Postfix 2.0.19
This commit is contained in:
parent
7b58653939
commit
c7fd7e15fb
|
@ -46,10 +46,10 @@ Web sites:
|
|||
|
||||
Mail addresses (PLEASE send questions to the mailing list)
|
||||
|
||||
postfix-XXX@postfix.org Postfix mailing lists
|
||||
postfix-users@postfix.org Postfix users mailing list
|
||||
wietse@porcupine.org the original author
|
||||
|
||||
In order to subscribe to a mailing list, see http://www.postfix.org/.
|
||||
In order to subscribe to the mailing list, see http://www.postfix.org/.
|
||||
|
||||
Acknowledgments
|
||||
===============
|
||||
|
|
|
@ -31,7 +31,6 @@ mailertable yes (it's called transport)
|
|||
mailq yes
|
||||
majordomo yes (edit approve script to delete /^delivered-to:/i)
|
||||
mime yes (including 8bit to quoted-printable conversion)
|
||||
mime conversion not yet; postfix uses just-send-eight
|
||||
mysql tables yes (contributed)
|
||||
netinfo tables yes (contributed)
|
||||
newaliases yes (main alias database only)
|
||||
|
|
|
@ -1262,12 +1262,12 @@ Apologies for any names omitted.
|
|||
reorganization of the way queue scans were done. The queue
|
||||
manager socket now has become public.
|
||||
|
||||
10091002
|
||||
19981002
|
||||
|
||||
SMTPD now logs "lost connection after end-of-message" instead
|
||||
of "lost connection after DATA".
|
||||
|
||||
10091005
|
||||
19981005
|
||||
|
||||
More bullet proofing: timeouts on all triggers.
|
||||
|
||||
|
@ -6928,7 +6928,7 @@ Apologies for any names omitted.
|
|||
File: util/dict_regexp.c.
|
||||
|
||||
|
||||
200209010
|
||||
20020910
|
||||
|
||||
Bugfix: the SMTP client produced suprious warnings about
|
||||
trouble with fallback_relay hosts. File: smtp/smtp_connect.c.
|
||||
|
@ -6936,7 +6936,7 @@ Apologies for any names omitted.
|
|||
Robustness: don't wait with detecting broken SMTP connections
|
||||
until reading input. Leandro Santi. File: smtpd/smtpd_chat.c.
|
||||
|
||||
200209011
|
||||
20020911
|
||||
|
||||
Workaround: IRIX 6 can't do ioctl FIONREAD on pipes. This
|
||||
breaks the in_flow_delay feature. File: util/sys_defs.h.
|
||||
|
@ -7682,8 +7682,308 @@ Apologies for any names omitted.
|
|||
systems against exploitation of the remote buffer overflow
|
||||
vulnerability described in CERT advisory CA-2003-07.
|
||||
|
||||
20030311-19
|
||||
|
||||
Bugfix: the access map actions HOLD, DISCARD and FILTER
|
||||
were broken with smtpd_delay_reject=no and with ETRN. Fixing
|
||||
this required re-architecting of the actions code. Files:
|
||||
smtpd/smtpd.[hc], smtpd/smtpd_check.c, smtpd/smtpd_state.c.
|
||||
|
||||
20030315
|
||||
|
||||
Bugfix: the postsuper manual page documented support for
|
||||
the -c command line option, but it was not implemented.
|
||||
File: postsuper/postsuper.c.
|
||||
|
||||
Bugfix: the Postfix 2.0 recipient map checking code broke
|
||||
the VRFY command, causing it to reply with status code 252
|
||||
for non-existent addresses. This required re-architecting
|
||||
the recipient table lookup code. File: smtpd/smtpd_check.c.
|
||||
|
||||
20030410
|
||||
|
||||
Safety: log a fatal error when a net/mask pattern has a
|
||||
non-zero host part, so that mail delivery is deferred.
|
||||
File: util/match_ops.c.
|
||||
|
||||
20030411
|
||||
|
||||
Bugfix: extraneous warning about out-of-order original
|
||||
recipient records by Patrik Rak. Files: *qmgr/qmgr_message.c.
|
||||
|
||||
20030415
|
||||
|
||||
Workaround: log a warning and reset incoming queue file
|
||||
time stamps when the file system clock is ahead of the
|
||||
local clock, instead of ignoring new mail until the next
|
||||
queue scan. The file system clock drift detection executes
|
||||
only once per process instance, to minimize the performance
|
||||
impact. File: global/mail_stream.c.
|
||||
|
||||
20030416
|
||||
|
||||
Bugfix: missing partial last line when 1) someone submits
|
||||
8-bit mail not ending in newline via /usr/sbin/sendmail
|
||||
and 2) MIME input processing is turned off, and 3) MIME
|
||||
8bit->7bit conversion is requested upon delivery via SMTP.
|
||||
|
||||
20030424
|
||||
|
||||
Cleanup: readlline() did not terminate the result before
|
||||
complaining about lines starting with whitespace.
|
||||
|
||||
Cleanup: eliminated valid_hostname warning for invalid
|
||||
queue file names. File: global/mail_queue.c.
|
||||
|
||||
Bugfix: the Postfix sendmail command applied the message
|
||||
size limit when running as newaliases. The limiting code
|
||||
is now moved to the message enqueuing branch of the code.
|
||||
File: sendmail/sendmail.c.
|
||||
|
||||
20030429
|
||||
|
||||
Bugfix: "," was not recognized in proxy_read_maps settings.
|
||||
Fix by Leandro Santi. File: proxymap/proxymap.c.
|
||||
|
||||
20030502
|
||||
|
||||
Bugfix: defer delivery after .forward etc. file read error.
|
||||
File: local/token.c. Problem reported by Ben Rosengart,
|
||||
Panix.
|
||||
|
||||
20030520
|
||||
|
||||
Cleanup: future time stamps in Received: headers and negative
|
||||
delays in delivery agent logging after "postdrop -r",
|
||||
because deferred queue files had future file modification
|
||||
times. File: src/postsuper/postsuper.c.
|
||||
|
||||
20030521
|
||||
|
||||
Cleanup: nqmgr warnings about "recipient count mismatch"
|
||||
after "postdrop -r", because the cleanup server did not
|
||||
count the "already done" recipients. Problem reported by
|
||||
Richard Stockton, Gramma Software. Files:
|
||||
cleanup/cleanup_envelope.c, cleanup/cleanup_extracted.c
|
||||
|
||||
20030528
|
||||
|
||||
Compatibility: "sendmail -q<time>" without -bd option now
|
||||
exits immediately, instead of waiting for input on the
|
||||
standard input stream and screwing up system boot sequences.
|
||||
File: sendmail/sendmail.c.
|
||||
|
||||
Bugfix: the Postfix LMTP client used the wrong service
|
||||
name, causing trouble with SASL 2.1.13. Daniel Schales,
|
||||
Louisiana Tech. File: lmtp/lmtp_sasl_glue.c.
|
||||
|
||||
Workaround: IRIX select() reports that a non-blocking file
|
||||
descriptor is writable while write() transfers zero bytes.
|
||||
File: global/pipe_command.c.
|
||||
|
||||
Feature: "postcat -q" (search the queue for the named file)
|
||||
support copied from snapshot release because I can't see
|
||||
people suffer. File: postcat/postcat.c.
|
||||
|
||||
20030530
|
||||
|
||||
Bugfix: client access denied with smtpd_delay_reject=no
|
||||
broke "sendmail -bs". Fix by Victor Duchovni, Morgan Stanley.
|
||||
File: smtpd/smtpd.c.
|
||||
|
||||
20030531
|
||||
|
||||
Compatibility: allow <@site,@site:address> route addresses
|
||||
in SMTP commands. File: smtpd/smtpd.c.
|
||||
|
||||
20030605
|
||||
|
||||
Bugfix: the "dead host" backoff timer in the MySQL client
|
||||
didn't work. Fix by Leandro Santi. File: util/dict_mysql.c.
|
||||
|
||||
Safety: stricter checks on what queue file records the
|
||||
postdrop submission command accepts (idea copied from
|
||||
snapshot). File: postdrop/postdrop.c.
|
||||
|
||||
Workaround: turned off non-blocking write to pipe because
|
||||
too many systems give a weird write() result. File:
|
||||
global/pipe_command.c.
|
||||
|
||||
20030609
|
||||
|
||||
Workaround: Solaris blocking socket read() may hang. Hernan
|
||||
Perez Masci and Leandro Santi. File: smtpd/smtpd.c.
|
||||
|
||||
20030611
|
||||
|
||||
Bugfix: the stricter postdrop input filter broke "sendmail
|
||||
-bs". Found by Lutz Jaenicke. File: smtpd/smtpd.c.
|
||||
|
||||
20030616
|
||||
|
||||
Cleanup: more accurate "postfix check" warning for files
|
||||
that miss one or more of the required mode 02111 execute
|
||||
permission bits. Matthias Andree. File: conf/postfix-script.
|
||||
|
||||
20030618
|
||||
|
||||
Workaround: after "postfix reload", the master daemon now
|
||||
warns when inet_interfaces has changed, and ignores the
|
||||
change, instead of passing incorrect information to the
|
||||
smtp server. File: master/master_ent.c.
|
||||
|
||||
20030620
|
||||
|
||||
Bugfix: after the last change to postdrop, postcat no longer
|
||||
recognized maildrop queue files as valid. File: postcat/postcat.c.
|
||||
|
||||
20030621
|
||||
|
||||
Workaround: the safe_open(O_CREAT) race condition exploit
|
||||
avoiding code tries a little harder when it encounters a
|
||||
race condition. File: util/safe_open.c.
|
||||
|
||||
20030629
|
||||
|
||||
Cleanup: replaced references to "simulated virtual domains"
|
||||
by "virtual alias domains". Victor Duchovni, Morgan Stanley.
|
||||
|
||||
20030711
|
||||
|
||||
Bugfix: the LMTP session caching code did not reset the
|
||||
EHLO server feature list when it needed to reconnect.
|
||||
Problem found by Tobias Erbsland.
|
||||
|
||||
20030717
|
||||
|
||||
Documentation: corrected the command time limit parameter
|
||||
syntax in the spawn(8) manual page.
|
||||
|
||||
20030811
|
||||
|
||||
Cleanup: produce a warning when host:port specifies a badly
|
||||
formatted numerical port. Files: util/find_inet.c,
|
||||
smtp/smtp_connect.c, lmtp/lmtp_connect.c.
|
||||
|
||||
20030905
|
||||
|
||||
Workaround: Solaris 8 select() claims that a non-blocking
|
||||
socket is readable and then read() fails with EAGAIN. Files:
|
||||
util/timed_read.c and as precautionary measure,
|
||||
util/timed_write.c.
|
||||
|
||||
20030908
|
||||
|
||||
The 20030905 workaround triggers too many warnings. TCP
|
||||
sockets are back to blocking, and keepalives are turned on
|
||||
to kill off dead sockets, as suggested by Leandro Santi.
|
||||
Files: master/{single,multi}_server.c, smtpd/smtpd.c,
|
||||
util/sys_defs.h.
|
||||
|
||||
20030909
|
||||
|
||||
Bugfix: the LMTP session caching code had problems with
|
||||
SASL authentication after the first connection, and pipelining
|
||||
was working poorly. Fix by Viktor Dukhovni, Morgan Stanley.
|
||||
Files: lmtp/lmtp.c, lmtp/lmtp_proto.c.
|
||||
|
||||
20030912
|
||||
|
||||
Workaround: besides SMTP server sockets, SMTP client sockets
|
||||
can also hang on Solaris, as reported by Leandro Santi. In
|
||||
order to deal with this at the root, all connection management
|
||||
is now done by sane_accept() and sane_connect(). Both turn
|
||||
on keepalives on Solaris.
|
||||
|
||||
20030913
|
||||
|
||||
Safety: set-gid commands don't trust TZ. File: msg_syslog.c.
|
||||
|
||||
20031027
|
||||
|
||||
Portability: MacOS X Bind8 compatibility. File: makedefs.
|
||||
|
||||
20031110
|
||||
|
||||
Cleanup: don't report that $queue_directory/etc/filename
|
||||
differs from /etc/filename when /etc/filename does not
|
||||
exist. File: conf/postfix-script.
|
||||
|
||||
20031126
|
||||
|
||||
Bugfix: "panic: mymalloc: requested length 0" when master.cf
|
||||
specified an invalid host name or address. Postfix now
|
||||
logs more specific information. File: master/master_ent.c.
|
||||
Reported by several people.
|
||||
|
||||
20031215
|
||||
|
||||
Safety: updated mail_queue_id_ok() for long fast flush
|
||||
logfile names. File: global/mail_queue.c.
|
||||
|
||||
Robustness: save and restore the resolver _res.options
|
||||
settings before and after DNS lookup, to avoid surprises
|
||||
in third-party code. This may eliminate some "localhost
|
||||
not found" problems. File: dns/dns_lookup.c.
|
||||
|
||||
20031222
|
||||
|
||||
Cleanup: shaved half the worst-case bits off the cleanup
|
||||
duplicate address filter footprint. After discussion with
|
||||
Victor Duchovni. File: cleanup/cleanup_out_recipient.c.
|
||||
|
||||
20031223
|
||||
|
||||
Bugfix: restore errno after write failure in SIGCHLD handler.
|
||||
Leandro Santi. File: master/master_sig.c.
|
||||
|
||||
20040104
|
||||
|
||||
Workaround: MacOSX dumps core on the 20030913 TZ censoring
|
||||
code. We explictly set TZ=UTC, which will produce incorrect
|
||||
results when "mailq" formatting is moved from the showq
|
||||
daemon to the postqueue command. File: msg_syslog.c.
|
||||
|
||||
Bugfix: vstring_get() etc. now return VSTREAM_EOF when they
|
||||
terminate prematurely, instead of returning the last
|
||||
character stored. This avoids mis-leading warnings. File:
|
||||
global/vstring_vstream.c.
|
||||
|
||||
20040115
|
||||
|
||||
Performance: allow delivery concurrency to increase even
|
||||
while mail is deferred, as long as the delivery agent does
|
||||
not report really serious trouble with the destination.
|
||||
Files: *qmgr/qmgr_deliver.c.
|
||||
|
||||
20040122
|
||||
|
||||
UNDO the 20040104 change (vstring_get() etc. return
|
||||
VSTREAM_EOF when they terminate prematurely, instead of
|
||||
returning the last character stored, to avoid mis-leading
|
||||
warnings). File: global/vstring_vstream.c.
|
||||
|
||||
Portability: test -e is not portable. File: conf/postfix-script.
|
||||
|
||||
20040302
|
||||
|
||||
Bugfix: the pickup daemon now strokes the watchdog frequently
|
||||
to prevent the watchdog from barking when mail arrives
|
||||
faster than it can be picked up. File: pickup/pickup.c.
|
||||
|
||||
20040311
|
||||
|
||||
Bugfix: bad address syntax caused map lookup with zero-length
|
||||
keys. Problem reported by Andrei Koulik. Files:
|
||||
util/match_ops.c, src/trivial-rewrite/transport.c.
|
||||
|
||||
Open problems:
|
||||
|
||||
Doc: mention the proxy_interfaces parameter everywhere the
|
||||
inet_interfaces and mydestination parameters are mentioned.
|
||||
|
||||
Low: smtp-source may block when sending large test messages.
|
||||
|
||||
Low: after successful delivery, per-queue window += 1/window,
|
||||
after failure, queue window -= 1 (Victor).
|
||||
|
||||
|
|
|
@ -144,15 +144,19 @@ configuration directory other than /etc/postfix, use:
|
|||
|
||||
Be sure to get the quotes right. These details matter a lot.
|
||||
|
||||
Other parameters whose defaults can be specified in this way are:
|
||||
Parameters whose defaults can be specified in this way are:
|
||||
|
||||
Macro name default value for
|
||||
-------------------------------------
|
||||
DEF_COMMAND_DIR command_directory
|
||||
DEF_DAEMON_DIR daemon_directory
|
||||
DEF_SENDMAIL_PATH sendmail_path
|
||||
DEF_MAILQ_PATH mailq_path
|
||||
DEF_NEWALIAS_PATH newaliases_path
|
||||
Macro name default value for typical default
|
||||
-----------------------------------------------------------
|
||||
DEF_COMMAND_DIR command_directory /usr/sbin
|
||||
DEF_CONFIG_DIR config_directory /etc/postfix
|
||||
DEF_DAEMON_DIR daemon_directory /usr/libexec/postfix
|
||||
DEF_MAILQ_PATH mailq_path /usr/bin/mailq
|
||||
DEF_MANPAGE_DIR manpage_directory /usr/local/man
|
||||
DEF_NEWALIAS_PATH newaliases_path /usr/bin/newaliases
|
||||
DEF_README_DIR readme_directory no (do not install)
|
||||
DEF_SAMPLE_DIR sample_directory /etc/postfix
|
||||
DEF_SENDMAIL_PATH sendmail_path /usr/sbin/sendmail
|
||||
|
||||
In order to build Postfix for very large applications, where you
|
||||
expect to run more than 1000 delivery processes, you may need to
|
||||
|
|
|
@ -236,8 +236,9 @@ program.
|
|||
|
||||
Note: the localhost port 10025 SMTP server filter should announce
|
||||
itself as "220 localhost...". Postfix aborts delivery when it
|
||||
connects to an SMTP server that uses the same hostname, because
|
||||
that normally means you have a mail delivery loop problem.
|
||||
connects to an SMTP server that uses the same hostname as Postfix
|
||||
("host <servername> greeted me with my own hostname"), because that
|
||||
normally means you have a mail delivery loop problem.
|
||||
|
||||
The example here assumes that the /some/where/filter command is a
|
||||
PERL script. PERL has modules that make talking SMTP easy. The
|
||||
|
@ -280,9 +281,9 @@ mail.
|
|||
The "-o local_recipient_maps=" and "-o relay_recipient_maps=" avoid
|
||||
unnecessary table lookups.
|
||||
|
||||
The "-o myhostname=localhost.domain.tld" avoids a possible problem
|
||||
if your content filter is based on a proxy that simply relays SMTP
|
||||
commands.
|
||||
The "-o myhostname=localhost.domain.tld" avoids false alarms ("host
|
||||
<servername> greeted me with my own hostname") if your content
|
||||
filter is based on a proxy that simply relays SMTP commands.
|
||||
|
||||
The "-o smtpd_xxx_restrictions" and "-o mynetworks=127.0.0.0/8"
|
||||
turn off UCE controls that would only waste time here.
|
||||
|
@ -504,7 +505,7 @@ Limitations:
|
|||
precedence over filters specified with the main.cf content_filter
|
||||
parameter.
|
||||
|
||||
- Only the last FILTER action from smtpd access maps or in
|
||||
- Only the last FILTER action from smtpd access maps or from
|
||||
header/body_checks takes effect.
|
||||
|
||||
- The same content filter is applied to all the recipients of a
|
||||
|
|
|
@ -50,7 +50,8 @@ UCE restriction.
|
|||
|
||||
SASL authentication information is not passed on via message headers
|
||||
or via SMTP. It is no-one's business what username and authentication
|
||||
method the poster was using in order to access the mail server.
|
||||
method the poster was using in order to access the mail server. The
|
||||
people who need to know can find the information in the maillog file.
|
||||
|
||||
When sending mail, Postfix looks up the server hostname or destination
|
||||
domain (the address remote part) in a table, and if a username/password
|
||||
|
@ -227,6 +228,19 @@ can use one of the following commands:
|
|||
mmencode is part of the metamail software.
|
||||
MIME::Base64 is available from www.cpan.org.
|
||||
|
||||
Trouble shooting the SASL internals
|
||||
===================================
|
||||
|
||||
[based on text by Liviu Daia]
|
||||
|
||||
In the Cyrus SASL sources you'll find a subdirectory named "sample".
|
||||
Run make there, then run the resulting sample server and client in
|
||||
separate terminals. Strace / ktrace / truss the server to see what
|
||||
makes it unhappy, fix the problem, then write the authors thanking
|
||||
them for providing such useful logging. Repeat the previous step
|
||||
until you can successfully authenticate with the sample client.
|
||||
Only then get back to Postfix.
|
||||
|
||||
Enabling SASL authentication in the Postfix SMTP client
|
||||
=======================================================
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ Purpose of this software
|
|||
You can use the virtual delivery agent for mailbox delivery of some
|
||||
or all domains that are handled by a machine.
|
||||
|
||||
This mechanism is different from simulated virtual domains. Those
|
||||
This mechanism is different from virtual alias domains. Those
|
||||
are implemented by translating every recipient address into a
|
||||
different address. For that, see the virtual(5) manual page.
|
||||
|
||||
|
@ -24,12 +24,13 @@ It looks up the user mailbox location, uid and gid via separate
|
|||
maps, and the mailbox location map can specify either mailbox or
|
||||
maildir delivery (controlled by trailing slash on mailbox name).
|
||||
|
||||
The agent does not support user+foo address extensions, aliases or
|
||||
.forward files (use the virtual table instead), and therefore
|
||||
doesn't support file or program aliases. This choice was made to
|
||||
simplify and streamline the code (it allowed me to dispense with
|
||||
70% of local's code - mostly the bits that are a security headache)
|
||||
- if you need this functionality, this agent isn't for you.
|
||||
The agent allows but ignores user+foo address extensions, does not
|
||||
support aliases or .forward files (use the virtual table instead),
|
||||
and therefore doesn't support file or program aliases. This choice
|
||||
was made to simplify and streamline the code (it allowed me to
|
||||
dispense with 70% of local's code - mostly the bits that are a
|
||||
security headache) - if you need this functionality, this agent
|
||||
isn't for you.
|
||||
|
||||
It also doesn't support writing to a common spool as root and then
|
||||
chowning the mailbox to the user - I felt this functionality didn't
|
||||
|
@ -67,7 +68,7 @@ virtual_mailbox_domains
|
|||
|
||||
Specifies the list of domains that should be delivered to the
|
||||
$virtual_transport delivery agent (default: virtual). As of
|
||||
version 1.2, Postfix is smart enough that you don't have to
|
||||
version 2.0, Postfix is smart enough that you don't have to
|
||||
list every virtual domain in a Postfix transport map.
|
||||
|
||||
virtual_mailbox_maps
|
||||
|
@ -160,9 +161,9 @@ Example 1: using the virtual delivery agent for all local mail
|
|||
==============================================================
|
||||
|
||||
This example does not use the Postfix local delivery agent at all.
|
||||
With this configuration Postfix does no user+foo address extension,
|
||||
no alias expansion, no .forward file expansion, and no lookups of
|
||||
recipients in /etc/passwd.
|
||||
With this configuration Postfix does no alias expansion, no .forward
|
||||
file expansion, no lookups of recipients in /etc/passwd, and allows
|
||||
but ignores user+foo address extensions.
|
||||
|
||||
Instead of "hash" specify "dbm" or "btree", depending on your system
|
||||
type. The command "postconf -m" displays possible lookup table
|
||||
|
|
|
@ -24,6 +24,23 @@ snapshot release). Patches change the patchlevel and the release
|
|||
date. Snapshots change only the release date, unless they include
|
||||
the same bugfixes as a patch release.
|
||||
|
||||
Incompatible changes with Postfix version 2.0.8 (released 20030415)
|
||||
===================================================================
|
||||
|
||||
Too many people mess up their net/mask patterns, causing open
|
||||
mail relay problems. Postfix processes now abort when given a
|
||||
net/mask pattern with a non-zero host portion (for example,
|
||||
168.100.189.2/28), and suggest to specify the proper net/mask
|
||||
pattern instead (for example, 168.100.189.0/28).
|
||||
|
||||
Major changes with Postfix version 2.0.8 (released 20030415)
|
||||
============================================================
|
||||
|
||||
Workaround for file system clock drift that caused Postfix to ignore
|
||||
new mail (this could happen with file systems mounted from a server).
|
||||
Postfix now logs a warning and proceeds with only slightly reduced
|
||||
performance, instead of ignoring new mail.
|
||||
|
||||
Incompatible changes with Postfix version 2.0.6 (released 20030305)
|
||||
===================================================================
|
||||
|
||||
|
@ -193,7 +210,10 @@ more flexible "reject_rbl_client" feature instead.
|
|||
|
||||
[Obsolete 20021209] The "check_relay_domains" restriction is going
|
||||
away. The SMTP server logs a warning and suggests using the more
|
||||
robust "reject_unauth_destination" instead.
|
||||
robust "reject_unauth_destination" instead. This means that Postfix
|
||||
by default no longer grants relay permissions on the basis of the
|
||||
client hostname, and that relay clients must be authorized via
|
||||
other means such as permit_mynetworks.
|
||||
|
||||
[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
|
||||
is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
|
||||
|
@ -313,7 +333,7 @@ mail relay traffic from outbound traffic. This eliminates a problem
|
|||
where inbound mail deliveries could become resource starved in the
|
||||
presence of a high volume of outbound mail.
|
||||
|
||||
[Feature 20021013] The body_checks_max_size parameter limits the
|
||||
[Feature 20021013] The body_checks_size_limit parameter limits the
|
||||
amount of text per message body segment (or attachment, if you
|
||||
prefer to use that term) that is subjected to body_checks inspection.
|
||||
The default limit is 50 kbytes. This speeds up the processing of
|
||||
|
@ -466,7 +486,8 @@ or html/uce.html for details.
|
|||
IP address blacklisting. Based on code by LaMont Jones. The old
|
||||
"reject_maps_rbl" is now implemented as a wrapper around the
|
||||
reject_rbl_client code, and logs a warning that "reject_maps_rbl"
|
||||
is going away.
|
||||
is going away. To upgrade, specify "reject_rbl_client domainname"
|
||||
once for each domain name that is listed in maps_rbl_domains.
|
||||
|
||||
[Feature 20020923] "reject_rhsbl_sender rbl.domain.tld" for sender
|
||||
domain blacklisting. Also: reject_rhsbl_client and reject_rhsbl_recipient
|
||||
|
@ -724,7 +745,7 @@ mime_header_checks (for MIME headers), and nested_header_checks
|
|||
(for headers of attached email messages except MIME headers). By
|
||||
default, all headers are matched with header_checks.
|
||||
|
||||
[Feature 20021013] The body_checks_max_size parameter limits the
|
||||
[Feature 20021013] The body_checks_size_limit parameter limits the
|
||||
amount of text per message body segment (or attachment, if you
|
||||
prefer to use that term) that is subjected to body_checks inspection.
|
||||
The default limit is 50 kbytes. This speeds up the processing of
|
||||
|
|
|
@ -33,81 +33,86 @@
|
|||
# different way as described below.
|
||||
#
|
||||
# TABLE FORMAT
|
||||
# The format of the access table is as follows:
|
||||
# The input format for the postmap(1) command is as follows:
|
||||
#
|
||||
# pattern action
|
||||
# When pattern matches a mail address, domain or host
|
||||
# address, perform the corresponding action.
|
||||
#
|
||||
# blank lines and comments
|
||||
# Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# is a `#'.
