SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for postfix24-2.4.5-1.61.x86_64.rpm :
Mon Aug 6 14:00:00 2007 mrueckertAATTsuse.de
- Update to Version 2.4 patchlevel 5
Bugfix: the loopback TCP performance workaround was ineffective
due to a wetware bit-flip during code cleanup. File:
util/vstream_tweak.c.
(patch level 4)
Bugfix: the Milter client assumed that a Milter application
does not modify the message header or envelope, after that
same Milter application has modified the message body of
that same email message. This is not a problem with updates
by different Milter applications. Problem was triggered
by Jose-Marcio Martins da Cruz. Also simplified the handling
of queue file update errors. File: milter/milter8.c.
Workaround: some non-Cyrus SASL SMTP servers require SASL
login without authzid (authoriZation ID), i.e. the client
must send only the authcid (authentiCation ID) + the authcid\'s
password. In this case the server is supposed to derive
the authzid from the authcid. This works as expected when
authenticating to a Cyrus SASL SMTP server. To get the old
behavior specify \"send_cyrus_sasl_authzid = yes\", in which
case Postfix sends the (authzid, authcid, password), with
the authzid equal to the authcid. File: xsasl/xsasl_cyrus_client.c.
Portability: /dev/poll support for Solaris chroot jail setup
scripts. Files: examples/chroot-setup/Solaris8,
examples/chroot-setup/Solaris10.
Cleanup: Milter client error handling, so that the (Postfix
SMTP server\'s Milter client) does not get out of sync with
Milter applications after the (cleanup server\'s Milter
client) encounters some non-recoverable problem. Files:
milter/milter8.c, smtpd/smtpd.c.
Performance: workaround for poor TCP performance on loopback
(127.0.0.1) connections. Problem reported by Mark Martinec.
Files: util/vstream_tweak.c, milter/milter8.c, smtp/smtp_connect.c,
smtpstone/
*source.c.
Bugfix: when a milter replied with ACCEPT at or before the
first RCPT command, the cleanup server would apply the
non_smtpd_milters setting as if the message was a local
submission. Problem reported by Jukka Salmi. Also, the
cleanup server would get out of sync with the milter when
a milter replied with ACCEPT at the DATA command. Files:
cleanup/cleanup_envelope.c, smtpd/smtpd.c, milter/milters.c.
- rediffed patches

Tue Jul 31 14:00:00 2007 varkolyAATTsuse.de
- Update to Version 2.4 patchlevel 3
(patch level 1)
Bugfix (introduced Postfix 2.3): segfault with HOLD action
in access/header_checks/body_checks on 64-bit platforms.
File: cleanup/cleanup_api.c.
Portability (introduced 20070325): the fix for hardlinks
and symlinks in postfix-install forgot to work around shells
where \"IFS=/ command\" makes the IFS setting permanent. This
is allowed by some broken standard, and affects Solaris.
File: postfix-install.
Portability (introduced 20070212): the workaround for
non-existent library bugs with descriptors >= FD_SETSIZE
broke with \"fcntl F_DUPFD: Invalid argument\" on 64-bit
Solaris. Files: master/multi_server.c,
*qmgr/qmgr_transport.c.
Cleanup: on (Linux) platforms that cripple signal handlers
with deadlock, \"postfix stop\" now forcefully stops all the
processes in the master\'s process group, not just the master
process alone. File: conf/postfix-script.
(patch level 2)
Bugfix: don\'t falsely report \"lost connection from
localhost[127.0.0.1]\" when Postfix is being portscanned.
Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
Robustness: recommend a \"0\" process limit for policy servers
to avoid \"connection refused\" problems when the smtpd process
limit exceeds the default process limit. File:
proto/SMTPD_POLICY_README.html.
Safety: when IPv6 (or IPv4) is turned off, don\'t treat an
IPv6 (or IPv4) connection from e.g. inetd as if it comes
from localhost[127.0.0.1]. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
Bugfix: Content-Transfer-Encoding: attribute values are
case insensitive. File: src/cleanup/cleanup_message.c.
Bugfix: mailbox_transport(_maps) and fallback_transport(_maps)
were broken when used with the error(8) or discard(8)
transports. Cause: insufficient documentation. Files:
error/error.c, discard/discard.c.
Bugfix (problem introduced Postfix 2.3): when DSN support
was introduced it broke \"agressive\" recipient duplicate
elimination with \"enable_original_recipient = no\". File:
cleanup/cleanup_out_recipient.c.
Bugfix (introduced Postfix 2.3): the sendmail/postdrop
commands would hang when trying to submit a message larger
than the per-message size limit. File: postdrop/postdrop.c.
Sabotage the saboteur who insists on breaking Postfix by
adding gethostbyname() calls that cause maildir delivery
to fail when the machine name is not found in /etc/hosts,
or that cause Postfix processes to hang when the network
is down.
(patch level 3)
Portability: Victor helpfully pointed out that change
20070425 broke on non-IPv6 systems. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.

Thu Jun 21 14:00:00 2007 varkolyAATTsuse.de
- Bug 285553 amavisd inconsistency

Tue Jun 19 14:00:00 2007 dmuellerAATTsuse.de
- provide smtp meta-service as well

Mon Jun 11 14:00:00 2007 lruppAATTsuse.de
- don\'t PreRequire /sbin/ip: removed call in SuSEconfig.postfix

Thu May 3 14:00:00 2007 varkolyAATTsuse.de
- dynamic_maps.patch: readded the chunk for dict_tcp and dict_pcre
- replaced prereq for postfix with a prereq on
%{name} = %{version}
- updated to postfix 2.4, patchlevel 0
Major changes - safety

* As a safety measure, Postfix now by default creates mailbox dotlock
files on all systems. This prevents problems with GNU POP3D which
subverts kernel locking by creating a new mailbox file and deleting
the old one
Major changes - Milter support

* The support for Milter header modification
requests was revised. With minimal change in the on-disk representation,
the code was greatly simplified, and regression tests were updated
to ensure that old errors were not re-introduced. The queue file
format is entirely backwards compatible with Postfix 2.3.

* Support for Milter requests to replace the message
body. Postfix now implements all the header/body modification
requests that are available with Sendmail 8.13.

* A new field is added to the queue file \"size\"
record that specifies the message content length. Postfix 2.3 and
older Postfix 2.4 snapshots will ignore this field, and will report
the message size as it was before the body was replaced.
Major changes - TLS support

* The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
client certificate verification. The reason is that the certification
verification status itself is not available in the policy request.

* The check_smtpd_policy client sends TLS certificate
fingerprint information even when the certificate itself was not
verified.

* The remote SMTP client TLS certificate fingerprint
can be used for access control even when the certificate itself was
not verified.

* The format of SMTP server TLS session cache
lookup keys has changed. The lookup key now includes the master.cf
service name.
Major changes - performance

* Better support for systems that run thousands
of Postfix processes. Postfix now supports FreeBSD kqueue(2),
Solaris poll(7d) and Linux epoll(4) as more scalable alternatives
to the traditional select(2) system call, and uses poll(2) when
examining a single file descriptor for readability or writability.
These features are supported on sufficiently recent versions of
FreeBSD, NetBSD, OpenBSD, Solaris and Linux; support for other
systems will be added as evidence becomes available that usable
implementations exist.
Major changes - delivery status notifications

* Small changes were made to the default bounce
message templates, to prevent HTML-aware software from hiding or
removing the text \"\", and producing misleading text.

* Postfix no longer announces its name in delivery
status notifications. Users believe that Wietse provides a free
help desk service that solves all their email problems.
Major changes - ETRN support

* More precise queue flushing with the ETRN,
\"postqueue -s site\", and \"sendmail -qRsite\" commands, after
minimization of race conditions. New per-queue-file flushing with
\"postqueue -i queueid\" and \"sendmail -qIqueueid\".
Major changes - small office/home office support

* Postfix no longer requires a domain name. It
uses \"localdomain\" as the default Internet domain name when no
domain is specified via main.cf or via the machine\'s hostname.
Major changes - SMTP access control

* The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
client certificate verification. The reason is that the certification
verification status itself is not available in the policy request.

* The check_smtpd_policy client sends TLS certificate
fingerprint information even when the certificate itself was not
verified.

* The remote SMTP client TLS certificate fingerprint can be used for
access control even when the certificate itself was not verified.

* The Postfix installation procedure no longer
updates main.cf with \"unknown_local_recipient_reject_code = 450\".
Four years after the introduction of mandatory recipient validation,
this transitional tool is no longer neeed.

Thu Mar 29 14:00:00 2007 rguentherAATTsuse.de
- Add pwdutils BuildRequires to allow postinst script to succeed.
- Add /usr/share/omc directory.

Mon Feb 26 13:00:00 2007 varkolyAATTsuse.de
- #247351 - postfix - Ports for SuSEfirewall added via packages
- Move postfix.xml into the postfix-SuSE tarball
- #228479 - Postfix is configured for inet_protocols=all if
selecting ipv4 only support during installation.
Now we set both inet_protocols and inet_interfaces to all.
This means the available interfaces and protocols will be used.
To avoid bogus warnings inet_proto.c was patched.
- #251598 - postfix use pointers for literals

Mon Jan 15 13:00:00 2007 varkolyAATTsuse.de
- #144104 - postfix does not start
- Implementing Fate #301840: Postfix XML Service Description Document
- Enhancing /etc/sysconfig/postfix descripton to avoid problems
like Bug 228678 - Problems with setting up chroot environment if
/var/spool is not on same filesystem as /var

Wed Nov 22 13:00:00 2006 mrueckertAATTsuse.de
- moved the dict handling into a preun script instead of postun
and do not remove the dict entry on upgrade (#223176)
- removed duplicates in the filelists.

Fri Nov 10 13:00:00 2006 varkolyAATTsuse.de
- #218229 - Postfix SuSEconfig script increases the max_proc line each run in master.cf

Sat Oct 28 14:00:00 2006 varkolyAATTsuse.de
- #206414 - /usr/lib/sasl2/smtpd.conf misplaced

Tue Oct 24 14:00:00 2006 varkolyAATTsuse.de
- #202119 – SuSEconfig script for Postfix incomplete
- #202162 – Postfix 2.3.2 slightly incorrect, Cyrus SASL unavailable
- #203174 – /sbin/conf.d/SuSEconfig.postfix should configure a TLS session cache for postfix 2.2
- #203575 – postfix-2.2.9-10 chokes without scache
- #213589 - No development package/headers for postfix

Wed Aug 16 14:00:00 2006 roAATTsuse.de
- also add libpostfix-milter.so
*

Mon Aug 14 14:00:00 2006 varkolyAATTsuse.de
- updated to postfix 2.3, patchlevel 2
- Major changes
- Name server replies that contain a malformed hostname are now flagged
as permanent errors instead of transient errors.
- DSN support as described in RFC 3461 .. RFC 3464.
- The SMTP client now implements the LMTP protocol.
- Milter (mail filter) application support, compatible with Sendmail
version 8.13.6 and earlier.
- Major changes - SASL authentication
- Plug-in support for SASL authentication in the SMTP server and in the
SMTP/LMTP client.
- The Postfix-with-Cyrus-SASL build procedure has changed.
- Support for sender-dependent ISP accounts.
- Major changes - SMTP client
- The SMTP client now implements the LMTP protocol.
- This version addresses a performance stability problem with remote
SMTP servers.
- Major changes - SMTP server
- The Postfix SMTP server now refuses to receive mail from the network
if it isn\'t running with postfix mail_owner privileges.
- Optional suppression of remote SMTP client hostname lookup and hostname
verification.
- SMTPD Access control based on the existence of an address->name mapping
- Major changes - TLS
- New concept: TLS security levels (\"none\", \"may\", \"encrypt\", \"verify\"
or \"secure\") in the Postfix SMTP client.
- Both the Postfix SMTP client and server can be configured without a
client or server certificate.
- See
/usr/share/doc/packages/postfix/RELEASE_NOTES
/usr/share/doc/packages/postfix/TLS_CHANGES
/usr/share/doc/packages/postfix/README_FILES/SASL_README
for detailed informations.

Wed Aug 2 14:00:00 2006 varkolyAATTsuse.de
- Only %{conf_backup_dir} is contained by the package not /var/adm/backup

Mon Jul 10 14:00:00 2006 varkolyAATTsuse.de
- Bugfix: #190639 Default number of processes for postfix
- Bugfix: #190270 postfix-postgresql


  
ICM