| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
2007/05/01 (thomasb)
----------
- Updated German, Euskara, Hungarian, Romanian and Spanish translation
- Added Hindi and Kurdish localization
2007/04/28 (thomasb)
----------
- LDAP access is back in address book (closes #1484087)
- Added search function for contacts
- New Template parsing and output encoding
- Fixed bugs #1484119 and #1483978
2007/04/08 (thomasb)
----------
- Fixed message moving procedure (closes #1484308)
- Fixed display of multiple attachments (closes #1466563)
- Fixed check for new messages (closes #1484310)
- List attachments without filename
2007/03/27 (thomasb)
----------
- New session authentication: Change sessid cookie when login, authentication with sessauth cookie is now configurable.
Should close bugs #1483951 and #1484299
2007/03/23 (thomasb)
----------
- Correctly translate mailbox names (closes #1484276)
- Quote e-mail address links (closes #1484300)
2007/03/21 (thomasb)
----------
- Updated PEAR::Mail_mime package
- Added Persian localization
- Updated Catalan and Brazilian Portuguese translations
- Updated INSTALL manual with a note about database passwords
- Accept single quotes for HTML attributes when modifying message body (thanks Jason)
- Sanitize input for new users/identities (thanks Colin Alston)
2007/03/19 (thomasb)
----------
- Don't download HTML message parts
- Convert HTML parts to plaintext if 'prefer_html' is off
- Correctly parse message/rfc822 parts (closes #1484045)
- Code cleanup
2007/03/18 (thomasb)
----------
- Also use user_id for unique key in messages table (closes #1484074)
- Hide contacts drop down on blur (closes #1484203)
- Make entries in contacts drop down clickable
- Turn off browser autocompletion on login page
- Quote <? in text/html message parts
- Hide border around radio buttons
- Replaced old JS function calls.
2007/03/13 (thomasb)
----------
- Applied patch for attachment download by crichardson (closes #1484198)
- Fixed bug in Postgres DB handling (closes #1484068)
- Fixed bug of invalid calls to fetchRow() in rcube_db.inc (closes #1484280)
- Fixed array_merge bug (closes #1484281)
- Fixed flag for deletion in list view (closes #1484264)
- Finally support semicolons as recipient separator (closes ##1484251)
- Fixed message headers (subject) encoding
pkgsrc changes:
* Make iconv and mbstring dependencies PKG_OPTIONS ("iconv" and "multibyte")
* Write logs and tempfiles under ${VARBASE}, not ${PREFIX}
* Cosmetic and pkglint-appeasing tweaks
|
|
|
|
|
|
Shortly after the release of SquirrelMail 1.4.10, a regression in the compose
form was discovered. Unfortunately the limited disclosure of security patches
does not allow for public testing, so this regression went unnoticed. We're
sorry for the inconvenience.
|
|
This version, 1.4.10 is a maintenance release, addressing
the following problems since 1.4.9a:
- Some security fixes (see below)
- Small enhancements
- A collection of bugfixes and stability enhancements
(see ChangeLog for a full list)
Security issues
===============
This release addresses security issues found since the release of 1.4.9a:
There's an ongoing battle to further secure the HTML filter against malicious
HTML mail and the browsers that accept almost any malformed piece of HTML.
This release contains fixes for the following:
- HTML attachments containing "data:" URLs;
- Internet Explorer in various versions accepts many permutations of HTML
and JavaScript in many charsets. We now properly canonicalize the incoming
HTML to us-ascii before applying further filters. IE only.
- Request forgery through images. It was possible to include "images" in
HTML mails which were in fact GET requests for the compose.php page sending
mail. These images are now properly detected, and the compose form will only
send mail through a POST request.
Thanks to Mikhail Markin, Tomas Kuliavas and Michael Jordon for reporting
(parts of) these issues and working with us to get them resolved.
These are known as CVE-2007-1262. Further details on SquirrelMail
vulnerabilities can be found at the following address:
http://www.squirrelmail.org/security/
|
|
Moved portions of spamdyke's code from spamdyke.c into new .c and .h files to
make it a little easier to understand and maintain.
Added base64_encode() and base64_decode() to transfer data to/from base64
format.
Added md5() to produce an MD5 digest of a data block. Turns out this wasn't
necessary for spamdyke, only for test_smtpauth_crammd5. Oops.
Renamed the "make openbsd" command to "make bsd" since apparently all *BSD
distributions don't need -lresolv.
Renamed search_ip_file() to search_tcprules_file() and extended it to support
IP ranges, rDNS names and remote info like tcprules does (according to
http://cr.yp.to/ucspi-tcp/tcprules.html). This makes the IP black/
whitelist files much more flexible. This will be much handier in the next
version (AKA The Great Configuration Overhaul).
Modified middleman() and smtp_filter(), added exec_checkpassword() so spamdyke
can do SMTP AUTH, either by offering it itself or observing the qmail
traffic. LOGIN, PLAIN and CRAM-MD5 are supported.
