Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

resolve conflicts.

This commit is contained in:
christos 2008-06-22 14:38:40 +00:00
parent 31670fd55d
commit db19bd9062
69 changed files with 2545 additions and 3905 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
gnu/dist/postfix/README_FILES/INSTALL vendored
View File

@ -201,6 +201,8 @@ Parameters whose defaults can be specified in this way are:
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|DEF_DAEMON_DIR |daemon_directory |/usr/libexec/postfix|
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|DEF_DATA_DIR |data_directory |/var/lib/postfix |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|DEF_MAILQ_PATH |mailq_path |/usr/bin/mailq |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|DEF_HTML_DIR |html_directory |no |
@ -216,6 +218,9 @@ Parameters whose defaults can be specified in this way are:
|DEF_SENDMAIL_PATH|sendmail_path |/usr/sbin/sendmail |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
Note: the data_directory parameter (for caches and pseudo-random numbers) was
introduced with Postfix version 2.5.
44..55 -- SSuuppppoorrtt ffoorr tthhoouussaannddss ooff pprroocceesssseess
The number of connections that Postfix can manage simultaneously is limited by
@ -486,7 +491,7 @@ or, if you feel nostalgic, use the Postfix sendmail command:
# sendmail -bd -qwhatever
and watch your maillog file for any error messages. The pathname is /var/log/
maillog, /var/log/mail, /var/log/syslog, or someting else. Typically, the
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
pathname is defined in the /etc/syslog.conf file.
% egrep '(reject|warning|error|fatal|panic):' /some/log/file

534
gnu/dist/postfix/README_FILES/RELEASE_NOTES vendored
View File

@ -1,212 +1,376 @@
The stable Postfix release is called postfix-2.4.x where 2=major
release number, 4=minor release number, x=patchlevel. The stable
The stable Postfix release is called postfix-2.5.x where 2=major
release number, 5=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.5-yyyymmdd where yyyymmdd is the release date (yyyy=year,
postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
Incompatibility with Postfix 2.4.4
==================================
Incompatibility with Postfix 2.3 and earlier
--------------------------------------------
By default, the Postfix Cyrus SASL client no longer sends a SASL
authoriZation ID (authzid); it sends only the SASL authentiCation
ID (authcid) plus the authcid's password. Specify "send_cyrus_sasl_authzid
= yes" to get the old behavior, which is to send the (authzid,
authcid, password), with the authzid equal to the authcid. This
workaround for non-Cyrus SASL servers is back-ported from Postfix
2.5.
Release notes for Postfix 2.4.0
===============================
If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
before proceeding.
Major changes - critical
------------------------
See RELEASE_NOTES-2.3 if you upgrade from Postfix 2.2 or earlier.
[Incompat 20071224] The protocol to send Milter information from
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
Milter feature, and upgrade a live Postfix system, you may see an
"unexpected record type" warning from a cleanup(8) server process.
To prevent this, execute the command "postfix reload". The
incompatibility affects only systems that use the Milter feature.
It does not cause loss of mail, just a minor delay until the remote
SMTP client retries.
[Incompat 20070122] To take advantage of the new support for BSD
kqueue, Linux epoll, or Solaris /dev/poll, you must restart (not
reload) Postfix after upgrading from Postfix 2.3.
[Incompat 20071212] The allow_min_user feature now applies to both
sender and recipient addresses in SMTP commands. With earlier Postfix
versions, only recipients were subject to the allow_min_user feature,
and the restriction took effect at mail delivery time, causing mail
to be bounced later instead of being rejected immediately.
[Incompat 20061209] If you upgrade Postfix without restarting, you
MUST execute "postfix reload", otherwise the queue manager may log
a warnings with:
[Incompat 20071206] The "make install" and "make upgrade" procedures
now create a Postfix-owned directory for Postfix-writable data files
such as caches and random numbers. The location is specified with
the "data_directory" parameter (default: "/var/lib/postfix"), and
the ownership is specified with the "mail_owner" parameter.
warning: connect to transport retry: Connection refused
[Incompat 20071206] The tlsmgr(8) and verify(8) servers no longer
use root privileges when opening the address_verify_map,
*_tls_session_cache_database, and tls_random_exchange_name cache
files. This avoids a potential security loophole where the ownership
of a file (or directory) does not match the trust level of the
content of that file (or directory).
[Incompat 20061209] The upgrade procedure adds a new "retry" service
to the master.cf file. If you make the mistake of copying old
Postfix configuration files over the new files, the queue manager
may log warnings with:
[Incompat 20071206] The tlsmgr(8) and verify(8) cache files should
now be stored as Postfix-owned files under the Postfix-owned
data_directory. As a migration aid, attempts to open these files
under a non-Postfix directory are redirected to the Postfix-owned
data_directory, and a warning is logged.
warning: connect to transport retry: Connection refused
This is an example of the warning messages:
To fix your master.cf file, use "postfix upgrade-configuration"
followed by "postfix reload".
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
to update file /etc/postfix/prng_exch in non-postfix directory
/etc/postfix
Major changes - safety
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
the request to postfix-owned data_directory /var/lib/postfix
If you wish to continue using a pre-existing tls_random_exchange_name
or address_verify_map file, move it to the Postfix-owned data_directory
and change ownership from root to Postfix (that is, change ownership
to the account specified with the mail_owner configuration parameter).
[Feature 20071205] The "make install" and "make upgrade" procedures
now create a Postfix-owned directory for Postfix-writable data files
such as caches and random numbers. The location is specified with
the "data_directory" parameter (default: "/var/lib/postfix"), and
the ownership is specified with the "mail_owner" parameter.
[Incompat 20071203] The "make upgrade" procedure adds a new service
"proxywrite" to the master.cf file, for read/write lookup table
access. If you copy your old configuration file over the updated
one, you may see warnings in the maillog file like this:
connect #xx to subsystem private/proxywrite: No such file or directory
To recover, run "postfix upgrade-configuration" again.
[Incompat 20070613] The pipe(8) delivery agent no longer allows
delivery with the same group ID as the main.cf postdrop group.
Major changes - malware defense
-------------------------------
[Feature 20080107] New "pass" service type in master.cf. Written
years ago, this allows future front-end daemons to accept all
connections from the network, and to hand over connections from
well-behaved clients to Postfix. Since this feature uses file
descriptor passing, it imposes no overhead once a connection is
handed over to Postfix. See master(5) for a few details.
[Feature 20070911] Stress-adaptive behavior. When a "public" network
service runs into an "all processes are busy" condition, the master(8)
daemon logs a warning, restarts the service, and runs it with "-o
stress=yes" on the command line (under normal conditions it runs
the service with "-o stress=" on the command line). This can be
used to make main.cf parameter settings stress dependent, for
example:
/etc/postfix/main.cf:
smtpd_timeout = ${stress?10}${stress:300}
smtpd_hard_error_limit = ${stress?1}${stress:20}
Translation: under conditions of stress, use an smtpd_timeout value
of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
instead of 20. The syntax is explained in the postconf(5) manpage.
The STRESS_README file gives examples of how to mitigate flooding
problems.
Major changes - tls support
---------------------------
[Incompat 20080109] TLS logging output has changed to make it more
useful. Existing logfile parser regular expressions may need
adjustment.
- More log entries include the "hostnamename[ipaddress]" of the
remote SMTP peer.
- Certificate trust chain error reports show only the first
error certificate (closest to the trust chain root), and the
reporting is more human-readable for the most likely errors.
- After the completion of the TLS handshake, the session is logged
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
"Verified" (SMTP client only).
- "Untrusted" means that the certificate trust chain is invalid,
or that the root CA is not trusted.
- "Trusted" means that the certificate trust chain is valid, and
that the root CA is trusted.
- "Verified" means that the certificate meets the SMTP client's
matching criteria for the destination:
- In the case of a destination name match, "Verified" also
implies "Trusted".
- In the case of a fingerprint match, CA trust is not applicable.
- The logging of protocol states with TLS loglevel >= 2 no longer
reports bogus error conditions when OpenSSL asks Postfix to refill
(or flush) network I/O buffers. This loglevel is for debugging
only; use 0 or 1 in production configurations.
[Feature 20080109] The Postfix SMTP client has a new "fingerprint"
security level. This avoids dependencies on CAs, and relies entirely
on bi-lateral exchange of public keys (really self-signed or private
CA signed X.509 public key certificates). Scalability is clearly
limited. For details, see the fingerprint discussion in TLS_README.
[Feature 20080109] The Postfix SMTP server can now use SHA1 instead
of MD5 to compute remote SMTP client certificate fingerprints. For
backwards compatibility, the default algorithm is MD5. For details,
see the "smtpd_tls_fingerprint_digest" parameter in the postconf(5)
manual.
[Feature 20080109] The maximum certificate trust chain depth
(verifydepth) is finally implemented in the Postfix TLS library.
Previously, the parameter had no effect. The default depth was
changed to 9 (the OpenSSL default) for backwards compatibility.
If you have explicity limited the verification depth in main.cf,
check that the configured limit meets your needs. See the
"lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
"smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
[Feature 20080109] The selection of SSL/TLS protocols for mandatory
TLS can now use exclusion rather than inclusion. Either form is
acceptable; see the "lmtp_tls_mandatory_protocols",
"smtp_tls_mandatory_protocols" and "smtpd_tls_mandatory_protocols"
parameters in the postconf(5) manual.
Major changes - scheduler
-------------------------
[Feature 20071130] Revised queue manager with separate mechanisms
for per-destination concurrency control and for dead destination
detection. The concurrency control supports less-than-1 feedback
to allow for more gradual concurrency adjustments, and uses hysteresis
to avoid rapid oscillations. A destination is declared "dead" after
a configurable number of pseudo-cohorts(*) reports connection or
handshake failure.
(*) A pseudo-cohort is a number of delivery requests equal to a
destination's delivery concurrency.
The drawbacks of the old +/-1 feedback scheduler are a) overshoot
due to exponential delivery concurrency growth with each pseudo-cohort(*)
(5-10-20...); b) throttling down to zero concurrency after a single
pseudo-cohort(*) failure. The latter was especially an issue with
low-concurrency channels where a single failure could be sufficient
to mark a destination as "dead", and suspend further deliveries.
New configuration parameters: destination_concurrency_feedback_debug,
default_destination_concurrency_positive_feedback,
default_destination_concurrency_negative_feedback,
default_destination_concurrency_failed_cohort_limit, as well as
transport-specific versions of the same.
The default parameter settings are backwards compatible with older
Postfix versions. This may change after better defaults are field
tested.
The updated SCHEDULER_README document describes the theory behind
the new concurrency scheduler, as well as Patrik Rak's preemptive
job scheduler. See postconf(5) for more extensive descriptions of
the configuration parameters.
Major changes - small/home office
---------------------------------
[Feature 20080115] Preliminary SOHO_README document that combines
bits and pieces from other document in one place, so that it is
easier to find. This document describes the "mail sending" side
only.
[Feature 20071202] Output rate control in the queue manager. For
example, specify "smtp_destination_rate_delay = 5m", to pause five
minutes between message deliveries. More information in the postconf(5)
manual under "default_destination_rate_delay".
Major changes - smtp client
---------------------------
[Incompat 20080114] The Postfix SMTP client now by default defers
mail after a remote SMTP server rejects a SASL authentication
attempt. Specify "smtp_sasl_auth_soft_bounce = no" for the old
behavior.
[Feature 20080114] The Postfix SMTP client can now avoid making
repeated SASL login failures with the same server, username and
password. To enable this safety feature, specify for example
"smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache"
(access through the proxy service is required). Instead of trying
to SASL authenticate, the Postfix SMTP client defers or bounces
mail as controlled with the new smtp_sasl_auth_soft_bounce configuration
parameter.
[Feature 20071111] Header/body checks are now available in the SMTP
client, after the implementation was moved from the cleanup server
to a library module. The SMTP client provides only actions that
don't change the message delivery time or destination: warn, replace,
prepend, ignore, dunno, ok.
[Incompat 20070614] By default, the Postfix Cyrus SASL client no
longer sends a SASL authoriZation ID (authzid); it sends only the
SASL authentiCation ID (authcid) plus the authcid's password. Specify
"send_cyrus_sasl_authzid = yes" to get the old behavior.
Major changes - smtp server
---------------------------
[Feature 20070724] Not really major. New support for RFC 3848
(Received: headers with ESMTPS, ESMTPA, or ESMTPSA); updated SASL
support according to RFC 4954, resulting in small changes to SMTP
reply codes and (DSN) enhanced status codes.
Major changes - milter
----------------------
[Incompat 20070222] As a safety measure, Postfix now by default
creates mailbox dotlock files on all systems. This prevents problems
with GNU POP3D which subverts kernel locking by creating a new
mailbox file and deleting the old one.
[Incompat 20071224] The protocol to send Milter information from
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
Milter feature, and upgrade a live Postfix system, you may see an
"unexpected record type" warning from a cleanup(8) server process.
To prevent this, execute the command "postfix reload". The
incompatibility affects only systems that use the Milter feature.
It does not cause loss of mail, just a minor delay until the remote
SMTP client retries.
Major changes - Milter support
[Feature 20071221] Support for most of the Sendmail 8.14 Milter
protocol features.
To enable the new features specify "milter_protocol = 6" and link
the filter application with a libmilter library from Sendmail 8.14
or later.
Sendmail 8.14 Milter features supported at this time:
- NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR,
NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
to some of the SMTP events that Postfix sends. This makes the
protocol less chatty and improves performance.
- SKIP: The filter can tell Postfix to skip sending the rest of
the message body, which also improves performance.
- HDR_LEADSPC: The filter can request that Postfix does not delete
the first space character between header name and header value
when sending a header to the filter, and that Postfix does not
insert a space character between header name and header value
when receiving a header from the filter. This fixes a limitation
in the old Milter protocol that can break DKIM and DK signatures.
- SETSYMLIST: The filter can override one or more of the main.cf
milter_xxx_macros parameter settings.
Sendmail 8.14 Milter features not supported at this time:
- RCPT_REJ: report rejected recipients to the mail filter.
- CHGFROM: replace sender, with optional ESMTP command parameters.
- ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
It is unclear when (if ever) the missing features will be implemented.
SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
processing and error handling. SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
require ESMTP command-line parsing in the cleanup server. Unfortunately,
Sendmail's documentation does not specify what ESMTP options are
supported, but only discusses examples of things that don't work.
Major changes - address verification
------------------------------------
[Incompat 20070514] The default sender address for address verification
probes was changed from "postmaster" to "double-bounce", so that
the Postfix SMTP server no longer causes surprising behavior by
excluding "postmaster" from SMTP server access controls.
Major changes - ldap
--------------------
[Incompat 20071216] Due to an incompatible API change between
OpenLDAP 2.0.11 and 2.0.12, an LDAP client compiled for OpenLDAP
version <= 2.0.11 will refuse to work with an OpenLDAP library
version >= 2.0.12 and vice versa.
Major changes - logging
-----------------------
[Incompat 20080109] TLS logging output has changed to make it more
useful. Existing logfile parser regular expressions may need
adjustment.
- More log entries include the "hostnamename[ipaddress]" of the
remote SMTP peer.
- Certificate trust chain error reports show only the first
error certificate (closest to the trust chain root), and the
reporting is more human-readable for the most likely errors.
- After the completion of the TLS handshake, the session is logged
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
"Verified" (SMTP client only).
- "Untrusted" means that the certificate trust chain is invalid,
or that the root CA is not trusted.
- "Trusted" means that the certificate trust chain is valid, and
that the root CA is trusted.
- "Verified" means that the certificate meets the SMTP client's
matching criteria for the destination:
- In the case of a destination name match, "Verified" also
implies "Trusted".
- In the case of a fingerprint match, CA trust is not applicable.
- The logging of protocol states with TLS loglevel >= 2 no longer
reports bogus error conditions when OpenSSL asks Postfix to refill
(or flush) network I/O buffers. This loglevel is for debugging
only; use 0 or 1 in production configurations.
[Incompat 20071216] The SMTP "transcript of session" email now
includes the remote SMTP server TCP port number.
Major changes - loop detection
------------------------------
[Feature 20070121] The support for Milter header modification
requests was revised. With minimal change in the on-disk representation,
the code was greatly simplified, and regression tests were updated
to ensure that old errors were not re-introduced. The queue file
format is entirely backwards compatible with Postfix 2.3.
[Feature 20070116] Support for Milter requests to replace the message
body. Postfix now implements all the header/body modification
requests that are available with Sendmail 8.13.
[Incompat 20070116] A new field is added to the queue file "size"
record that specifies the message content length. Postfix 2.3 and
older Postfix 2.4 snapshots will ignore this field, and will report
the message size as it was before the body was replaced.
Major changes - TLS support
---------------------------
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
client certificate verification. The reason is that the certification
verification status itself is not available in the policy request.
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
fingerprint information even when the certificate itself was not
verified.
[Incompat 20061214] The remote SMTP client TLS certificate fingerprint
can be used for access control even when the certificate itself was
not verified.
[Incompat 20061006] The format of SMTP server TLS session cache
lookup keys has changed. The lookup key now includes the master.cf
service name.
Major changes - performance
---------------------------
[Feature 20070212] Better support for systems that run thousands
of Postfix processes. Postfix now supports FreeBSD kqueue(2),
Solaris poll(7d) and Linux epoll(4) as more scalable alternatives
to the traditional select(2) system call, and uses poll(2) when
examining a single file descriptor for readability or writability.
These features are supported on sufficiently recent versions of
FreeBSD, NetBSD, OpenBSD, Solaris and Linux; support for other
systems will be added as evidence becomes available that usable
implementations exist.
[Incompat 20070201] Some default settings have been adjusted to
better match contemporary requirements:
- queue_run_delay and minimal_backoff_time were reduced from 1000s
to 300s so that deliveries are retried earlier after the first
failure.
- ipc_idle was reduced from 100s to 5s, so that tlsmgr and scache
clients will more quickly release unused file handles.
[Feature 20061209] Improved worst-case (old and new) queue manager
performance when deferring or bouncing large amounts of mail. Instead
of talking to the bounce or defer service synchronously, this work
is now done in the background by the error or retry service.
[Feature 20061209] Improved worst-case (new) queue manager performance
when delivering multi-recipient mail. The queue manager now proactively
reads recipients from the queue file, instead of waiting for the
slowest deliveries to complete before reading in new recipients.
This introduces two parameters: default_recipient_refill_limit (how
many recipient slots to refill at a time) and
default_recipient_refill_delay (how long to wait between refill
operations). These two parameters act as defaults for optional
per-transport settings.
Major changes - delivery status notifications
---------------------------------------------
[Incompat 20061209] Small changes were made to the default bounce
message templates, to prevent HTML-aware software from hiding or
removing the text "<postmaster>", and producing misleading text.
[Incompat 20060806] Postfix no longer announces its name in delivery
status notifications. Users believe that Wietse provides a free
help desk service that solves all their email problems.
Major changes - ETRN support
----------------------------
[Feature 20061217] More precise queue flushing with the ETRN,
"postqueue -s site", and "sendmail -qRsite" commands, after
minimization of race conditions. New per-queue-file flushing with
"postqueue -i queueid" and "sendmail -qIqueueid".
Major changes - small office/home office support
------------------------------------------------
[Incompat 20061217] Postfix no longer requires a domain name. It
uses "localdomain" as the default Internet domain name when no
domain is specified via main.cf or via the machine's hostname.
Major changes - SMTP access control
-----------------------------------
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
client certificate verification. The reason is that the certification
verification status itself is not available in the policy request.
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
fingerprint information even when the certificate itself was not
verified.
[Incompat 20061214] The remote SMTP client TLS certificate fingerprint
can be used for
access control even when the certificate itself was not verified.
[Incompat 20061209] The Postfix installation procedure no longer
updates main.cf with "unknown_local_recipient_reject_code = 450".
Four years after the introduction of mandatory recipient validation,
this transitional tool is no longer neeed.
Major changes - workarounds
---------------------------
[Incompat 20070222] As a safety measure, Postfix now by default
creates mailbox dotlock files on all systems. This prevents problems
with GNU POP3D which subverts kernel locking by creating a new
mailbox file and deleting the old one.
[Feature 20061209] Better interoperability with non-conforming SMTP
servers that reply and disconnect before Postfix has sent the
complete message content.
[Feature 20061209] Better support for queue file systems on file
servers with drifting clocks. Clock skew can be a problem, because
Postfix does not deliver mail until the local clock catches up with
the queue file's last modification time stamp. On systems with
usable futimes() or equivalent (Solaris, *BSD, MacOS, but not Linux),
Postfix now always explicitly sets the queue file last modification
time stamps while creating a queue file. On systems without usable
futimes() (Linux, and ancient versions of Solaris, SunOS and *BSD)
Postfix keeps using the slower utime() system call to update queue
file time stamps when the file system clock is off with respect to
the local system clock, and logs a warning.
[Feature 20061006] Individual CISCO PIX bug workarounds are now
on/off configurable. This introduces new parameters: smtp_pix_workarounds
(default: disable_esmtp, delay_dotcrlf) and smtp_pix_workaround_maps
(workarounds indexed by server IP address). The default settings
are backwards compatible.
[Incompat 20070422] [Incompat 20070422] When the pipe(8) delivery
agent is configured to create the optional Delivered-To: header,
it now first checks if that same header is already present in the
message. If so, the message is returned as undeliverable. This test
should have been included with Postfix 2.0 when Delivered-To: support
was added to the pipe(8) delivery agent.

25
gnu/dist/postfix/TLS_TODO vendored
View File

@ -1,25 +0,0 @@
This list does not really follow priority.
* Implement support of CRL checking. OpenSSL 0.9.7 finally supports CRLs,
so Postfix/TLS should support loading CRLs.
* Cleanup the "pfixtls" special logging, so that it fits Wietses original
"per site" decision to make debugging easier.
* Move TLS based information from separate lines into Postfix's smtpd
logging lines to make logfile analysis easier.
* Check the "info_callback" for sensitive use. I already had to remove the
"warning alert" issued on normal shutdown. Why is a warning issued for
a normal shutdown??
* Introduce new tls_per_client table to achieve the same selective behaviour
for incoming connections.
* Introduce better support for "opportunistic" encryption: collect information
about peers connecting; log warnings when the key changed etc.
[I am not sure that I already have the best answers available.]
* Find a way to use the certificates themselves instead of the fingerprints
to allow certificate based relaying. The maintenance of the fingerprints
is a nightmare.

