1 /* $NetBSD: mail_params.c,v 1.4 2020/05/25 23:47:14 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* mail_params 3 6 /* SUMMARY 7 /* global mail configuration parameters 8 /* SYNOPSIS 9 /* #include <mail_params.h> 10 /* 11 /* char *var_myhostname; 12 /* char *var_mydomain; 13 /* char *var_myorigin; 14 /* char *var_mydest; 15 /* char *var_relayhost; 16 /* char *var_transit_origin; 17 /* char *var_transit_dest; 18 /* char *var_mail_name; 19 /* int var_helpful_warnings; 20 /* char *var_syslog_name; 21 /* char *var_mail_owner; 22 /* uid_t var_owner_uid; 23 /* gid_t var_owner_gid; 24 /* char *var_sgid_group; 25 /* gid_t var_sgid_gid; 26 /* char *var_default_privs; 27 /* uid_t var_default_uid; 28 /* gid_t var_default_gid; 29 /* char *var_config_dir; 30 /* char *var_daemon_dir; 31 /* char *var_data_dir; 32 /* char *var_command_dir; 33 /* char *var_meta_dir; 34 /* char *var_queue_dir; 35 /* char *var_shlib_dir; 36 /* int var_use_limit; 37 /* int var_idle_limit; 38 /* int var_event_drain; 39 /* int var_bundle_rcpt; 40 /* char *var_procname; 41 /* char *var_servname; 42 /* int var_pid; 43 /* int var_ipc_timeout; 44 /* char *var_pid_dir; 45 /* int var_dont_remove; 46 /* char *var_inet_interfaces; 47 /* char *var_proxy_interfaces; 48 /* char *var_inet_protocols; 49 /* char *var_mynetworks; 50 /* char *var_double_bounce_sender; 51 /* int var_line_limit; 52 /* char *var_alias_db_map; 53 /* long var_message_limit; 54 /* char *var_mail_release; 55 /* char *var_mail_version; 56 /* int var_ipc_idle_limit; 57 /* int var_ipc_ttl_limit; 58 /* char *var_db_type; 59 /* char *var_hash_queue_names; 60 /* int var_hash_queue_depth; 61 /* int var_trigger_timeout; 62 /* char *var_rcpt_delim; 63 /* int var_fork_tries; 64 /* int var_fork_delay; 65 /* int var_flock_tries; 66 /* int var_flock_delay; 67 /* int var_flock_stale; 68 /* int var_disable_dns; 69 /* int var_soft_bounce; 70 /* time_t var_starttime; 71 /* int var_ownreq_special; 72 /* int var_daemon_timeout; 73 /* char *var_syslog_facility; 74 /* char *var_relay_domains; 75 /* char *var_fflush_domains; 76 /* char *var_mynetworks_style; 77 /* char *var_verp_delims; 78 /* char *var_verp_filter; 79 /* char *var_par_dom_match; 80 /* char *var_config_dirs; 81 /* 82 /* int var_inet_windowsize; 83 /* char *var_import_environ; 84 /* char *var_export_environ; 85 /* char *var_debug_peer_list; 86 /* int var_debug_peer_level; 87 /* int var_in_flow_delay; 88 /* int var_fault_inj_code; 89 /* char *var_bounce_service; 90 /* char *var_cleanup_service; 91 /* char *var_defer_service; 92 /* char *var_pickup_service; 93 /* char *var_queue_service; 94 /* char *var_rewrite_service; 95 /* char *var_showq_service; 96 /* char *var_error_service; 97 /* char *var_flush_service; 98 /* char *var_verify_service; 99 /* char *var_trace_service; 100 /* char *var_proxymap_service; 101 /* char *var_proxywrite_service; 102 /* int var_db_create_buf; 103 /* int var_db_read_buf; 104 /* long var_lmdb_map_size; 105 /* int var_proc_limit; 106 /* int var_mime_maxdepth; 107 /* int var_mime_bound_len; 108 /* int var_header_limit; 109 /* int var_token_limit; 110 /* int var_disable_mime_input; 111 /* int var_disable_mime_oconv; 112 /* int var_strict_8bitmime; 113 /* int var_strict_7bit_hdrs; 114 /* int var_strict_8bit_body; 115 /* int var_strict_encoding; 116 /* int var_verify_neg_cache; 117 /* int var_oldlog_compat; 118 /* int var_delay_max_res; 119 /* char *var_int_filt_classes; 120 /* int var_cyrus_sasl_authzid; 121 /* 122 /* char *var_multi_conf_dirs; 123 /* char *var_multi_wrapper; 124 /* char *var_multi_group; 125 /* char *var_multi_name; 126 /* bool var_multi_enable; 127 /* bool var_long_queue_ids; 128 /* bool var_daemon_open_fatal; 129 /* char *var_dsn_filter; 130 /* int var_smtputf8_enable 131 /* int var_strict_smtputf8; 132 /* char *var_smtputf8_autoclass; 133 /* int var_idna2003_compat; 134 /* int var_compat_level; 135 /* char *var_drop_hdrs; 136 /* char *var_info_log_addr_form; 137 /* bool var_enable_orcpt; 138 /* 139 /* void mail_params_init() 140 /* 141 /* const char null_format_string[1]; 142 /* 143 /* int warn_compat_break_app_dot_mydomain; 144 /* int warn_compat_break_smtputf8_enable; 145 /* int warn_compat_break_chroot; 146 /* int warn_compat_break_relay_restrictions; 147 /* 148 /* int warn_compat_break_relay_domains; 149 /* int warn_compat_break_flush_domains; 150 /* int warn_compat_break_mynetworks_style; 151 /* 152 /* char *var_maillog_file; 153 /* char *var_maillog_file_pfxs; 154 /* char *var_maillog_file_comp; 155 /* char *var_maillog_file_stamp; 156 /* char *var_postlog_service; 157 /* DESCRIPTION 158 /* This module (actually the associated include file) defines 159 /* the names and defaults of all mail configuration parameters. 