summaryrefslogtreecommitdiff
path: root/mail
AgeCommit message (Collapse)AuthorFilesLines
2003-03-31Add flocksim.h to the list of c-client includes. It's required on solaris,bouyer2-6/+7
and even if not used on other systems it doesn't hurt.
2003-03-30Fix bad entry for bin/kbiffjmc1-2/+2
2003-03-29Update to version 8.12.9.seb2-6/+7
This is mostly a security fix release. See the list of changes since 8.12.8 below. Package change: always put M4 in MAKE_ENV so we are sure of the one used. Note: this also update mail/libmilter the same version. 8.12.9/8.12.9 2003/03/29 SECURITY: Fix a buffer overflow in address parsing due to a char to int conversion problem which is potentially remotely exploitable. Problem found by Michal Zalewski. Note: an MTA that is not patched might be vulnerable to data that it receives from untrusted sources, which includes DNS. To provide partial protection to internal, unpatched sendmail MTAs, 8.12.9 changes by default (char)0xff to (char)0x7f in headers etc. To turn off this conversion compile with -DALLOW_255 or use the command line option -d82.101. To provide partial protection for internal, unpatched MTAs that may be performing 7->8 or 8->7 bit MIME conversions, the default for MaxMimeHeaderLength has been changed to 2048/1024. Note: this does have a performance impact, and it only protects against frontal attacks from the outside. To disable the checks and return to pre-8.12.9 defaults, set MaxMimeHeaderLength to 0/0. Do not complain about -ba when submitting mail. Problem noted by Derek Wueppelmann. Fix compilation with Berkeley DB 1.85 on systems that do not have flock(2). Problem noted by Andy Harper of Kings College London. Properly initialize data structure for dns maps to avoid various errors, e.g., looping processes. Problem noted by Maurice Makaay. CONFIG: Prevent multiple application of rule to add smart host. Patch from Andrzej Filip. CONFIG: Fix queue group declaration in MAILER(`usenet'). CONTRIB: buildvirtuser: New option -t builds the virtusertable text file instead of the database map. Portability: Revert wrong change made in 8.12.7 and actually use the builtin getopt() version in sendmail on Linux. This can be overridden by using -DSM_CONF_GETOPT=0 in which case the OS supplied version will be used.
2003-03-29Place WRKSRC where it belongs, to make pkglint happy; ok'ed by wiz.jmmv22-55/+44
2003-03-28Remove unnecessary empty lines.wiz2-2/+0
2003-03-28NO_PATCH is deprecated, says pkglint. Remove it.wiz1-2/+1
2003-03-28Make the cyrus-imapd package install the html versions of its manatatat2-2/+30
pages. Normally I wouldn't care, except (a) there don't seem to be "plaintext" versions and (b) the html that *does* get installed links to it. Or them, rather. Bump PKGREVISION accordingly. Reviewed by jlam.
2003-03-26Add and enable clamav.agc1-1/+2
2003-03-26Initial import of clamav-0.54 into the NetBSD Packages Collection.agc5-0/+93
Provided in PR 20662 by David Ferlier, modified to use pkgsrc libtool and to add users by myself. Clam AntiVirus is an anti-virus toolkit written from scratch. It is licensed under GNU GPL2 and uses the virus database from OpenAntiVirus, which is an another free anti-virus project. In contrast to OpenAntiVirus (which is written in Java), Clam AntiVirus is written entirely in C and its database is KEPT UP TO DATE. It also detects polymorphic viruses as well.
2003-03-24Provide a SITES_ expansion for fetching the cr patch so this doesn't conflictjmc1-2/+4
with the the possible download of the wide patch
2003-03-23Honor PKG_SYSCONFDIR. Bump PKGREVISION to 1.jmmv5-23/+52
2003-03-22Update sylpheed to use USE_X11 rather than USE_X11BASE.chris1-2/+3
2003-03-22Explicitly set TLS_INCLUDE to where OpenSSL headers are found.jmmv2-9/+10
Fixes PR pkg/20609 by Mirko Thiesen.
2003-03-22remove bogus '.endif'rh1-2/+1
2003-03-22Add aspell support, from Sergio Jimenez via PR pkg/20811.salo1-1/+4
Bump PKGREVISION just for sure.
