pool/postfix
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 32622ae666 Accepting request 1248568 from server:mail factory Dominique Leuenberger 2025-02-27 13:50:03 +00:00
  • 573c71e7fe - update to 3.10.1 * Bugfix (defect introduced: 20250210): a recent 'fix' for the default smtp_tls_dane_insecure_mx_policy setting resulted in unnecessary 'dnssec_probe' warnings, on systems that disable DNSSEC lookups (which is the default). - update to 3.10.0 * Internal protocol change: Postfix needs "postfix reload" (or "postfix stop" and "postfix start") after upgrade, because of a change in the delivery agent protocol. If this step is skipped, Postfix delivery agents will log a warning: unexpected attribute smtputf8 from xxx socket (expecting: sendopts) where xxx is the delivery agent service name. * Forward compatibility: Support for OpenSSL 3.5 post-quantum cryptography. To manage algorithm selection, OpenSSL introduces new TLS group syntax that Postfix will not attempt to imitate. Instead, Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups parameter values to have an empty value. When both are set empty, the algorithm selection can be managed through OpenSSL configuration. For more, look for "Post-quantum" in the postconf(5) manpage. * Support for the RFC 8689 "TLS-Required: no" message header to request delivery of messages (such as TLSRPT summaries) even if the preferred TLS security policy cannot be enforced. This limits the Postfix SMTP client to "smtp_tls_security_level = may" which does not authenticate server certificates and which allows falling back to plaintext. * Support for the REQUIRETLS SMTP service extension will evolve in Postfix 3.11. * Support for the TLSRPT protocol (defined in RFC 8460). With this, a domain can publish a policy in DNS that requests daily summary reports for successful and failed SMTP-over-TLS connections to that domain's MX hosts. This supports both DANE (built-in) and MTA-STS (via an smtp_tls_policy_maps plugin). The implementation uses a TLSRPT library and reporting infrastructure that are maintained by sys4. For details, see TLSRPT_README. * Privacy: With "smtpd_hide_client_session = yes", the Postfix SMTP server generates a Received: header without client session info. This setting may be used with the MUA submission services (port 465 and 587). * Support for RFC 2047 encoding of non-ASCII "full name" information in Postfix-generated From: message headers. Encoding non-ASCII full names can avoid the need to use SMTPUTF8, and therefore can avoid incompatibility with sites that do not support SMTPUTF8. See the full_name_encoding_charset parameter description for details. * Database performance: When mysql: or pgsql: configuration specifies a single host, assume that it is a load balancer and reconnect immediately after a single failure, instead of failing all requests for 60s. * The Postfix Milter implementation now logs the reason for a 'quarantine' action, instead of "milter triggers HOLD action". * The SMTP server now logs the queue ID (or "NOQUEUE") when a connection ends abnormally (timeout, lost connection, or too many errors), and the cleanup server now logs "queueid: canceled" when a message transaction is started but not completed. These changes simplify logfile analysis. * Dovecot SASL client logging for "Invalid authentication mechanism" now includes the name of that mechanism. * Postfix SMTP server 'reject' logging now shows the sasl_method, sasl_username, and sasl_sender if available. - update to 3.10.1 * Bugfix (defect introduced: 20250210): a recent 'fix' for the default smtp_tls_dane_insecure_mx_policy setting resulted in unnecessary 'dnssec_probe' warnings, on systems that disable DNSSEC lookups (which is the default). - update to 3.10.0 * Internal protocol change: Postfix needs "postfix reload" (or "postfix stop" and "postfix start") after upgrade, because of a change in the delivery agent protocol. If this step is skipped, Postfix delivery agents will log a warning: unexpected attribute smtputf8 from xxx socket (expecting: sendopts) where xxx is the delivery agent service name. * Forward compatibility: Support for OpenSSL 3.5 post-quantum cryptography. To manage algorithm selection, OpenSSL introduces new TLS group syntax that Postfix will not attempt to imitate. Instead, Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups parameter values to have an empty value. When both are set empty, the algorithm selection can be managed through OpenSSL configuration. For more, look for "Post-quantum" in the postconf(5) manpage. * Support for the RFC 8689 "TLS-Required: no" message header to request delivery of messages (such as TLSRPT summaries) even if the preferred TLS security policy cannot be enforced. This limits the Postfix SMTP client to "smtp_tls_security_level = may" which does not authenticate server certificates and which allows falling back to plaintext. * Support for the REQUIRETLS SMTP service extension will evolve in Postfix 3.11. * Support for the TLSRPT protocol (defined in RFC 8460). With this, a domain can publish a policy in DNS that requests daily summary reports for successful and failed SMTP-over-TLS connections to that domain's MX hosts. This supports both DANE (built-in) and MTA-STS (via an smtp_tls_policy_maps plugin). The implementation uses a TLSRPT library and reporting infrastructure that are maintained by sys4. For details, see TLSRPT_README. * Privacy: With "smtpd_hide_client_session = yes", the Postfix SMTP server generates a Received: header without client session info. This setting may be used with the MUA submission services (port 465 and 587). * Support for RFC 2047 encoding of non-ASCII "full name" information in Postfix-generated From: message headers. Encoding non-ASCII full names can avoid the need to use SMTPUTF8, and therefore can avoid incompatibility with sites that do not support SMTPUTF8. See the full_name_encoding_charset parameter description for details. * Database performance: When mysql: or pgsql: configuration specifies a single host, assume that it is a load balancer and reconnect immediately after a single failure, instead of failing all requests for 60s. * The Postfix Milter implementation now logs the reason for a 'quarantine' action, instead of "milter triggers HOLD action". * The SMTP server now logs the queue ID (or "NOQUEUE") when a connection ends abnormally (timeout, lost connection, or too many errors), and the cleanup server now logs "queueid: canceled" when a message transaction is started but not completed. These changes simplify logfile analysis. * Dovecot SASL client logging for "Invalid authentication mechanism" now includes the name of that mechanism. * Postfix SMTP server 'reject' logging now shows the sasl_method, sasl_username, and sasl_sender if available. devel Peter Varkoly 2025-02-26 06:19:37 +00:00
  • bed1de1905 Accepting request 1232867 from server:mail Ana Guerrero 2024-12-22 16:58:59 +00:00
  • def8724640 - update to 3.9.1 * The mail_version configuration parameter did not have a three-number value (3.9 instead of 3.9.0; it still had the two-number version from the development releases postfix-3.9-yyyymmdd). This broke pathnames derived from the mail_version value, such as shlib_directory. * Bugfix (defect introduced: Postfix 2.9, date 20111218): with "smtpd_sasl_auth_enable = no", the permit_sasl_authenticated feature ignored information that was received with the XCLIENT LOGIN command, so that the client was treated as unauthenticated. This was fixed by removing an unnecessary test. * Bugfix (defect introduced: postfix 3.0): the default master.cf syslog_name setting