582 lines
26 KiB
Groff
582 lines
26 KiB
Groff
|
In the text below, incompatible changes are labeled with the Postfix
|
||
|
snapshot that introduced the change. If you upgrade from a later
|
||
|
Postfix version, then you do not have to worry about that particular
|
||
|
incompatibility.
|
||
|
|
||
|
The official Postfix release is called 2.1.x where 2=major release
|
||
|
number, 1=minor release number, x=patchlevel. Snapshot releases
|
||
|
are called 2.2-yyyymmdd where yyyymmdd is the release date (yyyy=year,
|
||
|
mm=month, dd=day). The mail_release_date configuration parameter
|
||
|
contains the release date (both for official release and snapshot
|
||
|
release). Patches are issued for the official release and change
|
||
|
the patchlevel and the release date. Patches are never issued for
|
||
|
snapshot releases.
|
||
|
|
||
|
Major changes - critical
|
||
|
------------------------
|
||
|
|
||
|
If you run Postfix 2.0 or earlier then you must stop Postfix before
|
||
|
upgrading. The master-child protocols have changed between Postfix
|
||
|
1.1 and 2.0, and version 2.1 sometimes writes queue files that the
|
||
|
2.0 and earlier queue managers complain about. If this happens move
|
||
|
the files from the corrupt directory to the maildrop directory and
|
||
|
give them another chance.
|
||
|
|
||
|
[Incompat 20021119] The Postfix upgrade procedure will add two new
|
||
|
services to your master.cf file: "trace" and "verify". These servers
|
||
|
can run inside a chroot jail, have no interaction with users, and
|
||
|
don't talk to the network. If Postfix complains that "trace" and
|
||
|
"verify" are not found, you made the error of copying your old
|
||
|
Postfix configuration files over the new ones. Execute "postfix
|
||
|
upgrade-configuration" to repair the Postfix configuration files.
|
||
|
|
||
|
[Incompat 20040331] Support for the non-standard Errors-To: message
|
||
|
header is removed. This also helps to stop potential attacks that
|
||
|
rely on bouncing mail to a destination that is not directly reachable
|
||
|
by the attacker. Specify "enable_errors_to = yes" to get the old
|
||
|
behavior.
|
||
|
|
||
|
Queue files written by Postfix 2.1 may contain information that
|
||
|
is incompatible with older Postfix versions:
|
||
|
|
||
|
[Incompat 20040120] Queue files creates with "sendmail -v" are no
|
||
|
longer compatible with Postfix versions 2.0 and earlier. A new
|
||
|
record type, "killed", was introduced in order to avoid repeated
|
||
|
mail delivery reports from mail that could not be delivered due to
|
||
|
a temporary error condition.
|
||
|
|
||
|
[Incompat 20030125] This release adds a new queue file record type
|
||
|
for the address specified in "REDIRECT user@domain" actions in
|
||
|
access maps or header/body_checks. Queue files with these records
|
||
|
will be rejected by older Postfix versions.
|
||
|
|
||
|
[Feature 20040120] The new queue manager nqmgr has become the
|
||
|
default qmgr queue manager. For a limited time the old queue manager
|
||
|
remains available under the name oqmgr. The name nqmgr still works
|
||
|
but will cause a warning to be logged.
|
||
|
|
||
|
[Incompat 20040413] The Postfix SMTP server no longer accepts mail
|
||
|
from or to an address ending in "@", including address forms that
|
||
|
rewrite into an address that ends in "@"). Specify "resolve_null_domain
|
||
|
= yes" to get the old behavior.
|
||
|
|
||
|
[Incompat 20031226] Postfix no longer allows mail addresses with
|
||
|
bare numeric IP addresses (user@1.2.3.4). This is not configurable.
|
||
|
The form user@[ipaddress] is still allowed.
|
||
|
|
||
|
[Incompat 20031226] Bounce messages now have a separate queue life
|
||
|
time. This is controlled by the bounce_queue_lifetime parameter.
