./mail/postfix, Postfix SMTP server and tools

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.11.1nb1, Package name: postfix-2.11.1nb1, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.NetBSD [+/-]
MESSAGE.sasl [+/-]


Package options: tls, bdb

Master sites: (Expand)

SHA1: 4034171013bde30600724f79c37f82d69a802ad0
RMD160: 9b3d0478a5f4b74c159f3121f3353502d4e6f79f
Filesize: 3940.455 KB

Version history: (Expand)


CVS history: (Expand)


   2014-08-25 18:00:54 by Takahiro Kambe | Files touched by this commit (3)
Log message:
Fix build on NetBSD 7.*.
   2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049)
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
   2014-05-11 11:54:54 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update postfix to 2.11.1.

Bugfixes (fixed in Postfix 2.11 and Postfix 2.12):

  * With connection caching enabled (the default), recipients could
    be given to the wrong mail server. The root cause was an incorrect
    predicate. Due to this, the Postfix SMTP client could under
    rare conditions save and restore plaintext connections that
    should not be cached, under a fixed lookup key that did not
    distinguish by destination.  Problem reported by Sahil Tandon.

  * Enforce TLS when TLSA records exist, but all are unusable.

  * Don't leak memory when TLSA records exist, but all are unusable.

Workarounds:

  * Prepend "-I. -I../../include" to the compiler command-line
    options, to avoid name clashes with non-Postfix header files.

Documentation cleanup:

  * Corrected postconf(1) manpage for missing version attribution
    and incorrect "author" formatting.

  * The documentation for Postfix > 2.8 TLS activity logging was
    incorrect. Loglevel 0 produces no logging. Instead, information
    is logged only with loglevel 1 or higher.

Logging cleanup:

  * The TLS client logged that an "Untrusted" TLS connection was
    established instead of "Anonymous".

  * For consistency, TLS policy lookup errors are now logged as
    warnings.
   2014-04-09 09:27:19 by OBATA Akio | Files touched by this commit (452)
Log message:
recursive bump from icu shlib major bump.
   2014-03-11 15:34:41 by Jonathan Perkin | Files touched by this commit (99)
Log message:
Import initial SMF support for individual packages.
   2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350)
Log message:
Remove example rc.d scripts from PLISTs.

These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
   2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568)
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
   2014-02-09 06:34:13 by Takahiro Kambe | Files touched by this commit (7) | Package updated
Log message:
Update postfix to 2.11.0.  Quote from release announce:

The main changes in no particular order are:

  * Support for PKI-less TLS server certificate verification with
    DANE (DNS-based Authentication of Named Entities) where the CA
    public key or the server certificate is identified via DNSSEC
    lookup. This requires a DNS resolver that validates DNSSEC
    replies. The problem with conventional PKI is that there are
    literally hundreds of organizations world-wide that can provide
    a certificate in anyone's name. DANE limits trust to the people
    who control the target DNS zone and its parent zones.

  * Support for LMDB databases. Originally developed as part of
    OpenLDAP, LMDB is the first persistent Postfix database that
    can be shared among multiple writers such as postscreen daemons
    (Postfix already supported shared non-persistent memcached
    caches). Postfix currently requires LMDB version 0.9.11 or
    later. See LMDB_README for details and limitations.

  * A new postscreen_dnsbl_whitelist_threshold feature to allow
    clients to skip postscreen tests based on their DNSBL score.
    This can eliminate email delays due to "after 220 greeting"
    protocol tests, which otherwise require that a client reconnects
    before it can deliver mail. Some providers such as Google don't
    retry from the same IP address, and that can result in large
    email delivery delays.

  * The recipient_delimiter feature now supports different delimiters,
    for example both "+" and "-". As before, this implementation
    recognizes exactly one delimiter character per email address,
    and exactly one address extension per email address.

  * Advanced master.cf query/update support to access service
    attributes as "name = value" pairs. For example to turn off
    chroot on all services use "postconf -F '*/*/chroot = n'", and
    to change/add a "-o name=value" setting use "postconf -P
    smtp/inet/name = value". This was developed primarily to allow
    automated tools to manage Postfix systems without having to
    parse Postfix configuration files.