Commit Graph

111 Commits

Author SHA1 Message Date
pgoyette 15472e955c Set the smtputf8_enable switch to "no" for now, since we are build without
EAI support.
2017-02-21 01:13:21 +00:00
rin 32e3859f13 bump from NETBSD4 to NETBSD7, no functional changes at the moment 2017-02-20 05:46:12 +00:00
rin 09c20f93ff We have getifaddrs(3) since NetBSD 1.5, regardless of whether IPv6 is
supported or not.
2017-02-20 05:43:12 +00:00
rin 318e53e005 correct obviously misplaced #endif 2017-02-20 05:40:03 +00:00
christos 0009d6c199 set the default meta_directory where we are installing postfix-files. 2017-02-15 16:42:16 +00:00
christos e89934bbf7 Resolve conflicts. 2017-02-14 01:16:43 +00:00
christos e262b48e47 The stable Postfix release is called postfix-3.0.x where 3=major
release number, 0=minor release number, x=patchlevel.  The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.

New features are developed in snapshot releases. These are called
postfix-3.1-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day).  Patches are never issued for snapshot releases;
instead, a new snapshot is released.

The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.

If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.

Notes for distribution maintainers
----------------------------------

* New backwards-compatibility safety net.

With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.

With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.

Several Postfix default settings have changed with Postfix 3.0.  To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.

* New Postfix build system.

The Postfix build/install procedure has changed to support Postfix
dynamically-linked libraries and database plugins. These must not
be "shared" with non-Postfix programs, and therefore must not be
installed in a public directory.

To avoid massive frustration due to broken patches, PLEASE BUILD
POSTFIX FIRST WITHOUT APPLYING ANY PATCHES.  Follow the INSTALL
instructions (see "Building with Postfix dynamically-linked libraries
and database plugins"), and see how things work and what the
dynamically-linked libraries, database plugin, and configuration
files look like.  Then, go ahead and perform your platform-specific
customizations. The INSTALL section "Tips for distribution maintainers"
has further suggestions.

Major changes - critical
------------------------

[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.

Major changes - default settings
--------------------------------

[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet).  However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.

[Incompat 20141001] A new backwards-compatibility safety net forces
Postfix to run with backwards-compatible main.cf and master.cf
default settings after an upgrade to a newer but incompatible Postfix
version. See COMPATIBILITY_README for details.

While the backwards-compatible default settings are in effect,
Postfix logs what services or what email would be affected by the
incompatible change. Based on this the administrator can make some
backwards-compatibility settings permanent in main.cf or master.cf,
before turning off backwards compatibility.

See postconf.5.html#compatibility_level for details.

[Incompat 20141001] The default settings
have changed for append_dot_mydomain (new: no.  old: yes), master.cf
chroot (new: n, old: y), and smtputf8 (new: yes, old: no).

Major changes - access control
------------------------------

[Feature 20141119] Support for BCC actions in header/body_checks
and milter_header_checks.  There is no limit on the number of BCC
actions that may be specified, other than the implicit limit due
to finite storage. BCC support will not be implemented in Postfix
delivery agent header/body_checks.

It works in the same way as always_bcc and sender/recipient_bcc_maps:
there can be only one address per action, recipients are added with
the NOTIFY=NONE delivery status notification option, and duplicate
recipients are ignored (with the same delivery status notification
options).

[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet).  However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.

[Feature 20140618] New INFO action in access(5) tables, for consistency
with header/body_checks.

[Feature 20140620] New check_xxx_a_access (for xxx in client,
reverse_client, helo, sender, recipient) implements access control
on all A and AAAA IP addresses for respectively the client hostname,
helo parameter, sender domain or recipient domain. This complements
the existing check_xxx_mx_access and check_xxx_ns_access features.

Major changes - address rewriting
---------------------------------

[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no.  old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).

Major changes - address verification
------------------------------------

[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) specifies what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject invalid recipients
in response to the DATA command.

Major changes - database support
--------------------------------

[Feature 20140512] Support for Berkeley DB version 6.

