mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-3.7-20210529

Browse Source
This commit is contained in:
Wietse Venema 2021-05-29 00:00:00 -05:00 committed by Viktor Dukhovni
parent 2595917e49
commit c0e76bc1f1
12 changed files with 167 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
postfix/HISTORY
View File

@ -25553,3 +25553,22 @@ Apologies for any names omitted.
Cleanup: in the Postfix SMTP and LMTP client, prepend Return-Path
and other headers in the same order as in other Postfix delivery
agents. Adi Prasaja. File: smtp/smtp_proto.c.
20210428
Documentation: update by Paul Menzel. File: proto/SASL_README.html.
20210529
Cleanup: simplified master.cf stanzas for the submission
and submissions (formerly: smtps) services, to avoid
surprising warnings for undefined mua_smtpd_xxx_restrictions
parameters. File: conf/master.cf.
Bugfix (introduced: Postfix 2.11): "postmap lmdb:/file/name"
handled duplicate keys ungracefully, with a dangling pointer
resulting in a double free() call with lmdb versions 0.9.17
and later. Reported by Adi Prasaja, root cause analysis by
Howard Chu. In addition, "postmap lmdb:/file/name" forgot
entries stored up to and including the duplicate key. File:
util/slmdb.c.

2
postfix/README_FILES/SASL_README
View File

@ -1313,7 +1313,7 @@ BBuuiillddiinngg CCyyrruuss SSAASSLL ssuuppppoorrtt
BBuuiillddiinngg tthhee CCyyrruuss SSAASSLL lliibbrraarryy
Postfix works with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, which are available
from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/.
from https://github.com/cyrusimap/cyrus-sasl/releases.
IImmppoorrttaanntt