Changed the STRLEN_ macros in spamdyke.h to use a single STRLEN() macro so the
preprocessor will count characters instead of doing it by hand. Much safer
this way.
Removed "-a"'s (max number of recipients per message) dependence on "-d"
(local domains file). With SMTP AUTH, the local access file and whitelists,
this shouldn't be necessary.
Added process_access() to process local access files (e.g. /etc/tcp.smtp) and
export environment variables based on the source of the incoming connection.
Added relay prevention based on the content of the local access file(s) and
the list(s) of local domains. Connections from remote sources that are
granted relay permission in the access file(s) are allowed to relay. Users
who authenticate with SMTP AUTH are allowed to relay. All others must send
to local addresses only.
Added a series of test scripts to exercise all of spamdyke's filters and
options. This should make it easier to regression test new versions.
Changed search_file() and search_tcprules_file() to compare domain names in a
case insensitive manner.
Changed canonicalize_path() to reduce all file paths to lowercase. This was
causing graylisting to be inconsistant. Reported by bcarr@purgatoire.org.
|
|
pkglintification
Remove bdb option (this has been removed from src)
Rename some options as they are (currently) DSPAM specific
Change MASTER_SITES
Fix permissions on installed files
Thanks to xtraeme@ for reviewing the changes
* jonz: removed depricated oracle driver
* jonz: fix for dynamic storage drivers api
* jonz: added connect check for pgsql
* jonz: fix for segfault on undefined DeliveryHost or ClientHost
* jonz: fix for segfault in vsyslog()
* jonz: fix for segfault in dlopen() failure
* jonz: added OSB tokenizer
* jonz: fix for segfault on log write err
* jonz: segfault fix for UIDInSignature
See the CHANGELOG for all the details:
http://dspam.nuclearelephant.com/text/CHANGELOG-3.8.0.txt
|
|
pick up the new dependencies properly
|
|
|
|
Google mail, into the Packages Collection.
The libgmail project is a pure Python binding to provide access to
Google's Gmail web-mail service.
The library allows the user to log into an account, retrieve a list of
threads, display information about them and display the source of the
individual messages.
In addition, the library allows the user to:
Archive Gmail messages to mbox format
Use your Gmail account as a SMTP server
Use your Gmail account as a POP server
Use your Gmail account as a FTP server!
|
|
|
|
Probably fixes failure in bulk builds.
|
|
|
|
Alpine is the replacement for the Pine email and news client.
Alpine is a screen-oriented message-handling tool. In its default
configuration, Alpine offers an intentionally limited set of
functions geared toward the novice user, but it also has a large
list of optional "power-user" and personal-preference features.
This package currently only installs the alpine binary, excluding
the pilot and pico binaries which would cause it to conflict with
the pine package.
|
|
2007-04-25 Jeffrey Stedfast
* README: Bumped version
* configure.in: Bumped version to 2.2.8
* tests/test-pgp.c: Test exporting of keys.
* gmime/gmime-utils.c (rfc2047_decode_word): Fixed compile
warnings.
* gmime/gmime-stream-file.c (stream_reset): Removed an unused
variable.
* gmime/gmime-charset.c (g_mime_charset_can_encode):
s/if (mask->level = 1)/if (mask->level == 1)/
2007-04-23 Jeffrey Stedfast
* README: Bumped version
* configure.in: Bumped version to 2.2.7
2007-04-14 Jeffrey Stedfast
* gmime/*.c (g_mime_*_get_type): Set n_preallocs to 0.
2007-04-12 Jeffrey Stedfast
* gmime/*.c: no need for a second NULL argument to g_object_new()
* util/cache.c (cache_new): Change max_size and node_size to be of
type size_t.
* gmime/gmime-multipart-encrypted.c
(g_mime_multipart_encrypted_new): g_object_new() doesn't need a
second NULL argument.
* gmime/gmime-utils.c (decode_8bit): Close the iconv descriptor
and since we are using is_ascii() now, we don't need to use
unsigned char *'s.
2007-04-12 Jeffrey Stedfast
* gmime/gmime-utils.c (decode_8bit): Use is_ascii().
(g_mime_utils_header_decode_text): Same.
(g_mime_utils_header_decode_phrase): Here too.
* gmime/gen-table.c: Added a is_ascii() macro for use instead of
the ctype isascii() so that I don't have to worry about casting.
2007-04-11 Jeffrey Stedfast
Revision 1119 (previous commit) made the following 2 functions
even less attractive than they already were, so I decided to
rewrite them especially since it wasn't hard to find a far cleaner
approach.
* gmime/gmime-utils.c (g_mime_utils_header_decode_text): Rewritten
to be cleaner, faster, and more elegant.
(g_mime_utils_header_decode_phrase): Same.
2007-04-11 Jeffrey Stedfast
Fixes for bug #423760 and bug #342196
* gmime/gmime-charset.c (g_mime_charset_can_encode): New
convenience function to check whether a length of UTF-8 text can
be converted into the specified charset.