|
||||
#
|
||||
# multi-line text
|
||||
# A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# cal line.
|
||||
#
|
||||
# EMAIL ADDRESS PATTERNS
|
||||
# With lookups from indexed files such as DB or DBM, or from
|
||||
# networked tables such as NIS, LDAP or SQL, the following
|
||||
# lookup patterns are examined in the order as listed:
|
||||
# networked tables such as NIS, LDAP or SQL, patterns are
|
||||
# tried in the order as listed below:
|
||||
#
|
||||
# user@domain
|
||||
# Matches the specified mail address.
|
||||
#
|
||||
# domain.tld
|
||||
# Matches domain.tld as the domain part of an email
|
||||
# Matches domain.tld as the domain part of an email
|
||||
# address.
|
||||
#
|
||||
# The pattern domain.tld also matches subdomains, but
|
||||
# only when the string smtpd_access_maps is listed in
|
||||
# the Postfix parent_domain_matches_subdomains con-
|
||||
# figuration setting. Otherwise, specify .domain.tld
|
||||
# (note the initial dot) in order to match subdo-
|
||||
# mains.
|
||||
#
|
||||
# user@ Matches all mail addresses with the specified user
|
||||
# part.
|
||||
#
|
||||
# Note: lookup of the null sender address is not possible
|
||||
# with some types of lookup table. By default, Postfix uses
|
||||
# <> as the lookup key for such addresses. The value is
|
||||
# specified with the smtpd_null_access_lookup_key parameter
|
||||
# in the Postfix main.cf file.
|
||||
#
|
||||
# ADDRESS EXTENSION
|
||||
# When a mail address localpart contains the optional recip-
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# becomes: user+foo@domain, user@domain, domain, user+foo@,
|
||||
# and user@.
|
||||
#
|
||||
# HOST NAME/ADDRESS PATTERNS
|
||||
# With lookups from indexed files such as DB or DBM, or from
|
||||
# networked tables such as NIS, LDAP or SQL, the following
|
||||
# lookup patterns are examined in the order as listed:
|
||||
#
|
||||
# domain.tld
|
||||
# Matches domain.tld.
|
||||
#
|
||||
# The pattern domain.tld also matches subdomains, but
|
||||
# only when the string smtpd_access_maps is listed in
|
||||
# the Postfix parent_domain_matches_subdomains con-
|
||||
# figuration setting. Otherwise, specify .domain.tld
|
||||
# (note the initial dot) in order to match subdo-
|
||||
# mains.
|
||||
#
|
||||
# user@ Matches all mail addresses with the specified user
|
||||
# part.
|
||||
#
|
||||
# Note: lookup of the null sender address is not possible
|
||||
# with some types of lookup table. By default, Postfix uses
|
||||
# <> as the lookup key for such addresses. The value is
|
||||
# specified with the smtpd_null_access_lookup_key parameter
|
||||
# in the Postfix main.cf file.
|
||||
#
|
||||
# ADDRESS EXTENSION
|
||||
# When a mail address localpart contains the optional recip-
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# becomes: user+foo@domain, user@domain, domain, user+foo@,
|
||||
# and user@.
|
||||
#
|
||||
# HOST NAME/ADDRESS PATTERNS
|
||||
# With lookups from indexed files such as DB or DBM, or from
|
||||
# networked tables such as NIS, LDAP or SQL, the following
|
||||
# lookup patterns are examined in the order as listed:
|
||||
#
|
||||
# domain.tld
|
||||
# Matches domain.tld.
|
||||
#
|
||||
# The pattern domain.tld also matches subdomains, but
|
||||
# only when the string smtpd_access_maps is listed in
|
||||
# the Postfix parent_domain_matches_subdomains con-
|
||||
# figuration setting. Otherwise, specify .domain.tld
|
||||
# (note the initial dot) in order to match subdo-
|
||||
# mains.
|
||||
#
|
||||
# net.work.addr.ess
|
||||
#
|
||||
# net.work.addr
|
||||
#
|
||||
# net.work
|
||||
#
|
||||
# net Matches any host address in the specified network.
|
||||
# A network address is a sequence of one or more
|
||||
# net Matches any host address in the specified network.
|
||||
# A network address is a sequence of one or more
|
||||
# octets separated by ".".
|
||||
#
|
||||
# Note: CIDR notation (network/netmask) is not sup-
|
||||
# ported with lookups from indexed files such as DB
|
||||
# or DBM, or from networked tables such as NIS, LDAP
|
||||
# or SQL.
|
||||
#
|
||||
# ACTIONS
|
||||
# [45]NN text
|
||||
# Reject the address etc. that matches the pattern,
|
||||
|
|
|
@ -48,84 +48,84 @@
|
|||
# aliasing. Use the aliases(5) map for that purpose.
|
||||
#
|
||||
# TABLE FORMAT
|
||||
# The format of the canonical table is as follows:
|
||||
# The input format for the postmap(1) command is as follows:
|
||||
#
|
||||
# pattern result
|
||||
# When pattern matches a mail address, replace it by
|
||||
# When pattern matches a mail address, replace it by
|
||||
# the corresponding result.
|
||||
#
|
||||
# blank lines and comments
|
||||
# Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# is a `#'.
|
||||
#
|
||||
# multi-line text
|
||||
# A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# cal line.
|
||||
#
|
||||
# With lookups from indexed files such as DB or DBM, or from
|
||||
# networked tables such as NIS, LDAP or SQL, patterns are
|
||||
# networked tables such as NIS, LDAP or SQL, patterns are
|
||||
# tried in the order as listed below:
|
||||
#
|
||||
# user@domain address
|
||||
# user@domain is replaced by address. This form has
|
||||
# user@domain is replaced by address. This form has
|
||||
# the highest precedence.
|
||||
#
|
||||
# This is useful to clean up addresses produced by
|
||||
# legacy mail systems. It can also be used to pro-
|
||||
# duce Firstname.Lastname style addresses, but see
|
||||
# This is useful to clean up addresses produced by
|
||||
# legacy mail systems. It can also be used to pro-
|
||||
# duce Firstname.Lastname style addresses, but see
|
||||
# below for a simpler solution.
|
||||
#
|
||||
# user address
|
||||
# user@site is replaced by address when site is equal
|
||||
# to $myorigin, when site is listed in $mydestina-
|
||||
# to $myorigin, when site is listed in $mydestina-
|
||||
# tion, or when it is listed in $inet_interfaces.
|
||||
#
|
||||
# This form is useful for replacing login names by
|
||||
# This form is useful for replacing login names by
|
||||
# Firstname.Lastname.
|
||||
#
|
||||
# @domain address
|
||||
# Every address in domain is replaced by address.
|
||||
# Every address in domain is replaced by address.
|
||||
# This form has the lowest precedence.
|
||||
#
|
||||
# In all the above forms, when address has the form @other-
|
||||
# In all the above forms, when address has the form @other-
|
||||
# domain, the result is the same user in otherdomain.
|
||||
#
|
||||
# ADDRESS EXTENSION
|
||||
# When a mail address localpart contains the optional recip-
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# becomes: user+foo@domain, user@domain, user+foo, user, and
|
||||
# @domain. An unmatched address extension (+foo) is propa-
|
||||
# @domain. An unmatched address extension (+foo) is propa-
|
||||
# gated to the result of table lookup.
|
||||
#
|
||||
# REGULAR EXPRESSION TABLES
|
||||
# This section describes how the table lookups change when
|
||||
# This section describes how the table lookups change when
|
||||
# the table is given in the form of regular expressions. For
|
||||
# a description of regular expression lookup table syntax,
|
||||
# a description of regular expression lookup table syntax,
|
||||
# see regexp_table(5) or pcre_table(5).
|
||||
#
|
||||
# Each pattern is a regular expression that is applied to
|
||||
# Each pattern is a regular expression that is applied to
|
||||
# the entire address being looked up. Thus, user@domain mail
|
||||
# addresses are not broken up into their user and @domain
|
||||
# addresses are not broken up into their user and @domain
|
||||
# constituent parts, nor is user+foo broken up into user and
|
||||
# foo.
|
||||
#
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# string.
|
||||
#
|
||||
# Results are the same as with indexed file lookups, with
|
||||
# the additional feature that parenthesized substrings from
|
||||
# Results are the same as with indexed file lookups, with
|
||||
# the additional feature that parenthesized substrings from
|
||||
# the pattern can be interpolated as $1, $2 and so on.
|
||||
#
|
||||
# BUGS
|
||||
# The table format does not understand quoting conventions.
|
||||
# The table format does not understand quoting conventions.
|
||||
#
|
||||
# CONFIGURATION PARAMETERS
|
||||
# The following main.cf parameters are especially relevant
|
||||
# to this topic. See the Postfix main.cf file for syntax
|
||||
# details and for default values. Use the postfix reload
|
||||
# The following main.cf parameters are especially relevant
|
||||
# to this topic. See the Postfix main.cf file for syntax
|
||||
# details and for default values. Use the postfix reload
|
||||
# command after a configuration change.
|
||||
#
|
||||
# canonical_maps
|
||||
|
@ -142,25 +142,25 @@
|
|||
# Other parameters of interest:
|
||||
#
|
||||
# inet_interfaces
|
||||
# The network interface addresses that this system
|
||||
# The network interface addresses that this system
|
||||
# receives mail on. You need to stop and start Post-
|
||||
# fix when this parameter changes.
|
||||
#
|
||||
# masquerade_classes
|
||||
# List of address classes subject to masquerading:
|
||||
# zero or more of envelope_sender, envelope_recipi-
|
||||
# List of address classes subject to masquerading:
|
||||
# zero or more of envelope_sender, envelope_recipi-
|
||||
# ent, header_sender, header_recipient.
|
||||
#
|
||||
# masquerade_domains
|
||||
# List of domains that hide their subdomain struc-
|
||||
# List of domains that hide their subdomain struc-
|
||||
# ture.
|
||||
#
|
||||
# masquerade_exceptions
|
||||
# List of user names that are not subject to address
|
||||
# List of user names that are not subject to address
|
||||
# masquerading.
|
||||
#
|
||||
# mydestination
|
||||
# List of domains that this mail system considers
|
||||
# List of domains that this mail system considers
|
||||
# local.
|
||||
#
|
||||
# myorigin
|
||||
|
@ -178,7 +178,7 @@
|
|||
# regexp_table(5) format of POSIX regular expression tables
|
||||
#
|
||||
# LICENSE
|
||||
# The Secure Mailer license must be distributed with this
|
||||
# The Secure Mailer license must be distributed with this
|
||||
# software.
|
||||
#
|
||||
# AUTHOR(S)
|
||||
|
|
|
@ -40,102 +40,105 @@
|
|||
#
|
||||
# if /pattern/flags
|
||||
#
|
||||
# endif Examine the lines between if..endif only if pattern
|
||||
# matches. The if..endif can nest. Do not prepend
|
||||
# whitespace to patterns inside if..endif.
|
||||
# endif Match the search string against the patterns
|
||||
# between if and endif, if and only if the search
|
||||
# string matches pattern. The if..endif can nest.
|
||||
#
|
||||
# Note: do not prepend whitespace to patterns inside
|
||||
# if..endif.
|
||||
#
|
||||
# Each pattern is a perl-like regular expression. The
|
||||
# expression delimiter can be any character, except whites-
|
||||
# pace or characters that have special meaning (tradition-
|
||||
# ally the forward slash is used). The regular expression
|
||||
# expression delimiter can be any character, except whites-
|
||||
# pace or characters that have special meaning (tradition-
|
||||
# ally the forward slash is used). The regular expression
|
||||
# can contain whitespace.
|
||||
#
|
||||
# By default, matching is case-insensitive, and newlines are
|
||||
# not treated as special characters. The behavior is con-
|
||||
# trolled by flags, which are toggled by appending one or
|
||||
# not treated as special characters. The behavior is con-
|
||||
# trolled by flags, which are toggled by appending one or
|
||||
# more of the following characters after the pattern:
|
||||
#
|
||||
# i (default: on)
|
||||
# Toggles the case sensitivity flag. By default,
|
||||
# Toggles the case sensitivity flag. By default,
|
||||
# matching is case insensitive.
|
||||
#
|
||||
# m (default: off)
|
||||
# Toggles the PCRE_MULTILINE flag. When this flag is
|
||||
# on, the ^ and $ metacharacters match immediately
|
||||
# after and immediately before a newline character,
|
||||
# respectively, in addition to matching at the start
|
||||
# Toggles the PCRE_MULTILINE flag. When this flag is
|
||||
# on, the ^ and $ metacharacters match immediately
|
||||
# after and immediately before a newline character,
|
||||
# respectively, in addition to matching at the start
|
||||
# and end of the subject string.
|
||||
#
|
||||
# s (default: on)
|
||||
# Toggles the PCRE_DOTALL flag. When this flag is on,
|
||||
# the . metacharacter matches the newline character.
|
||||
# With Postfix versions prior to 20020528, The flag
|
||||
# With Postfix versions prior to 20020528, The flag
|
||||
# is off by default, which is inconvenient for multi-
|
||||
# line message header matching.
|
||||
#
|
||||
# x (default: off)
|
||||
# Toggles the pcre extended flag. When this flag is
|
||||
# on, whitespace in the pattern (other than in a
|
||||
# Toggles the pcre extended flag. When this flag is
|
||||
# on, whitespace in the pattern (other than in a
|
||||
# character class) and characters between a # outside
|
||||
# a character class and the next newline character
|
||||
# are ignored. An escaping backslash can be used to
|
||||
# include a whitespace or # character as part of the
|
||||
# a character class and the next newline character
|
||||
# are ignored. An escaping backslash can be used to
|
||||
# include a whitespace or # character as part of the
|
||||
# pattern.
|
||||
#
|
||||
# A (default: off)
|
||||
# Toggles the PCRE_ANCHORED flag. When this flag is
|
||||
# on, the pattern is forced to be "anchored", that
|
||||
# Toggles the PCRE_ANCHORED flag. When this flag is
|
||||
# on, the pattern is forced to be "anchored", that
|
||||
# is, it is constrained to match only at the start of
|
||||
# the string which is being searched (the "subject
|
||||
# string"). This effect can also be achieved by
|
||||
# the string which is being searched (the "subject
|
||||
# string"). This effect can also be achieved by
|
||||
# appropriate constructs in the pattern itself.
|
||||
#
|
||||
# E (default: off)
|
||||
# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
|
||||
# flag is on, a $ metacharacter in the pattern
|
||||
# matches only at the end of the subject string.
|
||||
# Without this flag, a dollar also matches immedi-
|
||||
# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
|
||||
# flag is on, a $ metacharacter in the pattern
|
||||
# matches only at the end of the subject string.
|
||||
# Without this flag, a dollar also matches immedi-
|
||||
# ately before the final character if it is a newline
|
||||
# character (but not before any other newline charac-
|
||||
# ters). This flag is ignored if PCRE_MULTILINE flag
|
||||
# ters). This flag is ignored if PCRE_MULTILINE flag
|
||||
# is set.
|
||||
#
|
||||
# U (default: off)
|
||||
# Toggles the ungreedy matching flag. When this flag
|
||||
# is on, the pattern matching engine inverts the
|
||||
# "greediness" of the quantifiers so that they are
|
||||
# not greedy by default, but become greedy if fol-
|
||||
# lowed by "?". This flag can also set by a (?U)
|
||||
# is on, the pattern matching engine inverts the
|
||||
# "greediness" of the quantifiers so that they are
|
||||
# not greedy by default, but become greedy if fol-
|
||||
# lowed by "?". This flag can also set by a (?U)
|
||||
# modifier within the pattern.
|
||||
#
|
||||
# X (default: off)
|
||||
# Toggles the PCRE_EXTRA flag. When this flag is on,
|
||||
# any backslash in a pattern that is followed by a
|
||||
# any backslash in a pattern that is followed by a
|
||||
# letter that has no special meaning causes an error,
|
||||
# thus reserving these combinations for future expan-
|
||||
# sion.
|
||||
#
|
||||
# Each pattern is applied to the entire lookup key string.
|
||||
# Depending on the application, that string is an entire
|
||||
# Each pattern is applied to the entire lookup key string.
|
||||
# Depending on the application, that string is an entire
|
||||
# client hostname, an entire client IP address, or an entire
|
||||
# mail address. Thus, no parent domain or parent network
|
||||
# search is done, and user@domain mail addresses are not
|
||||
# broken up into their user and domain constituent parts,
|
||||
# mail address. Thus, no parent domain or parent network
|
||||
# search is done, and user@domain mail addresses are not
|
||||
# broken up into their user and domain constituent parts,
|
||||
# nor is user+foo broken up into user and foo.
|
||||
#
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# string.
|
||||
#
|
||||
# Substitution of substrings from the matched expression
|
||||
# into the result string is possible using the conventional
|
||||
# perl syntax ($1, $2, etc.). The macros in the result
|
||||
# string may need to be written as ${n} or $(n) if they
|
||||
# Substitution of substrings from the matched expression
|
||||
# into the result string is possible using the conventional
|
||||
# perl syntax ($1, $2, etc.). The macros in the result
|
||||
# string may need to be written as ${n} or $(n) if they
|
||||
# aren't followed by whitespace.
|
||||
#
|
||||
# EXAMPLE SMTPD ACCESS MAP
|
||||
# # Protect your outgoing majordomo exploders
|
||||
# /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
|
||||
# /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
|
||||
#
|
||||
# # Bounce friend@whatever, except when whatever is our domain (you would
|
||||
# # be better just bouncing all friend@ mail - this is just an example).
|
||||
|
|
|
@ -181,7 +181,7 @@ check)
|
|||
|
||||
find $command_directory/postqueue $command_directory/postdrop \
|
||||
-prune ! -perm -02111 \
|
||||
-exec $WARN not set-gid: {} \;
|
||||
-exec $WARN not set-gid or not owner+group+world executable: {} \;
|
||||
|
||||
for name in `ls -d $queue_directory/* | \
|
||||
egrep '/(bin|etc|lib|usr)$'` ; \
|
||||
|
@ -200,8 +200,10 @@ check)
|
|||
do
|
||||
test -d $dir && find $dir -type f -print | while read path
|
||||
do
|
||||
cmp -s $path /$path ||
|
||||
$WARN $queue_directory/$path and /$path differ
|
||||
test -f /$path && {
|
||||
cmp -s $path /$path ||
|
||||
$WARN $queue_directory/$path and /$path differ
|
||||
}
|
||||
done
|
||||
done
|
||||
|
||||
|
|
|
@ -44,37 +44,40 @@
|
|||
#
|
||||
# if !/pattern/flags
|
||||
#
|
||||
# endif Examine the lines between if..endif only if pattern
|
||||
# matches (does not match). The if..endif can nest.
|
||||
# Do not prepend whitespace to patterns inside
|
||||
# endif Match the search string against the patterns
|
||||
# between if and endif, if and only if the search
|
||||
# string matches (does not match) pattern. The
|
||||
# if..endif can nest.
|
||||
#
|
||||
# Note: do not prepend whitespace to patterns inside
|
||||
# if..endif.
|
||||
#
|
||||
# Each pattern is a regular expression enclosed by a pair of
|
||||
# delimiters. The regular expression syntax is described in
|
||||
# re_format(7). The expression delimiter can be any charac-
|
||||
# ter, except whitespace or characters that have special
|
||||
# meaning (traditionally the forward slash is used). The
|
||||
# ter, except whitespace or characters that have special
|
||||
# meaning (traditionally the forward slash is used). The
|
||||
# regular expression can contain whitespace.
|
||||
#
|
||||
# By default, matching is case-insensitive, although follow-
|
||||
# ing the second slash with an `i' flag will reverse this.
|
||||
# Other flags are `x' (disable extended expression syntax),
|
||||
# and `m' (enable multi-line mode, that is, treat newline
|
||||
# ing the second slash with an `i' flag will reverse this.
|
||||
# Other flags are `x' (disable extended expression syntax),
|
||||
# and `m' (enable multi-line mode, that is, treat newline
|
||||
# characters as special).
|
||||
#
|
||||
# Each pattern is applied to the entire lookup key string.
|
||||
# Depending on the application, that string is an entire
|
||||
# Each pattern is applied to the entire lookup key string.
|
||||
# Depending on the application, that string is an entire
|
||||
# client hostname, an entire client IP address, or an entire
|
||||
# mail address. Thus, no parent domain or parent network
|
||||
# search is done, and user@domain mail addresses are not
|
||||
# broken up into their user and domain constituent parts,
|
||||
# mail address. Thus, no parent domain or parent network
|
||||
# search is done, and user@domain mail addresses are not
|
||||
# broken up into their user and domain constituent parts,
|
||||
# nor is user+foo broken up into user and foo.
|
||||
#
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# string.
|
||||
#
|
||||
# Substitution of substrings from the matched expression
|
||||
# Substitution of substrings from the matched expression
|
||||
# into the result string is possible using $1, $2, etc.. The
|
||||
# macros in the result string may need to be written as ${n}
|
||||
# or $(n) if they aren't followed by whitespace.
|
||||
|
|
|
@ -30,28 +30,28 @@
|
|||
# Table lookups are case insensitive.
|
||||
#
|
||||
# TABLE FORMAT
|
||||
# The format of the table is as follows:
|
||||
# The input format for the postmap(1) command is as follows:
|
||||
#
|
||||
# o An entry has one of the following form:
|
||||
# key new_location
|
||||
# Where new_location specifies contact information
|
||||
# such as an email address, or perhaps a street
|
||||
# pattern new_location
|
||||
# Where new_location specifies contact information
|
||||
# such as an email address, or perhaps a street
|
||||
# address or telephone number.
|
||||
#
|
||||
# o Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# o Empty lines and whitespace-only lines are ignored,
|
||||
# as are lines whose first non-whitespace character
|
||||
# is a `#'.
|
||||
#
|
||||
# o A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# o A logical line starts with non-whitespace text. A
|
||||
# line that starts with whitespace continues a logi-
|
||||
# cal line.
|
||||
#
|
||||
# With lookups from indexed files such as DB or DBM, or from
|
||||
# networked tables such as NIS, LDAP or SQL, the key field
|
||||
# is one of the following:
|
||||
# networked tables such as NIS, LDAP or SQL, patterns are
|
||||
# tried in the order as listed below:
|
||||
#
|
||||
# user@domain
|
||||
# Matches user@domain. This form has precedence over
|
||||
# Matches user@domain. This form has precedence over
|
||||
# all other forms.
|
||||
#
|
||||
# user Matches user@site when site is $myorigin, when site
|
||||
|
@ -59,42 +59,42 @@
|
|||
# in $inet_interfaces.
|
||||
#
|
||||
# @domain
|
||||
# Matches every address in domain. This form has the
|
||||
# Matches every address in domain. This form has the
|
||||
# lowest precedence.
|
||||
#
|
||||
# ADDRESS EXTENSION
|
||||
# When a mail address localpart contains the optional recip-
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# ient delimiter (e.g., user+foo@domain), the lookup order
|
||||
# becomes: user+foo@domain, user@domain, user+foo, user, and
|
||||
# @domain.
|
||||
#
|
||||
# REGULAR EXPRESSION TABLES
|
||||
# This section describes how the table lookups change when
|
||||
# This section describes how the table lookups change when
|
||||
# the table is given in the form of regular expressions. For
|
||||
# a description of regular expression lookup table syntax,
|
||||
# a description of regular expression lookup table syntax,
|
||||
# see regexp_table(5) or pcre_table(5).
|
||||
#
|
||||
# Each pattern is a regular expression that is applied to
|
||||
# Each pattern is a regular expression that is applied to
|
||||
# the entire address being looked up. Thus, user@domain mail
|
||||
# addresses are not broken up into their user and @domain
|
||||
# addresses are not broken up into their user and @domain
|
||||
# constituent parts, nor is user+foo broken up into user and
|
||||
# foo.
|
||||
#
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# Patterns are applied in the order as specified in the
|
||||
# table, until a pattern is found that matches the search
|
||||
# string.
|
||||
#
|
||||
# Results are the same as with indexed file lookups, with
|
||||
# the additional feature that parenthesized substrings from
|
||||
# Results are the same as with indexed file lookups, with
|
||||
# the additional feature that parenthesized substrings from
|
||||
# the pattern can be interpolated as $1, $2 and so on.
|
||||
#
|
||||
# BUGS
|
||||
# The table format does not understand quoting conventions.
|
||||
# The table format does not understand quoting conventions.
|
||||
#
|
||||
# CONFIGURATION PARAMETERS
|
||||
# The following main.cf parameters are especially relevant
|
||||
# to this topic. See the Postfix main.cf file for syntax
|
||||
# details and for default values. Use the postfix reload
|
||||
# The following main.cf parameters are especially relevant
|
||||
# to this topic. See the Postfix main.cf file for syntax
|
||||
# details and for default values. Use the postfix reload
|
||||
# command after a configuration change.
|
||||
#
|
||||
# relocated_maps
|
||||
|
@ -103,12 +103,12 @@
|
|||
# Other parameters of interest:
|
||||
#
|
||||
# inet_interfaces
|
||||
# The network interface addresses that this system
|
||||
# The network interface addresses that this system
|
||||
# receives mail on. You need to stop and start Post-
|
||||
# fix when this parameter changes.
|
||||
#
|
||||
# mydestination
|
||||
# List of domains that this mail system considers
|
||||
# List of domains that this mail system considers
|
||||
# local.
|
||||
#
|
||||
# myorigin
|
||||
|
@ -120,7 +120,7 @@
|
|||
# regexp_table(5) format of POSIX regular expression tables
|
||||
#
|
||||
# LICENSE
|
||||
# The Secure Mailer license must be distributed with this
|
||||
# The Secure Mailer license must be distributed with this
|
||||
# software.
|
||||
#
|
||||
# AUTHOR(S)
|
||||
|
|
|
@ -16,25 +16,44 @@
|
|||
# relay hosts. The mapping is used by the trivial-rewrite(8)
|
||||
# daemon.
|
||||
#
|
||||
# Normally, the transport table is specified as a text file
|
||||
# that serves as input to the postmap(1) command. The
|
||||
# result, an indexed file in dbm or db format, is used for
|
||||
# fast searching by the mail system. Execute the command
|
||||
# postmap /etc/postfix/transport in order to rebuild the
|
||||
# This mapping overrides the default routing that is built
|
||||
# into Postfix:
|
||||
#
|
||||
# mydestination
|
||||
# A list of domains that is by default delivered via
|
||||
# $local_transport.
|
||||
#
|
||||
# virtual_mailbox_domains
|
||||
# A list of domains that is by default delivered via
|
||||
# $virtual_transport.
|
||||
#
|
||||
# relay_domains
|
||||
# A list of domains that is by default delivered via
|
||||
# $relay_transport.
|
||||
#
|
||||
# any other destination
|
||||
# Mail for any other destination is by default deliv-
|
||||
# ered via $default_transport.
|
||||
#
|
||||
# Normally, the transport table is specified as a text file
|
||||
# that serves as input to the postmap(1) command. The
|
||||
# result, an indexed file in dbm or db format, is used for
|
||||
# fast searching by the mail system. Execute the command
|
||||
# postmap /etc/postfix/transport in order to rebuild the
|
||||
# indexed file after changing the transport table.
|
||||
#
|
||||
# When the table is provided via other means such as NIS,
|
||||
# LDAP or SQL, the same lookups are done as for ordinary
|
||||
# When the table is provided via other means such as NIS,
|
||||
# LDAP or SQL, the same lookups are done as for ordinary
|
||||
# indexed files.
|
||||
#
|
||||
# Alternatively, the table can be provided as a regular-
|
||||
# Alternatively, the table can be provided as a regular-
|
||||
# expression map where patterns are given as regular expres-
|
||||
# sions. In that case, the lookups are done in a slightly
|
||||
# different way as described in section "REGULAR EXPRESSION
|
||||
# sions. In that case, the lookups are done in a slightly
|
||||
# different way as described in section "REGULAR EXPRESSION
|
||||
# TABLES".
|
||||
#
|
||||
# TABLE FORMAT
|
||||
# The format of the transport table is as follows:
|
||||
# The input format for the postmap(1) command is as follows:
|
||||
#
|
||||
# pattern result
|
||||
# When pattern matches the recipient address or
|
||||
|
|
|
@ -53,8 +53,7 @@
|
|||
# different way as described below.
|
||||
#
|
||||
# TABLE FORMAT
|
||||
# The format of the virtual table is as follows, mappings
|
||||
# being tried in the order as listed in this manual page:
|
||||
# The input format for the postmap(1) command is as follows:
|
||||
#
|
||||
# pattern result
|
||||
# When pattern matches a mail address, replace it by
|
||||
|
|
|
@ -34,64 +34,34 @@ ACCESS(5) ACCESS(5)
|
|||
different way as described below.
