1 /* $NetBSD: mail_params.c,v 1.5 2022/10/08 16:12:45 christos Exp $ */
2
3 /*++
4 /* NAME
5 /* mail_params 3
6 /* SUMMARY
7 /* global mail configuration parameters
8 /* SYNOPSIS
9 /* #include <mail_params.h>
10 /*
11 /* char *var_myhostname;
12 /* char *var_mydomain;
13 /* char *var_myorigin;
14 /* char *var_mydest;
15 /* char *var_relayhost;
16 /* char *var_transit_origin;
17 /* char *var_transit_dest;
18 /* char *var_mail_name;
19 /* int var_helpful_warnings;
20 /* char *var_syslog_name;
21 /* char *var_mail_owner;
22 /* uid_t var_owner_uid;
23 /* gid_t var_owner_gid;
24 /* char *var_sgid_group;
25 /* gid_t var_sgid_gid;
26 /* char *var_default_privs;
27 /* uid_t var_default_uid;
28 /* gid_t var_default_gid;
29 /* char *var_config_dir;
30 /* char *var_daemon_dir;
31 /* char *var_data_dir;
32 /* char *var_command_dir;
33 /* char *var_meta_dir;
34 /* char *var_queue_dir;
35 /* char *var_shlib_dir;
36 /* int var_use_limit;
37 /* int var_idle_limit;
38 /* int var_event_drain;
39 /* int var_bundle_rcpt;
40 /* char *var_procname;
41 /* char *var_servname;
42 /* int var_pid;
43 /* int var_ipc_timeout;
44 /* char *var_pid_dir;
45 /* int var_dont_remove;
46 /* char *var_inet_interfaces;
47 /* char *var_proxy_interfaces;
48 /* char *var_inet_protocols;
49 /* char *var_mynetworks;
50 /* char *var_double_bounce_sender;
51 /* int var_line_limit;
52 /* char *var_alias_db_map;
53 /* long var_message_limit;
54 /* char *var_mail_release;
55 /* char *var_mail_version;
56 /* int var_ipc_idle_limit;
57 /* int var_ipc_ttl_limit;
58 /* char *var_db_type;
59 /* char *var_hash_queue_names;
60 /* int var_hash_queue_depth;
61 /* int var_trigger_timeout;
62 /* char *var_rcpt_delim;
63 /* int var_fork_tries;
64 /* int var_fork_delay;
65 /* int var_flock_tries;
66 /* int var_flock_delay;
67 /* int var_flock_stale;
68 /* int var_disable_dns;
69 /* int var_soft_bounce;
70 /* time_t var_starttime;
71 /* int var_ownreq_special;
72 /* int var_daemon_timeout;
73 /* char *var_syslog_facility;
74 /* char *var_relay_domains;
75 /* char *var_fflush_domains;
76 /* char *var_mynetworks_style;
77 /* char *var_verp_delims;
78 /* char *var_verp_filter;
79 /* char *var_par_dom_match;
80 /* char *var_config_dirs;
81 /*
82 /* int var_inet_windowsize;
83 /* char *var_import_environ;
84 /* char *var_export_environ;
85 /* char *var_debug_peer_list;
86 /* int var_debug_peer_level;
87 /* int var_in_flow_delay;
88 /* int var_fault_inj_code;
89 /* char *var_bounce_service;
90 /* char *var_cleanup_service;
91 /* char *var_defer_service;
92 /* char *var_pickup_service;
93 /* char *var_queue_service;
94 /* char *var_rewrite_service;
95 /* char *var_showq_service;
96 /* char *var_error_service;
97 /* char *var_flush_service;
98 /* char *var_verify_service;
99 /* char *var_trace_service;
100 /* char *var_proxymap_service;
101 /* char *var_proxywrite_service;
102 /* int var_db_create_buf;
103 /* int var_db_read_buf;
104 /* long var_lmdb_map_size;
105 /* int var_proc_limit;
106 /* int var_mime_maxdepth;
107 /* int var_mime_bound_len;
108 /* int var_header_limit;
109 /* int var_token_limit;
110 /* int var_disable_mime_input;
111 /* int var_disable_mime_oconv;
112 /* int var_strict_8bitmime;
113 /* int var_strict_7bit_hdrs;
114 /* int var_strict_8bit_body;
115 /* int var_strict_encoding;
116 /* int var_verify_neg_cache;
117 /* int var_oldlog_compat;
118 /* int var_delay_max_res;
119 /* char *var_int_filt_classes;
120 /* int var_cyrus_sasl_authzid;
121 /*
122 /* char *var_multi_conf_dirs;
123 /* char *var_multi_wrapper;
124 /* char *var_multi_group;
125 /* char *var_multi_name;
126 /* bool var_multi_enable;
127 /* bool var_long_queue_ids;
128 /* bool var_daemon_open_fatal;
129 /* char *var_dsn_filter;
130 /* int var_smtputf8_enable
131 /* int var_strict_smtputf8;
132 /* char *var_smtputf8_autoclass;
133 /* int var_idna2003_compat;
134 /* char *var_compatibility_level;
135 /* char *var_drop_hdrs;
136 /* char *var_info_log_addr_form;
137 /* bool var_enable_orcpt;
138 /*
139 /* void mail_params_init()
140 /*
141 /* const char null_format_string[1];
142 /*
143 /* long compatibility_level;
144 /*
145 /* int warn_compat_break_app_dot_mydomain;
146 /* int warn_compat_break_smtputf8_enable;
147 /* int warn_compat_break_chroot;
148 /* int warn_compat_break_relay_restrictions;
149 /*
150 /* int warn_compat_break_relay_domains;
151 /* int warn_compat_break_flush_domains;
152 /* int warn_compat_break_mynetworks_style;
153 /*
154 /* int warn_compat_break_smtpd_tls_fpt_dgst;
155 /* int warn_compat_break_smtp_tls_fpt_dgst;
156 /* int warn_compat_break_lmtp_tls_fpt_dgst;
157 /* int warn_compat_relay_before_rcpt_checks;
158 /* int warn_compat_respectful_logging;
159 /*
160 /* char *var_maillog_file;
161 /* char *var_maillog_file_pfxs;
162 /* char *var_maillog_file_comp;
163 /* char *var_maillog_file_stamp;
164 /* char *var_postlog_service;
165 /*
166 /* char *var_dnssec_probe;
167 /* bool var_relay_before_rcpt_checks;
168 /* bool var_respectful_logging;
169 /* char *var_known_tcp_ports;
170 /* DESCRIPTION
171 /* This module (actually the associated include file) defines
172 /* the names and defaults of all mail configuration parameters.