for the relay service did not preserve multi-instance information, which complicated logfile analysis. * Bugfix (defect introduced: Postfix 2.3, date 20051222): file descriptor leak after failure to connect to a Dovecot auth server. The impact is limited because Dovecot auth failures are rare, there are limits on the number of retries (one), on the number of errors per SMTP session (smtpd_hard_error_limit), on the number of sessions per SMTP server process (max_use), and on the number of file handles per process (managed with sysctl). * Bugfix (defect introduced: Postfix 3.4, date 20190121): the postsuper command failed with "open logfile '/path/to/file': Permission denied" when the maillog_file parameter specified a filename and Postfix was not running. This was fixed by opening the maillog_file before dropping root privileges. * Bugfix (defect introduced Postfix 3.0). No autodetection of UTF8 text when missing message headers were automatically added by Postfix (for example, a From: header with UTF8 full name information from the password file). This caused Postfix to send UTF8 in message headers without using the SMTPUTF8 protocol. - update to 3.9.1 * The mail_version configuration parameter did not have a three-number value (3.9 instead of 3.9.0; it still had the two-number version from the development releases postfix-3.9-yyyymmdd). This broke pathnames derived from the mail_version value, such as shlib_directory. * Bugfix (defect introduced: Postfix 2.9, date 20111218): with "smtpd_sasl_auth_enable = no", the permit_sasl_authenticated feature ignored information that was received with the XCLIENT LOGIN command, so that the client was treated as unauthenticated. This was fixed by removing an unnecessary test. * Bugfix (defect introduced: postfix 3.0): the default master.cf syslog_name setting for the relay service did not preserve multi-instance information, which complicated logfile analysis. * Bugfix (defect introduced: Postfix 2.3, date 20051222): file descriptor leak after failure to connect to a Dovecot auth server. The impact is limited because Dovecot auth failures are rare, there are limits on the number of retries (one), on the number of errors per SMTP session (smtpd_hard_error_limit), on the number of sessions per SMTP server process (max_use), and on the number of file handles per process (managed with sysctl). * Bugfix (defect introduced: Postfix 3.4, date 20190121): the postsuper command failed with "open logfile '/path/to/file': Permission denied" when the maillog_file parameter specified a filename and Postfix was not running. This was fixed by opening the maillog_file before dropping root privileges. * Bugfix (defect introduced Postfix 3.0). No autodetection of UTF8 text when missing message headers were automatically added by Postfix (for example, a From: header with UTF8 full name information from the password file). This caused Postfix to send UTF8 in message headers without using the SMTPUTF8 protocol. Peter Varkoly 2024-12-20 16:01:24 +00:00
  • 20d0bdbb40 Accepting request 1202891 from server:mail Ana Guerrero 2024-09-25 19:52:35 +00:00
  • 1037c6b27b Adapt spec Peter Varkoly 2024-09-24 10:03:08 +00:00
  • fee3f5190a - Missing posttls-finger in postfix though changes mention it (bsc#1221501) Peter Varkoly 2024-09-24 08:48:37 +00:00
  • 27c5fadd5e Accepting request 1194618 from server:mail Ana Guerrero 2024-08-20 14:12:35 +00:00
  • b102dd3c5f - Remove rcpostfix symlink [jsc#PED-266] Peter Varkoly 2024-08-19 05:01:05 +00:00
  • b0126b714a Accepting request 1190939 from server:mail Dominique Leuenberger 2024-08-02 15:25:32 +00:00
  • f095145828 Adapt tarball. Remove bad content Peter Varkoly 2024-08-01 10:07:33 +00:00
  • 007aee8fe4 - postfix gives warnings about deprecated parameters (bsc#1225397) Peter Varkoly 2024-08-01 08:38:17 +00:00
