delivery agent. The default
limit is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>concur-</b>
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
the Postfix queue manager.
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
Limit the number of recipients per message delivery
via the <b>virtual</b> delivery agent. The default limit
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
via the <b>virtual</b> delivery agent. The default limit
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
Postfix queue manager.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
The maximal size in bytes of a mailbox or maildir
The maximal size in bytes of a mailbox or maildir
file. Set to zero to disable the limit.
<b>HISTORY</b>
This agent was originally based on the Postfix local
This agent was originally based on the Postfix local
delivery agent. Modifications mainly consisted of removing
code that either was not applicable or that was not safe
in this context: aliases, ~user/.forward files, delivery
code that either was not applicable or that was not safe
in this context: aliases, ~user/.forward files, delivery
to "|command" or to /file/name.
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
Daniel Bernstein.
The <b>maildir</b> structure appears in the <b>qmail</b> system by
The <b>maildir</b> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>SEE</b> <b>ALSO</b>
@ -266,7 +265,7 @@ VIRTUAL(8) VIRTUAL(8)
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

6
gnu/dist/postfix/man/man1/postalias.1 vendored
View File

@ -59,12 +59,12 @@ Do not release root privileges when processing a non-root
input file. By default, \fBpostalias\fR drops root privileges
and runs as the source file owner instead.
.IP "\fB-q \fIkey\fR"
Search the specified maps for \fIkey\fR and print the first value
found on the standard output stream. The exit status is zero
Search the specified maps for \fIkey\fR and write the first value
found to the standard output stream. The exit status is zero
when the requested information was found.
If a key value of \fB-\fR is specified, the program reads key
values from the standard input stream and prints one line of
values from the standard input stream and writes one line of
\fIkey: value\fR output for each key that was found. The exit
status is zero when at least one of the requested keys was found.
.IP \fB-r\fR

29
gnu/dist/postfix/man/man1/postcat.1 vendored
View File

@ -8,16 +8,23 @@ show Postfix queue file contents
.SH SYNOPSIS
.na
.nf
\fBpostcat\fR [\fB-v\fR] [\fIfiles\fR...]
\fBpostcat\fR [\fB-vq\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
.SH DESCRIPTION
.ad
.fi
The \fBpostcat\fR command prints the contents of the named
Postfix queue \fIfiles\fR in human-readable form. If no
\fIfiles\fR in human-readable form. The files are expected
to be in Postfix queue file format. If no
\fIfiles\fR are specified on the command line, the program
reads from standard input.
Options:
.IP "\fB-c \fIconfig_dir\fR"
The \fBmain.cf\fR configuration file is in the named directory
instead of the default configuration directory.
.IP \fB-q\fR
Search the Postfix queue for the named \fIfiles\fR instead
of taking the names literally.
.IP \fB-v\fR
Enable verbose logging for debugging purposes. Multiple \fB-v\fR
options make the software increasingly verbose.
@ -25,6 +32,24 @@ options make the software increasingly verbose.
.ad
.fi
Problems are reported to the standard error stream.
.SH ENVIRONMENT
.na
.nf
.ad
.fi
.IP \fBMAIL_CONFIG\fR
Directory with Postfix configuration files.
.SH CONFIGURATION PARAMETERS
.na
.nf
.ad
.fi
See the Postfix \fBmain.cf\fR file for syntax details and for
default values. Use the \fBpostfix reload\fR command after a
configuration change.
.IP \fBqueue_directory\fR
Top-level directory of the Postfix queue. This is also the root
directory of Postfix daemons that run chrooted.
.SH LICENSE
.na
.nf

6
gnu/dist/postfix/man/man1/postmap.1 vendored
View File

@ -80,12 +80,12 @@ Do not release root privileges when processing a non-root
input file. By default, \fBpostmap\fR drops root privileges
and runs as the source file owner instead.
.IP "\fB-q \fIkey\fR"
Search the specified maps for \fIkey\fR and print the first value
found on the standard output stream. The exit status is zero
Search the specified maps for \fIkey\fR and write the first value
found to the standard output stream. The exit status is zero
when the requested information was found.
If a key value of \fB-\fR is specified, the program reads key
values from the standard input stream and prints one line of
values from the standard input stream and writes one line of
\fIkey value\fR output for each key that was found. The exit
status is zero when at least one of the requested keys was found.
.IP \fB-r\fR

11
gnu/dist/postfix/man/man5/access.5 vendored
View File

@ -39,7 +39,7 @@ the lookups are done in a slightly different way as described below.
.nf
.ad
.fi
The format of the access table is as follows:
The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern action\fR"
When \fIpattern\fR matches a mail address, domain or host address,
perform the corresponding \fIaction\fR.
@ -55,8 +55,8 @@ starts with whitespace continues a logical line.
.ad
.fi
With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, the following lookup patterns are
examined in the order as listed:
tables such as NIS, LDAP or SQL, patterns are tried in the order as
listed below:
.IP \fIuser\fR@\fIdomain\fR
Matches the specified mail address.
.IP \fIdomain.tld\fR
@ -106,6 +106,11 @@ order to match subdomains.
.IP \fInet\fR
Matches any host address in the specified network. A network
address is a sequence of one or more octets separated by ".".
Note: CIDR notation (network/netmask) is not supported with
lookups from indexed files such as DB or DBM, or from networked
tables such as NIS,
LDAP or SQL.
.SH ACTIONS
.na
.nf

11
gnu/dist/postfix/man/man5/pcre_table.5 vendored
View File

@ -39,9 +39,12 @@ A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
Examine the lines between \fBif\fR..\fBendif\fR only if
\fIpattern\fR matches. The \fBif\fR..\fBendif\fR can nest.
Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
Match the search string against the patterns between \fBif\fR
and \fBendif\fR, if and only if the search string matches
\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.PP
Each pattern is a perl-like regular expression. The expression
delimiter can be any character, except whitespace or characters
@ -119,7 +122,7 @@ or $(n) if they aren't followed by whitespace.
.na
.nf
# Protect your outgoing majordomo exploders
/^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
/^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
# Bounce friend@whatever, except when whatever is our domain (you would
# be better just bouncing all friend@ mail - this is just an example).

10
gnu/dist/postfix/man/man5/regexp_table.5 vendored
View File

@ -41,10 +41,12 @@ starts with whitespace continues a logical line.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
Examine the lines between \fBif\fR..\fBendif\fR only if
\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
can nest.
Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
Match the search string against the patterns between \fBif\fR
and \fBendif\fR, if and only if the search string matches (does
not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.PP
Each pattern is a regular expression enclosed by a pair of delimiters.
The regular expression syntax is described in \fIre_format\fR(7).

8
gnu/dist/postfix/man/man5/relocated.5 vendored
View File

@ -35,11 +35,11 @@ Table lookups are case insensitive.
.nf
.ad
.fi
The format of the table is as follows:
The input format for the \fBpostmap\fR(1) command is as follows:
.IP \(bu
An entry has one of the following form:
.ti +5
\fIkey new_location\fR
\fIpattern new_location\fR
.br
Where \fInew_location\fR specifies contact information such as
an email address, or perhaps a street address or telephone number.
@ -51,8 +51,8 @@ A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
.PP
With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
following:
tables such as NIS, LDAP or SQL, patterns are tried in the order as
listed below:
.IP \fIuser\fR@\fIdomain\fR
Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
other forms.

17
gnu/dist/postfix/man/man5/transport.5 vendored
View File

@ -20,6 +20,21 @@ The optional \fBtransport\fR table specifies a mapping from email
addresses to message delivery transports and/or relay hosts. The
mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
This mapping overrides the default routing that is built into
Postfix:
.IP \fBmydestination\fR
A list of domains that is by default delivered via
\fB$local_transport\fR.
.IP \fBvirtual_mailbox_domains\fR
A list of domains that is by default delivered via
\fB$virtual_transport\fR.
.IP \fBrelay_domains\fR
A list of domains that is by default delivered via
\fB$relay_transport\fR.
.IP "any other destination"
Mail for any other destination is by default delivered via
\fB$default_transport\fR.
.PP
Normally, the \fBtransport\fR table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
@ -39,7 +54,7 @@ in section "REGULAR EXPRESSION TABLES".
.nf
.ad
.fi
The format of the transport table is as follows:
The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches the recipient address or domain, use the
corresponding \fIresult\fR.