173 /*
174 /* mail_params_init() initializes the built-in parameters listed above.
175 /* These parameters are relied upon by library routines, so they are
176 /* initialized globally so as to avoid hard-to-find errors due to
177 /* missing initialization. This routine must be called early, at
178 /* least before entering a chroot jail.
179 /*
180 /* null_format_string is a workaround for gcc compilers that complain
181 /* about empty or null format strings.
182 /*
183 /* The warn_compat_XXX variables enable warnings for the use
184 /* of legacy default settings after an incompatible change.
185 /* DIAGNOSTICS
186 /* Fatal errors: out of memory; null system or domain name.
187 /* LICENSE
188 /* .ad
189 /* .fi
190 /* The Secure Mailer license must be distributed with this software.
191 /* AUTHOR(S)
192 /* Wietse Venema
193 /* IBM T.J. Watson Research
194 /* P.O. Box 704
195 /* Yorktown Heights, NY 10598, USA
196 /*
197 /* Wietse Venema
198 /* Google, Inc.
199 /* 111 8th Avenue
200 /* New York, NY 10011, USA
201 /*--*/
202
203 /* System library. */
204
205 #include <sys_defs.h>
206 #include <unistd.h>
207 #include <stdlib.h>
208 #include <string.h>
209 #include <pwd.h>
210 #include <grp.h>
211 #include <time.h>
212 #include <ctype.h>
213
214 /* Utility library. */
215
216 #include <msg.h>
217 #include <msg_syslog.h>
218 #include <get_hostname.h>
219 #include <valid_hostname.h>
220 #include <stringops.h>
221 #include <safe.h>
222 #include <safe_open.h>
223 #include <mymalloc.h>
224 #include <dict.h>
225 #include <dict_db.h>
226 #include <dict_lmdb.h>
227 #include <inet_proto.h>
228 #include <vstring_vstream.h>
229 #include <iostuff.h>
230 #include <midna_domain.h>
231
232 /* Global library. */
233
234 #include <mynetworks.h>
235 #include <mail_conf.h>
236 #include <mail_version.h>
237 #include <mail_proto.h>
238 #include <verp_sender.h>
239 #include <own_inet_addr.h>
240 #include <mail_params.h>
241 #include <compat_level.h>
242 #include <config_known_tcp_ports.h>
243
244 /*
245 * Special configuration variables.
246 */
247 char *var_myhostname;
248 char *var_mydomain;
249 char *var_myorigin;
250 char *var_mydest;
251 char *var_relayhost;
252 char *var_transit_origin;
253 char *var_transit_dest;
254 char *var_mail_name;
255 int var_helpful_warnings;
256 char *var_syslog_name;
257 char *var_mail_owner;
258 uid_t var_owner_uid;
259 gid_t var_owner_gid;
260 char *var_sgid_group;
261 gid_t var_sgid_gid;
262 char *var_default_privs;
263 uid_t var_default_uid;
264 gid_t var_default_gid;
265 char *var_config_dir;
266 char *var_daemon_dir;
267 char *var_data_dir;
268 char *var_command_dir;
269 char *var_meta_dir;
270 char *var_queue_dir;
271 char *var_shlib_dir;
272 int var_use_limit;
273 int var_event_drain;
274 int var_idle_limit;
275 int var_bundle_rcpt;
276 char *var_procname;
277 char *var_servname;
278 int var_pid;
279 int var_ipc_timeout;
280 char *var_pid_dir;
281 int var_dont_remove;
282 char *var_inet_interfaces;
283 char *var_proxy_interfaces;
284 char *var_inet_protocols;
285 char *var_mynetworks;
286 char *var_double_bounce_sender;
287 int var_line_limit;
288 char *var_alias_db_map;
289 long var_message_limit;
290 char *var_mail_release;
291 char *var_mail_version;
292 int var_ipc_idle_limit;
293 int var_ipc_ttl_limit;
294 char *var_db_type;
295 char *var_hash_queue_names;
296 int var_hash_queue_depth;
297 int var_trigger_timeout;
298 char *var_rcpt_delim;
299 int var_fork_tries;
300 int var_fork_delay;
301 int var_flock_tries;
302 int var_flock_delay;
303 int var_flock_stale;
304 int var_disable_dns;
305 int var_soft_bounce;
306 time_t var_starttime;
307 int var_ownreq_special;
308 int var_daemon_timeout;
309 char *var_syslog_facility;
310 char *var_relay_domains;
311 char *var_fflush_domains;
312 char *var_mynetworks_style;
313 char *var_verp_delims;
314 char *var_verp_filter;
315 int var_in_flow_delay;
316 char *var_par_dom_match;
317 char *var_config_dirs;
318
319 int var_inet_windowsize;
320 char *var_import_environ;
321 char *var_export_environ;
322 char *var_debug_peer_list;
323 int var_debug_peer_level;
324 int var_fault_inj_code;
325 char *var_bounce_service;
326 char *var_cleanup_service;
327 char *var_defer_service;
328 char *var_pickup_service;
329 char *var_queue_service;
330 char *var_rewrite_service;
331 char *var_showq_service;
332 char *var_error_service;
333 char *var_flush_service;
334 char *var_verify_service;
335 char *var_trace_service;
336 char *var_proxymap_service;
337 char *var_proxywrite_service;
338 int var_db_create_buf;
339 int var_db_read_buf;
340 long var_lmdb_map_size;
341 int var_proc_limit;
342 int var_mime_maxdepth;
343 int var_mime_bound_len;
344 int var_header_limit;
345 int var_token_limit;
346 int var_disable_mime_input;
347 int var_disable_mime_oconv;
348 int var_strict_8bitmime;
349 int var_strict_7bit_hdrs;
350 int var_strict_8bit_body;
351 int var_strict_encoding;
352 int var_verify_neg_cache;
353 int var_oldlog_compat;
354 int var_delay_max_res;
355 char *var_int_filt_classes;
356 int var_cyrus_sasl_authzid;
357
358 char *var_multi_conf_dirs;
359 char *var_multi_wrapper;
360 char *var_multi_group;
361 char *var_multi_name;
362 bool var_multi_enable;
363 bool var_long_queue_ids;
364 bool var_daemon_open_fatal;
365 bool var_dns_ncache_ttl_fix;
366 char *var_dsn_filter;
367 int var_smtputf8_enable;
368 int var_strict_smtputf8;
369 char *var_smtputf8_autoclass;
370 int var_idna2003_compat;
371 char *var_compatibility_level;
372 char *var_drop_hdrs;
373 char *var_info_log_addr_form;
374 bool var_enable_orcpt;
375
376 char *var_maillog_file;
377 char *var_maillog_file_pfxs;
378 char *var_maillog_file_comp;
379 char *var_maillog_file_stamp;
380 char *var_postlog_service;
381
382 char *var_dnssec_probe;
383 bool var_respectful_logging;
384 char *var_known_tcp_ports;
385
386 const char null_format_string[1] = "";
387
388 /*
389 * Compatibility level 3.6.
