diff options
Diffstat (limited to '')
-rw-r--r-- | proto/stop | 35 | ||||
-rw-r--r-- | proto/stop.double-cc | 2 | ||||
-rw-r--r-- | proto/stop.double-history | 87 | ||||
-rw-r--r-- | proto/stop.double-install-proto-text | 4 | ||||
-rw-r--r-- | proto/stop.double-proto-html | 118 | ||||
-rw-r--r-- | proto/stop.spell-cc | 42 | ||||
-rw-r--r-- | proto/stop.spell-history | 20 | ||||
-rw-r--r-- | proto/stop.spell-proto-html | 17 |
8 files changed, 315 insertions, 10 deletions
@@ -1182,7 +1182,6 @@ Nexthop OP OTIFY OpenSSL's -Postix Pt SECG SSLEAY @@ -1577,3 +1576,37 @@ Korbar ffdhe srv stderr +charset +latin +utf +mb +SPKI +certificate's +pubout +rpk +sni +Amawalk +resychronization +ENVID +netcat +probers +lf +EOD +chunking +allowlists +FWS +mongodb +Aionda +Ferraro +GmbH +Hamid +LLC +Maadani +GTEST +MONGODB +MongoDB +Sakaguchi +Toshifumi +envid +manpages +rr diff --git a/proto/stop.double-cc b/proto/stop.double-cc index 8efd133..bff4534 100644 --- a/proto/stop.double-cc +++ b/proto/stop.double-cc @@ -333,3 +333,5 @@ void void cleanup_milter_receive state count Available in in Postfix version 2 3 3 7 length length of 0 31 0 127 address address string length + whether the standard End of DATA sequence CRLF CRLF is required and + Require CRLF CRLF diff --git a/proto/stop.double-history b/proto/stop.double-history index c1026c8..f6df421 100644 --- a/proto/stop.double-history +++ b/proto/stop.double-history @@ -12,7 +12,6 @@ Fix by Viktor Dukhovni Files tls tls h tls tls_dane c Discovered by Benny Pedersen File postscreen postscreen c proto postconf proto src tlsproxy tlsproxy c src smtpd smtpd c - proto postconf proto src tlsproxy tlsproxy c src smtpd smtpd c src tls tls h src tls tls_proxy_client_misc c src tls tls_misc c src global mail_params h src smtp smtp c attacks Fix by Viktor Dukhovni Files tls tls h tls_client c @@ -25,18 +24,98 @@ arguments Files src dns dns h src dns dns_rr_eq_sa c only a subset of all arguments Files src dns dns h global mail_params h smtp smtp c smtpd smtpd c tls tls_misc c - global mail_params h smtp smtp c smtpd smtpd c tls tls_misc c tls tls_proxy_client_scan c tls tls_proxy h tlsproxy tlsproxy c smtp smtp c smtpd smtpd c tls tls_misc c - smtp smtp c smtpd smtpd c tls tls_misc c proto proto SASL_README html proto SQLITE_README html proto postconf proto global mail_params h smtp smtp c smtpd smtpd c tls tls_misc c tls tls_proxy_client_misc c tls tls_proxy h tlsproxy tlsproxy c postfix postfix c postlog postlog c - postfix postfix c postlog postlog c util net_mask_top hc smtpd smtpd c smtpd smtpd_peer c util inet_prefix_top hc smtpd smtpd c smtpd smtpd_peer c File smtp smtp h manpage File postscreen postscreen c Files postconf postconf h postconf postconf_dbms c +proto proto ADDRESS_REWRITING_README html + proto postconf proto proto ADDRESS_REWRITING_README html + cleanup cleanup c local local c smtpd smtpd c + postfix postfix c + aliasing Files proto aliases proto virtual postfix postfix c +proto proto aliases proto virtual proto ADDRESS_REWRITING_README html + master master c postlog postlog c postlogd postlogd c + proto postconf proto proto aliases proto virtual + posttls finger posttls finger c smtp smtp c smtp smtp_proto c + tls tls_client c tls tls h tls tls_misc c + tls tls_proxy h tls tls_server c tlsproxy tlsproxy c + Cleanup removed some the the instances Files + clients Files posttls finger posttls finger c smtp smtp c + smtp smtp c smtp smtp_proto c tls tls_client c tls tls h + smtp smtp c smtpd smtpd c tls tls_client c tls tls h + smtp smtp_proto c tls tls h tls tls_proxy_client_misc c + tls tls_server c tlsproxy tlsproxy c + tlsproxy tlsproxy c + proto postconf proto smtp smtp c smtpd smtpd c + pipelining before the server greeting File smtpd smtpd c + before the server greeting File smtpd smtpd c + global mail_params h smtpd smtpd c proto postconf proto + Typo fix by Trent W Buck Files proto postconf