Newer
Older
qmqpd_client_port_logging parameter setting. File:
qmqpd/qmqpd.c.
Cleanup: show the remote SMTP server port in verbose logging,
warnings and postmaster notices. Still don't show the port
in delivery status notifications. Files: smtp/smtp_chat.c,
smtp/smtp_sasl_glue.c, smtp/smtp_sasl_proto.c.
The "tls_require_cert" is now compatible with OpenLDAP 2.1
and later. Victor Duchovni. Files: proto/ldap_table,
global/dict_ldap.c.
Cleanup: removed the "#ifdef USE_LIBMILTER_INCLUDES"
dependencies on system-installed Milter protocol include
files. Verified that the object code has not changed. File:
milter/milter8.c.
Sanity check: idiot filter to detect attempts to use the
same database file for different TLS session caches. File:
tlsmgr/tlsmgr.c.
Cleanup: updated the spell check stoplist and the spell
check script. Files: mantools/spell, proto/stop.
Cleanup: replaced documentation references to xxgdb by ddd.
The xxgdb program hasn't been updated in more than 10 years.
Files: proto/postconf.proto, conf/main.cf.
Feature: support for all new Sendmail 8.14 Milter features
except SMFIR_SKIP (skip further events of this type),
SMFIP_RCPT_REJ (report rejected recipients to the mail
filter), SMFIR_CHGFROM (replace sender, with optional ESMTP
command parameters), and SMFIR_ADDRCPT_PAR (add recipient,
with optional ESMTP command parameters). Files: milter/milters.c,
milter/milter8.c, milter/test-milter.c, cleanup/cleanup_milter.c.
Feature: support for Sendmail 8.14 Milter SMFIR_SKIP (skip
further events of this type). Files: milter/milter8.c,
milter/test-milter.c.
Cleanup: don't try sending HELO after a 421 EHLO reply.
File: smtp/smtp_proto.c.
14052
14053
14054
14055
14056
14057
14058
14059
14060
14061
14062
14063
14064
14065
14066
14067
14068
14069
14070
14071
14072
14073
14074
14075
14076
14077
14078
14079
14080
14081
14082
14083
14084
14085
14086
14087
14088
14089
14090
14091
14092
14093
14094
14095
14096
20071221-nonprod
Using 20071221 as reference point.
Cleanup: Simplified TLS library cipher and protocol API to
just pass string-valued properties to tls_client_init() and
tls_client_start(). The client is now agnostic of the
mechanics of cipher management internal to the library. The
main.cf parameters used internally in the library are now
loaded by the library, not the caller. Files:
src/smtp/lmtp_params.c, src/smtp/smtp.c, src/smtp/smtp.h,
src/smtp/smtp_params.c, src/smtp/smtp_proto.c,
src/smtp/smtp_session.c, src/smtpd/smtpd.c, src/tls/tls.h,
src/tls/tls_client.c, src/tls/tls_level.c, src/tls/tls_misc.c,
src/tls/tls_server.c, src/tls/tls_session.c, src/tls/tls_verify.c
and src/tlsmgr/tlsmgr.c
Cleanup: Client session lookup key "salting" is now handled
internally in the tls library. Files: src/tls/tls_client.c
Cleanup: Cipher state is cached, and only updated when
necessary. Files: src/tls/tls_misc.c
Feature: Extended the syntax of protocol selection to allow
exclusions as well as inclusions. Files: src/tls/tls_misc.c
Cleanup: Updated default verification depth to match reality:
default is 9 in OpenSSL and we don't yet override it. When
we do (soon), the default will match previous behavior.
Files: src/global/mail_params.h
Bugfix: Reference to obsolete "pfixtls" code won't compile
inside #ifdef for OpenSSL <= 0.9.5a. Using an OpenSSL release
that old has not been tested for some time, but may now
work. Files: src/tls/tls_bio_ops.c.
Replaced "void *" TLS library application handles by explicit
pointer types, while hiding data structure implementation
details from the TLS library users. Files: tls/tls_client.c,
tls/tls_server.c, smtp/smtp.c, smtpd/smtpd.c.