390 */
391 int warn_compat_break_smtpd_tls_fpt_dgst;
392 int warn_compat_break_smtp_tls_fpt_dgst;
393 int warn_compat_break_lmtp_tls_fpt_dgst;
394 int warn_compat_relay_before_rcpt_checks;
395 int warn_compat_respectful_logging;
396
397 /*
398 * Compatibility level 2.
399 */
400 int warn_compat_break_relay_domains;
401 int warn_compat_break_flush_domains;
402 int warn_compat_break_mynetworks_style;
403
404 /*
405 * Compatibility level 1.
406 */
407 int warn_compat_break_app_dot_mydomain;
408 int warn_compat_break_smtputf8_enable;
409 int warn_compat_break_chroot;
410 int warn_compat_break_relay_restrictions;
411
412 /*
413 * Parsed from var_compatibility_level;
414 */
415 long compat_level;
416
417 /* check_myhostname - lookup hostname and validate */
418
check_myhostname(void)419 static const char *check_myhostname(void)
420 {
421 static const char *name;
422 const char *dot;
423 const char *domain;
424
425 /*
426 * Use cached result.
427 */
428 if (name)
429 return (name);
430
431 /*
432 * If the local machine name is not in FQDN form, try to append the
433 * contents of $mydomain. Use a default domain as a final workaround.
434 *
435 * DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - IT MAKES EVERY POSTFIX
436 * PROGRAM HANG WHEN DNS SERVICE IS UNAVAILABLE. IF YOU DON'T LIKE THE
437 * DEFAULT, THEN EDIT MAIN.CF.
438 */
439 name = get_hostname();
440 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
441 if ((dot = strchr(name, '.')) == 0) {
442 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
443 if ((domain = mail_conf_lookup_eval(VAR_MYDOMAIN)) == 0)
444 domain = DEF_MYDOMAIN;
445 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
446 name = concatenate(name, ".", domain, (char *) 0);
447 }
448 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
449 return (name);
450 }
451
452 /* check_mydomainname - lookup domain name and validate */
453
check_mydomainname(void)454 static const char *check_mydomainname(void)
455 {
456 char *dot;
457
458 /*
459 * Use a default domain when the hostname is not a FQDN ("foo").
460 *
461 * DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - IT MAKES EVERY POSTFIX
462 * PROGRAM HANG WHEN DNS SERVICE IS UNAVAILABLE. IF YOU DON'T LIKE THE
463 * DEFAULT, THEN EDIT MAIN.CF.
464 */
465 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
466 if ((dot = strchr(var_myhostname, '.')) == 0)
467 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
468 return (DEF_MYDOMAIN);
469 /* DO NOT CALL GETHOSTBYNAME OR GETNAMEINFO HERE - EDIT MAIN.CF */
470 return (dot + 1);
471 }
472
473 /* check_default_privs - lookup default user attributes and validate */
474
check_default_privs(void)475 static void check_default_privs(void)
476 {
477 struct passwd *pwd;
478
479 if ((pwd = getpwnam(var_default_privs)) == 0)
480 msg_fatal("file %s/%s: parameter %s: unknown user name value: %s",
481 var_config_dir, MAIN_CONF_FILE,
482 VAR_DEFAULT_PRIVS, var_default_privs);
483 if ((var_default_uid = pwd->pw_uid) == 0)
484 msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID",
485 var_config_dir, MAIN_CONF_FILE,
486 VAR_DEFAULT_PRIVS, var_default_privs);
487 if ((var_default_gid = pwd->pw_gid) == 0)
488 msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID",
489 var_config_dir, MAIN_CONF_FILE,
490 VAR_DEFAULT_PRIVS, var_default_privs);
491 }
492
493 /* check_mail_owner - lookup owner user attributes and validate */
494
check_mail_owner(void)495 static void check_mail_owner(void)
496 {
497 struct passwd *pwd;
498
499 if ((pwd = getpwnam(var_mail_owner)) == 0)
500 msg_fatal("file %s/%s: parameter %s: unknown user name value: %s",
501 var_config_dir, MAIN_CONF_FILE,
502 VAR_MAIL_OWNER, var_mail_owner);
503 if ((var_owner_uid = pwd->pw_uid) == 0)
504 msg_fatal("file %s/%s: parameter %s: user %s has privileged user ID",
505 var_config_dir, MAIN_CONF_FILE,
506 VAR_MAIL_OWNER, var_mail_owner);
507 if ((var_owner_gid = pwd->pw_gid) == 0)
508 msg_fatal("file %s/%s: parameter %s: user %s has privileged group ID",
509 var_config_dir, MAIN_CONF_FILE,
510 VAR_MAIL_OWNER, var_mail_owner);
511
512 /*
513 * This detects only some forms of sharing. Enumerating the entire
514 * password file name space could be expensive. The purpose of this code
515 * is to discourage user ID sharing by developers and package
516 * maintainers.
