Prereq: "2.3.6"
diff -cr /var/tmp/postfix-2.3.6/src/global/mail_version.h ./src/global/mail_version.h
*** /var/tmp/postfix-2.3.6/src/global/mail_version.h Mon Jan 1 15:58:41 2007
--- ./src/global/mail_version.h Tue Jan 30 19:57:27 2007
***************
*** 20,27 ****
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
! #define MAIL_RELEASE_DATE "20070102"
! #define MAIL_VERSION_NUMBER "2.3.6"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
--- 20,27 ----
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
! #define MAIL_RELEASE_DATE "20070130"
! #define MAIL_VERSION_NUMBER "2.3.7"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -cr /var/tmp/postfix-2.3.6/HISTORY ./HISTORY
*** /var/tmp/postfix-2.3.6/HISTORY Mon Jan 1 15:56:59 2007
--- ./HISTORY Tue Jan 30 20:11:21 2007
***************
*** 12907,12909 ****
--- 12907,12943 ----
reject_unknown_sender/recipient_domain, so that Postfix
would still accept mail from domains with a zero-length MX
hostname. File: smtpd/smtpd_check.c.
+
+ 20070104
+
+ Bugfix (introduced Postfix 2.3): when creating an alias map
+ on a NIS-enabled system, don't case-fold the YP_MASTER_NAME
+ and YP_LAST_MODIFIED lookup keys. This requires that an
+ application can turn off case folding on the fly. This is
+ a point fix. A complete fix requires updates to other map
+ types and to the proxymap protocol, which is too much change
+ for a stable release. Files: postalias/postalias.c,
+ util/dict_db.c, util/dict_dbm.c, util/dict_cdb.c.
+
+ 20070112
+
+ Bugfix (introduced 20011008): after return from a nested
+ access restriction, possible longjump into exited stack
+ frame upon configuration error or table lookup error. Victor
+ Duchovni. Files: smtpd/smtpd_check.c.
+
+ Workaround: don't insert empty-line header/body separator
+ into malformed MIME attachments, to avoid breaking digital
+ signatures. This change introduces ambiguity. Postfix still
+ treats the remainder of the attachment as body content;
+ header_checks rules will not detect forbidden MIME types
+ inside a message/rfc822 attachment. With the empty-line
+ header/body separator no longer inserted by Postfix, other
+ software may process the malformed attachment differently,
+ and thus may become exposed to forbidden MIME types. This
+ is back-ported from Postfix 2.4. File: global/mime_state.c.
+
+ 20070118
+
+ Bugfix: match lists didn't implement ![ipv6address]. Problem
+ reported by Paulo Pacheco. File: util/match_list.c.
diff -cr /var/tmp/postfix-2.3.6/RELEASE_NOTES ./RELEASE_NOTES
*** /var/tmp/postfix-2.3.6/RELEASE_NOTES Sun Dec 24 19:14:23 2006
--- ./RELEASE_NOTES Tue Jan 30 20:11:49 2007
***************
*** 11,16 ****
--- 11,30 ----
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
+ Incompatible changes with Postfix 2.3.7
+ ---------------------------------------
+
+ Postfix no longer inserts an empty-line header/body separator into
+ malformed MIME attachments, to avoid breaking digital signatures.
+
+ This change introduces ambiguity. Postfix still treats the remainder
+ of the attachment as body content; header_checks rules will therefore
+ not detect forbidden MIME types inside a message/rfc822 attachment.
+
+ With the empty-line header/body separator no longer inserted by
+ Postfix, other software may process the malformed attachment
+ differently, and thus may become exposed to forbidden MIME types.
+
Incompatible changes with Postfix 2.3.6
---------------------------------------
diff -cr /var/tmp/postfix-2.3.6/conf/post-install ./conf/post-install
*** /var/tmp/postfix-2.3.6/conf/post-install Mon Nov 13 16:34:32 2006
--- ./conf/post-install Sat Jan 6 18:38:08 2007
***************
*** 685,692 ****
Warning: you still need to edit myorigin/mydestination/mynetworks
parameter settings in $config_directory/main.cf.
! See also http://www.postfix.org/faq.html for information about
! dialup sites or about sites inside a firewalled network.
BTW: Check your $ALIASES file and be sure to set up aliases
that send mail for root and postmaster to a real person, then
--- 685,693 ----
Warning: you still need to edit myorigin/mydestination/mynetworks
parameter settings in $config_directory/main.cf.
! See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
! for information about dialup sites or about sites inside a
! firewalled network.
