Log Message:
mail/postfix: update to 3.9.2

Postfix 3.9.2 (2025-02-17)

  * Forward compatibility: Support for OpenSSL 3.5 post-quantum
    cryptography. To manage algorithm selection, OpenSSL introduces new
    TLS group syntax that Postfix will not attempt to imitate. Instead,
    Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups
    parameter values to have an empty value. When both are set
    empty, the algorithm selection can be managed through OpenSSL
    configuration. Viktor Dukhovni.

  * Forward compatibility: ignore new queue file flag bits that may be
    used with Postfix 3.10 and later. This is a safety in case a Postfix
    3.10 upgrade needs to be rolled back, after the new TLS-Required
    feature has been used.

  * Performance: when a mysql: or pgsql: configuration specifies a single
    host, assume that it is a load balancer and reconnect immediately
    after a single failure, instead of failing all requests for 60s.

  * Bugfix (defect introduced: Postfix 3.4, date 20181113): a server with
    multiple TLS certificates could report, for a resumed TLS session,
    the wrong server-signature and server-digest names in logging and
    Received: message headers. Viktor Dukhovni.

  * Bugfix (defect introduced: Postfix 3.3, date 20180107) small memory
    leak in the cleanup daemon when generating a "From: full-name "
    message header. The impact is limited because the number of requests
    is bounded by the "max_use" configuration parameter. Found during
    code maintenance.

  * Bugfix (defect introduced: Postfix 3.0): the bounce daemon mangled
    a non-ASCII address localpart in the "X-Postfix-Sender:" field of
    a delivery status notification. It backslash-escaped each byte in a
    multi-byte character. This behavior was implemented in Postfix 2.1
    (no support for UTF8 local-parts), but it became incorrect after
    SMTPUTF8 support was implemented in Postfix 3.0.

  * Bugfix (defect introduced: Postfix 3.6): Reverted the default
    smtp_tls_dane_insecure_mx_policy setting to "dane" as of Postfix
    3.6.17, 3.7.13, 3.8.8, 3.9.2, and 3.10.0. By mistake the default was
    dependent on the smtp_tls_security_level setting. Problem reported
    by ?mer G?ven.

  * Portability: added "include <sys_socket.h>" for a SUNOS5
    workaround. Gary R. Schmidt.