2003-03-22Update to 6.2.2, from Quentin Garnier in PR 20790.wiz4-92/+85
Changes since last version: * Sunil Shetye's patch to improve behavior in empty messages. * Conform to RFC2595; reissue capability probes after successful STARTTLS negotiation. * Sunil's patch to make handling of failed STARTTLS more graceful. * Sunil's JF2 fix patch for .fetchmailrc security fix. * Christophe GIAUME <christophe@giaume.com> finished the implementation of RFC2177 IDLE. * Jason Tishler's fix patch for Cygwin. * Support ssh-style authentication in POP3 * Fix for Debian bug #108977, clean up config file evaluation, by Benjamin Drieu.
2003-03-22Update evolution to 1.2.3. Changes are tons of bugfixes and a fewrh3-11/+29
translation updates. A detailled changelog can be found at http://developer.ximian.com/projects/evolution/release_notes/1.2.2.html http://developer.ximian.com/projects/evolution/release_notes/1.2.3.html
2003-03-22Add message explaining main differences to the old 2.x versions.wiz1-0/+13
From Toru TAKAMIZU.
2003-03-22Update to 3.1.1, based on Toru TAKAMIZU's patches in PR 19707.wiz3-19/+56
Changes: Version 3.1.1 14 March 2003 -Add additional info to message log (msg #, msg count, size) "new msg" status line. Thanks to Payal Rathod for the feature request. Version 3.1.0 21 February 2003 -Rename the recipient_header directive to "envelope_recipient". There was simply too much confusion about it. Sorry, but you'll have to update your getmailrc file and rename this directive if you're using it. This version was going to be 3.0.5, but this change necessitates bumping the version up to 3.1.0. -Include separate callable program for mbox delivery. The program, getmail_mbox, is based on the mbox delivery code in getmail version 2.3. It assumes mboxrd format and flock locking; if other programs on your system expect a different subtype of mbox format or use a different locking method, you can corrupt your mbox file. Use at your own risk. You can use this in a command delivery target from getmail as "|/path/to/getmail_mbox /path/to/mboxfile" . -In a similar vein, include separate callable program for maildir delivery. The program, getmail_maildir, uses the same maildir delivery code as getmail. You can use this in a command delivery target from getmail as "|/path/to/getmail_maildir /path/to/maildir/" . This is mostly useful if you want to deliver to a maildir after doing something else to the message, and can be used in place of safecat. -Add message filtering. You can now pass messages through arbitrary filters before delivery; specify one or more message_filter directives, each of which is a command and arguments. The filter(s) should read the message from stdin, write to stdout, and exit 0 for success, 99 to drop the message in the bitbucket, and anything else to indicate an error. No docs for this yet. -getmail could drop the final newline when delivering to Maildirs in some circumstances. Thanks to Jason Mastaler for the report and testing. Version 3.0.4 20 February 2003 -Catch a user incorrectly specifying two values for recipient_header. Thanks to Francisco Stefano Wechsler for the report. -Update ConfParser to version 3.3, designed to make it easier to catch user configuration errors. -Update configuration-handling code to use new features of ConfParser 3.3 above, report configuration errors more clearly. Thanks to Francisco Stefano Wechsler for the report which got me looking at this. -Add explicit check for recipient_header specifying a known-incorrect value. Thanks to Edward Davis for the report that got me looking at this. -Move some sanity checks around to report errors earlier. Version 3.0.3 14 February 2003 -Missing import in getmail_utilities.py affected those who let getmail prompt them for a password. Thanks to Francisco Stefano Wechsler for the report. Version 3.0.2 14 February 2003 -My editor let CR LF line endings into getmail_utilities.py ; this caused problems for at least one person. Thanks to Francisco Stefano Wechsler for the report. Now fixed. Version 3.0.1 13 February 2003 -Have getmail report an error if local directives are specified but getmail is not operating in multidrop mode (through either of the "use_*env" or "recipient_header" directives). Thanks to Gerwin Krist for reporting that this was not obvious. Version 3.0.0 10 February 2003 -Updated to version 1.23 of Timothy O'Malley's timeoutsocket.py from http://www.timo-tasi.org/python/timeoutsocket.py -not all configuration errors were being caught in ConfParser. Updated ConfParser as a result; thanks to Christian Pelster for reporting and testing this. -Move lots of code around. Much has been moved into separate files. Much other code has been cleaned up. -Add support for Demon's SPDS "*ENV" command for domain mailboxes. Thanks to Paul Clifford for the request and the pointer to Demon's explanation of this protocol extension, submission of a patch to getmail 2.3.x for this feature, and for a testing 3.0 in its pre-release state. Paul also submitted several patches during pre-release testing which I accepted. -Change main delivery loop; individual message delivery failures are not considered fatal errors any more. The messages will be left on the server and retried. -Remove mbox delivery code. Use an external MDA for this; for safety and reliability, all mbox-delivery programs on a system have to be compiled to use the same method of mbox locking in any case. I don't use mbox files at all. -Simplify handling of oldmail data files. -Domain mailboxes are now only supported with explicit configuration of a header field which records the envelope recipient address or with *ENV. This removes a lot of code and makes the logic simpler. -Remove duplicate filtering option. Use an external MDA for this. -Change maildir delivery algorithm; getmail will now try up to three times to generate a valid, unique name in maildir/tmp/, sleeping two seconds between tries as recommended by djb. This code is also now moved into an independant function in getmail_utilities.py for easier use by others. The file naming convention has changed to djb's "modern delivery identifiers".
