./mail/mailfront, Mail server network protocol front-ends

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.12, Package name: mailfront-2.12, Maintainer: schmonz

This is mailfront, a package containing customizeable network
front-ends for mail servers. It contains complete SMTP, QMQP,
QMTP, and POP3 front-ends as well as an authentication module for
IMAP. The mail delivery front-ends also contain internal address
filtering features.

Required to run:
[sysutils/daemontools] [security/cvm] [mail/qmail] [devel/bglibs]

Required to build:

Package options: djbware-errno-hack

Master sites:

SHA1: 87715ddaf78ea98cab9c4d86dddc51e76d05d114
RMD160: cbef138672051eb631155c33163d1482fb193b1c
Filesize: 120.34 KB

Version history: (Expand)

CVS history: (Expand)

   2017-01-03 14:56:41 by Amitai Schleier | Files touched by this commit (2)
Log message:
Let bg-installer follow the .so symlinks. Fixes install on at least NetBSD.
   2017-01-02 03:19:47 by Amitai Schleier | Files touched by this commit (6) | Package updated
Log message:
Update to 2.12. From the changelog:

- Added ability for rbl plugin to capture messages before rejecting them.
- Fixed broken use of -lbg-sysdeps in modules.
- Fixed missing plugin-rbl in installed image.
- Updated for bglibs v2
- Added new "rbl" plugin, to block messages from IPs in an RBL.
- Added new "queuedir" backend, to save messages to simple files.
- Make sure plugin reset functions get called before exiting.
- Added missing plugin-starttls-ucspi to installed files.
- Added support for limiting the number of messages to plugin-counters.
- This version updates the plugin API to add new features:
  - Capabilities reported by the SMTP EHLO response can be added by
  - Plugins are passed any SMTP parameters given with the sender and
    recipient commands.
  - Plugins can add new commands to the SMTP protocol.
  Plugins compiled for previous versions of mailfront will not work
  without recompiling.  The short-circuit on accept logic has also been
  eliminated to fix a semantic issue.
- SMTP AUTH support has been moved into a new plugin, cvm-authenticate.
  Existing installations relying on SMTP AUTH support will need to make
  sure they are using this new plugin.  The smtpfront-qmail wrapper
  has been modified to provide this additional plugin.
- Fixed plugin-add-received to add the "IPv6:" prefix in the Received:
  header when the protocol is TCP6.
- Added plugin starttls-ucspi to implement STARTTLS using ucspi-tls.
- SMTP AUTH can now be restricted to TLS-enabled sessions.
- Added controls for pop3front-auth to limit the number of USER commands
  and authentication failures allowed per session.
- Added control to imapfront-auth to limit the number of authentication
  failures allowed per session.
- Modified the clamav plugin to use the newer INSTREAM protocol.
- imapfront-auth now sets $DOVECONF_ENV in Dovecot mode in order to
  avoid having Dovecot imapd reset it through doveconf.
- Added Lua scripting plugin (optional, build with 'make lua').
- Modified the qmail backend to evaluate $QMAILQUEUE as late as possible.
  This allows more options for changing $QMAILQUEUE in plugins.
- Added support for running Dovecot IMAP from imapfront-auth.
  See imapfront.html for details on how to set this up.
- Added support for rejecting whole messages when the recipient count is
  exceeded in plugin-counters.
- Made the check-fqdn plugin explicitly reject empty recipients.
- Added a sender domain restriction to the check-fqdn plugin.
- Added missing plugin-spamassassin.so to installation.
- Fix bug in handling invalid message numbers in retrieving messages in
- Added a SpamAssassin scanning plugin.
- Optimized pop3front-maildir to avoid stat'ing each message twice, and
  to use sizes recorded in the filename to avoid stat'ing entirely.
  See pop3front.html for details on the filenames.

pkgsrc changes:

- Libtoolize to fix build on OS X.
   2015-11-04 00:27:24 by Alistair G. Crooks | Files touched by this commit (312)
Log message:
Add SHA512 digests for distfiles for mail category

Problems found locating distfiles:
	Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
	Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
	Package pine: missing distfile fancy.patch.gz
	Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
	Package qmail: missing distfile badrcptto.patch
	Package qmail: missing distfile outgoingip.patch
	Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
	Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
	Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
	Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350)
Log message:
Remove example rc.d scripts from PLISTs.