46
gnu/dist/postfix/auxiliary/MacOSX/Postfix.StartupItem/Postfix vendored
View File

@ -1,46 +0,0 @@
#!/bin/sh
# Gerben Wierda, Oct 2001. Adapted from an existing example. I waive every
# copyright on this and I also do not give any warranty.
# Updated Sepember 29, 2002
# To work properly, the POSTFIX variable needs to be set to -YES-
# in /etc/hostconfig
. /etc/rc.common
if [ "${POSTFIX:=-NO-}" = "-YES-" -a "${MAILSERVER:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Cannot run concurrent postfix and sendmail"
sleep 2
exit
fi
##
# Start mail server
##
if [ "$1" == "start" ]
then
if [ "${POSTFIX:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Starting Postfix mail services"
/usr/sbin/postfix start
fi
elif [ "$1" == "stop" ]
then
ConsoleMessage "Stopping Postfix mail services"
/usr/sbin/postfix stop
elif [ "$1" == "restart" ]
then
if [ "${POSTFIX:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Reloading Postfix configuration"
/usr/sbin/postfix reload
else
ConsoleMessage "Stopping Postfix mail services"
/usr/sbin/postfix stop
fi
fi

13
gnu/dist/postfix/auxiliary/MacOSX/Postfix.StartupItem/StartupParameters.plist vendored
View File

@ -1,13 +0,0 @@
{
Description = "Postfix mail server";
Provides = ("SMTP");
Requires = ("Resolver");
Uses = ("Network Time", "NFS");
Preference = "None";
Messages =
{
start = "Starting Postfix";
stop = "Stopping Postfix";
restart = "Reloading Postfix Configuration";
};
}

74
gnu/dist/postfix/auxiliary/MacOSX/README-INSTALL.OSX vendored
View File

@ -1,74 +0,0 @@
# Adapted from an existing example by Gerben Wierda, Oct 2001. I waive every
# copyright on this and I also do not give any warranty.
Let's start with the important warning:
DO NOT USE THE MULTIPLE USERS APPLICATION TO CREATE THE POSTFIX USER!
NOTE: Mac OS X as of version 10.3 comes with Postfix as the standard mailer
and it is supported in Server Admin on Mac OS X 10.3 Server . The instructions
below therefore only apply for Mac OS X 10.2.8.
NOTE: As of 29 September 2002, these instructions and the scripts have changed
to make the solution more robust for Apple updates.
Run the commands below in the order that they are presented
A. INSTALLING POSTFIX for the first time and selecting it as the active
Mail Transfer Agent (MTA):
# All these commands are written to be run from this directory.
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
# Prepare for reactivating sendmail
sudo ./backup-sendmail-binaries
# this creates the necessary users & groups for proper operation
# of postfix:
sudo ./niscript
# Install postfix:
# When the script asks you for setgid (the default will be no) tell it
# maildrop
(cd ../..; sudo make install)
# Prepare for reactivating postfix
sudo ./backup-postfix-binaries
# edit /etc/postfix/main.cf to suit your requirements
### add your own commands here ###
# Activate postfix startup at boot time. Deactivates sendmail.
sudo ./activate-postfix
# Test. Read INSTALL for a series of suggested tests.
B. DEACTIVATING POSTFIX
# Deactivate postfix startup at boot time
sudo ./deactivate-postfix
C. RESTORING Sendmail as the MTA when Postfix is the active MTA
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
# Deactivate postfix startup at boot time
sudo ./deactivate-postfix
sudo ./activate-sendmail
# Restart your computer
D. RESTORING postfix as the MTA when Sendmail is the active MTA
# NOTE: The first time you activate postfix you have to follow
# the steps of A.
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
sudo ./activate-postfix

43
gnu/dist/postfix/auxiliary/MacOSX/activate-postfix vendored
View File

@ -1,43 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
# Activate binaries
if [ ! -e ${POSTFIXBACKUPDIR}/sendmail ]
then
echo "Something is wrong: there is no existing postfix binary backup"
exit 1;
else
echo "Restoring postfix versions of sendmail programs from backup..."
(cd ${POSTFIXBACKUPDIR}; tar cf - sendmail) | (cd /usr/sbin; tar xf -)
(cd ${POSTFIXBACKUPDIR}; tar cf - newaliases) | (cd /usr/bin; tar xf -)
(cd ${POSTFIXBACKUPDIR}; tar cf - mailq) | (cd /usr/bin; tar xf -)
fi
if [ -e "${PSI}" ]
then
echo "Postfix StartupItem already exists."
else
if [ -e "${PSIDISABLED}" ]
then
echo "Reinstating disabled Postfix StartupItem..."
mv "${PSIDISABLED}" "${PSI}"
else
echo "Installing new default Postfix StartupItem..."
cp -R Postfix.StartupItem "${PSI}"
fi
fi
# De-activate sendmail in /etc/hostconfig
/usr/bin/perl -pi -e 's/MAILSERVER=-YES-/MAILSERVER=-NO-/g' /etc/hostconfig
# Activate postfix in /etc/hostconfig
if /usr/bin/grep '^POSTFIX=-NO-' /etc/hostconfig >/dev/null 2>&1; then
/usr/bin/perl -pi -e 's/POSTFIX=-NO-/POSTFIX=-YES-/g' /etc/hostconfig
else
echo "POSTFIX=-YES-" >>/etc/hostconfig
fi
/usr/sbin/postfix start

24
gnu/dist/postfix/auxiliary/MacOSX/activate-sendmail vendored
View File

@ -1,24 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
. ./deactivate-postfix
# Activate binaries
if [ ! -e ${SENDMAILBACKUPDIR}/sendmail ]
then
echo "Something is wrong: there is no existing sendmail binary backup"
exit 1;
else
echo "Restoring sendmail versions of sendmail programs from backup..."
(cd ${SENDMAILBACKUPDIR}; tar cf - sendmail) | (cd /usr/sbin; tar xf -)
(cd ${SENDMAILBACKUPDIR}; tar cf - newaliases) | (cd /usr/bin; tar xf -)
(cd ${SENDMAILBACKUPDIR}; tar cf - mailq) | (cd /usr/bin; tar xf -)
fi
# Activate sendmail in /etc/hostconfig
/usr/bin/perl -pi -e 's/MAILSERVER=-NO-/MAILSERVER=-YES-/g' /etc/hostconfig

20
gnu/dist/postfix/auxiliary/MacOSX/backup-postfix-binaries vendored
View File

@ -1,20 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
# We use tar, as we do not know beforehand if we are dealing with real
# files or symbolic links. Since we use tar, we cannot change filenames
# we need to create a directory to hold our backup binaries.
. ./defines
if [ ! -d ${POSTFIXBACKUPDIR} ]
then
mkdir -p ${POSTFIXBACKUPDIR}
fi
(cd /usr/sbin; tar cf - sendmail) | (cd ${POSTFIXBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - newaliases) | (cd ${POSTFIXBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - mailq) | (cd ${POSTFIXBACKUPDIR}; tar xf -)

20
gnu/dist/postfix/auxiliary/MacOSX/backup-sendmail-binaries vendored
View File

@ -1,20 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
# We use tar, as we do not know beforehand if we are dealing with real
# files or symbolic links. Since we use tar, we cannot change filenames
# we need to create a directory to hold our backup binaries.
. ./defines
if [ ! -d ${SENDMAILBACKUPDIR} ]
then
mkdir -p ${SENDMAILBACKUPDIR}
fi
(cd /usr/sbin; tar cf - sendmail) | (cd ${SENDMAILBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - newaliases) | (cd ${SENDMAILBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - mailq) | (cd ${SENDMAILBACKUPDIR}; tar xf -)

16
gnu/dist/postfix/auxiliary/MacOSX/deactivate-postfix vendored
View File

@ -1,16 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Sep 2002. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
if [ -e "${PSI}" ]
then
mv "${PSI}" "${PSIDISABLED}"
fi
# De-activate postfix in /etc/hostconfig
/usr/bin/perl -pi -e 's/POSTFIX=-YES-/POSTFIX=-NO-/g' /etc/hostconfig
/usr/sbin/postfix stop >/dev/null 2>&1

12
gnu/dist/postfix/auxiliary/MacOSX/defines vendored
View File

@ -1,12 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
SIDIR="/Library/StartupItems"
PSI="${SIDIR}/Postfix"
PSIDISABLED="${PSI}.disabled"
POSTFIXBACKUPDIR=/usr/sbin/.postfixbackup
SENDMAILBACKUPDIR=/usr/sbin/.sendmailbackup

164
gnu/dist/postfix/auxiliary/MacOSX/niscript vendored
View File

@ -1,164 +0,0 @@
#!/usr/bin/perl
# niscript.pl by Gerben Wierda <gerben_wierda@rna.nl>
# This little script is an adaptation of the original niscript sh script by
# Joe Block <jpb@creol.ucf.edu>
# instead of using fixed uid/gid and thus not robust if you run it on a
# system where groups and/or users have been added, this script checks
# if the users/groups are there and if not creates them with free id's.
# 17 Jul 2002 GW: Fixed two bugs
# 1. Typo in createuser would always have uid 88 for postfix
# 2. Add to netinfo domain . instead of / so that it also works on systems
# where the / domain is actually network-wide (not very useful to add
# a postfix user to all systems in that netinfo domain...)
print <<_WARNING
This script massages your netinfo database. This can severely break
your system. If your netinfo database breaks, you get to keep the parts.
No Warranty. Really.
This script tries to create two groups (if they do not already exist):
- postfix
- maildrop
and tries to create a user (if it does not already exist)
- postfix
which is member of group postfix.
_WARNING
;
# The script starts to look at id 88 (both for user and group) and up to 65535
# It dies if no free id is found.
my $postfixgid = undef;
my $maildropgid = undef;
my $postfixuid = undef;
# First create
my @groups = readgroups();
foreach $group (@groups) {
(my $groupname, undef, my $gid, undef) = split( ':', $group);
if ($groupname eq 'postfix') {
warn "You already have a postfix group (with gid $gid)\n";
$postfixgid = $gid;
}
if ($groupname eq 'maildrop') {
warn "You already have a maildrop group (with gid $gid)\n";
$maildropgid = $gid;
}
}
if (not defined $postfixgid) {
$postfixgid = creategroup( 'postfix');
}
if (not defined $maildropgid) {
$maildropgid = creategroup( 'maildrop');
}
my @users = readusers();
foreach $user (@users) {
(my $username, undef, my $uid, undef) = split( ':', $user);
if ($username eq 'postfix') {
warn "You already have a postfix user (with uid $uid)\n";
$postfixuid = $uid;
}
}
if (not defined $postfixuid) {
$postfixuid = createuser( 'postfix', '"Postfix User"',
'/usr/bin/false', '/etc/postfix',
$postfixgid);
addusertogroup( 'postfix', 'postfix');
}
warn "\n";
sub creategroup
{
my $name = shift;
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
my $tryno;
NEXTNO: for ($tryno = 88; $tryno <= 65535; $tryno++) {
foreach my $group (@groups) {
(my $groupname, undef, my $gid, undef) =
split( ':', $group);
next NEXTNO if $gid == $tryno;
}
last NEXTNO;
}
die "Cannot find free gid\n" if $tryno == 65536;
warn "Will create $name as gid $tryno\n";
system "niutil -create . /groups/$name";
system "niutil -createprop . /groups/$name name $name";
system "niutil -createprop . /groups/$name gid $tryno";
system "niutil -createprop . /groups/$name passwd '*'";
return $tryno;
}
sub addusertogroup
{
my $user = shift;
my $group = shift;
system "niutil -appendprop . /groups/$group users $user";
}
sub readgroups
{
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
return @groups;
}
sub readusers
{
my @passwd;
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
@passwd=<NIDUMP>;
close( NIDUMP);
return @passwd;
}
sub createuser
{
my $name = shift;
my $realname = shift;
my $shell = shift;
my $home = shift;
my $gid = shift;
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
my @passwds=<NIDUMP>;
close( NIDUMP);
my $tryno;
NEXTNO: for ($tryno = 88; $tryno <= 65535; $tryno++) {
foreach my $passwd (@passwds) {
(my $passwdname, undef, my $uid, undef) =
split( ':', $passwd);
next NEXTNO if $uid == $tryno;
}
last NEXTNO;
}
die "Cannot find free uid\n" if $tryno == 65536;
warn "Will create $name as uid $tryno\n";
system "niutil -create . /users/$name";
system "niutil -createprop . /users/$name realname $realname";
system "niutil -createprop . /users/$name shell $shell";
system "niutil -createprop . /users/$name uid $tryno";
system "niutil -createprop . /users/$name gid $gid";
system "niutil -createprop . /users/$name home $home";
system "niutil -createprop . /users/$name _shadow_passwd";
system "niutil -createprop . /users/$name passwd '*'";
return $tryno;
}

8
gnu/dist/postfix/auxiliary/MacOSX/repair-oldsetup vendored
View File

@ -1,8 +0,0 @@
#!/bin/sh
if [ -d /System/Library/DisabledStartupItems/Sendmail ]
then
mv /System/Library/DisabledStartupItems/Sendmail /System/Library/StartupItems
rmdir /System/Library/DisabledStartupItems/Sendmail
rm -rf /System/Library/StartupItems/Postfix
fi

328
gnu/dist/postfix/auxiliary/qshape/qshape.pl vendored
View File

@ -1,328 +0,0 @@
#! /usr/bin/perl -w
# To view the formatted manual page of this file, type:
# POSTFIXSOURCE/mantools/srctoman - qshape | nroff -man
#++
# NAME
# qshape 1
# SUMMARY
# Print Postfix queue domain and age distribution
# SYNOPSIS
# .fi
# \fBqshape\fR [\fB-s\fR] [\fB-p\fR] [\fB-m \fImin_subdomains\fR]
# [\fB-b \fIbucket_count\fR] [\fB-t \fIbucket_time\fR]
# [\fB-l\fR] [\fB-w \fIterminal_width\fR]
# [\fB-c \fIconfig_directory\fR] [\fIqueue_name\fR ...]
# DESCRIPTION
# The \fBqshape\fR program helps the administrator understand the
# Postfix queue message distribution in time and by sender domain
# or recipient domain. The program needs read access to the queue
# directories and queue files, so it must run as the superuser or
# the \fBmail_owner\fR specified in \fImain.cf\fR (typically
# \fBpostfix\fR).
#
# Options:
# .IP \fB-s\fR
# Display the sender domain distribution instead of the recipient
# domain distribution. By default the recipient distribution is
# displayed. There can be more recipients than messages, but as
# each message has only one sender, the sender distribution is a
# message distribution.
# .IP \fB-p\fR
# Generate aggregate statistics for parent domains. Top level domains
# are not shown, nor are domains with fewer than \fImin_subdomains\fR
# subdomains. The names of parent domains are shown with a leading dot,
# (e.g. \fI.example.com\fR).
# .IP "\fB-m \fImin_subdomains\fR"
# When used with the \fB-p\fR option, sets the minimum subdomain count
# needed to show a separate line for a parent domain. The default is 5.
# .IP "\fB-b \fIbucket_count\fR"
# The age distribution is broken up into a sequence of geometrically
# increasing intervals. This option sets the number of intervals
# or "buckets". Each bucket has a maximum queue age that is twice
# as large as that of the previous bucket. The last bucket has no
# age limit.
# .IP "\fB-t \fIbucket_time\fR"
# The age limit in minutes for the first time bucket. The default
# value is 5, meaning that the first bucket counts messages between
# 0 and 5 minutes old.
# .IP "\fB-l\fR"
# Instead of using a geometric age sequence, use a linear age sequence,
# in other words simple multiples of \fBbucket_time\fR.
#
# This feature is available in Postfix 2.2 and later.
# .IP "\fB-w \fIterminal_width\fR"
# The output is right justified, with the counts for the last
# bucket shown on the 80th column, the \fIterminal_width\fR can be
# adjusted for wider screens allowing more buckets to be displayed
# without truncating the domain names on the left. When a row for a
# full domain name and its counters does not fit in the specified
# number of columns, only the last 17 bytes of the domain name
# are shown with the prefix replaced by a '+' character. Truncated
# parent domain rows are shown as '.+' followed by the last 16 bytes
# of the domain name. If this is still too narrow to show the domain
# name and all the counters, the terminal_width limit is violated.
# .IP "\fB-c \fIconfig_directory\fR"
# The \fBmain.cf\fR configuration file is in the named directory
# instead of the default configuration directory.
# .PP
# Arguments:
# .IP \fIqueue_name\fR
# By default \fBqshape\fR displays the combined distribution of
# the incoming and active queues. To display a different set of
# queues, just list their directory names on the command line.
# Absolute paths are used as is, other paths are taken relative
# to the \fImain.cf\fR \fBqueue_directory\fR parameter setting.
# While \fImain.cf\fR supports the use of \fI$variable\fR expansion
# in the definition of the \fBqueue_directory\fR parameter, the
# \fBqshape\fR program does not. If you must use variable expansions
# in the \fBqueue_directory\fR setting, you must specify an explicit
# absolute path for each queue subdirectory even if you want the
# default incoming and active queue distribution.
# SEE ALSO
# mailq(1), List all messages in the queue.
# QSHAPE_README Examples and background material.
# FILES
# $config_directory/main.cf, Postfix installation parameters.
# $queue_directory/maildrop/, local submission directory.
# $queue_directory/incoming/, new message queue.
# $queue_directory/hold/, messages waiting for tech support.
# $queue_directory/active/, messages scheduled for delivery.
# $queue_directory/deferred/, messages postponed for later delivery.
# LICENSE
# .ad
# .fi
# The Secure Mailer license must be distributed with this software.
# AUTHOR(S)
# Victor Duchovni
# Morgan Stanley
#--
use strict;
use IO::File;
use File::Find;
use Getopt::Std;
my %opts; # Command line switches
my %q; # domain counts for queues and buckets
my %sub; # subdomain counts for parent domains
my $now = time; # reference time
my $bnum = 10; # deferred queue bucket count
my $width = 80; # screen char width
my $dwidth = 18; # min width of domain field
my $tick = 5; # minutes
my $minsub = 5; # Show parent domains with at least $minsub subdomains
my @qlist = qw(incoming active);
do {
local $SIG{__WARN__} = sub {
warn "$0: $_[0]" unless exists($opts{"h"});
die "Usage: $0 [ -s ] [ -p ] [ -m <min_subdomains> ] [ -l ]\n".
"\t[ -b <bucket_count> ] [ -t <bucket_time> ] [ -w <terminal_width> ]\n".
"\t[ -c <config_directory> ] [ <queue_name> ... ]\n".
"The 's' option shows sender domain counts.\n".
"The 'p' option shows address counts by for parent domains.\n".
"Parent domains are shown with a leading '.' before the domain name.\n".
"Parent domains are only shown if the the domain is not a TLD, and at\n".
"least <min_subdomains> (default 5) subdomains are shown in the output.\n\n".
"The bucket age ranges in units of <bucket_time> minutes are\n".
"[0,1), [1,2), [2,4), [4,8), [8, 16), ... i.e.:\n".
"\tthe first bucket is [0, bucket_time) minutes\n".
"\tthe second bucket is [bucket_time, 2*bucket_time) minutes\n".
"\tthe third bucket is [2*bucket_time, 4*bucket_time) minutes...\n".
"'-l' makes the ages linear, the number of buckets shown is <bucket_count>\n\n".
"The default summary is for the incoming and active queues. An explicit\n".
"list of queue names can be given on the command line. Non-absolute queue\n".
"names are interpreted relative to the Postfix queue directory. Use\n".
"<config_directory> to specify a non-default Postfix instance. Values of\n".
"the main.cf queue_directory parameter that use variable expansions are\n".
"not supported. If necessary, use explicit absolute paths for all queues.\n";
};
getopts("lhc:psw:b:t:m:", \%opts);
warn "Help message" if (exists $opts{"h"});
@qlist = @ARGV if (@ARGV > 0);
# The -c option specifies the configuration directory,
# it is not used if all queue names are absolute.
#
foreach (@qlist) {
next if (m{^/});
$ENV{q{MAIL_CONFIG}} = $opts{"c"} if (exists $opts{"c"});
chomp(my $qdir = qx{postconf -h queue_directory});
die "$0: postconf failed\n" if ($? != 0);
warn "'queue_directory' variable expansion not supported: $qdir\n"
if ($qdir =~ /\$/);
chdir($qdir) or die "$0: chdir($qdir): $!\n";
last;
}
};
$width = $opts{"w"} if (exists $opts{"w"} && $opts{"w"} > 80);
$bnum = $opts{"b"} if (exists $opts{"b"} && $opts{"b"} > 0);
$tick = $opts{"t"} if (exists $opts{"t"} && $opts{"t"} > 0);
$minsub = $opts{"m"} if (exists $opts{"m"} && $opts{"m"} > 0);
sub rec_get {
my ($h) = @_;
my $r = getc($h) || return;
my $l = 0;
my $shift = 0;
while (defined(my $lb = getc($h))) {
my $o = ord($lb);
$l |= ($o & 0x7f) << $shift ;
last if (($o & 0x80) == 0);
$shift += 7;
return if ($shift > 14); # XXX: max rec len of 2097151
}
my $d = "";
return unless ($l == 0 || read($h,$d,$l) == $l);
($r, $l, $d);
}
sub qenv {
my ($qfile) = @_;
return unless $qfile =~ m{(^|/)[A-F0-9]{6,}$};
my @st = lstat($qfile);
return unless (@st > 0 && -f _ && (($st[2] & 0733) == 0700));
my $h = new IO::File($qfile, "r") || return;
my ($t, $s, @r, $dlen);
my ($r, $l, $d) = rec_get($h);
if ($r eq "C") {
# XXX: Sanity check, the first record type is REC_TYPE_SIZE (C)
# if the file is proper queue file written by "cleanup", in
# this case the second record is always REC_TYPE_TIME.
#
$dlen = $1 if ($d =~ /^\s*(\d+)\s+\d+\s+\d+/);
($r, $l, $d) = rec_get($h);
return unless (defined $r && $r eq "T");
$t = $d;
} elsif ($r eq "S" || $r eq "F") {
# For embryonic queue files in the "maildrop" directory the first
# record is either a REC_TYPE_FULL (F) followed by REC_TYPE_FROM
# or an immediate REC_TYPE_FROM (S). In either case there is no
# REC_TYPE_TIME and we get the timestamp via lstat().
#
$t = $st[9];
if ($r ne "S") {
($r, $l, $d) = rec_get($h);
return unless (defined $r && $r eq "S");
}
$s = $d;
} else {
# XXX: Not a valid queue file!
#
return undef;
}
while (my ($r, $l, $d) = rec_get($h)) {
if ($r eq "R") { push(@r, $d); }
elsif ($r eq "S") { $s = $d; }
elsif ($r eq "M") {
last unless (defined($s));
if (defined($dlen)) {
seek($h, $dlen, 1);
($r, $l, $d) = rec_get($h);
} else {
1 while ((($r, $l, $d) = rec_get($h)) && ($r =~ /^[NL]$/));
}
return unless (defined($r) && $r eq "X");
}
elsif ($r eq "E") {
last unless (defined($t) && defined($s) && @r);
return ($t, $s, @r);
}
}
return ();
}
# bucket 0 is the total over all the buckets.
# buckets 1 to $bnum contain the age breakdown.
#
sub bucket {
my ($qt, $now) = @_;
my $m = ($now - $qt) / (60 * $tick);
return 1 if ($m < 1);
my $b = $opts{"l"} ? int($m+1) : 2 + int(log($m) / log(2));
$b < $bnum ? $b : $bnum;
}
# Collate by age of message in the selected queues.
#
sub wanted {
if (my ($t, $s, @r) = qenv($_)) {
my $b = bucket($t, $now);
foreach my $a (map {lc($_)} ($opts{"s"} ? ($s) : @r)) {
++$q{"TOTAL"}->[0];
++$q{"TOTAL"}->[$b];
$a = "MAILER-DAEMON" if ($a eq "");
$a =~ s/.*\@//;
$a =~ s/\.\././g;
$a =~ s/\.?(.+?)\.?$/$1/;
my $new = 0;
do {
my $old = (++$q{$a}->[0] > 1);
++$q{$a}->[$b];
++$sub{$a} if ($new);
$new = ! $old;
} while ($opts{"p"} && $a =~ s/^(?:\.)?[^.]+\.(.*\.)/.$1/);
}
}
}
find(\&wanted, @qlist);
my @heads;
my $fmt = "";
my $dw = $width;
for (my $i = 0, my $t = 0; $i <= $bnum; ) {
$q{"TOTAL"}->[$i] ||= 0;
my $l = length($q{"TOTAL"}->[$i]);
my $h = ($i == 0) ? "T" : $t;
$l = length($h) if (length($h) >= $l);
$l = ($l > 2) ? $l + 1 : 3;
push(@heads, $h);
$fmt .= sprintf "%%%ds", $l;
$dw -= $l;
if (++$i < $bnum) { $t += ($t && !$opts{"l"}) ? $t : $tick; } else { $t = "$t+"; }
}
$dw = $dwidth if ($dw < $dwidth);
sub pdomain {
my ($d, @count) = @_;
foreach ((0 .. $bnum)) { $count[$_] ||= 0; }
my $len = length($d);
if ($len > $dw) {
if (substr($d, 0, 1) eq ".") {
print ".+",substr($d, $len-$dw+2, $dw-2);
} else {
print "+",substr($d, $len-$dw+1, $dw-1);
}
} else {
print (" " x ($dw - $len), $d);
}
printf "$fmt\n", @count;
}
# Print headings
#
pdomain("", @heads);
# Show per-domain totals
#
foreach my $d (sort { $q{$b}->[0] <=> $q{$a}->[0] ||
length($a) <=> length($b) } keys %q) {
# Skip parent domains with < $minsub subdomains.
#
next if ($d =~ /^\./ && $sub{$d} < $minsub);
pdomain($d, @{$q{$d}});
}

13
gnu/dist/postfix/auxiliary/rmail/rmail vendored
View File

@ -1,13 +0,0 @@
#!/bin/sh
# Dummy UUCP rmail command for postfix/qmail systems
SENDMAIL="/usr/sbin/sendmail"
IFS=" " read junk from junk junk junk junk junk junk junk relay
case "$from" in
*[@!]*) ;;
*) from="$from@$relay";;
esac
exec $SENDMAIL -i -f "$from" -- "$@"

10
gnu/dist/postfix/conf/main.cf vendored
View File

@ -1,4 +1,4 @@
# $NetBSD: main.cf,v 1.14 2006/07/19 01:35:39 rpaulo Exp $
# $NetBSD: main.cf,v 1.15 2008/06/22 14:38:41 christos Exp $
#
# Global Postfix configuration file. This file lists only a subset
# of all parameters. For the syntax, and for a complete parameter
@ -43,6 +43,12 @@ command_directory = /usr/sbin
#
daemon_directory = /usr/libexec/postfix
# The data_directory parameter specifies the location of Postfix-writable
# data files (caches, random numbers). This directory must be owned
# by the mail_owner account (see below).
#
data_directory = /var/lib/postfix
# QUEUE AND PROCESS OWNERSHIP
#
# The mail_owner parameter specifies the owner of the Postfix queue
@ -591,7 +597,7 @@ debug_peer_level = 2
#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
ddd $daemon_directory/$process_name $process_id & sleep 5
# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration

13
gnu/dist/postfix/conf/master.cf vendored
View File

@ -1,22 +1,26 @@
# $NetBSD: master.cf,v 1.15 2007/05/19 17:49:39 heas Exp $
# $NetBSD: master.cf,v 1.16 2008/06/22 14:38:41 christos Exp $
#
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
#smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
@ -30,10 +34,11 @@ trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
@ -43,7 +48,7 @@ local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual

45
gnu/dist/postfix/conf/post-install vendored
View File

@ -1,4 +1,5 @@
# $NetBSD: post-install,v 1.13 2007/05/19 17:49:39 heas Exp $
#!/bin/sh
# $NetBSD: post-install,v 1.14 2008/06/22 14:38:41 christos Exp $
#
# To view the formatted manual page of this file, type:
@ -142,6 +143,8 @@
# directory should be in the command search path of adminstrative users.
# .IP queue_directory
# The directory for Postfix queues.
# .IP data_directory
# The directory for Postfix writable data files (caches, etc.).
# .IP sendmail_path
# The full pathname for the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
@ -165,6 +168,7 @@
# The directory for the Postfix on-line manual pages.
# .IP sample_directory
# The directory for the Postfix sample configuration files.
# This feature is obsolete as of Postfix 2.1.
# .IP readme_directory
# The directory for the Postfix README files.
# SEE ALSO
@ -191,6 +195,10 @@ SHELL=/bin/sh
IFS="
"
BACKUP_IFS="$IFS"
MOST_PARAMETERS="command_directory daemon_directory data_directory
html_directory mail_owner mailq_path manpage_directory
newaliases_path queue_directory readme_directory sample_directory
sendmail_path setgid_group"
USAGE="Usage: $0 [name=value] command
create-missing Create missing queue directories.
@ -303,9 +311,7 @@ grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
# Extract parameter settings from the installed main.cf file.
test -f $config_directory/main.cf && {
for name in daemon_directory command_directory queue_directory mail_owner \
setgid_group sendmail_path newaliases_path mailq_path \
html_directory manpage_directory sample_directory readme_directory
for name in $MOST_PARAMETERS
do
eval junk=\$$name
case "$junk" in
@ -349,9 +355,7 @@ done
# via environment, or via installed configuration files.
missing=
for name in daemon_directory command_directory queue_directory mail_owner \
setgid_group sendmail_path newaliases_path mailq_path manpage_directory \
readme_directory html_directory
for name in $MOST_PARAMETERS
do
eval test -n \"\$$name\" || missing="$missing $name"
done
@ -384,9 +388,7 @@ POSTCONF="$command_directory/postconf"
# Save settings, allowing command line/environment override.
override=
for name in daemon_directory command_directory queue_directory mail_owner \
setgid_group sendmail_path newaliases_path mailq_path manpage_directory \
sample_directory readme_directory html_directory
for name in $MOST_PARAMETERS
do
eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
override=1
@ -399,6 +401,7 @@ test -n "$override" && {
"daemon_directory = $daemon_directory" \
"command_directory = $command_directory" \
"queue_directory = $queue_directory" \
"data_directory = $data_directory" \
"mail_owner = $mail_owner" \
"setgid_group = $setgid_group" \
"sendmail_path = $sendmail_path" \
@ -660,6 +663,28 @@ retry unix - - n - - error
EOF
}
# Add missing proxywrite service to master.cf.
grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for proxywrite service
cat >>$config_directory/master.cf <<EOF || exit 1
proxywrite unix - - n - 1 proxymap
EOF
}
# Fix a typo in the default master.cf proxywrite entry.
grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && {
echo Editing $config_directory/master.cf, setting proxywrite process limit to 1
ed $config_directory/master.cf <<EOF || exit 1
/^proxywrite.*-[ ]*proxymap/
s/-\([ ]*proxymap\)/1\1/
p
w
q
EOF
}
# Report (but do not remove) obsolete files.
test -n "$obsolete" && {

