- fix build on sle11 by pointing _libexecdir to /usr/lib all the
time.
- some distros did not pull pkgconfig indirectly. pull it directly.
- fix building the dynamic maps: the old build had postgresql e.g.
with missing symbols.
- convert to AUXLIBS_* instead of plain AUXLIBS which is needed
for proper dynamic maps.
- reordered the CCARGS and AUXLIBS* lines to group by feature
- use pkgconfig or *_config tools where possible
- picked up signed char from fedora spec file
- enable lmdb support: new BR lmdb-devel, new subpackage
postfix-lmdb.
- don't delete vmail user/groups
OBS-URL: https://build.opensuse.org/request/show/376737
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=233
- update to 3.1.0
- Since version 3.0 postfix supports dynamic loading of cdb:, ldap:,
lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients.
Thats why the patches dynamic_maps.patch and dynamic_maps_pie.patch
could be removed.
- Adapting all the patches to postfix 3.1.0
- The patch postfix-db6.diff is not more neccessary
- Backwards-compatibility safety net.
With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.
With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.
Several Postfix default settings have changed with Postfix 3.0. To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.
- Major changes - tls
* [Feature 20160207] A new "postfix tls" command to quickly enable
opportunistic TLS in the Postfix SMTP client or server, and to
manage SMTP server keys and certificates, including certificate
signing requests and TLSA DNS records for DANE.
* As of the middle of 2015, all supported Postfix releases no longer
nable "export" grade ciphers for opportunistic TLS, and no longer
use the deprecated SSLv2 and SSLv3 protocols for mandatory or
OBS-URL: https://build.opensuse.org/request/show/373635
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=232
* Fix for DMARC implementations based on SPF policy plus DKIM Milter.
* The Postfix SMTP server logged an incorrect client name in reject
messages for check_reverse_client_hostname_access and check_reverse_client_hostname_{mx,ns}_access.
* The qmqpd daemon crashed with null pointer bug when logging a lost connection while not in a mail transaction.
* The TLS client logged that an anonymous TLS connection was "Untrusted", instead of "Anonymous".
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=230
- postfix-SuSE.tar.gz/postfix.service: None of
nss-lookup.target network.target local-fs.target time-sync.target
should be Wanted or Required except by the services
the implement the relevant functionality i.e network.target
is wanted/required by networkmanager, wicked,
systemd-network. other software must be ordered After them,
see systemd.special(7)
OBS-URL: https://build.opensuse.org/request/show/309705
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=223
- added postfix-2.11.5_linux4.patch:
Allow building on kernel 4. Patch taken from:
https://groups.google.com/forum/#!topic/mailing.postfix.users/fufS22sMGWY
- update to postfix 2.11.5
- Bugfix (introduced: Postfix 2.6):
sender_dependent_relayhost_maps ignored the relayhost setting
in the case of a DUNNO lookup result. It would use the
recipient domain instead. Viktor Dukhovni. Wietse took the
pieces of code that enforce the precedence of a
sender-dependent relayhost, the global relayhost, and the
recipient domain, and put that code together in once place so
that it is easier to maintain. File:
trivial-rewrite/resolve.c.
- Bitrot: prepare for future changes in OpenSSL API. Viktor
Dukhovni. File: tls_dane.c.
- Incompatibility: specifying "make makefiles" with "CC=command"
will no longer override the default WARN setting.
OBS-URL: https://build.opensuse.org/request/show/298292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=124
- Bugfix (introduced: Postfix 2.6):
sender_dependent_relayhost_maps ignored the relayhost setting
in the case of a DUNNO lookup result. It would use the
recipient domain instead. Viktor Dukhovni. Wietse took the
pieces of code that enforce the precedence of a
sender-dependent relayhost, the global relayhost, and the
recipient domain, and put that code together in once place so
that it is easier to maintain. File:
trivial-rewrite/resolve.c.
- Bitrot: prepare for future changes in OpenSSL API. Viktor
Dukhovni. File: tls_dane.c.
- Incompatibility: specifying "make makefiles" with "CC=command"
will no longer override the default WARN setting.
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=216
- bnc#912594 config.postfix creates config based on old options
- bnc#911806 config.postfix does not set up correct saslauthd socket directory for chroot
- bnc#910265 config.postfix does not upgrade the chroot
- bnc#908003 wrong access rights on /usr/sbin/postdrop causes
permission denied when trying to send a mail as non root user
- bnc#729154 wrong permissions for some postfix components
OBS-URL: https://build.opensuse.org/request/show/280976
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=206
- Remove keyring and things as it is md5 based one no longer
accepted by gpg 2.1
- No longer perform gpg validation; osc source_validator does it
implicit:
+ Drop gpg-offline BuildRequires.
+ No longer execute gpg_verify.
- restore previously lost fix:
Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de
- Ignore errors in %pre/%post.
- postfix 2.11.3:
* Fix for configurations that prepend message headers with Postfix
access maps, policy servers or Milter applications. Postfix now
hides its own Received: header from Milters and exposes prepended
headers to Milters, regardless of the mechanism used to prepend
a header. This fix reverts a partial solution that was released
on October 13, 2014, and replaces it with a complete solution.
* Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure.
- postfix 2.11.2:
* Fix for DMARC implementations based on SPF policy plus DKIM
Milter. The PREPEND access/policy action added headers ABOVE
Postfix's own Received: header, exposing Postfix's own Received:
header to Milters (protocol violation) and hiding the PREPENDed
header from Milters. PREPENDed headers are now added BELOW
Postfix's own Received: header and remain visible to Milters.
* The Postfix SMTP server logged an incorrect client name in
reject messages for check_reverse_client_hostname_access and
check_reverse_client_hostname_{mx,ns}_access. They replied with
OBS-URL: https://build.opensuse.org/request/show/262589
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=118
- bnc#862662 - Unable to configure postfix SMTP with forced TLS using YaST2
- Update to 2.11.0
* TLS
o Support for PKI-less TLS server certificate verification, where
the CA public key or the server certificate is identified via DNSSEC lookup
* LMDB database support
* master
o The master_service_disable parameter value syntax has changed:
use "service/type" instead of "service.type".
* postconf:
o Support for advanced master.cf query and update operations.
This was implemented primarily to support automated system management tools.
o The postconf command produces more warnings
* relay safety
New smtpd_relay_restrictions parameter built-in default settings:
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination
* postscreen whitelisting
Allow a remote SMTP client to skip postscreen(8) tests based on
its postscreen_dnsbl_sites score.
OBS-URL: https://build.opensuse.org/request/show/222157
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=112