|
||||
|
||||
<b>TABLE</b> <b>FORMAT</b>
|
||||
The format of the access table is as follows:
|
||||
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
|
||||
|
||||
<i>pattern</i> <i>action</i>
|
||||
When <i>pattern</i> matches a mail address, domain or host
|
||||
address, perform the corresponding <i>action</i>.
|
||||
|
||||
blank lines and comments
|
||||
Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
is a `#'.
|
||||
|
||||
multi-line text
|
||||
A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
cal line.
|
||||
|
||||
<b>EMAIL</b> <b>ADDRESS</b> <b>PATTERNS</b>
|
||||
With lookups from indexed files such as DB or DBM, or from
|
||||
networked tables such as NIS, LDAP or SQL, the following
|
||||
lookup patterns are examined in the order as listed:
|
||||
networked tables such as NIS, LDAP or SQL, patterns are
|
||||
tried in the order as listed below:
|
||||
|
||||
<i>user</i>@<i>domain</i>
|
||||
Matches the specified mail address.
|
||||
|
||||
<i>domain.tld</i>
|
||||
Matches <i>domain.tld</i> as the domain part of an email
|
||||
Matches <i>domain.tld</i> as the domain part of an email
|
||||
address.
|
||||
|
||||
The pattern <i>domain.tld</i> also matches subdomains, but
|
||||
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
|
||||
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
|
||||
figuration setting. Otherwise, specify <i>.domain.tld</i>
|
||||
(note the initial dot) in order to match subdo-
|
||||
mains.
|
||||
|
||||
<i>user</i>@ Matches all mail addresses with the specified user
|
||||
part.
|
||||
|
||||
Note: lookup of the null sender address is not possible
|
||||
with some types of lookup table. By default, Postfix uses
|
||||
<> as the lookup key for such addresses. The value is
|
||||
specified with the <b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b> parameter
|
||||
in the Postfix <b>main.cf</b> file.
|
||||
|
||||
<b>ADDRESS</b> <b>EXTENSION</b>
|
||||
When a mail address localpart contains the optional recip-
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
|
||||
and <i>user</i>@.
|
||||
|
||||
<b>HOST</b> <b>NAME/ADDRESS</b> <b>PATTERNS</b>
|
||||
With lookups from indexed files such as DB or DBM, or from
|
||||
networked tables such as NIS, LDAP or SQL, the following
|
||||
lookup patterns are examined in the order as listed:
|
||||
|
||||
<i>domain.tld</i>
|
||||
Matches <i>domain.tld</i>.
|
||||
|
||||
The pattern <i>domain.tld</i> also matches subdomains, but
|
||||
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
|
||||
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
|
||||
|
@ -99,16 +69,51 @@ ACCESS(5) ACCESS(5)
|
|||
(note the initial dot) in order to match subdo-
|
||||
mains.
|
||||
|
||||
<i>user</i>@ Matches all mail addresses with the specified user
|
||||
part.
|
||||
|
||||
Note: lookup of the null sender address is not possible
|
||||
with some types of lookup table. By default, Postfix uses
|
||||
<> as the lookup key for such addresses. The value is
|
||||
specified with the <b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b> parameter
|
||||
in the Postfix <b>main.cf</b> file.
|
||||
|
||||
<b>ADDRESS</b> <b>EXTENSION</b>
|
||||
When a mail address localpart contains the optional recip-
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
|
||||
and <i>user</i>@.
|
||||
|
||||
<b>HOST</b> <b>NAME/ADDRESS</b> <b>PATTERNS</b>
|
||||
With lookups from indexed files such as DB or DBM, or from
|
||||
networked tables such as NIS, LDAP or SQL, the following
|
||||
lookup patterns are examined in the order as listed:
|
||||
|
||||
<i>domain.tld</i>
|
||||
Matches <i>domain.tld</i>.
|
||||
|
||||
The pattern <i>domain.tld</i> also matches subdomains, but
|
||||
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
|
||||
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
|
||||
figuration setting. Otherwise, specify <i>.domain.tld</i>
|
||||
(note the initial dot) in order to match subdo-
|
||||
mains.
|
||||
|
||||
<i>net.work.addr.ess</i>
|
||||
|
||||
<i>net.work.addr</i>
|
||||
|
||||
<i>net.work</i>
|
||||
|
||||
<i>net</i> Matches any host address in the specified network.
|
||||
A network address is a sequence of one or more
|
||||
<i>net</i> Matches any host address in the specified network.
|
||||
A network address is a sequence of one or more
|
||||
octets separated by ".".
|
||||
|
||||
Note: CIDR notation (network/netmask) is not sup-
|
||||
ported with lookups from indexed files such as DB
|
||||
or DBM, or from networked tables such as NIS, LDAP
|
||||
or SQL.
|
||||
|
||||
<b>ACTIONS</b>
|
||||
[<b>45</b>]<i>NN</i> <i>text</i>
|
||||
Reject the address etc. that matches the pattern,
|
||||
|
|
|
@ -355,9 +355,10 @@ top-level domain).
|
|||
<a name="mynetworks"> <h2> My own networks </h2> </a>
|
||||
|
||||
The <b>mynetworks</b> parameter lists all networks that this machine
|
||||
somehow trusts. This information can be used by the <a href="uce.html">
|
||||
anti-UCE</a> features to recognize trusted SMTP clients that are
|
||||
allowed to relay mail through Postfix.
|
||||
somehow trusts. This information can be used by the <a
|
||||
href="uce.html#smtpd_recipient_restrictions"> anti-UCE</a> features
|
||||
to recognize trusted SMTP clients that are allowed to relay mail
|
||||
through Postfix.
|
||||
|
||||
<p>
|
||||
|
||||
|
|
|
@ -49,84 +49,84 @@ CANONICAL(5) CANONICAL(5)
|
|||
aliasing. Use the <a href="aliases.5.html"><b>aliases</b>(5)</a> map for that purpose.
|
||||
|
||||
<b>TABLE</b> <b>FORMAT</b>
|
||||
The format of the <b>canonical</b> table is as follows:
|
||||
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
|
||||
|
||||
<i>pattern</i> <i>result</i>
|
||||
When <i>pattern</i> matches a mail address, replace it by
|
||||
When <i>pattern</i> matches a mail address, replace it by
|
||||
the corresponding <i>result</i>.
|
||||
|
||||
blank lines and comments
|
||||
Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
is a `#'.
|
||||
|
||||
multi-line text
|
||||
A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
cal line.
|
||||
|
||||
With lookups from indexed files such as DB or DBM, or from
|
||||
networked tables such as NIS, LDAP or SQL, patterns are
|
||||
networked tables such as NIS, LDAP or SQL, patterns are
|
||||
tried in the order as listed below:
|
||||
|
||||
<i>user</i>@<i>domain</i> <i>address</i>
|
||||
<i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
|
||||
<i>user</i>@<i>domain</i> is replaced by <i>address</i>. This form has
|
||||
the highest precedence.
|
||||
|
||||
This is useful to clean up addresses produced by
|
||||
legacy mail systems. It can also be used to pro-
|
||||
duce <i>Firstname.Lastname</i> style addresses, but see
|
||||
This is useful to clean up addresses produced by
|
||||
legacy mail systems. It can also be used to pro-
|
||||
duce <i>Firstname.Lastname</i> style addresses, but see
|
||||
below for a simpler solution.
|
||||
|
||||
<i>user</i> <i>address</i>
|
||||
<i>user</i>@<i>site</i> is replaced by <i>address</i> when <i>site</i> is equal
|
||||
to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
|
||||
to $<b>myorigin</b>, when <i>site</i> is listed in $<b>mydestina-</b>
|
||||
<b>tion</b>, or when it is listed in $<b>inet</b><i>_</i><b>interfaces</b>.
|
||||
|
||||
This form is useful for replacing login names by
|
||||
This form is useful for replacing login names by
|
||||
<i>Firstname.Lastname</i>.
|
||||
|
||||
@<i>domain</i> <i>address</i>
|
||||
Every address in <i>domain</i> is replaced by <i>address</i>.
|
||||
Every address in <i>domain</i> is replaced by <i>address</i>.
|
||||
This form has the lowest precedence.
|
||||
|
||||
In all the above forms, when <i>address</i> has the form @<i>other-</i>
|
||||
In all the above forms, when <i>address</i> has the form @<i>other-</i>
|
||||
<i>domain</i>, the result is the same user in <i>otherdomain</i>.
|
||||
|
||||
<b>ADDRESS</b> <b>EXTENSION</b>
|
||||
When a mail address localpart contains the optional recip-
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
|
||||
@<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
|
||||
@<i>domain</i>. An unmatched address extension (<i>+foo</i>) is propa-
|
||||
gated to the result of table lookup.
|
||||
|
||||
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
|
||||
This section describes how the table lookups change when
|
||||
This section describes how the table lookups change when
|
||||
the table is given in the form of regular expressions. For
|
||||
a description of regular expression lookup table syntax,
|
||||
a description of regular expression lookup table syntax,
|
||||
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
|
||||
|
||||
Each pattern is a regular expression that is applied to
|
||||
Each pattern is a regular expression that is applied to
|
||||
the entire address being looked up. Thus, <i>user@domain</i> mail
|
||||
addresses are not broken up into their <i>user</i> and <i>@domain</i>
|
||||
addresses are not broken up into their <i>user</i> and <i>@domain</i>
|
||||
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
|
||||
<i>foo</i>.
|
||||
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
string.
|
||||
|
||||
Results are the same as with indexed file lookups, with
|
||||
the additional feature that parenthesized substrings from
|
||||
Results are the same as with indexed file lookups, with
|
||||
the additional feature that parenthesized substrings from
|
||||
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
|
||||
|
||||
<b>BUGS</b>
|
||||
The table format does not understand quoting conventions.
|
||||
The table format does not understand quoting conventions.
|
||||
|
||||
<b>CONFIGURATION</b> <b>PARAMETERS</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this topic. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this topic. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
command after a configuration change.
|
||||
|
||||
<b>canonical</b><i>_</i><b>maps</b>
|
||||
|
@ -143,25 +143,25 @@ CANONICAL(5) CANONICAL(5)
|
|||
Other parameters of interest:
|
||||
|
||||
<b>inet</b><i>_</i><b>interfaces</b>
|
||||
The network interface addresses that this system
|
||||
The network interface addresses that this system
|
||||
receives mail on. You need to stop and start Post-
|
||||
fix when this parameter changes.
|
||||
|
||||
<b>masquerade</b><i>_</i><b>classes</b>
|
||||
List of address classes subject to masquerading:
|
||||
zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
|
||||
List of address classes subject to masquerading:
|
||||
zero or more of <b>envelope</b><i>_</i><b>sender</b>, <b>envelope</b><i>_</i><b>recipi-</b>
|
||||
<b>ent</b>, <b>header</b><i>_</i><b>sender</b>, <b>header</b><i>_</i><b>recipient</b>.
|
||||
|
||||
<b>masquerade</b><i>_</i><b>domains</b>
|
||||
List of domains that hide their subdomain struc-
|
||||
List of domains that hide their subdomain struc-
|
||||
ture.
|
||||
|
||||
<b>masquerade</b><i>_</i><b>exceptions</b>
|
||||
List of user names that are not subject to address
|
||||
List of user names that are not subject to address
|
||||
masquerading.
|
||||
|
||||
<b>mydestination</b>
|
||||
List of domains that this mail system considers
|
||||
List of domains that this mail system considers
|
||||
local.
|
||||
|
||||
<b>myorigin</b>
|
||||
|
@ -179,7 +179,7 @@ CANONICAL(5) CANONICAL(5)
|
|||
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -133,7 +133,7 @@ CLEANUP(8) CLEANUP(8)
|
|||
ple, bounces from qmail or from old versions of
|
||||
Postfix).
|
||||
|
||||
<b>strict</b><i>_</i><b>mime</b><i>_</i><b>domain</b><i>_</i><b>encoding</b>
|
||||
<b>strict</b><i>_</i><b>mime</b><i>_</i><b>encoding</b><i>_</i><b>domain</b>
|
||||
Reject mail with invalid <b>Content-Transfer-Encoding:</b>
|
||||
information for message/* or multipart/*. This
|
||||
blocks mail from poorly written software.
|
||||
|
@ -196,8 +196,8 @@ CLEANUP(8) CLEANUP(8)
|
|||
a message header.
|
||||
|
||||
<b>header</b><i>_</i><b>size</b><i>_</i><b>limit</b>
|
||||
Limits the amount of memory in bytes used to pro-
|
||||
cess a message header.
|
||||
Limits the amount of memory in bytes used to store
|
||||
a message header.
|
||||
|
||||
<b>in</b><i>_</i><b>flow</b><i>_</i><b>delay</b>
|
||||
Amount of time to pause before accepting a message,
|
||||
|
|
|
@ -209,7 +209,7 @@ domains with "relay access denied"</a>
|
|||
|
||||
<li><a href="#relay_restrict">Restricting what users can send mail to off-site destinations</a>
|
||||
|
||||
<li><a href="#backup">Configuring Postfix as backup MX host</a>
|
||||
<li><a href="#backup">Configuring Postfix as MX host for a remote site</a>
|
||||
|
||||
</ul>
|
||||
|
||||
|
@ -1441,7 +1441,20 @@ the address does resolve to a name.
|
|||
<p>
|
||||
|
||||
You run the Postfix SMTP server inside a <b>chroot</b> jail for
|
||||
extra security, but some configuration files are missing. In order
|
||||
extra security, but some configuration files are missing or have
|
||||
incorrect information. The command "postfix check" will report
|
||||
what files may have incorrect information. For example:
|
||||
|
||||
<blockquote>
|
||||
<pre>
|
||||
warning: /var/spool/postfix/etc/resolv.conf and /etc/resolv.conf differ
|
||||
warning: /var/spool/postfix/etc/localtime and /etc/localtime differ
|
||||
</pre>
|
||||
</blockquote>
|
||||
|
||||
<p>
|
||||
|
||||
In order
|
||||
to run inside a chroot jail, the Postfix SMTP client and server
|
||||
need copies of system configuration files inside the Postfix queue
|
||||
directory. The exact list of files is very system dependent, but
|
||||
|
@ -1685,7 +1698,7 @@ host.
|
|||
|
||||
<hr>
|
||||
|
||||
<a name="backup"><h3>Configuring Postfix as backup MX host</h3></a>
|
||||
<a name="backup"><h3>Configuring Postfix as MX host for a remote site</h3></a>
|
||||
|
||||
When you are <b>secondary mx</b> for a <b>remote site</b> this is
|
||||
all you need:
|
||||
|
@ -1703,6 +1716,10 @@ all you need:
|
|||
|
||||
<p>
|
||||
|
||||
<blink><b>DO NOT LIST the.backed-up.domain.tld in MYDESTINATION</b></blink>
|
||||
|
||||
<p>
|
||||
|
||||
When you are <b>primary mx</b> for a <b>remote site</b> you also
|
||||
need:
|
||||
|
||||
|
@ -1713,7 +1730,7 @@ need:
|
|||
transport_maps = hash:/etc/postfix/transport
|
||||
|
||||
/etc/postfix/transport:
|
||||
the.backed-up.domain.tld smtp:[their.mail.host.tld]
|
||||
the.backed-up.domain.tld relay:[their.mail.host.tld]
|
||||
</pre>
|
||||
|
||||
<p>
|
||||
|
@ -1772,7 +1789,8 @@ for the <b>/etc/resolv.conf</b> file.
|
|||
Check out your Postfix <b>master.cf</b> file. If the SMTP client
|
||||
runs chrooted, then it needs a bunch of files inside the Postfix
|
||||
queue directory. Examples are in the source distribution in the
|
||||
<b>examples</b> subdirectory.
|
||||
<b>examples</b> subdirectory. See also the other FAQ entry on
|
||||
<a href="#numerical_log">name service trouble</a>.
|
||||
|
||||
</ul>
|
||||
|
||||
|
@ -2618,8 +2636,9 @@ the <b>virtual_mailbox_maps</b> parameter.
|
|||
|
||||
<p>
|
||||
|
||||
If you want to deliver the domain as a Postfix simulated <a
|
||||
href="virtual.8.html">virtual</a>(5) domain, then you should list
|
||||
If you want to deliver the domain as a <a href="virtual.8.html">
|
||||
virtual</a>(5) alias domain, where each address is aliased to
|
||||
a real local or remote address, then you should list
|
||||
the virtual domain name in the tables specified with the
|
||||
<b>virtual_alias_domains</b> parameter instead.
|
||||
|
||||
|
@ -2638,7 +2657,7 @@ Solutions:
|
|||
|
||||
<ul>
|
||||
|
||||
<li>Specify a simulated virtual domain as per the
|
||||
<li>Specify a virtual alias domain as per the
|
||||
<a href="virtual.5.html">virtual(5)</a> manual page.
|
||||
|
||||
<p>
|
||||
|
|
|
@ -41,102 +41,105 @@ PCRE_TABLE(5) PCRE_TABLE(5)
|
|||
|
||||
<b>if</b> <b>/</b><i>pattern</i><b>/</b><i>flags</i>
|
||||
|
||||
<b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
|
||||
matches. The <b>if</b>..<b>endif</b> can nest. Do not prepend
|
||||
whitespace to patterns inside <b>if</b>..<b>endif</b>.
|
||||
<b>endif</b> Match the search string against the patterns
|
||||
between <b>if</b> and <b>endif</b>, if and only if the search
|
||||
string matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
|
||||
|
||||
Note: do not prepend whitespace to patterns inside
|
||||
<b>if</b>..<b>endif</b>.
|
||||
|
||||
Each pattern is a perl-like regular expression. The
|
||||
expression delimiter can be any character, except whites-
|
||||
pace or characters that have special meaning (tradition-
|
||||
ally the forward slash is used). The regular expression
|
||||
expression delimiter can be any character, except whites-
|
||||
pace or characters that have special meaning (tradition-
|
||||
ally the forward slash is used). The regular expression
|
||||
can contain whitespace.
|
||||
|
||||
By default, matching is case-insensitive, and newlines are
|
||||
not treated as special characters. The behavior is con-
|
||||
trolled by flags, which are toggled by appending one or
|
||||
not treated as special characters. The behavior is con-
|
||||
trolled by flags, which are toggled by appending one or
|
||||
more of the following characters after the pattern:
|
||||
|
||||
<b>i</b> (default: on)
|
||||
Toggles the case sensitivity flag. By default,
|
||||
Toggles the case sensitivity flag. By default,
|
||||
matching is case insensitive.
|
||||
|
||||
<b>m</b> (default: off)
|
||||
Toggles the PCRE_MULTILINE flag. When this flag is
|
||||
on, the <b>^</b> and <b>$</b> metacharacters match immediately
|
||||
after and immediately before a newline character,
|
||||
respectively, in addition to matching at the start
|
||||
Toggles the PCRE_MULTILINE flag. When this flag is
|
||||
on, the <b>^</b> and <b>$</b> metacharacters match immediately
|
||||
after and immediately before a newline character,
|
||||
respectively, in addition to matching at the start
|
||||
and end of the subject string.
|
||||
|
||||
<b>s</b> (default: on)
|
||||
Toggles the PCRE_DOTALL flag. When this flag is on,
|
||||
the <b>.</b> metacharacter matches the newline character.
|
||||
With Postfix versions prior to 20020528, The flag
|
||||
With Postfix versions prior to 20020528, The flag
|
||||
is off by default, which is inconvenient for multi-
|
||||
line message header matching.
|
||||
|
||||
<b>x</b> (default: off)
|
||||
Toggles the pcre extended flag. When this flag is
|
||||
on, whitespace in the pattern (other than in a
|
||||
Toggles the pcre extended flag. When this flag is
|
||||
on, whitespace in the pattern (other than in a
|
||||
character class) and characters between a <b>#</b> outside
|
||||
a character class and the next newline character
|
||||
are ignored. An escaping backslash can be used to
|
||||
include a whitespace or <b>#</b> character as part of the
|
||||
a character class and the next newline character
|
||||
are ignored. An escaping backslash can be used to
|
||||
include a whitespace or <b>#</b> character as part of the
|
||||
pattern.
|
||||
|
||||
<b>A</b> (default: off)
|
||||
Toggles the PCRE_ANCHORED flag. When this flag is
|
||||
on, the pattern is forced to be "anchored", that
|
||||
Toggles the PCRE_ANCHORED flag. When this flag is
|
||||
on, the pattern is forced to be "anchored", that
|
||||
is, it is constrained to match only at the start of
|
||||
the string which is being searched (the "subject
|
||||
string"). This effect can also be achieved by
|
||||
the string which is being searched (the "subject
|
||||
string"). This effect can also be achieved by
|
||||
appropriate constructs in the pattern itself.
|
||||
|
||||
<b>E</b> (default: off)
|
||||
Toggles the PCRE_DOLLAR_ENDONLY flag. When this
|
||||
flag is on, a <b>$</b> metacharacter in the pattern
|
||||
matches only at the end of the subject string.
|
||||
Without this flag, a dollar also matches immedi-
|
||||
Toggles the PCRE_DOLLAR_ENDONLY flag. When this
|
||||
flag is on, a <b>$</b> metacharacter in the pattern
|
||||
matches only at the end of the subject string.
|
||||
Without this flag, a dollar also matches immedi-
|
||||
ately before the final character if it is a newline
|
||||
character (but not before any other newline charac-
|
||||
ters). This flag is ignored if PCRE_MULTILINE flag
|
||||
ters). This flag is ignored if PCRE_MULTILINE flag
|
||||
is set.
|
||||
|
||||
<b>U</b> (default: off)
|
||||
Toggles the ungreedy matching flag. When this flag
|
||||
is on, the pattern matching engine inverts the
|
||||
"greediness" of the quantifiers so that they are
|
||||
not greedy by default, but become greedy if fol-
|
||||
lowed by "?". This flag can also set by a (?U)
|
||||
is on, the pattern matching engine inverts the
|
||||
"greediness" of the quantifiers so that they are
|
||||
not greedy by default, but become greedy if fol-
|
||||
lowed by "?". This flag can also set by a (?U)
|
||||
modifier within the pattern.
|
||||
|
||||
<b>X</b> (default: off)
|
||||
Toggles the PCRE_EXTRA flag. When this flag is on,
|
||||
any backslash in a pattern that is followed by a
|
||||
any backslash in a pattern that is followed by a
|
||||
letter that has no special meaning causes an error,
|
||||
thus reserving these combinations for future expan-
|
||||
sion.
|
||||
|
||||
Each pattern is applied to the entire lookup key string.
|
||||
Depending on the application, that string is an entire
|
||||
Each pattern is applied to the entire lookup key string.
|
||||
Depending on the application, that string is an entire
|
||||
client hostname, an entire client IP address, or an entire
|
||||
mail address. Thus, no parent domain or parent network
|
||||
search is done, and <i>user@domain</i> mail addresses are not
|
||||
broken up into their <i>user</i> and <i>domain</i> constituent parts,
|
||||
mail address. Thus, no parent domain or parent network
|
||||
search is done, and <i>user@domain</i> mail addresses are not
|
||||
broken up into their <i>user</i> and <i>domain</i> constituent parts,
|
||||
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
|
||||
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
string.
|
||||
|
||||
Substitution of substrings from the matched expression
|
||||
into the result string is possible using the conventional
|
||||
perl syntax ($1, $2, etc.). The macros in the result
|
||||
string may need to be written as ${n} or $(n) if they
|
||||
Substitution of substrings from the matched expression
|
||||
into the result string is possible using the conventional
|
||||
perl syntax ($1, $2, etc.). The macros in the result
|
||||
string may need to be written as ${n} or $(n) if they
|
||||
aren't followed by whitespace.
|
||||
|
||||
<b>EXAMPLE</b> <b>SMTPD</b> <b>ACCESS</b> <b>MAP</b>
|
||||
# Protect your outgoing majordomo exploders
|
||||
/^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
|
||||
/^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
|
||||
|
||||
# Bounce friend@whatever, except when whatever is our domain (you would
|
||||
# be better just bouncing all friend@ mail - this is just an example).
|
||||
|
|
|
@ -63,14 +63,14 @@ POSTALIAS(1) POSTALIAS(1)
|
|||
root privileges and runs as the source file owner
|
||||
instead.
|
||||
|
||||
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
|
||||
first value found on the standard output stream.
|
||||
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
|
||||
first value found to the standard output stream.
|
||||
The exit status is zero when the requested informa-
|
||||
tion was found.
|
||||
|
||||
If a key value of <b>-</b> is specified, the program reads
|
||||
key values from the standard input stream and
|
||||
prints one line of <i>key:</i> <i>value</i> output for each key
|
||||
writes one line of <i>key:</i> <i>value</i> output for each key
|
||||
that was found. The exit status is zero when at
|
||||
least one of the requested keys was found.
|
||||
|
||||
|
|
|
@ -5,25 +5,47 @@ POSTCAT(1) POSTCAT(1)
|
|||
postcat - show Postfix queue file contents
|
||||
|
||||
<b>SYNOPSIS</b>
|
||||
<b>postcat</b> [<b>-v</b>] [<i>files</i>...]
|
||||
<b>postcat</b> [<b>-vq</b>] [<b>-c</b> <i>config_dir</i>] [<i>files</i>...]
|
||||
|
||||
<b>DESCRIPTION</b>
|
||||
The <b>postcat</b> command prints the contents of the named Post-
|
||||
fix queue <i>files</i> in human-readable form. If no <i>files</i> are
|
||||
specified on the command line, the program reads from
|
||||
standard input.
|
||||
The <b>postcat</b> command prints the contents of the named <i>files</i>
|
||||
in human-readable form. The files are expected to be in
|
||||
Postfix queue file format. If no <i>files</i> are specified on
|
||||
the command line, the program reads from standard input.
|
||||
|
||||
Options:
|
||||
|
||||
<b>-c</b> <i>config_dir</i>
|
||||
The <b>main.cf</b> configuration file is in the named
|
||||
directory instead of the default configuration
|
||||
directory.
|
||||
|
||||
<b>-q</b> Search the Postfix queue for the named <i>files</i>
|
||||
instead of taking the names literally.
|
||||
|
||||
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
|
||||
tiple <b>-v</b> options make the software increasingly
|
||||
tiple <b>-v</b> options make the software increasingly
|
||||
verbose.
|
||||
|
||||
<b>DIAGNOSTICS</b>
|
||||
Problems are reported to the standard error stream.
|
||||
|
||||
<b>ENVIRONMENT</b>
|
||||
<b>MAIL</b><i>_</i><b>CONFIG</b>
|
||||
Directory with Postfix configuration files.
|
||||
|
||||
<b>CONFIGURATION</b> <b>PARAMETERS</b>
|
||||
See the Postfix <b>main.cf</b> file for syntax details and for
|
||||
default values. Use the <b>postfix</b> <b>reload</b> command after a
|
||||
configuration change.
|
||||
|
||||
<b>queue</b><i>_</i><b>directory</b>
|
||||
Top-level directory of the Postfix queue. This is
|
||||
also the root directory of Postfix daemons that run
|
||||
chrooted.
