DevHeads.net

Announcement

Postfix 3.3.0 stable release

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.3.0.html]

Postfix stable release 3.3.0 is available. This release ends support
for legacy release Postfix 2.11.

The main changes are:

* Dual license: in addition to the historical IBM Public License
1.0, Postfix is now also distributed with the more recent Eclipse
Public License 2.0. Recipients can choose to take the software
under the license of their choice.

Postfix stable release 3.2.5, and legacy releases 3.1.8, 3.0.12, 2.11.11

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.5.html]

This announcement concerns fixes for problems that were introduced
with Postfix 2.1 and later, and updates the Postfix 3.2 license.

License update: starting with Postfix 3.2.5, Postfix 3.2 is distributed
with a dual license: in addition to the historical IBM Public License
1.0, it is now also distributed with the more recent Eclipse Public
License 2.0. Recipients can choose to take the software under the
license of their choice.

Postfix stable release 3.2.4, and legacy releases 3.1.7 and 3.0.11

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.4.html]

This announcement concerns fixes for problems that were introduced
with Postfix 3.0 and later. Older supported releases are unaffected.

Fixed in Postfix 3.1 and later:

* DANE interoperability. Postfix builds with OpenSSL 1.0.0 or
1.0.1 failed to send email to some sites with "TLSA 2 X X" DNS
records associated with an intermediate CA certificate.

Postfix 3.2.3 stable release available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.3.html]

This announcement concerns fixes for problems that were introduced
with Postfix 3.2.

Postfix stable release 3.2.2 and legacy releases 3.1.6, 3.0.10 and 2.11.10

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.2.html]

This announcement (June 13, 2017) includes changes that were released
with an earlier update (June 10, 2017). The announcement was postponed
to avoid confusion due to repeated notification.

Fixed in all supported releases:

* Security: Berkeley DB versions 2 and later try to read settings
from a file DB_CONFIG in the current directory.

Obsolete NSA exploit for Postfix 2.0 - 2.2

A recent twitter post reveals the existence of an exploit for Postfix,
in a collection of what appear to be NSA tools.

<a href="https://twitter.com/JulianAssange/status/850870683831648256" title="https://twitter.com/JulianAssange/status/850870683831648256">https://twitter.com/JulianAssange/status/850870683831648256</a>

This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed
11 years ago in Postfix 2.2.11 and later.

There was a memory corruption bug in a Postfix workaround for a
Sendmail bug (CERT advisory CA-2003-07, remote buffer overflow when
message headers contain lots of comment text before an email address).

Technical details: the Postfix strip_address() function, which
removes large comments from a mail header,

Postfix 3.2.0 stable release

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.2.0.html]

Postfix stable release 3.2.0 is available, 20 years after work began
early 1997. This release ends support for legacy release Postfix 2.10.

The main changes in no particular order are:

* Elliptic curve negotiation with OpenSSL <= 1.0.2. This changes
the default smtpd_tls_eecdh_grade setting to "auto", and
introduces a new parameter tls_eecdh_auto_curves with the names
of curves that may be negotiated.

* Stored-procedure support for MySQL databases.

Postfix stable release 3.1.4 and legacy releases 3.0.8, 2.11.9

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.1.4.html]

Postfix stable release 3.1.4 is available, as well as legacy releases
3.0.8 and 2.11.9.

Postfix stable release 3.1.3 and legacy release 3.0.7

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.1.3.html]

Postfix stable release 3.1.3 is available, as well as legacy release
3.0.7.

Fixed with Postfix 3.1.3 and 3.0.7:

* The Postfix SMTP server did not reset a previous session's
failed/total command counts before rejecting a client that
exceeds request or concurrency rates.

Postfix stable release 3.1.2 and legacy release 3.0.6

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.1.2.html]

Postfix stable release 3.1.2 is available, as well as legacy release
3.0.6.

Fixed with Postfix 3.1.2:

* Changes to make Postfix build with OpenSSL 1.1.0.

Fixed with Postfix 3.1.2 and 3.0.6:

* The makedefs script ignored readme_directory=pathname overrides.
Fix by Todd C. Olson.

* The tls_session_ticket_cipher documentation says that the default
cipher for TLS session tickets is aes-256-cbc, but the implemented
default was aes-128-cbc.

Postfix stable release 3.1.1 and legacy releases 3.0.5, 2.11.8, and 2.10.10

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.1.1.html]

Postfix stable release 3.1.1 is available, as well as legacy releases
3.0.5, 2.11.8, and 2.10.10.

Fixed in all supported releases:

* The Milter "replace sender" (SMFIR_CHGFROM) request lost an
address that was added with sender_bcc_maps, resulting in a
"rcpt count mismatch" warning.

