Postfix version 2.0 patchlevel 10 fixes lots of documentation and a few minor code problems, none of which security related as usual. - Spurious but harmless warnings from nqmgr after "postsuper -r" to requeue files that already had some recipients delivered. - The proxy_read_maps parameter did not recognize "," as separator. - Defer delivery after .forward etc. file read error. - The message_size_limit was also applied when running "newaliases", so that the result could be truncated. Prereq: "2.0.9" diff -cr /tmp/postfix-2.0.9/src/global/mail_version.h ./src/global/mail_version.h *** /tmp/postfix-2.0.9/src/global/mail_version.h Fri Apr 18 10:26:12 2003 --- ./src/global/mail_version.h Wed May 21 15:20:41 2003 *************** *** 20,29 **** * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ ! #define MAIL_RELEASE_DATE "20030418" #define VAR_MAIL_VERSION "mail_version" ! #define DEF_MAIL_VERSION "2.0.9" extern char *var_mail_version; /* --- 20,29 ---- * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ ! #define MAIL_RELEASE_DATE "20030521" #define VAR_MAIL_VERSION "mail_version" ! #define DEF_MAIL_VERSION "2.0.10" extern char *var_mail_version; /* diff -cr /tmp/postfix-2.0.9/HISTORY ./HISTORY *** /tmp/postfix-2.0.9/HISTORY Fri Apr 18 10:27:21 2003 --- ./HISTORY Wed May 21 18:48:33 2003 *************** *** 7727,7735 **** and 2) MIME input processing is turned off, and 3) MIME 8bit->7bit conversion is requested upon delivery via SMTP. Open problems: ! Low: smtp-source may block when sending large test messages. Low: after successful delivery, per-queue window += 1/window, after failure, queue window -= 1 (Victor). --- 7727,7774 ---- and 2) MIME input processing is turned off, and 3) MIME 8bit->7bit conversion is requested upon delivery via SMTP. + 20030424 + + Cleanup: readlline() did not terminate the result before + complaining about lines starting with whitespace. + + Cleanup: eliminated valid_hostname warning for invalid + queue file names. File: global/mail_queue.c. + + Bugfix: the Postfix sendmail command applied the message + size limit when running as newaliases. The limiting code + is now moved to the message enqueuing branch of the code. + File: sendmail/sendmail.c. + + 20030429 + + Bugfix: "," was not recognized in proxy_read_maps settings. + Fix by Leandro Santi. File: proxymap/proxymap.c. + + 20030502 + + Bugfix: defer delivery after .forward etc. file read error. + File: local/token.c. Problem reported by Ben Rosengart, + Panix. + + 20030520 + + Cleanup: future time stamps in Received: headers and negative + delays in delivery agent logging after "postdrop -r", + because deferred queue files had future file modification + times. File: src/postsuper/postsuper.c. + + 20030521 + + Cleanup: nqmgr warnings about "recipient count mismatch" + after "postdrop -r", because the cleanup server did not + count the "already done" recipients. Problem reported by + Richard Stockton, Gramma Software. Files: + cleanup/cleanup_envelope.c, cleanup/cleanup_extracted.c + Open problems: ! Low: smtp-source may block when sending large test messages. Low: after successful delivery, per-queue window += 1/window, after failure, queue window -= 1 (Victor). diff -cr /tmp/postfix-2.0.9/README_FILES/FILTER_README ./README_FILES/FILTER_README *** /tmp/postfix-2.0.9/README_FILES/FILTER_README Tue Mar 4 08:47:56 2003 --- ./README_FILES/FILTER_README Tue Apr 29 09:09:37 2003 *************** *** 236,243 **** Note: the localhost port 10025 SMTP server filter should announce itself as "220 localhost...". Postfix aborts delivery when it ! connects to an SMTP server that uses the same hostname, because ! that normally means you have a mail delivery