From 1808db7bf2f3268fc30ad772bb4488bbc8d7ec5b Mon Sep 17 00:00:00 2001 From: tron Date: Sat, 26 Feb 2011 08:58:59 +0000 Subject: Update "postfix" package to version 2.8.1. Changes since version 2.7.2: Postfix stable release 2.8.0 is available. This release continues the move towards improving code and documentation, and making the system better prepared for changes in the threat environment. The postscreen daemon (a zombie blocker in front of Postfix) is now included with the stable release. postscreen now supports TLS and can log the rejected sender, recipient and helo information. See the POSTSCREEN_README file for recommended usage scenarios. Support for DNS whitelisting (permit_rhswl_client), and for pattern matching to filter the responses from DNS white/blacklist servers (e.g., reject_rhsbl_client zen.spamhaus.org=127.0.0.[1..10]). Improved message tracking across SMTP-based content filters; the after-filter SMTP server can log the before-filter queue ID (the XCLIENT protocol was extended). Read-only support for sqlite databases. See sqlite_table(5) and SQLITE_README. Support for 'footers' that are appended to SMTP server "reject" responses. See "smtpd_reject_footer" in the postconf(5) manpage. This update was tested by Takahiro Kambe. --- mail/postfix/Makefile | 5 +- mail/postfix/PLIST | 12 +- mail/postfix/distinfo | 12 +- mail/postfix/patches/patch-as | 55 --------- mail/postfix/patches/patch-at | 261 ------------------------------------------ mail/postfix/patches/patch-au | 39 ------- mail/postfix/patches/patch-av | 24 ---- 7 files changed, 17 insertions(+), 391 deletions(-) delete mode 100644 mail/postfix/patches/patch-as delete mode 100644 mail/postfix/patches/patch-at delete mode 100644 mail/postfix/patches/patch-au delete mode 100644 mail/postfix/patches/patch-av (limited to 'mail') diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index 9558b3ebb79..afb04191c7e 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -1,12 +1,11 @@ -# $NetBSD: Makefile,v 1.236 2010/11/28 18:14:10 tron Exp $ +# $NetBSD: Makefile,v 1.237 2011/02/26 08:58:59 tron Exp $ -DISTNAME= postfix-2.7.2 +DISTNAME= postfix-2.8.1 CATEGORIES= mail MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ MASTER_SITES+= http://postfix.it-austria.net/releases/official/ MASTER_SITES+= http://mirrors.isc.org/pub/postfix/official/ MASTER_SITES+= http://mirror.postfix.jp/postfix-release/official/ -DIST_SUBDIR= postfix MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.postfix.org/ diff --git a/mail/postfix/PLIST b/mail/postfix/PLIST index 3532e38759d..883c4554769 100644 --- a/mail/postfix/PLIST +++ b/mail/postfix/PLIST @@ -1,9 +1,10 @@ -@comment $NetBSD: PLIST,v 1.24 2010/02/25 13:01:22 martti Exp $ +@comment $NetBSD: PLIST,v 1.25 2011/02/26 08:58:59 tron Exp $ bin/mailq bin/newaliases libexec/postfix/anvil libexec/postfix/bounce libexec/postfix/cleanup +libexec/postfix/dnsblog libexec/postfix/discard libexec/postfix/error libexec/postfix/flush @@ -21,6 +22,7 @@ libexec/postfix/postfix-files libexec/postfix/postfix-script