| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
slower machines, as suggested by Andreas Hallmann in PR33654.
Update pkg to exim-4.54nb3
|
|
syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.
|
|
pkg has been changed to 5.x). Reminded by wiz... thanks.
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
directory.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
|
|
Exim version 4.54
-----------------
PH/01 The ${base62: operator adjusted itself to base 36 when BASE_62 was
set to 36 (for Darwin and Cygwin), but the ${base62d: operator did not.
It now does.
PH/02 Two minor problems detected in Cygwin: the os.{c,h} files had lost */ on
the CVS lines, and there was a missing #if HAVE_IPV6 in host.c.
PH/03 Typo: missing ".o" in src/pcre/Makefile.
PH/04 Tighten up "personal" tests: Instead of testing for any "List-"
header line, restrict the check to what is listed in RFCs 2369 and 2929.
Also, for "Auto-Submitted", treat anything other than "no" as
non-personal, in accordance with RFC 3834. (Previously it treated
anything starting "auto-" as non-personal.)
TF/01 The control=submission/name=... option had a problem with syntax
errors if the name included a slash character. The /name= option
now slurps the rest of the string, so it can include any characters
but it must come last in the list of options (after /sender_retain
or /domain=).
PH/05 Some modifications to the interface to the fake nameserver for the new
testing suite.
Exim version 4.53
-----------------
TK/01 Added the "success_on_redirect" address verification option. See
NewStuff for rationale and an example.
PH/01 Added support for SQLite, basic code supplied by David Woodhouse.
PH/02 Patch to exigrep to allow it to work on syslog lines.
PH/03 When creating an mbox file for a virus/spam scan, use fseek() instead of
fread() to skip over the body file's header line, because in Cygwin the
header line is locked and is inaccessible.
PH/04 Added $message_exim_id, ultimately to replace $message_id (they will both
co-exist for some time) to make it clear that it is the Exim ID that is
referenced, not the Message-ID: header line.
PH/05 Replaced all Tom's calls to snprintf() with calls to the internal
string_format() function, because snprintf() does not exist on all
operating systems.
PH/06 The use of forbid_filter_existstest now also locks out the use of the
${stat: expansion item.
PH/07 Changed "SMTP protocol violation: synchronization error" into "SMTP
protocol synchronization error", to keep the pedants happy.
PH/08 Arrange for USE_INET_NTOA_FIX to be set in config.h for AIX systems as
well as for IRIX systems, when gcc is being used. See the host.c source
file for comments.
PH/09 Installed latest Cygwin configuration files from the Cygwin maintainer.
PH/10 Named domain lists were not working if used in a queue_smtp_domains
setting.
PH/11 Added support for the IGNOREQUOTA extension to LMTP, both to the lmtp
transport and to the smtp transport in LMTP mode.
TK/02 Remove one case of BASE64 error detection FTTB (undocumented anyway).
PH/12 There was a missing call to search_tidyup() before the fork() in rda.c to
run a filter in a subprocess. This could lead to confusion in subsequent
lookups in the parent process. There should also be a search_tidyup() at
the end of the subprocess.
PH/13 Previously, if "verify = helo" was set in an ACL, the condition was true
only if the host matched helo_try_verify_hosts, which caused the
verification to occur when the EHLO/HELO command was issued. The ACL just
tested the remembered result. Now, if a previous verification attempt has
not happened, "verify = helo" does it there and then.
JJ/01 exipick: added $message_exim_id variable (see 4.53-PH/04)
TK/03 Fix log output including CR from clamd.
PH/14 A reference to $reply_address when Reply-to: was empty and From: did not
exist provoked a memory error which could cause a segfault.
PH/15 Installed PCRE 6.2
PH/17 Defined BIND_8_COMPAT in the Darwin os.h file.
PH/18 Reversed 4.52/PH/17 because the HP-UX user found it wasn't the cause
of the problem. Specifically, suggested +O2 rather than +O1 for the
HP-UX compiler.
PH/19 Added sqlite_lock_timeout option (David Woodhouse's patch).
PH/20 If a delivery was routed to a non-standard port by means of an SRV
record, the port was not correctly logged when the outgoing_port log
selector was set (it logged the transort's default port).