|
||
|
|
||
|
[Incompat 20031019] The authorized_verp_clients parameter was
|
||
|
renamed to smtpd_authorized_verp_clients, and the default value
|
||
|
was changed to disable this feature. You now have to turn it on
|
||
|
explicitly.
|
||
|
|
||
|
Major changes - build environment
|
||
|
---------------------------------
|
||
|
|
||
|
[Incompat 20030112] The Postfix build procedure now uses the
|
||
|
pcre-config utility (part of PCRE version 3) to find out the
|
||
|
pathnames of the PCRE include file and object library, instead of
|
||
|
probing /usr/include and/or /usr/lib. To build with PCRE version
|
||
|
2 support you will have to specify pathnames as described in
|
||
|
PCRE_README. To build without PCRE support, specify: make Makefiles
|
||
|
CCARGS="-DNO_PRCE".
|
||
|
|
||
|
Major changes - documentation
|
||
|
-----------------------------
|
||
|
|
||
|
[Feature 20040331] Complete documentation rewrite. All parameters
|
||
|
are now described in postconf(5), and all commands and daemons are
|
||
|
shown in their proper context in the OVERVIEW document.
|
||
|
- All documents come as HTML and ASCII text.
|
||
|
- All HTML documents have hyperlinks for every parameter name,
|
||
|
for every Postfix manual page, and for every README file.
|
||
|
- All documents specify what feature is available in what release.
|
||
|
- The sample-*.cf configuration files no longer exist. The information
|
||
|
is now available in HTML documents, README files and UNIX man pages).
|
||
|
- The mumble_table example configuration files no longer exist.
|
||
|
|
||
|
[Incompat 20040413] The LMTP, Cyrus and Qmail related README files will
|
||
|
not be included in the Postfix version 2.1 distribution. They will
|
||
|
be made available via http://www.postfix.org/, and in Postfix 2.2
|
||
|
snapshots.
|
||
|
|
||
|
[Feature 20040413] You can install documentation in HTML format
|
||
|
besides the README files. Installation of README files is now
|
||
|
optional.
|
||
|
|
||
|
Major changes - access control
|
||
|
------------------------------
|
||
|
|
||
|
[Feature 20031215] Easier debugging of SMTPD access restrictions.
|
||
|
The SMTP command "xclient name=xxx addr=yyy" changes Postfix's idea
|
||
|
of the remote client name and address, so that you can pretend to
|
||
|
connect from anywhere on the Internet. Use of this command is
|
||
|
restricted to clients that match the list of names or addresses
|
||
|
specified with the smtpd_authorized_xclient_hosts parameter. By
|
||
|
default, XCLIENT is not accepted from anywhere. More details are
|
||
|
in the XCLIENT_README file.
|
||
|
|
||
|
[Feature 20030715] Support for multi-valued RBL lookup results.
|
||
|
For example, specify "reject_rbl_client foo.bar.tld=127.0.0.3" to
|
||
|
reject clients that are listed with a "127.0.0.3" address record.
|
||
|
More information is in the postconf(5) manual page.
|
||
|
|
||
|
[Feature 20030917] New "check_{helo,sender,recipient}_{ns,mx}_access
|
||
|
type:table" restrictions that apply the specified access table to
|
||
|
the NS or MX hosts of the host/domain given in HELO, EHLO, MAIL
|
||
|
FROM or RCPT TO commands. More information is in the postconf(5)
|
||
|
manual page.
|
||
|
|
||
|
This can be used to block mail from so-called spammer havens (all
|
||
|
domains that are served by the same DNS server, all domains that
|
||
|
resolve to the same MX host), from sender addresses that resolve
|
||
|
to Verisign's wild-card mail responder, or from domains that claim
|
||
|
to have mail servers in reserved networks such as 127.0.0.1.
|
||
|
|
||
|
Note: OK actions are not allowed for security reasons. Instead of
|
||
|
OK, use DUNNO in order to exclude specific hosts from blacklists.
|
||
|
If an OK result is found for an NS or MX host, Postfix rejects the
|
||
|
SMTP command with "451 Server configuration error".