BTW: Check your $ALIASES file and be sure to set up aliases
that send mail for root and postmaster to a real person, then
diff -cr /var/tmp/postfix-2.3.6/html/postalias.1.html ./html/postalias.1.html
*** /var/tmp/postfix-2.3.6/html/postalias.1.html Wed Jan 18 20:52:59 2006
--- ./html/postalias.1.html Thu Jan 4 19:29:07 2007
***************
*** 21,33 ****
able for the use as NIS alias maps.
If the result files do not exist they will be created with
! the same group and other read permissions as the source
file.
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on
the entire database, in order to avoid surprises in spec-
! tator programs.
The format of Postfix alias input files is described in
aliases(5).
--- 21,33 ----
able for the use as NIS alias maps.
If the result files do not exist they will be created with
! the same group and other read permissions as their source
file.
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on
the entire database, in order to avoid surprises in spec-
! tator processes.
The format of Postfix alias input files is described in
aliases(5).
***************
*** 60,170 ****
-f Do not fold the lookup key to lower case while cre-
ating or querying a table.
! -i Incremental mode. Read entries from standard input
and do not truncate an existing database. By
! default, postalias(1) creates a new database from
the entries in file_name.
! -N Include the terminating null character that termi-
! nates lookup keys and values. By default, postal-
! ias(1) does whatever is the default for the host
operating system.
! -n Don't include the terminating null character that
! terminates lookup keys and values. By default,
! postalias(1) does whatever is the default for the
host operating system.
! -o Do not release root privileges when processing a
non-root input file. By default, postalias(1) drops
! root privileges and runs as the source file owner
instead.
-p Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
! ate a new file with default access permissions
(mode 0644).
! -q key Search the specified maps for key and write the
! first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of - is specified, the program reads
! key values from the standard input stream and
! writes one line of key: value output for each key
! that was found. The exit status is zero when at
least one of the requested keys was found.
-r When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
! -s Retrieve all database elements, and write one line
of key: value output for each element. The elements
! are printed in database order, which is not neces-
! sarily the same as the original input order. This
! feature is available in Postfix version 2.2 and
later, and is not available for all database types.
-v Enable verbose logging for debugging purposes. Mul-
! tiple -v options make the software increasingly
verbose.
-w When updating a table, do not complain about
! attempts to update existing entries, and ignore
those attempts.
Arguments:
file_type
! The database type. To find out what types are sup-
ported, use the "postconf -m" command.
! The postalias(1) command can query any supported
! file type, but it can create only the following
file types:
! btree The output is a btree file, named
! file_name.db. This is available on systems
with support for db databases.
! cdb The output is one file named file_name.cdb.
! This is available on systems with support
for cdb databases.
! dbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for dbm
databases.
! hash The output is a hashed file, named
! file_name.db. This is available on systems
with support for db databases.
! sdbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for sdbm
databases.
! When no file_type is specified, the software uses
! the database type specified via the default_data-
base_type configuration parameter. The default
! value for this parameter depends on the host envi-
ronment.
file_name
! The name of the alias database source file when
creating a database.
DIAGNOSTICS
! Problems are logged to the standard error stream and to
! syslogd(8). No output means that no problems were
! detected. Duplicate entries are skipped and are flagged
with a warning.
! postalias(1) terminates with zero exit status in case of
! success (including successful "postalias -q" lookup) and
terminates with non-zero exit status in case of failure.
ENVIRONMENT
--- 60,175 ----
-f Do not fold the lookup key to lower case while cre-
ating or querying a table.
! With Postfix version 2.3 and later, this option has
! no effect for regular expression tables. There,
! case folding is controlled by appending a flag to a
! pattern.
!
! -i Incremental mode. Read entries from standard input
and do not truncate an existing database. By
! default, postalias(1) creates a new database from
the entries in file_name.
! -N Include the terminating null character that termi-
! nates lookup keys and values. By default, postal-
! ias(1) does whatever is the default for the host
operating system.
! -n Don't include the terminating null character that
! terminates lookup keys and values. By default,
! postalias(1) does whatever is the default for the
host operating system.
! -o Do not release root privileges when processing a
non-root input file. By default, postalias(1) drops
! root privileges and runs as the source file owner
instead.
-p Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
! ate a new file with default access permissions
(mode 0644).
! -q key Search the specified maps for key and write the
! first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of - is specified, the program reads
! key values from the standard input stream and
! writes one line of key: value output for each key
! that was found. The exit status is zero when at
least one of the requested keys was found.
