Skip to content
HISTORY 580 KiB
Newer Older
Boris Mühmer's avatar
Boris Mühmer committed
	character stored.  This avoids mis-leading warnings. File:
	global/vstring_vstream.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040105

	Cleanup: don't bother the flush daemon while deferring mail
	if the destination is not "fast flush" eligible. File:
	global/flush_clnt.c.

	Safety: the SMTP server flushes recipients to the cleanup
	server in order to avoid SMTP timeouts when virtual or
	canonical expansions take a lot of time. File smtpd/smtpd.c.

	Safety: add warnings to postmap and postalias when table
	lookup results in an empty string.

20040110

	Example: script to run qmail-local from Postfix by Ron
	Bickers.

	Change: queue minfree limit is now 1.5 * message size limit.
	File: smtpd/smtpd_check.c.

	Bugfix: apply hostname restriction even when host address
	lookup fails in check_{sender,recipient}_{ns,mx}_access.
	File: smtpd/smtpd_check.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040115

	Performance: allow delivery concurrency to increase even
	while mail is deferred, as long as the delivery agent does
	not report really serious trouble with the destination.
	Files:  *qmgr/qmgr_deliver.c.

Boris Mühmer's avatar
Boris Mühmer committed
	Cleanup: in postfix-files, symbolic links and hard links
Boris Mühmer's avatar
Boris Mühmer committed
	are now first-class citizens with explicit mention of source
	and destination pathnames. Files: postfix-install,
Boris Mühmer's avatar
Boris Mühmer committed
	conf/postfix-files, conf/post-install.

20040116

	Cleanup: sendmail -v caused one mail delivery report upon
	every delivery attempt, not just the first one. The fix is
	to "kill" a queue file record after the first delivery
	attempt. This means a new record type. Files:  *qmgr/qmgr_active.c,
	*qmgr/qmgr_message.c, global/rec_type.c.

	Cleanup: in anticipation of other built-in rate limiters,
	the client_connection_rate_time_unit parameter is renamed
	to client_rate_time_unit.

	Documentation: finished the HOSTING_README file with an
	overview of methods to host domains with Postfix.

20040119

	Bugfix: anvil (count and rate limiting) server race condition
	could result in dangling pointer.  Postfix erases memory
	after allocating and before freeing, so it is extremely
	unlikely that this could be used to bring harmful data into
	the anvil server. File anvil/anvil.c.

20040120

	Cleanup: new header_checks(5) and body_checks(5) manual
	pages.  The sample-regexp* and sample-pcre* files are no
	longer needed and have been removed, as are the default
	*_table configuration files.

Boris Mühmer's avatar
Boris Mühmer committed
	Cleanup: support for the non-standard Errors-To: header is
	removed. File: cleanup/cleanup_message.c.
Boris Mühmer's avatar
Boris Mühmer committed

20040121

	Feature: "PREPEND headername: headervalue" action in Postfix
	access maps, to facilitate external policy servers that
	label mail instead of rejecting it. Files: smtpd/smtpd.c,
	smtpd/smtpd_check.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040122

	UNDO the 20040104 change (vstring_get() etc. return
	VSTREAM_EOF when they terminate prematurely, instead of
	returning the last character stored, to avoid mis-leading
	warnings). File:  global/vstring_vstream.c.

	Portability: test -e is not portable. File: conf/postfix-script.

Boris Mühmer's avatar
Boris Mühmer committed
	Misc. documentation fixes by Victor Duchovni.

	Documentation: the README files are now hyperlinked, and
	are referenced in the on-line manual pages.
Boris Mühmer's avatar
Boris Mühmer committed

	Bugfix: the pickup daemon now strokes the watchdog frequently
	to prevent the watchdog from barking when mail arrives
	faster than it can be picked up. File: pickup/pickup.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040123

Boris Mühmer's avatar
Boris Mühmer committed
	Feature: set smtpd_reject_unlisted_{sender,recipient}=no
	to turn off automatic rejection of non-existent local,
	virtual or relay addresses. This way it can be made
	conditional for local clients, always on for remote clients.
	Files:  global/mail_params.h, smtpd/smtpd.c, smtpd/smtpd_check.c.
Boris Mühmer's avatar
Boris Mühmer committed

20040124

	Feature: PREPEND in header/body_checks, for message tagging.
	File: cleanup/cleanup_message.c.

20040126

Boris Mühmer's avatar
Boris Mühmer committed
	Safety: handle the case that main.cf is updated while it
	is being read. File: util/dict.c.
Boris Mühmer's avatar
Boris Mühmer committed

	Feature: "instance" attribute that links policy etc. queries
	to the same message instance.

