[continued from previous message]

sasl_username ? sasl_username : "(unavailable)");
/* RFC 4954 Section 6. */
if (status == XSASL_AUTH_TEMP)
smtpd_chat_reply(state, "454 4.7.0 Temporary authentication failure: %s",
- STR(state->sasl_reply));
+ reason);
else
smtpd_chat_reply(state, "535 5.7.8 Error: authentication failed: %s",
- STR(state->sasl_reply));
+ reason);
return (-1);
}
/* RFC 4954 Section 6. */
diff -Nru postfix-3.5.24/src/tlsmgr/tlsmgr.c postfix-3.5.25/src/tlsmgr/tlsmgr.c --- postfix-3.5.24/src/tlsmgr/tlsmgr.c 2019-02-03 15:19:28.000000000 -0500
+++ postfix-3.5.25/src/tlsmgr/tlsmgr.c 2024-02-27 14:20:21.000000000 -0500
@@ -819,6 +819,23 @@
}

/*
+ * Workaround: some OS lies under load. It tells the Postfix event
+ * handler that a server socket is readable, then it tells peekfd() that
+ * the socket has unread data, and then it tells vstring_get_null() that
+ * there is none, causing Postfix to spam the log with warning messages.
+ * Close the stream to stop such nonsense; the client can reconnect if it + * still wants to talk to us.
+ *
+ * XXX Why is this problem not reported for the other five
+ * multi_server-based Postfix services?
+ */
+ else if (vstream_ferror(client_stream) || vstream_feof(client_stream)) {
+ multi_server_disconnect(client_stream);
+ return;
+ /* Note: client_stream is now a dangling pointer. */
+ }
+
+ /*
* Protocol error.
*/
else {
diff -Nru postfix-