-r When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
! -s Retrieve all database elements, and write one line
of key: value output for each element. The elements
! are printed in database order, which is not neces-
! sarily the same as the original input order. This
! feature is available in Postfix version 2.2 and
later, and is not available for all database types.
-v Enable verbose logging for debugging purposes. Mul-
! tiple -v options make the software increasingly
verbose.
-w When updating a table, do not complain about
! attempts to update existing entries, and ignore
those attempts.
Arguments:
file_type
! The database type. To find out what types are sup-
ported, use the "postconf -m" command.
! The postalias(1) command can query any supported
! file type, but it can create only the following
file types:
! btree The output is a btree file, named
! file_name.db. This is available on systems
with support for db databases.
! cdb The output is one file named file_name.cdb.
! This is available on systems with support
for cdb databases.
! dbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for dbm
databases.
! hash The output is a hashed file, named
! file_name.db. This is available on systems
with support for db databases.
! sdbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for sdbm
databases.
! When no file_type is specified, the software uses
! the database type specified via the default_data-
base_type configuration parameter. The default
! value for this parameter depends on the host envi-
ronment.
file_name
! The name of the alias database source file when
creating a database.
DIAGNOSTICS
! Problems are logged to the standard error stream and to
! syslogd(8). No output means that no problems were
! detected. Duplicate entries are skipped and are flagged
with a warning.
! postalias(1) terminates with zero exit status in case of
! success (including successful "postalias -q" lookup) and
terminates with non-zero exit status in case of failure.
ENVIRONMENT
***************
*** 175,200 ****
Enable verbose logging for debugging purposes.
CONFIGURATION PARAMETERS
! The following main.cf parameters are especially relevant
to this program.
! The text below provides only a parameter summary. See
postconf(5) for more details including examples.
alias_database (see 'postconf -d' output)
! The alias databases for local(8) delivery that are
updated with "newaliases" or with "sendmail -bi".
config_directory (see 'postconf -d' output)
! The default location of the Postfix main.cf and
master.cf configuration files.
berkeley_db_create_buffer_size (16777216)
! The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
berkeley_db_read_buffer_size (131072)
! The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
default_database_type (see 'postconf -d' output)
--- 180,205 ----
Enable verbose logging for debugging purposes.
CONFIGURATION PARAMETERS
! The following main.cf parameters are especially relevant
to this program.
! The text below provides only a parameter summary. See
postconf(5) for more details including examples.
alias_database (see 'postconf -d' output)
! The alias databases for local(8) delivery that are
updated with "newaliases" or with "sendmail -bi".
config_directory (see 'postconf -d' output)
! The default location of the Postfix main.cf and
master.cf configuration files.
berkeley_db_create_buffer_size (16777216)
! The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
berkeley_db_read_buffer_size (131072)
! The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
default_database_type (see 'postconf -d' output)
***************
*** 205,212 ****
The syslog facility of Postfix logging.
syslog_name (postfix)
! The mail system name that is prepended to the
! process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
STANDARDS
--- 210,217 ----
The syslog facility of Postfix logging.
syslog_name (postfix)
! The mail system name that is prepended to the
! process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
STANDARDS
***************
*** 225,231 ****
DATABASE_README, Postfix lookup table overview
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
--- 230,236 ----
DATABASE_README, Postfix lookup table overview
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff -cr /var/tmp/postfix-2.3.6/html/postmap.1.html ./html/postmap.1.html
*** /var/tmp/postfix-2.3.6/html/postmap.1.html Wed Jan 18 20:52:59 2006
--- ./html/postmap.1.html Thu Jan 4 19:29:07 2007
***************
*** 22,34 ****
makemap file_type file_name < file_name
If the result files do not exist they will be created with
! the same group and other read permissions as the source
file.
While the table update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on
the entire table, in order to avoid surprises in spectator
! programs.
INPUT FILE FORMAT
The format of a lookup table input file is as follows:
--- 22,34 ----
makemap file_type file_name < file_name
If the result files do not exist they will be created with
! the same group and other read permissions as their source
file.
While the table update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on
the entire table, in order to avoid surprises in spectator
! processes.
INPUT FILE FORMAT
The format of a lookup table input file is as follows:
***************
*** 78,186 ****
-f Do not fold the lookup key to lower case while cre-
ating or querying a table.
! -i Incremental mode. Read entries from standard input
and do not truncate an existing database. By
default, postmap(1) creates a new database from the
entries in file_name.
! -N Include the terminating null character that termi-
! nates lookup keys and values. By default,
! postmap(1) does whatever is the default for the
host operating system.