199
postfix/RELEASE_NOTES-3.6
View File

@ -25,6 +25,54 @@ more recent Eclipse Public License 2.0. Recipients can choose to take
the software under the license of their choice. Those who are more
comfortable with the IPL can continue with that license.
Major changes - internal protocol identification
------------------------------------------------
[Incompat 20200920] Internal protocols have changed. You need to
"postfix stop" before updating, or before backing out to an earlier
release, otherwise long-running daemons (pickup, qmgr, verify, tlsproxy,
postscreen) may fail to communicate with the rest of Postfix, causing
mail delivery delays until Postfix is restarted.
This change does not affect message files in Postfix queue directories,
only the communication between running Postfix programs.
With this change, every Postfix internal service, including the postdrop
command, announces the name of its protocol before doing any other I/O.
Every Postfix client program, including the Postfix sendmail command,
will verify that the protocol name matches what it is supposed to be.
The purpose of this change is to produce better error messages, for
example, when someone configures the discard daemon as a bounce
service in master.cf, or vice versa.
This change may break third-party programs that implement a
Postfix-internal protocol such as qpsmtpd. Such programs have never
been supported. Fortunately, this will be an easy fix: look at the
first data from the cleanup daemon: if it is a protocol announcement,
you're talking to Postfix 3.6 or later. That's the only real change.
Major changes - tls
-------------------
[Incompat 20200705] The minimum supported OpenSSL version is 1.1.1,
which will reach the end of life by 2023-09-11. Postfix 3.6 is
expected to reach the end of support in 2025. Until then, Postfix
will be updated as needed for compatibility with OpenSSL.
The default fingerprint digest has changed from md5 to sha256 (Postfix
3.6 with compatibility_level >= 3.6). With a lower compatibility_level
setting, Postfix defaults to using md5, and logs a warning when a Postfix
configuration specifies no explicit digest type.
Export-grade Diffie-Hellman key exchange is no longer supported,
and the tlsproxy_tls_dh512_param_file parameter is ignored,
[Feature 20200906] The tlstype.pl helper script by Viktor Dukhovni
reports TLS information per message delivery. This processes output
from the collate.pl script. See auxiliary/collate/README.tlstype and
auxiliary/collate/tlstype.pl.
Major changes - compatibility level
-----------------------------------
@ -37,75 +85,17 @@ omitted and defaults to zero. Earlier compatibility levels are 0, 1 and 2.
This also introduces main.cf and master.cf support for the <=level,
<level, and other operators to compare compatibility levels. With the
standard <=, <, etc. operators, compatibility level 3.10 would be less
than 3.9. which is undesirable.
than 3.9, which is undesirable.
Major changes - delivery logging
--------------------------------
Major changes - services(5) override
------------------------------------
[Incompat 20200531] Postfix delivery agents now log an explicit record
when delegating delivery to a different Postfix delivery agent.
For example, with "best_mx_transport = local", an SMTP delivery
agent will now log when a recipient will be delivered locally. This
makes the delegating delivery agent visible, where it would otherwise
have remained invisible, which would complicate troubleshooting.
postfix/smtp[pid]: queueid: passing <recipient> to transport=local
This will usually be followed by logging for an actual delivery:
postfix/local[pid]: queueid: to=<recipient>, relay=local, ...
Other examples: the local delivery agent defers mailbox delivery
through mailbox_transport or through fallback_transport.
Major changes - dns lookups
---------------------------
[Feature 20200509] The threadsafe resolver API (res_nxxx() calls) is now
the default, not because the API is threadsafe, but because new features
are being added there.
To build old style, build with:
make makefiles CCARGS="-DNO_RES_NCALLS..."
This is also the default for systems that are known not to support
the threadsafe resolver API.
Major changes - error logging
-----------------------------
[Incompat 20200531] Postfix programs will now log "Application error"
instead of "Success" or "Unknown error: 0" when an operation fails with
errno == 0.
Major changes - internal protocol identification
------------------------------------------------
[Incompat 20200920] Internal protocols have changed. You need to
"postfix stop" before updating, or before backing out to an earlier
release, otherwise long-running daemons (pickup, qmgr, verify, tlsproxy,
postscreen) may fail to communicate with the rest of Postfix, causing
warnings or timeouts.
The purpose of this change is to produce better error messages, for
example, when someone configures the discard daemon as a bounce
service in master.cf, or vice versa.
This change will break third-party programs that implement a
Postfix-internal protocol such as qpsmtpd. This is not a Postfix bug:
programs that depend on Postfix internal details have never been
supported.
Major changes - known tcp ports
-------------------------------
[Feature 20210418] The new "known_tcp_ports" configuration parameter
reduces Postfix dependency on the services(5) database. On some systems
the port 465 service is called "smtps", and on other systems it is called
"submissions". The default known_tcp_ports value is "lmtp=24, smtp=25,
smtps=submissions=465, submission=587".
[Feature 20210418] Postfix no longer uses the services(5) database
to look up the TCP ports for SMTP and LMTP services. Instead, this
information is configured with the new known_tcp_ports configuration
parameter (default: lmtp=24, smtp=25, smtps=submissions=465,
submission=587). When a service is not specified in known_tcp_ports,
Postfix will still query the services(5) database.
Major changes - local_login_sender_maps
---------------------------------------
@ -120,8 +110,8 @@ space or comma. The default is backwards-compatible: every user may
specify any sender envelope address.
This feature is enforced by the postdrop command. When no UNIX login
name is available, the Postfix postdrop command will prepend "uid:"
to the numerical UID and use that instead.
name is available, the postdrop command will prepend "uid:" to the
numerical UID and use that instead.
This feature ignores address extensions in the user-specified
envelope sender address.
@ -223,19 +213,13 @@ no" permanent in main.cf, for example:
To stop the reminder, configure the respectful_logging parameter to
"yes" or "no", or configure "compatibility_level = 3.6".
Major changes - smtpd_sasl_mechanism_list
-----------------------------------------
[Feature 20200906] The smtpd_sasl_mechanism_list parameter (default:
!external, static:rest) prevents confusing errors when a SASL backend
announces EXTERNAL support which Postfix does not support.
Major changes - threaded bounces
--------------------------------
[Feature 20201205] Support for threaded bounces. This allows mail readers
to present a bounce, delay, or success delivery notification in the same
email thread as the original message.
[Feature 20201205] Support for threaded bounces. This allows mail
readers to present a non-delivery, delayed delivery, or successful
delivery notification in the same email thread as the original
message.
Unfortunately, this also makes it easy for users to mistakenly delete
the whole email thread (all related messages), instead of deleting
@ -243,22 +227,51 @@ only the delivery status notification.
To enable, specify "enable_threaded_bounces = yes".
Major changes - tls
-------------------
Other changes - smtpd_sasl_mechanism_list
-----------------------------------------
[Incompat 20200705] The minimum OpenSSL version is 1.1.1, which will
reach the end of life by 2023-09-11.
[Feature 20200906] The smtpd_sasl_mechanism_list parameter (default:
!external, static:rest) prevents confusing errors when a SASL backend
announces EXTERNAL support which Postfix does not support.
The default digest has changed from md5 to sha256 (Postfix 3.6 with
compatibility_level >= 3). With a lower compatibility_level setting,
Postfix defaults to using md5, and logs a warning when a Postfix
configuration specifies no explicit digest type.
Other changes - delivery logging
--------------------------------
Export-grade Diffie-Hellman key exchange is no longer supported,
and the tlsproxy_tls_dh512_param_file parameter is ignored,
[Incompat 20200531] Postfix delivery agents now log an explicit record
when delegating delivery to a different Postfix delivery agent.
[Feature 20200906] The tlstype.pl helper script by Viktor Dukhovni
reports TLS information per message delivery. This processes output
from the collate.pl script. See auxiliary/collate/README.tlstype and
auxiliary/collate/tlstype.pl.
For example, with "best_mx_transport = local", an SMTP delivery
agent will now log when a recipient will be delivered locally. This
makes the delegating delivery agent visible, where it would otherwise
have remained invisible, which would complicate troubleshooting.
postfix/smtp[pid]: queueid: passing <recipient> to transport=local
This will usually be followed by logging for an actual delivery:
postfix/local[pid]: queueid: to=<recipient>, relay=local, ...
Other examples: the local delivery agent will log a record that it
defers mailbox delivery through mailbox_transport or through
fallback_transport.
Other changes - error logging
-----------------------------
[Incompat 20200531] Postfix programs will now log "Application error"
instead of "Success" or "Unknown error: 0" when an operation fails with
errno == 0, i.e., the error originates from non-kernel code.
Other changes - dns lookups
---------------------------
[Feature 20200509] The threadsafe resolver API (res_nxxx() calls)
is now the default, not because the API is threadsafe, but because
this is the API where new features are being added.
To build old style, build with:
make makefiles CCARGS="-DNO_RES_NCALLS..."
This is the default for systems that are known not to support the
threadsafe resolver API.

