./mail/sendmail, The well known Mail Transport Agent

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 8.18.1nb1, Package name: sendmail-8.18.1nb1, Maintainer: jnemeth

Sendmail acts as a unified "post office" to which all mail can be
submitted. Address interpretation is controlled by a production
system, which can parse both domain-based addressing and old-style
"ad hoc" addresses. The production system is powerful enough to
rewrite addresses in the message header to conform to the standards
of a number of common target networks, including old (NCP/RFC733)
Arpanet, new (TCP/RFC822) Arpanet, UUCP, and Phonenet. Sendmail
also implements an SMTP server, message queueing, and aliasing.

Package options: blacklist, inet6, tcpwrappers, tls

Master sites: (Expand)

Filesize: 2345.279 KB

Version history: (Expand)

CVS history: (Expand)

   2024-02-19 05:12:36 by John Nemeth | Files touched by this commit (3)
Log message:
PR/57936 -- fix build problem on netbsd-9
   2024-02-12 04:23:06 by John Nemeth | Files touched by this commit (5)
Log message:
Update to sendmail 8.18.1.

Main changes are:
- stricter RFC compliance to close some security issues
- FIPS 3 support
- full DANE support


This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.

8.18.1/8.18.1	2024/01/31
	sendmail is now stricter in following the RFCs and rejects
		some invalid input with respect to line endings
		and pipelining:
		- Prevent transaction stuffing by ensuring SMTP clients
		wait for the HELO/EHLO and DATA response before sending
		further SMTP commands.  This can be disabled using
		the new srv_features option 'F'.  Issue reported by
		Yepeng Pan and Christian Rossow from CISPA Helmholtz
		Center for Information Security.
		- Accept only CRLF . CRLF as end of an SMTP message
		as required by the RFCs, which can disabled by the
		new srv_features option 'O'.
		- Do not accept a CR or LF except in the combination
		CRLF (as required by the RFCs).  These checks can
		be disabled by the new srv_features options
		'U' and 'G', respectively.  In this case it is
		suggested to use 'u2' and 'g2' instead so the server
		replaces offending bare CR or bare LF with a space.
		It is recommended to only turn these protections off
		for trusted networks due to the potential for abuse.
	Full DANE support is available if OpenSSL versions 1.1.1 or 3.x
		are used, i.e., TLSA RR 2-x-y and 3-x-y are supported
		as required by RFC 7672.
	OpenSSL version 3.0.x is supported.  Note: OpenSSL 3 loads by
		default an openssl.cnf file from a location specified
		in the library which may cause unwanted behaviour
		in sendmail.  Hence sendmail sets the environment
		variable OPENSSL_CONF to /etc/mail/sendmail.ossl
		to override the default.  The file name can be
		changed by defining confOPENSSL_CNF in the mc file;
		using an empty value prevents setting OPENSSL_CONF.
		Note: referring to a file which does not exist does
		not cause an an error.
	Two new values have been added for {verify}:
		"DANE_TEMP": DANE verification failed temporarily.
		"DANE_NOTLS": DANE was required but STARTTLS was not
		offered by the server.
		The default rules return a temporary error for these
		cases, so delivery is not attempted.
	If the TLS setup code in the client fails and DANE requirements
		exist then {verify} will be set to "DANE_TEMP" thus
		preventing delivery by default.
	DANE related logging has been slightly changed for clarification:
		"DANE configured in DNS but no STARTTLS available"
		changed to
		"DANE configured in DNS but STARTTLS not offered"
	When the compile time option USE_EAI is enabled, vacation could
		fail to respond when it should (the code change in
		8.17.2 was incomplete).  Problem reported by Alex
	If SMTPUTF8 BODY=7BIT are used as parameters for the MAIL command
		the parsing of UTF8 addresses could fail (USE_EAI).
	If a reply to a previous RCPT was received while sending
		another RCPT in pipelining mode then parts of the
		reply could have been assigned to the wrong RCPT.
	New DontBlameSendmail option CertOwner to relax requirement
		for certificate public and private key ownership.
		Based on suggestion from Marius Strobl of the
		FreeBSD project.
	clt_features was not checked for connections via Unix domain
	CONFIG: FEATURE(`enhdnsbl') did not handle multiple replies
		from DNS lookups thus potentially causing random
		"false negatives".
		Note: the fix creates an incompatibility:
		the arguments must not have a trailing dot anymore
		because the -a. option has been removed (as it only
		applies to the entire result, not individual values).
	CONFIG: New FEATURE(`fips3') for basic FIPS support in OpenSSL 3.
	VACATION: Add support for Return-Path header to set sender
		to match OpenBSD and NetBSD functionality.
	VACATION: Honor RFC3834 and avoid an auto-reply if
		'Auto-Submitted: no' is found in the headers to
		match OpenBSD and NetBSD functionality.
	VACATION: Avoid an auto-reply if a 'List-Id:' is found in
		the headers to match OpenBSD functionality.
	VACATION: Add support for $SUBJECT in .vacation.msg which
		is replaced with the first line of the subject of the
		original message to match OpenBSD and NetBSD
		Add support for Darwin 23.
	New Files:
   2024-01-15 05:43:23 by John Nemeth | Files touched by this commit (19) | Package updated
Log message:
Update to sendmail 8.17.2: some feature updates and a bunch of bug fixes.