(g_mime_set_user_charsets): New function allowing an application
to provide GMime with a list of user-preferred charsets to use for
encoding and decoding headers.
(g_mime_user_charsets): New function to get the list of
user-preferred charsets.
* gmime/gmime-utils.c (decode_8bit): New function to convert
arbitrary 8bit text into UTF-8 using the charset list provided by
g_mime_user_charsets().
(rfc2047_decode_word): Don't assume that just because the declared
charset is UTF-8 that it actually is in UTF-8.
(rfc2047_decode_word): If we can't open a converter for the
declared charset to UTF-8 or if we can't convert from the declared
charset into UTF-8, fall back to using decode_8bit().
(g_mime_utils_header_decode_text): Convert 8bit word tokens into
UTF-8 using decode_8bit().
(g_mime_utils_header_decode_phrase): Same.
(rfc2047_encode_word): Be a little more efficient about removing
'\n' chars...
(rfc2047_encode): When encoding a level-2 word cluster, attempt to
fit the cluster within a charset provided by
g_mime_user_charsets() rather than using GMime's best-fit charset
table (unless, of course, it doesn't fit within any of the
user-specified charsets).
2007-03-28 Jeffrey Stedfast
* gmime/gmime-iconv-utils.c (g_mime_iconv_strndup): No need to
cast out to a char *, it already is.
* gmime/gmime-stream-mem.c (g_mime_stream_mem_set_byte_array):
Only free the previous memory buffer if we were the owner.
|
|
Pkgsrc changes:
- Removed PKG_DESTDIR_SUPPORT until the issue with encoded ownership in
+INSTALL files is resolved.
- made pkglint shut up about some warnings (CONFIGURE_DIRS, BUILD_DIRS,
hidden commands with @)
- parse-rules-for-masses has moved in the source archive.
- The directories "masses" and "tools" are no longer distributed in the
archive so I simplified the post-install target.
- Since "tools" is gone, the post-extract: target is obsolete.
- MESSAGE now points at sa-compile.
- Spamc depends on zlib now, so we needed the appropriate buildlink3 file.
Summary of changes since version 3.1.8:
=======================================
* new behavior for trusted_networks/internal_networks: the 127.* network
is now always considered trusted and internal, regardless of configuration.
* bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages
based on individual short-circuit rules using the 'shortcircuit' setting,
by Dallas Engelken <dallase /at/ uribl.com>.
* bug 5305: implement 'msa_networks', for ISPs to specify their Mail
Submission Agents, and extend network trust accordingly.
* bug 4636: Add support for charset normalization, so rules can be written
in UTF-8 to match text in other charsets.
* sa-compile: compilation of SpamAssassin rules into a fast parallel-matching
DFA, implemented in native code.
* "tflags multiple": allow writing of rules that count multiple hits in a
single message.
* bug 4363: if a message uses CRLF for line endings, we should use it as
well, otherwise stay with LF as usual; important for Windows users.
* bug 4515: content preview was omitting first paragraph when no Subject:
header was present.
* The third-party modules used by sa-update are now required by the
SpamAssassin package, instead of being optional.
* Bug 5165: 'sa-update --checkonly' added to check for updates without
applying them; thanks to <anomie /at/ users.sourceforge.net>
* Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and
message/rfc822 MIME parts.
* bug 5295: add 'whitelist_auth', to whitelist addresses that send mail
using sender-authorization systems like SPF, Domain Keys, and DKIM
* Removed dependency on Text::Wrap CPAN module.
* Received header parsing updates/fixes/additions.
Spamc / spamd:
* bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module,
implementing spamd as a mod_perl module, contributed as a Google Summer of
Code project by Radoslaw Zielinski.
* bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets
simultaneously. Command-line semantics extended slightly, although fully
backwards compatibly; add the --ssl-port switch to allow TCP and SSL
listening at the same time.
* bug 3466: do Bayes expiration, if required, after results have been
passed back to the client from spamd; this helps avoid client timeouts.
* more complete IPv6 support.
* spamc: Add '-K' switch, to ping spamd.
* spamc: add '-z' switch, which compresses mails to be scanned using
zlib compression; very useful for long-distance use of spamc over the
internet.
* bug 5296: spamc '--headers' switch, which scans messages and transmits
back just rewritten headers. This is more bandwidth-efficient than the
normal mode of scanning, but only works for 'report_safe 0'.
* Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used
for '--headers'.
Mail::SpamAssassin modules and API:
* bug 4589: allow M::SA::Message to use IO::File objects to read in
message (same as GLOB).
* bug 4517: rule instrumentation plugin hooks, to measure performance,
from John Gardiner Myers <jgmyers /at/ proofpoint.com>.
* add two features to core rule-parsing code; 1. optional behaviour to
recurse through subdirs looking for .cf/.pre's, to support rules compilers
working on rulesrc dir. 2. call back into invoking code on lint failure,
so rule compiler can detect which rules exactly fail the lint check.
* bug 5206: detect duplicate rules, and silently merge them internally
for greater efficiency.
