Most notable fixes include tightened string handling in a few
pathalogical cases that some people suspect might be exploitable, at
least in the form of a DoS.
Requested by: Randy Bush <randy@psg.com>
adding information important to operators of SMTP services used
by a number of Windows (and probably Unix) MUA packages.
This text has been approved by the author and will be included in
the next release of exim-4. Another release of exim-3.3x is not
expected.
This change is based on an explanation of SSL certificates attributed
below, but was not a direct submission. Errors are my own, etc.
Submitted by: terry
Message-Id: <3C3F3A93.C1ECF9B0@mindspring.com>
* Mostly incorporates patches already carried by the port.
* Fixes a vulnerability in pipe handling, which was not exposed
by the default configuration, but which could have been exposed
if the configuration were altered appropriately.
Use the newly added mailnull user, and the now well-established group
mail.
The use of compile-time defaults for these values is not required for
many sites, but are important for more exotic applications.
This ensures that the packages are useful to the widest audience
possible.
Build Exim with compile-time defaults for exim_user and exim_group.
Use the newly added mailnull user, and the now well-established group
mail.
The use of compile-time defaults for these values is not required for
many sites, but are important for more exotic applications.
This ensures that the packages are useful to the widest audience
possible.
Use the newly added mailnull user, and the now well-established group
mail.
The use of compile-time defaults for these values is not required for
many sites, but are important for more exotic applications.
This ensures that the packages are useful to the widest audience
possible.
the documentation by installing them.
Update the post-install notes to reflect the presence of the new
exim-doc-* ports for alternative documentation formats.
Bump PORTREVISION.
on pipeline input.
Bump PORTREVISION to reflect the change.
Obtained from: exim-users@exim.org
Message-Id: <Pine.SOL.4.33.0111131315260.9828-100000@virgo.cus.cam.ac.uk>
where SIG_IGN as the signal handler for SIGCHLD is bad. This is only
an issue when a significant number of messages is received via pipe
(e.g. with -bS) at a faster rate than they can be dealt with by parallel
delivery agents (e.g. -odqs).
Bump PORTREVISION to reflect the change.
Obtained from: exim-users@exim.org
Message-Id: Pine.SOL.4.33.0111021349170.19636-100000@virgo.cus.cam.ac.uk
* Move the contents of pkg-message into POST-INSTALL-NOTES, which
gets installed in the !NOPORTDOCS case for future reference.
* Refer to POST-INSTALL-NOTES from pkg-message in the !NOPORTDOCS
case. In the NOPORTDOCS case, use POST-INSTALL-NOTES as the
pkg-message.
to install and use Exim from the packages without having to install
XFree86.
* Remove a stale SEDLIST entry for BINOWN handling.
* Use LOCALBASE instead of PREFIX when referring to already installed
software.
* Use more strict pattern matching in SEDLIST.
Folks who want eximon (the Exim monitor) must now either build exim
or one of its slave ports with WITH_EXIMON defined or install the
standalone exim-monitor package.
- Fixes bug where setting local part to /dev/null without setting
file_transport caused Exim to crash.
- Other fixes do not apply to FreeBSD.
* Now that RELENG_4 has bzip2 in the base system, use the bz2
distfiles.
Incorporates the fixes for non-mapped IPv6 listening sockets.
Fixes unclosed MySQL connection bug in delivery subprocesses.
Better RFC compliance with respect to Resent-Subject and
Resent-Reply-To.
Fix handling of unset hostname for OpenLDAP2.
Drop an unclosed connection if more than 5 uncrecognized commands are
received.
Handle \t in fail messages properly.
Bite the bullet _now_ and use MTA user exim instead. This means that
only early adopters of Exim-3.31 are affected, rather than lots more
folks further down the line.
I still think mailnull is better, but nobody in the Exim community
agrees with me. :-)
Bump PORTREVISION as appropriate.
users.
Fix the call to bind() in daemon.c so that the correct addrlen is
passed for a IPv4 or IPv6 struct sockaddr. This fixes the problem
where an exim binary compiled for IPv6 support won't bind() to any IPv4
addresses. The author approves of this patch.
Now that exim+ipv6 works for non-ipv6 FreeBSD hosts, make IPv6 support
default and provide a WITHOUT_IPV6 knob for folks who don't want it.
Turn on WITHOUT_IPV6 for pre-KAME systems, to give RELENG_3 folks a
fighting chance.
* Define LDAP_LIB_TYPE conditionally so that the operator can override
it.
* Allow OPENLDAP1 (or UMICHIGAN) and OPENLDAP2 for LDAP_LIB_TYPE,
depending on the correct ports for each.
The default behaviour of the port is unchanged. However, this change
allows for an exim-ldap2 slave port, if desired, and limits LDAP lookup
types to those that can be supported by the FreeBSD ports tree.
utility supplied with Exim is intended for systems that don't have
something as nifty as newsyslog(8).
I'm tempted to remove the utility from the port/package, but this
delta to pkg-message is less controversial.
This is primarily a maintenance release, though there are a very small
number of functional additions.
This release does not address the "orphaned -D spool files" problem, but
to date this problem has not been observed on FreeBSD systems.
FreeBSD has shipped with mailwrapper(8), which facilitates the use of
drop-in replacements for sendmail. Retire exim.sh in favour of the
mailwrapper(8) approach.
Requested by: AMAKAWA Shuhei <sa264@cam.ac.uk>
mailwrapper, which facilitates drop-in replacements for sendmail.
Retire the exim.sh that was installed into ${PREFIX}/etc/rc.d/ to
start Exim, in favour of the mailwrapper approach.
A continuum in the history for this file isn't necessary. What _is_
important is the purpose of the patch today:
*) Changes the test used to determine whether a file should be installed
to cope with files which we "touch" to zero bytes for packaging
purposes.
*) Causes the configure file to be installed as a sample only. The
administrator needs to rename this file to "activate" exim.
*) Changes the invocation of make-info to be less prone to fail on
silly errors and fixes the info(1) titles so that, for example
``info exim'' actually enters the exim.info file.
Replace it with a patch against the distribution configure.default,
which changes as little as possible so that folks who are accustomed to
Exim on other platforms will not be astonished.
Install the file as configure.default instead of configure.sample, since
it's as close as damnit to the default Exim configuration file.
The only arguably unnecessary deviation from the default is:
* Accept SMTP relay from the loopback IP address. Too many applications
require this, and the window of abuse is arguably negligible.
``info exim'' would fail to descend into any of the 3 Exim info files
from the dir top branch.
While we're at it, add a pkg-message that
1) Points to the documentation
2) Explains how to get Exim started
run with a kernel that has had IPv6 ommitted from its configuration,
so I can't make this a default (yet).
* Remove crazy handling of exim.sh and replace it with something much
simpler and more sane. This allows non-root users to build, even if
they can't install (properly).
Since BSD UNIX still doesn't offer a user for running an MTA in a
sandbox the way many Linux distributions do, the Exim port uses
the traditional sandbox user for sendmail, called 'sendmail'.
Bump PORTREVISION accordingly.
files/Makefile) that's been a maintenance PITA for too long. Replace it
with a patch against EDITME, now that the sed rules that operate on it
are mostly sensible.
