./mail/qmail, Secure, reliable, efficient, simple, and fast MTA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.03nb49, Package name: qmail-1.03nb49, Maintainer: schmonz

The qmail program is a secure, reliable, efficient simple message
transfer agent. It is meant to be a replacement for the entire
sendmail-binmail system that most UNIX hosts use.

Although qmail holds security and reliability as its top two
priorities, it is also fast. On a Pentium under BSD/OS, qmail can
easily handle 200000 separate messages per day that are injected
and must then be delivered to local mailboxes!

Security and reliability are qmail's two strengths, however. The
qmail package ensures a message, once accepted, will never be lost.
An optional new mailbox format, maildir, even lets users safely
read their mail over NFS, while still accepting new mail deliveries.

The following features are supported: host and user masquerading,
full host hiding, virtual domains, null clients, list-owner rewriting,
relay control, double-bounce recording, arbitrary RFC 822 address
lists, cross-host mailing-list loop detection, per-recipient
checkpointing, downed host backoffs, independent message retry
schedules, a drop-in sendmail replacement, and more!

DEINSTALL [+/-]
MESSAGE.srs [+/-]
MESSAGE.tls [+/-]

Required to run:
[sysutils/checkpassword] [sysutils/daemontools] [net/ucspi-ssl] [security/openssl] [devel/syncdir] [mail/libsrs2] [devel/libidn2]

Required to build:
[pkgtools/cwrappers]

Package options: eai, qmail-customerror, qmail-srs, syncdir, tls

Master sites:

SHA1: 7647b9920134cd433b31c5e27563f0728fbd0056
RMD160: ea1417fe5aebc24cb1d06e9992d941e91045e3b0
Filesize: 220.423 KB

Version history: (Expand)


CVS history: (Expand)


   2020-08-24 07:44:33 by Tobias Nygren | Files touched by this commit (1)
Log message:
qmail: mark as NOT_FOR_UNPRIVILEGED

Although the package itself builds when pkgsrc is bootstrapped in
unprivileged mode, the pkgsrc +INSTALL/+DEINSTALL scripts fail, causing
bulk build noise:

=> Creating binary package /wrk/mail/qmail/work/.packages/qmail-1.03nb49.tgz
fatal: unable to find user alias
===========================================================================

ERROR: instchown exited 111.

Permissions are likely wrong, and/or the queue may be uninitialized.

===========================================================================
pkg_add: install script returned error status
pkg_add: 1 package addition failed
   2020-06-25 07:42:40 by Amitai Schleier | Files touched by this commit (39)
Log message:
Retire 'djbware-errno-hack' and associated options.mk cleverness.
Instead:

1. Package makefiles including their own options.mk
2. Packages say "SUBST_CLASSES+=djberrno" to get the hack, if needed
3. Packages adjust SUBST_FILES.djberrno, if needed

Should fix bulk build failures due to multiple inclusions of options.mk
and/or incorrect definitions of DJB_ERRNO_HACK.

Approved during the freeze by wiz@.
   2020-05-23 22:50:02 by Amitai Schleier | Files touched by this commit (4) | Package updated
Log message:
Update to notqmail 1.08 (as qmail-1.03nb49). From the changelog:

## Fix bugs

- Vulnerabilities we've inherited from qmail 1.03, reported by Qualys.
    - CVE-2005-1515: fix signedness wraparound in `substdio_{put,bput}()`.
    - CVE-2005-1514: fix possible signed integer overflow in `commands()`.
    - CVE-2005-1513: fix integer overflow in `stralloc_readyplus()`.
    - Fix several other places where variables could overflow.
- `qmail-pop3d`: instead of running as root if root authenticates (and
  being a vector for a dictionary attack on the root password), exit 1
  to look just like a failed `checkpassword` login.
- `qmail-inject`: do not parse header recipients if `-a` is given.
- Correctly detect multiple IP addresses on the same interface.
- Remove workaround for ancient DNS servers that do not properly
  support CNAME.
- Fix possible integer overflow in `alloc()`.

## Reduce bug likelihood

- Remove `dnscname` and `dnsmxip` programs that were being built but not
  installed.
- Remove `systype` and related platform detection.
- Remove unused variable in `maildir.c`.
- Reduce variable scope in `tcpto.c`.
- Avoid local variables shadowing same-named globals.
- Avoid needing `exit.h` in named-pipe bug check.
- Add a `test` target and some unit tests, using Check.
- Add missing function declarations in `cdbmss.h`, `scan.h`.
- Add missing return types to `main()`.
- Add `hier.h` for inclusion in `instcheck.c`, `instchown.c`, `instpackage.c`.
- Use system headers and types instead of the `HASSHORTSETGROUPS` check.
- Use system headers instead of redeclaring `exit()`, `read()`,
  `write()`, `malloc()`, `free()`, `fork()`, `uint32_t`.
- Use C89 function signatures for code we've touched so far.
- Automated builds:
    - TravisCI: move setting `MAKEFLAGS` out of the script and into
      the matrix.
    - Add FreeBSD builds with CirrusCI.
    - Add a GitHub Actions build.

## Other changes

- Remove DJB's TODO.
- Replace many `pobox.com` URLs.
- Acknowledge Erik Sjölund's `qmail-local.c` bugfix that we've
  inherited from netqmail.
- Avoid generating catted manpages by building with `NROFF=true`.
- Optionally create a `systemd` service file.
- Run an alternate `qmail-remote` by setting `QMAILREMOTE` in
  `qmail-send`'s environment.

## Intent to remove

In the course of developing this release, we found programs that we
intend to remove in the next release. We believe none of these remains
necessary or useful enough to be worth the cost of maintaining. If you
disagree, please let us know!

- Remove `qsmhook`, long since replaced by `preline`.
- Remove inefficient `maildirwatch`.
- Remove obsolete mail client wrappers.
- Remove `qmail-pop3d`, since Maildir is well supported by actively
  maintained POP3 servers.
   2020-05-02 12:47:38 by Roland Illig | Files touched by this commit (1)
Log message:
mail/qmail: doesn't need the errno hack anymore

notqmail-1.07 correctly includes <errno.h> instead of declaring errno as
a process-global variable.
   2020-03-18 18:56:09 by Joerg Sonnenberger | Files touched by this commit (1)
Log message:
Make sure ${TAR} is present
   2020-02-03 05:51:27 by Amitai Schleier | Files touched by this commit (3) | Package updated
Log message:
Update to tlsonlyremote 20200202 from upstream TLS patch 20200107. Adds
client cert authentication with TLS v1.3. Bump PKGREVISION.
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2019-11-02 17:25:29 by Roland Illig | Files touched by this commit (112)
Log message:
mail: align variable assignments

pkglint -Wall -F --only aligned -r

No manual corrections.