diff --git a/postfix/HISTORY b/postfix/HISTORY index 98fd5f0ab..8aec6eb2d 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -29193,7 +29193,6 @@ Apologies for any names omitted. setting from "yes" to "no". The new default is enabled with compatibility level >= 3.11. Files: smtp/smtp_tlsrpt.c, global/mail_params.[hc], proto/COMPATIBILITY_README.html. - proto/memcache_table, global/dict_memcache.c, util/hex_code.[hc]. 20250608 @@ -29548,3 +29547,15 @@ Apologies for any names omitted. and DANE policies. This prevents TLSRPT notifications for all SMTP deliveries that do not require TLS. File: smtp/smtp_connect.c. + +20250806 + + Documentation: updated the smtpd_hide_client_session + description with specific reference to RFC 5321 section + 4.4. File: proto/postconf.proto. + +20250807 + + Bugfix (defect introduced: 20250803): "TLS-Required: no" was + no longer in effect for LMTP deliveries. Viktor Dukhovni. + File: smtp/smtp_connect.c. diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index b61babdf2..ba54bb4d8 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -16637,7 +16637,7 @@ SMTP server's Received: message header.

  • The default setting, "smtpd_hide_client_session = no", must be used for the port 25 MTA service. It provides information -that is required by RFC 5321.

    +that is required by RFC 5321 section 4.4.

  • The setting "smtpd_hide_client_session = yes" may be used for the port 587 and 465 MUA services. This hides the SMTP client @@ -16660,8 +16660,9 @@ Received: by mail.example.com (Postfix) id postfix-queue-id

    The redacted form hides that a message was received with SMTP, -and therefore it does not need to provide the information required by -RFC 5321. The form does still meet RFC 5322 requirements.

    +and therefore it does not need to provide the FROM clause according +to RFC 5321 section 4.4. The redacted form still meets RFC 5322 +requirements.

    This feature is available in Postfix ≥ 3.10.

    diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 73fce25dd..d3aadfa04 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -11272,7 +11272,7 @@ SMTP server's Received: message header. .IP \(bu The default setting, "smtpd_hide_client_session = no", must be used for the port 25 MTA service. It provides information -that is required by RFC 5321. +that is required by RFC 5321 section 4.4. .IP \(bu The setting "smtpd_hide_client_session = yes" may be used for the port 587 and 465 MUA services. This hides the SMTP client @@ -11296,8 +11296,9 @@ Received: by mail.example.com (Postfix) id postfix\-queue\-id .in -4 .PP The redacted form hides that a message was received with SMTP, -and therefore it does not need to provide the information required by -RFC 5321. The form does still meet RFC 5322 requirements. +and therefore it does not need to provide the FROM clause according +to RFC 5321 section 4.4. The redacted form still meets RFC 5322 +requirements. .PP This feature is available in Postfix >= 3.10. .SH smtpd_history_flush_threshold (default: 100) diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 666264fe2..bc95018b5 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -19634,7 +19634,7 @@ SMTP server's Received: message header.

  • The default setting, "smtpd_hide_client_session = no", must be used for the port 25 MTA service. It provides information -that is required by RFC 5321.

    +that is required by RFC 5321 section 4.4.

  • The setting "smtpd_hide_client_session = yes" may be used for the port 587 and 465 MUA services. This hides the SMTP client @@ -19657,8 +19657,9 @@ Received: by mail.example.com (Postfix) id postfix-queue-id

    The redacted form hides that a message was received with SMTP, -and therefore it does not need to provide the information required by -RFC 5321. The form does still meet RFC 5322 requirements.

    +and therefore it does not need to provide the FROM clause according +to RFC 5321 section 4.4. The redacted form still meets RFC 5322 +requirements.

    This feature is available in Postfix ≥ 3.10.

    diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index c03965bdd..1836742ea 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20250803" +#define MAIL_RELEASE_DATE "20250807" #define MAIL_VERSION_NUMBER "3.11" #ifdef SNAPSHOT diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c index 8c26e9f64..24f5c76ce 100644 --- a/postfix/src/smtp/smtp_connect.c +++ b/postfix/src/smtp/smtp_connect.c @@ -575,6 +575,24 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path) SMTP_ITER_INIT(iter, path, var_myhostname, path, NO_PORT, state); + /* + * If a "TLS-Required: no" header is in effect, update the iterator to + * override TLS policy selection and to limit the security level to + * "may". Do not reset the security level after policy selection, as that + * would result in errors. For example, when TLSA records are looked up + * for security level "dane", and then the security level is reset to + * "may", the activation of those TLSA records will fail. + * + * Note that the REQUIRETLS verb in ESMTP overrides the "TLS-Required: no" + * header. + */ +#ifdef USE_TLS + if (var_tls_required_enable + && (state->request->sendopts & SOPT_REQUIRETLS_HEADER)) { + iter->tlsreqno = 1; + } +#endif + /* * Opportunistic TLS for unix domain sockets does not make much sense, * since the channel is private, mere encryption without authentication