|
||
|
|
||
|
[Feature 20040413] Support for a "WARN text..." feature in SMTPD
|
||
|
access tables, just like the WARN feature in header/body_checks.
|
||
|
|
||
|
[Feature 20040122] New "PREPEND headername: headervalue" action in
|
||
|
Postfix access maps. Primarily intended for tagging mail by for
|
||
|
example, an external SMTPD policy server. See access(5).
|
||
|
|
||
|
[Feature 20040124] New "PREPEND text" action in Postfix header/body_checks
|
||
|
maps. This action prepends a header or body line immediately before
|
||
|
the line that triggers the action. See header_checks(5) for details.
|
||
|
|
||
|
[Feature 20030125] New "REDIRECT user@domain" action for access
|
||
|
maps and header/body_checks that overrides all the originally
|
||
|
specified recipients of a message. Wietse would never recommend
|
||
|
that people use this to redirect (bounced) SPAM to the beneficiaries
|
||
|
of an advertisement campaign. See access(5) and header_checks(5).
|
||
|
|
||
|
[Feature 20031215] The reject_sender_login_mismatch feature (used
|
||
|
with SASL authenticated logins) is now implemented in terms of more
|
||
|
basic restrictions: reject_unauth_sender_login_mismatch (reject
|
||
|
mail when $sender_login_maps lists an owner for the sender address
|
||
|
but the SMTP client is not SASL authenticated) and
|
||
|
reject_auth_sender_login_mismatch (reject mail when the sender
|
||
|
address is not owned by the SASL authenticated user). The
|
||
|
sender_login_maps now support multiple owners per sender address.
|
||
|
See postconf(5) for details.
|
||
|
|
||
|
Major changes - address verification
|
||
|
------------------------------------
|
||
|
|
||
|
[Feature 20021119] Address verification blocks mail from or to
|
||
|
addresses that are not deliverable. This is turned on with the
|
||
|
reject_unverified_sender UCE restriction. Addresses are verified
|
||
|
by probing, that is, by sending mail that is not actually delivered
|
||
|
(SMTP interruptus). Detailed information is in the
|
||
|
ADDRESS_VERIFICATION_README file.
|
||
|
|
||
|
Address verification can follow a different route than ordinary
|
||
|
mail, typically to avoid sending probes to a relay host. To make
|
||
|
this possible, the address resolver supports multiple personalities.
|
||
|
For more detail see the ADDRESS_VERIFICATION_README file.
|
||
|
|
||
|
New "sendmail -bv" option. Postfix probes the specified recipient
|
||
|
addresses without actually delivering mail, and sends back an email
|
||
|
delivery report. This is useful for testing address rewriting and
|
||
|
address routing, and shows the final envelope and header addresses.
|
||
|
This feature currently does not access or update the sender address
|
||
|
verification database.
|
||
|
|
||
|
Major changes - content inspection
|
||
|
----------------------------------
|
||
|
|
||
|
[Feature 20030704] The Postfix SMTP server can be configured to
|
||
|
send all mail into a real-time content filter that inspects mail
|
||
|
BEFORE it is queued. See the SMTPD_PROXY_README file for details.
|
||
|
|
||
|
[Feature 20031022] Improved logging by Postfix daemons behind an
|
||
|
SMTP-based proxy filter. The logging now shows the remote client
|
||
|
name and address, instead of localhost[127.0.0.1]. This uses the
|
||
|
new SMTP command "XFORWARD addr=client-address name=client-hostname",
|
||
|
which specifies remote client information for logging purposes.
|
||
|
This command is restricted to clients that match the list of names
|
||
|
or addresses specified with the smtpd_authorized_xforward_hosts
|
||
|
parameter. By default, XFORWARD is not accepted from anywhere.
|
||
|
For an example, see the SMTPD_PROXY_README file.
|
||
|
|
||
|
[Feature 20030706] New receive_override_options parameter that
|
||
|
eliminates the need for different cleanup service instances before
|
||
|
and after an external content filter. One parameter controls what
|
||
|
happens before or after the content filter: rejecting unknown
|
||
|
recipients, canonical mapping, virtual alias expansion, masquerading,
|
||
|
automatic BCC recipients and header/body checks. See postconf(5)
|
||
|
for the fine details.