* bug 5243: add Plugin::register_method_priority() API, allowing plugins
to control the relative ordering of plugin callbacks relative to other
plugins' implementations.
* Reduced memory footprint.
Plugins:
* bug 5236: Support Mail::SPF replacement for Mail::SPF::Query.
* bug 5127: allow mimeheader :raw rules to match newlines and folded-header
whitespace in MIME header strings.
* bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at
leisi.net>
* bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to
Dallas Engelken <dallase /at/ uribl.com>.
* VBounce ruleset and plugin: detect spurious bounce messages sent by
broken mail systems in response to spam or viruses. (Based on Tim
Jackson's "bogus-virus-warnings.cf" ruleset.)
* DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys,
since the latter module is no longer actively maintained, and Mail::DKIM
can handle both DomainKeys and DKIM signatures.
* DKIM: separate signature verification from fetching a policy: can save
a DNS lookup for each unverified message by setting score to 0 for all
policy-related rules (DKIM_POLICY_SIGNALL, DKIM_POLICY_SIGNSOME, and
DKIM_POLICY_TESTING). (thanks to Mark Martinec)
* DKIM: support testing flags in the public key, as well as in the policy
record. (thanks to Mark Martinec)
* DKIM: skip fetching a policy (SSP) if a signature does verify, according
to draft-allman-dkim-ssp-02 (thanks to Mark Martinec)
* Move rule functionality and checking into separate Check plugin, allowing
third parties to implement alternative scanner core algorithms.
* core EvalTests code moved into various plugins.
* Plus lots of miscellaneous bug fixes.
|
|
Lots of changes, see the HISTORY file for details.
|
|
20070331
Bugfix (introduced Postfix 2.3): segfault with HOLD action
in access/header_checks/body_checks on 64-bit platforms.
File: cleanup/cleanup_api.c.
20070402
Portability (introduced 20070325): the fix for hardlinks
and symlinks in postfix-install forgot to work around shells
where "IFS=/ command" makes the IFS setting permanent. This
is allowed by some broken standard, and affects Solaris.
File: postfix-install.
Portability (introduced 20070212): the workaround for
non-existent library bugs with descriptors >= FD_SETSIZE
broke with "fcntl F_DUPFD: Invalid argument" on 64-bit
Solaris. Files: master/multi_server.c, *qmgr/qmgr_transport.c.
20070421
Cleanup: on (Linux) platforms that cripple signal handlers
with deadlock, "postfix stop" now forcefully stops all the
processes in the master's process group, not just the master
process alone. File: conf/postfix-script.
|
|
|
|
|
|
|
|
|
|
8.14.1/8.14.1 2007/04/03
Even though a milter rejects a recipient the MTA will still keep
it in its list of recipients and deliver to it if the
transaction is accepted. This is a regression introduced
in 8.14.0 due to the change for SMFIP_RCPT_REJ. Bug
found by Andy Fiddaman.
The new DaemonPortOptions which begin with a lower case character
could not be set in 8.14.0.
If a server shut down the connection in response to a STARTTLS
command, sendmail would log a misleading error message
due to an internal inconsistency. Problem found by
Werner Wiethege.
Document how some sendmail.cf options change the behavior of mailq.
Noted by Paul Menchini of the North Carolina School of
Science and Mathematics.
CONFIG: Add confSOFT_BOUNCE m4 option for setting SoftBounce.
CONFIG: 8.14.0's RELEASE_NOTES failed to mention the addition
of the confMAX_NOOP_COMMANDS and confSHARED_MEMORY_KEY_FILE
m4 options for setting MaxNOOPCommands and
SharedMemoryKeyFile.
CONFIG: Add confMILTER_MACROS_EOH and confMILTER_MACROS_DATA m4
options for setting Milter.macros.eoh and Milter.macros.data.
CONTRIB: Use flock() and fcntl() in qtool.pl if necessary.
Patch from Daniel Carroll of Mesa State College.
LIBMILTER: Make sure an unknown command does not affect the
currently available macros. Problem found by Andy Fiddaman.
LIBMILTER: The MTA did not offer SMFIF_SETSYMLIST during option
negotiation. Problem reported by Bryan Costales.
LIBMILTER: Fix several minor errors in the documentation.
Patches from Bryan Costales.
PORTABILITY FIXES:
AIX 5.{1,2}: libsm/util.c failed to compile due to
redefinition of several macros, e.g., SIG_ERR.
Patch from Jim Pirzyk with assistance by Bob
Booth, University of Illinois at Urbana-Champaign.
Add support for QNX.6. Patch from Sean Boudreau of QNX
Software Systems.
New Files:
devtools/M4/depend/QNX6.m4
devtools/OS/QNX.6.x
include/sm/os/sm_os_qnx.h
New Files added in 8.14.0, but not shown in the release notes entry:
libmilter/docs/smfi_chgfrom.html
libmilter/docs/smfi_version.html
8.14.0/8.14.0 2007/01/31
Header field values are now 8 bit clean. Notes:
- header field names are still restricted to 7 bit.