These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
   2012-10-08 14:19:35 by Aleksej Saushev | Files touched by this commit (307)
Log message:
Drop PKG_DESTDIR_SUPPORT setting, "user-destdir" is default these days.
   2010-03-15 03:51:24 by Amitai Schlair | Files touched by this commit (1)
Log message:
DESTDIR support.
   2009-06-14 20:04:45 by Joerg Sonnenberger | Files touched by this commit (183)
Log message:
Remove @dirrm entries from PLISTs
   2009-04-08 03:44:04 by Amitai Schlair | Files touched by this commit (4) | Package updated
Log message:
Update to 1.12, addressing PR pkg/34765. From the changelog:

- Fixed problem with overwriting existing session data items.
- Fixed several problems with handling of databytes in rules.
- Fixed crash in plugin cvm-validate when the lookup secret was unset.
- pop3front-auth now supports a no-argument variant on the AUTH command,
    used by KMail to test for authentication modes, and documented
    in http://www.tools.ietf.org/html/draft-myers-sasl-pop3-05
    Thanks Bernhard Graf for the initial patch
- pop3front-auth and -maildir now support the CAPA command.
    Thanks Bernhard Graf for the initial patch
- Made imapfront-auth more compatible with Courier IMAP by adding extra
    bits to the CAPABILITY command.  Thanks Bernhard Graf.
- plugin-cvm-validate handles modules that provide an "out of scope"
    fact by passing to the next plugin.
- Fixed handling of addresses without a domain in @file rules.
    Thanks Jorge Valdes

- Fixed the main mailfront program to clean up temporary files properly.
- Modified the SMTP protocol module to export the SASL authentication
    information internally.
- Modified the check-fqdn plugin to append $DEFAULTHOST and
    $DEFAULTDOMAIN to addresses if necessary.
- Added separate connect and send timeouts and a maximum message size to
    the ClamAV plugin, and fixed a bug with handling port numbers
    when using multiple IPs.
- Modified the ClamAV plugin to prefer $CLAMAV_* settings over $CLAMD_*
- Added plugin API documentation.

- Added a ClamAV virus scanner plugin.  Note: Using this plugin will
    cause mailfront to save messages to temporary files.  See
    mailfront.html for details.
- Modified the plugin API to add a version code, a flags word, and to
    (optionally) save messages to a temporary file.
- Fixed a few cases where the UCSPI-TCP protocol was assumed.
- Fixed pop3front-maildir breakage on dietlibc/uClibc and empty
    maildirs.  Thanks Wayne Marshall.

- Fixed a bug in the counters plugin that triggered a problem in the
    SMTP protocol when handling the SIZE=# parameter.
- Reversed the order of cvm-validate and qmail-validate in the wrapper
    scripts (and documentation) due to the semantics of the two plugins.
- Added a list of built-in plugins.  The list currently contains the
    three accept* plugins, which are extremely trivial.


Mailfront has been rewritten to be totally modular.  The core mailfront
program loads the protocol, backend, and all plugin behaviors at run
time from shared objects.

The previous commands, such as smtpfront-qmail, are now shell script
wrappers for the main "mailfront" command, and as such are depricated in
favor of using "mailfront" directly.  The *front-qmail wrappers preload
all the plugins that were previously compiled into the corresponding

	check-fqdn counters mailrules relayclient cvm-validate
	qmail-validate add-received patterns accept-sender

NOTE: The *front-reject backends have been dropped in favor of a plugin.
In addition, the $REQUIRE_AUTH feature has been moved to another plugin.
If you used this backend or feature you will need to adjust your
configuration accordingly.