proto proto stop + smtp smtp c smtp smtp h smtp smtp_params c smtp smtp_proto c + smtp smtp_tls_policy c smtpd smtpd c smtpd smtpd_check c + tls tls h tls tls_client c tls tls_dane c tls tls_fprint c + reported by Serg File smtp smtp h + smtp lmtp_params c smtp smtp c smtp smtp_params c + plaintext Problem reported by Serg File smtp smtp h + cleanup cleanup c cleanup cleanup_init c proto postconf proto + smtpd smtpd c + proto postconf proto postscreen postscreen c + global maillog_client c master master c smtp smtp c + src postalias postalias c src postmap postmap c + src postalias postalias c src postmap postmap c + src smtpd smtpd c src smtpd smtpd_check c + not proxymap or proxywrite File proxymap proxymap c + still has its all zero SIZE record File postcat postcat c + manpage text File smtp smtp c + manpage text Files smtp smtp c global mail_proto h + File proxymap proxymap c + on process name Files smtp smtp c global mail_proto h + client process name File proxymap proxymap c + available Files local command c local local c + ID if available File pipe pipe c + global smtp_stream h smtpd smtpd c + global smtp_stream c global smtp_stream h smtpd smtpd c + log the helo mail and rcpt information Files smtpd smtpd c + LF LF or LF CR LF before responding This increases + smtpd smtpd c global smtp_stream hc global cleanup_user h + smtpd smtpd c smtpd smtpd_check c + keep reading message content after an unexpected LF LF + forms Files proto postconf proto smtpd smtpd c + CR LF CR CR LF File global smtp_stream c + CR LF CR CR LF There is no smuggling vulnerability + sequence mail systems send CR LF CR CR LF instead + global mail_params h cleanup cleanup c cleanup cleanup_message c + Files smtpd smtpd c proto postconf proto RELEASE_NOTES + stable releases Files global smtp_stream hc smtpd smtpd c + Files global smtp_stream hc smtpd smtpd c + Files smtpd smtpd c proto postconf proto + names Files smtpd smtpd hc + or access control limitations Files smtpd smtpd hc + spam the log with a warning message File tlsmgr tlsmgr c + Cleanup tlsmgr c fix 20240124 File tlsmgr tlsmgr c + MX or SRV records File smtp smtp c + a list of comma separated names Files smtpd smtpd hc + dnsblog dnsblog c postkick postkick c postlock postlock c + postdrop postdrop c postsuper postsuper c sendmail sendmail c + postlogd postlogd c + qmgr qmgr c qmqpd qmqpd c trivial rewrite trivial rewrite c + strategies File smtp smtp c + postconf postconf c postconf postconf_dbms c postconf postconf h + postconf postconf c postconf postconf_unused c + postfix start start fg check reload status Files + Files postconf postconf c postconf postconf_unused c + the commands postfix start start fg check reload or + status Files postconf postconf c postconf postconf_dbms c + postconf postconf h conf postfix script conf post install + postconf postconf c postconf postconf_dbms c + File tlsmgr tlsmgr c + restrictions Files dns dns h dns dns_lookup c dns dns_rr c + systems 6 bytes for LP64 File dns dns h diff --git a/proto/stop.double-install-proto-text b/proto/stop.double-install-proto-text index 338286e..4e3f43d 100644 --- a/proto/stop.double-install-proto-text +++ b/proto/stop.double-install-proto-text @@ -39,3 +39,7 @@ root root you shlib_directory shlib_directory user foo domain user domain domain virtual virtual alias domain anything right hand content does not matter + skipping unexpected LF LF in DATA from +Inbound SMTP smuggling strip extra CR in CR LF CR CR LF +Inbound SMTP smuggling don t strip extra CR in CR LF CR CR LF + CR LF CR CR LF to silence false alarms from test tools diff --git a/proto/stop.double-proto-html b/proto/stop.double-proto-html index c216f95..a4b2332 100644 --- a/proto/stop.double-proto-html +++ b/proto/stop.double-proto-html @@ -42,7 +42,6 @@ dd dd The default algorithm is b sha256 b with Postfix ge 3 6 dd No TLS TLS will not be used unless enabled for specific