pkgsrc changes:
- remove some backported patches now included upstream
- rename blacklistd option to blacklist to match defaults/mk.conf
  - accept old opiton blacklistd
- add new smtputf8 option to enable SMTP SMTPUTF8 protocol option


This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.

8.17.2/8.17.2	2023/06/03
	Make sure DANE checks (if enabled) are performed even if
		CACertPath or CACertFile are not set or unusable.
	Note: if the code to set up TLS in the client fails, then
		{verify} will be set to TEMP but DANE requirements
		will be ignored, i.e., by default mail will be sent
		without STARTTLS.  This can be changed via a
	Pass server name to clt_features ruleset instead of client
		name to account for limitations in macro availability
		described below in CONFIG section.  This may break
		custom clt_features rulesets which expect to receive
		the client name as input.
	Fix a regression introduced in 8.17.1: aliases file which
		contain continuation lines caused parsing errors.
	Add an FFR (for future release) compile time option _FFR_LOG_STAGE
		to log the protocol stage as stage= for some errors during
		delivery attempts to make troubleshooting simpler.  This
		new logging may be enabled in a future release.
	When EAI is enabled, milters also got the arguments of MAIL/RCPT
		commands in argv[0] for xxfi_envfrom()/xxfi_envrcpt()
		callbacks instead of just the mail address.
		Problem reported by Dilyan Palauzo.
	When EAI is enabled, mailq prints UTF-8 addresses as such
		if SMTPUTF8 was used.
	When EAI is enabled, the $h macro is now in the correct format.
		Previously this could cause wrong values for relay=
		in log entries and the mailer argument vector.
	When the compile time option USE_EAI is enabled, vacation could
		fail to respond when it should.  Problem reported by
		Alex Hautequest.
	When EAI was enabled, header truncation might not have been
		logged even when it happened. Problem reported by
		Werner Wiethege.
	Handle a possible change in an upcoming release of Cyrus-SASL
		(2.1.28) by changing the definition of an internal flag.
		Patch from Dilyan Palauzo.
	Avoid an assertion failure when an smtps connection is made
		to the server and a milter is unavailable.
		Problem reported by Dilyan Palauzo.
	Fixed some spelling errors in documentation and comments,
		based on a codespell report by Jens Schleusener
		of fossies.org.
	The result of try_tls is now logged using status= instead
		of reject=.
	If tls_rcpt rejected the delivery of a recipient then a bogus
		dsn= entry might have been logged under some circumstances.
	If a server replied with 421 to a RCPT command then a bogus reply=
		might have been logged.
	When quoting the value for ${currHeader} avoid causing a syntax
		error (Unbalanced '"') when truncating a header value
		which is too long.  Problem reported by Werner Wiethege.
	Reduce the performance impact of a change introduced in
		8.12.9: the default for MaxMimeHeaderLength was
		set to 2048/1024.  Problem reported by Tabata
		Shintaro of Internet Initiative Japan Inc.
	CONFIG: The default clt_features ruleset tried to access
		${server_name} and ${server_addr} which are not set
		when the ruleset is invoked.  Only the server name
		is available which is passed as an argument.
	CONFIG: Properly quote host variable to prevent cf build
		breakage when a hostname contains 'dnl'.  Problem
		reported by Maxim Shalomikhin of Kaspersky.
	DEVTOOLS: Add configure.sh support for BSD's mandoc as an
		alternative man page formatting tool.
	DOC: Document that USAGE is a possible value for {verify}.
	LIBMILTER: The macros for the EOH and EOM callbacks are
		sent in reverse order which means accessing macros
		in the EOM callback got the macro for the EOH
		callback. Store those macros in the expected order
		in libmilter. Note: this does not affect sendmail
		because the macros for both callbacks are the same
		because the message is sent to libmilter after it
		is completely read by sendmail.  Fix and problem
		report from David Buergin.
		Make use of IN_LOOPBACK, if defined, to determine if
		using a loopback address.  Patch from Mike Karels of
		On Linux use gethostbyname2(3) if glibc 2.19 or newer
		is used to avoid potential problems with IPv6 lookups.
		Patch from Werner Wiethege.
		Add support for Darwin 21 and Darwin 22.
		Solaris 12 has been renamed to Solaris 11.4, hence
		adapt a condition for sigwait(2) taking one argument.
		Patch from John Beck.
	New Files:

8.17.1/8.17.1	2021/08/17
	Deprecation notice: due to compatibility problems with some
		third party code, we plan to finally switch from K&R
		to ANSI C. If you are using sendmail on a system
		which does not have a compiler for ANSI C contact us
		with details as soon as possible so we can determine
		how to proceed.
	Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533)
		is available when using the compile time option USE_EAI
		(see also devtools/Site/site.config.m4.sample for other
		required settings) and the cf option SMTPUTF8.
		If a mail submission via the command line requires
		the use of SMTPUTF8, e.g., because a header uses UTF-8
		encoding, but the addresses on the command line are all
		ASCII, then the new option -U must be used, and
		the cf option SMTPUTF8 must be set in submit.cf.
		Please test and provide feedback.
	Experimental support for SMTP MTA Strict Transport Security
		(MTA-STS, see RFC 8461) is available when using
		- the compile time option _FFR_MTA_STS (which requires
		- FEATURE(sts), which implicitly sets the cf option
		- postfix-mta-sts-resolver, see
	New ruleset check_other which is called for all unknown SMTP
		commands in the server and for commands which do not
		have specific rulesets, e.g., NOOP and VERB.
	New ruleset clt_features which can be used to select features
		in the SMTP client per server.  Currently only two
		flags are available: D/M to disable DANE/MTA-STS,
	New compile time option NO_EOH_FIELDS to disable the special
		meaning of the headers Message: and Text: to denote the
		end of the message header.
	Avoid leaking session macros for an envelope between
		delivery attempts to different servers.  This problem
		could have affected check_compat.
	Avoid leaking actual SMTP replies between delivery attempts
		to different servers which could cause bogus logging
		of reply= entries.
	Change default SMTP reply code for STARTTLS related problems
		from 403 to 454 to better match the RFCs.
	Fix a theoretical buffer overflow when encountering an
		unknown/unsupported socket address family on an
		operating system where sa_data is larger than 30
		(the standard is 14).  Based on patch by Toomas Soome.
	Several potential memory leaks and other similar problems
		(mostly in error handling code) have been fixed.
		Problems reported by Tomas Korbar of RedHat.
	Previously the commands GET, POST, CONNECT, or USER terminate
		a connection immediately only if sent as first command.
		Now this is also done if any of these is sent directly
		after STARTTLS or if the 'h' option is set via
	CDB map locking has been changed so a sendmail process which
		does have a CDB map open does not block an in-place
		update of the map by makemap.  The simple workaround
		for that problem in earlier versions is to create
		the map under a different name and then move it
		into place.
	On some systems the rejection of a RCPT by a milter could
		silently fail.
	CONFIG: New FEATURE(`check_other') to provide a default
		check_other ruleset.
	CONFIG: FEATURE(`tls_failures') is deprecated and will be
		removed in future versions because it has a fundamental
		problem: it is message oriented but STARTTLS is
		session oriented.  For example, having multiple
		RCPTs in one envelope for different destinations,
		with different temporary errors, does not work
		properly, as the persistent macro applies to all
		RCPTs and hence implicitly to all destinations (servers).
		The option TLSFallbacktoClear should be used if needed.
	CONTRIB: AuthRealm.p0 has been modified for 8.16.1 by Anne Bennett.
	CONTRIB: Added cidrexpand -O option for suppressing duplicates from
		a CIDR expansion that overlaps a later entry and -S option
		for skipping comments exactly like makemap does.
	MAIL.LOCAL: Enhance some error messages to simplify
		Add support for Darwin 19 & 20.
		Use proper FreeBSD version define to allow for cross
			compiling.  Fix from Brooks Davis of the FreeBSD
		NOTE: File locking using fcntl() does not interoperate
		  with Berkeley DB 5.x (and probably later).  Use
		  CDB, flock() (-DHASFLOCK), or an earlier Berkeley
		  DB version.  Problem noted by Harald Hannelius.
	New Files:
   2024-01-05 02:17:09 by Greg Troxel | Files touched by this commit (1) | Package updated
Log message:
sendemail/Makefile.common: Change OWNER to MAINTAINER

There is a security update on the table and we are not hearing from
$OWNER.   (On behalf of pmc.)
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-01-12 12:09:34 by Mark Davies | Files touched by this commit (2)
Log message:
sendmail: fix build with openssl3
   2022-05-10 15:46:49 by Stephen Borrill | Files touched by this commit (3)
Log message:
sendmail: fix SMTP AUTH

Pull in SMTP AUTH fix from
   2021-12-19 05:01:11 by John Nemeth | Files touched by this commit (2)
Log message:
Fix libmilter build on older systems that don't have gethostbyname2.

Since this is a build fix for systems where it didn't build before,
no revbump is required.