diff -upk.orig postfix-2.2.4.orig/conf/main.cf postfix-2.2.4/conf/main.cf --- postfix-2.2.4.orig/conf/main.cf 2005-03-04 17:48:25 +0000 +++ postfix-2.2.4/conf/main.cf 2005-06-23 12:37:33 +0000 @@ -56,7 +56,7 @@ mail_owner = postfix # These rights are used in the absence of a recipient user context. # DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. # -#default_privs = nobody +#default_privs = postman # INTERNET HOST AND DOMAIN NAMES # @@ -172,7 +172,7 @@ mail_owner = postfix # local_recipient_maps setting if: # # - You define $mydestination domain recipients in files other than -# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# /etc/passwd, /etc/postfix/aliases, or the $virtual_alias_maps files. # For example, you define $mydestination domain recipients in # the $virtual_mailbox_maps files. # @@ -221,10 +221,8 @@ unknown_local_recipient_reject_code = 55 # You can specify the list of "trusted" network addresses by hand # or you can let Postfix do it for you (which is the default). # -# By default (mynetworks_style = subnet), Postfix "trusts" SMTP -# clients in the same IP subnetworks as the local machine. -# On Linux, this does works correctly only with interfaces specified -# with the "ifconfig" command. +# By default (mynetworks_style = host), Postfix "trusts" SMTP +# clients of the local machine only. # # Specify "mynetworks_style = class" when Postfix should "trust" SMTP # clients in the same IP class A/B/C networks as the local machine. @@ -232,8 +230,8 @@ unknown_local_recipient_reject_code = 55 # your entire provider's network. Instead, specify an explicit # mynetworks list by hand, as described below. # -# Specify "mynetworks_style = host" when Postfix should "trust" -# only the local machine. +# Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP +# clients in the same IP subnetworks as the local machine. # #mynetworks_style = class #mynetworks_style = subnet @@ -364,16 +362,16 @@ unknown_local_recipient_reject_code = 55 # database, then the NIS alias database. See aliases(5) for syntax # details. # -# If you change the alias database, run "postalias /etc/aliases" (or +# If you change the alias database, run "postalias /etc/postfix/aliases" (or # wherever your system stores the mail alias file), or simply run # "newaliases" to build the necessary DBM or DB file. # # It will take a minute or so before changes become visible. Use # "postfix reload" to eliminate the delay. # -#alias_maps = dbm:/etc/aliases -#alias_maps = hash:/etc/aliases -#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = cdb:/etc/postfix/aliases +#alias_maps = hash:/etc/postfix/aliases +#alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases #alias_maps = netinfo:/aliases # The alias_database parameter specifies the alias database(s) that @@ -381,10 +379,9 @@ unknown_local_recipient_reject_code = 55 # configuration parameter, because alias_maps (see above) may specify # tables that are not necessarily all under control by Postfix. # -#alias_database = dbm:/etc/aliases -#alias_database = dbm:/etc/mail/aliases -#alias_database = hash:/etc/aliases -#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases +#alias_database = cdb:/etc/postfix/aliases +#alias_database = hash:/etc/postfix/aliases +#alias_database = hash:/etc/postfix/aliases, hash:/opt/majordomo/aliases # ADDRESS EXTENSIONS (e.g., user+foo) # diff -upk.orig postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html postfix-2.2.4/proto/ADDRESS_REWRITING_README.html --- postfix-2.2.4.orig/proto/ADDRESS_REWRITING_README.html 2005-03-09 19:30:54 +0000 +++ postfix-2.2.4/proto/ADDRESS_REWRITING_README.html 2005-06-23 12:37:33 +0000 @@ -1030,8 +1030,8 @@ one of the following:
@@ -1042,7 +1042,8 @@ Usually it is one of the following:/etc/postfix/main.cf: - alias_maps = hash:/etc/aliases - alias_maps = dbm:/etc/aliases, nis:mail.aliases + alias_maps = cdb:/etc/postfix/aliases + alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases
/etc/postfix/main.cf: - alias_database = hash:/etc/aliases (4.4BSD, LINUX) + alias_database = cdb:/etc/postfix/aliases (LINUX) + alias_database = hash:/etc/aliases (4.4BSD) alias_database = dbm:/etc/aliases (4.3BSD, SYSV<4) alias_database = dbm:/etc/mail/aliases (SYSV4)diff -upk.orig postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html --- postfix-2.2.4.orig/proto/BASIC_CONFIGURATION_README.html 2004-10-25 20:58:59 +0000 +++ postfix-2.2.4/proto/BASIC_CONFIGURATION_README.html 2005-06-29 17:10:04 +0000 @@ -255,19 +255,15 @@ hostnames of the machine, including $myhBy default, Postfix will forward mail from clients in authorized network blocks to any destination. Authorized networks are defined with the mynetworks configuration parameter. The default is to -authorize all clients in the IP subnetworks that the local machine -is attached to.
