postfix/postfix.spec

#
# spec file for package postfix (Version 2.5.6)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

# norootforbuild


Name:           postfix
#!BuildIgnore: sendmail
BuildRequires:  db-devel mysql-devel openldap2-devel pcre-devel postgresql-devel
# require pwdutils to make postinstall script check work
BuildRequires:  pwdutils
%define usetls  1
Url:            http://www.postfix.org/
License:        IBM Public License
Group:          Productivity/Networking/Email/Servers
Provides:       smtp_daemon
Conflicts:      sendmail exim
AutoReqProv:    on
Summary:        A fast, secure, and flexible mailer
Version:        2.5.6
Release:        2
Source:         postfix-%{version}.tar.bz
Source1:        postfix-SuSE.tar.gz
Patch:          dynamic_maps.patch
Patch1:         dynamic_maps_pie.patch
Patch2:         pointer_to_literals.patch
Patch3:         ipv6_disabled.patch
PreReq:         /usr/sbin/useradd /usr/sbin/groupadd %insserv_prereq %fillup_prereq /bin/sed /bin/awk /bin/grep textutils sh-utils fileutils pcre openldap2-client netcfg
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
#

%package      mysql
License:        IBM Public License
Summary:        Postfix plugin to support MySQL maps
AutoReqProv:    on
Group:          Productivity/Networking/Email/Servers
PreReq:         %{name} = %{version}
#

%package      postgresql
License:        IBM Public License
Summary:        Postfix plugin to support PostgreSQL maps
AutoReqProv:    on
Group:          Productivity/Networking/Email/Servers
PreReq:         %{name} = %{version}
#

%package      devel
License:        IBM Public License
Summary:        Development headers for the postfix package
AutoReqProv:    on
Group:          Productivity/Networking/Email/Servers
PreReq:         %{name} = %{version}

%package      doc
License:        IBM Public License
Summary:        Documentations for the postfix package
AutoReqProv:    on
Group:          Productivity/Networking/Email/Servers
PreReq:         %{name} = %{version}
#
# Some defines
#
%define postfixfiles         postfix.filelist
%define pf_config_directory  /etc/postfix
%define pf_daemon_directory  /usr/lib/postfix
%define pf_command_directory /usr/sbin
%define pf_queue_directory   var/spool/postfix
%define pf_sendmail_path     /usr/sbin/sendmail
%define pf_newaliases_path   /usr/bin/newaliases
%define pf_mailq_path        /usr/bin/mailq
%define pf_setgid_group      maildrop
%define pf_readme_directory  %{_docdir}/%{name}-doc/README_FILES
%define pf_html_directory    %{_docdir}/%{name}-doc/html
%define pf_sample_directory  %{_docdir}/%{name}-doc/samples
%define pf_data_directory    /var/lib/postfix
%define postfix_uid          51
%define postfix_gid          51
%define maildrop_gid         59
%define conf_backup_dir      /var/adm/backup/postfix
%define omc_pdir             /usr/share/omc/
%define omc_dir              /usr/share/omc/svcinfo.d/
#
# ---------------------------------------------------------------------------

%prep
%setup -n postfix-%{version} -a 1
%patch
%patch1
%patch2 -p1
%patch3 -p1
# ---------------------------------------------------------------------------

%build
export CCARGS="-DHAS_LDAP -DHAS_PCRE -DUSE_SASL_AUTH -I/usr/include/sasl"
export CCARGS="$CCARGS -DMAX_DYNAMIC_MAPS"
export CCARGS="$CCARGS -DHAS_MYSQL -I/usr/include/mysql"
export CCARGS="$CCARGS -DHAS_PGSQL -I/usr/include/pgsql"
export CCARGS="$CCARGS -DUSE_CYRUS_SASL"
export AUXLIBS="-lldap -llber -lpcre"
export AUXLIBS="$AUXLIBS -lsasl2"
%if %{usetls}
export AUXLIBS="$AUXLIBS -lssl -lcrypto"
%endif
%if %{usetls}
export CCARGS="$CCARGS -DUSE_TLS"
%endif
export CCARGS="$CCARGS $RPM_OPT_FLAGS -Wno-comments"
export PIE=-pie
make makefiles DEBUG=""
cd lib
for i in dns global master tls util milter; do
    ln -sf lib${i}.a libpostfix-${i}.so.1.0.1;
done
cd -
make LD_LIBRARY_PATH=$(pwd)/lib:${LD_LIBRARY_PATH}
# ---------------------------------------------------------------------------

%install
/usr/sbin/groupadd -g %{postfix_gid} -o -r postfix 2> /dev/null || :
/usr/sbin/groupadd -g %{maildrop_gid} -o -r maildrop 2> /dev/null || :
/usr/sbin/useradd -r -o -g postfix -u %{postfix_uid} -s /bin/false -c "Postfix Daemon" -d /%{pf_queue_directory} postfix 2> /dev/null || :
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
install lib/*.1 $RPM_BUILD_ROOT/%{_libdir}
for i in $RPM_BUILD_ROOT/%{_libdir}/*.1; do
    ln -sf ${i##*/} ${i%.*.*}
done
cd lib
for i in libpostfix-*; do
    ln -sf $i $RPM_BUILD_ROOT/%{_libdir}/${i%so.*}so
done
cd -
ln -sf $(pwd)/lib/dict_* libexec/
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$RPM_BUILD_ROOT/%{_libdir}
sh postfix-install -non-interactive \
       install_root=%{buildroot} \
       config_directory=%{pf_config_directory} \
       daemon_directory=%{pf_daemon_directory} \
       command_directory=%{pf_command_directory} \
       queue_directory=/%{pf_queue_directory} \
       sendmail_path=%{pf_sendmail_path} \
       newaliases_path=%{pf_newaliases_path} \
       mailq_path=%{pf_mailq_path} \
       manpage_directory=%{_mandir} \
       setgid_group=%{pf_setgid_group} \
       readme_directory=%{pf_readme_directory} \
       data_directory=%{pf_data_directory}
ln -sf ../sbin/sendmail $RPM_BUILD_ROOT/usr/lib/sendmail
for i in qmqp-source smtp-sink smtp-source; do
	install -m 755 bin/$i $RPM_BUILD_ROOT/usr/sbin/$i
done
mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/sbin/conf.d
mkdir -p $RPM_BUILD_ROOT/etc/permissions.d
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/sasl2
mkdir -p $RPM_BUILD_ROOT/usr/sbin
mkdir -p $RPM_BUILD_ROOT/%{conf_backup_dir}
mkdir -p $RPM_BUILD_ROOT/%{pf_sample_directory}
mkdir -p $RPM_BUILD_ROOT/usr/include/postfix
mkdir -p $RPM_BUILD_ROOT/etc/pam.d
install -m 644 postfix-SuSE/smtp $RPM_BUILD_ROOT/etc/pam.d/smtp
#mkdir samples
install -m 755 postfix-SuSE/rc.postfix $RPM_BUILD_ROOT/etc/init.d/postfix
ln -sf ../etc/init.d/postfix $RPM_BUILD_ROOT/sbin/rcpostfix
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
rm -f $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.postfix
sed -e 's;@lib@;%{_lib};g' postfix-SuSE/sysconfig.postfix > $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.postfix
install -m 644 postfix-SuSE/sysconfig.mail-postfix $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.mail-postfix
rm -f $RPM_BUILD_ROOT/sbin/conf.d/SuSEconfig.postfix
sed -e 's;@lib@;%{_lib};g' \
    -e 's;@conf_backup_dir@;%{conf_backup_dir};' \
    -e 's;@daemon_directory@;%{pf_daemon_directory};' \
    -e 's;@readme_directory@;%{pf_readme_directory};' \
    -e 's;@html_directory@;%{pf_html_directory};' \
    -e 's;@sendmail_path@;%{pf_sendmail_path};' \
    -e 's;@setgid_group@;%{pf_setgid_group};' \
    -e 's;@manpage_directory@;%{_mandir};' \
    -e 's;@newaliases_path@;%{pf_newaliases_path};' \
    -e 's;@sample_directory@;%{pf_sample_directory};' \
    -e 's;@mailq_path@;%{pf_mailq_path};' postfix-SuSE/SuSEconfig.postfix \
                 > $RPM_BUILD_ROOT/sbin/conf.d/SuSEconfig.postfix
chmod 755 $RPM_BUILD_ROOT/sbin/conf.d/SuSEconfig.postfix
install -m 644 postfix-SuSE/master.cf $RPM_BUILD_ROOT/etc/postfix/master.cf
install -m 644 postfix-SuSE/dynamicmaps.cf $RPM_BUILD_ROOT/etc/postfix/dynamicmaps.cf
install -m 644 postfix-SuSE/permissions $RPM_BUILD_ROOT/etc/permissions.d/postfix
install -m 644 postfix-SuSE/sender_canonical $RPM_BUILD_ROOT/etc/postfix/sender_canonical
install -m 644 postfix-SuSE/relay_ccerts $RPM_BUILD_ROOT/etc/postfix/relay_ccerts
install -m 600 postfix-SuSE/sasl_passwd $RPM_BUILD_ROOT/etc/postfix/sasl_passwd
mkdir -p $RPM_BUILD_ROOT/etc/sasl2
install -m 600 postfix-SuSE/smtpd.conf $RPM_BUILD_ROOT/etc/sasl2/smtpd.conf
install -m 644 postfix-SuSE/openssl_postfix.conf.in $RPM_BUILD_ROOT/etc/postfix/openssl_postfix.conf.in
install -m 755 postfix-SuSE/mkpostfixcert $RPM_BUILD_ROOT/usr/sbin/mkpostfixcert
rm -rf $RPM_BUILD_ROOT/%{pf_queue_directory}
install -m 644 postfix-SuSE/master.cf $RPM_BUILD_ROOT/%{conf_backup_dir}/master.cf
mkdir   -p $RPM_BUILD_ROOT/%{omc_dir}
install -m 644 postfix-SuSE/postfix.xml $RPM_BUILD_ROOT/%{omc_dir}
mkdir -p  $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/
install -m 644 postfix-SuSE/postfix-fw $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/postfix
{
cat<<EOF
#
# -----------------------------------------------------------------------
# NOTE: Many parameters have already been added to the end of this file
#       by SuSEconfig.postfix. So take care that you don't uncomment
#       and set a parameter without checking whether it has been added
#       to the end of this file.
# -----------------------------------------------------------------------
#
EOF
cat conf/main.cf
} > $RPM_BUILD_ROOT/etc/postfix/main.cf
$RPM_BUILD_ROOT/usr/sbin/postconf -c $RPM_BUILD_ROOT/etc/postfix \
        -e "manpage_directory = %{_mandir}" \
           "setgid_group      = %{pf_setgid_group}" \
           "mailq_path        = %{pf_mailq_path}" \
           "newaliases_path   = %{pf_newaliases_path}" \
           "sendmail_path     = %{pf_sendmail_path}" \
           "readme_directory  = %{pf_readme_directory}" \
           "html_directory    = %{pf_html_directory}" \
           "sample_directory  = %{pf_sample_directory}" \
	   "daemon_directory  = %{pf_daemon_directory}" \
           "biff              = no" \
           "inet_protocols    = all"
install -m 644 $RPM_BUILD_ROOT/etc/postfix/main.cf $RPM_BUILD_ROOT/%{conf_backup_dir}/main.cf
# -----------------------------------------------------------------------
# preparing /etc/postfix/postfix-files to be able to use postfix
# own upgrade script. Unfortunately it looks in postfix-files and
# expects aliases file at /etc/postfix/aliases and it expects to have
# unzipped manpages
# also remove the both sql dictionary libs as they will not be installed
# per default
# -----------------------------------------------------------------------
rm -f $RPM_BUILD_ROOT/etc/postfix/aliases
rm -f $RPM_BUILD_ROOT/etc/postfix/postfix-files
sed 's;^$config_directory/aliases\(.*\);/etc/aliases\1;' conf/postfix-files \
    | grep -v '^$manpage_directory' | grep -Ev 'dict_(mysql|pgsql)' > $RPM_BUILD_ROOT/etc/postfix/postfix-files
rm -f %{postfixfiles}
test -f conf/postfix-files || {
   echo "conf/postfix-files does not exist!"
   exit 1
}
echo "%defattr(-,root,root)" >> %{postfixfiles}
exec <conf/postfix-files
while IFS=: read path type owner group mode flags junk; do
  owner=${owner/\$mail_owner/postfix}
  group=${group/\$setgid_group/%{pf_setgid_group}}
  case $path in
  \$queue_directory*)
    path=${path/\$queue_directory/\/var\/spool\/postfix}
    group=${group/-/root}
    echo "%dir %attr($mode,$owner,$group) $path/" >> %{postfixfiles}
    mkdir -m $mode -p $RPM_BUILD_ROOT/$path
    printf '%%-38s %%-18s %%04d\n' $path "${owner}.${group}" $mode >> $RPM_BUILD_ROOT/etc/permissions.d/postfix
    ;;
  \$command_directory/*)
    path=${path/\$command_directory/\/usr\/sbin}
    group=${group/-/root}
    echo "%attr($mode,$owner,$group) $path" >> %{postfixfiles}
    printf '%%-38s %%-18s %%04d\n' $path "${owner}.${group}" $mode >> $RPM_BUILD_ROOT/etc/permissions.d/postfix
    ;;
  *) continue;;
  esac
done
# create paranoid permissions file
printf '%%-38s %%-18s %%s\n' /usr/sbin/postdrop "root.%{pf_setgid_group}" "0755" >> $RPM_BUILD_ROOT/etc/permissions.d/postfix.paranoid
printf '%%-38s %%-18s %%s\n' /usr/sbin/postqueue "root.%{pf_setgid_group}" "0755" >> $RPM_BUILD_ROOT/etc/permissions.d/postfix.paranoid
install -m 644 include/*.h $RPM_BUILD_ROOT/usr/include/postfix/

