Newer
Older
character stored. This avoids mis-leading warnings. File:
global/vstring_vstream.c.
9004
9005
9006
9007
9008
9009
9010
9011
9012
9013
9014
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
20040105
Cleanup: don't bother the flush daemon while deferring mail
if the destination is not "fast flush" eligible. File:
global/flush_clnt.c.
Safety: the SMTP server flushes recipients to the cleanup
server in order to avoid SMTP timeouts when virtual or
canonical expansions take a lot of time. File smtpd/smtpd.c.
Safety: add warnings to postmap and postalias when table
lookup results in an empty string.
20040110
Example: script to run qmail-local from Postfix by Ron
Bickers.
Change: queue minfree limit is now 1.5 * message size limit.
File: smtpd/smtpd_check.c.
Bugfix: apply hostname restriction even when host address
lookup fails in check_{sender,recipient}_{ns,mx}_access.
File: smtpd/smtpd_check.c.
20040115
Performance: allow delivery concurrency to increase even
while mail is deferred, as long as the delivery agent does
not report really serious trouble with the destination.
Files: *qmgr/qmgr_deliver.c.
Cleanup: in postfix-files, symbolic links and hard links
are now first-class citizens with explicit mention of source
and destination pathnames. Files: postfix-install,
9039
9040
9041
9042
9043
9044
9045
9046
9047
9048
9049
9050
9051
9052
9053
9054
9055
9056
9057
9058
9059
9060
9061
9062
9063
9064
9065
9066
9067
9068
9069
9070
conf/postfix-files, conf/post-install.
20040116
Cleanup: sendmail -v caused one mail delivery report upon
every delivery attempt, not just the first one. The fix is
to "kill" a queue file record after the first delivery
attempt. This means a new record type. Files: *qmgr/qmgr_active.c,
*qmgr/qmgr_message.c, global/rec_type.c.
Cleanup: in anticipation of other built-in rate limiters,
the client_connection_rate_time_unit parameter is renamed
to client_rate_time_unit.
Documentation: finished the HOSTING_README file with an
overview of methods to host domains with Postfix.
20040119
Bugfix: anvil (count and rate limiting) server race condition
could result in dangling pointer. Postfix erases memory
after allocating and before freeing, so it is extremely
unlikely that this could be used to bring harmful data into
the anvil server. File anvil/anvil.c.
20040120
Cleanup: new header_checks(5) and body_checks(5) manual
pages. The sample-regexp* and sample-pcre* files are no
longer needed and have been removed, as are the default
*_table configuration files.
Cleanup: support for the non-standard Errors-To: header is
removed. File: cleanup/cleanup_message.c.
20040121
Feature: "PREPEND headername: headervalue" action in Postfix
access maps, to facilitate external policy servers that
label mail instead of rejecting it. Files: smtpd/smtpd.c,
smtpd/smtpd_check.c.
20040122
UNDO the 20040104 change (vstring_get() etc. return
VSTREAM_EOF when they terminate prematurely, instead of
returning the last character stored, to avoid mis-leading
warnings). File: global/vstring_vstream.c.
Portability: test -e is not portable. File: conf/postfix-script.
Misc. documentation fixes by Victor Duchovni.
Documentation: the README files are now hyperlinked, and
are referenced in the on-line manual pages.
Bugfix: the pickup daemon now strokes the watchdog frequently
to prevent the watchdog from barking when mail arrives
faster than it can be picked up. File: pickup/pickup.c.
Feature: set smtpd_reject_unlisted_{sender,recipient}=no
to turn off automatic rejection of non-existent local,
virtual or relay addresses. This way it can be made
conditional for local clients, always on for remote clients.
Files: global/mail_params.h, smtpd/smtpd.c, smtpd/smtpd_check.c.
20040124
Feature: PREPEND in header/body_checks, for message tagging.
File: cleanup/cleanup_message.c.
20040126
Safety: handle the case that main.cf is updated while it
is being read. File: util/dict.c.
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
9167
9168
9169
9170
9171
9172
9173
9174
9175
9176
9177
Feature: "instance" attribute that links policy etc. queries
to the same message instance.
Cleanup: the mynetworks setting may now be empty. File:
global/mail_params.c.
20040127
Bugfix: missing flush_init() call. Introduced 20040105.
File: postqueue/postqueue.c.
20040128
Cleanup: clnt_stream derived classes now try to detect that
the server has disconnected before sending data and warning
about an error. File: global/clnt_stream.c.
20040202
Bugfix: changed mis-leading warning about text>4096 characters
into "unexpected end-of-input". File: util/attr_scan0.c.