  • 5e44cd1a28 Accepting request 1181563 from server:mail Ana Guerrero 2024-06-19 14:36:49 +00:00
  • 022da9e4a8 Fix for Invalid cross-device link (etc/localtime) Christian Wittmer 2024-06-18 18:57:02 +00:00
  • ab10e397c0 Accepting request 1180049 from server:mail Ana Guerrero 2024-06-12 13:37:44 +00:00
  • f8d0931c2c Accepting request 1180009 from home:adamm:branches:server:mail Peter Varkoly 2024-06-11 16:38:27 +00:00
  • f99e41ccac Accepting request 1175398 from server:mail Ana Guerrero 2024-05-21 16:33:12 +00:00
  • ea53e42589 Accepting request 1175397 from home:computersalat:devel:mail Christian Wittmer 2024-05-20 21:14:13 +00:00
  • bb1494b9b1 Accepting request 1174920 from server:mail Ana Guerrero 2024-05-20 16:09:43 +00:00
  • 0c726e5bd8 - config.postfix needs updating (bsc#1224207) * chkconfig -> systemctl * Link Cyrus lmtp only if this exsists * /usr/lib64/sasl2 does not need to exist * Fetch timezone via readlink from /etc/localtime Peter Varkoly 2024-05-17 15:50:58 +00:00
  • f86eea3b6a Accepting request 1173989 from server:mail Ana Guerrero 2024-05-16 15:12:37 +00:00
  • 113e4ff966 Accepting request 1156371 from home:adkorte:branches:server:mail Dirk Stoecker 2024-05-14 13:19:15 +00:00
  • 598d743825 Accepting request 1166904 from server:mail Ana Guerrero 2024-04-12 15:33:52 +00:00
  • b15c7168cb Accepting request 1165385 from home:crameleon:branches:server:mail Dirk Stoecker 2024-04-11 15:37:21 +00:00
  • c2d2e0fd28 Accepting request 1155598 from server:mail Dominique Leuenberger 2024-03-06 22:03:38 +00:00
  • 9152b407e9 Accepting request 1155290 from home:adkorte:branches:server:mail Christian Wittmer 2024-03-06 14:51:10 +00:00
  • 66bf7a3bca - %autosetup does not works with multiple -a. https://github.com/rpm-software-management/rpm/issues/1204 Peter Varkoly 2024-03-05 12:20:05 +00:00
  • ff08a1604f %autosetup does not works with muzltiple -a. https://github.com/rpm-software-management/rpm/issues/1204 Peter Varkoly 2024-03-04 17:02:40 +00:00
  • 27d3e54357 Accepting request 1153300 from home:dimstar:rpm4.20:p Peter Varkoly 2024-03-01 13:55:29 +00:00
  • 2b38261f7f Accepting request 1145294 from server:mail Ana Guerrero 2024-02-09 22:51:52 +00:00
  • 3582bebe7f Accepting request 1143513 from home:computersalat:devel:mail Christian Wittmer 2024-02-08 20:14:21 +00:00
  • a769588ed4 Accepting request 1141719 from server:mail Ana Guerrero 2024-01-26 21:46:24 +00:00
  • c374251561 Accepting request 1141039 from home:adkorte:branches:server:mail Peter Varkoly 2024-01-26 11:14:49 +00:00
  • 8fbead0066 Accepting request 1139868 from server:mail Ana Guerrero 2024-01-19 22:00:27 +00:00
  • d901fa0eec Adapt postfix-bdb.changes Peter Varkoly 2024-01-19 08:21:19 +00:00
  • 5e9aed10f3 Accepting request 1139680 from server:mail Ana Guerrero 2024-01-18 20:52:46 +00:00
  • 2dbf2d0cc3 Add missed bugnumbers bsc#1218304, bsc#1218314 CVE-2023-51764, SMTP smuggling attack: "warning: Unexpected record type 'X'. (bsc#1213515) Peter Varkoly 2024-01-18 10:54:23 +00:00
  • 9c7e568120 Accepting request 1135431 from server:mail Ana Guerrero 2023-12-28 21:55:13 +00:00
  • 07cc4efcf2 - update default configuration to enable the long-term fix for bsc#1218304, CVE-2023-51764, SMTP smuggling attack: * smtpd_forbid_bare_newline = yes * smtpd_forbid_bare_newline_exclusions = $mynetworks Dirk Mueller 2023-12-28 07:59:42 +00:00
  • c16d431d15 https://www.postfix.org/smtp-smuggling.html Dirk Mueller 2023-12-28 07:52:52 +00:00
