rpm/postfix
SHA256
1
0
Fork 0
forked from pool/postfix
Code Pull Requests Activity

Accepting request 795485 from home:stroeder:branches:server:mail

Browse Source 
Update to 3.5.1 fixing DNSSEC and DANE. Successfully tested on Tumbleweed x86_64 with dane-only TLS policy.

OBS-URL: https://build.opensuse.org/request/show/795485
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=363
This commit is contained in:
Marcus Rückert 2020-04-20 18:33:45 +00:00 committed by Git OBS Bridge
parent 14375c8ad9
commit 08ff5cea88
6 changed files with 43 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
deprecated-RES_INSECURE1.patch
View File

@ -1,33 +0,0 @@
diff --git a/postfix/src/dns/dns_str_resflags.c b/postfix/src/dns/dns_str_resflags.c
index 5f2cce5e0..472394c3a 100644
--- a/postfix/src/dns/dns_str_resflags.c
+++ b/postfix/src/dns/dns_str_resflags.c
@@ -52,18 +52,28 @@
static const LONG_NAME_MASK resflag_table[] = {
"RES_INIT", RES_INIT,
"RES_DEBUG", RES_DEBUG,
+#ifdef RES_AAONLY
"RES_AAONLY", RES_AAONLY,
+#endif
"RES_USEVC", RES_USEVC,
+#ifdef RES_PRIMARY
"RES_PRIMARY", RES_PRIMARY,
+#endif
"RES_IGNTC", RES_IGNTC,
"RES_RECURSE", RES_RECURSE,
"RES_DEFNAMES", RES_DEFNAMES,
"RES_STAYOPEN", RES_STAYOPEN,
"RES_DNSRCH", RES_DNSRCH,
+#ifdef RES_INSECURE1
"RES_INSECURE1", RES_INSECURE1,
+#endif
+#ifdef RES_INSECURE2
"RES_INSECURE2", RES_INSECURE2,
+#endif
"RES_NOALIASES", RES_NOALIASES,
+#ifdef RES_USE_INET6
"RES_USE_INET6", RES_USE_INET6,
+#endif
#ifdef RES_ROTATE
"RES_ROTATE", RES_ROTATE,
#endif

3
postfix-3.4.10.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:908a66fc38537a0047e8561e1bc0ef096c53357ffad16d2d728cd4fc8ae56654
size 4573370

3
postfix-3.5.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dbce092db23253c0e990c082da2ef1d7921e6896c0a2991d2a8fd9443abb41d4
size 4609587

20
postfix-master.cf.patch
View File

@ -1,5 +1,5 @@
--- conf/master.cf.orig 2019-03-11 13:45:38.792457629 +0100
+++ conf/master.cf 2019-03-11 13:50:08.312456601 +0100
--- conf/master.cf.orig 2020-04-19 12:30:46.108385239 +0200
+++ conf/master.cf 2020-04-19 12:33:14.899620955 +0200
@@ -10,6 +10,11 @@
# (yes) (yes) (no) (never) (100)
# ==========================================================================
@ -12,14 +12,14 @@
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
@@ -29,6 +34,7 @@
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
@@ -17,6 +22,7 @@
#submission inet n - n - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
+# -o content_filter=smtp:[127.0.0.1]:10024
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
@@ -65,6 +71,26 @@
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
@ -51,14 +51,14 @@
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
-# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+# user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
-# flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+# flags=DRX user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
@@ -131,3 +157,10 @@
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
+#
+#procmail unix - n n - - pipe

29
postfix.changes
View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Sun Apr 19 10:22:12 UTC 2020 - Michael Ströder <michael@stroeder.com>
- Dropped deprecated-RES_INSECURE1.patch to make DNSSEC-secured
lookups and DANE mail transport work again
- Update to 3.5.1:
* Support for the haproxy v2 protocol. The Postfix implementation
supports TCP over IPv4 and IPv6, as well as non-proxied
connections; the latter are typically used for heartbeat tests.
* Support to force-expire email messages. This introduces new
postsuper(1) command-line options to request expiration, and
additional information in mailq(1) or postqueue(1) output.
* The Postfix SMTP and LMTP client support a list of nexthop
destinations separated by comma or whitespace. These destinations
will be tried in the specified order.
* Incompatible changes:
* Logging: Postfix daemon processes now log the from= and to=
addresses in external (quoted) form in non-debug logging (info,
warning, etc.). This means that when an address localpart
contains spaces or other special characters, the localpart will
be quoted, for example:
from=<"name with spaces"@example.com>
Specify "info_log_address_format = internal" for backwards compatibility.
* Postfix now normalizes IP addresses received with XCLIENT,
XFORWARD, or with the HaProxy protocol, for consistency with
direct connections to Postfix. This may change the appearance
of logging, and the way that check_client_access will match
subnets of an IPv6 address.
-------------------------------------------------------------------
Fri Mar 13 14:29:32 UTC 2020 - Michael Ströder <michael@stroeder.com>

4
postfix.spec
View File

@ -53,7 +53,7 @@
%bcond_with libnsl
%endif
Name: postfix
Version: 3.4.10
Version: 3.5.1
Release: 0
Summary: A fast, secure, and flexible mailer
License: IPL-1.0 OR EPL-2.0
@ -74,7 +74,6 @@ Patch7: %{name}-ssl-release-buffers.patch
Patch8: %{name}-vda-v14-3.0.3.patch
Patch9: fix-postfix-script.patch
Patch10: %{name}-avoid-infinit-loop-if-no-permission.patch
Patch11: deprecated-RES_INSECURE1.patch
BuildRequires: ca-certificates
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
@ -176,7 +175,6 @@ PostgreSQL.
%patch8
%patch9
%patch10
%patch11 -p2
# ---------------------------------------------------------------------------