Date: Thu, 09 Apr 2026 12:55:17 +0000 From: Juraj Lutter <otis@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Jose Luis Duran <jlduran@FreeBSD.org> Subject: git: 11d6404d9c7c - main - mail/postfix: Use BLOCKLIST instead of BLACKLIST Message-ID: <69d7a1b5.345f9.c46394c@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by otis: URL: https://cgit.FreeBSD.org/ports/commit/?id=11d6404d9c7c201bf8201c4364a98d6c9cd95956 commit 11d6404d9c7c201bf8201c4364a98d6c9cd95956 Author: Jose Luis Duran <jlduran@FreeBSD.org> AuthorDate: 2026-04-09 12:07:57 +0000 Commit: Juraj Lutter <otis@FreeBSD.org> CommitDate: 2026-04-09 12:54:52 +0000 mail/postfix: Use BLOCKLIST instead of BLACKLIST - Starting from FreeBSD version 1500000, prefer the new blocklist nomenclature. - Enable TLSRPT by default PR: 294083 --- mail/postfix/Makefile | 25 +++-- mail/postfix/files/extra-patch-blocklistd | 163 ++++++++++++++++++++++++++++++ 2 files changed, 181 insertions(+), 7 deletions(-) diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index 739c8e81a838..30705c61f55f 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -1,6 +1,6 @@ PORTNAME= postfix DISTVERSION= 3.11.1 -PORTREVISION?= 1 +PORTREVISION?= 2 PORTEPOCH= 1 CATEGORIES= mail MASTER_SITES= https://postfix-mirror.horus-it.com/postfix-release/ \ @@ -95,9 +95,9 @@ CONFLICTS_INSTALL= courier-0.* opensmtpd opensmtpd-devel \ USERS= postfix GROUPS= mail maildrop postfix -OPTIONS_DEFINE= BDB BLACKLISTD CDB DOCS EAI INST_BASE LDAP LMDB MONGO \ +OPTIONS_DEFINE= BDB BLOCKLISTD CDB DOCS EAI INST_BASE LDAP LMDB MONGO \ MYSQL NIS PCRE2 PGSQL SASL SQLITE TEST TLS TLSRPT -OPTIONS_DEFAULT?= BLACKLISTD CDB EAI LMDB PCRE2 TLS +OPTIONS_DEFAULT?= BLOCKLISTD CDB EAI LMDB PCRE2 TLS TLSRPT OPTIONS_RADIO= RG1 OPTIONS_RADIO_RG1= SASLKMIT SASLKRB5 .if ${FLAVOR:U} == ldap @@ -116,7 +116,7 @@ OPTIONS_FILE= ${PORT_DBDIR}/${OPTIONS_NAME}/${FLAVOR}-options .endif OPTIONS_SUB= yes -BLACKLISTD_DESC= Enable blacklistd support +BLOCKLISTD_DESC= Enable blocklistd support CDB_DESC= CDB maps lookups EAI_DESC= Email Address Internationalization (SMTPUTF8) support INST_BASE_DESC= Install into /usr and /etc/postfix @@ -131,7 +131,6 @@ TEST_DESC= SMTP/LMTP test server and generator TLSRPT_DESC= Enable sending RFC 8460 TLS reports BDB_USES= bdb -BLACKLISTD_EXTRA_PATCHES= ${FILESDIR}/extra-patch-blacklistd CDB_LIB_DEPENDS= libcdb.so:databases/tinycdb EAI_LIB_DEPENDS= libicuuc.so:devel/icu LDAP_USES= ldap @@ -150,6 +149,14 @@ ALL_TARGET= default .include <bsd.port.options.mk> +.if ${PORT_OPTIONS:MBLOCKLISTD} +.if ${OPSYS} == FreeBSD && ${OSVERSION} < 1500000 +EXTRA_PATCHES= ${FILESDIR}/extra-patch-blacklistd +.else +EXTRA_PATCHES= ${FILESDIR}/extra-patch-blocklistd +.endif +.endif + HTML1= body_checks.5.html bounce.5.html postfix-power.png \ scache.8.html tlsmgr.8.html @@ -291,11 +298,15 @@ POSTFIX_CCARGS+= -I${BDB_INCLUDE_DIR} POSTFIX_AUXLIBS+= -L${BDB_LIB_DIR} -l${BDB_LIB_NAME} .endif -.if ${PORT_OPTIONS:MBLACKLISTD} +.if ${PORT_OPTIONS:MBLOCKLISTD} . if ${OPSYS} == FreeBSD +. if ${OSVERSION} < 1500000 POSTFIX_AUXLIBS+= -lblacklist +. else +POSTFIX_AUXLIBS+= -lblocklist +. endif . else -IGNORE= blacklistd is only