- -IMPORTANT: If your machine is connected to a wide area network -then your default mynetworks setting may be too friendly.
+authorize all clients from the local machine only.Examples (specify only one of the following):
/etc/postfix/main.cf: - mynetworks_style = subnet (default: authorize subnetworks) - mynetworks_style = host (safe: authorize local machine only) + mynetworks_style = subnet (unsafe: authorize subnetworks) + mynetworks_style = host (default: authorize local machine only) mynetworks = 127.0.0.0/8 (safe: authorize local machine only) mynetworks = 127.0.0.0/8 168.100.189.2/32 (authorize local machine)@@ -280,13 +276,13 @@ parameter value.-
Specify "mynetworks_style = host" when Postfix should -forward mail from only the local machine.
+Specify "mynetworks_style = host" (the default) when +Postfix should forward mail from only the local machine.
-Specify "mynetworks_style = subnet" (the default) when -Postfix should forward mail from SMTP clients in the same IP -subnetworks as the local machine. On Linux, this works correctly -only with interfaces specified with the "ifconfig" command.
+Specify "mynetworks_style = subnet" when Postfix should +forward mail from SMTP clients in the same IP subnetworks as the +local machine. On Linux, this works correctly only with +interfaces specified with the "ip" command.
Specify "mynetworks_style = class" when Postfix should forward mail from SMTP clients in the same IP class A/B/C networks @@ -373,14 +369,14 @@ for the super-user to a human person too
-/etc/aliases: +/etc/postfix/aliases: postmaster: you root: youExecute the command "newaliases" after changing the aliases -file. Instead of /etc/aliases, your alias file may be located +file. Instead of /etc/postfix/aliases, your alias file may be located elsewhere. Use the command "postconf alias_maps" to find out.
The Postfix system reports problems to the postmaster alias. diff -upk.orig postfix-2.2.4.orig/proto/VIRTUAL_README.html postfix-2.2.4/proto/VIRTUAL_README.html --- postfix-2.2.4.orig/proto/VIRTUAL_README.html 2004-04-23 23:49:43 +0000 +++ postfix-2.2.4/proto/VIRTUAL_README.html 2005-06-23 12:37:33 +0000 @@ -259,7 +259,7 @@ section at the top of this document.
2 virtual_mailbox_domains = example.com ...more domains... 3 virtual_mailbox_base = /var/mail/vhosts 4 virtual_mailbox_maps = hash:/etc/postfix/vmailbox - 5 virtual_minimum_uid = 100 + 5 virtual_minimum_uid = 500 6 virtual_uid_maps = static:5000 7 virtual_gid_maps = static:5000 8 virtual_alias_maps = hash:/etc/postfix/virtual diff -upk.orig postfix-2.2.4.orig/proto/postconf.proto postfix-2.2.4/proto/postconf.proto --- postfix-2.2.4.orig/proto/postconf.proto 2005-03-09 19:48:30 +0000 +++ postfix-2.2.4/proto/postconf.proto 2005-06-29 17:50:57 +0000 @@ -844,7 +844,7 @@ Examples:default_database_type = hash -default_database_type = dbm +default_database_type = cdb%PARAM default_delivery_slot_cost 5 @@ -932,7 +932,7 @@ which would never accumulate at least th (subject to slot cost parameter as well) are never preempted. -%PARAM default_privs nobody +%PARAM default_privs postmanThe default rights used by the local(8) delivery agent for delivery @@ -1133,7 +1133,7 @@ Time units: s (seconds), m (minutes), h The default time unit is s (seconds).
-%PARAM disable_vrfy_command no +%PARAM disable_vrfy_command yesDisable the SMTP VRFY command. This stops some techniques used to @@ -6668,7 +6668,7 @@ Postfix refuses mail that is nested deep This feature is available in Postfix 2.0 and later.
-%PARAM mynetworks_style subnet +%PARAM mynetworks_style hostThe method to generate the default value for the mynetworks parameter. @@ -6683,7 +6683,7 @@ This is the list of trusted networks for
Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP clients in the same IP subnetworks as the local machine. On Linux, this works correctly only with interfaces -specified with the "ifconfig" command.
+specified with the "ip" command.Specify "mynetworks_style = class" when Postfix should "trust" SMTP clients in the same IP class A/B/C networks as the @@ -7501,7 +7501,7 @@ it will open the table directly. Before virtual(8) delivery agent will terminate with a fatal error.