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -84,14 +84,14 @@ POSTMAP(1) POSTMAP(1)
|
|||
privileges and runs as the source file owner
|
||||
instead.
|
||||
|
||||
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
|
||||
first value found on the standard output stream.
|
||||
<b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
|
||||
first value found to the standard output stream.
|
||||
The exit status is zero when the requested informa-
|
||||
tion was found.
|
||||
|
||||
If a key value of <b>-</b> is specified, the program reads
|
||||
key values from the standard input stream and
|
||||
prints one line of <i>key</i> <i>value</i> output for each key
|
||||
writes one line of <i>key</i> <i>value</i> output for each key
|
||||
that was found. The exit status is zero when at
|
||||
least one of the requested keys was found.
|
||||
|
||||
|
|
|
@ -88,7 +88,9 @@ PROXYMAP(8) PROXYMAP(8)
|
|||
The proxymap server opens only tables that are approved
|
||||
via the <b>proxy</b><i>_</i><b>read</b><i>_</i><b>maps</b> configuration parameter, does not
|
||||
talk to users, and can run at fixed low privilege,
|
||||
chrooted or not.
|
||||
chrooted or not. However, running the proxymap server
|
||||
chrooted severely limits usability, because it can open
|
||||
only chrooted tables.
|
||||
|
||||
The proxymap server is not a trusted daemon process, and
|
||||
must not be used to look up sensitive information such as
|
||||
|
|
|
@ -45,37 +45,40 @@ REGEXP_TABLE(5) REGEXP_TABLE(5)
|
|||
|
||||
<b>if</b> <b>!/</b><i>pattern</i><b>/</b><i>flags</i>
|
||||
|
||||
<b>endif</b> Examine the lines between <b>if</b>..<b>endif</b> only if <i>pattern</i>
|
||||
matches (does not match). The <b>if</b>..<b>endif</b> can nest.
|
||||
Do not prepend whitespace to patterns inside
|
||||
<b>endif</b> Match the search string against the patterns
|
||||
between <b>if</b> and <b>endif</b>, if and only if the search
|
||||
string matches (does not match) <i>pattern</i>. The
|
||||
<b>if</b>..<b>endif</b> can nest.
|
||||
|
||||
Note: do not prepend whitespace to patterns inside
|
||||
<b>if</b>..<b>endif</b>.
|
||||
|
||||
Each pattern is a regular expression enclosed by a pair of
|
||||
delimiters. The regular expression syntax is described in
|
||||
<i>re_format</i>(7). The expression delimiter can be any charac-
|
||||
ter, except whitespace or characters that have special
|
||||
meaning (traditionally the forward slash is used). The
|
||||
ter, except whitespace or characters that have special
|
||||
meaning (traditionally the forward slash is used). The
|
||||
regular expression can contain whitespace.
|
||||
|
||||
By default, matching is case-insensitive, although follow-
|
||||
ing the second slash with an `i' flag will reverse this.
|
||||
Other flags are `x' (disable extended expression syntax),
|
||||
and `m' (enable multi-line mode, that is, treat newline
|
||||
ing the second slash with an `i' flag will reverse this.
|
||||
Other flags are `x' (disable extended expression syntax),
|
||||
and `m' (enable multi-line mode, that is, treat newline
|
||||
characters as special).
|
||||
|
||||
Each pattern is applied to the entire lookup key string.
|
||||
Depending on the application, that string is an entire
|
||||
Each pattern is applied to the entire lookup key string.
|
||||
Depending on the application, that string is an entire
|
||||
client hostname, an entire client IP address, or an entire
|
||||
mail address. Thus, no parent domain or parent network
|
||||
search is done, and <i>user@domain</i> mail addresses are not
|
||||
broken up into their <i>user</i> and <i>domain</i> constituent parts,
|
||||
mail address. Thus, no parent domain or parent network
|
||||
search is done, and <i>user@domain</i> mail addresses are not
|
||||
broken up into their <i>user</i> and <i>domain</i> constituent parts,
|
||||
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
|
||||
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
string.
|
||||
|
||||
Substitution of substrings from the matched expression
|
||||
Substitution of substrings from the matched expression
|
||||
into the result string is possible using $1, $2, etc.. The
|
||||
macros in the result string may need to be written as ${n}
|
||||
or $(n) if they aren't followed by whitespace.
|
||||
|
|
|
@ -31,28 +31,28 @@ RELOCATED(5) RELOCATED(5)
|
|||
Table lookups are case insensitive.
|
||||
|
||||
<b>TABLE</b> <b>FORMAT</b>
|
||||
The format of the table is as follows:
|
||||
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
|
||||
|
||||
<b>o</b> An entry has one of the following form:
|
||||
<i>key</i> <i>new_location</i>
|
||||
Where <i>new_location</i> specifies contact information
|
||||
such as an email address, or perhaps a street
|
||||
<i>pattern</i> <i>new_location</i>
|
||||
Where <i>new_location</i> specifies contact information
|
||||
such as an email address, or perhaps a street
|
||||
address or telephone number.
|
||||
|
||||
<b>o</b> Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
<b>o</b> Empty lines and whitespace-only lines are ignored,
|
||||
as are lines whose first non-whitespace character
|
||||
is a `#'.
|
||||
|
||||
<b>o</b> A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
<b>o</b> A logical line starts with non-whitespace text. A
|
||||
line that starts with whitespace continues a logi-
|
||||
cal line.
|
||||
|
||||
With lookups from indexed files such as DB or DBM, or from
|
||||
networked tables such as NIS, LDAP or SQL, the <i>key</i> field
|
||||
is one of the following:
|
||||
networked tables such as NIS, LDAP or SQL, patterns are
|
||||
tried in the order as listed below:
|
||||
|
||||
<i>user</i>@<i>domain</i>
|
||||
Matches <i>user</i>@<i>domain</i>. This form has precedence over
|
||||
Matches <i>user</i>@<i>domain</i>. This form has precedence over
|
||||
all other forms.
|
||||
|
||||
<i>user</i> Matches <i>user</i>@<i>site</i> when <i>site</i> is $<b>myorigin</b>, when <i>site</i>
|
||||
|
@ -60,42 +60,42 @@ RELOCATED(5) RELOCATED(5)
|
|||
in $<b>inet</b><i>_</i><b>interfaces</b>.
|
||||
|
||||
@<i>domain</i>
|
||||
Matches every address in <i>domain</i>. This form has the
|
||||
Matches every address in <i>domain</i>. This form has the
|
||||
lowest precedence.
|
||||
|
||||
<b>ADDRESS</b> <b>EXTENSION</b>
|
||||
When a mail address localpart contains the optional recip-
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
|
||||
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
|
||||
@<i>domain</i>.
|
||||
|
||||
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
|
||||
This section describes how the table lookups change when
|
||||
This section describes how the table lookups change when
|
||||
the table is given in the form of regular expressions. For
|
||||
a description of regular expression lookup table syntax,
|
||||
a description of regular expression lookup table syntax,
|
||||
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
|
||||
|
||||
Each pattern is a regular expression that is applied to
|
||||
Each pattern is a regular expression that is applied to
|
||||
the entire address being looked up. Thus, <i>user@domain</i> mail
|
||||
addresses are not broken up into their <i>user</i> and <i>@domain</i>
|
||||
addresses are not broken up into their <i>user</i> and <i>@domain</i>
|
||||
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
|
||||
<i>foo</i>.
|
||||
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
Patterns are applied in the order as specified in the
|
||||
table, until a pattern is found that matches the search
|
||||
string.
|
||||
|
||||
Results are the same as with indexed file lookups, with
|
||||
the additional feature that parenthesized substrings from
|
||||
Results are the same as with indexed file lookups, with
|
||||
the additional feature that parenthesized substrings from
|
||||
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
|
||||
|
||||
<b>BUGS</b>
|
||||
The table format does not understand quoting conventions.
|
||||
The table format does not understand quoting conventions.
|
||||
|
||||
<b>CONFIGURATION</b> <b>PARAMETERS</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this topic. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this topic. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
command after a configuration change.
|
||||
|
||||
<b>relocated</b><i>_</i><b>maps</b>
|
||||
|
@ -104,12 +104,12 @@ RELOCATED(5) RELOCATED(5)
|
|||
Other parameters of interest:
|
||||
|
||||
<b>inet</b><i>_</i><b>interfaces</b>
|
||||
The network interface addresses that this system
|
||||
The network interface addresses that this system
|
||||
receives mail on. You need to stop and start Post-
|
||||
fix when this parameter changes.
|
||||
|
||||
<b>mydestination</b>
|
||||
List of domains that this mail system considers
|
||||
List of domains that this mail system considers
|
||||
local.
|
||||
|
||||
<b>myorigin</b>
|
||||
|
@ -121,7 +121,7 @@ RELOCATED(5) RELOCATED(5)
|
|||
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -310,8 +310,8 @@ href="cleanup.8.html">cleanup</a> daemon uses the <a
|
|||
href="virtual.5.html">virtual alias</a> table to redirect mail for all
|
||||
recipients, local or remote. The mapping affects only envelope
|
||||
recipients; it has no effect on message headers or envelope senders.
|
||||
Virtual alias lookups are useful to redirect mail for simulated
|
||||
virtual domains to real user mailboxes, and to redirect mail for
|
||||
Virtual alias lookups are useful to redirect mail for virtual
|
||||
alias domains to real user mailboxes, and to redirect mail for
|
||||
domains that no longer exist. Virtual alias lookups can also be
|
||||
used to transform <i> Firstname.Lastname </i> back into UNIX login
|
||||
names, although it seems that local <a href="#aliases">aliases</a>
|
||||
|
|
|
@ -25,11 +25,6 @@ SMTP(8) SMTP(8)
|
|||
preference, and connects to each listed address until it
|
||||
finds a server that responds.
|
||||
|
||||
When the domain or host is specified as a comma/whitespace
|
||||
separated list, the SMTP client repeats the above process
|
||||
for all destinations until it finds a server that
|
||||
responds.
|
||||
|
||||
Once the SMTP client has received the server greeting ban-
|
||||
ner, no error will cause it to proceed to the next address
|
||||
on the mail exchanger list. Instead, the message is either
|
||||
|
@ -37,7 +32,7 @@ SMTP(8) SMTP(8)
|
|||
|
||||
<b>SECURITY</b>
|
||||
The SMTP client is moderately security-sensitive. It talks
|
||||
to SMTP servers and to DNS servers on the network. The
|
||||
to SMTP servers and to DNS servers on the network. The
|
||||
SMTP client can be run chrooted at fixed low privilege.
|
||||
|
||||
<b>STANDARDS</b>
|
||||
|
@ -53,73 +48,73 @@ SMTP(8) SMTP(8)
|
|||
<a href="http://www.faqs.org/rfcs/rfc2920.html">RFC 2920</a> (SMTP Pipelining)
|
||||
|
||||
<b>DIAGNOSTICS</b>
|
||||
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
|
||||
rupted message files are marked so that the queue manager
|
||||
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
|
||||
rupted message files are marked so that the queue manager
|
||||
can move them to the <b>corrupt</b> queue for further inspection.
|
||||
|
||||
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
|
||||
the postmaster is notified of bounces, protocol problems,
|
||||
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
|
||||
the postmaster is notified of bounces, protocol problems,
|
||||
and of other trouble.
|
||||
|
||||
<b>BUGS</b>
|
||||
<b>CONFIGURATION</b> <b>PARAMETERS</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this program. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
The following <b>main.cf</b> parameters are especially relevant
|
||||
to this program. See the Postfix <b>main.cf</b> file for syntax
|
||||
details and for default values. Use the <b>postfix</b> <b>reload</b>
|
||||
command after a configuration change.
|
||||
|
||||
<b>Miscellaneous</b>
|
||||
<b>best</b><i>_</i><b>mx</b><i>_</i><b>transport</b>
|
||||
Name of the delivery transport to use when the
|
||||
local machine is the most-preferred mail exchanger
|
||||
(by default, a mailer loop is reported, and the
|
||||
Name of the delivery transport to use when the
|
||||
local machine is the most-preferred mail exchanger
|
||||
(by default, a mailer loop is reported, and the
|
||||
message is bounced).
|
||||
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
|
||||
Verbose logging level increment for hosts that
|
||||
Verbose logging level increment for hosts that
|
||||
match a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b> parameter.
|
||||
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
|
||||
List of domain or network patterns. When a remote
|
||||
host matches a pattern, increase the verbose log-
|
||||
ging level by the amount specified in the
|
||||
List of domain or network patterns. When a remote
|
||||
host matches a pattern, increase the verbose log-
|
||||
ging level by the amount specified in the
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
|
||||
|
||||
<b>disable</b><i>_</i><b>dns</b><i>_</i><b>lookups</b>
|
||||
Disable DNS lookups. This means that mail must be
|
||||
Disable DNS lookups. This means that mail must be
|
||||
forwarded via a smart relay host.
|
||||
|
||||
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
|
||||
Recipient of protocol/policy/resource/software
|
||||
Recipient of protocol/policy/resource/software
|
||||
error notices.
|
||||
|
||||
<b>fallback</b><i>_</i><b>relay</b>
|
||||
Hosts to hand off mail to if a message destination
|
||||
Hosts to hand off mail to if a message destination
|
||||
is not found or if a destination is unreachable.
|
||||
|
||||
<b>ignore</b><i>_</i><b>mx</b><i>_</i><b>lookup</b><i>_</i><b>error</b>
|
||||
When a name server fails to respond to an MX query,
|
||||
search for an A record instead deferring mail
|
||||
search for an A record instead deferring mail
|
||||
delivery.
|
||||
|
||||
<b>inet</b><i>_</i><b>interfaces</b>
|
||||
The network interface addresses that this mail sys-
|
||||
tem receives mail on. When any of those addresses
|
||||
tem receives mail on. When any of those addresses
|
||||
appears in the list of mail exchangers for a remote
|
||||
destination, the list is truncated to avoid mail
|
||||
destination, the list is truncated to avoid mail
|
||||
delivery loops. See also the <b>proxy</b><i>_</i><b>interfaces</b>
|
||||
parameter.
|
||||
|
||||
<b>notify</b><i>_</i><b>classes</b>
|
||||
When this parameter includes the <b>protocol</b> class,
|
||||
send mail to the postmaster with transcripts of
|
||||
When this parameter includes the <b>protocol</b> class,
|
||||
send mail to the postmaster with transcripts of
|
||||
SMTP sessions with protocol errors.
|
||||
|
||||
<b>proxy</b><i>_</i><b>interfaces</b>
|
||||
Network interfaces that this mail system receives
|
||||
Network interfaces that this mail system receives
|
||||
mail on by way of a proxy or network address trans-
|
||||
lator. When any of those addresses appears in the
|
||||
list of mail exchangers for a remote destination,
|
||||
lator. When any of those addresses appears in the
|
||||
list of mail exchangers for a remote destination,
|
||||
the list is truncated to avoid mail delivery loops.
|
||||
See also the <b>inet</b><i>_</i><b>interfaces</b> parameter.
|
||||
|
||||
|
@ -130,65 +125,65 @@ SMTP(8) SMTP(8)
|
|||
Never send EHLO at the start of a connection.
|
||||
|
||||
<b>smtp</b><i>_</i><b>bind</b><i>_</i><b>address</b>
|
||||
Numerical source network address to bind to when
|
||||
Numerical source network address to bind to when
|
||||
making a connection.
|
||||
|
||||
<b>smtp</b><i>_</i><b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
|
||||
Length limit for SMTP message content lines. Zero
|
||||
means no limit. Some SMTP servers misbehave on
|
||||
Length limit for SMTP message content lines. Zero
|
||||
means no limit. Some SMTP servers misbehave on
|
||||
long lines.
|
||||
|
||||
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>name</b>
|
||||
The hostname to be used in HELO and EHLO commands.
|
||||
The hostname to be used in HELO and EHLO commands.
|
||||
|
||||
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>4xx</b><i>_</i><b>greeting</b>
|
||||
Skip servers that greet us with a 4xx status code.
|
||||
Skip servers that greet us with a 4xx status code.
|
||||
|
||||
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>5xx</b><i>_</i><b>greeting</b>
|
||||
Skip servers that greet us with a 5xx status code.
|
||||
Skip servers that greet us with a 5xx status code.
|
||||
|
||||
<b>smtp</b><i>_</i><b>skip</b><i>_</i><b>quit</b><i>_</i><b>response</b>
|
||||
Do not wait for the server response after sending
|
||||
Do not wait for the server response after sending
|
||||
QUIT.
|
||||
|
||||
<b>smtp</b><i>_</i><b>pix</b><i>_</i><b>workaround</b><i>_</i><b>delay</b><i>_</i><b>time</b>
|
||||
The time to pause before sending .<CR><LF>, while
|
||||
working around the CISCO PIX firewall
|
||||
The time to pause before sending .<CR><LF>, while
|
||||
working around the CISCO PIX firewall
|
||||
<CR><LF>.<CR><LF> bug.
|
||||
|
||||
<b>smtp</b><i>_</i><b>pix</b><i>_</i><b>workaround</b><i>_</i><b>threshold</b><i>_</i><b>time</b>
|
||||
The time a message must be queued before the CISCO
|
||||
PIX firewall <CR><LF>.<CR><LF> bug workaround is
|
||||
The time a message must be queued before the CISCO
|
||||
PIX firewall <CR><LF>.<CR><LF> bug workaround is
|
||||
turned on.
|
||||
|
||||
<b>MIME</b> <b>Conversion</b>
|
||||
<b>disable</b><i>_</i><b>mime</b><i>_</i><b>output</b><i>_</i><b>conversion</b>
|
||||
Disable the conversion of 8BITMIME format to 7BIT
|
||||
format when the remote system does not advertise
|
||||
Disable the conversion of 8BITMIME format to 7BIT
|
||||
format when the remote system does not advertise
|
||||
8BITMIME support.
|
||||
|
||||
<b>mime</b><i>_</i><b>boundary</b><i>_</i><b>length</b><i>_</i><b>limit</b>
|
||||
The amount of space that will be allocated for MIME
|
||||
multipart boundary strings. The MIME processor is
|
||||
multipart boundary strings. The MIME processor is
|
||||
unable to distinguish between boundary strings that
|
||||
do not differ in the first <b>$mime</b><i>_</i><b>bound-</b>
|
||||
<b>ary</b><i>_</i><b>length</b><i>_</i><b>limit</b> characters.
|
||||
|
||||
<b>mime</b><i>_</i><b>nesting</b><i>_</i><b>limit</b>
|
||||
The maximal nesting level of multipart mail that
|
||||
the MIME processor can handle. Refuse mail that is
|
||||
The maximal nesting level of multipart mail that
|
||||
the MIME processor can handle. Refuse mail that is
|
||||
nested deeper, when converting from 8BITMIME format
|
||||
to 7BIT format.
|
||||
|
||||
<b>Authentication</b> <b>controls</b>
|
||||
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>enable</b>
|
||||
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
|
||||
(SASL). By default, Postfix is built without SASL
|
||||
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
|
||||
(SASL). By default, Postfix is built without SASL
|
||||
support.
|
||||
|
||||
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>password</b><i>_</i><b>maps</b>
|
||||
Lookup tables with per-host or domain <i>name</i>:<i>password</i>
|
||||
entries. No entry for a host means no attempt to
|
||||
entries. No entry for a host means no attempt to
|
||||
authenticate.
|
||||
|
||||
<b>smtp</b><i>_</i><b>sasl</b><i>_</i><b>security</b><i>_</i><b>options</b>
|
||||
|
@ -212,47 +207,47 @@ SMTP(8) SMTP(8)
|
|||
<b>Resource</b> <b>controls</b>
|
||||
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
|
||||
Limit the number of parallel deliveries to the same
|
||||
destination. The default limit is taken from the
|
||||
destination. The default limit is taken from the
|
||||
<b>default</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter.
|
||||
|
||||
<b>smtp</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
|
||||
Limit the number of recipients per message deliv-
|
||||
ery. The default limit is taken from the
|
||||
Limit the number of recipients per message deliv-
|
||||
ery. The default limit is taken from the
|
||||
<b>default</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter.
|
||||
|
||||
<b>Timeout</b> <b>controls</b>
|
||||
The default time unit is seconds; an explicit time unit
|
||||
can be specified by appending a one-letter suffix to the
|
||||
value: s (seconds), m (minutes), h (hours), d (days) or w
|
||||
The default time unit is seconds; an explicit time unit
|
||||
can be specified by appending a one-letter suffix to the
|
||||
value: s (seconds), m (minutes), h (hours), d (days) or w
|
||||
(weeks).
|
||||
|
||||
<b>smtp</b><i>_</i><b>connect</b><i>_</i><b>timeout</b>
|
||||
Timeout for completing a TCP connection. When no
|
||||
connection can be made within the deadline, the
|
||||
SMTP client tries the next address on the mail
|
||||
Timeout for completing a TCP connection. When no
|
||||
connection can be made within the deadline, the
|
||||
SMTP client tries the next address on the mail
|
||||
exchanger list.
|
||||
|
||||
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
|
||||
Timeout for receiving the SMTP greeting banner.
|
||||
When the server drops the connection without send-
|
||||
Timeout for receiving the SMTP greeting banner.
|
||||
When the server drops the connection without send-
|
||||
ing a greeting banner, or when it sends no greeting
|
||||
banner within the deadline, the SMTP client tries
|
||||
banner within the deadline, the SMTP client tries
|
||||
the next address on the mail exchanger list.
|
||||
|
||||
<b>smtp</b><i>_</i><b>helo</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the <b>HELO</b> command, and for
|
||||
Timeout for sending the <b>HELO</b> command, and for
|
||||
receiving the server response.
|
||||
|
||||
<b>smtp</b><i>_</i><b>mail</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the <b>MAIL</b> <b>FROM</b> command, and for
|
||||
Timeout for sending the <b>MAIL</b> <b>FROM</b> command, and for
|
||||
receiving the server response.
|
||||
|
||||
<b>smtp</b><i>_</i><b>rcpt</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the <b>RCPT</b> <b>TO</b> command, and for
|
||||
Timeout for sending the <b>RCPT</b> <b>TO</b> command, and for
|
||||
receiving the server response.
|
||||
|
||||
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>init</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the <b>DATA</b> command, and for
|
||||
Timeout for sending the <b>DATA</b> command, and for
|
||||
receiving the server response.
|
||||
|
||||
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>xfer</b><i>_</i><b>timeout</b>
|
||||
|
@ -260,12 +255,12 @@ SMTP(8) SMTP(8)
|
|||
|
||||
<b>smtp</b><i>_</i><b>data</b><i>_</i><b>done</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the "<b>.</b>" command, and for
|
||||
receiving the server response. When no response is
|
||||
received, a warning is logged that the mail may be
|
||||
receiving the server response. When no response is
|
||||
received, a warning is logged that the mail may be
|
||||
delivered multiple times.
|
||||
|
||||
<b>smtp</b><i>_</i><b>quit</b><i>_</i><b>timeout</b>
|
||||
Timeout for sending the <b>QUIT</b> command, and for
|
||||
Timeout for sending the <b>QUIT</b> command, and for
|
||||
receiving the server response.
|
||||
|
||||
<b>SEE</b> <b>ALSO</b>
|
||||
|
@ -275,7 +270,7 @@ SMTP(8) SMTP(8)
|
|||
syslogd(8) system logging
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -62,28 +62,29 @@ SMTPD(8) SMTPD(8)
|
|||
with comments that Sendmail allows.
|
||||
|
||||
<b>broken</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>clients</b>
|
||||
Support older Microsoft clients that mis-implement
|
||||
the AUTH protocol, and that expect an EHLO response
|
||||
of "250 AUTH=list" instead of "250 AUTH list".
|
||||
Support Microsoft clients that implement an older
|
||||
version of the AUTH protocol, and that expect an
|
||||
EHLO response of "250 AUTH=list" instead of "250
|
||||
AUTH list".
|
||||
|
||||
<b>smtpd</b><i>_</i><b>noop</b><i>_</i><b>commands</b>
|
||||
List of commands that are treated as NOOP (no oper-
|
||||
ation) commands, without any parameter syntax
|
||||
checking and without any state change. This list
|
||||
ation) commands, without any parameter syntax
|
||||
checking and without any state change. This list
|
||||
overrides built-in command definitions.
|
||||
|
||||
<b>Content</b> <b>inspection</b> <b>controls</b>
|
||||
<b>content</b><i>_</i><b>filter</b>
|
||||
The name of a mail delivery transport that filters
|
||||
The name of a mail delivery transport that filters
|
||||
mail and that either bounces mail or re-injects the
|
||||
result back into Postfix. This parameter uses the
|
||||
same syntax as the right-hand side of a Postfix
|
||||
result back into Postfix. This parameter uses the
|
||||
same syntax as the right-hand side of a Postfix
|
||||
transport table.
|
||||
|
||||
<b>Authentication</b> <b>controls</b>
|
||||
<b>enable</b><i>_</i><b>sasl</b><i>_</i><b>authentication</b>
|
||||
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
|
||||
(SASL). This functionality is available only when
|
||||
<b>smtpd</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>enable</b>
|
||||
Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
|
||||
(SASL). This functionality is available only when
|
||||
explicitly selected at program build time and
|
||||
explicitly enabled at runtime.
|
||||
|
||||
|
@ -109,14 +110,14 @@ SMTPD(8) SMTPD(8)
|
|||
Disallow anonymous logins.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>maps</b>
|
||||
Maps that specify the SASL login name that owns a
|
||||
MAIL FROM sender address. Used by the
|
||||
Maps that specify the SASL login name that owns a
|
||||
MAIL FROM sender address. Used by the
|
||||
<b>reject</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>mismatch</b> sender anti-spoofing
|
||||
restriction.
|
||||
|
||||
<b>Miscellaneous</b>
|
||||
<b>always</b><i>_</i><b>bcc</b>
|
||||
Address to send a copy of each message that enters
|
||||
Address to send a copy of each message that enters
|
||||
the system.
|
||||
|
||||
<b>authorized</b><i>_</i><b>verp</b><i>_</i><b>clients</b>
|
||||
|
@ -124,23 +125,23 @@ SMTPD(8) SMTPD(8)
|
|||
that are authorized to use the XVERP extension.
|
||||
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
|
||||
Increment in verbose logging level when a remote
|
||||
Increment in verbose logging level when a remote
|
||||
host matches a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
|
||||
parameter.
|
||||
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
|
||||
List of domain or network patterns. When a remote
|
||||
host matches a pattern, increase the verbose log-
|
||||
ging level by the amount specified in the
|
||||
List of domain or network patterns. When a remote
|
||||
host matches a pattern, increase the verbose log-
|
||||
ging level by the amount specified in the
|
||||
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
|
||||
|
||||
<b>default</b><i>_</i><b>verp</b><i>_</i><b>delimiters</b>
|
||||
The default VERP delimiter characters that are used
|
||||
when the XVERP command is specified without
|
||||
when the XVERP command is specified without
|
||||
explicit delimiters.
|
||||
|
||||
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
|
||||
Recipient of protocol/policy/resource/software
|
||||
Recipient of protocol/policy/resource/software
|
||||
error notices.
