| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.3.html]
This announcement concerns fixes for problems that were introduced
with Postfix 3.2. Older releases are unaffected.
Fixed in Postfix 3.2 and later:
* Extension propagation was broken with "recipient_delimiter = .".
This change reverts a change that was trying to be too clever.
* The postqueue command would abort with a panic message after it
experienced an output write error while listing the mail queue.
This change restores a write error check that was lost with the
Postfix 3.2 rewrite of the vbuf_print formatter.
* Restored sanity checks for dynamically-specified width and precision
in format strings (%*, %.*, and %*.*). These checks were lost with
the Postfix 3.2 rewrite of the vbuf_print formatter.
|
|
|
|
pkgsrc change: Add support for NetBSD 8.
This announcement (June 13, 2017) includes changes that were released
with an earlier update (June 10, 2017). The announcement was postponed
to avoid confusion due to repeated notification.
Fixed in all supported releases:
* Security: Berkeley DB versions 2 and later try to read settings
from a file DB_CONFIG in the current directory. This undocumented
feature may introduce undisclosed vulnerabilities resulting in
privilege escalation with Postfix set-gid programs (postdrop,
postqueue) before they chdir to the Postfix queue directory,
and with the postmap and postalias commands depending on whether
the user's current directory is writable by other users. This
fix does not change Postfix behavior for Berkeley DB versions
< 3, but it does reduce postmap and postalias 'create' performance
with Berkeley DB versions 3.0 .. 4.6.
Fixed in Postfix 3.2 and later:
* The SMTP server receive_override_options were not restored at
the end of an SMTP session, after the options were modified by
an smtpd_milter_maps setting of "DISABLE". Milter support
remained disabled for the life time of the smtpd process.
* After the Postfix 3.2 address/domain table lookup overhaul, the
check_sender_access and check_recipient_access features ignored
a non-default parent_domain_matches_subdomains setting.
|
|
- Elliptic curve negotiation with OpenSSL >= 1.0.2. This changes the
default smtpd_tls_eecdh_grade setting to "auto", and introduces a
new parameter tls_eecdh_auto_curves with the names of curves that may
be negotiated.
- Stored-procedure support for MySQL databases.
- Cidr: table support for if/endif and negation (by prepending ! to a
pattern), just like regexp: and pcre: tables. See the cidr_table(5)
manpage for details.
- The postmap command and the inline: and texthash: maps now support
spaces in left-hand field of lookup table source text. Use double
quotes (") around a left-hand field that contains spaces, and use
backslash (\) to protect quotes in a left-hand field.
- Support for per-client Milter configuration (smtpd_milter_maps) that
overrides the main.cf smtpd_milters setting, and that has the same
syntax. A lookup result of "DISABLE" turns off Milter support for that
client.
- The local SMTP server IP address and port are available in the
policy delegation protocol (attribute names: server_address,
server_port), in the Milter protocol (macro names: {daemon_addr},
{daemon_port}), and in the XCLIENT protocol (attribute names:
DESTADDR, DESTPORT).
- For safety reasons, the Postfix sendmail -C option must specify an
authorized directory: the default configuration directory, a
directory that is listed in the default main.cf file with
alternate_config_directories or multi_instance_directories, otherwise
the command must be invoked with root privileges. This mitigates a
recurring "jail break" problem with the PHP mail() function.
- "PASS" and "STRIP" actions in header/body_checks. "STRIP" is similar
to "IGNORE" but also logs the action, and "PASS" disables header,
body, and Milter inspection for the remainder of the message content.
- The collate.pl script by Viktor Dukhovni for grouping Postfix
logfile records into "sessions" based on queue ID and process ID
information, in the auxiliary/collate directory of the Postfix source
tree.
Disabled or removed behavior:
- SMTPUTF8 support: Postfix 3.2 disables the 'transitional'
compatibility between the IDNA2003 and IDNA2008 standards for
internationalized domain names (domain names beyond the limits of
US-ASCII). This makes Postfix behavior consistent with contemporary
web browsers.
- Postfix 3.2 removes tentative features that were implemented before
the DANE spec was finalized: support for certificate usage
PKIX-EE(1), the ability to disable digest agility, and the ability to
disable support for "TLSA 2 [01] [12]" records that specify the digest
of a trust anchor.
|
|
Postfix stable release 3.1.4 is available, as well as legacy releases
3.0.8 and 2.11.9. There will be no further updates for Postfix 2.10.
Fixed with Postfix 3.1.4, 3.0.8, and 2.11.9:
* The postscreen daemon did not merge the client test status
information for concurrent sessions from the same IP address.
Thus, after one session recorded its successful tests in the
postscreen cache, a concurrent session from that same IP address
that passed fewer tests could later "wipe out" some of that
progress in the postscreen cache. The fix has proven itself for
five months in the development release, and should be safe to
use in the stable releases.
* The Postfix SMTP server falsely rejected a sender address when
validating a sender address with "smtpd_reject_unlisted_recipient
= yes" or with "reject_unlisted_sender". Cause: the address
validation code did not query sender_canonical_maps.
