diff -upk.orig postfix-2.2.4.orig/conf/main.cf postfix-2.2.4/conf/main.cf
--- postfix-2.2.4.orig/conf/main.cf	2005-03-04 17:48:25 +0000
+++ postfix-2.2.4/conf/main.cf	2005-06-23 12:37:33 +0000
@@ -56,7 +56,7 @@ mail_owner = postfix
 # These rights are used in the absence of a recipient user context.
 # DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
 #
-#default_privs = nobody
+#default_privs = postman
 
 # INTERNET HOST AND DOMAIN NAMES
 # 
@@ -172,7 +172,7 @@ mail_owner = postfix
 # local_recipient_maps setting if:
 #
 # - You define $mydestination domain recipients in files other than
-#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
+#   /etc/passwd, /etc/postfix/aliases, or the $virtual_alias_maps files.
 #   For example, you define $mydestination domain recipients in    
 #   the $virtual_mailbox_maps files.
 #
@@ -221,10 +221,8 @@ unknown_local_recipient_reject_code = 55
 # You can specify the list of "trusted" network addresses by hand
 # or you can let Postfix do it for you (which is the default).
 #
-# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
-# clients in the same IP subnetworks as the local machine.
-# On Linux, this does works correctly only with interfaces specified
-# with the "ifconfig" command.
+# By default (mynetworks_style = host), Postfix "trusts" SMTP
+# clients of the local machine only.
 # 
 # Specify "mynetworks_style = class" when Postfix should "trust" SMTP
 # clients in the same IP class A/B/C networks as the local machine.
@@ -232,8 +230,8 @@ unknown_local_recipient_reject_code = 55
 # your entire provider's network.  Instead, specify an explicit
 # mynetworks list by hand, as described below.
 #  
-# Specify "mynetworks_style = host" when Postfix should "trust"
-# only the local machine.
+# Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP
+# clients in the same IP subnetworks as the local machine.
 # 
 #mynetworks_style = class
 #mynetworks_style = subnet
@@ -364,16 +362,16 @@ unknown_local_recipient_reject_code = 55
 # database, then the NIS alias database. See aliases(5) for syntax
 # details.
 # 
-# If you change the alias database, run "postalias /etc/aliases" (or
+# If you change the alias database, run "postalias /etc/postfix/aliases" (or
 # wherever your system stores the mail alias file), or simply run
 # "newaliases" to build the necessary DBM or DB file.
 #
 # It will take a minute or so before changes become visible.  Use
 # "postfix reload" to eliminate the delay.
 #
-#alias_maps = dbm:/etc/aliases
-#alias_maps = hash:/etc/aliases
-#alias_maps = hash:/etc/aliases, nis:mail.aliases
+#alias_maps = cdb:/etc/postfix/aliases
+#alias_maps = hash:/etc/postfix/aliases
+#alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
 #alias_maps = netinfo:/aliases
 
 # The alias_database parameter specifies the alias database(s) that
@@ -381,10 +379,9 @@ unknown_local_recipient_reject_code = 55
 # configuration parameter, because alias_maps (see above) may specify
 # tables that are not necessarily all under control by Postfix.
 #
-#alias_database = dbm:/etc/aliases
-#alias_database = dbm:/etc/mail/aliases
-#alias_database = hash:/etc/aliases
-#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
+#alias_database = cdb:/etc/postfix/aliases
+#alias_database = hash:/etc/postfix/aliases
+#alias_database = hash:/etc/postfix/aliases, hash:/opt/majordomo/aliases
 
 # ADDRESS EXTENSIONS (e.g., user+foo)
 #
diff -upk.orig postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html postfix-2.2.4/proto/ADDRESS_REWRITING_README.html
--- postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html	2005-03-09 19:30:54 +0000
+++ postfix-2.2.4/proto/ADDRESS_REWRITING_README.html	2005-06-23 12:37:33 +0000
@@ -1030,8 +1030,8 @@ one of the following: </p>
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
-    alias_maps = hash:/etc/aliases
-    alias_maps = dbm:/etc/aliases, nis:mail.aliases
+    alias_maps = cdb:/etc/postfix/aliases
+    alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
 </pre>
 </blockquote>
 