The TLS library no longer modifies VSTRINGs passed in by
the caller. Where possible, information is passed as "const"
from application to library. Files: smtp/smtp_proto.c,
tls/tls_client.c.
Replaced explicit initialization of props structures by
emulating function calls with named parameter lists. Files:
tls/tls.h, smtp/smtp.c, smtp/smtp_proto.c, smtpd/smtpd.c.
Further polishing of the Milter code and logging. File:
milter/milter8.c.
Further polishing of the Milter code. With SETSYMLIST, each
Milter can now update its own macros instead of clobbering
the global copy that is shared with other Milters. Also an
opportunity to clean up some ad-hoc code for sending macro
lists from smtpd(8) to cleanup(8). Files: milter/milter.c,
milter/milter8.c, milter/milter_macros.c.
Further polishing of the Milter code. Eliminated unnecessary
steps from the initial smtpd/cleanup Milter handshake. Files:
milter/milter.c, milter/milter8.c, milter/milter_macros.c.
Cleanup: name_code(3) and name_mask(3) now support read-only
tables. Files: util/name_code.[hc], util/name_mask.[hc].
Cleanup: further refinements of the Milter code, allowing
for multiple macro overrides. The code is now ready for
serious testing. File: milter/milter8.c.
Bugfix: the Milter client did not replace the Postfix-specific
form for unknown host names by the Sendmail-specific form.
Cleanup: when a cleanup milter reports a problem don't log
generic "4.3.0 Sevice unavailable", but log the text for
the actual error. File: cleanup/cleanup_milter.c.
SMTP client fingerprint security level support and configurable
fingerprint digest algorithm. Victor Duchovni. Files:
smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp.h,
src/smtp/smtp_params.c, src/smtp/smtp_proto.c,
src/smtp/smtp_session.c, tls/tls_client.c, tls/tls_level.c,
tls/tls_verify.c.
Missed "invalid TLS configuration" patch for SMTP client.
Victor Duchovni. File: smtp/smtp_proto.c.
SMTP server configurable fingerprint digest algorithm.
Victor Duchovni. Files: smtpd/smtpd.c, tls/tls.h,
tls/tls_server.c, tls/tls_verify.c.
Cleanup: finally implemented certificate verification depth
limit parameters. Prior to Postfix 2.5 these were ignored.
For backwards compatibility, the default verification depth
limit is now 9, the OpenSSL default. Victor Duchovni. Files:
src/tls/tls_client.c, src/tls/tls_server.c, src/tls/tls_verify.c.
Robustness: Avoid possibility of NULL pointer issues in
application code that checks certificate names, by providing
"empty string" values when no data is available. Victor
Duchovni. Files: src/tls/tls_verify.c, src/tls/tls_client.c,
src/tls/tls_server.c, src/smtpd/smtpd_check.c, src/smtpd/smtpd.c.
Cleanup: separation of TLS handshake from security level
enforcement. The library shakes hands; the application
decides if the resulting security is acceptable. Victor
Duchovni. Files: smtpd/smtpd.c, smtpd/smtpd_proto.c,
tls/tls_server.c, tls/tls_client.c, tls/tls_verify.c.
Robustness: more robust processing of ASN.1 string attributes
in x509v3 certificates, plus additional sanity checks (e.g.
embedded null characters). Victor Duchovni. File:
src/tls/tls_verify.c.
Workaround: minor change to the Dovecot AUTH request to
prevent dovecot-auth memory wastage. Timo Sirainen. File:
xsasl/xsasl_dovecot_server.c.
Cleanup: renamed TLS-related symbols for consistency (always
include the init, start, stop prefix in the TLS library
function and data structure names; consistently distinguish
between per-application TLS state and per-session TLS state;
consistently use the fpt prefix for fingerprint related
variables and structure members; consistent use of monocase
typedef-ed names).
Cleanup: consistent use of <pre> and <blockquote> in examples;
instead of emphasizing new Postfix 2.5 behavior in reference
documentation, describe the new behavior as "current", with
historical behavior as a supplemental note.
Feature: new "pass" service type (in addition to "inet",
"unix" and "fifo"). The "pass" service type supports
front-end daemons that accept all inbound connections and
that permit only well-behaved clients to talk to the MTA.