36
postfix/conf/master.cf
View File

@ -22,24 +22,32 @@ smtp inet n - n - - smtpd
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# Instead of specifying complex smtpd_<xxx>_restrictions here,
# specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions"
# here, and specify mua_<xxx>_restrictions in main.cf (where
# "<xxx>" is "client", "helo", "sender", "relay", or "recipient").
# -o smtpd_client_restrictions=
# -o smtpd_helo_restrictions=
# -o smtpd_sender_restrictions=
# -o smtpd_relay_restrictions=
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
# Choose one: enable smtps for loopback clients only, or for any client.
#127.0.0.1:smtps inet n - n - - smtpd
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# Choose one: enable submssions for loopback clients only, or for any client.
#127.0.0.1:submssions inet n - n - - smtpd
#submssions inet n - n - - smtpd
# -o syslog_name=postfix/submissions
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# Instead of specifying complex smtpd_<xxx>_restrictions here,
# specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions"
# here, and specify mua_<xxx>_restrictions in main.cf (where
# "<xxx>" is "client", "helo", "sender", "relay", or "recipient").
# -o smtpd_client_restrictions=
# -o smtpd_helo_restrictions=
# -o smtpd_sender_restrictions=
# -o smtpd_relay_restrictions=
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup

2
postfix/html/SASL_README.html
View File

@ -2077,7 +2077,7 @@ options into the above command line; see the <a href="LDAP_README.html">LDAP_REA
<h4><a name="build_sasl">Building the Cyrus SASL library</a></h4>
<p> Postfix works with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, which are
available from <a href="ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/">ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/</a>. </p>
available from <a href="https://github.com/cyrusimap/cyrus-sasl/releases">https://github.com/cyrusimap/cyrus-sasl/releases</a>. </p>
<blockquote>