20040201
Feature: sasl_method, sasl_username and sasl_sender attributes
in smtpd policy queries. Files: src/smtpd/smtpd_check.c.
20040204
Safety: smtpd_soft_error_limit now determines when
$smtpd_error_sleep_time starts to take effect.
Cleanup: local(8) and virtual(8) will now create maildirs
in a world-writable directory. Files: util/make_dirs.c.
Bugfix: don't panic on a corrupt queue file. File:
*qmgr/qmgr_message.c.
20040205
Cleanup: sample-filter.cf is gone. Better documentation is
available with "man header_checks".
20040209
Bugfix: when delivery to smtpd_proxy_filter fails, report
"451 Queue file write error" instead of repeating the
previous "354 End data with <CR><LF>.<CR><LF>" response.
File: smtpd/smtpd.c.
20040220
Compatibility: accept and ignore the sendmail -bh and -bH
mode of operation requests.
20040302
Bugfix: SMTPD proxy didn't send QUIT as the result of code
duplication. Evidence reported by Mark Martinec. File:
smtpd/smtpd.c.
Bugfix: bad address syntax was passed to transport map
lookups. Problem reported by Andrei Koulik. File:
util/match_ops.c, trivial-rewrite/resolve.c.
20040324
Portability: ekkoBSD support by Philip Reynolds. Files:
makedefs, util/sys_defs.h.
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
9198
9199
9200
9201
9202
9203
9204
9205
9206
9207
9208
9209
9210
9211
9212
9213
9214
9215
9216
9217
9218
9219
9220
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
20040325
Cleanup: smtp_skip_4xx_greeting and smtp_skip_5xx_greeting
functionality is moved from connection management to SMTP
protocol processing, so that Postfix now logs the server
response when a server refuses to provide service. Files:
smtp/smtp_connect.c, smtp/smtp_proto.c.
Cleanup: smtp_skip_4xx_greeting is no longer configurable;
it is now permanently turned on.
20040326
Workaround: in the trivial-rewrite server, turn on the code
to strip trailing "." while rewriting addresses, and change
the address resolver to strip trailing "." in a compatible
manner. This does not eliminate the problem that the SMTP
server may use a different address for recipient validation
than what the cleanup server uses for virtual alias mapping.
20040329
Bugfix: the SMTP server did not log client (and SASL)
information with the real-time content filter was enabled.
Files: smtpd/smtpd.c, smtpd/smtpd_sasl_proto.c.
Compatibility: smtpd_reject_unlisted_sender is turned off
by default, to avoid trouble with with in-house software
that sends out mail software with an unreplyable address.
20040331
Bugfix: postdrop should not abandon mail submission after
receiving a SIGHUP signal when SIGHUP was ignored by the
parent process. Victor Duchovni, Morgan Stanley. File:
postdrop/postdrop.c.
Bugfix: parsing bug in PgSQL dictionaries causing UNIX
sockets to be ignored. Liviu Daia. Files: global/dict*sql.c.
Performance: allow MySQL and PgSQL database connections to
be closed when idle for more than 1 minute; Liviu Daia.
Files: global/dict*sql.c.
Sanity: the SMTP server no longer accepts sender or recipient
addresses that end in the "@" null domain, as well as
addresses that rewrite into such a form. Specify
"resolve_null_domain=yes" to get the old behavior back.
File: trivial-rewrite/resolve.c.
20040402
Cleanup: added WARN action support for access maps, for
consistency with the WARN action in header and body checks.
File: smtpd/smtpd_check.c.
20040407
Bugfix: missing return statement at the end of the
FREE_MEMORY_AND_RETURN error handling macro. Adi Prasaja.
9253
9254
9255
9256
9257
9258
9259
9260
9261
9262
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
20040411
Future proofing: client_rate_time_unit is renamed to
anvil_rate_time_unit, so that it is no longer limited to
clients only. File: src/global/mail_params.h.
Cleanup: postalias and postmap now log problems to syslogd.
Files: postalias/postalias.c, postmap/postmap.c.
20040413
Feature: "postfix set-permissions" (re)sets ownership and
access permissions of Postfix files and directories.
Feature: "postfix upgrade-configuration" updates main.cf
and master.cf. This is for people who people copy over
their old files after installing a newer Postfix version.
Feature: HTML files are now optionally installed under
control of the html_directory configuration parameter.
Files: postfix-install, conf/postfix-files, conf/post-install.
Cleanup: README file installation is now optional. Files:
postfix-install, conf/postfix-files, conf/post-install.
Cleanup: references to sample-mumble.cf files removed,
conf/mumble_table files removed, new commands added to
conf/postfix-script.
