./mail/postfix, Fast, easy to administer, and secure mail transfer agent

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.4.9, Package name: postfix-3.4.9, Maintainer: pkgsrc-users

Postfix aims to be an alternative to the widely-used sendmail
program. Sendmail is responsible for 70% of all e-mail delivered
on the Internet. With an estimated 100 million users, that's an
estimated 10 billion (10^10) messages daily. A stunning number.

Although IBM supported the Postfix development, it abstains from
control over its evolution. The goal is to have Postfix installed
on as many systems as possible. To this end, the software is given
away with no strings attached to it, so that it can evolve with
input from and under control by its users.

In other words, IBM releases Postfix only once. I will be around
to guide its development for a limited time.

MESSAGE.sasl [+/-]

Required to run:

Required to build:

Package options: tls

Master sites:

SHA1: e2ce620f172052bb3a51e99eefe0294199163a54
RMD160: 45c52a186bbadfa9ab289694b8d696565a7f39b3
Filesize: 4466.056 KB

Version history: (Expand)

CVS history: (Expand)

   2020-02-11 21:40:27 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (4) | Package updated
Log message:
postfix: update to 3.4.9

upstream changes:
 Fixed in all supported stable releases:

    Bug (introduced: Postfix 3.1): smtp_dns_resolver_options were broken while \ 
adding support for negative DNS response caching in postscreen. Postfix was \ 
inadvertently changed to call res_query() instead of res_search(). Reported by \ 
Jaroslav Skarvada.

    Bug (introduced: Postfix 2.5): Postfix ignored the CONNECT macro overrides \ 
from a Milter application. Postfix now evaluates the Milter macros for an SMTP \ 
CONNECT event after the Postfix-to-Milter connection is negotiated. Problem \ 
reported by David Bürgin.

    Bug (introduced: Postfix 3.0): sanitize (remote) server responses before \ 
storing them in the verify database, to avoid Postfix warnings about malformed \ 
UTF8. Found during code maintenance.
   2020-01-28 09:16:51 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3)
Log message:
mail/postfix: fix insufficient permissions for var/spool/postfix/...

pkgsrc changes:
  * Remove the subdirectories of var/spool/postfix to avoid insufficient
    permissions when upgrading (Thanks Matthias!).
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2019-12-09 09:45:14 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (2) | Package updated
Log message:
postfix: update to 3.4.8

upstream changes:
    Fix for an Exim interoperability problem when postscreen after-220 checks
    are enabled. Bug introduced in Postfix 3.4: the code that detected
    "PIPELINING after BDAT" looked at the wrong variable. The warning \ 
now says
    "BDAT without valid RCPT", and the error is no longer treated as a \ 
    PIPELINING error, thus allowing mail to be delivered. Meanwhile, Exim has
    been fixed to stop sending BDAT commands when postscreen rejects all RCPT

    Usability bug, introduced in Postfix 3.4: the parser for key/certificate
    chain files rejected inputs that contain an EC PARAMETERS object. While
    this is technically correct (the documentation says what types are allowed)
    this is surprising behavior because the legacy cert/key parameters will
    accept such inputs. For now, the parser skips object types that it does not
    know about for usability, and logs a warning because ignoring inputs is not

    Bug introduced in Postfix 2.8: don't gratuitously enable all after-220
    tests when only one such test is enabled. This made selective tests
    impossible with 'good' clients. This will be fixed in older Postfix
    versions at some later time.
   2019-11-02 17:25:29 by Roland Illig | Files touched by this commit (112)
Log message:
mail: align variable assignments

pkglint -Wall -F --only aligned -r

No manual corrections.
   2019-09-23 22:00:07 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (3) | Package updated
Log message:
postfix: Update to 3.4.7