loop problem. The example here assumes that the /some/where/filter command is a PERL script. PERL has modules that make talking SMTP easy. The --- 236,244 ---- Note: the localhost port 10025 SMTP server filter should announce itself as "220 localhost...". Postfix aborts delivery when it ! connects to an SMTP server that uses the same hostname as Postfix ! ("host greeted me with my own hostname"), because that ! normally means you have a mail delivery loop problem. The example here assumes that the /some/where/filter command is a PERL script. PERL has modules that make talking SMTP easy. The *************** *** 280,288 **** The "-o local_recipient_maps=" and "-o relay_recipient_maps=" avoid unnecessary table lookups. ! The "-o myhostname=localhost.domain.tld" avoids a possible problem ! if your content filter is based on a proxy that simply relays SMTP ! commands. The "-o smtpd_xxx_restrictions" and "-o mynetworks=127.0.0.0/8" turn off UCE controls that would only waste time here. --- 281,289 ---- The "-o local_recipient_maps=" and "-o relay_recipient_maps=" avoid unnecessary table lookups. ! The "-o myhostname=localhost.domain.tld" avoids false alarms ("host ! greeted me with my own hostname") if your content ! filter is based on a proxy that simply relays SMTP commands. The "-o smtpd_xxx_restrictions" and "-o mynetworks=127.0.0.0/8" turn off UCE controls that would only waste time here. diff -cr /tmp/postfix-2.0.9/README_FILES/SASL_README ./README_FILES/SASL_README *** /tmp/postfix-2.0.9/README_FILES/SASL_README Tue Mar 4 09:27:37 2003 --- ./README_FILES/SASL_README Sun Apr 20 10:35:06 2003 *************** *** 50,56 **** SASL authentication information is not passed on via message headers or via SMTP. It is no-one's business what username and authentication ! method the poster was using in order to access the mail server. When sending mail, Postfix looks up the server hostname or destination domain (the address remote part) in a table, and if a username/password --- 50,57 ---- SASL authentication information is not passed on via message headers or via SMTP. It is no-one's business what username and authentication ! method the poster was using in order to access the mail server. The ! people who need to know can find the information in the maillog file. When sending mail, Postfix looks up the server hostname or destination domain (the address remote part) in a table, and if a username/password *************** *** 226,231 **** --- 227,245 ---- mmencode is part of the metamail software. MIME::Base64 is available from www.cpan.org. + + Trouble shooting the SASL internals + =================================== + + [based on text by Liviu Daia] + + In the Cyrus SASL sources you'll find a subdirectory named "sample". + Run make there, then run the resulting sample server and client in + separate terminals. Strace / ktrace / truss the server to see what + makes it unhappy, fix the problem, then write the authors thanking + them for providing such useful logging. Repeat the previous step + until you can successfully authenticate with the sample client. + Only then get back to Postfix. Enabling SASL authentication in the Postfix SMTP client ======================================================= diff -cr /tmp/postfix-2.0.9/README_FILES/VIRTUAL_README ./README_FILES/VIRTUAL_README *** /tmp/postfix-2.0.9/README_FILES/VIRTUAL_README Wed Dec 11 17:04:45 2002 --- ./README_FILES/VIRTUAL_README Sat Apr 26 14:41:18 2003 *************** *** 24,35 **** maps, and the mailbox location map can specify either mailbox or maildir delivery (controlled by trailing slash on mailbox name). ! The agent does not support user+foo address extensions, aliases or ! .forward files (use the virtual table instead), and therefore ! doesn't support file or program aliases. This choice was made to ! simplify and streamline the code (it allowed me to dispense with ! 