[Feature 20140618] The "randmap" lookup table performs random
selection. This may be used to implement load balancing, for example:

/etc/postfix/transport:
    # Deliver my own domain as usual.
    example.com :
    .example.com :

/etc/postfix/main.cf:
    transport_maps =
        # Deliver my own domain as usual.
        hash:/etc/postfix/transport
        # Deliver other domains via randomly-selected relayhosts
        randmap:{smtp:smtp0.example.com, smtp:smtp1.example.com}

A variant of this can randomly select SMTP clients with different
smtp_bind_address settings.

To implement different weights, specify lookup results multiple
times. For example, to choose smtp:smtp1.example.com twice as often
as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice.

A future version may support randmap:/path/to/file to load a list
of results from file.

[Feature 20140618] As the name suggests, the "pipemap" table
implements a pipeline of lookup tables. The name of the table
specifies the pipeline as a sequence of tables. For example, the
following prevents SMTP mail to system accounts that have "nologin"
as their login shell:

    /etc/postfix/main.cf:
        local_recipient_maps =
            pipemap:{unix:passwd.byname, pcre:/etc/postfix/no-nologin.pcre}
            alias_maps

    /etc/postfix/no-nologin.pcre:
        !/nologin/      whatever

Each "pipemap:" query is given to the first table. Each table
lookup result becomes the query for the next table in the pipeline,
and the last table produces the final result.  When any table lookup
produces no result, the entire pipeline produces no result.

A future version may support pipemap:/path/to/file to load a list
of lookup tables from file.

[Feature 20140924] Support for unionmap, with the same syntax as
pipemap.  This sends a query to all tables, and concatenates non-empty
results, separated by comma.

[Feature 20131121] The "static" lookup table now supports whitespace
when invoked as "static:{ text with whitespace }", so that it can
be used, for example, at the end of smtpd_mumble_restrictions as
"check_mumble_access static:{reject text...}".

[Feature 20141126] "inline:{key=value, { key = text with comma/space}}"
avoids the need to create a database for just a few entries.

Major changes - delivery status notifications
---------------------------------------------

[Feature 20140321] Delivery status filter support, to replace the
delivery status codes and explanatory text of successful or
unsuccessful deliveries by Postfix mail delivery agents.

This was originally implemented for sites that want to turn certain
soft delivery errors into hard delivery errors, but it can also be
used to censor out information from delivery confirmation reports.

This feature is implemented as a filter that replaces the three-number
enhanced status code and descriptive text in Postfix delivery agent
success, bounce, or defer messages. Note: this will not override
"soft_bounce=yes", and this will not change a successful delivery
status into an unsuccessful status or vice versa.

The first example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.

/etc/postfix/main.cf:
    smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter

/etc/postfix/smtp_dsn_filter:
    /^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
    /^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1

The second example removes the destination command name and file
name from local(8) successful delivery reports, so that they will
not be reported when a sender requests confirmation of delivery.

/etc/postfix/main.cf:
    local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter

/etc/postfix/local_dsn_filter:
    /^(2\S+ delivered to file).+/    $1
    /^(2\S+ delivered to command).+/ $1

This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
and virtual(8) delivery agents. That is, all delivery agents that
actually deliver mail.  It will not be implemented in the error and
retry pseudo-delivery agents.

The new main.cf parameters and default values are:

    default_delivery_status_filter =
    lmtp_delivery_status_filter = $default_delivery_status_filter
    local_delivery_status_filter = $default_delivery_status_filter
    pipe_delivery_status_filter = $default_delivery_status_filter
    smtp_delivery_status_filter = $default_delivery_status_filter
    virtual_delivery_status_filter = $default_delivery_status_filter

See the postconf(5) manpage for more details.

[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.

[Feature 20140907] With "confirm_delay_cleared = yes", Postfix
informs the sender when delayed mail leaves the queue (this is in
addition to the delay_warning_time feature that warns when mail is
still queued).  This feature is disabled by default, because it can
result in a sudden burst of notifications when the queue drains at
the end of a prolonged network outage.

Major changes - dns
-------------------

[Feature 20141128] Support for DNS server reply filters in the
Postfix SMTP/LMTP client and SMTP server. This helps to work around
mail delivery problems with sites that have incorrect DNS information.
Note: this has no effect on the implicit DNS lookups that are made
by nsswitch.conf or equivalent mechanisms.