Cleanups: function declared int but used as void, missing
include file, missing const qualifier, unused variable.
Matthias Andree. Files: bounce/bounce_notify_util.c,
bounce/bounce_service.h, postlog/postlog.c, smtpd/smtpd_check.c,
util/attr_scan64.c.
Bugfix: more robust version of SIGHUP test of 20040331.
Victor Duchovni, Morgan Stanley. File: postdrop/postdrop.c.
Safety: added NOCLOBBER qualifiers to local variables that
might be clobbered by longjmp(). Files: util/sys_defs.h,
smtp/smtp_proto.c, lmtp/lmtp_proto.c, smtpd/smtpd_check.c,
smtpstone/smtp-source.c.
Bugfix: sub-level Makefiles no longer turned on the extra
compiler warnings. Files: Makefile.in.*, makedefs.*.
20040415
Bugfix: the LMTP client attempted to reuse a connection
after timeout, causing protocol synchronization errors.
Reported by Rob Mueller. File: lmtp/lmtp.c.
9307
9308
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
9323
9324
9325
9326
9327
9328
9329
9330
9331
9332
9333
9334
9335
9336
9337
9338
9339
9340
20040416
Cleanup: non-delivery reports now include the original
recipient information. File: bounce/bounce_notify_util.c.
20040415-18
Typos: many documentation fixes by Rob Foehl.
20040418
Cleanup: "int" versus "const int" prototype mismatch between
the DICT sequence method prototype and possible implementations.
Files: util/dict_db.c, util/dict_dbm.c.
20040419
Bugfix: the code that rejects client/helo RESTRICTIONS with
smtpd_delay_reject=no looked at the wrong evidence and
rejected client/helo ACCESS MAP lookups instead. Michael
Tokarev. Files: smtpd/smtpd.c, smtpd/smtpd_check.c.
Bugfix: missing # in master.cf in optional submission
service.
20040420
Bugfix: smtpd logged the client too often. Michael Tokarev.
File: smtpd/smtpd.c.
Cleanup: client_event_status_update_time renamed to
anvil_status_update_time. Files: mantools/postlink,
proto/postconf.proto, anvil/anvil.c.
20040421
Workaround: allow pipelined SMTP clients to overshoot the
SMTP server recipient limit without triggering the server
hard error limit. The SMTP server does not count "too many
recipients" towards the hard error limit, as long as the
number of excess recipients stays within a configurable
overshoot limit (default: smtpd_recipient_overshoot_limit
= 1000). Solution in cooperation with Victor Duchovni.
Files: smtpd/smtpd.c, smtpd/smtpd_state.c, smtpd/smtpd.h.
20040502
Missing test for a never used flag (the problematic and
thus never completed INSPECT feature that doesn't re-inject
mail into Postfix). Victor Duchovni, Morgan Stanley. File:
virtual/virtual.c.
20040503
Bugfix: missing "sasl enabled" guard in the SMTPD policy
client. File: smtpd/smtpd_check.c.
20040606
Portability. UnixWare has strcasecmp() in strings.h. Patch
by Andreas Winkelmann. File: util/sys_defs.h.
Portability. The postlink script is transformed from sed(1)
to perl(1).
20040608
Portability. Introduced SET_H_ERRNO() macro for compilation
environments where h_errno can't be used as an lvalue.
Files: util/sys_defs.h, dns/dns_lookup.c.
Portability. Eliminate assumption on bits per byte from
vbuf_print.c.
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
20040614
Bugfix: the SMTP client did not reset per-session EHLO,
SASL, and history information when opening a connection to
an alternate SMTP server. This is the result of abstraction
no longer matching function. Reported and diagnosed by
Victor Duchovni, Morgan Stanley.
Bugfix: non-portable reuse of variadic argument lists.
Fix by Victor Duchovni, Morgan Stanley. Files: global/bounce.c,
global/defer.c, global/sent.c, global/trace.c, global/verify.c.
Portability: NetBSD 2.0 has changed from statfs to statvfs.
John Heasley. File: util/sys_defs.h.
Documentation: typo fixes by IKEDA Nozomu.
20040616
Bugfix: one missed variadic argument list fix. Victor
Duchovni, Morgan Stanley. File: global/verify.c.
Bugfix: the resolver client cache should be context dependent
because address verification probes may use a different
route than normal mail deliveries. File: global/resolve_clnt.c.
Safety: added similar context dependence to the address
rewriting client in order to avoid trouble when Postfix is
changed. File: global/rewrite_clnt.c.
Bugfix: space in HELO commands could end up in XFORWARD
commands. File: smtpd/smtpd.c.
