Postfix official release 20010228 patch 03 fixes all known problems that were
also fixed with snapshot 20010525.
The official Postfix release does not change except for bugfixes. New
features are introduced in Postfix snapshots; the snapshots eventually evolve
into the next official release.
Only only major fix is for a memory leak in the LDAP client module. If you do
not use LDAP, then there is no urgent need to apply the patch.
A fully patched version will be made available via the usual sites listed on
the www.postfix.org web site.
- Many little revisions of little details in the light of the new RFC 2821
and RFC 2822 standards. RFC features considered less urgent or less useful
are discussed in source code comments. See the RELEASE_NOTES for possible
incompatibilities.
- A much enhanced postsuper queue maintenance tool that can fix Postfix
queues restored from another machine or from backup. The postsuper tool
corrects file names when a file name does not match the message file
inode number. My respect has doubled for people who write fsck-like programs.
--
Postfix Release 20010228 Patchlevel 01 includes patches that were
sent to the list in the last month, some portability enhancements,
and updated documentation.
- The flush daemon complained when Postfix was deferring mail
for user@[ip.address], and aborted with a panic when deferring
mail to user@a.domain.name (one-letter subdomain name).
- The LMTP connection caching did not work for destinations that
start with inet: or unix:.
- The cleanup server stalled when mail exceeded the queue file
size limit by a small amount. The sender was not informed of
the file size problem and kept sending the mail repeatedly.
- Mail address headers with newline inside (comment) caused
Postfix to emit a backslash before the end of line.
--
The mailbox file size limits for the local and virtual delivery
agents can be disabled by setting mailbox_size_limit and/or
virtual_mailbox_limit to zero.
Incompatible changes with snapshot-20010128
===========================================
REJECT in header/body_checks is now flagged as policy violation
rather than bounce, for consistency in postmaster notifications.
The mailbox size limit for local delivery is no longer controlled
by the message_size_limit paramater, but by a separate parameter
called mailbox_size_limit (default: 20MBytes).
The default RBL (real-time blackhole lists) domain examples have
been updated from *.vix.com to *.mail-abuse.org.
Major changes with snapshot-20010128
====================================
Updated nqmgr (experimental queue manager with clever queueing
strategy) by Patrik Rak. This code is still new. Once it stops
changing (for a long time!) it will become part of the non-beta
release.
Virtual mailbox delivery agent by Andrew McNamara. This delivery
agent can deliver mail for any number of domains. See the file
VIRTUAL_README for detailed examples. This code is still new. Once
it stops changing it will become part of the non-beta release.
Many "valid_hostname" warnings were eliminated. The complaints that
were not eliminated were replaced by something more informative.
SASL support (RFC 2554) for the LMTP delivery agent. This is required
by recent Cyrus implementations when delivering mail over TCP
sockets. The LMTP_README file has been updated but still contains
some obsolete information.
Workarounds for non-standard RFC 2554 (AUTH command) implementations.
Specify "broken_sasl_auth_clients = yes" to enable SMTP server
support for old Microsoft client applications. The Postfix SMTP
client supports non-standard RFC 2554 servers by default.
Summary
-------
This patch fixes a problem in the Postfix SMTP client's fallback
relay feature in snapshot releases after 20001005.
By default, Postfix does not use the fallback_relay feature. To
find out if your system uses it, issue the command:
postconf fallback_relay
The result is "fallback_relay =" when the feature is turned off.
Description
-----------
As of 20001005, the Postfix SMTP client will send mail to a fallback
relay host (if one is configured) even when the local machine is
a backup MX host for the final destination.
This causes a loop when the primary MX host is down. Postfix receives
the mail, because it's a backup MX host for the destination. Postfix
then sends the mail to the fallback relay, because the primary MX
host is down. The fallback sends the mail back to Postfix, because
it's a backup MX host. Mail then bounces after 25 or so iterations.
Laurent Wacrenier had the, um, pleasure, of finding this one.
Solution
--------
If the local machine is listed as MX host for the final destination,
do not send undeliverable mail to the fallback relay. That is how
releases prior to 20001005 work, including 19991231.