This feature renders each lookup result as one line of text in
standard zone-file format as shown below. The class field is always
"IN", the preference field exists only for MX records, the names
of hosts, domains, etc. end in ".", and those names are in ASCII
form (xn--mumble form for internationalized domain names).

    name         ttl   class type preference value
    ---------------------------------------------------------
    postfix.org. 86400 IN    MX   10         mail.cloud9.net.

Typically, one would match this text with a regexp: or pcre: table.
When a match is found, the table lookup result specifies an action.
By default, the table query and the action name are case-insensitive.
Currently, only the IGNORE action is implemented.

For safety reasons, Postfix logs a warning or defers mail delivery
when a DNS reply filter removes all lookup results from a successful
query.

The Postfix SMTP/LMTP client uses the smtp_dns_reply_filter and
lmtp_dns_reply_filter features only for Postfix SMTP client lookups
of MX, A, and AAAAA records to locate a remote SMTP or LMTP server,
including lookups that implement the features reject_unverified_sender
and reject_unverified_recipient. The filters are not used for lookups
made through nsswitch.conf and similar mechanisms.

The Postfix SMTP server uses the smtpd_dns_reply_filter feature
only for Postfix SMTP server lookups of MX, A, AAAAA, and TXT records
to implement the features reject_unknown_helo_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_rbl_*, and reject_rhsbl_*. The filter is not used for lookups
made through nsswitch.conf and similar mechanisms, such as lookups
of the remote SMTP client name.

[Feature 20141126] Nullmx support (MX records with a null hostname).
This change affects error messages only.  The Postfix SMTP client
already bounced mail for such domains, and the Postfix SMTP server
already rejected such domains with reject_unknown_sender/recipient_domain.
This feature introduces a new SMTP server configuration parameter
nullmx_reject_code (default: 556).

Major changes - dynamic linking
-------------------------------

[Feature 20140530] Support to build Postfix with Postfix
dynamically-linked libraries, and with dynamically-loadable database
clients. These MUST NOT be used by non-Postfix programs. Postfix
dynamically-linked libraries introduce minor runtime overhead and
result in smaller Postfix executable files. Dynamically-loadable
database clients are useful when you distribute or install pre-compiled
packages.  Postfix 3.0 supports dynamic loading for CDB, LDAP, LMDB,
MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.

This implementation is based on Debian code by LaMont Jones, initially
ported by Viktor Dukhovni. Currently, support exists for recent
versions of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.

To support Postfix dynamically-linked libraries and dynamically-loadable
database clients, the Postfix build procedure had to be changed
(specifically, the files makedefs and Makefile.in, and the files
postfix-install and post-install that install or update Postfix).

[Incompat 20140530] The Postfix 3.0 build procedure expects that
you specify database library dependencies with variables named
AUXLIBS_CDB, AUXLIBS_LDAP, etc.  With Postfix 3.0 and later, the
old AUXLIBS variable still supports building a statically-loaded
CDB etc.  database client, but only the new AUXLIBS_CDB etc. variables
support building a dynamically-loaded or statically-loaded CDB etc.
database client.  See CDB_README, LDAP_README, etc. for details.

Failure to follow this advice will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have
database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.

Major changes - future proofing
-------------------------------

[Cleanup 20141224] The changes described here have no visible effect
on Postfix behavior, but they make Postfix code easier to maintain,
and therefore make new functionality easier to add.

* Compile-time argument typechecks of non-printf/scanf-like variadic
  function argument lists.

* Deprecating the use of "char *" for non-text purposes such as
  memory allocation and pointers to application context for call-back
  functions. This dates from long-past days before void * became
  universally available.

* Replace integer types for counters and sizes with size_t or ssize_t
  equivalents.  This eliminates some wasteful 64<->32bit conversions
  on 64-bit systems.

Major changes - installation pathnames
--------------------------------------

[Incompat 20140625] For compliance with file system policies, some
non-executable files have been moved from $daemon_directory to the
directory specified with the new meta_directory configuration
parameter which has the same default value as the config_directory
parameter. This change affects non-executable files that are shared
between multiple Postfix instances such as postfix-files, dynamicmaps.cf,
and multi-instance template files.

