6c8f34c68d
- update to 3.2.3 * Extension propagation was broken with "recipient_delimiter = .". This change reverts a change that was trying to be too clever. * The postqueue command would abort with a panic message after it experienced an output write error while listing the mail queue. This change restores a write error check that was lost with the Postfix 3.2 rewrite of the vbuf_print formatter. * Restored sanity checks for dynamically-specified width and precision in format strings (%*, %.*, and %*.*). These checks were lost with the Postfix 3.2 rewrite of the vbuf_print formatter. OBS-URL: https://build.opensuse.org/request/show/528692 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=275
4317 lines
175 KiB
Plaintext
4317 lines
175 KiB
Plaintext
-------------------------------------------------------------------
|
||
Mon Sep 25 16:25:05 UTC 2017 - michael@stroeder.com
|
||
|
||
- update to 3.2.3
|
||
* Extension propagation was broken with "recipient_delimiter = .".
|
||
This change reverts a change that was trying to be too clever.
|
||
* The postqueue command would abort with a panic message after it
|
||
experienced an output write error while listing the mail queue.
|
||
This change restores a write error check that was lost with the
|
||
Postfix 3.2 rewrite of the vbuf_print formatter.
|
||
* Restored sanity checks for dynamically-specified width and precision
|
||
in format strings (%*, %.*, and %*.*). These checks were lost with
|
||
the Postfix 3.2 rewrite of the vbuf_print formatter.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 17 08:56:15 CEST 2017 - kukuk@suse.de
|
||
|
||
- Add libnsl-devel build requires for glibc obsoleting libnsl
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 27 10:31:01 UTC 2017 - varkoly@suse.com
|
||
|
||
- bnc#1045264 L3: postmap problem
|
||
* Applying proposed patch of leen.meyer@ziggo.nl in bnc#771811
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 16 17:45:55 UTC 2017 - michael@stroeder.com
|
||
|
||
- update to 3.2.2
|
||
* Security: Berkeley DB versions 2 and later try to read settings
|
||
from a file DB_CONFIG in the current directory. This undocumented
|
||
feature may introduce undisclosed vulnerabilities resulting in
|
||
privilege escalation with Postfix set-gid programs (postdrop,
|
||
postqueue) before they chdir to the Postfix queue directory,
|
||
and with the postmap and postalias commands depending on whether
|
||
the user's current directory is writable by other users. This
|
||
fix does not change Postfix behavior for Berkeley DB versions
|
||
< 3, but it does reduce postmap and postalias 'create' performance
|
||
with Berkeley DB versions 3.0 .. 4.6.
|
||
* The SMTP server receive_override_options were not restored at
|
||
the end of an SMTP session, after the options were modified by
|
||
an smtpd_milter_maps setting of "DISABLE". Milter support
|
||
remained disabled for the life time of the smtpd process.
|
||
* After the Postfix 3.2 address/domain table lookup overhaul, the
|
||
check_sender_access and check_recipient_access features ignored
|
||
a non-default parent_domain_matches_subdomains setting.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 19 20:36:03 UTC 2017 - chris@computersalat.de
|
||
|
||
- revert changes of postfix-main.cf.patch from rev=261
|
||
* config.postfix will not 'enable' (remove #) var, but place
|
||
modified (enabled) var at end of file, far away from place
|
||
where it should be
|
||
* keep vars enabled but empty
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 13 09:18:45 UTC 2017 - werner@suse.de
|
||
|
||
- Some cleanups
|
||
* Fix SUSE postfix-files to avoid chown errors (anyway this file
|
||
seems to be obsolete)
|
||
* Avoid installing shared libraries twice
|
||
* Refresh patch postfix-linux45.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Apr 8 15:06:14 UTC 2017 - chris@computersalat.de
|
||
|
||
- update postfix-master.cf.patch
|
||
* recover lost (with 3.2.0 update) submission, smtps sections
|
||
* merge with upstream update
|
||
- update config.postfix
|
||
* update master.cf generation for submission
|
||
- rebase patches against 3.2.0
|
||
* pointer_to_literals.patch
|
||
* postfix-no-md5.patch
|
||
* postfix-ssl-release-buffers.patch
|
||
* postfix-vda-v14-3.0.3.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 20 18:01:36 CET 2017 - kukuk@suse.de
|
||
|
||
- Require system group mail
|
||
- Use mail group name instead of GID
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 6 21:27:38 UTC 2017 - mrueckert@suse.de
|
||
|
||
- update to 3.2.0
|
||
- [Feature 20170128] Postfix 3.2 fixes the handling of address
|
||
extensions with email addresses that contain spaces. For
|
||
example, the virtual_alias_maps, canonical_maps, and
|
||
smtp_generic_maps features now correctly propagate an address
|
||
extension from "aa bb+ext"@example.com to "cc
|
||
dd+ext"@other.example, instead of producing broken output.
|
||
- [Feature 20161008] "PASS" and "STRIP" actions in
|
||
header/body_checks. "STRIP" is similar to "IGNORE" but also
|
||
logs the action, and "PASS" disables header, body, and Milter
|
||
inspection for the remainder of the message content.
|
||
Contributed by Hobbit.
|
||
- [Feature 20160330] The collate.pl script by Viktor Dukhovni for
|
||
grouping Postfix logfile records into "sessions" based on queue
|
||
ID and process ID information. It's in the auxiliary/collate
|
||
directory of the Postfix source tree.
|
||
- [Feature 20160527] Postfix 3.2 cidr tables support if/endif and
|
||
negation (by prepending ! to a pattern), just like regexp and
|
||
pcre tables. The primarily purpose is to improve readability
|
||
of complex tables. See the cidr_table(5) manpage for syntax
|
||
details.
|
||
- [Incompat 20160925] In the Postfix MySQL database client, the
|
||
default option_group value has changed to "client", to enable
|
||
reading of "client" option group settings in the MySQL options
|
||
file. This fixes a "not found" problem with Postfix queries
|
||
that contain UTF8-encoded non-ASCII text. Specify an empty
|
||
option_group value (option_group =) to get backwards-compatible
|
||
behavior.
|
||
- [Feature 20161217] Stored-procedure support for MySQL
|
||
databases. Contributed by John Fawcett. See mysql_table(5) for
|
||
instructions.
|
||
- [Feature 20170128] The postmap command, and the inline: and
|
||
texthash: maps now support spaces in left-hand field of the
|
||
lookup table "source text". Use double quotes (") around a
|
||
left-hand field that contains spaces, and use backslash (\) to
|
||
protect embedded quotes in a left-hand field. There is no
|
||
change in the processing of the right-hand field.
|
||
- [Feature 20160611] The Postfix SMTP server local IP address and
|
||
port are available in the policy delegation protocol (attribute
|
||
names: server_address, server_port), in the Milter protocol
|
||
(macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
|
||
protocol (attribute names: DESTADDR, DESTPORT).
|
||
- [Feature 20161024] smtpd_milter_maps support for per-client
|
||
Milter configuration that overrides smtpd_milters, and that has
|
||
the same syntax. A lookup result of "DISABLE" turns off Milter
|
||
support. See MILTER_README.html for details.
|
||
- [Feature 20160611] The Postfix SMTP server local IP address and
|
||
port are available in the policy delegation protocol (attribute
|
||
names: server_address, server_port), in the Milter protocol
|
||
(macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
|
||
protocol (attribute names: DESTADDR, DESTPORT).
|
||
- [Incompat 20170129] The postqueue command no longer forces all
|
||
message arrival times to be reported in UTC. To get the old
|
||
behavior, set TZ=UTC in main.cf:import_environment (this
|
||
override is not recommended, as it affects all Postfix utities
|
||
and daemons).
|
||
- [Incompat 20161227] For safety reasons, the sendmail -C option
|
||
must specify an authorized directory: the default configuration
|
||
directory, a directory that is listed in the default main.cf
|
||
file with alternate_config_directories or
|
||
multi_instance_directories, or the command must be invoked with
|
||
root privileges (UID 0 and EUID 0). This mitigates a recurring
|
||
problem with the PHP mail() function.
|
||
- [Feature 20160625] The Postfix SMTP server now passes remote
|
||
client and local server network address and port information to
|
||
the Cyrus SASL library. Build with ``make makefiles
|
||
"CCARGS=$CCARGS -DNO_IP_CYRUS_SASL_AUTH"'' for backwards
|
||
compatibility.
|
||
- [Feature 20161103] Postfix 3.2 disables the 'transitional'
|
||
compatibility between the IDNA2003 and IDNA2008 standards for
|
||
internationalized domain names (domain names beyond the limits
|
||
of US-ASCII).
|
||
|
||
This change makes Postfix behavior consistent with contemporary
|
||
web browsers. It affects the handling of some corner cases such
|
||
as German sz and Greek zeta. See
|
||
http://unicode.org/cldr/utility/idna.jsp for more examples.
|
||
|
||
Specify "enable_idna2003_compatibility = yes" to restore
|
||
historical behavior (but keep in mind that the rest of the
|
||
world may not make that same choice).
|
||
- [Feature 20160828] Fixes for deprecated OpenSSL 1.1.0 API
|
||
features, so that Postfix will build without depending on
|
||
backwards-compatibility support.
|
||
|
||
[Incompat 20161204] Postfix 3.2 removes tentative features that
|
||
were implemented before the DANE spec was finalized:
|
||
|
||
- Support for certificate usage PKIX-EE(1),
|
||
|
||
- The ability to disable digest agility (Postfix now behaves as
|
||
if "tls_dane_digest_agility = on"), and
|
||
|
||
- The ability to disable support for "TLSA 2 [01] [12]" records
|
||
that specify the digest of a trust anchor (Postfix now
|
||
behaves as if "tls_dane_trust_anchor_digest_enable = yes).
|
||
- [Feature 20161217] Postfix 3.2 enables elliptic curve
|
||
negotiation with OpenSSL >= 1.0.2. This changes the default
|
||
smtpd_tls_eecdh_grade setting to "auto", and introduces a new
|
||
parameter tls_eecdh_auto_curves with the names of curves that
|
||
may be negotiated.
|
||
|
||
The default tls_eecdh_auto_curves setting is determined at
|
||
compile time, and depends on the Postfix and OpenSSL versions.
|
||
At runtime, Postfix will skip curve names that aren't supported
|
||
by the OpenSSL library.
|
||
- [Feature 20160611] The Postfix SMTP server local IP address and
|
||
port are available in the policy delegation protocol (attribute
|
||
names: server_address, server_port), in the Milter protocol
|
||
(macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
|
||
protocol (attribute names: DESTADDR, DESTPORT).
|
||
- refresh postfix-master.cf.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 6 14:04:13 UTC 2017 - wr@rosenauer.org
|
||
|
||
- make sure that system users can be created in %pre
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Feb 18 14:01:35 UTC 2017 - kukuk@suse.com
|
||
|
||
- Fix requires:
|
||
- shadow is needed for postfix-mysql pre-install section
|
||
- insserv is not needed if systemd is used
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Jan 21 23:27:34 UTC 2017 - chris@computersalat.de
|
||
|
||
- update postfix-mysql
|
||
* update mysql_*.cf files
|
||
* update postfix-mysql.sql (INNODB, utf8)
|
||
- update postfix-main.cf.patch
|
||
* uncomment smtpd_sasl_path, smtpd_sasl_type
|
||
can be changed via POSTFIX_SMTP_AUTH_SERVICE=(cyrus,dovecot)
|
||
* add option for smtp_tls_policy_maps (commented)
|
||
- update postfix-master.cf.patch
|
||
* fix indentation of submission, smtps options for correct
|
||
enabling via config.postfix
|
||
- update config.postfix
|
||
* fix sync of CA certificates
|
||
* fix master.cf generation for submission, smtps
|
||
- rebase postfix-vda-v14-3.0.3.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 11 14:07:35 UTC 2017 - varkoly@suse.com
|
||
|
||
- FATE#322322 Update postfix to version 3.X
|
||
Merging changes with SLES12-SP2
|
||
Removeved patches: add_missed_library.patch bnc#947707.diff dynamic_maps.patch postfix-db6.diff
|
||
postfix-opensslconfig.patch bnc#947519.diff dynamic_maps_pie.patch
|
||
postfix-post-install.patch
|
||
These are included in the new version of postfix
|
||
- Remove references to SuSEconfig.postfix from sysconfig docs.
|
||
(bsc#871575)
|
||
- bnc#947519 SuSEconfig.postfix should enforce umask 022
|
||
- bnc#947707 mail generated by Amavis being prevented from being re-adressed by /etc/postfix/virtual
|
||
- bnc#972346 /usr/sbin/SuSEconfig.postfix is wrong
|
||
- postfix-linux45.patch: handle Linux 4.x and Linux 5.x (used by aarch64)
|
||
(bsc#940289)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 3 12:20:18 UTC 2017 - varkoly@suse.com
|
||
|
||
- update to 3.1.4
|
||
* The postscreen daemon did not merge the client test status information
|
||
for concurrent sessions from the same IP address.
|
||
* The Postfix SMTP server falsely rejected a sender address when validating
|
||
a sender address with "smtpd_reject_unlisted_recipient = yes" or with
|
||
"reject_unlisted_sender". Cause: the address validation code did not query sender_canonical_maps.
|
||
* The virtual delivery agent did not detect failure to skip to the end
|
||
of a mailbox file, so that mail would be delivered to the beginning of the file.
|
||
This could happen when a mailbox file was already larger than the virtual mailbox size limit.
|
||
* The postsuper logged an incorrect rename operation count after creating a missing directory.
|
||
* The Postfix SMTP server falsely rejected mail when a sender-dependent "error"
|
||
transport was configured. Cause: the SMTP server address validation code
|
||
was not updated when the sender_dependent_default_transport_maps feature
|
||
was introduced.
|
||
* The Postfix SMTP server falsely rejected an SMTPUTF8 sender address, when "smtpd_delay_reject = no".
|
||
* The "postfix tls deploy-server-cert" command used the wrong certificate
|
||
and key file. This was caused by a cut-and-paste error in the postfix-tls-script file.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Nov 26 15:43:57 UTC 2016 - chris@computersalat.de
|
||
|
||
- improve config.postfix
|
||
* improve SASL stuff
|
||
* add POSTFIX_SMTP_AUTH_SERVICE=(cyrus|dovecot)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 14 21:53:18 UTC 2016 - chris@computersalat.de
|
||
|
||
- improve config.postfix
|
||
* improve with MySQL stuff
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 7 13:35:38 UTC 2016 - chris@computersalat.de
|
||
|
||
- update vda patch to latest available
|
||
* remove postfix-vda-v13-3.10.0.patch
|
||
* add postfix-vda-v14-3.0.3.patch
|
||
- rebase patches (and to be p0)
|
||
* pointer_to_literals.patch
|
||
* postfix-main.cf.patch
|
||
* postfix-master.cf.patch
|
||
* postfix-no-md5.patch
|
||
* postfix-ssl-release-buffers.patch
|
||
- add /etc/postfix/ssl as default DIR for SSL stuff
|
||
* cacerts -> ../../ssl/certs/
|
||
* certs/
|
||
- revert POSTFIX_SSL_PATH from '/etc/ssl' to '/etc/postfix/ssl'
|
||
- improve config.postfix
|
||
* revert smtpd_tls_CApath to POSTFIX_SSL_PATH/cacerts which is a
|
||
symlink to /etc/ssl/certs
|
||
Without reverting, 'gen_CA' would create files which would then be on
|
||
the previous defined 'sslpath(/etc/ssl)/certs' (smtpd_tls_CApath)
|
||
Cert reqs would be placed in 'sslpath(/etc/ssl)/certs/postfixreq.pem'
|
||
which is not a good idea.
|
||
* mkchroot: sync '/etc/postfix/ssl' to chroot
|
||
* improve PCONF for smtp{,d}_tls_{cert,key}_file, adding/removing from
|
||
main.cf, show warning if enabled and file is missing
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Oct 9 20:11:34 UTC 2016 - michael@stroeder.com
|
||
|
||
- update to 3.1.3:
|
||
* The Postfix SMTP server did not reset a previous session's
|
||
failed/total command counts before rejecting a client that
|
||
exceeds request or concurrency rates. This resulted in incorrect
|
||
failed/total command counts being logged at the end of the
|
||
rejected session.
|
||
* The unionmap multi-table interface did not propagate table
|
||
lookup errors, resulting in false "user unknown" responses.
|
||
* The documentation was updated with a workaround for false "not
|
||
found" errors with MySQL map queries that contain UTF8-encoded
|
||
text. The workaround is to specify "option_group = client" in
|
||
Postfix MySQL configuration files. This will be the default
|
||
setting with Postfix 3.2 and later.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Sep 4 15:33:27 UTC 2016 - michael@stroeder.com
|
||
|
||
- update to 3.1.2:
|
||
* Changes to make Postfix build with OpenSSL 1.1.0.
|
||
* The makedefs script ignored readme_directory=pathname overrides.
|
||
Fix by Todd C. Olson.
|
||
* The tls_session_ticket_cipher documentation says that the default
|
||
cipher for TLS session tickets is aes-256-cbc, but the implemented
|
||
default was aes-128-cbc. Note that TLS session ticket keys are
|
||
rotated after 1/2 hour, to limit the impact of attacks on session
|
||
ticket keys.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 2 12:26:17 UTC 2016 - schwab@suse.de
|
||
|
||
- postfix-post-install.patch: remove empty patch
|
||
|
||
-------------------------------------------------------------------
|
||
Sun May 29 16:45:30 UTC 2016 - chris@computersalat.de
|
||
|
||
- fix Changelog cause of Factory decline
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 24 13:18:55 UTC 2016 - varkoly@suse.com
|
||
|
||
- Fix typo in config.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 24 04:29:41 UTC 2016 - varkoly@suse.com
|
||
|
||
- bnc#981097 config.postfix creates broken main.cf for tls client configuration
|
||
- bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete
|
||
- update to 3.1.1:
|
||
- The new address_verify_pending_request_limit
|
||
parameter introduces a safety limit for the number of address
|
||
verification probes in the active queue. The default limit is 1/4
|
||
of the active queue maximum size. The queue manager enforces the
|
||
limit by tempfailing probe messages that exceed the limit. This
|
||
design avoids dependencies on global counters that get out of sync
|
||
after a process or system crash.
|
||
- Machine-readable, JSON-formatted queue listing with "postqueue -j"
|
||
(no "mailq" equivalent).
|
||
- The milter_macro_defaults feature provides an optional list of macro
|
||
name=value pairs. These specify default values for Milter macros when
|
||
no value is available from the SMTP session context.
|
||
- Support to enforce a destination-independent delay between email
|
||
deliveries. The following example inserts 20 seconds of delay
|
||
between all deliveries with the SMTP transport, limiting the delivery
|
||
rate to at most three messages per minute.
|
||
smtp_transport_rate_delay = 20s
|
||
- Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
|
||
that a "not found" result from a DNSBL server will be valid for one
|
||
hour. This may have been adequate five years ago when postscreen
|
||
was first implemented, but nowadays, that one hour can result in
|
||
missed opportunities to block new spambots.
|
||
To address this, postscreen now respects the TTL of DNSBL "not
|
||
found" replies, as well as the TTL of DNSWL replies (both "found"
|
||
and "not found"). The TTL for a "not found" reply is determined
|
||
according to RFC 2308 (the TTL of an SOA record in the reply).
|
||
|
||
Support for DNSBL or DNSWL reply TTL values is controlled by two
|
||
configuration parameters:
|
||
|
||
postscreen_dnsbl_min_ttl (default: 60 seconds).
|
||
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
|
||
|
||
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
|
||
the default value for the new postscreen_dnsbl_max_ttl parameter.
|
||
- New "smtpd_client_auth_rate_limit" feature, to
|
||
enforce an optional rate limit on AUTH commands per SMTP client IP
|
||
address. Similar to other smtpd_client_*_rate_limit features, this
|
||
enforces a limit on the number of requests per $anvil_rate_time_unit.
|
||
- New SMTPD policy service attribute "policy_context",
|
||
with a corresponding "smtpd_policy_service_policy_context" configuration
|
||
parameter. Originally, this was implemented to share the same SMTPD
|
||
policy service endpoint among multiple check_policy_service clients.
|
||
- A new "postfix tls" command to quickly enable opportunistic TLS
|
||
in the Postfix SMTP client or server, and to manage SMTP server keys
|
||
and certificates, including certificate signing requests and
|
||
TLSA DNS records for DANE.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 19 07:59:32 UTC 2016 - opensuse@dstoecker.de
|
||
|
||
- build with working support for SMTPUTF8
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Mar 20 14:11:27 UTC 2016 - mrueckert@suse.de
|
||
|
||
- fix build on sle11 by pointing _libexecdir to /usr/lib all the
|
||
time.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Mar 20 13:46:56 UTC 2016 - mrueckert@suse.de
|
||
|
||
- some distros did not pull pkgconfig indirectly. pull it directly.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Mar 20 08:19:23 UTC 2016 - mrueckert@suse.de
|
||
|
||
- fix building the dynamic maps: the old build had postgresql e.g.
|
||
with missing symbols.
|
||
- convert to AUXLIBS_* instead of plain AUXLIBS which is needed
|
||
for proper dynamic maps.
|
||
- reordered the CCARGS and AUXLIBS* lines to group by feature
|
||
- use pkgconfig or *_config tools where possible
|
||
- picked up signed char from fedora spec file
|
||
- enable lmdb support: new BR lmdb-devel, new subpackage
|
||
postfix-lmdb.