	Cleanup: the mynetworks setting may now be empty. File:
	global/mail_params.c.

20040127

	Bugfix: missing flush_init() call. Introduced 20040105.
	File: postqueue/postqueue.c.

20040128

	Cleanup: clnt_stream derived classes now try to detect that
	the server has disconnected before sending data and warning
	about an error. File: global/clnt_stream.c.

20040202

	Bugfix: changed mis-leading warning about text>4096 characters
	into "unexpected end-of-input". File: util/attr_scan0.c.

20040201

	Feature: sasl_method, sasl_username and sasl_sender attributes
	in smtpd policy queries. Files: src/smtpd/smtpd_check.c.

20040204

	Safety: smtpd_soft_error_limit now determines when
	$smtpd_error_sleep_time starts to take effect.

	Cleanup: local(8) and virtual(8) will now create maildirs
	in a world-writable directory. Files: util/make_dirs.c.

	Bugfix: don't panic on a corrupt queue file.  File:
	*qmgr/qmgr_message.c.

20040205

	Cleanup: sample-filter.cf is gone. Better documentation is
	available with "man header_checks".

20040209

	Bugfix: when delivery to smtpd_proxy_filter fails, report
	"451 Queue file write error" instead of repeating the
	previous "354 End data with <CR><LF>.<CR><LF>" response.
	File:  smtpd/smtpd.c.

20040220

	Compatibility: accept and ignore the sendmail -bh and -bH
	mode of operation requests.

20040302

	Bugfix: SMTPD proxy didn't send QUIT as the result of code
	duplication. Evidence reported by Mark Martinec. File:
	smtpd/smtpd.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040311

Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: bad address syntax was passed to transport map
	lookups.  Problem reported by Andrei Koulik. File:
	util/match_ops.c, trivial-rewrite/resolve.c.

20040324

Boris Mühmer's avatar
Boris Mühmer committed
	Portability: ekkoBSD support by Philip Reynolds.  Files:
	makedefs, util/sys_defs.h.
Boris Mühmer's avatar
Boris Mühmer committed

20040325

	Cleanup: smtp_skip_4xx_greeting and smtp_skip_5xx_greeting
	functionality is moved from connection management to SMTP
	protocol processing, so that Postfix now logs the server
	response when a server refuses to provide service.  Files:
	smtp/smtp_connect.c, smtp/smtp_proto.c.

	Cleanup: smtp_skip_4xx_greeting is no longer configurable;
	it is now permanently turned on.

20040326

	Workaround: in the trivial-rewrite server, turn on the code
	to strip trailing "." while rewriting addresses, and change
	the address resolver to strip trailing "." in a compatible
	manner.  This does not eliminate the problem that the SMTP
	server may use a different address for recipient validation
	than what the cleanup server uses for virtual alias mapping.

20040329

	Bugfix: the SMTP server did not log client (and SASL)
	information with the real-time content filter was enabled.
	Files: smtpd/smtpd.c, smtpd/smtpd_sasl_proto.c.

	Compatibility: smtpd_reject_unlisted_sender is turned off
	by default, to avoid trouble with with in-house software
	that sends out mail software with an unreplyable address.

20040331

	Bugfix: postdrop should not abandon mail submission after
	receiving a SIGHUP signal when SIGHUP was ignored by the
	parent process.  Victor Duchovni, Morgan Stanley.  File:
	postdrop/postdrop.c.

	Bugfix: parsing bug in PgSQL dictionaries causing UNIX
	sockets to be ignored. Liviu Daia. Files: global/dict*sql.c.

	Performance: allow MySQL and PgSQL database connections to
	be closed when idle for more than 1 minute; Liviu Daia.
	Files: global/dict*sql.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Sanity: the SMTP server no longer accepts sender or recipient
	addresses that end in the "@" null domain, as well as
	addresses that rewrite into such a form.  Specify
	"resolve_null_domain=yes" to get the old behavior back.
	File:  trivial-rewrite/resolve.c.

20040402

	Cleanup: added WARN action support for access maps, for
	consistency with the WARN action in header and body checks.
	File:  smtpd/smtpd_check.c.
Boris Mühmer's avatar
Boris Mühmer committed

20040407

	Bugfix: missing return statement at the end of the
Boris Mühmer's avatar
Boris Mühmer committed
	FREE_MEMORY_AND_RETURN error handling macro. Adi Prasaja.
Boris Mühmer's avatar
Boris Mühmer committed
	File: trivial-rewrite/resolve.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040411

	Future proofing: client_rate_time_unit is renamed to
	anvil_rate_time_unit, so that it is no longer limited to
	clients only. File: src/global/mail_params.h.