9416
9417
9418
9419
9420
9421
9422
9423
9424
9425
9426
9427
9428
9429
9430
9431
9432
9433
9434
9435
9436
9437
9438
9439
9440
9441
9442
9443
9444
9445
9446
Code reorganization: in preparation for SMTP session caching,
the SMTP client data structures were changed from the
original "one session per delivery request" model to an
explicit "multiple sessions per delivery request" model.
This uncovered ESMTP and SASL missing re-initialization
problems that were fixed in past week. Design by Victor
and Wietse, initial implementation by Victor Duchovni.
20040620
Future proofing: after the reorganization of SMTP request
state and session state, added code to the smtp client
error handling routines to more consistently deal with the
possibility that session information is not available.
20040621
Feature: directory=pathname option for the pipe(8) delivery
agent. This allows a command to run from a fixed directory.
Failure to change directory causes delivery to be deferred.
Files: pipe/pipe.c.
Feature: command_execution_directory for local(8) delivery
to external command. This supports the usual $home etc.
expansions, subject to filtering with the character set
specified with $execution_directory_expansion_filter.
Failure to change directory causes delivery to be deferred.
Files: global/mail_params.h, local/command.c.
Support for external command execution directory. Files:
global/pipe_command.[hc].
20040622
Safety: when mail is delivered to a transport with per-delivery
recipient limit of 1, split the recipient address on the
recipient delimiter if one is defined, so that extended
addresses don't get extra delivery concurrency slots.
Files: *qmgr/qmgr_message.c.
9456
9457
9458
9459
9460
9461
9462
9463
9464
9465
9466
9467
9468
9469
9470
9471
9472
9473
9474
9475
9476
9477
9478
9479
9480
9481
9482
9483
9484
9485
9486
9487
9488
9489
9490
9491
9492
9493
9494
9495
9496
9497
9498
9499
9500
9501
20040623
Workaround for fragile clients: add microsecond time to
maildir filename. Files: virtual/maildir.c, local/maildir.c.
20040628-20040701
SMTP connection caching work with Victor Duchovni.
New module (later renamed to global/scache_single.c) for
protocol-independent session caching. The initial
implementation supports in-process, single-session caching
only. A later version will support a central session cache
daemon. Some more work is needed for passivation/activation
of session attributes.
New function vstream_fdclose() to destroy a VSTREAM while
leaving the underlying file(s) open. Files: util/vstream.[hc].
New function dns_rr_remove() to remove one record from a
resource record list. Some more work is needed to turn the
list into a doubly-linked one. Files: dns/dns.h, dns/dns_rr.c.
Restructuring of the SMTP protocol engine for session
caching. File: smtp/smtp_proto.c.
Restructuring of the connection management module, and
first implementation of SMTP connection caching. To enable,
specify an smtp_connection_cache_time value greater than
zero. The time unit is seconds. File: smtp/smtp_connect.c.
New code to passivate and re-activate SMTP_SESSION objects,
and isolation of session save/lookup in its own module.
Files: smtp/smtp_session.c, smtp/smtp_reuse.c.
Refinement: smtp_cache_reuse_limit parameter to bound the
number of times a session may be reused.
Refinements: when a session comes from the cache, give it
back to the cache anyway (even when it will not be listed
under the next-hop destination name).
Future refinements should also include a bound on the number
of consecutive and total non-delivering uses and other
statistics.
20040714
Bugfix: the code to eliminate the local MTA from the MX
address list did not handle the case that inet_interfaces
produced a less preferred match than proxy_interfaces.
Victor Duchovni, Morgan Stanley. File: smtp/smtp_addr.c.
9509
9510
9511
9512
9513
9514
9515
9516
9517
9518
9519
9520
9521
9522
9523
9524
9525
9526
9527
9528
9529
9530
9531
9532
9533
9534
9535
9536
9537
9538
9539
9540
9541
9542
9543
9544
9545
9546
9547
9548
9549
9550
9551
9552
9553
9554
9555
9556
9557
9558
9559
9560
9561
9562
9563
9564
9565
9566
9567
9568
9569
9570
9571
9572
9573
9574
9575
9576
9577
9578
9579
9580
9581
9582
9583
9584
20040715
Resume work on SMTP session caching. All good sessions
are now cached under their IP address. As before, only the
first good session per delivery request is cached under
the original next-hop destination.
At this point, SMTP session caching works, with a session
cache client module that uses in-process session caching.
This is sufficient to demonstrate that the SMTP client is
ready for session caching.