517 */
518 if ((pwd = getpwuid(var_owner_uid)) != 0
519 && strcmp(pwd->pw_name, var_mail_owner) != 0)
520 msg_fatal("file %s/%s: parameter %s: user %s has same user ID as %s",
521 var_config_dir, MAIN_CONF_FILE,
522 VAR_MAIL_OWNER, var_mail_owner, pwd->pw_name);
523 }
524
525 /* check_sgid_group - lookup setgid group attributes and validate */
526
check_sgid_group(void)527 static void check_sgid_group(void)
528 {
529 struct group *grp;
530
531 if ((grp = getgrnam(var_sgid_group)) == 0)
532 msg_fatal("file %s/%s: parameter %s: unknown group name: %s",
533 var_config_dir, MAIN_CONF_FILE,
534 VAR_SGID_GROUP, var_sgid_group);
535 if ((var_sgid_gid = grp->gr_gid) == 0)
536 msg_fatal("file %s/%s: parameter %s: group %s has privileged group ID",
537 var_config_dir, MAIN_CONF_FILE,
538 VAR_SGID_GROUP, var_sgid_group);
539
540 /*
541 * This detects only some forms of sharing. Enumerating the entire group
542 * file name space could be expensive. The purpose of this code is to
543 * discourage group ID sharing by developers and package maintainers.
544 */
545 if ((grp = getgrgid(var_sgid_gid)) != 0
546 && strcmp(grp->gr_name, var_sgid_group) != 0)
547 msg_fatal("file %s/%s: parameter %s: group %s has same group ID as %s",
548 var_config_dir, MAIN_CONF_FILE,
549 VAR_SGID_GROUP, var_sgid_group, grp->gr_name);
550 }
551
552 /* check_overlap - disallow UID or GID sharing */
553
check_overlap(void)554 static void check_overlap(void)
555 {
556 if (strcmp(var_default_privs, var_mail_owner) == 0)
557 msg_fatal("file %s/%s: parameters %s and %s specify the same user %s",
558 var_config_dir, MAIN_CONF_FILE,
559 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
560 var_default_privs);
561 if (var_default_uid == var_owner_uid)
562 msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same user ID: %ld",
563 var_config_dir, MAIN_CONF_FILE,
564 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
565 var_default_privs, var_mail_owner,
566 (long) var_owner_uid);
567 if (var_default_gid == var_owner_gid)
568 msg_fatal("file %s/%s: parameters %s and %s: users %s and %s have the same group ID: %ld",
569 var_config_dir, MAIN_CONF_FILE,
570 VAR_DEFAULT_PRIVS, VAR_MAIL_OWNER,
571 var_default_privs, var_mail_owner,
572 (long) var_owner_gid);
573 if (var_default_gid == var_sgid_gid)
574 msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld",
575 var_config_dir, MAIN_CONF_FILE,
576 VAR_DEFAULT_PRIVS, VAR_SGID_GROUP,
577 var_default_privs, var_sgid_group,
578 (long) var_sgid_gid);
579 if (var_owner_gid == var_sgid_gid)
580 msg_fatal("file %s/%s: parameters %s and %s: user %s and group %s have the same group ID: %ld",
581 var_config_dir, MAIN_CONF_FILE,
582 VAR_MAIL_OWNER, VAR_SGID_GROUP,
583 var_mail_owner, var_sgid_group,
584 (long) var_sgid_gid);
585 }
586
587 #ifdef MYORIGIN_FROM_FILE
588
589 /* read_param_from_file - read parameter value from file */
590
read_param_from_file(const char * path)591 static char *read_param_from_file(const char *path)
592 {
593 VSTRING *why = vstring_alloc(100);
594 VSTRING *buf = vstring_alloc(100);
595 VSTREAM *fp;
596 char *bp;
597 char *result;
598
599 /*
600 * Ugly macros to make complex expressions less unreadable.
601 */
602 #define SKIP(start, var, cond) do { \
603 for (var = start; *var && (cond); var++) \
604 /* void */; \
605 } while (0)
606
607 #define TRIM(s) do { \
608 char *p; \
609 for (p = (s) + strlen(s); p > (s) && ISSPACE(p[-1]); p--) \
610 /* void */; \
611 *p = 0; \
612 } while (0)
613
614 fp = safe_open(path, O_RDONLY, 0, (struct stat *) 0, -1, -1, why);
615 if (fp == 0)
616 msg_fatal("%s: %s", path, vstring_str(why));
617 vstring_get_nonl(buf, fp);
618 if (vstream_ferror(fp)) /* FIX 20070501 */
619 msg_fatal("%s: read error: %m", path);
620 vstream_fclose(fp);
621 SKIP(vstring_str(buf), bp, ISSPACE(*bp));
622 TRIM(bp);
623 result = mystrdup(bp);
624
625 vstring_free(why);
626 vstring_free(buf);
627 return (result);
628 }
629
630 #endif
631
632 /* check_legacy_defaults - flag parameters that require safety-net logging */
633
check_legacy_defaults(void)634 static void check_legacy_defaults(void)
635 {
636
637 /*
638 * Basic idea: when an existing parameter default is changed, or a new
639 * parameter is introduced with incompatible default behavior, force
640 * Postfix to run with backwards-compatible default settings and log a
641 * warning when the backwards-compatible behavior is used.
642 *
643 * Based on a review of Postfix logging the system administrator can decide
644 * whether or not to make backwards-compatible default settings permanent
645 * in main.cf or master.cf.
646 *
647 * To turn off further warnings and deploy the new default settings, the
648 * system administrator should update the compatibility_level setting as
649 * recommended in the RELEASE_NOTES file.
650 *
651 * Each incompatible change has its own flag variable, instead of bit in a
652 * shared variable. We don't want to rip up code when we need more flag
653 * bits.
654 */
655
656 /*
657 * Look for specific parameters whose default changed when the
658 * compatibility level changed to 3.6.
659 */
660 if (compat_level < compat_level_from_string(COMPAT_LEVEL_3_6, msg_panic)) {
661 if (mail_conf_lookup(VAR_SMTPD_TLS_FPT_DGST) == 0)
662 warn_compat_break_smtpd_tls_fpt_dgst = 1;
663 if (mail_conf_lookup(VAR_SMTP_TLS_FPT_DGST) == 0)
664 warn_compat_break_smtp_tls_fpt_dgst = 1;
665 if (mail_conf_lookup(VAR_LMTP_TLS_FPT_DGST) == 0)
666 warn_compat_break_lmtp_tls_fpt_dgst = 1;
667 if (mail_conf_lookup(VAR_RELAY_BEFORE_RCPT_CHECKS) == 0)
668 warn_compat_relay_before_rcpt_checks = 1;
669 if (mail_conf_lookup(VAR_RESPECTFUL_LOGGING) == 0)
670 warn_compat_respectful_logging = 1;
671 }
672
673 /*
674 * Look for specific parameters whose default changed when the
675 * compatibility level changed to 2.
