- bnc#912594 config.postfix creates config based on old options
- bnc#911806 config.postfix does not set up correct saslauthd socket directory for chroot
- bnc#910265 config.postfix does not upgrade the chroot
- bnc#908003 wrong access rights on /usr/sbin/postdrop causes
permission denied when trying to send a mail as non root user
- bnc#729154 wrong permissions for some postfix components
OBS-URL: https://build.opensuse.org/request/show/280976
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=206
- Remove keyring and things as it is md5 based one no longer
accepted by gpg 2.1
- No longer perform gpg validation; osc source_validator does it
implicit:
+ Drop gpg-offline BuildRequires.
+ No longer execute gpg_verify.
- restore previously lost fix:
Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de
- Ignore errors in %pre/%post.
- postfix 2.11.3:
* Fix for configurations that prepend message headers with Postfix
access maps, policy servers or Milter applications. Postfix now
hides its own Received: header from Milters and exposes prepended
headers to Milters, regardless of the mechanism used to prepend
a header. This fix reverts a partial solution that was released
on October 13, 2014, and replaces it with a complete solution.
* Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure.
- postfix 2.11.2:
* Fix for DMARC implementations based on SPF policy plus DKIM
Milter. The PREPEND access/policy action added headers ABOVE
Postfix's own Received: header, exposing Postfix's own Received:
header to Milters (protocol violation) and hiding the PREPENDed
header from Milters. PREPENDed headers are now added BELOW
Postfix's own Received: header and remain visible to Milters.
* The Postfix SMTP server logged an incorrect client name in
reject messages for check_reverse_client_hostname_access and
check_reverse_client_hostname_{mx,ns}_access. They replied with
OBS-URL: https://build.opensuse.org/request/show/262589
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=118
- bnc#862662 - Unable to configure postfix SMTP with forced TLS using YaST2
- Update to 2.11.0
* TLS
o Support for PKI-less TLS server certificate verification, where
the CA public key or the server certificate is identified via DNSSEC lookup
* LMDB database support
* master
o The master_service_disable parameter value syntax has changed:
use "service/type" instead of "service.type".
* postconf:
o Support for advanced master.cf query and update operations.
This was implemented primarily to support automated system management tools.
o The postconf command produces more warnings
* relay safety
New smtpd_relay_restrictions parameter built-in default settings:
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination
* postscreen whitelisting
Allow a remote SMTP client to skip postscreen(8) tests based on
its postscreen_dnsbl_sites score.
OBS-URL: https://build.opensuse.org/request/show/222157
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=112
* TLS
o Support for PKI-less TLS server certificate verification, where
the CA public key or the server certificate is identified via DNSSEC lookup
* LMDB database support
* master
o The master_service_disable parameter value syntax has changed:
use "service/type" instead of "service.type".
* postconf:
o Support for advanced master.cf query and update operations.
This was implemented primarily to support automated system management tools.
o The postconf command produces more warnings
* relay safety
New smtpd_relay_restrictions parameter built-in default settings:
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination
* postscreen whitelisting
Allow a remote SMTP client to skip postscreen(8) tests based on
its postscreen_dnsbl_sites score.
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=180
- update to 2,9.6
Bugfix: the local(8) delivery agent dereferenced a null pointer
while delivering to null command (for example, "|" in a .forward file).
Bugfix: memory leak in program initialization. tls/tls_misc.c.
Bugfix: he undocumented OpenSSL X509_pubkey_digest() function is
unsuitable for computing certificate PUBLIC KEY fingerprints.
Postfix now provides a correct procedure that accounts for
the algorithm and parameters in addition to the key data. Specify
"tls_legacy_public_key_fingerprints = yes" if you need backwards compatibility.
OBS-URL: https://build.opensuse.org/request/show/151525
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=102
unsuitable for computing certificate PUBLIC KEY fingerprints.
Postfix now provides a correct procedure that accounts for
the algorithm and parameters in addition to the key data. Specify
"tls_legacy_public_key_fingerprints = yes" if you need backwards compatibility.
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=160
