Log message:
postfix*: update to 3.8.4

20230815

	Bugfix (bug introduced: 20140218): when opportunistic TLS fails
	during or after the handshake, don't require that a probe
	message spent a minimum time-in-queue before falling back to
	plaintext. Problem reported by Serg. File: smtp/smtp.h.

20230819

	Bugfix (defect introduced: 19980207): the valid_hostname()
	check in the Postfix DNS client library was blocking unusual
	but legitimate wildcard names (*.name) in some DNS lookup
	results and lookup requests. Examples:

            name          class/type value
            *.one.example   IN CNAME *.other.example
            *.other.example IN A     10.0.0.1
            *.other.example IN TLSA  ..certificate info...

	Such syntax is blesed in RFC 1034 section 4.3.3.

	This problem was reported first in the context of TLSA
	record lookups. Files: util/valid_hostname.[hc],
	dns/dns_lookup.c.

20230929

	Bugfix (defect introduced Postfix 2.5, 20080104): the Postfix
	SMTP server was waiting for a client command instead of
	replying immediately, after a client certificate verification
	error in TLS wrappermode. Reported by Andreas Kinzler. File:
	smtpd/smtpd.c.

20231006

	Usability: the Postfix SMTP server now attempts to log the
	SASL username after authentication failure. In Postfix
	logging, this appends ", sasl_username=xxx" after the reason
	for SASL authentication failure. The logging replaces an
	unavailable reason with "(reason unavailable)", and replaces
	an unavailable sasl_username with "(unavailable)". Based
	on code by Jozsef Kadlecsik. Files: xsasl/xsasl_server.c,
	xsasl/xsasl_cyrus_server.c, smtpd/smtpd_sasl_glue.c.

20231026

	Bugfix (defect introduced: Postfix 2.11): in forward_path,
	the expression ${recipient_delimiter} would expand to an
	empty string when a recipient address had no recipient
	delimiter. Fixed by restoring Postfix 2.10 behavior to use
	a configured recipient delimiter value. Reported by Tod
	A. Sandman. Files: proto/postconf.proto, local/local_expand.c.

20231221

	Security: with "smtpd_forbid_bare_newline = yes" (default
	"no" for Postfix < 3.9), reply with "Error: bare <LF>
	received" and disconnect when an SMTP client sends a line
	ending in <LF>, violating the RFC 5321 requirement that
	lines must end in <CR><LF>. This prevents SMTP smuggling
	attacks that target a recipient at a Postfix server. For
	backwards compatibility, local clients are excluded by
	default with "smtpd_forbid_bare_newline_exclusions =
	$mynetworks". Files: mantools/postlink, proto/postconf.proto,
	global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
	smtpd/smtpd.c.

Log message:
mail/postfix: update to 3.6.2

* pkgsrc change: Add supportfor blocklistd(3) (and blacklistd(3)).

* From release annuonce:

Fixed in Postfix 3.6.2, 3.5.12, 3.4.22, 3.3.19:

  * In Postfix 3.6, fixed a false "Result too large" (ERANGE) fatal
    error in the compatibility_level parser, because there was no
    'errno = 0' statement before an strtol() call. In Postfix
    3.3-3.5, fixed two older latent bugs of this kind (introduced
    in 1999 and in Postfix 2.11). Problem reported by David Bohman.

  * (problem introduced in Postfix 3.3) "Null pointer read" error
    in the cleanup daemon when "header_from_format = standard" (the
    default as of Postfix 3.3), and email was submitted with
    /usr/sbin/sendmail without From: header, and an all-space full
    name was specified in 1) the password file, 2) with "sendmail
    -F", or 3) with the NAME environment variable. Found by Renaud
    Metrich.

  * (problem introduced in Postfix 2.4) False "too many reverse
    jump" warnings in the showq daemon, because loop detection code
    was comparing memory addresses instead of queue file names.
    Reported by Mehmet Avcioglu.

  * (problem introduced in 1999) The Postfix SMTP server was sending
    all session transcripts to the error_notice_recipient (default:
    postmaster), instead of sending transcripts of bounced mail to
    the bounce_notice_recipient (default: postmaster). Reported by
    Hans van Zijst.

Fixed in Postfix 3.6.2, 3.5.12, 3.4.22:

  * The texthash: map implementation broke tls_server_sni_maps,
    because it did not support multi-file inputs. Reported by
    Christopher Gurnee, who also found an instance of the missing
    code in the "postmap -F" source code. File: util/dict_thash.c.

Log message:
Revbump for MySQL default change

Log message:
Reset PKGREVISION.

Log message:
Fixed PKGREVISION to be only defined directly in the package Makefile.

Log message:
Update postfix to 3.1.2.

3.1.0

The main changes in no particular order are:

  * "postfix tls" command to simplify setup of opportunistic TLS,
    and to simplify SMTP server key/certificate management.

  * Positive and negative DNS reply TTL support in postscreen(8).

  * SASL AUTH rate limit in the Postfix SMTP server.

  * A safety limit on the number of address verify requests.

  * JSON-format Postfix queue listing.

  * Destination-independent delivery rate delay

For details, see the RELEASE_NOTES file.

3.1.1

Fixed in all supported releases:

  * The Milter "replace sender" (SMFIR_CHGFROM) request lost an
    address that was added with sender_bcc_maps, resulting in a
    "rcpt count mismatch" warning. Reported by Joerg Backschues.
    This defect was introduced with Postfix 2.6.

  * The "bad filetype" example in the header_checks(5) manpage
    falsely rejected Content- headers with ``name="example";
    x-apple-part-url="example.com"''.  Reported by Cedric Knight.
    This defect was introduced with Postfix 2.6.

3.1.2

Fixed with Postfix 3.1.2:

  * Changes to make Postfix build with OpenSSL 1.1.0.

Fixed with Postfix 3.1.2 and 3.0.6:

  * The makedefs script ignored readme_directory=pathname overrides.
    Fix by Todd C. Olson.

  * The tls_session_ticket_cipher documentation says that the default
    cipher for TLS session tickets is aes-256-cbc, but the implemented
    default was aes-128-cbc. Note that TLS session ticket keys are
    rotated after 1/2 hour, to limit the impact of attacks on session
    ticket keys.

Log message:
Bump PKGREVISION.

Log message:
Link with corect rpath.  Fix PR pkg/50299.