supported on FreeBSD +IGNORE= blocklistd is only supported on FreeBSD . endif .endif diff --git a/mail/postfix/files/extra-patch-blocklistd b/mail/postfix/files/extra-patch-blocklistd new file mode 100644 index 000000000000..1f4646ec5841 --- /dev/null +++ b/mail/postfix/files/extra-patch-blocklistd @@ -0,0 +1,163 @@ +--- src/postscreen/Makefile.in.orig 2024-03-09 21:34:49 UTC ++++ src/postscreen/Makefile.in +@@ -3,13 +3,13 @@ SRCS = postscreen.c postscreen_dict.c postscreen_dnsbl + postscreen_early.c postscreen_smtpd.c postscreen_misc.c \ + postscreen_state.c postscreen_tests.c postscreen_send.c \ + postscreen_starttls.c postscreen_expand.c postscreen_endpt.c \ +- postscreen_haproxy.c ++ postscreen_haproxy.c pfilter.c + OBJS = postscreen.o postscreen_dict.o postscreen_dnsbl.o \ + postscreen_early.o postscreen_smtpd.o postscreen_misc.o \ + postscreen_state.o postscreen_tests.o postscreen_send.o \ + postscreen_starttls.o postscreen_expand.o postscreen_endpt.o \ +- postscreen_haproxy.o +-HDRS = ++ postscreen_haproxy.o pfilter.o ++HDRS = pfilter.h + TESTSRC = + DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE) + CFLAGS = $(DEBUG) $(OPT) $(DEFS) +--- src/postscreen/pfilter.c.orig 2025-07-11 20:30:00 UTC ++++ src/postscreen/pfilter.c +@@ -0,0 +1,19 @@ ++#include "pfilter.h" ++#include <stdio.h> /* for NULL */ ++#include <blocklist.h> ++ ++static struct blocklist *blstate; ++ ++void ++pfilter_notify(int a, int fd) ++{ ++ if (blstate == NULL) ++ blstate = blocklist_open(); ++ if (blstate == NULL) ++ return; ++ (void)blocklist_r(blstate, a, fd, "postscreen"); ++ if (a == 0) { ++ blocklist_close(blstate); ++ blstate = NULL; ++ } ++} +--- src/postscreen/pfilter.h.orig 2025-07-11 20:30:00 UTC ++++ src/postscreen/pfilter.h +@@ -0,0 +1 @@ ++void pfilter_notify(int, int); +--- src/postscreen/postscreen_early.c.orig 2021-02-18 18:55:31 UTC ++++ src/postscreen/postscreen_early.c +@@ -52,6 +52,7 @@ + /* Application-specific. */ + + #include <postscreen.h> ++#include "pfilter.h" /* for blocklistd(8) */ + + static char *psc_teaser_greeting; + static VSTRING *psc_escape_buf; +@@ -183,6 +184,10 @@ static void psc_early_event(int event, void *context) + msg_info("DNSBL rank %d for [%s]:%s", + state->dnsbl_score, PSC_CLIENT_ADDR_PORT(state)); + PSC_FAIL_SESSION_STATE(state, PSC_STATE_FLAG_DNSBL_FAIL); ++ ++ /* notify blocklistd of DNSBL rank violation */ ++ pfilter_notify(1, vstream_fileno(state->smtp_client_stream)); ++ + switch (psc_dnsbl_action) { + case PSC_ACT_DROP: + state->dnsbl_reply = vstring_sprintf(vstring_alloc(100), +--- src/smtpd/Makefile.in.orig 2025-01-09 22:06:10 UTC ++++ src/smtpd/Makefile.in +@@ -2,14 +2,14 @@ SRCS = smtpd.c smtpd_token.c smtpd_check.c smtpd_chat. + SRCS = smtpd.c smtpd_token.c smtpd_check.c smtpd_chat.c smtpd_state.c \ + smtpd_peer.c smtpd_sasl_proto.c smtpd_sasl_glue.c smtpd_proxy.c \ + smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c smtpd_resolve.c \ +- smtpd_expand.c smtpd_haproxy.c ++ smtpd_expand.c smtpd_haproxy.c pfilter.c + OBJS = smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o \ + smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o \ + smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o \ +- smtpd_expand.o smtpd_haproxy.o ++ smtpd_expand.o smtpd_haproxy.o pfilter.o + HDRS = smtpd_token.h smtpd_check.h smtpd_chat.h smtpd_sasl_proto.h \ + smtpd_sasl_glue.h smtpd_proxy.h smtpd_dsn_fix.h smtpd_milter.h \ +- smtpd_resolve.h smtpd_expand.h ++ smtpd_resolve.h smtpd_expand.h pfilter.h + TESTSRC = smtpd_token_test.c + DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE) + CFLAGS = $(DEBUG) $(OPT) $(DEFS) +--- src/smtpd/pfilter.c.orig 2025-07-11 20:30:00 UTC ++++ src/smtpd/pfilter.c +@@ -0,0 +1,19 @@ ++#include "pfilter.h" ++#include <stdio.h> /* for NULL */ ++#include <blocklist.h> ++ ++static struct blocklist *blstate; ++ ++void ++pfilter_notify(int a, int fd) ++{ ++ if (blstate == NULL) ++ blstate = blocklist_open(); ++ if (blstate == NULL) ++ return; ++ (void)blocklist_r(blstate, a, fd, "smtpd"); ++ if (a == 0) { ++ blocklist_close(blstate); ++ blstate = NULL; ++ } ++} +--- src/smtpd/pfilter.h.orig 2025-07-11 20:30:00 UTC ++++ src/smtpd/pfilter.h +@@ -0,0 +1 @@ ++void pfilter_notify(int, int); +--- src/smtpd/smtpd_check.c.orig 2025-07-11 20:34:19 UTC ++++ src/smtpd/smtpd_check.c +@@ -1767,6 +1767,7 @@ static int reject_unauth_destination(SMTPD_STATE *stat + /* + * Reject relaying to sites that are not listed in relay_domains. + */ ++ pfilter_notify(1, vstream_fileno(state->client)); + return (smtpd_check_reject(state, MAIL_ERROR_POLICY, + reply_code, reply_dsn, + "<%s>: Relay access denied", +--- src/smtpd/smtpd_milter.c.orig 2025-07-11 20:33:21 UTC ++++ src/smtpd/smtpd_milter.c +@@ -193,6 +193,7 @@ const char *smtpd_milter_eval(const char *name, void * + return (""); + if (state->milter_reject_text) { + /* 554 5.7.1 <user@example.com>: Relay access denied */ ++ pfilter_notify(1, vstream_fileno(state->client)); + vstring_strcpy(state->expand_buf, state->milter_reject_text + 4); + cp = split_at(STR(state->expand_buf), ' '); + return (cp ? split_at(cp, ' ') : cp); +@@ -210,6 +211,7 @@ const char *smtpd_milter_eval(const char *name, void * + return (0); + if (state->milter_reject_text) { + /* 554 5.7.1 <user@example.com>: Relay access denied */ ++ pfilter_notify(1, vstream_fileno(state->client)); + vstring_strcpy(state->expand_buf, state->milter_reject_text + 4); + (void) split_at(STR(state->expand_buf), ' '); + return (STR(state->expand_buf)); +--- src/smtpd/smtpd_sasl_glue.c.orig 2023-11-12 21:41:13 UTC ++++ src/smtpd/smtpd_sasl_glue.c +@@ -153,6 +153,7 @@ + #include "smtpd.h" + #include "smtpd_sasl_glue.h" + #include "smtpd_chat.h" ++#include "pfilter.h" /* for blocklistd(8) */ + + #ifdef USE_SASL_AUTH + +@@ -358,8 +359,12 @@ int smtpd_sasl_authenticate(SMTPD_STATE *state, + else + smtpd_chat_reply(state, "535 5.7.8 Error: authentication failed: %s", + reason); ++ ++ /* notify blocklistd of SASL authentication failure */ ++ pfilter_notify(1, vstream_fileno(state->client)); + return (-1); + } ++ + /* RFC 4954 Section 6. */ + smtpd_chat_reply(state, "235 2.7.0 Authentication successful"); + if ((sasl_username = xsasl_server_get_username(state->sasl_server)) == 0)home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69d7a1b5.345f9.c46394c>