	Cleanup: postalias and postmap now log problems to syslogd.
	Files: postalias/postalias.c, postmap/postmap.c.

20040413

	Feature: "postfix set-permissions" (re)sets ownership and
	access permissions of Postfix files and directories.

	Feature: "postfix upgrade-configuration" updates main.cf
	and master.cf. This is for people who people copy over
	their old files after installing a newer Postfix version.

	Feature: HTML files are now optionally installed under
	control of the html_directory configuration parameter.
	Files: postfix-install, conf/postfix-files, conf/post-install.

	Cleanup: README file installation is now optional.  Files:
	postfix-install, conf/postfix-files, conf/post-install.

Boris Mühmer's avatar
Boris Mühmer committed
20040414

Boris Mühmer's avatar
Boris Mühmer committed
	Cleanup: references to sample-mumble.cf files removed,
	conf/mumble_table files removed, new commands added to
	conf/postfix-script.

Boris Mühmer's avatar
Boris Mühmer committed
	Cleanups: function declared int but used as void, missing
Boris Mühmer's avatar
Boris Mühmer committed
	include file, missing const qualifier, unused variable.
	Matthias Andree. Files:  bounce/bounce_notify_util.c,
	bounce/bounce_service.h, postlog/postlog.c, smtpd/smtpd_check.c,
	util/attr_scan64.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: more robust version of SIGHUP test of 20040331.
	Victor Duchovni, Morgan Stanley. File: postdrop/postdrop.c.

	Safety: added NOCLOBBER qualifiers to local variables that
	might be clobbered by longjmp(). Files: util/sys_defs.h,
	smtp/smtp_proto.c, lmtp/lmtp_proto.c, smtpd/smtpd_check.c,
	smtpstone/smtp-source.c.

	Bugfix: sub-level Makefiles no longer turned on the extra
	compiler warnings. Files: Makefile.in.*, makedefs.*.
Boris Mühmer's avatar
Boris Mühmer committed

20040415

	Bugfix: the LMTP client attempted to reuse a connection
	after timeout, causing protocol synchronization errors.
	Reported by Rob Mueller. File: lmtp/lmtp.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040416

	Cleanup: non-delivery reports now include the original
	recipient information. File: bounce/bounce_notify_util.c.

20040415-18

	Typos: many documentation fixes by Rob Foehl.

20040418

	Cleanup: "int" versus "const int" prototype mismatch between
	the DICT sequence method prototype and possible implementations.
	Files: util/dict_db.c, util/dict_dbm.c.

20040419

	Bugfix: the code that rejects client/helo RESTRICTIONS with
	smtpd_delay_reject=no looked at the wrong evidence and
	rejected client/helo ACCESS MAP lookups instead. Michael
	Tokarev. Files:  smtpd/smtpd.c, smtpd/smtpd_check.c.

	Bugfix: missing # in master.cf in optional submission
	service.

20040420

	Bugfix: smtpd logged the client too often. Michael Tokarev.
	File: smtpd/smtpd.c.

	Cleanup: client_event_status_update_time renamed to
	anvil_status_update_time. Files: mantools/postlink,
	proto/postconf.proto, anvil/anvil.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040421

	Workaround: allow pipelined SMTP clients to overshoot the
	SMTP server recipient limit without triggering the server
	hard error limit.  The SMTP server does not count "too many
	recipients" towards the hard error limit, as long as the
Boris Mühmer's avatar
Boris Mühmer committed
	number of excess recipients stays within a configurable
	overshoot limit (default: smtpd_recipient_overshoot_limit
	= 1000).  Solution in cooperation with Victor Duchovni.
Boris Mühmer's avatar
Boris Mühmer committed
	Files:  smtpd/smtpd.c, smtpd/smtpd_state.c, smtpd/smtpd.h.
Boris Mühmer's avatar
Boris Mühmer committed
20040502

	Missing test for a never used flag (the problematic and
	thus never completed INSPECT feature that doesn't re-inject
	mail into Postfix).  Victor Duchovni, Morgan Stanley. File:
	virtual/virtual.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040503

	Bugfix: missing "sasl enabled" guard in the SMTPD policy
	client.  File: smtpd/smtpd_check.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040606

	Portability. UnixWare has strcasecmp() in strings.h.  Patch
	by Andreas Winkelmann. File: util/sys_defs.h.

	Portability. The postlink script is transformed from sed(1)
	to perl(1).