This patch should apply to all snapshots since 20001005, but I have
tested this only with 20001217.
To apply, step into the src/smtp source directory, feed this text
into the patch command, and rebuild. The "make install" command
replaces only the smtp client program.
Extract from RELEASE_NOTES:
===========================
Major changes with snapshot-20001217
====================================
This release involves little change in functionality and a lot of
small changes to lots of files. The code is put out as a separate
snapshot release so that I have a tested baseline for further work.
All time-related configuration parameters now accept a one-letter
suffix to indicate the time unit (s: second, m: minute, h: hour,
d: day, w: week). The exceptions are the LDAP and MYSQL modules
which are maintained separately.
The mysql client was partially rewritten in order to elimimate some
memory allocation/deallocation problems. The code needs more work,
and needs to be tested in a real production environment.
The local_transport and default_transport configuration parameters
can now be specified in transport:destination notation, just like
the mailbox_transport and fallback_transport parameters. The
:destination part is optional. However, these parameters take only
one destination, unlike relayhost and fallback-relay which take
any number of destinations.
Extract from the RELEASE_NOTES file:
Incompatible changes with snapshot-20001210
===========================================
If this release does not work for you, you can go back to a previous
Postfix version without losing your mail, subject to the "incompatible
changes" listed for previous Postfix releases below.
When delivering to /file/name (as directed in an alias or .forward
file), the local delivery agent now logs a warning when it is unable
to create a /file/name.lock file. Mail is still delivered as before.
The "sun_mailtool_compatibility" feature is going away (a compatibility
mode that turns off kernel locks on mailbox files). It still works,
but a warning is logged. Instead of using "sun_mailtool_compatibility",
specify the mailbox locking strategy as "mailbox_delivery_lock =
dotlock".
The Postfix SMTP client now skips SMTP server replies that do not
start with "CODE SPACE" or with "CODE HYPHEN" and flags them as
protocol errors. Older Postfix SMTP clients silently treated "CODE
TEXT" as "CODE SPACE TEXT", i.e. as a valid SMTP reply.
This snapshot does not yet change default relay settings. That
change alone affects a dozen files, most of which documentation.
This may be an incompatibility with some people's expectations,
but such are my rules - between code freeze and release no major
functionality changes are allowed.
Several interfaces of libutil and libglobal routines have changed.
This may break third-party code written for Postfix. In particular,
the safe_open() routine has changed, the way the preferred locking
method is specified in the sys_defs.h file, as well as all routines
that perform file locking. When compiling third-party code written
for Postfix, the incompatibilities will be detected by the compiler
provided that #include file dependencies are properly maintained.
Major changes with snapshot-20001210
====================================
This snapshot includes bugfixes that were already released as
patches 12 and 13 for the 19991231 "stable" release:
- The queue manager could deadlock for 10 seconds when bouncing
mail under extreme load from one-to-one mass mailings.
- Local delivery performance was substandard, because the per-user
concurrency limit accidentally applied to the entire local
domain.
The mailbox locking style is now fully configurable at runtime.
The new configuration parameter is called "mailbox_delivery_lock".
Depending on the operating system type, mailboxes can be locked
with one or more of "flock", "fcntl" or "dotlock". The command
"postconf -l" shows the available locking styles. The default
mailbox locking style is system dependent. This change affects
all mailbox and all "/file/name" deliveries by the Postfix local
delivery agent.
The new "import_environment" and "export_environment" configuration
parameters now provide explicit control over what environment
variables Postfix will import, and what environment variables
Postfix will pass on to a non-Postfix process. This is better than
hard-coding my debugging environment into public releases.
The "mailbox_transport" and "fallback_transport" parameters now
understand the form "transport:nexthop", with suitable defaults
when either transport or nexthop are omitted, just like in the
Postfix transport map. This allows you to specify for example,
"mailbox_transport = lmtp:unix:/file/name".
The MYSQL client now supports server connections over UNIX-domain
sockets. Code provided by Piotr Klaban. See the file MYSQL_README
for examples of "host" syntax.