upstream changes:
* Robustness: the tlsproxy(8) daemon could go into a loop, logging a flood of
  error messages. Problem reported by Andreas Schulze after enabling SMTP/TLS
  connection reuse.
* Workaround: OpenSSL changed an SSL_Shutdown() non-error result value into an
  error result value, causing logfile noise.
* Configuration: the new 'TLS fast shutdown' parameter name was implemented
  incorrectly. The documentation said "tls_fast_shutdown_enable", but \ 
the code
  said "tls_fast_shutdown". This was fixed by changing the code, \ 
because no-one
  is expected to override the default.
* Performance: workaround for poor TCP loopback performance on LINUX, where
  getsockopt(..., TCP_MAXSEG, ...) reports a bogus TCP maximal segment size that
  is 1/2 to 1/3 of the real MSS. To avoid client-side Nagle delays or
  server-side delayed ACKs caused by multiple smaller-than-MSS writes, Postfix
  chooses a VSTREAM buffer size that is a small multiple of the reported bogus
  MSS. This workaround increases the multiplier from 2x to 4x.
* Robustness: the Postfix Dovecot client could segfault (null pointer read) or
  cause an SMTP server assertion to fail when talking to a fake Dovecot server.
  The Postfix Dovecot client now logs a proper error instead. Problem reported
  by Tim Düsterhus.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-07-17 15:33:00 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (6) | Package updated
Log message:
postfix: update to 3.4.6

pkgsrc changes:
  * change COMMENT to make pkglint happy (inspired by http://www.postfix.org/)
  * update PLIST using make print-PLIST (missing @pkgdir)

upstream changes:

	Cleanup: dict_file_to_xxx() takes a list of file names
	separated by CHARS_COMMA_SP. Shoe-horned into the existing
	API, make it nicer when there is time. File: util/dict_file.c.


	Cleanup: encapsulated clumsy 'read into VSTRING' code with
	easier-to-use vstream_fread_buf() and vstream_fread_app()
	primitives. Files: global/memcache_proto.c, global/record.c,
	global/smtp_stream.c, global/smtp_stream.h, global/uxtext.c,
	global/xtext.c, milter/milter8.c, util/dict_file.c,
	util/hex_quote.c, util/netstring.c, util/vstream.c,
	util/vstream.h. Verified with "make tests".

	Cleanup: simplified the smtp_fread() API (introduced for
	BDAT support), and changed the name to smtp_fread_buf().
	Files: global/smtp_stream.c, smtpd/smtpd.c. Verified with
	~megabyte BDAT commands.

	Cleanup: simplified a tlsproxy-internal API. File:


	Initial support for key/certificate chain files that will
	replace the proliferation of separate parameters for
	RSA/DSA/ECC/etc. key and certificate files. Viktor


	Cleanup: replaced the remaining unsafe VSTRING_AT_OFFSET()
	calls with safe vstring_set_payload_size() calls, in code
	that directly writes into VSTRING. Files: tls/tls_session.c,
	tlsmgr/tlsmgr.c, util/casefold.c, util/vstring.c, util/vstring.h,

	Cleanup: postscreen_command_time_limit did not need to be
	a 'raw' parameter. This makes "postconf -x" behavior more
	consistent. Files: global/mail_params.h, postscreen/postscreen.c.

	Documentation: added text that the following parameter
	values are not subject to Postfix parameter $name expansion:
	default_rbl_reply, command_execution_directory, luser_relay,
	smtpd_reject_footer. These have their own documented $name
	substitution mechanism. File: proto/postconf.proto.


	Bugfix: posttls-finger reported an error for UNIX-domain
	connections, even if they did not fail. Found by Coverity.
	File: posttls-finger/posttls-finger.c.


	Documentation: add even more redundancy to the rate-delay
	description. File: proto/postconf.proto.


	Cleanup: code deduplication. File: util/dict_file.c.


	Cleanup: code deduplication and better encapsulation with
	Files: postscreen/postscreen.h, postscreen/postscreen_state.c.

	Documentation: POSTSCREEN_README did not describe the
	postscreen_post_queue_limit, and attributed the wrong reject
	message to the postscreen_pre_queue_limit. Problem reported
	by Michael Orlitzky. File: proto/POSTSCREEN_README.html.