20040608

	Portability. Introduced SET_H_ERRNO() macro for compilation
	environments where h_errno can't be used as an lvalue.
	Files:  util/sys_defs.h, dns/dns_lookup.c.

	Portability. Eliminate assumption on bits per byte from
	vbuf_print.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040614

	Bugfix: the SMTP client did not reset per-session EHLO,
	SASL, and history information when opening a connection to
	an alternate SMTP server.  This is the result of abstraction
	no longer matching function. Reported and diagnosed by
	Victor Duchovni, Morgan Stanley.

	Bugfix: non-portable reuse of variadic argument lists.
	Fix by Victor Duchovni, Morgan Stanley. Files:  global/bounce.c,
	global/defer.c, global/sent.c, global/trace.c, global/verify.c.

	Portability: NetBSD 2.0 has changed from statfs to statvfs.
	John Heasley. File: util/sys_defs.h.

	Documentation: typo fixes by IKEDA Nozomu.

20040616

	Bugfix: one missed variadic argument list fix. Victor
	Duchovni, Morgan Stanley. File: global/verify.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: the resolver client cache should be context dependent
	because address verification probes may use a different
	route than normal mail deliveries. File: global/resolve_clnt.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Safety: added similar context dependence to the address
	rewriting client in order to avoid trouble when Postfix is
	changed. File: global/rewrite_clnt.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: space in HELO commands could end up in XFORWARD
	commands.  File: smtpd/smtpd.c.
Boris Mühmer's avatar
Boris Mühmer committed
20040619
Boris Mühmer's avatar
Boris Mühmer committed
	Code reorganization: in preparation for SMTP session caching,
	the SMTP client data structures were changed from the
	original "one session per delivery request" model to an
	explicit "multiple sessions per delivery request" model.
	This uncovered ESMTP and SASL missing re-initialization
	problems that were fixed in past week.  Design by Victor
	and Wietse, initial implementation by Victor Duchovni.

20040620

	Future proofing: after the reorganization of SMTP request
	state and session state, added code to the smtp client
	error handling routines to more consistently deal with the
	possibility that session information is not available.

20040621

	Feature: directory=pathname option for the pipe(8) delivery
	agent. This allows a command to run from a fixed directory.
	Failure to change directory causes delivery to be deferred.
	Files: pipe/pipe.c.

	Feature: command_execution_directory for local(8) delivery
	to external command. This supports the usual $home etc.
	expansions, subject to filtering with the character set
	specified with $execution_directory_expansion_filter.
	Failure to change directory causes delivery to be deferred.
	Files:  global/mail_params.h, local/command.c.

	Support for external command execution directory. Files:
	global/pipe_command.[hc].
Boris Mühmer's avatar
Boris Mühmer committed
20040622

	Safety: when mail is delivered to a transport with per-delivery
	recipient limit of 1, split the recipient address on the
	recipient delimiter if one is defined, so that extended
	addresses don't get extra delivery concurrency slots.
	Files: *qmgr/qmgr_message.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040623

	Workaround for fragile clients: add microsecond time to
	maildir filename.  Files: virtual/maildir.c, local/maildir.c.

20040628-20040701

	SMTP connection caching work with Victor Duchovni.

	New module (later renamed to global/scache_single.c) for
	protocol-independent session caching.  The initial
	implementation supports in-process, single-session caching
	only.  A later version will support a central session cache
	daemon.  Some more work is needed for passivation/activation
	of session attributes.

	New function vstream_fdclose() to destroy a VSTREAM while
	leaving the underlying file(s) open. Files: util/vstream.[hc].

	New function dns_rr_remove() to remove one record from a
	resource record list. Some more work is needed to turn the
	list into a doubly-linked one. Files: dns/dns.h, dns/dns_rr.c.

	Restructuring of the SMTP protocol engine for session
	caching. File: smtp/smtp_proto.c.

	Restructuring of the connection management module, and
	first implementation of SMTP connection caching.  To enable,
	specify an smtp_connection_cache_time value greater than
	zero. The time unit is seconds. File: smtp/smtp_connect.c.

	New code to passivate and re-activate SMTP_SESSION objects,
	and isolation of session save/lookup in its own module.
	Files: smtp/smtp_session.c, smtp/smtp_reuse.c.

	Refinement: smtp_cache_reuse_limit parameter to bound the
	number of times a session may be reused.  

	Refinements: when a session comes from the cache, give it
	back to the cache anyway (even when it will not be listed
	under the next-hop destination name).

	Future refinements should also include a bound on the number
	of consecutive and total non-delivering uses and other
	statistics.