|
||||
|
||||
<b>hopcount</b><i>_</i><b>limit</b>
|
||||
|
@ -149,18 +150,18 @@ SMTPD(8) SMTPD(8)
|
|||
<b>notify</b><i>_</i><b>classes</b>
|
||||
List of error classes. Of special interest are:
|
||||
|
||||
<b>policy</b> When a client violates any policy, mail a
|
||||
<b>policy</b> When a client violates any policy, mail a
|
||||
transcript of the entire SMTP session to the
|
||||
postmaster.
|
||||
|
||||
<b>protocol</b>
|
||||
When a client violates the SMTP protocol or
|
||||
When a client violates the SMTP protocol or
|
||||
issues an unimplemented command, mail a
|
||||
transcript of the entire SMTP session to the
|
||||
postmaster.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>banner</b>
|
||||
Text that follows the <b>220</b> status code in the SMTP
|
||||
Text that follows the <b>220</b> status code in the SMTP
|
||||
greeting banner.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
|
||||
|
@ -168,57 +169,57 @@ SMTPD(8) SMTPD(8)
|
|||
expansion of rbl template responses and other text.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
|
||||
Restrict the number of recipients that the SMTP
|
||||
Restrict the number of recipients that the SMTP
|
||||
server accepts per message delivery.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>timeout</b>
|
||||
Limit the time to send a server response and to
|
||||
Limit the time to send a server response and to
|
||||
receive a client request.
|
||||
|
||||
<b>soft</b><i>_</i><b>bounce</b>
|
||||
Change hard (5xx) reject responses into soft (4xx)
|
||||
reject responses. This can be useful for testing
|
||||
Change hard (5xx) reject responses into soft (4xx)
|
||||
reject responses. This can be useful for testing
|
||||
purposes.
|
||||
|
||||
<b>verp</b><i>_</i><b>delimiter</b><i>_</i><b>filter</b>
|
||||
The characters that Postfix accepts as VERP delim-
|
||||
The characters that Postfix accepts as VERP delim-
|
||||
iter characters.
|
||||
|
||||
<b>Known</b> <b>versus</b> <b>unknown</b> <b>recipients</b>
|
||||
<b>show</b><i>_</i><b>user</b><i>_</i><b>unknown</b><i>_</i><b>table</b><i>_</i><b>name</b>
|
||||
Whether or not to reveal the table name in the
|
||||
"User unknown" responses. The extra detail makes
|
||||
trouble shooting easier but also reveals informa-
|
||||
Whether or not to reveal the table name in the
|
||||
"User unknown" responses. The extra detail makes
|
||||
trouble shooting easier but also reveals informa-
|
||||
tion that is nobody elses business.
|
||||
|
||||
<b>unknown</b><i>_</i><b>local</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
The response code when a client specifies a recipi-
|
||||
ent whose domain matches <b>$mydestination</b> or
|
||||
ent whose domain matches <b>$mydestination</b> or
|
||||
<b>$inet</b><i>_</i><b>interfaces</b>, while <b>$local</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is
|
||||
non-empty and does not list the recipient address
|
||||
non-empty and does not list the recipient address
|
||||
or address local-part.
|
||||
|
||||
<b>unknown</b><i>_</i><b>relay</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
The response code when a client specifies a recipi-
|
||||
ent whose domain matches <b>$relay</b><i>_</i><b>domains</b>, while
|
||||
<b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
|
||||
<b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
|
||||
list the recipient address.
|
||||
|
||||
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>alias</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
The response code when a client specifies a recipi-
|
||||
ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
|
||||
while the recipient is not listed in <b>$vir-</b>
|
||||
ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
|
||||
while the recipient is not listed in <b>$vir-</b>
|
||||
<b>tual</b><i>_</i><b>alias</b><i>_</i><b>maps</b>.
|
||||
|
||||
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
The response code when a client specifies a recipi-
|
||||
ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
|
||||
ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
|
||||
while the recipient is not listed in <b>$virtual</b><i>_</i><b>mail-</b>
|
||||
<b>box</b><i>_</i><b>maps</b>.
|
||||
|
||||
<b>Resource</b> <b>controls</b>
|
||||
<b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
|
||||
Limit the amount of memory in bytes used for the
|
||||
Limit the amount of memory in bytes used for the
|
||||
handling of partial input lines.
|
||||
|
||||
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
|
||||
|
@ -226,8 +227,8 @@ SMTPD(8) SMTPD(8)
|
|||
ing on-disk storage for envelope information.
|
||||
|
||||
<b>queue</b><i>_</i><b>minfree</b>
|
||||
Minimal amount of free space in bytes in the queue
|
||||
file system for the SMTP server to accept any mail
|
||||
Minimal amount of free space in bytes in the queue
|
||||
file system for the SMTP server to accept any mail
|
||||
at all.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>history</b><i>_</i><b>flush</b><i>_</i><b>threshold</b>
|
||||
|
@ -242,23 +243,23 @@ SMTPD(8) SMTPD(8)
|
|||
|
||||
<b>smtpd</b><i>_</i><b>soft</b><i>_</i><b>error</b><i>_</i><b>limit</b>
|
||||
When an SMTP client has made this number of errors,
|
||||
wait <i>error_count</i> seconds before responding to any
|
||||
wait <i>error_count</i> seconds before responding to any
|
||||
client request.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>hard</b><i>_</i><b>error</b><i>_</i><b>limit</b>
|
||||
Disconnect after a client has made this number of
|
||||
Disconnect after a client has made this number of
|
||||
errors.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>junk</b><i>_</i><b>command</b><i>_</i><b>limit</b>
|
||||
Limit the number of times a client can issue a junk
|
||||
command such as NOOP, VRFY, ETRN or RSET in one
|
||||
SMTP session before it is penalized with tarpit
|
||||
command such as NOOP, VRFY, ETRN or RSET in one
|
||||
SMTP session before it is penalized with tarpit
|
||||
delays.
|
||||
|
||||
<b>UCE</b> <b>control</b> <b>restrictions</b>
|
||||
<b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
|
||||
List of Postfix features that use <i>domain.tld</i> pat-
|
||||
terns to match <i>sub.domain.tld</i> (as opposed to
|
||||
List of Postfix features that use <i>domain.tld</i> pat-
|
||||
terns to match <i>sub.domain.tld</i> (as opposed to
|
||||
requiring <i>.domain.tld</i> patterns).
|
||||
|
||||
<b>smtpd</b><i>_</i><b>client</b><i>_</i><b>restrictions</b>
|
||||
|
@ -266,19 +267,19 @@ SMTPD(8) SMTPD(8)
|
|||
tem.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>required</b>
|
||||
Require that clients introduce themselves at the
|
||||
Require that clients introduce themselves at the
|
||||
beginning of an SMTP session.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>restrictions</b>
|
||||
Restrict what client hostnames are allowed in <b>HELO</b>
|
||||
Restrict what client hostnames are allowed in <b>HELO</b>
|
||||
and <b>EHLO</b> commands.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>restrictions</b>
|
||||
Restrict what sender addresses are allowed in <b>MAIL</b>
|
||||
Restrict what sender addresses are allowed in <b>MAIL</b>
|
||||
<b>FROM</b> commands.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>restrictions</b>
|
||||
Restrict what recipient addresses are allowed in
|
||||
Restrict what recipient addresses are allowed in
|
||||
<b>RCPT</b> <b>TO</b> commands.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>etrn</b><i>_</i><b>restrictions</b>
|
||||
|
@ -286,73 +287,73 @@ SMTPD(8) SMTPD(8)
|
|||
mands, and what clients may issue <b>ETRN</b> commands.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>data</b><i>_</i><b>restrictions</b>
|
||||
Restrictions on the <b>DATA</b> command. Currently, the
|
||||
only restriction that makes sense here is
|
||||
Restrictions on the <b>DATA</b> command. Currently, the
|
||||
only restriction that makes sense here is
|
||||
<b>reject</b><i>_</i><b>unauth</b><i>_</i><b>pipelining</b>.
|
||||
|
||||
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
|
||||
Allow untrusted clients to specify addresses with
|
||||
sender-specified routing. Enabling this opens up
|
||||
nasty relay loopholes involving trusted backup MX
|
||||
Allow untrusted clients to specify addresses with
|
||||
sender-specified routing. Enabling this opens up
|
||||
nasty relay loopholes involving trusted backup MX
|
||||
hosts.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>restriction</b><i>_</i><b>classes</b>
|
||||
Declares the name of zero or more parameters that
|
||||
contain a list of UCE restrictions. The names of
|
||||
these parameters can then be used instead of the
|
||||
Declares the name of zero or more parameters that
|
||||
contain a list of UCE restrictions. The names of
|
||||
these parameters can then be used instead of the
|
||||
restriction lists that they represent.
|
||||
|
||||
<b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b>
|
||||
The lookup key to be used in SMTPD access tables
|
||||
instead of the null sender address. A null sender
|
||||
The lookup key to be used in SMTPD access tables
|
||||
instead of the null sender address. A null sender
|
||||
address cannot be looked up.
|
||||
|
||||
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b> (deprecated)
|
||||
List of DNS domains that publish the addresses of
|
||||
List of DNS domains that publish the addresses of
|
||||
blacklisted hosts. This is used with the deprecated
|
||||
<b>reject</b><i>_</i><b>maps</b><i>_</i><b>rbl</b> restriction.
|
||||
|
||||
<b>permit</b><i>_</i><b>mx</b><i>_</i><b>backup</b><i>_</i><b>networks</b>
|
||||
Only domains whose primary MX hosts match the
|
||||
listed networks are eligible for the <b>per-</b>
|
||||
Only domains whose primary MX hosts match the
|
||||
listed networks are eligible for the <b>per-</b>
|
||||
<b>mit</b><i>_</i><b>mx</b><i>_</i><b>backup</b> feature.
|
||||
|
||||
<b>relay</b><i>_</i><b>domains</b>
|
||||
Restrict what domains this mail system will relay
|
||||
mail to. The domains are routed to the delivery
|
||||
Restrict what domains this mail system will relay
|
||||
mail to. The domains are routed to the delivery
|
||||
agent specified with the <b>relay</b><i>_</i><b>transport</b> setting.
|
||||
|
||||
<b>UCE</b> <b>control</b> <b>responses</b>
|
||||
<b>access</b><i>_</i><b>map</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
Response code when a client violates an access
|
||||
Response code when a client violates an access
|
||||
database restriction.
|
||||
|
||||
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b>
|
||||
Default template reply when a request is RBL black-
|
||||
listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
|
||||
and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
|
||||
listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
|
||||
and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
|
||||
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
|
||||
|
||||
<b>defer</b><i>_</i><b>code</b>
|
||||
Response code when a client request is rejected by
|
||||
Response code when a client request is rejected by
|
||||
the <b>defer</b> restriction.
|
||||
|
||||
<b>invalid</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
Response code when a client violates the
|
||||
Response code when a client violates the
|
||||
<b>reject</b><i>_</i><b>invalid</b><i>_</i><b>hostname</b> restriction.
|
||||
|
||||
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
Response code when a request is RBL blacklisted.
|
||||
|
||||
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b>
|
||||
Table with template responses for RBL blacklisted
|
||||
requests, indexed by RBL domain name. These tem-
|
||||
Table with template responses for RBL blacklisted
|
||||
requests, indexed by RBL domain name. These tem-
|
||||
plates are used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b> and
|
||||
<b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
|
||||
<b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
|
||||
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
|
||||
|
||||
<b>reject</b><i>_</i><b>code</b>
|
||||
Response code when the client matches a <b>reject</b>
|
||||
Response code when the client matches a <b>reject</b>
|
||||
restriction.
|
||||
|
||||
<b>relay</b><i>_</i><b>domains</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
|
@ -360,7 +361,7 @@ SMTPD(8) SMTPD(8)
|
|||
mail relay policy.
|
||||
|
||||
<b>unknown</b><i>_</i><b>address</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
Response code when a client violates the
|
||||
Response code when a client violates the
|
||||
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>address</b> restriction.
|
||||
|
||||
<b>unknown</b><i>_</i><b>client</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
|
@ -369,7 +370,7 @@ SMTPD(8) SMTPD(8)
|
|||
tion.
|
||||
|
||||
<b>unknown</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
|
||||
Response code when a client violates the
|
||||
Response code when a client violates the
|
||||
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>hostname</b> restriction.
|
||||
|
||||
<b>SEE</b> <b>ALSO</b>
|
||||
|
@ -379,7 +380,7 @@ SMTPD(8) SMTPD(8)
|
|||
syslogd(8) system logging
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
<html> <head> </head> <body> <pre>
|
||||
|
||||
SPAWN(8) SPAWN(8)
|
||||
|
||||
<b>NAME</b>
|
||||
|
@ -77,10 +76,10 @@ SPAWN(8) SPAWN(8)
|
|||
external command.
|
||||
|
||||
<b>Resource</b> <b>control</b>
|
||||
<i>service_</i><b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b>
|
||||
<i>service_</i><b>time</b><i>_</i><b>limit</b>
|
||||
The amount of time the command is allowed to run
|
||||
before it is killed with force. The <i>service</i> name is
|
||||
the name of the entry in the <b>master.cf</b> file. The
|
||||
before it is killed with force. <i>service</i> is the
|
||||
first field of the entry in the <b>master.cf</b> file. The
|
||||
default time limit is given by the global <b>com-</b>
|
||||
<b>mand</b><i>_</i><b>time</b><i>_</i><b>limit</b> configuration parameter.
|
||||
|
||||
|
@ -98,6 +97,5 @@ SPAWN(8) SPAWN(8)
|
|||
P.O. Box 704
|
||||
Yorktown Heights, NY 10598, USA
|
||||
|
||||
1
|
||||
|
||||
SPAWN(8)
|
||||
</pre> </body> </html>
|
||||
|
|
|
@ -17,25 +17,44 @@ TRANSPORT(5) TRANSPORT(5)
|
|||
relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
|
||||
daemon.
|
||||
|
||||
Normally, the <b>transport</b> table is specified as a text file
|
||||
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
|
||||
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
|
||||
fast searching by the mail system. Execute the command
|
||||
<b>postmap</b> <b>/etc/postfix/transport</b> in order to rebuild the
|
||||
This mapping overrides the default routing that is built
|
||||
into Postfix:
|
||||
|
||||
<b>mydestination</b>
|
||||
A list of domains that is by default delivered via
|
||||
<b>$local</b><i>_</i><b>transport</b>.
|
||||
|
||||
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
|
||||
A list of domains that is by default delivered via
|
||||
<b>$virtual</b><i>_</i><b>transport</b>.
|
||||
|
||||
<b>relay</b><i>_</i><b>domains</b>
|
||||
A list of domains that is by default delivered via
|
||||
<b>$relay</b><i>_</i><b>transport</b>.
|
||||
|
||||
any other destination
|
||||
Mail for any other destination is by default deliv-
|
||||
ered via <b>$default</b><i>_</i><b>transport</b>.
|
||||
|
||||
Normally, the <b>transport</b> table is specified as a text file
|
||||
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
|
||||
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
|
||||
fast searching by the mail system. Execute the command
|
||||
<b>postmap</b> <b>/etc/postfix/transport</b> in order to rebuild the
|
||||
indexed file after changing the transport table.
|
||||
|
||||
When the table is provided via other means such as NIS,
|
||||
LDAP or SQL, the same lookups are done as for ordinary
|
||||
When the table is provided via other means such as NIS,
|
||||
LDAP or SQL, the same lookups are done as for ordinary
|
||||
indexed files.
|
||||
|
||||
Alternatively, the table can be provided as a regular-
|
||||
Alternatively, the table can be provided as a regular-
|
||||
expression map where patterns are given as regular expres-
|
||||
sions. In that case, the lookups are done in a slightly
|
||||
different way as described in section "REGULAR EXPRESSION
|
||||
sions. In that case, the lookups are done in a slightly
|
||||
different way as described in section "REGULAR EXPRESSION
|
||||
TABLES".
|
||||
|
||||
<b>TABLE</b> <b>FORMAT</b>
|
||||
The format of the transport table is as follows:
|
||||
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
|
||||
|
||||
<i>pattern</i> <i>result</i>
|
||||
When <i>pattern</i> matches the recipient address or
|
||||
|
|
|
@ -134,7 +134,9 @@ matches a table, the action depends on the lookup result:
|
|||
Reject the message, log the header and the optional text,
|
||||
and send the optional text to the originator.
|
||||
|
||||
<dt>IGNORE <dd> Delete the header from the message.
|
||||
<dt>OK <dd>Skip all further header patterns for this header line.
|
||||
|
||||
<dt>IGNORE <dd> Delete the header line from the message.
|
||||
|
||||
<dt>WARN <dd>
|
||||
|
||||
|
@ -240,7 +242,9 @@ and send the optional text to the originator.
|
|||
Log (but do not reject) the body line with a warning, and log the
|
||||
optional text.
|
||||
|
||||
<dt>IGNORE <dd> Delete the matched line from the message.
|
||||
<dt>OK <dd>Skip all further body patterns for this body line.
|
||||
|
||||
<dt>IGNORE <dd> Delete the body line from the message.
|
||||
|
||||
<dt>HOLD <dd>
|
||||
|
||||
|
@ -344,8 +348,8 @@ reject_rbl_client relays.mail-abuse.org</b> (paid service)
|
|||
<dd> <b>smtpd_client_restrictions = hash:/etc/postfix/access,
|
||||
reject_rbl_client relays.ordb.org</b> (free service)
|
||||
|
||||
<dd> <b>smtpd_client_restrictions = hash:/etc/postfix/access,
|
||||
reject_rhsbl_client dsn.rfc-ignorant.org</b> (free service)
|
||||
<dd> <b>smtpd_sender_restrictions = hash:/etc/postfix/access,
|
||||
reject_rhsbl_sender dsn.rfc-ignorant.org</b> (free service)
|
||||
|
||||
<dd> <b>smtpd_client_restrictions = permit_mynetworks,
|
||||
reject_unknown_client</b>
|
||||
|
@ -856,7 +860,7 @@ and the address contains no sender-specified routing
|
|||
<li>Postfix is the final destination: any destination that matches
|
||||
<a href="basic.html#mydestination">$mydestination</a>, <a
|
||||
href="basic.html#inet_interfaces">$inet_interfaces</a>, <a
|
||||
href="virtual.5.html">$virtual_alias_domains</a>, or
|
||||
href="virtual.5.html">$virtual_alias_domains</a>, or <a
|
||||
href="virtual.8.html">$virtual_mailbox_domains</a>.
|
||||
|
||||
</ul>
|
||||
|
@ -930,19 +934,19 @@ lookup tables:
|
|||
|
||||
<table border="1">
|
||||
|
||||
<tr><th>Recipient domain matches <th>Recipient lookup table
|
||||
<tr><th>Recipient domain matches</th> <th>Recipient lookup table</th>
|
||||
|
||||
<tr><td><a href="basic.html#mydestination"> $mydestination</a> or
|
||||
<a href="basic.html#inet_interfaces">$inet_interfaces</a>
|
||||
<td>$local_recipient_maps
|
||||
</tr><tr><td><a href="basic.html#mydestination"> $mydestination</a> or
|
||||
<a href="basic.html#inet_interfaces">$inet_interfaces</a></td>
|
||||
<td>$local_recipient_maps</td>
|
||||
|
||||
<tr><td>$virtual_alias_domains <td>$virtual_alias_maps
|
||||
</tr><tr><td>$virtual_alias_domains</td> <td>$virtual_alias_maps</td>
|
||||
|
||||
<tr><td>$virtual_mailbox_domains <td>$virtual_mailbox_maps
|
||||
</tr><tr><td>$virtual_mailbox_domains</td> <td>$virtual_mailbox_maps</td>
|
||||
|
||||
<tr><td>$relay_domains <td>$relay_recipient_maps
|
||||
</tr><tr><td>$relay_domains</td> <td>$relay_recipient_maps</td>
|
||||
|
||||
</table>
|
||||
</tr></table>
|
||||
|
||||
</blockquote>
|
||||
|
||||
|
|
|
@ -54,8 +54,7 @@ VIRTUAL(5) VIRTUAL(5)
|
|||
different way as described below.
|
||||
|
||||
<b>TABLE</b> <b>FORMAT</b>
|
||||
The format of the virtual table is as follows, mappings
|
||||
being tried in the order as listed in this manual page:
|
||||
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
|
||||
|
||||
<i>pattern</i> <i>result</i>
|
||||
When <i>pattern</i> matches a mail address, replace it by
|
||||
|
@ -138,9 +137,9 @@ VIRTUAL(5) VIRTUAL(5)
|
|||
<i>user2@virtual-alias.domain</i> <i>address2,</i> <i>address3</i>
|
||||
|
||||
The <i>virtual-alias.domain</i> <i>anything</i> entry is required for a
|
||||
virtual alias domain. Without this entry, mail is rejected
|
||||
with "relay access denied", or bounces with "mail loops
|
||||
back to myself".
|
||||
virtual alias domain. <b>Without</b> <b>this</b> <b>entry,</b> <b>mail</b> <b>is</b> <b>rejected</b>
|
||||
<b>with</b> <b>"relay</b> <b>access</b> <b>denied",</b> <b>or</b> <b>bounces</b> <b>with</b> <b>"mail</b> <b>loops</b>
|
||||
<b>back</b> <b>to</b> <b>myself".</b>
|
||||
|
||||
Do not specify virtual alias domain names in the <b>main.cf</b>
|
||||
<b>mydestination</b> or <b>relay</b><i>_</i><b>domains</b> configuration parameters.
|
||||
|
|
|
@ -152,110 +152,109 @@ VIRTUAL(8) VIRTUAL(8)
|
|||
|
||||
<b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b>
|
||||
Specifies a minimum uid that will be accepted as a
|
||||
return from a <b>virtual</b><i>_</i><b>owner</b><i>_</i><b>maps</b> or <b>vir-</b>
|
||||
<b>tual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned values less than
|
||||
this will be rejected, and the message will be
|
||||
deferred.
|
||||
return from a <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned
|
||||
values less than this will be rejected, and the
|
||||
message will be deferred.
|
||||
|
||||
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
|
||||
Recipients are looked up in these maps to determine
|
||||
the user ID to be used when writing to the target
|
||||
the user ID to be used when writing to the target
|
||||
mailbox.
|
||||
|
||||
While searching a lookup table, an address exten-
|
||||
While searching a lookup table, an address exten-
|
||||
sion (<i>user+foo@domain.tld</i>) is ignored.
|
||||
|
||||
In a lookup table, specify a left-hand side of
|
||||
<i>@domain.tld</i> to match any user in the specified
|
||||
domain that does not have a specific
|
||||
In a lookup table, specify a left-hand side of
|
||||
<i>@domain.tld</i> to match any user in the specified
|
||||
domain that does not have a specific
|
||||
<i>user@domain.tld</i> entry.
|
||||
|
||||
For security reasons, regular expression maps are
|
||||
allowed but regular expression substitution of $1
|
||||
For security reasons, regular expression maps are
|
||||
allowed but regular expression substitution of $1
|
||||
etc. is disallowed, because that would open a secu-
|
||||
rity hole.
|
||||
|
||||
For security reasons, proxied table lookup is not
|
||||
For security reasons, proxied table lookup is not
|
||||
allowed, because that would open a security hole.
|
||||
|
||||
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b>
|
||||
Recipients are looked up in these maps to determine
|
||||
the group ID to be used when writing to the target
|
||||
the group ID to be used when writing to the target
|
||||
mailbox.
|
||||
|
||||
While searching a lookup table, an address exten-
|
||||
While searching a lookup table, an address exten-
|
||||
sion (<i>user+foo@domain.tld</i>) is ignored.
|
||||
|
||||
In a lookup table, specify a left-hand side of
|
||||
<i>@domain.tld</i> to match any user in the specified
|
||||
domain that does not have a specific
|
||||
In a lookup table, specify a left-hand side of
|
||||
<i>@domain.tld</i> to match any user in the specified
|
||||
domain that does not have a specific
|
||||
<i>user@domain.tld</i> entry.
|
||||
|
||||
For security reasons, regular expression maps are
|
||||
allowed but regular expression substitution of $1
|
||||
For security reasons, regular expression maps are
|
||||
allowed but regular expression substitution of $1
|
||||
etc. is disallowed, because that would open a secu-
|
||||
rity hole.
|
||||
|
||||
For security reasons, proxied table lookup is not
|
||||
For security reasons, proxied table lookup is not
|
||||
allowed, because that would open a security hole.
|
||||
|
||||
<b>Locking</b> <b>controls</b>
|
||||
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>lock</b>
|
||||
How to lock UNIX-style mailboxes: one or more of
|
||||
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
|
||||
requires that the recipient UID or GID has write
|
||||
How to lock UNIX-style mailboxes: one or more of
|
||||
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
|
||||
requires that the recipient UID or GID has write
|
||||
access to the parent directory of the mailbox file.
|
||||
|
||||
This setting is ignored with <b>maildir</b> style deliv-
|
||||
This setting is ignored with <b>maildir</b> style deliv-
|
||||
ery, because such deliveries are safe without
|
||||
explicit locks.
|
||||
|
||||
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
|
||||
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
|
||||
ing methods are available on your system.
|
||||
|
||||
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>attempts</b>
|
||||
Limit the number of attempts to acquire an exclu-
|
||||
Limit the number of attempts to acquire an exclu-
|
||||
sive lock on a UNIX-style mailbox file.
|
||||
|
||||
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>delay</b>
|
||||
Time (default: seconds) between successive attempts
|
||||
to acquire an exclusive lock on a UNIX-style mail-
|
||||
box file. The actual delay is slightly randomized.
|
||||
to acquire an exclusive lock on a UNIX-style mail-
|
||||
box file. The actual delay is slightly randomized.
|
||||
|
||||
<b>stale</b><i>_</i><b>lock</b><i>_</i><b>time</b>
|
||||
Limit the time after which a stale lockfile is
|
||||
removed (applicable to UNIX-style mailboxes only).
|
||||
Limit the time after which a stale lockfile is
|
||||
removed (applicable to UNIX-style mailboxes only).
|
||||
|
||||
<b>Resource</b> <b>controls</b>
|
||||
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
|
||||
Limit the number of parallel deliveries to the same
|
||||
domain via the <b>virtual</b> delivery agent. The default
|
||||
limit is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>concur-</b>
|
||||
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
|
||||
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
|
||||
the Postfix queue manager.
|
||||
|
||||
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
|
||||
Limit the number of recipients per message delivery
|
||||
via the <b>virtual</b> delivery agent. The default limit
|
||||
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
|
||||
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
|
||||
via the <b>virtual</b> delivery agent. The default limit
|
||||
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
|
||||
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
|
||||
Postfix queue manager.
|
||||
|
||||
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
|
||||
The maximal size in bytes of a mailbox or maildir
|
||||
The maximal size in bytes of a mailbox or maildir
|
||||
file. Set to zero to disable the limit.
|
||||
|
||||
<b>HISTORY</b>
|
||||
This agent was originally based on the Postfix local
|
||||
This agent was originally based on the Postfix local
|
||||
delivery agent. Modifications mainly consisted of removing
|
||||
code that either was not applicable or that was not safe
|
||||
in this context: aliases, ~user/.forward files, delivery
|
||||
code that either was not applicable or that was not safe
|
||||
in this context: aliases, ~user/.forward files, delivery
|
||||
to "|command" or to /file/name.
|
||||
|
||||
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
|
||||
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
|
||||
Daniel Bernstein.
|
||||
|
||||
The <b>maildir</b> structure appears in the <b>qmail</b> system by
|
||||
The <b>maildir</b> structure appears in the <b>qmail</b> system by
|
||||
Daniel Bernstein.
