- Fix a remotely exploitable bug in mutt.
- For the time being, I disabled the compressed FLAVOR since the updated patch
is not yet available for the current version.
Version 3.34
------------
1. Exim was failing to diagnose a lone \ at the end of an expansion string as
an error (basically a typo in the code).
2. If logging was only to syslog, and Exim was trying to panic-die, it crashed
instead of dying cleanly.
3. If an address was routed using a DNS lookup that found no MX records, but
one or more A records, and fallback hosts were specified on the transport, the
fallback hosts were ignored.
4. $message_body_size was set incorrectly (to zero) during filter testing.
5. Ensure the configuration file is closed before running the -bi command.
6. Reap all complete processes within the loop for accepting -bs or -bS
messages, because it seems that not all OS do this automatically when SIGCHLD
is set to SIG_IGN.
7. Reset SIGHUP to SIG_IGN before restarting a daemon, in case another SIGHUP
arrives very quickly and kills the newly started Exim before it has a chance to
get going.
8. After "452 space shortage", was not unsetting the sender address. Could lead
to strange effects when the client was pipelining.
9. There was no check that getpeername() was giving a socket address when
called on stdin passed from a previous delivery.
10. If a local part beginning with a pipe symbol was directed to a pipe
transport, the transport got confused as to which command it should run.
This could be a security exposure if unchecked local parts are directed
or routed to pipe transports.
filtering network. Razor establishes a distributed and constantly
updating catalogue of spam in propagation. This catalogue is used by
clients to filter out known spam. On receiving a spam, a Razor Reporting
Agent (run by an end-user or a troll box) calculates and submits a
20-character unique identification of the spam (a SHA Digest) to its
closest Razor Catalogue Server. The Catalogue Server echos this
signature to other trusted servers after storing it in its database.
Prior to manual processing or transport-level reception, Razor Filtering
Agents (end-users and MTAs) check their incoming mail against a
Catalogue Server and filter out or deny transport in case of a signature
match. Catalogued spam, once identified and reported by a Reporting
Agent, can be blocked out by the rest of the Filtering Agents on the
network.
WWW: http://razor.sourceforge.net/
Submitted by Marc Matteo <marcm@lectroid.net>
Mboxgrep is a small utility that scans a mailbox for messages matching
a regular expression. Found messages can be either displayed on standard
output, counted, deleted, piped to a shell command or written to another
mailbox.
--
NOTHING has changed in c-client, this is due to the fact that c-client comes from the pine distfile and it has been removed and replaced with a minor bug-fix release.
Postfix official release 20010228 Patch 05 fixes a problem with
canonical and virtual address rewriting, and with the parsing of
malformed address extensions.
Submitted by Patroklos Argyroudis <argp@bsd.gr>.
prepop is a simple "online" POP3 email client. It's a complementing
email client doing some of the things your ordinary email client
should have handled in the first place.
Submitted by Nikolay Sturm <nikolay.sturm@desy.de>
---
This is GNU Mailman, a mailing list management system distributed
under the GNU Public License (GPL).
Mailman has most of the standard features you'd expect in a
mailing list manager, and more.
--
The Mutt Mail User Agent
This is a nifty e-mail client that includes excellent PGP hooks.
Other features include:
- color support
- message threading
- MIME support (including RFC2047 support for encoded headers)
- IMAP (also over SSL) and POP3 support
- support for multiple mailbox formats (mbox, MMDF, MH, maildir)
- highly customizable, including key bindings
- searches using regular expression
- Delivery Status Notification (DSN) support
- PGP/MIME (RFC2015)
- small and efficient
Flavors:
slang - build using the S-Lang library for screen handling.
imap - build with IMAP & SSL support.
pop - build with POP3 support.
compressed - build with compressed folder support
(see: http://www.spinnaker.de/mutt/compressed/)
mixmaster - build with anonymous remailing support.
This is the development version of mutt.
WWW: http://www.mutt.org/
Submitted by Patroklos Argyroudis <argp@bsd.gr>.
This program is a minimal SMTP client that takes an email
message body and passes it on to a SMTP server (default is the
MTA on the local host). Since it is completely self-supporting,
it is especially suitable for use in restricted environments.
--
20010727
Bugfix: updated LDAP client module from LaMont Jones, HP.
This also introduces new LDAP query filter patterns: %u
(address localpart) and %d (domain part). Files:
conf/sample-ldap.cf, util/dict_ldap.c.
20010729
Bugfix: recursive smtpd_whatever_restrictions clobbered
intermediate results when switching between sender and
recipient address restrictions. Problem found by Victor
Duchovni, morganstanley.com. In order to fix, introduced
address resolver result caching, which should also help to
speed up sender/recipient address restriction processing.
Bugfix: the not yet announced DUNNO access table lookup
result did not prevent lookups with substrings of the same
lookup key. Found by Victor Duchovni, morganstanley.com.
20010730
Robustness: trim trailing whitespace from regexp and pcre
right-hand sides, for consistency with DB/DBM tables.
Files: util/dict_pcre.c, util/dict_regexp.c.
20010731
Robustness: eliminate duplicate IP addresses after expansion
of hostnames in $inet_interfaces, so that Postfix does not
suddenly refuse to start up after someone changes the DNS.
- never create an ldap FLAVORized Pico package since it does not pertain
to Pico and do not mistakenly register a dependency on ldap with the
package either
- Move old kerberosIV flavor to kerberos4.
- Add kerberosV support via kerberos5 flavor.
KerberosV support is not really tested. I'm not sure if that diff is
100% correct, so I'm gonna hold a bit to submit it. Please test.
--
This software comes in a client only configuration! If you want
to setup a mixmaster server, read through the example files,
man page and keep in mind, that the server stores all it's files
in $MIXPATH (/etc/mixmaster by default).
The purpose of anonymous remailers (hereafter simply remailers) is
to provide protection against traffic analysis. Traffic analysis
is the study of who you are communicating with, when, and how often.
This reveals more than you might expect about your activities. It
will indicate who your friends and colleagues are (and they can be
told apart by looking at the times you contact them). What your
interests are, from which catalog companies you contact, and which
ftp and WWW sites you visit. Traffic analysis can even reveal
business secrets, e.g. your frequent contact with a rival could
give hints of an impending merger.
Remailers protect your e-mail from traffic analysis. The original
remailers did this by removing all headers, except the subject line,
from any message you sent to them and then forwarding them a
destination of your choice. The recipient of such a message would
not know who had sent it.
The addition of encryption to this scheme gave significant protection
from attackers who simply look a the primary improvement with the
type 2 remailer Mixmaster.
WWW: http://mixmaster.shinn.net
Submitted by Nikolay Sturm <nikolay.sturm@desy.de>