2
gnu/dist/postfix/man/man8/proxymap.8 vendored
View File

@ -88,6 +88,8 @@ of idle time.
The proxymap server opens only tables that are approved via the
\fBproxy_read_maps\fR configuration parameter, does not talk to
users, and can run at fixed low privilege, chrooted or not.
However, running the proxymap server chrooted severely limits
usability, because it can open only chrooted tables.
The proxymap server is not a trusted daemon process, and must
not be used to look up sensitive information such as user or

4
gnu/dist/postfix/man/man8/smtp.8 vendored
View File

@ -27,10 +27,6 @@ The SMTP client looks up a list of mail exchanger addresses for
the destination host, sorts the list by preference, and connects
to each listed address until it finds a server that responds.
When the domain or host is specified as a comma/whitespace
separated list, the SMTP client repeats the above process
for all destinations until it finds a server that responds.
Once the SMTP client has received the server greeting banner, no
error will cause it to proceed to the next address on the mail
exchanger list. Instead, the message is either bounced, or its

4
gnu/dist/postfix/man/man8/smtpd.8 vendored
View File

@ -73,7 +73,7 @@ a configuration change.
Disallow non-RFC 821 style addresses in SMTP commands. For example,
the RFC822-style address forms with comments that Sendmail allows.
.IP \fBbroken_sasl_auth_clients\fR
Support older Microsoft clients that mis-implement the AUTH
Support Microsoft clients that implement an older version of the AUTH
protocol, and that expect an EHLO response of "250 AUTH=list"
instead of "250 AUTH list".
.IP \fBsmtpd_noop_commands\fR
@ -87,7 +87,7 @@ either bounces mail or re-injects the result back into Postfix.
This parameter uses the same syntax as the right-hand side of
a Postfix transport table.
.SH "Authentication controls"
.IP \fBenable_sasl_authentication\fR
.IP \fBsmtpd_sasl_auth_enable\fR
Enable per-session authentication as per RFC 2554 (SASL).
This functionality is available only when explicitly selected
at program build time and explicitly enabled at runtime.

4
gnu/dist/postfix/man/man8/spawn.8 vendored
View File

@ -84,9 +84,9 @@ The process privileges used while not running an external command.
.SH Resource control
.ad
.fi
.IP \fIservice\fB_command_time_limit\fR
.IP \fIservice\fB_time_limit\fR
The amount of time the command is allowed to run before it is
killed with force. The \fIservice\fR name is the name of the entry
killed with force. \fIservice\fR is the first field of the entry
in the \fBmaster.cf\fR file. The default time limit is given by the
global \fBcommand_time_limit\fR configuration parameter.
.SH SEE ALSO

2
gnu/dist/postfix/man/man8/virtual.8 vendored
View File

@ -166,7 +166,7 @@ delivery agent. This uses the same syntax as the \fBmydestination\fR
configuration parameter.
.IP \fBvirtual_minimum_uid\fR
Specifies a minimum uid that will be accepted as a return from
a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
a \fBvirtual_uid_maps\fR lookup.
Returned values less than this will be rejected, and the message
will be deferred.
.IP \fBvirtual_uid_maps\fR

51
gnu/dist/postfix/postfix-install vendored
View File

@ -81,36 +81,37 @@
# The built-in default directory name is the current directory.
# This parameter setting is not recorded in the installed main.cf file.
# .IP config_directory
# The destination directory for Postfix configuration files.
# The final destination directory for Postfix configuration files.
# The built-in default directory name is /etc/postfix.
# This parameter setting is not recorded in the installed main.cf file.
# This parameter setting is not recorded in the installed main.cf file
# and can be changed only by recompiling Postfix.
# .IP daemon_directory
# The destination directory for Postfix daemon programs. This directory
# should not be in the command search path of any users.
# The final destination directory for Postfix daemon programs. This
# directory should not be in the command search path of any users.
# The built-in default directory name is /usr/libexec/postfix.
# This parameter setting is recorded in the installed main.cf file.
# .IP command_directory
# The destination directory for Postfix administrative commands. This
# directory should be in the command search path of adminstrative users.
# The built-in default directory name is system dependent.
# The final destination directory for Postfix administrative commands.
# This directory should be in the command search path of adminstrative
# users. The built-in default directory name is system dependent.
# This parameter setting is recorded in the installed main.cf file.
# .IP queue_directory
# The destination directory for Postfix queues.
# The final destination directory for Postfix queues.
# The built-in default directory name is /var/spool/postfix.
# This parameter setting is recorded in the installed main.cf file.
# .IP sendmail_path
# The full destination pathname for the Postfix sendmail command.
# The final destination pathname for the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
# The built-in default pathname is system dependent.
# This parameter setting is recorded in the installed main.cf file.
# .IP newaliases_path
# The full destination pathname for the Postfix newaliases command.
# The final destination pathname for the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases
# for the Postfix local delivery agent.
# The built-in default pathname is system dependent.
# This parameter setting is recorded in the installed main.cf file.
# .IP mailq_path
# The full destination pathname for the Postfix mailq command.
# The final destination pathname for the Postfix mailq command.
# This is the Sendmail-compatible command to list the mail queue.
# The built-in default pathname is system dependent.
# This parameter setting is recorded in the installed main.cf file.
@ -286,30 +287,30 @@ distribution to other machines."
tempdir_prompt="a directory for scratch files while installing
Postfix. You must have write permission in this directory."
config_directory_prompt="the destination directory for installed
Postfix configuration files."
config_directory_prompt="the final destination directory for
installed Postfix configuration files."
daemon_directory_prompt="the destination directory for installed
Postfix daemon programs. This directory should not be in the
command search path of any users."
daemon_directory_prompt="the final destination directory for
installed Postfix daemon programs. This directory should not be
in the command search path of any users."
command_directory_prompt="the destination directory for installed
Postfix administrative commands. This directory should be in the
command search path of adminstrative users."
command_directory_prompt="the final destination directory for
installed Postfix administrative commands. This directory should
be in the command search path of adminstrative users."
queue_directory_prompt="the destination directory for Postfix
queue_directory_prompt="the final destination directory for Postfix
queues."
sendmail_path_prompt="the full destination pathname for the installed
Postfix sendmail command. This is the Sendmail-compatible mail
posting interface."
sendmail_path_prompt="the final destination pathname for the
installed Postfix sendmail command. This is the Sendmail-compatible
mail posting interface."
newaliases_path_prompt="the full destination pathname for the
newaliases_path_prompt="the final destination pathname for the
installed Postfix newaliases command. This is the Sendmail-compatible
command to build alias databases for the Postfix local delivery
agent."
mailq_path_prompt="the full destination pathname for the installed
mailq_path_prompt="the final destination pathname for the installed
Postfix mailq command. This is the Sendmail-compatible mail queue
listing command."

11
gnu/dist/postfix/proto/access vendored
View File

@ -31,7 +31,7 @@
# TABLE FORMAT
# .ad
# .fi
# The format of the access table is as follows:
# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern action\fR"
# When \fIpattern\fR matches a mail address, domain or host address,
# perform the corresponding \fIaction\fR.
@ -45,8 +45,8 @@
# .ad
# .fi
# With lookups from indexed files such as DB or DBM, or from networked
# tables such as NIS, LDAP or SQL, the following lookup patterns are
# examined in the order as listed:
# tables such as NIS, LDAP or SQL, patterns are tried in the order as
# listed below:
# .IP \fIuser\fR@\fIdomain\fR
# Matches the specified mail address.
# .IP \fIdomain.tld\fR
@ -92,6 +92,11 @@
# .IP \fInet\fR
# Matches any host address in the specified network. A network
# address is a sequence of one or more octets separated by ".".
#
# Note: CIDR notation (network/netmask) is not supported with
# lookups from indexed files such as DB or DBM, or from networked
# tables such as NIS,
# LDAP or SQL.
# ACTIONS
# .ad
# .fi

2
gnu/dist/postfix/proto/canonical vendored
View File

@ -45,7 +45,7 @@
# TABLE FORMAT
# .ad
# .fi
# The format of the \fBcanonical\fR table is as follows:
# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches a mail address, replace it by the
# corresponding \fIresult\fR.