- RFC 2822 allows only 7 bit (US-ASCII) characters in
headers.
Preserve spaces after the colon in a header. Previously, any
number of spaces after the colon would be changed to
exactly one space.
In some cases of deeply nested aliases/forwarding, mail can
be silently lost. Moreover, the MaxAliasRecursion
limit may be reached too early, e.g., the counter
may be off by a factor of 4 in case of a sequence of
.forward files that refer to others. Patch from
Motonori Nakamura of Kyoto University.
Fix a regression in 8.13.8: if InputMailFilters is set then
"sendmail -bs" can trigger an assertion because the
hostname of the client is undefined. It is now set
to "localhost" for the xxfi_connect() callback.
Avoid referencing a freed variable during cleanup when terminating.
Problem reported and diagnosed by Joe Maimon.
New option HeloName to set the name for the HELO/EHLO command.
Patch from Nik Clayton.
New option SoftBounce to issue temporary errors (4xy) instead of
permanent errors (5xy). This can be useful for testing.
New suboptions for DaemonPortOptions to set them individually
per daemon socket:
DeliveryMode DeliveryMode
refuseLA RefuseLA
delayLA DelayLA
queueLA QueueLA
children MaxDaemonChildren
New option -K for LDAP maps to replace %1 through %9 in the
lookup key with the LDAP escaped contents of the
arguments specified in the map lookup. Loosely based
on patch from Wolfgang Hottgenroth.
Log the time after which a greet_pause delay triggered. Patch
from Nik Clayton.
If a client is rejected via TCP wrapper or some other check
performed by validate_connection() (in conf.c) then do
not also invoke greet_pause. Problem noted by Jim Pirzyk
of the University of Illinois at Urbana-Champaign.
If a client terminates the SMTP connection during a pause
introduced by greet_pause, then a misleading message
was logged previously. Problem noted by Vernon Schryver
et.al., patch from Matej Vela.
New command "mstat" for control socket to provide "machine
readable" status.
New named config file rule check_eom which is called at the end
of a message, its parameter is the size of the message.
If the macro {addr_type} indicates that the current address
is a header address it also distinguishes between
recipient and sender addresses (as it is done for
envelope addresses).
When a macro is set in check_relay, then its value is accessible
by all transactions in the same SMTP session.
Increase size of key for ldap lookups to 1024 (MAXKEY).
New option MaxNOOPCommands to override default of 20 for the
number of "useless" commands before the SMTP server will
slow down responding.
New option SharedMemoryKeyFile: if shared memory support is
enabled, the MTA can be asked to select a shared memory
key itself by setting SharedMemoryKey to -1 and specifying
a file where to store the selected key.
Try to deal with open HTTP proxies that are used to send spam
by recognizing some commands from them. If the first command
from the client is GET, POST, CONNECT, or USER, then the
connection is terminated immediately.
New PrivacyOptions noactualrecipient to avoid putting
X-Actual-Recipient lines in DSNs revealing the actual
account that addresses map to. Patch from Dan Harkless.
New options B, z, and Z for DNS maps:
-B: specify a domain that is always appended to queries.
-z: specify the delimiter at which to cut off the result of
a query if it is too long.
-Z: specify the maximum number of entries to be concatenated
to form the result of a lookup.
New target "check" in the Makefile of libsm: instead of running tests
implicitly while building libsm, they must be explicitly
started by using "make check".
Fixed some inconsistent checks for NULL pointers that have been
reported by the SATURN tool which has been developed by
Isil Dillig and Thomas Dillig of Stanford University.
Fix a potential race condition caused by a signal handler for
terminated child processes. Problem noted by David F. Skoll.
When a milter deleted a recipient, that recipient could cause a
queue group selection. This has been disabled as it was not
intended.
New operator 'r' for the arith map to return a random number.
Patch from Motonori Nakamura of Kyoto University.
New compile time option MILTER_NO_NAGLE to turn off the Nagle
algorithm for communication with libmilter ("cork" on Linux),
which may improve the communication performance on some
operating systems. Patch from John Gardiner Myers of
Proofpoint.
If sendmail received input that contained a CR without subsequent LF
(thus violating RFC 2821 (2.3.7)), it could previously
generate an additional blank line in the output as the last
line.
Restarting persistent queue runners by sending a HUP signal to
the "queue control process" (QCP) works now.
Increase the length of an input line to 12288 to deal with
really long lines during SMTP AUTH negotiations.
Problem noted by Werner Wiethege.
If ARPANET mode (-ba) was selected STARTTLS would fail (due to
a missing initialization call for that case). Problem
noted by Neil Rickert of Northern Illinois University.
If sendmail is linked against a library that initializes Cyrus-SASL
before sendmail did it (such as libnss-ldap), then SMTP AUTH
could fail for the sendmail client. A patch by Moritz Both
works around the API design flaw of Cyrus-SASLv2.