21
gnu/dist/postfix/conf/postfix-files vendored
View File

@ -1,4 +1,4 @@
# $NetBSD: postfix-files,v 1.10 2007/05/19 17:49:39 heas Exp $
# $NetBSD: postfix-files,v 1.11 2008/06/22 14:38:41 christos Exp $
#
# Commented out entries mean files not installed under NetBSD.
#
@ -45,6 +45,7 @@
# permissions, so that running "make install" fixes any glitches.
#
$config_directory:d:root:-:755:u
$data_directory:d:$mail_owner:-:700:u
$daemon_directory:d:root:-:755:u
$queue_directory:d:root:-:755:uc
$sample_directory:d:root:-:755:o
@ -194,10 +195,10 @@ $manpage_directory/man8/verify.8:f:root:-:644
$manpage_directory/man8/virtual.8:f:root:-:644
$sample_directory/sample-aliases.cf:f:root:-:644:o
$sample_directory/sample-auth.cf:f:root:-:644:o
$sample_directory/sample-canonical.cf:f:root:-:644:o:o
$sample_directory/sample-canonical.cf:f:root:-:644:o
$sample_directory/sample-compatibility.cf:f:root:-:644:o
$sample_directory/sample-debug.cf:f:root:-:644:o
$sample_directory/sample-filter.cf:f:root:-:644:o:o
$sample_directory/sample-filter.cf:f:root:-:644:o
$sample_directory/sample-flush.cf:f:root:-:644:o
$sample_directory/sample-ipv6.cf:f:root:-:644:o
$sample_directory/sample-ldap.cf:f:root:-:644:o
@ -205,15 +206,15 @@ $sample_directory/sample-lmtp.cf:f:root:-:644:o
$sample_directory/sample-local.cf:f:root:-:644:o
$sample_directory/sample-mime.cf:f:root:-:644:o
$sample_directory/sample-misc.cf:f:root:-:644:o
$sample_directory/sample-pcre-access.cf:f:root:-:644:o:o
$sample_directory/sample-pcre-body.cf:f:root:-:644:o:o
$sample_directory/sample-pcre-header.cf:f:root:-:644:o:o
$sample_directory/sample-pcre-access.cf:f:root:-:644:o
$sample_directory/sample-pcre-body.cf:f:root:-:644:o
$sample_directory/sample-pcre-header.cf:f:root:-:644:o
$sample_directory/sample-pgsql-aliases.cf:f:root:-:644:o
$sample_directory/sample-qmqpd.cf:f:root:-:644:o
$sample_directory/sample-rate.cf:f:root:-:644:o
$sample_directory/sample-regexp-access.cf:f:root:-:644:o:o
$sample_directory/sample-regexp-body.cf:f:root:-:644:o:o
$sample_directory/sample-regexp-header.cf:f:root:-:644:o:o
$sample_directory/sample-regexp-access.cf:f:root:-:644:o
$sample_directory/sample-regexp-body.cf:f:root:-:644:o
$sample_directory/sample-regexp-header.cf:f:root:-:644:o
$sample_directory/sample-relocated.cf:f:root:-:644:o
$sample_directory/sample-resource.cf:f:root:-:644:o
$sample_directory/sample-rewrite.cf:f:root:-:644:o
@ -265,6 +266,7 @@ $readme_directory/SMTPD_ACCESS_README:f:root:-:644
$readme_directory/SMTPD_POLICY_README:f:root:-:644
$readme_directory/SMTPD_PROXY_README:f:root:-:644
$readme_directory/STANDARD_CONFIGURATION_README:f:root:-:644
$readme_directory/STRESS_README:f:root:-:644
$readme_directory/TLS_LEGACY_README:f:root:-:644
$readme_directory/TLS_README:f:root:-:644
$readme_directory/TUNING_README:f:root:-:644
@ -312,6 +314,7 @@ $html_directory/SMTPD_ACCESS_README.html:f:root:-:644
$html_directory/SMTPD_POLICY_README.html:f:root:-:644
$html_directory/SMTPD_PROXY_README.html:f:root:-:644
$html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644
$html_directory/STRESS_README.html:f:root:-:644
$html_directory/TLS_LEGACY_README.html:f:root:-:644
$html_directory/TLS_README.html:f:root:-:644
$html_directory/TUNING_README.html:f:root:-:644

21
gnu/dist/postfix/conf/postfix-script vendored
View File

@ -1,4 +1,5 @@
# $NetBSD: postfix-script,v 1.5 2007/05/19 17:49:39 heas Exp $
#!/bin/sh
# $NetBSD: postfix-script,v 1.6 2008/06/22 14:38:41 christos Exp $
#
#++
@ -179,11 +180,22 @@ check)
exit 0
;;
status)
$daemon_directory/master -t 2>/dev/null && {
$INFO the Postfix mail system is not running
exit 1
}
$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
exit 0
;;
check-fatal)
# This command is NOT part of the public interface.
$SHELL $config_directory/post-install create-missing || {
$WARN unable to create missing queue directories
$FATAL unable to create missing queue directories
exit 1
}
@ -218,6 +230,9 @@ check-warn)
\( -perm -020 -o -perm -002 \) -type f \
-exec $WARN group or other writable: {} \;
find $data_directory/. ! -user $mail_owner \
-exec $WARN not owned by $mail_owner: {} \;
find `ls -d $queue_directory/* | \
egrep '/(incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
! \( -type p -o -type s \) ! -user $mail_owner \
@ -286,7 +301,7 @@ post-install)
*)
$FATAL "usage: postfix start (or stop, reload, abort, flush, check, set-permissions, upgrade-configuration)"
$FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
exit 1
;;

241
gnu/dist/postfix/examples/smtpd-policy/spf.pl vendored
View File

@ -1,241 +0,0 @@
#!/usr/bin/perl
# mengwong@pobox.com
# Wed Dec 10 03:52:04 EST 2003
# postfix-policyd-spf
# version 1.03
# see http://spf.pobox.com/
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
use strict;
# ----------------------------------------------------------
# configuration
# ----------------------------------------------------------
# to use SPF, install Mail::SPF::Query from CPAN or from the SPF website at http://spf.pobox.com/downloads.html
# then uncomment the SPF line.
my @HANDLERS;
push @HANDLERS, "testing";
# push @HANDLERS, "sender_permitted_from"; use Mail::SPF::Query;
my $VERBOSE = 1;
my $DEFAULT_RESPONSE = "DUNNO";
#
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
#
my $syslog_socktype = 'unix'; # inet, unix, stream, console
my $syslog_facility = "mail";
my $syslog_options = "pid";
my $syslog_priority = "info";
my $syslog_ident = "postfix/policy-spf";
# ----------------------------------------------------------
# minimal documentation
# ----------------------------------------------------------
#
# Usage: smtpd-policy.pl [-v]
#
# Demo delegated Postfix SMTPD policy server.
# This server implements SPF.
# Another server implements greylisting.
# Postfix has a pluggable policy server architecture.
# You can call one or both from Postfix.
#
# The SPF handler uses Mail::SPF::Query to do the heavy lifting.
#
# This documentation assumes you have read Postfix's README_FILES/SMTPD_POLICY_README
#
# Logging is sent to syslogd.
#
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script. By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
#
# To run this from /etc/postfix/master.cf:
#
# policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl
#
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
#
# smtpd_recipient_restrictions =
# ...
# reject_unauth_destination
# check_policy_service unix:private/policy
# ...
#
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
#
# To test this script by hand, execute:
#
# % perl smtpd-policy.pl
#
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
#
# request=smtpd_access_policy
# protocol_state=RCPT
# protocol_name=SMTP
# helo_name=some.domain.tld
# queue_id=8045F2AB23
# sender=foo@bar.tld
# recipient=bar@foo.tld
# client_address=1.2.3.4
# client_name=another.domain.tld
# [empty line]
#
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
#
# action=dunno
# [empty line]
#
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_address=208.210.125.227
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_name=newbabe.mengwong.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: helo_name=newbabe.mengwong.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_name=ESMTP
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_state=RCPT
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: queue_id=
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: recipient=mengwong@dumbo.pobox.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: request=smtpd_access_policy
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: sender=mengwong@newbabe.mengwong.com
# ----------------------------------------------------------
# initialization
# ----------------------------------------------------------
#
# Log an error and abort.
#
sub fatal_exit {
syslog(err => "fatal_exit: @_");
syslog(warn => "fatal_exit: @_");
syslog(info => "fatal_exit: @_");
die "fatal: @_";
}
#
# Unbuffer standard output.
#
select((select(STDOUT), $| = 1)[0]);
#
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
#
setlogsock $syslog_socktype;
openlog $syslog_ident, $syslog_options, $syslog_facility;
# ----------------------------------------------------------
# main
# ----------------------------------------------------------
#
# Receive a bunch of attributes, evaluate the policy, send the result.
#
my %attr;
while (<STDIN>) {
chomp;
if (/=/) { my ($k, $v) = split (/=/, $_, 2); $attr{$k} = $v; next }
elsif (length) { syslog(warn=>sprintf("warning: ignoring garbage: %.100s", $_)); next; }
if ($VERBOSE) {
for (sort keys %attr) {
syslog(debug=> "Attribute: %s=%s", $_, $attr{$_});
}
}
fatal_exit ("unrecognized request type: '$attr{request}'") unless $attr{request} eq "smtpd_access_policy";
my $action = $DEFAULT_RESPONSE;
my %responses;
foreach my $handler (@HANDLERS) {
no strict 'refs';
my $response = $handler->(attr=>\%attr);
syslog(debug=> "handler %s: %s", $handler, $response);
if ($response and $response !~ /^dunno/i) {
syslog(info=> "handler %s: %s is decisive.", $handler, $response);
$action = $response; last;
}
}
syslog(info=> "decided action=%s", $action);
print STDOUT "action=$action\n\n";
%attr = ();
}
# ----------------------------------------------------------
# plugin: SPF
# ----------------------------------------------------------
sub sender_permitted_from {
local %_ = @_;
my %attr = %{ $_{attr} };
my $query = new Mail::SPF::Query (ip =>$attr{client_address},
sender=>$attr{sender},
helo =>$attr{helo_name});
my ($result, $smtp_comment, $header_comment) = $query->result();
syslog(info=>"%s: SPF %s: smtp_comment=%s, header_comment=%s",
$attr{queue_id}, $result, $smtp_comment, $header_comment);
if ($result eq "pass") { return "DUNNO"; }
elsif ($result eq "fail") { return "REJECT " . ($smtp_comment || $header_comment); }
elsif ($result eq "error") { return "450 temporary failure: $smtp_comment"; }
else { return "DUNNO"; }
# unknown, softfail, and none all return DUNNO
# TODO XXX: prepend Received-SPF header. Wietse says he will add that functionality soon.
}
# ----------------------------------------------------------
# plugin: testing
# ----------------------------------------------------------
sub testing {
local %_ = @_;
my %attr = %{ $_{attr} };
if (lc address_stripped($attr{sender}) eq
lc address_stripped($attr{recipient})
and
$attr{recipient} =~ /policyblock/) {
syslog(info=>"%s: testing: will block as requested",
$attr{queue_id});
return "REJECT smtpd-policy blocking $attr{recipient}";
}
else {
syslog(info=>"%s: testing: stripped sender=%s, stripped rcpt=%s",
$attr{queue_id},
address_stripped($attr{sender}),
address_stripped($attr{recipient}),
);
}
return "DUNNO";
}
sub address_stripped {
# my $foo = localpart_lhs('foo+bar@baz.com'); # returns 'foo@baz.com'
my $string = shift;
for ($string) {
s/[+-].*\@/\@/;
}
return $string;
}

30
gnu/dist/postfix/makedefs vendored
View File

@ -130,6 +130,8 @@ case "$SYSTEM.$RELEASE" in
;;
FreeBSD.6*) SYSTYPE=FREEBSD6
;;
FreeBSD.7*) SYSTYPE=FREEBSD7
;;
OpenBSD.2*) SYSTYPE=OPENBSD2
;;
OpenBSD.3*) SYSTYPE=OPENBSD3
@ -282,8 +284,34 @@ case "$SYSTEM.$RELEASE" in
case "$RELEASE" in
2.[0-5].*) CCARGS="$CCARGS -DNO_EPOLL";;
esac
# Workaround for retarded libc
case "$RELEASE" in
2.6.*)
trap 'rm -f makedefs.test makedefs.test.o makedefs.test.c' 1 2 3 15
cat >makedefs.test.c <<EOF
#include <sys/types.h>
#include <sys/epoll.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
int epoll_handle;
if ((epoll_handle = epoll_create(1)) < 0) {
perror("epoll_create");
exit(1);
}
exit(0);
}
EOF
${CC-gcc} -o makedefs.test makedefs.test.c || exit 1
./makedefs.test 2>/dev/null || CCARGS="$CCARGS -DNO_EPOLL"
rm -f makedefs.test makedefs.test.o makedefs.test.c;;
esac
;;
GNU.0*|GNU/kFreeBSD.[56]*)
GNU.0*|GNU/kFreeBSD.[567]*)
SYSTYPE=GNU0
# Postfix no longer needs DB 1.85 compatibility
if [ -f /usr/include/db.h ]

283
gnu/dist/postfix/man/Makefile.in.snapshot vendored
View File

@ -1,283 +0,0 @@
SHELL = /bin/sh
# For now, just hard-coded rules for daemons, commands, config files.
DAEMONS = man8/bounce.8 man8/defer.8 man8/cleanup.8 man8/error.8 man8/local.8 \
man8/lmtp.8 man8/master.8 man8/pickup.8 man8/pipe.8 man8/qmgr.8 \
man8/showq.8 man8/smtp.8 man8/smtpd.8 man8/trivial-rewrite.8 \
man8/oqmgr.8 man8/spawn.8 man8/flush.8 man8/virtual.8 man8/qmqpd.8 \
man8/verify.8 man8/trace.8 man8/proxymap.8 man8/anvil.8
COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \
man1/postkick.1 man1/postlock.1 man1/postlog.1 man1/postdrop.1 \
man1/postmap.1 man1/sendmail.1 man1/mailq.1 man1/newaliases.1 \
man1/postqueue.1 man1/postsuper.1
CONFIG = man5/access.5 man5/aliases.5 man5/canonical.5 man5/relocated.5 \
man5/transport.5 man5/virtual.5 man5/pcre_table.5 man5/regexp_table.5 \
man5/cidr_table.5 man5/tcp_table.5 man5/header_checks.5 \
man5/body_checks.5 man5/ldap_table.5 man5/mysql_table.5 \
man5/pgsql_table.5
TOOLS = man1/smtp-sink.1 man1/smtp-source.1 man1/qmqp-sink.1 \
man1/qmqp-source.1 man1/qshape.1
update: $(DAEMONS) $(COMMANDS) $(CONFIG) $(TOOLS)
Makefile: Makefile.in
(set -e; echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../src/makedefs; cat $?) >$@
clean:
rm -f cat?/*
tidy: clean
clobber:
rm -f $(DAEMONS) $(COMMANDS) $(CONFIG)
man8/bounce.8: ../src/bounce/bounce.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/defer.8:
echo .so man8/bounce.8 >$@
man8/cleanup.8: ../src/cleanup/cleanup.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/anvil.8: ../src/anvil/anvil.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/error.8: ../src/error/error.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/flush.8: ../src/flush/flush.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/local.8: ../src/local/local.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/lmtp.8: ../src/lmtp/lmtp.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/master.8: ../src/master/master.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/oqmgr.8: ../src/oqmgr/qmgr.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? | \
sed -e 's/qmgr[^_]/o&/' \
-e 's/qmgr$$/o&/' \
-e 's/QMGR[^_]/O&/' >$@
man8/pickup.8: ../src/pickup/pickup.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/pipe.8: ../src/pipe/pipe.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/proxymap.8: ../src/proxymap/proxymap.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/qmgr.8: ../src/qmgr/qmgr.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/qmqpd.8: ../src/qmqpd/qmqpd.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/showq.8: ../src/showq/showq.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/spawn.8: ../src/spawn/spawn.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/smtp.8: ../src/smtp/smtp.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/smtpd.8: ../src/smtpd/smtpd.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/virtual.8: ../src/virtual/virtual.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/verify.8: ../src/verify/verify.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/trace.8:
echo .so man8/bounce.8 >$@
man8/trivial-rewrite.8: ../src/trivial-rewrite/trivial-rewrite.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postalias.1: ../src/postalias/postalias.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postcat.1: ../src/postcat/postcat.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postconf.1: ../src/postconf/postconf.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postdrop.1: ../src/postdrop/postdrop.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postfix.1: ../src/postfix/postfix.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postkick.1: ../src/postkick/postkick.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postlock.1: ../src/postlock/postlock.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postlog.1: ../src/postlog/postlog.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postmap.1: ../src/postmap/postmap.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postqueue.1: ../src/postqueue/postqueue.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postsuper.1: ../src/postsuper/postsuper.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/sendmail.1: ../src/sendmail/sendmail.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/mailq.1:
echo .so man1/sendmail.1 >$@
man1/newaliases.1:
echo .so man1/sendmail.1 >$@
man5/access.5: ../proto/access
../mantools/srctoman - $? >$@
man5/aliases.5: ../proto/aliases
../mantools/srctoman - $? >$@
man5/canonical.5: ../proto/canonical
../mantools/srctoman - $? >$@
man5/cidr_table.5: ../proto/cidr_table
../mantools/srctoman - $? >$@
man5/header_checks.5: ../proto/header_checks
../mantools/srctoman - $? >$@
man5/body_checks.5: ../proto/header_checks
echo .so man5/header_checks.5 >$@
man5/ldap_table.5: ../proto/ldap_table
../mantools/srctoman - $? >$@
man5/mysql_table.5: ../proto/mysql_table
../mantools/srctoman - $? >$@
man5/pcre_table.5: ../proto/pcre_table
../mantools/srctoman - $? >$@
man5/pgsql_table.5: ../proto/pgsql_table
../mantools/srctoman - $? >$@
man5/regexp_table.5: ../proto/regexp_table
../mantools/srctoman - $? >$@
man5/relocated.5: ../proto/relocated
../mantools/srctoman - $? >$@
man5/transport.5: ../proto/transport
../mantools/srctoman - $? >$@
man5/virtual.5: ../proto/virtual
../mantools/srctoman - $? >$@
man1/smtp-sink.1: ../src/smtpstone/smtp-sink.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/smtp-source.1: ../src/smtpstone/smtp-source.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man5/tcp_table.5: ../proto/tcp_table
../mantools/srctoman - $? >$@
man1/qmqp-sink.1: ../src/smtpstone/qmqp-sink.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/qmqp-source.1: ../src/smtpstone/qmqp-source.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/qshape.1: ../auxiliary/qshape/qshape.pl
#../mantools/fixman ../proto/postconf.proto $? >junk && \
# (cmp -s junk $? || mv junk $?)
../mantools/srctoman - $? >$@

283
gnu/dist/postfix/man/Makefile.in.stable vendored
View File

@ -1,283 +0,0 @@
SHELL = /bin/sh
# For now, just hard-coded rules for daemons, commands, config files.
DAEMONS = man8/bounce.8 man8/defer.8 man8/cleanup.8 man8/error.8 man8/local.8 \
man8/lmtp.8 man8/master.8 man8/pickup.8 man8/pipe.8 man8/qmgr.8 \
man8/showq.8 man8/smtp.8 man8/smtpd.8 man8/trivial-rewrite.8 \
man8/oqmgr.8 man8/spawn.8 man8/flush.8 man8/virtual.8 man8/qmqpd.8 \
man8/verify.8 man8/trace.8 man8/proxymap.8
COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \
man1/postkick.1 man1/postlock.1 man1/postlog.1 man1/postdrop.1 \
man1/postmap.1 man1/sendmail.1 man1/mailq.1 man1/newaliases.1 \
man1/postqueue.1 man1/postsuper.1
CONFIG = man5/access.5 man5/aliases.5 man5/canonical.5 man5/relocated.5 \
man5/transport.5 man5/virtual.5 man5/pcre_table.5 man5/regexp_table.5 \
man5/cidr_table.5 man5/header_checks.5 \
man5/body_checks.5 man5/ldap_table.5 man5/mysql_table.5 \
man5/pgsql_table.5
TOOLS = man1/smtp-sink.1 man1/smtp-source.1 man1/qmqp-sink.1 \
man1/qmqp-source.1 man1/qshape.1
update: $(DAEMONS) $(COMMANDS) $(CONFIG) $(TOOLS)
Makefile: Makefile.in
(set -e; echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../src/makedefs; cat $?) >$@
clean:
rm -f cat?/*
tidy: clean
clobber:
rm -f $(DAEMONS) $(COMMANDS) $(CONFIG)
man8/bounce.8: ../src/bounce/bounce.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/defer.8:
echo .so man8/bounce.8 >$@
man8/cleanup.8: ../src/cleanup/cleanup.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/anvil.8: ../src/anvil/anvil.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/error.8: ../src/error/error.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/flush.8: ../src/flush/flush.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/local.8: ../src/local/local.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/lmtp.8: ../src/lmtp/lmtp.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/master.8: ../src/master/master.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/oqmgr.8: ../src/oqmgr/qmgr.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? | \
sed -e 's/qmgr[^_]/o&/' \
-e 's/qmgr$$/o&/' \
-e 's/QMGR[^_]/O&/' >$@
man8/pickup.8: ../src/pickup/pickup.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/pipe.8: ../src/pipe/pipe.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/proxymap.8: ../src/proxymap/proxymap.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/qmgr.8: ../src/qmgr/qmgr.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/qmqpd.8: ../src/qmqpd/qmqpd.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/showq.8: ../src/showq/showq.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/spawn.8: ../src/spawn/spawn.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/smtp.8: ../src/smtp/smtp.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/smtpd.8: ../src/smtpd/smtpd.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/virtual.8: ../src/virtual/virtual.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/verify.8: ../src/verify/verify.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man8/trace.8:
echo .so man8/bounce.8 >$@
man8/trivial-rewrite.8: ../src/trivial-rewrite/trivial-rewrite.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postalias.1: ../src/postalias/postalias.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postcat.1: ../src/postcat/postcat.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postconf.1: ../src/postconf/postconf.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postdrop.1: ../src/postdrop/postdrop.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postfix.1: ../src/postfix/postfix.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postkick.1: ../src/postkick/postkick.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postlock.1: ../src/postlock/postlock.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postlog.1: ../src/postlog/postlog.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postmap.1: ../src/postmap/postmap.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postqueue.1: ../src/postqueue/postqueue.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/postsuper.1: ../src/postsuper/postsuper.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/sendmail.1: ../src/sendmail/sendmail.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/mailq.1:
echo .so man1/sendmail.1 >$@
man1/newaliases.1:
echo .so man1/sendmail.1 >$@
man5/access.5: ../proto/access
../mantools/srctoman - $? >$@
man5/aliases.5: ../proto/aliases
../mantools/srctoman - $? >$@
man5/canonical.5: ../proto/canonical
../mantools/srctoman - $? >$@
man5/cidr_table.5: ../proto/cidr_table
../mantools/srctoman - $? >$@
man5/header_checks.5: ../proto/header_checks
../mantools/srctoman - $? >$@
man5/body_checks.5: ../proto/header_checks
echo .so man5/header_checks.5 >$@
man5/ldap_table.5: ../proto/ldap_table
../mantools/srctoman - $? >$@
man5/mysql_table.5: ../proto/mysql_table
../mantools/srctoman - $? >$@
man5/pcre_table.5: ../proto/pcre_table
../mantools/srctoman - $? >$@
man5/pgsql_table.5: ../proto/pgsql_table
../mantools/srctoman - $? >$@
man5/regexp_table.5: ../proto/regexp_table
../mantools/srctoman - $? >$@
man5/relocated.5: ../proto/relocated
../mantools/srctoman - $? >$@
man5/transport.5: ../proto/transport
../mantools/srctoman - $? >$@
man5/virtual.5: ../proto/virtual
../mantools/srctoman - $? >$@
man1/smtp-sink.1: ../src/smtpstone/smtp-sink.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/smtp-source.1: ../src/smtpstone/smtp-source.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man5/tcp_table.5: ../proto/tcp_table
../mantools/srctoman - $? >$@
man1/qmqp-sink.1: ../src/smtpstone/qmqp-sink.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/qmqp-source.1: ../src/smtpstone/qmqp-source.c
../mantools/fixman ../proto/postconf.proto $? >junk && \
(cmp -s junk $? || mv junk $?)
../mantools/srctoman $? >$@
man1/qshape.1: ../auxiliary/qshape/qshape.pl
#../mantools/fixman ../proto/postconf.proto $? >junk && \
# (cmp -s junk $? || mv junk $?)
../mantools/srctoman - $? >$@