For backwards compatibility with Postfix 2.6 .. 2.11, specify
"meta_directory = $daemon_directory" in main.cf before installing
or upgrading Postfix, or specify "meta_directory = /path/name" on
the "make makefiles", "make install" or "make upgrade" command line.

Major changes - milter
----------------------

[Feature 20140928] Support for per-Milter settings that override
main.cf parameters.  For details see the section "Advanced policy
client configuration" in the SMTPD_POLICY_README document.

Here is an example that uses both old and new syntax:

    smtpd_milters = { inet:127.0.0.1:port1, default_action=accept, ... },
        inet:127.0.0.1:port2, ...

The supported attribute names are: command_timeout, connect_timeout,
content_timeout, default_action, and protocol. These have the same
names as the corresponding main.cf parameters, without the "milter_"
prefix.

The per-milter settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.

[Feature 20141018] DMARC compatibility: when a Milter inserts a
header ABOVE Postfix's own Received: header, Postfix no longer
exposes its own Received: header to Milters (violating protocol)
and Postfix no longer hides the Milter-inserted header from Milters
(wtf).

Major changes - parameter syntax
--------------------------------

[Feature 20140921] In preparation for configurable mail headers and
logging, new main.cf support for if-then-else expressions:

    ${name?{text1}:{text2}}

and for logical expressions:

    ${{text1}=={text2}?{text3}:{text4}}
    ${{text1}!={text2}?{text3}:{text4}}

Whitespace before and after {text} is ignored. This can help to
make complex expressions more readable.  See the postconf(5) manpage
for further details.

[Feature 20140928] Support for whitespace in daemon command-line
arguments. For details, see the "Command name + arguments" section
in the master(5) manpage.  Example:

    smtpd -o { parameter = value containing whitespace } ...

The { ... } form is also available for non-option command-line
arguments in master.cf, for example:

    pipe ... argv=command { argument containing whitespace } ...

In both cases, whitespace immediately after "{" and before "}"
is ignored.

[Feature 20141005] Postfix import_environment and export_environment
now allow "{ name=value }" to protect whitespace in attribute values.

[Feature 20141006] The new message_drop_header parameter replaces
a hard-coded table that specifies what message headers the cleanup
daemon will remove.  The list of supported header names covers RFC
5321, 5322, MIME RFCs, and some historical names.

Major changes - pipe daemon
---------------------------

[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.

Major changes - policy client
-----------------------------

[Feature 20140703] This release introduces three new configuration
parameters that control error recovery for failed SMTPD policy
requests.

  * smtpd_policy_service_default_action (default: 451 4.3.5 Server
    configuration problem): The default action when an SMTPD policy
    service request fails.

  * smtpd_policy_service_try_limit (default: 2): The maximal number
    of attempts to send an SMTPD policy service request before
    giving up. This must be a number greater than zero.

  * smtpd_policy_service_retry_delay (default: 1s): The delay between
    attempts to resend a failed SMTPD policy service request. This
    must be a number greater than zero.

See postconf(5) for details and limitations.

[Feature 20140928] Support for per-policy service settings that
override main.cf parameters.  For details see the section "Different
settings for different Milter applications" in the MILTER_README
document.

Here is an example that uses both old and new syntax:

smtpd_recipient_restrictions = ...
    check_policy_service { inet:127.0.0.1:port3, default_action=DUNNO }
    check_policy_service inet:127.0.0.1:port4
    ...

The per-policy service settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.

The supported attribute names are: default_action, max_idle, max_ttl,
request_limit, retry_delay, timeout, try_limit. These have the same
names as the corresponding main.cf parameters, without the
"smtpd_policy_service_" prefix.

[Feature 20140505] A client port attribute was added to the policy
delegation protocol.

[Feature 20140630] New smtpd_policy_service_request_limit feature to
limit the number of requests per Postfix SMTP server policy connection.
This is a workaround to avoid error-recovery delays with policy
servers that cannot maintain a persistent connection.