CONFIG: Make it possible to unset the StatusFile option by
undefining STATUS_FILE. By not setting StatusFile,
the MTA will not attempt to open a statistics file on
each delivery.
CONFIG: New FEATURE(`require_rdns') to reject messages from SMTP
clients whose IP address does not have proper reverse DNS.
Contributed by Neil Rickert of Northern Illinois University
and John Beck of Sun Microsystems.
CONFIG: New FEATURE(`block_bad_helo') to reject messages from SMTP
clients which provide a HELO/EHLO argument which is either
unqualified, or is one of our own names (i.e., the server
name instead of the client name). Contributed by Neil
Rickert of Northern Illinois University and John Beck of
Sun Microsystems.
CONFIG: New FEATURE(`badmx') to reject envelope sender addresses
(MAIL) whose domain part resolves to a "bad" MX record.
Based on contribution from William Dell Wisner.
CONFIG: New macros SMTP_MAILER_LL and RELAY_MAILER_LL to override
the maximum line length of the smtp mailers.
CONFIG: New option `relaytofulladdress' for FEATURE(`access_db')
to allow entries in the access map to be of the form
To:user@example.com RELAY
CONFIG: New subsuboptions eoh and data to specify the list of
macros a milter should receive at those stages in the
SMTP dialogue.
CONFIG: New option confHELO_NAME for HeloName to set the name
for the HELO/EHLO command.
CONFIG: dnsbl and enhdnsbl can now also discard or quarantine
messages by using those values as second argument.
Patches from Nelson Fung.
CONTRIB: cidrexpand uses a hash symbol as comment character and
ignores everything after it unless it is in quotes or
preceeded by a backslash.
DEVTOOLS: New macro confMKDIR: if set to a program that creates
directories, then it used for "make install" to create
the required installation directories.
DEVTOOLS: New macro confCCLINK to specify the linker to use for
executables (defaults to confCC).
LIBMILTER: A new version of the milter API has been created that
has several changes which are listed below and documented
in the webpages reachable via libmilter/docs/index.html.
LIBMILTER: The meaning of the version macro SMFI_VERSION has been
changed. It now refers only to the version of libmilter,
not to the protocol version (which is used only internally,
it is not user/milter-programmer visible). Additionally,
a version function smfi_version() has been introduced such
that a milter program can check the libmilter version also
at runtime which is useful if a shared library is used.
LIBMILTER: A new callback xxfi_negotiate() can be used to
dynamically (i.e., at runtime) determine the available
protocol actions and features of the MTA and also to
specify which of these a milter wants to use. This allows
for more flexibility than hardcoding these flags in the
xxfi_flags field of the smfiDesc structure.
LIBMILTER: A new callback xxfi_data() is available so milters
can act on the DATA command.
LIBMILTER: A new callback xxfi_unknown() is available so milters
can receive also unknown SMTP commands.
LIBMILTER: A new return code SMFIS_NOREPLY has been added which
can be used by the xxfi_header() callback provided the
milter requested the SMFIP_NOHREPL protocol action.
LIBMILTER: The new return code SMFIS_SKIP can be used in the
xxfi_body() callback to skip over further body chunks
and directly advance to the xxfi_eom() callback. This
is useful if a milter can make a decision based on the
body chunks it already received without reading the entire
rest of the body and the milter wants to invoke functions
that are only available from the xxfi_eom() callback.
LIBMILTER: A new function smfi_addrcpt_par() can be used to add
new recipients including ESMTP parameters.
LIBMILTER: A new function smfi_chgfrom() can be used to change the
envelope sender including ESMTP parameters.
LIBMILTER: A milter can now request to be informed about rejected
recipients (RCPT) too. This requires to set the protocol
flag SMFIP_RCPT_REJ during option negotiation. Whether
a RCPT has been rejected can be checked by comparing the
value of the macro {rcpt_mailer} with "error".
LIBMILTER: A milter can now override the list of macros that it
wants to receive from the MTA for each protocol step
by invoking the function smfi_setsymlist() during option
negotiation.
LIBMILTER: A milter can receive header field values with all
leading spaces by requesting the SMFIP_HDR_LEADSPC
protocol action. Also, if the flag is set then the MTA
does not add a leading space to headers that are added,
inserted, or replaced.
LIBMILTER: If a milter sets the reply code to "421" for the HELO
callback, the SMTP server will terminate the SMTP session
with that error to match the behavior of all other callbacks.
New Files:
cf/feature/badmx.m4
cf/feature/block_bad_helo.m4
cf/feature/require_rdns.m4
devtools/M4/UNIX/check.m4
include/sm/misc.h
include/sm/sendmail.h
include/sm/tailq.h
libmilter/docs/smfi_addrcpt_par.html
libmilter/docs/smfi_setsymlist.html
libmilter/docs/xxfi_data.html
libmilter/docs/xxfi_negotiate.html
libmilter/docs/xxfi_unknown.html
libmilter/example.c
libmilter/monitor.c
libmilter/worker.c
libsm/memstat.c
libsm/t-memstat.c
libsm/t-qic.c
libsm/util.c
sendmail/daemon.h
sendmail/map.h
|
|
* New features
o Toolbar
+ The customization of the toolbars was implemented.