* The virtual delivery agent did not detect failure to skip to
the end of a mailbox file, so that mail would be delivered to
the beginning of the file. This could happen when a mailbox
file was already larger than the virtual mailbox size limit.
* The postsuper command logged an incorrect rename operation count
after creating a missing directory.
Fixed with Postfix 3.1.4 and 3.0.8:
* The Postfix SMTP server falsely rejected mail when a sender-dependent
"error" transport was configured. Cause: the SMTP server address
validation code was not updated when the
sender_dependent_default_transport_maps feature was introduced.
The fix has proven itself for six months in the development
release, and should be safe to use in the stable releases.
Unfortunately, Postfix 2.11 is too different to benefit from
the same fix.
* The Postfix SMTP server falsely rejected an SMTPUTF8 sender
address, when "smtpd_delay_reject = no".
Fixed with Postfix 3.1.4:
* The "postfix tls deploy-server-cert" command used the wrong
certificate and key file. This was caused by a cut-and-paste
error in the postfix-tls-script file.
|
|
|
|
and ldflags. should help PR pkg/51354: mail/postfix eai option does not
work because of test in makedef.
bump PKGREVISION
|
|
|
|
Fixed with Postfix 3.1.3 and 3.0.7:
* The Postfix SMTP server did not reset a previous session's
failed/total command counts before rejecting a client that
exceeds request or concurrency rates. This resulted in incorrect
failed/total command counts being logged at the end of the
rejected session.
* The unionmap multi-table interface did not propagate table
lookup errors, resulting in false "user unknown" responses.
* The documentation was updated with a workaround for false "not
found" errors with MySQL map queries that contain UTF8-encoded
text. The workaround is to specify "option_group = client" in
Postfix MySQL configuration files. This will be the default
setting with Postfix 3.2 and later.
|
|
3.1.0
The main changes in no particular order are:
* "postfix tls" command to simplify setup of opportunistic TLS,
and to simplify SMTP server key/certificate management.
* Positive and negative DNS reply TTL support in postscreen(8).
* SASL AUTH rate limit in the Postfix SMTP server.
* A safety limit on the number of address verify requests.
* JSON-format Postfix queue listing.
* Destination-independent delivery rate delay
For details, see the RELEASE_NOTES file.
3.1.1
Fixed in all supported releases:
* The Milter "replace sender" (SMFIR_CHGFROM) request lost an
address that was added with sender_bcc_maps, resulting in a
"rcpt count mismatch" warning. Reported by Joerg Backschues.
This defect was introduced with Postfix 2.6.
* The "bad filetype" example in the header_checks(5) manpage
falsely rejected Content- headers with ``name="example";
x-apple-part-url="example.com"''. Reported by Cedric Knight.
This defect was introduced with Postfix 2.6.
3.1.2
Fixed with Postfix 3.1.2:
* Changes to make Postfix build with OpenSSL 1.1.0.
Fixed with Postfix 3.1.2 and 3.0.6:
* The makedefs script ignored readme_directory=pathname overrides.
Fix by Todd C. Olson.
* The tls_session_ticket_cipher documentation says that the default
cipher for TLS session tickets is aes-256-cbc, but the implemented
default was aes-128-cbc. Note that TLS session ticket keys are
rotated after 1/2 hour, to limit the impact of attacks on session
ticket keys.
|
|
USE_DESTDIR.
|
|
Database and regexp map functionality is now split into separate packages:
- postfix-cdb
- postfix-ldap
- postfix-lmdb
- postfix-mysql
- postfix-pcre
- postfix-pgsql
- postfix-sqlite
Upstream changelog follows.
Postfix 3.0.2
-------------
No delta against 2.11.6.
Postfix 3.0.1
-------------
- Build error when compiling the Postfix SMTP server with SASL support
but no TLS support.
- The DNS "resource record to text" converter, used for xxx_dns_reply_filter
pattern matching, appended a '.' to TXT record resource values.
- The postscreen(8) manpage specified an incorrect Postfix version number
for the postscreen_dnsbl_timeout parameter.
- The postfix-install script expanded macros in parameter values when
trying to detect parameter overrides, causing unnecessary main.cf updates
during "postfix start" etc.
- Some low-level cleanup of UTF-8 string handling with no visible change
in behavior (besides better performance).
Postfix 3.0.0
-------------
- SMTPUTF8 support for internationalized domain names and address
localparts as defined in RFC 6530 and related documents.
- Support for Postfix dynamically-linked libraries and database plugins.
- An OPT-IN safety net for the selective adoption of new Postfix default
settings. If you do nothing, the old Postfix default settings *should*
remain in effect (complain to your downstream maintainer if that is not
the case).
- Support for operations on multiple lookup tables. The
pipemap:{map1,map2...} database type implements a pipeline of lookup
tables where the result from one lookup table becomes a query for
the next table; the unionmap:{map1,map2,...} database type sends the
|
