./mail/postfix, Fast, easy to administer, and secure mail transfer agent

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.7.3nb1, Package name: postfix-3.7.3nb1, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.NetBSD [+/-]
MESSAGE.sasl [+/-]

Required to run:
[security/openssl]

Required to build:
[pkgtools/cwrappers]

Package options: blocklist, tls

Master sites:

Filesize: 4712.285 KB

Version history: (Expand)


CVS history: (Expand)


   2022-11-23 17:21:30 by Adam Ciarcinski | Files touched by this commit (1878) | Package updated
Log message:
massive revision bump after textproc/icu update
   2022-10-15 22:34:57 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3)
Log message:
postfix: Update to 3.7.3

upstream changes:
Postfix 3.7.3
  o This fixes a bug where some messages were not delivered after "warning:
    Unexpected record type 'X'.
   2022-07-21 17:08:40 by Takahiro Kambe | Files touched by this commit (7) | Package updated
Log message:
mail/postfix: update to 3.7.2

3.7.0 (2022-02-07)

  * Support to inline the content of small cidr:, pcre:, and regexp:
    tables in Postfix parameter values. An example is the new
    smtpd_forbidden_commands default value, "CONNECT GET POST
    regexp:{{/^[^A-Z]/ Thrash}}", to quickly drop connections from
    clients that send garbage.

  * To make the maillog_file feature more useful, including stdout
    logging from a container, the postlog(1) command is now set-gid
    postdrop, so that unprivileged programs can use it to write
    logging through the postlogd(8) daemon. This required hardening
    the postlog(1) command against privilege escalation attacks.

  * Support for library APIs: OpenSSL 3.0.0, PCRE2, Berkeley DB 18.

  * Postfix programs now randomize the initial state of in-memory
    hash tables, to defend against hash collision attacks involving
    a large number of attacker-chosen lookup keys. Presently, the
    only known opportunity for such attacks involves remote SMTP
    client IPv6 addresses in the anvil(8) service, and requires
    making hundreds of short-lived connections per second while
    cycling through thousands of different client IP addresses.

  * Updated defense against remote clients or servers that 'trickle'
    SMTP or LMTP traffic. This replaces the old per-record deadlines
    with per-request deadlines and minimum data rates.

  * Many typofixes by raf and Wietse.

3.7.1 (2022-04-18)

  * (problem introduced: Postfix 2.7) The milter_header_checks maps
    are now opened before the cleanup(8) server enters the chroot
    jail. Problem reported by Jesper Dybdal.

  * In an internal client module, "host or service not found" was
    a fatal error, causing the milter_default_action setting to be
    ignored. It is now a non-fatal error, just like a failure to
    connect. Problem reported by Christian Degenkolb.

  * The proxy_read_maps default value was missing up to 27 parameter
    names. The corresponding lookup tables were not automatically
    authorized for use with the proxymap(8) service. The parameter
    names were ending in _checks, _reply_footer, _reply_filter,
    _command_filter, and _delivery_status_filter.

  * (problem introduced: Postfix 3.0) With dynamic map loading
    enabled, an attempt to create a map with "postmap regexp:path"
    would result in a bogus error message "Is the postfix-regexp
    package installed?" instead of "unsupported map type for this
    operation". This happened with all non-dynamic map types (static,
    cidr, etc.) that have no 'bulk create' support. Problem reported
    by Greg Klanderman.

  * In PCRE_README, "pcre2 --libs" should be "pcre2 \ 
--libs8". Problem
    reported by Carlos Velasco.

  * Documented in the postlogd(8) daemon manpage that the Postfix
    >= 3.7 postlog(1) command can run with setgid permissions.

3.7.2 (2022-04-28)

This reverts an overly complex change in the postscreen SMTP engine
(made during Postfix 3.7 development), and replaces it with much
simpler code. The bad change was crashing postscreen on some systems
after receiving malformed input (for example, a TLS "hello" message).
   2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952)
Log message:
*: recursive bump for perl 5.36
   2022-06-11 12:27:05 by Benny Siegert | Files touched by this commit (2)
Log message:
postfix: FreeBSD 13 support

makedefs already contains the FreeBSD 12 stanza but not version 13.
From cubadevelop via Github Pull Request.

Fixes NetBSD/pkgsrc#97
   2022-04-18 21:12:27 by Adam Ciarcinski | Files touched by this commit (1798) | Package updated
Log message:
revbump for textproc/icu update
   2022-01-26 18:41:31 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3)
Log message:
postfix: Update to 3.6.4

upstream changes:
-----------------
 Fixed in Postfix 3.6.4, 3.5.14, 3.4.24, 3.3.21:
  o Bug introduced in bugfix 20210708: duplicate bounce_notice_recipient
    entries in postconf output. This was caused by an incomplete fix to send
    SMTP session transcripts to $bounce_notice_recipient. Reported by Vincent
    Lefevre.
  o Bug introduced in Postfix 3.0: the proxymap daemon did not automatically
    authorize proxied maps inside pipemap (example:
    pipemap:{proxy:maptype:mapname, ...}) or inside unionmap. Problem reported
    by Mirko Vogt.
  o Bug introduced in Postfix 2.5: off-by-one error while writing a string
    terminator. This code passed all memory corruption tests, presumably
    because it wrote over an alignment padding byte, or over an adjacent
    character byte that was never read. Reported by Robert Siemer.

Fixed in Postfix 3.6.4, 3.5.14, 3.4.24:
  o The proxymap daemon did not automatically authorize map features added
    after Postfix 3.3, caused by missing *_maps parameter names in the
    proxy_read_maps default value. Found during code maintenance.
   2021-12-18 11:50:33 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
postfix: add -headerpad_max_install_names for Darwin builds