PH/21 Added support for host-specific ports to manualroute, queryprogram,
fallback_hosts, and "hosts" in the smtp transport.
PH/22 If the log selector "outgoing_port" is set, the port is now also given on
host errors such as "Connection refused".
PH/23 Applied a patch to fix problems with exim-4.52 while doing radius
authentication with radiusclient 0.4.9:
- Error returned from rc_read_config was caught wrongly
- Username/password not passed on to radius server due to wrong length.
The presumption is that some radiusclient API changes for 4.51/PH/17
were not taken care of correctly. The code is still untested by me (my
Linux distribution still has 0.3.2 of radiusclient), but it was
contributed by a Radius user.
PH/24 When doing a callout, the value of $domain wasn't set correctly when
expanding the "port" option of the smtp transport.
TK/04 MIME ACL: Fix buffer underrun that occurs when EOF condition is met
while reading a MIME header. Thanks to Tom Hughes for a patch.
PH/24 Include config.h inside local_scan.h so that configuration settings are
available.
PH/25 Make $smtp_command_argument available after all SMTP commands. This means
that in an ACL for RCPT (for example), you can examine exactly what was
received.
PH/26 Exim was recognizing IPv6 addresses of the form [IPv6:....] in EHLO
commands, but it was not correctly comparing the address with the actual
client host address. Thus, it would show the EHLO address in Received:
header lines when this was not necessary.
PH/27 Added the % operator to ${eval:}.
PH/28 Exim tries to create and chdir to its spool directory when it starts;
it should be ignoring failures (because with -C, for example, it has lost
privilege). It wasn't ignoring creation failures other than "already
exists".
PH/29 Added "crypteq" to the list of supported features that Exim outputs when
-bV or -d is used.
PH/30 Fixed (presumably very longstanding) bug in exim_dbmbuild: if it failed
because an input line was too long, either on its own, or by virtue of
too many continuations, the temporary file was not being removed, and the
return code was incorrect.
PH/31 Missing "BOOL" in function definition in filtertest.c.
PH/32 Applied Sieve patches from the maintainer.
TK/05 Domainkeys: Accomodate for a minor API change in libdomainkeys 0.67.
PH/33 Added "verify = not_blind".
PH/34 There are settings for CHOWN_COMMAND and MV_COMMAND that can be used in
Local/Makefile (with some defaults set). These are used in built scripts
such as exicyclog, but they have never been used in the exim_install
script (though there are many overriding facilities there). I have
arranged that the exim_install script now takes note of these two
settings.
PH/35 Installed configuration files for Dragonfly.
PH/36 When a locally submitted message by a trusted user did not contain a
From: header, and the sender address was obtained from -f or from an SMTP
MAIL command, and the trusted user did not use -F to supply a sender
name, $originator_name was incorrectly used when constructing a From:
header. Furthermore, $originator_name was used for submission mode
messages from external hosts without From: headers in a similar way,
which is clearly wrong.
PH/37 Added control=suppress_local_fixups.
PH/38 When log_selector = +received_sender was set, and the addition of the
sender made the log line's construction buffer exactly full, or one byte
less than full, an overflow happened when the terminating "\n" was
subsequently added.
PH/39 Added a new log selector, "unknown_in_list", which provokes a log entry
when the result of a list match is failure because a DNS lookup failed.
PH/40 RM_COMMAND is now used in the building process.
PH/41 Added a "distclean" target to the top-level Makefile; it deletes all
the "build-* directories that it finds.
PH/42 (But a TF fix): In a domain list, Exim incorrectly matched @[] if the IP
address in a domain literal was a prefix of an interface address.
PH/43 (Again a TF fix): In the dnslookup router, do not apply widen_domains
when verifying a sender address, unless rewrite_headers is false.
PH/44 Wrote a long comment about why errors_to addresses are verified as
recipients, not senders.
TF/01 Add missing LIBS=-lm to OS/Makefile-OpenBSD which was overlooked when
the ratelimit ACL was added.
PH/45 Added $smtp_command for the full command (cf $smtp_command_argument).
PH/46 Added extra information about PostgreSQL errors to the error string.