|
||
|
|
||
|
[Feature 20040124] New "PREPEND text" action in Postfix header/body_checks
|
||
|
maps. This action prepends a header or body line immediately before
|
||
|
the line that triggers the action. See header_checks(5) for details.
|
||
|
|
||
|
[Feature 20030125] New "REDIRECT user@domain" action for access maps
|
||
|
and header/body_checks that overrides all the originally specified
|
||
|
recipients of a message. Wietse would never recommend that people
|
||
|
use this to redirect (bounced) SPAM to the beneficiaries of an
|
||
|
advertisement campaign. See header_checks(5) and access(5).
|
||
|
|
||
|
[Incompat 20030915] In header/body_checks actions, the OK action
|
||
|
is being phased out, and the DUNNO action is being phased in. Both
|
||
|
actions still work and do the same thing, but hopefully DUNNO causes
|
||
|
less confusion. See header_checks(5) for details.
|
||
|
|
||
|
Major changes - policy delegation
|
||
|
---------------------------------
|
||
|
|
||
|
[Feature 20030715] Support for SMTP access policy delegation to an
|
||
|
external server. Greylisting and SPF are provided as examples.
|
||
|
See the SMTPD_POLICY_README file for further information.
|
||
|
|
||
|
Major changes - client rate limiting
|
||
|
------------------------------------
|
||
|
|
||
|
Note: this feature is not included with Postfix 2.1, but it is
|
||
|
documented here so that the information will not be lost.
|
||
|
|
||
|
[Feature 20031111] Preliminary defense against SMTP clients that
|
||
|
hammer an SMTP server with too many connections. By default, the
|
||
|
number of simultaneous connections per client is limited to half
|
||
|
the default process limit, and no limit is imposed on the number
|
||
|
of successive connections per time unit that a client is allowed
|
||
|
to make.
|
||
|
|
||
|
The new anvil server maintains the connection statistics, and logs
|
||
|
the maximum connection count and connection rate per client every
|
||
|
anvil_status_update_time seconds (10 minutes), or when it terminates
|
||
|
(when there is no work to be done, or when "postfix reload" was
|
||
|
issued). Once you have an idea what the numbers look like, you can
|
||
|
clamp down the limits for your system.
|
||
|
|
||
|
The relevant main.cf configuration parameters are: smtpd_client-
|
||
|
connection_count_limit for the number of simultaneous connections
|
||
|
per client, and smtpd_client_connection_rate_limit for the number
|
||
|
of successive connections per unit time and client. The time unit
|
||
|
is specified with the anvil_rate_time_unit parameter, and is one
|
||
|
minute by default.
|
||
|
|
||
|
When Postfix rejects a client, it sends a 450 status code and
|
||
|
disconnects, and logs a warning with the client name/address and
|
||
|
the service name from master.cf. You can, for example, capture this
|
||
|
information with a logfile watching program that updates a firewall
|
||
|
rule (such a watcher program is not included with Postfix).
|
||
|
|
||
|
To avoid rejecting authorized hosts, the smtpd_client_connection-
|
||
|
limit_exceptions parameter takes a list of network/netmask expressions,
|
||
|
hostnames or .domain names that are excluded from these restrictions.
|
||
|
By default, all clients in $mynetworks are excluded; you will
|
||
|
probably want to use a more restrictive setting.
|
||
|
|
||
|
For further information, see: smtpd(8) and anvil(8).
|
||
|
|
||
|
Major changes - configuration management
|
||
|
----------------------------------------
|
||
|
|
||
|
[Feature 20040413] New postfix(1) command features:
|
||
|
|
||
|
- "postfix set-permissions" corrects Postfix file and directory
|
||
|
permissions and allows you to change mail_owner or setgid_group
|
||
|
settings after Postfix is installed.
|
||
|
|
||
|
- "postfix upgrade-configuration" fixes Postfix systems after people
|
||
|
copy over their old configuration files after installing a new
|
||
|
Postfix system.