	(20181226-nonprod) Compatibility: removed support for OpenSSL
	1.0.1 (not supported since December 31, 2016) and earlier
	releases. This eliminated a large number of #ifdefs with
	bitrot workarounds.  Viktor Dukhovni. Files: global/mail_params.h,
	posttls-finger/posttls-finger.c, tls/tls.h, tls/tls_certkey.c,
	tls/tls_client.c, tls/tls_dane.c, tls/tls_dh.c, tls/tls_misc.c,
	tls/tls_proxy_client_scan.c, tls/tls_rsa.c, tls/tls_server.c,

	(20181226-nonprod) Use the OpenSSL 1.0.2 and later API for
	setting ECDHE curves. Viktor Dukhovni. Files: tls/tls.h,
	tls/tls_client.c, tls/tls_dh.c.

	(20181226-nonprod) Documentation update for TLS support.
	Viktor Dukhovni. Files: mantools/postlink, proto/TLS_README.html,
	proto/postconf.proto, src/sendmail/sendmail.c, src/smtpd/smtpd.c.


	Explicit maps_file_find() and dict_file_lookup() methods
	that decode base64 content. Decoding content is not built
	into the dict->lookup() method, because that would complicate
	the implementation of map nesting (inline, thash), map
	composition (pipemap, unionmap), and map proxying.  For
	consistency, decoding base64 file content is also not built
	into the maps_find() method. Files: util/dict.h.
	util/dict_file.c, global/maps.[hc], postmap/postmap.c.


        Documentation: documented the SRC_RHS_IS_FILE flag in
        dict_open.c, and updated the -F description in the postmap
        manpage. Files: util/dict_open.c, postmap/postmap.c.

	(20190106-nonprod) Feature: support for files that combine
	multiple (key, certificate, trust chain) instances in one
	file, to avoid separate files for RSA, DSA, Elliptic Curve,
	and so on. Viktor Dukhovni. Files: .indent.pro,
	global/mail_params.h, posttls-finger/posttls-finger.c,
	smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp_params.c,
	smtp/smtp_proto.c, smtpd/smtpd.c, tls/tls.h, tls/tls_certkey.c,
	tls/tls_client.c, tls/tls_proxy.h, tls/tls_proxy_client_print.c,
	tls/tls_proxy_client_scan.c, tls/tls_proxy_server_print.c,
	tls/tls_proxy_server_scan.c, tls/tls_server.c, tlsproxy/tlsproxy.c.

	(20190106-nonprod) Create a second, no-key no-cert, SSL_CTX
	for use with SNI. Viktor Dukhovni. Files: src/tls/tls.h,
	src/tls/tls_client.c, src/tls/tls_misc.c, src/tls/tls_server.c.

	(20190106-nonprod) Server-side SNI support. Viktor Dukhovni.
	Files: src/global/mail_params.h, src/smtp/smtp.c,
	src/smtpd/smtpd.c, src/tls/tls.h, src/tls/tls_certkey.c,
	src/tls/tls_misc.c, src/tlsproxy/tlsproxy.c,

	(20190106-nonprod) Configurable client-side SNI signal.
	Viktor Dukhovni. Files: global/mail_params.h,
	posttls-finger/posttls-finger.c, smtp/lmtp_params.c,
	smtp/smtp.c, smtp/smtp.h, smtp/smtp_params.c, smtp/smtp_proto.c,
	smtp/smtp_tls_policy.c, tls/tls.h, tls/tls_client.c,
	tls/tls_proxy.h, tls/tls_proxy_client_print.c,