70% of local's code - mostly the bits that are a security headache) ! - if you need this functionality, this agent isn't for you. It also doesn't support writing to a common spool as root and then chowning the mailbox to the user - I felt this functionality didn't --- 24,36 ---- maps, and the mailbox location map can specify either mailbox or maildir delivery (controlled by trailing slash on mailbox name). ! The agent allows but ignores user+foo address extensions, does not ! support aliases or .forward files (use the virtual table instead), ! and therefore doesn't support file or program aliases. This choice ! was made to simplify and streamline the code (it allowed me to ! dispense with 70% of local's code - mostly the bits that are a ! security headache) - if you need this functionality, this agent ! isn't for you. It also doesn't support writing to a common spool as root and then chowning the mailbox to the user - I felt this functionality didn't *************** *** 67,73 **** Specifies the list of domains that should be delivered to the $virtual_transport delivery agent (default: virtual). As of ! version 1.2, Postfix is smart enough that you don't have to list every virtual domain in a Postfix transport map. virtual_mailbox_maps --- 68,74 ---- Specifies the list of domains that should be delivered to the $virtual_transport delivery agent (default: virtual). As of ! version 2.0, Postfix is smart enough that you don't have to list every virtual domain in a Postfix transport map. virtual_mailbox_maps *************** *** 160,168 **** ============================================================== This example does not use the Postfix local delivery agent at all. ! With this configuration Postfix does no user+foo address extension, ! no alias expansion, no .forward file expansion, and no lookups of ! recipients in /etc/passwd. Instead of "hash" specify "dbm" or "btree", depending on your system type. The command "postconf -m" displays possible lookup table --- 161,169 ---- ============================================================== This example does not use the Postfix local delivery agent at all. ! With this configuration Postfix does no alias expansion, no .forward ! file expansion, no lookups of recipients in /etc/passwd, and allows ! but ignores user+foo address extensions. Instead of "hash" specify "dbm" or "btree", depending on your system type. The command "postconf -m" displays possible lookup table diff -cr /tmp/postfix-2.0.9/conf/master.cf ./conf/master.cf *** /tmp/postfix-2.0.9/conf/master.cf Sat Mar 8 15:46:58 2003 --- ./conf/master.cf Sun Apr 27 18:51:13 2003 *************** *** 1,8 **** # ! # Postfix master process configuration file. Each line describes how ! # a mailer component program should be run. The fields that make up ! # each line are described below. A "-" field value requests that a ! # default value be used for that field. # # Service: any name that is valid for the specified transport type # (the next field). With INET transports, a service is specified as --- 1,14 ---- # ! # Postfix master process configuration file. Each logical line ! # describes how a Postfix daemon program should be run. ! # ! # A logical line starts with non-whitespace, non-comment text. ! # Empty lines and whitespace-only lines are ignored, as are comment ! # lines whose first non-whitespace character is a `#'. ! # A line that starts with whitespace continues a logical line. ! # ! # The fields that make up each line are described