160 /* 161 /* mail_params_init() initializes the built-in parameters listed above. 162 /* These parameters are relied upon by library routines, so they are 163 /* initialized globally so as to avoid hard-to-find errors due to 164 /* missing initialization. This routine must be called early, at 165 /* least before entering a chroot jail. 166 /* 167 /* null_format_string is a workaround for gcc compilers that complain 168 /* about empty or null format strings. 169 /* 170 /* The warn_compat_XXX variables enable warnings for the use 171 /* of legacy default settings after an incompatible change. 172 /* DIAGNOSTICS 173 /* Fatal errors: out of memory; null system or domain name. 174 /* LICENSE 175 /* .ad 176 /* .fi 177 /* The Secure Mailer license must be distributed with this software. 178 /* AUTHOR(S) 179 /* Wietse Venema 180 /* IBM T.J. Watson Research 181 /* P.O. Box 704 182 /* Yorktown Heights, NY 10598, USA 183 /* 184 /* Wietse Venema 185 /* Google, Inc. 186 /* 111 8th Avenue 187 /* New York, NY 10011, USA 188 /*--*/ 189 190 /* System library. */ 191 192 #include <sys_defs.h> 193 #include <unistd.h> 194 #include <stdlib.h> 195 #include <string.h> 196 #include <pwd.h> 197 #include <grp.h> 198 #include <time.h> 199 #include <ctype.h> 200 201 /* Utility library. */ 202 203 #include <msg.h> 204 #include <msg_syslog.h> 205 #include <get_hostname.h> 206 #include <valid_hostname.h> 207 #include <stringops.h> 208 #include <safe.h> 209 #include <safe_open.h> 210 #include <mymalloc.h> 211 #include <dict.h> 212 #include <dict_db.h> 213 #include <dict_lmdb.h> 214 #include <inet_proto.h> 215 #include <vstring_vstream.h> 216 #include <iostuff.h> 217 #include <midna_domain.h> 218 219 /* Global library. */ 220 221 #include <mynetworks.h> 222 #include <mail_conf.h> 223 #include <mail_version.h> 224 #include <mail_proto.h> 225 #include <verp_sender.h> 226 #include <own_inet_addr.h> 227 #include <mail_params.h> 228 229 /* 230 * Special configuration variables. 231 */ 232 char *var_myhostname; 233 char *var_mydomain; 234 char *var_myorigin; 235 char *var_mydest; 236 char *var_relayhost; 237 char *var_transit_origin; 238 char *var_transit_dest; 239 char *var_mail_name; 240 int var_helpful_warnings; 241 char *var_syslog_name; 242 char *var_mail_owner; 243 uid_t var_owner_uid; 244 gid_t var_owner_gid; 245 char *var_sgid_group; 246 gid_t var_sgid_gid; 247 char *var_default_privs; 248 uid_t var_default_uid; 249 gid_t var_default_gid; 250 char *var_config_dir; 251 char *var_daemon_dir; 252 char *var_data_dir; 253 char *var_command_dir; 254 char *var_meta_dir; 255 char *var_queue_dir; 256 char *var_shlib_dir; 257 int var_use_limit; 258 int var_event_drain; 259 int var_idle_limit; 260 int var_bundle_rcpt; 261 char *var_procname; 262 char *var_servname; 263 int var_pid; 264 int var_ipc_timeout; 265 char *var_pid_dir; 266 int var_dont_remove; 267 char *var_inet_interfaces; 268 char *var_proxy_interfaces; 269 char *var_inet_protocols; 270 char *var_mynetworks; 271 char *var_double_bounce_sender; 272 int var_line_limit; 273 char *var_alias_db_map; 274 long var_message_limit; 275 char *var_mail_release; 276 char *var_mail_version; 277 int var_ipc_idle_limit; 278 int var_ipc_ttl_limit; 279 char *var_db_type; 280 char *var_hash_queue_names; 281 int var_hash_queue_depth; 282 int var_trigger_timeout; 283 char *var_rcpt_delim; 284 int var_fork_tries; 285 int var_fork_delay; 286 int var_flock_tries; 287 int var_flock_delay; 288 int var_flock_stale; 289 int var_disable_dns; 290 int var_soft_bounce; 291 time_t var_starttime; 292 int var_ownreq_special; 293 int var_daemon_timeout; 294 char *var_syslog_facility; 295 char *var_relay_domains; 296 char *var_fflush_domains; 297 char *var_mynetworks_style; 298 char *var_verp_delims; 299 char *var_verp_filter; 300 int var_in_flow_delay; 301 char *var_par_dom_match; 302 char *var_config_dirs; 303 304 int var_inet_windowsize; 305 char *var_import_environ; 306 char *var_export_environ; 307 char *var_debug_peer_list; 308 int var_debug_peer_level; 309 int var_fault_inj_code; 310 char *var_bounce_service; 311 char *var_cleanup_service; 312 char *var_defer_service; 313 char *var_pickup_service; 314 char *var_queue_service; 315 char *var_rewrite_service; 316 char *var_showq_service; 317 char *var_error_service; 318 char *var_flush_service; 319 char *var_verify_service; 320 char *var_trace_service; 321 char *var_proxymap_service; 322 char *var_proxywrite_service; 323 int var_db_create_buf; 324 int var_db_read_buf; 325 long var_lmdb_map_size; 326 int var_proc_limit; 327 int var_mime_maxdepth; 328 int var_mime_bound_len; 329 int var_header_limit; 330 int var_token_limit; 331 int var_disable_mime_input; 332 int var_disable_mime_oconv; 333 int var_strict_8bitmime; 334 int var_strict_7bit_hdrs; 335 int var_strict_8bit_body; 336 int var_strict_encoding; 337 int var_verify_neg_cache; 338 int var_oldlog_compat; 339 int var_delay_max_res; 340 char *var_int_filt_classes; 341 int var_cyrus_sasl_authzid; 342 343 char *var_multi_conf_dirs; 344 char *var_multi_wrapper; 345 char *var_multi_group; 346 char *var_multi_name; 347 bool var_multi_enable; 348 bool var_long_queue_ids; 349 bool var_daemon_open_fatal; 350 bool var_dns_ncache_ttl_fix; 351 char *var_dsn_filter; 352 int var_smtputf8_enable; 353 int var_strict_smtputf8; 354 char *var_smtputf8_autoclass; 355 int var_idna2003_compat; 356 int var_compat_level; 357 char *var_drop_hdrs; 358 char *var_info_log_addr_form; 359 bool var_enable_orcpt; 360 361 char *var_maillog_file; 362 char *var_maillog_file_pfxs; 363 char *var_maillog_file_comp; 364 char *var_maillog_file_stamp; 365 char *var_postlog_service; 366 367 const char null_format_string[1] = ""; 368 369 /* 370 * Compatibility level 2. 371 */ 372 int warn_compat_break_relay_domains; 373 int warn_compat_break_flush_domains; 374 int warn_compat_break_mynetworks_style; 375 376 /* 377 * Compatibility level 1. 378 */ 379 int warn_compat_break_app_dot_mydomain; 380 int warn_compat_break_smtputf8_enable; 381 int warn_compat_break_chroot; 382 int warn_compat_break_relay_restrictions; 383 384 /* check_myhostname - lookup hostname and validate */ 385 386 static const char *check_myhostname(void) 387 { 388 static const char *name; 389 const char *dot; 390 const char *domain; 391 392 /* 393 * Use cached result. 394 */ 395 if (name) 396 return (name); 397 398 /* 399 * If the local machine name is not in FQDN form, try to append the 400 * contents of $mydomain. Use a default domain as a final workaround. 401 * 402 * DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - IT MAKES EVERY POSTFIX 403 * PROGRAM HANG WHEN DNS SERVICE IS UNAVAILABLE. IF YOU DON'T LIKE THE 404 * DEFAULT, THEN EDIT MAIN.CF. 405 */ 406 name = get_hostname(); 407 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 408 if ((dot = strchr(name, '.')) == 0) { 409 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 410 if ((domain = mail_conf_lookup_eval(VAR_MYDOMAIN)) == 0) 411 domain = DEF_MYDOMAIN; 412 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 413 name = concatenate(name, ".", domain, (char *) 0); 414 } 415 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 416 return (name); 417 } 418 419 /* check_mydomainname - lookup domain name and validate */ 420 421 static const char *check_mydomainname(void) 422 { 423 char *dot; 424 425 /* 426 * Use a default domain when the hostname is not a FQDN ("foo"). 427 * 428 * DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - IT MAKES EVERY POSTFIX 429 * PROGRAM HANG WHEN DNS SERVICE IS UNAVAILABLE. IF YOU DON'T LIKE THE 430 * DEFAULT, THEN EDIT MAIN.CF. 431 */ 432 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 433 if ((dot = strchr(var_myhostname, '.')) == 0) 434 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 435 return (DEF_MYDOMAIN); 436 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */ 437 return (dot + 1); 438 } 439 440 /* check_default_privs - lookup default user attributes and validate */ 441 442 static void check_default_privs(void) 443 { 444 struct passwd *pwd; 445 446 if ((pwd = getpwnam(var_default_privs)) == 0) 447 msg_fatal("file %s/%s: parameter %s: unknown user name value: %s", 448 var_config_dir, MAIN_CONF_FILE, 449 VAR_DEFAULT_PRIVS, var_default_privs); 450 if ((var_default_uid = pwd->pw_uid) == 0) 451 msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID", 452 var_config_dir, MAIN_CONF_FILE, 453 VAR_DEFAULT_PRIVS, var_default_privs); 454 if ((var_default_gid = pwd->pw_gid) == 0) 455 msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID", 456 var_config_dir, MAIN_CONF_FILE, 457 VAR_DEFAULT_PRIVS, var_default_privs); 458 } 459 460 /* check_mail_owner - lookup owner user attributes and validate */ 461 462 static void check_mail_owner(void) 463 { 464 struct passwd *pwd; 465 466 if ((pwd = getpwnam(var_mail_owner)) == 0) 467 msg_fatal("file %s/%s: parameter %s: unknown user name value: %s", 468 var_config_dir, MAIN_CONF_FILE, 469 VAR_MAIL_OWNER, var_mail_owner); 470 if ((var_owner_uid = pwd->pw_uid) == 0) 471 msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID", 472 var_config_dir, MAIN_CONF_FILE, 473 VAR_MAIL_OWNER, var_mail_owner); 474 if ((var_owner_gid = pwd->pw_gid) == 0) 475 msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID", 476 var_config_dir, MAIN_CONF_FILE, 477 VAR_MAIL_OWNER, var_mail_owner); 478 479 /* 480 * This detects only some forms of sharing. Enumerating the entire 481 * password file name space could be expensive. The purpose of this code 482 * is to discourage user ID sharing by developers and package 483 * maintainers. 484 */ 485 if ((pwd = getpwuid(var_owner_uid)) != 0 486 && strcmp(pwd->pw_name, var_mail_owner) != 0) 487 msg_fatal("file %s/%s: parameter %s: user %s has same user ID as %s", 488 var_config_dir, MAIN_CONF_FILE, 489 VAR_MAIL_OWNER, var_mail_owner, pwd->pw_name); 490 } 491 492 /* check_sgid_group - lookup setgid group attributes and validate */ 493 494 static void check_sgid_group(void) 495 { 496 struct group *grp; 497 498 if ((grp = getgrnam(var_sgid_group)) == 0) 499 msg_fatal("file %s/%s: parameter %s: unknown group name: %s", 500 var_config_dir, MAIN_CONF_FILE, 501 VAR_SGID_GROUP, var_sgid_group); 502 if ((var_sgid_gid = grp->gr_gid) == 0) 503 msg_fatal("file %s/%s: parameter %s: group %s has privileged group ID", 504 var_config_dir, MAIN_CONF_FILE, 505 VAR_SGID_GROUP, var_sgid_group); 506 507 /* 508 * This detects only some forms of sharing. Enumerating the entire group 509 * file name space could be expensive. The purpose of this code is to 510 * discourage group ID sharing by developers and package maintainers. 511 */ 512 if ((grp = getgrgid(var_sgid_gid)) != 0 513 && strcmp(grp->gr_name, var_sgid_group) != 0) 514 msg_fatal("file %s/%s: parameter %s: group %s has same group ID as %s", 515 var_config_dir, MAIN_CONF_FILE, 516 VAR_SGID_GROUP, var_sgid_group, grp->gr_name); 517 } 518 519 /* check_overlap - disallow UID or GID sharing */ 520 521 static void check_overlap(void) 522 { 523 if (strcmp(var_default_privs, var_mail_owner) == 0) 524 msg_fatal("file %s/%s: parameters %s and %s specify the same user %s", 525 var_config_dir, MAIN_CONF_FILE, 526 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER, 527 var_default_privs); 528 if (var_default_uid == var_owner_uid) 529 msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same user ID: %ld", 530 var_config_dir, MAIN_CONF_FILE, 531 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER, 532 var_default_privs, var_mail_owner, 533 (long) var_owner_uid); 534 if (var_default_gid == var_owner_gid) 535 msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same group ID: %ld", 536 var_config_dir, MAIN_CONF_FILE, 537 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER, 538 var_default_privs, var_mail_owner, 539 (long) var_owner_gid); 540 if (var_default_gid == var_sgid_gid) 541 msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld", 542 var_config_dir, MAIN_CONF_FILE, 543 VAR_DEFAULT_PRIVS, VAR_SGID_GROUP, 544 var_default_privs, var_sgid_group, 545 (long) var_sgid_gid); 546 if (var_owner_gid == var_sgid_gid) 547 msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld", 548 var_config_dir, MAIN_CONF_FILE, 549 VAR_MAIL_OWNER, VAR_SGID_GROUP, 550 var_mail_owner, var_sgid_group, 551 (long) var_sgid_gid); 552 } 553 554 #ifdef MYORIGIN_FROM_FILE 555 556 /* read_param_from_file - read parameter value from file */ 557 558 static char *read_param_from_file(const char *path) 559 { 560 VSTRING *why = vstring_alloc(100); 561 VSTRING *buf = vstring_alloc(100); 562 VSTREAM *fp; 563 char *bp; 564 char *result; 565 566 /* 567 * Ugly macros to make complex expressions less unreadable. 