Dec 4 04 30 09 hostname postfix smtpd 58549 NOQUEUE reject default_transport uucp uucp gateway - different client IP addresses Lookup results override the the global Documentation Documentation is available as README files start with the file done done done done @@ -202,8 +201,6 @@ smtp_tls_mandatory_protocols SSLv2 SSLv3 TLSv1 TLSv1 1 SSLv3 TLSv1 TLSv1 1 TLSv1 2 and TLSv1 3 Starting with T 5 10 20 40 80 160 320 640 1280 1280 T A 5 10 20 40 80 160 320 320 - The and match and literally Without the the - The matches literally Without the the would Therefore 301 0301 0x301 and 0x0301 are all equivalent to The syntax of name value value name value and name value the the backed up domain tld domain This prevents your mail queue @@ -246,3 +243,118 @@ dt dt b name value b Postfix ge 3 0 dt parametername stress something something Other p Note on OpenBSD systems specify dev dev arandom when dev dev urandom user3 example net smtp smtp relay example net submission + virtual_alias_maps hash etc postfix virtual virtual aliasing +system_wide_settings system_wide_settings +ssl_library_settings ssl_library_settings +initial_ssl_settings initial_ssl_settings +postfix_settings postfix_settings +postfix_ssl_settings postfix_ssl_settings +baseline_postfix_settings baseline_postfix_settings + The and match and literally Without the the + The matches literally Without the the would + The example is simplified for educational purposes In reality my patterns list multiple domain names as domain domain + The matches literally Without the the would match any character + The and match and literally Without the the and would be grouping operators + The matches literally Without the the would match any character + pipeline all commands following EHLO for example MAIL RCPT BDAT BDAT MAIL RCPT BDAT without ever having to wait for a server response This means that with BDAT the Postfix SMTP server cannot distinguish between a well behaved client and a + NOTE Postfix 3 6 also introduces support for the level level and other operators to compare compatibility levels With the standard operators etc compatibility level 3 10 would be smaller than 3 9 which is undesirable + Otherwise the benefits of SMTP connection caching are minor it eliminates the latency of the TCP handshake SYN SYN ACK ACK plus the latency of the SMTP initial handshake 220 greeting EHLO command EHLO response With TLS encrypted + Otherwise the benefits of SMTP connection caching are minor it eliminates the latency of the TCP handshake SYN SYN ACK ACK plus the latency of the SMTP initial handshake 220 greeting EHLO command EHLO response With TLS encrypted + 3 Reject the mail by sending a suitable status code back to Postfix Postfix will send the mail back to the sender address + Line 8 NEVER NEVER NEVER use the t command line option here It will mis deliver mail like sending messages from a mailing list back to the mailing list + Line 8 NEVER NEVER NEVER use the t command line option here It will mis deliver mail like sending messages from a mailing list back to the mailing list +Documentation Documentation is available as README files start with the file README_FILES AAAREADME as HTML web pages point your browser to html index html and as UNIX style manual pages + Parameters whose defaults can be specified in this way are listed below See the postconf 5 manpage for a description command nroff man man man5 postconf 5 less + Parameters whose defaults can be specified in this way are listed below See the postconf 5 manpage for a description command nroff man man man5 postconf 5 less +mynetworks mynetworks 127 0 0 0 8 168 100 189 0 28 1 128 fe80 10 2001 240 587 64 +Postfix Postfix can use an LDAP directory as a source for any of its lookups aliases 5 virtual 5 canonical 5 etc This allows you to keep information for your mail service in a replicated network database with fine grained access controls By