! -n Don't include the terminating null character that
! terminates lookup keys and values. By default,
! postmap(1) does whatever is the default for the
host operating system.
! -o Do not release root privileges when processing a
! non-root input file. By default, postmap(1) drops
! root privileges and runs as the source file owner
instead.
-p Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
! ate a new file with default access permissions
(mode 0644).
! -q key Search the specified maps for key and write the
! first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of - is specified, the program reads
! key values from the standard input stream and
! writes one line of key value output for each key
! that was found. The exit status is zero when at
least one of the requested keys was found.
-r When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
! -s Retrieve all database elements, and write one line
! of key value output for each element. The elements
! are printed in database order, which is not neces-
! sarily the same as the original input order. This
! feature is available in Postfix version 2.2 and
later, and is not available for all database types.
-v Enable verbose logging for debugging purposes. Mul-
! tiple -v options make the software increasingly
verbose.
-w When updating a table, do not complain about
! attempts to update existing entries, and ignore
those attempts.
Arguments:
file_type
! The database type. To find out what types are sup-
ported, use the "postconf -m" command.
The postmap(1) command can query any supported file
! type, but it can create only the following file
types:
! btree The output file is a btree file, named
! file_name.db. This is available on systems
with support for db databases.
cdb The output consists of one file, named
file_name.cdb. This is available on systems
with support for cdb databases.
! dbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for dbm
databases.
! hash The output file is a hashed file, named
! file_name.db. This is available on systems
with support for db databases.
! sdbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for sdbm
databases.
! When no file_type is specified, the software uses
! the database type specified via the default_data-
base_type configuration parameter.
file_name
! The name of the lookup table source file when
rebuilding a database.
DIAGNOSTICS
! Problems are logged to the standard error stream and to
! syslogd(8). No output means that no problems were
! detected. Duplicate entries are skipped and are flagged
with a warning.
! postmap(1) terminates with zero exit status in case of
! success (including successful "postmap -q" lookup) and
terminates with non-zero exit status in case of failure.
ENVIRONMENT
--- 78,191 ----
-f Do not fold the lookup key to lower case while cre-
ating or querying a table.
! With Postfix version 2.3 and later, this option has
! no effect for regular expression tables. There,
! case folding is controlled by appending a flag to a
! pattern.
!
! -i Incremental mode. Read entries from standard input
and do not truncate an existing database. By
default, postmap(1) creates a new database from the
entries in file_name.
! -N Include the terminating null character that termi-
! nates lookup keys and values. By default,
! postmap(1) does whatever is the default for the
host operating system.
! -n Don't include the terminating null character that
! terminates lookup keys and values. By default,
! postmap(1) does whatever is the default for the
host operating system.
! -o Do not release root privileges when processing a
! non-root input file. By default, postmap(1) drops
! root privileges and runs as the source file owner
instead.
-p Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
! ate a new file with default access permissions
(mode 0644).
! -q key Search the specified maps for key and write the
! first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of - is specified, the program reads
! key values from the standard input stream and
! writes one line of key value output for each key
! that was found. The exit status is zero when at
least one of the requested keys was found.
-r When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
! -s Retrieve all database elements, and write one line
! of key value output for each element. The elements
! are printed in database order, which is not neces-
! sarily the same as the original input order. This
! feature is available in Postfix version 2.2 and
later, and is not available for all database types.
-v Enable verbose logging for debugging purposes. Mul-
! tiple -v options make the software increasingly
verbose.
-w When updating a table, do not complain about
! attempts to update existing entries, and ignore
those attempts.
Arguments:
file_type
! The database type. To find out what types are sup-
ported, use the "postconf -m" command.
The postmap(1) command can query any supported file
! type, but it can create only the following file
types:
! btree The output file is a btree file, named
! file_name.db. This is available on systems
with support for db databases.
cdb The output consists of one file, named
file_name.cdb. This is available on systems
with support for cdb databases.
! dbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for dbm
databases.
! hash The output file is a hashed file, named
! file_name.db. This is available on systems
with support for db databases.
! sdbm The output consists of two files, named
! file_name.pag and file_name.dir. This is
! available on systems with support for sdbm
databases.
! When no file_type is specified, the software uses
! the database type specified via the default_data-
base_type configuration parameter.
file_name
! The name of the lookup table source file when
rebuilding a database.
DIAGNOSTICS
! Problems are logged to the standard error stream and to
! syslogd(8). No output means that no problems were
! detected. Duplicate entries are skipped and are flagged
with a warning.
! postmap(1) terminates with zero exit status in case of
! success (including successful "postmap -q" lookup) and
terminates with non-zero exit status in case of failure.
