Log Message:
Update postfix package to 2.10.2.  Here is brief changes.

2.10.2

* TLS Interoperability workaround: turn on SHA-2 digests by force. This
  improves interoperability with clients and servers that deploy SHA-2 digests
  without the required support for TLSv1.2-style digest negotiation.

* TLS Performance workaround: the Postfix SMTP server TLS session cache had
  become ineffective because recent OpenSSL versions enable session tickets by
  default, resulting in a different ticket encryption key for each smtpd(8)
  process. The workaround turns off session tickets. Postfix 2.11 will enable
  session tickets properly.

* TLS Interoperability workaround: Debian Exim versions before 4.80-3 may fail
  to communicate with Postfix and possibly other MTAs, with the following Exim
  SMTP client error message:

	TLS error on connection to server-name [server-address]
	(gnutls_handshake): The Diffie-Hellman prime sent by the server is not
	acceptable (not long enough)

  See the RELEASE_NOTES file for a Postfix SMTP server configuration
  workaround.

* Bugfix (defect introduced: 1997): memory leak while forwarding mail with the
  local(8) delivery agent, in code that handles a cleanup(8) server error.

2.10.1

* Workaround: down-stream maintainers fail to install the new
  smtpd_relay_restrictions safety net, causing breakage that could have been
  avoided. We now hard-code the safety net instead.

2.10.0

* Separation of relay policy (with smtpd_relay_restrictions) from spam policy
  (with smtpd_{client, helo, sender, recipient}_restrictions), which makes
  accidental open relay configuration less likely. The default is backwards
  compatible.

* HAproxy load-balancer support for postscreen(8) and smtpd(8). The nginx
  proxy was already supported by Postfix 2.9 smtpd(8), using XCLIENT commands.

* Support for the TLSv1 and TLSv2 protocols, as well as support to turn them
  off if needed for inter-operability.

* Laptop-friendly configuration. By default, Postfix now uses UNIX-domain
  sockets instead of FIFOs, and thus avoids MTIME file system updates on an
  idle mail system.

* Revised postconf(1) command. The "-x" option expands $name in a parameter
  value (both main.cf and master.cf); the "-o name=value" option \ 
overrides a
  main.cf parameter setting; and postconf(1) now warns about a $name that has
  no name=value setting.

* Sendmail-style "socketmap" lookup tables.