|
||
- don't delete vmail user/groups
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 9 13:06:35 UTC 2016 - varkoly@suse.com
|
||
|
||
- update to 3.1.0
|
||
- Since version 3.0 postfix supports dynamic loading of cdb:, ldap:,
|
||
lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients.
|
||
Thats why the patches dynamic_maps.patch and dynamic_maps_pie.patch
|
||
could be removed.
|
||
- Adapting all the patches to postfix 3.1.0
|
||
- remove obsolete patches
|
||
* add_missed_library.patch
|
||
* postfix-opensslconfig.patch
|
||
- update vda patch
|
||
* remove postfix-vda-v13-2.10.0.patch
|
||
* add postfix-vda-v13-3.10.0.patch
|
||
- The patch postfix-db6.diff is not more neccessary
|
||
|
||
- Backwards-compatibility safety net.
|
||
With NEW Postfix installs, you MUST install a main.cf file with
|
||
the setting "compatibility_level = 2". See conf/main.cf for an
|
||
example.
|
||
|
||
With UPGRADES of existing Postfix systems, you MUST NOT change the
|
||
main.cf compatibility_level setting, nor add this setting if it
|
||
does not exist.
|
||
|
||
Several Postfix default settings have changed with Postfix 3.0. To
|
||
avoid massive frustration with existing Postfix installations,
|
||
Postfix 3.0 comes with a safety net that forces Postfix to keep
|
||
running with backwards-compatible main.cf and master.cf default
|
||
settings. This safety net depends on the main.cf compatibility_level
|
||
setting (default: 0). Details are in COMPATIBILITY_README.
|
||
|
||
- Major changes - tls
|
||
* [Feature 20160207] A new "postfix tls" command to quickly enable
|
||
opportunistic TLS in the Postfix SMTP client or server, and to
|
||
manage SMTP server keys and certificates, including certificate
|
||
signing requests and TLSA DNS records for DANE.
|
||
* As of the middle of 2015, all supported Postfix releases no longer
|
||
nable "export" grade ciphers for opportunistic TLS, and no longer
|
||
use the deprecated SSLv2 and SSLv3 protocols for mandatory or
|
||
opportunistic TLS.
|
||
* [Incompat 20150719] The default Diffie-Hellman non-export prime was
|
||
updated from 1024 to 2048 bits, because SMTP clients are starting
|
||
to reject TLS handshakes with primes smaller than 2048 bits.
|
||
* [Feature 20160103] The Postfix SMTP client by default enables DANE
|
||
policies when an MX host has a (DNSSEC) secure TLSA DNS record,
|
||
even if the MX DNS record was obtained with insecure lookups. The
|
||
existence of a secure TLSA record implies that the host wants to
|
||
talk TLS and not plaintext. For details see the
|
||
smtp_tls_dane_insecure_mx_policy configuration parameter.
|
||
|
||
- Major changes - default settings
|
||
[Incompat 20141009] The default settings have changed for relay_domains
|
||
(new: empty, old: $mydestination) and mynetworks_style (new: host,
|
||
old: subnet). However the backwards-compatibility safety net will
|
||
prevent these changes from taking effect, giving the system
|
||
administrator the option to make an old default setting permanent
|
||
in main.cf or to adopt the new default setting, before turning off
|
||
backwards compatibility. See COMPATIBILITY_README for details.
|
||
|
||
[Incompat 20141001] A new backwards-compatibility safety net forces
|
||
Postfix to run with backwards-compatible main.cf and master.cf
|
||
default settings after an upgrade to a newer but incompatible Postfix
|
||
version. See COMPATIBILITY_README for details.
|
||
|
||
While the backwards-compatible default settings are in effect,
|
||
Postfix logs what services or what email would be affected by the
|
||
incompatible change. Based on this the administrator can make some
|
||
backwards-compatibility settings permanent in main.cf or master.cf,
|
||
before turning off backwards compatibility.
|
||
|
||
- Major changes - address verification safety
|
||
[Feature 20151227] The new address_verify_pending_request_limit
|
||
parameter introduces a safety limit for the number of address
|
||
verification probes in the active queue. The default limit is 1/4
|
||
of the active queue maximum size. The queue manager enforces the
|
||
limit by tempfailing probe messages that exceed the limit. This
|
||
design avoids dependencies on global counters that get out of sync
|
||
after a process or system crash.
|
||
|
||
Tempfailing verify requests is not as bad as one might think. The
|
||
Postfix verify cache proactively updates active addresses weeks
|
||
before they expire. The address_verify_pending_request_limit affects
|
||
only unknown addresses, and inactive addresses that have expired
|
||
from the address verify cache (by default, after 31 days).
|
||
|
||
- Major changes - json support
|
||
[Feature 20151129] Machine-readable, JSON-formatted queue listing
|
||
with "postqueue -j" (no "mailq" equivalent). The output is a stream
|
||
of JSON objects, one per queue file. To simplify parsing, each
|
||
JSON object is formatted as one text line followed by one newline
|
||
character. See the postqueue(1) manpage for a detailed description
|
||
of the output format.
|
||
|
||
- Major changes - milter support
|
||
[Feature 20150523] The milter_macro_defaults feature provides an
|
||
optional list of macro name=value pairs. These specify default
|
||
values for Milter macros when no value is available from the SMTP
|
||
session context.
|
||
|
||
For example, with "milter_macro_defaults = auth_type=TLS", the
|
||
Postfix SMTP server will send an auth_type of "TLS" to a Milter,
|
||
unless the remote client authenticates with SASL.
|
||
|
||
This feature was originally implemented for a submission service
|
||
that may authenticate clients with a TLS certificate, without having
|
||
to make changes to the code that implements TLS support.
|
||
|
||
- Major changes - output rate control
|
||
|
||
[Feature 20150710] Destination-independent delivery rate delay
|
||
|
||
Support to enforce a destination-independent delay between email
|
||
deliveries. The following example inserts 20 seconds of delay
|
||
between all deliveries with the SMTP transport, limiting the delivery
|
||
rate to at most three messages per minute.
|
||
|
||
/etc/postfix/main.cf:
|
||
smtp_transport_rate_delay = 20s
|
||
|
||
For details, see the description of default_transport_rate_delay
|
||
and transport_transport_rate_delay in the postconf(5) manpage.
|
||
|
||
- Major changes - postscreen dnsbl
|
||
[Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL
|
||
lookup results
|
||
|
||
Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
|
||
that a "not found" result from a DNSBL server will be valid for one
|
||
hour. This may have been adequate five years ago when postscreen
|
||
was first implemented, but nowadays, that one hour can result in
|
||
missed opportunities to block new spambots.
|
||
|
||
To address this, postscreen now respects the TTL of DNSBL "not
|
||
found" replies, as well as the TTL of DNSWL replies (both "found"
|
||
and "not found"). The TTL for a "not found" reply is determined
|
||
according to RFC 2308 (the TTL of an SOA record in the reply).
|
||
|
||
Support for DNSBL or DNSWL reply TTL values is controlled by two
|
||
configuration parameters:
|
||
|
||
postscreen_dnsbl_min_ttl (default: 60 seconds).
|
||
|
||
This parameter specifies a minimum for the amount of time that
|
||
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
|
||
This prevents an excessive number of postscreen cache updates
|
||
when a DNSBL or DNSWL server specifies a very small reply TTL.
|
||
|
||
postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
|
||
|
||
This parameter specifies a maximum for the amount of time that
|
||
a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
|
||
This prevents cache pollution when a DNSBL or DNSWL server
|
||
specifies a very large reply TTL.
|
||
|
||
The postscreen_dnsbl_ttl parameter is now obsolete, and has become
|
||
the default value for the new postscreen_dnsbl_max_ttl parameter.
|
||
|
||
- Major changes - sasl auth safety
|
||
[Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to
|
||
enforce an optional rate limit on AUTH commands per SMTP client IP
|
||
address. Similar to other smtpd_client_*_rate_limit features, this
|
||
enforces a limit on the number of requests per $anvil_rate_time_unit.
|
||
|
||
- Major changes - smtpd policy
|
||
[Feature 20150913] New SMTPD policy service attribute "policy_context",
|
||
with a corresponding "smtpd_policy_service_policy_context" configuration
|
||
parameter. Originally, this was implemented to share the same SMTPD
|
||
policy service endpoint among multiple check_policy_service clients.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 9 14:05:22 UTC 2015 - varkoly@suse.com
|
||
|
||
- bnc#958329 postfix fails to start when openslp is not installed
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 12 20:49:27 UTC 2015 - michael@stroeder.com
|
||
|
||
- upstream update postfix 2.11.7:
|
||
* The Postfix Milter client aborted with a panic while adding a
|
||
message header, after adding a short message header with the
|
||
header_checks PREPEND action. Fixed by invoking the header
|
||
output function while PREPENDing a message header.
|
||
* False alarms while scanning the Postfix queue. Fixed by resetting
|
||
errno before calling readdir(). This defect was introduced
|
||
19970309.
|
||
* The postmulti command produced an incorrect error message.
|
||
* The postmulti command now refuses to create a new MTA instance
|
||
when the template main.cf or master.cf file are missing. This
|
||
is a common problem on Debian-like systems.
|
||
* Turning on Postfix SMTP server HAProxy support broke TLS
|
||
wrappermode. Fixed by temporarily using a 1-byte VSTREAM buffer
|
||
to read the HAProxy connection hand-off information.
|
||
* The xtext_unquote() function did not propagate error reports
|
||
from xtext_unquote_append(), causing the decoder to return
|
||
partial output, instead of rejecting malformed input. The Postfix
|
||
SMTP server uses this function to parse input for the ENVID and
|
||
ORCPT parameters, and for XFORWARD and XCLIENT command parameters.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 12 10:51:51 UTC 2015 - jkeil@suse.de
|
||
|
||
- boo#934060: Remove quirky hostname logic from config.postfix
|
||
* /etc/hostname doesn't contain anything useful
|
||
* linux.local is no good either
|
||
* postfix will use `hostname`.localdomain as fallback
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 4 09:09:04 UTC 2015 - meissner@suse.com
|
||
|
||
- postfix-no-md5.patch: replace fingerprint defaults by sha1. bsc#928885
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 4 09:07:25 UTC 2015 - meissner@suse.com
|
||
|
||
- %verifyscript is a new section, move it out of the %ifdef
|
||
so the fillups are run afterwards.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 22 16:44:44 UTC 2015 - michael@stroeder.com
|
||
|
||
- upstream update postfix 2.11.6:
|
||
Default settings have been updated so that they no longer enable
|
||
export-grade ciphers, and no longer enable the SSLv2 and SSLv3
|
||
protocols.
|
||
- removed postfix-2.11.5_linux4.patch because it's obsolete
|
||
- Bugfix (introduced: Postfix 2.11): with connection caching
|
||
enabled (the default), recipients could be given to the wrong
|
||
mail server. (bsc#944722)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 1 22:25:51 UTC 2015 - crrodriguez@opensuse.org
|
||
|
||
- postfix-SuSE.tar.gz/postfix.service: None of
|
||
nss-lookup.target network.target local-fs.target time-sync.target
|
||
should be Wanted or Required except by the services
|
||
the implement the relevant functionality i.e network.target
|
||
is wanted/required by networkmanager, wicked,
|
||
systemd-network. other software must be ordered After them,
|
||
see systemd.special(7)
|
||
|
||
-------------------------------------------------------------------
|
||
Sun May 17 18:41:52 UTC 2015 - mpluskal@suse.com
|
||
|
||
- Fix library symlink generation (boo#928662)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 21 09:55:44 UTC 2015 - mrueckert@suse.de
|
||
|
||
- added postfix-2.11.5_linux4.patch:
|
||
Allow building on kernel 4. Patch taken from:
|
||
https://groups.google.com/forum/#!topic/mailing.postfix.users/fufS22sMGWY
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Apr 19 23:03:25 UTC 2015 - mrueckert@suse.de
|
||
|
||
- update to postfix 2.11.5
|
||
- Bugfix (introduced: Postfix 2.6):
|
||
sender_dependent_relayhost_maps ignored the relayhost setting
|
||
in the case of a DUNNO lookup result. It would use the
|
||
recipient domain instead. Viktor Dukhovni. Wietse took the
|
||
pieces of code that enforce the precedence of a
|
||
sender-dependent relayhost, the global relayhost, and the
|
||
recipient domain, and put that code together in once place so
|
||
that it is easier to maintain. File:
|
||
trivial-rewrite/resolve.c.
|
||
- Bitrot: prepare for future changes in OpenSSL API. Viktor
|
||
Dukhovni. File: tls_dane.c.
|
||
- Incompatibility: specifying "make makefiles" with "CC=command"
|
||
will no longer override the default WARN setting.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 9 18:01:38 UTC 2015 - michael@stroeder.com
|
||
|
||
- upstream update postfix 2.11.4:
|
||
|
||
Postfix 2.11.4 only:
|
||
|
||
* Fix a core dump when smtp_policy_maps specifies an invalid TLS
|
||
level.
|
||
|
||
* Fix a missing " in \%s\", in postconf(1) fatal error messages,
|
||
which violated the C language spec. Reported by Iain Hibbert.
|
||
|
||
All supported releases:
|
||
|
||
* Stop excessive recursion in the cleanup server while recovering
|
||
from a virtual alias expansion loop. Problem found at Two Sigma.
|
||
|
||
* Stop exponential memory allocation with virtual alias expansion
|
||
loops. This came to light after fixing the previous problem.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Feb 8 13:08:36 UTC 2015 - varkoly@suse.com
|
||
|
||
- correct pf_daemon_directory in spec. This must be /usr/lib/
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 22 09:36:09 UTC 2015 - varkoly@suse.com
|
||
|
||
- bnc#914086 syntax error in config.postfix
|
||
- Adapt config.postfix to be able to run on SLE11 too.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 19 22:15:30 UTC 2015 - mpluskal@suse.com
|
||
|
||
- Don't install sysvinit script when systemd is used
|
||
- Make explicit PreReq dependencies conditional only for older
|
||
systems
|
||
- Don't try to set explicit attributes to symlinks
|
||
- Cleanup spec file vith spec-cleaner
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 13 07:04:52 UTC 2015 - varkoly@suse.com
|
||
|
||
- bnc#912594 config.postfix creates config based on old options
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 6 14:26:51 UTC 2015 - varkoly@suse.com
|
||
|
||
- bnc#911806 config.postfix does not set up correct saslauthd socket directory for chroot
|
||
- bnc#910265 config.postfix does not upgrade the chroot
|
||
- bnc#908003 wrong access rights on /usr/sbin/postdrop causes
|
||
permission denied when trying to send a mail as non root user
|
||
- bnc#729154 wrong permissions for some postfix components
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 21 14:49:19 UTC 2014 - tchvatal@suse.com
|
||
|
||
- Remove keyring and things as it is md5 based one no longer
|
||
accepted by gpg 2.1
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 14 09:19:00 UTC 2014 - dimstar@opensuse.org
|
||
|
||
- No longer perform gpg validation; osc source_validator does it
|
||
implicit:
|
||
+ Drop gpg-offline BuildRequires.
|
||
+ No longer execute gpg_verify.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 27 18:22:02 UTC 2014 - dmueller@suse.com
|
||
|
||
- restore previously lost fix:
|
||
Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de
|
||
- Ignore errors in %pre/%post.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 20 07:52:39 UTC 2014 - michael@stroeder.com
|
||
|
||
- postfix 2.11.3:
|
||
|
||
* Fix for configurations that prepend message headers with Postfix
|
||
access maps, policy servers or Milter applications. Postfix now
|
||
hides its own Received: header from Milters and exposes prepended
|
||
headers to Milters, regardless of the mechanism used to prepend
|
||
a header. This fix reverts a partial solution that was released
|
||
on October 13, 2014, and replaces it with a complete solution.
|
||
* Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure.
|
||
|
||
- postfix 2.11.2:
|
||
|
||
* Fix for DMARC implementations based on SPF policy plus DKIM
|
||
Milter. The PREPEND access/policy action added headers ABOVE
|
||
Postfix's own Received: header, exposing Postfix's own Received:
|
||
header to Milters (protocol violation) and hiding the PREPENDed
|
||
header from Milters. PREPENDed headers are now added BELOW
|
||
Postfix's own Received: header and remain visible to Milters.
|
||
* The Postfix SMTP server logged an incorrect client name in
|
||
reject messages for check_reverse_client_hostname_access and
|
||
check_reverse_client_hostname_{mx,ns}_access. They replied with
|
||
the verified client name, instead of the name that was rejected.
|
||
* The qmqpd daemon crashed with null pointer bug when logging a
|
||
lost connection while not in a mail transaction.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Sep 14 16:50:57 UTC 2014 - andreas.stieger@gmx.de
|
||
|
||
- switch from md5 based signature to one using the SHA-512 digest
|
||
algorithm supplied by maintainer on ML to pass source_validator
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Sep 13 21:44:41 UTC 2014 - andreas.stieger@gmx.de
|
||
|
||
- postfix 2.11.1:
|
||
* With connection caching enabled (the default), recipients could
|
||
be given to the wrong mail server.
|
||
* Enforce TLS when TLSA records exist, but all are unusable.
|
||
* Don't leak memory when TLSA records exist, but all are unusable.
|
||
* Prepend "-I. -I../../include" to the compiler command-line
|
||
options, to avoid name clashes with non-Postfix header files.
|
||
* documentation fixes
|
||
* logging fixes
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 29 15:40:00 UTC 2014 - rusjako@rus.uni-stuttgart.de
|
||
|
||
- fix dynamic_maps patch to enable memcache support, which does not
|
||
need any libraries
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 31 12:44:59 UTC 2014 - dimstar@opensuse.org
|
||
|
||
- Rename rpmlintrc to %{name}-rpmlintrc.
|
||
Follow the packaging guidelines.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 27 23:16:21 UTC 2014 - chris@computersalat.de
|
||
|
||
- fix typo in postfix-SuSE/update_chroot.systemd
|
||
- fix config.postfix
|
||
* 'insserv amavis' -> 'chkconfig amavis on'
|
||
- rework main.cf patch
|
||
* fix virtual stuff
|
||
* add some dovecot stuff
|
||
- rework master.cf patch
|
||
* add some dovecot stuff
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 23 21:41:23 UTC 2014 - jamesp@vicidial.com
|
||
|
||
- The included postfix-mysql.tar.bz2 was using a MySQL 4.1 style of
|
||
table engine specification. Modified so that the sql uses
|
||
'ENGINE=' instead of 'TYPE=' for creating tables.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 23 15:17:52 UTC 2014 - varkoly@suse.com
|
||
|
||
- bnc#816769 - config.postfix issues warnings about missing master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 10 13:34:03 UTC 2014 - varkoly@suse.com
|
||
|
||
- bnc#882033 - Package postfix has changed files according to rpm
|
||
- bnc#855688 - possible systemd bug: postfix & cifs dependency confict
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 9 12:17:35 UTC 2014 - varkoly@suse.com
|
||
|
||
- bnc#863350 - SuSEconfig.postfix complains about modified /etc/postfix/main.cf after updating postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 26 17:21:54 UTC 2014 - chris@computersalat.de
|
||
|
||
- replace vda patch:
|
||
* add postfix-vda-v13-2.10.0.patch
|
||
* remove postfix-vda-v11-2.9.6.patch
|
||
- rebase patches
|
||
- config.postfix
|
||
* add master.cf support for submission (587)
|
||
* rework master.cf support for smtps
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 12 15:10:27 UTC 2014 - varkoly@suse.com
|
||
|
||
- bnc#862662 - Unable to configure postfix SMTP with forced TLS using YaST2
|
||
|
||
- Update to 2.11.0
|
||
* TLS
|
||
o Support for PKI-less TLS server certificate verification, where
|
||
the CA public key or the server certificate is identified via DNSSEC lookup
|
||
* LMDB database support
|
||
* master
|
||
o The master_service_disable parameter value syntax has changed:
|
||
use "service/type" instead of "service.type".
|
||
* postconf:
|
||
o Support for advanced master.cf query and update operations.
|
||
This was implemented primarily to support automated system management tools.
|
||
o The postconf command produces more warnings
|
||
* relay safety
|
||
New smtpd_relay_restrictions parameter built-in default settings:
|
||
smtpd_relay_restrictions =
|
||
permit_mynetworks
|
||
permit_sasl_authenticated
|
||
defer_unauth_destination
|
||
* postscreen whitelisting
|
||
Allow a remote SMTP client to skip postscreen(8) tests based on
|
||
its postscreen_dnsbl_sites score.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de
|
||
|
||
- Ignore errors in %pre/%post.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 3 02:47:54 UTC 2013 - crrodriguez@opensuse.org
|
||
|
||
- two improvements for 13.1 and factory
|
||
* postfix-opensslconfig.patch call openSSL_config
|
||
so postfix respects the system's openssl configuration
|
||
* postfix-SuSE/postfix.service since a few months there
|
||
is no mail-transfer-agent.target, units must be ordered
|
||
after a list of smtpd implementations instead.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 20 04:48:08 UTC 2013 - varkoly@suse.com
|
||
|
||
- Proc is not needed in chroot anymore
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 30 14:34:01 UTC 2013 - schwab@suse.de
|
||
|
||
- postfix-main.cf.patch: remove duplicate entry for inet_protocols
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 17 10:50:08 UTC 2013 - chris@computersalat.de
|
||
|
||
- fix for warning
|
||
* unused parameter: virtual_create_maildirsize=yes
|
||
* unused parameter: virtual_mailbox_extended=yes
|
||
* rework main.cf.patch
|
||
- fix rcpostfix for sysvinit systems
|
||
* /etc/postfix/system/update_postmaps: No such file or directory
|
||
- rebase patches
|
||
* vda-v11-2.9.5 -> vda-v11-2.9.6
|
||
- fix file postfix-SuSE.tar.gz
|
||
* made a tar.gz
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jun 16 02:12:07 UTC 2013 - jengelh@inai.de
|
||
|
||
- postfix.spec forces the use of SSL and SASL libraries,
|
||
so make sure the BuildRequires are there
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 14 01:33:52 UTC 2013 - jengelh@inai.de
|
||
|
||
- Add postfix-db6.diff to fix compile abort with libdb-6.0
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 22 11:51:37 UTC 2013 - idonmez@suse.com
|
||
|
||
- Add Source URL, see https://en.opensuse.org/SourceUrls
|
||
- Add GPG verification
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Apr 20 05:46:00 UTC 2013 - crrodriguez@opensuse.org
|
||
|
||
- postfix-SuSE/postfix.service do not Require or
|
||
order after syslog.target as it no longer exists
|
||
postfix will fail to start in the next systemd version.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Feb 23 09:33:08 UTC 2013 - rmilasan@suse.com
|
||
|
||
- Install postfix.service accordingly (/usr/lib/systemd for 12.3
|
||
and up or /lib/systemd for older versions).