%pre
VERSIONTEST=$(test -x usr/sbin/postconf && usr/sbin/postconf proxy_read_maps 2>/dev/null)
if [ -z "$VERSIONTEST" -a -f %{pf_queue_directory}/pid/master.pid ]; then
  if checkproc -p %{pf_queue_directory}/pid/master.pid usr/lib/postfix/master; then
     echo "postfix is still running. You have to stop postfix in order to"
     echo "install a newer version."
     exit 1
  fi
fi
/usr/sbin/groupadd -g %{postfix_gid} -o -r postfix 2> /dev/null || :
/usr/sbin/groupadd -g %{maildrop_gid} -o -r maildrop 2> /dev/null || :
/usr/sbin/useradd -r -o -g postfix -u %{postfix_uid} -s /bin/false -c "Postfix Daemon" -d /%{pf_queue_directory} postfix 2> /dev/null || :

%preun
%stop_on_removal postfix

%post
# Remember whether we had an older version of postfix installed before
# doing the fillup
PFOLD=
# Update from SuSE Linux > 7.3
test -e etc/sysconfig/postfix && \
     { grep POSTFIX_UPDATE_CHROOT_JAIL \
       etc/sysconfig/postfix >/dev/null || PFOLD=yes; }
%{fillup_and_insserv -y postfix}
if [ -f etc/sysconfig/mail ]; then
   . etc/sysconfig/mail
   if [ -n "$NULLCLIENT" ]; then
      RCTMP=etc/sysconfig/postfix.$$
      sed "s/^POSTFIX_NULLCLIENT.*/POSTFIX_NULLCLIENT=\"$NULLCLIENT\"/" \
          etc/sysconfig/postfix > $RCTMP
      mv $RCTMP etc/sysconfig/postfix
   fi
fi
#
%{remove_and_set POSTFIX_MAILDROP_MODE}
%{remove_and_set -n mail NULLCLIENT}
%{fillup_only -an mail}
# postfix config is now in /etc/sysconfig/postfix...
# ------------------------------------------------------------------
if [ -n "$PFOLD" ]; then
   # We have to set POSTFIX_UPDATE_CHROOT_JAIL according to MAIL_CREATE_CONFIG
   RCTMP=etc/sysconfig/postfix.$$
   . etc/sysconfig/postfix
   . etc/sysconfig/mail
   if [ "`echo $POSTFIX_CHROOT | tr 'A-Z' 'a-z' `" == "yes" -o \
        "`echo $MAIL_CREATE_CONFIG | tr 'A-Z' 'a-z' `" == "yes" ]; then
      echo "Setting POSTFIX_UPDATE_CHROOT_JAIL to yes" 
      rm -f $RCTMP
      sed 's/^POSTFIX_UPDATE_CHROOT_JAIL.*/POSTFIX_UPDATE_CHROOT_JAIL="yes"/' \
          etc/sysconfig/postfix > $RCTMP
      mv $RCTMP etc/sysconfig/postfix
   fi
   if [ "`echo $MAIL_CREATE_CONFIG | tr 'A-Z' 'a-z' `" == "yes" ]; then
      echo "Setting SMTPD_LISTEN_REMOTE to yes"
      rm -f $RCTMP
      sed 's/^SMTPD_LISTEN_REMOTE.*/SMTPD_LISTEN_REMOTE="yes"/' \
          etc/sysconfig/postfix > $RCTMP
      mv $RCTMP etc/sysconfig/postfix
   fi
fi
# ------------------------------------------------------------------
# ------------------------------------------------------------------
# updating main.cf
MAINCF=etc/postfix/main.cf
MASTERCF=etc/postfix/master.cf
TMPMAIN=etc/postfix/main.cf.tmp.$$
TMPMASTER=etc/postfix/master.cf.tmp.$$
BAKSUFFIX=$(date +%Y-%m-%d)
MD5DIR=var/adm/SuSEconfig/md5
if [ ${1:-0} -gt 1 ]; then
        echo "Updating postfix configuration files"
else
        test -e $MD5DIR/$MAINCF   && rm -f $MD5DIR/$MAINCF
        test -e $MD5DIR/$MASTERCF && rm -f $MD5DIR/$MASTERCF
        test -e $MAINCF   && rm -f $MAINCF.SuSEconfig
        test -e $MASTERCF && rm -f $MASTERCF.SuSEconfig
fi
mkdir -p $MD5DIR/etc/postfix
cp --remove-destination $MAINCF $TMPMAIN
cp --remove-destination $MASTERCF $TMPMASTER
if [ -f $MD5DIR/$MAINCF ]; then
	OLDMD5MAINCF=$(cat $MD5DIR/$MAINCF)
fi
if [ -f $MD5DIR/$MASTERCF ]; then
	OLDMD5MASTERCF=$(cat $MD5DIR/$MASTERCF)
fi
#This is a new feature in 2.3.2
grep -ql "^scache" $MASTERCF || \
  perl -pi -e 's/(^anvil.*anvil)/$1\nscache    unix  -       -       n       -       1       scache/'  $MASTERCF
NEWMD5MAINCF=$(cat $MAINCF | grep -v "^#" | md5sum)
NEWMD5MASTERCF=$(cat $MASTERCF | grep -v "^#" | md5sum)
if [ -n "$OLDMD5MAINCF" ]; then
   if [ "$NEWMD5MAINCF" != "$OLDMD5MAINCF" ]; then
     echo "post-install modified $MAINCF, updating MD5SUM"
     rm -f $MD5DIR/$MAINCF
     echo "$NEWMD5MAINCF" > $MD5DIR/$MAINCF
     echo "backing up $MAINCF to $MAINCF.$BAKSUFFIX"
     echo "!!! Please clean up the backup files in your /etc/postfix/ !!!"
     cp --remove-destination $TMPMAIN $MAINCF.$BAKSUFFIX
   fi
else
   echo "$NEWMD5MAINCF" > $MD5DIR/$MAINCF
fi
if [ -n "$OLDMD5MASTERCF" ]; then
   if [ "$NEWMD5MASTERCF" != "$OLDMD5MASTERCF" ]; then
     echo "post-install modified $MASTERCF, updating MD5SUM"
     rm -f $MD5DIR/$MASTERCF
     echo "$NEWMD5MASTERCF" > $MD5DIR/$MASTERCF
     echo "backing up $MASTERCF to $MASTERCF.$BAKSUFFIX"
     cp --remove-destination $TMPMASTER $MASTERCF.$BAKSUFFIX
   fi
else
     echo "$NEWMD5MASTERCF" > $MD5DIR/$MASTERCF
fi
%run_suseconfig -m postfix
if [ ${1:-0} -gt 1 ]; then
	echo "executing upgrade-configuration"
	/usr/sbin/postfix set-permissions upgrade-configuration  setgid_group=%{pf_setgid_group}
fi
rm -f $TMPMAIN $TMPMASTER
cat $MAINCF   | grep -v "^#" | md5sum > $MD5DIR/$MAINCF
cat $MASTERCF | grep -v "^#" | md5sum > $MD5DIR/$MASTERCF

%postun
%restart_on_update postfix
%insserv_cleanup
ldconfig

%clean
#rm -rf $RPM_BUILD_ROOT

%post postgresql
FILE=etc/postfix/dynamicmaps.cf
if ! grep -q "^pgsql[[:space:]]" ${FILE}; then
     echo "Adding pgsql map entry to ${FILE}"
     echo "pgsql   /usr/lib/postfix/dict_pgsql.so      dict_pgsql_open" >> ${FILE}
fi

%post mysql
FILE=etc/postfix/dynamicmaps.cf
if ! grep -q "^mysql[[:space:]]" ${FILE}; then
     echo "Adding mysql map entry to ${FILE}"
     echo "mysql   /usr/lib/postfix/dict_mysql.so      dict_mysql_open" >> ${FILE}
fi

%preun postgresql
if [ "$1" = 0 ] ; then
    FILE=etc/postfix/dynamicmaps.cf
    if [ -e "$FILE" ] ; then
        if grep -q "^pgsql[[:space:]]" ${FILE}; then
             echo "Removing pgsql map entry from ${FILE}"
             sed "/^pgsql[[:space:]]/d" ${FILE} > ${FILE}.$$ && \
                 cp --remove-destination ${FILE}.$$ ${FILE} && \
                 rm ${FILE}.$$
        fi
    else
        echo "Can not find \"$FILE\". Not updating the file." >&2
    fi
fi

%preun mysql
if [ "$1" = 0 ] ; then
    FILE=etc/postfix/dynamicmaps.cf
    if [ -e "$FILE" ] ; then
        if grep -q "^mysql[[:space:]]" ${FILE}; then
             echo "Removing mysql map entry from ${FILE}"
             sed "/^mysql[[:space:]]/d" ${FILE} > ${FILE}.$$ && \
                 cp --remove-destination ${FILE}.$$ ${FILE} && \
                 rm ${FILE}.$$
        fi
    else
        echo "Can not find \"$FILE\". Not updating the file." >&2
    fi
fi

%files postgresql
%defattr(-,root,root)
/usr/lib/postfix/dict_pgsql.so

%files mysql
%defattr(-,root,root)
/usr/lib/postfix/dict_mysql.so

%files devel
%defattr(-,root,root)
/usr/include/postfix/

%files doc
%defattr(-,root,root)
%doc AAAREADME COMPATIBILITY COPYRIGHT HISTORY INSTALL IPv6-ChangeLog LICENSE
%doc PORTING RELEASE_NOTES* US_PATENT_6321267 TLS_LICENSE
%doc README_FILES examples html auxiliary
%doc postfix-SuSE/README.SuSE
%doc postfix-SuSE/SPAMASSASSIN+POSTFIX.SuSE

%files -f %{postfixfiles}
%defattr(-,root,root)
%config /etc/pam.d/*
/var/adm/fillup-templates/sysconfig.postfix
/var/adm/fillup-templates/sysconfig.mail-postfix
/sbin/conf.d/SuSEconfig.postfix
%config(noreplace) %{omc_dir}/postfix.xml
%dir /etc/postfix
%config(noreplace) /etc/postfix/access
%config(noreplace) /etc/postfix/generic
%config(noreplace) /etc/postfix/canonical
#%config(noreplace) /etc/postfix/cidr_table
%config(noreplace) /etc/postfix/main.cf
%config /etc/postfix/main.cf.default
%config(noreplace) /etc/postfix/master.cf
%config(noreplace) /etc/postfix/openssl_postfix.conf.in
%config(noreplace) /etc/postfix/relocated
%config(noreplace) /etc/postfix/transport
%config(noreplace) /etc/postfix/virtual
%config(noreplace) /etc/postfix/sasl_passwd
%config(noreplace) /etc/postfix/sender_canonical
#%config(noreplace) /etc/postfix/tcp_table
#%config(noreplace) /etc/postfix/pcre_table
#%config(noreplace) /etc/postfix/regexp_table
%config(noreplace) /etc/postfix/relay_ccerts
%config(noreplace) /etc/postfix/header_checks
%config(noreplace) /etc/postfix/bounce.cf.default
%config(noreplace) /etc/postfix/dynamicmaps.cf
%config /etc/sysconfig/SuSEfirewall2.d/services/postfix
%dir /etc/sasl2/
%config(noreplace) /etc/sasl2/smtpd.conf
%config /etc/postfix/LICENSE
%if %{usetls}
%config /etc/postfix/TLS_LICENSE
%endif
%config /etc/permissions.d/postfix
%config /etc/permissions.d/postfix.paranoid
%attr(0644, root, root) /etc/postfix/makedefs.out
%attr(0755, root, root) /etc/postfix/postfix-script
%attr(0755, root, root) /etc/postfix/post-install
%attr(0644, root, root) /etc/postfix/postfix-files
%config %attr(0755,root,root) /etc/init.d/postfix
/usr/bin/mailq
/usr/bin/newaliases
%attr(0755, root, root) /usr/sbin/sendmail
/usr/sbin/qmqp-source
/usr/sbin/smtp-sink
/usr/sbin/smtp-source
/usr/sbin/mkpostfixcert
/sbin/rcpostfix
%{_libdir}/lib*
/usr/lib/sendmail
%dir /usr/lib/postfix
/usr/lib/postfix/*[^.so]
/usr/lib/postfix/dict_ldap.so
/usr/lib/postfix/dict_pcre.so
/usr/lib/postfix/dict_tcp.so
%{conf_backup_dir}
%dir %attr(0700,postfix,root) %{pf_data_directory}
%{_mandir}/man?/*.gz

%description
Postfix aims to be an alternative to the widely-used sendmail program.



Authors:
--------
    Wietse Venema <wietse@porcupine.org>

%description mysql
Postfix plugin to support MySQL maps. This library will be loaded by
starting postfix if you'll access a postmap which is stored in mysql.



Authors:
--------
    Wietse Venema <wietse@porcupine.org>

%description postgresql
Postfix plugin to support PostgreSQL maps. This library will be loaded
by starting postfix if you'll access a postmap which is stored in
PostgreSQL.