11
postfix/html/postconf.5.html
View File

@ -7676,7 +7676,8 @@ separator. See the <a href="MILTER_README.html">MILTER_README</a> document for d
(default: resource, software)</b></DT><DD>
<p>
The list of error classes that are reported to the postmaster. The
The list of error classes that are reported to the postmaster. These
postmaster notifications do not replace user notifications. The
default is to report only the most serious problems. The paranoid
may wish to turn on the policy (UCE and mail relaying) and protocol
error (broken mail software) reports.
@ -11330,7 +11331,7 @@ href="https://tools.ietf.org/html/rfc7672">DANE</a> is not applicable
to hosts resolved via "native" lookups. </p>
<p> As mentioned above, Postfix is not a validating <a
href="https://tools.ietf.org/html/rfc4035#section-4.9">stub
href="<a href="https://tools.ietf.org/html/rfc4035#section-4.9">https://tools.ietf.org/html/rfc4035#section-4.9</a>">stub
resolver</a>; it relies on the system's configured DNSSEC-validating
<a href="https://tools.ietf.org/html/rfc4035#section-3.2">recursive
nameserver</a> to perform all DNSSEC validation. Since this
@ -18768,7 +18769,7 @@ whitespace. Each digest name may be followed by an optional
"=&lt;number&gt;" suffix. For example, "sha512" may instead be specified
as "sha512=2" and "sha256" may instead be specified as "sha256=1".
The optional number must match the <a
href="https://www.iana.org/assignments/dane-parameters/dane-parameters.xhtml#matching-types"
href="<a href="https://www.iana.org/assignments/dane-parameters/dane-parameters.xhtml#matching-types">https://www.iana.org/assignments/dane-parameters/dane-parameters.xhtml#matching-types</a>"
>IANA</a> assigned TLSA matching type number the algorithm in question.
Postfix will check this constraint for the algorithms it knows about.
Additional matching type algorithms registered with IANA can be added
@ -18935,7 +18936,7 @@ is unwise to choose an "bleeding-edge" curve supported by only a
small subset of clients. </p>
<p> The default "strong" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
href="<a href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/</a>">Suite
B</a> for information classified up to SECRET. </p>
<p> Note: elliptic curve names are poorly standardized; different
@ -18976,7 +18977,7 @@ curve must be implemented by OpenSSL (as reported by ecparam(1) with the
of <a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a>. You should not generally change this setting. </p>
<p> This default "ultra" curve is rated in NSA <a
href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
href="<a href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/</a>">Suite
B</a> for information classified up to TOP SECRET. </p>
<p> If you want to take maximal advantage of ciphers that offer <a

3
postfix/man/man5/postconf.5
View File

@ -4733,7 +4733,8 @@ separator. See the MILTER_README document for details.
.PP
This feature is available in Postfix 2.3 and later.
.SH notify_classes (default: resource, software)
The list of error classes that are reported to the postmaster. The
The list of error classes that are reported to the postmaster. These
postmaster notifications do not replace user notifications. The
default is to report only the most serious problems. The paranoid
may wish to turn on the policy (UCE and mail relaying) and protocol
error (broken mail software) reports.

2
postfix/mantools/postlink
View File

@ -1148,7 +1148,7 @@ while (<>) {
# Hyperlink URLs and RFC documents
s/(http:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/(https?:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/(ftp:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/\bRFC\s*([1-9]\d*)/<a href="http:\/\/tools.ietf.org\/html\/rfc$1">$&<\/a>/g;

2
postfix/proto/SASL_README.html
View File

@ -2077,7 +2077,7 @@ TLS_README for details. </p>
<h4><a name="build_sasl">Building the Cyrus SASL library</a></h4>
<p> Postfix works with cyrus-sasl-1.5.x or cyrus-sasl-2.1.x, which are
available from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/. </p>
available from https://github.com/cyrusimap/cyrus-sasl/releases. </p>
<blockquote>

3
postfix/proto/postconf.proto
View File

@ -3149,7 +3149,8 @@ myorigin = $mydomain
%PARAM notify_classes resource, software
<p>
The list of error classes that are reported to the postmaster. The
The list of error classes that are reported to the postmaster. These
postmaster notifications do not replace user notifications. The
default is to report only the most serious problems. The paranoid
may wish to turn on the policy (UCE and mail relaying) and protocol
error (broken mail software) reports.

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20210424"
#define MAIL_RELEASE_DATE "20210529"
#define MAIL_VERSION_NUMBER "3.7"
#ifdef SNAPSHOT

6
postfix/src/util/slmdb.c
View File

@ -582,11 +582,15 @@ int slmdb_put(SLMDB *slmdb, MDB_val *mdb_key,
* Do the update.
*/
if ((status = mdb_put(txn, slmdb->dbi, mdb_key, mdb_value, flags)) != 0) {
mdb_txn_abort(txn);
if (status != MDB_KEYEXIST) {
mdb_txn_abort(txn);
if ((status = slmdb_recover(slmdb, status)) == 0)
status = slmdb_put(slmdb, mdb_key, mdb_value, flags);
SLMDB_API_RETURN(slmdb, status);
} else {
/* Key exists, abort non-bulk transaction only. */
if (slmdb->txn == 0)
mdb_txn_abort(txn);
}
}