ENVIRONMENT
***************
*** 191,211 ****
Enable verbose logging for debugging purposes.
CONFIGURATION PARAMETERS
! The following main.cf parameters are especially relevant
to this program. The text below provides only a parameter
! summary. See postconf(5) for more details including exam-
ples.
berkeley_db_create_buffer_size (16777216)
! The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
berkeley_db_read_buffer_size (131072)
! The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
config_directory (see 'postconf -d' output)
! The default location of the Postfix main.cf and
master.cf configuration files.
default_database_type (see 'postconf -d' output)
--- 196,216 ----
Enable verbose logging for debugging purposes.
CONFIGURATION PARAMETERS
! The following main.cf parameters are especially relevant
to this program. The text below provides only a parameter
! summary. See postconf(5) for more details including exam-
ples.
berkeley_db_create_buffer_size (16777216)
! The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
berkeley_db_read_buffer_size (131072)
! The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
config_directory (see 'postconf -d' output)
! The default location of the Postfix main.cf and
master.cf configuration files.
default_database_type (see 'postconf -d' output)
***************
*** 216,223 ****
The syslog facility of Postfix logging.
syslog_name (postfix)
! The mail system name that is prepended to the
! process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
SEE ALSO
--- 221,228 ----
The syslog facility of Postfix logging.
syslog_name (postfix)
! The mail system name that is prepended to the
! process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
SEE ALSO
***************
*** 230,236 ****
DATABASE_README, Postfix lookup table overview
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
--- 235,241 ----
DATABASE_README, Postfix lookup table overview
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff -cr /var/tmp/postfix-2.3.6/man/man1/postalias.1 ./man/man1/postalias.1
*** /var/tmp/postfix-2.3.6/man/man1/postalias.1 Wed Jan 18 20:52:58 2006
--- ./man/man1/postalias.1 Thu Jan 4 19:29:07 2007
***************
*** 21,32 ****
and are expected to be suitable for the use as NIS alias maps.
If the result files do not exist they will be created with the
! same group and other read permissions as the source file.
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on the
entire database, in order to avoid surprises in spectator
! programs.
The format of Postfix alias input files is described in
\fBaliases\fR(5).
--- 21,32 ----
and are expected to be suitable for the use as NIS alias maps.
If the result files do not exist they will be created with the
! same group and other read permissions as their source file.
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on the
entire database, in order to avoid surprises in spectator
! processes.
The format of Postfix alias input files is described in
\fBaliases\fR(5).
***************
*** 54,59 ****
--- 54,63 ----
.IP \fB-f\fR
Do not fold the lookup key to lower case while creating or querying
a table.
+
+ With Postfix version 2.3 and later, this option has no
+ effect for regular expression tables. There, case folding
+ is controlled by appending a flag to a pattern.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostalias\fR(1) creates
diff -cr /var/tmp/postfix-2.3.6/man/man1/postmap.1 ./man/man1/postmap.1
*** /var/tmp/postfix-2.3.6/man/man1/postmap.1 Wed Jan 18 20:52:58 2006
--- ./man/man1/postmap.1 Thu Jan 4 19:29:07 2007
***************
*** 23,34 ****
\fBmakemap \fIfile_type\fR \fIfile_name\fR < \fIfile_name\fR
If the result files do not exist they will be created with the
! same group and other read permissions as the source file.
While the table update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on the
entire table, in order to avoid surprises in spectator
! programs.
.SH "INPUT FILE FORMAT"
.na
.nf
--- 23,34 ----
\fBmakemap \fIfile_type\fR \fIfile_name\fR < \fIfile_name\fR
If the result files do not exist they will be created with the
! same group and other read permissions as their source file.
While the table update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on the
entire table, in order to avoid surprises in spectator
! processes.
.SH "INPUT FILE FORMAT"
.na
.nf
***************
*** 78,83 ****
--- 78,87 ----
.IP \fB-f\fR
Do not fold the lookup key to lower case while creating or querying
a table.
+
+ With Postfix version 2.3 and later, this option has no
+ effect for regular expression tables. There, case folding
+ is controlled by appending a flag to a pattern.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostmap\fR(1) creates
diff -cr /var/tmp/postfix-2.3.6/src/global/mime_state.c ./src/global/mime_state.c
*** /var/tmp/postfix-2.3.6/src/global/mime_state.c Thu May 18 20:01:15 2006
--- ./src/global/mime_state.c Tue Jan 16 19:40:21 2007
***************
*** 182,187 ****
--- 182,194 ----
/* .IP state
/* MIME parser state created with mime_state_alloc().