Authors:
--------
    Wietse Venema <wietse@porcupine.org>

%description devel
Postfix aims to be an alternative to the widely-used sendmail program.



Authors:
--------
    Wietse Venema <wietse@porcupine.org>

%description doc
Postfix aims to be an alternative to the widely-used sendmail program.
This package contains the documentation for postfix



Authors:
--------
    Wietse Venema <wietse@porcupine.org>

%changelog
* Fri Jan 09 2009 varkoly@suse.de
- bnc#464869 - SuSEconfig.postfix causes DNS lookup
- bnc#460442 - amavisd-new and Postfix need fqdn-hostname in "uname -n"
* Mon Jan 05 2009 varkoly@suse.de
- update to 2.5.6
  - The SMTP server did not ask for a client certificate
  with "smtpd_tls_req_ccert = yes". Reported by Rob Foehl.
  - Avoid reduced TCP performance when reusing an SMTP connection
  with a larger than 4096-byte TCP MSS value. In practice, this
  could happen only with loopback (localhost) connections.
* Sun Nov 16 2008 varkoly@suse.de
- (bnc#442456) - chrooted postfix and saslauthd
* Tue Nov 04 2008 ro@suse.de
- fix build
* Tue Nov 04 2008 varkoly@suse.de
- upgrade must not be executed during installation
* Tue Oct 14 2008 varkoly@suse.de
- (bnc#403976) - permissions on /var/lib/postfix changed
- (bnc#433916) - postfix should be splitted into postfix and postfix-doc
* Thu Sep 11 2008 varkoly@suse.de
- (bnc#415216) - Postfix RPM Install Displays Multiple Warnings
- clean up spec file
* Tue Sep 09 2008 varkoly@suse.de
- Update to Version 2.5 patchlevel 5
  * Bugfix (introduced Postfix 2.4): epoll file descriptor leak.
  With Postfix >= 2.4 on Linux >= 2.6, Postfix has an epoll
  file descriptor leak when it executes non-Postfix commands
  in, for example, user-controlled $HOME/.forward files.
  * Security: some systems have changed their link() semantics,
  and will hardlink a symlink, contrary to POSIX and XPG4.
  Sebastian Krahmer, SuSE. File: util/safe_open.c.
  The solution introduces the following incompatible change:
  when the target of mail delivery is a symlink, the parent
  directory of that symlink must now be writable by root only
  (in addition to the already existing requirement that the
  symlink itself is owned by root).  This change will break
  legitimate configurations that deliver mail to a symbolic
  link in a directory with less restrictive permissions.
  * Bugfix: dangling pointer in vstring_sprintf_prepend().
  File: util/vstring.c.
* Mon Aug 25 2008 mt@suse.de
- init script: copy LSB *-Start tags to *-Stop
- spec file: removed obsolete rc.config update hooks
* Wed Aug 06 2008 varkoly@suse.de
- (bnc#414959) postfix doesn't have any "Name: " tag in firewall definition
- (bnc#405900) SuSEconfig.postfix changes owner and permissions of
  /tmp if smtpd_tls_CApath is not set
- Update to Version 2.5 patchlevel 3
  * Cleanup of code
  * defer delivery when a mailbox file is not owned by the recipient.
  Requested by Sebastian Krahmer, SuSE.
  Specify "strict_mailbox_ownership=no" to ignore ownership discrepancies.
  * Bugfix: null-terminate CN comment string after sanitization.
  * Bugfix (introduced Postfix 2.0): after "warn_if_reject
  reject_unlisted_recipient/sender", the SMTP server mistakenly
  remembered that recipient/sender validation was already done.
* Wed Jul 09 2008 varkoly@suse.de
- (fate#305005) Enable SMTPS in postfix ootb
* Tue Jun 17 2008 varkoly@suse.de
- (bnc#396985) sending of NUL character disallowed by RFC2822
- (bnc#397127) without relay is silent about undeliverable mails
* Tue May 13 2008 varkoly@suse.de
-  (bnc#389670) - postfix generates invalid config
* Tue Apr 01 2008 mkoenig@suse.de
- remove dir /usr/share/omc/svcinfo.d as it is provided now
  by filesystem
* Tue Feb 26 2008 varkoly@suse.de
- Update to Version 2.5 patchlevel 1
  Changes: The Postfix 2.5 "postfix upgrade-configuration" command
  now works even with Postfix 2.4 or earlier versions of the
  postfix command. When installing Postfix 2.5.0 without upgrading
  from an existing master.cf file, the new master.cf file had an
  incorrect process limit for the proxywrite service. This service
  is used only by the obscure "smtp_sasl_auth_cache_name" and
  "lmtp_sasl_auth_cache_name" configuration parameters. Someone
  needed multi-line support for header/body Milter replies. The
  LDAP client's TLS support was broken in several ways.
* Wed Feb 13 2008 varkoly@suse.de
-  #360572 - postfix %%post script leaves lots of backup files in /etc/postfix/
* Wed Jan 30 2008 varkoly@suse.de
- Update to Version 2.5 patchlevel 0
  Major changes - critical
    ------------------------
  [Incompat 20071224] The protocol to send Milter information from
  smtpd(8) to cleanup(8) processes was cleaned up. If you use the
  Milter feature, and upgrade a live Postfix system, you may see an
  "unexpected record type" warning from a cleanup(8) server process.
  To prevent this, execute the command "postfix reload".  The
  incompatibility affects only systems that use the Milter feature.
  It does not cause loss of mail, just a minor delay until the remote
  SMTP client retries.
  [Incompat 20071212] The allow_min_user feature now applies to both
  sender and recipient addresses in SMTP commands. With earlier Postfix
  versions, only recipients were subject to the allow_min_user feature,
  and the restriction took effect at mail delivery time, causing mail
  to be bounced later instead of being rejected immediately.
  [Incompat 20071206] The "make install" and "make upgrade" procedures
  now create a Postfix-owned directory for Postfix-writable data files
  such as caches and random numbers. The location is specified with
  the "data_directory" parameter (default: "/var/lib/postfix"), and
  the ownership is specified with the "mail_owner" parameter.
  [Incompat 20071206] The tlsmgr(8) and verify(8) servers no longer
  use root privileges when opening the address_verify_map,
  *_tls_session_cache_database, and tls_random_exchange_name cache
  files.  This avoids a potential security loophole where the ownership
  of a file (or directory) does not match the trust level of the
  content of that file (or directory).
  [Incompat 20071206] The tlsmgr(8) and verify(8) cache files should
  now be stored as Postfix-owned files under the Postfix-owned
  data_directory.  As a migration aid, attempts to open these files
  under a non-Postfix directory are redirected to the Postfix-owned
  data_directory, and a warning is logged.
  This is an example of the warning messages:
  Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
  to update file /etc/postfix/prng_exch in non-postfix directory
  /etc/postfix
  Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
  the request to postfix-owned data_directory /var/lib/postfix
  If you wish to continue using a pre-existing tls_random_exchange_name
  or address_verify_map file, move it to the Postfix-owned data_directory
  and change ownership from root to Postfix (that is, change ownership
  to the account specified with the mail_owner configuration parameter).
  [Feature 20071205] The "make install" and "make upgrade" procedures
  now create a Postfix-owned directory for Postfix-writable data files
  such as caches and random numbers. The location is specified with
  the "data_directory" parameter (default: "/var/lib/postfix"), and
  the ownership is specified with the "mail_owner" parameter.
  [Incompat 20071203] The "make upgrade" procedure adds a new service
  "proxywrite" to the master.cf file, for read/write lookup table
  access. If you copy your old configuration file over the updated
  one, you may see warnings in the maillog file like this:
  connect #xx to subsystem private/proxywrite: No such file or directory
  To recover, run "postfix upgrade-configuration" again.
  [Incompat 20070613] The pipe(8) delivery agent no longer allows
  delivery with the same group ID as the main.cf postdrop group.
  Major changes - malware defense
    -------------------------------
  [Feature 20080107] New "pass" service type in master.cf.  Written
  years ago, this allows future front-end daemons to accept all
  connections from the network, and to hand over connections from
  well-behaved clients to Postfix.  Since this feature uses file
  descriptor passing, it imposes no overhead once a connection is
  handed over to Postfix.  See master(5) for a few details.
  [Feature 20070911] Stress-adaptive behavior. When a "public" network
  service runs into an "all processes are busy" condition, the master(8)
  daemon logs a warning, restarts the service, and runs it with "-o
  stress=yes" on the command line (under normal conditions it runs
  the service with "-o stress=" on the command line).  This can be
  used to make main.cf parameter settings stress dependent, for
  example:
  /etc/postfix/main.cf:
  smtpd_timeout = ${stress?10}${stress:300}
  smtpd_hard_error_limit = ${stress?1}${stress:20}
  Translation: under conditions of stress, use an smtpd_timeout value
  of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
  instead of 20. The syntax is explained in the postconf(5) manpage.
  The STRESS_README file gives examples of how to mitigate flooding
  problems.
  Major changes - tls support
    ---------------------------
  [Incompat 20080109] TLS logging output has changed to make it more
  useful. Existing logfile parser regular expressions may need
  adjustment.
    - More log entries include the "hostnamename[ipaddress]" of the
  remote SMTP peer.
    - Certificate trust chain error reports show only the first
  error certificate (closest to the trust chain root), and the
  reporting is more human-readable for the most likely errors.
    - After the completion of the TLS handshake, the session is logged
  with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
  "Verified" (SMTP client only).
      - "Untrusted" means that the certificate trust chain is invalid,
  or that the root CA is not trusted.
      - "Trusted" means that the certificate trust chain is valid, and
  that the root CA is trusted.
      - "Verified" means that the certificate meets the SMTP client's
  matching criteria for the destination:
        - In the case of a destination name match, "Verified" also
  implies "Trusted".
        - In the case of a fingerprint match, CA trust is not applicable.
    - The logging of protocol states with TLS loglevel >= 2 no longer
  reports bogus error conditions when OpenSSL asks Postfix to refill
  (or flush) network I/O buffers.  This loglevel is for debugging
  only; use 0 or 1 in production configurations.
  [Feature 20080109] The Postfix SMTP client has a new "fingerprint"
  security level.  This avoids dependencies on CAs, and relies entirely
  on bi-lateral exchange of public keys (really self-signed or private
  CA signed X.509 public key certificates). Scalability is clearly
  limited. For details, see the fingerprint discussion in TLS_README.
  [Feature 20080109] The Postfix SMTP server can now use SHA1 instead
  of MD5 to compute remote SMTP client certificate fingerprints. For
  backwards compatibility, the default algorithm is MD5.  For details,
  see the "smtpd_tls_fingerprint_digest" parameter in the postconf(5)
  manual.
  [Feature 20080109] The maximum certificate trust chain depth
  (verifydepth) is finally implemented in the Postfix TLS library.
  Previously, the parameter had no effect. The default depth was
  changed to 9 (the OpenSSL default) for backwards compatibility.
  If you have explicity limited the verification depth in main.cf,
  check that the configured limit meets your needs. See the
  "lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
  "smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
  [Feature 20080109] The selection of SSL/TLS protocols for mandatory
  TLS can now use exclusion rather than inclusion. Either form is
  acceptable; see the "lmtp_tls_mandatory_protocols",
  "smtp_tls_mandatory_protocols" and "smtpd_tls_mandatory_protocols"
  parameters in the postconf(5) manual.
  Major changes - scheduler
    -------------------------
  [Feature 20071130] Revised queue manager with separate mechanisms
  for per-destination concurrency control and for dead destination
  detection.  The concurrency control supports less-than-1 feedback
  to allow for more gradual concurrency adjustments, and uses hysteresis
  to avoid rapid oscillations.  A destination is declared "dead" after
  a configurable number of pseudo-cohorts(*) reports connection or
  handshake failure.
  (*) A pseudo-cohort is a number of delivery requests equal to a
  destination's delivery concurrency.
  The drawbacks of the old +/-1 feedback scheduler are a) overshoot
  due to exponential delivery concurrency growth with each pseudo-cohort(*)
  (5-10-20...); b) throttling down to zero concurrency after a single
  pseudo-cohort(*) failure. The latter was especially an issue with
