head 1.3; access; symbols pkgsrc-2026Q1:1.3.0.118 pkgsrc-2026Q1-base:1.3 pkgsrc-2025Q4:1.3.0.116 pkgsrc-2025Q4-base:1.3 pkgsrc-2025Q3:1.3.0.114 pkgsrc-2025Q3-base:1.3 pkgsrc-2025Q2:1.3.0.112 pkgsrc-2025Q2-base:1.3 pkgsrc-2025Q1:1.3.0.110 pkgsrc-2025Q1-base:1.3 pkgsrc-2024Q4:1.3.0.108 pkgsrc-2024Q4-base:1.3 pkgsrc-2024Q3:1.3.0.106 pkgsrc-2024Q3-base:1.3 pkgsrc-2024Q2:1.3.0.104 pkgsrc-2024Q2-base:1.3 pkgsrc-2024Q1:1.3.0.102 pkgsrc-2024Q1-base:1.3 pkgsrc-2023Q4:1.3.0.100 pkgsrc-2023Q4-base:1.3 pkgsrc-2023Q3:1.3.0.98 pkgsrc-2023Q3-base:1.3 pkgsrc-2023Q2:1.3.0.96 pkgsrc-2023Q2-base:1.3 pkgsrc-2023Q1:1.3.0.94 pkgsrc-2023Q1-base:1.3 pkgsrc-2022Q4:1.3.0.92 pkgsrc-2022Q4-base:1.3 pkgsrc-2022Q3:1.3.0.90 pkgsrc-2022Q3-base:1.3 pkgsrc-2022Q2:1.3.0.88 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.3.0.86 pkgsrc-2022Q1-base:1.3 pkgsrc-2021Q4:1.3.0.84 pkgsrc-2021Q4-base:1.3 pkgsrc-2021Q3:1.3.0.82 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.80 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.78 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.76 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.74 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.3.0.70 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.3.0.50 pkgsrc-2020Q1-base:1.3 pkgsrc-2019Q4:1.3.0.72 pkgsrc-2019Q4-base:1.3 pkgsrc-2019Q3:1.3.0.68 pkgsrc-2019Q3-base:1.3 pkgsrc-2019Q2:1.3.0.66 pkgsrc-2019Q2-base:1.3 pkgsrc-2019Q1:1.3.0.64 pkgsrc-2019Q1-base:1.3 pkgsrc-2018Q4:1.3.0.62 pkgsrc-2018Q4-base:1.3 pkgsrc-2018Q3:1.3.0.60 pkgsrc-2018Q3-base:1.3 pkgsrc-2018Q2:1.3.0.58 pkgsrc-2018Q2-base:1.3 pkgsrc-2018Q1:1.3.0.56 pkgsrc-2018Q1-base:1.3 pkgsrc-2017Q4:1.3.0.54 pkgsrc-2017Q4-base:1.3 pkgsrc-2017Q3:1.3.0.52 pkgsrc-2017Q3-base:1.3 pkgsrc-2017Q2:1.3.0.48 pkgsrc-2017Q2-base:1.3 pkgsrc-2017Q1:1.3.0.46 pkgsrc-2017Q1-base:1.3 pkgsrc-2016Q4:1.3.0.44 pkgsrc-2016Q4-base:1.3 pkgsrc-2016Q3:1.3.0.42 pkgsrc-2016Q3-base:1.3 pkgsrc-2016Q2:1.3.0.40 pkgsrc-2016Q2-base:1.3 pkgsrc-2016Q1:1.3.0.38 pkgsrc-2016Q1-base:1.3 pkgsrc-2015Q4:1.3.0.36 pkgsrc-2015Q4-base:1.3 pkgsrc-2015Q3:1.3.0.34 pkgsrc-2015Q3-base:1.3 pkgsrc-2015Q2:1.3.0.32 pkgsrc-2015Q2-base:1.3 pkgsrc-2015Q1:1.3.0.30 pkgsrc-2015Q1-base:1.3 pkgsrc-2014Q4:1.3.0.28 pkgsrc-2014Q4-base:1.3 pkgsrc-2014Q3:1.3.0.26 pkgsrc-2014Q3-base:1.3 pkgsrc-2014Q2:1.3.0.24 pkgsrc-2014Q2-base:1.3 pkgsrc-2014Q1:1.3.0.22 pkgsrc-2014Q1-base:1.3 pkgsrc-2013Q4:1.3.0.20 pkgsrc-2013Q4-base:1.3 pkgsrc-2013Q3:1.3.0.18 pkgsrc-2013Q3-base:1.3 pkgsrc-2013Q2:1.3.0.16 pkgsrc-2013Q2-base:1.3 pkgsrc-2013Q1:1.3.0.14 pkgsrc-2013Q1-base:1.3 pkgsrc-2012Q4:1.3.0.12 pkgsrc-2012Q4-base:1.3 pkgsrc-2012Q3:1.3.0.10 pkgsrc-2012Q3-base:1.3 pkgsrc-2012Q2:1.3.0.8 pkgsrc-2012Q2-base:1.3 pkgsrc-2012Q1:1.3.0.6 pkgsrc-2012Q1-base:1.3 pkgsrc-2011Q4:1.3.0.4 pkgsrc-2011Q4-base:1.3 pkgsrc-2011Q3:1.3.0.2 pkgsrc-2011Q3-base:1.3 pkgsrc-2011Q2:1.2.0.58 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.56 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.2.0.54 pkgsrc-2010Q4-base:1.2 pkgsrc-2010Q3:1.2.0.52 pkgsrc-2010Q3-base:1.2 pkgsrc-2010Q2:1.2.0.50 pkgsrc-2010Q2-base:1.2 pkgsrc-2010Q1:1.2.0.48 