Boris Mühmer's avatar
Boris Mühmer committed
20040714

	Bugfix: the code to eliminate the local MTA from the MX
	address list did not handle the case that inet_interfaces
	produced a less preferred match than proxy_interfaces.
	Victor Duchovni, Morgan Stanley. File: smtp/smtp_addr.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040715

	Resume work on SMTP session caching.  All good sessions
	are now cached under their IP address. As before, only the
	first good session per delivery request is cached under
	the original next-hop destination.

	At this point, SMTP session caching works, with a session
	cache client module that uses in-process session caching.
	This is sufficient to demonstrate that the SMTP client is
	ready for session caching.

20040716

	New modules to send file descriptors from one process into
	another one. This will be needed for implementing a central
	connection cache manager daemon. Most systems use UNIX-domain
	sockets as the transport for this. On Solaris we use streams
	instead.  Applications are supposed to invoke LOCAL_SEND_FD()
	and LOCAL_RECV_FD().  Files: {unix,streams}_{send,recv}_fd.c.

20040717

	First implementation of a session caching client API that
	actually sends to/receives from a caching server process.
	The old in-process, single-session caching functionality
	is preserved as global/scache_single.c, so that we can use
	it for bootstrapping the session cache server. File:
	global/scache_clnt.c.

	First implementation of the scache session cache server,
	using the same in-process session caching code that was
	used to bootstrap the SMTP client.  File: scache/scache.c.

20040718

	Performance: the default RSET timeouts are reduced from
	120s to 20s.  Perhaps there should be different RSET timeout
	for address probes and for session cache checks. File:
	global/mail_params.h.

20040719

	Multi-session connection cache module. Implementing this
	was actually the easiest part of the entire connection
	caching project. File: global/scache_multi.c.

20040720

	Bugfix: event_drain() falsely reported a single-entry timer
	queue as empty.  File: util/events.c.

	Completed the multi-session cache support for SMTP. The
	code can be stress tested with a driver program that reads
	commands from a script. It is not practical to manually
	test the effects of collisions in the time or in name space
	domains. File:  global/scache.c.

20040721

	Feature: the session cache server now logs cache hit and
	miss statistics every $session_cache_status_update_time
	seconds (default: 600s), as well as upon process exit.
	File:  scache/scache.c.

20040722

	Workaround: LINUX 2.4 has trouble with mixed data and file
	descriptor traffic on UNIX-domain stream sockets.
	Specifically, it cannot handle data write (read) followed
	by file descriptor send (receive): the receiver hangs in
	recvmsg(). Workaround is to insert an intervening read
	(write) operation.  Presumably, LINUX 2.4 is confusing the
	data and file descriptor.  Lucky Ralf Hildebrandt.  Files:
	util/sys_defs.h, global/scache_clnt.c, scache/scache.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040723

	Safety: spawn(8) now rejects a user with the -1 UID or GID
	value, so that commands will not end up running as root.
	Files:  util/spawn_command.c, spawn/spawn.c.

Boris Mühmer's avatar
Boris Mühmer committed
	User interface: parameter smtp_connection_cache_domains
	renamed to smtp_connection_cache_destinations. Destinations
	listed here must be specified without [] or :port.  File:
	smtp/smtp_connect.c.

Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: "421 Timeout exceeded" wasn't guarded by setjmp().
	Victor Duchovni, Morgan Stanley. File: smtpd/smtpd.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040729

	Feature:  enable SMTP session caching temporarily while a
	postfix is able to schedule back-to-back deliveries.
	Parameter:  smtp_connection_cache_on_demand (default:
	yes).  Files:  smtp/smtp_connect.c, *qmgr/qmgr_entry.c,
	*qmgr/qmgr_queue.c, *qmgr/qmgr_deliver.c.

	Feature: smtp-source -N option to generate unique recipient
	addresses for (trivial-rewrite) stress testing. Victor
	Duchovni, Morgan Stanley. File: smtpstone/smtp-source.c.

20040730

	Safety: disallow "opportunistic session caching" when the
	queue manager is unable to schedule back-to-back deliveries.
	File: *qmgr/qmgr_entry.c.

20040731

	Hysteresis: turn on "opportunistic session caching" when
	back-to-back deliveries happen, but don't turn if off
	until both concurrent and back-to-back delivery ends.

Boris Mühmer's avatar
Boris Mühmer committed
20040801

Boris Mühmer's avatar
Boris Mühmer committed
	Workaround: disable session caching for Linux < 2.2 (does
	not work) or Glibc < 2 (does not compile).  Files:
	util/sys_defs.h, util/unix_{recv,send}_fd.c.