This service type had been sitting in the master daemon for
years but was disabled by default. Actual applications for
this will have to be developed later. Files: util/upass_connect.c,
util/upass_trigger.c.
Cleanup: where possible, store data structures in read-only
memory. Besides the security advantage of no write access,
this also gives slightly better memory utilization when
many processes execute the same file. Files: pretty much
everything that has a static table, except for a few tables
in the benchmark tools with flags that are controlled by
command-line information.
Cleanup: more read-only data. Files: everything that passes
around a HEADER_OPTS pointer.
Safety: optional lookup table to prevent the Postfix SMTP
client from making repeated SASL login failures with the
same hostname, username and password. This introduces new
parameters: smtp_sasl_auth_cache_name, smtp_sasl_auth_cache_time.
Based on code by Keean Schupke. Files: smtp/smtp_sasl_glue.c,
smtp/smtp_sasl_auth_cache.c.
Safety: the Postfix SMTP client now by default defers mail
after the server rejects a SASL login attempt with a 535
status code. Specify "smtp_sasl_auth_soft_bounce = no" to
get the earlier behavior. Based on code by Keean Schupke.
Files: smtp/smtp_sasl_glue.c.
Safety: the smtpd_client_new_tls_session_rate_limit setting
now also limits the number of failed TLS handshakes. This
limits the impact of broken configurations. File: smtpd/smtpd.c.
Bugfix (introduced 20080112): Patrik Rak found two bugs
that largely canceled each other out, causing Postfix not
to complain about a missing "proxy:" prefix with the new
smtp_sasl_auth_cache_name parameter setting. File:
smtp/smtp_sasl_glue.c.
Documentation: new SOHO_README file for small/home offices.
The text is automatically generated from bits and pieces of
information that are scattered across other documents.
File: mantools/make_soho_readme.
Bugfix (introduced 20080112): missing #ifdef for the SASL
login failure cache. File: smtp/smtp_sasl_auth_cache.h.
Name fix: renamed the mumble_delivery_rate_delay parameter
to mumble_destination_rate_delay, because it really is a
per-destination feature. With this change we keep the option
of implementing a future per-transport rate delay.
14280
14281
14282
14283
14284
14285
14286
14287
14288
14289
14290
14291
14292
14293
14294
14295
14296
14297
14298
14299
14300
14301
14302
14303
14304
14305
14306
14307
14308
14309
14310
20080125
Bugfix (introduced 20071216): missing {} in the LDAP client
broke OpenLDAP TLS. The setting tls_require_cert=no was
further broken because Postfix used OpenLDAP incorrectly.
Victor Duchovni. This broke tls_require_cert=no File:
global/dict_ldap.c.
20080130
Bugfix (introduced 20071204): wrong proxywrite process limit
in the default master.cf file. File: conf/master.cf.
20080201
Workaround: pick up a missing data_directory setting from
main.cf when "postfix start" is invoked with an obsolete
postfix command. File: conf/post-install.
20080207
Cleanup: soft_bounce support for multi-line Milter replies.
File: src/milter/milter8.c.
Cleanup: preserve multi-line format of header/body Milter
replies. Files: cleanup/cleanup_milter.c, smtpd/smtpd.c.
Cleanup: multi-line support in SMTP server replies. File:
smtpd/smtpd_chat.c.
14311
14312
14313
14314
14315
14316
14317
14318
14319
14320
14321
14322
14323
14324
14325
14326
14327
14328
14329
14330
14331
14332
14333
14334
14335
14336
14337
14338
14339
14340
14341
14342
14343
14344
14345
14346
14347
14348
14349
14350
14351
14352
14353
14354
14355
14356
14357
14358
14359
14360
14361
14362
14363
14364
14365
14366
14367
14368
14369
14370
14371
14372
14373
14374
14375
14376
14377
14378
14379
20080215
Safety: break SASL loop in case both the SASL library and
the remote SMTP server are confused. File: smtp/smtp_sasl_glue.c.
20080220
Safety: the master daemon now sets an exclusive lock on a
file $data_directory/master.lock, so that the data directory
can't be shared between multiple Postfix instances. This
would corrupt files that rely on single-writer updates
(examples: verify(8) cache, tlsmgr(8) caches, etc.). File:
master/master.c.