pkgsrc-2010Q1-base:1.2 pkgsrc-2009Q4:1.2.0.46 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q3:1.2.0.44 pkgsrc-2009Q3-base:1.2 pkgsrc-2009Q2:1.2.0.42 pkgsrc-2009Q2-base:1.2 pkgsrc-2009Q1:1.2.0.40 pkgsrc-2009Q1-base:1.2 pkgsrc-2008Q4:1.2.0.38 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.36 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.34 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.32 pkgsrc-2008Q2-base:1.2 cwrapper:1.2.0.30 pkgsrc-2008Q1:1.2.0.28 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.26 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.24 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.22 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.20 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.18 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.16 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.14 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.12 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.10 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.8 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.6 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.4 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.2 pkgsrc-2004Q4-base:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.3 date 2011.09.12.16.30.30; author taca; state Exp; branches; next 1.2; 1.2 date 2004.12.04.20.37.47; author jlam; state Exp; branches; next 1.1; 1.1 date 2004.12.02.04.08.18; author jlam; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2004.12.02.04.08.18; author jlam; state Exp; branches; next ; desc @@ 1.3 log @Update proxsmtp to 1.9. 1.9 [2011-01-23] - Fix build warnings. - Fix problem on linux not detecting netfilter headers. - Add true transparent proxying, where both client and server have no knowledge of the proxy. Documented at the proxsmtp web page. - Use capabilities to have transparent proxying without running as root. - Implement a simple reject filter, so no scripts need to be run. - Allow skipping of filtering for authenticated connections. - Bump up the top number of simultaneous connections. - Add client IP addresses to the log line. 1.8 [2008-06-30] - Make the XFOWARD HELO available as a environment variable in scripts. [Glenn Matthys] - Send an RSET to the server after filter fails an email. - Fix an uninitialized pid variable. 1.7 [2007-05-28] - Use my real name 'Stef Walter' See: http://memberwebs.com/nielsen/ 1.6 [2006-11-13] - On FreeBSD fix problem where stderr wasn't processed when filter didn't read stdin. - Add strcasestr which is missing on Solaris. - Add back 'Header' option which was accidentally removed in 1.5. Blush! 1.5 [2006-09-05] - Added support for setting the REMOTE variable when an XFORWARD command is seen. 1.4 [2006-08-10] - Fix crasher after connection closes unexpectedly. - Fix problem with waiting for processes [Jeff Fisher] - Better message for 'busy' [Akihiro Sagawa] 1.3 [2005-10-21] - Handle condition of server refusing data transfers more gracefully. - Less chatty when setting timeouts fail - Drop privileges after binding to port. Allows listening on ports < 1024 - Ported to Solaris - Fix problem with binding to certain 'long' addresses - Support embedded NULLs in email data. - Fix problems with empty addresses in logs. - Don't let exchange send it's strange binary data through the proxy - Don't reject emails when server is overloaded or errors. - Don't reject emails when starting the filter command fails. 