568 */ 569 #define SKIP(start, var, cond) do { \ 570 for (var = start; *var && (cond); var++) \ 571 /* void */; \ 572 } while (0) 573 574 #define TRIM(s) do { \ 575 char *p; \ 576 for (p = (s) + strlen(s); p > (s) && ISSPACE(p[-1]); p--) \ 577 /* void */; \ 578 *p = 0; \ 579 } while (0) 580 581 fp = safe_open(path, O_RDONLY, 0, (struct stat *) 0, -1, -1, why); 582 if (fp == 0) 583 msg_fatal("%s: %s", path, vstring_str(why)); 584 vstring_get_nonl(buf, fp); 585 if (vstream_ferror(fp)) /* FIX 20070501 */ 586 msg_fatal("%s: read error: %m", path); 587 vstream_fclose(fp); 588 SKIP(vstring_str(buf), bp, ISSPACE(*bp)); 589 TRIM(bp); 590 result = mystrdup(bp); 591 592 vstring_free(why); 593 vstring_free(buf); 594 return (result); 595 } 596 597 #endif 598 599 /* check_legacy_defaults - flag parameters that require safety-net logging */ 600 601 static void check_legacy_defaults(void) 602 { 603 604 /* 605 * Basic idea: when an existing parameter default is changed, or a new 606 * parameter is introduced with incompatible default behavior, force 607 * Postfix to run with backwards-compatible default settings and log a 608 * warning when the backwards-compatible behavior is used. 609 * 610 * Based on a review of Postfix logging the system administrator can decide 611 * whether or not to make backwards-compatible default settings permanent 612 * in main.cf or master.cf. 613 * 614 * To turn off further warnings and deploy the new default settings, the 615 * system administrator should update the compatibility_level setting as 616 * recommended in the RELEASE_NOTES file. 617 * 618 * Each incompatible change has its own flag variable, instead of bit in a 619 * shared variable. We don't want to rip up code when we need more flag 620 * bits. 621 */ 622 623 /* 624 * Look for specific parameters whose default changed when the 625 * compatibility level changed to 2. 626 */ 627 if (var_compat_level < 2) { 628 if (mail_conf_lookup(VAR_RELAY_DOMAINS) == 0) { 629 warn_compat_break_relay_domains = 1; 630 if (mail_conf_lookup(VAR_FFLUSH_DOMAINS) == 0) 631 warn_compat_break_flush_domains = 1; 632 } 633 if (mail_conf_lookup(VAR_MYNETWORKS) == 0 634 && mail_conf_lookup(VAR_MYNETWORKS_STYLE) == 0) 635 warn_compat_break_mynetworks_style = 1; 636 } else { /* for 'postfix reload' */ 637 warn_compat_break_relay_domains = 0; 638 warn_compat_break_flush_domains = 0; 639 warn_compat_break_mynetworks_style = 0; 640 } 641 642 /* 643 * Look for specific parameters whose default changed when the 644 * compatibility level changed from 0 to 1. 645 */ 646 if (var_compat_level < 1) { 647 if (mail_conf_lookup(VAR_APP_DOT_MYDOMAIN) == 0) 648 warn_compat_break_app_dot_mydomain = 1; 649 650 /* 651 * Not: #ifndef NO_EAI. They must configure SMTPUTF8_ENABLE=no if a 652 * warning message is logged, so that they don't suddenly start to 653 * lose mail after Postfix is built with EAI support. 654 */ 655 if (mail_conf_lookup(VAR_SMTPUTF8_ENABLE) == 0) 656 warn_compat_break_smtputf8_enable = 1; 657 warn_compat_break_chroot = 1; 658 659 /* 660 * Grandfathered in to help sites migrating from Postfix <2.10. 661 */ 662 if (mail_conf_lookup(VAR_RELAY_CHECKS) == 0) 663 warn_compat_break_relay_restrictions = 1; 664 } else { /* for 'postfix reload' */ 665 warn_compat_break_app_dot_mydomain = 0; 666 warn_compat_break_smtputf8_enable = 0; 667 warn_compat_break_chroot = 0; 668 warn_compat_break_relay_restrictions = 0; 669 } 670 } 671 672 /* mail_params_init - configure built-in parameters */ 673 674 void mail_params_init() 675 { 676 static const CONFIG_INT_TABLE first_int_defaults[] = { 677 VAR_COMPAT_LEVEL, DEF_COMPAT_LEVEL, &var_compat_level, 0, 0, 678 0, 679 }; 680 static const CONFIG_STR_TABLE first_str_defaults[] = { 681 /* $mail_version may appear in other parameters. */ 682 VAR_MAIL_VERSION, DEF_MAIL_VERSION, &var_mail_version, 1, 0, 683 VAR_SYSLOG_FACILITY, DEF_SYSLOG_FACILITY, &var_syslog_facility, 1, 0, 684 VAR_INET_PROTOCOLS, DEF_INET_PROTOCOLS, &var_inet_protocols, 0, 0, 685 VAR_MULTI_CONF_DIRS, DEF_MULTI_CONF_DIRS, &var_multi_conf_dirs, 0, 0, 686 /* multi_instance_wrapper may have dependencies but not dependents. */ 687 VAR_MULTI_GROUP, DEF_MULTI_GROUP, &var_multi_group, 0, 0, 688 VAR_MULTI_NAME, DEF_MULTI_NAME, &var_multi_name, 0, 0, 689 VAR_MAILLOG_FILE, DEF_MAILLOG_FILE, &var_maillog_file, 0, 0, 690 VAR_MAILLOG_FILE_PFXS, DEF_MAILLOG_FILE_PFXS, &var_maillog_file_pfxs, 1, 0, 691 VAR_MAILLOG_FILE_COMP, DEF_MAILLOG_FILE_COMP, &var_maillog_file_comp, 1, 0, 692 VAR_MAILLOG_FILE_STAMP, DEF_MAILLOG_FILE_STAMP, &var_maillog_file_stamp, 1, 0, 693 VAR_POSTLOG_SERVICE, DEF_POSTLOG_SERVICE, &var_postlog_service, 1, 0, 694 0, 695 }; 696 static