  • 3beb1cfdfa - update to 3.8.4 (bsc#1218304, CVE-2023-51764): - Syntax error in update_postmaps script (bsc#1216061) (bsc#1215372) (bsc#1192314) Adapt proposed change: using "cp -afL" by copying. Define HAS_CLOSEFROM (bsc#1189101) (bsc#1188477) (bsc#1066854) For more see /usr/share/doc/packages/postfix/RELEASE_NOTES (bsc#1181381) [Build 130.3] openQA test fails in mta, mutt - postfix broken: "queue file write error" and "error: unsupported - bsc#1176650 L3: What is regularly triggering the "fillup" o add patch for main.cf for postfix-bdb package - Delete postfix-SUSE/README.SuSE, company name spelled wrong, - bsc#1162891 server:mail/postfix: cond_slp bug on TW after - bsc#1160413 postfix fails with -fno-common - bsc#1142881 - mkpostfixcert from Postfix still uses md o Major changes Postfix 3.4.4 fixes both. o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty - Replace references to /var/adm/fillup-templates with new - bnc#1059512 L3: Postfix Problem seems to be obsolete) * recover lost (with 3.2.0 update) submission, smtps sections - update to 3.1.4 - bnc#981097 config.postfix creates broken main.cf for tls client configuration (no "mailq" equivalent). smtp_transport_rate_delay = 20s missed opportunities to block new spambots. Dirk Mueller 2023-12-28 07:51:56 +00:00
  • c3f137b035 Accepting request 1134744 from server:mail Ana Guerrero 2023-12-25 18:04:37 +00:00
  • f5d59b2e1a Accepting request 1134660 from home:adkorte:branches:server:mail Dirk Stoecker 2023-12-23 12:46:31 +00:00
  • ee36226d59 Accepting request 1125117 from server:mail Ana Guerrero 2023-11-13 21:15:44 +00:00
  • 8589a4f33c Accepting request 1123266 from home:adkorte:branches:server:mail Christian Wittmer 2023-11-10 20:26:00 +00:00
  • 047f46a5b0 Accepting request 1119557 from home:varkoly:branches:server:mail Christian Wittmer 2023-11-10 20:23:39 +00:00
  • 7b1093f46b Accepting request 1105486 from server:mail Ana Guerrero 2023-08-30 08:17:39 +00:00
  • 8bc4ea53a3 Accepting request 1104009 from home:varkoly:branches:server:mail Christian Wittmer 2023-08-23 13:13:01 +00:00
  • 509f380a9d Accepting request 1091332 from server:mail Dominique Leuenberger 2023-06-08 19:41:58 +00:00
  • 86dd8b74e2 Accepting request 1091141 from home:adkorte:branches:server:mail Christian Wittmer 2023-06-07 18:25:08 +00:00
  • d80575d12d Accepting request 1084622 from server:mail Dominique Leuenberger 2023-05-05 13:56:56 +00:00
  • c0b28cad1b Accepting request 1084610 from home:dimstar:Factory Dirk Mueller 2023-05-04 11:34:21 +00:00
  • b5c961f917 Accepting request 1083347 from server:mail Dominique Leuenberger 2023-04-29 15:27:37 +00:00
  • e9b4a7071e Accepting request 1080180 from home:adkorte:branches:server:mail Dirk Mueller 2023-04-27 21:59:58 +00:00
  • 54a1b1d26c Accepting request 1069659 from server:mail Dominique Leuenberger 2023-03-07 15:49:00 +00:00
  • 8d5a3b42e3 Accepting request 1067720 from home:ohollmann:branches:server:mail Dirk Mueller 2023-03-06 14:29:24 +00:00
  • 41eaaa783d Accepting request 1065999 from server:mail Dominique Leuenberger 2023-02-17 15:43:34 +00:00
  • d13927abf8 Accepting request 1064225 from home:varkoly:branches:server:mail Dirk Stoecker 2023-02-15 17:14:21 +00:00
  • 6311d34c7d Accepting request 1062948 from server:mail Dominique Leuenberger 2023-02-04 13:11:01 +00:00
  • 8ac365ae02 Accepting request 1060935 from home:kukuk:branches:server:mail Dirk Stoecker 2023-02-02 20:10:19 +00:00
  • 3f35e5138c Accepting request 1060048 from server:mail Dominique Leuenberger 2023-01-23 17:30:29 +00:00
  • 629ddc925c Accepting request 1059362 from home:cahu:branches:server:mail Dirk Mueller 2023-01-20 22:33:15 +00:00
  • 68e78522d0 Accepting request 1039754 from server:mail Dominique Leuenberger 2022-12-04 13:57:55 +00:00
  • 3cb9d1d661 Accepting request 1035682 from home:varkoly:branches:server:mail Dirk Mueller 2022-12-03 07:52:41 +00:00
  • d07dcc51f5 Accepting request 1009796 from server:mail Dominique Leuenberger 2022-10-18 10:44:11 +00:00
  • f816fef488 Accepting request 1009091 from home:stroeder:network Dirk Mueller 2022-10-11 12:45:42 +00:00
  • 36307d9eda Accepting request 1001406 from home:lnussel:branches:server:mail Dirk Mueller 2022-09-12 07:27:24 +00:00