11
gnu/dist/postfix/proto/pcre_table vendored
View File

@ -33,9 +33,12 @@
# starts with whitespace continues a logical line.
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
# Examine the lines between \fBif\fR..\fBendif\fR only if
# \fIpattern\fR matches. The \fBif\fR..\fBendif\fR can nest.
# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
# Match the search string against the patterns between \fBif\fR
# and \fBendif\fR, if and only if the search string matches
# \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .sp
# Note: do not prepend whitespace to patterns inside
# \fBif\fR..\fBendif\fR.
# .PP
# Each pattern is a perl-like regular expression. The expression
# delimiter can be any character, except whitespace or characters
@ -111,7 +114,7 @@
# or $(n) if they aren't followed by whitespace.
# EXAMPLE SMTPD ACCESS MAP
# # Protect your outgoing majordomo exploders
# /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
# /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
#
# # Bounce friend@whatever, except when whatever is our domain (you would
# # be better just bouncing all friend@ mail - this is just an example).

10
gnu/dist/postfix/proto/regexp_table vendored
View File

@ -35,10 +35,12 @@
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
# Examine the lines between \fBif\fR..\fBendif\fR only if
# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
# can nest.
# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
# Match the search string against the patterns between \fBif\fR
# and \fBendif\fR, if and only if the search string matches (does
# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .sp
# Note: do not prepend whitespace to patterns inside
# \fBif\fR..\fBendif\fR.
# .PP
# Each pattern is a regular expression enclosed by a pair of delimiters.
# The regular expression syntax is described in \fIre_format\fR(7).

8
gnu/dist/postfix/proto/relocated vendored
View File

@ -27,11 +27,11 @@
# TABLE FORMAT
# .ad
# .fi
# The format of the table is as follows:
# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP \(bu
# An entry has one of the following form:
# .ti +5
# \fIkey new_location\fR
# \fIpattern new_location\fR
# .br
# Where \fInew_location\fR specifies contact information such as
# an email address, or perhaps a street address or telephone number.
@ -43,8 +43,8 @@
# starts with whitespace continues a logical line.
# .PP
# With lookups from indexed files such as DB or DBM, or from networked
# tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
# following:
# tables such as NIS, LDAP or SQL, patterns are tried in the order as
# listed below:
# .IP \fIuser\fR@\fIdomain\fR
# Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
# other forms.

17
gnu/dist/postfix/proto/transport vendored
View File

@ -14,6 +14,21 @@
# addresses to message delivery transports and/or relay hosts. The
# mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
#
# This mapping overrides the default routing that is built into
# Postfix:
# .IP \fBmydestination\fR
# A list of domains that is by default delivered via
# \fB$local_transport\fR.
# .IP \fBvirtual_mailbox_domains\fR
# A list of domains that is by default delivered via
# \fB$virtual_transport\fR.
# .IP \fBrelay_domains\fR
# A list of domains that is by default delivered via
# \fB$relay_transport\fR.
# .IP "any other destination"
# Mail for any other destination is by default delivered via
# \fB$default_transport\fR.
# .PP
# Normally, the \fBtransport\fR table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
@ -31,7 +46,7 @@
# TABLE FORMAT
# .ad
# .fi
# The format of the transport table is as follows:
# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches the recipient address or domain, use the
# corresponding \fIresult\fR.

7
gnu/dist/postfix/proto/virtual vendored
View File

@ -47,8 +47,7 @@
# TABLE FORMAT
# .ad
# .fi
# The format of the virtual table is as follows, mappings being
# tried in the order as listed in this manual page:
# The input format for the \fBpostmap\fR(1) command is as follows:
# .IP "\fIpattern result\fR"
# When \fIpattern\fR matches a mail address, replace it by the
# corresponding \fIresult\fR.
@ -129,9 +128,9 @@
# .fi
# .sp
# The \fIvirtual-alias.domain anything\fR entry is required for a
# virtual alias domain. Without this entry, mail is rejected
# virtual alias domain. \fBWithout this entry, mail is rejected
# with "relay access denied", or bounces with
# "mail loops back to myself".
# "mail loops back to myself".\fR
#
# Do not specify virtual alias domain names in the \fBmain.cf
# mydestination\fR or \fBrelay_domains\fR configuration parameters.

1
gnu/dist/postfix/src/bounce/Makefile.in vendored
View File

@ -126,6 +126,7 @@ bounce_notify_util.o: ../../include/vstring.h
bounce_notify_util.o: ../../include/vbuf.h
bounce_notify_util.o: ../../include/vstream.h
bounce_notify_util.o: ../../include/line_wrap.h
bounce_notify_util.o: ../../include/stringops.h
bounce_notify_util.o: ../../include/mail_queue.h
bounce_notify_util.o: ../../include/quote_822_local.h
bounce_notify_util.o: ../../include/quote_flags.h

1
gnu/dist/postfix/src/bounce/bounce_notify_util.c vendored
View File

@ -151,6 +151,7 @@
#include <vstring.h>
#include <vstream.h>
#include <line_wrap.h>
#include <stringops.h>
/* Global library. */

3
gnu/dist/postfix/src/cleanup/cleanup_extracted.c vendored
View File

@ -160,8 +160,11 @@ static void cleanup_extracted_process(CLEANUP_STATE *state, int type, char *buf,
myfree(state->orig_rcpt);
state->orig_rcpt = 0;
return;
} else if (type == REC_TYPE_DONE) {
return;
} else if (type == REC_TYPE_ORCP) {
state->orig_rcpt = mystrdup(buf);
return;
}
if (type != REC_TYPE_END) {
cleanup_out(state, type, buf, len);

8
gnu/dist/postfix/src/cleanup/cleanup_out_recipient.c vendored
View File

@ -73,8 +73,11 @@ void cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
* onto the same mailbox. The recipient will use our original recipient
* message header to figure things out.
*/
#define STREQ(x, y) (strcmp((x), (y)) == 0)
if (cleanup_virt_alias_maps == 0) {
if (been_here(state->dups, "%s\n%s", orcpt, recip) == 0) {
if ((STREQ(orcpt, recip) ? been_here(state->dups, "%s", orcpt) :
been_here(state->dups, "%s\n%s", orcpt, recip)) == 0) {
cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
cleanup_out_string(state, REC_TYPE_RCPT, recip);
state->rcpt_count++;
@ -83,7 +86,8 @@ void cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
for (cpp = argv->argv; *cpp; cpp++) {
if (been_here(state->dups, "%s\n%s", orcpt, *cpp) == 0) {
if ((STREQ(orcpt, *cpp) ? been_here(state->dups, "%s", orcpt) :
been_here(state->dups, "%s\n%s", orcpt, *cpp)) == 0) {
cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
state->rcpt_count++;

27
gnu/dist/postfix/src/global/mail_queue.c vendored
View File

@ -285,33 +285,16 @@ int mail_queue_id_ok(const char *queue_id)
{
const char *cp;
if (*queue_id == 0 || strlen(queue_id) > 100)
if (*queue_id == 0 || strlen(queue_id) > VALID_HOSTNAME_LEN)
return (0);
/*
* OK if in in time+inum form.
* OK if in time+inum form or in host_domain_tld form.
*/
for (cp = queue_id; /* void */ ; cp++) {
if (*cp == 0)
return (1);
if (!ISALNUM(*cp))
break;
}
/*
* BAD if in time.pid form.
*/
for (cp = queue_id; /* void */ ; cp++) {
if (*cp == 0)
for (cp = queue_id; *cp; cp++)
if (!ISALNUM(*cp) && *cp != '_')
return (0);
if (!ISDIGIT(*cp) && *cp != '.')
break;
}
/*
* OK if in valid hostname form.
*/
return (valid_hostname(queue_id, DO_GRIPE));
return (1);
}
/* mail_queue_enter - make mail queue entry with locally-unique name */