|
||
|
|
||
|
See postfix(1) for details.
|
||
|
|
||
|
[Incompat 20040120] The format of the postfix-files file has changed.
|
||
|
There is a new type for hard links. With hard or symbolic link
|
||
|
entries, the first field is now the destination pathname and the
|
||
|
"owner" field is now the origin pathname, while "group" and
|
||
|
"permissions" are ignored.
|
||
|
|
||
|
Major changes - core functionality
|
||
|
----------------------------------
|
||
|
|
||
|
[Feature 20030704] New enable_original_recipient parameter (default:
|
||
|
yes) to control whether Postfix keeps track of original recipient
|
||
|
address information. If this is turned off Postfix produces no
|
||
|
X-Original-To: headers and ignores the original recipient when
|
||
|
eliminating duplicates after virtual alias expansion. Code by Victor
|
||
|
Duchovni.
|
||
|
|
||
|
[Feature 20030417] Automatic BCC recipients depending on sender or
|
||
|
recipient address. The configuration parameters in question are
|
||
|
"sender_bcc_maps" and "recipient_bcc_maps". See postconf(5).
|
||
|
|
||
|
[Incompat 20030415] Too many people mess up their net/mask patterns,
|
||
|
causing open mail relay problems. Postfix processes now abort when
|
||
|
given a net/mask pattern with a non-zero host portion (for example,
|
||
|
168.100.189.2/28), and suggest to specify the proper net/mask
|
||
|
pattern instead (for example, 168.100.189.0/28).
|
||
|
|
||
|
[Feature 20030415] Workaround for file system clock drift that
|
||
|
caused Postfix to ignore new mail (this could happen with file
|
||
|
systems mounted from a server). Postfix now logs a warning and
|
||
|
proceeds with only slightly reduced performance, instead of ignoring
|
||
|
new mail.
|
||
|
|
||
|
Major changes - database support
|
||
|
--------------------------------
|
||
|
|
||
|
Liviu Daia took the lead in a revision of the LDAP, MySQL and
|
||
|
PostgreSQL clients. Credits also go to Victor Duchovni and to
|
||
|
Lamont Jones.
|
||
|
|
||
|
[Feature 20030915] LDAP parameters can now be defined in external
|
||
|
files. Specify the LDAP maps in main.cf as
|
||
|
ldap:/path/to/ldap.cf
|
||
|
and write the LDAP parameters in /path/to/ldap.cf, without the
|
||
|
"ldapsource_" prefix. This makes it possible to securely store
|
||
|
bind passwords for plain auth outside of main.cf (which must be
|
||
|
world readable). The old syntax still works, for backwards
|
||
|
compatibility.
|
||
|
|
||
|
[Feature 20030915] Support for LDAP URLs in the LDAP parameter
|
||
|
"server_host", if Postfix is linked against OpenLDAP. LDAP hosts,
|
||
|
ports, and connection protocols to be used as LDAP sources can be
|
||
|
specified as a blank-separated list of LDAP URLs in "server_host".
|
||
|
As with OpenLDAP, specifying a port in a LDAP URL overrides
|
||
|
"server_port". Examples:
|
||
|
server_host = ldap://ldap.itd.umich.edu
|
||
|
server_host = ldaps://ldap.itd.umich.edu:636
|
||
|
server_host = ldapi://%2Fsome%2Fpath
|
||
|
|
||
|
[Feature 20030915] The LDAP SSL scheme ldaps:// is available if
|
||
|
OpenLDAP was compiled with SSL support. New parameters "tls_ca_cert_dir",
|
||
|
"tls_ca_cert_file", "tls_cert", "tls_key", "tls_require_cert",
|
||
|
"tls_random_file", "tls_cipher_suite" control the certificates,
|
||
|
source of random numbers, and cipher suites used for SSL connections.
|
||
|
See LDAP_README for further information.
|
||
|
|
||
|
[Feature 20030915] Support for STARTTLS command in LDAP, if Postfix
|
||
|
is linked against OpenLDAP and OpenLDAP was compiled with SSL
|
||
|
support. STARTTLS is controlled by the "start_tls" parameter.