2003-03-22Updated to version 0.8.11.salo3-9/+14
Patch sent by Quentin Garnier via PR pkg/20679. Changes: - s/USE_X11BASE/USE_X11/ 0.8.11: ======= - The folder option to remove parentheses and brackets at the beginning of subject has been added. - The option to use command output for signature has been added. - The summary search now also looks for collapsed nodes. - The size of the source window is now remembered. - Euro locales (ISO-8859-15) have been supported. - Many locales and encodings which were not supported before have been added. - Galician translation has been added. - Support for Latin locales (ISO-8859) has been fixed. - UTF-8 locale support has been fixed. - The folding problem of headers has been fixed. - The more workaround for abort problem in Japanese locale has been made. - Other bugfixes have been made. 0.8.10: ======= - The validity check of EUC-JP code became more strict. - The handling of strings which failed to be converted has been modified. - Minor bugfixes and a speed improvement have been made. 0.8.9: ====== - Transition from libjconv to direct use of iconv() API has been made. - Quoted-Printable encoding for outgoing messages has been enabled. - Content-Transfer-Encoding for outgoing messages became user definable. - The abbreviation method of newsgroup name has been improved. - Russian locales support has been improved. - Fixes for message canonicalization have been made. - Bugs of header MIME encoding have been fixed.
2003-03-21Honor PKG_SYSCONFDIR, as requested in PR pkg/19289 by Thomas T. Thai.jmmv5-7/+64
Bump PKGREVISION to 1.
2003-03-21Update ipv6+tls patch in comment (and distinfo).taca2-6/+6
2003-03-20Undo PKGREVISION bump (not necessary since the whole package was updatedwiz1-3/+1
to 2.0.7).
2003-03-20Add PKGREVISION=1 [wiz told me so]christos1-1/+3
2003-03-20- upgrade to 2.0.7christos3-32/+33
- add kim's recipient canonicalization patch. NOTE: TLS was disabled and is still disabled in this version.
2003-03-20Add kim's recipient canocalization patchchristos1-0/+106
2003-03-20Update mutt to 1.4.1:jschauma3-15/+14
fix a buffer overflow in mutt's IMAP client code which was identified by Core Security Technologies, and fixed by Edmund Grimley Evans. A more detailed advisory will be published by Core Security. This happens to close PR pkg/20814, filed while I was updating the package. :-)
2003-03-17Update to 3.2.1bouyer3-208/+290
Main changes from 3.0: Add various translations Check for invalid 8bit characters in email addresses Updates for various browsers quirks Do not allow the '\' character in full names (see RFC 2822 [3.2.5]). Close several small XSS vulnerabilities Show timeout warning if session is about to expire Added images MIME_Viewer Protect against modified login forms Escape login data correctly Various bug fixes and interface improvements. For details see share/doc/imp/CHANGES
2003-03-14(1) Publicly export the value of _OPSYS_RPATH_NAME as RPATH_FLAG;jlam3-11/+13
Makefiles simply need to use this value often, for better or for worse. (2) Create a new variable FIX_RPATH that lists variables that should be cleansed of -R or -rpath values if ${_USE_RPATH} is "no". By default, FIX_RPATH contains LIBS, X11_LDFLAGS, and LDFLAGS, and additional variables may be appended from package Makefiles.