not + If you re using the libraries from the UM distribution http www umich edu dirsvcs ldap ldap html or OpenLDAP http www openldap org something like this in the top level of your Postfix source tree should work +query_filter mailacceptinggeneralid s maildrop maildrop maildrop +query_filter mailacceptinggeneralid s maildrop maildrop maildrop +query_filter mailacceptinggeneralid s maildrop maildrop maildrop owner cn root dc your dc com +query_filter mailacceptinggeneralid s maildrop maildrop maildrop owner cn root dc your dc com + As of Postfix version 2 0 the Postfix SMTP server rejects mail for unknown recipients in local domains domains that match mydestination or the IP addresses in inet_interfaces or proxy_interfaces with User unknown in local recipient table + Postfix emulates a limited number of Sendmail macros as shown in the table Some macro values depend on whether a recipient is rejected rejected recipients are available on request by the Milter application Different macros are available at + Postfix has TWO sets of mail filters filters that are used for SMTP mail only specified with the smtpd_milters parameter and filters for non SMTP mail specified with the non_smtpd_milters parameter The non SMTP filters are primarily for + etc usr usr bin var var spool and so on This is especially an issue if you executed postfix install see above as an unprivileged user + etc usr usr bin var var spool and so on This is especially an issue if you executed postfix install see above as an unprivileged user + parametername stress something stress something or parametername stress something something Other parameters always evaluate as if the stress value is the empty string + parametername stress something stress something or parametername stress something something Other parameters always evaluate as if the stress value is the empty string + more CPU faster disks and more network bandwidth can deal with larger deferred queues but as a rule of thumb the deferred queue scales to somewhere between 100 000 and 1 000 000 messages with good performance unlikely above that limit + 31 sasldb Accounts are stored stored in a Cyrus SASL Berkeley DB database + assigned to the delivery slots might look like this 12131415 Hmm fine for sneaking in the single recipient mail but how do we sneak in the mail with more than one recipient Say if we have one four recipient mail followed by two two recipient + we see the hundred recipient job can accumulate ten free delivery slots and then we could preempt it and sneak in the ten recipient mail Wait wait wait Could we Aren t we overinflating the original one thousand recipient mail + The truth is that it turns out that it is not really necessary to wait until the jobs counter accumulates all the delivery slots in advance Say we have ten recipient mail followed by two two recipient mails If the preemption happened when enough + Disallowing RFC 822 address syntax example MAIL FROM the dude dude example com + 3 Reject the mail by sending a suitable SMTP status code back to Postfix Postfix passes the status back to the remote SMTP client This way Postfix does not have to send a bounce message + Lines 14 18 Define the list of valid addresses in the the backed up domain tld domain This prevents your mail queue from filling up with undeliverable MAILER DAEMON messages If you can t maintain a list of valid recipients then you must + The syntax of name value value name value and name value is explained at the beginning of the postconf 5 manual page + Use 521 SMTP reply codes Postfix 2 6 and later or 421 Postfix 2 3 2 5 to hang up on clients that that match botnet related RBLs see next bullet or that match selected non RBL restrictions such as SMTP access maps The Postfix SMTP + the next hop destination can have the Postfix specific form name name port name or name port + dt b a name no_unknown_recipient_checks