PH/47 Added an interface to a fake DNS resolver for use by the new test suite,
avoiding the need to install special zones in a real server. This is
backwards compatible; if it can't find the fake resolver, it drops back.
Thus, both old and new test suites can be run.
TF/02 Added util/ratelimit.pl
TF/03 Minor fix to the ratelimit code to improve its behaviour in case the
clock is set back in time.
TF/04 Fix the ratelimit support in exim_fixdb. Patch provided by Brian
Candler <B.Candler@pobox.com>.
TF/05 The fix for PH/43 was not completely correct; widen_domains is always
OK for addresses that are the result of redirections.
PH/48 A number of further additions for the benefit of the new test suite,
including a fake gethostbyname() that interfaces to the fake DNS resolver
(see PH/47 above).
TF/06 The fix for widen_domains has also been applied to qualify_single and
search_parents which are the other dnslookup options that can cause
header rewrites.
PH/49 Michael Haardt's randomized retrying, but as a separate retry parameter
type ("H").
PH/50 Make never_users, trusted_users, admin_groups, trusted_groups expandable.
TF/07 Exim produced the error message "an SRV record indicated no SMTP
service" if it encountered an MX record with an empty target hostname.
The message is now "an MX or SRV record indicated no SMTP service".
TF/08 Change PH/13 introduced the possibility that verify=helo may defer,
if the DNS of the sending site is misconfigured. This is quite a
common situation. This change restores the behaviour of treating a
helo verification defer as a failure.
PH/51 If self=fail was set on a router, the bounce message did not include the
actual error message.
|
|
fix PLIST
|
|
Fix PLIST for eximon option - from Sven Hartge
|
|
- Add rmail, rsmtp, & runq as exim mailer.conf aliases (from Sergey Svishchev)
- Add lookup options for openldap, mysql, eximon and dnsdb (from Sven Hartge
in PR pkg/27242)
- Change 'exim' specific options to be prefixed with exim- (suggsted by
Dieter Baron)
|
|
- Fix NetBSD statvfs check for NetBSD 2.1
- Move options into options.mk,
- breakout lookup_dsearch (default on)
- add saslauthd (Requested by Peter Avalos)
|
|
I only tested a little (installed and ran daemon and manually
sent one email via SMTP).
I emailed exim developer list to submit support also.
(PKGREVISION was bumped a couple minutes ago, so use it.)
|
|
Use VARBASE instead of hard-coded /var
Set INST_CHOWN for the installer script.
Bump PKGREVISION.
|
|
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
|
|
find the BerkeleyDB library.
|
|
summary of changes since 4.51 (general bug fixes and portability
fixes ommitted for brevity, see the ChangeLog for details):
Exim version 4.52
-----------------
TF/01 Added support for Client SMTP Authorization. See NewStuff for details.
PH/02 Reduce the amount of output that "make" produces by default. Full output
can still be requested.
PH/04 Installed a modified version of Tony Finch's patch to make submission
mode fix the return path as well as the Sender: header line, and to
add a /name= option so that you can make the user's friendly name appear
in the header line.
TF/03 Added the control = fakedefer ACL modifier.
TF/04 Added the ratelimit ACL condition. See NewStuff for details. Thanks to
Mark Lowes for thorough testing.
TK/02 Rewrote SPF support to work with libspf2 versions >1.2.0.
TK/03 Merged latest SRS patch from Miles Wilton.
TK/04 Added simple SPF lookup method in EXPERIMENTAL_SPF. See NewStuff for
details. Thanks to Chris Webb <chris@arachsys.com> for the patch!
PH/07 Added "fullpostmaster" verify option, which does a check to <postmaster>
without a domain if the check to <postmaster@domain> fails.
SC/01 Eximstats: added -xls and the ability to specify output files
(patch written by Frank Heydlauf).
SC/02 Eximstats: use FileHandles for outputing results.
SC/03 Eximstats: allow any combination of xls, txt, and html output.
SC/06 Eximstats: added the -include_original_destination flag
TK/06 MBOX spool code: Add real "From " MBOX separator line
so the .eml file is really in mbox format (even though
most programs do not really care). Patch from Alex Miller.