  low-concurrency channels where a single failure could be sufficient
  to mark a destination as "dead", and suspend further deliveries.
  New configuration parameters: destination_concurrency_feedback_debug,
  default_destination_concurrency_positive_feedback,
  default_destination_concurrency_negative_feedback,
  default_destination_concurrency_failed_cohort_limit, as well as
  transport-specific versions of the same.
  The default parameter settings are backwards compatible with older
  Postfix versions. This may change after better defaults are field
  tested.
  The updated SCHEDULER_README document describes the theory behind
  the new concurrency scheduler, as well as Patrik Rak's preemptive
  job scheduler. See postconf(5) for more extensive descriptions of
  the configuration parameters.
  Major changes - small/home office
    ---------------------------------
  [Feature 20080115] Preliminary SOHO_README document that combines
  bits and pieces from other document in one place, so that it is
  easier to find. This document describes the "mail sending" side
  only.
  [Feature 20071202] Output rate control in the queue manager. For
  example, specify "smtp_destination_rate_delay = 5m", to pause five
  minutes between message deliveries. More information in the postconf(5)
  manual under "default_destination_rate_delay".
  Major changes - smtp client
    ---------------------------
  [Incompat 20080114] The Postfix SMTP client now by default defers
  mail after a remote SMTP server rejects a SASL authentication
  attempt.  Specify "smtp_sasl_auth_soft_bounce = no" for the old
  behavior.
  [Feature 20080114] The Postfix SMTP client can now avoid making
  repeated SASL login failures with the same server, username and
  password.  To enable this safety feature, specify for example
  "smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache"
  (access through the proxy service is required). Instead of trying
  to SASL authenticate, the Postfix SMTP client defers or bounces
  mail as controlled with the new smtp_sasl_auth_soft_bounce configuration
  parameter.
  [Feature 20071111] Header/body checks are now available in the SMTP
  client, after the implementation was moved from the cleanup server
  to a library module.  The SMTP client provides only actions that
  don't change the message delivery time or destination: warn, replace,
  prepend, ignore, dunno, ok.
  [Incompat 20070614] By default, the Postfix Cyrus SASL client no
  longer sends a SASL authoriZation ID (authzid); it sends only the
  SASL authentiCation ID (authcid) plus the authcid's password. Specify
  "send_cyrus_sasl_authzid = yes" to get the old behavior.
  Major changes - smtp server
    ---------------------------
  [Feature 20070724] Not really major. New support for RFC 3848
  (Received: headers with ESMTPS, ESMTPA, or ESMTPSA); updated SASL
  support according to RFC 4954, resulting in small changes to SMTP
  reply codes and (DSN) enhanced status codes.
  Major changes - milter
    ----------------------
  [Incompat 20071224] The protocol to send Milter information from
  smtpd(8) to cleanup(8) processes was cleaned up. If you use the
  Milter feature, and upgrade a live Postfix system, you may see an
  "unexpected record type" warning from a cleanup(8) server process.
  To prevent this, execute the command "postfix reload".  The
  incompatibility affects only systems that use the Milter feature.
  It does not cause loss of mail, just a minor delay until the remote
  SMTP client retries.
  [Feature 20071221] Support for most of the Sendmail 8.14 Milter
  protocol features.
  To enable the new features specify "milter_protocol = 6" and link
  the filter application with a libmilter library from Sendmail 8.14
  or later.
  Sendmail 8.14 Milter features supported at this time:
    - NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR,
  NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
  to some of the SMTP events that Postfix sends. This makes the
  protocol less chatty and improves performance.
    - SKIP: The filter can tell Postfix to skip sending the rest of
  the message body, which also improves performance.
    - HDR_LEADSPC: The filter can request that Postfix does not delete
  the first space character between header name and header value
  when sending a header to the filter, and that Postfix does not
  insert a space character between header name and header value
  when receiving a header from the filter.  This fixes a limitation
  in the old Milter protocol that can break DKIM and DK signatures.
    - SETSYMLIST: The filter can override one or more of the main.cf
  milter_xxx_macros parameter settings.
  Sendmail 8.14 Milter features not supported at this time:
    - RCPT_REJ: report rejected recipients to the mail filter.
    - CHGFROM: replace sender, with optional ESMTP command parameters.
    - ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
  It is unclear when (if ever) the missing features will be implemented.
  SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
  processing and error handling.  SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
  require ESMTP command-line parsing in the cleanup server. Unfortunately,
  Sendmail's documentation does not specify what ESMTP options are
  supported, but only discusses examples of things that don't work.
  Major changes - address verification
    ------------------------------------
  [Incompat 20070514] The default sender address for address verification
  probes was changed from "postmaster" to "double-bounce", so that
  the Postfix SMTP server no longer causes surprising behavior by
  excluding "postmaster" from SMTP server access controls.
  Major changes - ldap
    --------------------
  [Incompat 20071216] Due to an incompatible API change between
  OpenLDAP 2.0.11 and 2.0.12, an LDAP client compiled for OpenLDAP
  version <= 2.0.11 will refuse to work with an OpenLDAP library
  version >= 2.0.12 and vice versa.
  Major changes - logging
    -----------------------
  [Incompat 20080109] TLS logging output has changed to make it more
  useful. Existing logfile parser regular expressions may need
  adjustment.
    - More log entries include the "hostnamename[ipaddress]" of the
  remote SMTP peer.
    - Certificate trust chain error reports show only the first
  error certificate (closest to the trust chain root), and the
  reporting is more human-readable for the most likely errors.
    - After the completion of the TLS handshake, the session is logged
  with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
  "Verified" (SMTP client only).
      - "Untrusted" means that the certificate trust chain is invalid,
  or that the root CA is not trusted.
      - "Trusted" means that the certificate trust chain is valid, and
  that the root CA is trusted.
      - "Verified" means that the certificate meets the SMTP client's
  matching criteria for the destination:
        - In the case of a destination name match, "Verified" also
  implies "Trusted".
        - In the case of a fingerprint match, CA trust is not applicable.
    - The logging of protocol states with TLS loglevel >= 2 no longer
  reports bogus error conditions when OpenSSL asks Postfix to refill
  (or flush) network I/O buffers.  This loglevel is for debugging
  only; use 0 or 1 in production configurations.
  [Incompat 20071216] The SMTP "transcript of session" email now
  includes the remote SMTP server TCP port number.
  Major changes - loop detection
    ------------------------------
  [Incompat 20070422] [Incompat 20070422] When the pipe(8) delivery
  agent is configured to create the optional Delivered-To: header,
  it now first checks if that same header is already present in the
  message. If so, the message is returned as undeliverable. This test
  should have been included with Postfix 2.0 when Delivered-To: support
  was added to the pipe(8) delivery agent.
* Tue Jan 08 2008 varkoly@suse.de
- Remove previous fix
* Sun Dec 30 2007 varkoly@suse.de
- #301335 - [SuSEconfig]: Postfix module uses stderr
* Tue Dec 04 2007 varkoly@suse.de
- Update to Version 2.4 patchlevel 6
  Bugfix (introduced Postfix 2.2.11): TLS client certificate
  with unparsable canonical name caused the SMTP server's
  policy client to allocate zero-length memory, triggering
  an assertion that it shouldn't do such things.  File:
  smtpd/smtpd_check.c.
  Bugfix (introduced Postfix 2.4) missing initialization of
  event mask in the event_mask_drain() routine (used by the
  obsolete postkick(1) command). Found by Coverity.  File:
  util/events.c.
  Workaround: the flush daemon forces an access time update
  for the per-destination logfile, to prevent an excessive
  rate of delivery attempts when the queue file system is
  mounted with "noatime".  File: flush/flush.c.
- #330276 – /sbin/conf.d/SuSEconfig.postfix could copy certs into smtpd_tls_CApath
* Mon Oct 22 2007 sbrabec@suse.cz
- Use correct SuSEfirewall2 rule directory.
* Wed Oct 17 2007 varkoly@suse.de
- #333629 - saslauthd typo in SuSEconfig.postfix
* Mon Oct 08 2007 varkoly@suse.de
- #331044 - Postfix uses receive_override_options in main.cf
* Sun Sep 09 2007 varkoly@suse.de
- fix the last fix
* Mon Sep 03 2007 cthiel@suse.de
- fix the last fix
* Mon Sep 03 2007 varkoly@suse.de
- Fixing bug: #297622 - SMTPD_LISTEN_REMOTE has no effect
* Sun Aug 05 2007 mrueckert@suse.de
- Update to Version 2.4 patchlevel 5
  Bugfix: the loopback TCP performance workaround was ineffective
  due to a wetware bit-flip during code cleanup.  File:
  util/vstream_tweak.c.
  (patch level 4)
  Bugfix: the Milter client assumed that a Milter application
  does not modify the message header or envelope, after that
  same Milter application has modified the message body of
  that same email message. This is not a problem with updates
  by different Milter applications.  Problem was triggered
  by Jose-Marcio Martins da Cruz. Also simplified the handling
  of queue file update errors. File: milter/milter8.c.
  Workaround: some non-Cyrus SASL SMTP servers require SASL
  login without authzid (authoriZation ID), i.e. the client
  must send only the authcid (authentiCation ID) + the authcid's
  password.  In this case the server is supposed to derive
  the authzid from the authcid. This works as expected when
  authenticating to a Cyrus SASL SMTP server.  To get the old
  behavior specify "send_cyrus_sasl_authzid = yes", in which
  case Postfix sends the (authzid, authcid, password), with
  the authzid equal to the authcid. File: xsasl/xsasl_cyrus_client.c.
  Portability: /dev/poll support for Solaris chroot jail setup
  scripts. Files: examples/chroot-setup/Solaris8,
  examples/chroot-setup/Solaris10.
  Cleanup: Milter client error handling, so that the (Postfix
  SMTP server's Milter client) does not get out of sync with
  Milter applications after the (cleanup server's Milter
  client) encounters some non-recoverable problem.  Files:
  milter/milter8.c, smtpd/smtpd.c.
  Performance: workaround for poor TCP performance on loopback
  (127.0.0.1) connections. Problem reported by Mark Martinec.
  Files: util/vstream_tweak.c, milter/milter8.c, smtp/smtp_connect.c,
  smtpstone/*source.c.
  Bugfix: when a milter replied with ACCEPT at or before the
  first RCPT command, the cleanup server would apply the
  non_smtpd_milters setting as if the message was a local
  submission. Problem reported by Jukka Salmi. Also, the
  cleanup server would get out of sync with the milter when
  a milter replied with ACCEPT at the DATA command. Files:
  cleanup/cleanup_envelope.c, smtpd/smtpd.c, milter/milters.c.
- rediffed patches
* Tue Jul 31 2007 varkoly@suse.de
- Update to Version 2.4 patchlevel 3
  (patch level 1)
  Bugfix (introduced Postfix 2.3): segfault with HOLD action
  in access/header_checks/body_checks on 64-bit platforms.
  File: cleanup/cleanup_api.c.
  Portability (introduced 20070325): the fix for hardlinks
  and symlinks in postfix-install forgot to work around shells
  where "IFS=/ command" makes the IFS setting permanent.  This
  is allowed by some broken standard, and affects Solaris.
  File: postfix-install.
  Portability (introduced 20070212): the workaround for
  non-existent library bugs with descriptors >= FD_SETSIZE
  broke with "fcntl F_DUPFD: Invalid argument" on 64-bit
  Solaris.  Files: master/multi_server.c, *qmgr/qmgr_transport.c.
  Cleanup: on (Linux) platforms that cripple signal handlers
  with deadlock, "postfix stop" now forcefully stops all the
  processes in the master's process group, not just the master
  process alone.  File: conf/postfix-script.
  (patch level 2)
  Bugfix: don't falsely report "lost connection from
  localhost[127.0.0.1]" when Postfix is being portscanned.
  Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
  Robustness: recommend a "0" process limit for policy servers
