diff options
| author | taca <taca> | 2012-04-28 13:58:47 +0000 |
|---|---|---|
| committer | taca <taca> | 2012-04-28 13:58:47 +0000 |
| commit | ccda927e535299bc1646efb9d2ed257633b5fd61 (patch) | |
| tree | dd52227895dff886b5a71fe5ef1895eac89dd122 /mail | |
| parent | 5baff2c38096c7af2c56a7926ab7ed3439ce4be5 (diff) | |
| download | pkgsrc-ccda927e535299bc1646efb9d2ed257633b5fd61.tar.gz | |
Update postfix package to 2.8.10.
Major changes with Postfix 2.8.10
---------------------------------
This release adds support to turn off the TLSv1.1 and TLSv1.2
protocols. Introduced with OpenSSL version 1.0.1, these are known
to cause inter-operability problems with for example hotmail.
The radical workaround is to temporarily turn off problematic
protocols globally:
/etc/postfix/main.cf:
smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtpd_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
However, it may be better to temporarily turn off problematic
protocols for broken sites only:
/etc/postfix/main.cf:
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
/etc/postfix/tls_policy:
example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
Important:
- Note the use of ":" instead of comma or space. Also, note that
there is NO space around the "=" in "protocols=".
- The smtp_tls_policy_maps lookup key must match the "next-hop"
destination that is given to the Postfix SMTP client. If you
override the next-hop destination with transport_maps, relayhost,
sender_dependent_relayhost_maps, or otherwise, you need to specify
the same destination for the smtp_tls_policy_maps lookup key.
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/postfix/Makefile | 5 | ||||
| -rw-r--r-- | mail/postfix/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index 8937ca7d6df..dc14369d7d2 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.249 2012/04/27 12:31:53 obache Exp $ +# $NetBSD: Makefile,v 1.250 2012/04/28 13:58:47 taca Exp $ -DISTNAME= postfix-2.8.9 -PKGREVISION= 1 +DISTNAME= postfix-2.8.10 CATEGORIES= mail MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ MASTER_SITES+= http://postfix.it-austria.net/releases/official/ diff --git a/mail/postfix/distinfo b/mail/postfix/distinfo index be67b8101e4..ce3b02af173 100644 --- a/mail/postfix/distinfo +++ b/mail/postfix/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.142 2012/03/06 11:10:23 taca Exp $ +$NetBSD: distinfo,v 1.143 2012/04/28 13:58:47 taca Exp $ -SHA1 (postfix-2.8.9.tar.gz) = 2404d369e7ae90cdd9a0e4e185c4699a16c9fe81 -RMD160 (postfix-2.8.9.tar.gz) = db540c199ca66457e0ca65b1f95c9745249a1254 -Size (postfix-2.8.9.tar.gz) = 3648498 bytes +SHA1 (postfix-2.8.10.tar.gz) = 1a206b13e42e8581733046af8283a54ca0c30657 +RMD160 (postfix-2.8.10.tar.gz) = 5bbf698988ba491ba2ce3937918381be9fc2e3d7 +Size (postfix-2.8.10.tar.gz) = 3640084 bytes SHA1 (patch-aa) = 5b4923402c80957e47b8a4e16c897287b88544bb SHA1 (patch-ag) = 60d752b6c8db971d92ca0017c63329ad446209c5 SHA1 (patch-ai) = 8f81c48321ce0875bffe28fd94c0b3965d927560 |