20080228
Bugfix: bounce(8) segfault on one-line template text.
Problem found by Sacha Chlytor. File: bounce/bounce_template.c.
20080310
Safety: the SMTP server's Dovecot authentication client now
enforces the SASL mechanism output filter also on client
command input. File: src/xsasl/xsasl_dovecot_server.c.
20080311
Bugfix (introduced 20070811): the MAIL and RCPT Milter
application call-backs no longer received {mail_addr} or
{rcpt_addr} information. Problem reported by Anton Yuzhaninov.
File: smtpd/smtpd.c.
20080318
Human factors: the PCRE and regexp maps now give more
comprehensible error messages when people make the common
mistake of indenting if/endif blocks. Files: util/dict_pcre.c,
util/dict_regexp.c.
20080411
Bugfix (introduced Postfix 2.0): after "warn_if_reject
reject_unlisted_recipient/sender", the SMTP server mistakenly
remembered that recipient/sender validation was already
done. File: smtpd/smtpd_check.c.
Bugfix (introduced Postfix 2.3): the queue manager would
initialize missing client logging attributes (from xforward)
with real client attributes. Fix: enable this backwards
compatibility feature only with queue files that don't
contain logging attributes. Problem reported by Liviu Daia.
Files *qmgr/qmgr_message.c.
20080424
Cleanup: some warning messages said "regexp" or "regexp
map" instead of "pcre map". File: util/dict_pcre.c.
20080428
Cleanup: the proxy_read_maps (Postfix 2.0) default setting
was not updated when adding sender/recipient_bcc_maps
(Postfix 2.1) and smtp/lmtp_generic_maps (Postfix 2.3).
File: global/mail_params.h.
Cleanup: the SMTP server's XFORWARD and XCLIENT support was
not updated when the smtpd_client_port_logging configuration
parameter was added. Code by Victor Duchovni. Files:
smtpd/smtpd.c, smtpd/smtpd_peer.c.
14380
14381
14382
14383
14384
14385
14386
14387
14388
14389
14390
14391
14392
14393
14394
14395
14396
14397
14398
14399
14400
14401
14402
14403
14404
14405
14406
14407
14408
14409
14410
14411
14412
14413
20080509
Bugfix: null-terminate CN comment string after sanitization.
File: smtpd/smtpd.c.
20080603
Workaround: avoid "bad address pattern" errors with non-address
patterns in namadr_list_match() calls. File: util/match_ops.c.
20080620
Bugfix (introduced 20080207): "cleanup -v" panic because
the new "SMTP reply" request flag did not have a printable
name. File: global/cleanup_strflags.c.
Cleanup: using "Before-queue content filter", RFC3848
information was not added to the headers. Carlos Velasco.
File smtpd/smtpd.c.
20080717
Cleanup: a poorly-implemented integer overflow check for
TCP MSS calculation had the unexpected effect that people
broke Postfix on LP64 systems while attempting to silence
a compiler warning. File: util/vstream_tweak.c.
20080725
Paranoia: defer delivery when a mailbox file is not owned
by the recipient. Requested by Sebastian Krahmer, SuSE.
Specify "strict_mailbox_ownership=no" to ignore ownership
discrepancies. Files: local/mailbox.c, virtual/mailbox.c.
14414
14415
14416
14417
14418
14419
14420
14421
14422
14423
14424
14425
14426
14427
14428
14429
14430
14431
14432
20080804
Bugfix: dangling pointer in vstring_sprintf_prepend().
File: util/vstring.c.
20080814
Security: some systems have changed their link() semantics,
and will hardlink a symlink, contrary to POSIX and XPG4.
Sebastian Krahmer, SuSE. File: util/safe_open.c.
The solution introduces the following incompatible change:
when the target of mail delivery is a symlink, the parent
directory of that symlink must now be writable by root only
(in addition to the already existing requirement that the
symlink itself is owned by root). This change will break
legitimate configurations that deliver mail to a symbolic
link in a directory with less restrictive permissions.
20080826
Bugfix (introduced Postfix 2.4): epoll file descriptor leak.
