Accepting request 397601 from home:varkoly:branches:server:mail

- bnc#981097 config.postfix creates broken main.cf for tls client configuration 
- bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete
- update to 3.1.1:
- The new address_verify_pending_request_limit
  parameter introduces a safety limit for the number of address
  verification probes in the active queue.  The default limit is 1/4
  of the active queue maximum size. The queue manager enforces the
  limit by tempfailing probe messages that exceed the limit. This
  design avoids dependencies on global counters that get out of sync
  after a process or system crash.
- Machine-readable, JSON-formatted queue listing with "postqueue -j"
  (no "mailq" equivalent). 
- The milter_macro_defaults feature provides an optional list of macro
  name=value pairs. These specify default values for Milter macros when
  no value is available from the SMTP session context.
- Support to enforce a destination-independent delay between email
  deliveries.  The following example inserts 20 seconds of delay
  between all deliveries with the SMTP transport, limiting the delivery
  rate to at most three messages per minute.
      smtp_transport_rate_delay = 20s  
- Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
  that a "not found" result from a DNSBL server will be valid for one
  hour.  This may have been adequate five years ago when postscreen
  was first implemented, but nowadays, that one hour can result in
  missed opportunities to block new spambots. 
  To address this, postscreen now respects the TTL of DNSBL "not
  found" replies, as well as the TTL of DNSWL replies (both "found"
  and "not found").  The TTL for a "not found" reply is determined
  according to RFC 2308 (the TTL of an SOA record in the reply).
  Support for DNSBL or DNSWL reply TTL values is controlled by two

OBS-URL: https://build.opensuse.org/request/show/397601
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=235

postfix-3.1.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:88ac3e92755629077d9363319b1fa0db406efb10c2f22cdbb941bd8ab36fd733
-size 4336709

postfix-3.1.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3deda4c34631970490b1b5fbb559905f93531bf1c7eb00e38b0d0deb1dba9982
+size 4337295

postfix-SuSE.tar.gz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1b4fd1b8d37acc629879890cf8de505aef4c39a0e972c57e7c5df89a9f23d4b3
-size 26704
+oid sha256:6d2ef6cadc62874828c5754b1e1cbdef86e2f101ac0f87a7478c4715c6592b7a
+size 35359

postfix.changes

@@ -1,3 +1,57 @@
+-------------------------------------------------------------------
+Tue May 24 04:29:41 UTC 2016 - varkoly@suse.com
+
+- bnc#981097 config.postfix creates broken main.cf for tls client configuration 
+- bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete
+- update to 3.1.1:
+- The new address_verify_pending_request_limit
+  parameter introduces a safety limit for the number of address
+  verification probes in the active queue.  The default limit is 1/4
+  of the active queue maximum size. The queue manager enforces the
+  limit by tempfailing probe messages that exceed the limit. This
+  design avoids dependencies on global counters that get out of sync
+  after a process or system crash.
+- Machine-readable, JSON-formatted queue listing with "postqueue -j"
+  (no "mailq" equivalent). 
+- The milter_macro_defaults feature provides an optional list of macro
+  name=value pairs. These specify default values for Milter macros when
+  no value is available from the SMTP session context.
+- Support to enforce a destination-independent delay between email
+  deliveries.  The following example inserts 20 seconds of delay
+  between all deliveries with the SMTP transport, limiting the delivery
+  rate to at most three messages per minute.
+      smtp_transport_rate_delay = 20s  
+- Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
+  that a "not found" result from a DNSBL server will be valid for one
+  hour.  This may have been adequate five years ago when postscreen
+  was first implemented, but nowadays, that one hour can result in
+  missed opportunities to block new spambots. 
+  To address this, postscreen now respects the TTL of DNSBL "not
+  found" replies, as well as the TTL of DNSWL replies (both "found"
+  and "not found").  The TTL for a "not found" reply is determined
+  according to RFC 2308 (the TTL of an SOA record in the reply).
+
+  Support for DNSBL or DNSWL reply TTL values is controlled by two
+  configuration parameters:
+
+  postscreen_dnsbl_min_ttl (default: 60 seconds).
+  postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
+
+  The postscreen_dnsbl_ttl parameter is now obsolete, and has become
+  the default value for the new postscreen_dnsbl_max_ttl parameter.
+- New "smtpd_client_auth_rate_limit" feature, to
+  enforce an optional rate limit on AUTH commands per SMTP client IP
+  address.  Similar to other smtpd_client_*_rate_limit features, this
+  enforces a limit on the number of requests per $anvil_rate_time_unit.
+- New SMTPD policy service attribute "policy_context",
+  with a corresponding "smtpd_policy_service_policy_context" configuration
+  parameter.  Originally, this was implemented to share the same SMTPD
+  policy service endpoint among multiple check_policy_service clients.
+- A new "postfix tls" command to quickly enable opportunistic TLS
+  in the Postfix SMTP client or server, and to manage SMTP server keys
+  and certificates, including certificate signing requests and 
+  TLSA DNS records for DANE.
+
 -------------------------------------------------------------------
 Tue Apr 19 07:59:32 UTC 2016 - opensuse@dstoecker.de
 

postfix.spec

@@ -59,7 +59,7 @@
 %define         _unitdir /lib/systemd
 %endif
 Name:           postfix
-Version:        3.1.0
+Version:        3.1.1
 Release:        0
 Summary:        A fast, secure, and flexible mailer
 License:        IPL-1.0