TK/07 MBOX spool code: Add X-Envelope-From: and X-Envelope-To: headers.
The latter is generated from $received_to and is only set if the
message has one envelope recipient. SA can use these headers,
obviously out-of-the-box. Patch from Alex Miller.
PH/11 Upgraded appendfile so that quotas larger than 2G are now supported.
This involved changing a lot of size variables from int to off_t. It
should work with maildirs and everything.
PH/12 Applied Alex Kiernan's patch for the API change for the error callback
function for BDB 4.3.
PH/13 Changed auto_thaw such that it does not apply to bounce messages.
PH/14 Imported PCRE 6.0; this was more than just a trivial operation because
the sources for PCRE have been re-arranged and more files are now
involved.
PH/16 Applied Matthew Newton's patch to exicyclog: "If log_file_path is set in
the configuration file to be ":syslog", then the script "guesses" where
the logs files are, rather than using the compiled in default. In our
case the guess is not the same as the compiled default, so the script
suddenly stopped working when I started to use syslog. The patch checks
to see if log_file_path is "". If so, it attempts to read it from exim
with no configuration file to get the compiled in version, before it
falls back to the previous guessing code."
TK/09 Added "prvs" and "prvscheck" expansion items. These help a lot with
implementing BATV in an Exim configuration. See NewStuff for the gory
details.
PH/18 If the "use_postmaster" option was set for a recipient callout together
with the "random" option, the postmaster address was used as the MAIL
FROM address for the random test, but not for the subsequent recipient
test. It is now used for both.
PH/19 Applied Michael Haardt's patch to update Sieve to RFC3028bis. "The
patch removes a few documentation additions to RFC 3028, because the
latest draft now contains them. It adds the new en;ascii-case comparator
and a new error check for 8bit text in MIME parts. Comparator and
require names are now matched exactly. I enabled the subaddress
extension, but it is not well tested yet (read: it works for me)."
PH/23 Added daemon_startup_retries and daemon_startup_sleep.
PH/24 Added ${if match_ip condition.
PH/28 Changed -d+all to exclude +memory, because that information is very
rarely of interest, but it makes the output a lot bigger. People tend to
do -d+all out of habit.
PH/30 Exim's DNS code uses the original T_xxx names for DNS record times. These
aren't the modern standard, and it seems that some systems' include files
don't always have them. Exim was already checking for some of the newer
ones like T_AAAA, and defining it itself. I've added checks for all the
record types that Exim uses.
TK/11 Domainkeys: Change the logic how the "testing" policy flag is retrieved
from DNS. If the selector record carries the flag, it now has
precedence over the domain-wide flag.
SC/09 Eximstats: added the -show_rt<list> and the -show_dt<list> flags
as requested by Marc Sherman.
SC/10 Eximstats: added histograms for user specified patterns as requested
by Marc Sherman.
|
|
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
|
|
and others.
|
|
The main change is the incorporation of the content scanning from
the exiscan patch. (There are over 650 lines of Changes)
Retire exim-exiscan
Update exim-html from 4.40 to 4.50
|
|
- The exim user does not need a fixed uid defined at build time
Noted by Masao Uebayashi some long time ago
|
|
|
|
PR pkg/28606. bump PKGREVISION.
while here, silence the pre-configure and post-build targets.
|
|
Changes in Exim version 4.44
1. Change 4.43/35 introduced a bug that caused file counts to be
incorrectly computed when quota_filecount was set in an appendfile
transport
2. Closing a stable door: arrange to panic-die if setitimer() ever fails. The
bug fixed in 4.43/37 would have been diagnosed quickly if this had been in
place.
3. Give more explanation in the error message when the command for a transport
filter fails to execute.
4. There are several places where Exim runs a non-Exim command in a
subprocess. The SIGUSR1 signal should be disabled for these processes. This
was being done only for the command run by the queryprogram router. It is
now done for all such subprocesses. The other cases are: ${run, transport
filters, and the commands run by the lmtp and pipe transports.
5. Some older OS have a limit of 256 on the maximum number of file
descriptors. Exim was using setrlimit() to set 1000 as a large value
unlikely to be exceeded. Change 4.43/17 caused a lot of logging on these
systems. I've change it so that if it can't get 1000, it tries for 256.