no_unknown_recipient_checks a b dt + dt b a name check_ccert_access check_ccert_access a i a href DATABASE_README html type table a i b dt + dt b a name check_client_access check_client_access a i a href DATABASE_README html type table a i b dt + dt b a name check_client_a_access check_client_a_access a i a href DATABASE_README html type table a i b dt + dt b a name check_client_mx_access check_client_mx_access a i a href DATABASE_README html type table a i b dt + dt b a name check_client_ns_access check_client_ns_access a i a href DATABASE_README html type table a i b dt + dt b a name check_reverse_client_hostname_access check_reverse_client_hostname_access a i a href DATABASE_README html type table a i b dt + dt b a name check_reverse_client_hostname_a_access check_reverse_client_hostname_a_access a i a href DATABASE_README html type table a i b dt + dt b a name check_reverse_client_hostname_mx_access check_reverse_client_hostname_mx_access a i a href DATABASE_README html type table a i b dt + dt b a name check_reverse_client_hostname_ns_access check_reverse_client_hostname_ns_access a i a href DATABASE_README html type table a i b dt + dt b a name check_sasl_access check_sasl_access a i a href DATABASE_README html type table a i b dt + dt b a name permit_sasl_authenticated permit_sasl_authenticated a b dt + dt b a name permit_tls_all_clientcerts permit_tls_all_clientcerts a b dt + dt b a name reject_rbl_client reject_rbl_client i rbl_domain d d d d i a b dt + dt b a name permit_dnswl_client permit_dnswl_client i dnswl_domain d d d d i a b dt + dt b a name reject_rhsbl_client reject_rhsbl_client i rbl_domain d d d d i a b dt + dt b a name permit_rhswl_client permit_rhswl_client i rhswl_domain d d d d i a b dt + dt b a name reject_rhsbl_reverse_client reject_rhsbl_reverse_client i rbl_domain d d d d i a b dt + dt b a name reject_unknown_client_hostname reject_unknown_client_hostname a b with Postfix lt 2 3 reject_unknown_client dt + dt b a name reject_unknown_reverse_client_hostname reject_unknown_reverse_client_hostname a b dt + dt b a name reject_unknown_forward_client_hostname reject_unknown_forward_client_hostname a b dt + dt b a name check_policy_service check_policy_service i servername i a b dt + dt b a name reject_multi_recipient_bounce reject_multi_recipient_bounce a b dt + dt b a name check_etrn_access check_etrn_access a i a href DATABASE_README html type table a i b dt + dt b a name check_helo_access check_helo_access a i a href DATABASE_README html type table a i b dt + dt b a name check_helo_a_access check_helo_a_access a i a href DATABASE_README html type table a i b dt + dt b a name check_helo_mx_access check_helo_mx_access a i a href DATABASE_README html type table a i b dt + dt b a name check_helo_ns_access check_helo_ns_access a i a href DATABASE_README html type table a i b dt + dt b a name reject_invalid_helo_hostname reject_invalid_helo_hostname a b with Postfix lt 2 3 reject_invalid_hostname dt + dt b a name reject_non_fqdn_helo_hostname reject_non_fqdn_helo_hostname a b with Postfix lt 2 3 reject_non_fqdn_hostname dt + dt b a name reject_rhsbl_helo reject_rhsbl_helo i rbl_domain d d d d i a b dt + dt b a name reject_unknown_helo_hostname reject_unknown_helo_hostname a b with Postfix lt 2 3 reject_unknown_hostname dt + dt b a name check_recipient_access check_recipient_access a i a href DATABASE_README html type table a i b dt + dt b a name check_recipient_a_access check_recipient_a_access a i a href DATABASE_README html type table a i b dt + dt b a name check_recipient_mx_access check_recipient_mx_access a i a href DATABASE_README html type table a i b dt + dt b a name check_recipient_ns_access check_recipient_ns_access a i a href DATABASE_README html type table a i b dt + dt b a name reject_non_fqdn_recipient reject_non_fqdn_recipient a b dt + dt b a name reject_rhsbl_recipient reject_rhsbl_recipient i rbl_domain d d