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 6 19:56:57 UTC 2013 - varkoly@suse.com
|
||
|
||
- update to 2,9.6
|
||
Bugfix: the local(8) delivery agent dereferenced a null pointer
|
||
while delivering to null command (for example, "|" in a .forward file).
|
||
Bugfix: memory leak in program initialization. tls/tls_misc.c.
|
||
Bugfix: he undocumented OpenSSL X509_pubkey_digest() function is
|
||
unsuitable for computing certificate PUBLIC KEY fingerprints.
|
||
Postfix now provides a correct procedure that accounts for
|
||
the algorithm and parameters in addition to the key data. Specify
|
||
"tls_legacy_public_key_fingerprints = yes" if you need backwards compatibility.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 17 22:01:16 UTC 2013 - varkoly@suse.com
|
||
|
||
- bnc#796162 - script to assign path elements not working in postfix install Build-0284(iso)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 10 18:23:56 UTC 2013 - chris@computersalat.de
|
||
|
||
- rebase patches
|
||
* vda-v10-2.8.12 -> vda-v11-2.9.5 (and to be a p0)
|
||
* main, master, post-instal, ssl-release-buffers (remove version)
|
||
* dynamic_maps, dynamic_maps_pie, pointer_to_literals
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 10 14:45:59 UTC 2013 - varkoly@suse.com
|
||
|
||
- update to 2,9.5
|
||
* tls support:
|
||
Support to turn off the TLSv1.1 and TLSv1.2 protocols:
|
||
To temporarily turn off problematic protocols globally:
|
||
/etc/postfix/main.cf:
|
||
smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
|
||
smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
|
||
However, it may be better to temporarily turn off problematic
|
||
protocols for broken sites only:
|
||
/etc/postfix/main.cf:
|
||
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
|
||
/etc/postfix/tls_policy:
|
||
example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
|
||
* 20111012 To simplify integration with third-party
|
||
applications, the Postfix sendmail command now always transforms
|
||
all input lines ending in <CR><LF> into UNIX format (lines ending
|
||
in <LF>). Specify "sendmail_fix_line_endings = strict" to restore
|
||
historical Postfix behavior (i.e. convert all input lines ending
|
||
in <CR><LF> only if the first line ends in <CR><LF>).
|
||
* 20120114 Logfile-based alerting systems may need to be
|
||
updated to look for "error" messages in addition to "fatal" messages.
|
||
Specify "daemon_table_open_error_is_fatal = yes" to get the historical
|
||
behavior (immediate termination with "fatal" message).
|
||
* enable_long_queue_ids Postfix 2.9 introduces support for non-repeating queue IDs (also
|
||
used as queue file names). These names are encoded in a mix of upper
|
||
case, lower case and decimal digit characters. Long queue IDs are
|
||
disabled by default to avoid breaking tools that parse logfiles and
|
||
that expect queue IDs with the smaller [A-F0-9] character set.
|
||
* 20111209 memcache lookup and update support. This provides
|
||
a way to share postscreen(8) or verify(8) caches between Postfix
|
||
instances. See MEMCACHE_README and memcache_table(5) for details
|
||
and limitations.
|
||
* 20111218 To support external SASL authentication, e.g.,
|
||
in an NGINX proxy daemon, the Postfix SMTP server now always checks
|
||
the smtpd_sender_login_maps table, even without having
|
||
"smtpd_sasl_auth_enable = yes" in main.cf.
|
||
* ipv6
|
||
o The default inet_protocols value is now "all" instead of "ipv4",
|
||
meaning use both IPv4 and IPv6.
|
||
o The default smtp_address_preference value is now "any" instead
|
||
of "ipv6", meaning choose randomly between IPv6 and IPv4. With
|
||
this the Postfix SMTP client will have more success delivering
|
||
mail to sites that have problematic IPv6 configurations.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Dec 15 16:33:24 UTC 2012 - chris@computersalat.de
|
||
|
||
- update to 2.8.13
|
||
* 20121029
|
||
Workaround: strip datalink suffix from IPv6 addresses
|
||
returned by the system getaddrinfo() routine. Such suffixes
|
||
mess up the default mynetworks value, host name/address
|
||
verification and possibly more. This change obsoletes the
|
||
20101108 change that removes datalink suffixes in the SMTP
|
||
and QMQP servers, but we leave that code alone. File:
|
||
util/myaddrinfo.c.
|
||
* 20121013
|
||
Cleanup: to compute the LDAP connection cache lookup key,
|
||
join the numeric fields with null, just like string fields.
|
||
Viktor Dukhovni. File: global/dict_ldap.c.
|
||
* 20121010
|
||
Bugfix (introduced: Postfix 2.5): memory leak in program
|
||
initialization. Reported by Coverity. File: tls/tls_misc.c.
|
||
Bugfix (introduced: Postfix 2.3): memory leak in the unused
|
||
oqmgr program. Reported by Coverity. File: oqmgr/qmgr_message.c.
|
||
* 20121003
|
||
Bugfix: the postscreen_access_list feature was case-sensitive
|
||
in the first character of permit, reject, etc. Reported by
|
||
Feancis Picabia. File: global/server_acl.c.
|
||
- rebase dynamic_maps_pie patch
|
||
- rpmlint
|
||
* invalid-suse-version-check 1140
|
||
* obsolete-suse-version-check 920 (changes file)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 14 06:03:42 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#790141 - Command SuSEconfig.postfix reports ERROR -
|
||
"can not find /lib/YaST/SuSEconfig.functions!!"
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 8 11:33:33 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#782048 - postfix uses /sbin/conf.d
|
||
- bnc#784659 - remove SuSEconfig calls from yast2-mail
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 10 18:56:59 UTC 2012 - chris@computersalat.de
|
||
|
||
- update to 2.8.12
|
||
* 20120730
|
||
Bugfix (introduced: 20000314): AUTH is not allowed after
|
||
MAIL. Timo Sirainen. File: smtpd/smtpd_sasl_proto.c.
|
||
* 20120702
|
||
Bugfix (introduced: 19990127): the BIFF client leaked an
|
||
unprivileged UDP socket. Fix by Jaroslav Skarvada. File:
|
||
local/biff_notify.c.
|
||
* 20120621
|
||
Bugfix (introduced: Postfix 2.8): the unused "pass" trigger
|
||
client could close the wrong file descriptors. File:
|
||
util/unix_pass_trigger.c.
|
||
- fix for bnc#771303
|
||
* add 'version = 3' to ldap_aliases.cf
|
||
- rebase patches
|
||
* main, master, post-install: 2.8.3 -> 2.8.12
|
||
* ssl-release-buffers: 2.8.5 -> 2.8.12
|
||
* vda-v10: 2.8.9 -> 2.8.12
|
||
* dynamic_maps, dynamic_maps_pie, ipv6_disabled, pointer_to_literals
|
||
- fix changes file
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 19 06:52:18 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#771811 - postfix update does not regenerate the maps
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 11 09:51:22 UTC 2012 - varkoly@suse.com
|
||
|
||
- update to 2.8.11
|
||
* 20120520
|
||
- Bugfix (introduced Postfix 2.4): the event_drain() function
|
||
was comparing bitmasks incorrectly causing the program to
|
||
always wait for the full time limit. This error affected
|
||
the unused postkick command, but only after s/fifo/unix/
|
||
in master.cf. File: util/events.c.
|
||
- Cleanup: laptop users have always been able to avoid
|
||
unnecessary disk spin-up by doing s/fifo/unix/ in master.cf
|
||
(this is currently not supported on Solaris systems).
|
||
However, to make this work reliably, the "postqueue -f"
|
||
command must wait until its requests have reached the pickup
|
||
and qmgr servers before closing the UNIX-domain request
|
||
sockets. Files: postqueue/postqueue.c, postqueue/Makefile.in.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 9 10:07:10 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#753910 - {name} instead of %{name} in postfix .spec
|
||
- bnc#756452 - VUL-1: postfix: VRFY allows enumerating users
|
||
|
||
-------------------------------------------------------------------
|
||
Thu May 3 16:47:11 UTC 2012 - chris@computersalat.de
|
||
|
||
- update to 2.8.10
|
||
* 20120401
|
||
Bitrot: shut up useless warnings about Cyrus SASL call-back
|
||
function pointer type mis-matches. Files: xsasl/xsasl_cyrus.h,
|
||
xsasl/xsasl_cyrus_server.c, xsasl/xsasl_client.c.
|
||
* 20120422
|
||
Bit-rot: OpenSSL 1.0.1 introduces new protocols. Update the
|
||
known TLS protocol list so that protocols can be turned off
|
||
selectively to work around implementation bugs. Based on
|
||
a patch by Victor Duchovni. Files: proto/TLS_README.html,
|
||
proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c,
|
||
tls/tls_server.c.
|
||
- update to 2.8.9
|
||
* 20120217
|
||
Cleanup: missing #include statement for bugfix code added
|
||
20111226. File: local/unknown.c.
|
||
* 20120214
|
||
Bugfix (introduced: Postfix 2.4): extraneous null assignment
|
||
caused core dump when postlog emitted the "usage" message.
|
||
Reported by Kant (fnord.hammer). File: postlog/postlog.c.
|
||
* 20120202
|
||
Bugfix (introduced: Postfix 2.3): the "change header" milter
|
||
request could replace the wrong header. A long header name
|
||
could match a shorter one, because a length check was done
|
||
on the wrong string. Reported by Vladimir Vassiliev. File:
|
||
cleanup/cleanup_milter.c.
|
||
- use latest VDA patch (2.8.9)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 12 08:15:06 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#756450 - postfix: remove version from banner
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 9 16:13:28 UTC 2012 - bruno@ioda-net.ch
|
||
|
||
- add port 587 smtp-auth submission to postfix-fw bnc#756289
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 2 22:09:00 CEST 2012 - dmueller@suse.de
|
||
|
||
- set exit code explicitely in cond_slp, systemd checks for it
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 13 13:35:13 UTC 2012 - varkoly@suse.com
|
||
|
||
- Documentation for bnc#751994 - SuSEconfig module postfix does not exist
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 7 06:31:05 UTC 2012 - varkoly@suse.com
|
||
|
||
- rcpostfix now updates the aliases too
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 27 16:35:56 UTC 2012 - chris@computersalat.de
|
||
|
||
- update to 2.8.8
|
||
Bugfixes:
|
||
tlsproxy(8) stored TLS sessions with a serverID of
|
||
"tlsproxy" instead of "smtpd", wasting an opportunity for
|
||
session reuse. File: tlsproxy/tlsproxy.c.
|
||
missing lookup table entry and terminator, causing
|
||
proxymap server segfault when postscreen(8) or verify(8)
|
||
attempted to access their cache via the proxymap server.
|
||
This could never have worked anyway, because the Postfix
|
||
2.8 proxymap protocol does not support cache cleanup. File
|
||
util/dict.c.
|
||
the Postfix client sqlite
|
||
quoting routine returned the unquoted result instead of the
|
||
quoted text. The opportunities for misuse are limited,
|
||
because Postfix sqlite files are usually owned by root, and
|
||
Postfix daemons usually run with non-root privileges so
|
||
they can't corrupt the database. Problem reported by Rob
|
||
McGee (rob0). File: global/dict_sqlite.c.
|
||
the trace service did not
|
||
distinguish between notifications for a non-bounce or a
|
||
bounce message. This code pre-dates DSN support and should
|
||
have been updated when it was re-purposed to handle DSN
|
||
SUCCESS notifications. Problem reported by Sabahattin
|
||
Gucukoglu. File: bounce/bounce_trace_service.c.
|
||
- use latest VDA patch (2.8.5)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 25 15:12:38 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#743369 - yast2 mail module does not open the firewall
|
||
- Set MD5DIR in SuSEconfig.postfix to avoid warnings
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 17 11:14:30 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc738693 - upgrade from 11.4 enables mysql service for systemd
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 12 12:18:17 UTC 2012 - varkoly@suse.com
|
||
|
||
- Add postmap rebuild script to systemv init script too
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 11 14:21:21 UTC 2012 - varkoly@suse.com
|
||
|
||
- bnc#738900 - cyrus-imapd not receiving mail from postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 13 14:50:45 UTC 2011 - varkoly@suse.com
|
||
|
||
- Move the post map rebuild script into the start script
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 6 11:04:12 UTC 2011 - varkoly@suse.com
|
||
|
||
- Fix the last change in %post
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 2 06:44:28 UTC 2011 - varkoly@suse.com
|
||
|
||
- bnc#728308 - warning output after update the postfix package
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 9 20:05:38 UTC 2011 - varkoly@suse.com
|
||
|
||
- update to 2.8.7
|
||
Bugfixes:
|
||
smtpd(8) did not sanitize newline characters in cleanup(8)
|
||
REJECT messages, causing them to be sent out via SMTP as bare newline characters.
|
||
smtpd(8) sent multi-line responses from a before-queue content filter as text with
|
||
bare <LF> instead of <CR><LF>.
|
||
Workaround: postscreen sent non-compliant SMTP responses (220- followed by 421)
|
||
when it could not give a connection to a real smtpd process, causing some
|
||
remote SMTP clients to bounce mail.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 3 15:56:23 UTC 2011 - varkoly@suse.com
|
||
|
||
- Use the systemd macros in the spec file
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 14 16:43:02 CEST 2011 - mhrusecky@suse.cz
|
||
|
||
- only fix files that exists in %post
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Oct 9 04:30:54 UTC 2011 - crrodriguez@opensuse.org
|
||
|
||
- Use SSL_MODE_RELEASE_BUFFERS if available, see
|
||
SSL_CTX_set_mode man page and
|
||
http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
|
||
for the full details.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 6 14:49:47 UTC 2011 - chris@computersalat.de
|
||
|
||
- update to 2.8.5
|
||
* Bugfix: allow for Milters that send an SMTP server reply
|
||
without RFC 3463 enhanced status code. Reported by Vladimir
|
||
Vassiliev. File: milter/milter8.c.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 22 09:31:02 UTC 2011 - varkoly@novell.com
|
||
|
||
- bnc#684304 - server:mail/postfix: Bugs in SuSEconfig chroot setup script
|
||
- Aplly SASL_SOCKET_DIR patch
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 18 09:32:04 UTC 2011 - varkoly@novell.com
|
||
|
||
- Move SuSEconfig.postfix into /usr/sbin/
|
||
(FATE#311272: Do not rewrite postfix.cf via SuSEconfig)
|
||
SuSEconfig.postfix will be executed only once after installation
|
||
automaticaly. Afterwards only you can start it manually or via
|
||
yast2 mail module.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 12 16:40:40 UTC 2011 - werner@suse.de
|
||
|
||
- Just the first strep forward to systemd, please test out
|
||
/etc/postfix/system/update_chroot
|
||
/etc/postfix/system/wait_qmgr
|
||
/etc/postfix/system/cond_slp
|
||
and
|
||
/lib/systemd/system/postfix.service
|
||
and also fill out the missing description.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 9 11:03:55 UTC 2011 - chris@computersalat.de
|
||
|
||
- rework SuSE patch
|
||
* add missing SASL stuff in rc.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 25 09:08:14 UTC 2011 - chris@computersalat.de
|
||
|
||
- when chrooted and using SASL
|
||
o mount -o bind SASL_SOCKET_DIR into postfix CHROOT
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 11 17:22:19 UTC 2011 - chris@computersalat.de
|
||
|
||
- update to 2.8.4
|
||
o Linux kernel version 3 support.
|
||
for more info see ChangeLog
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 6 13:11:07 UTC 2011 - varkoly@novell.com
|
||
|
||
- bnc#686436 - postfix bounces messages with improper use of 8-bit data in message body
|
||
- Apply patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 1 12:35:59 UTC 2011 - chris@computersalat.de
|
||
|
||
- rework master.cf patch
|
||
o fix receive_override_options line
|
||
- rework SuSE patch
|
||
o sysconfig: remove POSTFIX_WITH_POP_BEFORE_SMTP
|
||
o SuSEconfig: fix receive_override_options line
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 30 20:15:40 UTC 2011 - chris@computersalat.de
|
||
|
||
- replace vda patch
|
||
o 2.8.1 -> 2.8.3
|
||
- fix files doc
|
||
o remove 'doc auxiliary'
|
||
instead cp to pf_docdir
|
||
|
||
-------------------------------------------------------------------
|
||
Sat May 28 04:22:22 UTC 2011 - varkoly@novell.com
|
||
|
||
- fix spec for building on all repos
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 24 10:24:51 UTC 2011 - varkoly@novell.com
|
||
|
||
- bnc#679187 - suseconfig/postfix: missing dependency
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 17 22:31:46 UTC 2011 - chris@computersalat.de
|
||
|
||
- fix master.cf
|
||
o fix missing
|
||
- amavis unix - - n - 4 smtp
|
||
- localhost:10025 inet n - n - - smtpd
|
||
o add master.cf patch
|
||
- rework patches
|
||
o main.cf (add two missing sasl vars)
|
||
o postfix-SuSE (SuSEconfig, cleanup those vars,...)
|
||
|
||
-------------------------------------------------------------------
|
||
Sun May 15 14:16:03 UTC 2011 - chris@computersalat.de
|
||
|
||
- rework TLS stuff
|
||
o reworked main.cf patch
|
||
o added postfix-SuSE patch
|
||
o added post-install patch
|
||
Editing /etc/postfix/master.cf, adding missing entry for tlsmgr service
|
||
add only if it really does not exist
|
||
- removed Author from description
|
||
- updated vda patch
|
||
o vda-2.7.1 > vda-v10-2.8.1
|
||
- fix build for SLE_10
|
||
o no fdupes ;)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 11 08:23:56 UTC 2011 - varkoly@novell.com
|
||
|
||
- remove document paths from postfix-files to avoid error messages
|
||
when postfix-doc is not installed
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 10 09:20:23 UTC 2011 - varkoly@novell.com
|
||
|
||
- update to 2.8.3 - VUL-0: postfix memory corruption
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Apr 10 07:00:18 UTC 2011 - varkoly@novell.com
|
||
|
||
- bnc#641271 - postfix-2.7.1: init script cannot properly stop
|
||
multi-instance configurations
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 30 21:21:16 UTC 2011 - varkoly@novell.com
|
||
|
||
- update to 2.8.2
|
||
* DNSBL/DNSWL:
|
||
o Support for address patterns in DNS blacklist and whitelist lookup results.
|
||
o The Postfix SMTP server now supports DNS-based whitelisting with several safety features
|
||
* Support for read-only sqlite database access.
|
||
* Alias expansion:
|
||
o Postfix now reports a temporary delivery error when the result
|
||
of virtual alias expansion would exceed the virtual_alias_recursion_limit
|
||
or virtual_alias_expansion_limit.
|
||
o To avoid repeated delivery to mailing lists with pathological
|
||
nested alias configurations, the local(8) delivery agent now keeps
|
||
the owner-alias attribute of a parent alias, when delivering mail
|
||
to a child alias that does not have its own owner alias.
|
||
* The Postfix SMTP client no longer appends the local domain when
|
||
looking up a DNS name without ".".
|
||
* The SMTP server now supports contact information that is appended
|
||
to "reject" responses: smtpd_reject_footer
|
||
* Postfix by default no longer adds a "To: undisclosed-recipients:;"
|
||
header when no recipient specified in the message header.
|
||
* tls support:
|
||
o The Postfix SMTP server now always re-computes the SASL mechanism
|
||
list after successful completion of the STARTTLS command.
|
||
o The smtpd_starttls_timeout default value is now stress-dependent.
|
||
o Postfix no longer appends the system-supplied default CA certificates
|
||
to the lists specified with *_tls_CAfile or with *_tls_CApath.
|
||
* New feature: Prototype postscreen(8) server that runs a number
|
||
of time-consuming checks in parallel for all incoming SMTP connections,
|
||
before clients are allowed to talk to a real Postfix SMTP server.
