Age | Commit message (Collapse) | Author |
|
|
|
OK henning@
|
|
each .c file, and out of the .h files. To avoid overinclude.
ok gilles, in principle. If this has been done right, -portable should
become easier to maintain.
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
Fixes a pfctl crash with an anchor name containing
an embedded nul found with the afl fuzzer.
pfctl parse.y patch from and ok deraadt@
|
|
format string, create a temporary message.
OK doug@
|
|
No yyerror() calls needed to be changed.
ok bluhm@
|
|
|
|
- fail if the same option is specified multiple times on a listener
- prompt for queue encryption key after config parsing, not during.
- add ip addresses to localnames table
- prepare for filters
|
|
|
|
to fatal at startup if truncation occured and we had enabled filters
(void) cast a strlcpy() that cannot truncate
|
|
fatal at startup if truncation occured and we had enabled filters
|
|
the truncation rather than failing the ioctl() call that follows.
|
|
it could lead to smtpd not finding itself in a MX lookup if a hostname is
specified that exceeds the max hostname len.
while at it, add a missing free()
|
|
|
|
confused a few people
ok eric@
|
|
- rename "struct ssl" and "cert" to "struct pki" and "cert" to "pki_name"
- inherit pki conf on fork instead of passing it through imsg at startup
- implement SNI on smtp listeners
|
|
default permissions and mtree NOT changed.
prodded by benno, ok phessler benno jmatthew theo pelikan florian
|
|
bzero -> memset
|
|
|
|
hammering effects.
|
|
|
|
parse.y in the tree
issue found by millert, ok gilles
|
|
|
|
tempfail for limiting the number of pending deliveries to the same
user. This allows to reach optimal delivery time even in case of
burst, while keeping the number of inflight envelopes low.
|
|
scheduling of mta/mda envelopes until the number of inflight envelopes
falls below that line.
|
|
Make sure a pki entry exists when used in a listen or relay rule.
|
|
Simplify code and do not impose an order on conditions and rule options.
Format changes that may require smtpd.conf update for some setups:
- SSL certificates are no longer automatically loaded, but must be
explicitely declared using the "pki" keyword.
- "certificate" option becomes "pki" in listener and accept rules.
- "ssl://" becomes "secure://" in relay via rules.
- "helo" becomes "hostnames" in relay rules
New features:
- accept rules do not need an explicit action, in which case alias table
or .forward must provide one.
- new "forward-only" action to force relaying and reject rcpts that expand
as local delivery.
- "!" (negation) modifier on rule matching conditions.
- new "recipient" rule matching condition.
- new "verify" option on listeners and relay rules to reject invalid
certificates.
Other changes:
- remember the helo name advertised on incoming mail and use it for sending
bounces.
- bump envelope version (existing envelopes are updated on-the-fly).
|
|
This is a work-in-progress and it's not supposed to be useable for now.
|
|
- parse the whole input before trying to establish the connection
to the local socket: fixes timeout problems when reading the output
of a long running program.
- use sendmail(8)-like exit status.
|
|
- Better transient error handling logic: failing destinations are
automatically disabled for a while. When a destination is active
again, ask the scheduler to retry previous envelopes immediatly.
- More informative error report when all routes fail for a mail.
- Implement a "smtpctl show hoststats" command to get the latest stat
message per MX domain.
- Implement a "smtpctl show routes" command to show the state the
currently known routes to remote MXs.
- Implement a "smtpctl resume route" command to re-enable a route that
has been disabled.
- Do not hardcode limits
- Minor code improvements
|
|
- cleanup the internal queue backend API and get rid of the QOP_* thing.
- implement a queue_proc backend
- rename queue_fsqueue.c to queue_fs
- enable support for queue encryption
- add an envelope cache
- better logging and error reporting
|
|
process. Stop building experimental table_sqlite and table_ldap as
they will be provided as external backends.
|
|
|
|
|
|
okay gilles@, eric@
|
|
ok gilles@
|
|
that from bgpd, so that it logs to syslog when daemonized.
|
|
|
|
- replace "users" keyword with "userbase" when providing alternate userbase
- disambiguise expansion nodes when expanding across domains and userbases
- allow use of '=' instead of '=>' when declaring a mapping
ok eric@
|
|
ok eric
|
|
|
|
* first bricks of ldap and sqlite support (not finished but both working)
* new table API to replace map API, all lookups are done through tables
* improved handling of temporary errors throughout the daemon
* improved scheduler and mta logic: connection reuse, optimizes batches
* improved queue: more tolerant to admin errors, new layout, less disk-IO
* improved memory usage under high load
* SSL certs/keys isolated to lookup process to avoid facing network
* VIRTUAL support improved, fully virtual setups possible now
* runtime tracing of processes through smtpctl trace
* ssl_privsep.c sync-ed with relayd
* ssl.c no longer contains smtpd specific interfaces
* smtpd-specific ssl bits moved to ssl_smtpd.c
* update mail address in copyright
FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE.
smtpd.conf(5) simplified, it will require adaptations
ok eric@
|
|
* Log more events (especially client session) and use a better scheme
for that: each messages is prefixed with a token to easily identify
its class:
- info/warn/debug: general server messages
- smtp-in: smtp client connections
- relay: status update for relayed messages
- delivery: status update for local deliveries
* Implement "smtpctl monitor" to display updates of selected internal
counters.
* When reloading the on-disk queue at startup do not commit a message
if no envelope was submitted for that message.
* Remove unused stuff in the config parser.
ok gilles@
|
|
The idea is to have a file-backed map but to have smtpd(8) cache the maps
so that it cannot be partially read if edited while mail is received. The
file is read and converted to a static map (map_static.c), changes aren't
visible to smtpd until an explicit: smtpctl update map which reads file,
builds a new static map and invalidates the former.
partial-read issue discussed with beck@ and halex@
idea to convert internally to a static map by eric@
diff ok eric@ and chl@
|
|
ok eric@, chl@
|
|
- make listen statements impose authentication if 'auth' is specified and
to make it optional if 'auth-optional' is specified;
- sync documentation accordingly
with ideas and input from beck@ and halex@, ok eric@
|
|
to a sane default for everyone.
|
|
map aliases source plain "/etc/mail/aliases"
can be reduced to:
map aliases "/etc/mail/aliases"
|
|
ok gilles@
|