d d i a b dt + dt b a name reject_unauth_destination reject_unauth_destination a b dt + dt b a name reject_unknown_recipient_domain reject_unknown_recipient_domain a b dt + dt b a name reject_unlisted_recipient reject_unlisted_recipient a b with Postfix version 2 0 check_recipient_maps dt + dt b a name reject_unverified_recipient reject_unverified_recipient a b dt + dt b a name check_sender_access check_sender_access a i a href DATABASE_README html type table a i b dt + dt b a name check_sender_a_access check_sender_a_access a i a href DATABASE_README html type table a i b dt + dt b a name check_sender_mx_access check_sender_mx_access a i a href DATABASE_README html type table a i b dt + dt b a name check_sender_ns_access check_sender_ns_access a i a href DATABASE_README html type table a i b dt + dt b a name reject_authenticated_sender_login_mismatch reject_authenticated_sender_login_mismatch a b dt + dt b a name reject_known_sender_login_mismatch reject_known_sender_login_mismatch a b dt + dt b a name reject_rhsbl_sender reject_rhsbl_sender i rbl_domain d d d d i a b dt + dt b a name reject_sender_login_mismatch reject_sender_login_mismatch a b dt + dt b a name reject_unauthenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch a b dt + dt b a name reject_unknown_sender_domain reject_unknown_sender_domain a b dt + dt b a name check_address_map check_address_map a i a href DATABASE_README html type table a i b dt + PARAM postscreen_dnsbl_max_ttl postscreen_dnsbl_ttl postscreen_dnsbl_ttl 1 h +standard lt CR gt lt LF gt br br This maintains compatibility + lt CR gt lt LF gt lt CR gt lt LF gt br br Such clients + smtpd_forbid_bare_newline_reject_code br br This will reject + br br This will also reject some email from Microsoft services +2045 Sections 2 7 and 2 8 br br Such clients can be excluded + br br This will also reject email from services that use BDAT +RFC 2045 Sections 2 7 and 2 8 br br Such clients can be +to become a list of comma separated names br br This feature +the form of a domain name hostname hostname service hostname service +expected to become a list of comma separated names br br This +Postfix Postfix can use MongoDB as a source for any of its lookups aliases 5 virtual 5 canonical 5 etc This allows you to keep information for your mail service in a replicated noSQL database with fine grained access controls By not storing it + CCARGS CCARGS DHAS_MONGODB I usr include libmongoc 1 0 + dt dt dd 2 Also enable verbose logging in the Postfix TLS diff --git a/proto/stop.spell-cc b/proto/stop.spell-cc index 3da6690..097c7ac 100644 --- a/proto/stop.spell-cc +++ b/proto/stop.spell-cc @@ -1386,7 +1386,6 @@ th tha thash THASH -theadsafe threadsafe thusly timecmp @@ -1443,7 +1442,7 @@ tv txn TXT Typechecking -TYPECONNSTRING +TYPECONNSTR typedef typedefs TYPEINET @@ -1801,3 +1800,42 @@ bitcount bytecount ipproto cw +uncreate +MFLAGS +CRED +RPK +RPKs +SPKI +peerpkey +rpk +ep +inlined +stringz +Sarvepalli +uXXXX +Aionda +Ferraro +GmbH +Hamid +LLC +Maadani +MongoDB +PRId +bson +dexo +hamid +itoa +libmongoc +mongdb +mongo +mongodb +mongodbconf +Dextrous +Mongo +SUD +qtype +depr +dfhHnopqvx +fhHoqvx +foqvx +ILP diff --git a/proto/stop.spell-history b/proto/stop.spell-history index 096da09..6b009ed 100644 --- a/proto/stop.spell-history +++ b/proto/stop.spell-history @@ -56,3 +56,23 @@ Valgrind Florian Piekert refactored +Fumiyasu +SATOH +INI +Serg +Kinzler +smtpstone +spammy +Birta +Levente +MariaDB +dehtml +NONPROD +LC +Philosof +MONGODB +Refactored +Vijay +Sakaguchi +Toshifumi +mxonly diff --git a/proto/stop.spell-proto-html b/proto/stop.spell-proto-html index 1912240..79c1ce5 100644 --- a/proto/stop.spell-proto-html +++ b/proto/stop.spell-proto-html @@ -357,3 +357,20 @@ kDHE srv wraptls api +MinProtocol +spammy +concat +hamid +ina +lbson +libbson +libmobgo +libmongoc +lmongoc +mongo +mongod +noSQL +srv +viktor +MONGODB +MongoDB |