libexec/postfix/postfix-wrapper libexec/postfix/postmulti-script +libexec/postfix/postscreen libexec/postfix/proxymap libexec/postfix/qmgr libexec/postfix/qmqpd @@ -30,6 +32,7 @@ libexec/postfix/smtp libexec/postfix/smtpd libexec/postfix/spawn libexec/postfix/tlsmgr +libexec/postfix/tlsproxy libexec/postfix/trivial-rewrite libexec/postfix/verify libexec/postfix/virtual @@ -67,6 +70,7 @@ man/man5/postconf.5 man/man5/postfix-wrapper.5 man/man5/regexp_table.5 man/man5/relocated.5 +man/man5/sqlite_table.5 man/man5/tcp_table.5 man/man5/transport.5 man/man5/virtual.5 @@ -75,12 +79,14 @@ man/man8/bounce.8 man/man8/cleanup.8 man/man8/defer.8 man/man8/discard.8 +man/man8/dnsblog.8 man/man8/error.8 man/man8/flush.8 man/man8/lmtp.8 man/man8/local.8 man/man8/master.8 man/man8/oqmgr.8 +man/man8/postscreen.8 man/man8/pickup.8 man/man8/pipe.8 man/man8/proxymap.8 @@ -92,6 +98,7 @@ man/man8/smtp.8 man/man8/smtpd.8 man/man8/spawn.8 man/man8/tlsmgr.8 +man/man8/tlsproxy.8 man/man8/trace.8 man/man8/trivial-rewrite.8 man/man8/verify.8 @@ -140,6 +147,7 @@ share/doc/postfix/OVERVIEW share/doc/postfix/PACKAGE_README share/doc/postfix/PCRE_README share/doc/postfix/PGSQL_README +share/doc/postfix/POSTSCREEN_README share/doc/postfix/QSHAPE_README share/doc/postfix/RELEASE_NOTES share/doc/postfix/RESTRICTION_CLASS_README @@ -148,6 +156,8 @@ share/doc/postfix/SCHEDULER_README share/doc/postfix/SMTPD_ACCESS_README share/doc/postfix/SMTPD_POLICY_README share/doc/postfix/SMTPD_PROXY_README +share/doc/postfix/SOHO_README +share/doc/postfix/SQLITE_README share/doc/postfix/STANDARD_CONFIGURATION_README share/doc/postfix/STRESS_README share/doc/postfix/TLS_LEGACY_README diff --git a/mail/postfix/distinfo b/mail/postfix/distinfo index 09d893c7d76..e48e590fd3b 100644 --- a/mail/postfix/distinfo +++ b/mail/postfix/distinfo @@ -1,12 +1,8 @@ -$NetBSD: distinfo,v 1.132 2010/11/28 18:14:10 tron Exp $ +$NetBSD: distinfo,v 1.133 2011/02/26 08:58:59 tron Exp $ -SHA1 (postfix/postfix-2.7.2.tar.gz) = 2415c63c98ba0e0273bcb490ee7753a3891f5a73 -RMD160 (postfix/postfix-2.7.2.tar.gz) = e07a59f2f663b286a6c24e75b98952a51d2234fe -Size (postfix/postfix-2.7.2.tar.gz) = 3421671 bytes +SHA1 (postfix-2.8.1.tar.gz) = c2b5aa6ed3520fd9298b140a71a09fee8ee40f4d +RMD160 (postfix-2.8.1.tar.gz) = 21a7a46c2e62d98108271423129589bff30ee248 +Size (postfix-2.8.1.tar.gz) = 3643859 bytes SHA1 (patch-aa) = 5b4923402c80957e47b8a4e16c897287b88544bb SHA1 (patch-ag) = 53f42aec86af576e1ffc420f1b9a19c988c3fe6c SHA1 (patch-ai) = ef3feef8a4fe7781a89f7e087fc5780760b461b1 -SHA1 (patch-as) = 621b92e56606794f28ab267c6c5d723734471389 -SHA1 (patch-at) = b0abf2c49bfe94153f7a3845b5709ff8e0027a03 -SHA1 (patch-au) = 60396f5f182e0f247b06974dc5cf912dbcf84bbf -SHA1 (patch-av) = 98073186738e1a4fcd0f620096f4be83a9ff9e73 diff --git a/mail/postfix/patches/patch-as b/mail/postfix/patches/patch-as deleted file mode 100644 index 1b1ad59bbf2..00000000000 --- a/mail/postfix/patches/patch-as +++ /dev/null @@ -1,55 +0,0 @@ -$NetBSD: patch-as,v 1.6 2010/02/25 13:01:23 martti Exp $ - -Support for