./mail/postfix, Fast, easy to administer, and secure mail transfer agent

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.8.1nb2, Package name: postfix-3.8.1nb2, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.sasl [+/-]

Package options: blocklist, tls

Master sites:

Filesize: 4734.661 KB

Version history: (Expand)

CVS history: (Expand)

   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377)
Log message:
*: recursive bump for icu 74.1
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-07-15 16:56:26 by Juraj Lutter | Files touched by this commit (2)
Log message:
postfix: Update to 3.8.1

Major changes with Postfix 3.8.1

- Security: the Postfix SMTP server optionally disconnects remote SMTP clients
  that violate RFC 2920 (or 5321) command pipelining constraints. The server
  replies with "554 5.5.0 Error: SMTP protocol synchronization" and \ 
logs the
  unexpected remote SMTP client input. Specify "smtpd_forbid_unauth_pipelining
  = yes" to enable. This feature is enabled by default in Postfix 3.9 and

- Workaround to limit collateral damage from OS distributions that crank up
  security to 11, increasing the number of plaintext email deliveries. This
  introduces basic OpenSSL configuration file support, with two new parameters
  "tls_config_file" and "tls_config_name". Details are in \ 
the postconf(5)
  manpage under "tls_config_file" and "tls_config_name".

Full release notes:
   2023-05-08 06:30:44 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3)
Log message:
postfix: Update to 3.8.0

upstream changes:
Postfix 3.7.8
  o Support to look up DNS SRV records in the Postfix SMTP/LMTP client, Based
    on code by Tomas Korbar (Red Hat). For example, with "use_srv_lookup =
    submission" and "relayhost = example.com:submission", the \ 
Postfix SMTP
    client will look up DNS SRV records for _submission._tcp.example.com, and
    will relay email through the hosts and ports that are specified with those
  o TLS obsolescence: Postfix now treats the "export" and \ 
"low" cipher grade
    settings as "medium". The "export" and "low" \ 
grades are no longer supported
    in OpenSSL 1.1.1, the minimum version required in Postfix 3.6.0 and later.
    Also, Postfix default settings now exclude deprecated or unused ciphers
    (SEED, IDEA, 3DES, RC2, RC4, RC5), digest (MD5), key exchange algorithms
    (DH, ECDH), and public key algorithm (DSS).
  o Attack resistance: the Postfix SMTP server can now aggregate
    smtpd_client_*_rate and smtpd_client_*_count statistics by network block
    instead of by IP address, to raise the bar against a memory exhaustion
    attack in the anvil(8) server; Postfix TLS support unconditionally disables
    TLS renegotiation in the middle of an SMTP connection, to avoid a CPU
    exhaustion attack.
  o The PostgreSQL client encoding is now configurable with the "encoding"
    Postfix configuration file attribute. The default is "UTF8". \ 
Previously the
    encoding was hard-coded as "LATIN1", which is not useful in the \ 
context of
  o The postconf command now warns for #comment in or after a Postfix parameter
    value. Postfix programs do not support #comment after other text, and treat
    that as input.
   2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | Package updated
Log message:
revbump after textproc/icu update
   2023-01-28 10:28:31 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
mail/postfix: update to 3.7.4

Postfix 3.7.4 (2023-01-22)

  * Workaround: with OpenSSL 3 and later always turn on
    SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages and missed
    opportunities for TLS session reuse. This is safe because the SMTP
    protocol implements application-level framing, and is therefore not
    affected by TLS truncation attacks. Fix by Viktor Dukhovni.

  * Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
    lazily-bound handles for digest implementations. In sufficiently
    hostile configurations, Postfix could mistakenly believe that a digest
    algorithm is available, and fail when it is not. A similar workaround
    may be needed for EVP_get_cipherbyname(). Fix by Viktor Dukhovni.

  * Bugfix (bug introduced in Postfix 2.11): the checkok() macro in
    tls/tls_fprint.c evaluated its argument unconditionally; it should
    evaluate the argument only if there was no prior error. Found during
    code review.

  * Bugfix (bug introduced in Postfix 2.8): postscreen died with a
    segmentation violation when postscreen_dnsbl_threshold < 1. It
    should reject such input with a fatal error instead. Discovered by
    Benny Pedersen.

  * Bitrot: fixes for linker warnings from newer Darwin (MacOS)
    versions. Viktor Dukhovni.

  * Portability: Linux 6 support.

  * Added missing documentation that cidr:, pcre: and regexp: tables
    support inline specification only in Postfix 3.7 and later.
   2022-11-23 17:21:30 by Adam Ciarcinski | Files touched by this commit (1878) | Package updated
Log message:
massive revision bump after textproc/icu update
   2022-10-15 22:34:57 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3)
Log message:
postfix: Update to 3.7.3

upstream changes:
Postfix 3.7.3
  o This fixes a bug where some messages were not delivered after "warning:
    Unexpected record type 'X'.