2003-03-13Catch up to qpopper 4.0.5taca2-8/+7
Changes from 4.0.4 to 4.0.5: ---------------------------- 1. Add debug trace call with OpenSSL library version. 2. Added 'tls-options' configuration file option. 3. Added 'tls-workarounds' boolean option. 4. STLS errors (except for timeout) no longer fatal. 5. Added sample xinetd configuration file. 6. Additional checks for networking libraries. 7. Pick up LDFLAGS from environment, if set. 8. Added '--enable-32-bit' and '--enable-64-bit' 9. Applied patch from Jeremy Chadwick to fix pathname trimming in standalone mode. 10. Fixed (non-root) buffer overflow. 11. Fixed '-no-mime' appended to user name (reported by Florian Heinz). 12. Fixed response message when identical MDEFs defined multiple times (reported by Florian Heinz).
2003-03-13upgrade to 4.0.5. includes security fix.itojun4-17/+16
Changes from 4.0.4 to 4.0.5: ---------------------------- 1. Add debug trace call with OpenSSL library version. 2. Added 'tls-options' configuration file option. 3. Added 'tls-workarounds' boolean option. 4. STLS errors (except for timeout) no longer fatal. 5. Added sample xinetd configuration file. 6. Additional checks for networking libraries. 7. Pick up LDFLAGS from environment, if set. 8. Added '--enable-32-bit' and '--enable-64-bit' 9. Applied patch from Jeremy Chadwick to fix pathname trimming in standalone mode. 10. Fixed (non-root) buffer overflow. 11. Fixed '-no-mime' appended to user name (reported by Florian Heinz). 12. Fixed response message when identical MDEFs defined multiple times (reported by Florian Heinz).
2003-03-13enable IPv6 pop serviceitojun1-3/+4
2003-03-13add --disable-gtk-doc to CONFIGURE_ARGS to allow this to build withoutdmcmahill1-18/+2
an active X display.
2003-03-13This does not seem to require GMAKE after all.jschauma1-2/+1
2003-03-11Update to version 2.30.markd3-6/+10
Changes: * mimedefang-multiplexor.c: On systems that support wait3 and fill in the usage structure, we log the slave's system and user CPU usage when it exits. The autoconf test is not too reliable on Solaris; sorry... * Create the temporary spool directory before calling filter_relay; store it in $CWD for filter_relay, filter_sender, filter_recipient, and the other filter functions, so we can pass state around. * Officially deprecated non-use of the multiplexor. I plan on dropping support for non-multiplexor operation by 31 July 2003. * mimedefang.c: Added -M option to protect work directory creation with a mutex. * mimedefang.pl.in: resend_message returns a meaningful value (true on success; false on failure.) * mimedefang.c (envfrom): Fix potential descriptor leak. Problem noted by Nik Clayton. * mimedefang.c (envfrom): Fixed some incorrect syslog messages. Problem noted by Nik Clayton. * mimedefang-multiplexor.c: Add handling for filter_cleanup, that lets you run Perl code just before a slave is killed. Based on a suggestion by Brian Landers. * Version 2.29 RELEASED * mimedefang.pl.in (send_mail): Redirect sendmail's STDOUT to STDERR; otherwise, complaints from Sendmail can mess up the communication between the multiplexor and the slaves. * mimedefang.pl.in: Add support for Trophie scanning library. (Jason Englander) * Version 2.28 RELEASED * mimedefang.pl.in (spam_assassin_mail): Synthesize "Return-Path:" and "Received:" headers for SpamAssassin (Nels Lindquist). * mimedefang-multiplexor.c (MAX_CMD_LEN): Increased MAX_CMD_LEN to 4096 from 512. * mimedefang.pl.in (recipient_ok): Set global variables in filter_relay, filter_sender and filter_recipient based on the information available so far in the SMTP transaction. (Anne Bennet) * Version 2.26 RELEASED * Quarantine notifications no longer sent unless you explicitly ask for them. *** INCOMPATIBILITY *** * mimedefang.pl.in (md_check_against_smtp_server): Added md_check_against_smtp_server to check recipient addresses before accepting them. * Version 2.25 RELEASED * mimedefang.pl.in: Added $RealRelayAddr and $RealRelayHostname which give the actual relay host, ignoring the IP address validation header. (Used by CanIt.) *mimedefang.pl.in: Remove append_boilerplate *** INCOMPATIBILITY *** The append_boilerplate function is gone. It never really worked properly. Instead, use append_text_boilerplate and append_html_boilerplate. * mimedefang.pl.in (message_contains_virus_clamd): Let clamd recurse through work directory. Make sure you run Clam AntiVirus version 0.52 or higher! (Jason Englander) * watch-mimedefang: Now generated at configure time from watch-mimedefang.in. Let's us specify @SPOOLDIR@ (Jason Englander)
2003-03-11Add and enable kbiff.markd1-1/+2
2003-03-11Initial import of kbiff 3.6.3markd4-0/+98
KBiff is a "biff" or new mail notification utility. It is highly configurable but very easy to use and setup. It tries to combine the best of the features of most of the "other" biff programs out there. KBiff supports all major mailbox formats: mbox (Berkely style), maildir, mh, POP3, IMAP4, and NNTP.