|
||
|
The above parameters for certificates, source of random numbers,
|
||
|
and cipher suites also apply. See LDAP_README for further information.
|
||
|
|
||
|
[Incompat 20030704] Support for client side LDAP caching is gone.
|
||
|
OpenLDAP 2.1.13 and later no longer support it, and the feature
|
||
|
never worked well. Postfix now ignores cache controlling parameters
|
||
|
in an LDAP configuration file and logs a warning.
|
||
|
|
||
|
[Feature 20030415] PostgreSQL table lookups. Specify "pgsql:/file/name"
|
||
|
where "/file/name" defines the database. See "man pgsql_table" for
|
||
|
examples, and the PGSQL_README file for general information.
|
||
|
|
||
|
Major changes - internals
|
||
|
-------------------------
|
||
|
|
||
|
[Incompat 20040120] The format of the postfix-files file has changed.
|
||
|
There is a new type for hard links. With hard or symbolic link
|
||
|
entries, the first field is now the destination pathname and the
|
||
|
"owner" field is now the origin pathname, while "group" and
|
||
|
"permissions" are ignored.
|
||
|
|
||
|
[Incompat 20040120] The LDAP and SQL client source code is moved
|
||
|
to the global directory in order to eliminate reversed dependencies.
|
||
|
|
||
|
[Feature 20030606] Complete rewrite of the queue file record reading
|
||
|
loops in the pickup, cleanup and in the queue manager daemons. This
|
||
|
code had deteriorated over time. The new code eliminates an old
|
||
|
problem where the queue manager had to read most queue file records
|
||
|
twice in the case of an alias/include file expansion with more than
|
||
|
qmgr_message_recipient_limit recipients.
|
||
|
|
||
|
[Feature 20030125] Code cleanup up of queue manager internals.
|
||
|
Queue names are no longer mixed up with the next-hop destination,
|
||
|
and the address resolver loop is now easier to understand.
|
||
|
|
||
|
[Feature 20030104] Multi-server daemons (servers that accept
|
||
|
simultaneous connections from multiple clients) will now stop
|
||
|
accepting new connections after serving $max_use clients. This
|
||
|
allows multi-server daemons to automatically restart even on busy
|
||
|
mail systems.
|
||
|
|
||
|
[Feature 20030104] Clients of multi-server daemons such as
|
||
|
trivial-rewrite and the new proxymap service now automatically
|
||
|
disconnect after $ipc_ttl seconds of activity (default: 1000s).
|
||
|
This allows multi-server daemons to automatically restart even on
|
||
|
busy mail systems.
|
||
|
|
||
|
[Incompat 20021119] The file format of bounce/defer logfiles has
|
||
|
changed from the old one-line ad-hoc format to a more structured
|
||
|
multi-line format. For backwards compatibility, Postfix now creates
|
||
|
bounce/defer logfile entries that contain both the old and the new
|
||
|
format, so that you can go back to an older Postfix release without
|
||
|
losing information. Old Postfix versions will warn about malformed
|
||
|
logfile entries, but should work properly. To disable backwards
|
||
|
compatibility specify "backwards_bounce_logfile_compatibility =
|
||
|
no" in main.cf.
|
||
|
|
||
|
[Feature 20021119] Both "sendmail -bv" and "sendmail -v" use the
|
||
|
new "trace" daemon that is automatically added to master.cf when
|
||
|
you upgrade.
|
||
|
|
||
|
Major changes - logging
|
||
|
-----------------------
|
||
|
|
||
|
[Incompat 20040413] The postmap and postalias commands now report
|
||
|
errors to syslogd in addition to reporting them to the standard
|
||
|
error output. This makes logfile analysis easier.
|
||
|
|
||
|
[Incompat 20031203] Many SMTPD "reject" logfile entries now show
|
||
|
NOQUEUE instead of a queue ID. This is because Postfix no longer
|
||
|
creates a queue file before the SMTP server has received a valid
|
||
|
recipient.