65
gnu/dist/postfix/src/global/mail_stream.c vendored
View File

@ -83,6 +83,7 @@
#include <sys/stat.h>
#include <unistd.h>
#include <errno.h>
#include <utime.h>
/* Utility library. */
@ -110,9 +111,10 @@ static VSTRING *id_buf;
/* mail_stream_cleanup - clean up after success or failure */
void mail_stream_cleanup(MAIL_STREAM * info)
void mail_stream_cleanup(MAIL_STREAM *info)
{
FREE_AND_WIPE(info->close, info->stream);
FREE_AND_WIPE(myfree, info->queue);
FREE_AND_WIPE(myfree, info->id);
FREE_AND_WIPE(myfree, info->class);
FREE_AND_WIPE(myfree, info->service);
@ -121,10 +123,17 @@ void mail_stream_cleanup(MAIL_STREAM * info)
/* mail_stream_finish_file - finish file mail stream */
static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why)
{
int status = 0;
static char wakeup[] = {TRIGGER_REQ_WAKEUP};
struct stat st;
time_t now;
struct utimbuf tbuf;
char *path_to_reset = 0;
static int incoming_fs_clock_ok = 0;
static int incoming_clock_warned = 0;
int check_incoming_fs_clock;
/*
* Make sure the message makes it to file. Set the execute bit when no
@ -137,15 +146,50 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
* as are files with unknown record type codes. Every Postfix queue file
* must end with an explicit END record. Postfix queue files without END
* record are discarded.
*
* Attempt to detect file system clocks that are ahead of local time, but
* don't check the file system clock all the time. The effect of file
* system clock drift can be difficult to understand (Postfix ignores new
* mail until the next queue run).
*
* This clock drift detection code may not work with file systems that work
* on a local copy of the file and that update the server only after the
* file is closed.
*/
check_incoming_fs_clock =
(!incoming_fs_clock_ok && !strcmp(info->queue, MAIL_QUEUE_INCOMING));
if (vstream_fflush(info->stream)
|| fchmod(vstream_fileno(info->stream), 0700 | info->mode)
#ifdef HAS_FSYNC
|| fsync(vstream_fileno(info->stream))
#endif
|| (check_incoming_fs_clock
&& fstat(vstream_fileno(info->stream), &st) < 0)
)
status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE);
#ifdef TEST
st.st_mtime += 10;
#endif
/*
* Work around file system clocks that are ahead of local time.
*/
if (status == CLEANUP_STAT_OK && check_incoming_fs_clock) {
if (st.st_mtime <= time(&now)) {
incoming_fs_clock_ok = 1;
} else {
path_to_reset = mystrdup(VSTREAM_PATH(info->stream));
if (incoming_clock_warned == 0) {
msg_warn("file system clock is %d seconds ahead of local clock",
(int) (st.st_mtime - now));
msg_warn("resetting file time stamps - this hurts performance");
incoming_clock_warned = 1;
}
}
}
/*
* Close the queue file and mark it as closed. Be prepared for
* vstream_fclose() to fail even after vstream_fflush() and fsync()
@ -158,6 +202,16 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE);
info->stream = 0;
/*
* Work around file system clocks that are ahead of local time.
*/
if (path_to_reset != 0) {
tbuf.actime = tbuf.modtime = now;
if (utime(path_to_reset, &tbuf) < 0 && errno != ENOENT)
msg_fatal("%s: update file time stamps: %m", info->id);
myfree(path_to_reset);
}
/*
* When all is well, notify the next service that a new message has been
* queued.
@ -174,7 +228,7 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
/* mail_stream_finish_ipc - finish IPC mail stream */
static int mail_stream_finish_ipc(MAIL_STREAM * info, VSTRING *why)
static int mail_stream_finish_ipc(MAIL_STREAM *info, VSTRING *why)
{
int status = CLEANUP_STAT_WRITE;
@ -199,7 +253,7 @@ static int mail_stream_finish_ipc(MAIL_STREAM * info, VSTRING *why)
/* mail_stream_finish - finish action */
int mail_stream_finish(MAIL_STREAM * info, VSTRING *why)
int mail_stream_finish(MAIL_STREAM *info, VSTRING *why)
{
return (info->finish(info, why));
}
@ -220,6 +274,7 @@ MAIL_STREAM *mail_stream_file(const char *queue, const char *class,
info->stream = stream;
info->finish = mail_stream_finish_file;
info->close = vstream_fclose;
info->queue = mystrdup(queue);
info->id = mystrdup(basename(VSTREAM_PATH(stream)));
info->class = mystrdup(class);
info->service = mystrdup(service);
@ -247,6 +302,7 @@ MAIL_STREAM *mail_stream_service(const char *class, const char *name)
info->stream = stream;
info->finish = mail_stream_finish_ipc;
info->close = vstream_fclose;
info->queue = 0;
info->id = mystrdup(vstring_str(id_buf));
info->class = 0;
info->service = 0;
@ -297,6 +353,7 @@ MAIL_STREAM *mail_stream_command(const char *command)
info->stream = stream;
info->finish = mail_stream_finish_ipc;
info->close = vstream_pclose;
info->queue = 0;
info->id = mystrdup(vstring_str(id_buf));
info->class = 0;
info->service = 0;

1
gnu/dist/postfix/src/global/mail_stream.h vendored
View File

@ -27,6 +27,7 @@ typedef int (*MAIL_STREAM_CLOSE_FN) (VSTREAM *);
struct MAIL_STREAM {
VSTREAM *stream; /* file or pipe or socket */
char *queue; /* (initial) queue name */
char *id; /* queue id */
MAIL_STREAM_FINISH_FN finish; /* finish code */
MAIL_STREAM_CLOSE_FN close; /* close stream */

4
gnu/dist/postfix/src/global/mail_version.h vendored
View File

@ -20,10 +20,10 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
#define MAIL_RELEASE_DATE "20030305"
#define MAIL_RELEASE_DATE "20040312"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.6"
#define DEF_MAIL_VERSION "2.0.19"
extern char *var_mail_version;
/*

5
gnu/dist/postfix/src/global/maps.c vendored
View File

@ -184,14 +184,15 @@ const char *maps_find(MAPS *maps, const char *name, int flags)
continue;
if ((expansion = dict_get(dict, name)) != 0) {
if (msg_verbose)
msg_info("%s: %s: %s = %s", myname, *map_name, name, expansion);
msg_info("%s: %s: %s: %s = %s", myname, maps->title,
*map_name, name, expansion);
return (expansion);
} else if (dict_errno != 0) {
break;
}
}
if (msg_verbose)
msg_info("%s: %s: %s", myname, name, dict_errno ?
msg_info("%s: %s: %s: %s", myname, maps->title, name, dict_errno ?
"search aborted" : "not found");
return (0);
}

5
gnu/dist/postfix/src/global/pipe_command.c vendored
View File

@ -381,11 +381,16 @@ int pipe_command(VSTREAM *src, VSTRING *why,...)
*
* Turn on non-blocking writes to the child process so that we can enforce
* timeouts after partial writes.
*
* XXX Too much trouble with different systems returning weird write()
* results when a pipe is writable.
*/
if (pipe(cmd_in_pipe) < 0 || pipe(cmd_out_pipe) < 0)
msg_fatal("%s: pipe: %m", myname);
non_blocking(cmd_out_pipe[1], NON_BLOCKING);
#if 0
non_blocking(cmd_in_pipe[1], NON_BLOCKING);
#endif
/*
* Spawn off a child process and irrevocably change privilege to the

7
gnu/dist/postfix/src/global/rec_type.h vendored
View File

@ -71,6 +71,13 @@
#define REC_TYPE_CONTENT "XLN"
#define REC_TYPE_EXTRACT "EDROPreAFIL"
/*
* The subset of inputs that the postdrop command allows.
*/
#define REC_TYPE_POST_ENVELOPE "MFSRVA"
#define REC_TYPE_POST_CONTENT "XLN"
#define REC_TYPE_POST_EXTRACT "E"
/*
* The record at the beginning of the envelope segment specifies the message
* content size, data offset, and recipient count. These are fixed-width

4
gnu/dist/postfix/src/global/resolve_clnt.c vendored
View File

@ -59,8 +59,8 @@
/* .IP RESOLVE_CLASS_LOCAL
/* The address domain matches $mydestination or $inet_interfaces.
/* .IP RESOLVE_CLASS_ALIAS
/* The address domain matches $virtual_alias_domains (simulated
/* virtual domains, where each address is redirected to a real
/* The address domain matches $virtual_alias_domains (virtual
/* alias domains, where each address is redirected to a real
/* local or remote address).
/* .IP RESOLVE_CLASS_VIRTUAL
/* The address domain matches $virtual_mailbox_domains (true

1
gnu/dist/postfix/src/global/sent.h vendored
View File

@ -35,6 +35,5 @@ extern int vsent(const char *, const char *, const char *, const char *,
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/**INDENT** Error@17: Unmatched #endif */
#endif

1
gnu/dist/postfix/src/lmtp/Makefile.in vendored
View File

@ -130,6 +130,7 @@ lmtp_connect.o: ../../include/iostuff.h
lmtp_connect.o: ../../include/timed_connect.h
lmtp_connect.o: ../../include/stringops.h
lmtp_connect.o: ../../include/host_port.h
lmtp_connect.o: ../../include/sane_connect.h
lmtp_connect.o: ../../include/mail_params.h
lmtp_connect.o: ../../include/mail_proto.h
lmtp_connect.o: ../../include/attr.h