676 */
677 if (compat_level < compat_level_from_string(COMPAT_LEVEL_2, msg_panic)) {
678 if (mail_conf_lookup(VAR_RELAY_DOMAINS) == 0) {
679 warn_compat_break_relay_domains = 1;
680 if (mail_conf_lookup(VAR_FFLUSH_DOMAINS) == 0)
681 warn_compat_break_flush_domains = 1;
682 }
683 if (mail_conf_lookup(VAR_MYNETWORKS) == 0
684 && mail_conf_lookup(VAR_MYNETWORKS_STYLE) == 0)
685 warn_compat_break_mynetworks_style = 1;
686 }
687
688 /*
689 * Look for specific parameters whose default changed when the
690 * compatibility level changed from 0 to 1.
691 */
692 if (compat_level < compat_level_from_string(COMPAT_LEVEL_1, msg_panic)) {
693 if (mail_conf_lookup(VAR_APP_DOT_MYDOMAIN) == 0)
694 warn_compat_break_app_dot_mydomain = 1;
695
696 /*
697 * Not: #ifndef NO_EAI. They must configure SMTPUTF8_ENABLE=no if a
698 * warning message is logged, so that they don't suddenly start to
699 * lose mail after Postfix is built with EAI support.
700 */
701 if (mail_conf_lookup(VAR_SMTPUTF8_ENABLE) == 0)
702 warn_compat_break_smtputf8_enable = 1;
703 warn_compat_break_chroot = 1;
704
705 /*
706 * Grandfathered in to help sites migrating from Postfix <2.10.
707 */
708 if (mail_conf_lookup(VAR_RELAY_CHECKS) == 0)
709 warn_compat_break_relay_restrictions = 1;
710 }
711 }
712
713 /* mail_params_init - configure built-in parameters */
714
mail_params_init()715 void mail_params_init()
716 {
717 static const CONFIG_STR_TABLE compat_level_defaults[] = {
718 VAR_COMPAT_LEVEL, DEF_COMPAT_LEVEL, &var_compatibility_level, 0, 0,
719 0,
720 };
721 static const CONFIG_STR_TABLE first_str_defaults[] = {
722 /* $mail_version may appear in other parameters. */
723 VAR_MAIL_VERSION, DEF_MAIL_VERSION, &var_mail_version, 1, 0,
724 VAR_SYSLOG_FACILITY, DEF_SYSLOG_FACILITY, &var_syslog_facility, 1, 0,
725 VAR_INET_PROTOCOLS, DEF_INET_PROTOCOLS, &var_inet_protocols, 0, 0,
726 VAR_MULTI_CONF_DIRS, DEF_MULTI_CONF_DIRS, &var_multi_conf_dirs, 0, 0,
727 /* multi_instance_wrapper may have dependencies but not dependents. */
728 VAR_MULTI_GROUP, DEF_MULTI_GROUP, &var_multi_group, 0, 0,
729 VAR_MULTI_NAME, DEF_MULTI_NAME, &var_multi_name, 0, 0,
730 VAR_MAILLOG_FILE, DEF_MAILLOG_FILE, &var_maillog_file, 0, 0,
731 VAR_MAILLOG_FILE_PFXS, DEF_MAILLOG_FILE_PFXS, &var_maillog_file_pfxs, 1, 0,
732 VAR_MAILLOG_FILE_COMP, DEF_MAILLOG_FILE_COMP, &var_maillog_file_comp, 1, 0,
733 VAR_MAILLOG_FILE_STAMP, DEF_MAILLOG_FILE_STAMP, &var_maillog_file_stamp, 1, 0,
734 VAR_POSTLOG_SERVICE, DEF_POSTLOG_SERVICE, &var_postlog_service, 1, 0,
735 VAR_DNSSEC_PROBE, DEF_DNSSEC_PROBE, &var_dnssec_probe, 0, 0,
736 VAR_KNOWN_TCP_PORTS, DEF_KNOWN_TCP_PORTS, &var_known_tcp_ports, 0, 0,
737 0,
738 };
739 static const CONFIG_BOOL_TABLE first_bool_defaults[] = {
740 /* read and process the following before opening tables. */
741 VAR_DAEMON_OPEN_FATAL, DEF_DAEMON_OPEN_FATAL, &var_daemon_open_fatal,
742 VAR_DNS_NCACHE_TTL_FIX, DEF_DNS_NCACHE_TTL_FIX, &var_dns_ncache_ttl_fix,
743 0,
744 };
745 static const CONFIG_NBOOL_TABLE first_nbool_defaults[] = {
746 /* read and process the following before opening tables. */
747 VAR_SMTPUTF8_ENABLE, DEF_SMTPUTF8_ENABLE, &var_smtputf8_enable,
748 VAR_IDNA2003_COMPAT, DEF_IDNA2003_COMPAT, &var_idna2003_compat,
749 VAR_RESPECTFUL_LOGGING, DEF_RESPECTFUL_LOGGING, &var_respectful_logging,
750 0,
751 };
752 static const CONFIG_STR_FN_TABLE function_str_defaults[] = {
753 VAR_MYHOSTNAME, check_myhostname, &var_myhostname, 1, 0,
754 VAR_MYDOMAIN, check_mydomainname, &var_mydomain, 1, 0,
755 0,
756 };
757 static const CONFIG_STR_TABLE other_str_defaults[] = {
758 VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, 1, 0,
759 VAR_SYSLOG_NAME, DEF_SYSLOG_NAME, &var_syslog_name, 1, 0,