|
||
It detects clients that start talking too soon, or clients that appear
|
||
on DNS blocklists, or clients that hang up without sending any command.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 10 11:43:28 UTC 2011 - varkoly@novell.com
|
||
|
||
- bnc#667299 - Postfix LICENSE not marked as documentation
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 17 09:56:32 UTC 2011 - chris@computersalat.de
|
||
|
||
- add some min LDAP support for virtual LDAP-users
|
||
o sysconfig "WITH_LDAP"
|
||
o add ldap_aliases.cf
|
||
o SuSEconfig.postfix
|
||
virtual_alias_maps = ... ldap:/etc/postfix/ldap_aliases.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 4 12:14:06 UTC 2011 - chris@computersalat.de
|
||
|
||
- update to 2.7.2
|
||
* Bugfix (introduced Postfix 2.2): Postfix no longer appends
|
||
the system default CA certificates to the lists specified
|
||
with *_tls_CAfile or with *_tls_CApath. This prevents
|
||
third-party certificates from getting mail relay permission
|
||
with the permit_tls_all_clientcerts feature. Unfortunately
|
||
this may cause compatibility problems with configurations
|
||
that rely on certificate verification for other purposes.
|
||
To get the old behavior, specify "tls_append_default_CA =
|
||
yes". Files: tls/tls_certkey.c, tls/tls_misc.c,
|
||
global/mail_params.h. proto/postconf.proto, mantools/postlink.
|
||
* Compatibility with Postfix < 2.3: fix 20061207 was incomplete
|
||
(undoing the change to bounce instead of defer after
|
||
pipe-to-command delivery fails with a signal). Fix by Thomas
|
||
Arnett. File: global/pipe_command.c.
|
||
* Bugfix: the milter_header_checks parser provided only the
|
||
actions that change the message flow (reject, filter,
|
||
discard, redirect) but disabled the non-flow actions (warn,
|
||
replace, prepend, ignore, dunno, ok). File:
|
||
cleanup/cleanup_milter.c.
|
||
* Performance: fix for poor smtpd_proxy_filter TCP performance
|
||
over loopback (127.0.0.1) connections. Problem reported by
|
||
Mark Martinec. Files: smtpd/smtpd_proxy.c.
|
||
* Cleanup: don't apply reject_rhsbl_helo to non-domain forms
|
||
such as network addresses. This would cause false positives
|
||
with dbl.spamhaus.org. File: smtpd/smtpd_check.c.
|
||
* Bugfix: the "421" reply after Milter error was overruled
|
||
by Postfix 1.1 code that replied with "503" for RFC 2821
|
||
compliance. We now make an exception for "final" replies,
|
||
as permitted by RFC. Solution by Victor Duchovni. File:
|
||
smtpd/smtpd.c.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Dec 11 19:50:25 UTC 2010 - chris@computersalat.de
|
||
|
||
- update vda patch
|
||
o remove 2.6.1-vda-ng.patch
|
||
o remove 2.6.1-vda-ng-64bit.patch
|
||
o add vda-2.7.1.patch
|
||
- rework main.cf.patch
|
||
o remove 2.2.9-main.cf.patch
|
||
o add 2.7.1-main.cf.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 7 22:02:56 UTC 2010 - coolo@novell.com
|
||
|
||
- prereq init scripts network and syslog
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 12 18:57:14 UTC 2010 - varkoly@novell.com
|
||
|
||
- Remove obsolate postscripts
|
||
- bnc#625657 - SuSEconfig.postfix and smtp_use_tls
|
||
- bnc#622873 - postfix doesn't start if ipv6 is disabled
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 6 15:04:30 UTC 2010 - chris@computersalat.de
|
||
|
||
- reworked bnc#606251 stuff (not checked in to Factory)
|
||
o used my_print_defaults command for parsing of /etc/my.cnf
|
||
o using quotation marks: "$PF_CHROOT"
|
||
o added sysconfig option POSTFIX_MYSQL_CONN=(socket,tcp)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 16 23:39:09 UTC 2010 - chris@computersalat.de
|
||
|
||
- bnc#606251 - postfix chrooted mysql.sock lost on mysql restart
|
||
o Now MYSQL_SOCK_DIR is mounted with '-o bind' to postfix CHROOT
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 10 10:55:54 UTC 2010 - varkoly@novell.com
|
||
|
||
- update to 2.7.1
|
||
* Bugfix (introduced Postfix 2.6) in the XFORWARD implementation,
|
||
which sends remote SMTP client attributes through SMTP-based content filters.
|
||
The Postfix SMTP client did not skip "unknown" SMTP client attributes,
|
||
causing a syntax error when sending an "unknown" client PORT attribute.
|
||
* Robustness: skip LDAP queries with non-ASCII search strings, instead of failing with a database lookup error.
|
||
* Safety: Postfix processes now log a warning when a matchlist has
|
||
a #comment at the end of a line (for example mynetworks or relay_domains).
|
||
* Portability: OpenSSL 1.0.0 changes the priority of anonymous cyphers.
|
||
* Portability: Berkeley DB 5.x is now supported.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu May 20 17:08:26 UTC 2010 - chris@computersalat.de
|
||
|
||
- fix obviously lost POSTFIX_MYHOSTNAME in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 7 12:39:16 UTC 2010 - varkoly@novell.com
|
||
|
||
- New file check_mail_queue. This script checks if there are some
|
||
mails in the queue and starts postfix if necessary. After delivering
|
||
the mails postfix will be stoped.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 1 10:28:09 UTC 2010 - varkoly@novell.com
|
||
|
||
- bnc#559145 - Changed Domain name not reflected when sending mail
|
||
First /var/run/dhcp-hostname will be evaluated
|
||
- Now POSTFIX_SMTP_TLS_CLIENT is ternary : no yes must
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Feb 28 18:38:18 UTC 2010 - varkoly@novell.com
|
||
- update to 2.7.0
|
||
* performance
|
||
- Periodic cache cleanup for the verify(8) cache database.
|
||
- Improved before-queue filter performance.
|
||
* sender reputation
|
||
- The FILTER action in access maps or header/body_checks now supports sender
|
||
reputation schemes that dynamically choose the SMTP source IP address.
|
||
* address verification
|
||
- The verify(8) service now uses a persistent cache by default.
|
||
* content filter
|
||
- The meaning of an empty filter next-hop destination has changed.
|
||
- The FILTER action in access maps or header/body_checks now supports sender
|
||
reputation schemes that dynamically choose the SMTP source IP address.
|
||
* milter
|
||
- Support for header checks on Milter-generated message headers.
|
||
Please read /usr/share/doc/packages/postfix/RELEASE_NOTES for details.
|
||
-------------------------------------------------------------------
|
||
Thu Feb 11 15:16:13 UTC 2010 - coolo@novell.com
|
||
|
||
- revert the change to PreReq openldap-devel, this increases the
|
||
default installation several MBs
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 2 15:45:26 UTC 2010 - varkoly@novell.com
|
||
|
||
- bnc#567569 - Postfix: move ldap support to a separate package
|
||
- bnc#557239 - postfix delivers mail to user's home instead of /var/spool/mail
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 5 23:28:12 UTC 2010 - chris@computersalat.de
|
||
|
||
- rpmlint fixes
|
||
o init-script-undefined-dependency $network-remotefs
|
||
- fix for SuSEconfig.postfix
|
||
o if use_amavis eq "yes"
|
||
then content_filter "amavis:[127.0.0.1]:10024]" is defined,
|
||
so removed "-o content_filter=smtp:[127.0.0.1]:10024" for smtp
|
||
- s#ldconfig#/sbin/ldconfig#
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 22 16:15:00 CEST 2009 - freespacer@gmx.de
|
||
|
||
- Add support for dovecot as MDA to SuSEconfig.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 16 10:45:14 CET 2009 - jengelh@medozas.de
|
||
|
||
- Package documentation as noarch
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 10 13:15:15 CET 2009 - varkoly@suse.de
|
||
|
||
- Remove postfixs update script. This does not work now.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 8 19:15:15 CET 2009 - varkoly@suse.de
|
||
|
||
- Fix the %post section add missed %{fillup_only -an mail}
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 16 17:14:39 CET 2009 - varkoly@suse.de
|
||
|
||
- bnc#555814 – VUL-0: SMTPD_LISTEN_REMOTE="yes" by default
|
||
- bnc#555732 - Invalid $(hostname -i) usage SuSEconfig.postfix
|
||
- bnc#547928 – Postfix does not start during boot process
|
||
- Avoid append relay multiple times in POSTFIX_MAP_LIST
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 26 14:36:55 CET 2009 - varkoly@suse.de
|
||
|
||
- bnc#549612 – SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 28 09:22:54 CEST 2009 - varkoly@suse.de
|
||
|
||
- bnc#540538 – postfix-2.6.1-10.1 installs new files in /etc/postfix and does not generate <file>.db
|
||
- bnc#519438 - Postfix: Running chrooted lets qmgr loosing his syslog-socket
|
||
- remove obsolate version tests from SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 28 08:24:43 CEST 2009 - varkoly@suse.de
|
||
|
||
- bnc#525825 - when using cyrus in a chroot environment Suseconfig does not
|
||
create socket /var/lib/imap/socket/lmtp
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 14 11:34:41 UTC 2009 - chris@computersalat.de
|
||
|
||
- spec
|
||
o fdupes if >= 1100
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 10 21:22:46 CEST 2009 - chris@computersalat.de
|
||
|
||
- update to 2.6.1
|
||
o merge home:varkoly:Factory and o:F
|
||
- spec mods
|
||
o use of getent
|
||
- rpmlint
|
||
o remove unneeded dists from examples/chroot-setup/
|
||
o postin-without-ldconfig
|
||
o files-duplicate /usr/share/doc/packages/postfix-doc/html/
|
||
o files-duplicate /usr/share/man/man?
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 13 18:21:14 UTC 2009 - chris@computersalat.de
|
||
|
||
- added VDA patch
|
||
o Mailbox / Maildir size limit, known also as "soft quota",
|
||
to avoid user take all you disk space
|
||
o Customizable "limit" message when the soft quota limit is reached.
|
||
NOTE: message is sent to senders, but NOT to the owner of the mailbox.
|
||
o Limit only 'INBOX', because some people use IMAP and don't want
|
||
the same limit in IMAP folder that are differents from INBOX.
|
||
o Support for 'Courier' style Maildir, usefull for people that
|
||
use courier as pop3/imap server and to get fast soft quota summary.
|
||
Note that it is also compatible with qmail maildir per default.
|
||
o Supports for Courier 'maildirsize' file in Maildir folder that
|
||
is used to read quotas quickly. Note that this option is not
|
||
actived per default and can be dangerous on some NFS client
|
||
implementation
|
||
(like for example Solaris that cache some filesystem operations).
|
||
o Customisable suffix for Maildir support, when share same external
|
||
dict between postfix and pop3/imap server sometime "Maildir/" suffix
|
||
is needed to avoid extra database handling (eg LDAP, MySQL...).
|
||
- some improvements of SuSEconfig.postfix
|
||
o POSTFIX_LISTEN: Comma separated list of IP's
|
||
o POSTFIX_INET_PROTO: ipv4, ipv6, all
|
||
o POSTFIX_MYHOSTNAME: define SMTPs FQHOSTNAME
|
||
o POSTFIX_WITH_MYSQL: when using MySQL as backend
|
||
o POSTFIX_BASIC_SPAM_PREVENTION: "custom"
|
||
you can now define your own rules
|
||
- POSTFIX_SMTPD_CLIENT_RESTRICTIONS
|
||
- POSTFIX_SMTPD_HELO_RESTRICTIONS
|
||
- POSTFIX_SMTPD_SENDER_RESTRICTIONS
|
||
- POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS
|
||
- added helo_access for helo checks
|
||
- added relay for relaying domain
|
||
- added MySQL stuff when using MySQL as backend (virtuser)
|
||
o you should consider postfixAdmin as mgmnt interface
|
||
o when runninng postfix chrooted:
|
||
you have to run SUSEconfig each time when you have restarted MySQL
|
||
because of linking mysql.sock
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Mar 29 15:18:52 CEST 2009 - varkoly@suse.de
|
||
|
||
- bnc#439287 - not all POSTFIX_ADD_* values are properly handled
|
||
by SuSEconfig.postfix
|
||
- bnc#483208 - Postfix configuration trashed after update
|
||
- bnc#488268 - SuSEconfig.postfix chroot setup misses /etc/ssl/certs
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 12 11:12:16 CET 2009 - varkoly@suse.de
|
||
|
||
- bnc#465165 - postfix src package
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 9 17:43:53 CET 2009 - varkoly@suse.de
|
||
|
||
- bnc#464869 - SuSEconfig.postfix causes DNS lookup
|
||
- bnc#460442 - amavisd-new and Postfix need fqdn-hostname in "uname -n"
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 5 13:54:11 CET 2009 - varkoly@suse.de
|
||
|
||
- update to 2.5.6
|
||
- The SMTP server did not ask for a client certificate
|
||
with "smtpd_tls_req_ccert = yes". Reported by Rob Foehl.
|
||
|
||
- Avoid reduced TCP performance when reusing an SMTP connection
|
||
with a larger than 4096-byte TCP MSS value. In practice, this
|
||
could happen only with loopback (localhost) connections.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Nov 16 12:16:03 CET 2008 - varkoly@suse.de
|
||
|
||
- (bnc#442456) - chrooted postfix and saslauthd
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 4 15:24:41 CET 2008 - ro@suse.de
|
||
|
||
- fix build
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 4 15:15:03 CET 2008 - varkoly@suse.de
|
||
|
||
- upgrade must not be executed during installation
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 14 11:16:21 CEST 2008 - varkoly@suse.de
|
||
|
||
- (bnc#403976) - permissions on /var/lib/postfix changed
|
||
- (bnc#433916) - postfix should be splitted into postfix and postfix-doc
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 11 14:34:22 CEST 2008 - varkoly@suse.de
|
||
|
||
- (bnc#415216) - Postfix RPM Install Displays Multiple Warnings
|
||
- clean up spec file
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 9 09:57:35 CEST 2008 - varkoly@suse.de
|
||
|
||
- Update to Version 2.5 patchlevel 5
|
||
* Bugfix (introduced Postfix 2.4): epoll file descriptor leak.
|
||
With Postfix >= 2.4 on Linux >= 2.6, Postfix has an epoll
|
||
file descriptor leak when it executes non-Postfix commands
|
||
in, for example, user-controlled $HOME/.forward files.
|
||
* Security: some systems have changed their link() semantics,
|
||
and will hardlink a symlink, contrary to POSIX and XPG4.
|
||
Sebastian Krahmer, SuSE. File: util/safe_open.c.
|
||
|
||
The solution introduces the following incompatible change:
|
||
when the target of mail delivery is a symlink, the parent
|
||
directory of that symlink must now be writable by root only
|
||
(in addition to the already existing requirement that the
|
||
symlink itself is owned by root). This change will break
|
||
legitimate configurations that deliver mail to a symbolic
|
||
link in a directory with less restrictive permissions.
|
||
* Bugfix: dangling pointer in vstring_sprintf_prepend().
|
||
File: util/vstring.c.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 25 18:45:03 CEST 2008 - mt@suse.de
|
||
|
||
- init script: copy LSB *-Start tags to *-Stop
|
||
- spec file: removed obsolete rc.config update hooks
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 6 13:33:01 CEST 2008 - varkoly@suse.de
|
||
|
||
- (bnc#414959) postfix doesn't have any "Name: " tag in firewall definition
|
||
- (bnc#405900) SuSEconfig.postfix changes owner and permissions of
|
||
/tmp if smtpd_tls_CApath is not set
|
||
|
||
- Update to Version 2.5 patchlevel 3
|
||
* Cleanup of code
|
||
* defer delivery when a mailbox file is not owned by the recipient.
|
||
Requested by Sebastian Krahmer, SuSE.
|
||
Specify "strict_mailbox_ownership=no" to ignore ownership discrepancies.
|
||
* Bugfix: null-terminate CN comment string after sanitization.
|
||
* Bugfix (introduced Postfix 2.0): after "warn_if_reject
|
||
reject_unlisted_recipient/sender", the SMTP server mistakenly
|
||
remembered that recipient/sender validation was already done.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 9 15:07:46 CEST 2008 - varkoly@suse.de
|
||
|
||
- (fate#305005) Enable SMTPS in postfix ootb
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 17 12:27:10 CEST 2008 - varkoly@suse.de
|
||
|
||
- (bnc#396985) sending of NUL character disallowed by RFC2822
|
||
- (bnc#397127) without relay is silent about undeliverable mails
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 13 18:17:09 CEST 2008 - varkoly@suse.de
|
||
|
||
- (bnc#389670) - postfix generates invalid config
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 1 16:17:31 CEST 2008 - mkoenig@suse.de
|
||
|
||
- remove dir /usr/share/omc/svcinfo.d as it is provided now
|
||
by filesystem
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 26 09:59:43 CET 2008 - varkoly@suse.de
|
||
|
||
- Update to Version 2.5 patchlevel 1
|
||
Changes: The Postfix 2.5 "postfix upgrade-configuration" command
|
||
now works even with Postfix 2.4 or earlier versions of the
|
||
postfix command. When installing Postfix 2.5.0 without upgrading
|
||
from an existing master.cf file, the new master.cf file had an
|
||
incorrect process limit for the proxywrite service. This service
|
||
is used only by the obscure "smtp_sasl_auth_cache_name" and
|
||
"lmtp_sasl_auth_cache_name" configuration parameters. Someone
|
||
needed multi-line support for header/body Milter replies. The
|
||
LDAP client's TLS support was broken in several ways.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 13 14:58:52 CET 2008 - varkoly@suse.de
|
||
|
||
- #360572 - postfix %post script leaves lots of backup files in /etc/postfix/
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 30 12:20:53 CET 2008 - varkoly@suse.de
|
||
|
||
- Update to Version 2.5 patchlevel 0
|
||
|
||
Major changes - critical
|
||
------------------------
|
||
|
||
[Incompat 20071224] The protocol to send Milter information from
|
||
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
|
||
Milter feature, and upgrade a live Postfix system, you may see an
|
||
"unexpected record type" warning from a cleanup(8) server process.
|
||
To prevent this, execute the command "postfix reload". The
|
||
incompatibility affects only systems that use the Milter feature.
|
||
It does not cause loss of mail, just a minor delay until the remote
|
||
SMTP client retries.
|
||
|
||
[Incompat 20071212] The allow_min_user feature now applies to both
|
||
sender and recipient addresses in SMTP commands. With earlier Postfix
|
||
versions, only recipients were subject to the allow_min_user feature,
|
||
and the restriction took effect at mail delivery time, causing mail
|
||
to be bounced later instead of being rejected immediately.
|
||
|
||
[Incompat 20071206] The "make install" and "make upgrade" procedures
|
||
now create a Postfix-owned directory for Postfix-writable data files
|
||
such as caches and random numbers. The location is specified with
|
||
the "data_directory" parameter (default: "/var/lib/postfix"), and
|
||
the ownership is specified with the "mail_owner" parameter.
|
||
|
||
[Incompat 20071206] The tlsmgr(8) and verify(8) servers no longer
|
||
use root privileges when opening the address_verify_map,
|
||
*_tls_session_cache_database, and tls_random_exchange_name cache
|
||
files. This avoids a potential security loophole where the ownership
|
||
of a file (or directory) does not match the trust level of the
|
||
content of that file (or directory).
|
||
|
||
[Incompat 20071206] The tlsmgr(8) and verify(8) cache files should
|
||
now be stored as Postfix-owned files under the Postfix-owned
|
||
data_directory. As a migration aid, attempts to open these files
|
||
under a non-Postfix directory are redirected to the Postfix-owned
|
||
data_directory, and a warning is logged.
|
||
|
||
This is an example of the warning messages:
|
||
|
||
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
|
||
to update file /etc/postfix/prng_exch in non-postfix directory
|
||
/etc/postfix
|
||
|
||
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
|
||
the request to postfix-owned data_directory /var/lib/postfix
|
||
|
||
If you wish to continue using a pre-existing tls_random_exchange_name
|
||
or address_verify_map file, move it to the Postfix-owned data_directory
|
||
and change ownership from root to Postfix (that is, change ownership
|
||
to the account specified with the mail_owner configuration parameter).
|
||
|
||
[Feature 20071205] The "make install" and "make upgrade" procedures
|
||
now create a Postfix-owned directory for Postfix-writable data files
|
||
such as caches and random numbers. The location is specified with
|
||
the "data_directory" parameter (default: "/var/lib/postfix"), and
|
||
the ownership is specified with the "mail_owner" parameter.
|
||
|
||
[Incompat 20071203] The "make upgrade" procedure adds a new service
|
||
"proxywrite" to the master.cf file, for read/write lookup table
|
||
access. If you copy your old configuration file over the updated
|
||
one, you may see warnings in the maillog file like this:
|
||
|
||
connect #xx to subsystem private/proxywrite: No such file or directory
|
||
|
||
To recover, run "postfix upgrade-configuration" again.
|
||
|
||
[Incompat 20070613] The pipe(8) delivery agent no longer allows
|
||
delivery with the same group ID as the main.cf postdrop group.
|
||
|
||
Major changes - malware defense
|
||
-------------------------------
|
||
|
||
[Feature 20080107] New "pass" service type in master.cf. Written
|
||
years ago, this allows future front-end daemons to accept all
|
||
connections from the network, and to hand over connections from
|
||
well-behaved clients to Postfix. Since this feature uses file
|
||
descriptor passing, it imposes no overhead once a connection is
|
||
handed over to Postfix. See master(5) for a few details.