2003-03-11Update to 0.6.2:wiz2-5/+5
In this version, the rate limiting of a log message has been corrected. Documentation updates are provided, including a change log that will now be maintained.
2003-03-09Update to 1.12. Changes in this version:jmmv4-33/+35
o Added support for DB 4.1.x o Included Makefile settings for AIX (David Barroso Berrueta) Fixes PR pkg/20449 by Dave Burgess.
2003-03-07Updated to version 0.8.11.salo3-7/+7
Patch provided by Juan RP via PR pkg/20611. Changes: 0.8.11: ======= - The folder option to remove parentheses and brackets at the beginning of subject has been added. - The option to use command output for signature has been added. - The summary search now also looks for collapsed nodes. - The size of the source window is now remembered. - Euro locales (ISO-8859-15) have been supported. - Many locales and encodings which were not supported before have been added. - Galician translation has been added. - Support for Latin locales (ISO-8859) has been fixed. - UTF-8 locale support has been fixed. - The folding problem of headers has been fixed. - The more workaround for abort problem in Japanese locale has been made. - Other bugfixes have been made.
2003-03-07Update tls+ipv6 patch in comment.taca2-3/+5
Is it still need commented out? (Though I can't test completely either...)
2003-03-06Updated postfix to 2.0.6martti2-7/+5
Postfix 2.0 patchlevel 6 intends to protect vulnerable Sendmail systems against exploitation of a remote buffer overflow problem that is described in CERT advisory CA-2003-07. - Postfix now truncates non-address information in message address headers (comments, etc.) to 250 characters per address. This should rarely present a problem. Reportedly, junk mail from poorly written software can trigger the protection, but that is no great loss. - Some little fixes to documentation.
2003-03-05Update to 1.2.0:wiz2-5/+5
* 1.2.0: ** Added new automated testing. Run them with ``make check''. * 1.1.5: ** Added MAPI_OBJECT.tnef test file ** Code cleanup. * 1.1.4: ** Fixed Bug 620072: Segfault related to MAPI_OBJECT parsing. * 1.1.3: ** Fixed Bug 608075: configuration on MacOSX
2003-03-05Update to 0.6.1:wiz2-5/+5
Version identification (popa3d -V) has been added, and the logging of abnormally terminated POP3 sessions has been improved.
2003-03-05Update to 2.1.7: Many bug and security fixes; you should upgrade.wiz6-17/+48
2003-03-04Remove sendmail88 package.seb1-2/+1
2003-03-04Remove this old sendmail package: there is no quick and easy fix forseb40-1113/+0
the latest sendmail security advisory. See http://www.cert.org/advisories/CA-2003-07.html People using such an old sendmail really should upgrade.
2003-03-04Older NetBSD's m4 (before 1.5Z) cannot be used by sendmail devtools.seb1-1/+17
So provide a build dependency on GNU m4 (devel/m4) when appropriate. Bump PKGREVISION.
2003-03-04Updated postfix to 2.0.5martti2-8/+8
- The SMTP server's hard and soft error limits were off by one. With "smtpd_hard_error_limit = 1", Postfix will now disconnect after the first error, instead of the second one. - The proxymap server could deadlock when the mydestination parameter setting included a proxymapped lookup table. - Some little fixes to documentation.
2003-03-04Add security fix from patch fileseb2-3/+7
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.11.6.security.cr.patch See Cert Advisory CA-2003-07. Bump PKGREVISION.