Major changes - position-independent executables
------------------------------------------------

[Feature 20150205] Preliminary support for building position-independent
executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
9 and 10, and NetBSD 6. Specify:

$ make makefiles pie=yes ...other arguments...

On some systems, PIE is used by the ASLR exploit mitigation technique
(ASLR = Address-Space Layout Randomization). Whether specifying
"pie=yes" has any effect at all depends on the compiler.  Reportedly,
some compilers always produce PIE executables.

Major changes - postscreen
--------------------------

[Feature 20140501] Configurable time limit (postscreen_dnsbl_timeout)
for DNSBL or DNSWL lookups. This is separate from the timeouts in
the dnsblog(8) daemon which are controlled by system resolver(3)
routines.

Major changes - session fingerprint
-----------------------------------

[Feature 20140801] The Postfix SMTP server now logs at the end of
a session how many times an SMTP command was successfully invoked,
followed by the total number of invocations if some invocations
were unsuccessful.

This logging will enough to diagnose many problems without using
verbose logging or network sniffer.

    Normal session, no TLS:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=1 data=1 quit=1

    Normal session. with TLS:
        disconnect from name[addr] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1

    All recipients rejected, no ESMTP command pipelining:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 quit=1

    All recipients rejected, with ESMTP command pipelining:
        disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1

    Password guessing bot, hangs up without QUIT:
        disconnect from name[addr] ehlo=1 auth=0/1

    Mis-configured client trying to use TLS wrappermode on port 587:
        disconnect from name[addr] unknown=0/1

Logfile analyzers can trigger on the presence of "/". It indicates
that Postfix rejected at least one command.

[Feature 20150118] As a late addition, the SMTP server now also
logs the total number of commands (as "commands=x/y") even when the
client did not send any commands. This helps logfile analyzers to
recognize sessions without commands.

Major changes - smtp client
---------------------------

[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) determines what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject recipients after
the DATA command.

Major changes - smtputf8
------------------------

[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no, old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).

[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.

[Feature 20140715] Support for Email Address Internationalization
(EAI) as defined in RFC 6531..6533. This supports UTF-8 in SMTP/LMTP
sender addresses, recipient addresses, and message header values.
The implementation is based on initial work by Arnt Gulbrandsen
that was funded by CNNIC.

See SMTPUTF8_README for a description of Postfix SMTPUTF8 support.

[Feature 20150112] UTF-8 Casefolding support for Postfix lookup
tables and matchlists (mydestination, relay_domains, etc.).  This
is enabled only with "smtpuf8 = yes".

[Feature 20150112] With smtputf8_enable=yes, SMTP commands with
UTF-8 syntax errors are rejected, table lookup results with invalid
UTF-8 syntax are handled as configuration errors, and UTF-8 syntax
errors in policy server replies result in execution of the policy
server's default action.

Major changes - tls support
---------------------------

(see "Major changes - delivery status notifications" above for
turning 4XX soft errors into 5XX bounces when a remote SMTP server
does not offer STARTTLS support).

[Feature 20140209] the Postfix SMTP client now also falls back to
plaintext when TLS fails AFTER the TLS protocol handshake.

[Feature 20140218] The Postfix SMTP client now requires that a queue
file is older than $minimal_backoff_time, before falling back from
failed TLS to plaintext (both during or after the TLS handshake).

[Feature 20141021] Per IETF TLS WG consensus, the tls_session_ticket_cipher
default setting was changed from aes-128-cbc to aes-256-cbc.