Boris Mühmer's avatar
Boris Mühmer committed
	Portability: h_errno is not an lvalue in the UnixWare 7.1
	multi-threaded environment. Olivier PRENANT.

20040812

	Bugfix: update SMTP server error counter when a client is
	denied access with smtpd_delay_reject=no.

Boris Mühmer's avatar
Boris Mühmer committed
20040816

	Bugfix: The smtp_chat_cmd() forced output flushing code in
	the SMTP client could run before an I/O error handler was
	set up.  Problem diagnosed by Victor Duchovni, Morgan
	Stanley. The fix is to disable the smtp_chat_cmd() forced
	output flushing code as it duplicates better code in
	smtp_loop(). File: smtp/smtp_chat.c.

	Safety: set up an I/O error handler before the smtp_loop()
	protocol engine starts; this handler logs a warning in case
	it ever runs, because that means someone broke ESMTP command
	pipelining.  File: smtp/smtp_proto.c.

	Feature: canonical_classes parameter by Kimmo Suominen, to
	control what addresses are rewritten by canonical_maps.
	Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040817

Boris Mühmer's avatar
Boris Mühmer committed
	Bugfix: update the vstream I/O time AFTER the completion
	of an I/O request, so that time-sensitive applications
	don't force flush output too soon and possibly trigger
	NAGLE delays.  Problem diagnosed by Victor Duchovni, Morgan
	Stanley. File: util/vstream.c.
Boris Mühmer's avatar
Boris Mühmer committed
	Portability: avoid postmap/postalias test file name clashes
	on Windows.  Ian Lance Taylor (of Taylor UUCP fame).

20040823

	Bugfix: vstream_popen() did not close the child pipe
	after failure to fork(). File: util/vstream_popen.c.

20040826

	Feature: support for systems with closefrom(), and emulation
	for those without. Andrew Brown. Files:  util/sys_defs.h,
	util/sys_compat.c.

20040827

	Feature: {sender,recipient}_canonical_classes parameters,
	which give better control than sender_canonical_classes.
	Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.

	Feature: the proxymap client now recognizes when a map
	can't be proxied, and will open it directly instead.  This
	makes proxy maps easier to use for virtual mailbox domains.
	File: global/dict_proxy.c.

	Feature: smtp_sasl_mechanism_filter restricts what remote
	SMTP server mechanism names the Postfix SMTP client passes
	on to the SASL library.  Victor Duchovni, Morgan Stanley.
	Files: smtp/smtp.c.  smtp/smtp_sasl_glue.c, smtp/smtp_sasl_proto.c.

20040828

	User interface: when no recipients are specified, the
	Postfix sendmail command now terminates with status EX_USAGE
	instead of accepting the mail first and bouncing it later.
	This gives more direct feedback in case of a common client
	configuration error. File:  sendmail/sendmail.c.

20040829

	Portability: Solaris closefrom() support didn't work for
	non-SUN compilers. Victor Duchovni, Morgan Stanley.

20040830

	Feature: the scache(8) session cache manager now logs the
	peak counts of destinations, endpoints and sessions. Files:
	scache/scache.c, global/scache*c.
Boris Mühmer's avatar
Boris Mühmer committed
20040831

	Portability: disable session caching support on SCO 5
	because of incompatible sockets API. File: util/sys_defs.h.
Boris Mühmer's avatar
Boris Mühmer committed

20040913

	Bugfix (introduced 20020803): sent the wrong bounce message
	type when a Delivered-To: loop was detected for a mailing
	list alias.  Nicolas Riendeau. File: bounce_notify_util.c.

Boris Mühmer's avatar
Boris Mühmer committed
20040918

	Feature: authorized_flush_users, authorized_mailq_users,
	authorized_submit_users to restrict what users can flush
	the queue, list the queue, or submit mail locally.  Based
	on code by Victor Duchovni, Morgan Stanley. Files:
	sendmail/sendmail.c, postdrop/postdrop.c, postqueue/postqueue.c,
	global/user_acl.[hc].

	Feature: discard(8) mail delivery agent.  Victor Duchovni,
	Morgan Stanley. File: discard/discard.c.

20041002

	Long overdue, a master(5) manual page based on an initial
	version by Magnus Baeck.

	By popular demand, a postfix-manuals.html web page with
	totally useless links to UNIX-style manual pages (the same
	information should already be available simply by typing
	"apropos postfix"). To keep newbies from getting completely
	lost due to information overload, the document starts with
	a list of actually useful pointers to Postfix introductions,
	duplicated from the already existing documents.html.