760 VAR_MAIL_OWNER, DEF_MAIL_OWNER, &var_mail_owner, 1, 0,
761 VAR_SGID_GROUP, DEF_SGID_GROUP, &var_sgid_group, 1, 0,
762 VAR_MYDEST, DEF_MYDEST, &var_mydest, 0, 0,
763 VAR_MYORIGIN, DEF_MYORIGIN, &var_myorigin, 1, 0,
764 VAR_RELAYHOST, DEF_RELAYHOST, &var_relayhost, 0, 0,
765 VAR_DAEMON_DIR, DEF_DAEMON_DIR, &var_daemon_dir, 1, 0,
766 VAR_DATA_DIR, DEF_DATA_DIR, &var_data_dir, 1, 0,
767 VAR_COMMAND_DIR, DEF_COMMAND_DIR, &var_command_dir, 1, 0,
768 VAR_META_DIR, DEF_META_DIR, &var_meta_dir, 1, 0,
769 VAR_QUEUE_DIR, DEF_QUEUE_DIR, &var_queue_dir, 1, 0,
770 VAR_SHLIB_DIR, DEF_SHLIB_DIR, &var_shlib_dir, 1, 0,
771 VAR_PID_DIR, DEF_PID_DIR, &var_pid_dir, 1, 0,
772 VAR_INET_INTERFACES, DEF_INET_INTERFACES, &var_inet_interfaces, 0, 0,
773 VAR_PROXY_INTERFACES, DEF_PROXY_INTERFACES, &var_proxy_interfaces, 0, 0,
774 VAR_DOUBLE_BOUNCE, DEF_DOUBLE_BOUNCE, &var_double_bounce_sender, 1, 0,
775 VAR_DEFAULT_PRIVS, DEF_DEFAULT_PRIVS, &var_default_privs, 1, 0,
776 VAR_ALIAS_DB_MAP, DEF_ALIAS_DB_MAP, &var_alias_db_map, 0, 0,
777 VAR_MAIL_RELEASE, DEF_MAIL_RELEASE, &var_mail_release, 1, 0,
778 VAR_DB_TYPE, DEF_DB_TYPE, &var_db_type, 1, 0,
779 VAR_HASH_QUEUE_NAMES, DEF_HASH_QUEUE_NAMES, &var_hash_queue_names, 1, 0,
780 VAR_RCPT_DELIM, DEF_RCPT_DELIM, &var_rcpt_delim, 0, 0,
781 VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
782 VAR_FFLUSH_DOMAINS, DEF_FFLUSH_DOMAINS, &var_fflush_domains, 0, 0,
783 VAR_EXPORT_ENVIRON, DEF_EXPORT_ENVIRON, &var_export_environ, 0, 0,
784 VAR_IMPORT_ENVIRON, DEF_IMPORT_ENVIRON, &var_import_environ, 0, 0,
785 VAR_MYNETWORKS_STYLE, DEF_MYNETWORKS_STYLE, &var_mynetworks_style, 1, 0,
786 VAR_DEBUG_PEER_LIST, DEF_DEBUG_PEER_LIST, &var_debug_peer_list, 0, 0,
787 VAR_VERP_DELIMS, DEF_VERP_DELIMS, &var_verp_delims, 2, 2,
788 VAR_VERP_FILTER, DEF_VERP_FILTER, &var_verp_filter, 1, 0,
789 VAR_PAR_DOM_MATCH, DEF_PAR_DOM_MATCH, &var_par_dom_match, 0, 0,
790 VAR_CONFIG_DIRS, DEF_CONFIG_DIRS, &var_config_dirs, 0, 0,
791 VAR_BOUNCE_SERVICE, DEF_BOUNCE_SERVICE, &var_bounce_service, 1, 0,
792 VAR_CLEANUP_SERVICE, DEF_CLEANUP_SERVICE, &var_cleanup_service, 1, 0,
793 VAR_DEFER_SERVICE, DEF_DEFER_SERVICE, &var_defer_service, 1, 0,
794 VAR_PICKUP_SERVICE, DEF_PICKUP_SERVICE, &var_pickup_service, 1, 0,
795 VAR_QUEUE_SERVICE, DEF_QUEUE_SERVICE, &var_queue_service, 1, 0,
796 VAR_REWRITE_SERVICE, DEF_REWRITE_SERVICE, &var_rewrite_service, 1, 0,
797 VAR_SHOWQ_SERVICE, DEF_SHOWQ_SERVICE, &var_showq_service, 1, 0,
798 VAR_ERROR_SERVICE, DEF_ERROR_SERVICE, &var_error_service, 1, 0,
799 VAR_FLUSH_SERVICE, DEF_FLUSH_SERVICE, &var_flush_service, 1, 0,
800 VAR_VERIFY_SERVICE, DEF_VERIFY_SERVICE, &var_verify_service, 1, 0,
801 VAR_TRACE_SERVICE, DEF_TRACE_SERVICE, &var_trace_service, 1, 0,
802 VAR_PROXYMAP_SERVICE, DEF_PROXYMAP_SERVICE, &var_proxymap_service, 1, 0,
803 VAR_PROXYWRITE_SERVICE, DEF_PROXYWRITE_SERVICE, &var_proxywrite_service, 1, 0,
804 VAR_INT_FILT_CLASSES, DEF_INT_FILT_CLASSES, &var_int_filt_classes, 0, 0,
805 /* multi_instance_wrapper may have dependencies but not dependents. */
806 VAR_MULTI_WRAPPER, DEF_MULTI_WRAPPER, &var_multi_wrapper, 0, 0,
807 VAR_DSN_FILTER, DEF_DSN_FILTER, &var_dsn_filter, 0, 0,
808 VAR_SMTPUTF8_AUTOCLASS, DEF_SMTPUTF8_AUTOCLASS, &var_smtputf8_autoclass, 1, 0,
809 VAR_DROP_HDRS, DEF_DROP_HDRS, &var_drop_hdrs, 0, 0,
810 VAR_INFO_LOG_ADDR_FORM, DEF_INFO_LOG_ADDR_FORM, &var_info_log_addr_form, 1, 0,
811 0,
812 };
813 static const CONFIG_STR_FN_TABLE function_str_defaults_2[] = {
814 VAR_MYNETWORKS, mynetworks, &var_mynetworks, 0, 0,
815 0,
816 };
817 static const CONFIG_INT_TABLE other_int_defaults[] = {
818 VAR_PROC_LIMIT, DEF_PROC_LIMIT, &var_proc_limit, 1, 0,
819 VAR_MAX_USE, DEF_MAX_USE, &var_use_limit, 1, 0,
820 VAR_DONT_REMOVE, DEF_DONT_REMOVE, &var_dont_remove, 0, 0,