1177
gnu/dist/postfix/man/man5/postconf.5 vendored
View File

File diff suppressed because it is too large Load Diff

13
gnu/dist/postfix/man/man8/cleanup.8 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: cleanup.8,v 1.8 2007/05/19 17:49:43 heas Exp $
.\" $NetBSD: cleanup.8,v 1.9 2008/06/22 14:38:41 christos Exp $
.\"
.TH CLEANUP 8
.ad
@ -181,6 +181,11 @@ filter) applications after an unknown SMTP command.
.IP "\fBmilter_end_of_data_macros (see postconf -n output)\fR"
The macros that are sent to Milter (mail filter) applications
after the message end-of-data.
.PP
Available in Postfix version 2.5 and later:
.IP "\fBmilter_end_of_header_macros (see postconf -n output)\fR"
The macros that are sent to Milter (mail filter) applications
after the end of the message header.
.SH "MIME PROCESSING CONTROLS"
.na
.nf
@ -203,6 +208,12 @@ information.
.IP "\fBstrict_mime_encoding_domain (no)\fR"
Reject mail with invalid Content-Transfer-Encoding: information
for the message/* or multipart/* MIME content types.
.PP
Available in Postfix version 2.5 and later:
.IP "\fBdetect_8bit_encoding_header (yes)\fR"
Automatically detect 8BITMIME body content by looking at
Content-Transfer-Encoding: message headers; historically, this
behavior was hard-coded to be "always on".
.SH "AUTOMATIC BCC RECIPIENT CONTROLS"
.na
.nf

5
gnu/dist/postfix/man/man8/local.8 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: local.8,v 1.9 2007/05/19 17:49:43 heas Exp $
.\" $NetBSD: local.8,v 1.10 2008/06/22 14:38:41 christos Exp $
.\"
.TH LOCAL 8
.ad
@ -228,6 +228,9 @@ The bare recipient name.
.IP \fBLOCAL\fR
The entire recipient address localpart (text to the left of the
rightmost @ character).
.IP \fBORIGINAL_RECIPIENT\fR
The entire recipient address, before any address rewriting
or aliasing (Postfix 2.5 and later).
.IP \fBRECIPIENT\fR
The entire recipient address.
.IP \fBSENDER\fR

114
gnu/dist/postfix/postfix2netbsd vendored
View File

@ -1,114 +0,0 @@
#! /bin/sh
#
# $NetBSD: postfix2netbsd,v 1.12 2008/06/22 13:55:05 christos Exp $
#
# Copyright (c) 1998, 1999 The NetBSD Foundation, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# postfix2netbsd: adds NetBSD tag, removes unnecessary files and
# resolve symlinks for importing postfix tree into netbsd.
# works on current directory.
# postfix2netbsd: convert a postfix source tree into a
# format suitable for commit. Works on current dir.
#
# Seed from Wiz's grep2netbsd.
PROG="$(basename "$0")"
if [ -z "$1" -o -n "$2" ]
then
echo "Usage: $PROG <dir>" 1>&2
exit 1
fi
cd "$1"
# delete some superfluous files
echo deleting some superfluous files
find . \( -type f -o -type l \) -a \
\( -name .indent.pro -o -name .printfck -o -name .keep \) \
-exec rm {} \;
rm -rf bin include lib libexec man/cat? auxiliary
echo done
### ditch symlinks
find . -type l | while read t; do
cp $t /tmp/postfix7$$
rm -f $t
mv /tmp/postfix7$$ $t
echo "resolved symlink $t"
done
### Remove the $'s around RCS tags
find . -type f -print | xargs egrep -l '\$(Id|Created|Header|Revision|Source)' | while read f; do
sed -e 's/\$\(Id.*\) ?\$/\1/' \
-e 's/\$\(Created.*\) \$/\1/' \
-e 's/\$\(Header.*\) \$/\1/' \
-e 's/\$\(Revision.*\) ?\$/\1/' \
-e 's/\$\(Source.*\) ?\$/\1/' \
$f > /tmp/postfix2$$ && mv /tmp/postfix2$$ $f && \
echo "removed RCS tag from $f"
done
### Add our NetBSD RCS Id
find . -type f -name '*.[chly]' -print | while read c; do
sed 1q < $c | grep -q '\$NetBSD' || (
echo "/* \$NetBSD\$ */" >/tmp/postfix3$$
echo "" >>/tmp/postfix3$$
cat $c >> /tmp/postfix3$$
mv /tmp/postfix3$$ $c && echo "added NetBSD RCS tag to $c"
)
done
find man -type f -name '*.[0-9]' -print | while read m; do
sed 1q < $m | grep -q '\$NetBSD' || (
echo ".\\\" \$NetBSD\$" >/tmp/postfix4$$
echo ".\\\"" >>/tmp/postfix4$$
cat $m >> /tmp/postfix4$$
mv /tmp/postfix4$$ $m && echo "added NetBSD RCS tag to $m"
)
done
find conf -type f \( -name '*.cf' -o -name 'post*' -o -name 'Makefile*' \) -print | while read t; do
grep -q '\$NetBSD' $t && continue
sed 1q < $t | grep -q '^\#!'
if [ $? -eq 0 ] ; then
sed 1q < $t >/tmp/postfix5$$
echo "# \$NetBSD\$" >>/tmp/postfix5$$
echo "#" >>/tmp/postfix5$$
sed "1d" < $t >>/tmp/postfix5$$
else
echo "# \$NetBSD\$" >/tmp/postfix5$$
echo "#" >>/tmp/postfix5$$
cat $t >> /tmp/postfix5$$
fi
mv /tmp/postfix5$$ $t && echo "added NetBSD RCS tag to $t"
done
echo done
echo You can import now.
echo Path: src/gnu/dist/postfix
echo Vendor: VENEMA
echo Versiontag: PFIX-X-Y-Z
exit 0

461
gnu/dist/postfix/proto/postconf.spec vendored
View File

@ -1,461 +0,0 @@
%CLASS install
%PARAM command_directory
%PARAM config_directory
%PARAM daemon_directory
%PARAM default_database_type
%PARAM mail_owner
%PARAM mail_spool_directory
%PARAM mailq_path
%PARAM manpage_directory
%PARAM newaliases_path
%PARAM process_id_directory
%PARAM queue_directory
%PARAM readme_directory
%PARAM sample_directory
%PARAM sendmail_path
%PARAM setgid_group
%CLASS postfix
%PARAM mail_release_date
%PARAM mail_version
%CLASS plumbing
%PARAM address_verify_service_name
%PARAM bounce_service_name
%PARAM cleanup_service_name
%PARAM defer_service_name
%PARAM error_service_name
%PARAM flush_service_name
%PARAM pickup_service_name
%PARAM queue_service_name
%PARAM rewrite_service_name
%PARAM showq_service_name
%PARAM trace_service_name
%CLASS security
%PARAM allow_min_user
%PARAM alternate_config_directories
%PARAM authorized_flush_users
%PARAM authorized_mailq_users
%PARAM authorized_submit_users
%PARAM default_privs
%PARAM import_environment
%PARAM proxy_read_maps
%CLASS local-security
%PARAM allow_mail_to_commands
%PARAM allow_mail_to_files
%PARAM command_expansion_filter
%PARAM local_command_shell
%CLASS address-verification
%PARAM address_verify_sender
%PARAM address_verify_service_name
%CLASS address-verification-caching
%PARAM address_verify_map
%PARAM address_verify_negative_cache
%PARAM address_verify_negative_expire_time
%PARAM address_verify_negative_refresh_time
%PARAM address_verify_positive_expire_time
%PARAM address_verify_positive_refresh_time
%CLASS address-verification-routing
%PARAM address_verify_default_transport
%PARAM address_verify_local_transport
%PARAM address_verify_relay_transport
%PARAM address_verify_relayhost
%PARAM address_verify_transport_maps
%PARAM address_verify_virtual_transport
%CLASS smtpd-address-verification
%PARAM address_verify_poll_count
%PARAM address_verify_poll_delay
%PARAM unverified_recipient_reject_code
%PARAM unverified_sender_reject_code
%class compatibility
%PARAM undisclosed_recipients_header
%PARAM allow_min_user
%PARAM backwards_bounce_logfile_compatibility
%CLASS local-compatibility
%PARAM sun_mailtool_compatibility
%PARAM allow_mail_to_commands
%PARAM allow_mail_to_files
%PARAM biff
%CLASS smtpd-compatibility
%PARAM broken_sasl_auth_clients
%PARAM disable_vrfy_command
%PARAM smtpd_helo_required
%PARAM smtpd_noop_commands
%PARAM smtpd_sasl_exceptions_networks
%PARAM strict_rfc821_envelopes
%CLASS smtp-compatibility
%PARAM ignore_mx_lookup_error
%PARAM smtp_always_send_ehlo
%PARAM smtp_defer_if_no_mx_address_found
%PARAM smtp_host_lookup
%PARAM smtp_line_length_limit
%PARAM smtp_never_send_ehlo
%PARAM smtp_pix_workaround_delay_time
%PARAM smtp_pix_workaround_threshold_time
%PARAM smtp_quote_rfc821_envelope
%PARAM smtp_skip_4xx_greeting
%PARAM smtp_skip_5xx_greeting
%PARAM smtp_skip_quit_response
%CLASS lmtp-compatibility
%PARAM lmtp_skip_quit_response
%CLASS mime-compatibility
%PARAM strict_8bitmime
%PARAM strict_8bitmime_body
%PARAM strict_mime_encoding_domain
%PARAM strict_7bit_headers
%CLASS resource-control
%PARAM application_event_drain_time
%PARAM berkeley_db_create_buffer_size
%PARAM berkeley_db_read_buffer_size
%PARAM bounce_size_limit
%PARAM command_time_limit
%PARAM daemon_timeout
%PARAM default_process_limit
%PARAM delay_warning_time
%PARAM deliver_lock_attempts
%PARAM deliver_lock_delay
%PARAM duplicate_filter_limit
%PARAM fork_attempts
%PARAM fork_delay
%PARAM header_address_token_limit
%PARAM header_size_limit
%PARAM hopcount_limit
%PARAM in_flow_delay
%PARAM ipc_idle
%PARAM ipc_timeout
%PARAM ipc_ttl
%PARAM line_length_limit
%PARAM max_idle
%PARAM max_use
%PARAM message_size_limit
%PARAM queue_file_attribute_count_limit
%PARAM service_throttle_time
%PARAM stale_lock_time
%PARAM transport_retry_time
%PARAM trigger_timeout
%CLASS smtpd-resource-control
%PARAM client_event_status_update_time
%PARAM client_rate_time_unit
%PARAM queue_minfree
%PARAM smtpd_client_connection_count_limit
%PARAM smtpd_client_connection_limit_exceptions
%PARAM smtpd_client_connection_rate_limit
%PARAM smtpd_history_flush_threshold
%PARAM smtpd_junk_command_limit
%PARAM smtpd_recipient_limit
%PARAM smtpd_timeout
%CLASS smtp-resource-control
%PARAM smtp_connect_timeout
%PARAM smtp_data_done_timeout
%PARAM smtp_data_init_timeout
%PARAM smtp_data_xfer_timeout
%PARAM smtp_destination_concurrency_limit
%PARAM smtp_destination_recipient_limit
%PARAM smtp_helo_timeout
%PARAM smtp_mail_timeout
%PARAM smtp_mx_address_limit
%PARAM smtp_mx_session_limit
%PARAM smtp_quit_timeout
%PARAM smtp_rcpt_timeout
%PARAM smtp_rset_timeout
%PARAM smtp_xforward_timeout
%CLASS lmtp-resource-control
%PARAM lmtp_cache_connection
%PARAM lmtp_connect_timeout
%PARAM lmtp_data_done_timeout
%PARAM lmtp_data_init_timeout
%PARAM lmtp_data_xfer_timeout
%PARAM lmtp_lhlo_timeout
%PARAM lmtp_mail_timeout
%PARAM lmtp_quit_timeout
%PARAM lmtp_rcpt_timeout
%PARAM lmtp_rset_timeout
%PARAM lmtp_xforward_timeout
%CLASS mime-resource-control
%PARAM mime_boundary_length_limit
%PARAM mime_nesting_limit
%CLASS local-resource-control
%PARAM local_destination_concurrency_limit
%PARAM local_destination_recipient_limit
%CLASS smtpd-tarpit
%PARAM smtpd_error_sleep_time
%PARAM smtpd_hard_error_limit
%PARAM smtpd_soft_error_limit
%CLASS content-filter
%PARAM lmtp_send_xforward_command
%PARAM receive_override_options
%PARAM smtp_send_xforward_command
%PARAM smtpd_authorized_xforward_hosts
%CLASS built-in-filter
%PARAM body_checks
%PARAM body_checks_size_limit
%PARAM header_checks
%PARAM mime_header_checks
%PARAM nested_header_checks
%CLASS after-queue-filter
%PARAM content_filter
%CLASS smtpd-proxy-filter
%PARAM smtpd_proxy_ehlo
%PARAM smtpd_proxy_filter
%PARAM smtpd_proxy_timeout
%CLASS smtp
%PARAM best_mx_transport
%PARAM disable_dns_lookups
%PARAM fallback_relay
%PARAM smtp_bind_address
%PARAM smtp_helo_name
%PARAM smtp_randomize_addresses
%CLASS basic-config
%PARAM alias_maps
%PARAM inet_interfaces
%PARAM mydestination
%PARAM mydomain
%PARAM myhostname
%PARAM mynetworks
%PARAM mynetworks_style
%PARAM myorigin
%PARAM proxy_interfaces
%CLASS smtpd-policy
%PARAM smtpd_policy_service_max_idle
%PARAM smtpd_policy_service_max_ttl
%PARAM smtpd_policy_service_timeout
%CLASS smtpd-access
%PARAM allow_untrusted_routing
%PARAM maps_rbl_domains
%PARAM parent_domain_matches_subdomains
%PARAM permit_mx_backup_networks
%PARAM smtpd_client_restrictions
%PARAM smtpd_data_restrictions
%PARAM smtpd_delay_reject
%PARAM smtpd_etrn_restrictions
%PARAM smtpd_expansion_filter
%PARAM smtpd_helo_restrictions
%PARAM smtpd_null_access_lookup_key
%PARAM smtpd_recipient_restrictions
%PARAM smtpd_reject_unlisted_recipient
%PARAM smtpd_reject_unlisted_sender
%PARAM smtpd_restriction_classes
%PARAM smtpd_sender_restrictions
%CLASS smtpd-reply-code
%PARAM access_map_reject_code
%PARAM default_rbl_reply
%PARAM defer_code
%PARAM invalid_hostname_reject_code
%PARAM maps_rbl_reject_code
%PARAM multi_recipient_bounce_reject_code
%PARAM non_fqdn_reject_code
%PARAM rbl_reply_maps
%PARAM reject_code
%PARAM relay_domains_reject_code
%PARAM unknown_address_reject_code
%PARAM unknown_client_reject_code
%PARAM unknown_hostname_reject_code
%PARAM unknown_local_recipient_reject_code
%PARAM unknown_relay_recipient_reject_code
%PARAM unknown_virtual_alias_reject_code
%PARAM unknown_virtual_mailbox_reject_code
%PARAM unverified_recipient_reject_code
%PARAM unverified_sender_reject_code
%CLASS smtpd-sasl
%PARAM smtpd_sasl_application_name
%PARAM smtpd_sasl_auth_enable
%PARAM smtpd_sasl_local_domain
%PARAM smtpd_sasl_security_options
%PARAM smtpd_sender_login_maps
%CLASS smtp-sasl
%PARAM smtp_sasl_auth_enable
%PARAM smtp_sasl_password_maps
%PARAM smtp_sasl_security_options
%PARAM smtp_sasl_mechanism_filter
%CLASS lmtp-sasl
%PARAM lmtp_sasl_auth_enable
%PARAM lmtp_sasl_password_maps
%PARAM lmtp_sasl_security_options
%CLASS smtpd-unknown-recipients
%PARAM local_recipient_maps
%PARAM relay_recipient_maps
%PARAM virtual_alias_maps
%PARAM virtual_mailbox_maps
%CLASS trouble-shooting
%PARAM 2bounce_notice_recipient
%PARAM bounce_notice_recipient
%PARAM debug_peer_level
%PARAM debug_peer_list
%PARAM debugger_command
%PARAM delay_notice_recipient
%PARAM dont_remove
%PARAM double_bounce_sender
%PARAM error_notice_recipient
%PARAM fault_injection_code
%PARAM helpful_warnings
%PARAM notify_classes
%PARAM show_user_unknown_table_name
%PARAM smtpd_authorized_xclient_hosts
%PARAM soft_bounce
%CLASS mime
%PARAM disable_mime_input_processing
%PARAM disable_mime_output_conversion
%CLASS verp
%PARAM default_verp_delimiters
%PARAM disable_verp_bounces
%PARAM smtpd_authorized_verp_clients
%PARAM verp_delimiter_filter
%CLASS lmtp
%PARAM lmtp_tcp_port
%CLASS other
%PARAM command_directory
%PARAM process_name
%PARAM process_id
%PARAM smtpd_banner
%PARAM mail_name
%CLASS scheduler
%PARAM bounce_queue_lifetime
%PARAM default_delivery_slot_cost
%PARAM default_delivery_slot_discount
%PARAM default_delivery_slot_loan
%PARAM default_destination_concurrency_limit
%PARAM default_destination_recipient_limit
%PARAM default_extra_recipient_limit
%PARAM default_minimum_delivery_slots
%PARAM default_recipient_limit
%PARAM defer_transports
%PARAM initial_destination_concurrency
%PARAM maximal_backoff_time
%PARAM maximal_queue_lifetime
%PARAM minimal_backoff_time
%PARAM qmgr_clog_warn_time
%PARAM qmgr_fudge_factor
%PARAM qmgr_message_active_limit
%PARAM qmgr_message_recipient_limit
%PARAM qmgr_message_recipient_minimum
%PARAM queue_run_delay
%PARAM queue_service_name
%CLASS qmqpd
%PARAM qmqpd_authorized_clients
%PARAM qmqpd_error_delay
%PARAM qmqpd_timeout
%CLASS logging
%PARAM syslog_facility
%PARAM syslog_name
%PARAM debug_peer_list
%PARAM debug_peer_level
%CLASS etrn
%PARAM fast_flush_domains
%PARAM fast_flush_purge_time
%PARAM fast_flush_refresh_time
%PARAM flush_service_name
%CLASS local
%PARAM alias_database
%PARAM alias_maps
%PARAM export_environment
%PARAM fallback_transport
%PARAM forward_expansion_filter
%PARAM forward_path
%PARAM home_mailbox
%PARAM local_transport
%PARAM luser_relay
%PARAM mailbox_command
%PARAM mailbox_command_maps
%PARAM mailbox_delivery_lock
%PARAM mailbox_size_limit
%PARAM mailbox_transport
%PARAM prepend_delivered_header
%PARAM require_home_directory
%CLASS address-manipulation
%PARAM allow_percent_hack
%PARAM always_bcc
%PARAM append_at_myorigin
%PARAM append_dot_mydomain
%PARAM canonical_maps
%PARAM cleanup_service_name
%PARAM default_transport
%PARAM default_transport
%PARAM empty_address_recipient
%PARAM enable_original_recipient
%PARAM expand_owner_alias
%PARAM masquerade_classes
%PARAM masquerade_domains
%PARAM masquerade_exceptions
%PARAM owner_request_special
%PARAM propagate_unmatched_extensions
%PARAM recipient_bcc_maps
%PARAM recipient_canonical_maps
%PARAM recipient_delimiter
%PARAM relay_domains
%PARAM relay_transport
%PARAM relayhost
%PARAM relocated_maps
%PARAM resolve_dequoted_address
%PARAM rewrite_service_name
%PARAM sender_based_routing
%PARAM sender_bcc_maps
%PARAM sender_canonical_maps
%PARAM swap_bangpath
%PARAM transport_maps
%PARAM virtual_alias_expansion_limit
%PARAM virtual_alias_maps
%PARAM virtual_alias_recursion_limit
%CLASS queue-hashing
%PARAM hash_queue_depth
%PARAM hash_queue_names
%CLASS virtual-mailbox
%PARAM virtual_gid_maps
%PARAM virtual_mailbox_base
%PARAM virtual_mailbox_domains
%PARAM virtual_mailbox_limit
%PARAM virtual_mailbox_lock
%PARAM virtual_mailbox_maps
%PARAM virtual_minimum_uid
%PARAM virtual_transport
%PARAM virtual_uid_maps
%CLASS virtual-alias-domain
%PARAM virtual_alias_domains
%PARAM virtual_alias_expansion_limit
%PARAM virtual_alias_maps
%PARAM virtual_alias_recursion_limit

19
gnu/dist/postfix/src/cleanup/cleanup.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup.c,v 1.10 2007/05/19 17:49:46 heas Exp $ */
/* $NetBSD: cleanup.c,v 1.11 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -161,6 +161,11 @@
/* .IP "\fBmilter_end_of_data_macros (see postconf -n output)\fR"
/* The macros that are sent to Milter (mail filter) applications
/* after the message end-of-data.
/* .PP
/* Available in Postfix version 2.5 and later:
/* .IP "\fBmilter_end_of_header_macros (see postconf -n output)\fR"
/* The macros that are sent to Milter (mail filter) applications
/* after the end of the message header.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
@ -181,6 +186,12 @@
/* .IP "\fBstrict_mime_encoding_domain (no)\fR"
/* Reject mail with invalid Content-Transfer-Encoding: information
/* for the message/* or multipart/* MIME content types.
/* .PP
/* Available in Postfix version 2.5 and later:
/* .IP "\fBdetect_8bit_encoding_header (yes)\fR"
/* Automatically detect 8BITMIME body content by looking at
/* Content-Transfer-Encoding: message headers; historically, this
/* behavior was hard-coded to be "always on".
/* AUTOMATIC BCC RECIPIENT CONTROLS
/* .ad
/* .fi
@ -482,8 +493,10 @@ static void cleanup_service(VSTREAM *src, char *unused_service, char **argv)
status = cleanup_flush(state); /* in case state is modified */
attr_print(src, ATTR_FLAG_NONE,
ATTR_TYPE_INT, MAIL_ATTR_STATUS, status,
ATTR_TYPE_STR, MAIL_ATTR_WHY, state->reason ?
state->reason : "",
ATTR_TYPE_STR, MAIL_ATTR_WHY,
(state->flags & CLEANUP_FLAG_SMTP_REPLY)
&& state->smtp_reply ? state->smtp_reply :
state->reason ? state->reason : "",
ATTR_TYPE_END);
cleanup_free(state);

4
gnu/dist/postfix/src/cleanup/cleanup.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup.h,v 1.11 2007/05/19 17:49:46 heas Exp $ */
/* $NetBSD: cleanup.h,v 1.12 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -80,6 +80,7 @@ typedef struct CLEANUP_STATE {
off_t append_hdr_pt_target; /* target of above record */
ssize_t rcpt_count; /* recipient count */
char *reason; /* failure reason */
char *smtp_reply; /* failure reason, SMTP-style */
NVTABLE *attr; /* queue file attribute list */
MIME_STATE *mime_state; /* MIME state engine */
int mime_errs; /* MIME error flags */
@ -106,6 +107,7 @@ typedef struct CLEANUP_STATE {
const char *client_port; /* real or ersatz client */
VSTRING *milter_ext_from; /* externalized sender */
VSTRING *milter_ext_rcpt; /* externalized recipient */
VSTRING *milter_err_text; /* milter call-back reply */
/*
* Support for Milter body replacement requests.