|
||||
|
||||
<b>SEE</b> <b>ALSO</b>
|
||||
|
@ -266,7 +265,7 @@ VIRTUAL(8) VIRTUAL(8)
|
|||
<a href="qmgr.8.html">qmgr(8)</a> queue manager
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
|
|
@ -59,12 +59,12 @@ Do not release root privileges when processing a non-root
|
|||
input file. By default, \fBpostalias\fR drops root privileges
|
||||
and runs as the source file owner instead.
|
||||
.IP "\fB-q \fIkey\fR"
|
||||
Search the specified maps for \fIkey\fR and print the first value
|
||||
found on the standard output stream. The exit status is zero
|
||||
Search the specified maps for \fIkey\fR and write the first value
|
||||
found to the standard output stream. The exit status is zero
|
||||
when the requested information was found.
|
||||
|
||||
If a key value of \fB-\fR is specified, the program reads key
|
||||
values from the standard input stream and prints one line of
|
||||
values from the standard input stream and writes one line of
|
||||
\fIkey: value\fR output for each key that was found. The exit
|
||||
status is zero when at least one of the requested keys was found.
|
||||
.IP \fB-r\fR
|
||||
|
|
|
@ -8,16 +8,23 @@ show Postfix queue file contents
|
|||
.SH SYNOPSIS
|
||||
.na
|
||||
.nf
|
||||
\fBpostcat\fR [\fB-v\fR] [\fIfiles\fR...]
|
||||
\fBpostcat\fR [\fB-vq\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
|
||||
.SH DESCRIPTION
|
||||
.ad
|
||||
.fi
|
||||
The \fBpostcat\fR command prints the contents of the named
|
||||
Postfix queue \fIfiles\fR in human-readable form. If no
|
||||
\fIfiles\fR in human-readable form. The files are expected
|
||||
to be in Postfix queue file format. If no
|
||||
\fIfiles\fR are specified on the command line, the program
|
||||
reads from standard input.
|
||||
|
||||
Options:
|
||||
.IP "\fB-c \fIconfig_dir\fR"
|
||||
The \fBmain.cf\fR configuration file is in the named directory
|
||||
instead of the default configuration directory.
|
||||
.IP \fB-q\fR
|
||||
Search the Postfix queue for the named \fIfiles\fR instead
|
||||
of taking the names literally.
|
||||
.IP \fB-v\fR
|
||||
Enable verbose logging for debugging purposes. Multiple \fB-v\fR
|
||||
options make the software increasingly verbose.
|
||||
|
@ -25,6 +32,24 @@ options make the software increasingly verbose.
|
|||
.ad
|
||||
.fi
|
||||
Problems are reported to the standard error stream.
|
||||
.SH ENVIRONMENT
|
||||
.na
|
||||
.nf
|
||||
.ad
|
||||
.fi
|
||||
.IP \fBMAIL_CONFIG\fR
|
||||
Directory with Postfix configuration files.
|
||||
.SH CONFIGURATION PARAMETERS
|
||||
.na
|
||||
.nf
|
||||
.ad
|
||||
.fi
|
||||
See the Postfix \fBmain.cf\fR file for syntax details and for
|
||||
default values. Use the \fBpostfix reload\fR command after a
|
||||
configuration change.
|
||||
.IP \fBqueue_directory\fR
|
||||
Top-level directory of the Postfix queue. This is also the root
|
||||
directory of Postfix daemons that run chrooted.
|
||||
.SH LICENSE
|
||||
.na
|
||||
.nf
|
||||
|
|
|
@ -80,12 +80,12 @@ Do not release root privileges when processing a non-root
|
|||
input file. By default, \fBpostmap\fR drops root privileges
|
||||
and runs as the source file owner instead.
|
||||
.IP "\fB-q \fIkey\fR"
|
||||
Search the specified maps for \fIkey\fR and print the first value
|
||||
found on the standard output stream. The exit status is zero
|
||||
Search the specified maps for \fIkey\fR and write the first value
|
||||
found to the standard output stream. The exit status is zero
|
||||
when the requested information was found.
|
||||
|
||||
If a key value of \fB-\fR is specified, the program reads key
|
||||
values from the standard input stream and prints one line of
|
||||
values from the standard input stream and writes one line of
|
||||
\fIkey value\fR output for each key that was found. The exit
|
||||
status is zero when at least one of the requested keys was found.
|
||||
.IP \fB-r\fR
|
||||
|
|
|
@ -39,7 +39,7 @@ the lookups are done in a slightly different way as described below.
|
|||
.nf
|
||||
.ad
|
||||
.fi
|
||||
The format of the access table is as follows:
|
||||
The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
.IP "\fIpattern action\fR"
|
||||
When \fIpattern\fR matches a mail address, domain or host address,
|
||||
perform the corresponding \fIaction\fR.
|
||||
|
@ -55,8 +55,8 @@ starts with whitespace continues a logical line.
|
|||
.ad
|
||||
.fi
|
||||
With lookups from indexed files such as DB or DBM, or from networked
|
||||
tables such as NIS, LDAP or SQL, the following lookup patterns are
|
||||
examined in the order as listed:
|
||||
tables such as NIS, LDAP or SQL, patterns are tried in the order as
|
||||
listed below:
|
||||
.IP \fIuser\fR@\fIdomain\fR
|
||||
Matches the specified mail address.
|
||||
.IP \fIdomain.tld\fR
|
||||
|
@ -106,6 +106,11 @@ order to match subdomains.
|
|||
.IP \fInet\fR
|
||||
Matches any host address in the specified network. A network
|
||||
address is a sequence of one or more octets separated by ".".
|
||||
|
||||
Note: CIDR notation (network/netmask) is not supported with
|
||||
lookups from indexed files such as DB or DBM, or from networked
|
||||
tables such as NIS,
|
||||
LDAP or SQL.
|
||||
.SH ACTIONS
|
||||
.na
|
||||
.nf
|
||||
|
|
|
@ -39,9 +39,12 @@ A logical line starts with non-whitespace text. A line that
|
|||
starts with whitespace continues a logical line.
|
||||
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
|
||||
.IP "\fBendif\fR"
|
||||
Examine the lines between \fBif\fR..\fBendif\fR only if
|
||||
\fIpattern\fR matches. The \fBif\fR..\fBendif\fR can nest.
|
||||
Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
|
||||
Match the search string against the patterns between \fBif\fR
|
||||
and \fBendif\fR, if and only if the search string matches
|
||||
\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
|
||||
.sp
|
||||
Note: do not prepend whitespace to patterns inside
|
||||
\fBif\fR..\fBendif\fR.
|
||||
.PP
|
||||
Each pattern is a perl-like regular expression. The expression
|
||||
delimiter can be any character, except whitespace or characters
|
||||
|
@ -119,7 +122,7 @@ or $(n) if they aren't followed by whitespace.
|
|||
.na
|
||||
.nf
|
||||
# Protect your outgoing majordomo exploders
|
||||
/^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
|
||||
/^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
|
||||
|
||||
# Bounce friend@whatever, except when whatever is our domain (you would
|
||||
# be better just bouncing all friend@ mail - this is just an example).
|
||||
|
|
|
@ -41,10 +41,12 @@ starts with whitespace continues a logical line.
|
|||
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
|
||||
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
|
||||
.IP "\fBendif\fR"
|
||||
Examine the lines between \fBif\fR..\fBendif\fR only if
|
||||
\fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
|
||||
can nest.
|
||||
Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
|
||||
Match the search string against the patterns between \fBif\fR
|
||||
and \fBendif\fR, if and only if the search string matches (does
|
||||
not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
|
||||
.sp
|
||||
Note: do not prepend whitespace to patterns inside
|
||||
\fBif\fR..\fBendif\fR.
|
||||
.PP
|
||||
Each pattern is a regular expression enclosed by a pair of delimiters.
|
||||
The regular expression syntax is described in \fIre_format\fR(7).
|
||||
|
|
|
@ -35,11 +35,11 @@ Table lookups are case insensitive.
|
|||
.nf
|
||||
.ad
|
||||
.fi
|
||||
The format of the table is as follows:
|
||||
The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
.IP \(bu
|
||||
An entry has one of the following form:
|
||||
.ti +5
|
||||
\fIkey new_location\fR
|
||||
\fIpattern new_location\fR
|
||||
.br
|
||||
Where \fInew_location\fR specifies contact information such as
|
||||
an email address, or perhaps a street address or telephone number.
|
||||
|
@ -51,8 +51,8 @@ A logical line starts with non-whitespace text. A line that
|
|||
starts with whitespace continues a logical line.
|
||||
.PP
|
||||
With lookups from indexed files such as DB or DBM, or from networked
|
||||
tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
|
||||
following:
|
||||
tables such as NIS, LDAP or SQL, patterns are tried in the order as
|
||||
listed below:
|
||||
.IP \fIuser\fR@\fIdomain\fR
|
||||
Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
|
||||
other forms.
|
||||
|
|
|
@ -20,6 +20,21 @@ The optional \fBtransport\fR table specifies a mapping from email
|
|||
addresses to message delivery transports and/or relay hosts. The
|
||||
mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
|
||||
|
||||
This mapping overrides the default routing that is built into
|
||||
Postfix:
|
||||
.IP \fBmydestination\fR
|
||||
A list of domains that is by default delivered via
|
||||
\fB$local_transport\fR.
|
||||
.IP \fBvirtual_mailbox_domains\fR
|
||||
A list of domains that is by default delivered via
|
||||
\fB$virtual_transport\fR.
|
||||
.IP \fBrelay_domains\fR
|
||||
A list of domains that is by default delivered via
|
||||
\fB$relay_transport\fR.
|
||||
.IP "any other destination"
|
||||
Mail for any other destination is by default delivered via
|
||||
\fB$default_transport\fR.
|
||||
.PP
|
||||
Normally, the \fBtransport\fR table is specified as a text file
|
||||
that serves as input to the \fBpostmap\fR(1) command.
|
||||
The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
|
||||
|
@ -39,7 +54,7 @@ in section "REGULAR EXPRESSION TABLES".
|
|||
.nf
|
||||
.ad
|
||||
.fi
|
||||
The format of the transport table is as follows:
|
||||
The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
.IP "\fIpattern result\fR"
|
||||
When \fIpattern\fR matches the recipient address or domain, use the
|
||||
corresponding \fIresult\fR.
|
||||
|
|
|
@ -88,6 +88,8 @@ of idle time.
|
|||
The proxymap server opens only tables that are approved via the
|
||||
\fBproxy_read_maps\fR configuration parameter, does not talk to
|
||||
users, and can run at fixed low privilege, chrooted or not.
|
||||
However, running the proxymap server chrooted severely limits
|
||||
usability, because it can open only chrooted tables.
|
||||
|
||||
The proxymap server is not a trusted daemon process, and must
|
||||
not be used to look up sensitive information such as user or
|
||||
|
|
|
@ -27,10 +27,6 @@ The SMTP client looks up a list of mail exchanger addresses for
|
|||
the destination host, sorts the list by preference, and connects
|
||||
to each listed address until it finds a server that responds.
|
||||
|
||||
When the domain or host is specified as a comma/whitespace
|
||||
separated list, the SMTP client repeats the above process
|
||||
for all destinations until it finds a server that responds.
|
||||
|
||||
Once the SMTP client has received the server greeting banner, no
|
||||
error will cause it to proceed to the next address on the mail
|
||||
exchanger list. Instead, the message is either bounced, or its
|
||||
|
|
|
@ -73,7 +73,7 @@ a configuration change.
|
|||
Disallow non-RFC 821 style addresses in SMTP commands. For example,
|
||||
the RFC822-style address forms with comments that Sendmail allows.
|
||||
.IP \fBbroken_sasl_auth_clients\fR
|
||||
Support older Microsoft clients that mis-implement the AUTH
|
||||
Support Microsoft clients that implement an older version of the AUTH
|
||||
protocol, and that expect an EHLO response of "250 AUTH=list"
|
||||
instead of "250 AUTH list".
|
||||
.IP \fBsmtpd_noop_commands\fR
|
||||
|
@ -87,7 +87,7 @@ either bounces mail or re-injects the result back into Postfix.
|
|||
This parameter uses the same syntax as the right-hand side of
|
||||
a Postfix transport table.
|
||||
.SH "Authentication controls"
|
||||
.IP \fBenable_sasl_authentication\fR
|
||||
.IP \fBsmtpd_sasl_auth_enable\fR
|
||||
Enable per-session authentication as per RFC 2554 (SASL).
|
||||
This functionality is available only when explicitly selected
|
||||
at program build time and explicitly enabled at runtime.
|
||||
|
|
|
@ -84,9 +84,9 @@ The process privileges used while not running an external command.
|
|||
.SH Resource control
|
||||
.ad
|
||||
.fi
|
||||
.IP \fIservice\fB_command_time_limit\fR
|
||||
.IP \fIservice\fB_time_limit\fR
|
||||
The amount of time the command is allowed to run before it is
|
||||
killed with force. The \fIservice\fR name is the name of the entry
|
||||
killed with force. \fIservice\fR is the first field of the entry
|
||||
in the \fBmaster.cf\fR file. The default time limit is given by the
|
||||
global \fBcommand_time_limit\fR configuration parameter.
|
||||
.SH SEE ALSO
|
||||
|
|
|
@ -166,7 +166,7 @@ delivery agent. This uses the same syntax as the \fBmydestination\fR
|
|||
configuration parameter.
|
||||
.IP \fBvirtual_minimum_uid\fR
|
||||
Specifies a minimum uid that will be accepted as a return from
|
||||
a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
|
||||
a \fBvirtual_uid_maps\fR lookup.
|
||||
Returned values less than this will be rejected, and the message
|
||||
will be deferred.
|
||||
.IP \fBvirtual_uid_maps\fR
|
||||
|
|
|
@ -81,36 +81,37 @@
|
|||
# The built-in default directory name is the current directory.
|
||||
# This parameter setting is not recorded in the installed main.cf file.
|
||||
# .IP config_directory
|
||||
# The destination directory for Postfix configuration files.
|
||||
# The final destination directory for Postfix configuration files.
|
||||
# The built-in default directory name is /etc/postfix.
|
||||
# This parameter setting is not recorded in the installed main.cf file.
|
||||
# This parameter setting is not recorded in the installed main.cf file
|
||||
# and can be changed only by recompiling Postfix.
|
||||
# .IP daemon_directory
|
||||
# The destination directory for Postfix daemon programs. This directory
|
||||
# should not be in the command search path of any users.
|
||||
# The final destination directory for Postfix daemon programs. This
|
||||
# directory should not be in the command search path of any users.
|
||||
# The built-in default directory name is /usr/libexec/postfix.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
# .IP command_directory
|
||||
# The destination directory for Postfix administrative commands. This
|
||||
# directory should be in the command search path of adminstrative users.
|
||||
# The built-in default directory name is system dependent.
|
||||
# The final destination directory for Postfix administrative commands.
|
||||
# This directory should be in the command search path of adminstrative
|
||||
# users. The built-in default directory name is system dependent.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
# .IP queue_directory
|
||||
# The destination directory for Postfix queues.
|
||||
# The final destination directory for Postfix queues.
|
||||
# The built-in default directory name is /var/spool/postfix.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
# .IP sendmail_path
|
||||
# The full destination pathname for the Postfix sendmail command.
|
||||
# The final destination pathname for the Postfix sendmail command.
|
||||
# This is the Sendmail-compatible mail posting interface.
|
||||
# The built-in default pathname is system dependent.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
# .IP newaliases_path
|
||||
# The full destination pathname for the Postfix newaliases command.
|
||||
# The final destination pathname for the Postfix newaliases command.
|
||||
# This is the Sendmail-compatible command to build alias databases
|
||||
# for the Postfix local delivery agent.
|
||||
# The built-in default pathname is system dependent.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
# .IP mailq_path
|
||||
# The full destination pathname for the Postfix mailq command.
|
||||
# The final destination pathname for the Postfix mailq command.
|
||||
# This is the Sendmail-compatible command to list the mail queue.
|
||||
# The built-in default pathname is system dependent.
|
||||
# This parameter setting is recorded in the installed main.cf file.
|
||||
|
@ -286,30 +287,30 @@ distribution to other machines."
|
|||
tempdir_prompt="a directory for scratch files while installing
|
||||
Postfix. You must have write permission in this directory."
|
||||
|
||||
config_directory_prompt="the destination directory for installed
|
||||
Postfix configuration files."
|
||||
config_directory_prompt="the final destination directory for
|
||||
installed Postfix configuration files."
|
||||
|
||||
daemon_directory_prompt="the destination directory for installed
|
||||
Postfix daemon programs. This directory should not be in the
|
||||
command search path of any users."
|
||||
daemon_directory_prompt="the final destination directory for
|
||||
installed Postfix daemon programs. This directory should not be
|
||||
in the command search path of any users."
|
||||
|
||||
command_directory_prompt="the destination directory for installed
|
||||
Postfix administrative commands. This directory should be in the
|
||||
command search path of adminstrative users."
|
||||
command_directory_prompt="the final destination directory for
|
||||
installed Postfix administrative commands. This directory should
|
||||
be in the command search path of adminstrative users."
|
||||
|
||||
queue_directory_prompt="the destination directory for Postfix
|
||||
queue_directory_prompt="the final destination directory for Postfix
|
||||
queues."
|
||||
|
||||
sendmail_path_prompt="the full destination pathname for the installed
|
||||
Postfix sendmail command. This is the Sendmail-compatible mail
|
||||
posting interface."
|
||||
sendmail_path_prompt="the final destination pathname for the
|
||||
installed Postfix sendmail command. This is the Sendmail-compatible
|
||||
mail posting interface."
|
||||
|
||||
newaliases_path_prompt="the full destination pathname for the
|
||||
newaliases_path_prompt="the final destination pathname for the
|
||||
installed Postfix newaliases command. This is the Sendmail-compatible
|
||||
command to build alias databases for the Postfix local delivery
|
||||
agent."
|
||||
|
||||
mailq_path_prompt="the full destination pathname for the installed
|
||||
mailq_path_prompt="the final destination pathname for the installed
|
||||
Postfix mailq command. This is the Sendmail-compatible mail queue
|
||||
listing command."
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
# TABLE FORMAT
|
||||
# .ad
|
||||
# .fi
|
||||
# The format of the access table is as follows:
|
||||
# The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
# .IP "\fIpattern action\fR"
|
||||
# When \fIpattern\fR matches a mail address, domain or host address,
|
||||
# perform the corresponding \fIaction\fR.
|
||||
|
@ -45,8 +45,8 @@
|
|||
# .ad
|
||||
# .fi
|
||||
# With lookups from indexed files such as DB or DBM, or from networked
|
||||
# tables such as NIS, LDAP or SQL, the following lookup patterns are
|
||||
# examined in the order as listed:
|
||||
# tables such as NIS, LDAP or SQL, patterns are tried in the order as
|
||||
# listed below:
|
||||
# .IP \fIuser\fR@\fIdomain\fR
|
||||
# Matches the specified mail address.
|
||||
# .IP \fIdomain.tld\fR
|
||||
|
@ -92,6 +92,11 @@
|
|||
# .IP \fInet\fR
|
||||
# Matches any host address in the specified network. A network
|
||||
# address is a sequence of one or more octets separated by ".".
|
||||
#
|
||||
# Note: CIDR notation (network/netmask) is not supported with
|
||||
# lookups from indexed files such as DB or DBM, or from networked
|
||||
# tables such as NIS,
|
||||
# LDAP or SQL.
|
||||
# ACTIONS
|
||||
# .ad
|
||||
# .fi
|
||||
|
|
|
@ -45,7 +45,7 @@
|
|||
# TABLE FORMAT
|
||||
# .ad
|
||||
# .fi
|
||||
# The format of the \fBcanonical\fR table is as follows:
|
||||
# The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
# .IP "\fIpattern result\fR"
|
||||
# When \fIpattern\fR matches a mail address, replace it by the
|
||||
# corresponding \fIresult\fR.
|
||||
|
|
|
@ -33,9 +33,12 @@
|
|||
# starts with whitespace continues a logical line.
|
||||
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
|
||||
# .IP "\fBendif\fR"
|
||||
# Examine the lines between \fBif\fR..\fBendif\fR only if
|
||||
# \fIpattern\fR matches. The \fBif\fR..\fBendif\fR can nest.
|
||||
# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
|
||||
# Match the search string against the patterns between \fBif\fR
|
||||
# and \fBendif\fR, if and only if the search string matches
|
||||
# \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
|
||||
# .sp
|
||||
# Note: do not prepend whitespace to patterns inside
|
||||
# \fBif\fR..\fBendif\fR.
|
||||
# .PP
|
||||
# Each pattern is a perl-like regular expression. The expression
|
||||
# delimiter can be any character, except whitespace or characters
|
||||
|
@ -111,7 +114,7 @@
|
|||
# or $(n) if they aren't followed by whitespace.
|
||||
# EXAMPLE SMTPD ACCESS MAP
|
||||
# # Protect your outgoing majordomo exploders
|
||||
# /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead
|
||||
# /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead
|
||||
#
|
||||
# # Bounce friend@whatever, except when whatever is our domain (you would
|
||||
# # be better just bouncing all friend@ mail - this is just an example).
|
||||
|
|
|
@ -35,10 +35,12 @@
|
|||
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
|
||||
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
|
||||
# .IP "\fBendif\fR"
|
||||
# Examine the lines between \fBif\fR..\fBendif\fR only if
|
||||
# \fIpattern\fR matches (does not match). The \fBif\fR..\fBendif\fR
|
||||
# can nest.
|
||||
# Do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR.
|
||||
# Match the search string against the patterns between \fBif\fR
|
||||
# and \fBendif\fR, if and only if the search string matches (does
|
||||
# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
|
||||
# .sp
|
||||
# Note: do not prepend whitespace to patterns inside
|
||||
# \fBif\fR..\fBendif\fR.
|
||||
# .PP
|
||||
# Each pattern is a regular expression enclosed by a pair of delimiters.
|
||||
# The regular expression syntax is described in \fIre_format\fR(7).
|
||||
|
|
|
@ -27,11 +27,11 @@
|
|||
# TABLE FORMAT
|
||||
# .ad
|
||||
# .fi
|
||||
# The format of the table is as follows:
|
||||
# The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
# .IP \(bu
|
||||
# An entry has one of the following form:
|
||||
# .ti +5
|
||||
# \fIkey new_location\fR
|
||||
# \fIpattern new_location\fR
|
||||
# .br
|
||||
# Where \fInew_location\fR specifies contact information such as
|
||||
# an email address, or perhaps a street address or telephone number.
|
||||
|
@ -43,8 +43,8 @@
|
|||
# starts with whitespace continues a logical line.
|
||||
# .PP
|
||||
# With lookups from indexed files such as DB or DBM, or from networked
|
||||
# tables such as NIS, LDAP or SQL, the \fIkey\fR field is one of the
|
||||
# following:
|
||||
# tables such as NIS, LDAP or SQL, patterns are tried in the order as
|
||||
# listed below:
|
||||
# .IP \fIuser\fR@\fIdomain\fR
|
||||
# Matches \fIuser\fR@\fIdomain\fR. This form has precedence over all
|
||||
# other forms.
|
||||
|
|
|
@ -14,6 +14,21 @@
|
|||
# addresses to message delivery transports and/or relay hosts. The
|
||||
# mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
|
||||
#
|
||||
# This mapping overrides the default routing that is built into
|
||||
# Postfix:
|
||||
# .IP \fBmydestination\fR
|
||||
# A list of domains that is by default delivered via
|
||||
# \fB$local_transport\fR.
|
||||
# .IP \fBvirtual_mailbox_domains\fR
|
||||
# A list of domains that is by default delivered via
|
||||
# \fB$virtual_transport\fR.
|
||||
# .IP \fBrelay_domains\fR
|
||||
# A list of domains that is by default delivered via
|
||||
# \fB$relay_transport\fR.
|
||||
# .IP "any other destination"
|
||||
# Mail for any other destination is by default delivered via
|
||||
# \fB$default_transport\fR.
|
||||
# .PP
|
||||
# Normally, the \fBtransport\fR table is specified as a text file
|
||||
# that serves as input to the \fBpostmap\fR(1) command.
|
||||
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
|
||||
|
@ -31,7 +46,7 @@
|
|||
# TABLE FORMAT
|
||||
# .ad
|
||||
# .fi
|
||||
# The format of the transport table is as follows:
|
||||
# The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
# .IP "\fIpattern result\fR"
|
||||
# When \fIpattern\fR matches the recipient address or domain, use the
|
||||
# corresponding \fIresult\fR.
|
||||
|
|
|
@ -47,8 +47,7 @@
|
|||
# TABLE FORMAT
|
||||
# .ad
|
||||
# .fi
|
||||
# The format of the virtual table is as follows, mappings being
|
||||
# tried in the order as listed in this manual page:
|
||||
# The input format for the \fBpostmap\fR(1) command is as follows:
|
||||
# .IP "\fIpattern result\fR"
|
||||
# When \fIpattern\fR matches a mail address, replace it by the
|
||||
# corresponding \fIresult\fR.
|
||||
|
@ -129,9 +128,9 @@
|
|||
# .fi
|
||||
# .sp
|
||||
# The \fIvirtual-alias.domain anything\fR entry is required for a
|
||||
# virtual alias domain. Without this entry, mail is rejected
|
||||
# virtual alias domain. \fBWithout this entry, mail is rejected
|
||||
# with "relay access denied", or bounces with
|
||||
# "mail loops back to myself".
|
||||
# "mail loops back to myself".\fR
|
||||
#
|
||||
# Do not specify virtual alias domain names in the \fBmain.cf
|
||||
# mydestination\fR or \fBrelay_domains\fR configuration parameters.
|
||||
|
|
|
@ -126,6 +126,7 @@ bounce_notify_util.o: ../../include/vstring.h
|
|||
bounce_notify_util.o: ../../include/vbuf.h
|
||||
bounce_notify_util.o: ../../include/vstream.h
|
||||
bounce_notify_util.o: ../../include/line_wrap.h
|
||||
bounce_notify_util.o: ../../include/stringops.h
|
||||
bounce_notify_util.o: ../../include/mail_queue.h
|
||||
bounce_notify_util.o: ../../include/quote_822_local.h
|
||||
bounce_notify_util.o: ../../include/quote_flags.h
|
||||
|
|
|
@ -151,6 +151,7 @@
|
|||
#include <vstring.h>
|
||||
#include <vstream.h>
|
||||
#include <line_wrap.h>
|
||||
#include <stringops.h>
|
||||
|
||||
/* Global library. */
|
||||
|
||||
|
|
|
@ -160,8 +160,11 @@ static void cleanup_extracted_process(CLEANUP_STATE *state, int type, char *buf,
|
|||
myfree(state->orig_rcpt);
|
||||
state->orig_rcpt = 0;
|
||||
return;
|
||||
} else if (type == REC_TYPE_DONE) {
|
||||
return;
|
||||
} else if (type == REC_TYPE_ORCP) {
|
||||
state->orig_rcpt = mystrdup(buf);
|
||||
return;
|
||||
}
|
||||
if (type != REC_TYPE_END) {
|
||||
cleanup_out(state, type, buf, len);
|
||||
|
|
|
@ -73,8 +73,11 @@ void cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
|
|||
* onto the same mailbox. The recipient will use our original recipient
|
||||
* message header to figure things out.