  to avoid "connection refused" problems when the smtpd process
  limit exceeds the default process limit.  File:
  proto/SMTPD_POLICY_README.html.
  Safety: when IPv6 (or IPv4) is turned off, don't treat an
  IPv6 (or IPv4) connection from e.g. inetd as if it comes
  from localhost[127.0.0.1].  Files: smtpd/smtpd_peer.c,
  qmqpd/qmqpd_peer.c.
  Bugfix: Content-Transfer-Encoding: attribute values are
  case insensitive. File: src/cleanup/cleanup_message.c.
  Bugfix: mailbox_transport(_maps) and fallback_transport(_maps)
  were broken when used with the error(8) or discard(8)
  transports. Cause: insufficient documentation.  Files:
  error/error.c, discard/discard.c.
  Bugfix (problem introduced Postfix 2.3): when DSN support
  was introduced it broke "agressive" recipient duplicate
  elimination with "enable_original_recipient = no".  File:
  cleanup/cleanup_out_recipient.c.
  Bugfix (introduced Postfix 2.3): the sendmail/postdrop
  commands would hang when trying to submit a message larger
  than the per-message size limit. File: postdrop/postdrop.c.
  Sabotage the saboteur who insists on breaking Postfix by
  adding gethostbyname() calls that cause maildir delivery
  to fail when the machine name is not found in /etc/hosts,
  or that cause Postfix processes to hang when the network
  is down.
  (patch level 3)
  Portability: Victor helpfully pointed out that change
  20070425 broke on non-IPv6 systems. Files: smtpd/smtpd_peer.c,
  qmqpd/qmqpd_peer.c.
* Thu Jun 21 2007 varkoly@suse.de
- Bug 285553  amavisd inconsistency
* Tue Jun 19 2007 dmueller@suse.de
- provide smtp meta-service as well
* Mon Jun 11 2007 lrupp@suse.de
- don't PreRequire /sbin/ip: removed call in SuSEconfig.postfix
* Thu May 03 2007 varkoly@suse.de
- dynamic_maps.patch: readded the chunk for dict_tcp and dict_pcre
- replaced prereq for postfix with a prereq on
  %%{name} = %%{version}
- updated to postfix 2.4, patchlevel 0
  Major changes - safety
  * As a safety measure, Postfix now by default creates mailbox dotlock
  files on all systems. This prevents problems with GNU POP3D which
  subverts kernel locking by creating a new mailbox file and deleting
  the old one
  Major changes - Milter support
  * The support for Milter header modification
  requests was revised.  With minimal change in the on-disk representation,
  the code was greatly simplified, and regression tests were updated
  to ensure that old errors were not re-introduced.  The queue file
  format is entirely backwards compatible with Postfix 2.3.
  * Support for Milter requests to replace the message
  body.  Postfix now implements all the header/body modification
  requests that are available with Sendmail 8.13.
  * A new field is added to the queue file "size"
  record that specifies the message content length.  Postfix 2.3 and
  older Postfix 2.4 snapshots will ignore this field, and will report
  the message size as it was before the body was replaced.
  Major changes - TLS support
  * The check_smtpd_policy client sends TLS certificate
  attributes (client ccert_subject, ccert_issuer) only after successful
  client certificate verification. The reason is that the certification
  verification status itself is not available in the policy request.
  * The check_smtpd_policy client sends TLS certificate
  fingerprint information even when the certificate itself was not
  verified.
  * The remote SMTP client TLS certificate fingerprint
  can be used for access control even when the certificate itself was
  not verified.
  * The format of SMTP server TLS session cache
  lookup keys has changed.  The lookup key now includes the master.cf
  service name.
  Major changes - performance
  * Better support for systems that run thousands
  of Postfix processes.  Postfix now supports FreeBSD kqueue(2),
  Solaris poll(7d) and Linux epoll(4) as more scalable alternatives
  to the traditional select(2) system call, and uses poll(2) when
  examining a single file descriptor for readability or writability.
  These features are supported on sufficiently recent versions of
  FreeBSD, NetBSD, OpenBSD, Solaris and Linux; support for other
  systems will be added as evidence becomes available that usable
  implementations exist.
  Major changes - delivery status notifications
  * Small changes were made to the default bounce
  message templates, to prevent HTML-aware software from hiding or
  removing the text "<postmaster>", and producing misleading text.
  * Postfix no longer announces its name in delivery
  status notifications.  Users believe that Wietse provides a free
  help desk service that solves all their email problems.
  Major changes - ETRN support
  * More precise queue flushing with the ETRN,
  "postqueue -s site", and "sendmail -qRsite" commands, after
  minimization of race conditions.  New per-queue-file flushing with
  "postqueue -i queueid" and "sendmail -qIqueueid".
  Major changes - small office/home office support
  * Postfix no longer requires a domain name. It
  uses "localdomain" as the default Internet domain name when no
  domain is specified via main.cf or via the machine's hostname.
  Major changes - SMTP access control
  * The check_smtpd_policy client sends TLS certificate
  attributes (client ccert_subject, ccert_issuer) only after successful
  client certificate verification. The reason is that the certification
  verification status itself is not available in the policy request.
  * The check_smtpd_policy client sends TLS certificate
  fingerprint information even when the certificate itself was not
  verified.
  * The remote SMTP client TLS certificate fingerprint can be used for
  access control even when the certificate itself was not verified.
  * The Postfix installation procedure no longer
  updates main.cf with "unknown_local_recipient_reject_code = 450".
  Four years after the introduction of mandatory recipient validation,
  this transitional tool is no longer neeed.
* Thu Mar 29 2007 rguenther@suse.de
- Add pwdutils BuildRequires to allow postinst script to succeed.
- Add /usr/share/omc directory.
* Mon Feb 26 2007 varkoly@suse.de
- #247351 - postfix - Ports for SuSEfirewall added via packages
- Move postfix.xml into the postfix-SuSE tarball
- #228479 - Postfix is configured for inet_protocols=all if
  selecting ipv4 only support during installation.
  Now we set both inet_protocols and inet_interfaces to all.
  This means the available interfaces and protocols will be used.
  To avoid bogus warnings inet_proto.c was patched.
- #251598 - postfix use pointers for literals
* Mon Jan 15 2007 varkoly@suse.de
- #144104 - postfix does not start
- Implementing Fate #301840: Postfix XML Service Description Document
- Enhancing /etc/sysconfig/postfix descripton to avoid problems
  like Bug 228678 - Problems with setting up chroot environment if
  /var/spool is not on same filesystem as /var
* Wed Nov 22 2006 mrueckert@suse.de
- moved the dict handling into a preun script instead of postun
  and do not remove the dict entry on upgrade (#223176)
- removed duplicates in the filelists.
* Fri Nov 10 2006 varkoly@suse.de
- #218229 - Postfix SuSEconfig script increases the max_proc line each run in master.cf
* Sat Oct 28 2006 varkoly@suse.de
- #206414 - /usr/lib/sasl2/smtpd.conf misplaced
* Tue Oct 24 2006 varkoly@suse.de
- #202119 – SuSEconfig script for Postfix incomplete
- #202162 – Postfix 2.3.2 slightly incorrect, Cyrus SASL unavailable
- #203174 – /sbin/conf.d/SuSEconfig.postfix should configure a TLS session cache for postfix 2.2
- #203575 – postfix-2.2.9-10 chokes without scache
- #213589 - No development package/headers for postfix
* Wed Aug 16 2006 ro@suse.de
- also add libpostfix-milter.so*
* Mon Aug 14 2006 varkoly@suse.de
- updated to postfix 2.3, patchlevel 2
- Major changes
  - Name server replies that contain a malformed hostname are now flagged
  as permanent errors instead of transient errors.
  - DSN support as described in RFC 3461 .. RFC 3464.
  - The SMTP client now implements the LMTP protocol.
  - Milter (mail filter) application support, compatible with Sendmail
  version 8.13.6 and earlier.
- Major changes - SASL authentication
  - Plug-in support for SASL authentication in the SMTP server and in the
  SMTP/LMTP client.
  - The Postfix-with-Cyrus-SASL build procedure has changed.
  - Support for sender-dependent ISP accounts.
- Major changes - SMTP client
  - The SMTP client now implements the LMTP protocol.
  - This version addresses a performance stability problem with remote
  SMTP servers.
- Major changes - SMTP server
  - The Postfix SMTP server now refuses to receive mail from the network
  if it isn't running with postfix mail_owner privileges.
  - Optional suppression of remote SMTP client hostname lookup and hostname
  verification.
  - SMTPD Access control based on the existence of an address->name mapping
- Major changes - TLS
  - New concept: TLS security levels ("none", "may", "encrypt", "verify"
  or "secure") in the Postfix SMTP client.
  - Both the Postfix SMTP client and server can be configured without a
  client or server certificate.
- See
  /usr/share/doc/packages/postfix/RELEASE_NOTES
  /usr/share/doc/packages/postfix/TLS_CHANGES
  /usr/share/doc/packages/postfix/README_FILES/SASL_README
  for detailed informations.
* Wed Aug 02 2006 varkoly@suse.de
- Only %%{conf_backup_dir} is contained by the package not /var/adm/backup
* Mon Jul 10 2006 varkoly@suse.de
- Bugfix: #190639 Default number of processes for postfix
- Bugfix: #190270 postfix-postgresql
* Fri Jun 02 2006 varkoly@suse.de
- Bugfix: #98188 - SuSE.tar.gz filename collision in cyrus/postfix SRPMs
* Mon Apr 24 2006 varkoly@suse.de
- Bugfix: #165786 - yast2-mail modul uses obsolate postfix attributes
* Mon Mar 20 2006 varkoly@suse.de
- updated to postfix 2.2, patchlevel 9.
- Reasons:
  Bugfix: the LMTP client would reuse a session after negative
  reply to the RSET command (which may happen when client and
  server somehow get out of sync).
  Bugfix: race condition in the connection caching protocol,
  causing the SMTP delivery agent to hang after delivering
  mail, while trying to save a connection.
  Bugfix: the best_mx_transport, mailbox_transport and
  fallback_transport features did not write a per-recipient
  defer logfile record when the target delivery agent was
  broken.
  Bugfix: an EHLO I/O error after STARTTLS would be reported
  as a STARTTLS I/O error.
  Bugfix: the *SQL, proxy and LDAP maps were not defined in
  user-land commands such as postqueue.
  Bugfix: the anvil server would terminate after "max_idle"
  seconds, even when this was less than the anvil_rate_time_unit
  interval.
  Portability: 64-bit support for LINUX chroot script by Keith
  Owens.
  Safety: new "smtp_cname_overrides_servername" parameter.
  Bugfix: mailbox_command_maps was not subject to $name
  expansion.
  Bugfix: don't ignore the per-site policy when SSL library
  initialization fails.
  Bugfix: a TLS per-site MUST_NOPEERMATCH policy could not
  override a stronger main.cf policy, while a per-site NONE
  policy could.
  Bugfix: a combined TLS per-site (host, recipient) policy
  of (NONE, MAY) changed a global MUST policy into NONE, and
  a global MUST_NOPEERMATCH into MAY. The result is now NONE.
  Problem found by exhaustive simulation.
  Bugfix: an empty remote_header_rewrite_domain value caused
  trivial-rewrite to dereference a null pointer, but only in
  regression tests, not in production.  Postfix rewrites
  addresses in the remote rewriting context only when the
  remote_header_rewrite_domain parameter value is non-empty.
  Workaround: a malformed domain name lookup result (such as
  null MX record) is now treated as a hard error, so that
  Postfix will no longer repeatedly try to deliver mail until
  the message expires in the queue.  However, this will not
  reject mail with reject_unknown_sender/recipient_domain.
  That would require too much change for a stable release.
* Fri Jan 27 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Tue Jan 24 2006 varkoly@suse.de
- Fixing the spec-file
- Bugfix: ID#143682 - Spurious (obsoleted?) configuration variable in postfix's main.cf
* Mon Jan 23 2006 varkoly@suse.de
- Bugfix: ID#140173 postfix allows relaying on the whole subnet
- Bugfix: ID#144091 postfix doesn't start with the latest kernel
* Fri Jan 20 2006 varkoly@suse.de
- Bugfix: ID#144091
- Postfix makes an entry in slp servre for smtp & smtps
* Mon Jan 16 2006 varkoly@suse.de
- removing openldap from "neededforbuild"
* Wed Nov 30 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 6
* Tue Oct 11 2005 choeger@suse.de
- added patch ldap_api_changes.patch: openldap2.3 enforces to use
  "The C LDAP Application Program Interface"
* Mon Aug 15 2005 choeger@suse.de
- Bugfix Bugzilla ID#104663 - consistent use of variables in postfix
  init-script
- Bugfix Bugzilla ID#104568 - SuSEconfig.postfix doesnt set $PATH properly to
  find all binaries.