10
gnu/dist/postfix/src/cleanup/cleanup_envelope.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup_envelope.c,v 1.11 2007/08/02 08:26:18 heas Exp $ */
/* $NetBSD: cleanup_envelope.c,v 1.12 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -148,6 +148,14 @@ static void cleanup_envelope_process(CLEANUP_STATE *state, int type,
return;
}
#endif
/*
* XXX We instantiate a MILTERS structure even when the filter count is
* zero (for example, all filters are in ACCEPT state, or the SMTP server
* sends a dummy MILTERS structure without any filters), otherwise the
* cleanup server would apply the non_smtpd_milters setting
* inappropriately.
*/
if (type == REC_TYPE_MILT_COUNT) {
/* Not part of queue file format. */
if ((milter_count = atoi(buf)) >= 0)

39
gnu/dist/postfix/src/cleanup/cleanup_init.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: cleanup_init.c,v 1.9 2007/05/19 17:49:47 heas Exp $ */
/* $NetBSD: cleanup_init.c,v 1.10 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -162,9 +162,11 @@ char *var_milt_helo_macros; /* HELO macros */
char *var_milt_mail_macros; /* MAIL FROM macros */
char *var_milt_rcpt_macros; /* RCPT TO macros */
char *var_milt_data_macros; /* DATA macros */
char *var_milt_eoh_macros; /* end-of-header macros */
char *var_milt_eod_macros; /* end-of-data macros */
char *var_milt_unk_macros; /* unknown command macros */
char *var_cleanup_milters; /* non-SMTP mail */
int var_auto_8bit_enc_hdr; /* auto-detect 8bit encoding header */
CONFIG_INT_TABLE cleanup_int_table[] = {
VAR_HOPCOUNT_LIMIT, DEF_HOPCOUNT_LIMIT, &var_hopcount_limit, 1, 0,
@ -179,6 +181,7 @@ CONFIG_INT_TABLE cleanup_int_table[] = {
CONFIG_BOOL_TABLE cleanup_bool_table[] = {
VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt,
VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off,
VAR_AUTO_8BIT_ENC_HDR, DEF_AUTO_8BIT_ENC_HDR, &var_auto_8bit_enc_hdr,
0,
};
@ -223,6 +226,7 @@ CONFIG_STR_TABLE cleanup_str_table[] = {
VAR_MILT_MAIL_MACROS, DEF_MILT_MAIL_MACROS, &var_milt_mail_macros, 0, 0,
VAR_MILT_RCPT_MACROS, DEF_MILT_RCPT_MACROS, &var_milt_rcpt_macros, 0, 0,
VAR_MILT_DATA_MACROS, DEF_MILT_DATA_MACROS, &var_milt_data_macros, 0, 0,
VAR_MILT_EOH_MACROS, DEF_MILT_EOH_MACROS, &var_milt_eoh_macros, 0, 0,
VAR_MILT_EOD_MACROS, DEF_MILT_EOD_MACROS, &var_milt_eod_macros, 0, 0,
VAR_MILT_UNK_MACROS, DEF_MILT_UNK_MACROS, &var_milt_unk_macros, 0, 0,
VAR_CLEANUP_MILTERS, DEF_CLEANUP_MILTERS, &var_cleanup_milters, 0, 0,
@ -302,17 +306,17 @@ void cleanup_sig(int sig)
void cleanup_pre_jail(char *unused_name, char **unused_argv)
{
static NAME_MASK send_canon_class_table[] = {
static const NAME_MASK send_canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
0,
};
static NAME_MASK rcpt_canon_class_table[] = {
static const NAME_MASK rcpt_canon_class_table[] = {
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_RCPT, CLEANUP_CANON_FLAG_HDR_RCPT,
0,
};
static NAME_MASK canon_class_table[] = {
static const NAME_MASK canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
@ -320,7 +324,7 @@ void cleanup_pre_jail(char *unused_name, char **unused_argv)
0,
};
static NAME_MASK masq_class_table[] = {
static const NAME_MASK masq_class_table[] = {
MASQ_CLASS_ENV_FROM, CLEANUP_MASQ_FLAG_ENV_FROM,
MASQ_CLASS_ENV_RCPT, CLEANUP_MASQ_FLAG_ENV_RCPT,
MASQ_CLASS_HDR_FROM, CLEANUP_MASQ_FLAG_HDR_FROM,
@ -387,18 +391,19 @@ void cleanup_pre_jail(char *unused_name, char **unused_argv)
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
if (*var_cleanup_milters)
cleanup_milters = milter_create(var_cleanup_milters,
var_milt_conn_time,
var_milt_cmd_time,
var_milt_msg_time,
var_milt_protocol,
var_milt_def_action,
var_milt_conn_macros,
var_milt_helo_macros,
var_milt_mail_macros,
var_milt_rcpt_macros,
var_milt_data_macros,
var_milt_eod_macros,
var_milt_unk_macros);
var_milt_conn_time,
var_milt_cmd_time,
var_milt_msg_time,
var_milt_protocol,
var_milt_def_action,
var_milt_conn_macros,
var_milt_helo_macros,
var_milt_mail_macros,
var_milt_rcpt_macros,
var_milt_data_macros,
var_milt_eoh_macros,
var_milt_eod_macros,
var_milt_unk_macros);
flush_init();
}

149
gnu/dist/postfix/src/global/Makefile.in vendored
View File

@ -27,7 +27,8 @@ SRCS = abounce.c anvil_clnt.c been_here.c bounce.c bounce_log.c \
sys_exits.c timed_ipc.c tok822_find.c tok822_node.c tok822_parse.c \
tok822_resolve.c tok822_rewrite.c tok822_tree.c trace.c \
user_acl.c valid_mailhost_addr.c verify.c verify_clnt.c \
verp_sender.c wildcard_inet_addr.c xtext.c
verp_sender.c wildcard_inet_addr.c xtext.c delivered_hdr.c \
fold_addr.c header_body_checks.c mkmap_proxy.c data_redirect.c
OBJS = abounce.o anvil_clnt.o been_here.o bounce.o bounce_log.o \
canon_addr.o cfg_parser.o cleanup_strerror.o cleanup_strflags.o \
clnt_stream.o conv_time.o db_common.o debug_peer.o debug_process.o \
@ -56,7 +57,8 @@ OBJS = abounce.o anvil_clnt.o been_here.o bounce.o bounce_log.o \
sys_exits.o timed_ipc.o tok822_find.o tok822_node.o tok822_parse.o \
tok822_resolve.o tok822_rewrite.o tok822_tree.o trace.o \
user_acl.o valid_mailhost_addr.o verify.o verify_clnt.o \
verp_sender.o wildcard_inet_addr.o xtext.o
verp_sender.o wildcard_inet_addr.o xtext.o delivered_hdr.o \
fold_addr.o header_body_checks.o mkmap_proxy.o data_redirect.o
HDRS = abounce.h anvil_clnt.h been_here.h bounce.h bounce_log.h \
canon_addr.h cfg_parser.h cleanup_user.h clnt_stream.h config.h \
conv_time.h db_common.h debug_peer.h debug_process.h defer.h \
@ -79,7 +81,8 @@ HDRS = abounce.h anvil_clnt.h been_here.h bounce.h bounce_log.h \
rewrite_clnt.h scache.h sent.h smtp_stream.h split_addr.h \
string_list.h strip_addr.h sys_exits.h timed_ipc.h tok822.h \
trace.h user_acl.h valid_mailhost_addr.h verify.h verify_clnt.h \
verp_sender.h wildcard_inet_addr.h xtext.h
verp_sender.h wildcard_inet_addr.h xtext.h delivered_hdr.h \
fold_addr.h header_body_checks.h data_redirect.h
TESTSRC = rec2stream.c stream2rec.c recdump.c
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
CFLAGS = $(DEBUG) $(OPT) $(DEFS)
@ -91,7 +94,8 @@ TESTPROG= domain_list dot_lockfile mail_addr_crunch mail_addr_find \
resolve_local rewrite_clnt stream2rec string_list tok822_parse \
quote_821_local mail_conf_time mime_state strip_addr \
verify_clnt xtext anvil_clnt scache ehlo_mask \
valid_mailhost_addr own_inet_addr
valid_mailhost_addr own_inet_addr header_body_checks \
data_redirect
LIBS = ../../lib/libutil.a
LIB_DIR = ../../lib
@ -268,13 +272,23 @@ valid_mailhost_addr: valid_mailhost_addr.c $(LIB) $(LIBS)
own_inet_addr: own_inet_addr.c $(LIB) $(LIBS)
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
header_body_checks: header_body_checks.c $(LIB) $(LIBS)
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
data_redirect: data_redirect.c $(LIB) $(LIBS)
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
tests: tok822_test mime_tests strip_addr_test tok822_limit_test \
xtext_test scache_multi_test ehlo_mask_test \
namadr_list_test mail_conf_time_test
namadr_list_test mail_conf_time_test header_body_checks_tests
mime_tests: mime_test mime_nest mime_8bit mime_dom mime_trunc mime_cvt \
mime_cvt2 mime_cvt3 mime_garb1 mime_garb2 mime_garb3 mime_garb4
header_body_checks_tests: header_body_checks_null_test \
header_body_checks_warn_test header_body_checks_prepend_test \
header_body_checks_ignore_test header_body_checks_replace_test
root_tests: rewrite_clnt_test resolve_clnt_test
tok822_test: tok822_parse tok822_parse.in tok822_parse.ref
@ -413,6 +427,56 @@ mail_conf_time_test: mail_conf_time mail_conf_time.ref
diff mail_conf_time.ref mail_conf_time.tmp
rm -f mail_conf_time.tmp
header_body_checks_null_test: header_body_checks header_body_checks_null.ref
./header_body_checks "" "" "" "" \
<mime_test.in >header_body_checks_null.tmp 2>&1
cmp header_body_checks_null.ref header_body_checks_null.tmp
./header_body_checks static:dunno static:dunno static:dunno static:dunno \
<mime_test.in >header_body_checks_null.tmp 2>&1
cmp header_body_checks_null.ref header_body_checks_null.tmp
./header_body_checks static:ok static:ok static:ok static:ok \
<mime_test.in >header_body_checks_null.tmp 2>&1
cmp header_body_checks_null.ref header_body_checks_null.tmp
rm -f header_body_checks_null.tmp
header_body_checks_warn_test: header_body_checks header_body_checks_warn.ref
./header_body_checks static:warn static:warn static:warn static:warn \
<mime_test.in >header_body_checks_warn.tmp 2>&1
cmp header_body_checks_warn.ref header_body_checks_warn.tmp
rm -f header_body_checks_warn.tmp
header_body_checks_prepend_test: header_body_checks header_body_checks_prepend.ref
echo /./ prepend header: head >header_body_checks_head
echo /./ prepend header: mime >header_body_checks_mime
echo /./ prepend header: nest >header_body_checks_nest
echo /./ prepend body >header_body_checks_body
./header_body_checks regexp:header_body_checks_head regexp:header_body_checks_mime \
regexp:header_body_checks_nest regexp:header_body_checks_body \
<mime_test.in >header_body_checks_prepend.tmp 2>&1
cmp header_body_checks_prepend.ref header_body_checks_prepend.tmp
rm -f header_body_checks_prepend.tmp header_body_checks_head header_body_checks_mime header_body_checks_nest header_body_checks_body
# Note: the IGNORE action will not strip empty lines. Postfix maps
# currently never see null query strings because some map types raise
# errors. We can eliminate this restriction by allowing individual
# map types to advertise whether they can handle null queries.
header_body_checks_ignore_test: header_body_checks header_body_checks_ignore.ref
./header_body_checks static:ignore static:ignore static:ignore static:ignore \
<mime_test.in >header_body_checks_ignore.tmp 2>&1
cmp header_body_checks_ignore.ref header_body_checks_ignore.tmp
rm -f header_body_checks_ignore.tmp header_body_checks_head header_body_checks_mime header_body_checks_nest header_body_checks_body
header_body_checks_replace_test: header_body_checks header_body_checks_replace.ref
echo /./ replace header: head >header_body_checks_head
echo /./ replace header: mime >header_body_checks_mime
echo /./ replace header: nest >header_body_checks_nest
echo /./ replace body >header_body_checks_body
./header_body_checks regexp:header_body_checks_head regexp:header_body_checks_mime \
regexp:header_body_checks_nest regexp:header_body_checks_body \
<mime_test.in >header_body_checks_replace.tmp 2>&1
cmp header_body_checks_replace.ref header_body_checks_replace.tmp
rm -f header_body_checks_replace.tmp header_body_checks_head header_body_checks_mime header_body_checks_nest header_body_checks_body
printfck: $(OBJS) $(PROG)
rm -rf printfck
mkdir printfck
@ -576,6 +640,23 @@ conv_time.o: ../../include/msg.h
conv_time.o: ../../include/sys_defs.h
conv_time.o: conv_time.c
conv_time.o: conv_time.h
data_redirect.o: ../../include/argv.h
data_redirect.o: ../../include/dict.h
data_redirect.o: ../../include/dict_cdb.h
data_redirect.o: ../../include/dict_db.h
data_redirect.o: ../../include/dict_dbm.h
data_redirect.o: ../../include/msg.h
data_redirect.o: ../../include/name_code.h
data_redirect.o: ../../include/split_at.h
data_redirect.o: ../../include/stringops.h
data_redirect.o: ../../include/sys_defs.h
data_redirect.o: ../../include/vbuf.h
data_redirect.o: ../../include/vstream.h
data_redirect.o: ../../include/vstring.h
data_redirect.o: data_redirect.c
data_redirect.o: data_redirect.h
data_redirect.o: dict_proxy.h
data_redirect.o: mail_params.h
db_common.o: ../../include/argv.h
db_common.o: ../../include/dict.h
db_common.o: ../../include/match_list.h
@ -688,6 +769,24 @@ deliver_request.o: mail_queue.h
deliver_request.o: msg_stats.h
deliver_request.o: rcpt_buf.h
deliver_request.o: recipient_list.h
delivered_hdr.o: ../../include/htable.h
delivered_hdr.o: ../../include/msg.h
delivered_hdr.o: ../../include/mymalloc.h
delivered_hdr.o: ../../include/stringops.h
delivered_hdr.o: ../../include/sys_defs.h
delivered_hdr.o: ../../include/vbuf.h
delivered_hdr.o: ../../include/vstream.h
delivered_hdr.o: ../../include/vstring.h
delivered_hdr.o: ../../include/vstring_vstream.h
delivered_hdr.o: delivered_hdr.c
delivered_hdr.o: delivered_hdr.h
delivered_hdr.o: fold_addr.h
delivered_hdr.o: header_opts.h
delivered_hdr.o: is_header.h
delivered_hdr.o: quote_822_local.h
delivered_hdr.o: quote_flags.h
delivered_hdr.o: rec_type.h
delivered_hdr.o: record.h
dict_ldap.o: ../../include/argv.h
dict_ldap.o: ../../include/binhash.h
dict_ldap.o: ../../include/dict.h
@ -866,6 +965,29 @@ flush_clnt.o: mail_flush.h
flush_clnt.o: mail_params.h
flush_clnt.o: mail_proto.h
flush_clnt.o: match_parent_style.h
fold_addr.o: ../../include/stringops.h
fold_addr.o: ../../include/sys_defs.h
fold_addr.o: ../../include/vbuf.h
fold_addr.o: ../../include/vstring.h
fold_addr.o: fold_addr.c
fold_addr.o: fold_addr.h
header_body_checks.o: ../../include/argv.h
header_body_checks.o: ../../include/dict.h
header_body_checks.o: ../../include/msg.h
header_body_checks.o: ../../include/mymalloc.h
header_body_checks.o: ../../include/sys_defs.h
header_body_checks.o: ../../include/vbuf.h
header_body_checks.o: ../../include/vstream.h
header_body_checks.o: ../../include/vstring.h
header_body_checks.o: cleanup_user.h
header_body_checks.o: dsn_util.h
header_body_checks.o: header_body_checks.c
header_body_checks.o: header_body_checks.h
header_body_checks.o: header_opts.h
header_body_checks.o: is_header.h
header_body_checks.o: maps.h
header_body_checks.o: mime_state.h
header_body_checks.o: rec_type.h
header_opts.o: ../../include/htable.h
header_opts.o: ../../include/msg.h
header_opts.o: ../../include/stringops.h
@ -1026,7 +1148,10 @@ mail_conf_raw.o: mail_conf.h
mail_conf_raw.o: mail_conf_raw.c
mail_conf_str.o: ../../include/msg.h
mail_conf_str.o: ../../include/mymalloc.h
mail_conf_str.o: ../../include/stringops.h
mail_conf_str.o: ../../include/sys_defs.h
mail_conf_str.o: ../../include/vbuf.h
mail_conf_str.o: ../../include/vstring.h
mail_conf_str.o: mail_conf.h
mail_conf_str.o: mail_conf_str.c
mail_conf_time.o: ../../include/argv.h
@ -1130,13 +1255,16 @@ mail_params.o: ../../include/iostuff.h
mail_params.o: ../../include/msg.h
mail_params.o: ../../include/msg_syslog.h
mail_params.o: ../../include/myaddrinfo.h
mail_params.o: ../../include/mymalloc.h
mail_params.o: ../../include/safe.h
mail_params.o: ../../include/safe_open.h
mail_params.o: ../../include/stringops.h
mail_params.o: ../../include/sys_defs.h
mail_params.o: ../../include/valid_hostname.h
mail_params.o: ../../include/vbuf.h
mail_params.o: ../../include/vstream.h
mail_params.o: ../../include/vstring.h
mail_params.o: ../../include/vstring_vstream.h
mail_params.o: mail_conf.h
mail_params.o: mail_params.c
mail_params.o: mail_params.h
@ -1344,8 +1472,19 @@ mkmap_open.o: ../../include/sys_defs.h
mkmap_open.o: ../../include/vbuf.h
mkmap_open.o: ../../include/vstream.h
mkmap_open.o: ../../include/vstring.h
mkmap_open.o: dict_proxy.h
mkmap_open.o: mkmap.h
mkmap_open.o: mkmap_open.c
mkmap_proxy.o: ../../include/argv.h
mkmap_proxy.o: ../../include/dict.h
mkmap_proxy.o: ../../include/mymalloc.h
mkmap_proxy.o: ../../include/sys_defs.h
mkmap_proxy.o: ../../include/vbuf.h
mkmap_proxy.o: ../../include/vstream.h
mkmap_proxy.o: ../../include/vstring.h
mkmap_proxy.o: dict_proxy.h
mkmap_proxy.o: mkmap.h
mkmap_proxy.o: mkmap_proxy.c
mkmap_sdbm.o: ../../include/argv.h
mkmap_sdbm.o: ../../include/dict.h
mkmap_sdbm.o: ../../include/dict_sdbm.h

114
gnu/dist/postfix/src/global/hold_message.c vendored
View File

@ -1,114 +0,0 @@
/* $NetBSD: hold_message.c,v 1.1.1.2 2004/05/31 00:24:30 heas Exp $ */
/*++
/* NAME
/* hold_message 3
/* SUMMARY
/* move message to hold queue
/* SYNOPSIS
/* #include <hold_message.h>
/*
/* int hold_message(path_buf, queue_name, queue_id)
/* VSTRING *path_buf;
/* const char *queue_name;
/* const char *queue_id;
/* DESCRIPTION
/* The \fBhold_message\fR() routine moves the specified
/* queue file to the \fBhold\fR queue, where it will sit
/* until someone either destroys it or releases it.
/*
/* Arguments:
/* .IP path_buf
/* A null pointer, or storage for the new pathname.
/* .IP queue_name
/* Queue name with the message that needs to be placed on hold.
/* .IP queue_id
/* Queue file name with the message that needs to be placed on hold.
/* DIAGNOSTICS
/* The result is -1 in case of failure, 0 in case of success.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <stdio.h> /* rename() */
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
/* Utility library. */
#include <msg.h>
#include <set_eugid.h>
#include <sane_fsops.h>
/* Global library. */
#include <mail_queue.h>
#include <mail_params.h>
#include <hold_message.h>
#define STR(x) vstring_str(x)
/* hold_message - move message to hold queue */
int hold_message(VSTRING *path_buf, const char *queue_name,
const char *queue_id)
{
VSTRING *old_path = vstring_alloc(100);
VSTRING *new_path = 0;
uid_t saved_uid;
gid_t saved_gid;
int err;
/*
* If not running as the mail system, change privileges first.
*/
if ((saved_uid = geteuid()) != var_owner_uid) {
saved_gid = getegid();
set_eugid(var_owner_uid, var_owner_gid);
}
/*
* Your buffer or mine?
*/
if (path_buf == 0)
new_path = path_buf = vstring_alloc(100);
/*
* This code duplicates mail_queue_rename(), except that it also returns
* the result pathname to the caller.
*/
(void) mail_queue_path(old_path, queue_name, queue_id);
(void) mail_queue_path(path_buf, MAIL_QUEUE_HOLD, queue_id);
if ((err = sane_rename(STR(old_path), STR(path_buf))) == 0
|| ((err = mail_queue_mkdirs(STR(path_buf)) == 0)
&& (err = sane_rename(STR(old_path), STR(path_buf))) == 0)) {
if (msg_verbose)
msg_info("%s: placed on hold", queue_id);
}
/*
* Restore privileges.
*/
if (saved_uid != var_owner_uid)
set_eugid(saved_uid, saved_gid);
/*
* Cleanup.
*/
vstring_free(old_path);
if (new_path)
vstring_free(new_path);
return (err);
}

32
gnu/dist/postfix/src/global/hold_message.h vendored
View File

@ -1,32 +0,0 @@
/* $NetBSD: hold_message.h,v 1.1.1.2 2004/05/31 00:24:31 heas Exp $ */
#ifndef _HOLD_MESSAGE_H_INCLUDED_
#define _HOLD_MESSAGE_H_INCLUDED_
/*++
/* NAME
/* hold_message 3h
/* SUMMARY
/* mark queue file as corrupt
/* SYNOPSIS
/* #include <hold_message.h>
/* DESCRIPTION
/* .nf
/*
* External interface.
*/
extern int hold_message(VSTRING *, const char *, const char *);
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