6. "control=submission" was allowed, but had no effect, in a DATA ACL. This
was an oversight, and furthermore, ever since the addition of extra
controls (e.g. 4.43/32), the checks on when to allow different forms of
"control" were broken. There should now be diagnostics for all cases when a
control that does not make sense is encountered.
7. $recipients is now available in the predata ACL (oversight).
8. Tidy the search cache before the fork to do a delivery from a message
received from the command line. Otherwise the child will trigger a lookup
failure and thereby defer the delivery if it tries to use (for example) a
cached ldap connection that the parent has called unbind on.
9. If verify=recipient was followed by verify=sender in a RCPT ACL, the value
of $address_data from the recipient verification was clobbered by the
sender verification.
10. If FIXED_NEVER_USERS was defined, but empty, Exim was assuming the uid 0
was its contents. (It was OK if the option was not defined at all.)
11. A "Completed" log line is now written for messages that are removed from
the spool by the -Mrm option.
12. $host_address is now set to the target address during the checking of
ignore_target_hosts.
13. When checking ignore_target_hosts for an ipliteral router, no host name was
being passed; this would have caused $sender_host_name to have been used if
matching the list had actually called for a host name (not very likely,
since this list is usually IP addresses). A host name is now passed as
"[x.x.x.x]".
14. Changed the calls that set up the SIGCHLD handler in the daemon to use the
code that specifies a non-restarting handler (typically sigaction() in
modern systems) in an attempt to fix a rare and obscure crash bug.
15. Narrowed the window for a race in the daemon that could cause it to ignore
SIGCHLD signals. This is not a major problem, because they are used only to
wake it up if nothing else does.
16. A malformed maildirsize file could cause Exim to calculate negative values
for the mailbox size or file count. Odd effects could occur as a result.
The maildirsize information is now recalculated if the size or filecount
end up negative.
17. Added HAVE_SYS_STATVFS_H to the os.h file for Linux, as it has had this
support for a long time. Removed HAVE_SYS_VFS_H.
18. Updated exipick to current release from John Jetmore.
19. Allow an empty sender to be matched against a lookup in an address list.
Previously the only cases considered were a regular expression, or an
empty pattern.
20. Exim went into a mad DNS lookup loop when doing a callout where the
host was specified on the transport, if the DNS lookup yielded more than
one IP address.
21. The RFC2047 encoding function was originally intended for short strings
such as real names; it was not keeping to the 75-character limit for
encoded words that the RFC imposes. It now respects the limit, and
generates multiple encoded words if necessary. To be on the safe side, I
have increased the buffer size for the ${rfc2047: expansion operator from
1024 to 2048 bytes.
22. Failure to deliver a bounce message always caused it to be frozen, even if
there was an errors_to setting on the router. The errors_to setting is now
respected.
23. If an IPv6 address is given for -bh or -bhc, it is now converted to the
canonical form (fully expanded) before being placed in
$sender_host_address.
24. Updated eximstats to version 1.33
25. Include certificate and key file names in error message when GnuTLS fails
to set them up, because the GnuTLS error message doesn't include the name
of the failing file when there is a problem reading it.
26. Expand error message when OpenSSL has problems setting up cert/key files.
As per change 25.
27. Reset the locale to "C" after calling embedded Perl, in case it was changed
(this can affect the format of dates).
28. exim_tidydb, when checking for the continued existence of a message for
which it has found a message-specific retry record, was not finding
messages that were in split spool directories. Consequently, it was
deleting retry records that should have stayed in existence.
29. eximstats updated to version 1.35
1.34 - allow eximstats to parse syslog lines as well as mainlog lines
1.35 - bugfix such that pie charts by volume are generated correctly
30. The SPA authentication driver was not abandoning authentication and moving
on to the next authenticator when an expansion was forced to fail,
contradicting the general specification for all authenticators. Instead it
was generating a temporary error. It now behaves as specified.
31. The default ordering of permitted cipher suites for GnuTLS was pessimal
(the order specifies the preference for clients). The order is now AES256,
AES128, 3DES, ARCFOUR128.