below. A "-" field ! # value requests that a default value be used for that field. # # Service: any name that is valid for the specified transport type # (the next field). With INET transports, a service is specified as *************** *** 58,69 **** # # SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS. # ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL. - # - # DO NOT CHANGE THE ZERO PROCESS LIMIT FOR CLEANUP/BOUNCE/DEFER OR - # POSTFIX WILL BECOME STUCK UP UNDER HEAVY LOAD - # - # DO NOT CHANGE THE ONE PROCESS LIMIT FOR PICKUP/QMGR OR POSTFIX WILL - # DELIVER MAIL MULTIPLE TIMES. # # DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES. # --- 64,69 ---- diff -cr /tmp/postfix-2.0.9/conf/pcre_table ./conf/pcre_table *** /tmp/postfix-2.0.9/conf/pcre_table Wed Dec 18 21:18:42 2002 --- ./conf/pcre_table Wed May 21 15:21:42 2003 *************** *** 135,141 **** # # EXAMPLE SMTPD ACCESS MAP # # Protect your outgoing majordomo exploders ! # /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # # # Bounce friend@whatever, except when whatever is our domain (you would # # be better just bouncing all friend@ mail - this is just an example). --- 135,141 ---- # # EXAMPLE SMTPD ACCESS MAP # # Protect your outgoing majordomo exploders ! # /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead # # # Bounce friend@whatever, except when whatever is our domain (you would # # be better just bouncing all friend@ mail - this is just an example). diff -cr /tmp/postfix-2.0.9/conf/sample-mime.cf ./conf/sample-mime.cf *** /tmp/postfix-2.0.9/conf/sample-mime.cf Sat Dec 21 16:53:01 2002 --- ./conf/sample-mime.cf Mon May 19 08:20:17 2003 *************** *** 66,69 **** # # This blocks mail from poorly written mail software. # ! strict_mime_domain_encoding = no --- 66,69 ---- # # This blocks mail from poorly written mail software. # ! strict_mime_encoding_domain = no diff -cr /tmp/postfix-2.0.9/conf/sample-pcre-access.cf ./conf/sample-pcre-access.cf *** /tmp/postfix-2.0.9/conf/sample-pcre-access.cf Tue Sep 17 10:19:48 2002 --- ./conf/sample-pcre-access.cf Fri May 2 09:25:21 2003 *************** *** 45,51 **** # Protect your outgoing majordomo exploders # ! /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would --- 45,51 ---- # Protect your outgoing majordomo exploders # ! /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would diff -cr /tmp/postfix-2.0.9/conf/sample-regexp-access.cf ./conf/sample-regexp-access.cf *** /tmp/postfix-2.0.9/conf/sample-regexp-access.cf Tue Sep 17 10:14:00 2002 --- ./conf/sample-regexp-access.cf Fri May 2 09:24:56 2003 *************** *** 30,33 **** /^postmaster@/ OK # Protect your outgoing majordomo exploders ! /^(.*)-outgoing@(.*)$/!/^owner-.*/ 550 Use ${1}@${2} instead --- 30,35 ---- /^postmaster@/ OK # Protect your outgoing majordomo exploders ! if !/^owner-.*/ ! /^(.*)-outgoing@(.*)$/ 550 Use ${1}@${2} instead ! endif diff -cr /tmp/postfix-2.0.9/html/cleanup.8.html ./html/cleanup.8.html *** /tmp/postfix-2.0.9/html/cleanup.8.html Thu Dec 19 20:35:08 2002 --- ./html/cleanup.8.html Wed May 21 15:21:42 2003 *************** *** 133,139 **** ple, bounces from qmail or from old versions of Postfix). ! strict_mime_domain_encoding Reject mail with invalid Content-Transfer-Encoding: information for message/* or multipart/*. This blocks mail from poorly written software. --- 133,139 ---- ple, bounces from qmail or from old versions of Postfix). ! strict_mime_encoding_domain Reject mail with invalid Content-Transfer-Encoding: information for message/* or multipart/*. This blocks mail from poorly written software. diff -cr /tmp/postfix-2.0.9/html/pcre_table.5.html ./html/pcre_table.5.html *** /tmp/postfix-2.0.9/html/pcre_table.5.html Wed Dec 18 21:18:46 2002 --- ./html/pcre_table.5.html Wed May 21 15:21:43 2003 *************** *** 136,142 **** EXAMPLE SMTPD ACCESS MAP # Protect your outgoing majordomo exploders ! /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would # be better just bouncing all friend@ mail - this is just an example). --- 136,142 ---- EXAMPLE SMTPD ACCESS MAP # Protect your outgoing majordomo exploders ! /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would # be better just bouncing all friend@ mail - this is just an example). diff -cr /tmp/postfix-2.0.9/man/man5/pcre_table.5 ./man/man5/pcre_table.5 *** /tmp/postfix-2.0.9/man/man5/pcre_table.5 Wed Dec 18 21:18:43 2002 --- ./man/man5/pcre_table.5 Wed May 21 15:21:42 2003 *************** *** 119,125 **** .na .nf # Protect your outgoing majordomo exploders ! /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would # be better just bouncing all friend@ mail - this is just an example). --- 119,125 ---- .na .nf # Protect your outgoing majordomo exploders ! /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead # Bounce friend@whatever, except when whatever is our domain (you would # be better just bouncing all friend@ mail - this is just an example). diff -cr /tmp/postfix-2.0.9/man/man8/cleanup.8 ./man/man8/cleanup.8 *** /tmp/postfix-2.0.9/man/man8/cleanup.8 Thu Dec 19 20:35:07 2002 --- ./man/man8/cleanup.8 Wed May 21 15:21:42 2003 *************** *** 121,127 **** request contains valid 8-bit MIME mail, and it breaks bounces from mailers that do not properly encapsulate 8-bit content (for example, bounces from qmail or from old versions of Postfix). ! .IP \fBstrict_mime_domain_encoding\fR Reject mail with invalid \fBContent-Transfer-Encoding:\fR information for message/* or multipart/*. This blocks mail from poorly written software. --- 121,127 ---- request contains valid 8-bit MIME mail, and it breaks bounces from mailers that do not properly encapsulate 8-bit content (for example, bounces from qmail or from old versions of Postfix). ! .IP \fBstrict_mime_encoding_domain\fR Reject mail with invalid \fBContent-Transfer-Encoding:\fR information for message/* or multipart/*. This blocks mail from poorly written software. diff -cr /tmp/postfix-2.0.9/proto/pcre_table ./proto/pcre_table *** /tmp/postfix-2.0.9/proto/pcre_table Wed Dec 18 21:01:46 2002 --- ./proto/pcre_table Fri May 2 09:27:58 2003 *************** *** 111,117 **** # or $(n) if they aren't followed by whitespace. # EXAMPLE SMTPD ACCESS MAP # # Protect your outgoing majordomo exploders ! # /^(?!owner-)(.*)-outgoing@/ 550 Use ${1}@${2} instead # # # Bounce friend@whatever, except when whatever is our domain (you would # # be better just bouncing all friend@ mail - this is just an example). --- 111,117 ---- # or $(n) if they aren't followed by whitespace. # EXAMPLE SMTPD ACCESS MAP # # Protect your outgoing majordomo exploders ! # /^(?!owner-)(.*)-outgoing@(.*)/ 550 Use ${1}@${2} instead # # # Bounce friend@whatever, except when whatever is our domain (you would # # be better just bouncing all friend@ mail - this is just an example). diff -cr /tmp/postfix-2.0.9/src/cleanup/cleanup.c ./src/cleanup/cleanup.c *** /tmp/postfix-2.0.9/src/cleanup/cleanup.c Thu Dec 19 20:33:40 2002 --- ./src/cleanup/cleanup.c Mon May 19 08:20:18 2003 *************** *** 107,113 **** /* request contains valid 8-bit MIME mail, and it breaks bounces from /* mailers that do not properly encapsulate 8-bit content (for example, /* bounces from qmail or from old versions of Postfix). ! /* .IP \fBstrict_mime_domain_encoding\fR /* Reject mail with invalid \fBContent-Transfer-Encoding:\fR /* information for message/* or multipart/*. This