12
gnu/dist/postfix/src/lmtp/lmtp.c vendored
View File

@ -337,6 +337,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
lmtp_quit(state);
lmtp_chat_reset(state);
state->session = lmtp_session_free(state->session);
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable)
lmtp_sasl_cleanup(state);
#endif
}
/*
@ -346,6 +350,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
else if (lmtp_rset(state) != 0) {
lmtp_chat_reset(state);
state->session = lmtp_session_free(state->session);
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable)
lmtp_sasl_cleanup(state);
#endif
}
/*
@ -380,6 +388,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
*/
else if (lmtp_lhlo(state) != 0) {
state->session = lmtp_session_free(state->session);
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable)
lmtp_sasl_cleanup(state);
#endif
}
/*

1
gnu/dist/postfix/src/lmtp/lmtp.h vendored
View File

@ -53,7 +53,6 @@ typedef struct LMTP_STATE {
sasl_callback_t *sasl_callbacks; /* stateful callbacks */
#endif
int sndbufsize; /* total window size */
int sndbuffree; /* remaining window */
int reuse; /* connection being reused */
} LMTP_STATE;

5
gnu/dist/postfix/src/lmtp/lmtp_connect.c vendored
View File

@ -93,6 +93,7 @@
#include <timed_connect.h>
#include <stringops.h>
#include <host_port.h>
#include <sane_connect.h>
/* Global library. */
@ -221,7 +222,7 @@ static LMTP_SESSION *lmtp_connect_sock(int sock, struct sockaddr * sa, int len,
non_blocking(sock, BLOCKING);
errno = saved_errno;
} else {
conn_stat = connect(sock, sa, len);
conn_stat = sane_connect(sock, sa, len);
}
if (conn_stat < 0) {
vstring_sprintf(why, "connect to %s[%s]: %m",
@ -320,7 +321,7 @@ static char *lmtp_parse_destination(const char *destination, char *def_service,
* aren't going to have lmtp defined as a service, use a default value
* instead of just blowing up.
*/
if ((port = atoi(service)) != 0)
if (alldig(service) && (port = atoi(service)) != 0)
*portp = htons(port);
else if ((sp = getservbyname(service, protocol)) != 0)
*portp = sp->s_port;

15
gnu/dist/postfix/src/lmtp/lmtp_proto.c vendored
View File

@ -225,6 +225,7 @@ int lmtp_lhlo(LMTP_STATE *state)
* LMTP server. Otherwise, we might do the wrong thing when the server
* advertises a really huge message size limit.
*/
state->features = 0;
lines = resp->str;
(void) mystrtok(&lines, "\n");
while ((words = mystrtok(&lines, "\n")) != 0) {
@ -244,11 +245,6 @@ int lmtp_lhlo(LMTP_STATE *state)
if (msg_verbose)
msg_info("server features: 0x%x", state->features);
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
return (lmtp_sasl_helo_login(state));
#endif
/*
* We use LMTP command pipelining if the server said it supported it.
* Since we use blocking I/O, RFC 2197 says that we should inspect the
@ -274,6 +270,11 @@ int lmtp_lhlo(LMTP_STATE *state)
} else
state->sndbufsize = 0;
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
return (lmtp_sasl_helo_login(state));
#endif
return (0);
}
@ -703,8 +704,8 @@ static int lmtp_loop(LMTP_STATE *state, int send_state, int recv_state)
/*
* Copy the next command to the buffer and update the sender state.
*/
if (state->sndbuffree > 0)
state->sndbuffree -= VSTRING_LEN(next_command) + 2;
if (sndbuffree > 0)
sndbuffree -= VSTRING_LEN(next_command) + 2;
lmtp_chat_cmd(state, "%s", vstring_str(next_command));
send_state = next_state;
send_rcpt = next_rcpt;

6
gnu/dist/postfix/src/lmtp/lmtp_sasl_glue.c vendored
View File

@ -36,7 +36,7 @@
/* authentication.
/*
/* lmtp_sasl_passwd_lookup() looks up the username/password
/* for the current SMTP server. The result is zero in case
/* for the current LMTP server. The result is zero in case
/* of failure.
/*
/* lmtp_sasl_authenticate() implements the SASL authentication
@ -47,7 +47,7 @@
/* suceeds.
/*
/* lmtp_sasl_cleanup() cleans up. It must be called at the
/* end of every SMTP session that uses SASL authentication.
/* end of every LMTP session that uses SASL authentication.
/* This routine is a noop for non-SASL sessions.
/*
/* Arguments:
@ -369,7 +369,7 @@ void lmtp_sasl_start(LMTP_STATE *state)
#define NULL_SERVER_ADDR ((char *) 0)
#define NULL_CLIENT_ADDR ((char *) 0)
if (SASL_CLIENT_NEW("smtp", state->session->host,
if (SASL_CLIENT_NEW("lmtp", state->session->host,
NULL_CLIENT_ADDR, NULL_SERVER_ADDR,
state->sasl_callbacks, NULL_SECFLAGS,
(sasl_conn_t **) &state->sasl_conn) != SASL_OK)

1
gnu/dist/postfix/src/lmtp/lmtp_state.c vendored
View File

@ -80,7 +80,6 @@ LMTP_STATE *lmtp_state_alloc(void)
lmtp_sasl_connect(state);
#endif
state->sndbufsize = 0;
state->sndbuffree = 0;
state->reuse = 0;
return (state);
}

1
gnu/dist/postfix/src/local/Makefile.in vendored
View File

@ -462,6 +462,7 @@ token.o: ../../include/tok822.h
token.o: ../../include/resolve_clnt.h
token.o: ../../include/mail_params.h
token.o: ../../include/bounce.h
token.o: ../../include/defer.h
token.o: local.h
token.o: ../../include/been_here.h
token.o: ../../include/deliver_request.h

5
gnu/dist/postfix/src/local/token.c vendored
View File

@ -98,6 +98,7 @@
#include <tok822.h>
#include <mail_params.h>
#include <bounce.h>
#include <defer.h>
/* Application-specific. */
@ -207,6 +208,10 @@ int deliver_token_stream(LOCAL_STATE state, USER_ATTR usr_attr,
break;
}
}
if (vstream_ferror(fp))
status = defer_append(BOUNCE_FLAG_KEEP,
BOUNCE_ATTR(state.msg_attr),
"error reading .forward file: %m");
vstring_free(buf);
return (status);
}

11
gnu/dist/postfix/src/master/master_sig.c vendored
View File

@ -121,8 +121,19 @@ static void master_sigchld(int sig, int code, struct sigcontext * scp)
static void master_sigchld(int unused_sig)
{
int saved_errno = errno;
/*
* WARNING WARNING WARNING.
*
* This code runs at unpredictable moments, as a signal handler. Don't put
* any code here other than for setting a global flag, or code that is
* intended to be run within a signal handler. Restore errno in case we
* are interrupting the epilog of a failed system call.
*/
if (write(SIG_PIPE_WRITE_FD, "", 1) != 1)
msg_warn("write to SIG_PIPE_WRITE_FD failed: %m");
errno = saved_errno;
}
/* master_sig_event - called upon return from select() */

2
gnu/dist/postfix/src/nqmgr/qmgr_deliver.c vendored
View File

@ -275,7 +275,7 @@ static void qmgr_deliver_update(int unused_event, char *context)
* No problems detected. Mark the transport and queue as alive. The queue
* itself won't go away before we dispose of the current queue entry.
*/
if (status == 0) {
if (VSTRING_LEN(reason) == 0) {
qmgr_transport_unthrottle(transport);
qmgr_queue_unthrottle(queue);
}

5
gnu/dist/postfix/src/nqmgr/qmgr_message.c vendored
View File

@ -397,6 +397,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
message->rcpt_unread--;
}
} else if (rec_type == REC_TYPE_RCPT) {
/* See also below for code setting orig_rcpt. */
if (message->rcpt_list.len < recipient_limit) {
message->rcpt_unread--;
qmgr_rcpt_list_add(&message->rcpt_list, curr_offset,
@ -467,7 +468,9 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
orig_rcpt = 0;
}
if (rec_type == REC_TYPE_ORCP)
orig_rcpt = mystrdup(start);
/* See also above for code clearing orig_rcpt. */
if (message->rcpt_offset == 0)
orig_rcpt = mystrdup(start);
} while (rec_type > 0 && rec_type != REC_TYPE_END);
/*

