./mail/postfix, Postfix SMTP server and tools

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.2.2, Package name: postfix-3.2.2, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.NetBSD [+/-]
MESSAGE.sasl [+/-]

Required to build:
[pkgtools/cwrappers]

Package options: tls

Master sites:

SHA1: 1a0d01e79ced46b38e8bd5b7a726a1622cf1bc07
RMD160: 9509e48da474d214771d96c2aa8563ea5ccd13a1
Filesize: 4287.42 KB

Version history: (Expand)


CVS history: (Expand)


   2017-06-23 21:18:07 by Maya Rashish | Files touched by this commit (3)
Log message:
Make NetBSD support version agnostic.
Checks are against __NetBSD__Version__ anyway.

Fixes NetBSD 8.99.1 build
   2017-06-19 08:54:15 by Thomas Klausner | Files touched by this commit (1)
Log message:
Remove two non-working mirror sites.
   2017-06-17 10:02:22 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update postfix to 3.2.2.

pkgsrc change: Add support for NetBSD 8.

This announcement (June 13, 2017) includes changes that were released
with an earlier update (June 10, 2017). The announcement was postponed
to avoid confusion due to repeated notification.

Fixed in all supported releases:

  * Security: Berkeley DB versions 2 and later try to read settings
    from a file DB_CONFIG in the current directory. This undocumented
    feature may introduce undisclosed vulnerabilities resulting in
    privilege escalation with Postfix set-gid programs (postdrop,
    postqueue) before they chdir to the Postfix queue directory,
    and with the postmap and postalias commands depending on whether
    the user's current directory is writable by other users. This
    fix does not change Postfix behavior for Berkeley DB versions
    < 3, but it does reduce postmap and postalias 'create' performance
    with Berkeley DB versions 3.0 .. 4.6.

Fixed in Postfix 3.2 and later:

  * The SMTP server receive_override_options were not restored at
    the end of an SMTP session, after the options were modified by
    an smtpd_milter_maps setting of "DISABLE". Milter support
    remained disabled for the life time of the smtpd process.

  * After the Postfix 3.2 address/domain table lookup overhaul, the
    check_sender_access and check_recipient_access features ignored
    a non-default parent_domain_matches_subdomains setting.
   2017-04-24 22:11:40 by Filip Hajny | Files touched by this commit (4) | Package updated
Log message:
Update mail/postfix to 3.2.0.

- Elliptic curve negotiation with OpenSSL >= 1.0.2. This changes the
  default smtpd_tls_eecdh_grade setting to "auto", and introduces a
  new parameter tls_eecdh_auto_curves with the names of curves that may
  be negotiated.
- Stored-procedure support for MySQL databases.
- Cidr: table support for if/endif and negation (by prepending ! to a
  pattern), just like regexp: and pcre: tables. See the cidr_table(5)
  manpage for details.
- The postmap command and the inline: and texthash: maps now support
  spaces in left-hand field of lookup table source text. Use double
  quotes (") around a left-hand field that contains spaces, and use
  backslash (\) to protect quotes in a left-hand field.
- Support for per-client Milter configuration (smtpd_milter_maps) that
  overrides the main.cf smtpd_milters setting, and that has the same
  syntax. A lookup result of "DISABLE" turns off Milter support for that
  client.
- The local SMTP server IP address and port are available in the
  policy delegation protocol (attribute names: server_address,
  server_port), in the Milter protocol (macro names: {daemon_addr},
  {daemon_port}), and in the XCLIENT protocol (attribute names:
  DESTADDR, DESTPORT).
- For safety reasons, the Postfix sendmail -C option must specify an
  authorized directory: the default configuration directory, a
  directory that is listed in the default main.cf file with
  alternate_config_directories or multi_instance_directories, otherwise
  the command must be invoked with root privileges. This mitigates a
  recurring "jail break" problem with the PHP mail() function.
- "PASS" and "STRIP" actions in header/body_checks. \ 
"STRIP" is similar
  to "IGNORE" but also logs the action, and "PASS" disables \ 
header,
  body, and Milter inspection for the remainder of the message content.
- The collate.pl script by Viktor Dukhovni for grouping Postfix
  logfile records into "sessions" based on queue ID and process ID
  information, in the auxiliary/collate directory of the Postfix source
  tree.

Disabled or removed behavior:
- SMTPUTF8 support: Postfix 3.2 disables the 'transitional'
  compatibility between the IDNA2003 and IDNA2008 standards for
  internationalized domain names (domain names beyond the limits of
  US-ASCII). This makes Postfix behavior consistent with contemporary
  web browsers.
- Postfix 3.2 removes tentative features that were implemented before
  the DANE spec was finalized: support for certificate usage
  PKIX-EE(1), the ability to disable digest agility, and the ability to
  disable support for "TLSA 2 [01] [12]" records that specify the digest
  of a trust anchor.
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-04-11 11:33:30 by Adam Ciarcinski | Files touched by this commit (4)
Log message:
Fix installation on Darwin:
LD_LIBRARY_PATH is not propagated when set with env, e.g.:
env LD_LIBRARY_PATH=path/to/lib ./script.sh
will not work (other variable names work correctly).
   2017-03-04 07:26:24 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update postfix to 3.1.4.

Postfix stable release 3.1.4 is available, as well as legacy releases
3.0.8 and 2.11.9. There will be no further updates for Postfix 2.10.

Fixed with Postfix 3.1.4, 3.0.8, and 2.11.9:

  * The postscreen daemon did not merge the client test status
    information for concurrent sessions from the same IP address.
    Thus, after one session recorded its successful tests in the
    postscreen cache, a concurrent session from that same IP address
    that passed fewer tests could later "wipe out" some of that
    progress in the postscreen cache. The fix has proven itself for
    five months in the development release, and should be safe to
    use in the stable releases.

  * The Postfix SMTP server falsely rejected a sender address when
    validating a sender address with "smtpd_reject_unlisted_recipient
    = yes" or with "reject_unlisted_sender". Cause: the address
    validation code did not query sender_canonical_maps.

  * The virtual delivery agent did not detect failure to skip to
    the end of a mailbox file, so that mail would be delivered to
    the beginning of the file. This could happen when a mailbox
    file was already larger than the virtual mailbox size limit.

  * The postsuper command logged an incorrect rename operation count
    after creating a missing directory.

Fixed with Postfix 3.1.4 and 3.0.8:

  * The Postfix SMTP server falsely rejected mail when a sender-dependent
    "error" transport was configured. Cause: the SMTP server address
    validation code was not updated when the
    sender_dependent_default_transport_maps feature was introduced.
    The fix has proven itself for six months in the development
    release, and should be safe to use in the stable releases.
    Unfortunately, Postfix 2.11 is too different to benefit from
    the same fix.

  * The Postfix SMTP server falsely rejected an SMTPUTF8 sender
    address, when "smtpd_delay_reject = no".

Fixed with Postfix 3.1.4:

  * The "postfix tls deploy-server-cert" command used the wrong
    certificate and key file. This was caused by a cut-and-paste
    error in the postfix-tls-script file.
   2017-01-22 00:49:02 by Roland Illig | Files touched by this commit (8)
Log message:
Fixed PKGREVISION to be only defined directly in the package Makefile.