|
||
|
||
[Feature 20070911] Stress-adaptive behavior. When a "public" network
|
||
service runs into an "all processes are busy" condition, the master(8)
|
||
daemon logs a warning, restarts the service, and runs it with "-o
|
||
stress=yes" on the command line (under normal conditions it runs
|
||
the service with "-o stress=" on the command line). This can be
|
||
used to make main.cf parameter settings stress dependent, for
|
||
example:
|
||
|
||
/etc/postfix/main.cf:
|
||
smtpd_timeout = ${stress?10}${stress:300}
|
||
smtpd_hard_error_limit = ${stress?1}${stress:20}
|
||
|
||
Translation: under conditions of stress, use an smtpd_timeout value
|
||
of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
|
||
instead of 20. The syntax is explained in the postconf(5) manpage.
|
||
|
||
The STRESS_README file gives examples of how to mitigate flooding
|
||
problems.
|
||
|
||
Major changes - tls support
|
||
---------------------------
|
||
|
||
[Incompat 20080109] TLS logging output has changed to make it more
|
||
useful. Existing logfile parser regular expressions may need
|
||
adjustment.
|
||
|
||
- More log entries include the "hostnamename[ipaddress]" of the
|
||
remote SMTP peer.
|
||
|
||
- Certificate trust chain error reports show only the first
|
||
error certificate (closest to the trust chain root), and the
|
||
reporting is more human-readable for the most likely errors.
|
||
|
||
- After the completion of the TLS handshake, the session is logged
|
||
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
|
||
"Verified" (SMTP client only).
|
||
- "Untrusted" means that the certificate trust chain is invalid,
|
||
or that the root CA is not trusted.
|
||
- "Trusted" means that the certificate trust chain is valid, and
|
||
that the root CA is trusted.
|
||
- "Verified" means that the certificate meets the SMTP client's
|
||
matching criteria for the destination:
|
||
- In the case of a destination name match, "Verified" also
|
||
implies "Trusted".
|
||
- In the case of a fingerprint match, CA trust is not applicable.
|
||
|
||
- The logging of protocol states with TLS loglevel >= 2 no longer
|
||
reports bogus error conditions when OpenSSL asks Postfix to refill
|
||
(or flush) network I/O buffers. This loglevel is for debugging
|
||
only; use 0 or 1 in production configurations.
|
||
|
||
[Feature 20080109] The Postfix SMTP client has a new "fingerprint"
|
||
security level. This avoids dependencies on CAs, and relies entirely
|
||
on bi-lateral exchange of public keys (really self-signed or private
|
||
CA signed X.509 public key certificates). Scalability is clearly
|
||
limited. For details, see the fingerprint discussion in TLS_README.
|
||
|
||
[Feature 20080109] The Postfix SMTP server can now use SHA1 instead
|
||
of MD5 to compute remote SMTP client certificate fingerprints. For
|
||
backwards compatibility, the default algorithm is MD5. For details,
|
||
see the "smtpd_tls_fingerprint_digest" parameter in the postconf(5)
|
||
manual.
|
||
|
||
[Feature 20080109] The maximum certificate trust chain depth
|
||
(verifydepth) is finally implemented in the Postfix TLS library.
|
||
Previously, the parameter had no effect. The default depth was
|
||
changed to 9 (the OpenSSL default) for backwards compatibility.
|
||
|
||
If you have explicity limited the verification depth in main.cf,
|
||
check that the configured limit meets your needs. See the
|
||
"lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
|
||
"smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
|
||
|
||
[Feature 20080109] The selection of SSL/TLS protocols for mandatory
|
||
TLS can now use exclusion rather than inclusion. Either form is
|
||
acceptable; see the "lmtp_tls_mandatory_protocols",
|
||
"smtp_tls_mandatory_protocols" and "smtpd_tls_mandatory_protocols"
|
||
parameters in the postconf(5) manual.
|
||
|
||
Major changes - scheduler
|
||
-------------------------
|
||
|
||
[Feature 20071130] Revised queue manager with separate mechanisms
|
||
for per-destination concurrency control and for dead destination
|
||
detection. The concurrency control supports less-than-1 feedback
|
||
to allow for more gradual concurrency adjustments, and uses hysteresis
|
||
to avoid rapid oscillations. A destination is declared "dead" after
|
||
a configurable number of pseudo-cohorts(*) reports connection or
|
||
handshake failure.
|
||
|
||
(*) A pseudo-cohort is a number of delivery requests equal to a
|
||
destination's delivery concurrency.
|
||
|
||
The drawbacks of the old +/-1 feedback scheduler are a) overshoot
|
||
due to exponential delivery concurrency growth with each pseudo-cohort(*)
|
||
(5-10-20...); b) throttling down to zero concurrency after a single
|
||
pseudo-cohort(*) failure. The latter was especially an issue with
|
||
low-concurrency channels where a single failure could be sufficient
|
||
to mark a destination as "dead", and suspend further deliveries.
|
||
|
||
New configuration parameters: destination_concurrency_feedback_debug,
|
||
default_destination_concurrency_positive_feedback,
|
||
default_destination_concurrency_negative_feedback,
|
||
default_destination_concurrency_failed_cohort_limit, as well as
|
||
transport-specific versions of the same.
|
||
|
||
The default parameter settings are backwards compatible with older
|
||
Postfix versions. This may change after better defaults are field
|
||
tested.
|
||
|
||
The updated SCHEDULER_README document describes the theory behind
|
||
the new concurrency scheduler, as well as Patrik Rak's preemptive
|
||
job scheduler. See postconf(5) for more extensive descriptions of
|
||
the configuration parameters.
|
||
|
||
Major changes - small/home office
|
||
---------------------------------
|
||
|
||
[Feature 20080115] Preliminary SOHO_README document that combines
|
||
bits and pieces from other document in one place, so that it is
|
||
easier to find. This document describes the "mail sending" side
|
||
only.
|
||
|
||
[Feature 20071202] Output rate control in the queue manager. For
|
||
example, specify "smtp_destination_rate_delay = 5m", to pause five
|
||
minutes between message deliveries. More information in the postconf(5)
|
||
manual under "default_destination_rate_delay".
|
||
|
||
Major changes - smtp client
|
||
---------------------------
|
||
|
||
[Incompat 20080114] The Postfix SMTP client now by default defers
|
||
mail after a remote SMTP server rejects a SASL authentication
|
||
attempt. Specify "smtp_sasl_auth_soft_bounce = no" for the old
|
||
behavior.
|
||
|
||
[Feature 20080114] The Postfix SMTP client can now avoid making
|
||
repeated SASL login failures with the same server, username and
|
||
password. To enable this safety feature, specify for example
|
||
"smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache"
|
||
(access through the proxy service is required). Instead of trying
|
||
to SASL authenticate, the Postfix SMTP client defers or bounces
|
||
mail as controlled with the new smtp_sasl_auth_soft_bounce configuration
|
||
parameter.
|
||
|
||
[Feature 20071111] Header/body checks are now available in the SMTP
|
||
client, after the implementation was moved from the cleanup server
|
||
to a library module. The SMTP client provides only actions that
|
||
don't change the message delivery time or destination: warn, replace,
|
||
prepend, ignore, dunno, ok.
|
||
|
||
[Incompat 20070614] By default, the Postfix Cyrus SASL client no
|
||
longer sends a SASL authoriZation ID (authzid); it sends only the
|
||
SASL authentiCation ID (authcid) plus the authcid's password. Specify
|
||
"send_cyrus_sasl_authzid = yes" to get the old behavior.
|
||
|
||
Major changes - smtp server
|
||
---------------------------
|
||
|
||
[Feature 20070724] Not really major. New support for RFC 3848
|
||
(Received: headers with ESMTPS, ESMTPA, or ESMTPSA); updated SASL
|
||
support according to RFC 4954, resulting in small changes to SMTP
|
||
reply codes and (DSN) enhanced status codes.
|
||
|
||
Major changes - milter
|
||
----------------------
|
||
|
||
[Incompat 20071224] The protocol to send Milter information from
|
||
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
|
||
Milter feature, and upgrade a live Postfix system, you may see an
|
||
"unexpected record type" warning from a cleanup(8) server process.
|
||
To prevent this, execute the command "postfix reload". The
|
||
incompatibility affects only systems that use the Milter feature.
|
||
It does not cause loss of mail, just a minor delay until the remote
|
||
SMTP client retries.
|
||
|
||
[Feature 20071221] Support for most of the Sendmail 8.14 Milter
|
||
protocol features.
|
||
|
||
To enable the new features specify "milter_protocol = 6" and link
|
||
the filter application with a libmilter library from Sendmail 8.14
|
||
or later.
|
||
|
||
Sendmail 8.14 Milter features supported at this time:
|
||
|
||
- NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR,
|
||
NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
|
||
to some of the SMTP events that Postfix sends. This makes the
|
||
protocol less chatty and improves performance.
|
||
|
||
- SKIP: The filter can tell Postfix to skip sending the rest of
|
||
the message body, which also improves performance.
|
||
|
||
- HDR_LEADSPC: The filter can request that Postfix does not delete
|
||
the first space character between header name and header value
|
||
when sending a header to the filter, and that Postfix does not
|
||
insert a space character between header name and header value
|
||
when receiving a header from the filter. This fixes a limitation
|
||
in the old Milter protocol that can break DKIM and DK signatures.
|
||
|
||
- SETSYMLIST: The filter can override one or more of the main.cf
|
||
milter_xxx_macros parameter settings.
|
||
|
||
Sendmail 8.14 Milter features not supported at this time:
|
||
|
||
- RCPT_REJ: report rejected recipients to the mail filter.
|
||
|
||
- CHGFROM: replace sender, with optional ESMTP command parameters.
|
||
|
||
- ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
|
||
|
||
It is unclear when (if ever) the missing features will be implemented.
|
||
SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
|
||
processing and error handling. SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
|
||
require ESMTP command-line parsing in the cleanup server. Unfortunately,
|
||
Sendmail's documentation does not specify what ESMTP options are
|
||
supported, but only discusses examples of things that don't work.
|
||
|
||
Major changes - address verification
|
||
------------------------------------
|
||
|
||
[Incompat 20070514] The default sender address for address verification
|
||
probes was changed from "postmaster" to "double-bounce", so that
|
||
the Postfix SMTP server no longer causes surprising behavior by
|
||
excluding "postmaster" from SMTP server access controls.
|
||
|
||
Major changes - ldap
|
||
--------------------
|
||
|
||
[Incompat 20071216] Due to an incompatible API change between
|
||
OpenLDAP 2.0.11 and 2.0.12, an LDAP client compiled for OpenLDAP
|
||
version <= 2.0.11 will refuse to work with an OpenLDAP library
|
||
version >= 2.0.12 and vice versa.
|
||
|
||
Major changes - logging
|
||
-----------------------
|
||
|
||
[Incompat 20080109] TLS logging output has changed to make it more
|
||
useful. Existing logfile parser regular expressions may need
|
||
adjustment.
|
||
|
||
- More log entries include the "hostnamename[ipaddress]" of the
|
||
remote SMTP peer.
|
||
|
||
- Certificate trust chain error reports show only the first
|
||
error certificate (closest to the trust chain root), and the
|
||
reporting is more human-readable for the most likely errors.
|
||
|
||
- After the completion of the TLS handshake, the session is logged
|
||
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
|
||
"Verified" (SMTP client only).
|
||
- "Untrusted" means that the certificate trust chain is invalid,
|
||
or that the root CA is not trusted.
|
||
- "Trusted" means that the certificate trust chain is valid, and
|
||
that the root CA is trusted.
|
||
- "Verified" means that the certificate meets the SMTP client's
|
||
matching criteria for the destination:
|
||
- In the case of a destination name match, "Verified" also
|
||
implies "Trusted".
|
||
- In the case of a fingerprint match, CA trust is not applicable.
|
||
|
||
- The logging of protocol states with TLS loglevel >= 2 no longer
|
||
reports bogus error conditions when OpenSSL asks Postfix to refill
|
||
(or flush) network I/O buffers. This loglevel is for debugging
|
||
only; use 0 or 1 in production configurations.
|
||
|
||
[Incompat 20071216] The SMTP "transcript of session" email now
|
||
includes the remote SMTP server TCP port number.
|
||
|
||
Major changes - loop detection
|
||
------------------------------
|
||
|
||
[Incompat 20070422] [Incompat 20070422] When the pipe(8) delivery
|
||
agent is configured to create the optional Delivered-To: header,
|
||
it now first checks if that same header is already present in the
|
||
message. If so, the message is returned as undeliverable. This test
|
||
should have been included with Postfix 2.0 when Delivered-To: support
|
||
was added to the pipe(8) delivery agent.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 8 10:00:12 CET 2008 - varkoly@suse.de
|
||
|
||
- Remove previous fix
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 30 19:58:02 CET 2007 - varkoly@suse.de
|
||
|
||
- #301335 - [SuSEconfig]: Postfix module uses stderr
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 4 09:02:19 CET 2007 - varkoly@suse.de
|
||
|
||
- Update to Version 2.4 patchlevel 6
|
||
Bugfix (introduced Postfix 2.2.11): TLS client certificate
|
||
with unparsable canonical name caused the SMTP server's
|
||
policy client to allocate zero-length memory, triggering
|
||
an assertion that it shouldn't do such things. File:
|
||
smtpd/smtpd_check.c.
|
||
|
||
Bugfix (introduced Postfix 2.4) missing initialization of
|
||
event mask in the event_mask_drain() routine (used by the
|
||
obsolete postkick(1) command). Found by Coverity. File:
|
||
util/events.c.
|
||
|
||
Workaround: the flush daemon forces an access time update
|
||
for the per-destination logfile, to prevent an excessive
|
||
rate of delivery attempts when the queue file system is
|
||
mounted with "noatime". File: flush/flush.c.
|
||
|
||
- #330276 – /sbin/conf.d/SuSEconfig.postfix could copy certs into smtpd_tls_CApath
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 22 17:38:19 CEST 2007 - sbrabec@suse.cz
|
||
|
||
- Use correct SuSEfirewall2 rule directory.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 17 11:52:01 CEST 2007 - varkoly@suse.de
|
||
|
||
- #333629 - saslauthd typo in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 8 12:37:39 CEST 2007 - varkoly@suse.de
|
||
|
||
- #331044 - Postfix uses receive_override_options in main.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Sep 9 17:42:27 CEST 2007 - varkoly@suse.de
|
||
|
||
- fix the last fix
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 4 00:38:58 CEST 2007 - cthiel@suse.de
|
||
|
||
- fix the last fix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 3 12:37:43 CEST 2007 - varkoly@suse.de
|
||
|
||
- Fixing bug: #297622 - SMTPD_LISTEN_REMOTE has no effect
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 6 00:26:31 CEST 2007 - mrueckert@suse.de
|
||
|
||
- Update to Version 2.4 patchlevel 5
|
||
Bugfix: the loopback TCP performance workaround was ineffective
|
||
due to a wetware bit-flip during code cleanup. File:
|
||
util/vstream_tweak.c.
|
||
|
||
(patch level 4)
|
||
Bugfix: the Milter client assumed that a Milter application
|
||
does not modify the message header or envelope, after that
|
||
same Milter application has modified the message body of
|
||
that same email message. This is not a problem with updates
|
||
by different Milter applications. Problem was triggered
|
||
by Jose-Marcio Martins da Cruz. Also simplified the handling
|
||
of queue file update errors. File: milter/milter8.c.
|
||
|
||
Workaround: some non-Cyrus SASL SMTP servers require SASL
|
||
login without authzid (authoriZation ID), i.e. the client
|
||
must send only the authcid (authentiCation ID) + the authcid's
|
||
password. In this case the server is supposed to derive
|
||
the authzid from the authcid. This works as expected when
|
||
authenticating to a Cyrus SASL SMTP server. To get the old
|
||
behavior specify "send_cyrus_sasl_authzid = yes", in which
|
||
case Postfix sends the (authzid, authcid, password), with
|
||
the authzid equal to the authcid. File: xsasl/xsasl_cyrus_client.c.
|
||
|
||
Portability: /dev/poll support for Solaris chroot jail setup
|
||
scripts. Files: examples/chroot-setup/Solaris8,
|
||
examples/chroot-setup/Solaris10.
|
||
|
||
Cleanup: Milter client error handling, so that the (Postfix
|
||
SMTP server's Milter client) does not get out of sync with
|
||
Milter applications after the (cleanup server's Milter
|
||
client) encounters some non-recoverable problem. Files:
|
||
milter/milter8.c, smtpd/smtpd.c.
|
||
|
||
Performance: workaround for poor TCP performance on loopback
|
||
(127.0.0.1) connections. Problem reported by Mark Martinec.
|
||
Files: util/vstream_tweak.c, milter/milter8.c, smtp/smtp_connect.c,
|
||
smtpstone/*source.c.
|
||
|
||
Bugfix: when a milter replied with ACCEPT at or before the
|
||
first RCPT command, the cleanup server would apply the
|
||
non_smtpd_milters setting as if the message was a local
|
||
submission. Problem reported by Jukka Salmi. Also, the
|
||
cleanup server would get out of sync with the milter when
|
||
a milter replied with ACCEPT at the DATA command. Files:
|
||
cleanup/cleanup_envelope.c, smtpd/smtpd.c, milter/milters.c.
|
||
- rediffed patches
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 31 18:21:11 CEST 2007 - varkoly@suse.de
|
||
|
||
- Update to Version 2.4 patchlevel 3
|
||
(patch level 1)
|
||
Bugfix (introduced Postfix 2.3): segfault with HOLD action
|
||
in access/header_checks/body_checks on 64-bit platforms.
|
||
File: cleanup/cleanup_api.c.
|
||
|
||
Portability (introduced 20070325): the fix for hardlinks
|
||
and symlinks in postfix-install forgot to work around shells
|
||
where "IFS=/ command" makes the IFS setting permanent. This
|
||
is allowed by some broken standard, and affects Solaris.
|
||
File: postfix-install.
|
||
|
||
Portability (introduced 20070212): the workaround for
|
||
non-existent library bugs with descriptors >= FD_SETSIZE
|
||
broke with "fcntl F_DUPFD: Invalid argument" on 64-bit
|
||
Solaris. Files: master/multi_server.c, *qmgr/qmgr_transport.c.
|
||
|
||
Cleanup: on (Linux) platforms that cripple signal handlers
|
||
with deadlock, "postfix stop" now forcefully stops all the
|
||
processes in the master's process group, not just the master
|
||
process alone. File: conf/postfix-script.
|
||
|
||
(patch level 2)
|
||
Bugfix: don't falsely report "lost connection from
|
||
localhost[127.0.0.1]" when Postfix is being portscanned.
|
||
Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
|
||
|
||
Robustness: recommend a "0" process limit for policy servers
|
||
to avoid "connection refused" problems when the smtpd process
|
||
limit exceeds the default process limit. File:
|
||
proto/SMTPD_POLICY_README.html.
|
||
|
||
Safety: when IPv6 (or IPv4) is turned off, don't treat an
|
||
IPv6 (or IPv4) connection from e.g. inetd as if it comes
|
||
from localhost[127.0.0.1]. Files: smtpd/smtpd_peer.c,
|
||
qmqpd/qmqpd_peer.c.
|
||
|
||
Bugfix: Content-Transfer-Encoding: attribute values are
|
||
case insensitive. File: src/cleanup/cleanup_message.c.
|
||
|
||
Bugfix: mailbox_transport(_maps) and fallback_transport(_maps)
|
||
were broken when used with the error(8) or discard(8)
|
||
transports. Cause: insufficient documentation. Files:
|
||
error/error.c, discard/discard.c.
|
||
|
||
Bugfix (problem introduced Postfix 2.3): when DSN support
|
||
was introduced it broke "agressive" recipient duplicate
|
||
elimination with "enable_original_recipient = no". File:
|
||
cleanup/cleanup_out_recipient.c.
|
||
|
||
Bugfix (introduced Postfix 2.3): the sendmail/postdrop
|
||
commands would hang when trying to submit a message larger
|
||
than the per-message size limit. File: postdrop/postdrop.c.
|
||
|
||
Sabotage the saboteur who insists on breaking Postfix by
|
||
adding gethostbyname() calls that cause maildir delivery
|
||
to fail when the machine name is not found in /etc/hosts,
|
||
or that cause Postfix processes to hang when the network
|
||
is down.
|
||
|
||
(patch level 3)
|
||
Portability: Victor helpfully pointed out that change
|
||
20070425 broke on non-IPv6 systems. Files: smtpd/smtpd_peer.c,
|
||
qmqpd/qmqpd_peer.c.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 21 08:30:45 CEST 2007 - varkoly@suse.de
|
||
|
||
- Bug 285553 amavisd inconsistency
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 19 18:55:43 CEST 2007 - dmueller@suse.de
|
||
|
||
- provide smtp meta-service as well
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 11 21:32:53 CEST 2007 - lrupp@suse.de
|
||
|
||
- don't PreRequire /sbin/ip: removed call in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Thu May 3 12:09:13 CEST 2007 - varkoly@suse.de
|
||
|
||
- dynamic_maps.patch: readded the chunk for dict_tcp and dict_pcre
|
||
- replaced prereq for postfix with a prereq on
|
||
%{name} = %{version}
|
||
- updated to postfix 2.4, patchlevel 0
|
||
Major changes - safety
|
||
* As a safety measure, Postfix now by default creates mailbox dotlock
|
||
files on all systems. This prevents problems with GNU POP3D which
|
||
subverts kernel locking by creating a new mailbox file and deleting
|
||
the old one
|
||
|
||
Major changes - Milter support
|
||
* The support for Milter header modification
|
||
requests was revised. With minimal change in the on-disk representation,
|
||
the code was greatly simplified, and regression tests were updated
|
||
to ensure that old errors were not re-introduced. The queue file
|
||
format is entirely backwards compatible with Postfix 2.3.
