./mail/postfix, Postfix SMTP server and tools

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.11.0nb2, Package name: postfix-2.11.0nb2, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.sasl [+/-]

Package options: tls, bdb

Master sites: (Expand)

SHA1: bc1fd50412742d9c28232b07c7d2139e37d3de28
RMD160: 4f53040c607339eee010e35bafd2792037279b3c
Filesize: 3940.177 KB

Version history: (Expand)

CVS history: (Expand)

   2014-04-09 09:27:19 by OBATA Akio | Files touched by this commit (452)
Log message:
recursive bump from icu shlib major bump.
   2014-03-11 15:34:41 by Jonathan Perkin | Files touched by this commit (99)
Log message:
Import initial SMF support for individual packages.
   2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350)
Log message:
Remove example rc.d scripts from PLISTs.

These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
   2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568)
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
   2014-02-09 06:34:13 by Takahiro Kambe | Files touched by this commit (7) | Package updated
Log message:
Update postfix to 2.11.0.  Quote from release announce:

The main changes in no particular order are:

  * Support for PKI-less TLS server certificate verification with
    DANE (DNS-based Authentication of Named Entities) where the CA
    public key or the server certificate is identified via DNSSEC
    lookup. This requires a DNS resolver that validates DNSSEC
    replies. The problem with conventional PKI is that there are
    literally hundreds of organizations world-wide that can provide
    a certificate in anyone's name. DANE limits trust to the people
    who control the target DNS zone and its parent zones.

  * Support for LMDB databases. Originally developed as part of
    OpenLDAP, LMDB is the first persistent Postfix database that
    can be shared among multiple writers such as postscreen daemons
    (Postfix already supported shared non-persistent memcached
    caches). Postfix currently requires LMDB version 0.9.11 or
    later. See LMDB_README for details and limitations.

  * A new postscreen_dnsbl_whitelist_threshold feature to allow
    clients to skip postscreen tests based on their DNSBL score.
    This can eliminate email delays due to "after 220 greeting"
    protocol tests, which otherwise require that a client reconnects
    before it can deliver mail. Some providers such as Google don't
    retry from the same IP address, and that can result in large
    email delivery delays.

  * The recipient_delimiter feature now supports different delimiters,
    for example both "+" and "-". As before, this implementation
    recognizes exactly one delimiter character per email address,
    and exactly one address extension per email address.

  * Advanced master.cf query/update support to access service
    attributes as "name = value" pairs. For example to turn off
    chroot on all services use "postconf -F '*/*/chroot = n'", and
    to change/add a "-o name=value" setting use "postconf -P
    smtp/inet/name = value". This was developed primarily to allow
    automated tools to manage Postfix systems without having to
    parse Postfix configuration files.
   2014-01-16 16:56:58 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update postfix to 2.10.3.

Postfix 2.10.3, 2.9.9, and 2.8.17:

  * Future proofing against OpenSSL library API changes. When support
    for a bug workaround is removed from OpenSSL, the corresponding
    named bit in tls_disable_workarounds will be ignored instead
    of causing existing Postfix configurations to fail.

All supported releases:

  * Future proofing against PCRE library API changes that introduce
    the pcre_free_study() function.

  * The postconf '-#' option reset prior options instead of adding
    to them.

  * Correct an error in MULTI_INSTANCE_README Makefile example.

  * Correct an error in SASL_README PostgreSQL example.

  * Correct a malformed error message in conf/post-install.
   2013-10-19 11:07:13 by Adam Ciarcinski | Files touched by this commit (346)
Log message:
Revbump after updating textproc/icu
   2013-09-30 17:21:15 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update postfix package to 2.10.2.  Here is brief changes.


* TLS Interoperability workaround: turn on SHA-2 digests by force. This
  improves interoperability with clients and servers that deploy SHA-2 digests
  without the required support for TLSv1.2-style digest negotiation.

* TLS Performance workaround: the Postfix SMTP server TLS session cache had
  become ineffective because recent OpenSSL versions enable session tickets by
  default, resulting in a different ticket encryption key for each smtpd(8)
  process. The workaround turns off session tickets. Postfix 2.11 will enable
  session tickets properly.

* TLS Interoperability workaround: Debian Exim versions before 4.80-3 may fail
  to communicate with Postfix and possibly other MTAs, with the following Exim
  SMTP client error message:

	TLS error on connection to server-name [server-address]
	(gnutls_handshake): The Diffie-Hellman prime sent by the server is not
	acceptable (not long enough)

  See the RELEASE_NOTES file for a Postfix SMTP server configuration

* Bugfix (defect introduced: 1997): memory leak while forwarding mail with the
  local(8) delivery agent, in code that handles a cleanup(8) server error.


* Workaround: down-stream maintainers fail to install the new
  smtpd_relay_restrictions safety net, causing breakage that could have been
  avoided. We now hard-code the safety net instead.


* Separation of relay policy (with smtpd_relay_restrictions) from spam policy
  (with smtpd_{client, helo, sender, recipient}_restrictions), which makes
  accidental open relay configuration less likely. The default is backwards

* HAproxy load-balancer support for postscreen(8) and smtpd(8). The nginx
  proxy was already supported by Postfix 2.9 smtpd(8), using XCLIENT commands.

* Support for the TLSv1 and TLSv2 protocols, as well as support to turn them
  off if needed for inter-operability.

* Laptop-friendly configuration. By default, Postfix now uses UNIX-domain
  sockets instead of FIFOs, and thus avoids MTIME file system updates on an
  idle mail system.

* Revised postconf(1) command. The "-x" option expands $name in a parameter
  value (both main.cf and master.cf); the "-o name=value" option \ 
overrides a
  main.cf parameter setting; and postconf(1) now warns about a $name that has
  no name=value setting.

* Sendmail-style "socketmap" lookup tables.