summaryrefslogtreecommitdiffstats
path: root/debian/patches/40_chroot_by_default.diff
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:57 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:57 +0000
commita9cdccbffffdd2e58b5cc69683682517e892ea40 (patch)
tree5890cdcebde1069c9b7419d92476e52cc5525d6f /debian/patches/40_chroot_by_default.diff
parentAdding upstream version 3.7.10. (diff)
downloadpostfix-a9cdccbffffdd2e58b5cc69683682517e892ea40.tar.xz
postfix-a9cdccbffffdd2e58b5cc69683682517e892ea40.zip
Adding debian version 3.7.10-0+deb12u1.debian/3.7.10-0+deb12u1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/40_chroot_by_default.diff')
-rw-r--r--debian/patches/40_chroot_by_default.diff134
1 files changed, 134 insertions, 0 deletions
diff --git a/debian/patches/40_chroot_by_default.diff b/debian/patches/40_chroot_by_default.diff
new file mode 100644
index 0000000..eef9fec
--- /dev/null
+++ b/debian/patches/40_chroot_by_default.diff
@@ -0,0 +1,134 @@
+Index: postfix/conf/master.cf
+===================================================================
+--- postfix.orig/conf/master.cf
++++ postfix/conf/master.cf
+@@ -9,14 +9,14 @@
+ # service type private unpriv chroot wakeup maxproc command + args
+ # (yes) (yes) (no) (never) (100)
+ # ==========================================================================
+-smtp inet n - n - - smtpd
+-#smtp inet n - n - 1 postscreen
+-#smtpd pass - - n - - smtpd
+-#dnsblog unix - - n - 0 dnsblog
+-#tlsproxy unix - - n - 0 tlsproxy
++smtp inet n - y - - smtpd
++#smtp inet n - y - 1 postscreen
++#smtpd pass - - y - - smtpd
++#dnsblog unix - - y - 0 dnsblog
++#tlsproxy unix - - y - 0 tlsproxy
+ # Choose one: enable submission for loopback clients only, or for any client.
+-#127.0.0.1:submission inet n - n - - smtpd
+-#submission inet n - n - - smtpd
++#127.0.0.1:submission inet n - y - - smtpd
++#submission inet n - y - - smtpd
+ # -o syslog_name=postfix/submission
+ # -o smtpd_tls_security_level=encrypt
+ # -o smtpd_sasl_auth_enable=yes
+@@ -33,8 +33,8 @@ smtp inet n - n
+ # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
+ # -o milter_macro_daemon_name=ORIGINATING
+ # Choose one: enable submissions for loopback clients only, or for any client.
+-#127.0.0.1:submissions inet n - n - - smtpd
+-#submissions inet n - n - - smtpd
++#127.0.0.1:submissions inet n - y - - smtpd
++#submissions inet n - y - - smtpd
+ # -o syslog_name=postfix/submissions
+ # -o smtpd_tls_wrappermode=yes
+ # -o smtpd_sasl_auth_enable=yes
+@@ -49,33 +49,33 @@ smtp inet n - n
+ # -o smtpd_relay_restrictions=
+ # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
+ # -o milter_macro_daemon_name=ORIGINATING
+-#628 inet n - n - - qmqpd
+-pickup unix n - n 60 1 pickup
+-cleanup unix n - n - 0 cleanup
++#628 inet n - y - - qmqpd
++pickup unix n - y 60 1 pickup
++cleanup unix n - y - 0 cleanup
+ qmgr unix n - n 300 1 qmgr
+ #qmgr unix n - n 300 1 oqmgr
+-tlsmgr unix - - n 1000? 1 tlsmgr
+-rewrite unix - - n - - trivial-rewrite
+-bounce unix - - n - 0 bounce
+-defer unix - - n - 0 bounce
+-trace unix - - n - 0 bounce
+-verify unix - - n - 1 verify
+-flush unix n - n 1000? 0 flush
++tlsmgr unix - - y 1000? 1 tlsmgr
++rewrite unix - - y - - trivial-rewrite
++bounce unix - - y - 0 bounce
++defer unix - - y - 0 bounce
++trace unix - - y - 0 bounce
++verify unix - - y - 1 verify
++flush unix n - y 1000? 0 flush
+ proxymap unix - - n - - proxymap
+ proxywrite unix - - n - 1 proxymap
+-smtp unix - - n - - smtp
+-relay unix - - n - - smtp
++smtp unix - - y - - smtp
++relay unix - - y - - smtp
+ -o syslog_name=postfix/$service_name
+ # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+-showq unix n - n - - showq
+-error unix - - n - - error
+-retry unix - - n - - error
+-discard unix - - n - - discard
++showq unix n - y - - showq
++error unix - - y - - error
++retry unix - - y - - error
++discard unix - - y - - discard
+ local unix - n n - - local
+ virtual unix - n n - - virtual
+-lmtp unix - - n - - lmtp
+-anvil unix - - n - 1 anvil
+-scache unix - - n - 1 scache
++lmtp unix - - y - - lmtp
++anvil unix - - y - 1 anvil
++scache unix - - y - 1 scache
+ postlog unix-dgram n - n - 1 postlogd
+ #
+ # ====================================================================
+@@ -90,8 +90,8 @@ postlog unix-dgram n - n
+ # maildrop. See the Postfix MAILDROP_README file for details.
+ # Also specify in main.cf: maildrop_destination_recipient_limit=1
+ #
+-#maildrop unix - n n - - pipe
+-# flags=DRXhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
++maildrop unix - n n - - pipe
++ flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+ #
+ # ====================================================================
+ #
+@@ -113,7 +113,6 @@ postlog unix-dgram n - n
+ # flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+ #
+ # ====================================================================
+-#
+ # Old example of delivery via Cyrus.
+ #
+ #old-cyrus unix - n n - - pipe
+@@ -130,16 +129,11 @@ postlog unix-dgram n - n
+ #
+ # Other external delivery methods.
+ #
+-#ifmail unix - n n - - pipe
+-# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+-#
+-#bsmtp unix - n n - - pipe
+-# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
+-#
+-#scalemail-backend unix - n n - 2 pipe
+-# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
+-# ${nexthop} ${user} ${extension}
+-#
+-#mailman unix - n n - - pipe
+-# flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+-# ${nexthop} ${user}
++ifmail unix - n n - - pipe
++ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
++bsmtp unix - n n - - pipe
++ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
++scalemail-backend unix - n n - 2 pipe
++ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
++mailman unix - n n - - pipe
++ flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}