821 VAR_LINE_LIMIT, DEF_LINE_LIMIT, &var_line_limit, 512, 0,
822 VAR_HASH_QUEUE_DEPTH, DEF_HASH_QUEUE_DEPTH, &var_hash_queue_depth, 1, 0,
823 VAR_FORK_TRIES, DEF_FORK_TRIES, &var_fork_tries, 1, 0,
824 VAR_FLOCK_TRIES, DEF_FLOCK_TRIES, &var_flock_tries, 1, 0,
825 VAR_DEBUG_PEER_LEVEL, DEF_DEBUG_PEER_LEVEL, &var_debug_peer_level, 1, 0,
826 VAR_FAULT_INJ_CODE, DEF_FAULT_INJ_CODE, &var_fault_inj_code, 0, 0,
827 VAR_DB_CREATE_BUF, DEF_DB_CREATE_BUF, &var_db_create_buf, 1, 0,
828 VAR_DB_READ_BUF, DEF_DB_READ_BUF, &var_db_read_buf, 1, 0,
829 VAR_HEADER_LIMIT, DEF_HEADER_LIMIT, &var_header_limit, 1, 0,
830 VAR_TOKEN_LIMIT, DEF_TOKEN_LIMIT, &var_token_limit, 1, 0,
831 VAR_MIME_MAXDEPTH, DEF_MIME_MAXDEPTH, &var_mime_maxdepth, 1, 0,
832 VAR_MIME_BOUND_LEN, DEF_MIME_BOUND_LEN, &var_mime_bound_len, 1, 0,
833 VAR_DELAY_MAX_RES, DEF_DELAY_MAX_RES, &var_delay_max_res, MIN_DELAY_MAX_RES, MAX_DELAY_MAX_RES,
834 VAR_INET_WINDOW, DEF_INET_WINDOW, &var_inet_windowsize, 0, 0,
835 0,
836 };
837 static const CONFIG_LONG_TABLE long_defaults[] = {
838 VAR_MESSAGE_LIMIT, DEF_MESSAGE_LIMIT, &var_message_limit, 0, 0,
839 VAR_LMDB_MAP_SIZE, DEF_LMDB_MAP_SIZE, &var_lmdb_map_size, 1, 0,
840 0,
841 };
842 static const CONFIG_TIME_TABLE time_defaults[] = {
843 VAR_EVENT_DRAIN, DEF_EVENT_DRAIN, &var_event_drain, 1, 0,
844 VAR_MAX_IDLE, DEF_MAX_IDLE, &var_idle_limit, 1, 0,
845 VAR_IPC_TIMEOUT, DEF_IPC_TIMEOUT, &var_ipc_timeout, 1, 0,
846 VAR_IPC_IDLE, DEF_IPC_IDLE, &var_ipc_idle_limit, 1, 0,
847 VAR_IPC_TTL, DEF_IPC_TTL, &var_ipc_ttl_limit, 1, 0,
848 VAR_TRIGGER_TIMEOUT, DEF_TRIGGER_TIMEOUT, &var_trigger_timeout, 1, 0,
849 VAR_FORK_DELAY, DEF_FORK_DELAY, &var_fork_delay, 1, 0,
850 VAR_FLOCK_DELAY, DEF_FLOCK_DELAY, &var_flock_delay, 1, 0,
851 VAR_FLOCK_STALE, DEF_FLOCK_STALE, &var_flock_stale, 1, 0,
852 VAR_DAEMON_TIMEOUT, DEF_DAEMON_TIMEOUT, &var_daemon_timeout, 1, 0,
853 VAR_IN_FLOW_DELAY, DEF_IN_FLOW_DELAY, &var_in_flow_delay, 0, 10,
854 0,
855 };
856 static const CONFIG_BOOL_TABLE bool_defaults[] = {
857 VAR_DISABLE_DNS, DEF_DISABLE_DNS, &var_disable_dns,
858 VAR_SOFT_BOUNCE, DEF_SOFT_BOUNCE, &var_soft_bounce,
859 VAR_OWNREQ_SPECIAL, DEF_OWNREQ_SPECIAL, &var_ownreq_special,
860 VAR_STRICT_8BITMIME, DEF_STRICT_8BITMIME, &var_strict_8bitmime,
861 VAR_STRICT_7BIT_HDRS, DEF_STRICT_7BIT_HDRS, &var_strict_7bit_hdrs,
862 VAR_STRICT_8BIT_BODY, DEF_STRICT_8BIT_BODY, &var_strict_8bit_body,
863 VAR_STRICT_ENCODING, DEF_STRICT_ENCODING, &var_strict_encoding,
864 VAR_DISABLE_MIME_INPUT, DEF_DISABLE_MIME_INPUT, &var_disable_mime_input,
865 VAR_DISABLE_MIME_OCONV, DEF_DISABLE_MIME_OCONV, &var_disable_mime_oconv,
866 VAR_VERIFY_NEG_CACHE, DEF_VERIFY_NEG_CACHE, &var_verify_neg_cache,
867 VAR_OLDLOG_COMPAT, DEF_OLDLOG_COMPAT, &var_oldlog_compat,
868 VAR_HELPFUL_WARNINGS, DEF_HELPFUL_WARNINGS, &var_helpful_warnings,
869 VAR_CYRUS_SASL_AUTHZID, DEF_CYRUS_SASL_AUTHZID, &var_cyrus_sasl_authzid,
870 VAR_MULTI_ENABLE, DEF_MULTI_ENABLE, &var_multi_enable,
871 VAR_LONG_QUEUE_IDS, DEF_LONG_QUEUE_IDS, &var_long_queue_ids,
872 VAR_STRICT_SMTPUTF8, DEF_STRICT_SMTPUTF8, &var_strict_smtputf8,
873 VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt,
874 0,
875 };
876 const char *cp;
877
878 /*
879 * Extract compatibility level first, so that we can determine what
880 * parameters of interest are left at their legacy defaults.
881 */
882 if (var_compatibility_level == 0)
883 compat_level_relop_register();
884 get_mail_conf_str_table(compat_level_defaults);
885 compat_level = compat_level_from_string(var_compatibility_level, msg_fatal);
886 check_legacy_defaults();
887
888 /*
889 * Extract syslog_facility early, so that from here on all errors are
890 * logged with the proper facility.