@@ -1042,7 +1042,8 @@ Usually it is one of the following: </p>
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
-    alias_database = hash:/etc/aliases (4.4BSD, LINUX)
+    alias_database = cdb:/etc/postfix/aliases (LINUX)
+    alias_database = hash:/etc/aliases (4.4BSD)
     alias_database = dbm:/etc/aliases (4.3BSD, SYSV&lt;4)
     alias_database = dbm:/etc/mail/aliases (SYSV4)
 </pre>
diff -upk.orig postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html
--- postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html	2004-10-25 20:58:59 +0000
+++ postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html	2005-06-29 17:10:04 +0000
@@ -255,19 +255,15 @@ hostnames of the machine, including $myh
 <p> By default, Postfix will forward mail from clients in authorized
 network blocks to any destination.  Authorized networks are defined
 with the mynetworks configuration parameter. The default is to
-authorize all clients in the IP subnetworks that the local machine
-is attached to. </p>
-
-<p> IMPORTANT: If your machine is connected to a wide area network
-then your default mynetworks setting may be too friendly. </p>
+authorize all clients from the local machine only. </p>
 
 <p> Examples (specify only one of the following): </p>
 
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
-    mynetworks_style = subnet  (default: authorize subnetworks)
-    mynetworks_style = host    (safe: authorize local machine only)
+    mynetworks_style = subnet  (unsafe: authorize subnetworks)
+    mynetworks_style = host    (default: authorize local machine only)
     mynetworks = 127.0.0.0/8   (safe: authorize local machine only)
     mynetworks = 127.0.0.0/8 168.100.189.2/32 (authorize local machine) 
 </pre>
@@ -280,13 +276,13 @@ parameter value.
 
 <ul>
 
-<li> <p> Specify "mynetworks_style = host" when Postfix should
-forward mail from only the local machine. </p>
+<li> <p> Specify "mynetworks_style = host" (the default) when
+Postfix should forward mail from only the local machine. </p>
 
-<li> <p> Specify "mynetworks_style = subnet" (the default) when
-Postfix should forward mail from SMTP clients in the same IP
-subnetworks as the local machine.  On Linux, this works correctly
-only with interfaces specified with the "ifconfig" command. </p>
+<li> <p> Specify "mynetworks_style = subnet" when Postfix should
+forward mail from SMTP clients in the same IP subnetworks as the
+local machine.  On Linux, this works correctly only with
+interfaces specified with the "ip" command. </p>
 
 <li> <p> Specify "mynetworks_style = class" when Postfix should
 forward mail from SMTP clients in the same IP class A/B/C networks
@@ -373,14 +369,14 @@ for the super-user to a human person too
 
 <blockquote>
 <pre>
-/etc/aliases:
+/etc/postfix/aliases:
     postmaster: you
     root: you
 </pre>
 </blockquote>
 
 <p> Execute the command "newaliases" after changing the aliases
-file.  Instead of /etc/aliases, your alias file may be located
+file.  Instead of /etc/postfix/aliases, your alias file may be located
 elsewhere.  Use the command "postconf alias_maps" to find out.</p>
 
 <p> The Postfix system reports problems to the postmaster alias.
diff -upk.orig postfix-2.2.4.orig/proto/VIRTUAL_README.html postfix-2.2.4/proto/VIRTUAL_README.html
--- postfix-2.2.4.orig/proto/VIRTUAL_README.html	2004-04-23 23:49:43 +0000
+++ postfix-2.2.4/proto/VIRTUAL_README.html	2005-06-23 12:37:33 +0000
@@ -259,7 +259,7 @@ section at the top of this document.</p>
  2     virtual_mailbox_domains = example.com ...more domains...
  3     virtual_mailbox_base = /var/mail/vhosts
  4     virtual_mailbox_maps = hash:/etc/postfix/vmailbox
- 5     virtual_minimum_uid = 100
+ 5     virtual_minimum_uid = 500
  6     virtual_uid_maps = static:5000
  7     virtual_gid_maps = static:5000
  8     virtual_alias_maps = hash:/etc/postfix/virtual
diff -upk.orig postfix-2.2.4.orig/proto/postconf.proto postfix-2.2.4/proto/postconf.proto
--- postfix-2.2.4.orig/proto/postconf.proto	2005-03-09 19:48:30 +0000
+++ postfix-2.2.4/proto/postconf.proto	2005-06-29 17:50:57 +0000
@@ -844,7 +844,7 @@ Examples:
 