const CONFIG_BOOL_TABLE first_bool_defaults[] = { 697 /* read and process the following before opening tables. */ 698 VAR_DAEMON_OPEN_FATAL, DEF_DAEMON_OPEN_FATAL, &var_daemon_open_fatal, 699 VAR_DNS_NCACHE_TTL_FIX, DEF_DNS_NCACHE_TTL_FIX, &var_dns_ncache_ttl_fix, 700 0, 701 }; 702 static const CONFIG_NBOOL_TABLE first_nbool_defaults[] = { 703 /* read and process the following before opening tables. */ 704 VAR_SMTPUTF8_ENABLE, DEF_SMTPUTF8_ENABLE, &var_smtputf8_enable, 705 VAR_IDNA2003_COMPAT, DEF_IDNA2003_COMPAT, &var_idna2003_compat, 706 0, 707 }; 708 static const CONFIG_STR_FN_TABLE function_str_defaults[] = { 709 VAR_MYHOSTNAME, check_myhostname, &var_myhostname, 1, 0, 710 VAR_MYDOMAIN, check_mydomainname, &var_mydomain, 1, 0, 711 0, 712 }; 713 static const CONFIG_STR_TABLE other_str_defaults[] = { 714 VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, 1, 0, 715 VAR_SYSLOG_NAME, DEF_SYSLOG_NAME, &var_syslog_name, 1, 0, 716 VAR_MAIL_OWNER, DEF_MAIL_OWNER, &var_mail_owner, 1, 0, 717 VAR_SGID_GROUP, DEF_SGID_GROUP, &var_sgid_group, 1, 0, 718 VAR_MYDEST, DEF_MYDEST, &var_mydest, 0, 0, 719 VAR_MYORIGIN, DEF_MYORIGIN, &var_myorigin, 1, 0, 720 VAR_RELAYHOST, DEF_RELAYHOST, &var_relayhost, 0, 0, 721 VAR_DAEMON_DIR, DEF_DAEMON_DIR, &var_daemon_dir, 1, 0, 722 VAR_DATA_DIR, DEF_DATA_DIR, &var_data_dir, 1, 0, 723 VAR_COMMAND_DIR, DEF_COMMAND_DIR, &var_command_dir, 1, 0, 724 VAR_META_DIR, DEF_META_DIR, &var_meta_dir, 1, 0, 725 VAR_QUEUE_DIR, DEF_QUEUE_DIR, &var_queue_dir, 1, 0, 726 VAR_SHLIB_DIR, DEF_SHLIB_DIR, &var_shlib_dir, 1, 0, 727 VAR_PID_DIR, DEF_PID_DIR, &var_pid_dir, 1, 0, 728 VAR_INET_INTERFACES, DEF_INET_INTERFACES, &var_inet_interfaces, 0, 0, 729 VAR_PROXY_INTERFACES, DEF_PROXY_INTERFACES, &var_proxy_interfaces, 0, 0, 730 VAR_DOUBLE_BOUNCE, DEF_DOUBLE_BOUNCE, &var_double_bounce_sender, 1, 0, 731 VAR_DEFAULT_PRIVS, DEF_DEFAULT_PRIVS, &var_default_privs, 1, 0, 732 VAR_ALIAS_DB_MAP, DEF_ALIAS_DB_MAP, &var_alias_db_map, 0, 0, 733 VAR_MAIL_RELEASE, DEF_MAIL_RELEASE, &var_mail_release, 1, 0, 734 VAR_DB_TYPE, DEF_DB_TYPE, &var_db_type, 1, 0, 735 VAR_HASH_QUEUE_NAMES, DEF_HASH_QUEUE_NAMES, &var_hash_queue_names, 1, 0, 736 VAR_RCPT_DELIM, DEF_RCPT_DELIM, &var_rcpt_delim, 0, 0, 737 VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0, 738 VAR_FFLUSH_DOMAINS, DEF_FFLUSH_DOMAINS, &var_fflush_domains, 0, 0, 739 VAR_EXPORT_ENVIRON, DEF_EXPORT_ENVIRON, &var_export_environ, 0, 0, 740 VAR_IMPORT_ENVIRON, DEF_IMPORT_ENVIRON, &var_import_environ, 0, 0, 741 VAR_MYNETWORKS_STYLE, DEF_MYNETWORKS_STYLE, &var_mynetworks_style, 1, 0, 742 VAR_DEBUG_PEER_LIST, DEF_DEBUG_PEER_LIST, &var_debug_peer_list, 0, 0, 743 VAR_VERP_DELIMS, DEF_VERP_DELIMS, &var_verp_delims, 2, 2, 744 VAR_VERP_FILTER, DEF_VERP_FILTER, &var_verp_filter, 1, 0, 745 VAR_PAR_DOM_MATCH, DEF_PAR_DOM_MATCH, &var_par_dom_match, 0, 0, 746 VAR_CONFIG_DIRS, DEF_CONFIG_DIRS, &var_config_dirs, 0, 0, 747 VAR_BOUNCE_SERVICE, DEF_BOUNCE_SERVICE, &var_bounce_service, 1, 0, 748 VAR_CLEANUP_SERVICE, DEF_CLEANUP_SERVICE, &var_cleanup_service, 1, 0, 749 VAR_DEFER_SERVICE, DEF_DEFER_SERVICE, &var_defer_service, 1, 0, 750 VAR_PICKUP_SERVICE, DEF_PICKUP_SERVICE, &var_pickup_service, 1, 0, 751 VAR_QUEUE_SERVICE, DEF_QUEUE_SERVICE, &var_queue_service, 1, 0, 752 VAR_REWRITE_SERVICE, DEF_REWRITE_SERVICE, &var_rewrite_service, 1, 0, 753 VAR_SHOWQ_SERVICE, DEF_SHOWQ_SERVICE, &var_showq_service, 1, 0, 754 VAR_ERROR_SERVICE, DEF_ERROR_SERVICE, &var_error_service, 1, 0, 755 VAR_FLUSH_SERVICE, DEF_FLUSH_SERVICE, &var_flush_service, 1, 0, 756 VAR_VERIFY_SERVICE, DEF_VERIFY_SERVICE, &var_verify_service, 1, 0, 757 VAR_TRACE_SERVICE, DEF_TRACE_SERVICE, &var_trace_service, 1, 0, 758 VAR_PROXYMAP_SERVICE, DEF_PROXYMAP_SERVICE, &var_proxymap_service, 1, 0, 759 VAR_PROXYWRITE_SERVICE, DEF_PROXYWRITE_SERVICE, &var_proxywrite_service, 1, 0, 760 VAR_INT_FILT_CLASSES, DEF_INT_FILT_CLASSES, &var_int_filt_classes, 0, 0, 761 /* multi_instance_wrapper may have dependencies but not dependents. */ 762 VAR_MULTI_WRAPPER, DEF_MULTI_WRAPPER, &var_multi_wrapper, 0, 0, 763 VAR_DSN_FILTER, DEF_DSN_FILTER, &var_dsn_filter, 0, 0, 764 VAR_SMTPUTF8_AUTOCLASS, DEF_SMTPUTF8_AUTOCLASS, &var_smtputf8_autoclass, 1, 0, 765 VAR_DROP_HDRS, DEF_DROP_HDRS, &var_drop_hdrs, 0, 0, 766 VAR_INFO_LOG_ADDR_FORM, DEF_INFO_LOG_ADDR_FORM, &var_info_log_addr_form, 1, 0, 767 0, 768 }; 769 static const CONFIG_STR_FN_TABLE function_str_defaults_2[] = { 770 