+ 'Prev', 'Print', 'Address', 'Prefs', 'Account', 'Not junk',
'Search' and 'Stop' button was added to the toolbars.
+ The overflow menu for the toolbars was added.
+ The option to place toolbar labels at the right of icons was added.
o Address book
+ Copy and paste of persons in the address book was enabled.
+ In the address book, the import of CSV and Tab-separated text file
was enabled.
o The automatic filtering of IMAP4 on receive operation was enabled.
o The option to toggle the window on the trayicon click was added.
* Feature improvements
o Junk mails are now filtered when incorporating from local spool.
o The width of toolbar buttons was reduced when the labels are displayed.
o The checking of remote folders doesn't abort with non-fatal errors now
except for network failure.
o Close button was added to the address book dialog.
o In-Reply-To header was supported in mailto URL.
o An error message is displayed now when the decryption of PGP encrypted
messages failed.
o 'Within 1 day' and 'Last 5 days' was added to the quick search rule.
o The toolbar style switch was added to the toolbar context menu.
o The limitation of the nesting level of MIME structure was relaxed.
o A margin for text was added to the composition window.
o An error dialog is displayed if the execution of junk filter command fails.
o The overwrite confirmation of the file selection dialog was improved.
o The file copy and move operation were optimized.
o The included Japanese manual was updated.
o Unix: Symbolic links are now also scanned when scanning MH folders.
* Bugfixes
o The problem that the width of the folder view was not saved when the
main window was maximized was fixed.
o The crash when verifying signed messages with popup window was fixed.
o The crash on exit when the order of summary columns were modified by
DnD was fixed.
o The wrong handling of quotation in multi-byte strings on MIME header
encoding was fixed.
o The behavior of 'Go to next unread' with changing folders was fixed.
o Several bugs of the search dialog were fixed.
o Several bugs of the address book were fixed.
o The crash on the cancellation of sending or receiving was fixed.
o Unix: The bug that the window was kept being skipped from window list
after it became visible with window shading or switching workspaces.
* Changes from 2.4.0rc
o Invalid APOP timestamp is rejected now (CVE-2007-1558).
o The configuration file is written out after the toolbar is customized.
|
|
|
|
Apply patch from Todd Kover to avoid strndup() related build issues on
some platforms.
|
|
-explicitly watch for broken POP3 servers that return a blank UIDL value
(not permitted by the POP3 protocol) and print a fatal error message.
Thanks: Florian Hackenberger and Cameron Rangeley.
|
|
|
|
with appropriate values for REPLACE_PERL.
|
|
- Remove the mutt-compressed option for now, as it is not updated upstream
- Add a mutt-smtp option (suggested by Brian de Alwis), to enable smtp relay
support in mutt
Changes:
The keys used are:
!: modified feature, -: deleted feature, +: new feature
- $imap_home_namespace (useless clutter)
+ $check_mbox_size (use size change instead of atime for new mail)
! improved f=f support wraps lines at $wrap if $wrap is not 0
+ $wrap (>0 wraps at $wrap, <0 = $wrapmargin)
+ $assumed_charset, $attach_charset, $ignore_linear_white_space
+ $save_history, $history_file (save history across sessions)
+ $smtp_url (ESMTP relay support)
+ $crypt_use_pka (use GPGME PKA signature verification)
|
|
Pkgsrc changes:
- DESTDIR support
Changes since version 0.176:
============================
0.179 Mon Nov 27 2006
bug 23657: fix domain label regex: thanks, Nobuaki ITO!
0.178 Sat Nov 25 2006
reduce cases in which IO::CaptureOutput is needed on Win32
(bug 22062, thanks Alexandr Ciornii)
0.177 Sat Nov 25 2006
resolve bug 22710: make fqdn rule more strict: domains must be multiple
valid domain labels, and domain labels must be [a-z0-9][-a-z0-9]*
replace UNIVERSAL:: with eval{}-wrapping
|
|
p5-Email-MIME
p5-Email-MIME-ContentType
p5-Email-MIME-Encodings
|
|
This is a merge of wip/p5-Email-MIME by Roman Kulik and the
package submitted by Edgar Fuss to tech-pkg@. Some small changes by me.
Email::MIME is an extension of the Email::Simple module, to handle MIME
encoded messages. It takes a message as a string, splits it up into its
constituent parts, and allows access to various parts of the message.
Headers are decoded from MIME encoding.
|
|
This is a merge of wip/p5-Email-MIME-Encodings by Roman Kulik and the
package submitted by Edgar Fuss to tech-pkg@. Some small changes by me.
The Email::MIME::Encodings module simply wraps "MIME::Base64" and
"MIME::QuotedPrint" so that you can throw the contents of a
"Content-Transfer-Encoding" header at some text and have the
right thing happen.
|
|
This is a merge of wip/p5-Email-MIME-ContentType by Roman Kulik and the
package submitted by Edgar Fuss to tech-pkg@. Some small changes by me.