/* BUGS
+ /* NOTE: when the end of headers is reached, mime_state_update()
+ /* may execute up to three call-backs before returning to the
+ /* caller: head_out(), head_end(), and body_out() or body_end().
+ /* As long as call-backs return no result, it is up to the
+ /* call-back routines to check if a previous call-back experienced
+ /* an error.
+ /*
/* Different mail user agents treat malformed message boundary
/* strings in different ways. The Postfix MIME processor cannot
/* be bug-compatible with everything.
***************
*** 492,497 ****
--- 499,505 ----
/* Volatile members. */
state->err_flags = 0;
+ state->body_offset = 0; /* XXX */
SET_MIME_STATE(state, MIME_STATE_PRIMARY,
MIME_CTYPE_TEXT, MIME_STYPE_PLAIN,
MIME_ENC_7BIT, MIME_ENC_7BIT);
***************
*** 931,936 ****
--- 939,953 ----
* messages. Otherwise, treat such headers as part of the "body". Set
* the proper encoding information for the multipart prolog.
*
+ * XXX We parse headers inside message/* content even when the encoding
+ * is invalid (encoding != domain). With base64 we won't recognize
+ * any headers, and with quoted-printable we won't recognize MIME
+ * boundary strings, but the MIME processor will still resynchronize
+ * when it runs into the higher-level boundary string at the end of
+ * the message/* content. Although we will treat some headers as body
+ * text, we will still do a better job than if we were treating the
+ * entire message/* content as body text.
+ *
* XXX This changes state to MIME_STATE_NESTED and then outputs a body
* line, so that the body offset is not properly reset.
*
***************
*** 959,968 ****
/*
* Invalid input. Force output of one blank line and jump to the
* body state, leaving all other state alone.
*/
else {
! SET_CURR_STATE(state, MIME_STATE_BODY);
! BODY_OUT(state, REC_TYPE_NORM, "", 0);
}
}
--- 976,1024 ----
/*
* Invalid input. Force output of one blank line and jump to the
* body state, leaving all other state alone.
+ *
+ * We don't break legitimate mail by inserting a blank line
+ * separator between primary headers and a non-empty body. Many
+ * MTA's don't even record the presence or absence of this
+ * separator, nor does the Milter protocol pass it on to Milter
+ * applications.
+ *
+ * XXX We don't insert a blank line separator into attachments, to
+ * avoid breaking digital signatures. Postfix shall not do a
+ * worse mail delivery job than MTAs that can't even parse MIME.
+ * We switch to body state anyway, to avoid treating body text as
+ * header text, and mis-interpreting or truncating it. The code
+ * below for initial From_ lines is for educational purposes.
+ *
+ * Sites concerned about MIME evasion can use a MIME normalizer.
+ * Postfix has a different mission.
*/
else {
! if (msg_verbose)
! msg_info("garbage in %s header",
! state->curr_state == MIME_STATE_MULTIPART ? "multipart" :
! state->curr_state == MIME_STATE_PRIMARY ? "primary" :
! state->curr_state == MIME_STATE_NESTED ? "nested" :
! "other");
! switch (state->curr_state) {
! case MIME_STATE_PRIMARY:
! BODY_OUT(state, REC_TYPE_NORM, "", 0);
! SET_CURR_STATE(state, MIME_STATE_BODY);
! break;
! #if 0
! case MIME_STATE_NESTED:
! if (state->body_offset <= 1
! && rec_type == REC_TYPE_NORM
! && len > 7
! && (strncmp(text + (*text == '>'), "From ", 5) == 0
! || strncmp(text, "=46rom ", 7) == 0))
! break;
! /* FALLTHROUGH */
! #endif
! default:
! SET_CURR_STATE(state, MIME_STATE_BODY);
! break;
! }
}
}
diff -cr /var/tmp/postfix-2.3.6/src/global/record.c ./src/global/record.c
*** /var/tmp/postfix-2.3.6/src/global/record.c Sun Sep 3 16:00:09 2006
--- ./src/global/record.c Sun Jan 21 15:44:46 2007
***************
*** 77,84 ****
/* and REC_FLAG_DEFAULT for normal use.
/*
/* rec_get() is a wrapper around rec_get_raw() that always
! /* enables the REC_FLAG_FOLLOW_PTR and REC_FLAG_SKIP_DTXT
! /* features.
/*
/* rec_put() stores the specified record and returns the record
/* type, or REC_TYPE_ERROR in case of problems.