blocks mail /* from poorly written software. --- 107,113 ---- /* request contains valid 8-bit MIME mail, and it breaks bounces from /* mailers that do not properly encapsulate 8-bit content (for example, /* bounces from qmail or from old versions of Postfix). ! /* .IP \fBstrict_mime_encoding_domain\fR /* Reject mail with invalid \fBContent-Transfer-Encoding:\fR /* information for message/* or multipart/*. This blocks mail /* from poorly written software. diff -cr /tmp/postfix-2.0.9/src/cleanup/cleanup_envelope.c ./src/cleanup/cleanup_envelope.c *** /tmp/postfix-2.0.9/src/cleanup/cleanup_envelope.c Fri Nov 1 08:34:02 2002 --- ./src/cleanup/cleanup_envelope.c Wed May 21 17:13:41 2003 *************** *** 207,212 **** --- 207,214 ---- vstring_free(clean_addr); myfree(state->orig_rcpt); state->orig_rcpt = 0; + } else if (type == REC_TYPE_DONE) { + /* void */ ; } else if (type == REC_TYPE_WARN) { if ((state->warn_time = atol(buf)) < 0) { state->errs |= CLEANUP_STAT_BAD; diff -cr /tmp/postfix-2.0.9/src/cleanup/cleanup_extracted.c ./src/cleanup/cleanup_extracted.c *** /tmp/postfix-2.0.9/src/cleanup/cleanup_extracted.c Tue Mar 11 19:10:16 2003 --- ./src/cleanup/cleanup_extracted.c Wed May 21 14:26:11 2003 *************** *** 160,167 **** --- 160,170 ---- myfree(state->orig_rcpt); state->orig_rcpt = 0; return; + } else if (type == REC_TYPE_DONE) { + return; } else if (type == REC_TYPE_ORCP) { state->orig_rcpt = mystrdup(buf); + return; } if (type != REC_TYPE_END) { cleanup_out(state, type, buf, len); diff -cr /tmp/postfix-2.0.9/src/global/mail_queue.c ./src/global/mail_queue.c *** /tmp/postfix-2.0.9/src/global/mail_queue.c Mon Oct 29 18:04:51 2001 --- ./src/global/mail_queue.c Thu Apr 24 11:20:06 2003 *************** *** 311,317 **** /* * OK if in valid hostname form. */ ! return (valid_hostname(queue_id, DO_GRIPE)); } /* mail_queue_enter - make mail queue entry with locally-unique name */ --- 311,317 ---- /* * OK if in valid hostname form. */ ! return (valid_hostname(queue_id, DONT_GRIPE)); } /* mail_queue_enter - make mail queue entry with locally-unique name */ diff -cr /tmp/postfix-2.0.9/src/local/token.c ./src/local/token.c *** /tmp/postfix-2.0.9/src/local/token.c Thu Nov 1 19:19:12 2001 --- ./src/local/token.c Fri May 2 15:32:19 2003 *************** *** 98,103 **** --- 98,104 ---- #include #include #include + #include /* Application-specific. */ *************** *** 207,212 **** --- 208,217 ---- break; } } + if (vstream_ferror(fp)) + status = defer_append(BOUNCE_FLAG_KEEP, + BOUNCE_ATTR(state.msg_attr), + "error reading .forward file: %m"); vstring_free(buf); return (status); } diff -cr /tmp/postfix-2.0.9/src/pickup/pickup.c ./src/pickup/pickup.c *** /tmp/postfix-2.0.9/src/pickup/pickup.c Wed Feb 19 09:51:38 2003 --- ./src/pickup/pickup.c Wed May 21 17:34:55 2003 *************** *** 178,183 **** --- 178,185 ---- if ((type = rec_get(qfile, buf, var_line_limit)) < 0 || strchr(expected, type) == 0) return (file_read_error(info, type)); + if (msg_verbose) + msg_info("%s: read %c %s", info->id, type, vstring_str(buf)); if (type == *expected) break; if (type == REC_TYPE_FROM) *************** *** 193,198 **** --- 195,202 ---- if (info->rcpt == 0) info->rcpt = mystrdup(vstring_str(buf)); if (type == REC_TYPE_TIME) + continue; + if (type == REC_TYPE_SIZE) continue; if (type == REC_TYPE_ATTR) { if ((error_text = split_nameval(vstring_str(buf), &attr_name, diff -cr /tmp/postfix-2.0.9/src/postdrop/postdrop.c ./src/postdrop/postdrop.c *** /tmp/postfix-2.0.9/src/postdrop/postdrop.c Thu Aug 22 09:20:02 2002 --- ./src/postdrop/postdrop.c Wed May 21 17:23:58 2003 *************** *** 315,323 **** } if (rec_type == REC_TYPE_ERROR) msg_fatal("uid=%ld: malformed input", (long) uid); - if (rec_type == REC_TYPE_TIME) - rec_fprintf(dst->stream, REC_TYPE_TIME, "%ld", - (long) time((time_t *) 0)); if (strchr(*expected, rec_type) == 0) msg_fatal("uid=%ld: unexpected record type: %d", (long) uid, rec_type); if (rec_type == **expected) --- 315,320 ---- diff -cr /tmp/postfix-2.0.9/src/postsuper/postsuper.c ./src/postsuper/postsuper.c *** /tmp/postfix-2.0.9/src/postsuper/postsuper.c Sun Mar 16 19:50:29 2003 --- ./src/postsuper/postsuper.c Wed May 21 17:19:21 2003 *************** *** 188,193 **** --- 188,194 ---- #include #include #include /* remove() */ + #include /* Utility library. */ *************** *** 428,433 **** --- 429,435 ---- VSTRING *new_path_buf; int found; int tries; + struct utimbuf tbuf; /* * Sanity check. No early returns beyond this point. *************** *** 454,459 **** --- 456,464 ---- continue; (void) mail_queue_path(new_path_buf, MAIL_QUEUE_MAILDROP, queue_id); if (postrename(old_path, STR(new_path_buf)) == 0) { + tbuf.actime = tbuf.modtime = time((time_t *) 0); + if (utime(STR(new_path_buf), &tbuf) < 0) + msg_warn("%s: reset time stamps: %m", STR(new_path_buf)); msg_info("%s: requeued", queue_id); found = 1; break; diff -cr /tmp/postfix-2.0.9/src/proxymap/proxymap.c ./src/proxymap/proxymap.c *** /tmp/postfix-2.0.9/src/proxymap/proxymap.c Sat Mar 8 15:44:17 2003 --- ./src/proxymap/proxymap.c Tue Apr 29 17:04:27 2003 *************** *** 350,356 **** static void post_jail_init(char *unused_name, char **unused_argv) { ! const char *sep = " \t\r\n"; char *saved_filter; char *bp; char *type_name; --- 350,356 ---- static void post_jail_init(char *unused_name, char **unused_argv) { ! const char *sep = ", \t\r\n"; char *saved_filter; char *bp; char *type_name; diff -cr /tmp/postfix-2.0.9/src/sendmail/sendmail.c ./src/sendmail/sendmail.c *** /tmp/postfix-2.0.9/src/sendmail/sendmail.c Wed Dec 18 21:01:47 2002 --- ./src/sendmail/sendmail.c Wed May 21 18:42:14 2003 *************** *** 379,384 **** --- 379,391 ---- buf = vstring_alloc(100); /* + * Stop run-away process accidents by limiting the queue file size. This + * is not a defense against DOS attack. + */ + if (var_message_limit > 0 && get_file_limit() > var_message_limit) + set_file_limit((off_t) var_message_limit); + + /* * The sender name is provided by the user. In principle, the mail pickup * service could deduce the sender name from queue file ownership, but: * pickup would not be able to run chrooted, and it may not be desirable *************** *** 428,434 **** * * XXX Should limit the size of envelope records. */ - rec_fprintf(dst, REC_TYPE_TIME, "%ld", (long) time((time_t *) 0)); if (full_name || (full_name = fullname()) != 0) rec_fputs(dst, REC_TYPE_FULL, full_name); rec_fputs(dst, REC_TYPE_FROM, saved_sender); --- 435,440 ---- *************** *** 611,623 **** mail_conf_read(); if (chdir(var_queue_dir)) msg_fatal_status(EX_UNAVAILABLE, "chdir %s: %m", var_queue_dir); - - /* - * Stop run-away process accidents by limiting the queue file size. This - * is not a defense against DOS attack. - */ - if (var_message_limit > 0 && get_file_limit() > var_message_limit) - set_file_limit((off_t) var_message_limit); signal(SIGPIPE, SIG_IGN); --- 617,622 ---- diff -cr /tmp/postfix-2.0.9/src/util/readlline.c ./src/util/readlline.c *** /tmp/postfix-2.0.9/src/util/readlline.c Fri Jan 4 17:34:28 2002 --- ./src/util/readlline.c Wed Apr 23 22:15:36 2003 *************** *** 101,106 **** --- 101,107 ---- break; } } + VSTRING_TERMINATE(buf); /* * Invalid input: continuing text without preceding text. Allowing this *************** *** 118,123 **** /* * Done. */ - VSTRING_TERMINATE(buf); return (LEN(buf) > 0 ? buf : 0); } --- 119,123 ----