pkgsrc.se | The NetBSD package collection

./mail/postfix, Postfix SMTP server and tools

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.8.10, Package name: postfix-2.8.10, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.NetBSD [+/-]
MESSAGE.sasl [+/-]

Required to build:
[lang/perl5]

Package options: bdb, tls

Master sites: (Expand)

SHA1: 1a206b13e42e8581733046af8283a54ca0c30657
RMD160: 5bbf698988ba491ba2ce3937918381be9fc2e3d7
Filesize: 3554.77 KB

Version history: (Expand)

(2012-04-28) Updated to version: postfix-2.8.10
(2012-04-27) Updated to version: postfix-2.8.9nb1
(2012-03-06) Updated to version: postfix-2.8.9
(2012-03-03) Updated to version: postfix-2.8.8nb1
(2012-02-19) Updated to version: postfix-2.8.8
(2011-11-07) Updated to version: postfix-2.8.7

CVS history: (Expand)

2012-04-28 15:58:48 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
Update postfix package to 2.8.10.

Major changes with Postfix 2.8.10
---------------------------------

This release adds support to turn off the TLSv1.1 and TLSv1.2
protocols.  Introduced with OpenSSL version 1.0.1, these are known
to cause inter-operability problems with for example hotmail.

The radical workaround is to temporarily turn off problematic
protocols globally:

/etc/postfix/main.cf:
    smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
    smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2

    smtpd_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
    smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2

However, it may be better to temporarily turn off problematic
protocols for broken sites only:

/etc/postfix/main.cf:
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

/etc/postfix/tls_policy:
    example.com         may protocols=!SSLv2:!TLSv1.1:!TLSv1.2

Important:

- Note the use of ":" instead of comma or space. Also, note that
  there is NO space around the "=" in "protocols=".

- The smtp_tls_policy_maps lookup key must match the "next-hop"
  destination that is given to the Postfix SMTP client. If you
  override the next-hop destination with transport_maps, relayhost,
  sender_dependent_relayhost_maps, or otherwise, you need to specify
  the same destination for the smtp_tls_policy_maps lookup key.

2012-04-27 14:32:08 by OBATA Akio | Files touched by this commit (302)

Log message:
Recursive bump from icu shlib major bumped to 49.

2012-03-09 15:58:41 by Filip Hajny | Files touched by this commit (1)

Log message:
Fix for recent SunOS platforms where support for NIS+ was dropped.

2012-03-06 12:10:23 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
Update postfix to 2.8.9.

Postfix stable release 2.8.9 is available. This contains fixes that
are already part of Postfix 2.9 and 2.10.

    * The "change header" milter request could replace the wrong
      header. A long header name could match a shorter one, because
      a length check was done on the wrong string. Reported by
      Vladimir Vassiliev.

    * Core dump when postlog emitted the "usage" message, caused
      by an extraneous null assignment. Reported by Kant (fnord.hammer).

You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.

2012-03-03 13:54:23 by Thomas Klausner | Files touched by this commit (68)

Log message:
More pcre PKGREVISION bumps.

2012-02-27 04:01:30 by Takahiro Kambe | Files touched by this commit (3)

Log message:
Build fix for NetBSD 6.0_BETA.

2012-02-19 19:19:23 by Matthias Scheler | Files touched by this commit (2) | Package updated

Log message:
Update "postfix" package to version 2.8.8. Changes since version 2.8.7:
- The Postfix sqlite client, introduced with Postfix 2.8, had an
  embarassing bug in its quoting routine. As the result of a
  last-minute code cleanup before release, this routine returned the
  unquoted text instead of the quoted text. The opportunities for
  mis-use are limited: Postfix sqlite database files are usually owned
  by root, and Postfix daemons usually run with non-root privileges so
  they can't corrupt the database. This problem was reported by Rob
  McGee (rob0).
- The Postfix 2.8.4 fix for local delivery agent database lookup
  errors was incomplete. The fix correctly added new code to detect
  database lookup errors with mailbox_transport_maps,
  mailbox_command_maps or fallback_transport_maps, but it failed to
  log the problem, and to produce a defer logfile record which is
  needed for "delayed mail" and "mail too old" delivery status
  notifications.
- The trace(8) service, used for DSN SUCCESS notifications, did not
  distinguish between notifications for a non-bounce or a bounce
  message, causing it to "reply" to mail with the null sender
  address. Problem reported by Sabahattin Gucukoglu.
- Support for Dovecot auth over TCP sockets, using code that already
  existed for testing purposes. Patrick Koetter kindly provided an
  update for the SASL_README file.
- Workaround in the LDAP client for changes in the under-documented
  OpenLDAP API, by Victor Duchovni.

2011-11-07 16:36:07 by Takahiro Kambe | Files touched by this commit (3) | Package updated

Log message:
Update postfix pacakge to 2.8.7.

Postfix stable release 2.8.7 is available. This contains a workaround
for a problem that is fixed in Postfix 2.9.

    * The postscreen daemon, which is not enabled by default, sent
      non-compliant SMTP responses (220- followed by 421) when it
      could not give a connection to a real smtpd process. These
      responses caused some remote SMTP clients to return mail as
      undeliverable.

      The workaround is to hang up after sending 220- without sending
      the 421 "sorry" reply; this is harmless.

      The complete fix involves too much change for a stable release:
      send the 220 greeting, wait for the EHLO command, then send
      the 421 "sorry" reply and hang up.