|
||
|
|
||
|
Major changes - lookup table support
|
||
|
------------------------------------
|
||
|
|
||
|
[Feature 20030704] New CIDR-based lookup table, remotely based on
|
||
|
code by Jozsef Kadlecsik. For details and examples, see "man
|
||
|
cidr_table".
|
||
|
|
||
|
[Feature 20030704] The TCP-based table lookup protocol is finished.
|
||
|
For details and examples, see "man tcp_table". This will allow you
|
||
|
to implement your own greylisting, or to do your own open proxy
|
||
|
tests before accepting mail. This table will not be included with
|
||
|
Postfix 2.1 because the protocol is obsoleted by the policy delegation
|
||
|
(see elsewhere in this document) which does a much better job.
|
||
|
|
||
|
[Feature 20030704] Support for !/pattern/ (negative matches) in
|
||
|
PCRE lookup tables by Victor Duchovni. See "man pcre_table" and
|
||
|
"man regexp_table" for more.
|
||
|
|
||
|
Major changes - resource control
|
||
|
--------------------------------
|
||
|
|
||
|
[Incompat 20031022] The Postfix SMTP server no longer accepts mail
|
||
|
when the amount of free queue space is less than 1.5 times the
|
||
|
message_size_limit value.
|
||
|
|
||
|
Major changes - security
|
||
|
------------------------
|
||
|
|
||
|
[Incompat 20040413] The Postfix SMTP server no longer accepts mail
|
||
|
from or to an address ending in "@", including address forms that
|
||
|
rewrite into an address that ends in "@"). Specify "resolve_null_domain
|
||
|
= yes" to get the old behavior.
|
||
|
|
||
|
[Incompat 20040331] Support for the non-standard Errors-To: message
|
||
|
header is removed. This also helps to stop potential attacks that
|
||
|
rely on bouncing mail to a destination that is not directly reachable
|
||
|
by the attacker. Specify ""enable_errors_to = yes" to get the old
|
||
|
behavior.
|
||
|
|
||
|
[Incompat 20040331] Tarpit delays are reduced. The Postfix SMTP
|
||
|
server no longer delays responses until the client has made
|
||
|
$smtpd_soft_error_limit errors, and the delay is fixed at
|
||
|
$smtpd_error_sleep_time seconds. Postfix still disconnects after
|
||
|
$smtpd_hard_error_limit errors.
|
||
|
|
||
|
[Incompat 20040120] The SMTP server can reject non-existent sender
|
||
|
addresses in a local, virtual or relay domain; specify
|
||
|
"reject_unlisted_sender=yes" in order to require that a sender
|
||
|
address passes the same "user unknown" test as a recipient would
|
||
|
have to pass. This is optional in Postfix 2.1, likely to be turned
|
||
|
on by default in Postfix 2.2.
|
||
|
|
||
|
[Incompat 20031226] Postfix no longer allows mail addresses with
|
||
|
bare numeric IP addresses (user@1.2.3.4). This is not configurable.
|
||
|
The form user@[ipaddress] is still allowed.
|
||
|
|
||
|
[Incompat 20030305] Postfix truncates non-address information in message
|
||
|
address headers (comments, etc.) to 250 characters per address, in
|
||
|
order to protect vulnerable Sendmail systems against exploitation
|
||
|
of a remote buffer overflow problem (CERT advisory CA-2003-07).
|
||
|
|
||
|
[Incompat 20030227] The smtpd_hard_error_limit and smtpd_soft_error_limit
|
||
|
values now behave as documented, that is, smtpd_hard_error_limit=1
|
||
|
causes Postfix to disconnect upon the first client error. Previously,
|
||
|
there was an off-by-one error causing Postfix to change behavior
|
||
|
after smtpd_hard/soft_error_limit+1 errors.
|
||
|
|
||
|
Major changes - smtp client
|
||
|
---------------------------
|
||
|
|
||
|
[Incompat 20031223] The SMTP client now tries to connect to an
|
||
|
alternate MX address when a delivery attempt fails **after the
|
||
|
initial SMTP handshake**. This includes both broken connections
|
||
|
and 4XX SMTP replies. To get the old behavior, specify
|
||
|
"smtp_mx_session_limit = 1" in main.cf.