  • 8da5c71a07 Accepting request 993129 from server:mail Dominique Leuenberger 2022-08-10 15:13:11 +00:00
  • 0988bf1191 Accepting request 993128 from home:computersalat:devel:mail Christian Wittmer 2022-08-04 19:15:39 +00:00
  • 9a446b8a1a Accepting request 993126 from home:computersalat:devel:mail Christian Wittmer 2022-08-04 19:12:07 +00:00
  • 95b653935f Accepting request 989467 from home:computersalat:devel:mail Christian Wittmer 2022-08-04 10:20:32 +00:00
  • 3e2a15c3af Accepting request 976135 from server:mail Dominique Leuenberger 2022-05-12 20:57:42 +00:00
  • d11a128043 Accepting request 976132 from home:computersalat:devel:mail Christian Wittmer 2022-05-10 20:19:23 +00:00
  • a24981fe02 Accepting request 975425 from home:computersalat:devel:mail Dirk Mueller 2022-05-10 08:10:05 +00:00
  • f3bc37b972 Accepting request 974326 from server:mail Dominique Leuenberger 2022-05-04 13:10:28 +00:00
  • cc93324b44 Accepting request 974304 from home:dimstar:Factory Dirk Mueller 2022-05-02 07:43:46 +00:00
  • a4190d1648 Accepting request 972802 from server:mail Dominique Leuenberger 2022-04-28 21:07:02 +00:00
  • 12c92483e5 Accepting request 972625 from home:darix:branches:server:mail Peter Varkoly 2022-04-26 09:14:00 +00:00
  • 9cf4d8a4c0 Accepting request 970668 from server:mail Dominique Leuenberger 2022-04-22 19:52:27 +00:00
  • d900e5c0e6 Accepting request 970635 from home:stroeder:network Dirk Mueller 2022-04-19 06:47:52 +00:00
  • 828a5f30ce Accepting request 968129 from server:mail Dominique Leuenberger 2022-04-12 19:43:14 +00:00
  • 8308be11bf Accepting request 965609 from home:13ilya Dirk Mueller 2022-04-10 09:27:44 +00:00
  • e8c4e4ac0b Accepting request 966767 from home:varkoly:branches:server:mail Dirk Mueller 2022-04-10 09:06:45 +00:00
  • ac9252563c OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=436 Dirk Mueller 2022-03-21 18:40:38 +00:00
  • 6e3bebe1e4 Accepting request 962959 from home:stroeder:network Dirk Mueller 2022-03-21 07:46:38 +00:00
  • cd3bc3bb7d Accepting request 961622 from home:varkoly:branches:server:mail Christian Wittmer 2022-03-14 13:43:07 +00:00
  • 7fba73831c Accepting request 952888 from home:varkoly:branches:server:mail Dirk Stoecker 2022-02-12 22:28:29 +00:00
  • 81f10f3589 Accepting request 947313 from home:stroeder:network Peter Varkoly 2022-01-19 09:45:48 +00:00
  • b4e9907563 Accepting request 930186 from home:stroeder:network Michael Ströder 2021-11-08 14:00:32 +00:00
  • 9e7b01830a https://bugzilla.opensuse.org/show_bug.cgi?id=1191988 Dominique Leuenberger 2021-10-25 06:50:28 +00:00
  • 83e4f58fbd Accepting request 926927 from server:mail Dominique Leuenberger 2021-10-23 21:13:48 +00:00
  • 36f3233e93 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=430 Michael Ströder 2021-10-22 10:14:11 +00:00
  • 0eb4d6cbfe Accepting request 926909 from home:dstoecker:branches:server:mail Michael Ströder 2021-10-22 10:12:06 +00:00
  • 2731001218 Accepting request 926889 from home:jsegitz:branches:server:mail Michael Ströder 2021-10-22 09:07:48 +00:00
  • 57bbfe9be1 Accepting request 926873 from home:jsegitz:branches:systemdhardening:server:mail Michael Ströder 2021-10-22 07:56:31 +00:00
  • 14d0200ad8 Accepting request 924493 from server:mail Dominique Leuenberger 2021-10-12 19:48:24 +00:00
  • b3ac63acaf Accepting request 923660 from home:varkoly:branches:server:mail Michael Ströder 2021-10-09 23:54:43 +00:00
  • fa4b4865b5 Accepting request 915779 from server:mail Dominique Leuenberger 2021-09-04 20:32:13 +00:00
  • d21e606c3e Accepting request 914312 from server:mail Dominique Leuenberger 2021-08-28 20:28:43 +00:00
  • c79a3d4b0b - postfix master.cf: to include "submissions" service (bsc#1189684) Adapt master.cf patch Peter Varkoly 2021-08-26 14:07:15 +00:00