Boris Mühmer's avatar
Boris Mühmer committed
20041006

	Bugfix: "sendmail -bv" did not reject the -t option.  File:
Boris Mühmer's avatar
Boris Mühmer committed
	sendmail/sendmail.c.

20041007

	Feature: SASL authentication attributes are now stored in
	queue files and passed on to delivery agents, by Leandro
	Santi. Files:  deliver_pass.c, deliver_request.c,
	qmgr_deliver.c, qmgr_message.c, pipe.c, smtpd.c.

20041009

	Feature: per SMTP client message rate limit and recipient
	rate limit, by Ragnar Lonn, GHN network technologies.
	Files: smtpd/smtpd.c, anvil/anvil.c, global/anvil_clnt.[hc].

	Incompatibility: smtpd_client_connection_limit_exceptions
	renamed to smtpd_client_event_limit_exceptions, because it
	now also controls message and recipient rate limit control.

20041013

	Portability: AIX 5.1/GCC.

20041014-23

	Postfix no longer appends the local domain to header
	addresses from remote clients.  Instead, Postfix either
	does not rewrite those headers at all, or it appends the
	domain specified with the new remote_header_rewrite_domain
	parameter.

	Postfix still appends $@myorigin or .$mydomain to headers
	from the Postfix sendmail command, or from clients listed
	with the new local_header_rewrite_clients parameter (default:
	permit_mynetworks, permit_sasl_authenticated).

	These changes affect the SMTP server (including XFORWARD
	support), the cleanup server (do or don't rewrite headers),
	the trivial-rewrite server (append local domain or surrogate
	remote domain to incomplete addresses), the queue manager
	(send additional attributes to delivery agents), the LMTP
	and SMTP clients (XFORWARD support), and the local delivery
	agent (preserve XFORWARD attributes when forwarding mail).

20041016

	Bugfix: attr_clnt_request() did not properly skip hash
	table arguments. Luc Pardon, Skopos Consulting. File:
	util/attr_clnt.c.

20041018

	The NIS+ module by Geoff Gibbs is now part of Postfix.
	Files: util/dict_nisplus.c, proto/nisplus_table.

20041019

	Support for Errors-To: is permanently removed.

20041022

	Bugfix: "smtp_connection_cache_on_demand=no" could crash
	the SMTP client. File: smtp/smtp_connect.c.

	Robustness: extra sanity checks. Files: util/dict_db.c,
	util/dict_dbm.c, dict_nis.c.

20041025

	Initial merge of Lutz Jaenicke's TLS patch. Initial rewrite
	of tlsmgr to eliminate some code duplication and to postpone
	calls into OpenSSL until after dropping privileges.

20041030

	Compatibility: "session cache" renamed to "connection cache"
	to avoid confusion with the TLS session cache.

20041102

	Feature: smtpd_end_of_data_restrictions allow you to specify
	restrictions at the end of the SMTP DATA command. The syntax
	is identical to that of the smtpd_data_restrictions feature.
	This introduces a new END-OF-DATA protocol state for the
	external policy server. Files:  proto/SMTPD_POLICY_README.html,
	proto/SMTPD_ACCESS_README.html, smtpd/smtpd_check.c.

20041111

	Cleanup: terminate the dict_eval() result buffer for verbose
	logging.  Victor Duchovni, Morgan Stanley. File: util/dict.c.

20041112

	Cleanup: be more careful when saving and restoring resolver(3)
	options to avoid problems with an HP-UX security patch
	(change introduced 20031215). File:  dns/dns_lookup.c.

20041115

	Bugfix: the test for "no debugger_command" was wrong.
	Leandro Santi. File: global/debugger_command.c.

Boris Mühmer's avatar
Boris Mühmer committed
20041117
Boris Mühmer's avatar
Boris Mühmer committed

	Robustness: the master-child protocol now includes a process
	generation number besides the child process ID.  The process
	generation number is incremented by one each time the master
	creates a child process. Child-to-master status updates
	with the wrong generation number are ignored, instead of
	triggering a consistency error in the master server.  Files:
	master/*server.c, master/master_status.c, master/master_spawn.c.

20041118

	Bugfix: the "local_header_rewrite_clients" feature (20041023)
	did not recognize "bare" lookup tables as documented.  Victor
	Duchovni, Morgan Stanley. File: smtpd/smtpd_check.c.

	Bugfix: the "local_header_rewrite_clients" feature (20041023)
	was broken because the local delivery agent passed on a
	bogus attribute value when forwarding internally generated
	mail, causing the mail to be rejected by the cleanup server.
	File: local/dotforward.c.