20040716
New modules to send file descriptors from one process into
another one. This will be needed for implementing a central
connection cache manager daemon. Most systems use UNIX-domain
sockets as the transport for this. On Solaris we use streams
instead. Applications are supposed to invoke LOCAL_SEND_FD()
and LOCAL_RECV_FD(). Files: {unix,streams}_{send,recv}_fd.c.
20040717
First implementation of a session caching client API that
actually sends to/receives from a caching server process.
The old in-process, single-session caching functionality
is preserved as global/scache_single.c, so that we can use
it for bootstrapping the session cache server. File:
global/scache_clnt.c.
First implementation of the scache session cache server,
using the same in-process session caching code that was
used to bootstrap the SMTP client. File: scache/scache.c.
20040718
Performance: the default RSET timeouts are reduced from
120s to 20s. Perhaps there should be different RSET timeout
for address probes and for session cache checks. File:
global/mail_params.h.
20040719
Multi-session connection cache module. Implementing this
was actually the easiest part of the entire connection
caching project. File: global/scache_multi.c.
20040720
Bugfix: event_drain() falsely reported a single-entry timer
queue as empty. File: util/events.c.
Completed the multi-session cache support for SMTP. The
code can be stress tested with a driver program that reads
commands from a script. It is not practical to manually
test the effects of collisions in the time or in name space
domains. File: global/scache.c.
20040721
Feature: the session cache server now logs cache hit and
miss statistics every $session_cache_status_update_time
seconds (default: 600s), as well as upon process exit.
File: scache/scache.c.
20040722
Workaround: LINUX 2.4 has trouble with mixed data and file
descriptor traffic on UNIX-domain stream sockets.
Specifically, it cannot handle data write (read) followed
by file descriptor send (receive): the receiver hangs in
recvmsg(). Workaround is to insert an intervening read
(write) operation. Presumably, LINUX 2.4 is confusing the
data and file descriptor. Lucky Ralf Hildebrandt. Files:
util/sys_defs.h, global/scache_clnt.c, scache/scache.c.
20040723
Safety: spawn(8) now rejects a user with the -1 UID or GID
value, so that commands will not end up running as root.
Files: util/spawn_command.c, spawn/spawn.c.
User interface: parameter smtp_connection_cache_domains
renamed to smtp_connection_cache_destinations. Destinations
listed here must be specified without [] or :port. File:
smtp/smtp_connect.c.
Bugfix: "421 Timeout exceeded" wasn't guarded by setjmp().
Victor Duchovni, Morgan Stanley. File: smtpd/smtpd.c.
9599
9600
9601
9602
9603
9604
9605
9606
9607
9608
9609
9610
9611
9612
9613
9614
9615
9616
9617
9618
9619
9620
9621
9622
20040729
Feature: enable SMTP session caching temporarily while a
postfix is able to schedule back-to-back deliveries.
Parameter: smtp_connection_cache_on_demand (default:
yes). Files: smtp/smtp_connect.c, *qmgr/qmgr_entry.c,
*qmgr/qmgr_queue.c, *qmgr/qmgr_deliver.c.
Feature: smtp-source -N option to generate unique recipient
addresses for (trivial-rewrite) stress testing. Victor
Duchovni, Morgan Stanley. File: smtpstone/smtp-source.c.
20040730
Safety: disallow "opportunistic session caching" when the
queue manager is unable to schedule back-to-back deliveries.
File: *qmgr/qmgr_entry.c.
20040731
Hysteresis: turn on "opportunistic session caching" when
back-to-back deliveries happen, but don't turn if off
until both concurrent and back-to-back delivery ends.
Workaround: disable session caching for Linux < 2.2 (does
not work) or Glibc < 2 (does not compile). Files:
util/sys_defs.h, util/unix_{recv,send}_fd.c.
Portability: h_errno is not an lvalue in the UnixWare 7.1
multi-threaded environment. Olivier PRENANT.
20040812
Bugfix: update SMTP server error counter when a client is
denied access with smtpd_delay_reject=no.
20040816
Bugfix: The smtp_chat_cmd() forced output flushing code in
the SMTP client could run before an I/O error handler was
set up. Problem diagnosed by Victor Duchovni, Morgan
Stanley. The fix is to disable the smtp_chat_cmd() forced
output flushing code as it duplicates better code in
smtp_loop(). File: smtp/smtp_chat.c.
Safety: set up an I/O error handler before the smtp_loop()
protocol engine starts; this handler logs a warning in case
it ever runs, because that means someone broke ESMTP command
pipelining. File: smtp/smtp_proto.c.
Feature: canonical_classes parameter by Kimmo Suominen, to
control what addresses are rewritten by canonical_maps.
Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.
Bugfix: update the vstream I/O time AFTER the completion
of an I/O request, so that time-sensitive applications
don't force flush output too soon and possibly trigger
NAGLE delays. Problem diagnosed by Victor Duchovni, Morgan
Stanley. File: util/vstream.c.
9663
9664
9665
9666
9667
9668
9669
9670
9671
9672
9673
9674
9675
9676
9677
9678
9679
9680
9681
9682
9683
9684
9685
9686
9687
9688
9689
9690
9691
9692
9693
9694
9695
9696
9697
9698
9699
9700
9701
9702
9703
9704
9705
9706
9707
9708
9709
9710
Portability: avoid postmap/postalias test file name clashes
on Windows. Ian Lance Taylor (of Taylor UUCP fame).
20040823
Bugfix: vstream_popen() did not close the child pipe
after failure to fork(). File: util/vstream_popen.c.
20040826
Feature: support for systems with closefrom(), and emulation
for those without. Andrew Brown. Files: util/sys_defs.h,
util/sys_compat.c.
20040827
Feature: {sender,recipient}_canonical_classes parameters,
which give better control than sender_canonical_classes.
Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.
Feature: the proxymap client now recognizes when a map
can't be proxied, and will open it directly instead. This
makes proxy maps easier to use for virtual mailbox domains.
File: global/dict_proxy.c.
Feature: smtp_sasl_mechanism_filter restricts what remote
SMTP server mechanism names the Postfix SMTP client passes
on to the SASL library. Victor Duchovni, Morgan Stanley.
Files: smtp/smtp.c. smtp/smtp_sasl_glue.c, smtp/smtp_sasl_proto.c.
20040828
User interface: when no recipients are specified, the
Postfix sendmail command now terminates with status EX_USAGE
instead of accepting the mail first and bouncing it later.
This gives more direct feedback in case of a common client
configuration error. File: sendmail/sendmail.c.
20040829
Portability: Solaris closefrom() support didn't work for
non-SUN compilers. Victor Duchovni, Morgan Stanley.
20040830
Feature: the scache(8) session cache manager now logs the
peak counts of destinations, endpoints and sessions. Files:
scache/scache.c, global/scache*c.
20040831
Portability: disable session caching support on SCO 5
because of incompatible sockets API. File: util/sys_defs.h.
20040913
Bugfix (introduced 20020803): sent the wrong bounce message
type when a Delivered-To: loop was detected for a mailing
list alias. Nicolas Riendeau. File: bounce_notify_util.c.
9723
9724
9725
9726
9727
9728
9729
9730
9731
9732
9733
9734
9735
9736
9737
9738
9739
9740
9741
9742
9743
9744
9745
9746
9747
20040918
Feature: authorized_flush_users, authorized_mailq_users,
authorized_submit_users to restrict what users can flush
the queue, list the queue, or submit mail locally. Based
on code by Victor Duchovni, Morgan Stanley. Files:
sendmail/sendmail.c, postdrop/postdrop.c, postqueue/postqueue.c,
global/user_acl.[hc].
Feature: discard(8) mail delivery agent. Victor Duchovni,
Morgan Stanley. File: discard/discard.c.
20041002
Long overdue, a master(5) manual page based on an initial
version by Magnus Baeck.
By popular demand, a postfix-manuals.html web page with
totally useless links to UNIX-style manual pages (the same
information should already be available simply by typing
"apropos postfix"). To keep newbies from getting completely
lost due to information overload, the document starts with
a list of actually useful pointers to Postfix introductions,
duplicated from the already existing documents.html.
20041006
Bugfix: "sendmail -bv" did not reject the -t option. File:
9751
9752
9753
9754
9755
9756
9757
9758
9759
9760
9761
9762
9763
9764
9765
9766
9767
9768
9769
9770
9771
9772
9773
9774
9775
9776
9777
9778
9779
9780
9781
9782
9783
9784
9785
9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800
9801
9802
9803
9804
9805
9806
9807
9808
9809
9810
9811
9812
9813
9814
9815
9816
9817
9818
9819
9820
9821
9822
9823
9824
9825
9826
9827
9828
9829
9830
9831
9832
9833
9834
9835
9836
9837
9838
9839
9840
9841
9842
9843
9844
9845
9846
9847
9848
9849
9850
9851
9852
9853
sendmail/sendmail.c.
20041007
Feature: SASL authentication attributes are now stored in
queue files and passed on to delivery agents, by Leandro
Santi. Files: deliver_pass.c, deliver_request.c,
qmgr_deliver.c, qmgr_message.c, pipe.c, smtpd.c.