 <pre>
 default_database_type = hash
-default_database_type = dbm
+default_database_type = cdb
 </pre>
 
 %PARAM default_delivery_slot_cost 5
@@ -932,7 +932,7 @@ which would never accumulate at least th
 (subject to slot cost parameter as well) are never preempted.
 </p>
 
-%PARAM default_privs nobody
+%PARAM default_privs postman
 
 <p>
 The default rights used by the local(8) delivery agent for delivery
@@ -1133,7 +1133,7 @@ Time units: s (seconds), m (minutes), h 
 The default time unit is s (seconds).
 </p>
 
-%PARAM disable_vrfy_command no
+%PARAM disable_vrfy_command yes
 
 <p>
 Disable the SMTP VRFY command. This stops some techniques used to
@@ -6668,7 +6668,7 @@ Postfix refuses mail that is nested deep
 This feature is available in Postfix 2.0 and later.
 </p>
 
-%PARAM mynetworks_style subnet
+%PARAM mynetworks_style host
 
 <p>
 The method to generate the default value for the mynetworks parameter.
@@ -6683,7 +6683,7 @@ This is the list of trusted networks for
 <li><p>Specify "mynetworks_style = subnet" when Postfix
 should "trust" SMTP clients in the same IP subnetworks as the local
 machine.  On Linux, this works correctly only with interfaces
-specified with the "ifconfig" command. </p>
+specified with the "ip" command. </p>
 
 <li><p>Specify "mynetworks_style = class" when Postfix should
 "trust" SMTP clients in the same IP class A/B/C networks as the
@@ -7501,7 +7501,7 @@ it will open the table directly. Before 
 virtual(8) delivery agent will terminate with a fatal error.
 </p>
 
-%PARAM virtual_minimum_uid 100
+%PARAM virtual_minimum_uid 500
 
 <p>
 The minimum user ID value that the virtual(8) delivery agent accepts
diff -upk.orig postfix-2.2.4.orig/src/global/mail_params.h postfix-2.2.4/src/global/mail_params.h
--- postfix-2.2.4.orig/src/global/mail_params.h	2005-02-27 15:06:07 +0000
+++ postfix-2.2.4/src/global/mail_params.h	2005-06-23 12:37:33 +0000
@@ -69,7 +69,7 @@ extern char *var_sgid_group;
 extern gid_t var_sgid_gid;
 
 #define VAR_DEFAULT_PRIVS	"default_privs"
-#define DEF_DEFAULT_PRIVS	"nobody"
+#define DEF_DEFAULT_PRIVS	"postman"
 extern char *var_default_privs;
 extern uid_t var_default_uid;
 extern gid_t var_default_gid;
@@ -323,7 +323,7 @@ extern bool var_broken_auth_clients;
   * Standards violation: disable VRFY.
   */
 #define VAR_DISABLE_VRFY_CMD	"disable_vrfy_command"
-#define DEF_DISABLE_VRFY_CMD	0
+#define DEF_DISABLE_VRFY_CMD	1
 extern bool var_disable_vrfy_cmd;
 
  /*
@@ -415,7 +415,7 @@ extern bool var_percent_hack;
   */
 #define VAR_ALIAS_MAPS		"alias_maps"
 #ifdef HAS_NIS
-#define DEF_ALIAS_MAPS		ALIAS_DB_MAP ", nis:mail.aliases"
+#define DEF_ALIAS_MAPS		ALIAS_DB_MAP
 #else
 #define DEF_ALIAS_MAPS		ALIAS_DB_MAP
 #endif
@@ -1492,7 +1492,7 @@ extern int var_trigger_timeout;
 extern char *var_mynetworks;
 