This module is responsible for parsing email content type headers
according to section 5.1 of RFC 2045. It returns a hash with entries
for the discrete type, the composite type, and a hash of attributes.
|
|
Pkgsrc changes:
- DESTDIR support
- Added CONFLICTS line to follow the comments in Makefile.PL (see 1.998 below)
Changes since version 1.995:
============================
1.999 2007-03-20
fix bug 25496: deletion of headers affected the wrong range,
sometimes deleting too many headers -- thanks, Nicholas Oxhoej!
fix bug 24922: errant space in last header of CRLF-delim email
thanks, Barry Downes and Alex Vandiver
1.998 2007-02-07
MAJOR REFACTORING OF GUTS
If you run Email::MIME, you MUST be running Email::MIME 1.857 or
better.
require Email::MIME 1.857 in Makefile.PL only if an older
version is already installed
boldly moving forward with refactored headers and
Email::Simple:::Header
greatly reduce memory footprint
add crlf method to allow other modules to avoid ->{mycrlf}
fix broken header-junk test
1.996 2006-11-27
- do not wrap Content-Type field; it can cause Outlook to go nuts
while this is a special case, it does not make E::S incorrect, as folding
long headers is allowed (for aesthetics) and not mandated
|
|
|
|
an extra html/ directory being created in docs. Changes html/ to html/.
to avoid this extra directory on netbsd-4. Should definitively fix
pkg/36007.
Bump PKGREVISION.
|
|
initialization. Resolves SMP crash, but it seems really openssl
should be compiled with thread spport.
|
|
* Core changes:
* The mail summary popup has been replaced by
libnotify message popups. These new message popups
also provide actions such as "Open" and "Mark as Spam"
* Mozilla products (Mozilla, SeaMonkey, Thunderbird, ...)
mailboxes are now supported
* The mailbox properties dialog has been redesigned
* A new click action has been added: open the latest
message
* A MN icon set has been designed by Josef Vybíral
(#18198)
* A --print-summary command line argument has been
added, allowing to access message data from an
external program
* A mail-changed GConf command setting has been added
(it is executed when new mail is received or when a
message is read)
* Handling of the GNOME mail reader command: instead
of stripping %s, the first word of the command is
now used; moreover, mozilla and evolution are now
handled specially (#18257)
* The /desktop/gnome/url-handlers/mailto/needs_terminal
GConf key is now respected
* Could no longer close the about dialog with recent
GTK+ versions: fixed (#18252)
* POP3 changes:
* Messages kept on the server but marked as read are
now discarded. Note that this only works with
servers which send Status headers; most don't
(#18164).
|
|
|
|
version 1.77 [sic!]: Tue Apr 10 09:25:29 CEST 2007
- The tag (field label) casing is "normalized" which is not
required (as the comment in the code told), but a mis-
feature. The feature will not change, to avoid breaking
existing code. Original report by [Matt Swift]
- Do not ignore unknown argument to Mail::Internet::new(),
but complain about it [JPBS]
- Document that the \n is still after a header line, but folding
is removed. Suggested by [Roberto Jimenoca]
- Document that unfolding is too greading, taking all leading
blanks where only one should be taken. Suggested by
[Roberto Jimenoca]
version 1.75: Wed Jun 14 15:30:25 CEST 2006
- [Mike Lerley] reported that environment variables are not
thread-safe in mod_perl. Therefore, he required to pass the
sender of the message explictly on qmail's command-line.
His addapted patch included.
|
|
(or over top of) "mail/sendmail" they will get the same revision and the
revision will increase if there are any changes. Thanks to seb@ for this.
|
|
Removed the KEEPDBOPEN option as it could lead to multiple instance of gld
running when mail traffic is low and thus father process MYSQL connection
timeout. Furthermore, after tests, efficency is the same.
KEEPDBOPEN option is now silently ignored to forced to NO.
|
|
|
|
* The file copy and move were optimized.
* The crash on the cancellation of POP3/SMTP session was fixed.
* The crash when a person was removed and its e-mail addresses
were referenced by a group in another folder was fixed.
* The Japanese manual was updated.
2.4.0beta8:
* In the address book, the import of CSV and Tab-separated text
file was implemented.
* 'Within 1 day' and 'Recent 5 days' was added to the quick search rule.
* The toolbar style switch was added to the toolbar context menu.
* Stop button now cancels all sessions.
* The limitation of the nesting level of MIME structure was relaxed.
* A margin for text was added to the composition window.
* An error dialog is displayed if the execution of junk filter command fails.
* The overwrite confirmation of the file selection dialog was improved.
* ISO-8859-16 was supported in code conversion.
* Several UI problems in the address book were fixed.
* The stability of the cancellation of POP3/SMTP session was improved.
* The bug that the displayed number of message becoming incorrect on
folder search was fixed.
|
|
|
|
|
|
|
|
|