sqlite. - ---- src/global/Makefile.in.orig 2009-10-07 03:09:52.000000000 +0300 -+++ src/global/Makefile.in 2010-02-25 14:49:15.000000000 +0200 -@@ -4,7 +4,7 @@ - clnt_stream.c conv_time.c db_common.c debug_peer.c debug_process.c \ - defer.c deliver_completed.c deliver_flock.c deliver_pass.c \ - deliver_request.c dict_ldap.c dict_mysql.c dict_pgsql.c \ -- dict_proxy.c domain_list.c dot_lockfile.c dot_lockfile_as.c \ -+ dict_proxy.c dict_sqlite.c domain_list.c dot_lockfile.c dot_lockfile_as.c \ - dsb_scan.c dsn.c dsn_buf.c dsn_mask.c dsn_print.c dsn_util.c \ - ehlo_mask.c ext_prop.c file_id.c flush_clnt.c header_opts.c \ - header_token.c input_transp.c int_filt.c is_header.c log_adhoc.c \ -@@ -35,7 +35,7 @@ - clnt_stream.o conv_time.o db_common.o debug_peer.o debug_process.o \ - defer.o deliver_completed.o deliver_flock.o deliver_pass.o \ - deliver_request.o dict_ldap.o dict_mysql.o dict_pgsql.o \ -- dict_proxy.o domain_list.o dot_lockfile.o dot_lockfile_as.o \ -+ dict_proxy.o dict_sqlite.o domain_list.o dot_lockfile.o dot_lockfile_as.o \ - dsb_scan.o dsn.o dsn_buf.o dsn_mask.o dsn_print.o dsn_util.o \ - ehlo_mask.o ext_prop.o file_id.o flush_clnt.o header_opts.o \ - header_token.o input_transp.o int_filt.o is_header.o log_adhoc.o \ -@@ -65,7 +65,7 @@ - canon_addr.h cfg_parser.h cleanup_user.h clnt_stream.h config.h \ - conv_time.h db_common.h debug_peer.h debug_process.h defer.h \ - deliver_completed.h deliver_flock.h deliver_pass.h deliver_request.h \ -- dict_ldap.h dict_mysql.h dict_pgsql.h dict_proxy.h domain_list.h \ -+ dict_ldap.h dict_mysql.h dict_pgsql.h dict_proxy.h dict_sqlite.h domain_list.h \ - dot_lockfile.h dot_lockfile_as.h dsb_scan.h dsn.h dsn_buf.h \ - dsn_mask.h dsn_print.h dsn_util.h ehlo_mask.h ext_prop.h \ - file_id.h flush_clnt.h header_opts.h header_token.h input_transp.h \ -@@ -868,6 +868,13 @@ - dict_proxy.o: dict_proxy.h - dict_proxy.o: mail_params.h - dict_proxy.o: mail_proto.h -+dict_sqlite.o: ../../include/dict.h -+dict_sqlite.o: ../../include/msg.h -+dict_sqlite.o: ../../include/sys_defs.h -+dict_sqlite.o: cfg_parser.h -+dict_sqlite.o: db_common.h -+dict_sqlite.o: dict_sqlite.c -+dict_sqlite.o: dict_sqlite.h - domain_list.o: ../../include/match_list.h - domain_list.o: ../../include/match_ops.h - domain_list.o: ../../include/sys_defs.h -@@ -1239,6 +1246,7 @@ - mail_dict.o: dict_mysql.h - mail_dict.o: dict_pgsql.h - mail_dict.o: dict_proxy.h -+mail_dict.o: dict_sqlite.h - mail_dict.o: mail_dict.c - mail_dict.o: mail_dict.h - mail_error.o: ../../include/name_mask.h diff --git a/mail/postfix/patches/patch-at b/mail/postfix/patches/patch-at deleted file mode 100644 index 5edb4dedda2..00000000000 --- a/mail/postfix/patches/patch-at +++ /dev/null @@ -1,261 +0,0 @@ -$NetBSD: patch-at,v 1.4 2008/10/16 09:40:20 martti Exp $ - -Support for sqlite. - ---- src/global/dict_sqlite.c.orig 2008-10-17 00:40:21.000000000 +0200 -+++ src/global/dict_sqlite.c -@@ -0,0 +1,254 @@ -+/*++ -+/* NAME -+/* dict_sqlite 3 -+/* SUMMARY -+/* dictionary manager interface to SQLite3 databases -+/* SYNOPSIS -+/* #include -+/* -+/* DICT *dict_sqlite_open(name, open_flags, dict_flags) -+/* const char *name; -+/* int open_flags; -+/* int dict_flags; -+/* DESCRIPTION -+/* dict_sqlite_open() creates a dictionary of type 'sqlite'. This -+/* dictionary is an interface for the postfix key->value mappings -+/* to SQLite. The result is a pointer to the installed dictionary, -+/* or a null pointer in case of problems. -+/* .PP -+/* Arguments: -+/* .IP name -+/* Either the path to the SQLite configuration file (if it starts -+/* with '/' or '.'), or the prefix which will be used to obtain -+/* main.cf configuration parameters for this search. -+/* -+/* In the first case, the configuration parameters below are -+/* specified in the file as \fIname\fR=\fBvalue\fR pairs. -+/* -+/* In the second case, the configuration parameters are -+/* prefixed with the value of \fIname\fR and an underscore, -+/* and they are specified in main.cf. For example, if this -+/* value is \fIsqlitecon\fR, the parameters would look like -+/* \fIsqlitecon_user\fR, \fIsqlitecon_table\fR, and so on. -+/* -+/* .IP open_flags -+/* Must be O_RDONLY. -+/* .IP dict_flags -+/* See dict_open(3). -+/* .PP -+/* Configuration parameters: -+/* -+/* The parameters encodes a number of pieces of information: -+/* dbpath, query, table, select_field and where_field: -+/* .IP \fIdbpath\fR -+/* Path to SQLite database -+/* .IP \fIquery\fR -+/* Query template, before the query is actually issued, variable -+/* substitutions are performed. See sqlite_table(5) for details. If -+/* No query is specified, the legacy variables \fItable\fR, -+/* \fIselect_field\fR, \fIwhere_field\fR and \fIadditional_conditions\fR -+/* are used to construct the query template. -+/* .IP \fIresult_format\fR -+/* The format used to expand results from queries. Substitutions -+/* are performed as described in sqlite_table(5). Defaults to returning -+/* the lookup result unchanged. -+/* .IP expansion_limit -+/* Limit (if any) on the total number of lookup result values. Lookups which -+/* exceed the limit fail with dict_errno=DICT_ERR_RETRY. Note that each -+/* non-empty (and non-NULL) column of a multi-column result row counts as -+/* one result. -+/* -+/* SEE ALSO -+/* dict(3) generic dictionary manager -+/* AUTHOR(S) -+/* Axel Steiner -+/* ast@treibsand.com -+/*--*/ -+ -+/* System library. */ -+#include "sys_defs.h" -+ -+#ifdef HAS_SQLITE -+#include -+ -+/* Utility library. */ -+ -+#include "msg.h" -+#include "dict.h" -+#include "vstring.h" -+#include "stringops.h" -+ -+/* Global library. */ -+ -+#include "cfg_parser.h" -+#include "db_common.h" -+ -+/* Application-specific. */ -+ -+#include "dict_sqlite.h" -+ -+typedef struct { -+ DICT dict; -+ CFG_PARSER *parser; -+ sqlite3 *db; -+ char *dbpath; -+ char *query; -+ char *result_format; -+ int expansion_limit; -+ void *ctx; -+} DICT_SQLITE; -+ -+typedef sqlite3_stmt *SQL; -+ -+/* internal function declarations */ -+ -+static const char *dict_sqlite_lookup(DICT *, const char *); -+DICT *dict_sqlite_open(const char *, int, int); -+static void dict_sqlite_close(DICT *); -+static void sqlite_parse_config(DICT_SQLITE *, const char *); -+ -+ -+/* dict_sqlite_close - close the database */ -+ -+static void dict_sqlite_close(DICT *dict) { -+ const char *myname = "dict_sqlite_close"; -+ DICT_SQLITE *dict_sqlite = (DICT_SQLITE *) dict; -+ -+ if (msg_verbose) -+ msg_info("%s: dict_sqlite_close", myname); -+ if (sqlite3_close(dict_sqlite->db) != SQLITE_OK) -+ msg_fatal("%s: DB close failed", myname); -+ cfg_parser_free(dict_sqlite->parser); -+ if (dict->fold_buf) -+ vstring_free(dict->fold_buf); -+ dict_free(dict); -+} -+ -+ -+/* dict_sqlite_lookup - find database entry */ -+ -+static const char *dict_sqlite_lookup(DICT *dict, const char *name) { -+ const char *myname = "dict_sqlite_lookup"; -+ DICT_SQLITE *dict_sqlite = (DICT_SQLITE *) dict; -+ SQL sql; -+ const char *zErrMsg; -+ static VSTRING *query; -+ static VSTRING *result; -+ const char *r; -+ int expansion = 0; -+ -+ /* -+ * Optionally fold the key. -+ */ -+ if (dict->fold_buf) { -+ vstring_strcpy(dict->fold_buf, name); -+ name = lowercase(vstring_str(dict->fold_buf)); -+ } -+ -+ if (db_common_check_domain(dict_sqlite->ctx, name) == 0) { -+ if (msg_verbose) -+ msg_info("%s: Skipping lookup of '%s'", myname, name); -+ return (0); -+ } -+ -+#define INIT_VSTR(buf, len) do { \ -+ if (buf == 0) \ -+ buf = vstring_alloc(len); \ -+ VSTRING_RESET(buf); \ -+ VSTRING_TERMINATE(buf); \ -+ } while (0) -+ -+ INIT_VSTR(query, 10); -+ -+ if (!db_common_expand(dict_sqlite->ctx, dict_sqlite->query, -+ name, 0, query, NULL)) -+ return (0); -+ -+ if (msg_verbose) -+ msg_info("%s: %s: Searching with query %s", myname, -+ dict_sqlite->parser->name, vstring_str(query)); -+ -+ if(sqlite3_prepare_v2(dict_sqlite->db,vstring_str(query),-1,&sql,&zErrMsg)!=SQLITE_OK) { -+ msg_fatal("%s: sql prepare %s\n",myname,sqlite3_errmsg(dict_sqlite->db)); -+ } -+ -+ INIT_VSTR(result, 10); -+ while (sqlite3_step(sql) == SQLITE_ROW ) { -+ if (db_common_expand(dict_sqlite->ctx, dict_sqlite->result_format, -+ sqlite3_column_text(sql, 0), name, result, 0) -+ && dict_sqlite->expansion_limit > 0 -+ && ++expansion > dict_sqlite->expansion_limit) { -+ msg_warn("%s: %s: Expansion limit exceeded for key: '%s'", -+ myname, dict_sqlite->parser->name, name); -+ dict_errno = DICT_ERR_RETRY; -+ break; -+ } -+ } -+ -+ if(sqlite3_finalize(sql)){ -+ msg_fatal("%s: sql finalize for %s; %s\n",myname,vstring_str(query),sqlite3_errmsg(dict_sqlite->db)); -+ return(0); -+ } -+ -+ -+ r = vstring_str(result); -+ return ((dict_errno == 0 && *r) ? r : 0); -+} -+ -+/* sqlite_parse_config - parse sqlite configuration file */ -+ -+static void sqlite_parse_config(DICT_SQLITE *dict_sqlite, const char *sqlitecf) { -+ CFG_PARSER *p; -+ VSTRING *buf; -+ -+ p = dict_sqlite->parser = cfg_parser_alloc(sqlitecf); -+ dict_sqlite->dbpath = cfg_get_str(p, "dbpath", "", 1, 0); -+ dict_sqlite->result_format = cfg_get_str(p, "result_format", "%s", 1, 0); -+ -+ if ((dict_sqlite->query = cfg_get_str(p, "query", NULL, 0, 0)) == 0) { -+ buf = vstring_alloc(64); -+ db_common_sql_build_query(buf, p); -+ dict_sqlite->query = vstring_export(buf); -+ } -+ dict_sqlite->expansion_limit = cfg_get_int(p,"expansion_limit", 0, 0, 0); -+ dict_sqlite->ctx = 0; -+ -+ (void) db_common_parse(&dict_sqlite->dict, &dict_sqlite->ctx, dict_sqlite->query, 1); -+ (void) db_common_parse(0, &dict_sqlite->ctx, dict_sqlite->result_format, 0); -+ -+ db_common_parse_domain(p, dict_sqlite->ctx); -+ -+ if (db_common_dict_partial(dict_sqlite->ctx)) -+ dict_sqlite->dict.flags |= DICT_FLAG_PATTERN; -+ else -+ dict_sqlite->dict.flags |= DICT_FLAG_FIXED; -+ -+ if (dict_sqlite->dict.flags & DICT_FLAG_FOLD_FIX) -+ dict_sqlite->dict.fold_buf = vstring_alloc(10); -+} -+ -+/* dict_sqlite_open - open sqlite database */ -+ -+DICT *dict_sqlite_open(const char *name, int open_flags, int dict_flags) { -+ DICT_SQLITE *dict_sqlite; -+ -+ /* -+ * Sanity checks. -+ */ -+ if (open_flags != O_RDONLY) -+ msg_fatal("%s:%s map requires O_RDONLY access mode", DICT_TYPE_SQLITE, name); -+ -+ dict_sqlite = (DICT_SQLITE *) dict_alloc(DICT_TYPE_SQLITE, name, sizeof(DICT_SQLITE)); -+ dict_sqlite->dict.lookup = dict_sqlite_lookup; -+ dict_sqlite->dict.close = dict_sqlite_close; -+ dict_sqlite->dict.flags = dict_flags; -+ sqlite_parse_config(dict_sqlite, name); -+ -+ if (sqlite3_open(dict_sqlite->dbpath, &dict_sqlite->db)) { -+ msg_fatal("Can't open database: %s\n", sqlite3_errmsg(dict_sqlite->db)); -+ sqlite3_close(dict_sqlite->db); -+ } -+ -+ return (DICT_DEBUG (&dict_sqlite->dict)); -+} -+#endif diff --git a/mail/postfix/patches/patch-au b/mail/postfix/patches/patch-au deleted file mode 100644 index 8094b1d4521..00000000000 --- a/mail/postfix/patches/patch-au +++ /dev/null @@ -1,39 +0,0 @@ -$NetBSD: patch-au,v 1.5 2008/10/16 09:40:20 martti Exp $ - -Support for sqlite. - ---- src/global/dict_sqlite.h.orig 2008-10-17 00:40:21.000000000 +0200 -+++ src/global/dict_sqlite.h -@@ -0,0 +1,32 @@ -+#ifndef _DICT_SQLITE_H_INCLUDED_ -+#define _DICT_SQLITE_H_INCLUDED_ -+ -+/*++ -+/* NAME -+/* dict_sqlite 3h -+/* SUMMARY -+/* dictionary manager interface to sqlite databases -+/* SYNOPSIS -+/* #include -+/* DESCRIPTION -+/* .nf -+ -+ /* -+ * Utility library. -+ */ -+#include -+ -+ /* -+ * External interface. -+ */ -+#define DICT_TYPE_SQLITE "sqlite" -+ -+extern DICT *dict_sqlite_open(const char *, int, int); -+ -+ -+/* AUTHOR(S) -+/* Axel Steiner -+/* ast@treibsand.com -+/*--*/ -+ -+#endif diff --git a/mail/postfix/patches/patch-av b/mail/postfix/patches/patch-av deleted file mode 100644 index 1b25124a499..00000000000 --- a/mail/postfix/patches/patch-av +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-av,v 1.6 2008/10/16 09:40:20 martti Exp $ - -Support for sqlite. - ---- src/global/mail_dict.c.orig 2008-01-08 22:07:47.000000000 +0100 -+++ src/global/mail_dict.c -@@ -36,6 +36,7 @@ - #include - #include - #include -+#include - #include - - typedef struct { -@@ -54,6 +55,9 @@ static const DICT_OPEN_INFO dict_open_in - #ifdef HAS_PGSQL - DICT_TYPE_PGSQL, dict_pgsql_open, - #endif -+#ifdef HAS_SQLITE -+ DICT_TYPE_SQLITE, dict_sqlite_open, -+#endif - 0, - }; - -- cgit v1.2.3