20041009
Feature: per SMTP client message rate limit and recipient
rate limit, by Ragnar Lonn, GHN network technologies.
Files: smtpd/smtpd.c, anvil/anvil.c, global/anvil_clnt.[hc].
Incompatibility: smtpd_client_connection_limit_exceptions
renamed to smtpd_client_event_limit_exceptions, because it
now also controls message and recipient rate limit control.
20041013
Portability: AIX 5.1/GCC.
20041014-23
Postfix no longer appends the local domain to header
addresses from remote clients. Instead, Postfix either
does not rewrite those headers at all, or it appends the
domain specified with the new remote_header_rewrite_domain
parameter.
Postfix still appends $@myorigin or .$mydomain to headers
from the Postfix sendmail command, or from clients listed
with the new local_header_rewrite_clients parameter (default:
permit_mynetworks, permit_sasl_authenticated).
These changes affect the SMTP server (including XFORWARD
support), the cleanup server (do or don't rewrite headers),
the trivial-rewrite server (append local domain or surrogate
remote domain to incomplete addresses), the queue manager
(send additional attributes to delivery agents), the LMTP
and SMTP clients (XFORWARD support), and the local delivery
agent (preserve XFORWARD attributes when forwarding mail).
20041016
Bugfix: attr_clnt_request() did not properly skip hash
table arguments. Luc Pardon, Skopos Consulting. File:
util/attr_clnt.c.
20041018
The NIS+ module by Geoff Gibbs is now part of Postfix.
Files: util/dict_nisplus.c, proto/nisplus_table.
20041019
Support for Errors-To: is permanently removed.
20041022
Bugfix: "smtp_connection_cache_on_demand=no" could crash
the SMTP client. File: smtp/smtp_connect.c.
Robustness: extra sanity checks. Files: util/dict_db.c,
util/dict_dbm.c, dict_nis.c.
20041025
Initial merge of Lutz Jaenicke's TLS patch. Initial rewrite
of tlsmgr to eliminate some code duplication and to postpone
calls into OpenSSL until after dropping privileges.
20041030
Compatibility: "session cache" renamed to "connection cache"
to avoid confusion with the TLS session cache.
20041102
Feature: smtpd_end_of_data_restrictions allow you to specify
restrictions at the end of the SMTP DATA command. The syntax
is identical to that of the smtpd_data_restrictions feature.
This introduces a new END-OF-DATA protocol state for the
external policy server. Files: proto/SMTPD_POLICY_README.html,
proto/SMTPD_ACCESS_README.html, smtpd/smtpd_check.c.
20041111
Cleanup: terminate the dict_eval() result buffer for verbose
logging. Victor Duchovni, Morgan Stanley. File: util/dict.c.
20041112
Cleanup: be more careful when saving and restoring resolver(3)
options to avoid problems with an HP-UX security patch
(change introduced 20031215). File: dns/dns_lookup.c.
20041115
Bugfix: the test for "no debugger_command" was wrong.
Leandro Santi. File: global/debugger_command.c.
9855
9856
9857
9858
9859
9860
9861
9862
9863
9864
9865
9866
9867
9868
9869
9870
9871
9872
9873
9874
9875
9876
9877
9878
9879
9880
9881
9882
9883
9884
9885
9886
9887
9888
9889
9890
9891
9892
9893
9894
9895
9896
9897
9898
9899
9900
9901
9902
9903
9904
9905
9906
9907
9908
9909
9910
9911
9912
9913
9914
9915
9916
9917
9918
9919
9920
9921
9922
9923
9924
9925
9926
9927
9928
9929
9930
9931
9932
9933
9934
9935
9936
9937
9938
9939
9940
9941
9942
9943
9944
9945
9946
9947
9948
9949
9950
9951
9952
9953
9954
9955
9956
9957
9958
9959
9960
9961
9962
9963
9964
9965
9966
9967
9968
9969
9970
9971
9972
9973
9974
9975
9976
9977
9978
9979
9980
9981
9982
9983
9984
9985
9986
9987
9988
9989
9990
9991
9992
9993
9994
9995
9996
9997
9998
9999
10000
Robustness: the master-child protocol now includes a process
generation number besides the child process ID. The process
generation number is incremented by one each time the master
creates a child process. Child-to-master status updates
with the wrong generation number are ignored, instead of
triggering a consistency error in the master server. Files:
master/*server.c, master/master_status.c, master/master_spawn.c.
20041118
Bugfix: the "local_header_rewrite_clients" feature (20041023)
did not recognize "bare" lookup tables as documented. Victor
Duchovni, Morgan Stanley. File: smtpd/smtpd_check.c.