|
||
|
||
* Support for Milter requests to replace the message
|
||
body. Postfix now implements all the header/body modification
|
||
requests that are available with Sendmail 8.13.
|
||
|
||
* A new field is added to the queue file "size"
|
||
record that specifies the message content length. Postfix 2.3 and
|
||
older Postfix 2.4 snapshots will ignore this field, and will report
|
||
the message size as it was before the body was replaced.
|
||
|
||
Major changes - TLS support
|
||
* The check_smtpd_policy client sends TLS certificate
|
||
attributes (client ccert_subject, ccert_issuer) only after successful
|
||
client certificate verification. The reason is that the certification
|
||
verification status itself is not available in the policy request.
|
||
|
||
* The check_smtpd_policy client sends TLS certificate
|
||
fingerprint information even when the certificate itself was not
|
||
verified.
|
||
|
||
* The remote SMTP client TLS certificate fingerprint
|
||
can be used for access control even when the certificate itself was
|
||
not verified.
|
||
|
||
* The format of SMTP server TLS session cache
|
||
lookup keys has changed. The lookup key now includes the master.cf
|
||
service name.
|
||
|
||
Major changes - performance
|
||
* Better support for systems that run thousands
|
||
of Postfix processes. Postfix now supports FreeBSD kqueue(2),
|
||
Solaris poll(7d) and Linux epoll(4) as more scalable alternatives
|
||
to the traditional select(2) system call, and uses poll(2) when
|
||
examining a single file descriptor for readability or writability.
|
||
These features are supported on sufficiently recent versions of
|
||
FreeBSD, NetBSD, OpenBSD, Solaris and Linux; support for other
|
||
systems will be added as evidence becomes available that usable
|
||
implementations exist.
|
||
|
||
Major changes - delivery status notifications
|
||
* Small changes were made to the default bounce
|
||
message templates, to prevent HTML-aware software from hiding or
|
||
removing the text "<postmaster>", and producing misleading text.
|
||
|
||
* Postfix no longer announces its name in delivery
|
||
status notifications. Users believe that Wietse provides a free
|
||
help desk service that solves all their email problems.
|
||
|
||
Major changes - ETRN support
|
||
* More precise queue flushing with the ETRN,
|
||
"postqueue -s site", and "sendmail -qRsite" commands, after
|
||
minimization of race conditions. New per-queue-file flushing with
|
||
"postqueue -i queueid" and "sendmail -qIqueueid".
|
||
|
||
Major changes - small office/home office support
|
||
* Postfix no longer requires a domain name. It
|
||
uses "localdomain" as the default Internet domain name when no
|
||
domain is specified via main.cf or via the machine's hostname.
|
||
|
||
Major changes - SMTP access control
|
||
* The check_smtpd_policy client sends TLS certificate
|
||
attributes (client ccert_subject, ccert_issuer) only after successful
|
||
client certificate verification. The reason is that the certification
|
||
verification status itself is not available in the policy request.
|
||
|
||
* The check_smtpd_policy client sends TLS certificate
|
||
fingerprint information even when the certificate itself was not
|
||
verified.
|
||
|
||
* The remote SMTP client TLS certificate fingerprint can be used for
|
||
access control even when the certificate itself was not verified.
|
||
|
||
* The Postfix installation procedure no longer
|
||
updates main.cf with "unknown_local_recipient_reject_code = 450".
|
||
Four years after the introduction of mandatory recipient validation,
|
||
this transitional tool is no longer neeed.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 29 14:33:03 CEST 2007 - rguenther@suse.de
|
||
|
||
- Add pwdutils BuildRequires to allow postinst script to succeed.
|
||
- Add /usr/share/omc directory.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 26 10:32:36 CET 2007 - varkoly@suse.de
|
||
|
||
- #247351 - postfix - Ports for SuSEfirewall added via packages
|
||
|
||
- Move postfix.xml into the postfix-SuSE tarball
|
||
|
||
- #228479 - Postfix is configured for inet_protocols=all if
|
||
selecting ipv4 only support during installation.
|
||
Now we set both inet_protocols and inet_interfaces to all.
|
||
This means the available interfaces and protocols will be used.
|
||
To avoid bogus warnings inet_proto.c was patched.
|
||
|
||
- #251598 - postfix use pointers for literals
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 15 13:14:07 CET 2007 - varkoly@suse.de
|
||
|
||
- #144104 - postfix does not start
|
||
|
||
- Implementing Fate #301840: Postfix XML Service Description Document
|
||
|
||
- Enhancing /etc/sysconfig/postfix descripton to avoid problems
|
||
like Bug 228678 - Problems with setting up chroot environment if
|
||
/var/spool is not on same filesystem as /var
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 22 03:03:18 CET 2006 - mrueckert@suse.de
|
||
|
||
- moved the dict handling into a preun script instead of postun
|
||
and do not remove the dict entry on upgrade (#223176)
|
||
- removed duplicates in the filelists.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 10 11:43:00 CET 2006 - varkoly@suse.de
|
||
|
||
- #218229 - Postfix SuSEconfig script increases the max_proc line each run in master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Oct 28 11:41:50 CEST 2006 - varkoly@suse.de
|
||
|
||
- #206414 - /usr/lib/sasl2/smtpd.conf misplaced
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 24 22:32:45 CEST 2006 - varkoly@suse.de
|
||
|
||
- #202119 – SuSEconfig script for Postfix incomplete
|
||
- #202162 – Postfix 2.3.2 slightly incorrect, Cyrus SASL unavailable
|
||
- #203174 – /sbin/conf.d/SuSEconfig.postfix should configure a TLS session cache for postfix 2.2
|
||
- #203575 – postfix-2.2.9-10 chokes without scache
|
||
- #213589 - No development package/headers for postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 16 01:24:20 CEST 2006 - ro@suse.de
|
||
|
||
- also add libpostfix-milter.so*
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 14 12:34:37 CEST 2006 - varkoly@suse.de
|
||
|
||
- updated to postfix 2.3, patchlevel 2
|
||
- Major changes
|
||
- Name server replies that contain a malformed hostname are now flagged
|
||
as permanent errors instead of transient errors.
|
||
- DSN support as described in RFC 3461 .. RFC 3464.
|
||
- The SMTP client now implements the LMTP protocol.
|
||
- Milter (mail filter) application support, compatible with Sendmail
|
||
version 8.13.6 and earlier.
|
||
- Major changes - SASL authentication
|
||
- Plug-in support for SASL authentication in the SMTP server and in the
|
||
SMTP/LMTP client.
|
||
- The Postfix-with-Cyrus-SASL build procedure has changed.
|
||
- Support for sender-dependent ISP accounts.
|
||
- Major changes - SMTP client
|
||
- The SMTP client now implements the LMTP protocol.
|
||
- This version addresses a performance stability problem with remote
|
||
SMTP servers.
|
||
- Major changes - SMTP server
|
||
- The Postfix SMTP server now refuses to receive mail from the network
|
||
if it isn't running with postfix mail_owner privileges.
|
||
- Optional suppression of remote SMTP client hostname lookup and hostname
|
||
verification.
|
||
- SMTPD Access control based on the existence of an address->name mapping
|
||
- Major changes - TLS
|
||
- New concept: TLS security levels ("none", "may", "encrypt", "verify"
|
||
or "secure") in the Postfix SMTP client.
|
||
- Both the Postfix SMTP client and server can be configured without a
|
||
client or server certificate.
|
||
- See
|
||
/usr/share/doc/packages/postfix/RELEASE_NOTES
|
||
/usr/share/doc/packages/postfix/TLS_CHANGES
|
||
/usr/share/doc/packages/postfix/README_FILES/SASL_README
|
||
for detailed informations.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 2 16:18:30 CEST 2006 - varkoly@suse.de
|
||
|
||
- Only %{conf_backup_dir} is contained by the package not /var/adm/backup
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 10 16:21:31 CEST 2006 - varkoly@suse.de
|
||
|
||
- Bugfix: #190639 Default number of processes for postfix
|
||
- Bugfix: #190270 postfix-postgresql
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 2 19:58:38 CEST 2006 - varkoly@suse.de
|
||
|
||
- Bugfix: #98188 - SuSE.tar.gz filename collision in cyrus/postfix SRPMs
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 24 17:14:40 CEST 2006 - varkoly@suse.de
|
||
|
||
- Bugfix: #165786 - yast2-mail modul uses obsolate postfix attributes
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 20 10:21:55 CET 2006 - varkoly@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 9.
|
||
- Reasons:
|
||
Bugfix: the LMTP client would reuse a session after negative
|
||
reply to the RSET command (which may happen when client and
|
||
server somehow get out of sync).
|
||
Bugfix: race condition in the connection caching protocol,
|
||
causing the SMTP delivery agent to hang after delivering
|
||
mail, while trying to save a connection.
|
||
Bugfix: the best_mx_transport, mailbox_transport and
|
||
fallback_transport features did not write a per-recipient
|
||
defer logfile record when the target delivery agent was
|
||
broken.
|
||
Bugfix: an EHLO I/O error after STARTTLS would be reported
|
||
as a STARTTLS I/O error.
|
||
Bugfix: the *SQL, proxy and LDAP maps were not defined in
|
||
user-land commands such as postqueue.
|
||
Bugfix: the anvil server would terminate after "max_idle"
|
||
seconds, even when this was less than the anvil_rate_time_unit
|
||
interval.
|
||
Portability: 64-bit support for LINUX chroot script by Keith
|
||
Owens.
|
||
Safety: new "smtp_cname_overrides_servername" parameter.
|
||
|
||
Bugfix: mailbox_command_maps was not subject to $name
|
||
expansion.
|
||
Bugfix: don't ignore the per-site policy when SSL library
|
||
initialization fails.
|
||
Bugfix: a TLS per-site MUST_NOPEERMATCH policy could not
|
||
override a stronger main.cf policy, while a per-site NONE
|
||
policy could.
|
||
Bugfix: a combined TLS per-site (host, recipient) policy
|
||
of (NONE, MAY) changed a global MUST policy into NONE, and
|
||
a global MUST_NOPEERMATCH into MAY. The result is now NONE.
|
||
Problem found by exhaustive simulation.
|
||
Bugfix: an empty remote_header_rewrite_domain value caused
|
||
trivial-rewrite to dereference a null pointer, but only in
|
||
regression tests, not in production. Postfix rewrites
|
||
addresses in the remote rewriting context only when the
|
||
remote_header_rewrite_domain parameter value is non-empty.
|
||
Workaround: a malformed domain name lookup result (such as
|
||
null MX record) is now treated as a hard error, so that
|
||
Postfix will no longer repeatedly try to deliver mail until
|
||
the message expires in the queue. However, this will not
|
||
reject mail with reject_unknown_sender/recipient_domain.
|
||
That would require too much change for a stable release.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 27 02:19:42 CET 2006 - mls@suse.de
|
||
|
||
- converted neededforbuild to BuildRequires
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 24 09:11:46 CET 2006 - varkoly@suse.de
|
||
|
||
- Fixing the spec-file
|
||
- Bugfix: ID#143682 - Spurious (obsoleted?) configuration variable in postfix's main.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 23 13:00:13 CET 2006 - varkoly@suse.de
|
||
|
||
- Bugfix: ID#140173 postfix allows relaying on the whole subnet
|
||
- Bugfix: ID#144091 postfix doesn't start with the latest kernel
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 20 11:56:24 CET 2006 - varkoly@suse.de
|
||
|
||
- Bugfix: ID#144091
|
||
- Postfix makes an entry in slp servre for smtp & smtps
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 16 14:49:29 CET 2006 - varkoly@suse.de
|
||
|
||
- removing openldap from "neededforbuild"
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 30 11:11:16 CET 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 6
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 11 15:03:56 CEST 2005 - choeger@suse.de
|
||
|
||
- added patch ldap_api_changes.patch: openldap2.3 enforces to use
|
||
"The C LDAP Application Program Interface"
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 15 13:55:32 CEST 2005 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#104663 - consistent use of variables in postfix
|
||
init-script
|
||
- Bugfix Bugzilla ID#104568 - SuSEconfig.postfix doesnt set $PATH properly to
|
||
find all binaries.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 12 10:25:09 CEST 2005 - mmj@suse.de
|
||
|
||
- Package the /usr/lib/sendmail -> /usr/sbin/sendmail link [#102947]
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 26 11:05:29 CEST 2005 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#93884 - package postfix uses -fsigned-char
|
||
Remove -fsigned-char option for ppc and s390 archs
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 25 11:52:18 CEST 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 5:
|
||
- Portability: the connection caching code broke on LP64
|
||
systems (inherited from Stevens Network Programming).
|
||
Files: util/unix_send_fd.c, util/unix_recv_fd.c. This code
|
||
is back-ported from the Postfix 2.3 snapshot release.
|
||
- Robustness: the SMTP client now disables connection caching
|
||
when it is unable to communicate with the scache(8) server,
|
||
instead of looping forever and not delivering mail. File:
|
||
global/scache_clnt.c. This code is back-ported from the
|
||
Postfix 2.3 snapshot release.
|
||
- Portability: after sending a socket, the scache(8) server
|
||
now waits for an ACK from the connection cache client before
|
||
closing the socket that it just sent. Files: scache/scache.c,
|
||
global/scache_clnt.c. This code is back-ported from the
|
||
Postfix 2.3 snapshot release.
|
||
- Portability: on LP64 systems, integer expressions are int,
|
||
but sizeof() and pointer difference expressions are larger.
|
||
Point fixes for a few discrepancies with variadic functions
|
||
that expect int (the permanent fix is to change the receiving
|
||
modules, but that results in too much change, and is not
|
||
allowed in the stable release). Files: tls/tls_scache.c,
|
||
util/clean_env.c, util/vstring.h, smtpstone/qmqp-source.c.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 18 15:49:16 CEST 2005 - choeger@suse.de
|
||
|
||
- force to set strict_8bitmime to "no" when POSTFIX_MDA != cyrus,
|
||
because once it is set to "yes", nobody sets it back.
|
||
- only install /etc/pam.d/smtp if suse_version > 920
|
||
- use Prereq instead of Requires for mysql and postgresql subpackages
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 13 16:59:14 CEST 2005 - choeger@suse.de
|
||
|
||
- added /etc/pam.d/smtp configuration file
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 7 16:44:05 CEST 2005 - choeger@suse.de
|
||
|
||
- Fixed build on x86_64: use -fPIC for libraries and -fPIE for the
|
||
rest
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 5 17:57:48 CEST 2005 - choeger@suse.de
|
||
|
||
- applied dynamic maps patch of LaMont Jones at debian
|
||
- Fix to SuSEconfig.postfix: only touch tlsmgr line in master.cf,
|
||
if it is the new one using unix socket instead of fifo
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 30 17:52:10 CEST 2005 - uli@suse.de
|
||
|
||
- build with -fPIE (not -fpie) to avoid GOT overflow on s390x
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 23 10:22:18 CEST 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 4
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 17 17:06:39 CEST 2005 - choeger@suse.de
|
||
|
||
- fixed build using -pie/-fpie (hopefully)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 17 11:04:03 CEST 2005 - choeger@suse.de
|
||
|
||
- Build using -pie
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 13 18:24:50 CEST 2005 - choeger@suse.de
|
||
|
||
- set strict_8bitmime parameter to yes when using cyrus mailbox
|
||
delivery
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 4 15:54:33 CEST 2005 - choeger@suse.de
|
||
|
||
- Bugfix ID#66325 - postfix: permissions
|
||
also ship a postfix.paranoid file with the package with all suid and sgid
|
||
bits disabled
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 3 16:29:04 CEST 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 3
|
||
- Bugfix ID#75717 - postfix init scripts reports success allthough postfix is
|
||
not running:
|
||
use checkproc again instead of "master -t", as "master -t" seems to be broken
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 21 17:42:04 CEST 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 2
|
||
- Bugfix ID#74712, problems with read-only mounting of $chroot/proc:
|
||
don't mount /var/spool/postfix/proc ro as that results in /proc also mounted
|
||
ro.
|
||
- Bugfix ID#74709, postfix configuration and USE_IPV6 in
|
||
sysconfig/network/config
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 15 17:46:44 CET 2005 - choeger@suse.de
|
||
|
||
- updated to postfix 2.2, patchlevel 1
|
||
Postfix 2.2.1 solves four portability problems that surfaced in
|
||
the week since the 2.2.0 release, one harmless bug in the TLS
|
||
session cache cleaning code, and cleans up minor documentation
|
||
problems.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 10 10:18:45 CET 2005 - choeger@suse.de
|
||
|
||
- 2.2.0 is out
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 7 14:15:08 CET 2005 - choeger@suse.de
|
||
|
||
- update to RC2
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 2 15:01:33 CET 2005 - choeger@suse.de
|
||
|
||
- make it compile with gcc4
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 28 18:03:36 CET 2005 - choeger@suse.de
|
||
|
||
- RC1 of 2.2 is out
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 18 16:34:07 CET 2005 - choeger@suse.de
|
||
|
||
- use "usr/sbin/postfix upgrade-configuration" now instead of
|
||
"etc/postfix/post-install upgrade-package"
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 17 19:28:22 CET 2005 - choeger@suse.de
|
||
|
||
- removed some @ chars (don't know how they slipped in)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 17 13:42:18 CET 2005 - choeger@suse.de
|
||
|
||
- update to current pre 2.2 snapshot (2.2-20050216)
|
||
2.2 release could happen next week
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 10 09:08:18 CET 2005 - choeger@suse.de
|
||
|
||
- added patch needed for the Kolab project (this patch is part of the upcoming
|
||
postfix 2-2 release), see
|
||
http://wiki.kolab.org/index.php/Kolab-major-app-patches
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 3 10:00:38 CET 2005 - choeger@suse.de
|
||
|
||
- s/X-UnitedLinux-Should-Start/Should-Start/
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 2 16:44:34 CET 2005 - choeger@suse.de
|
||
|
||
- added long_header.patch
|
||
long lines piped into postfix sendmail can lead to errors.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 2 08:52:19 CET 2005 - choeger@suse.de
|
||
|
||
- Bugfix ID#49307: faster postfix startup: don't use hashed directories if
|
||
possible:
|
||
- added patch empty_hash_queue_names.patch to be able to modify
|
||
hash_queue_names parameter.
|
||
- added check to %post to change hash_queue_names in case of
|
||
/var/spool/postfix residing on a reiserfs partition when doing
|
||
a fresh installation
|
||
- Bugfix ID#50386 - postfix must prereq /sbin/ip (iproute2)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 28 16:29:05 CET 2005 - choeger@suse.de
|
||
|
||
- updated tls+ipv6 patchkit to v1.26
|
||
- Bugfix: Incomplete error checking in getaddrinfo() could cause lmtpd to
|
||
crash with debug_peer_list defined. Carsten Hoeger, SuSE. File:
|
||
util/match_ops.c
|
||
- Linux workaround: When mynetworks isn't set, a chrooted process could not
|
||
read the IPv6 address information from /proc. We now invoke own_inet_addr()
|
||
before chrooting, while processing main.cf. [backported from 2.2-nonprod
|
||
snapshot] File: global/mail_params.c
|
||
- Safety: when IPv6 netmask can't be determined, mynetworks is not set and
|
||
mynetworks_style = subnet, assume /128 (host only). Until now, Tru64Unix
|
||
assumed /64 (good for real subnets, but not safe for tunnel ranges etc.).
|
||
File: util/inet_addr_local.c
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Jan 15 20:48:48 CET 2005 - schwab@suse.de
|
||
|
||
- Use <owner>:<group> in permissions file.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 13 16:16:41 CET 2005 - choeger@suse.de
|
||
|
||
- Two fixes to ipv6-patch related bugs:
|
||
- Bugfix Bugzilla ID#49435 - VUL-0: Postfix, permit_mx_backup, IPv6, chroot
|
||
--> Open Relay!
|
||
- Bugfix Bugzilla ID#49695 - SEGV while lmtp delivery
|
||
- mount /proc into chroot jail to be able to access /proc/net/if_inet6
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 24 14:46:16 CET 2004 - schwab@suse.de
|
||
|
||
- Put options first in find command line.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 9 09:20:27 CET 2004 - choeger@suse.de
|
||
|
||
- setting LC_ALL=POSIX in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Sep 29 18:14:13 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#46462, postfix should switch biff off
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 21 12:48:02 CEST 2004 - choeger@suse.de
|
||
|
||
- updated to postfix 2.1, patchlevel 5
|
||
(several small bugfixes)
|
||
- updated tls+ipv6 patchkit (there have been some small bugs)
|
||
- use v4 address 127.0.0.1 as amavisd-new local contact address
|
||
as amavisd is not listening on any v6 address
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 20 09:51:25 CEST 2004 - choeger@suse.de
|
||
|
||
- also chmod the .db file resulting of a postmap (related to
|
||
bugfix ID#39045
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 16 13:57:32 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#39045 - tls_per_site table updates in SuSEconfig.postfix
|
||
introduced POSTFIX_MAP_LIST in /etc/sysconfig/postfix where additional
|
||
maps maintained by SuSEconfig.postfix can be added
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 16 10:34:58 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#45252 - rpm calls SuSEconfig.permissions which calls rpm
|
||
-> 3 minute timeout
|
||
Also don't call rpm from SuSEconfig.postfix
|
||
- Speedup: set timestamp of $TMPDIR/main.cf into the past to workaround
|
||
postconf safety which is not neccessary, because we do not touch the main.cf,
|
||
the postfix daemons are using.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 13 11:57:15 CEST 2004 - choeger@suse.de
|
||
|
||
- added $time to Required-Start in init-script
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 26 14:15:31 CEST 2004 - choeger@suse.de
|
||
|
||
- do not filter locally delivered mail when USE_AMAVIS=yes
|
||
(don't set content_filter=vscan in main.cf)
|
||
- removed obsolete vscan service definition from master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 20 12:47:52 CEST 2004 - choeger@suse.de
|
||
|
||
- use "$MASTER_BIN -t" to check whether postfix is already running
|
||
in start section of init-script. That's more reliable then checkproc.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 14 17:48:29 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#42995 - SuSEconfig.postfix should ignore
|
||
.swp and other files in /etc/aliases.d
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 13 16:22:02 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#42281, openssl ca segfaults:
|
||
added missing [ policy_anything ] configuration
|
||
options to openssl.cnf
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 12 14:58:58 CEST 2004 - choeger@suse.de
|
||
|
||
- updated to postfix 2.1, patchlevel 4
|
||
- updated tls+ipv6 patchkit to v1.25
|
||
- new feature POSTFIX_REGISTER_SLP in /etc/sysconfig/postfix
|
||
to be able to totally disable slptool from being started
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 25 12:42:45 CEST 2004 - choeger@suse.de
|
||
|
||
- updated tls+ipv6 patchkit to v1.24:
|
||
- Bugfix: Prefixlen non-null host portion validation (in CIDR maps for
|
||
example) yielded incorrect results sometimes because signed arithmetic was
|
||
used instad of unsigned.
|
||
- Patch correction: The TLS+IPv6 patch for Postfix 2.1.0 missed the master.cf
|
||
update (used for new installattions). Added it back.
|
||
- as tls and ipv6 patches have not been completely ported to postfix 2.1
|
||
new documentation system, especially the new postconf(5) manpage is
|
||
missing the complete ipv6 and tls related configuration parameters,
|
||
readded the sample-* files from ipv6+tls to %doc/samples
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 4 11:24:20 CEST 2004 - choeger@suse.de
|
||
|
||
- update to postfix 2.1, patchlevel 1:
|
||
- Patch 01 fixes a signal 11 problem in the check_policy_service
|
||
feature when SASL support is compiled in but turned off in the
|
||
SMTP server (smtpd_sasl_auth_enable = no).