* Fri Aug 12 2005 mmj@suse.de
- Package the /usr/lib/sendmail -> /usr/sbin/sendmail link [#102947]
* Tue Jul 26 2005 choeger@suse.de
- Bugfix Bugzilla ID#93884 - package postfix uses -fsigned-char
  Remove -fsigned-char option for ppc and s390 archs
* Mon Jul 25 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 5:
  - Portability: the connection caching code broke on LP64
  systems (inherited from Stevens Network Programming).
  Files:  util/unix_send_fd.c, util/unix_recv_fd.c. This code
  is back-ported from the Postfix 2.3 snapshot release.
  - Robustness: the SMTP client now disables connection caching
  when it is unable to communicate with the scache(8) server,
  instead of looping forever and not delivering mail. File:
  global/scache_clnt.c.  This code is back-ported from the
  Postfix 2.3 snapshot release.
  - Portability: after sending a socket, the scache(8) server
  now waits for an ACK from the connection cache client before
  closing the socket that it just sent. Files: scache/scache.c,
  global/scache_clnt.c. This code is back-ported from the
  Postfix 2.3 snapshot release.
  - Portability: on LP64 systems, integer expressions are int,
  but sizeof() and pointer difference expressions are larger.
  Point fixes for a few discrepancies with variadic functions
  that expect int (the permanent fix is to change the receiving
  modules, but that results in too much change, and is not
  allowed in the stable release).  Files: tls/tls_scache.c,
  util/clean_env.c, util/vstring.h, smtpstone/qmqp-source.c.
* Mon Jul 18 2005 choeger@suse.de
- force to set strict_8bitmime to "no" when POSTFIX_MDA != cyrus,
  because once it is set to "yes", nobody sets it back.
- only install /etc/pam.d/smtp if %%suse_version > 920
- use Prereq instead of Requires for mysql and postgresql subpackages
* Wed Jul 13 2005 choeger@suse.de
- added /etc/pam.d/smtp configuration file
* Thu Jul 07 2005 choeger@suse.de
- Fixed build on x86_64: use -fPIC for libraries and -fPIE for the
  rest
* Tue Jul 05 2005 choeger@suse.de
- applied dynamic maps patch of LaMont Jones at debian
- Fix to SuSEconfig.postfix: only touch tlsmgr line in master.cf,
  if it is the new one using unix socket instead of fifo
* Thu Jun 30 2005 uli@suse.de
- build with -fPIE (not -fpie) to avoid GOT overflow on s390x
* Thu Jun 23 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 4
* Fri Jun 17 2005 choeger@suse.de
- fixed build using -pie/-fpie (hopefully)
* Fri Jun 17 2005 choeger@suse.de
- Build using -pie
* Fri May 13 2005 choeger@suse.de
- set strict_8bitmime parameter to yes when using cyrus mailbox
  delivery
* Wed May 04 2005 choeger@suse.de
- Bugfix ID#66325 - postfix: permissions
  also ship a postfix.paranoid file with the package with all suid and sgid
  bits disabled
* Tue May 03 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 3
- Bugfix ID#75717 - postfix init scripts reports success allthough postfix is
  not running:
  use checkproc again instead of "master -t", as "master -t" seems to be broken
* Thu Apr 21 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 2
- Bugfix ID#74712, problems with read-only mounting of $chroot/proc:
  don't mount /var/spool/postfix/proc ro as that results in /proc also mounted
  ro.
- Bugfix ID#74709, postfix configuration and USE_IPV6 in
  sysconfig/network/config
* Tue Mar 15 2005 choeger@suse.de
- updated to postfix 2.2, patchlevel 1
  Postfix 2.2.1 solves four portability problems that surfaced in
  the week since the 2.2.0 release, one harmless bug in the TLS
  session cache cleaning code, and cleans up minor documentation
  problems.
* Thu Mar 10 2005 choeger@suse.de
- 2.2.0 is out
* Mon Mar 07 2005 choeger@suse.de
- update to RC2
* Wed Mar 02 2005 choeger@suse.de
- make it compile with gcc4
* Mon Feb 28 2005 choeger@suse.de
- RC1 of 2.2 is out
* Fri Feb 18 2005 choeger@suse.de
- use "usr/sbin/postfix upgrade-configuration" now instead of
  "etc/postfix/post-install upgrade-package"
* Thu Feb 17 2005 choeger@suse.de
- removed some @ chars (don't know how they slipped in)
* Thu Feb 17 2005 choeger@suse.de
- update to current pre 2.2 snapshot (2.2-20050216)
  2.2 release could happen next week
* Thu Feb 10 2005 choeger@suse.de
- added patch needed for the Kolab project (this patch is part of the upcoming
  postfix 2-2 release), see
  http://wiki.kolab.org/index.php/Kolab-major-app-patches
* Thu Feb 03 2005 choeger@suse.de
- s/X-UnitedLinux-Should-Start/Should-Start/
* Wed Feb 02 2005 choeger@suse.de
- added long_header.patch
  long lines piped into postfix sendmail can lead to errors.
* Wed Feb 02 2005 choeger@suse.de
- Bugfix ID#49307: faster postfix startup: don't use hashed directories if
  possible:
  - added patch empty_hash_queue_names.patch to be able to modify
  hash_queue_names parameter.
  - added check to %%post to change hash_queue_names in case of
  /var/spool/postfix residing on a reiserfs partition when doing
  a fresh installation
- Bugfix ID#50386 - postfix must prereq /sbin/ip (iproute2)
* Fri Jan 28 2005 choeger@suse.de
- updated tls+ipv6 patchkit to v1.26
  - Bugfix: Incomplete error checking in getaddrinfo() could cause lmtpd to
  crash with debug_peer_list defined. Carsten Hoeger, SuSE.  File:
  util/match_ops.c
  - Linux workaround: When mynetworks isn't set, a chrooted process could not
  read the IPv6 address information from /proc. We now invoke own_inet_addr()
  before chrooting, while processing main.cf. [backported from 2.2-nonprod
  snapshot] File: global/mail_params.c
  - Safety: when IPv6 netmask can't be determined, mynetworks is not set and
  mynetworks_style = subnet, assume /128 (host only). Until now, Tru64Unix
  assumed /64 (good for real subnets, but not safe for tunnel ranges etc.).
  File: util/inet_addr_local.c
* Sat Jan 15 2005 schwab@suse.de
- Use <owner>:<group> in permissions file.
* Thu Jan 13 2005 choeger@suse.de
- Two fixes to ipv6-patch related bugs:
  - Bugfix Bugzilla ID#49435 - VUL-0: Postfix, permit_mx_backup, IPv6, chroot
    --> Open Relay!
  - Bugfix Bugzilla ID#49695 - SEGV while lmtp delivery
- mount /proc into chroot jail to be able to access /proc/net/if_inet6
* Wed Nov 24 2004 schwab@suse.de
- Put options first in find command line.
* Tue Nov 09 2004 choeger@suse.de
- setting LC_ALL=POSIX in SuSEconfig.postfix
* Wed Sep 29 2004 choeger@suse.de
- Bugfix Bugzilla ID#46462, postfix should switch biff off
* Tue Sep 21 2004 choeger@suse.de
- updated to  postfix 2.1, patchlevel 5
  (several small bugfixes)
- updated tls+ipv6 patchkit (there have been some small bugs)
- use v4 address 127.0.0.1 as amavisd-new local contact address
  as amavisd is not listening on any v6 address
* Mon Sep 20 2004 choeger@suse.de
- also chmod the .db file resulting of a postmap (related to
  bugfix ID#39045
* Thu Sep 16 2004 choeger@suse.de
- Bugfix Bugzilla ID#39045 - tls_per_site table updates in SuSEconfig.postfix
  introduced POSTFIX_MAP_LIST in /etc/sysconfig/postfix where additional
  maps maintained by SuSEconfig.postfix can be added
* Thu Sep 16 2004 choeger@suse.de
- Bugfix Bugzilla ID#45252 - rpm calls SuSEconfig.permissions which calls rpm
  -> 3 minute timeout
  Also don't call rpm from SuSEconfig.postfix
- Speedup: set timestamp of $TMPDIR/main.cf into the past to workaround
  postconf safety which is not neccessary, because we do not touch the main.cf,
  the postfix daemons are using.
* Mon Sep 13 2004 choeger@suse.de
- added $time to Required-Start in init-script
* Thu Aug 26 2004 choeger@suse.de
- do not filter locally delivered mail when USE_AMAVIS=yes
  (don't set content_filter=vscan in main.cf)
- removed obsolete vscan service definition from master.cf
* Fri Aug 20 2004 choeger@suse.de
- use "$MASTER_BIN -t" to check whether postfix is already running
  in start section of init-script. That's more reliable then checkproc.
* Wed Jul 14 2004 choeger@suse.de
- Bugfix Bugzilla ID#42995 - SuSEconfig.postfix should ignore
  .swp and other files in /etc/aliases.d
* Tue Jul 13 2004 choeger@suse.de
- Bugfix Bugzilla ID#42281,  openssl ca segfaults:
  added missing [ policy_anything ] configuration
  options to openssl.cnf
* Mon Jul 12 2004 choeger@suse.de
- updated to  postfix 2.1, patchlevel 4
- updated tls+ipv6 patchkit to v1.25
- new feature POSTFIX_REGISTER_SLP in /etc/sysconfig/postfix
  to be able to totally disable slptool from being started
* Tue May 25 2004 choeger@suse.de
- updated tls+ipv6 patchkit to v1.24:
  - Bugfix: Prefixlen non-null host portion validation (in CIDR maps for
  example) yielded incorrect results sometimes because signed arithmetic was
  used instad of unsigned.
  - Patch correction: The TLS+IPv6 patch for Postfix 2.1.0 missed the master.cf
  update (used for new installattions). Added it back.
- as tls and ipv6 patches have not been completely ported to postfix 2.1
  new documentation system, especially the new postconf(5) manpage is
  missing the complete ipv6 and tls related configuration parameters,
  readded the sample-* files from ipv6+tls to %%doc/samples
* Tue May 04 2004 choeger@suse.de
- update to postfix 2.1, patchlevel 1:
 - Patch 01 fixes a signal 11 problem in the check_policy_service
  feature when SASL support is compiled in but turned off in the
  SMTP server (smtpd_sasl_auth_enable = no).
* Wed Apr 28 2004 choeger@suse.de
- added now officially released tls patchkit 0.8.18-2.1.0-0.9.7d to
  the source package for the user to be able to build a non-ipv6
  postfix package
* Mon Apr 26 2004 choeger@suse.de
- official tls+ipv6 v1.23 patchkit released:
  - Patch fixes: Several code fixes to make the patch compile and work
  correctly when compiled without IPv6 support.
  - Bugfix (Solaris only?): address family length was not updated
  which could cause client hostname validation errors.  File:
  smtpd/smtpd_peer.c
  - Portability: added support for Darwin 7.3+. This may need some
  further testing.
  - Cleanup: Restructure and redocument interface address retrieval
  functions. (This reduced the number of preprocessor statements
  from 99 to 93 ;) File: util/inet_addr_local.c
  - Cleanup: make several explicit casts to have compilers shut their
  pie holes about uninteresting things.
* Fri Apr 23 2004 choeger@suse.de
- update to final postfix v2.1
* Wed Apr 21 2004 choeger@suse.de
- Bugfix: changed {main,master}.cf backup path in specfile, but not in
  SuSEconfig script
* Wed Apr 21 2004 choeger@suse.de
- update to postfix 2.1 RC5
* Mon Apr 19 2004 choeger@suse.de
- update to current postfix 2.1 release candidate (RC4)
* Wed Apr 07 2004 choeger@suse.de
- Bugfix Bugzilla ID#38569, exit SuSEconfig.postfix if
  mktemp fails
* Tue Mar 30 2004 choeger@suse.de
- Bugfix Bugzilla ID#37409
  the saslauthd socket is not copied to chroot jail due to
  a wrong test in SuSEconfig.postfix (used -L instead of -S)
* Mon Mar 29 2004 choeger@suse.de
- only add ::1 to inet_interfaces when SMTPD_LISTEN_REMOTE=no
  AND ipv6 is enabled
* Mon Mar 29 2004 choeger@suse.de
- Bugfix Bug ID#37293, SuSEConfig complains POSTFIX_ADD_* parameters are
  unknown (in turkish locale settings)
  added LC_CTYPE=POSIX to SuSEconfig.postfix
* Thu Mar 25 2004 choeger@suse.de
- updated to tls+ipv6 version 1.22 (related to Bugzilla ID#35884)
  - Feature: Support "inet_interfaces = IPv4:all" and "inet_interfaces =
  IPv6:all", to restrict postfix to use either IPv4-only or IPv6-only. A more
  complete implementation will be part of a future patch. (Slightly modified)
  patch by Michal Ludvig, SuSE.  Files: util/interfaces_to_af.[ch],
  util/inet_addr_local.c, global/own_inet_addr.c,
  global/wildcard_inet_addr.[ch], master/master_ent.ch
  - Bugfix: In Postfix snapshots, a #define was misplaced with the effect that
  IPv6 subnets were not included in auto- generated $mynetworks (i.e.,
  mynetworks not defined in main.cf, when also mynetworks_style=subnet) on
  Linux 2.x systems.  File: utils/sys_defs.h
- now adding ::1 to inet_interfaces when SMTPD_LISTEN_REMOTE=no
  (related to Bugzilla ID#35884)
- enabled ipv6 again
* Thu Mar 18 2004 choeger@suse.de
- updated to most recent snapshot version 2.0.19-20040312:
  Patch 19 fixes two low-priority problems:
  - When mail is submitted at a high rate with the Postfix sendmail
  command, the pickup daemon is keps busy long enough that it it
  terminated by the watchdog timer (a feature that prevents Postfix
  from locking up permanently).
  - Malformed addresses in SMTP commands could result in table looks
  with zero-length search strings, causing trouble with NIS lookups.
* Wed Mar 17 2004 choeger@suse.de
- disable IPv6 patch as it introduces problems for people
  who do not use IPv6, see Bugzilla ID#35884,
  "ipv6 mynetworks don't work"
* Mon Mar 08 2004 choeger@suse.de
- be a nice packager and strictly follow
  http://www.porcupine.org/postfix-mirror/newdoc/PACKAGE_README.html
  (added setgid_group=... to post-install upgrade-package)