	Logging: support for internal logging file, without using
	syslog (it uses the new postlogd daemon instead). This
	solves a usability problem for MacOS, may help getting
	around systemd, and solves 99% of the problem for logging
	to stdout in a container (hopefully we have 100% soon).
	Enable by setting, for example, "maillog_file =
	/var/log/postfix.log").  This works fine for daemons, and
	with some limitations for non-daemon programs.  See
	RELEASE_NOTES for more details.  Files: conf/master.cf,
	conf/post-install, conf/postfix-files, conf/postfix-script,
	mantools/postlink, proto/master, proto/postconf.proto,
	global/mail_params.c, global/mail_params.h, global/mail_proto.h,
	global/maillog_client.c, global/maillog_client.h,
	master/dgram_server.c, master/event_server.c, master/mail_server.h,
	master/master.c, master/master.h, master/master_ent.c,
	master/master_listen.c, master/master_proto.h,
	master/master_wakeup.c, master/multi_server.c,
	master/single_server.c, master/trigger_server.c,
	postalias/postalias.c, postconf/postconf_master.c,
	postdrop/postdrop.c, postfix/postfix.c, postkick/postkick.c,
	postlog/postlog.c, postlogd/postlogd.c, postmap/postmap.c,
	postmulti/postmulti.c, postqueue/postqueue.c,
	postsuper/postsuper.c, sendmail/sendmail.c, util/connect.h,
	util/listen.h, util/logwriter.c, util/logwriter.h,
	util/msg_logger.c, util/msg_logger.h, util/msg_output.c,
	util/msg_output.h, util/unix_dgram_connect.c,

	Cleanup: cert/key/chain loading, plus unit tests to exercise
	non-error and error cases. Viktor Dukhovni. Files: tls/*.pem,
	tls*.pem.ref, tls/tls_certkey.c.


	Safety: Postfix programs will log to either syslog or postlog
	but not both; and postlogd forwards postlog logging to
	syslog, when a configuration change removes the maillog_file
	pathname, but some programs still use the old configuration.
	Files: util/msg_syslog.[hc], util/msg_logger.c,
	global/maillog_client.c, postlogd/postlogd.c,

	Bugfix (introduced: Postfix 20110109, Postfix 2.10): watchdog
	pipe file descriptor leak. This pipe provides one source
	of liveness, data from this pipe is discarded, and therefore
	this does not enable privilege escalation or DOS. File:

	Feature: stdout logging support; requires "postfix start-fg"
	and "maillog_file = /dev/stdout". Files: master/master.c,


	Safety: when maillog_file is specified, 'postfix check' now
	requires that the postlog service is enabled in master.cf.
	Otherwise 'postfix start' etc. will log a fatal error. File:

	Documentation: added policy_context example. File:


	Testing: run libtls tests under Valgrind. File tls/Makefile.in.


	Safety: require that $maillog_file matches one of the
	pathname prefixes specified in $maillog_file_prefixes. The
	maillog file is created by root, and the prefixes limit the
	damage from a single configuration error. Files:
	global/mail_params.[hc], global/maillog_client.c.


	Feature: "postfix logrotate" command with configurable
	compression program and datestamp filename suffix. File:


	Cleanup: log a warning when the client sends a malformed
	SNI; log an info message when the client sends a valid SNI
	that does not match the SNI lookup tables; update the
	FORWARD_SECRECY_README logging examples. Viktor Dukhovni.
	Files: proto/FORWARD_SECRECY_README.html, tls/tls.h,
	tls/tls_client.c, tls/tls_misc.c.


	Debugging: the master(8) daemon now logs a warning if a
	master.cf entry is defined multiple times. File:


	Debugging: tlsproxy(8) now logs more details about unexpected
	configuration differences between the Postfix SMTP client
	and the tlsproxy(8) daemon.


	Documentation: Postfix 3.4.0 RELEASE NOTES.

	Documentation: added BDAT_README.

	Documentation: global TLS settings. Files: mantools/postlink,
	smtp/smtp.c, tlsproxy/tlsproxy.c.


	Cleanup: removed obsolete parameters: tls_dane_digest_agility,
	tls_dane_trust_anchor_digest_enable; removed openssl_path
	parameter from configuration difference checks in tlsproxy.
	Files: global/mail_params.h, tls/tls_misc.c,
	tls/tls_proxy_client_misc.c, tls/tls_proxy_client_print.c,
	tls/tls_proxy_client_scan.c, tls/tls_proxy.h.


	Cleanup: missing #ifdef USE_TLS. Files: smtp/smtp_session.c,


	Cleanup: when the master daemon runs with PID=1 (init mode),
	reap orhpan processes from non-Postfix code running in the
	same container, instead of terminating with a panic. File:


	Bugfix: tlsproxy did not enable DANE-style PKI because
	libtls seems to have to accreted multiple init functions
	instead of reusing the tls_client_init() and tls_client_start()
	API. And some functions that do initialization don't even
	have init in their name! Problem report by Andreas Schulze.
	Viktor Dukhovni. Files: tls/tls_misc.c, tlsproxy/tlsproxy.c.