Bugfix: the "local_header_rewrite_clients" feature (20041023)
was broken because the local delivery agent passed on a
bogus attribute value when forwarding internally generated
mail, causing the mail to be rejected by the cleanup server.
File: local/dotforward.c.
Bugfix: the "local_header_rewrite_clients" feature (20041023)
was broken because the pickup server always overwrote origin
information. Files: pickup/pickup.c, cleanup/cleanup_state.c,
*qmgr/qmgr_message.c.
Workaround: enable the "can't write before sending a file
descriptor" workaround for Solaris. Problem reported by
Victor Duchovni for Solaris 2.5.1, but we play safe and
enable it unconditionally.
20041120
The TLS support routines are moved to a "tls" directory,
and are published via the "libtls.a" object library.
20041122
Infrastructure: support for binary attribute values
(ATTR_TYPE_DATA) in Postfix IPC messages. Files:
util/attr_scan*c, util/attr_print*c.
20041123-20041205
TLS support: via a process of gradual transformation,
decomposed Lutz Jaenicke's pfixtls.c into separate modules
for clients, servers, certificate verification, session
caching, and PRNG management. Global variables were eliminated
so that the code now supports multiple client and/or server
contexts in the same process. Files: tls/*.[hc].
20041205
TLS support: eliminated shared access (and locking) of the
TLS PRNG exchange file and TLS session caches. Instead,
Postfix uses a client-server protocol, and the tlsmgr
becomes the sole mediator. This eliminated the need for
1000+ lines of SDBM support, and eliminated the need for
running a persistent tlsmgr process on systems don't enable
TLS in main.cf.
20041124
Feature: configurable list of forbidden SMTP commands
(default: smtpd_forbidden_commands = CONNECT, GET, POST)
after which the Postfix SMTP server disconnects immediately.
The SMTP server always disconnects immediately when the
client sends a message header instead of an SMTP command.
Magnus Baeck. File: smtpd/smtpd.c.
20041207
CDB support by Michael Tokarev, documentation by Victor
Duchovni. Files: util/dict_cdb.[hc], global/mkmap_cdb.c.
20041209
Completed support for the Berkeley DB sequence operator.
This is needed for finding and deleting old entries in TLS
session databases. File: util/dict_db.c.
Bugfix: the DBM client's sequence operator used exclusive
locking instead of shared locking. File: util/dict_dbm.c.
Feature: dump an entire database with the new postmap/postalias
"-s" option. This works only for database types with Postfix
sequence operator support: hash, btree, dbm, and sdbm.
Files: postmap/postmap.c, postalias/postalias.c.
20041212
Solaris 10/ix86 chroot setup script update by J.D. Bronson.
TLS support: cosmetic changes to comments and messages;
completed the code for the master -> tlsmgr trigger handshake,
so that the master no longer complains about trigger
responses timing out.
20041213
Updated the SDBM dictionary interface. It had fallen behind
with the Postfix dictionary interfaces that were already
bundled with Postfix. Files: util/dict_sdbm.[hc].
Cleanup: "postconf -m" (show all available map types) now
produces sorted output. File: util/dict_open.c.
20041215
No bugfix: tests with the new "postmap -s" feature show
that SDBM first/next operations never worked with Postfix/TLS
patch 20040829 (verified with the 20040829 dict_sdbm.c
module on Linux and FreeBSD). The code stops after finding
one database element. Other SDBM versions found on the
Internet will find all database entries, but report an I/O
error after the last database element is found. All this
would be easy enough to fix, but the SDBM library is not
part of Postfix, and never will be.
Bugfix: the sequence operator in the DBM and SDBM clients
released the shared lock after reading the next key but
before reading the corresponding value. This was never a
problem, because the sequence operator was used only in
the Postfix/TLS patch. This used the SDBM sequence operator
which didn't work as discussed above. Files: util/dict_dbm.c,
util/dict_sdbm.c.
Feature: the local(8) and pipe(8) delivery agents now make
the following attributes available upon delivery (with
local(8) names must be spelled in upper case): client_hostname,
client_address, client_protocol, client_helo, sasl_method,
sasl_sender, sasl_username. Files: local/command.c,
pipe/pipe.c, and lots of documentation.
20041216
"postcat -o" now prints queue file record offsets; this is
useful for debugging. File: postcat/postcat.c.
NON-PRODUCTION Bugfix: (bug introduced while adopting the
Postfix/TLS patch): the new TLS certification call-back
routine expects that the peer hostname is in
tlscontext->peername_save, but the TLS server code never
updated this field. File: tls/tls_server.c.
20041218