1
gnu/dist/postfix/src/pickup/Makefile.in vendored
View File

@ -64,6 +64,7 @@ pickup.o: ../../include/vbuf.h
pickup.o: ../../include/vstream.h
pickup.o: ../../include/set_ugid.h
pickup.o: ../../include/safe_open.h
pickup.o: ../../include/watchdog.h
pickup.o: ../../include/stringops.h
pickup.o: ../../include/mail_queue.h
pickup.o: ../../include/mail_open_ok.h

10
gnu/dist/postfix/src/pickup/pickup.c vendored
View File

@ -89,6 +89,7 @@
#include <vstream.h>
#include <set_ugid.h>
#include <safe_open.h>
#include <watchdog.h>
#include <stringops.h>
/* Global library. */
@ -178,6 +179,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
if ((type = rec_get(qfile, buf, var_line_limit)) < 0
|| strchr(expected, type) == 0)
return (file_read_error(info, type));
if (msg_verbose)
msg_info("%s: read %c %s", info->id, type, vstring_str(buf));
if (type == *expected)
break;
if (type == REC_TYPE_FROM)
@ -194,6 +197,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
info->rcpt = mystrdup(vstring_str(buf));
if (type == REC_TYPE_TIME)
continue;
if (type == REC_TYPE_SIZE)
continue;
if (type == REC_TYPE_ATTR) {
if ((error_text = split_nameval(vstring_str(buf), &attr_name,
&attr_value)) != 0) {
@ -472,6 +477,10 @@ static void pickup_service(char *unused_buf, int unused_len,
* still being written, or garbage. Leave it up to the sysadmin to remove
* garbage. Keep scanning the queue directory until we stop removing
* files from it.
*
* When we find a file, stroke the watchdog so that it will not bark while
* some application is keeping us busy by injecting lots of mail into the
* maildrop directory.
*/
queue_name = MAIL_QUEUE_MAILDROP; /* XXX should be a list */
do {
@ -481,6 +490,7 @@ static void pickup_service(char *unused_buf, int unused_len,
if (mail_open_ok(queue_name, id, &info.st, &path) == MAIL_OPEN_YES) {
pickup_init(&info);
info.path = mystrdup(path);
watchdog_pat();
if (pickup_file(&info) == REMOVE_MESSAGE_FILE) {
if (REMOVE(info.path))
msg_warn("remove %s: %m", info.path);

6
gnu/dist/postfix/src/postalias/postalias.c vendored
View File

@ -53,12 +53,12 @@
/* input file. By default, \fBpostalias\fR drops root privileges
/* and runs as the source file owner instead.
/* .IP "\fB-q \fIkey\fR"
/* Search the specified maps for \fIkey\fR and print the first value
/* found on the standard output stream. The exit status is zero
/* Search the specified maps for \fIkey\fR and write the first value
/* found to the standard output stream. The exit status is zero
/* when the requested information was found.
/*
/* If a key value of \fB-\fR is specified, the program reads key
/* values from the standard input stream and prints one line of
/* values from the standard input stream and writes one line of
/* \fIkey: value\fR output for each key that was found. The exit
/* status is zero when at least one of the requested keys was found.
/* .IP \fB-r\fR

3
gnu/dist/postfix/src/postcat/Makefile.in vendored
View File

@ -65,3 +65,6 @@ postcat.o: ../../include/msg_vstream.h
postcat.o: ../../include/vstring_vstream.h
postcat.o: ../../include/record.h
postcat.o: ../../include/rec_type.h
postcat.o: ../../include/mail_queue.h
postcat.o: ../../include/mail_conf.h
postcat.o: ../../include/mail_params.h

84
gnu/dist/postfix/src/postcat/postcat.c vendored
View File

@ -4,19 +4,40 @@
/* SUMMARY
/* show Postfix queue file contents
/* SYNOPSIS
/* \fBpostcat\fR [\fB-v\fR] [\fIfiles\fR...]
/* \fBpostcat\fR [\fB-vq\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
/* DESCRIPTION
/* The \fBpostcat\fR command prints the contents of the named
/* Postfix queue \fIfiles\fR in human-readable form. If no
/* \fIfiles\fR in human-readable form. The files are expected
/* to be in Postfix queue file format. If no
/* \fIfiles\fR are specified on the command line, the program
/* reads from standard input.
/*
/* Options:
/* .IP "\fB-c \fIconfig_dir\fR"
/* The \fBmain.cf\fR configuration file is in the named directory
/* instead of the default configuration directory.
/* .IP \fB-q\fR
/* Search the Postfix queue for the named \fIfiles\fR instead
/* of taking the names literally.
/* .IP \fB-v\fR
/* Enable verbose logging for debugging purposes. Multiple \fB-v\fR
/* options make the software increasingly verbose.
/* DIAGNOSTICS
/* Problems are reported to the standard error stream.
/* ENVIRONMENT
/* .ad
/* .fi
/* .IP \fBMAIL_CONFIG\fR
/* Directory with Postfix configuration files.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* See the Postfix \fBmain.cf\fR file for syntax details and for
/* default values. Use the \fBpostfix reload\fR command after a
/* configuration change.
/* .IP \fBqueue_directory\fR
/* Top-level directory of the Postfix queue. This is also the root
/* directory of Postfix daemons that run chrooted.
/* LICENSE
/* .ad
/* .fi
@ -36,6 +57,7 @@
#include <unistd.h>
#include <time.h>
#include <fcntl.h>
#include <string.h>
/* Utility library. */
@ -49,9 +71,14 @@
#include <record.h>
#include <rec_type.h>
#include <mail_queue.h>
#include <mail_conf.h>
#include <mail_params.h>
/* Application-specific. */
#define PC_FLAG_QUEUE (1<<0) /* search queue */
#define STR vstring_str
/* postcat - visualize Postfix queue file contents */
@ -65,13 +92,13 @@ static void postcat(VSTREAM *fp, VSTRING *buffer)
int ch;
#define TEXT_RECORD(rec_type) \
(rec_type == REC_TYPE_CONT || rec_type == REC_TYPE_NORM)
(rec_type == REC_TYPE_CONT || rec_type == REC_TYPE_NORM)
/*
* See if this is a plausible file.
*/
if ((ch = VSTREAM_GETC(fp)) != VSTREAM_EOF) {
if (ch != REC_TYPE_TIME && ch != REC_TYPE_SIZE) {
if (!strchr(REC_TYPE_ENVELOPE, ch)) {
msg_warn("%s: input is not a valid queue file", VSTREAM_PATH(fp));
return;
}
@ -139,7 +166,8 @@ static void postcat(VSTREAM *fp, VSTRING *buffer)
static NORETURN usage(char *myname)
{
msg_fatal("usage: %s [-v] [file(s)...]", myname);
msg_fatal("usage: %s [-c config_dir] [-q (access queue)] [-v] [file(s)...]",
myname);
}
int main(int argc, char **argv)
@ -149,6 +177,17 @@ int main(int argc, char **argv)
int ch;
int fd;
struct stat st;
int flags = 0;
static char *queue_names[] = {
MAIL_QUEUE_MAILDROP,
MAIL_QUEUE_INCOMING,
MAIL_QUEUE_ACTIVE,
MAIL_QUEUE_DEFERRED,
MAIL_QUEUE_HOLD,
0,
};
char **cpp;
int tries;
/*
* To minimize confusion, make sure that the standard file descriptors
@ -168,8 +207,15 @@ int main(int argc, char **argv)
/*
* Parse JCL.
*/
while ((ch = GETOPT(argc, argv, "v")) > 0) {
while ((ch = GETOPT(argc, argv, "c:qv")) > 0) {
switch (ch) {
case 'c':
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
msg_fatal("out of memory");
break;
case 'q':
flags |= PC_FLAG_QUEUE;
break;
case 'v':
msg_verbose++;
break;
@ -178,6 +224,11 @@ int main(int argc, char **argv)
}
}
/*
* Further initialization...
*/
mail_conf_read();
/*
* Initialize.
*/
@ -193,6 +244,27 @@ int main(int argc, char **argv)
postcat(VSTREAM_IN, buffer);
}
/*
* Copy the named queue files in the specified order.
*/
else if (flags & PC_FLAG_QUEUE) {
if (chdir(var_queue_dir))
msg_fatal("chdir %s: %m", var_queue_dir);
while (optind < argc) {
if (!mail_queue_id_ok(argv[optind]))
msg_fatal("bad mail queue ID: %s", argv[optind]);
for (fp = 0, tries = 0; fp == 0 && tries < 2; tries++)
for (cpp = queue_names; fp == 0 && *cpp != 0; cpp++)
fp = mail_queue_open(*cpp, argv[optind], O_RDONLY, 0);
if (fp == 0)
msg_fatal("open queue file %s: %m", argv[optind]);
postcat(fp, buffer);
if (vstream_fclose(fp))
msg_warn("close %s: %m", argv[optind]);
optind++;
}
}
/*
* Copy the named files in the specified order.
*/