With Postfix >= 2.4 on Linux >= 2.6, Postfix has an epoll
file descriptor leak when it executes non-Postfix commands
in, for example, user-controlled $HOME/.forward files. A
local user can access a leaked epoll file descriptor to
implement a denial of service attack on Postfix. Data
confidentiality and integrity are not affected. File:
util/events.c.
14444
14445
14446
14447
14448
14449
14450
14451
14452
14453
14454
14455
14456
14457
14458
14459
14460
14461
14462
14463
14464
14465
14466
14467
14468
14469
14470
14471
20081022
Documentation: removed inapplicable daemon_timeout reference
from qmgr(8), oqmgr(8), pickup(8). These daemons need to
use a much shorter watchdog timer.
20081108
Bugfix (introduced Postfix 2.5): the Postfix SMTP server
did not ask for a client certificate with "smtpd_tls_req_ccert
= yes". Reported by Rob Foehl. File: smtpd/smtpd.c.
20081126
Documentation: pcre_table(5) incorrectly claimed that the
'x' flag supports #comment after text. File: proto/pcre_table.
20081203
Cleanup: adjust the VSTREAM buffer strategy when reusing
an SMTP connection with a large TCP MSS value. File:
smtp/smtp_reuse.c.
20081222
Documentation: log the "*" pattern as the last transport
map lookup. File: proto/transport.
14472
14473
14474
14475
14476
14477
14478
14479
14480
14481
14482
14483
14484
14485
14486
14487
14488
14489
14490
14491
14492
14493
14494
14495
14496
14497
14498
14499
14500
14501
14502
14503
14504
14505
14506
14507
14508
14509
14510
14511
14512
14513
14514
14515
14516
20090122
Bugfix: the data_directory was not automatically created!
File: conf/postfix-files.
20090304
Cleanup: skip over suspended or throttled queues while
looking for delivery requests. File: *qmgr/qmgr_transport.c.
20090305
Bugfix: in the "new queue manager", the _destination_rate_delay
code needed to postpone the job scheduler updates after
delivery completion, otherwise the scheduler could loop on
blocked jobs. Victor & Wietse. File: qmgr/qmgr_entry.c,
qmgr/qmgr_queue.c, qmgr/qmgr_job.c.
Cleanup: report a "queue file write error", instead of
passing though bogus 2xx replies from proxy filters to SMTP
clients. File: smtpd/smtpd_proxy.c.
20090310
Bugfix: Postfix used mumble_concurrency_failed_cohort_limit
instead of mumble_destination_concurrency_failed_cohort_limit
as documented. File: global/mail_params.h.
20090419
Bugfix: don't re-enable SIGHUP if it is ignored in the
parent. This may cause random "Postfix integrity check
failed" errors at boot time (POSIX SIGHUP death), causing
Postfix not to start. We duplicate code from postdrop and
thus avoid past mistakes. File: postsuper/postsuper.c.
Robustness: don't re-enable SIGTERM if it is ignored in the
parent. Files: postsuper/postsuper.c, postdrop/postdrop.c.
20090428
Bugfix: don't disable MIME parsing with smtp_header_checks,
smtp_mime_header_checks, smtp_nested_header_checks or with
smtp_body_checks. Bug reported by Victor. File: smtp/smtp_proto.c.
20090710
Bugfix (introduced Postfix 2.3): Postfix got out of sync
with a Milter application after the application sent a
"quarantine" request at end-of-message time. The milter
application would still be in the end-of-message state,
while Postfix would already be working on the next SMTP
event (typically, QUIT or MAIL FROM). Problem diagnosed
with help from Alban Deniz. File: milter/milter8.c.
20090805
Bugfix: don't panic when an unexpected smtpd access map is
specified. File: smtpd/smtpd_check.c.
14532
14533
14534
14535
14536
14537
14538
14539
14540
14541
14542
14543
14544
14545
14546
14547
14548
14549
14550
14551
14552
14553
14554
14555
14556
14557
14558
14559
14560
14561
14562
14563
14564
14565
14566
14567
14568
14569
14570
14571
14572
14573
20090918
Bugfix (introduced Postfix 2.3): with Milter RCPT TO replies
turned off, there was no automatic flush-before-read on the
smtpd-to-milter stream, because the read was done on the
cleanup-to-milter stream. Problem reported by Stephen Warren.