1.2.1 [2005-04-15] - Fixed bug (introduced in 1.2) when 'Header' option is not present. 1.2 [2005-03-24] - Don't leak file descriptors when clamsmtpd can't connect to outgoing SMTP server [Chris Mason] - 'Header' configuration option with special format arguments [Olivier Beyssac] - Supress weird warnings when looking up names of local unix connections. 1.1 [2005-01-27] - Fixed crasher when outgoing connection couldn't be established - Removed erroneous chown line from clamsmtpd.sh @ text @$NetBSD: patch-ab,v 1.2 2004/12/04 20:37:47 jlam Exp $ * Take care of none existence case of setresgid(2) or setresuid(2). --- common/smtppass.c.orig 2011-01-23 22:07:08.000000000 +0000 +++ common/smtppass.c @@@@ -447,10 +447,21 @@@@ static void drop_privileges() if(pw == NULL) errx(1, "couldn't look up user: %s", g_state.user); +#if defined(HAVE_SETRESGID) && defined(HAVE_SETRESUID) if(setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) err(1, "unable to switch to user: %s (uid %d, gid %d)", g_state.user, pw->pw_uid, pw->pw_gid); +#else + if(setgid(pw->pw_gid) == -1 || + setuid(pw->pw_uid) == -1) + err(1, "unable to switch to user: %s (uid %d, gid %d)", g_state.user, pw->pw_uid, pw->pw_gid); + + /* A paranoia check */ + if(setreuid(-1, 0) == 0) + err(1, "unable to completely drop privileges"); + +#endif #ifdef HAVE_LIBCAP /* @@@@ -669,7 +680,7 @@@@ static spctx_t* init_thread(int fd) g_unique_id++; sp_unlock(); - sp_messagex(ctx, LOG_DEBUG, "processing %d on thread %x", fd, (int)pthread_self()); + sp_messagex(ctx, LOG_DEBUG, "processing %d on thread %p", fd, pthread_self()); /* Connect to the outgoing server ... */ if(make_connections(ctx, fd) == -1) @ 1.2 log @Update mail/proxsmtp to 1.0. Changes from version 0.6 include: - Added XCLIENT support. - Drop XCLIENT commands coming in from clients for security. - Added big scary warnings to the sample scripts about escaping variables. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 1 --- common/smtppass.c.orig 2004-12-01 14:09:52.000000000 -0500 d8 23 a30 1 @@@@ -591,7 +591,7 @@@@ static spctx_t* init_thread(int fd) d32 2 a33 2 sp_unlock(); d36 1 a36 1 @ 1.1 log @Initial revision @ text @d3 1 a3 1 --- common/smtppass.c.orig 2004-10-30 14:27:33.000000000 -0400 d5 1 a5 1 @@@@ -586,7 +586,7 @@@@ static spctx_t* init_thread(int fd) @ 1.1.1.1 log @proxsmtp 0.6 - SMTP proxy content filter ProxSMTP is a flexible tool that allows you to reject, change or log email based on arbitrary critera. It accepts SMTP connections and forwards the SMTP commands and responses to another SMTP server. The 'DATA' email body is intercepted and filtered before forwarding. ProxSMTP can be used as a transparent proxy to filter an entire network's SMTP traffic at the router. @ text @@