--
Postfix official release 19991231 patchlevel 11 is available.
This release folds in code changes from recent snapshot releases.
These changes track changes in RedHat Linux, fix two minor bugs in
the Postfix queue manager scheduling behavior that were spotted by
Patrik Rak, and turn off one misfeature.
- On RedHat Linux 7.0, you must install the db3-devel RPM before
you can compile the Postfix source code.
- The queue manager could schedule too many connections to the same
destination (domain name spelled in upper and lower case).
- The queue manager could schedule too few connections to the same
destination (back off even in case of successful delivery).
- The confusing site_hog_factor feature is disabled by default. It
caused unnecessary mail delivery delays on inbound mail gateways.
Quote from the RELEASE_NOTES file:
Incompatible changes with snapshot-20001121
===========================================
If this release does not work for you, you can go back to a previous
Postfix version without losing your mail, subject to the "incompatible
changes" listed for previous Postfix releases below.
Major changes with snapshot-20001121
====================================
Support for RedHat Linux 7.0. On RedHat Linux 7.0, you must install
the db3-devel RPM before you can compile the Postfix source code.
The mailbox_transport feature works again. It was broken when the
"require_home_directory" feature was added.
More general virtual domain support. Postfix now supports both
Sendmail-style virtual domains and Postfix-style virtual domains.
Details and examples are given in the revised virtual manual page.
- With Sendmail-style virtual domains, local users/aliases/mailing
lists are visible as localname@virtual.domain. This is convenient
if you want to host mailing lists under virtual domains.
- With Postfix-style virtual domains, local users/aliases/mailing
lists are not visible as localname@virtual.domain. Each virtual
domain has its own separate name space.
More general "soft bounce" feature. Specify "soft_bounce = yes"
in main.cf to prevent the SMTP server from bouncing mail while you
are testing configurations. Until this release the SMTP server was
not aware of soft bounces.
--
Postfix 19991231 patch 09 fixes a memory corruption problem, and
includes a long list of minor bugfixes and robustness improvements
that already featured in snapshot releases (or that will feature
in the next one).
- When propagating an address extension to the right-hand side
of a virtual or canonical mapping, the cleanup server could
access memory that was no longer allocated and die with signal
11. This would happen when the result address length was more
than about 100 characters. Credit to Adi Prasaja @ satunet.com
for coming up with a small reproducible demo.
This patch provides an emergency band-aid for the next wave of
MicroSoft email worms, fixes one bug, and makes external content
filtering a bit more robust.
- Feature: specify "body_checks = regexp:/etc/postfix/body_checks"
for an emergency content filter that looks at non-header lines
one line at a time (including MIME headers inside the message
body). This feature uses the same syntax as the header_checks
patterns. Details in conf/sample-filter.cf.
This feature is also available in Postfix snapshot 20000528.
- Bugfix: the masquerade_exceptions feature was case sensitive.
- Robustness: upon receipt of mail, Postfix maps MAILER-DAEMON@myorigin
sender address back into the magic null string, which prevents
mail from looping after processing by an external content filter.
- RFC 822 requires the presence of at least one destination
message header. Postfix now generates a generic "To:
undisclosed-recipients:;" message header when no destination
header is present. The header content is specified with the
new undisclosed_recipients_header parameter.
- Postfix now understands <(comment)> as SMTP MAIL FROM address,
because some broken software needs it. Postfix rejects such
illegal address forms with "strict_rfc821_envelopes = yes".
- Configuration parameters for one mysql dictionary would become
default settings for the next one. This patch was merged into
the development Postfix version a while back but apparently
that version was on a dead branch. Update by Scott Cotton.
- Some Postfix delivery agents would abort on addresses of the
form `stuff@.' which could unfortunately be generated locally.
- With local delivery, Postfix could insert > or . into the middle
of very long lines.
- SMTP sessions could time out when the remote client attempted
to deliver to a large number of rejected recipients. The SMTP
server now flushes unwritten output in-between tarpit delays,
to avoid protocol timeouts in pipelined SMTP sessions.
- Postfix would incorrectly reject domain names with adjacent `-'
characters.