File: milter/milter8.c.
20091005
Bugfix: core dump while printing error message for malformed
%<letter> sequence in LDAP, MySQL or PostgreSQL configuration.
File: global/db_common.c. Fix by Victor Duchovni.
20091209
Bugfix: sender_dependent_relayhost_maps did not reject an
empty lookup result, and did not recognize lookup errors,
thus treating errors as "not found". Problem found during
code maintenance. File: trivial-rewrite/resolve.c.
20100107
Bugfix: the pickup daemon did not discard messages that
were requeued after all recipients were delivered (or
bounced), and the cleanup server tried to bounce such
messages. Files: pickup/pickup.c, global/cleanup_user.h.
20100115
Bugfix: the valid_hostname() fuction did not set the
"non-numeric" flag after encountering the '-' character.
Reported by Jan Schampera. File: util/valid_hostname.c.
20100116
Workaround: as of Postfix 2.3 the VRFY command did not allow
a mailbox address inside <>, which broke expectations. RFC
2821 (and 5321) is vague about the VRFY request format, but
spends lots of text on the reply format. File: smtpd/smtpd.c.
20100422
Workaround (introduced: postfix-19990906 a.k.a. Postfix
0.8.0). The Postfix local delivery agent did not properly
distinguish between "address has no extension" and "address
has an extension, but the extension is invalid". In both
cases it would run only the full recipient local-part through
the alias maps. Instead, it now drops the faulty extension
from the recipient address local-part (it would be too
error-prone to replace all tests for "no extension" by tests
for "no valid extension". File: local/recipient.c.
14586
14587
14588
14589
14590
14591
14592
14593
14594
14595
14596
14597
14598
14599
14600
14601
14602
14603
14604
14605
14606
14607
14608
14609
14610
14611
14612
14613
14614
14615
14616
14617
14618
14619
14620
14621
14622
14623
14624
20100610
Bugfix (introduced Postfix 2.2): Postfix no longer appends
the system default CA certificates to the lists specified
with *_tls_CAfile or with *_tls_CApath. This prevents
third-party certificates from getting mail relay permission
with the permit_tls_all_clientcerts feature. Unfortunately
this may cause compatibility problems with configurations
that rely on certificate verification for other purposes.
To get the old behavior, specify "tls_append_default_CA =
yes". Files: tls/tls_certkey.c, tls/tls_misc.c,
global/mail_params.h. proto/postconf.proto, mantools/postlink.
20100714
Compatibility with Postfix < 2.3: fix 20061207 was incomplete
(undoing the change to bounce instead of defer after
pipe-to-command delivery fails with a signal). Fix by Thomas
Arnett. File: global/pipe_command.c.
20100827
Performance: fix for poor smtpd_proxy_filter TCP performance
over loopback (127.0.0.1) connections. Problem reported by
Mark Martinec. Files: smtpd/smtpd_proxy.c.
20101023
Cleanup: don't apply reject_rhsbl_helo to non-domain forms
such as network addresses. This would cause false positives
with dbl.spamhaus.org. File: smtpd/smtpd_check.c.
20101117
Bugfix: the "421" reply after Milter error was overruled
by Postfix 1.1 code that replied with "503" for RFC 2821
compliance. We now make an exception for "final" replies,
as permitted by RFC. Solution by Victor Duchovni. File:
smtpd/smtpd.c.
14625
14626
14627
14628
14629
14630
14631
14632
14633
14634
14635
14636
14637
14638
14639
14640
14641
14642
14643
14644
14645
14646
14647
14648
14649
14650
14651
14652
14653
14654
14655
14656
14657
14658
14659
14660
14661
14662
14663
14664
14665
14666
14667
14668
14669
14670
14671
14672
14673
14674
14675
14676
14677
14678
14679
14680
20101201
Workaround: BSD-ish mkdir() ignores the effective GID and
copies group ownership from the parent directory. File:
util/make_dirs.c.