891 */
892 get_mail_conf_str_table(first_str_defaults);
893
894 if (!msg_syslog_set_facility(var_syslog_facility))
895 msg_fatal("file %s/%s: parameter %s: unrecognized value: %s",
896 var_config_dir, MAIN_CONF_FILE,
897 VAR_SYSLOG_FACILITY, var_syslog_facility);
898
899 /*
900 * Should daemons terminate after table open error, or should they
901 * continue execution with reduced functionality?
902 */
903 get_mail_conf_bool_table(first_bool_defaults);
904 if (var_daemon_open_fatal)
905 dict_allow_surrogate = 0;
906
907 /*
908 * Should we open tables with UTF8 support, or in the legacy 8-bit clean
909 * mode with ASCII-only casefolding?
910 */
911 get_mail_conf_nbool_table(first_nbool_defaults);
912
913 /*
914 * Report run-time versus compile-time discrepancies.
915 */
916 #ifdef NO_EAI
917 if (var_smtputf8_enable)
918 msg_warn("%s is true, but EAI support is not compiled in",
919 VAR_SMTPUTF8_ENABLE);
920 var_smtputf8_enable = 0;
921 #else
922 midna_domain_transitional = var_idna2003_compat;
923 if (var_smtputf8_enable)
924 midna_domain_pre_chroot();
925 #endif
926 util_utf8_enable = var_smtputf8_enable;
927
928 /*
929 * Configure the known TCP port mappings.
930 */
931 config_known_tcp_ports(VAR_KNOWN_TCP_PORTS, var_known_tcp_ports);
932
933 /*
934 * What protocols should we attempt to support? The result is stored in
935 * the global inet_proto_table variable.
936 */
937 (void) inet_proto_init(VAR_INET_PROTOCOLS, var_inet_protocols);
938
939 /*
940 * Variables whose defaults are determined at runtime. Some sites use
941 * short hostnames in the host table; some sites name their system after
942 * the domain.
943 */
944 get_mail_conf_str_fn_table(function_str_defaults);
945 if (!valid_hostname(var_myhostname, DO_GRIPE))
946 msg_fatal("file %s/%s: parameter %s: bad parameter value: %s",
947 var_config_dir, MAIN_CONF_FILE,
948 VAR_MYHOSTNAME, var_myhostname);
949 if (!valid_hostname(var_mydomain, DO_GRIPE))
950 msg_fatal("file %s/%s: parameter %s: bad parameter value: %s",
951 var_config_dir, MAIN_CONF_FILE,
952 VAR_MYDOMAIN, var_mydomain);
953
954 /*
955 * Variables that are needed by almost every program.
956 *
957 * XXX Reading the myorigin value from file is originally a Debian Linux
958 * feature. This code is not enabled by default because of problems: 1)
959 * it re-implements its own parameter syntax checks, and 2) it does not
960 * implement $name expansions.
961 */
962 get_mail_conf_str_table(other_str_defaults);
963 #ifdef MYORIGIN_FROM_FILE
964 if (*var_myorigin == '/') {
965 char *origin = read_param_from_file(var_myorigin);
966
967 if (*origin == 0)
968 msg_fatal("%s file %s is empty", VAR_MYORIGIN, var_myorigin);
969 myfree(var_myorigin); /* FIX 20070501 */
970 var_myorigin = origin;
971 }
972 #endif
973 get_mail_conf_int_table(other_int_defaults);
974 get_mail_conf_long_table(long_defaults);
975 get_mail_conf_bool_table(bool_defaults);
976 get_mail_conf_time_table(time_defaults);
977 check_default_privs();
978 check_mail_owner();
979 check_sgid_group();
980 check_overlap();
981 dict_db_cache_size = var_db_read_buf;
982 dict_lmdb_map_size = var_lmdb_map_size;
983 inet_windowsize = var_inet_windowsize;
984
985 /*
986 * Variables whose defaults are determined at runtime, after other
987 * variables have been set. This dependency is admittedly a bit tricky.
988 * XXX Perhaps we should just register variables, and let the evaluator
989 * figure out in what order to evaluate things.
990 */
991 get_mail_conf_str_fn_table(function_str_defaults_2);
992
993 /*
994 * FIX 200412 The IPv6 patch did not call own_inet_addr_list() before
995 * entering the chroot jail on Linux IPv6 systems. Linux has the IPv6
996 * interface list in /proc, which is not available after chrooting.
997 */
998 (void) own_inet_addr_list();
999
1000 /*
1001 * The PID variable cannot be set from the configuration file!!
1002 */
1003 set_mail_conf_int(VAR_PID, var_pid = getpid());
1004
1005 /*
1006 * Neither can the start time variable. It isn't even visible.
1007 */
1008 time(&var_starttime);
1009
1010 /*
1011 * Export the syslog name so children can inherit and use it before they
1012 * have initialized.
1013 */
1014 if ((cp = safe_getenv(CONF_ENV_LOGTAG)) == 0
1015 || strcmp(cp, var_syslog_name) != 0)
1016 if (setenv(CONF_ENV_LOGTAG, var_syslog_name, 1) < 0)
1017 msg_fatal("setenv %s %s: %m", CONF_ENV_LOGTAG, var_syslog_name);
1018
1019 /*
1020 * I have seen this happen just too often.
1021 */
1022 if (strcasecmp_utf8(var_myhostname, var_relayhost) == 0)
1023 msg_fatal("%s and %s parameter settings must not be identical: %s",
1024 VAR_MYHOSTNAME, VAR_RELAYHOST, var_myhostname);
1025
1026 /*
1027 * XXX These should be caught by a proper parameter parsing algorithm.
1028 */
1029 if (var_myorigin[strcspn(var_myorigin, CHARS_COMMA_SP)])
1030 msg_fatal("%s parameter setting must not contain multiple values: %s",
1031 VAR_MYORIGIN, var_myorigin);
1032
1033 /*
1034 * One more sanity check.
1035 */
1036 if ((cp = verp_delims_verify(var_verp_delims)) != 0)
1037 msg_fatal("file %s/%s: parameters %s and %s: %s",
1038 var_config_dir, MAIN_CONF_FILE,
1039 VAR_VERP_DELIMS, VAR_VERP_FILTER, cp);
1040 }
1041