|
||||
*/
|
||||
#define STREQ(x, y) (strcmp((x), (y)) == 0)
|
||||
|
||||
if (cleanup_virt_alias_maps == 0) {
|
||||
if (been_here(state->dups, "%s\n%s", orcpt, recip) == 0) {
|
||||
if ((STREQ(orcpt, recip) ? been_here(state->dups, "%s", orcpt) :
|
||||
been_here(state->dups, "%s\n%s", orcpt, recip)) == 0) {
|
||||
cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
|
||||
cleanup_out_string(state, REC_TYPE_RCPT, recip);
|
||||
state->rcpt_count++;
|
||||
|
@ -83,7 +86,8 @@ void cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
|
|||
argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
|
||||
cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
|
||||
for (cpp = argv->argv; *cpp; cpp++) {
|
||||
if (been_here(state->dups, "%s\n%s", orcpt, *cpp) == 0) {
|
||||
if ((STREQ(orcpt, *cpp) ? been_here(state->dups, "%s", orcpt) :
|
||||
been_here(state->dups, "%s\n%s", orcpt, *cpp)) == 0) {
|
||||
cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
|
||||
cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
|
||||
state->rcpt_count++;
|
||||
|
|
|
@ -285,33 +285,16 @@ int mail_queue_id_ok(const char *queue_id)
|
|||
{
|
||||
const char *cp;
|
||||
|
||||
if (*queue_id == 0 || strlen(queue_id) > 100)
|
||||
if (*queue_id == 0 || strlen(queue_id) > VALID_HOSTNAME_LEN)
|
||||
return (0);
|
||||
|
||||
/*
|
||||
* OK if in in time+inum form.
|
||||
* OK if in time+inum form or in host_domain_tld form.
|
||||
*/
|
||||
for (cp = queue_id; /* void */ ; cp++) {
|
||||
if (*cp == 0)
|
||||
return (1);
|
||||
if (!ISALNUM(*cp))
|
||||
break;
|
||||
}
|
||||
|
||||
/*
|
||||
* BAD if in time.pid form.
|
||||
*/
|
||||
for (cp = queue_id; /* void */ ; cp++) {
|
||||
if (*cp == 0)
|
||||
for (cp = queue_id; *cp; cp++)
|
||||
if (!ISALNUM(*cp) && *cp != '_')
|
||||
return (0);
|
||||
if (!ISDIGIT(*cp) && *cp != '.')
|
||||
break;
|
||||
}
|
||||
|
||||
/*
|
||||
* OK if in valid hostname form.
|
||||
*/
|
||||
return (valid_hostname(queue_id, DO_GRIPE));
|
||||
return (1);
|
||||
}
|
||||
|
||||
/* mail_queue_enter - make mail queue entry with locally-unique name */
|
||||
|
|
|
@ -83,6 +83,7 @@
|
|||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <utime.h>
|
||||
|
||||
/* Utility library. */
|
||||
|
||||
|
@ -110,9 +111,10 @@ static VSTRING *id_buf;
|
|||
|
||||
/* mail_stream_cleanup - clean up after success or failure */
|
||||
|
||||
void mail_stream_cleanup(MAIL_STREAM * info)
|
||||
void mail_stream_cleanup(MAIL_STREAM *info)
|
||||
{
|
||||
FREE_AND_WIPE(info->close, info->stream);
|
||||
FREE_AND_WIPE(myfree, info->queue);
|
||||
FREE_AND_WIPE(myfree, info->id);
|
||||
FREE_AND_WIPE(myfree, info->class);
|
||||
FREE_AND_WIPE(myfree, info->service);
|
||||
|
@ -121,10 +123,17 @@ void mail_stream_cleanup(MAIL_STREAM * info)
|
|||
|
||||
/* mail_stream_finish_file - finish file mail stream */
|
||||
|
||||
static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
|
||||
static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why)
|
||||
{
|
||||
int status = 0;
|
||||
static char wakeup[] = {TRIGGER_REQ_WAKEUP};
|
||||
struct stat st;
|
||||
time_t now;
|
||||
struct utimbuf tbuf;
|
||||
char *path_to_reset = 0;
|
||||
static int incoming_fs_clock_ok = 0;
|
||||
static int incoming_clock_warned = 0;
|
||||
int check_incoming_fs_clock;
|
||||
|
||||
/*
|
||||
* Make sure the message makes it to file. Set the execute bit when no
|
||||
|
@ -137,15 +146,50 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
|
|||
* as are files with unknown record type codes. Every Postfix queue file
|
||||
* must end with an explicit END record. Postfix queue files without END
|
||||
* record are discarded.
|
||||
*
|
||||
* Attempt to detect file system clocks that are ahead of local time, but
|
||||
* don't check the file system clock all the time. The effect of file
|
||||
* system clock drift can be difficult to understand (Postfix ignores new
|
||||
* mail until the next queue run).
|
||||
*
|
||||
* This clock drift detection code may not work with file systems that work
|
||||
* on a local copy of the file and that update the server only after the
|
||||
* file is closed.
|
||||
*/
|
||||
check_incoming_fs_clock =
|
||||
(!incoming_fs_clock_ok && !strcmp(info->queue, MAIL_QUEUE_INCOMING));
|
||||
|
||||
if (vstream_fflush(info->stream)
|
||||
|| fchmod(vstream_fileno(info->stream), 0700 | info->mode)
|
||||
#ifdef HAS_FSYNC
|
||||
|| fsync(vstream_fileno(info->stream))
|
||||
#endif
|
||||
|| (check_incoming_fs_clock
|
||||
&& fstat(vstream_fileno(info->stream), &st) < 0)
|
||||
)
|
||||
status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE);
|
||||
|
||||
#ifdef TEST
|
||||
st.st_mtime += 10;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Work around file system clocks that are ahead of local time.
|
||||
*/
|
||||
if (status == CLEANUP_STAT_OK && check_incoming_fs_clock) {
|
||||
if (st.st_mtime <= time(&now)) {
|
||||
incoming_fs_clock_ok = 1;
|
||||
} else {
|
||||
path_to_reset = mystrdup(VSTREAM_PATH(info->stream));
|
||||
if (incoming_clock_warned == 0) {
|
||||
msg_warn("file system clock is %d seconds ahead of local clock",
|
||||
(int) (st.st_mtime - now));
|
||||
msg_warn("resetting file time stamps - this hurts performance");
|
||||
incoming_clock_warned = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Close the queue file and mark it as closed. Be prepared for
|
||||
* vstream_fclose() to fail even after vstream_fflush() and fsync()
|
||||
|
@ -158,6 +202,16 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
|
|||
status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE);
|
||||
info->stream = 0;
|
||||
|
||||
/*
|
||||
* Work around file system clocks that are ahead of local time.
|
||||
*/
|
||||
if (path_to_reset != 0) {
|
||||
tbuf.actime = tbuf.modtime = now;
|
||||
if (utime(path_to_reset, &tbuf) < 0 && errno != ENOENT)
|
||||
msg_fatal("%s: update file time stamps: %m", info->id);
|
||||
myfree(path_to_reset);
|
||||
}
|
||||
|
||||
/*
|
||||
* When all is well, notify the next service that a new message has been
|
||||
* queued.
|
||||
|
@ -174,7 +228,7 @@ static int mail_stream_finish_file(MAIL_STREAM * info, VSTRING *unused_why)
|
|||
|
||||
/* mail_stream_finish_ipc - finish IPC mail stream */
|
||||
|
||||
static int mail_stream_finish_ipc(MAIL_STREAM * info, VSTRING *why)
|
||||
static int mail_stream_finish_ipc(MAIL_STREAM *info, VSTRING *why)
|
||||
{
|
||||
int status = CLEANUP_STAT_WRITE;
|
||||
|
||||
|
@ -199,7 +253,7 @@ static int mail_stream_finish_ipc(MAIL_STREAM * info, VSTRING *why)
|
|||
|
||||
/* mail_stream_finish - finish action */
|
||||
|
||||
int mail_stream_finish(MAIL_STREAM * info, VSTRING *why)
|
||||
int mail_stream_finish(MAIL_STREAM *info, VSTRING *why)
|
||||
{
|
||||
return (info->finish(info, why));
|
||||
}
|
||||
|
@ -220,6 +274,7 @@ MAIL_STREAM *mail_stream_file(const char *queue, const char *class,
|
|||
info->stream = stream;
|
||||
info->finish = mail_stream_finish_file;
|
||||
info->close = vstream_fclose;
|
||||
info->queue = mystrdup(queue);
|
||||
info->id = mystrdup(basename(VSTREAM_PATH(stream)));
|
||||
info->class = mystrdup(class);
|
||||
info->service = mystrdup(service);
|
||||
|
@ -247,6 +302,7 @@ MAIL_STREAM *mail_stream_service(const char *class, const char *name)
|
|||
info->stream = stream;
|
||||
info->finish = mail_stream_finish_ipc;
|
||||
info->close = vstream_fclose;
|
||||
info->queue = 0;
|
||||
info->id = mystrdup(vstring_str(id_buf));
|
||||
info->class = 0;
|
||||
info->service = 0;
|
||||
|
@ -297,6 +353,7 @@ MAIL_STREAM *mail_stream_command(const char *command)
|
|||
info->stream = stream;
|
||||
info->finish = mail_stream_finish_ipc;
|
||||
info->close = vstream_pclose;
|
||||
info->queue = 0;
|
||||
info->id = mystrdup(vstring_str(id_buf));
|
||||
info->class = 0;
|
||||
info->service = 0;
|
||||
|
|
|
@ -27,6 +27,7 @@ typedef int (*MAIL_STREAM_CLOSE_FN) (VSTREAM *);
|
|||
|
||||
struct MAIL_STREAM {
|
||||
VSTREAM *stream; /* file or pipe or socket */
|
||||
char *queue; /* (initial) queue name */
|
||||
char *id; /* queue id */
|
||||
MAIL_STREAM_FINISH_FN finish; /* finish code */
|
||||
MAIL_STREAM_CLOSE_FN close; /* close stream */
|
||||
|
|
|
@ -20,10 +20,10 @@
|
|||
* Patches change the patchlevel and the release date. Snapshots change the
|
||||
* release date only, unless they include the same bugfix as a patch release.
|
||||
*/
|
||||
#define MAIL_RELEASE_DATE "20030305"
|
||||
#define MAIL_RELEASE_DATE "20040312"
|
||||
|
||||
#define VAR_MAIL_VERSION "mail_version"
|
||||
#define DEF_MAIL_VERSION "2.0.6"
|
||||
#define DEF_MAIL_VERSION "2.0.19"
|
||||
extern char *var_mail_version;
|
||||
|
||||
/*
|
||||
|
|
|
@ -184,14 +184,15 @@ const char *maps_find(MAPS *maps, const char *name, int flags)
|
|||
continue;
|
||||
if ((expansion = dict_get(dict, name)) != 0) {
|
||||
if (msg_verbose)
|
||||
msg_info("%s: %s: %s = %s", myname, *map_name, name, expansion);
|
||||
msg_info("%s: %s: %s: %s = %s", myname, maps->title,
|
||||
*map_name, name, expansion);
|
||||
return (expansion);
|
||||
} else if (dict_errno != 0) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (msg_verbose)
|
||||
msg_info("%s: %s: %s", myname, name, dict_errno ?
|
||||
msg_info("%s: %s: %s: %s", myname, maps->title, name, dict_errno ?
|
||||
"search aborted" : "not found");
|
||||
return (0);
|
||||
}
|
||||
|
|
|
@ -381,11 +381,16 @@ int pipe_command(VSTREAM *src, VSTRING *why,...)
|
|||
*
|
||||
* Turn on non-blocking writes to the child process so that we can enforce
|
||||
* timeouts after partial writes.
|
||||
*
|
||||
* XXX Too much trouble with different systems returning weird write()
|
||||
* results when a pipe is writable.
|
||||
*/
|
||||
if (pipe(cmd_in_pipe) < 0 || pipe(cmd_out_pipe) < 0)
|
||||
msg_fatal("%s: pipe: %m", myname);
|
||||
non_blocking(cmd_out_pipe[1], NON_BLOCKING);
|
||||
#if 0
|
||||
non_blocking(cmd_in_pipe[1], NON_BLOCKING);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Spawn off a child process and irrevocably change privilege to the
|
||||
|
|
|
@ -71,6 +71,13 @@
|
|||
#define REC_TYPE_CONTENT "XLN"
|
||||
#define REC_TYPE_EXTRACT "EDROPreAFIL"
|
||||
|
||||
/*
|
||||
* The subset of inputs that the postdrop command allows.
|
||||
*/
|
||||
#define REC_TYPE_POST_ENVELOPE "MFSRVA"
|
||||
#define REC_TYPE_POST_CONTENT "XLN"
|
||||
#define REC_TYPE_POST_EXTRACT "E"
|
||||
|
||||
/*
|
||||
* The record at the beginning of the envelope segment specifies the message
|
||||
* content size, data offset, and recipient count. These are fixed-width
|
||||
|
|
|
@ -59,8 +59,8 @@
|
|||
/* .IP RESOLVE_CLASS_LOCAL
|
||||
/* The address domain matches $mydestination or $inet_interfaces.
|
||||
/* .IP RESOLVE_CLASS_ALIAS
|
||||
/* The address domain matches $virtual_alias_domains (simulated
|
||||
/* virtual domains, where each address is redirected to a real
|
||||
/* The address domain matches $virtual_alias_domains (virtual
|
||||
/* alias domains, where each address is redirected to a real
|
||||
/* local or remote address).
|
||||
/* .IP RESOLVE_CLASS_VIRTUAL
|
||||
/* The address domain matches $virtual_mailbox_domains (true
|
||||
|
|
|
@ -35,6 +35,5 @@ extern int vsent(const char *, const char *, const char *, const char *,
|
|||
/* P.O. Box 704
|
||||
/* Yorktown Heights, NY 10598, USA
|
||||
/*--*/
|
||||
/**INDENT** Error@17: Unmatched #endif */
|
||||
|
||||
#endif
|
||||
|
|
|
@ -130,6 +130,7 @@ lmtp_connect.o: ../../include/iostuff.h
|
|||
lmtp_connect.o: ../../include/timed_connect.h
|
||||
lmtp_connect.o: ../../include/stringops.h
|
||||
lmtp_connect.o: ../../include/host_port.h
|
||||
lmtp_connect.o: ../../include/sane_connect.h
|
||||
lmtp_connect.o: ../../include/mail_params.h
|
||||
lmtp_connect.o: ../../include/mail_proto.h
|
||||
lmtp_connect.o: ../../include/attr.h
|
||||
|
|
|
@ -337,6 +337,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
|
|||
lmtp_quit(state);
|
||||
lmtp_chat_reset(state);
|
||||
state->session = lmtp_session_free(state->session);
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_lmtp_sasl_enable)
|
||||
lmtp_sasl_cleanup(state);
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -346,6 +350,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
|
|||
else if (lmtp_rset(state) != 0) {
|
||||
lmtp_chat_reset(state);
|
||||
state->session = lmtp_session_free(state->session);
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_lmtp_sasl_enable)
|
||||
lmtp_sasl_cleanup(state);
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -380,6 +388,10 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
|
|||
*/
|
||||
else if (lmtp_lhlo(state) != 0) {
|
||||
state->session = lmtp_session_free(state->session);
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_lmtp_sasl_enable)
|
||||
lmtp_sasl_cleanup(state);
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -53,7 +53,6 @@ typedef struct LMTP_STATE {
|
|||
sasl_callback_t *sasl_callbacks; /* stateful callbacks */
|
||||
#endif
|
||||
int sndbufsize; /* total window size */
|
||||
int sndbuffree; /* remaining window */
|
||||
int reuse; /* connection being reused */
|
||||
} LMTP_STATE;
|
||||
|
||||
|
|
|
@ -93,6 +93,7 @@
|
|||
#include <timed_connect.h>
|
||||
#include <stringops.h>
|
||||
#include <host_port.h>
|
||||
#include <sane_connect.h>
|
||||
|
||||
/* Global library. */
|
||||
|
||||
|
@ -221,7 +222,7 @@ static LMTP_SESSION *lmtp_connect_sock(int sock, struct sockaddr * sa, int len,
|
|||
non_blocking(sock, BLOCKING);
|
||||
errno = saved_errno;
|
||||
} else {
|
||||
conn_stat = connect(sock, sa, len);
|
||||
conn_stat = sane_connect(sock, sa, len);
|
||||
}
|
||||
if (conn_stat < 0) {
|
||||
vstring_sprintf(why, "connect to %s[%s]: %m",
|
||||
|
@ -320,7 +321,7 @@ static char *lmtp_parse_destination(const char *destination, char *def_service,
|
|||
* aren't going to have lmtp defined as a service, use a default value
|
||||
* instead of just blowing up.
|
||||
*/
|
||||
if ((port = atoi(service)) != 0)
|
||||
if (alldig(service) && (port = atoi(service)) != 0)
|
||||
*portp = htons(port);
|
||||
else if ((sp = getservbyname(service, protocol)) != 0)
|
||||
*portp = sp->s_port;
|
||||
|
|
|
@ -225,6 +225,7 @@ int lmtp_lhlo(LMTP_STATE *state)
|
|||
* LMTP server. Otherwise, we might do the wrong thing when the server
|
||||
* advertises a really huge message size limit.
|
||||
*/
|
||||
state->features = 0;
|
||||
lines = resp->str;
|
||||
(void) mystrtok(&lines, "\n");
|
||||
while ((words = mystrtok(&lines, "\n")) != 0) {
|
||||
|
@ -244,11 +245,6 @@ int lmtp_lhlo(LMTP_STATE *state)
|
|||
if (msg_verbose)
|
||||
msg_info("server features: 0x%x", state->features);
|
||||
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
|
||||
return (lmtp_sasl_helo_login(state));
|
||||
#endif
|
||||
|
||||
/*
|
||||
* We use LMTP command pipelining if the server said it supported it.
|
||||
* Since we use blocking I/O, RFC 2197 says that we should inspect the
|
||||
|
@ -274,6 +270,11 @@ int lmtp_lhlo(LMTP_STATE *state)
|
|||
} else
|
||||
state->sndbufsize = 0;
|
||||
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
|
||||
return (lmtp_sasl_helo_login(state));
|
||||
#endif
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -703,8 +704,8 @@ static int lmtp_loop(LMTP_STATE *state, int send_state, int recv_state)
|
|||
/*
|
||||
* Copy the next command to the buffer and update the sender state.
|
||||
*/
|
||||
if (state->sndbuffree > 0)
|
||||
state->sndbuffree -= VSTRING_LEN(next_command) + 2;
|
||||
if (sndbuffree > 0)
|
||||
sndbuffree -= VSTRING_LEN(next_command) + 2;
|
||||
lmtp_chat_cmd(state, "%s", vstring_str(next_command));
|
||||
send_state = next_state;
|
||||
send_rcpt = next_rcpt;
|
||||
|
|
|
@ -36,7 +36,7 @@
|
|||
/* authentication.
|
||||
/*
|
||||
/* lmtp_sasl_passwd_lookup() looks up the username/password
|
||||
/* for the current SMTP server. The result is zero in case
|
||||
/* for the current LMTP server. The result is zero in case
|
||||
/* of failure.
|
||||
/*
|
||||
/* lmtp_sasl_authenticate() implements the SASL authentication
|
||||
|
@ -47,7 +47,7 @@
|
|||
/* suceeds.
|
||||
/*
|
||||
/* lmtp_sasl_cleanup() cleans up. It must be called at the
|
||||
/* end of every SMTP session that uses SASL authentication.
|
||||
/* end of every LMTP session that uses SASL authentication.
|
||||
/* This routine is a noop for non-SASL sessions.
|
||||
/*
|
||||
/* Arguments:
|
||||
|
@ -369,7 +369,7 @@ void lmtp_sasl_start(LMTP_STATE *state)
|
|||
#define NULL_SERVER_ADDR ((char *) 0)
|
||||
#define NULL_CLIENT_ADDR ((char *) 0)
|
||||
|
||||
if (SASL_CLIENT_NEW("smtp", state->session->host,
|
||||
if (SASL_CLIENT_NEW("lmtp", state->session->host,
|
||||
NULL_CLIENT_ADDR, NULL_SERVER_ADDR,
|
||||
state->sasl_callbacks, NULL_SECFLAGS,
|
||||
(sasl_conn_t **) &state->sasl_conn) != SASL_OK)
|
||||
|
|
|
@ -80,7 +80,6 @@ LMTP_STATE *lmtp_state_alloc(void)
|
|||
lmtp_sasl_connect(state);
|
||||
#endif
|
||||
state->sndbufsize = 0;
|
||||
state->sndbuffree = 0;
|
||||
state->reuse = 0;
|
||||
return (state);
|
||||
}
|
||||
|
|
|
@ -462,6 +462,7 @@ token.o: ../../include/tok822.h
|
|||
token.o: ../../include/resolve_clnt.h
|
||||
token.o: ../../include/mail_params.h
|
||||
token.o: ../../include/bounce.h
|
||||
token.o: ../../include/defer.h
|
||||
token.o: local.h
|
||||
token.o: ../../include/been_here.h
|
||||
token.o: ../../include/deliver_request.h
|
||||
|
|
|
@ -98,6 +98,7 @@
|
|||
#include <tok822.h>
|
||||
#include <mail_params.h>
|
||||
#include <bounce.h>
|
||||
#include <defer.h>
|
||||
|
||||
/* Application-specific. */
|
||||
|
||||
|
@ -207,6 +208,10 @@ int deliver_token_stream(LOCAL_STATE state, USER_ATTR usr_attr,
|
|||
break;
|
||||
}
|
||||
}
|
||||
if (vstream_ferror(fp))
|
||||
status = defer_append(BOUNCE_FLAG_KEEP,
|
||||
BOUNCE_ATTR(state.msg_attr),
|
||||
"error reading .forward file: %m");
|
||||
vstring_free(buf);
|
||||
return (status);
|
||||
}
|
||||
|
|
|
@ -121,8 +121,19 @@ static void master_sigchld(int sig, int code, struct sigcontext * scp)
|
|||
|
||||
static void master_sigchld(int unused_sig)
|
||||
{
|
||||
int saved_errno = errno;
|
||||
|
||||
/*
|
||||
* WARNING WARNING WARNING.
|
||||
*
|
||||
* This code runs at unpredictable moments, as a signal handler. Don't put
|
||||
* any code here other than for setting a global flag, or code that is
|
||||
* intended to be run within a signal handler. Restore errno in case we
|
||||
* are interrupting the epilog of a failed system call.
|
||||
*/
|
||||
if (write(SIG_PIPE_WRITE_FD, "", 1) != 1)
|
||||
msg_warn("write to SIG_PIPE_WRITE_FD failed: %m");
|
||||
errno = saved_errno;
|
||||
}
|
||||
|
||||
/* master_sig_event - called upon return from select() */
|
||||
|
|
|
@ -275,7 +275,7 @@ static void qmgr_deliver_update(int unused_event, char *context)
|
|||
* No problems detected. Mark the transport and queue as alive. The queue
|
||||
* itself won't go away before we dispose of the current queue entry.
|
||||
*/
|
||||
if (status == 0) {
|
||||
if (VSTRING_LEN(reason) == 0) {
|
||||
qmgr_transport_unthrottle(transport);
|
||||
qmgr_queue_unthrottle(queue);
|
||||
}
|
||||
|
|
|
@ -397,6 +397,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
|
|||
message->rcpt_unread--;
|
||||
}
|
||||
} else if (rec_type == REC_TYPE_RCPT) {
|
||||
/* See also below for code setting orig_rcpt. */
|
||||
if (message->rcpt_list.len < recipient_limit) {
|
||||
message->rcpt_unread--;
|
||||
qmgr_rcpt_list_add(&message->rcpt_list, curr_offset,
|
||||
|
@ -467,7 +468,9 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
|
|||
orig_rcpt = 0;
|
||||
}
|
||||
if (rec_type == REC_TYPE_ORCP)
|
||||
orig_rcpt = mystrdup(start);
|
||||
/* See also above for code clearing orig_rcpt. */
|
||||
if (message->rcpt_offset == 0)
|
||||
orig_rcpt = mystrdup(start);
|
||||
} while (rec_type > 0 && rec_type != REC_TYPE_END);
|
||||
|
||||
/*
|
||||
|
|
|
@ -64,6 +64,7 @@ pickup.o: ../../include/vbuf.h
|
|||
pickup.o: ../../include/vstream.h
|
||||
pickup.o: ../../include/set_ugid.h
|
||||
pickup.o: ../../include/safe_open.h
|
||||
pickup.o: ../../include/watchdog.h
|
||||
pickup.o: ../../include/stringops.h
|
||||
pickup.o: ../../include/mail_queue.h
|
||||
pickup.o: ../../include/mail_open_ok.h
|
||||
|
|
|
@ -89,6 +89,7 @@
|
|||
#include <vstream.h>
|
||||
#include <set_ugid.h>
|
||||
#include <safe_open.h>
|
||||
#include <watchdog.h>
|
||||
#include <stringops.h>
|
||||
|
||||
/* Global library. */
|
||||
|
@ -178,6 +179,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
|
|||
if ((type = rec_get(qfile, buf, var_line_limit)) < 0
|
||||
|| strchr(expected, type) == 0)
|
||||
return (file_read_error(info, type));
|
||||
if (msg_verbose)
|
||||
msg_info("%s: read %c %s", info->id, type, vstring_str(buf));
|
||||
if (type == *expected)
|
||||
break;
|
||||
if (type == REC_TYPE_FROM)
|
||||
|
@ -194,6 +197,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
|
|||
info->rcpt = mystrdup(vstring_str(buf));
|
||||
if (type == REC_TYPE_TIME)
|
||||
continue;
|
||||
if (type == REC_TYPE_SIZE)
|
||||
continue;
|
||||
if (type == REC_TYPE_ATTR) {
|
||||
if ((error_text = split_nameval(vstring_str(buf), &attr_name,
|
||||
&attr_value)) != 0) {
|
||||
|
@ -472,6 +477,10 @@ static void pickup_service(char *unused_buf, int unused_len,
|
|||
* still being written, or garbage. Leave it up to the sysadmin to remove
|
||||
* garbage. Keep scanning the queue directory until we stop removing
|
||||
* files from it.
|
||||
*
|
||||
* When we find a file, stroke the watchdog so that it will not bark while
|
||||
* some application is keeping us busy by injecting lots of mail into the
|
||||
* maildrop directory.
|
||||
*/
|
||||
queue_name = MAIL_QUEUE_MAILDROP; /* XXX should be a list */
|
||||
do {
|
||||
|
@ -481,6 +490,7 @@ static void pickup_service(char *unused_buf, int unused_len,
|
|||
if (mail_open_ok(queue_name, id, &info.st, &path) == MAIL_OPEN_YES) {
|
||||
pickup_init(&info);
|
||||
info.path = mystrdup(path);
|
||||
watchdog_pat();
|
||||
if (pickup_file(&info) == REMOVE_MESSAGE_FILE) {
|
||||
if (REMOVE(info.path))
|
||||
msg_warn("remove %s: %m", info.path);
|
||||
|
|
|
@ -53,12 +53,12 @@
|
|||
/* input file. By default, \fBpostalias\fR drops root privileges
|
||||
/* and runs as the source file owner instead.
|
||||
/* .IP "\fB-q \fIkey\fR"
|
||||
/* Search the specified maps for \fIkey\fR and print the first value
|
||||
/* found on the standard output stream. The exit status is zero
|
||||
/* Search the specified maps for \fIkey\fR and write the first value
|
||||
/* found to the standard output stream. The exit status is zero
|
||||
/* when the requested information was found.