VAR_MYNETWORKS, mynetworks, &var_mynetworks, 0, 0, 771 0, 772 }; 773 static const CONFIG_INT_TABLE other_int_defaults[] = { 774 VAR_PROC_LIMIT, DEF_PROC_LIMIT, &var_proc_limit, 1, 0, 775 VAR_MAX_USE, DEF_MAX_USE, &var_use_limit, 1, 0, 776 VAR_DONT_REMOVE, DEF_DONT_REMOVE, &var_dont_remove, 0, 0, 777 VAR_LINE_LIMIT, DEF_LINE_LIMIT, &var_line_limit, 512, 0, 778 VAR_HASH_QUEUE_DEPTH, DEF_HASH_QUEUE_DEPTH, &var_hash_queue_depth, 1, 0, 779 VAR_FORK_TRIES, DEF_FORK_TRIES, &var_fork_tries, 1, 0, 780 VAR_FLOCK_TRIES, DEF_FLOCK_TRIES, &var_flock_tries, 1, 0, 781 VAR_DEBUG_PEER_LEVEL, DEF_DEBUG_PEER_LEVEL, &var_debug_peer_level, 1, 0, 782 VAR_FAULT_INJ_CODE, DEF_FAULT_INJ_CODE, &var_fault_inj_code, 0, 0, 783 VAR_DB_CREATE_BUF, DEF_DB_CREATE_BUF, &var_db_create_buf, 1, 0, 784 VAR_DB_READ_BUF, DEF_DB_READ_BUF, &var_db_read_buf, 1, 0, 785 VAR_HEADER_LIMIT, DEF_HEADER_LIMIT, &var_header_limit, 1, 0, 786 VAR_TOKEN_LIMIT, DEF_TOKEN_LIMIT, &var_token_limit, 1, 0, 787 VAR_MIME_MAXDEPTH, DEF_MIME_MAXDEPTH, &var_mime_maxdepth, 1, 0, 788 VAR_MIME_BOUND_LEN, DEF_MIME_BOUND_LEN, &var_mime_bound_len, 1, 0, 789 VAR_DELAY_MAX_RES, DEF_DELAY_MAX_RES, &var_delay_max_res, MIN_DELAY_MAX_RES, MAX_DELAY_MAX_RES, 790 VAR_INET_WINDOW, DEF_INET_WINDOW, &var_inet_windowsize, 0, 0, 791 0, 792 }; 793 static const CONFIG_LONG_TABLE long_defaults[] = { 794 VAR_MESSAGE_LIMIT, DEF_MESSAGE_LIMIT, &var_message_limit, 0, 0, 795 VAR_LMDB_MAP_SIZE, DEF_LMDB_MAP_SIZE, &var_lmdb_map_size, 1, 0, 796 0, 797 }; 798 static const CONFIG_TIME_TABLE time_defaults[] = { 799 VAR_EVENT_DRAIN, DEF_EVENT_DRAIN, &var_event_drain, 1, 0, 800 VAR_MAX_IDLE, DEF_MAX_IDLE, &var_idle_limit, 1, 0, 801 VAR_IPC_TIMEOUT, DEF_IPC_TIMEOUT, &var_ipc_timeout, 1, 0, 802 VAR_IPC_IDLE, DEF_IPC_IDLE, &var_ipc_idle_limit, 1, 0, 803 VAR_IPC_TTL, DEF_IPC_TTL, &var_ipc_ttl_limit, 1, 0, 804 VAR_TRIGGER_TIMEOUT, DEF_TRIGGER_TIMEOUT, &var_trigger_timeout, 1, 0, 805 VAR_FORK_DELAY, DEF_FORK_DELAY, &var_fork_delay, 1, 0, 806 VAR_FLOCK_DELAY, DEF_FLOCK_DELAY, &var_flock_delay, 1, 0, 807 VAR_FLOCK_STALE, DEF_FLOCK_STALE, &var_flock_stale, 1, 0, 808 VAR_DAEMON_TIMEOUT, DEF_DAEMON_TIMEOUT, &var_daemon_timeout, 1, 0, 809 VAR_IN_FLOW_DELAY, DEF_IN_FLOW_DELAY, &var_in_flow_delay, 0, 10, 810 0, 811 }; 812 static const CONFIG_BOOL_TABLE bool_defaults[] = { 813 VAR_DISABLE_DNS, DEF_DISABLE_DNS, &var_disable_dns, 814 VAR_SOFT_BOUNCE, DEF_SOFT_BOUNCE, &var_soft_bounce, 815 VAR_OWNREQ_SPECIAL, DEF_OWNREQ_SPECIAL, &var_ownreq_special, 816 VAR_STRICT_8BITMIME, DEF_STRICT_8BITMIME, &var_strict_8bitmime, 817 VAR_STRICT_7BIT_HDRS, DEF_STRICT_7BIT_HDRS, &var_strict_7bit_hdrs, 818 VAR_STRICT_8BIT_BODY, DEF_STRICT_8BIT_BODY, &var_strict_8bit_body, 819 VAR_STRICT_ENCODING, DEF_STRICT_ENCODING, &var_strict_encoding, 820 VAR_DISABLE_MIME_INPUT, DEF_DISABLE_MIME_INPUT, &var_disable_mime_input, 821 VAR_DISABLE_MIME_OCONV, DEF_DISABLE_MIME_OCONV, &var_disable_mime_oconv, 822 VAR_VERIFY_NEG_CACHE, DEF_VERIFY_NEG_CACHE, &var_verify_neg_cache, 823 VAR_OLDLOG_COMPAT, DEF_OLDLOG_COMPAT, &var_oldlog_compat, 824 VAR_HELPFUL_WARNINGS, DEF_HELPFUL_WARNINGS, &var_helpful_warnings, 825 VAR_CYRUS_SASL_AUTHZID, DEF_CYRUS_SASL_AUTHZID, &var_cyrus_sasl_authzid, 826 VAR_MULTI_ENABLE, DEF_MULTI_ENABLE, &var_multi_enable, 827 VAR_LONG_QUEUE_IDS, DEF_LONG_QUEUE_IDS, &var_long_queue_ids, 828 VAR_STRICT_SMTPUTF8, DEF_STRICT_SMTPUTF8, &var_strict_smtputf8, 829 VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt, 830 0, 831 }; 832 const char *cp; 833 834 /* 835 * Extract compatibility level first, so that we can determine what 836 * parameters of interest are left at their legacy defaults. 837 */ 838 get_mail_conf_int_table(first_int_defaults); 839 check_legacy_defaults(); 840 841 /* 842 * Extract syslog_facility early, so that from here on all errors are 843 * logged with the proper facility. 844 */ 845 get_mail_conf_str_table(first_str_defaults); 846 847 if (!msg_syslog_set_facility(var_syslog_facility)) 848 msg_fatal("file %s/%s: parameter %s: unrecognized value: %s", 849 var_config_dir, MAIN_CONF_FILE, 850 VAR_SYSLOG_FACILITY, var_syslog_facility); 851 852 /* 853 * Should daemons terminate after table open error, or should they 854 * continue execution with reduced functionality? 855 */ 856 get_mail_conf_bool_table(first_bool_defaults); 857 if (var_daemon_open_fatal) 858 dict_allow_surrogate = 0; 859 860 /* 861 * Should we open tables with UTF8 support, or in the legacy 8-bit clean 862 * mode with ASCII-only casefolding? 