[Feature 20150116] TLS wrappermode support in the Postfix smtp(8)
client (new smtp_tls_wrappermode parameter) and in posttls-finger(1)
(new -w option). There still is life in that deprecated protocol,
and people should not have to jump hoops with stunnel.
2017-02-14 01:13:32 +00:00
christos d9979a3f41 Makefile.inc needs -I${DIST} to be the source dir of the program we are
compiling, make it so.
2016-06-30 03:05:45 +00:00
christos f547cc543b Fix MKCRYPTO=no 2016-06-29 20:07:52 +00:00
tron 3e47327b1e Resolve conflicts from last import 2015-09-12 08:23:23 +00:00
tron f0dd1fac45 Import Postfix 2.11.6. Changes since version 2.11.4:
- Preparation for OpenSSL 1.2 API changes
- The sender_dependent_relayhost_maps feature ignored the relayhost setting
  in the case of a DUNNO lookup result. It would use the recipient domain
  instead.
- The default TLS settings no longer enable export-grade ciphers, and no
  longer enable the SSLv2 and SSLv3 protocols. These ciphers and protocols
  have little if any legitimate use today, and have instead become a
  vehicle for downgrade attacks.
2015-09-12 08:20:22 +00:00
tron 70a84f339b Resolve conflicts from last import. 2015-02-21 12:00:48 +00:00
tron 3d6f39af4c Import Postfix 2.11.4. Changes since version 2.11.3:
- Fix a core dump when smtp_policy_maps specifies an invalid TLS level.
- Fix a missing " in \%s\", in postconf(1) fatal error messages, which
  violated the C language spec. Reported by Iain Hibbert.
- Stop excessive recursion in the cleanup server while recovering from a
  virtual alias expansion loop. Problem found at Two Sigma.
- Stop exponential memory allocation with virtual alias expansion loops.
  This came to light after fixing the previous problem.
2015-02-21 11:56:30 +00:00
tron 215f0c2623 Resolve conflicts from last import. 2015-01-24 18:10:52 +00:00
tron 3f021802f4 Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.
2015-01-24 18:08:05 +00:00
tron 2803c3e67d There is also no HTML version of "RELEASE_NOTES". 2014-07-20 22:58:02 +00:00
tron f77c13314c Try to fix the build:
There is no "AAAREADME.html". So only attempt to install the ASCII version.

Not sure why my full build didn't catch this problem. Sorry.
2014-07-20 22:43:13 +00:00
tron 37d37f813e Rationalize README file handling:
1.) Install only README files that are relevant to the Postfix binaries
    distributed with NetBSD.
2.) Create a single list of the above files that is used for both the
    text versions and HTML versions.

Problem detected by wizd(8).
2014-07-20 15:58:06 +00:00
christos 645f974306 fix libcrypto 2014-07-08 13:04:07 +00:00
martin 36c3039dfa Add missing libcrypto 2014-07-08 09:58:12 +00:00
tron fbde56e47b Add one more file back. 2014-07-06 21:14:43 +00:00
tron 520748c7fc Add a few files back. 2014-07-06 21:04:10 +00:00
tron ebc1ac3c59 More corrections. 2014-07-06 20:41:56 +00:00
tron 8a2dc72a2c Don't install installation documentation. It is highly irrelevant. 2014-07-06 20:39:13 +00:00
tron fd0c690e3e Don't install files related to other operating systems. 2014-07-06 20:38:34 +00:00
tron 002edac652 Update list of HTML pages. 2014-07-06 20:25:48 +00:00
tron 47e2afe008 Update list of readme files. 2014-07-06 20:18:19 +00:00
tron bd1c9e2779 Build and install posttls-finger(1). 2014-07-06 20:09:26 +00:00
tron 64f47ed06c Adapt makefiles for Postfix 2.11.1. 2014-07-06 19:53:05 +00:00
tron 8fd41761ab Resolve conflicts from last import. 2014-07-06 19:45:50 +00:00
tron 16d67a18c4 Import Postfix 2.11.1. The main changes since version 2.10.* are:
- Support for PKI-less TLS server certificate verification with DANE
  (DNS-based Authentication of Named Entities) where the CA public key
  or the server certificate is identified via DNSSEC lookup. This
  requires a DNS resolver that validates DNSSEC replies. The problem
  with conventional PKI is that there are literally hundreds of
  organizations world-wide that can provide a certificate in anyone's
  name. DANE limits trust to the people who control the target DNS
  zone and its parent zones.
- A new postscreen_dnsbl_whitelist_threshold feature to allow clients
  to skip postscreen tests based on their DNSBL score. This can
  eliminate email delays due to "after 220 greeting" protocol tests,
  which otherwise require that a client reconnects before it can
  deliver mail. Some providers such as Google don't retry from the
  same IP address, and that can result in large email delivery delays.
- The recipient_delimiter feature now supports different delimiters,
  for example both "+" and "-". As before, this implementation
  recognizes exactly one delimiter character per email address, and
  exactly one address extension per email address.
- Advanced master.cf query/update support to access service attributes
  as "name = value" pairs. For example to turn off chroot on all
  services use "postconf -F '*/*/chroot = n'", and to change/add a
  "-o name=value" setting use "postconf -P 'smtp/inet/name = value'".
  This was developed primarily to allow automated tools to manage Postfix
  systems without having to parse Postfix configuration files.
2014-07-06 19:27:32 +00:00
dholland b7b7574d3b Reorg docs, part 1:
Move all the reference manuals to subdirs of /usr/share/doc/reference.
We have subdirs ref1-ref9, corresponding to man page sections 1-9.