|
||||
/*
|
||||
/* If a key value of \fB-\fR is specified, the program reads key
|
||||
/* values from the standard input stream and prints one line of
|
||||
/* values from the standard input stream and writes one line of
|
||||
/* \fIkey: value\fR output for each key that was found. The exit
|
||||
/* status is zero when at least one of the requested keys was found.
|
||||
/* .IP \fB-r\fR
|
||||
|
|
|
@ -65,3 +65,6 @@ postcat.o: ../../include/msg_vstream.h
|
|||
postcat.o: ../../include/vstring_vstream.h
|
||||
postcat.o: ../../include/record.h
|
||||
postcat.o: ../../include/rec_type.h
|
||||
postcat.o: ../../include/mail_queue.h
|
||||
postcat.o: ../../include/mail_conf.h
|
||||
postcat.o: ../../include/mail_params.h
|
||||
|
|
|
@ -4,19 +4,40 @@
|
|||
/* SUMMARY
|
||||
/* show Postfix queue file contents
|
||||
/* SYNOPSIS
|
||||
/* \fBpostcat\fR [\fB-v\fR] [\fIfiles\fR...]
|
||||
/* \fBpostcat\fR [\fB-vq\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...]
|
||||
/* DESCRIPTION
|
||||
/* The \fBpostcat\fR command prints the contents of the named
|
||||
/* Postfix queue \fIfiles\fR in human-readable form. If no
|
||||
/* \fIfiles\fR in human-readable form. The files are expected
|
||||
/* to be in Postfix queue file format. If no
|
||||
/* \fIfiles\fR are specified on the command line, the program
|
||||
/* reads from standard input.
|
||||
/*
|
||||
/* Options:
|
||||
/* .IP "\fB-c \fIconfig_dir\fR"
|
||||
/* The \fBmain.cf\fR configuration file is in the named directory
|
||||
/* instead of the default configuration directory.
|
||||
/* .IP \fB-q\fR
|
||||
/* Search the Postfix queue for the named \fIfiles\fR instead
|
||||
/* of taking the names literally.
|
||||
/* .IP \fB-v\fR
|
||||
/* Enable verbose logging for debugging purposes. Multiple \fB-v\fR
|
||||
/* options make the software increasingly verbose.
|
||||
/* DIAGNOSTICS
|
||||
/* Problems are reported to the standard error stream.
|
||||
/* ENVIRONMENT
|
||||
/* .ad
|
||||
/* .fi
|
||||
/* .IP \fBMAIL_CONFIG\fR
|
||||
/* Directory with Postfix configuration files.
|
||||
/* CONFIGURATION PARAMETERS
|
||||
/* .ad
|
||||
/* .fi
|
||||
/* See the Postfix \fBmain.cf\fR file for syntax details and for
|
||||
/* default values. Use the \fBpostfix reload\fR command after a
|
||||
/* configuration change.
|
||||
/* .IP \fBqueue_directory\fR
|
||||
/* Top-level directory of the Postfix queue. This is also the root
|
||||
/* directory of Postfix daemons that run chrooted.
|
||||
/* LICENSE
|
||||
/* .ad
|
||||
/* .fi
|
||||
|
@ -36,6 +57,7 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
|
||||
/* Utility library. */
|
||||
|
||||
|
@ -49,9 +71,14 @@
|
|||
|
||||
#include <record.h>
|
||||
#include <rec_type.h>
|
||||
#include <mail_queue.h>
|
||||
#include <mail_conf.h>
|
||||
#include <mail_params.h>
|
||||
|
||||
/* Application-specific. */
|
||||
|
||||
#define PC_FLAG_QUEUE (1<<0) /* search queue */
|
||||
|
||||
#define STR vstring_str
|
||||
|
||||
/* postcat - visualize Postfix queue file contents */
|
||||
|
@ -65,13 +92,13 @@ static void postcat(VSTREAM *fp, VSTRING *buffer)
|
|||
int ch;
|
||||
|
||||
#define TEXT_RECORD(rec_type) \
|
||||
(rec_type == REC_TYPE_CONT || rec_type == REC_TYPE_NORM)
|
||||
(rec_type == REC_TYPE_CONT || rec_type == REC_TYPE_NORM)
|
||||
|
||||
/*
|
||||
* See if this is a plausible file.
|
||||
*/
|
||||
if ((ch = VSTREAM_GETC(fp)) != VSTREAM_EOF) {
|
||||
if (ch != REC_TYPE_TIME && ch != REC_TYPE_SIZE) {
|
||||
if (!strchr(REC_TYPE_ENVELOPE, ch)) {
|
||||
msg_warn("%s: input is not a valid queue file", VSTREAM_PATH(fp));
|
||||
return;
|
||||
}
|
||||
|
@ -139,7 +166,8 @@ static void postcat(VSTREAM *fp, VSTRING *buffer)
|
|||
|
||||
static NORETURN usage(char *myname)
|
||||
{
|
||||
msg_fatal("usage: %s [-v] [file(s)...]", myname);
|
||||
msg_fatal("usage: %s [-c config_dir] [-q (access queue)] [-v] [file(s)...]",
|
||||
myname);
|
||||
}
|
||||
|
||||
int main(int argc, char **argv)
|
||||
|
@ -149,6 +177,17 @@ int main(int argc, char **argv)
|
|||
int ch;
|
||||
int fd;
|
||||
struct stat st;
|
||||
int flags = 0;
|
||||
static char *queue_names[] = {
|
||||
MAIL_QUEUE_MAILDROP,
|
||||
MAIL_QUEUE_INCOMING,
|
||||
MAIL_QUEUE_ACTIVE,
|
||||
MAIL_QUEUE_DEFERRED,
|
||||
MAIL_QUEUE_HOLD,
|
||||
0,
|
||||
};
|
||||
char **cpp;
|
||||
int tries;
|
||||
|
||||
/*
|
||||
* To minimize confusion, make sure that the standard file descriptors
|
||||
|
@ -168,8 +207,15 @@ int main(int argc, char **argv)
|
|||
/*
|
||||
* Parse JCL.
|
||||
*/
|
||||
while ((ch = GETOPT(argc, argv, "v")) > 0) {
|
||||
while ((ch = GETOPT(argc, argv, "c:qv")) > 0) {
|
||||
switch (ch) {
|
||||
case 'c':
|
||||
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
|
||||
msg_fatal("out of memory");
|
||||
break;
|
||||
case 'q':
|
||||
flags |= PC_FLAG_QUEUE;
|
||||
break;
|
||||
case 'v':
|
||||
msg_verbose++;
|
||||
break;
|
||||
|
@ -178,6 +224,11 @@ int main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Further initialization...
|
||||
*/
|
||||
mail_conf_read();
|
||||
|
||||
/*
|
||||
* Initialize.
|
||||
*/
|
||||
|
@ -193,6 +244,27 @@ int main(int argc, char **argv)
|
|||
postcat(VSTREAM_IN, buffer);
|
||||
}
|
||||
|
||||
/*
|
||||
* Copy the named queue files in the specified order.
|
||||
*/
|
||||
else if (flags & PC_FLAG_QUEUE) {
|
||||
if (chdir(var_queue_dir))
|
||||
msg_fatal("chdir %s: %m", var_queue_dir);
|
||||
while (optind < argc) {
|
||||
if (!mail_queue_id_ok(argv[optind]))
|
||||
msg_fatal("bad mail queue ID: %s", argv[optind]);
|
||||
for (fp = 0, tries = 0; fp == 0 && tries < 2; tries++)
|
||||
for (cpp = queue_names; fp == 0 && *cpp != 0; cpp++)
|
||||
fp = mail_queue_open(*cpp, argv[optind], O_RDONLY, 0);
|
||||
if (fp == 0)
|
||||
msg_fatal("open queue file %s: %m", argv[optind]);
|
||||
postcat(fp, buffer);
|
||||
if (vstream_fclose(fp))
|
||||
msg_warn("close %s: %m", argv[optind]);
|
||||
optind++;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Copy the named files in the specified order.
|
||||
*/
|
||||
|
|
|
@ -178,7 +178,7 @@ int main(int argc, char **argv)
|
|||
MAIL_STREAM *dst;
|
||||
int rec_type;
|
||||
static char *segment_info[] = {
|
||||
REC_TYPE_ENVELOPE, REC_TYPE_CONTENT, REC_TYPE_EXTRACT,
|
||||
REC_TYPE_POST_ENVELOPE, REC_TYPE_POST_CONTENT, REC_TYPE_POST_EXTRACT, ""
|
||||
};
|
||||
char **expected;
|
||||
uid_t uid = getuid();
|
||||
|
@ -315,9 +315,6 @@ int main(int argc, char **argv)
|
|||
}
|
||||
if (rec_type == REC_TYPE_ERROR)
|
||||
msg_fatal("uid=%ld: malformed input", (long) uid);
|
||||
if (rec_type == REC_TYPE_TIME)
|
||||
rec_fprintf(dst->stream, REC_TYPE_TIME, "%ld",
|
||||
(long) time((time_t *) 0));
|
||||
if (strchr(*expected, rec_type) == 0)
|
||||
msg_fatal("uid=%ld: unexpected record type: %d", (long) uid, rec_type);
|
||||
if (rec_type == **expected)
|
||||
|
|
|
@ -74,12 +74,12 @@
|
|||
/* input file. By default, \fBpostmap\fR drops root privileges
|
||||
/* and runs as the source file owner instead.
|
||||
/* .IP "\fB-q \fIkey\fR"
|
||||
/* Search the specified maps for \fIkey\fR and print the first value
|
||||
/* found on the standard output stream. The exit status is zero
|
||||
/* Search the specified maps for \fIkey\fR and write the first value
|
||||
/* found to the standard output stream. The exit status is zero
|
||||
/* when the requested information was found.
|
||||
/*
|
||||
/* If a key value of \fB-\fR is specified, the program reads key
|
||||
/* values from the standard input stream and prints one line of
|
||||
/* values from the standard input stream and writes one line of
|
||||
/* \fIkey value\fR output for each key that was found. The exit
|
||||
/* status is zero when at least one of the requested keys was found.
|
||||
/* .IP \fB-r\fR
|
||||
|
|
|
@ -188,6 +188,7 @@
|
|||
#include <string.h>
|
||||
#include <signal.h>
|
||||
#include <stdio.h> /* remove() */
|
||||
#include <utime.h>
|
||||
|
||||
/* Utility library. */
|
||||
|
||||
|
@ -428,6 +429,7 @@ static int requeue_one(const char **queue_names, const char *queue_id)
|
|||
VSTRING *new_path_buf;
|
||||
int found;
|
||||
int tries;
|
||||
struct utimbuf tbuf;
|
||||
|
||||
/*
|
||||
* Sanity check. No early returns beyond this point.
|
||||
|
@ -454,6 +456,9 @@ static int requeue_one(const char **queue_names, const char *queue_id)
|
|||
continue;
|
||||
(void) mail_queue_path(new_path_buf, MAIL_QUEUE_MAILDROP, queue_id);
|
||||
if (postrename(old_path, STR(new_path_buf)) == 0) {
|
||||
tbuf.actime = tbuf.modtime = time((time_t *) 0);
|
||||
if (utime(STR(new_path_buf), &tbuf) < 0)
|
||||
msg_warn("%s: reset time stamps: %m", STR(new_path_buf));
|
||||
msg_info("%s: requeued", queue_id);
|
||||
found = 1;
|
||||
break;
|
||||
|
@ -985,16 +990,13 @@ int main(int argc, char **argv)
|
|||
msg_fatal("open /dev/null: %m");
|
||||
|
||||
/*
|
||||
* Process environment options as early as we can. We might be called
|
||||
* from a set-uid (set-gid) program, so be careful with importing
|
||||
* environment variables.
|
||||
* Process this environment option as early as we can, to aid debugging.
|
||||
*/
|
||||
if (safe_getenv(CONF_ENV_VERB))
|
||||
msg_verbose = 1;
|
||||
|
||||
/*
|
||||
* Initialize. Set up logging, read the global configuration file and
|
||||
* extract configuration information.
|
||||
* Initialize logging.
|
||||
*/
|
||||
if ((slash = strrchr(argv[0], '/')) != 0)
|
||||
argv[0] = slash + 1;
|
||||
|
@ -1002,47 +1004,37 @@ int main(int argc, char **argv)
|
|||
msg_syslog_init(mail_task(argv[0]), LOG_PID, LOG_FACILITY);
|
||||
set_mail_conf_str(VAR_PROCNAME, var_procname = mystrdup(argv[0]));
|
||||
|
||||
mail_conf_read();
|
||||
if (chdir(var_queue_dir))
|
||||
msg_fatal("chdir %s: %m", var_queue_dir);
|
||||
|
||||
/*
|
||||
* Be sure to log a warning if we do not finish structural repair. Maybe
|
||||
* we should have an fsck-style "clean" flag so Postfix will not start
|
||||
* with a broken queue.
|
||||
*/
|
||||
signal(SIGHUP, interrupted);
|
||||
signal(SIGINT, interrupted);
|
||||
signal(SIGQUIT, interrupted);
|
||||
signal(SIGTERM, interrupted);
|
||||
msg_cleanup(fatal_exit);
|
||||
|
||||
/*
|
||||
* All file/directory updates must be done as the mail system owner. This
|
||||
* is because Postfix daemons manipulate the queue with those same
|
||||
* privileges, so directories must be created with the right ownership.
|
||||
*
|
||||
* Running as a non-root user is also required for security reasons. When
|
||||
* the Postfix queue hierarchy is compromised, an attacker could trick us
|
||||
* into entering other file hierarchies and afflicting damage. Running as
|
||||
* a non-root user limits the damage to the already compromised mail
|
||||
* owner.
|
||||
* Disallow unsafe practices, and refuse to run set-uid (or as the child
|
||||
* of a set-uid process). Whenever a privileged wrapper program is
|
||||
* needed, it must properly sanitize the real/effective/saved UID/GID,
|
||||
* the secondary groups, the process environment, and so on. Otherwise,
|
||||
* accidents can happen. If not with Postfix, then with other software.
|
||||
*/
|
||||
if (unsafe() != 0)
|
||||
msg_fatal("this postfix command must not run as a set-uid process");
|
||||
if (getuid())
|
||||
msg_fatal("use of this command is reserved for the superuser");
|
||||
set_ugid(var_owner_uid, var_owner_gid);
|
||||
|
||||
/*
|
||||
* Parse JCL.
|
||||
*/
|
||||
while ((c = GETOPT(argc, argv, "d:h:H:pr:sv")) > 0) {
|
||||
while ((c = GETOPT(argc, argv, "c:d:h:H:pr:sv")) > 0) {
|
||||
switch (c) {
|
||||
default:
|
||||
msg_fatal("usage: %s [-d queue_id (delete)] "
|
||||
msg_fatal("usage: %s "
|
||||
"[-c config_dir] "
|
||||
"[-d queue_id (delete)] "
|
||||
"[-h queue_id (hold)] [-H queue_id (un-hold)] "
|
||||
"[-p (purge temporary files)] [-r queue_id (requeue)] "
|
||||
"[-s (structure fix)] [-v (verbose)] "
|
||||
"[queue...]", argv[0]);
|
||||
case 'c':
|
||||
if (*optarg != '/')
|
||||
msg_fatal("-c requires absolute pathname");
|
||||
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
|
||||
msg_fatal("setenv: %m");
|
||||
break;
|
||||
case 'd':
|
||||
if (delete_names == 0)
|
||||
delete_names = argv_alloc(1);
|
||||
|
@ -1083,6 +1075,42 @@ int main(int argc, char **argv)
|
|||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Read the global configuration file and extract configuration
|
||||
* information. The -c command option can override the default
|
||||
* configuration directory location.
|
||||
*/
|
||||
mail_conf_read();
|
||||
if (chdir(var_queue_dir))
|
||||
msg_fatal("chdir %s: %m", var_queue_dir);
|
||||
|
||||
/*
|
||||
* All file/directory updates must be done as the mail system owner. This
|
||||
* is because Postfix daemons manipulate the queue with those same
|
||||
* privileges, so directories must be created with the right ownership.
|
||||
*
|
||||
* Running as a non-root user is also required for security reasons. When
|
||||
* the Postfix queue hierarchy is compromised, an attacker could trick us
|
||||
* into entering other file hierarchies and afflicting damage. Running as
|
||||
* a non-root user limits the damage to the already compromised mail
|
||||
* owner.
|
||||
*/
|
||||
set_ugid(var_owner_uid, var_owner_gid);
|
||||
|
||||
/*
|
||||
* Be sure to log a warning if we do not finish structural repair. Maybe
|
||||
* we should have an fsck-style "clean" flag so Postfix will not start
|
||||
* with a broken queue.
|
||||
*
|
||||
* Set up signal handlers after permanently dropping super-user privileges,
|
||||
* so that signal handlers will always run with the correct privileges.
|
||||
*/
|
||||
signal(SIGHUP, interrupted);
|
||||
signal(SIGINT, interrupted);
|
||||
signal(SIGQUIT, interrupted);
|
||||
signal(SIGTERM, interrupted);
|
||||
msg_cleanup(fatal_exit);
|
||||
|
||||
/*
|
||||
* Sanity checks.
|
||||
*/
|
||||
|
|
|
@ -78,6 +78,8 @@
|
|||
/* The proxymap server opens only tables that are approved via the
|
||||
/* \fBproxy_read_maps\fR configuration parameter, does not talk to
|
||||
/* users, and can run at fixed low privilege, chrooted or not.
|
||||
/* However, running the proxymap server chrooted severely limits
|
||||
/* usability, because it can open only chrooted tables.
|
||||
/*
|
||||
/* The proxymap server is not a trusted daemon process, and must
|
||||
/* not be used to look up sensitive information such as user or
|
||||
|
@ -348,7 +350,7 @@ DICT *dict_proxy_open(const char *map, int open_flags, int dict_flags)
|
|||
|
||||
static void post_jail_init(char *unused_name, char **unused_argv)
|
||||
{
|
||||
const char *sep = " \t\r\n";
|
||||
const char *sep = ", \t\r\n";
|
||||
char *saved_filter;
|
||||
char *bp;
|
||||
char *type_name;
|
||||
|
|
|
@ -270,7 +270,7 @@ static void qmgr_deliver_update(int unused_event, char *context)
|
|||
* No problems detected. Mark the transport and queue as alive. The queue
|
||||
* itself won't go away before we dispose of the current queue entry.
|
||||
*/
|
||||
if (status == 0) {
|
||||
if (VSTRING_LEN(reason) == 0) {
|
||||
qmgr_transport_unthrottle(transport);
|
||||
qmgr_queue_unthrottle(queue);
|
||||
}
|
||||
|
|
|
@ -378,6 +378,13 @@ static void enqueue(const int flags, const char *encoding, const char *sender,
|
|||
*/
|
||||
buf = vstring_alloc(100);
|
||||
|
||||
/*
|
||||
* Stop run-away process accidents by limiting the queue file size. This
|
||||
* is not a defense against DOS attack.
|
||||
*/
|
||||
if (var_message_limit > 0 && get_file_limit() > var_message_limit)
|
||||
set_file_limit((off_t) var_message_limit);
|
||||
|
||||
/*
|
||||
* The sender name is provided by the user. In principle, the mail pickup
|
||||
* service could deduce the sender name from queue file ownership, but:
|
||||
|
@ -428,7 +435,6 @@ static void enqueue(const int flags, const char *encoding, const char *sender,
|
|||
*
|
||||
* XXX Should limit the size of envelope records.
|
||||
*/
|
||||
rec_fprintf(dst, REC_TYPE_TIME, "%ld", (long) time((time_t *) 0));
|
||||
if (full_name || (full_name = fullname()) != 0)
|
||||
rec_fputs(dst, REC_TYPE_FULL, full_name);
|
||||
rec_fputs(dst, REC_TYPE_FROM, saved_sender);
|
||||
|
@ -548,6 +554,7 @@ int main(int argc, char **argv)
|
|||
int flags = SM_FLAG_DEFAULT;
|
||||
char *site_to_flush = 0;
|
||||
char *encoding = 0;
|
||||
char *qtime = 0;
|
||||
|
||||
/*
|
||||
* Be consistent with file permissions.
|
||||
|
@ -612,13 +619,6 @@ int main(int argc, char **argv)
|
|||
if (chdir(var_queue_dir))
|
||||
msg_fatal_status(EX_UNAVAILABLE, "chdir %s: %m", var_queue_dir);
|
||||
|
||||
/*
|
||||
* Stop run-away process accidents by limiting the queue file size. This
|
||||
* is not a defense against DOS attack.
|
||||
*/
|
||||
if (var_message_limit > 0 && get_file_limit() > var_message_limit)
|
||||
set_file_limit((off_t) var_message_limit);
|
||||
|
||||
signal(SIGPIPE, SIG_IGN);
|
||||
|
||||
/*
|
||||
|
@ -751,11 +751,7 @@ int main(int argc, char **argv)
|
|||
break;
|
||||
case 'q':
|
||||
if (ISDIGIT(optarg[0])) {
|
||||
if (mode == SM_MODE_DAEMON) {
|
||||
if (msg_verbose)
|
||||
msg_info("-%c%s option ignored", c, optarg);
|
||||
|
||||
}
|
||||
qtime = optarg;
|
||||
} else if (optarg[0] == 'R') {
|
||||
site_to_flush = optarg + 1;
|
||||
if (*site_to_flush == 0)
|
||||
|
@ -799,6 +795,8 @@ int main(int argc, char **argv)
|
|||
/*
|
||||
* Start processing. Everything is delegated to external commands.
|
||||
*/
|
||||
if (qtime && mode != SM_MODE_DAEMON)
|
||||
exit(0);
|
||||
switch (mode) {
|
||||
default:
|
||||
msg_panic("unknown operation mode: %d", mode);
|
||||
|
|
|
@ -137,6 +137,7 @@ smtp_connect.o: ../../include/iostuff.h
|
|||
smtp_connect.o: ../../include/timed_connect.h
|
||||
smtp_connect.o: ../../include/stringops.h
|
||||
smtp_connect.o: ../../include/host_port.h
|
||||
smtp_connect.o: ../../include/sane_connect.h
|
||||
smtp_connect.o: ../../include/mail_params.h
|
||||
smtp_connect.o: ../../include/own_inet_addr.h
|
||||
smtp_connect.o: ../../include/dns.h
|
||||
|
|
|
@ -21,10 +21,6 @@
|
|||
/* the destination host, sorts the list by preference, and connects
|
||||
/* to each listed address until it finds a server that responds.
|
||||
/*
|
||||
/* When the domain or host is specified as a comma/whitespace
|
||||
/* separated list, the SMTP client repeats the above process
|
||||
/* for all destinations until it finds a server that responds.
|
||||
/*
|
||||
/* Once the SMTP client has received the server greeting banner, no
|
||||
/* error will cause it to proceed to the next address on the mail
|
||||
/* exchanger list. Instead, the message is either bounced, or its
|
||||
|
|
|
@ -808,7 +808,25 @@ int smtp_xfer(SMTP_STATE *state)
|
|||
prev_type = rec_type;
|
||||
}
|
||||
|
||||
if (prev_type == REC_TYPE_CONT) /* missing newline at end */
|
||||
if (state->mime_state) {
|
||||
|
||||
/*
|
||||
* The cleanup server normally ends MIME content with a
|
||||
* normal text record. The following code is needed to flush
|
||||
* an internal buffer when someone submits 8-bit mail not
|
||||
* ending in newline via /usr/sbin/sendmail while MIME input
|
||||
* processing is turned off, and MIME 8bit->7bit conversion
|
||||
* is requested upon delivery.
|
||||
*/
|
||||
mime_errs =
|
||||
mime_state_update(state->mime_state, rec_type, "", 0);
|
||||
if (mime_errs) {
|
||||
smtp_mesg_fail(state, 554,
|
||||
"MIME 7-bit conversion failed: %s",
|
||||
mime_state_error(mime_errs));
|
||||
RETURN(0);
|
||||
}
|
||||
} else if (prev_type == REC_TYPE_CONT) /* missing newline */
|
||||
smtp_fputs("", 0, session->stream);
|
||||
if ((state->features & SMTP_FEATURE_MAYBEPIX) != 0
|
||||
&& request->arrival_time < vstream_ftime(session->stream)
|
||||
|
|
|
@ -93,6 +93,7 @@ typedef struct SMTPD_STATE {
|
|||
int defer_if_permit_client; /* force permit into warning */
|
||||
int defer_if_permit_helo; /* force permit into warning */
|
||||
int defer_if_permit_sender; /* force permit into warning */
|
||||
int discard; /* discard message */
|
||||
VSTRING *expand_buf; /* scratch space for $name expansion */
|
||||
} SMTPD_STATE;
|
||||
|
||||
|
|
|
@ -16,7 +16,6 @@ extern void smtpd_check_init(void);
|
|||
extern char *smtpd_check_client(SMTPD_STATE *);
|
||||
extern char *smtpd_check_helo(SMTPD_STATE *, char *);
|
||||
extern char *smtpd_check_mail(SMTPD_STATE *, char *);
|
||||
extern char *smtpd_check_rcptmap(SMTPD_STATE *, char *);
|
||||
extern char *smtpd_check_size(SMTPD_STATE *, off_t);
|
||||
extern char *smtpd_check_rcpt(SMTPD_STATE *, char *);
|
||||
extern char *smtpd_check_etrn(SMTPD_STATE *, char *);
|
||||
|
|
|
@ -11,6 +11,7 @@ sender_restrictions hash:./smtpd_check_access
|
|||
mail rejecttext@bad.domain
|
||||
mail filter@filter.domain
|
||||
mail filtertext@filter.domain
|
||||
mail filtertexttext@filter.domain
|
||||
mail hold@hold.domain
|
||||
mail holdtext@hold.domain
|
||||
mail discard@hold.domain
|
||||
|
|
|
@ -14,10 +14,13 @@ OK
|
|||
./smtpd_check: <queue id>: reject: MAIL from localhost[127.0.0.1]: 554 <rejecttext@bad.domain>: Sender address rejected: text; from=<rejecttext@bad.domain> proto=SMTP
|
||||
554 <rejecttext@bad.domain>: Sender address rejected: text
|
||||
>>> mail filter@filter.domain
|
||||
./smtpd_check: warning: access map hash:./smtpd_check_access entry filter@filter.domain has FILTER entry without value
|
||||
./smtpd_check: warning: access map hash:./smtpd_check_access entry "filter@filter.domain" has FILTER entry without value
|
||||
OK
|
||||
>>> mail filtertext@filter.domain
|
||||
./smtpd_check: <queue id>: filter: MAIL from localhost[127.0.0.1]: <filtertext@filter.domain>: Sender address triggers FILTER text; from=<filtertext@filter.domain> proto=SMTP
|
||||
./smtpd_check: warning: access map hash:./smtpd_check_access entry "filtertext@filter.domain" requires transport:destination
|
||||
OK
|
||||
>>> mail filtertexttext@filter.domain
|
||||
./smtpd_check: <queue id>: filter: MAIL from localhost[127.0.0.1]: <filtertexttext@filter.domain>: Sender address triggers FILTER text:text; from=<filtertexttext@filter.domain> proto=SMTP
|
||||
OK
|
||||
>>> mail hold@hold.domain
|
||||
./smtpd_check: <queue id>: hold: MAIL from localhost[127.0.0.1]: <hold@hold.domain>: Sender address triggers HOLD action; from=<hold@hold.domain> proto=SMTP
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue