diff --git a/postfix/HISTORY b/postfix/HISTORY index e4299db3e..efee69ba5 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -14491,3 +14491,38 @@ Apologies for any names omitted. Bitrot: "make test" was broken due to recent changes in code and due to recent changes at mail-abuse.org. + +20080618 + + Add a note to SMTP session transcript email messages that + other details may be found in the maillog file. Files: + smtpd/smtpd_chat.c, smtp/smtp_chat.c. + +20080620 + + Cleanup: with the "Before-queue content filter", RFC3848 + information was not added to the headers. Carlos Velasco. + File smtpd/smtpd.c. + +20080621 + + Cleanup: include unread byte count in the SMTP server's "lost + connection after DATA (xx bytes)" logging. Files: smtpd/smtpd.c. + +20080629 + + Bugfix (introduced Postfix 2.2): multiple inconsistencies + in SASL support after introduction of TLS. The Postfix + SMTP server 1) complained about plain-text SASL configuration + details when SASL was forbidden for plain-text sessions, + and 2) ignored the smtpd_tls_auth_only parameter setting + when built without TLS support. Files: smtpd/smtpd.c, + smtpd/smtpd_check.c, smtpd/smtpd_sasl_glue.[hc], + smtpd/smtpd_state.c. + + Some clarification about recipient address versus domain, + and recipients per message versus session. File: + proto/postconf.proto. + + The description of SASL authentication attributes was + garbled. File: pipe/pipe.c. diff --git a/postfix/README_FILES/SMTPD_ACCESS_README b/postfix/README_FILES/SMTPD_ACCESS_README index d6f2786c3..9bdc8874d 100644 --- a/postfix/README_FILES/SMTPD_ACCESS_README +++ b/postfix/README_FILES/SMTPD_ACCESS_README @@ -123,7 +123,7 @@ Examples of simple restriction lists are: # Don't accept mail from domains that don't exist. smtpd_sender_restrictions = reject_unknown_sender_domain - # Whitelisting: local clients may specify any destination. Others may not. + # Whitelisting: local clients may specify any destination domain. smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination # Block clients that speak too early. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index ca72d68c3..7eef66413 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -17,6 +17,23 @@ Incompatibility with Postfix 2.4 and earlier If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5 before proceeding. +Incompatibility with snapshot 20080629 +====================================== + +When TLS support is not compiled in, the Postfix SMTP server no +longer ignores the "smtpd_tls_auth_only = yes" parameter setting. +Earlier Postfix SMTP server versions would announce SASL support, +and would accept SASL login or sender information. + +Major changes with snapshot 20080629 +==================================== + +The Postfix SMTP server's SASL authentication was re-structured. +With "smtpd_tls_auth_only = yes", SASL support is now activated +only after a successful TLS handshake. Earlier Postfix SMTP server +versions could complain about unavailable SASL mechanisms during +the plaintext phase of the SMTP protocol. + Incompatibility with snapshot 20080510 ====================================== diff --git a/postfix/html/SMTPD_ACCESS_README.html b/postfix/html/SMTPD_ACCESS_README.html index 978b5d7b4..0f8ae5237 100644 --- a/postfix/html/SMTPD_ACCESS_README.html +++ b/postfix/html/SMTPD_ACCESS_README.html @@ -136,7 +136,7 @@ no").