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 28 10:46:55 CEST 2004 - choeger@suse.de
|
||
|
||
- added now officially released tls patchkit 0.8.18-2.1.0-0.9.7d to
|
||
the source package for the user to be able to build a non-ipv6
|
||
postfix package
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 26 17:46:01 CEST 2004 - choeger@suse.de
|
||
|
||
- official tls+ipv6 v1.23 patchkit released:
|
||
- Patch fixes: Several code fixes to make the patch compile and work
|
||
correctly when compiled without IPv6 support.
|
||
- Bugfix (Solaris only?): address family length was not updated
|
||
which could cause client hostname validation errors. File:
|
||
smtpd/smtpd_peer.c
|
||
- Portability: added support for Darwin 7.3+. This may need some
|
||
further testing.
|
||
- Cleanup: Restructure and redocument interface address retrieval
|
||
functions. (This reduced the number of preprocessor statements
|
||
from 99 to 93 ;) File: util/inet_addr_local.c
|
||
- Cleanup: make several explicit casts to have compilers shut their
|
||
pie holes about uninteresting things.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 23 11:22:35 CEST 2004 - choeger@suse.de
|
||
|
||
- update to final postfix v2.1
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 21 17:35:26 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix: changed {main,master}.cf backup path in specfile, but not in
|
||
SuSEconfig script
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 21 11:55:43 CEST 2004 - choeger@suse.de
|
||
|
||
- update to postfix 2.1 RC5
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 19 14:23:19 CEST 2004 - choeger@suse.de
|
||
|
||
- update to current postfix 2.1 release candidate (RC4)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 7 13:09:09 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#38569, exit SuSEconfig.postfix if
|
||
mktemp fails
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 30 11:13:38 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#37409
|
||
the saslauthd socket is not copied to chroot jail due to
|
||
a wrong test in SuSEconfig.postfix (used -L instead of -S)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 29 20:03:16 CEST 2004 - choeger@suse.de
|
||
|
||
- only add ::1 to inet_interfaces when SMTPD_LISTEN_REMOTE=no
|
||
AND ipv6 is enabled
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 29 11:03:56 CEST 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bug ID#37293, SuSEConfig complains POSTFIX_ADD_* parameters are
|
||
unknown (in turkish locale settings)
|
||
added LC_CTYPE=POSIX to SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 25 10:54:26 CET 2004 - choeger@suse.de
|
||
|
||
- updated to tls+ipv6 version 1.22 (related to Bugzilla ID#35884)
|
||
- Feature: Support "inet_interfaces = IPv4:all" and "inet_interfaces =
|
||
IPv6:all", to restrict postfix to use either IPv4-only or IPv6-only. A more
|
||
complete implementation will be part of a future patch. (Slightly modified)
|
||
patch by Michal Ludvig, SuSE. Files: util/interfaces_to_af.[ch],
|
||
util/inet_addr_local.c, global/own_inet_addr.c,
|
||
global/wildcard_inet_addr.[ch], master/master_ent.ch
|
||
- Bugfix: In Postfix snapshots, a #define was misplaced with the effect that
|
||
IPv6 subnets were not included in auto- generated $mynetworks (i.e.,
|
||
mynetworks not defined in main.cf, when also mynetworks_style=subnet) on
|
||
Linux 2.x systems. File: utils/sys_defs.h
|
||
- now adding ::1 to inet_interfaces when SMTPD_LISTEN_REMOTE=no
|
||
(related to Bugzilla ID#35884)
|
||
- enabled ipv6 again
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 18 12:37:44 CET 2004 - choeger@suse.de
|
||
|
||
- updated to most recent snapshot version 2.0.19-20040312:
|
||
Patch 19 fixes two low-priority problems:
|
||
|
||
- When mail is submitted at a high rate with the Postfix sendmail
|
||
command, the pickup daemon is keps busy long enough that it it
|
||
terminated by the watchdog timer (a feature that prevents Postfix
|
||
from locking up permanently).
|
||
|
||
- Malformed addresses in SMTP commands could result in table looks
|
||
with zero-length search strings, causing trouble with NIS lookups.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Mar 17 16:51:00 CET 2004 - choeger@suse.de
|
||
|
||
- disable IPv6 patch as it introduces problems for people
|
||
who do not use IPv6, see Bugzilla ID#35884,
|
||
"ipv6 mynetworks don't work"
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 8 15:58:35 CET 2004 - choeger@suse.de
|
||
|
||
- be a nice packager and strictly follow
|
||
http://www.porcupine.org/postfix-mirror/newdoc/PACKAGE_README.html
|
||
(added setgid_group=... to post-install upgrade-package)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 27 11:37:56 CET 2004 - choeger@suse.de
|
||
|
||
- update to most recent version 2.0.18-20040209
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 23 15:25:20 CET 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#34817, SuSEconfig.postfix doesn't specify direct path to
|
||
"postconf" and generates errors if run via sudo by a non-root user.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 6 13:15:49 CET 2004 - choeger@suse.de
|
||
|
||
- update to postfix 2.0.18-20040205
|
||
- enabled tls+ipv6 patch as it is now available for latest
|
||
pre 2.1 snapshot
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 2 13:22:54 CET 2004 - choeger@suse.de
|
||
|
||
- finally, the official TLS patchkit of Lutz hit the ground
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 2 11:02:16 CET 2004 - choeger@suse.de
|
||
|
||
- additional fix for the TLS extensions patch
|
||
should also fix Bugzilla ID#34218
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 23 12:15:00 CET 2004 - choeger@suse.de
|
||
|
||
- fixed the smtp segfault
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 22 21:37:51 CET 2004 - choeger@suse.de
|
||
|
||
- updated to postfix 2.0.18-20040122
|
||
- added new feature for specfile usetls to en/dis-able TLS
|
||
support
|
||
- temporary removed TLS support (self adapted patch to most recent
|
||
postfix snapshot version) as it currently results in smtp segfaulting
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 22 13:53:44 CET 2004 - choeger@suse.de
|
||
|
||
- update to recent postfix snapshot version 2.0.17-20040120
|
||
which will become the next official release 2.1 around
|
||
next week according to Wietse Venema.
|
||
- added possibility to compile using the combined IPV6/TLS patch
|
||
which can be downloaded from http://www.ipnet6.org/postfix/
|
||
just set useipv6 to 1 at the top of the specfile.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 22 01:45:58 CET 2004 - ro@suse.de
|
||
|
||
- remove call to ldap_enable_cache
|
||
(function has been removed from openldap and was already
|
||
obsolete before (warning was issued back then))
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 14 16:38:06 CET 2004 - choeger@suse.de
|
||
|
||
- added openslp register/derigister calls to postfix init-script
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 12 15:50:35 CET 2004 - choeger@suse.de
|
||
|
||
- add postfix user to group mail in case of POSTFIX_MDA==cyrus
|
||
to let postfix lmtp access /var/lib/imap/socket/lmtp
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 8 16:00:30 CET 2004 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#33421, SMTP-Auth and relaying
|
||
added permit_sasl_authenticated also to smtpd_recipient_restrictions
|
||
in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Dec 1 14:51:06 CET 2003 - choeger@suse.de
|
||
|
||
- always create temp files and always remove them later on
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 17 12:51:09 CET 2003 - choeger@suse.de
|
||
|
||
- some .spec improvements
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 30 12:13:51 CET 2003 - mmj@suse.de
|
||
|
||
- Run SuSEconfig after install
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 29 20:23:44 CET 2003 - mmj@suse.de
|
||
|
||
- Don't build as root
|
||
- Be nice and clean up after ourselves
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 14 15:47:52 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix v2.0.16
|
||
- update to tls extensions v0.8.16
|
||
- Fix for Bugzilla ID#32114, fixed some if condition syntaxes
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 16 10:29:25 CEST 2003 - choeger@suse.de
|
||
|
||
- fixed example for POSTFIX_RELAYHOST, Bug ID#30756
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 8 09:49:49 CEST 2003 - choeger@suse.de
|
||
|
||
- updated some sysconfig descriptions
|
||
- removed relays.osirosoft.com from the examples, Bug ID#30215
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 4 15:40:25 CEST 2003 - kukuk@suse.de
|
||
|
||
- Fix next useradd call
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Sep 3 11:31:54 CEST 2003 - choeger@suse.de
|
||
|
||
- conf/postfix-files as input for /etc/permissions.d/postfix (Bug ID#29915)
|
||
- generate better amavisd-new master.cf line:
|
||
limit maxproc to 2 and use brackets around localhost
|
||
(Bug ID#29917)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Sep 1 13:08:33 CEST 2003 - choeger@suse.de
|
||
|
||
- use conf/postfix-files as input for directories and permissions
|
||
for files/directories in/below $queue_directory and $command_directory
|
||
- use /var/lib/imap/socket/lmtp as lmtp socket in SuSEconfig.postfix
|
||
and change access modes of /var/lib/imap and /var/lib/imap/socket
|
||
to let postfix lmtp access the unix socket
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 29 11:43:53 CEST 2003 - kukuk@suse.de
|
||
|
||
- Create postfix user as system account [Bug #29611]
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 29 08:48:52 CEST 2003 - kukuk@suse.de
|
||
|
||
- Adjust sendmail permissions
|
||
- Create /var/spool/postfix/public with permissions postfix is
|
||
using
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 29 00:27:03 CEST 2003 - mmj@suse.de
|
||
|
||
- Add sendmail to /etc/sysconfig/mail
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 14 18:41:19 CEST 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 14
|
||
- Bugfix Bugzilla ID#28921:
|
||
missing activation metadata in sysconfig template
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 30 11:48:21 CEST 2003 - choeger@suse.de
|
||
|
||
- new macros for stop/restart of services on rpm update/removal
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 21 13:33:53 CEST 2003 - choeger@suse.de
|
||
|
||
- chown user:group instead of user.group
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 11 11:23:05 CEST 2003 - choeger@suse.de
|
||
|
||
- update to tls extensions 0.8.15-2.0.13-0.9.7b
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 1 15:44:05 CEST 2003 - choeger@suse.de
|
||
|
||
- updated SuSEconfig to use amavisd-new instead of amavis[d]-postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jun 30 17:43:20 CEST 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 13
|
||
- After "postfix reload", the master daemon now warns when the
|
||
inet_interfaces parameter setting has changed, and ignores the
|
||
change, instead of passing incorrect information to the smtp
|
||
server.
|
||
- After the postdrop command change with Postfix 2.0.11, the postcat
|
||
command no longer recognized "maildrop" queue files as valid.
|
||
- Mail could bounce when two messages were delivered simultaneously
|
||
to a non-existent mailbox file. The safe_open() code that prevents
|
||
race condition exploits will now try a little harder when it
|
||
actually encounters a race condition.
|
||
- update to tls extensions 0.8.14-2.0.12-0.9.7b
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 12 13:27:48 CEST 2003 - choeger@suse.de
|
||
|
||
- also change path to smtpd.conf in sysconfig template parameter
|
||
description dependent on what %{_lib} is set to.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 12 09:51:33 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix 2.0, patchlevel 12
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 11 17:55:21 CEST 2003 - choeger@suse.de
|
||
|
||
- mkdir -p $RPM_BUILD_ROOT/%{_libdir}/sasl2 instead of
|
||
$RPM_BUILD_ROOT/usr/lib/sasl2
|
||
and we also can build on 64bit archs
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 11 14:25:29 CEST 2003 - choeger@suse.de
|
||
|
||
- package /usr/lib/sasl2/smtpd.conf using %{_libdir}/sasl2/smtpd.conf
|
||
- added /etc/postfix to filelist
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 11 09:11:11 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix 2.0, patchlevel 11
|
||
- update to tls extensions 0.8.13-2.0.10-0.9.7b
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 23 14:33:01 CEST 2003 - choeger@suse.de
|
||
|
||
- updated SuSE/master.cf toplevel comments
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 23 14:19:43 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix 2.0, patchlevel 10
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 19 12:42:36 CEST 2003 - choeger@suse.de
|
||
|
||
- remove installed (but unpackaged) file /etc/postfix/aliases
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 19 10:12:52 CEST 2003 - choeger@suse.de
|
||
|
||
- path to ca, certificate and key is relative to $POSTFIX_SSL_PATH,
|
||
added $POSTFIX_SSL_PATH/ to the relevant parts of SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 14 11:29:48 CEST 2003 - choeger@suse.de
|
||
|
||
- correctly handle new POSTFIX_SMTP_TLS_CLIENT parameter in
|
||
SuSEconfig.postfix (activate/deactivate master.cf entries)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 14 11:05:36 CEST 2003 - choeger@suse.de
|
||
|
||
- added libxcrypt to chroot jail, Bugzilla ID#25766
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 13 20:40:00 CEST 2003 - choeger@suse.de
|
||
|
||
- added TLS_CLIENT support, Bugzilla ID#26647
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 23 13:43:02 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix 2.0, patchlevel 9
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 15 10:27:13 CEST 2003 - ro@suse.de
|
||
|
||
- fixed neededforbuild
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 7 12:58:01 CEST 2003 - choeger@suse.de
|
||
|
||
- update to postfix 2.0, patchlevel 7
|
||
- update to tls extensions 0.8.13-2.0.6-0.9.7a
|
||
- Bugfix Bugzilla ID#25905, do not restrict mailbox size per default
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Mar 8 15:56:26 CET 2003 - choeger@suse.de
|
||
|
||
- use checkproc to check if there really is a postfix master
|
||
process running when there's a pid file lying around.
|
||
(Bugzilla ID#24910)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 6 11:02:12 CET 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 06
|
||
- Postfix now truncates non-address information in message address
|
||
headers (comments, etc.) to 250 characters per address. This should
|
||
rarely present a problem. Reportedly, junk mail from poorly written
|
||
software can trigger the protection, but that is no great loss.
|
||
- Some little fixes to documentation.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 4 10:29:31 CET 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 05
|
||
- The SMTP server's hard and soft error limits were off by one.
|
||
With "smtpd_hard_error_limit = 1", Postfix will now disconnect
|
||
after the first error, instead of the second one.
|
||
- The proxymap server could deadlock when the mydestination parameter
|
||
setting included a proxymapped lookup table.
|
||
- Some little fixes to documentation.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Mar 1 16:41:10 CET 2003 - choeger@suse.de
|
||
|
||
- when updating postfix, check whether post-install changed
|
||
main/master.cf and update md5sums to not confuse SuSEconfig
|
||
- when installing postfix on a fresh system, create md5sums
|
||
in %post to be able to let check_md5_and_move() detect
|
||
changes that a user might have done without running SuSEconfig
|
||
before.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 27 19:01:32 CET 2003 - choeger@suse.de
|
||
|
||
- no longer remove md5sums of main.cf and master.cf during
|
||
postinstall, as SuSEconfig then no longer knows, whether
|
||
main.cf/master.cf had been modified by the user.
|
||
Disadvantage: as postfix permanently needs basic changes
|
||
to both main and master.cf, SuSEconfig.postfix will frequently
|
||
generate .SuSEconfig files although the user did not change anything
|
||
Bugzilla ID#24432
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 21 10:04:48 CET 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 04
|
||
- The format of maildir filenames is synchronized with the present
|
||
version of the maildir definition document. This format was already
|
||
adopted by the 20030126 snapshot release.
|
||
- The time limit on delivery to external commands was not enforced.
|
||
This was broken probably some time before the first public Postfix
|
||
release.
|
||
- Duplicate elimination after virtual alias expansion works again.
|
||
This was broken with the introduction of the original recipient
|
||
attribute.
|
||
- The local pickup daemon dropped incomplete records from local
|
||
submissions. This was broken somewhere in the middle of 2002.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Feb 15 14:59:54 CET 2003 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#23675: new service proxymap will not be
|
||
appended during update
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 10 16:25:39 CET 2003 - choeger@suse.de
|
||
|
||
- also check whether amavisd-postfix is installed and set up
|
||
filter section in master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 30 11:43:03 CET 2003 - choeger@suse.de
|
||
|
||
- update to Postfix 2.0 Patch 03
|
||
- Postfix 2.0 broke relocated table lookup results with mail not
|
||
rejected at the SMTP port, causing "User has moved to" text to be
|
||
deleted.
|
||
- A widely used maildir filename generating algorithm was broken.
|
||
This affects all Postfix versions with maildir support. Instead of
|
||
TIME.PID_COUNT.HOST Postfix now uses TIME.DEVICE_INODE.HOST.
|
||
- Postfix 2.0 gave incorrect FILTER_README instructions for sites
|
||
that wish to disable virtual alias mapping before the content
|
||
filter.
|
||
- postfix-lib64.patch code now integrated in postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 24 11:52:17 CET 2003 - choeger@suse.de
|
||
|
||
- changed SuSEconfig.postfix and smtpd.conf to use sasl2
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 23 13:07:17 CET 2003 - choeger@suse.de
|
||
|
||
- forgot to add tlsmgr to master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 23 11:43:24 CET 2003 - choeger@suse.de
|
||
|
||
- Hmmm, just noticed, that suddenly 2.0.0.x became 2.0.x
|
||
must have missed something...