--- 77,84 ----
/* and REC_FLAG_DEFAULT for normal use.
/*
/* rec_get() is a wrapper around rec_get_raw() that always
! /* enables the REC_FLAG_FOLLOW_PTR, REC_FLAG_SKIP_DTXT
! /* and REC_FLAG_SEEK_END features.
/*
/* rec_put() stores the specified record and returns the record
/* type, or REC_TYPE_ERROR in case of problems.
diff -cr /var/tmp/postfix-2.3.6/src/postalias/postalias.c ./src/postalias/postalias.c
*** /var/tmp/postfix-2.3.6/src/postalias/postalias.c Wed Jan 18 20:52:54 2006
--- ./src/postalias/postalias.c Thu Jan 4 18:05:30 2007
***************
*** 15,26 ****
/* and are expected to be suitable for the use as NIS alias maps.
/*
/* If the result files do not exist they will be created with the
! /* same group and other read permissions as the source file.
/*
/* While a database update is in progress, signal delivery is
/* postponed, and an exclusive, advisory, lock is placed on the
/* entire database, in order to avoid surprises in spectator
! /* programs.
/*
/* The format of Postfix alias input files is described in
/* \fBaliases\fR(5).
--- 15,26 ----
/* and are expected to be suitable for the use as NIS alias maps.
/*
/* If the result files do not exist they will be created with the
! /* same group and other read permissions as their source file.
/*
/* While a database update is in progress, signal delivery is
/* postponed, and an exclusive, advisory, lock is placed on the
/* entire database, in order to avoid surprises in spectator
! /* processes.
/*
/* The format of Postfix alias input files is described in
/* \fBaliases\fR(5).
***************
*** 48,53 ****
--- 48,57 ----
/* .IP \fB-f\fR
/* Do not fold the lookup key to lower case while creating or querying
/* a table.
+ /*
+ /* With Postfix version 2.3 and later, this option has no
+ /* effect for regular expression tables. There, case folding
+ /* is controlled by appending a flag to a pattern.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostalias\fR(1) creates
***************
*** 392,397 ****
--- 396,402 ----
mkmap->dict->flags |= DICT_FLAG_TRY0NULL;
vstring_sprintf(value_buffer, "%010ld", (long) time((time_t *) 0));
#if (defined(HAS_NIS) || defined(HAS_NISPLUS))
+ mkmap->dict->flags &= ~DICT_FLAG_FOLD_FIX;
mkmap_append(mkmap, "YP_LAST_MODIFIED", STR(value_buffer));
mkmap_append(mkmap, "YP_MASTER_NAME", var_myhostname);
#endif
diff -cr /var/tmp/postfix-2.3.6/src/postmap/postmap.c ./src/postmap/postmap.c
*** /var/tmp/postfix-2.3.6/src/postmap/postmap.c Wed Jan 18 20:52:51 2006
--- ./src/postmap/postmap.c Thu Jan 4 18:05:33 2007
***************
*** 17,28 ****
/* \fBmakemap \fIfile_type\fR \fIfile_name\fR < \fIfile_name\fR
/*
/* If the result files do not exist they will be created with the
! /* same group and other read permissions as the source file.
/*
/* While the table update is in progress, signal delivery is
/* postponed, and an exclusive, advisory, lock is placed on the
/* entire table, in order to avoid surprises in spectator
! /* programs.
/* INPUT FILE FORMAT
/* .ad
/* .fi
--- 17,28 ----
/* \fBmakemap \fIfile_type\fR \fIfile_name\fR < \fIfile_name\fR
/*
/* If the result files do not exist they will be created with the
! /* same group and other read permissions as their source file.
/*
/* While the table update is in progress, signal delivery is
/* postponed, and an exclusive, advisory, lock is placed on the
/* entire table, in order to avoid surprises in spectator
! /* processes.
/* INPUT FILE FORMAT
/* .ad
/* .fi
***************
*** 68,73 ****
--- 68,77 ----
/* .IP \fB-f\fR
/* Do not fold the lookup key to lower case while creating or querying
/* a table.