31. Small patch to Sieve code - explicitly set From: when generating an
autoreply.
32. Exim crashed if a remote delivery caused a very long error message to be
recorded - for instance if somebody sent an entire SpamAssassin report back
as a large number of 550 error lines. This bug was coincidentally fixed by
increasing the size of one of Exim's internal buffers (big_buffer) that
happened as part of the Exiscan merge. However, to be on the safe side, I
have made the code more robust (and fixed the comments that describe what
is going on).
33. Some experimental protocols are using DNS PTR records for new purposes. The
keys for these records are domain names, not reversed IP addresses. The
dnsdb PTR lookup now tests whether its key is an IP address. If not, it
leaves it alone. Component reversal etc. now happens only for IP addresses.
CAN-2005-0021
34. The host_aton() function is supposed to be passed a string that is known
to be a valid IP address. However, in the case of IPv6 addresses, it was
not checking this. This is a hostage to fortune. Exim now panics and dies
if the condition is not met. A case was found where this could be provoked
from a dnsdb PTR lookup with an IPv6 address that had more than 8
components; fortuitously, this particular loophole had already been fixed
by change 4.50/55 or 4.44/33 above.
If there are any other similar loopholes, the new check in host_aton()
itself should stop them being exploited. The report I received stated that
data on the command line could provoke the exploit when Exim was running as
exim, but did not say which command line option was involved. All I could
find was the use of -be with a bad dnsdb PTR lookup, and in that case it is
running as the user.
CAN-2005-0021
35. There was a buffer overflow vulnerability in the SPA authentication code
(which came originally from the Samba project). I have added a test to the
spa_base64_to_bits() function which I hope fixes it.
CAN-2005-0022
36. The daemon start-up calls getloadavg() while still root for those OS that
need the first call to be done as root, but it missed one case: when
deliver_queue_load_max is set with deliver_drop_privilege. This is
necessary for the benefit of the queue runner, because there is no re-exec
when deliver_drop_privilege is set.
37. Caching of lookup data for "hosts =" ACL conditions, when a named host list
was in use, was not putting the data itself into the right store pool;
consequently, it could be overwritten for a subsequent message in the same
SMTP connection. (Fix 4.40/11 dealt with the non-cache case, but overlooked
the caching.)
38. Sometimes the final signoff response after QUIT could fail to get
transmitted in the non-TLS case. Testing !tls_active instead of tls_active
< 0 before doing a fflush(). This bug looks as though it goes back to the
introduction of TLS in release 3.20, but "sometimes" must have been rare
because the tests only now provoked it.
|
|
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
|
|
package-specific Makefile (as mentioned on tech-pkg).
|
|
Exim changes in 4.34
1. Very minor rewording of debugging text in manualroute to say "list of
hosts" instead of "hostlist".
2. If verify=header_syntax was set, and a header line with an unqualified
address (no domain) and a large number of spaces between the end of the
name and the colon was received, the reception process suffered a buffer
overflow, and (when I tested it) crashed. This was caused by some obsolete
code that should have been removed. The fix is to remove it!
3. When running in the test harness, delay a bit after writing a bounce
message to get a bit more predictability in the log output.
4. Added a call to search_tidyup() just before forking a reception process. In
theory, someone could use a lookup in the expansion of smtp_accept_max_
per_host which, without the tidyup, could leave open a database connection.
5. Added the variables $recipient_data and $sender_data which get set from a
lookup success in an ACL "recipients" or "senders" condition, or a router
"senders" option, similar to $domain_data and $local_part_data.
6. Moved the writing of debug_print from before to after the "senders" test
for routers.
7. Change 4.31/66 (moving the time when the Received: is generated) caused
problems for message scanning, either using a data ACL, or using
local_scan() because the Received: header was not generated till after they
were called (in order to set the time as the time of reception completion).
I have revised the way this works. The header is now generated after the
body is received, but before the ACL or local_scan() are called. After they
are run, the timestamp in the header is updated.
Exim-exiscan version 4.34
22 - added SPF support via libspf_alt. Please read the
docs.