863 */ 864 get_mail_conf_nbool_table(first_nbool_defaults); 865 866 /* 867 * Report run-time versus compile-time discrepancies. 868 */ 869 #ifdef NO_EAI 870 if (var_smtputf8_enable) 871 msg_warn("%s is true, but EAI support is not compiled in", 872 VAR_SMTPUTF8_ENABLE); 873 var_smtputf8_enable = 0; 874 #else 875 midna_domain_transitional = var_idna2003_compat; 876 if (var_smtputf8_enable) 877 midna_domain_pre_chroot(); 878 #endif 879 util_utf8_enable = var_smtputf8_enable; 880 881 /* 882 * What protocols should we attempt to support? The result is stored in 883 * the global inet_proto_table variable. 884 */ 885 (void) inet_proto_init(VAR_INET_PROTOCOLS, var_inet_protocols); 886 887 /* 888 * Variables whose defaults are determined at runtime. Some sites use 889 * short hostnames in the host table; some sites name their system after 890 * the domain. 891 */ 892 get_mail_conf_str_fn_table(function_str_defaults); 893 if (!valid_hostname(var_myhostname, DO_GRIPE)) 894 msg_fatal("file %s/%s: parameter %s: bad parameter value: %s", 895 var_config_dir, MAIN_CONF_FILE, 896 VAR_MYHOSTNAME, var_myhostname); 897 if (!valid_hostname(var_mydomain, DO_GRIPE)) 898 msg_fatal("file %s/%s: parameter %s: bad parameter value: %s", 899 var_config_dir, MAIN_CONF_FILE, 900 VAR_MYDOMAIN, var_mydomain); 901 902 /* 903 * Variables that are needed by almost every program. 904 * 905 * XXX Reading the myorigin value from file is originally a Debian Linux 906 * feature. This code is not enabled by default because of problems: 1) 907 * it re-implements its own parameter syntax checks, and 2) it does not 908 * implement $name expansions. 909 */ 910 get_mail_conf_str_table(other_str_defaults); 911 #ifdef MYORIGIN_FROM_FILE 912 if (*var_myorigin == '/') { 913 char *origin = read_param_from_file(var_myorigin); 914 915 if (*origin == 0) 916 msg_fatal("%s file %s is empty", VAR_MYORIGIN, var_myorigin); 917 myfree(var_myorigin); /* FIX 20070501 */ 918 var_myorigin = origin; 919 } 920 #endif 921 get_mail_conf_int_table(other_int_defaults); 922 get_mail_conf_long_table(long_defaults); 923 get_mail_conf_bool_table(bool_defaults); 924 get_mail_conf_time_table(time_defaults); 925 check_default_privs(); 926 check_mail_owner(); 927 check_sgid_group(); 928 check_overlap(); 929 dict_db_cache_size = var_db_read_buf; 930 dict_lmdb_map_size = var_lmdb_map_size; 931 inet_windowsize = var_inet_windowsize; 932 933 /* 934 * Variables whose defaults are determined at runtime, after other 935 * variables have been set. This dependency is admittedly a bit tricky. 936 * XXX Perhaps we should just register variables, and let the evaluator 937 * figure out in what order to evaluate things. 938 */ 939 get_mail_conf_str_fn_table(function_str_defaults_2); 940 941 /* 942 * FIX 200412 The IPv6 patch did not call own_inet_addr_list() before 943 * entering the chroot jail on Linux IPv6 systems. Linux has the IPv6 944 * interface list in /proc, which is not available after chrooting. 945 */ 946 (void) own_inet_addr_list(); 947 948 /* 949 * The PID variable cannot be set from the configuration file!! 950 */ 951 set_mail_conf_int(VAR_PID, var_pid = getpid()); 952 953 /* 954 * Neither can the start time variable. It isn't even visible. 955 */ 956 time(&var_starttime); 957 958 /* 959 * Export the syslog name so children can inherit and use it before they 960 * have initialized. 961 */ 962 if ((cp = safe_getenv(CONF_ENV_LOGTAG)) == 0 963 || strcmp(cp, var_syslog_name) != 0) 964 if (setenv(CONF_ENV_LOGTAG, var_syslog_name, 1) < 0) 965 msg_fatal("setenv %s %s: %m", CONF_ENV_LOGTAG, var_syslog_name); 966 967 /* 968 * I have seen this happen just too often. 969 */ 970 if (strcasecmp_utf8(var_myhostname, var_relayhost) == 0) 971 msg_fatal("%s and %s parameter settings must not be identical: %s", 972 VAR_MYHOSTNAME, VAR_RELAYHOST, var_myhostname); 973 974 /* 975 * XXX These should be caught by a proper parameter parsing algorithm. 976 */ 977 if (var_myorigin[strcspn(var_myorigin, CHARS_COMMA_SP)]) 978 msg_fatal("%s parameter setting must not contain multiple values: %s", 979 VAR_MYORIGIN, var_myorigin); 980 981 /* 982 * One more sanity check. 983 */ 984 if ((cp = verp_delims_verify(var_verp_delims)) != 0) 985 msg_fatal("file %s/%s: parameters %s and %s: %s", 986 var_config_dir, MAIN_CONF_FILE, 987 VAR_VERP_DELIMS, VAR_VERP_FILTER, cp); 988 } 989