163
gnu/dist/postfix/src/global/mail_params.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: mail_params.h,v 1.15 2007/08/02 08:26:18 heas Exp $ */
/* $NetBSD: mail_params.h,v 1.16 2008/06/22 14:38:41 christos Exp $ */
#ifndef _MAIL_PARAMS_H_INCLUDED_
#define _MAIL_PARAMS_H_INCLUDED_
@ -194,6 +194,10 @@ extern char *var_relayhost;
#define DEF_SND_RELAY_MAPS ""
extern char *var_snd_relay_maps;
#define VAR_NULL_RELAY_MAPS_KEY "empty_address_relayhost_maps_lookup_key"
#define DEF_NULL_RELAY_MAPS_KEY "<>"
extern char *var_null_relay_maps_key;
#define VAR_SMTP_FALLBACK "smtp_fallback_relay"
#define DEF_SMTP_FALLBACK "$fallback_relay"
#define VAR_LMTP_FALLBACK "smtp_fallback_relay"
@ -258,6 +262,15 @@ extern char *var_command_dir;
#endif
extern char *var_pid_dir;
/*
* Location of writable data files.
*/
#define VAR_DATA_DIR "data_directory"
#ifndef DEF_DATA_DIR
#define DEF_DATA_DIR "/var/lib/postfix"
#endif
extern char *var_data_dir;
/*
* Program startup time.
*/
@ -454,6 +467,7 @@ extern bool var_biff;
extern char *var_allow_commands;
#define VAR_COMMAND_MAXTIME "command_time_limit"
#define _MAXTIME "_time_limit"
#define DEF_COMMAND_MAXTIME "1000s"
extern int var_command_maxtime;
@ -596,7 +610,7 @@ extern bool var_stat_home_dir;
extern int var_dup_filter_limit;
#define VAR_TLS_RAND_EXCH_NAME "tls_random_exchange_name"
#define DEF_TLS_RAND_EXCH_NAME "${config_directory}/prng_exch"
#define DEF_TLS_RAND_EXCH_NAME "${data_directory}/prng_exch"
extern char *var_tls_rand_exch_name;
#define VAR_TLS_RAND_SOURCE "tls_random_source"
@ -729,6 +743,7 @@ extern int var_qmgr_fudge;
* Queue manager: default destination concurrency levels.
*/
#define VAR_INIT_DEST_CON "initial_destination_concurrency"
#define _INIT_DEST_CON "_initial_destination_concurrency"
#define DEF_INIT_DEST_CON 5
extern int var_init_dest_concurrency;
@ -1149,7 +1164,7 @@ extern bool var_smtpd_tls_ask_ccert;
extern bool var_smtpd_tls_req_ccert;
#define VAR_SMTPD_TLS_CCERT_VD "smtpd_tls_ccert_verifydepth"
#define DEF_SMTPD_TLS_CCERT_VD 5
#define DEF_SMTPD_TLS_CCERT_VD 9
extern int var_smtpd_tls_ccert_vd;
#define VAR_SMTPD_TLS_CERT_FILE "smtpd_tls_cert_file"
@ -1192,6 +1207,10 @@ extern char *var_smtpd_tls_excl_ciph;
#define DEF_SMTPD_TLS_MAND_EXCL ""
extern char *var_smtpd_tls_mand_excl;
#define VAR_SMTPD_TLS_FPT_DGST "smtpd_tls_fingerprint_digest"
#define DEF_SMTPD_TLS_FPT_DGST "md5"
extern char *var_smtpd_tls_fpt_dgst;
#define VAR_SMTPD_TLS_512_FILE "smtpd_tls_dh512_param_file"
#define DEF_SMTPD_TLS_512_FILE ""
extern char *var_smtpd_tls_dh512_param_file;
@ -1255,9 +1274,9 @@ extern bool var_smtp_tls_enforce_peername;
extern char *var_smtp_tls_level;
#define VAR_SMTP_TLS_SCERT_VD "smtp_tls_scert_verifydepth"
#define DEF_SMTP_TLS_SCERT_VD 5
#define DEF_SMTP_TLS_SCERT_VD 9
#define VAR_LMTP_TLS_SCERT_VD "lmtp_tls_scert_verifydepth"
#define DEF_LMTP_TLS_SCERT_VD 5
#define DEF_LMTP_TLS_SCERT_VD 9
extern int var_smtp_tls_scert_vd;
#define VAR_SMTP_TLS_CERT_FILE "smtp_tls_cert_file"
@ -1314,6 +1333,12 @@ extern char *var_smtp_tls_excl_ciph;
#define DEF_LMTP_TLS_MAND_EXCL ""
extern char *var_smtp_tls_mand_excl;
#define VAR_SMTP_TLS_FPT_DGST "smtp_tls_fingerprint_digest"
#define DEF_SMTP_TLS_FPT_DGST "md5"
#define VAR_LMTP_TLS_FPT_DGST "lmtp_tls_fingerprint_digest"
#define DEF_LMTP_TLS_FPT_DGST "md5"
extern char *var_smtp_tls_fpt_dgst;
#define VAR_SMTP_TLS_LOGLEVEL "smtp_tls_loglevel"
#define DEF_SMTP_TLS_LOGLEVEL 0
#define VAR_LMTP_TLS_LOGLEVEL "lmtp_tls_loglevel"
@ -1369,6 +1394,12 @@ extern char *var_smtp_tls_vfy_cmatch;
extern char *var_smtp_tls_sec_cmatch;
#define VAR_SMTP_TLS_FPT_CMATCH "smtp_tls_fingerprint_cert_match"
#define DEF_SMTP_TLS_FPT_CMATCH ""
#define VAR_LMTP_TLS_FPT_CMATCH "lmtp_tls_fingerprint_cert_match"
#define DEF_LMTP_TLS_FPT_CMATCH ""
extern char *var_smtp_tls_fpt_cmatch;
/*
* SASL authentication support, SMTP server side.
*/
@ -1388,6 +1419,10 @@ extern char *var_smtpd_sasl_opts;
#define DEF_SMTPD_SASL_PATH "smtpd"
extern char *var_smtpd_sasl_path;
#define VAR_CYRUS_CONF_PATH "cyrus_sasl_config_path"
#define DEF_CYRUS_CONF_PATH ""
extern char *var_cyrus_conf_path;
#define VAR_SMTPD_SASL_TLS_OPTS "smtpd_sasl_tls_security_options"
#define DEF_SMTPD_SASL_TLS_OPTS "$" VAR_SMTPD_SASL_OPTS
extern char *var_smtpd_sasl_tls_opts;
@ -1541,6 +1576,27 @@ extern char *var_lmtp_sasl_path;
#define DEF_CYRUS_SASL_AUTHZID 0
extern int var_cyrus_sasl_authzid;
/*
* Special handling of AUTH 535 failures.
*/
#define VAR_SMTP_SASL_AUTH_SOFT_BOUNCE "smtp_sasl_auth_soft_bounce"
#define DEF_SMTP_SASL_AUTH_SOFT_BOUNCE 1
#define VAR_LMTP_SASL_AUTH_SOFT_BOUNCE "lmtp_sasl_auth_soft_bounce"
#define DEF_LMTP_SASL_AUTH_SOFT_BOUNCE 1
extern bool var_smtp_sasl_auth_soft_bounce;
#define VAR_SMTP_SASL_AUTH_CACHE_NAME "smtp_sasl_auth_cache_name"
#define DEF_SMTP_SASL_AUTH_CACHE_NAME ""
#define VAR_LMTP_SASL_AUTH_CACHE_NAME "lmtp_sasl_auth_cache_name"
#define DEF_LMTP_SASL_AUTH_CACHE_NAME ""
extern char *var_smtp_sasl_auth_cache_name;
#define VAR_SMTP_SASL_AUTH_CACHE_TIME "smtp_sasl_auth_cache_time"
#define DEF_SMTP_SASL_AUTH_CACHE_TIME "90d"
#define VAR_LMTP_SASL_AUTH_CACHE_TIME "lmtp_sasl_auth_cache_time"
#define DEF_LMTP_SASL_AUTH_CACHE_TIME "90d"
extern int var_smtp_sasl_auth_cache_time;
/*
* LMTP client. Timeouts inspired by RFC 1123. The LMTP recipient limit
* determines how many recipient addresses the LMTP client sends along with
@ -2003,9 +2059,18 @@ extern int var_local_rcpt_code;
" $" VAR_RCPT_CANON_MAPS \
" $" VAR_RELOCATED_MAPS \
" $" VAR_TRANSPORT_MAPS \
" $" VAR_MYNETWORKS
" $" VAR_MYNETWORKS \
" $" VAR_SEND_BCC_MAPS \
" $" VAR_RCPT_BCC_MAPS \
" $" VAR_SMTP_GENERIC_MAPS \
" $" VAR_LMTP_GENERIC_MAPS
extern char *var_proxy_read_maps;
#define VAR_PROXY_WRITE_MAPS "proxy_write_maps"
#define DEF_PROXY_WRITE_MAPS "$" VAR_SMTP_SASL_AUTH_CACHE_NAME \
" $" VAR_LMTP_SASL_AUTH_CACHE_NAME
extern char *var_proxy_write_maps;
/*
* Other.
*/
@ -2372,7 +2437,7 @@ extern int var_verify_neg_try;
extern bool var_verify_neg_cache;
#define VAR_VERIFY_SENDER "address_verify_sender"
#define DEF_VERIFY_SENDER "postmaster"
#define DEF_VERIFY_SENDER "$" VAR_DOUBLE_BOUNCE
extern char *var_verify_sender;
#define VAR_VERIFY_POLL_COUNT "address_verify_poll_count"
@ -2482,6 +2547,10 @@ extern bool var_strict_8bit_body;
#define DEF_STRICT_ENCODING 0
extern bool var_strict_encoding;
#define VAR_AUTO_8BIT_ENC_HDR "detect_8bit_encoding_header"
#define DEF_AUTO_8BIT_ENC_HDR 1
extern int var_auto_8bit_enc_hdr;
/*
* Bizarre.
*/
@ -2745,6 +2814,10 @@ extern char *var_milt_data_macros;
#define DEF_MILT_UNK_MACROS ""
extern char *var_milt_unk_macros;
#define VAR_MILT_EOH_MACROS "milter_end_of_header_macros"
#define DEF_MILT_EOH_MACROS "i"
extern char *var_milt_eoh_macros;
#define VAR_MILT_EOD_MACROS "milter_end_of_data_macros"
#define DEF_MILT_EOD_MACROS "i"
extern char *var_milt_eod_macros;
@ -2785,6 +2858,82 @@ extern char *var_milt_v;
#define DEF_INT_FILT_CLASSES ""
extern char *var_int_filt_classes;
/*
* This could break logfile processors, so it's off by default.
*/
#define VAR_SMTPD_CLIENT_PORT_LOG "smtpd_client_port_logging"
#define DEF_SMTPD_CLIENT_PORT_LOG 0
extern bool var_smtpd_client_port_log;
#define VAR_QMQPD_CLIENT_PORT_LOG "qmqpd_client_port_logging"
#define DEF_QMQPD_CLIENT_PORT_LOG 0
extern bool var_qmqpd_client_port_log;
/*
* Header/body checks in delivery agents.
*/
#define VAR_SMTP_HEAD_CHKS "smtp_header_checks"
#define DEF_SMTP_HEAD_CHKS ""
extern char *var_smtp_head_chks;
#define VAR_SMTP_MIME_CHKS "smtp_mime_header_checks"
#define DEF_SMTP_MIME_CHKS ""
extern char *var_smtp_mime_chks;
#define VAR_SMTP_NEST_CHKS "smtp_nested_header_checks"
#define DEF_SMTP_NEST_CHKS ""
extern char *var_smtp_nest_chks;
#define VAR_SMTP_BODY_CHKS "smtp_body_checks"
#define DEF_SMTP_BODY_CHKS ""
extern char *var_smtp_body_chks;
#define VAR_LMTP_HEAD_CHKS "lmtp_header_checks"
#define DEF_LMTP_HEAD_CHKS ""
#define VAR_LMTP_MIME_CHKS "lmtp_mime_header_checks"
#define DEF_LMTP_MIME_CHKS ""
#define VAR_LMTP_NEST_CHKS "lmtp_nested_header_checks"
#define DEF_LMTP_NEST_CHKS ""
#define VAR_LMTP_BODY_CHKS "lmtp_body_checks"
#define DEF_LMTP_BODY_CHKS ""
/*
* Scheduler concurrency feedback algorithms.
*/
#define VAR_CONC_POS_FDBACK "default_destination_concurrency_positive_feedback"
#define _CONC_POS_FDBACK "_concurrency_positive_feedback"
#define DEF_CONC_POS_FDBACK "1"
extern char *var_conc_pos_feedback;
#define VAR_CONC_NEG_FDBACK "default_destination_concurrency_negative_feedback"
#define _CONC_NEG_FDBACK "_concurrency_negative_feedback"
#define DEF_CONC_NEG_FDBACK "1"
extern char *var_conc_neg_feedback;
#define CONC_FDBACK_NAME_WIN "concurrency"
#define CONC_FDBACK_NAME_SQRT_WIN "sqrt_concurrency"
#define VAR_CONC_COHORT_LIM "default_destination_concurrency_failed_cohort_limit"
#define _CONC_COHORT_LIM "_concurrency_failed_cohort_limit"
#define DEF_CONC_COHORT_LIM 1
extern int var_conc_cohort_limit;
#define VAR_CONC_FDBACK_DEBUG "destination_concurrency_feedback_debug"
#define DEF_CONC_FDBACK_DEBUG 0
extern bool var_conc_feedback_debug;
#define VAR_DEST_RATE_DELAY "default_destination_rate_delay"
#define _DEST_RATE_DELAY "_destination_rate_delay"
#define DEF_DEST_RATE_DELAY "0s"
extern int var_dest_rate_delay;
/*
* Stress handling.
*/
#define VAR_STRESS "stress"
#define DEF_STRESS ""
extern char *var_stress;
/* LICENSE
/* .ad
/* .fi

4
gnu/dist/postfix/src/global/mynetworks.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: mynetworks.c,v 1.7 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: mynetworks.c,v 1.8 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -75,7 +75,7 @@
#define MASK_STYLE_SUBNET (1 << 1)
#define MASK_STYLE_HOST (1 << 2)
static NAME_MASK mask_styles[] = {
static const NAME_MASK mask_styles[] = {
MYNETWORKS_STYLE_CLASS, MASK_STYLE_CLASS,
MYNETWORKS_STYLE_SUBNET, MASK_STYLE_SUBNET,
MYNETWORKS_STYLE_HOST, MASK_STYLE_HOST,

8
gnu/dist/postfix/src/global/virtual8.in vendored
View File

@ -1,8 +0,0 @@
aaa@domain.tld
aaa+xxx@domain.tld
bbb@domain.tld
bbb+yyy@domain.tld
ccc@domain.tld
ccc+zzz@domain.tld
aaa@domain.ttt
aaa+bbb@domain.ttt

8
gnu/dist/postfix/src/global/virtual8.ref vendored
View File

@ -1,8 +0,0 @@
aaa@domain.tld -> aaa
aaa+xxx@domain.tld -> aaa
bbb@domain.tld -> bbb
bbb+yyy@domain.tld -> bbb
ccc@domain.tld -> catchall
ccc+zzz@domain.tld -> catchall
aaa@domain.ttt -> (none)
aaa+bbb@domain.ttt -> (none)

3
gnu/dist/postfix/src/global/virtual8_map vendored
View File

@ -1,3 +0,0 @@
@domain.tld catchall
aaa@domain.tld aaa
bbb@domain.tld bbb

165
gnu/dist/postfix/src/global/virtual8_maps.c vendored
View File

@ -1,165 +0,0 @@
/* $NetBSD: virtual8_maps.c,v 1.1.1.3 2004/05/31 00:24:36 heas Exp $ */
/*++
/* NAME
/* virtual8_maps 3
/* SUMMARY
/* virtual delivery agent map lookups
/* SYNOPSIS
/* #include <virtual8_maps.h>
/*
/* MAPS *virtual8_maps_create(title, map_names, flags)
/* const char *title;
/* const char *map_names;
/* int flags;
/*
/* const char *virtual8_maps_find(maps, recipient)
/* MAPS *maps;
/* const char *recipient;
/*
/* MAPS *virtual8_maps_free(maps)
/* MAPS *maps;
/* DESCRIPTION
/* This module does user lookups for the virtual delivery
/* agent. The code is made available as a library module so that
/* other programs can perform compatible queries.
/*
/* Lookups are case sensitive.
/*
/* virtual8_maps_create() takes list of type:name pairs and opens the
/* named dictionaries.
/* The result is a handle that must be specified along with all
/* other virtual8_maps_xxx() operations.
/* See dict_open(3) for a description of flags.
/*
/* virtual8_maps_find() searches the specified list of dictionaries
/* in the specified order for the named key. The result is in
/* memory that is overwritten upon each call.
/*
/* virtual8_maps_free() releases storage claimed by virtual8_maps_create()
/* and conveniently returns a null pointer.
/*
/* Arguments:
/* .IP title
/* String used for diagnostics. Typically one specifies the
/* type of information stored in the lookup tables.
/* .IP map_names
/* Null-terminated string with type:name dictionary specifications,
/* separated by whitespace or commas.
/* .IP maps
/* A result from maps_create().
/* .IP key
/* Null-terminated string with a lookup key. Table lookup is case
/* sensitive.
/* DIAGNOSTICS
/* The dict_errno variable is non-zero in case of problems.
/* BUGS
/* This code is a temporary solution that implements a hard-coded
/* lookup strategy. In a future version of Postfix, the lookup
/* strategy should become configurable.
/* SEE ALSO
/* virtual(8) virtual mailbox delivery agent
/* maps(3) multi-dictionary search
/* dict_open(3) low-level dictionary interface
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <string.h>
/* Utility library. */
#include <msg.h>
#include <mymalloc.h>
/* Global library. */
#include <maps.h>
#include <mail_params.h>
#include <strip_addr.h>
#include <virtual8_maps.h>
/* Application-specific. */
/* virtual8_maps_find - lookup for virtual delivery agent */
const char *virtual8_maps_find(MAPS *maps, const char *recipient)
{
const char *ratsign;
const char *result;
char *bare = 0;
/*
* Look up the address minus the optional extension. This is done first,
* to avoid hammering the database with extended address lookups, and to
* have straightforward semantics (extensions are always ignored).
*/
if (*var_rcpt_delim
&& (bare = strip_addr(recipient, (char **) 0, *var_rcpt_delim)) != 0) {
result = maps_find(maps, bare, DICT_FLAG_FIXED);
myfree(bare);
if (result != 0 || dict_errno != 0)
return (result);
}
/*
* Look up the full address. Allow regexp table searches.
*/
if (bare == 0) {
result = maps_find(maps, recipient, DICT_FLAG_NONE);
if (result != 0 || dict_errno != 0)
return (result);
}
/*
* Look up the @domain catch-all.
*/
if ((ratsign = strrchr(recipient, '@')) == 0)
return (0);
return (maps_find(maps, ratsign, DICT_FLAG_FIXED));
}
#ifdef TEST
#include <vstream.h>
#include <vstring.h>
#include <vstring_vstream.h>
#define STR(x) vstring_str(x)
int main(int argc, char **argv)
{
VSTRING *buffer;
MAPS *maps;
const char *result;
if (argc != 2)
msg_fatal("usage: %s mapname", argv[0]);
var_rcpt_delim = "+";
var_double_bounce_sender = DEF_DOUBLE_BOUNCE;
maps = virtual8_maps_create("testmap", argv[1], DICT_FLAG_LOCK);
buffer = vstring_alloc(1);
while (vstring_fgets_nonl(buffer, VSTREAM_IN)) {
result = virtual8_maps_find(maps, STR(buffer));
vstream_printf("%s -> %s\n", STR(buffer), result ? result : "(none)");
vstream_fflush(VSTREAM_OUT);
}
virtual8_maps_free(maps);
vstring_free(buffer);
return (0);
}
#endif

40
gnu/dist/postfix/src/global/virtual8_maps.h vendored
View File

@ -1,40 +0,0 @@
/* $NetBSD: virtual8_maps.h,v 1.1.1.3 2004/05/31 00:24:36 heas Exp $ */
#ifndef _VIRTUAL8_MAPS_H_INCLUDED_
#define _VIRTUAL8_MAPS_H_INCLUDED_
/*++
/* NAME
/* virtual8_maps 3h
/* SUMMARY
/* virtual delivery agent compatibility
/* SYNOPSIS
/* #include <virtual8_maps.h>
/* DESCRIPTION
/* .nf
/*
* Global library.
*/
#include <maps.h>
/*
* External interface.
*/
#define virtual8_maps_create(title, map_names, flags) \
maps_create((title), (map_names), (flags))
extern const char *virtual8_maps_find(MAPS *, const char *);
#define virtual8_maps_free(maps) maps_free((maps))
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

144
gnu/dist/postfix/src/local/delivered.c vendored
View File

@ -1,144 +0,0 @@
/* $NetBSD: delivered.c,v 1.1.1.3 2006/07/19 01:17:30 rpaulo Exp $ */
/*++
/* NAME
/* delivered 3
/* SUMMARY
/* process Delivered-To: headers
/* SYNOPSIS
/* #include "local.h"
/*
/* HTABLE *delivered_init(attr)
/* DELIVER_ATTR attr;
/*
/* int delivered_find(table, address)
/* HTABLE *table;
/* const char *address;
/*
/* void delivered_free(table)
/* HTABLE *table;
/* DESCRIPTION
/* This module processes addresses in Delivered-To: headers.
/* These headers are added by some mail delivery systems, for the
/* purpose of breaking mail forwarding loops. N.B. This solves
/* a different problem than the Received: hop count limit. Hop
/* counts are used to limit the impact of mail routing problems.
/*
/* delivered_init() extracts Delivered-To: header addresses
/* from the specified message, and returns a table with the
/* result.
/*
/* delivered_find() looks up the address in the lookup table,
/* and returns non-zero when the address was found. The
/* address argument must be in internalized form.
/*
/* delivered_free() releases storage that was allocated by
/* delivered_init().
/*
/* Arguments:
/* .IP state
/* The attributes that specify the message, recipient and more.
/* .IP table
/* A table with extracted Delivered-To: addresses.
/* .IP address
/* A recipient address, internal form.
/* DIAGNOSTICS
/* Fatal errors: out of memory.
/* SEE ALSO
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <unistd.h>
#include <string.h>
#include <ctype.h>
/* Utility library. */
#include <msg.h>
#include <htable.h>
#include <vstring.h>
#include <vstream.h>
#include <vstring_vstream.h>
#include <stringops.h>
/* Global library. */
#include <record.h>
#include <rec_type.h>
#include <is_header.h>
#include <quote_822_local.h>
#include <header_opts.h>
/* Application-specific. */
#include "local.h"
static VSTRING *buf;
/* delivered_init - extract delivered-to information from the message */
HTABLE *delivered_init(DELIVER_ATTR attr)
{
char *cp;
HTABLE *table = htable_create(0);
HEADER_OPTS *hdr;
if (buf == 0)
buf = vstring_alloc(10);
if (vstream_fseek(attr.fp, attr.offset, SEEK_SET) < 0)
msg_fatal("seek queue file %s: %m", VSTREAM_PATH(attr.fp));
/*
* XXX Assume that normal mail systems produce headers that fit in a
* REC_TYPE_NORM record. Lowercase the delivered-to addresses for
* consistency.
*/
while (rec_get(attr.fp, buf, 0) == REC_TYPE_NORM) {
if (is_header(STR(buf))) {
if ((hdr = header_opts_find(STR(buf))) != 0
&& hdr->type == HDR_DELIVERED_TO) {
cp = STR(buf) + strlen(hdr->name) + 1;
while (ISSPACE(*cp))
cp++;
lowercase(cp);
if (msg_verbose)
msg_info("delivered_init: %s", cp);
htable_enter(table, cp, (char *) 0);
}
} else if (ISSPACE(STR(buf)[0])) {
continue;
} else {
break;
}
}
return (table);
}
/* delivered_find - look up recipient in delivered table */
int delivered_find(HTABLE *table, const char *address)
{
HTABLE_INFO *ht;
/*
* mail_copy() uses quote_822_local() when writing the Delivered-To:
* header. We must therefore apply the same transformation when looking
* up the recipient. Lowercase the delivered-to address for consistency.
*/
quote_822_local(buf, address);
lowercase(STR(buf));
ht = htable_locate(table, STR(buf));
return (ht != 0);
}

9
gnu/dist/postfix/src/master/master.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: master.h,v 1.9 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: master.h,v 1.10 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -35,9 +35,6 @@ typedef struct MASTER_SERV {
int wakeup_time; /* wakeup interval */
int *listen_fd; /* incoming requests */
int listen_fd_count; /* nr of descriptors */
#ifdef MASTER_SERV_TYPE_PASS
struct PASS_INFO *pass_info; /* descriptor passing state */
#endif
union {
struct {
char *port; /* inet listen port */
@ -49,6 +46,8 @@ typedef struct MASTER_SERV {
int max_proc; /* upper bound on # processes */
char *path; /* command pathname */
struct ARGV *args; /* argument vector */
char *stress_param_val; /* stress value: "yes" or empty */
time_t stress_expire_time; /* stress pulse stretcher */
int avail_proc; /* idle processes */
int total_proc; /* number of processes */
int throttle_delay; /* failure recovery parameter */
@ -78,7 +77,7 @@ typedef struct MASTER_SERV {
#define MASTER_SERV_TYPE_UNIX 1 /* AF_UNIX domain socket */
#define MASTER_SERV_TYPE_INET 2 /* AF_INET domain socket */
#define MASTER_SERV_TYPE_FIFO 3 /* fifo (named pipe) */
/*#define MASTER_SERV_TYPE_PASS 4 /* AF_UNIX domain socket */
#define MASTER_SERV_TYPE_PASS 4 /* AF_UNIX domain socket */
/*
* Default process management policy values. This is only the bare minimum.

11
gnu/dist/postfix/src/master/master_ent.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: master_ent.c,v 1.14 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: master_ent.c,v 1.15 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -96,6 +96,7 @@
#include <mail_params.h>
#include <own_inet_addr.h>
#include <wildcard_inet_addr.h>
#include <mail_conf.h>
/* Local stuff. */
@ -513,6 +514,14 @@ MASTER_SERV *get_master_ent()
argv_add(serv->args, "-u", (char *) 0);
if (chroot)
argv_add(serv->args, "-c", (char *) 0);
if ((serv->flags & MASTER_FLAG_LOCAL_ONLY) == 0) {
argv_add(serv->args, "-o", "stress=" CONFIG_BOOL_YES, (char *) 0);
serv->stress_param_val =
serv->args->argv[serv->args->argc - 1] + sizeof("stress=") - 1;
serv->stress_param_val[0] = 0;
} else
serv->stress_param_val = 0;
serv->stress_expire_time = 0;
if (serv->listen_fd_count > 1)
argv_add(serv->args, "-s",
vstring_str(vstring_sprintf(junk, "%d", serv->listen_fd_count)),

10
gnu/dist/postfix/src/master/master_listen.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: master_listen.c,v 1.9 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: master_listen.c,v 1.10 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -26,6 +26,7 @@
/* inet_listen(3), internet-domain listener
/* unix_listen(3), unix-domain listener
/* fifo_listen(3), named-pipe listener
/* upass_listen(3), file descriptor passing listener
/* set_eugid(3), set effective user/group attributes
/* LICENSE
/* .ad
@ -138,8 +139,7 @@ void master_listen_init(MASTER_SERV *serv)
set_eugid(var_owner_uid, var_owner_gid);
serv->listen_fd[0] =
PASS_LISTEN(serv->name, serv->max_proc > var_proc_limit ?
serv->max_proc : var_proc_limit, NON_BLOCKING,
&(serv->pass_info));
serv->max_proc : var_proc_limit, NON_BLOCKING);
close_on_exec(serv->listen_fd[0], CLOSE_ON_EXEC);
set_ugid(getuid(), getgid());
break;
@ -163,10 +163,6 @@ void master_listen_cleanup(MASTER_SERV *serv)
* listener. The 4.4BSD shutdown(2) man page promises an ENOTCONN error
* when shutdown(2) is applied to a socket that is not connected.
*/
#ifdef MASTER_SERV_TYPE_PASS
if (serv->type == MASTER_SERV_TYPE_PASS)
PASS_SHUTDOWN(&(serv->pass_info));
#endif
for (n = 0; n < serv->listen_fd_count; n++) {
if (close(serv->listen_fd[n]) < 0)
msg_warn("%s: close listener socket %d: %m",

106
gnu/dist/postfix/src/oqmgr/qmgr_rcpt_list.c vendored
View File

@ -1,106 +0,0 @@
/* $NetBSD: qmgr_rcpt_list.c,v 1.1.1.2 2004/05/31 00:24:39 heas Exp $ */
/*++
/* NAME
/* qmgr_rcpt_list 3
/* SUMMARY
/* in-core recipient structures
/* SYNOPSIS
/* #include "qmgr.h"
/*
/* void qmgr_rcpt_list_init(list)
/* QMGR_RCPT_LIST *list;
/*
/* void qmgr_rcpt_list_add(list, offset, orig_rcpt, recipient)
/* QMGR_RCPT_LIST *list;
/* long offset;
/* const char *orig_rcpt;
/* const char *recipient;
/*
/* void qmgr_rcpt_list_free(list)
/* QMGR_RCPT_LIST *list;
/* DESCRIPTION
/* This module maintains lists of queue manager recipient structures.
/* These structures are extended versions of the structures maintained
/* by the recipient_list(3) module. The extension is that the queue
/* manager version of a recipient can have a reference to a queue
/* structure.
/*
/* qmgr_rcpt_list_init() creates an empty recipient structure list.
/* The list argument is initialized such that it can be given to
/* qmgr_rcpt_list_add() and qmgr_rcpt_list_free().
/*
/* qmgr_rcpt_list_add() adds a recipient to the specified list.
/* The recipient name is copied.
/*
/* qmgr_rcpt_list_free() releases memory for the specified list
/* of recipient structures.
/* SEE ALSO
/* qmgr_rcpt_list(3h) data structure
/* recipient_list(3) same code, different data structure.
/* DIAGNOSTICS
/* Fatal errors: memory allocation.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
/* Utility library. */
#include <mymalloc.h>
/* Application-specific. */
#include "qmgr.h"
/* qmgr_rcpt_list_init - initialize */
void qmgr_rcpt_list_init(QMGR_RCPT_LIST *list)
{
list->avail = 1;
list->len = 0;
list->info = (QMGR_RCPT *) mymalloc(sizeof(QMGR_RCPT));
}
/* qmgr_rcpt_list_add - add rcpt to list */
void qmgr_rcpt_list_add(QMGR_RCPT_LIST *list, long offset,
const char *orcpt, const char *rcpt)
{
int new_avail;
if (list->len >= list->avail) {
new_avail = list->avail * 2;
list->info = (QMGR_RCPT *)
myrealloc((char *) list->info, new_avail * sizeof(QMGR_RCPT));
list->avail = new_avail;
}
list->info[list->len].orig_rcpt = mystrdup(orcpt);
list->info[list->len].address = mystrdup(rcpt);
list->info[list->len].offset = offset;
list->info[list->len].queue = 0;
list->len++;
}
/* qmgr_rcpt_list_free - release memory for in-core recipient structure */
void qmgr_rcpt_list_free(QMGR_RCPT_LIST *list)
{
QMGR_RCPT *rcpt;
for (rcpt = list->info; rcpt < list->info + list->len; rcpt++) {
myfree(rcpt->orig_rcpt);
myfree(rcpt->address);
}
myfree((char *) list->info);
}

10
gnu/dist/postfix/src/postconf/auto_table.h vendored
View File

@ -1,10 +0,0 @@
/* $NetBSD: auto_table.h,v 1.1.1.2 2004/05/31 00:24:41 heas Exp $ */
"lmtp_destination_concurrency_limit", "$default_destination_concurrency_limit", &var_lmtp_destination_concurrency_limit, 0, 0,
"relay_destination_concurrency_limit", "$default_destination_concurrency_limit", &var_relay_destination_concurrency_limit, 0, 0,
"smtp_destination_concurrency_limit", "$default_destination_concurrency_limit", &var_smtp_destination_concurrency_limit, 0, 0,
"virtual_destination_concurrency_limit", "$default_destination_concurrency_limit", &var_virtual_destination_concurrency_limit, 0, 0,
"lmtp_destination_recipient_limit", "$default_destination_recipient_limit", &var_lmtp_destination_recipient_limit, 0, 0,
"relay_destination_recipient_limit", "$default_destination_recipient_limit", &var_relay_destination_recipient_limit, 0, 0,
"smtp_destination_recipient_limit", "$default_destination_recipient_limit", &var_smtp_destination_recipient_limit, 0, 0,
"virtual_destination_recipient_limit", "$default_destination_recipient_limit", &var_virtual_destination_recipient_limit, 0, 0,