	Bugfix: the "local_header_rewrite_clients" feature (20041023)
	was broken because the pickup server always overwrote origin
	information. Files: pickup/pickup.c, cleanup/cleanup_state.c,
	*qmgr/qmgr_message.c.

	Workaround: enable the "can't write before sending a file
	descriptor" workaround for Solaris. Problem reported by
	Victor Duchovni for Solaris 2.5.1, but we play safe and
	enable it unconditionally.

20041120

	The TLS support routines are moved to a "tls" directory,
	and are published via the "libtls.a" object library.

20041122

	Infrastructure: support for binary attribute values
	(ATTR_TYPE_DATA) in Postfix IPC messages. Files:
	util/attr_scan*c, util/attr_print*c.

20041123-20041205

	TLS support: via a process of gradual transformation,
	decomposed Lutz Jaenicke's pfixtls.c into separate modules
	for clients, servers, certificate verification, session
	caching, and PRNG management. Global variables were eliminated
	so that the code now supports multiple client and/or server
	contexts in the same process.  Files:  tls/*.[hc].

20041205

	TLS support: eliminated shared access (and locking) of the
	TLS PRNG exchange file and TLS session caches. Instead,
	Postfix uses a client-server protocol, and the tlsmgr
	becomes the sole mediator. This eliminated the need for
	1000+ lines of SDBM support, and eliminated the need for
	running a persistent tlsmgr process on systems don't enable
	TLS in main.cf.

20041124

	Feature: configurable list of forbidden SMTP commands
	(default: smtpd_forbidden_commands = CONNECT, GET, POST)
	after which the Postfix SMTP server disconnects immediately.
	The SMTP server always disconnects immediately when the
	client sends a message header instead of an SMTP command.
	Magnus Baeck.  File: smtpd/smtpd.c.

20041207

	CDB support by Michael Tokarev, documentation by Victor
	Duchovni. Files: util/dict_cdb.[hc], global/mkmap_cdb.c.

20041209

	Completed support for the Berkeley DB sequence operator.
	This is needed for finding and deleting old entries in TLS
	session databases. File:  util/dict_db.c.

	Bugfix: the DBM client's sequence operator used exclusive
	locking instead of shared locking. File: util/dict_dbm.c.

	Feature: dump an entire database with the new postmap/postalias
	"-s" option. This works only for database types with Postfix
	sequence operator support: hash, btree, dbm, and sdbm.
	Files:  postmap/postmap.c, postalias/postalias.c.

20041212

	Solaris 10/ix86 chroot setup script update by J.D. Bronson.

	TLS support: cosmetic changes to comments and messages;
	completed the code for the master -> tlsmgr trigger handshake,
	so that the master no longer complains about trigger
	responses timing out.

20041213

	Updated the SDBM dictionary interface. It had fallen behind
	with the Postfix dictionary interfaces that were already
	bundled with Postfix. Files: util/dict_sdbm.[hc].

	Cleanup: "postconf -m" (show all available map types) now
	produces sorted output.  File: util/dict_open.c.

20041215

	No bugfix: tests with the new "postmap -s" feature show
	that SDBM first/next operations never worked with Postfix/TLS
	patch 20040829 (verified with the 20040829 dict_sdbm.c
	module on Linux and FreeBSD).  The code stops after finding
	one database element.  Other SDBM versions found on the
	Internet will find all database entries, but report an I/O
	error after the last database element is found. All this
	would be easy enough to fix, but the SDBM library is not
	part of Postfix, and never will be.

	Bugfix: the sequence operator in the DBM and SDBM clients
	released the shared lock after reading the next key but
	before reading the corresponding value. This was never a
	problem, because the sequence operator was used only in
	the Postfix/TLS patch. This used the SDBM sequence operator
	which didn't work as discussed above. Files:  util/dict_dbm.c,
	util/dict_sdbm.c.

	Feature: the local(8) and pipe(8) delivery agents now make
	the following attributes available upon delivery (with
	local(8) names must be spelled in upper case): client_hostname,
	client_address, client_protocol, client_helo, sasl_method,
	sasl_sender, sasl_username. Files: local/command.c,
	pipe/pipe.c, and lots of documentation.

20041216

	"postcat -o" now prints queue file record offsets; this is
	useful for debugging. File: postcat/postcat.c.

	NON-PRODUCTION Bugfix: (bug introduced while adopting the
	Postfix/TLS patch):  the new TLS certification call-back
	routine expects that the peer hostname is in
	tlscontext->peername_save, but the TLS server code never
	updated this field.  File:  tls/tls_server.c.

20041218