|
||
|
|
||
|
[Feature 20031223] The SMTP client now tries to connect to an
|
||
|
alternate MX address when a delivery attempt fails after the
|
||
|
initial SMTP handshake. This includes both broken connections
|
||
|
and 4XX SMTP replies.
|
||
|
|
||
|
As a benefit, fallback_relay now works as promised, not just for
|
||
|
sessions that fail during the initial handshake.
|
||
|
|
||
|
The new SMTP client connection management is controlled by two new
|
||
|
configuration parameters:
|
||
|
|
||
|
- smtp_mx_address_limit (default unlimited): the number of MX (mail
|
||
|
exchanger) IP addresses that can result from mail exchanger
|
||
|
lookups.
|
||
|
|
||
|
- smtp_mx_session_limit (default 2): the number of SMTP sessions
|
||
|
per delivery request before giving up or delivering to a fall-back
|
||
|
relay, ignoring IP addresses that fail to complete the SMTP
|
||
|
initial handshake.
|
||
|
|
||
|
[Incompat 20031022] Postfix no longer retries delivery when no MX
|
||
|
host has a valid A record, for compatibility with many other MTAs.
|
||
|
This change is made in anticipation of a possible Verisign "wild-card
|
||
|
MX record without A record" for unregistered domains. To get the
|
||
|
old behavior, specify "smtp_defer_if_no_mx_address_found = yes".
|
||
|
|
||
|
[Incompat 20031022] The Postfix SMTP client no longer looks in
|
||
|
/etc/hosts by default. To get the old behavior, specify
|
||
|
"smtp_host_lookup = dns, native".
|
||
|
|
||
|
[Feature 20030417] Support for sending mail to hosts not in the
|
||
|
DNS, without having to turn off DNS lookups. The "smtp_host_lookup"
|
||
|
parameter controls how the Postfix SMTP client looks up hosts. In
|
||
|
order to use /etc/hosts besides DNS, specify "smtp_host_lookup =
|
||
|
dns, native". The default is to use DNS only.
|
||
|
|
||
|
Major changes - user interface
|
||
|
------------------------------
|
||
|
|
||
|
[Incompat 20040418] The non-delivery report format has changed.
|
||
|
The "sorry" message and the DSN formatted report now include the
|
||
|
original recipient address, when that address is different from
|
||
|
the final recipient address. This makes it easier to diagnose some
|
||
|
mail delivery problems that happen after mail forwarding.
|
||
|
|
||
|
[Incompat 20031223] In mailq (queue listing) output, there no longer
|
||
|
is space between a short queue ID and the "*" (delivery in progress)
|
||
|
or ! (mail on hold) status indicator. This makes the output easier
|
||
|
to parse.
|
||
|
|
||
|
[Incompat 20030417] "sendmail -t" no longer complains when recipients
|
||
|
are given on the command line. Instead, it now adds recipients from
|
||
|
headers to the recipients from the command-line.
|
||
|
|
||
|
[Incompat 20030126] The maildir file naming algorithm has changed
|
||
|
according to an updated version of http://cr.yp.to/proto/maildir.html.
|
||
|
The name is now TIME.VdevIinum.HOST
|
||
|
|
||
|
[Incompat 20021119] The behavior of "sendmail -v" has changed. One
|
||
|
-v option now produces one email report with the status of each
|
||
|
recipient. Multiple -v options behave as before: turn on verbose
|
||
|
logging in the sendmail and postdrop commands.
|
||
|
|
||
|
[Feature 20021119] New "sendmail -bv" option. Postfix probes the
|
||
|
specified recipient addresses without actually delivering mail,
|
||
|
and sends back an email delivery report. This is useful for testing
|
||
|
address rewriting and address routing of both envelope and header
|
||
|
addresses. This feature currently does not access or update the
|
||
|
sender address verification database.
|
||
|
|