Everything that's the reference manual for a program (sections 1, 6,
8), C interface (sections 2, 3), driver or file system (section 4),
format or configuration (section 5), or kernel internal interface
(section 9) belongs in here.

Section 7 is a little less clear: some things that might go in section
7 if they were a man page aren't really reference manuals. So I'm only
putting things in reference section 7 that are (to me) clearly
reference material, rather than e.g. tutorials, guides, FAQs, etc.
This obviously leaves some room for debate, especially without first
editing the docs with this distinction in mind, but if people hate
what I've done things can always be moved again.

Note also that while roff macro man pages traditionally go in section
7, I have put all the roff documentation (macros, tools, etc.) in one
place in reference/ref1/roff. This will make it easier to find and
also easier to edit it into some kind of coherent form.
2014-07-05 19:22:41 +00:00
tron 62ad86dede Update Postfix to version 2.10.3. Changes since version 2.10.2:
- Future proofing against OpenSSL library API changes. When support
  for a bug workaround is removed from OpenSSL, the corresponding
  named bit in tls_disable_workarounds will be ignored instead of
  causing existing Postfix configurations to fail.
- The postconf '-#' option reset prior options instead of adding to them.
- Correct an error in MULTI_INSTANCE_README Makefile example.
- Correct an error in SASL_README PostgreSQL example.
- Correct a malformed error message in conf/post-install.
2014-01-18 17:04:03 +00:00
christos 901b1f0b31 miminize diff to original. 2013-11-14 02:27:29 +00:00
christos 7524cd91bf CID 1102804: Memory leak 2013-11-14 01:39:26 +00:00
christos 13df76e42e 1102805: Memory leak 2013-11-14 01:36:00 +00:00
tron 463da012c6 Update list of generated header files. 2013-09-25 19:39:47 +00:00
tron 51c5f9b7c2 Update list of source files after import of Postfix 2.10.2. 2013-09-25 19:25:08 +00:00
tron cf7fbdea1a Resolve conflicts from last import. 2013-09-25 19:12:34 +00:00
tron e6ca80d439 Import Postfix 2.10.2. Major changes since version 2.9.* are:
- Separation of relay policy (with smtpd_relay_restrictions) from spam policy
  (with smtpd_{client, helo, sender, recipient}_restrictions), which makes
  accidental open relay configuration less likely. The default is backwards
  compatible.
- HAproxy load-balancer support for postscreen(8) and smtpd(8). The nginx
  proxy was already supported by Postfix 2.9 smtpd(8), using XCLIENT commands.
- Support for the TLSv1 and TLSv2 protocols, as well as support to turn them
  off if needed for inter-operability.
- Laptop-friendly configuration. By default, Postfix now uses UNIX-domain
  sockets instead of FIFOs, and thus avoids MTIME file system updates on an
  idle mail system.
- Revised postconf(1) command. The "-x" option expands $name in a parameter
  value (both main.cf and master.cf); the "-o name=value" option overrides
  a main.cf parameter setting; and postconf(1) now warns about a $name that
  has no name=value setting.
- Sendmail-style "socketmap" lookup tables.
2013-09-25 19:06:17 +00:00
joerg ac35abab0f Drop now redundant assignment from the MKPIC=no case. 2013-09-11 09:59:13 +00:00
joerg 912713b9c5 Explicitly link against liblber as various symbols from it are used. 2013-09-11 09:58:02 +00:00
tron 5ffceba539 esolve conflicts from last import. 2013-08-21 20:12:30 +00:00
tron d6384a751f Import Postfix 2.9.7. Changes since version 2.9.5:
- Thanks to OpenSSL documentation, the Postfix 2.9.0..2.9.5 SMTP
  client and server used an incorrect procedure to compute TLS
  certificate PUBLIC-KEY fingerprints (these may be used in the
  check_ccert_access and in smtp_tls_policy_maps features). Support
  for certificate PUBLIC-KEY finger prints was introduced with Postfix
  2.9; there is no known problem with the certificate fingerprint
  algorithms available since Postfix 2.2.
  Specify "tls_legacy_public_key_fingerprints = yes" temporarily,
  pending a migration from configuration files with incorrect Postfix
  2.9.0..2.9.5 certificate PUBLIC-KEY finger prints, to the correct
  fingerprints used by Postfix 2.9.6 and later.
- Bugfix (introduced: Postfix 2.0): when myhostname is not listed in
  mydestination, the trivial-rewrite resolver may log "do not list in both
  mydestination and ". The fix is to re-resolve a domain-less address after
  adding $myhostname as the surrogate domain, so that it pops out with the
  right address-class label. Reported by Quanah Gibson-Mount.
- Bugfix (introduced: Postfix 2.3): don't reuse TCP connections when
  smtp_tls_policy_maps is specified. TLS policies may depend on the remote
  destination, but the Postfix <2.11 SMTP connection cache client does not
  distinguish between different destinations that resolve to the same
  IP address. Victor Duchovni. Found during Postfix 2.11 code maintenance.
- Bugfix (introduced: Postfix 2.2): don't reuse TCP connections when
  SASL authentication is enabled. SASL passwords may depend on the
  remote SMTP server hostname, but the Postfix <2.11 SMTP connection
  cache client does not distinguish between different hostnames that
  resolve to the same IP address. Found during Postfix 2.11 code
  maintenance.
2013-08-21 20:09:37 +00:00
tron aa2dcc1a61 Comment out "inet_protocols = ipv4" line which came from up-stream.
We want Postfix to support IPv6 out of the box.