+ /*
+ /* With Postfix version 2.3 and later, this option has no
+ /* effect for regular expression tables. There, case folding
+ /* is controlled by appending a flag to a pattern.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostmap\fR(1) creates
diff -cr /var/tmp/postfix-2.3.6/src/smtpd/smtpd_check.c ./src/smtpd/smtpd_check.c
*** /var/tmp/postfix-2.3.6/src/smtpd/smtpd_check.c Fri Dec 29 12:23:38 2006
--- ./src/smtpd/smtpd_check.c Fri Jan 12 09:45:18 2007
***************
*** 2245,2250 ****
--- 2245,2251 ----
reply_class, def_acl);
}
argv_free(restrictions);
+ memcpy(ADDROF(smtpd_check_buf), ADDROF(savebuf), sizeof(smtpd_check_buf));
return (status);
}
diff -cr /var/tmp/postfix-2.3.6/src/smtpd/smtpd_exp.ref ./src/smtpd/smtpd_exp.ref
*** /var/tmp/postfix-2.3.6/src/smtpd/smtpd_exp.ref Thu Jun 1 21:05:07 2006
--- ./src/smtpd/smtpd_exp.ref Sun Jan 14 18:30:44 2007
***************
*** 107,114 ****
>>> mail sname@sdomain
OK
>>> rcpt rname@rdomain
! ./smtpd_check: : reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@example.tld; from= to= proto=SMTP helo=
! 554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@example.tld
>>> #
>>> # Check MX access
>>> #
--- 107,114 ----
>>> mail sname@sdomain
OK
>>> rcpt rname@rdomain
! ./smtpd_check: : reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@domain; from= to= proto=SMTP helo=
! 554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@domain
>>> #
>>> # Check MX access
>>> #
diff -cr /var/tmp/postfix-2.3.6/src/util/dict_cdb.c ./src/util/dict_cdb.c
*** /var/tmp/postfix-2.3.6/src/util/dict_cdb.c Thu Jan 19 13:08:02 2006
--- ./src/util/dict_cdb.c Thu Jan 4 09:32:01 2007
***************
*** 110,116 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 110,118 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
***************
*** 234,244 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
-
ksize = strlen(name);
vsize = strlen(value);
--- 236,247 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
ksize = strlen(name);
vsize = strlen(value);
diff -cr /var/tmp/postfix-2.3.6/src/util/dict_db.c ./src/util/dict_db.c
*** /var/tmp/postfix-2.3.6/src/util/dict_db.c Thu Jun 15 14:07:16 2006
--- ./src/util/dict_db.c Thu Jan 4 09:06:07 2007
***************
*** 194,200 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 194,202 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
***************
*** 265,271 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 267,275 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
***************
*** 349,355 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 353,361 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
diff -cr /var/tmp/postfix-2.3.6/src/util/dict_dbm.c ./src/util/dict_dbm.c
*** /var/tmp/postfix-2.3.6/src/util/dict_dbm.c Mon Jun 26 08:59:19 2006
--- ./src/util/dict_dbm.c Thu Jan 4 09:07:36 2007
***************
*** 93,99 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 93,101 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
***************
*** 161,167 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 163,171 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
***************
*** 239,245 ****
/*
* Optionally fold the key.
*/
! if (dict->fold_buf) {
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
--- 243,251 ----
/*
* Optionally fold the key.
*/
! if (dict->flags & DICT_FLAG_FOLD_FIX) {
! if (dict->fold_buf == 0)
! dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
diff -cr /var/tmp/postfix-2.3.6/src/util/match_list.c ./src/util/match_list.c
*** /var/tmp/postfix-2.3.6/src/util/match_list.c Thu Jun 15 14:07:16 2006
--- ./src/util/match_list.c Thu Jan 18 09:15:07 2007
***************
*** 96,102 ****
};
#define MATCH_DICTIONARY(pattern) \
! ((pattern)[0] != '[' && strchr((pattern), ':') != 0)
/* match_list_parse - parse buffer, destroy buffer */
--- 96,102 ----
};
#define MATCH_DICTIONARY(pattern) \
! ((pattern + strspn(pattern, "!"))[0] != '[' && strchr((pattern), ':') != 0)
/* match_list_parse - parse buffer, destroy buffer */
diff -cr /var/tmp/postfix-2.3.6/src/util/msg_output.c ./src/util/msg_output.c
*** /var/tmp/postfix-2.3.6/src/util/msg_output.c Sun Dec 10 12:27:52 2006
--- ./src/util/msg_output.c Fri Jan 12 10:42:09 2007
***************
*** 150,155 ****
--- 150,158 ----
{
if (msg_vprintf_lock == 0) {
msg_vprintf_lock = 1;
+ /* On-the-fly initialization for debugging test programs only. */
+ if (msg_output_fn_count == 0)
+ msg_vstream_init("unknown", VSTREAM_ERR);
/* OK if terminating signal handler hijacks control before next stmt. */
vstring_vsprintf(msg_buffer, percentm(format, errno), ap);
msg_text(level, vstring_str(msg_buffer));