10
gnu/dist/postfix/src/postconf/auto_vars.h vendored
View File

@ -1,10 +0,0 @@
/* $NetBSD: auto_vars.h,v 1.1.1.2 2004/05/31 00:24:41 heas Exp $ */
char *var_lmtp_destination_concurrency_limit;
char *var_relay_destination_concurrency_limit;
char *var_smtp_destination_concurrency_limit;
char *var_virtual_destination_concurrency_limit;
char *var_lmtp_destination_recipient_limit;
char *var_smtp_destination_recipient_limit;
char *var_relay_destination_recipient_limit;
char *var_virtual_destination_recipient_limit;

52
gnu/dist/postfix/src/qmgr/qmgr_message.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: qmgr_message.c,v 1.17 2007/05/19 17:49:48 heas Exp $ */
/* $NetBSD: qmgr_message.c,v 1.18 2008/06/22 14:38:41 christos Exp $ */
/*++
/* NAME
@ -87,7 +87,7 @@
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
/* Scheduler enhancements:
/* Preemptive scheduler enhancements:
/* Patrik Rak
/* Modra 6
/* 155 00, Prague, Czech Republic
@ -192,6 +192,7 @@ static QMGR_MESSAGE *qmgr_message_create(const char *queue_name,
message->verp_delims = 0;
message->client_name = 0;
message->client_addr = 0;
message->client_port = 0;
message->client_proto = 0;
message->client_helo = 0;
message->sasl_method = 0;
@ -335,6 +336,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
int dsn_notify = 0;
char *dsn_orcpt = 0;
int n;
int have_log_client_attr = 0;
/*
* Initialize. No early returns or we have a memory leak.
@ -654,18 +656,24 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
* client information. To support old queue files we accept both
* names for the purpose of logging; the new name overrides the
* old one.
*
* XXX Do not use the "legacy" client_name etc. attribute values for
* initializing the logging attributes, when this file already
* contains the "modern" log_client_name etc. logging attributes.
* Otherwise, logging attributes that are not present in the
* queue file would be set with information from the real client.
*/
else if (strcmp(name, MAIL_ATTR_ACT_CLIENT_NAME) == 0) {
if (message->client_name == 0)
if (have_log_client_attr == 0 && message->client_name == 0)
message->client_name = mystrdup(value);
} else if (strcmp(name, MAIL_ATTR_ACT_CLIENT_ADDR) == 0) {
if (message->client_addr == 0)
if (have_log_client_attr == 0 && message->client_addr == 0)
message->client_addr = mystrdup(value);
} else if (strcmp(name, MAIL_ATTR_ACT_PROTO_NAME) == 0) {
if (message->client_proto == 0)
if (have_log_client_attr == 0 && message->client_proto == 0)
message->client_proto = mystrdup(value);
} else if (strcmp(name, MAIL_ATTR_ACT_HELO_NAME) == 0) {
if (message->client_helo == 0)
if (have_log_client_attr == 0 && message->client_helo == 0)
message->client_helo = mystrdup(value);
}
/* Original client attributes. */
@ -673,18 +681,27 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
if (message->client_name != 0)
myfree(message->client_name);
message->client_name = mystrdup(value);
have_log_client_attr = 1;
} else if (strcmp(name, MAIL_ATTR_LOG_CLIENT_ADDR) == 0) {
if (message->client_addr != 0)
myfree(message->client_addr);
message->client_addr = mystrdup(value);
have_log_client_attr = 1;
} else if (strcmp(name, MAIL_ATTR_LOG_CLIENT_PORT) == 0) {
if (message->client_port != 0)
myfree(message->client_port);
message->client_port = mystrdup(value);
have_log_client_attr = 1;
} else if (strcmp(name, MAIL_ATTR_LOG_PROTO_NAME) == 0) {
if (message->client_proto != 0)
myfree(message->client_proto);
message->client_proto = mystrdup(value);
have_log_client_attr = 1;
} else if (strcmp(name, MAIL_ATTR_LOG_HELO_NAME) == 0) {
if (message->client_helo != 0)
myfree(message->client_helo);
message->client_helo = mystrdup(value);
have_log_client_attr = 1;
} else if (strcmp(name, MAIL_ATTR_SASL_METHOD) == 0) {
if (message->sasl_method == 0)
message->sasl_method = mystrdup(value);
@ -785,6 +802,8 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
message->client_name = mystrdup("");
if (message->client_addr == 0)
message->client_addr = mystrdup("");
if (message->client_port == 0)
message->client_port = mystrdup("");
if (message->client_proto == 0)
message->client_proto = mystrdup("");
if (message->client_helo == 0)
@ -1064,22 +1083,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
"5.1.3 null recipient address");
}
/*
* Bounce recipient addresses that start with `-'. External commands
* may misinterpret such addresses as command-line options.
*
* In theory I could say people should always carefully set up their
* master.cf pipe mailer entries with `--' before the first
* non-option argument, but mistakes will happen regardless.
*
* Therefore the protection is put in place here, in the queue manager,
* where it cannot be bypassed.
*/
if (var_allow_min_user == 0 && recipient->address[0] == '-') {
QMGR_REDIRECT(&reply, MAIL_SERVICE_ERROR,
"5.1.3 bad address syntax");
}
/*
* Discard mail to the local double bounce address here, so this
* system can run without a local delivery agent. They'd still have
@ -1102,8 +1105,11 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
"undeliverable postmaster notification discarded"));
if (status == 0) {
deliver_completed(message->fp, recipient->offset);
#if 0
/* It's the default verification probe sender address. */
msg_warn("%s: undeliverable postmaster notification discarded",
message->queue_id);
#endif
} else
message->flags |= status;
continue;
@ -1373,6 +1379,8 @@ void qmgr_message_free(QMGR_MESSAGE *message)
myfree(message->client_name);
if (message->client_addr)
myfree(message->client_addr);
if (message->client_port)
myfree(message->client_port);
if (message->client_proto)
myfree(message->client_proto);
if (message->client_helo)

106
gnu/dist/postfix/src/qmgr/qmgr_rcpt_list.c vendored
View File

@ -1,106 +0,0 @@
/* $NetBSD: qmgr_rcpt_list.c,v 1.1.1.4 2004/05/31 00:24:44 heas Exp $ */
/*++
/* NAME
/* qmgr_rcpt_list 3
/* SUMMARY
/* in-core recipient structures
/* SYNOPSIS
/* #include "qmgr.h"
/*
/* void qmgr_rcpt_list_init(list)
/* QMGR_RCPT_LIST *list;
/*
/* void qmgr_rcpt_list_add(list, offset, orig_rcpt, recipient)
/* QMGR_RCPT_LIST *list;
/* long offset;
/* const char *orig_rcpt;
/* const char *recipient;
/*
/* void qmgr_rcpt_list_free(list)
/* QMGR_RCPT_LIST *list;
/* DESCRIPTION
/* This module maintains lists of queue manager recipient structures.
/* These structures are extended versions of the structures maintained
/* by the recipient_list(3) module. The extension is that the queue
/* manager version of a recipient can have a reference to a queue
/* structure.
/*
/* qmgr_rcpt_list_init() creates an empty recipient structure list.
/* The list argument is initialized such that it can be given to
/* qmgr_rcpt_list_add() and qmgr_rcpt_list_free().
/*
/* qmgr_rcpt_list_add() adds a recipient to the specified list.
/* The recipient name is copied.
/*
/* qmgr_rcpt_list_free() releases memory for the specified list
/* of recipient structures.
/* SEE ALSO
/* qmgr_rcpt_list(3h) data structure
/* recipient_list(3) same code, different data structure.
/* DIAGNOSTICS
/* Fatal errors: memory allocation.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
/* Utility library. */
#include <mymalloc.h>
/* Application-specific. */
#include "qmgr.h"
/* qmgr_rcpt_list_init - initialize */
void qmgr_rcpt_list_init(QMGR_RCPT_LIST *list)
{
list->avail = 1;
list->len = 0;
list->info = (QMGR_RCPT *) mymalloc(sizeof(QMGR_RCPT));
}
/* qmgr_rcpt_list_add - add rcpt to list */
void qmgr_rcpt_list_add(QMGR_RCPT_LIST *list, long offset,
const char *orcpt, const char *rcpt)
{
int new_avail;
if (list->len >= list->avail) {
new_avail = list->avail * 2;
list->info = (QMGR_RCPT *)
myrealloc((char *) list->info, new_avail * sizeof(QMGR_RCPT));
list->avail = new_avail;
}
list->info[list->len].orig_rcpt = mystrdup(orcpt);
list->info[list->len].address = mystrdup(rcpt);
list->info[list->len].offset = offset;
list->info[list->len].queue = 0;
list->len++;
}
/* qmgr_rcpt_list_free - release memory for in-core recipient structure */
void qmgr_rcpt_list_free(QMGR_RCPT_LIST *list)
{
QMGR_RCPT *rcpt;
for (rcpt = list->info; rcpt < list->info + list->len; rcpt++) {
myfree(rcpt->orig_rcpt);
myfree(rcpt->address);
}
myfree((char *) list->info);
}

152
gnu/dist/postfix/src/smtp/smtp.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp.c,v 1.2 2008/02/04 02:21:30 mrg Exp $ */
/* $NetBSD: smtp.c,v 1.3 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -96,6 +96,7 @@
/* RFC 3207 (STARTTLS command)
/* RFC 3461 (SMTP DSN Extension)
/* RFC 3463 (Enhanced Status Codes)
/* RFC 4954 (AUTH command)
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* Corrupted message files are marked so that the queue manager can
@ -212,6 +213,18 @@
/* When authenticating to a remote SMTP or LMTP server with the
/* default setting "no", send no SASL authoriZation ID (authzid); send
/* only the SASL authentiCation ID (authcid) plus the authcid's password.
/* .PP
/* Available in Postfix version 2.5 and later:
/* .IP "\fBsmtp_header_checks (empty)\fR"
/* Restricted \fBheader_checks\fR(5) tables for the Postfix SMTP client.
/* .IP "\fBsmtp_mime_header_checks (empty)\fR"
/* Restricted \fBmime_header_checks\fR(5) tables for the Postfix SMTP
/* client.
/* .IP "\fBsmtp_nested_header_checks (empty)\fR"
/* Restricted \fBnested_header_checks\fR(5) tables for the Postfix SMTP
/* client.
/* .IP "\fBsmtp_body_checks (empty)\fR"
/* Restricted \fBbody_checks\fR(5) tables for the Postfix SMTP client.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
@ -239,7 +252,8 @@
/* per remote hostname or domain, or sender address when sender-dependent
/* authentication is enabled.
/* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
/* SASL security options; as of Postfix 2.3 the list of available
/* Postfix SMTP client SASL security options; as of Postfix 2.3
/* the list of available
/* features depends on the SASL client implementation that is selected
/* with \fBsmtp_sasl_type\fR.
/* .PP
@ -255,12 +269,26 @@
/* caching to ensure that mail from different senders will use the
/* appropriate credentials.
/* .IP "\fBsmtp_sasl_path (empty)\fR"
/* Implementation-specific information that is passed through to
/* Implementation-specific information that the Postfix SMTP client
/* passes through to
/* the SASL plug-in implementation that is selected with
/* \fBsmtp_sasl_type\fR.
/* .IP "\fBsmtp_sasl_type (cyrus)\fR"
/* The SASL plug-in type that the Postfix SMTP client should use
/* for authentication.
/* .PP
/* Available in Postfix version 2.5 and later:
/* .IP "\fBsmtp_sasl_auth_cache_name (empty)\fR"
/* An optional table to prevent repeated SASL authentication
/* failures with the same remote SMTP server hostname, username and
/* password.
/* .IP "\fBsmtp_sasl_auth_cache_time (90d)\fR"
/* The maximal age of an smtp_sasl_auth_cache_name entry before it
/* is removed.
/* .IP "\fBsmtp_sasl_auth_soft_bounce (yes)\fR"
/* When a remote SMTP server rejects a SASL authentication request
/* with a 535 reply code, defer mail delivery instead of returning
/* mail as undeliverable.
/* STARTTLS SUPPORT CONTROLS
/* .ad
/* .fi
@ -312,9 +340,9 @@
/* policy by next-hop destination; when a non-empty value is specified,
/* this overrides the obsolete smtp_tls_per_site parameter.
/* .IP "\fBsmtp_tls_mandatory_protocols (SSLv3, TLSv1)\fR"
/* List of TLS protocols that the Postfix SMTP client will use
/* with mandatory TLS encryption.
/* .IP "\fBsmtp_tls_scert_verifydepth (5)\fR"
/* List of SSL/TLS protocols that the Postfix SMTP client will use with
/* mandatory TLS encryption.
/* .IP "\fBsmtp_tls_scert_verifydepth (9)\fR"
/* The verification depth for remote SMTP server certificates.
/* .IP "\fBsmtp_tls_secure_cert_match (nexthop, dot-nexthop)\fR"
/* The server certificate peername verification method for the
@ -349,6 +377,15 @@
/* The SASL authentication security options that the Postfix SMTP
/* client uses for TLS encrypted SMTP sessions with a verified server
/* certificate.
/* .PP
/* Available in Postfix version 2.5 and later:
/* .IP "\fBsmtp_tls_fingerprint_cert_match (empty)\fR"
/* List of acceptable remote SMTP server certificate fingerprints
/* for the "fingerprint" TLS security level (\fBsmtp_tls_security_level\fR =
/* fingerprint).
/* .IP "\fBsmtp_tls_fingerprint_digest (md5)\fR"
/* The message digest algorithm used to construct remote SMTP server
/* certificate fingerprints.
/* OBSOLETE STARTTLS CONTROLS
/* .ad
/* .fi
@ -537,6 +574,9 @@
/* Optional list of relay hosts for SMTP destinations that can't be
/* found or that are unreachable.
/* SEE ALSO
/* generic(5), output address rewriting
/* header_checks(5), message header content inspection
/* body_checks(5), body parts content inspection
/* qmgr(8), queue manager
/* bounce(8), delivery status reports
/* scache(8), connection cache server
@ -577,16 +617,16 @@
/* SuSE Rhein/Main AG
/* 65760 Eschborn, Germany
/*
/* Connection caching in cooperation with:
/* Victor Duchovni
/* Morgan Stanley
/*
/* TLS support originally by:
/* Lutz Jaenicke
/* BTU Cottbus
/* Allgemeine Elektrotechnik
/* Universitaetsplatz 3-4
/* D-03044 Cottbus, Germany
/*
/* Revised TLS and SMTP connection cache support by:
/* Victor Duchovni
/* Morgan Stanley
/*--*/
/* System library. */
@ -705,7 +745,8 @@ char *var_smtp_tls_mand_proto;
char *var_smtp_tls_sec_cmatch;
int var_smtp_tls_scert_vd;
char *var_smtp_tls_vfy_cmatch;
int var_tls_daemon_rand_bytes;
char *var_smtp_tls_fpt_cmatch;
char *var_smtp_tls_fpt_dgst;
#endif
@ -717,6 +758,16 @@ int var_scache_proto_tmout;
bool var_smtp_cname_overr;
char *var_smtp_pix_bug_words;
char *var_smtp_pix_bug_maps;
char *var_cyrus_conf_path;
char *var_smtp_head_chks;
char *var_smtp_mime_chks;
char *var_smtp_nest_chks;
char *var_smtp_body_chks;
/* Special handling of 535 AUTH errors. */
char *var_smtp_sasl_auth_cache_name;
int var_smtp_sasl_auth_cache_time;
bool var_smtp_sasl_auth_soft_bounce;
/*
* Global variables.
@ -728,13 +779,15 @@ MAPS *smtp_ehlo_dis_maps;
MAPS *smtp_generic_maps;
int smtp_ext_prop_mask;
MAPS *smtp_pix_bug_maps;
HBC_CHECKS *smtp_header_checks; /* limited header checks */
HBC_CHECKS *smtp_body_checks; /* limited body checks */
#ifdef USE_TLS
/*
* OpenSSL client state.
* OpenSSL client state (opaque handle)
*/
SSL_CTX *smtp_tls_ctx;
TLS_APPL_STATE *smtp_tls_ctx;
#endif
@ -816,7 +869,7 @@ static void smtp_service(VSTREAM *client_stream, char *service, char **argv)
static void post_init(char *unused_name, char **unused_argv)
{
static NAME_MASK lookup_masks[] = {
static const NAME_MASK lookup_masks[] = {
SMTP_HOST_LOOKUP_DNS, SMTP_HOST_FLAG_DNS,
SMTP_HOST_LOOKUP_NATIVE, SMTP_HOST_FLAG_NATIVE,
0,
@ -871,38 +924,55 @@ static void pre_init(char *unused_name, char **unused_argv)
VAR_SMTP_SASL_ENABLE);
#endif
#ifdef USE_TLS
if (*var_smtp_tls_level)
use_tls = tls_level_lookup(var_smtp_tls_level) > TLS_LEV_NONE;
else
use_tls = var_smtp_enforce_tls || var_smtp_use_tls;
#else
use_tls = 0;
#endif
if (*var_smtp_tls_level != 0)
switch (tls_level_lookup(var_smtp_tls_level)) {
case TLS_LEV_SECURE:
case TLS_LEV_VERIFY:
case TLS_LEV_FPRINT:
case TLS_LEV_ENCRYPT:
var_smtp_use_tls = var_smtp_enforce_tls = 1;
break;
case TLS_LEV_MAY:
var_smtp_use_tls = 1;
var_smtp_enforce_tls = 0;
break;
case TLS_LEV_NONE:
var_smtp_use_tls = var_smtp_enforce_tls = 0;
break;
default:
/* tls_level_lookup() logs no warning. */
/* session_tls_init() assumes that var_smtp_tls_level is sane. */
msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level);
}
use_tls = (var_smtp_use_tls || var_smtp_enforce_tls);
/*
* Initialize the TLS data before entering the chroot jail
*/
if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) {
#ifdef USE_TLS
tls_client_init_props props;
TLS_CLIENT_INIT_PROPS props;
/*
* We get stronger type safety and a cleaner interface by combining
* the various parameters into a single tls_client_props structure.
*
* Large parameter lists are error-prone, so we emulate a language
* feature that C does not have natively: named parameter lists.
*/
props.log_level = var_smtp_tls_loglevel;
props.verifydepth = var_smtp_tls_scert_vd;
props.cache_type = strcmp(var_procname, "smtp") == 0 ?
TLS_MGR_SCACHE_SMTP : TLS_MGR_SCACHE_LMTP;
props.cert_file = var_smtp_tls_cert_file;
props.key_file = var_smtp_tls_key_file;
props.dcert_file = var_smtp_tls_dcert_file;
props.dkey_file = var_smtp_tls_dkey_file;
props.CAfile = var_smtp_tls_CAfile;
props.CApath = var_smtp_tls_CApath;
smtp_tls_ctx = tls_client_init(&props);
smtp_tls_ctx =
TLS_CLIENT_INIT(&props,
log_level = var_smtp_tls_loglevel,
verifydepth = var_smtp_tls_scert_vd,
cache_type = strcmp(var_procname, "smtp") == 0 ?
TLS_MGR_SCACHE_SMTP : TLS_MGR_SCACHE_LMTP,
cert_file = var_smtp_tls_cert_file,
key_file = var_smtp_tls_key_file,
dcert_file = var_smtp_tls_dcert_file,
dkey_file = var_smtp_tls_dkey_file,
CAfile = var_smtp_tls_CAfile,
CApath = var_smtp_tls_CApath,
fpt_dgst = var_smtp_tls_fpt_dgst);
smtp_tls_list_init();
#else
msg_warn("TLS has been selected, but TLS support is not compiled in");
@ -946,6 +1016,18 @@ static void pre_init(char *unused_name, char **unused_argv)
smtp_generic_maps =
maps_create(VAR_SMTP_GENERIC_MAPS, var_smtp_generic_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
/*
* Header/body checks.
*/
smtp_header_checks = hbc_header_checks_create(
VAR_SMTP_HEAD_CHKS, var_smtp_head_chks,
VAR_SMTP_MIME_CHKS, var_smtp_mime_chks,
VAR_SMTP_NEST_CHKS, var_smtp_nest_chks,
smtp_hbc_callbacks);
smtp_body_checks = hbc_body_checks_create(
VAR_SMTP_BODY_CHKS, var_smtp_body_chks,
smtp_hbc_callbacks);
}
/* pre_accept - see if tables have changed */

10
gnu/dist/postfix/src/smtp/smtp_addr.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp_addr.c,v 1.12 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: smtp_addr.c,v 1.13 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -102,7 +102,7 @@
/* smtp_print_addr - print address list */
static void smtp_print_addr(char *what, DNS_RR *addr_list)
static void smtp_print_addr(const char *what, DNS_RR *addr_list)
{
DNS_RR *addr;
MAI_HOSTADDR_STR hostaddr;
@ -122,8 +122,8 @@ static void smtp_print_addr(char *what, DNS_RR *addr_list)
/* smtp_addr_one - address lookup for one host name */
static DNS_RR *smtp_addr_one(DNS_RR *addr_list, char *host, unsigned pref,
DSN_BUF *why)
static DNS_RR *smtp_addr_one(DNS_RR *addr_list, const char *host,
unsigned pref, DSN_BUF *why)
{
const char *myname = "smtp_addr_one";
DNS_RR *addr = 0;
@ -471,7 +471,7 @@ DNS_RR *smtp_domain_addr(char *name, int misc_flags, DSN_BUF *why,
/* smtp_host_addr - direct host lookup */
DNS_RR *smtp_host_addr(char *host, int misc_flags, DSN_BUF *why)
DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
{
DNS_RR *addr_list;

64
gnu/dist/postfix/src/smtp/smtp_connect.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtp_connect.c,v 1.20 2007/08/02 08:26:19 heas Exp $ */
/* $NetBSD: smtp_connect.c,v 1.21 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -299,7 +299,11 @@ static SMTP_SESSION *smtp_connect_sock(int sock, struct sockaddr * sa,
conn_stat = sane_connect(sock, sa, salen);
}
if (conn_stat < 0) {
dsb_simple(why, "4.4.1", "connect to %s[%s]: %m", name, addr);
if (port)
dsb_simple(why, "4.4.1", "connect to %s[%s]:%d: %m",
name, addr, ntohs(port));
else
dsb_simple(why, "4.4.1", "connect to %s[%s]: %m", name, addr);
close(sock);
return (0);
}
@ -437,12 +441,36 @@ static void smtp_cleanup_session(SMTP_STATE *state)
request->msg_stats.reuse_count = 0;
}
static void smtp_cache_policy(SMTP_STATE *state, const char *dest)
{
DELIVER_REQUEST *request = state->request;
state->misc_flags &= ~SMTP_MISC_FLAG_CONN_CACHE_MASK;
/*
* XXX Disable connection caching when sender-dependent authentication is
* enabled. We must not send someone elses mail over an authenticated
* connection, and we must not send mail that requires authentication
* over a connection that wasn't authenticated.
*/
if (var_smtp_sender_auth)
return;
if (smtp_cache_dest && string_list_match(smtp_cache_dest, dest)) {
state->misc_flags |= SMTP_MISC_FLAG_CONN_CACHE_MASK;
} else if (var_smtp_cache_demand) {
if (request->flags & DEL_REQ_FLAG_CONN_LOAD)
state->misc_flags |= SMTP_MISC_FLAG_CONN_LOAD;
if (request->flags & DEL_REQ_FLAG_CONN_STORE)
state->misc_flags |= SMTP_MISC_FLAG_CONN_STORE;
}
}
/* smtp_connect_local - connect to local server */
static void smtp_connect_local(SMTP_STATE *state, const char *path)
{
const char *myname = "smtp_connect_local";
DELIVER_REQUEST *request = state->request;
SMTP_SESSION *session;
DSN_BUF *why = state->why;
@ -452,19 +480,8 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path)
*
* Connection cache management is based on the UNIX-domain pathname, without
* the "unix:" prefix.
*
* XXX Disable connection caching when sender-dependent authentication is
* enabled. We must not send someone elses mail over an authenticated
* connection, and we must not send mail that requires authentication
* over a connection that wasn't authenticated.
*/
#define CAN_ENABLE_CONN_CACHE(request, dest) \
(!var_smtp_sender_auth \
&& ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE)) \
|| (smtp_cache_dest && string_list_match(smtp_cache_dest, dest))))
if (CAN_ENABLE_CONN_CACHE(request, path))
state->misc_flags |= SMTP_MISC_FLAG_CONN_CACHE;
smtp_cache_policy(state, path);
/*
* XXX We assume that the session->addr member refers to a copy of the
@ -484,7 +501,7 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path)
* available, "encrypt" may be a sensible policy. Otherwise, we also
* downgrade "encrypt" to "none", this time just to avoid waste.
*/
if ((state->misc_flags & SMTP_MISC_FLAG_CONN_CACHE) == 0
if ((state->misc_flags & SMTP_MISC_FLAG_CONN_LOAD) == 0
|| (session = smtp_reuse_addr(state, path, NO_PORT)) == 0)
session = smtp_connect_unix(path, why, state->misc_flags);
if ((state->session = session) != 0) {
@ -794,10 +811,10 @@ static void smtp_connect_remote(SMTP_STATE *state, const char *nexthop,
* authenticated connection, and we must not send mail that requires
* authentication over a connection that wasn't authenticated.
*/
if (addr_list && (state->misc_flags & SMTP_MISC_FLAG_FIRST_NEXTHOP)
&& CAN_ENABLE_CONN_CACHE(request, domain)) {
state->misc_flags |= SMTP_MISC_FLAG_CONN_CACHE;
SET_NEXTHOP_STATE(state, lookup_mx, domain, port);
if (addr_list && (state->misc_flags & SMTP_MISC_FLAG_FIRST_NEXTHOP)) {
smtp_cache_policy(state, domain);
if (state->misc_flags & SMTP_MISC_FLAG_CONN_STORE)
SET_NEXTHOP_STATE(state, lookup_mx, domain, port);
}
/*
@ -810,7 +827,7 @@ static void smtp_connect_remote(SMTP_STATE *state, const char *nexthop,
* fall-back destination. smtp_reuse_session() will truncate the
* address list when either limit is reached.
*/
if (addr_list && state->misc_flags & SMTP_MISC_FLAG_CONN_CACHE) {
if (addr_list && (state->misc_flags & SMTP_MISC_FLAG_CONN_LOAD)) {
if (state->cache_used->used > 0)
smtp_scrub_addr_list(state->cache_used, &addr_list);
sess_count = addr_count =
@ -841,7 +858,7 @@ static void smtp_connect_remote(SMTP_STATE *state, const char *nexthop,
next = addr->next;
if (++addr_count == var_smtp_mxaddr_limit)
next = 0;
if ((state->misc_flags & SMTP_MISC_FLAG_CONN_CACHE) == 0
if ((state->misc_flags & SMTP_MISC_FLAG_CONN_LOAD) == 0
|| addr->pref == domain_best_pref
|| dns_rr_to_pa(addr, &hostaddr) == 0
|| !(session = smtp_reuse_addr(state, hostaddr.buf, port)))
@ -899,7 +916,8 @@ static void smtp_connect_remote(SMTP_STATE *state, const char *nexthop,
}
smtp_cleanup_session(state);
} else {
msg_info("%s (port %d)", STR(why->reason), ntohs(port));
/* The reason already includes the IP address and TCP port. */
msg_info("%s", STR(why->reason));
}
/* Insert: test if we must skip the remaining MX hosts. */
}