* Fri Feb 27 2004 choeger@suse.de
- update to most recent version 2.0.18-20040209
* Mon Feb 23 2004 choeger@suse.de
- Bugfix Bugzilla ID#34817, SuSEconfig.postfix doesn't specify direct path to
  "postconf" and generates errors if run via sudo by a non-root user.
* Fri Feb 06 2004 choeger@suse.de
- update to postfix 2.0.18-20040205
- enabled tls+ipv6 patch as it is now available for latest
  pre 2.1 snapshot
* Mon Feb 02 2004 choeger@suse.de
- finally, the official TLS patchkit of Lutz hit the ground
* Mon Feb 02 2004 choeger@suse.de
- additional fix for the TLS extensions patch
  should also fix Bugzilla ID#34218
* Fri Jan 23 2004 choeger@suse.de
- fixed the smtp segfault
* Thu Jan 22 2004 choeger@suse.de
- updated to postfix 2.0.18-20040122
- added new feature for specfile usetls to en/dis-able TLS
  support
- temporary removed TLS support (self adapted patch to most recent
  postfix snapshot version) as it currently results in smtp segfaulting
* Thu Jan 22 2004 choeger@suse.de
- update to recent postfix snapshot version 2.0.17-20040120
  which will become the next official release 2.1 around
  next week according to Wietse Venema.
- added possibility to compile using the combined IPV6/TLS patch
  which can be downloaded from http://www.ipnet6.org/postfix/
  just set useipv6 to 1 at the top of the specfile.
* Thu Jan 22 2004 ro@suse.de
- remove call to ldap_enable_cache
  (function has been removed from openldap and was already
  obsolete before (warning was issued back then))
* Wed Jan 14 2004 choeger@suse.de
- added openslp register/derigister calls to postfix init-script
* Mon Jan 12 2004 choeger@suse.de
- add postfix user to group mail in case of POSTFIX_MDA==cyrus
  to let postfix lmtp access /var/lib/imap/socket/lmtp
* Thu Jan 08 2004 choeger@suse.de
- Bugfix Bugzilla ID#33421, SMTP-Auth and relaying
  added permit_sasl_authenticated also to smtpd_recipient_restrictions
  in SuSEconfig.postfix
* Mon Dec 01 2003 choeger@suse.de
- always create temp files and always remove them later on
* Mon Nov 17 2003 choeger@suse.de
- some .spec improvements
* Thu Oct 30 2003 mmj@suse.de
- Run SuSEconfig after install
* Wed Oct 29 2003 mmj@suse.de
- Don't build as root
- Be nice and clean up after ourselves
* Tue Oct 14 2003 choeger@suse.de
- update to postfix v2.0.16
- update to tls extensions v0.8.16
- Fix for Bugzilla ID#32114, fixed some if condition syntaxes
* Tue Sep 16 2003 choeger@suse.de
- fixed example for POSTFIX_RELAYHOST, Bug ID#30756
* Mon Sep 08 2003 choeger@suse.de
- updated some sysconfig descriptions
- removed relays.osirosoft.com from the examples, Bug ID#30215
* Thu Sep 04 2003 kukuk@suse.de
- Fix next useradd call
* Wed Sep 03 2003 choeger@suse.de
- conf/postfix-files as input for /etc/permissions.d/postfix (Bug ID#29915)
- generate better amavisd-new master.cf line:
  limit maxproc to 2 and use brackets around localhost
  (Bug ID#29917)
* Mon Sep 01 2003 choeger@suse.de
- use conf/postfix-files as input for directories and permissions
  for files/directories in/below $queue_directory and $command_directory
- use /var/lib/imap/socket/lmtp as lmtp socket in SuSEconfig.postfix
  and change access modes of /var/lib/imap and /var/lib/imap/socket
  to let postfix lmtp access the unix socket
* Fri Aug 29 2003 kukuk@suse.de
- Create postfix user as system account [Bug #29611]
* Fri Aug 29 2003 kukuk@suse.de
- Adjust sendmail permissions
- Create /var/spool/postfix/public with permissions postfix is
  using
* Thu Aug 28 2003 mmj@suse.de
- Add sendmail to /etc/sysconfig/mail
* Thu Aug 14 2003 choeger@suse.de
- update to Postfix 2.0 Patch 14
- Bugfix Bugzilla ID#28921:
  missing activation metadata in sysconfig template
* Wed Jul 30 2003 choeger@suse.de
- new macros for stop/restart of services on rpm update/removal
* Mon Jul 21 2003 choeger@suse.de
- chown user:group instead of user.group
* Fri Jul 11 2003 choeger@suse.de
- update to tls extensions 0.8.15-2.0.13-0.9.7b
* Tue Jul 01 2003 choeger@suse.de
- updated SuSEconfig to use amavisd-new instead of amavis[d]-postfix
* Mon Jun 30 2003 choeger@suse.de
- update to Postfix 2.0 Patch 13
- After "postfix reload", the master daemon now warns when the
  inet_interfaces parameter setting has changed, and ignores the
  change, instead of passing incorrect information to the smtp
  server.
- After the postdrop command change with Postfix 2.0.11, the postcat
  command no longer recognized "maildrop" queue files as valid.
- Mail could bounce when two messages were delivered simultaneously
  to a non-existent mailbox file. The safe_open() code that prevents
  race condition exploits will now try a little harder when it
  actually encounters a race condition.
- update to tls extensions 0.8.14-2.0.12-0.9.7b
* Thu Jun 12 2003 choeger@suse.de
- also change path to smtpd.conf in sysconfig template parameter
  description dependent on what %%{_lib} is set to.
* Thu Jun 12 2003 choeger@suse.de
- update to postfix 2.0, patchlevel 12
* Wed Jun 11 2003 choeger@suse.de
- mkdir -p $RPM_BUILD_ROOT/%%{_libdir}/sasl2 instead of
  $RPM_BUILD_ROOT/usr/lib/sasl2
  and we also can build on 64bit archs
* Wed Jun 11 2003 choeger@suse.de
- package /usr/lib/sasl2/smtpd.conf using %%{_libdir}/sasl2/smtpd.conf
- added /etc/postfix to filelist
* Wed Jun 11 2003 choeger@suse.de
- update to postfix 2.0, patchlevel 11
- update to tls extensions 0.8.13-2.0.10-0.9.7b
* Fri May 23 2003 choeger@suse.de
- updated SuSE/master.cf toplevel comments
* Fri May 23 2003 choeger@suse.de
- update to postfix 2.0, patchlevel 10
* Mon May 19 2003 choeger@suse.de
- remove installed (but unpackaged) file /etc/postfix/aliases
* Mon May 19 2003 choeger@suse.de
- path to ca, certificate and key is relative to $POSTFIX_SSL_PATH,
  added $POSTFIX_SSL_PATH/ to the relevant parts of SuSEconfig.postfix
* Wed May 14 2003 choeger@suse.de
- correctly handle new POSTFIX_SMTP_TLS_CLIENT parameter in
  SuSEconfig.postfix (activate/deactivate master.cf entries)
* Wed May 14 2003 choeger@suse.de
- added libxcrypt to chroot jail, Bugzilla ID#25766
* Tue May 13 2003 choeger@suse.de
- added TLS_CLIENT support, Bugzilla ID#26647
* Wed Apr 23 2003 choeger@suse.de
- update to postfix 2.0, patchlevel 9
* Tue Apr 15 2003 ro@suse.de
- fixed neededforbuild
* Mon Apr 07 2003 choeger@suse.de
- update to postfix 2.0, patchlevel 7
- update to tls extensions 0.8.13-2.0.6-0.9.7a
- Bugfix Bugzilla ID#25905, do not restrict mailbox size per default
* Sat Mar 08 2003 choeger@suse.de
- use checkproc to check if there really is a postfix master
  process running when there's a pid file lying around.
  (Bugzilla ID#24910)
* Thu Mar 06 2003 choeger@suse.de
- update to Postfix 2.0 Patch 06
- Postfix now truncates non-address information in message address
  headers (comments, etc.) to 250 characters per address. This should
  rarely present a problem.  Reportedly, junk mail from poorly written
  software can trigger the protection, but that is no great loss.
- Some little fixes to documentation.
* Tue Mar 04 2003 choeger@suse.de
- update to Postfix 2.0 Patch 05
- The SMTP server's hard and soft error limits were off by one.
  With "smtpd_hard_error_limit = 1", Postfix will now disconnect
  after the first error, instead of the second one.
- The proxymap server could deadlock when the mydestination parameter
  setting included a proxymapped lookup table.
- Some little fixes to documentation.
* Sat Mar 01 2003 choeger@suse.de
- when updating postfix, check whether post-install changed
  main/master.cf and update md5sums to not confuse SuSEconfig
- when installing postfix on a fresh system, create md5sums
  in %%post to be able to let check_md5_and_move() detect
  changes that a user might have done without running SuSEconfig
  before.
* Thu Feb 27 2003 choeger@suse.de
- no longer remove md5sums of main.cf and master.cf during
  postinstall, as SuSEconfig then no longer knows, whether
  main.cf/master.cf had been modified by the user.
  Disadvantage: as postfix permanently needs basic changes
  to both main and master.cf, SuSEconfig.postfix will frequently
  generate .SuSEconfig files although the user did not change anything
  Bugzilla ID#24432
* Fri Feb 21 2003 choeger@suse.de
- update to Postfix 2.0 Patch 04
  - The format of maildir filenames is synchronized with the present
  version of the maildir definition document. This format was already
  adopted by the 20030126 snapshot release.
  - The time limit on delivery to external commands was not enforced.
  This was broken probably some time before the first public Postfix
  release.
  - Duplicate elimination after virtual alias expansion works again.
  This was broken with the introduction of the original recipient
  attribute.
  - The local pickup daemon dropped incomplete records from local
  submissions. This was broken somewhere in the middle of 2002.
* Sat Feb 15 2003 choeger@suse.de
- Bugfix Bugzilla ID#23675: new service proxymap will not be
  appended during update
* Mon Feb 10 2003 choeger@suse.de
- also check whether amavisd-postfix is installed and set up
  filter section in master.cf
* Thu Jan 30 2003 choeger@suse.de
- update to Postfix 2.0 Patch 03
  - Postfix 2.0 broke relocated table lookup results with mail not
  rejected at the SMTP port, causing "User has moved to" text to be
  deleted.
  - A widely used maildir filename generating algorithm was broken.
  This affects all Postfix versions with maildir support. Instead of
  TIME.PID_COUNT.HOST Postfix now uses TIME.DEVICE_INODE.HOST.
  - Postfix 2.0 gave incorrect FILTER_README instructions for sites
  that wish to disable virtual alias mapping before the content
  filter.
- postfix-lib64.patch code now integrated in postfix
* Fri Jan 24 2003 choeger@suse.de
- changed SuSEconfig.postfix and smtpd.conf to use sasl2
* Thu Jan 23 2003 choeger@suse.de
- forgot to add tlsmgr to master.cf
* Thu Jan 23 2003 choeger@suse.de
- Hmmm, just noticed, that suddenly 2.0.0.x became 2.0.x
  must have missed something...
- updated SuSE/master.cf (new proxymap service)
* Thu Jan 16 2003 choeger@suse.de
- added POSTFIX_ADD_MESSAGE_SIZE_LIMIT as example to sysconfig.postfix
  (Bugzilla ID#22907)
* Tue Jan 14 2003 choeger@suse.de
- build using sasl2
* Fri Jan 10 2003 choeger@suse.de
- update to postfix v2 (version 2.0.0.2)
* Wed Dec 11 2002 choeger@suse.de
- added sysconfig metadata to sysconfig templates
- updated to new tls extensions
* Fri Nov 29 2002 choeger@suse.de
- Bugfix Bugzilla ID#21865: don't copy directories into
  directories when updating chroot jail in cpifnewer()
- Update to version 1.11, pl12
* Tue Nov 19 2002 choeger@suse.de
- new SuSEconfig.postfix features:
  . SMTP-AUTH server
  . SMTP-AUTH client
  . TLS Server
* Tue Nov 05 2002 choeger@suse.de
- quote args of tr command
* Mon Nov 04 2002 choeger@suse.de
- new feature: POSTFIX_ADD_* command in sysconfig/postfix to
  be able to add any regular postfix command via SuSEconfig
- Bugfix Bugzilla ID#21120 added POSTFIX_ADD_MAILBOX_SIZE_LIMIT
  as example with value 0 (unlimited)
- added a header to main.cf explaining that many postfix
  parameters have been added to the end of main.cf
* Tue Oct 15 2002 choeger@suse.de
- Bugfix for Bugzilla ID#20754
  missed some parameters when restoring main.cf or master.cf
  from scratch
* Wed Oct 09 2002 choeger@suse.de
- NULLCLIENT did not work because SuSEconfig searches for the wrong
  keyword
* Mon Oct 07 2002 choeger@suse.de
- Bugfix related to Bugzilla IDs  20506, 18298, 19294:
  masquerade_classes should not be extended by envelope_recipient
* Fri Sep 06 2002 choeger@suse.de
- added ypbind to X-UnitedLinux-Should-Start in init-script
* Wed Aug 28 2002 choeger@suse.de
- added restoration mechanism to restore master.cf and/or main.cf
  if they got deleted by (intention or) accident to SuSEconfig.postfix
- added ldap to X-UnitedLinux-Should-Start
* Mon Aug 26 2002 choeger@suse.de
- Bugfix Bugzilla ID#18298: when setting FROM_HEADER, also unqualified
  envelope recipients should be qualified to FROM_HEADER, not to
  myorigin, added envelope_recipient to masquerade_classes
- Bugfix Bugzilla ID#18297: %%post touches main.cf and master.cf so it
  may happen, that an update leaves .SuSEconfig files.
  Remove /var/adm/SuSEconfig/md5/etc/postfix/main.cf and master.cf
  in %%post
- Bugfix Bugzilla ID#18301: sendmail and postfix have different
  opinions on the usage of NULLCLIENT. Moved NULLCLIENT to
  sysconfig.postfix.POSTFIX_NULLCLIENT
- added exim to Conflicts
* Thu Aug 22 2002 choeger@suse.de
- wait for qmgr in the background for a maximum of 60 seconds
* Wed Aug 21 2002 choeger@suse.de
- Bugfix for init-script:
  wait for qmgr to be ready before calling postfix flush
* Wed Aug 14 2002 choeger@suse.de
- added accidently removed line in master.cf for amavis,
  Bugzilla ID#17732
* Tue Aug 13 2002 choeger@suse.de
- exclude .rpmsave and .rpmorig from /etc/aliases.d expansion
* Wed Aug 07 2002 choeger@suse.de