5
gnu/dist/postfix/src/postdrop/postdrop.c vendored
View File

@ -178,7 +178,7 @@ int main(int argc, char **argv)
MAIL_STREAM *dst;
int rec_type;
static char *segment_info[] = {
REC_TYPE_ENVELOPE, REC_TYPE_CONTENT, REC_TYPE_EXTRACT,
REC_TYPE_POST_ENVELOPE, REC_TYPE_POST_CONTENT, REC_TYPE_POST_EXTRACT, ""
};
char **expected;
uid_t uid = getuid();
@ -315,9 +315,6 @@ int main(int argc, char **argv)
}
if (rec_type == REC_TYPE_ERROR)
msg_fatal("uid=%ld: malformed input", (long) uid);
if (rec_type == REC_TYPE_TIME)
rec_fprintf(dst->stream, REC_TYPE_TIME, "%ld",
(long) time((time_t *) 0));
if (strchr(*expected, rec_type) == 0)
msg_fatal("uid=%ld: unexpected record type: %d", (long) uid, rec_type);
if (rec_type == **expected)

6
gnu/dist/postfix/src/postmap/postmap.c vendored
View File

@ -74,12 +74,12 @@
/* input file. By default, \fBpostmap\fR drops root privileges
/* and runs as the source file owner instead.
/* .IP "\fB-q \fIkey\fR"
/* Search the specified maps for \fIkey\fR and print the first value
/* found on the standard output stream. The exit status is zero
/* Search the specified maps for \fIkey\fR and write the first value
/* found to the standard output stream. The exit status is zero
/* when the requested information was found.
/*
/* If a key value of \fB-\fR is specified, the program reads key
/* values from the standard input stream and prints one line of
/* values from the standard input stream and writes one line of
/* \fIkey value\fR output for each key that was found. The exit
/* status is zero when at least one of the requested keys was found.
/* .IP \fB-r\fR

92
gnu/dist/postfix/src/postsuper/postsuper.c vendored
View File

@ -188,6 +188,7 @@
#include <string.h>
#include <signal.h>
#include <stdio.h> /* remove() */
#include <utime.h>
/* Utility library. */
@ -428,6 +429,7 @@ static int requeue_one(const char **queue_names, const char *queue_id)
VSTRING *new_path_buf;
int found;
int tries;
struct utimbuf tbuf;
/*
* Sanity check. No early returns beyond this point.
@ -454,6 +456,9 @@ static int requeue_one(const char **queue_names, const char *queue_id)
continue;
(void) mail_queue_path(new_path_buf, MAIL_QUEUE_MAILDROP, queue_id);
if (postrename(old_path, STR(new_path_buf)) == 0) {
tbuf.actime = tbuf.modtime = time((time_t *) 0);
if (utime(STR(new_path_buf), &tbuf) < 0)
msg_warn("%s: reset time stamps: %m", STR(new_path_buf));
msg_info("%s: requeued", queue_id);
found = 1;
break;
@ -985,16 +990,13 @@ int main(int argc, char **argv)
msg_fatal("open /dev/null: %m");
/*
* Process environment options as early as we can. We might be called
* from a set-uid (set-gid) program, so be careful with importing
* environment variables.
* Process this environment option as early as we can, to aid debugging.
*/
if (safe_getenv(CONF_ENV_VERB))
msg_verbose = 1;
/*
* Initialize. Set up logging, read the global configuration file and
* extract configuration information.
* Initialize logging.
*/
if ((slash = strrchr(argv[0], '/')) != 0)
argv[0] = slash + 1;
@ -1002,47 +1004,37 @@ int main(int argc, char **argv)
msg_syslog_init(mail_task(argv[0]), LOG_PID, LOG_FACILITY);
set_mail_conf_str(VAR_PROCNAME, var_procname = mystrdup(argv[0]));
mail_conf_read();
if (chdir(var_queue_dir))
msg_fatal("chdir %s: %m", var_queue_dir);
/*
* Be sure to log a warning if we do not finish structural repair. Maybe
* we should have an fsck-style "clean" flag so Postfix will not start
* with a broken queue.
*/
signal(SIGHUP, interrupted);
signal(SIGINT, interrupted);
signal(SIGQUIT, interrupted);
signal(SIGTERM, interrupted);
msg_cleanup(fatal_exit);
/*
* All file/directory updates must be done as the mail system owner. This
* is because Postfix daemons manipulate the queue with those same
* privileges, so directories must be created with the right ownership.
*
* Running as a non-root user is also required for security reasons. When
* the Postfix queue hierarchy is compromised, an attacker could trick us
* into entering other file hierarchies and afflicting damage. Running as
* a non-root user limits the damage to the already compromised mail
* owner.
* Disallow unsafe practices, and refuse to run set-uid (or as the child
* of a set-uid process). Whenever a privileged wrapper program is
* needed, it must properly sanitize the real/effective/saved UID/GID,
* the secondary groups, the process environment, and so on. Otherwise,
* accidents can happen. If not with Postfix, then with other software.
*/
if (unsafe() != 0)
msg_fatal("this postfix command must not run as a set-uid process");
if (getuid())
msg_fatal("use of this command is reserved for the superuser");
set_ugid(var_owner_uid, var_owner_gid);
/*
* Parse JCL.
*/
while ((c = GETOPT(argc, argv, "d:h:H:pr:sv")) > 0) {
while ((c = GETOPT(argc, argv, "c:d:h:H:pr:sv")) > 0) {
switch (c) {
default:
msg_fatal("usage: %s [-d queue_id (delete)] "
msg_fatal("usage: %s "
"[-c config_dir] "
"[-d queue_id (delete)] "
"[-h queue_id (hold)] [-H queue_id (un-hold)] "
"[-p (purge temporary files)] [-r queue_id (requeue)] "
"[-s (structure fix)] [-v (verbose)] "
"[queue...]", argv[0]);
case 'c':
if (*optarg != '/')
msg_fatal("-c requires absolute pathname");
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
msg_fatal("setenv: %m");
break;
case 'd':
if (delete_names == 0)
delete_names = argv_alloc(1);
@ -1083,6 +1075,42 @@ int main(int argc, char **argv)
}
}
/*
* Read the global configuration file and extract configuration
* information. The -c command option can override the default
* configuration directory location.
*/
mail_conf_read();
if (chdir(var_queue_dir))
msg_fatal("chdir %s: %m", var_queue_dir);
/*
* All file/directory updates must be done as the mail system owner. This
* is because Postfix daemons manipulate the queue with those same
* privileges, so directories must be created with the right ownership.
*
* Running as a non-root user is also required for security reasons. When
* the Postfix queue hierarchy is compromised, an attacker could trick us
* into entering other file hierarchies and afflicting damage. Running as
* a non-root user limits the damage to the already compromised mail
* owner.
*/
set_ugid(var_owner_uid, var_owner_gid);
/*
* Be sure to log a warning if we do not finish structural repair. Maybe
* we should have an fsck-style "clean" flag so Postfix will not start
* with a broken queue.
*
* Set up signal handlers after permanently dropping super-user privileges,
* so that signal handlers will always run with the correct privileges.
*/
signal(SIGHUP, interrupted);
signal(SIGINT, interrupted);
signal(SIGQUIT, interrupted);
signal(SIGTERM, interrupted);
msg_cleanup(fatal_exit);
/*
* Sanity checks.
*/

4
gnu/dist/postfix/src/proxymap/proxymap.c vendored
View File

@ -78,6 +78,8 @@
/* The proxymap server opens only tables that are approved via the
/* \fBproxy_read_maps\fR configuration parameter, does not talk to
/* users, and can run at fixed low privilege, chrooted or not.
/* However, running the proxymap server chrooted severely limits
/* usability, because it can open only chrooted tables.
/*
/* The proxymap server is not a trusted daemon process, and must
/* not be used to look up sensitive information such as user or
@ -348,7 +350,7 @@ DICT *dict_proxy_open(const char *map, int open_flags, int dict_flags)
static void post_jail_init(char *unused_name, char **unused_argv)
{
const char *sep = " \t\r\n";
const char *sep = ", \t\r\n";
char *saved_filter;
char *bp;
char *type_name;