Pointed out by Dieter Roelants on "current-users" mailing list.
2013-01-06 13:58:24 +00:00
tron a536ee5124 Install documentation and manual pages for Postfix's memcache client support. 2013-01-02 22:33:19 +00:00
tron d561406f71 Fix build of Postfix 2.9.5. 2013-01-02 19:45:48 +00:00
tron cf33639979 Resolve conflicts from last import. 2013-01-02 19:18:29 +00:00
tron a30b880ed6 Import Postfix 2.9.5. Major changes since version 2.8.x:
- Support for long, non-repeating, queue IDs (queue file names). The
  main benefit of non-repeating names is simpler logfile analysis. See
  the description of "enable_long_queue_ids" in postconf(5) for
  details.
- Memcache client support, and support to share postscreen(8) and
  verify(8) caches via the proxymap server. Details about memcache
  support are in memcache_table(5) and MEMCACHE_README.
- Gradual degradation: if a database is unavailable (can't open, most
  read or write errors) a Postfix daemon will log a warning and
  continue providing the services that don't depend on that table,
  instead of immediately terminating with a fatal error. To terminate
  immediately when a database file can't be opened, specify
  "daemon_table_open_error_is_fatal = yes".
- Revised postconf(1) command. It warns about unused parameter
  name=value settings in main.cf or master.cf (likely mistakes),
  understands "dynamic" parameter names such as names that depend on
  the name of a master.cf entry (finally, "postconf -n" shows all
  parameter settings), and it can display main.cf and master.cf in a
  more user-friendly format (postconf -nf, postconf -Mf).
- Read/write deadline support in the SMTP client and server to defend
  against application-level DOS attacks that very slowly write or read
  data one byte at a time.
2013-01-02 18:58:23 +00:00
tron 28fbdc7c77 Resolve conflicts from last import. 2012-12-18 09:10:32 +00:00