-%PARAM virtual_minimum_uid 100 +%PARAM virtual_minimum_uid 500The minimum user ID value that the virtual(8) delivery agent accepts diff -upk.orig postfix-2.2.4.orig/src/global/mail_params.h postfix-2.2.4/src/global/mail_params.h --- postfix-2.2.4.orig/src/global/mail_params.h 2005-02-27 15:06:07 +0000 +++ postfix-2.2.4/src/global/mail_params.h 2005-06-23 12:37:33 +0000 @@ -69,7 +69,7 @@ extern char *var_sgid_group; extern gid_t var_sgid_gid; #define VAR_DEFAULT_PRIVS "default_privs" -#define DEF_DEFAULT_PRIVS "nobody" +#define DEF_DEFAULT_PRIVS "postman" extern char *var_default_privs; extern uid_t var_default_uid; extern gid_t var_default_gid; @@ -323,7 +323,7 @@ extern bool var_broken_auth_clients; * Standards violation: disable VRFY. */ #define VAR_DISABLE_VRFY_CMD "disable_vrfy_command" -#define DEF_DISABLE_VRFY_CMD 0 +#define DEF_DISABLE_VRFY_CMD 1 extern bool var_disable_vrfy_cmd; /* @@ -415,7 +415,7 @@ extern bool var_percent_hack; */ #define VAR_ALIAS_MAPS "alias_maps" #ifdef HAS_NIS -#define DEF_ALIAS_MAPS ALIAS_DB_MAP ", nis:mail.aliases" +#define DEF_ALIAS_MAPS ALIAS_DB_MAP #else #define DEF_ALIAS_MAPS ALIAS_DB_MAP #endif @@ -1492,7 +1492,7 @@ extern int var_trigger_timeout; extern char *var_mynetworks; #define VAR_MYNETWORKS_STYLE "mynetworks_style" -#define DEF_MYNETWORKS_STYLE MYNETWORKS_STYLE_SUBNET +#define DEF_MYNETWORKS_STYLE MYNETWORKS_STYLE_HOST extern char *var_mynetworks_style; #define MYNETWORKS_STYLE_CLASS "class" @@ -1851,7 +1851,7 @@ extern char *var_virt_uid_maps; extern char *var_virt_gid_maps; #define VAR_VIRT_MINUID "virtual_minimum_uid" -#define DEF_VIRT_MINUID 100 +#define DEF_VIRT_MINUID 500 extern int var_virt_minimum_uid; #define VAR_VIRT_MAILBOX_BASE "virtual_mailbox_base" diff -upk.orig postfix-2.2.4.orig/src/local/local.c postfix-2.2.4/src/local/local.c --- postfix-2.2.4.orig/src/local/local.c 2005-06-23 12:26:28 +0000 +++ postfix-2.2.4/src/local/local.c 2005-06-23 12:37:33 +0000 @@ -434,7 +434,7 @@ /* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR" /* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in /* $name expansions of $mailbox_command. -/* .IP "\fBdefault_privs (nobody)\fR" +/* .IP "\fBdefault_privs (postman)\fR" /* The default rights used by the \fBlocal\fR(8) delivery agent for delivery /* to external file or command. /* .IP "\fBforward_expansion_filter (see 'postconf -d' output)\fR" diff -upk.orig postfix-2.2.4.orig/src/util/sys_defs.h postfix-2.2.4/src/util/sys_defs.h --- postfix-2.2.4.orig/src/util/sys_defs.h 2005-06-21 21:12:00 +0000 +++ postfix-2.2.4/src/util/sys_defs.h 2005-06-29 17:52:47 +0000 @@ -616,11 +616,11 @@ extern int initgroups(const char *, int) #define HAS_FLOCK_LOCK #define HAS_FCNTL_LOCK #define INTERNAL_LOCK MYFLOCK_STYLE_FLOCK -#define DEF_MAILBOX_LOCK "fcntl, dotlock" /* RedHat >= 4.x */ +#define DEF_MAILBOX_LOCK "fcntl" /* ALT Linux mbox locking policy */ #define HAS_FSYNC #define HAS_DB -#define DEF_DB_TYPE "hash" -#define ALIAS_DB_MAP "hash:/etc/aliases" +#define DEF_DB_TYPE "cdb" +#define ALIAS_DB_MAP "cdb:/etc/postfix/aliases" #define HAS_NIS #define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0) #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin" diff -upk.orig postfix-2.2.4.orig/src/virtual/virtual.c postfix-2.2.4/src/virtual/virtual.c --- postfix-2.2.4.orig/src/virtual/virtual.c 2005-02-08 19:12:24 +0000 +++ postfix-2.2.4/src/virtual/virtual.c 2005-05-08 13:38:44 +0000 @@ -159,7 +159,7 @@ /* .IP "\fBvirtual_mailbox_maps (empty)\fR" /* Optional lookup tables with all valid addresses in the domains that /* match $virtual_mailbox_domains. -/* .IP "\fBvirtual_minimum_uid (100)\fR" +/* .IP "\fBvirtual_minimum_uid (500)\fR" /* The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts /* as a result from $virtual_uid_maps table lookup. /* .IP "\fBvirtual_uid_maps (empty)\fR"