 #define VAR_MYNETWORKS_STYLE	"mynetworks_style"
-#define DEF_MYNETWORKS_STYLE	MYNETWORKS_STYLE_SUBNET
+#define DEF_MYNETWORKS_STYLE	MYNETWORKS_STYLE_HOST
 extern char *var_mynetworks_style;
 
 #define	MYNETWORKS_STYLE_CLASS	"class"
@@ -1851,7 +1851,7 @@ extern char *var_virt_uid_maps;
 extern char *var_virt_gid_maps;
 
 #define VAR_VIRT_MINUID			"virtual_minimum_uid"
-#define DEF_VIRT_MINUID			100
+#define DEF_VIRT_MINUID			500
 extern int var_virt_minimum_uid;
 
 #define VAR_VIRT_MAILBOX_BASE		"virtual_mailbox_base"
diff -upk.orig postfix-2.2.4.orig/src/local/local.c postfix-2.2.4/src/local/local.c
--- postfix-2.2.4.orig/src/local/local.c	2005-06-23 12:26:28 +0000
+++ postfix-2.2.4/src/local/local.c	2005-06-23 12:37:33 +0000
@@ -434,7 +434,7 @@
 /* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
 /*	Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
 /*	$name expansions of $mailbox_command.
-/* .IP "\fBdefault_privs (nobody)\fR"
+/* .IP "\fBdefault_privs (postman)\fR"
 /*	The default rights used by the \fBlocal\fR(8) delivery agent for delivery
 /*	to external file or command.
 /* .IP "\fBforward_expansion_filter (see 'postconf -d' output)\fR"
diff -upk.orig postfix-2.2.4.orig/src/util/sys_defs.h postfix-2.2.4/src/util/sys_defs.h
--- postfix-2.2.4.orig/src/util/sys_defs.h	2005-06-21 21:12:00 +0000
+++ postfix-2.2.4/src/util/sys_defs.h	2005-06-29 17:52:47 +0000
@@ -616,11 +616,11 @@ extern int initgroups(const char *, int)
 #define HAS_FLOCK_LOCK
 #define HAS_FCNTL_LOCK
 #define INTERNAL_LOCK	MYFLOCK_STYLE_FLOCK
-#define DEF_MAILBOX_LOCK "fcntl, dotlock"	/* RedHat >= 4.x */
+#define DEF_MAILBOX_LOCK "fcntl"	/* ALT Linux mbox locking policy */
 #define HAS_FSYNC
 #define HAS_DB
-#define DEF_DB_TYPE	"hash"
-#define ALIAS_DB_MAP	"hash:/etc/aliases"
+#define DEF_DB_TYPE	"cdb"
+#define ALIAS_DB_MAP	"cdb:/etc/postfix/aliases"
 #define HAS_NIS
 #define GETTIMEOFDAY(t)	gettimeofday(t,(struct timezone *) 0)
 #define ROOT_PATH	"/bin:/usr/bin:/sbin:/usr/sbin"
diff -upk.orig postfix-2.2.4.orig/src/virtual/virtual.c postfix-2.2.4/src/virtual/virtual.c
--- postfix-2.2.4.orig/src/virtual/virtual.c	2005-02-08 19:12:24 +0000
+++ postfix-2.2.4/src/virtual/virtual.c	2005-05-08 13:38:44 +0000
@@ -159,7 +159,7 @@
 /* .IP "\fBvirtual_mailbox_maps (empty)\fR"
 /*	Optional lookup tables with all valid addresses in the domains that
 /*	match $virtual_mailbox_domains.
-/* .IP "\fBvirtual_minimum_uid (100)\fR"
+/* .IP "\fBvirtual_minimum_uid (500)\fR"
 /*	The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
 /*	as a result from $virtual_uid_maps table lookup.
 /* .IP "\fBvirtual_uid_maps (empty)\fR"