570
gnu/dist/postfix/src/smtpd/smtpd.c vendored
View File

File diff suppressed because it is too large Load Diff

20
gnu/dist/postfix/src/smtpd/smtpd_backup.in vendored
View File

@ -1,20 +0,0 @@
#
# Initialize.
#
#! ../bin/postmap smtpd_check_access
#msg_verbose 1
smtpd_delay_reject 0
mynetworks 127.0.0.0/8,168.100.189.0/28
#
# MX backup
#
mydestination wzv.porcupine.org,localhost.porcupine.org
inet_interfaces 168.100.189.7,127.0.0.1
recipient_restrictions permit_mx_backup,reject
rcpt wietse@wzv.porcupine.org
rcpt wietse@fist.porcupine.org
rcpt wietse@porcupine.org
permit_mx_backup_networks 168.100.189.5
rcpt wietse@fist.porcupine.org
permit_mx_backup_networks 168.100.189.4
rcpt wietse@fist.porcupine.org

34
gnu/dist/postfix/src/smtpd/smtpd_backup.ref vendored
View File

@ -1,34 +0,0 @@
>>> #
>>> # Initialize.
>>> #
>>> #! ../bin/postmap smtpd_check_access
>>> #msg_verbose 1
>>> smtpd_delay_reject 0
OK
>>> mynetworks 127.0.0.0/8,168.100.189.0/28
OK
>>> #
>>> # MX backup
>>> #
>>> mydestination wzv.porcupine.org,localhost.porcupine.org
OK
>>> inet_interfaces 168.100.189.7,127.0.0.1
OK
>>> recipient_restrictions permit_mx_backup,reject
OK
>>> rcpt wietse@wzv.porcupine.org
OK
>>> rcpt wietse@fist.porcupine.org
OK
>>> rcpt wietse@porcupine.org
./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 554 <wietse@porcupine.org>: Recipient address rejected: Access denied; to=<wietse@porcupine.org> proto=SMTP
554 <wietse@porcupine.org>: Recipient address rejected: Access denied
>>> permit_mx_backup_networks 168.100.189.5
OK
>>> rcpt wietse@fist.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from localhost[127.0.0.1]: 554 <wietse@fist.porcupine.org>: Recipient address rejected: Access denied; to=<wietse@fist.porcupine.org> proto=SMTP
554 <wietse@fist.porcupine.org>: Recipient address rejected: Access denied
>>> permit_mx_backup_networks 168.100.189.4
OK
>>> rcpt wietse@fist.porcupine.org
OK

66
gnu/dist/postfix/src/smtpd/smtpd_check.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtpd_check.c,v 1.21 2007/02/05 17:56:11 rpaulo Exp $ */
/* $NetBSD: smtpd_check.c,v 1.22 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -1230,7 +1230,7 @@ static int permit_tls_clientcerts(SMTPD_STATE *state, int permit_all_certs)
if (!state->tls_context)
return SMTPD_CHECK_DUNNO;
if (state->tls_context->peer_verified && permit_all_certs) {
if (TLS_CERT_IS_TRUSTED(state->tls_context) && permit_all_certs) {
if (msg_verbose)
msg_info("Relaying allowed for all verified client certificates");
return (SMTPD_CHECK_OK);
@ -1240,7 +1240,7 @@ static int permit_tls_clientcerts(SMTPD_STATE *state, int permit_all_certs)
* When directly checking the fingerprint, it is OK if the issuing CA is
* not trusted.
*/
if (state->tls_context->peer_fingerprint) {
if (TLS_CERT_IS_PRESENT(state->tls_context)) {
found = maps_find(relay_ccerts, state->tls_context->peer_fingerprint,
DICT_FLAG_NONE);
if (found) {
@ -2101,6 +2101,32 @@ static int check_table_result(SMTPD_STATE *state, const char *table,
}
}
/*
* BCC means deliver to designated recipient. But we may still change our
* mind, and reject/discard the message for other reasons.
*/
#ifdef SNAPSHOT
if (STREQUAL(value, "BCC", cmd_len)) {
#ifndef TEST
if (can_delegate_action(state, table, "BCC", reply_class) == 0)
return (SMTPD_CHECK_DUNNO);
#endif
if (strchr(cmd_text, '@') == 0) {
msg_warn("access table %s entry \"%s\" requires user@domain target",
table, datum);
return (SMTPD_CHECK_DUNNO);
} else {
vstring_sprintf(error_text, "<%s>: %s triggers BCC %s",
reply_name, reply_class, cmd_text);
log_whatsup(state, "bcc", STR(error_text));
#ifndef TEST
UPDATE_STRING(state->saved_bcc, cmd_text);
#endif
return (SMTPD_CHECK_DUNNO);
}
}
#endif
/*
* DEFER_IF_PERMIT changes "permit" into "maybe". Use optional text or
* generate a generic error response.
@ -2594,14 +2620,11 @@ static int check_ccert_access(SMTPD_STATE *state, const char *table,
const char *myname = "check_ccert_access";
int found;
if (!state->tls_context)
return SMTPD_CHECK_DUNNO;
/*
* When directly checking the fingerprint, it is OK if the issuing CA is
* not trusted.
*/
if (state->tls_context->peer_fingerprint) {
if (TLS_CERT_IS_PRESENT(state->tls_context)) {
if (msg_verbose)
msg_info("%s: %s", myname, state->tls_context->peer_fingerprint);
@ -3299,12 +3322,11 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
#ifdef USE_TLS
#define ENCODE_CN(coded_CN, coded_CN_buf, CN) do { \
if (state->tls_context == 0 \
|| state->tls_context->peer_verified == 0 || (CN) == 0) { \
if (!TLS_CERT_IS_TRUSTED(state->tls_context) || *(CN) == 0) { \
coded_CN_buf = 0; \
coded_CN = ""; \
} else { \
coded_CN_buf = vstring_alloc(strlen(CN)); \
coded_CN_buf = vstring_alloc(strlen(CN) + 1); \
xtext_quote(coded_CN_buf, CN, ""); \
coded_CN = STR(coded_CN_buf); \
} \
@ -3342,6 +3364,7 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
state->act_size : state->msg_size),
ATTR_TYPE_STR, MAIL_ATTR_ETRN_DOMAIN,
state->etrn_name ? state->etrn_name : "",
ATTR_TYPE_STR, MAIL_ATTR_STRESS, var_stress,
#ifdef USE_SASL_AUTH
ATTR_TYPE_STR, MAIL_ATTR_SASL_METHOD,
var_smtpd_sasl_enable && state->sasl_method ?
@ -3354,14 +3377,9 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
state->sasl_sender : "",
#endif
#ifdef USE_TLS
#define IF_VERIFIED(x) \
((state->tls_context && \
state->tls_context->peer_verified && ((x) != 0)) ? (x) : "")
#define IF_ENCRYPTED(x, y) ((state->tls_context && ((x) != 0)) ? (x) : (y))
ATTR_TYPE_STR, MAIL_ATTR_CCERT_SUBJECT,
IF_VERIFIED(subject),
ATTR_TYPE_STR, MAIL_ATTR_CCERT_ISSUER,
IF_VERIFIED(issuer),
ATTR_TYPE_STR, MAIL_ATTR_CCERT_SUBJECT, subject,
ATTR_TYPE_STR, MAIL_ATTR_CCERT_ISSUER, issuer,
/*
* When directly checking the fingerprint, it is OK if the issuing CA is
@ -4279,7 +4297,9 @@ static int check_recipient_rcpt_maps(SMTPD_STATE *state, const char *recipient)
return (0);
if (state->recipient_rcptmap_checked == 1)
return (0);
state->recipient_rcptmap_checked = 1;
if (state->warn_if_reject == 0)
/* We really validate the recipient address. */
state->recipient_rcptmap_checked = 1;
return (check_rcpt_maps(state, recipient, SMTPD_NAME_RECIPIENT));
}
@ -4296,7 +4316,9 @@ static int check_sender_rcpt_maps(SMTPD_STATE *state, const char *sender)
return (0);
if (state->sender_rcptmap_checked == 1)
return (0);
state->sender_rcptmap_checked = 1;
if (state->warn_if_reject == 0)
/* We really validate the sender address. */
state->sender_rcptmap_checked = 1;
return (check_rcpt_maps(state, sender, SMTPD_NAME_SENDER));
}
@ -4693,7 +4715,7 @@ typedef struct {
#undef DEF_LOCAL_RCPT_MAPS
#define DEF_LOCAL_RCPT_MAPS ""
static STRING_TABLE string_table[] = {
static const STRING_TABLE string_table[] = {
VAR_MAPS_RBL_DOMAINS, DEF_MAPS_RBL_DOMAINS, &var_maps_rbl_domains,
VAR_MYORIGIN, DEF_MYORIGIN, &var_myorigin,
VAR_MYDEST, DEF_MYDEST, &var_mydest,
@ -4792,7 +4814,7 @@ int var_smtpd_rej_unl_rcpt;
int var_plaintext_code;
bool var_smtpd_peername_lookup;
static INT_TABLE int_table[] = {
static const INT_TABLE int_table[] = {
"msg_verbose", 0, &msg_verbose,
VAR_UNK_CLIENT_CODE, DEF_UNK_CLIENT_CODE, &var_unk_client_code,
VAR_BAD_NAME_CODE, DEF_BAD_NAME_CODE, &var_bad_name_code,
@ -4857,7 +4879,7 @@ typedef struct {
ARGV **target;
} REST_TABLE;
static REST_TABLE rest_table[] = {
static const REST_TABLE rest_table[] = {
"client_restrictions", &client_restrctions,
"helo_restrictions", &helo_restrctions,
"sender_restrictions", &mail_restrctions,

21
gnu/dist/postfix/src/smtpd/smtpd_peer.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: smtpd_peer.c,v 1.16 2007/08/02 08:26:19 heas Exp $ */
/* $NetBSD: smtpd_peer.c,v 1.17 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -27,7 +27,7 @@
/* The verified client hostname. This name is represented by
/* the string "unknown" when 1) the address->name lookup failed,
/* 2) the name->address mapping fails, or 3) the name->address
/* does not produce the client IP address.
/* mapping does not produce the client IP address.
/* .IP reverse_name
/* The unverified client hostname as found with address->name
/* lookup; it is not verified for consistency with the client
@ -43,7 +43,7 @@
/* .IP addr
/* Printable representation of the client address.
/* .IP namaddr
/* String of the form: "name[addr]".
/* String of the form: "name[addr]:port".
/* .IP rfc_addr
/* String of the form "ipv4addr" or "ipv6:ipv6addr" for use
/* in Received: message headers.
@ -172,6 +172,7 @@ void smtpd_peer_init(SMTPD_STATE *state)
state->addr_family = AF_UNSPEC;
state->name_status = SMTPD_PEER_CODE_PERM;
state->reverse_name_status = SMTPD_PEER_CODE_PERM;
state->port = mystrdup(CLIENT_PORT_UNKNOWN);
}
/*
@ -190,6 +191,7 @@ void smtpd_peer_init(SMTPD_STATE *state)
)) {
MAI_HOSTNAME_STR client_name;
MAI_HOSTADDR_STR client_addr;
MAI_SERVPORT_STR client_port;
int aierr;
char *colonp;
@ -219,9 +221,10 @@ void smtpd_peer_init(SMTPD_STATE *state)
* Convert the client address to printable form.
*/
if ((aierr = sockaddr_to_hostaddr(sa, sa_length, &client_addr,
(MAI_SERVPORT_STR *) 0, 0)) != 0)
msg_fatal("%s: cannot convert client address to string: %s",
&client_port, 0)) != 0)
msg_fatal("%s: cannot convert client address/port to string: %s",
myname, MAI_STRERROR(aierr));
state->port = mystrdup(client_port.buf);
/*
* We convert IPv4-in-IPv6 address to 'true' IPv4 address early on,
@ -366,13 +369,14 @@ void smtpd_peer_init(SMTPD_STATE *state)
state->addr_family = AF_UNSPEC;
state->name_status = SMTPD_PEER_CODE_OK;
state->reverse_name_status = SMTPD_PEER_CODE_OK;
state->port = mystrdup("0"); /* XXX bogus. */
}
/*
* Do the name[addr] formatting for pretty reports.
* Do the name[addr]:port formatting for pretty reports.
*/
state->namaddr =
concatenate(state->name, "[", state->addr, "]", (char *) 0);
state->namaddr = SMTPD_BUILD_NAMADDRPORT(state->name, state->addr,
state->port);
}
/* smtpd_peer_reset - destroy peer information */
@ -384,4 +388,5 @@ void smtpd_peer_reset(SMTPD_STATE *state)
myfree(state->addr);
myfree(state->namaddr);
myfree(state->rfc_addr);
myfree(state->port);
}

13
gnu/dist/postfix/src/tls/tls_session.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: tls_session.c,v 1.3 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: tls_session.c,v 1.4 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -9,11 +9,11 @@
/* #include <tls.h>
/*
/* void tls_session_stop(ctx, stream, timeout, failure, TLScontext)
/* SSL_CTX *ctx;
/* TLS_APPL_STATE *ctx;
/* VSTREAM *stream;
/* int timeout;
/* int failure;
/* TLScontext_t *TLScontext;
/* TLS_SESS_STATE *TLScontext;
/*
/* VSTRING *tls_session_passivate(session)
/* SSL_SESSION *session;
@ -51,6 +51,9 @@
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
/* Victor Duchovni
/* Morgan Stanley
/*--*/
/* System library. */
@ -76,8 +79,8 @@
/* tls_session_stop - shut down the TLS connection and reset state */
void tls_session_stop(SSL_CTX *unused_ctx, VSTREAM *stream, int timeout,
int failure, TLScontext_t *TLScontext)
void tls_session_stop(TLS_APPL_STATE *unused_ctx, VSTREAM *stream, int timeout,
int failure, TLS_SESS_STATE *TLScontext)
{
const char *myname = "tls_session_stop";
int retval;

51
gnu/dist/postfix/src/tls/tls_temp.c vendored
View File

@ -1,51 +0,0 @@
/* $NetBSD: tls_temp.c,v 1.1.1.1 2005/08/18 21:11:10 rpaulo Exp $ */
/*++
/* NAME
/* tls_temp 3
/* SUMMARY
/* code that is to be replaced
/* SYNOPSIS
/* #define TLS_INTERNAL
/* #include <tls.h>
/* DESCRIPTION
/* As the summary says.
/* LICENSE
/* .ad
/* .fi
/* This software is free. You can do with it whatever you want.
/* The original author kindly requests that you acknowledge
/* the use of his software.
/* AUTHOR(S)
/* Originally written by:
/* Lutz Jaenicke
/* BTU Cottbus
/* Allgemeine Elektrotechnik
/* Universitaetsplatz 3-4
/* D-03044 Cottbus, Germany
/*
/* Updated by:
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#ifdef USE_TLS
/* TLS library. */
#define TLS_INTERNAL
#include <tls.h>
/* Application-specific. */
const tls_info_t tls_info_zero = {
0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, 0
};
#endif

24
gnu/dist/postfix/src/util/Makefile.in vendored
View File

@ -30,7 +30,8 @@ SRCS = alldig.c allprint.c argv.c argv_split.c attr_clnt.c attr_print0.c \
username.c valid_hostname.c vbuf.c vbuf_print.c vstream.c \
vstream_popen.c vstring.c vstring_vstream.c watchdog.c writable.c \
write_buf.c write_wait.c sane_basename.c format_tv.c allspace.c \
allascii.c load_file.c killme_after.c vstream_tweak.c
allascii.c load_file.c killme_after.c vstream_tweak.c upass_connect.c \
upass_listen.c upass_trigger.c
OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \
attr_print64.o attr_print_plain.o attr_scan0.o attr_scan64.o \
attr_scan_plain.o auto_clnt.o base64_code.o basename.o binhash.o \
@ -62,7 +63,8 @@ OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \
username.o valid_hostname.o vbuf.o vbuf_print.o vstream.o \
vstream_popen.o vstring.o vstring_vstream.o watchdog.o writable.o \
write_buf.o write_wait.o sane_basename.o format_tv.o allspace.o \
allascii.o load_file.o killme_after.o vstream_tweak.o
allascii.o load_file.o killme_after.o vstream_tweak.o upass_connect.o \
upass_listen.o upass_trigger.o
HDRS = argv.h attr.h attr_clnt.h auto_clnt.h base64_code.h binhash.h \
chroot_uid.h cidr_match.h clean_env.h connect.h ctable.h dict.h \
dict_cdb.h dict_cidr.h dict_db.h dict_dbm.h dict_env.h dict_ht.h \
@ -1550,12 +1552,30 @@ unix_trigger.o: unix_trigger.c
unsafe.o: safe.h
unsafe.o: sys_defs.h
unsafe.o: unsafe.c
upass_connect.o: connect.h
upass_connect.o: events.h
upass_connect.o: iostuff.h
upass_connect.o: msg.h
upass_connect.o: mymalloc.h
upass_connect.o: sane_connect.h
upass_connect.o: sane_socketpair.h
upass_connect.o: sys_defs.h
upass_connect.o: timed_connect.h
upass_connect.o: upass_connect.c
upass_listen.o: iostuff.h
upass_listen.o: listen.h
upass_listen.o: msg.h
upass_listen.o: sane_accept.h
upass_listen.o: sys_defs.h
upass_listen.o: upass_listen.c
upass_trigger.o: connect.h
upass_trigger.o: events.h
upass_trigger.o: iostuff.h
upass_trigger.o: msg.h
upass_trigger.o: mymalloc.h
upass_trigger.o: sys_defs.h
upass_trigger.o: trigger.h
upass_trigger.o: upass_trigger.c
uppercase.o: stringops.h
uppercase.o: sys_defs.h
uppercase.o: uppercase.c

11
gnu/dist/postfix/src/util/inet_addr_local.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: inet_addr_local.c,v 1.6 2006/07/19 01:35:40 rpaulo Exp $ */
/* $NetBSD: inet_addr_local.c,v 1.7 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -101,9 +101,10 @@
* With SIOCGLIFNETMASK we can obtain the netmask for either address family.
* Again, this is not present in all major operating systems.
*
* - On Linux, get IPv4 interface information with SIOCGIFCONF, and read IPv6
* address/prefix information from a file in the /proc filesystem. Linux
* does not return IPv6 addresses with SIOCGIFCONF.
* - On Linux, glibc's getifaddrs(3) has returned IPv4 information for some
* time, but IPv6 information was not returned until 2.3.3. With older Linux
* versions we get IPv4 interface information with SIOCGIFCONF, and read
* IPv6 address/prefix information from a file in the /proc filesystem.
*
* - On other systems we expect SIOCGIFCONF to return IPv6 addresses. Since
* SIOCGIFNETMASK does not work reliably for IPv6 addresses, we always set
@ -439,7 +440,7 @@ static int ial_siocgif(INET_ADDR_LIST *addr_list,
#ifdef HAS_PROCNET_IFINET6
/*
* Linux does not provide proper calls to retrieve IPv6 interface
* Older Linux versions lack proper calls to retrieve IPv6 interface
* addresses. Instead, the addresses can be read from a file in the
* /proc tree. The most important issue with this approach however
* is that the /proc tree may not always be available, for example

63
gnu/dist/postfix/src/util/inet_util.c vendored
View File

@ -1,63 +0,0 @@
/* $NetBSD: inet_util.c,v 1.1.1.7 2006/04/06 23:00:52 rpaulo Exp $ */
/*++
/* NAME
/* inet_util 3
/* SUMMARY
/* INET-domain utilities
/* SYNOPSIS
/* #include <inet_util.h>
/*
/* char *inet_parse(addr, hostp, portp)
/* const char *addr;
/* char **hostp;
/* char **portp;
/* DESCRIPTION
/* This module implements various support routines for
/* dealing with AF_INET connections, addresses etc.
/*
/* inet_parse() takes an address of the form host:port and
/* breaks it up into its constituent parts. The resulting
/* host information is an empty string when the address
/* contains no host part or no host: part. inet_parse()
/* returns a pointer to memory that it has allocated for
/* string storage. The caller should pass the host to the
/* myfree() function when the storage is no longer needed.
/* DIAGNOSTICS
/* Fatal errors: invalid address or host forms.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System libraries. */
#include <sys_defs.h>
/* Utility library. */
#include "mymalloc.h"
#include "split_at.h"
#include "inet_util.h"
/* inet_parse - parse host:port address spec */
char *inet_parse(const char *addr, char **hostp, char **portp)
{
char *buf;
buf = mystrdup(addr);
if ((*portp = split_at_right(buf, ':')) != 0) {
*hostp = buf;
} else {
*portp = buf;
*hostp = "";
}
return (buf);
}

31
gnu/dist/postfix/src/util/inet_util.h vendored
View File

@ -1,31 +0,0 @@
/* $NetBSD: inet_util.h,v 1.1.1.7 2006/04/06 23:00:52 rpaulo Exp $ */
#ifndef _INET_UTIL_H_INCLUDED_
#define _INET_UTIL_H_INCLUDED_
/*++
/* NAME
/* inet_util 3h
/* SUMMARY
/* INET-domain utilities
/* SYNOPSIS
/* #include <inet_util.h>
/* DESCRIPTION
/* .nf
/* External interface. */
extern char *inet_parse(const char *, char **, char **);
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

36
gnu/dist/postfix/src/util/sys_defs.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: sys_defs.h,v 1.22 2007/05/19 17:49:51 heas Exp $ */
/* $NetBSD: sys_defs.h,v 1.23 2008/06/22 14:38:42 christos Exp $ */
#ifndef _SYS_DEFS_H_INCLUDED_
#define _SYS_DEFS_H_INCLUDED_
@ -26,7 +26,7 @@
* 4.4BSD and close derivatives.
*/
#if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
|| defined(FREEBSD5) || defined(FREEBSD6) \
|| defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
|| defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
@ -75,16 +75,25 @@
#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
#ifdef FREEBSD2
#define getsid(p) getpgrp()
#ifndef CMSG_SPACE
#define CMSG_SPACE(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + CMSG_ALIGN(len))
#endif
#ifndef CMSG_LEN
#define CMSG_LEN(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + (len))
#endif
#ifndef CMSG_ALIGN
#define CMSG_ALIGN(n) ALIGN(n)
#endif
#endif /* FREEBSD2 */
#ifdef BSDI4
/* #define HAS_IPV6 find out interface lookup method */
#endif
/* __FreeBSD_version version is major+minor */
#if __FreeBSD_version >= 200000
#define HAS_DUPLEX_PIPE
#endif
#if __FreeBSD_version >= 220000
#define HAS_DEV_URANDOM /* introduced in 2.1.5 */
#endif
@ -99,6 +108,10 @@
#define SOCKOPT_SIZE socklen_t
#endif
#if __FreeBSD_version >= 420000
#define HAS_DUPLEX_PIPE /* 4.1 breaks with kqueue(2) */
#endif
/* OpenBSD version is year+month */
#if OpenBSD >= 199805 /* XXX */
@ -713,9 +726,14 @@ extern int initgroups(const char *, int);
#endif
#ifndef NO_IPV6
# define HAS_IPV6
#if defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2,4)
/* Really 2.3.3 or later, but there's no __GLIBC_MICRO version macro. */
# define HAVE_GETIFADDRS
#else
# define HAS_PROCNET_IFINET6
# define _PATH_PROCNET_IFINET6 "/proc/net/if_inet6"
#endif
#endif
#include <linux/version.h>
#if !defined(KERNEL_VERSION)
# define KERNEL_VERSION(a,b,c) (LINUX_VERSION_CODE + 1)
@ -1285,6 +1303,12 @@ extern int inet_pton(int, const char *, void *);
#define LOCAL_RECV_FD unix_recv_fd
#endif
#ifndef PASS_LISTEN
#define PASS_LISTEN upass_listen
#define PASS_ACCEPT upass_accept
#define PASS_TRIGGER upass_trigger
#endif
#if !defined (HAVE_SYS_NDIR_H) && !defined (HAVE_SYS_DIR_H) \
&& !defined (HAVE_NDIR_H)
#define HAVE_DIRENT_H

4
gnu/dist/postfix/src/util/vstream_tweak.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: vstream_tweak.c,v 1.1.1.1 2007/08/02 08:05:40 heas Exp $ */
/* $NetBSD: vstream_tweak.c,v 1.2 2008/06/22 14:38:42 christos Exp $ */
/*++
/* NAME
@ -87,7 +87,7 @@ int vstream_tweak_sock(VSTREAM *fp)
int vstream_tweak_tcp(VSTREAM *fp)
{
const char *myname = "vstream_tweak_tcp";
int mss;
ssize_t mss;
SOCKOPT_SIZE mss_len = sizeof(mss);
int err;