	Workaround: Postfix libtls makes DANE-specific changes to
	the shared SSL_CTX. To avoid false sharing, tlsproxy needs
	to label the SSL_CTX cache with DANE bits until we can
	remove the code that modifies SSL_CTX. File: tlsproxy/tlsproxy.c.

	Cleanup: Postfix libtls changed the shared SSL_CTX to
	override ciphers. instead of changing the SSL handle. To
	avoid false sharing in tlsproxy, the changes are now made
	to the SSL handle. Viktor Dukhovni. Files: tls/tls.h,
	tls/tls_client.c, tls/tls_misc.c, tls/tls_server.c.


	Bugfix: in the Postfix SMTP client, TLS wrappermode was not
	tested in tlsproxy mode. It needed some setup for buffering
	and timeouts. Problem report by Andreas Schulze. File:


	Bugfix: a reversed test broke TLS configurations that specify
	the same filename for a private key and certificate. Reported
	by Mike Kazantsev. Fix by Viktor Dukhovni. Wietse fixed the
	test. Files: tls/tls_certkey.c, tls/Makefile.in.


	Bitrot: LINUX5s support, after some sanity checks with a
	rawhide prerelease version. Files: makedefs, util/sys_defs.h.

	Bugfix (introduced: 20181226): broken DANE trust anchor
	file support, caused by left-over debris from the 20181226
	TLS library overhaul. By intrigeri. File: tls/tls_dane.c.

	Bugfix (introduced: Postfix-1.0.1): null pointer read, while
	logging a warning after a corrupted bounce log file. File:

	Bugfix (introduced: Postfix-2.9.0): null pointer read, while
	logging a warning after a postscreen_command_filter read
	error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c


	Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
	has been producing false rejects starting with the Postfix
	2.2 smtpd_end_of_data_restrictons, and for the same reasons,
	does the same with the Postfix 3.4 BDAT command. The latter
	was reported by Andreas Schulze. File: smtpd/smtpd_check.c.


	With message_size_limit=0 (which is NOT DOCUMENTED), BDAT
	chunks were always rejected as too large. File: smtpd/smtpd.c


	Bugfix (introduced: Postfix 3.0): LMTP connections over
	UNIX-domain sockets were cached but not reused, due to a
	cache lookup key mismatch. Therefore, idle cached connections
	could exhaust LMTP server resources, resulting in two-second
	pauses between email deliveries. This problem was investigated
	by Juliana Rodrigueiro. File: smtp/smtp_connect.c.


	Documentation: tlsext_padding is not a tls_ssl_options
	feature. File: proto/postconf.proto.


	Portability: added "#undef sun" to util/unix_dgram_connect.c.


	Bugfix (introduced: Postfix 2.3): a censoring filter broke
	multiline Milter responses for header/body events. Problem
	report by Andreas Thienemann. Files: util/printable.c,
	util/stringops.h, smtpd/smtpd.c

	Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit =
	0" no longer meant 'unlimited'. Problem report by Luc Pardon.
	File: smtp/smtp_addr.c.


	Documentation: updated the BUGS section in the smtp(8) manpage
	about TLS connection reuse. File: smtp/smtp.c.

	Workaround for implementations that hang Postfix while
	shutting down a TLS session, until Postfix times out. With
	"tls_fast_shutdown_enable = yes" (the default), Postfix no
	longer waits for the TLS peer to respond to a TLS 'close'
	request. This is recommended with TLSv1.0 and later. Files:
	global/mail_params.h, tls/tls_session.c, and documentation.


	Bugfix (introduced: Postfix 3.0): the code to reset Postfix
	SMTP server command counts was not called after a HaProxy
	handshake failure, causing stale numbers to be reported.
	The command counts are now reset in the function that reports
	the counts. File: smtpd/smtpd.c.