21 - Fix missing fclose() in regex.c. This was causing
scan directories not to be deleted on NFS spools.
- Remove "shutdown socket for writing" from clamd malware
code. It seems to cause problems with the latest
clamd 0.70 release.
- Fix allow tables in acl.c to disallow exiscan conditions
in the RCPT ACL.
- adapted patch to exim 4.34
|
|
This modifies Makefile.common to add "-Wl,${RPATH_FLAG}" to the location
of the chosen library (DB implementation). For example:
-Wl,${RPATH_FLAG}${LOCALBASE}/${BUILDLINK_LIBDIRS.db2}
Also bump PKGREVISIONs for this.
|
|
use native (since it is the first BDB_ACCEPTED choice). So under
NetBSD this does not change anything.
It can be set to "gdbm" if desiring gdbm as the DB method used.
Else it will use the mk/bdb.buildlink3.mk method.
For example, to choose a specific Berkeley DB implementation
(like DB hash version 7), then do: "make BDB_DEFAULT=db3"
(when EXIM_DB is unset or not set to "gdbm").
Please note that if you change the method, exim may complain
about DB problems. This is okay. You can delete the db files
and regenerate. (exim provides some db management tools too.)
This fixes the problem where exim will not build when
the system's db is not available or correct.
This will close my old PR pkg/19277.
This was discussed with maintainer, David Brownlee.
|
|
I'll take over ownership of these
|
|
- Fix buffer overflows listed at http://www.guninski.com/exim1.html
Update exim to exim-4.33nb1 (from 4.22nb5)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33
- 1086 lines of changes - http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at runtime
Update exim-exiscan to 4.33_20nb1 (from 4.22-12)
- Fix buffer overflow listed at http://www.guninski.com/exim1.html
- Leave nb1 to indicate we have a local change from stock 4.33_20
- Same exim changes - http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
- Changes (http://duncanthrax.net/exiscan-acl/CHANGELOG) include
- added option to use multiple spamd servers
- many mime changes
- Added Brightmail Antispam support
- clamd fixes
Update exim-html to 4.30 (from 4.20)
- Update to latest docs
Delete exim-user
- No longer required - exim now looks up EXIM_{USER,GROUP} at runtime
|
|
any longer).
|
|
Buildlink files: RECOMMENDED version changed to current version.
|
|
- Avoid "set{u,g}id ... invoked ... with fd 1 closed" warnings
- Cleanup DLOPEN from Local/Makefile.pkgsrc
|
|
"-bd -q30m", so setting exim=YES in rc.conf works
|
|
|
|
Update exim-exiscan to 4.22-11nb1
Include exiqgrep in PLIST, and commit distinfo from previous exim-exiscan
change. Whole exim update was overly hurried due to security announcement.
|
|
|
|
Package changes include addition of Makefile.common (to be used by
Upcoming exim-exiscan-acl package), and exim.8
|
|
- Introduce EXIM_GROUP and EXIM_USER to tune the details of the group and
user used by the daemon.
- Honour PKG_SYSCONFDIR.
- Install sample files under the examples directory.
- Automatically install example files under sysconfdir using CONF_FILES.
This simplifies exim's set up from admin's point of view.
- Use RCD_SCRIPTS to handle the startup script.
As a result, bump PKGREVISION of exim and exim-user.
|
|
|
|
here.
|
|
Also set PKG_USERS so the package will note the userids for you when you
remove it.
|
|
|
|
|
|
with some additions by me. Those running exim are advised to update.
Highlights from ChangeLog
1. Added HAVE_SA_LEN=YES to the OS/Makefile-Darwin file.
3. The code for computing load averages was broken in 64-bit Solaris.
10. Tidies to code for calls to fork(); some failures not logged.
26. Fixed some problems with retrying address errors in remote deliveries.
Local changes (will make next release):
Undo the OS/Makefile-NetBSD split that made it into the main tree. This
causes all manner of breakage.
|
|
|
|
create a user semi-automatically instead); some command -> ${COMMAND}
changes, and replace USE_SSL by openssl buildlink.
|
|
exim 3 can be had from www.exim.org.
|
|
This update contains an important security fix for those using the pipe
transport directly from a director/router.
|