2
gnu/dist/postfix/src/qmgr/qmgr_deliver.c vendored
View File

@ -270,7 +270,7 @@ static void qmgr_deliver_update(int unused_event, char *context)
* No problems detected. Mark the transport and queue as alive. The queue
* itself won't go away before we dispose of the current queue entry.
*/
if (status == 0) {
if (VSTRING_LEN(reason) == 0) {
qmgr_transport_unthrottle(transport);
qmgr_queue_unthrottle(queue);
}

24
gnu/dist/postfix/src/sendmail/sendmail.c vendored
View File

@ -378,6 +378,13 @@ static void enqueue(const int flags, const char *encoding, const char *sender,
*/
buf = vstring_alloc(100);
/*
* Stop run-away process accidents by limiting the queue file size. This
* is not a defense against DOS attack.
*/
if (var_message_limit > 0 && get_file_limit() > var_message_limit)
set_file_limit((off_t) var_message_limit);
/*
* The sender name is provided by the user. In principle, the mail pickup
* service could deduce the sender name from queue file ownership, but:
@ -428,7 +435,6 @@ static void enqueue(const int flags, const char *encoding, const char *sender,
*
* XXX Should limit the size of envelope records.
*/
rec_fprintf(dst, REC_TYPE_TIME, "%ld", (long) time((time_t *) 0));
if (full_name || (full_name = fullname()) != 0)
rec_fputs(dst, REC_TYPE_FULL, full_name);
rec_fputs(dst, REC_TYPE_FROM, saved_sender);
@ -548,6 +554,7 @@ int main(int argc, char **argv)
int flags = SM_FLAG_DEFAULT;
char *site_to_flush = 0;
char *encoding = 0;
char *qtime = 0;
/*
* Be consistent with file permissions.
@ -612,13 +619,6 @@ int main(int argc, char **argv)
if (chdir(var_queue_dir))
msg_fatal_status(EX_UNAVAILABLE, "chdir %s: %m", var_queue_dir);
/*
* Stop run-away process accidents by limiting the queue file size. This
* is not a defense against DOS attack.
*/
if (var_message_limit > 0 && get_file_limit() > var_message_limit)
set_file_limit((off_t) var_message_limit);
signal(SIGPIPE, SIG_IGN);
/*
@ -751,11 +751,7 @@ int main(int argc, char **argv)
break;
case 'q':
if (ISDIGIT(optarg[0])) {
if (mode == SM_MODE_DAEMON) {
if (msg_verbose)
msg_info("-%c%s option ignored", c, optarg);
}
qtime = optarg;
} else if (optarg[0] == 'R') {
site_to_flush = optarg + 1;
if (*site_to_flush == 0)
@ -799,6 +795,8 @@ int main(int argc, char **argv)
/*
* Start processing. Everything is delegated to external commands.
*/
if (qtime && mode != SM_MODE_DAEMON)
exit(0);
switch (mode) {
default:
msg_panic("unknown operation mode: %d", mode);

1
gnu/dist/postfix/src/smtp/Makefile.in vendored
View File

@ -137,6 +137,7 @@ smtp_connect.o: ../../include/iostuff.h
smtp_connect.o: ../../include/timed_connect.h
smtp_connect.o: ../../include/stringops.h
smtp_connect.o: ../../include/host_port.h
smtp_connect.o: ../../include/sane_connect.h
smtp_connect.o: ../../include/mail_params.h
smtp_connect.o: ../../include/own_inet_addr.h
smtp_connect.o: ../../include/dns.h

4
gnu/dist/postfix/src/smtp/smtp.c vendored
View File

@ -21,10 +21,6 @@
/* the destination host, sorts the list by preference, and connects
/* to each listed address until it finds a server that responds.
/*
/* When the domain or host is specified as a comma/whitespace
/* separated list, the SMTP client repeats the above process
/* for all destinations until it finds a server that responds.
/*
/* Once the SMTP client has received the server greeting banner, no
/* error will cause it to proceed to the next address on the mail
/* exchanger list. Instead, the message is either bounced, or its

20
gnu/dist/postfix/src/smtp/smtp_proto.c vendored
View File

@ -808,7 +808,25 @@ int smtp_xfer(SMTP_STATE *state)
prev_type = rec_type;
}
if (prev_type == REC_TYPE_CONT) /* missing newline at end */
if (state->mime_state) {
/*
* The cleanup server normally ends MIME content with a
* normal text record. The following code is needed to flush
* an internal buffer when someone submits 8-bit mail not
* ending in newline via /usr/sbin/sendmail while MIME input
* processing is turned off, and MIME 8bit->7bit conversion
* is requested upon delivery.
*/
mime_errs =
mime_state_update(state->mime_state, rec_type, "", 0);
if (mime_errs) {
smtp_mesg_fail(state, 554,
"MIME 7-bit conversion failed: %s",
mime_state_error(mime_errs));
RETURN(0);
}
} else if (prev_type == REC_TYPE_CONT) /* missing newline */
smtp_fputs("", 0, session->stream);
if ((state->features & SMTP_FEATURE_MAYBEPIX) != 0
&& request->arrival_time < vstream_ftime(session->stream)

1
gnu/dist/postfix/src/smtpd/smtpd.h vendored
View File

@ -93,6 +93,7 @@ typedef struct SMTPD_STATE {
int defer_if_permit_client; /* force permit into warning */
int defer_if_permit_helo; /* force permit into warning */
int defer_if_permit_sender; /* force permit into warning */
int discard; /* discard message */
VSTRING *expand_buf; /* scratch space for $name expansion */
} SMTPD_STATE;

1
gnu/dist/postfix/src/smtpd/smtpd_check.h vendored
View File

@ -16,7 +16,6 @@ extern void smtpd_check_init(void);
extern char *smtpd_check_client(SMTPD_STATE *);
extern char *smtpd_check_helo(SMTPD_STATE *, char *);
extern char *smtpd_check_mail(SMTPD_STATE *, char *);
extern char *smtpd_check_rcptmap(SMTPD_STATE *, char *);
extern char *smtpd_check_size(SMTPD_STATE *, off_t);
extern char *smtpd_check_rcpt(SMTPD_STATE *, char *);
extern char *smtpd_check_etrn(SMTPD_STATE *, char *);

1
gnu/dist/postfix/src/smtpd/smtpd_check.in4 vendored
View File

@ -11,6 +11,7 @@ sender_restrictions hash:./smtpd_check_access
mail rejecttext@bad.domain
mail filter@filter.domain
mail filtertext@filter.domain
mail filtertexttext@filter.domain
mail hold@hold.domain
mail holdtext@hold.domain
mail discard@hold.domain

7
gnu/dist/postfix/src/smtpd/smtpd_check.ref4 vendored
View File

@ -14,10 +14,13 @@ OK
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 554 <rejecttext@bad.domain>: Sender address rejected: text; from=<rejecttext@bad.domain> proto=SMTP
554 <rejecttext@bad.domain>: Sender address rejected: text
>>> mail filter@filter.domain
./smtpd_check: warning: access map hash:./smtpd_check_access entry filter@filter.domain has FILTER entry without value
./smtpd_check: warning: access map hash:./smtpd_check_access entry "filter@filter.domain" has FILTER entry without value
OK
>>> mail filtertext@filter.domain
./smtpd_check: <queue id>: filter: MAIL from localhost[127.0.0.1]: <filtertext@filter.domain>: Sender address triggers FILTER text; from=<filtertext@filter.domain> proto=SMTP
./smtpd_check: warning: access map hash:./smtpd_check_access entry "filtertext@filter.domain" requires transport:destination
OK
>>> mail filtertexttext@filter.domain
./smtpd_check: <queue id>: filter: MAIL from localhost[127.0.0.1]: <filtertexttext@filter.domain>: Sender address triggers FILTER text:text; from=<filtertexttext@filter.domain> proto=SMTP
OK
>>> mail hold@hold.domain
./smtpd_check: <queue id>: hold: MAIL from localhost[127.0.0.1]: <hold@hold.domain>: Sender address triggers HOLD action; from=<hold@hold.domain> proto=SMTP

Some files were not shown because too many files have changed in this diff Show More