20101202
Cleanup: the cleanup server now reports a temporary delivery
error when it reaches the virtual_alias_expansion_limit or
virtual_alias_recursion_limit. Previously, it would silently
ignore the excess recipients and deliver the message. File:
cleanup/cleanup_map1n.c.
20110105
Bugfix (introduced with the Postfix TLS patch): discard
plaintext following the STARTTLS command or response. This
matters only for the minority of SMTP clients that actually
verify server certificates. Files: smtpd/smtpd.c,
smtp/smtp_proto.c.
This vulnerability is also known as CVE-2011-0411.
20110109
Bugfix (introduced Postfix 2.4): on Solaris the Postfix
event engine was deaf for SIGHUP and SIGALRM signals after
the switch to /dev/poll. Symptoms were delayed "postfix
reload" response, and killed processes when the watchdog
timeout was less than max_idle. The fix is to set up SIGHUP
and SIGALRM handlers that write to a pipe, and to monitor
that pipe for read events via the Postfix event engine.
Files: master/master_sig.c, util/watchdog.c, util/sys_defs.h.
20110117
Bugfix (introduced Postfix alpha, or thereabouts): on HP-UX
the Postfix event engine was deaf for SIGALRM signals.
Symptoms were killed processes when the watchdog timeout
was less than max_idle. The fix is the same as Solaris fix
20110109. Since we can't know what other systems need this,
the workaround is enabled by default. Files: util/sys_defs.h.
20110225
Workaround (problem introduced with IPv6 support in Postfix
2.2): the SMTP client did not support mail to [ipv6:ipv6addr].
Fix based on a patch by Gurusamy Sarathy (Sophos). File:
util/host_port.c and regression test files.
20110227
Portability: FreeBSD closefrom() support time window. Sahil
Tandon. File: util/sys_defs.h.
20110414
Bugfix (introduced with Postfix SASL patch 20000314): don't
reuse a server SASL handle after authentication failure.
Problem reported by Thomas Jarosch of Intra2net AG. File:
smtpd/smtpd_proto.c.
14688
14689
14690
14691
14692
14693
14694
14695
14696
14697
14698
14699
14700
14701
14702
14703
14704
14705
14706
14707
14708
14709
14710
14711
14712
14713
14714
14715
14716
14717
14718
14719
14720
14721
14722
14723
20110418
Bugfix (introduced Postfix 2.3): the Milter client reported
some "file too large" errors as temporary errors. Problem
reported by Michael Tokarev. File: milter/milter8.c.
20110420
Performance: a high load of DSN success notification requests
could slow down the queue manager. Solution: make the trace
client asynchronous, just like the bounce and defer clients.
Problem reported by Eduardo M. Stelmaszczyk of terra.com.br.
Files: global/abounce.[hc], *qmgr/qmgr_active.c (the
qmgr_active.c files are identical).
20110426
Bugfix (introduced in Postfix 1.1): the local(8) delivery
agent ignored table lookup errors in mailbox_command_maps,
mailbox_transport_maps, and fallback_transport_maps. Problem
reported by William Ono. Files: local/command.c, local/mailbox.c,
local/unknown.c.
20110614
Linux kernel version 3 support. Linus Torvalds has reset
the counters for reasons not related to changes in code.
Files: makedefs, util/sys_defs.h.
20110615
Workaround: some Spamhaus RHSBL rejects lookups with "No
IP queries" even if the name has an alphanumerical prefix.
We play safe, and skip RHSBL queries for names ending in a
numerical suffix. File: smtpd/smtpd_check.c.
14724
14725
14726
14727
14728
14729
14730
14731
14732
14733
14734
14735
14736
14737
14738
14739
14740
14741
14742
20110811
Workaround: report a {client_connections} Milter macro value
of zero instead of garbage, when the remote SMTP client is
not subject to any smtpd_client_* limits. Problem reported
by Christian Roessner. File: smtpd/smtpd_state.c,
proto/MILTER_README.html.
20110831
Bugfix: allow for Milters that send an SMTP server reply
without RFC 3463 enhanced status code. Reported by Vladimir
Vassiliev. File: milter/milter8.c.
20110902
Bitrot: OpenSSL const-ified some function result value.
Files: tls/tls_client.c, tls/tls_server.c.