|
||
- updated SuSE/master.cf (new proxymap service)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 16 10:21:27 CET 2003 - choeger@suse.de
|
||
|
||
- added POSTFIX_ADD_MESSAGE_SIZE_LIMIT as example to sysconfig.postfix
|
||
(Bugzilla ID#22907)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 14 12:51:56 CET 2003 - choeger@suse.de
|
||
|
||
- build using sasl2
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 10 13:24:43 CET 2003 - choeger@suse.de
|
||
|
||
- update to postfix v2 (version 2.0.0.2)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 11 11:44:51 CET 2002 - choeger@suse.de
|
||
|
||
- added sysconfig metadata to sysconfig templates
|
||
- updated to new tls extensions
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 29 13:16:42 CET 2002 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#21865: don't copy directories into
|
||
directories when updating chroot jail in cpifnewer()
|
||
- Update to version 1.11, pl12
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 19 14:29:36 CET 2002 - choeger@suse.de
|
||
|
||
- new SuSEconfig.postfix features:
|
||
. SMTP-AUTH server
|
||
. SMTP-AUTH client
|
||
. TLS Server
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 5 15:08:43 CET 2002 - choeger@suse.de
|
||
|
||
- quote args of tr command
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 4 13:52:51 CET 2002 - choeger@suse.de
|
||
|
||
- new feature: POSTFIX_ADD_* command in sysconfig/postfix to
|
||
be able to add any regular postfix command via SuSEconfig
|
||
- Bugfix Bugzilla ID#21120 added POSTFIX_ADD_MAILBOX_SIZE_LIMIT
|
||
as example with value 0 (unlimited)
|
||
- added a header to main.cf explaining that many postfix
|
||
parameters have been added to the end of main.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 15 11:27:46 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix for Bugzilla ID#20754
|
||
missed some parameters when restoring main.cf or master.cf
|
||
from scratch
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 9 20:34:03 CEST 2002 - choeger@suse.de
|
||
|
||
- NULLCLIENT did not work because SuSEconfig searches for the wrong
|
||
keyword
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 7 17:47:56 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix related to Bugzilla IDs 20506, 18298, 19294:
|
||
masquerade_classes should not be extended by envelope_recipient
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 6 17:04:57 CEST 2002 - choeger@suse.de
|
||
|
||
- added ypbind to X-UnitedLinux-Should-Start in init-script
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 28 11:37:38 CEST 2002 - choeger@suse.de
|
||
|
||
- added restoration mechanism to restore master.cf and/or main.cf
|
||
if they got deleted by (intention or) accident to SuSEconfig.postfix
|
||
- added ldap to X-UnitedLinux-Should-Start
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 26 11:11:26 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix Bugzilla ID#18298: when setting FROM_HEADER, also unqualified
|
||
envelope recipients should be qualified to FROM_HEADER, not to
|
||
myorigin, added envelope_recipient to masquerade_classes
|
||
- Bugfix Bugzilla ID#18297: %post touches main.cf and master.cf so it
|
||
may happen, that an update leaves .SuSEconfig files.
|
||
Remove /var/adm/SuSEconfig/md5/etc/postfix/main.cf and master.cf
|
||
in %post
|
||
- Bugfix Bugzilla ID#18301: sendmail and postfix have different
|
||
opinions on the usage of NULLCLIENT. Moved NULLCLIENT to
|
||
sysconfig.postfix.POSTFIX_NULLCLIENT
|
||
- added exim to Conflicts
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 22 09:47:51 CEST 2002 - choeger@suse.de
|
||
|
||
- wait for qmgr in the background for a maximum of 60 seconds
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 21 17:07:39 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix for init-script:
|
||
wait for qmgr to be ready before calling postfix flush
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 14 15:59:04 CEST 2002 - choeger@suse.de
|
||
|
||
- added accidently removed line in master.cf for amavis,
|
||
Bugzilla ID#17732
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 13 10:08:47 CEST 2002 - choeger@suse.de
|
||
|
||
- exclude .rpmsave and .rpmorig from /etc/aliases.d expansion
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Aug 7 11:55:55 CEST 2002 - choeger@suse.de
|
||
|
||
- added netcfg to Prereq (/etc/aliases)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Aug 6 11:28:56 CEST 2002 - choeger@suse.de
|
||
|
||
- added pcre openldap2-client to prereq (Bugzilla ID#17447)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 5 16:38:49 CEST 2002 - choeger@suse.de
|
||
|
||
- completed Prereq
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 19 16:49:57 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix for the handling of POSTFIX_MASQUERADE_DOMAIN
|
||
and FROM_HEADER
|
||
- removed main.cf from SuSE.tar.gz
|
||
- added X-UnitedLinux-Should-Start: cyrus to init-script
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 18 13:57:44 CEST 2002 - choeger@suse.de
|
||
|
||
- set local as default MDA again
|
||
reason: postfix does not execute any external programs like procmail
|
||
with uid 0, so root mails will go to /var/mail/nobody, which
|
||
will confuse people
|
||
- remove setting of SUSE_RELEASE version in the (E)SMTP banner
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 12 11:08:03 CEST 2002 - choeger@suse.de
|
||
|
||
- removed /etc/aliases from filelist, it's now in netcfg
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 11 14:16:25 CEST 2002 - choeger@suse.de
|
||
|
||
- removed 'q' flag from vscan transport definition, because
|
||
current amavis versions have a rfc2821_mailbox_addr function
|
||
- remove old aliases.db files in %post
|
||
- do not use unset in %post
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 8 15:14:00 CEST 2002 - choeger@suse.de
|
||
|
||
- make procmail the default MDA
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 5 17:11:03 CEST 2002 - choeger@suse.de
|
||
|
||
- use %{_lib} macro to detect platforms with lib64
|
||
directories
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 5 16:34:38 CEST 2002 - choeger@suse.de
|
||
|
||
- make chroot jail function lib64 aware
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 4 13:53:40 CEST 2002 - uli@suse.de
|
||
|
||
- fixed libnsl detection on lib64 systems
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 4 10:34:26 CEST 2002 - choeger@suse.de
|
||
|
||
- ldap_url_search_st is no longer available in OpenLDAP v2.1
|
||
added a patch, that uses ldap_url_parse
|
||
- added new feature POSTFIX_MDA, Bugzilla ID#16720
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 7 13:34:09 CEST 2002 - choeger@suse.de
|
||
|
||
- changed POSTFIX_BASIC_SPAM_PREVENTION. It can now be set to
|
||
either off(default), medium or hard
|
||
- cleaned up SuSEconfig.postfix
|
||
- prepared for /etc/aliases.d
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 5 18:09:16 CEST 2002 - choeger@suse.de
|
||
|
||
- new FEATURES: POSTFIX_RBL_HOSTS, POSTFIX_BASIC_SPAM_PREVENTION,
|
||
Bugzilla ID#16383
|
||
- moved sample-*.cf files to %{_docdir}/postfix/samples
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 5 11:14:29 CEST 2002 - choeger@suse.de
|
||
|
||
- update to patchlevel 11, version 1.1.11
|
||
- new FEATURE: POSTFIX_UPDATE_MAPS
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 24 13:39:05 CEST 2002 - choeger@suse.de
|
||
|
||
- update to patchlevel 10, version 1.1.10
|
||
- create required users and groups in %pre install
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 25 16:55:58 CEST 2002 - choeger@suse.de
|
||
|
||
- removed provides of my own packagename...
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 19 13:25:32 CEST 2002 - choeger@suse.de
|
||
|
||
- Bugfix for README.SuSE: POSTFIX_CREATECF is now
|
||
MAIL_CREATE_CONFIG
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 4 11:36:52 CEST 2002 - choeger@suse.de
|
||
|
||
- update to patchlevel 7, version 1.1.7
|
||
- introduced new feature POSTFIX_LAPTOP
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 26 15:21:18 CET 2002 - choeger@suse.de
|
||
|
||
- update to patchlevel 5, version 1.1.5
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 12 15:28:24 CET 2002 - choeger@suse.de
|
||
|
||
- Bugfix: don't check whether POSTFIX_MASQUERADE_DOMAIN is empty
|
||
or not, because else we won't be able to clear it.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 28 10:21:36 CET 2002 - choeger@suse.de
|
||
|
||
- added flags=q to amavis transport definition (link@suse.de):
|
||
[...]
|
||
If your postfix is older than snapshot 20010610, leave out the
|
||
"flags=q" part. However, amavis will not function properly with
|
||
envelope adresses that contain whitespace in the local-part.
|
||
This is quite rare, but has been observed a few times.
|
||
[...]
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 25 13:58:05 CET 2002 - choeger@suse.de
|
||
|
||
- update to version 1.1.4 (1.1, patchlevel 4)
|
||
Bugfix (excerpt from HISTORY):
|
||
..................................................................
|
||
off-by-one error, causing a null byte to be
|
||
written outside dynamically allocated memory in
|
||
the queue manager with addresses of exactly 100
|
||
bytes long, resulting in SIGSEGV on systems with
|
||
an "exact fit" malloc routine.
|
||
..................................................................
|
||
- added new option SMTPD_LISTEN_REMOTE to /etc/sysconfig/mail
|
||
which has been introduced by the SuSE dist-team (excerpt):
|
||
..................................................................
|
||
sendmail does have an option to listen only on the local port,
|
||
this should be the default.
|
||
A flag "SMTPD_LISTEN_REMOTE" in /etc/sysconfig/mail will be used
|
||
to decide if port 25 should be opened externally.
|
||
The sendmail package will send a mail to root explaining this
|
||
fact. sendmail updates will copy the value of START_SMTPD to this
|
||
new flag.
|
||
..................................................................
|
||
As this is a totally different behaviour compared to old releases,
|
||
SMTPD_LISTEN_REMOTE will be set to "yes", if POSTFIX_CREATECF
|
||
(now MAIL_CREATE_CONFIG) had been set to "yes" before the update.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 21 12:39:55 CET 2002 - choeger@suse.de
|
||
|
||
- fillup workaround
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 21 11:23:52 CET 2002 - choeger@suse.de
|
||
|
||
- hostname handling is still annoying
|
||
added some piece of code to SuSEconfig.postfix to
|
||
get a valid hostname
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 18 16:03:40 CET 2002 - choeger@suse.de
|
||
|
||
- %postinst cleanup:
|
||
. use rename_sysconfig_variable macro
|
||
. use remove_and_set macro
|
||
instead of directly calling fillup
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 13 17:27:37 CET 2002 - choeger@suse.de
|
||
|
||
- FQHOSTNAME has been removed from /etc/sysconfig/network/config
|
||
and is now set in /etc/HOSTNAME, which wasn't FQ in the past.
|
||
*Please, don't change it again*
|
||
- if POSTFIX_LOCALDOMAINS is set, do not append
|
||
"$myhostname, localhost.$mydomain" anymore
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 12 16:31:14 CET 2002 - choeger@suse.de
|
||
|
||
- Also take care of the localhost:10025 mailer definition when
|
||
setting up chroot options
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 11 09:27:47 CET 2002 - choeger@suse.de
|
||
|
||
- Do not set myorigin to FROM_HEADER
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 7 10:10:55 CET 2002 - choeger@suse.de
|
||
|
||
- Bugfix(SuSEconfig.postfix): typo in path to /etc/sysconfig/amavis
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 4 11:25:51 CET 2002 - choeger@suse.de
|
||
|
||
- SuSEconfig.postfix enhancement: get hostname from hostname -f
|
||
Bugfix: get FQHOSTNAME from /etc/sysconfig/network/config
|
||
- added -y to fillup_and_insserv to create startlinks
|
||
after installation
|
||
- changed company name to SuSE Linux AG in copyright headers
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 4 09:44:45 CET 2002 - choeger@suse.de
|
||
|
||
- update to postfix 1.1.3 and tls extensions 0.8.3
|
||
minor bugfixes
|
||
http://groups.yahoo.com/group/postfix-users/message/52953
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 1 20:37:27 CET 2002 - choeger@suse.de
|
||
|
||
- Bugfix: Forgot to assign a name to TMPDIR in SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 1 11:43:17 CET 2002 - choeger@suse.de
|
||
|
||
- added resolve_local_panic.patch
|
||
http://groups.yahoo.com/group/postfix-users/message/52746
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 30 15:44:10 CET 2002 - choeger@suse.de
|
||
|
||
- update of tls extensions to 0.8.2
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 28 15:00:07 CET 2002 - choeger@suse.de
|
||
|
||
- update to version 1.1.2
|
||
- sysconfig.mail changes
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 22 12:08:43 CET 2002 - choeger@suse.de
|
||
|
||
- renamed cleanup.fillup to sysconfig.postfix.cleanup
|
||
- added postqueue patch, see
|
||
http://groups.yahoo.com/group/postfix-users/message/51611
|
||
for more details
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 21 14:56:39 CET 2002 - choeger@suse.de
|
||
|
||
- update to official release version 1.1.0
|
||
- moved some stuff to /etc/sysconfig/mail
|
||
- cleaned up /etc/rc.config access
|
||
- added some safety checks to SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 16 16:58:53 CET 2002 - choeger@suse.de
|
||
|
||
- update to version 20020115 (release candidate for Postfix
|
||
official release version 1.1)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 15 16:20:13 CET 2002 - choeger@suse.de
|
||
|
||
- some improvements to SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 11 17:52:25 CET 2002 - choeger@suse.de
|
||
|
||
- updated to version 20020107
|
||
- added postinstall section to update from previous versions
|
||
of postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 8 20:11:07 CET 2002 - egmont@suselinux.hu
|
||
|
||
- Changed /sbin/init.d to /etc/init.d in init script comment
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 7 15:01:16 CET 2002 - choeger@suse.de
|
||
|
||
- added sender_canonical_maps to SuSEconfig.postfix to let
|
||
the new YaST2 module setup this map similar to sendmails
|
||
genericstable
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 3 13:51:45 CET 2002 - kukuk@suse.de
|
||
|
||
- SuSEconfig.postfix shell script is no config file [Bug #12712]
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 19 15:26:20 CET 2001 - choeger@suse.de
|
||
|
||
- Made initscript more LSB compliant (status codes)
|
||
- Bugfix for Bugzilla ID#12672 (improve explanation
|
||
of POSTFIX_LOCALDOMAINS)
|
||
- robustness enhancement for SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 14 15:42:31 CET 2001 - choeger@suse.de
|
||
|
||
- typo in specfile (master.cf installed as main.cf)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Dec 13 11:25:44 CET 2001 - choeger@suse.de
|
||
|
||
- update to version 20011210
|
||
- some changes to SuSEconfig.postfix:
|
||
. added POSTFIX_UPDATE_CHROOT_JAIL variable, see README.SuSE
|
||
. some cleanups for chroot jail
|
||
. little bugfixes
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Dec 13 01:16:57 CET 2001 - ro@suse.de
|
||
|
||
- moved rc.config.d -> sysconfig
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 28 18:36:10 CET 2001 - choeger@suse.de
|
||
|
||
- update to version 20011127
|
||
- some changes to SuSEconfig.postfix:
|
||
. added more robustness (Jehova)
|
||
. do not chown -R postfix to /var/spool/postfix
|
||
. query for package cyrus-sasl instead of sasl
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 20 16:13:00 CET 2001 - choeger@suse.de
|
||
|
||
- update to version 20011115
|
||
Bugfix for a memory exhaustion bug in smtpd
|
||
see http://groups.yahoo.com/group/postfix-users/message/46597
|
||
- remove START_ variable
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 9 14:54:24 CET 2001 - choeger@suse.de
|
||
|
||
- some changes to specfile (thanks to Simon J Mudd from whom
|
||
I copied some code)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 6 15:19:18 CET 2001 - choeger@suse.de
|
||
|
||
- fix some SuSEconfig.postfix bugs:
|
||
. master.cf chroot column can also contain '-'
|
||
. don't do anything if POSTFIX_CREATECF != yes
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 26 13:11:17 CEST 2001 - choeger@suse.de
|
||
|
||
- update to most recent snapshot version 20011008
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 25 14:36:47 CEST 2001 - choeger@suse.de
|
||
|
||
- update to pl05
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 19 12:53:44 CEST 2001 - choeger@suse.de
|
||
|
||
- Bugfix, Bugzilla ID#11914
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Sep 26 09:33:34 CEST 2001 - choeger@suse.de
|
||
|
||
- ALWAYS create master.cf, even is POSTFIX_CREATECF is set
|
||
to no, because else chroot mode may not work, Bugzilla ID#11359
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 13 14:34:06 CEST 2001 - choeger@suse.de
|
||
|
||
- removed an obsolete echo in start section of init-script
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 6 13:48:29 CEST 2001 - choeger@suse.de
|
||
|
||
- Bugfix in init-script: redirect output of postfix start
|
||
to dev/null and do not use startproc to start postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 4 18:09:43 CEST 2001 - choeger@suse.de
|
||
|
||
- update to tls-extensions v0.7.9
|
||
see http://groups.yahoo.com/group/postfix-users/message/41094
|
||
for details
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Aug 31 13:54:02 CEST 2001 - choeger@suse.de
|
||
|
||
- update of tls-extensions to 0.7.8
|
||
- update of postfix to pl04
|
||
- Bugfix: - check if postfix spool is set up before starting postfix
|
||
- start postfix with postfix start, because postfix-script
|
||
wouldn't be executed, else.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 10 14:34:17 CEST 2001 - choeger@suse.de
|
||
|
||
- update of tls-extensions to 0.7.3
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 28 13:06:47 CEST 2001 - choeger@suse.de
|
||
|
||
- bugfix: remove libs from chroot jail, that are no longer
|
||
valid, Bugzilla ID#9133
|
||
- bugfix: init script was not LSB compliant, Bugzilla ID#9063
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 15 09:44:49 CEST 2001 - choeger@suse.de
|
||
|
||
- added cyrus to require start in init-script
|
||
- "bugfix": bootstrap problem cyrus-imapd <-> postfix:
|
||
cyrus-imapd must run before postfix, but fails to create
|
||
lmtp socket, because /var/spool/postfix/public directory
|
||
isn't present. FIX: add it to filelist
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 13 15:08:33 CEST 2001 - choeger@suse.de
|
||
|
||
- install postrop with special SGID modes
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 12 13:29:36 CEST 2001 - choeger@suse.de
|
||
|
||
- improved SuSEconfig.postfix
|
||
- better main.cf handling
|
||
- new feature: chroot or not chroot
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 28 09:36:49 CEST 2001 - choeger@suse.de
|
||
|
||
- major bugfix: memory leak in the LDAP client module
|
||
- minor bugfixes
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 9 20:15:27 CEST 2001 - mfabian@suse.de
|
||
|
||
- bzip2 sources
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 2 09:44:29 CEST 2001 - choeger@suse.de
|
||
|
||
- updated to pl02, bugfixrelease
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 30 11:41:35 CEST 2001 - choeger@suse.de
|
||
|
||
- Bugfix for SuSEconfig.postfix:
|
||
Handling of TIMEZONE variable if set to unappropriate or no
|
||
value
|
||
- Improvement: Warnings are printed out in bold
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 17 16:28:41 CEST 2001 - kukuk@suse.de
|
||
|
||
- Don't use a RPM macro for version number
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Mar 30 10:08:15 CEST 2001 - choeger@suse.de
|
||
|
||
- update to pl01, bugfixrelease
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 27 13:16:45 CEST 2001 - choeger@suse.de
|
||
|
||
- added libcrack to chroot jail, because
|
||
it is needed by pam_pwcheck
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 15 01:08:35 CET 2001 - ro@suse.de
|
||
|
||
- fixed neededforbuild for openldap
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 5 11:49:48 CET 2001 - choeger@suse.de
|
||
|
||
- first non-beta of the next postfix generation
|
||
- v20010228
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 27 11:22:24 CET 2001 - ro@suse.de
|
||
|
||
- added cyrus-sasl-devel to neededforbuild
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 27 09:51:56 CET 2001 - choeger@suse.de
|
||
|
||
- new version, 20010225
|
||
- removed notification message
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 20 14:16:30 CET 2001 - choeger@suse.de
|
||
|
||
- bugfix: wrong permissions for maildrop directory
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 31 10:53:04 CET 2001 - choeger@suse.de
|
||
|
||
- update to version 20010128
|
||
- now linked against ldaplib2
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 5 14:25:11 CET 2001 - choeger@suse.de
|
||
|
||
- bugfix: maildrop must be owned by postfix.root
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Dec 18 14:47:53 CET 2000 - choeger@suse.de
|
||
|
||
- update to version 20001212
|
||
- bugfix: insserv
|
||
- bugfix: missed openssl in neededforbuilt
|
||
- renamed to postfix, because a non-crypto version
|
||
is no longer needed
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 13 15:52:43 CET 2000 - choeger@suse.de
|
||
|
||
- Bugfix: postfix-script was not executable
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Dec 12 15:13:40 CET 2000 - choeger@suse.de
|
||
|
||
- Bugfixes:
|
||
Provides in initscript
|
||
Use /bin/bash in SuSEconfig.postfix
|
||
- Update to version 20001210
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 30 08:35:09 CET 2000 - ro@suse.de
|
||
|
||
- startscript sbin -> etc
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 23 09:55:37 CET 2000 - choeger@suse.de
|
||
|
||
- new version
|
||
- fix for neededforbuild
|
||
- fix for master.cf
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 22 13:06:54 CET 2000 - choeger@suse.de
|
||
|
||
- adopted to new init scheme
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 15 16:13:12 CET 2000 - choeger@suse.de
|
||
|
||
- fixed neededforbuild
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 14 15:19:40 CET 2000 - choeger@suse.de
|
||
|
||
- update to version 20001030
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 9 17:14:48 CET 2000 - choeger@suse.de
|
||
|
||
- long packagename
|
||
- added rpm buildroot
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 8 15:59:41 CET 2000 - uli@suse.de
|
||
|
||
- fixed neededforbuild
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 3 18:12:57 CET 2000 - bk@suse.de
|
||
|
||
- src/util/dict_ldap.c:dict_ldap_lookup(): fix missing **-termination.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 24 17:28:06 CEST 2000 - fober@suse.de
|
||
|
||
- s390,ppc: added -fsigned-char compiler option, to fix obscure segfaults.
|
||
(code is not signed/unsigned-char-clean)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 12 18:24:54 CEST 2000 - choeger@suse.de
|
||
|
||
- yet another SuSEconfig.postfix bug (incorrect link)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 11 16:47:35 CEST 2000 - choeger@suse.de
|
||
|
||
- bugfix for SuSEconfig.postfix
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 9 13:54:13 CEST 2000 - choeger@suse.de
|
||
|
||
- bugfix: missed to install new flush service
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 9 11:48:39 CEST 2000 - choeger@suse.de
|
||
|
||
- inititial revision of pfixtls
|
||
|