- added netcfg to Prereq (/etc/aliases)
* Tue Aug 06 2002 choeger@suse.de
- added pcre openldap2-client to prereq (Bugzilla ID#17447)
* Mon Aug 05 2002 choeger@suse.de
- completed Prereq
* Fri Jul 19 2002 choeger@suse.de
- Bugfix for the handling of POSTFIX_MASQUERADE_DOMAIN
  and FROM_HEADER
- removed main.cf from SuSE.tar.gz
- added X-UnitedLinux-Should-Start: cyrus to init-script
* Thu Jul 18 2002 choeger@suse.de
- set local as default MDA again
  reason: postfix does not execute any external programs like procmail
  with uid 0, so root mails will go to /var/mail/nobody, which
  will confuse people
- remove setting of SUSE_RELEASE version in the (E)SMTP banner
* Fri Jul 12 2002 choeger@suse.de
- removed /etc/aliases from filelist, it's now in netcfg
* Thu Jul 11 2002 choeger@suse.de
- removed 'q' flag from vscan transport definition, because
  current amavis versions have a rfc2821_mailbox_addr function
- remove old aliases.db files in %%post
- do not use unset in %%post
* Mon Jul 08 2002 choeger@suse.de
- make procmail the default MDA
* Fri Jul 05 2002 choeger@suse.de
- use %%{_lib} macro to detect platforms with lib64
  directories
* Fri Jul 05 2002 choeger@suse.de
- make chroot jail function lib64 aware
* Thu Jul 04 2002 uli@suse.de
- fixed libnsl detection on lib64 systems
* Thu Jul 04 2002 choeger@suse.de
- ldap_url_search_st is no longer available in OpenLDAP v2.1
  added a patch, that uses ldap_url_parse
- added new feature POSTFIX_MDA, Bugzilla ID#16720
* Fri Jun 07 2002 choeger@suse.de
- changed POSTFIX_BASIC_SPAM_PREVENTION. It can now be set to
  either off(default), medium or hard
- cleaned up SuSEconfig.postfix
- prepared for /etc/aliases.d
* Wed Jun 05 2002 choeger@suse.de
- new FEATURES: POSTFIX_RBL_HOSTS, POSTFIX_BASIC_SPAM_PREVENTION,
  Bugzilla ID#16383
- moved sample-*.cf files to %%{_docdir}/postfix/samples
* Wed Jun 05 2002 choeger@suse.de
- update to patchlevel 11, version 1.1.11
- new FEATURE: POSTFIX_UPDATE_MAPS
* Fri May 24 2002 choeger@suse.de
- update to patchlevel 10, version 1.1.10
- create required users and groups in %%pre install
* Thu Apr 25 2002 choeger@suse.de
- removed provides of my own packagename...
* Fri Apr 19 2002 choeger@suse.de
- Bugfix for README.SuSE: POSTFIX_CREATECF is now
  MAIL_CREATE_CONFIG
* Thu Apr 04 2002 choeger@suse.de
- update to patchlevel 7, version 1.1.7
- introduced new feature POSTFIX_LAPTOP
* Tue Mar 26 2002 choeger@suse.de
- update to patchlevel 5, version 1.1.5
* Tue Mar 12 2002 choeger@suse.de
- Bugfix: don't check whether POSTFIX_MASQUERADE_DOMAIN is empty
  or not, because else we won't be able to clear it.
* Thu Feb 28 2002 choeger@suse.de
- added flags=q to amavis transport definition (link@suse.de):
  [...]
  If your postfix is older than snapshot 20010610, leave out the
  "flags=q" part. However, amavis will not function properly with
  envelope adresses that contain whitespace in the local-part.
  This is quite rare, but has been observed a few times.
  [...]
* Mon Feb 25 2002 choeger@suse.de
- update to version 1.1.4 (1.1, patchlevel 4)
  Bugfix (excerpt from HISTORY):
  ..................................................................
  off-by-one error, causing a null byte to be
  written outside dynamically allocated memory in
  the queue manager with addresses of exactly 100
  bytes long, resulting in SIGSEGV on systems with
  an "exact fit" malloc routine.
  ..................................................................
- added new option SMTPD_LISTEN_REMOTE to /etc/sysconfig/mail
  which has been introduced by the SuSE dist-team (excerpt):
  ..................................................................
  sendmail does have an option to listen only on the local port,
  this should be the default.
  A flag "SMTPD_LISTEN_REMOTE" in /etc/sysconfig/mail will be used
  to decide if port 25 should be opened externally.
  The sendmail package will send a mail to root explaining this
  fact. sendmail updates will copy the value of START_SMTPD to this
  new flag.
  ..................................................................
  As this is a totally different behaviour compared to old releases,
  SMTPD_LISTEN_REMOTE will be set to "yes", if POSTFIX_CREATECF
  (now MAIL_CREATE_CONFIG) had been set to "yes" before the update.
* Thu Feb 21 2002 choeger@suse.de
- fillup workaround
* Thu Feb 21 2002 choeger@suse.de
- hostname handling is still annoying
  added some piece of code to SuSEconfig.postfix to
  get a valid hostname
* Mon Feb 18 2002 choeger@suse.de
- %%postinst cleanup:
  . use rename_sysconfig_variable macro
  . use remove_and_set macro
  instead of directly calling fillup
* Wed Feb 13 2002 choeger@suse.de
- FQHOSTNAME has been removed from /etc/sysconfig/network/config
  and is now set in /etc/HOSTNAME, which wasn't FQ in the past.
  *Please, don't change it again*
- if POSTFIX_LOCALDOMAINS is set, do not append
  "$myhostname, localhost.$mydomain" anymore
* Tue Feb 12 2002 choeger@suse.de
- Also take care of the localhost:10025 mailer definition when
  setting up chroot options
* Mon Feb 11 2002 choeger@suse.de
- Do not set myorigin to FROM_HEADER
* Thu Feb 07 2002 choeger@suse.de
- Bugfix(SuSEconfig.postfix): typo in path to /etc/sysconfig/amavis
* Mon Feb 04 2002 choeger@suse.de
- SuSEconfig.postfix enhancement: get hostname from hostname -f
  Bugfix: get FQHOSTNAME from /etc/sysconfig/network/config
- added -y to fillup_and_insserv to create startlinks
  after installation
- changed company name to SuSE Linux AG in copyright headers
* Mon Feb 04 2002 choeger@suse.de
- update to postfix 1.1.3 and tls extensions 0.8.3
  minor bugfixes
  http://groups.yahoo.com/group/postfix-users/message/52953
* Fri Feb 01 2002 choeger@suse.de
- Bugfix: Forgot to assign a name to TMPDIR in SuSEconfig.postfix
* Fri Feb 01 2002 choeger@suse.de
- added resolve_local_panic.patch
  http://groups.yahoo.com/group/postfix-users/message/52746
* Wed Jan 30 2002 choeger@suse.de
- update of tls extensions to 0.8.2
* Mon Jan 28 2002 choeger@suse.de
- update to version 1.1.2
- sysconfig.mail changes
* Tue Jan 22 2002 choeger@suse.de
- renamed cleanup.fillup to sysconfig.postfix.cleanup
- added postqueue patch, see
  http://groups.yahoo.com/group/postfix-users/message/51611
  for more details
* Mon Jan 21 2002 choeger@suse.de
- update to official release version 1.1.0
- moved some stuff to /etc/sysconfig/mail
- cleaned up /etc/rc.config access
- added some safety checks to SuSEconfig.postfix
* Wed Jan 16 2002 choeger@suse.de
- update to version 20020115 (release candidate for Postfix
  official release version 1.1)
* Tue Jan 15 2002 choeger@suse.de
- some improvements to SuSEconfig.postfix
* Fri Jan 11 2002 choeger@suse.de
- updated to version 20020107
- added postinstall section to update from previous versions
  of postfix
* Tue Jan 08 2002 egmont@suselinux.hu
- Changed /sbin/init.d to /etc/init.d in init script comment
* Mon Jan 07 2002 choeger@suse.de
- added sender_canonical_maps to SuSEconfig.postfix to let
  the new YaST2 module setup this map similar to sendmails
  genericstable
* Thu Jan 03 2002 kukuk@suse.de
- SuSEconfig.postfix shell script is no config file [Bug #12712]
* Wed Dec 19 2001 choeger@suse.de
- Made initscript more LSB compliant (status codes)
- Bugfix for Bugzilla ID#12672 (improve explanation
  of POSTFIX_LOCALDOMAINS)
- robustness enhancement for SuSEconfig.postfix
* Fri Dec 14 2001 choeger@suse.de
- typo in specfile (master.cf installed as main.cf)
* Thu Dec 13 2001 choeger@suse.de
- update to version 20011210
- some changes to SuSEconfig.postfix:
  . added POSTFIX_UPDATE_CHROOT_JAIL variable, see README.SuSE
  . some cleanups for chroot jail
  . little bugfixes
* Thu Dec 13 2001 ro@suse.de
- moved rc.config.d -> sysconfig
* Wed Nov 28 2001 choeger@suse.de
- update to version 20011127
- some changes to SuSEconfig.postfix:
  . added more robustness (Jehova)
  . do not chown -R postfix to /var/spool/postfix
  . query for package cyrus-sasl instead of sasl
* Tue Nov 20 2001 choeger@suse.de
- update to version 20011115
  Bugfix for a memory exhaustion bug in smtpd
  see http://groups.yahoo.com/group/postfix-users/message/46597
- remove START_ variable
* Fri Nov 09 2001 choeger@suse.de
- some changes to specfile (thanks to Simon J Mudd from whom
  I copied some code)
* Tue Nov 06 2001 choeger@suse.de
- fix some SuSEconfig.postfix bugs:
  . master.cf chroot column can also contain '-'
  . don't do anything if POSTFIX_CREATECF != yes
* Fri Oct 26 2001 choeger@suse.de
- update to most recent snapshot version 20011008
* Thu Oct 25 2001 choeger@suse.de
- update to pl05
* Fri Oct 19 2001 choeger@suse.de
- Bugfix, Bugzilla ID#11914
* Wed Sep 26 2001 choeger@suse.de
- ALWAYS create master.cf, even is POSTFIX_CREATECF is set
  to no, because else chroot mode may not work, Bugzilla ID#11359
* Thu Sep 13 2001 choeger@suse.de
- removed an obsolete echo in start section of init-script
* Thu Sep 06 2001 choeger@suse.de
- Bugfix in init-script: redirect output of postfix start
  to dev/null and do not use startproc to start postfix
* Tue Sep 04 2001 choeger@suse.de
- update to tls-extensions v0.7.9
  see http://groups.yahoo.com/group/postfix-users/message/41094
  for details
* Fri Aug 31 2001 choeger@suse.de
- update of tls-extensions to 0.7.8
- update of postfix to pl04
- Bugfix: - check if postfix spool is set up before starting postfix
          - start postfix with postfix start, because postfix-script
  wouldn't be executed, else.
* Tue Jul 10 2001 choeger@suse.de
- update of tls-extensions to 0.7.3
* Thu Jun 28 2001 choeger@suse.de
- bugfix: remove libs from chroot jail, that are no longer
  valid, Bugzilla ID#9133
- bugfix: init script was not LSB compliant, Bugzilla ID#9063
* Fri Jun 15 2001 choeger@suse.de
- added cyrus to require start in init-script
- "bugfix": bootstrap problem cyrus-imapd <-> postfix:
  cyrus-imapd must run before postfix, but fails to create
  lmtp socket, because /var/spool/postfix/public directory
  isn't present. FIX: add it to filelist
* Wed Jun 13 2001 choeger@suse.de
- install postrop with special SGID modes
* Tue Jun 12 2001 choeger@suse.de
- improved SuSEconfig.postfix
  - better main.cf handling
  - new feature: chroot or not chroot
* Mon May 28 2001 choeger@suse.de
- major bugfix: memory leak in the LDAP client module
- minor bugfixes
* Wed May 09 2001 mfabian@suse.de
- bzip2 sources
* Wed May 02 2001 choeger@suse.de
- updated to pl02, bugfixrelease
* Mon Apr 30 2001 choeger@suse.de
- Bugfix for SuSEconfig.postfix:
  Handling of TIMEZONE variable if set to unappropriate or no
  value
- Improvement: Warnings are printed out in bold
* Tue Apr 17 2001 kukuk@suse.de
- Don't use a RPM macro for version number
* Fri Mar 30 2001 choeger@suse.de
- update to pl01, bugfixrelease
* Tue Mar 27 2001 choeger@suse.de
- added libcrack to chroot jail, because
  it is needed by pam_pwcheck
* Thu Mar 15 2001 ro@suse.de
- fixed neededforbuild for openldap
* Mon Mar 05 2001 choeger@suse.de
- first non-beta of the next postfix generation
- v20010228
* Tue Feb 27 2001 ro@suse.de
- added cyrus-sasl-devel to neededforbuild
* Tue Feb 27 2001 choeger@suse.de
- new version, 20010225
- removed notification message
* Tue Feb 20 2001 choeger@suse.de
- bugfix: wrong permissions for maildrop directory
* Wed Jan 31 2001 choeger@suse.de
- update to version 20010128
- now linked against ldaplib2
* Fri Jan 05 2001 choeger@suse.de
- bugfix: maildrop must be owned by postfix.root
* Mon Dec 18 2000 choeger@suse.de
- update to version 20001212
- bugfix: insserv
- bugfix: missed openssl in neededforbuilt
- renamed to postfix, because a non-crypto version
  is no longer needed
* Wed Dec 13 2000 choeger@suse.de
- Bugfix: postfix-script was not executable
* Tue Dec 12 2000 choeger@suse.de
- Bugfixes:
  Provides in initscript
  Use /bin/bash in SuSEconfig.postfix
- Update to version 20001210
* Thu Nov 30 2000 ro@suse.de
- startscript sbin -> etc
* Thu Nov 23 2000 choeger@suse.de
- new version
- fix for neededforbuild
- fix for master.cf
* Wed Nov 22 2000 choeger@suse.de
- adopted to new init scheme
* Wed Nov 15 2000 choeger@suse.de
- fixed neededforbuild
* Tue Nov 14 2000 choeger@suse.de
- update to version 20001030
* Thu Nov 09 2000 choeger@suse.de
- long packagename
- added rpm buildroot
* Wed Nov 08 2000 uli@suse.de
- fixed neededforbuild
* Fri Nov 03 2000 bk@suse.de
- src/util/dict_ldap.c:dict_ldap_lookup(): fix missing **-termination.
* Tue Oct 24 2000 fober@suse.de
- s390,ppc: added -fsigned-char compiler option, to fix obscure segfaults.
  (code is not signed/unsigned-char-clean)
* Thu Oct 12 2000 choeger@suse.de
- yet another SuSEconfig.postfix bug (incorrect link)
* Wed Oct 11 2000 choeger@suse.de
- bugfix for SuSEconfig.postfix
* Mon Oct 09 2000 choeger@suse.de
- bugfix: missed to install new flush service
* Mon Oct 09 2000 choeger@suse.de
- inititial revision of pfixtls