Postfix legacy release 3.0.4

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.4.html]

Postfix legacy release 3.0.4 is available.

There is one fix, back-ported from Postfix 3.1:

* The Postfix SMTP client would throttle (i.e. reduce concurrency
for) a destination after opportunistic TLS failure, causing the
affected messages to accumulate in the deferred queue. This
problem was introduced with Postfix 3.0.

You can find the updated Postfix source code at the mirrors listed
at <a href="http://www.postfix.org/" title="http://www.postfix.org/">http://www.postfix.org/</a>.

Postfix stable release 3.1.0

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.1.0.html]

Postfix stable release 3.1.0 is available.

Postfix stable release 3.0.3 and legacy releases 2.11.7, 2.10.9, and 2.9.15

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.3.html]

Postfix stable release 3.0.3 is available, as well as legacy releases
2.11.7, 2.10.9, and 2.9.15.

Fixed in Postfix 2.9 and later:

* The Postfix Milter client aborted with a panic while adding a
message header, after adding a short message header with the
header_checks PREPEND action. Fixed by invoking the header
output function while PREPENDing a message header.

* False alarms while scanning the Postfix queue.

Security: Postfix stable release 3.0.2 and legacy releases 2.11.6, 2.10.8, and 2.9.14

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.2.html]

Postfix stable release 3.0.2 is available, as well as legacy releases
2.11.6, 2.10.8, and 2.9.14.

With all supported Postfix releases, the default settings have been
updated so that they no longer enable export-grade ciphers, and no
longer enable the SSLv2 and SSLv3 protocols. These ciphers and
protocols have little if any legitimate use today, and have instead
become a vehicle for downgrade attacks.

Postfix stable release 3.0.1 and legacy releases 2.11.5, 2.10.7, 2.9.13

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.1.html]

Postfix stable release 3.0.1 is available, as well as legacy releases
2.11.5, 2.10.7, and 2.9.13.

Fixed in Postfix 3.0:

* Build error when compiling the Postfix SMTP server with SASL support
but no TLS support.

* The DNS "resource record to text" converter, used for
xxx_dns_reply_filter pattern matching, appended a '.' to TXT record
resource values.

* The postscreen(8) manpage specified an incorrect Postfix version
number for the postscreen_dnsbl_tim

Postfix legacy releases 2.11.4, 2.10.6, 2.9.12, and 2.8.20

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.11.4.html]

Postfix legacy releases 2.11.4, 2.10.6, 2.9.12, and 2.8.20 are
available. They contain fixes and workarounds that are also part
of Postfix 3.0. This is the final update for Postfix 2.8.

Postfix 2.11.4 only:

* Fix a core dump when smtp_policy_maps specifies an invalid TLS
level.

* Fix a missing " in \%s\", in postconf(1) fatal error messages,
which violated the C language spec.

Postfix stable release 3.0.0

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.0.html]

Postfix stable release 3.0.0 is available. This release ends support
for Postfix 2.8.

The main changes in no particular order are:

* SMTPUTF8 support for internationalized domain names and address
localparts as defined in RFC 6530 and related documents. The
implementation is based on code contributed by Arnt Gulbrandsen
who was sponsored by CNNIC. SMTPUTF8 support is a work in progress;
it is expected to be completed during the Postfix 3.1 development
cycle.

Postfix stable release 2.11.3 and legacy releases 2.10.5, 2.9.11, and 2.8.19

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.11.3.html]

THIS IS NOT A DUPLICATE OF PATCHES THAT WERE RELEASED ON OCTOBER
13, 2014. THE HEADER PREPEND PATCH IN THAT SET IS REVERTED AND
REPLACED WITH A COMPLETE SOLUTION.

Bugfix for Postfix 2.11, 2.10, 2.9 and 2.8:

* Fix for configurations that prepend message headers with Postfix
access maps, policy servers or Milter applications.

Postfix stable release 2.11.2 and legacy releases 2.10.4, 2.9.10, and 2.8.18

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.11.2.html]

Bugfixes for Postfix 2.11, 2.10, 2.9 and 2.8:

* Fix for DMARC implementations based on SPF policy plus DKIM
Milter. The PREPEND access/policy action added headers ABOVE
Postfix's own Received: header, exposing Postfix's own Received:
header to Milters (protocol violation) and hiding the PREPENDed
header from Milters.

Postfix 2.11.1 stable release available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.11.1.html]

Postfix stable release 2.11.1 is available. This release provides
two bugfixes that affect Postfix 2.11 and later, and some
code/documentation cleanup.

Bugfixes (fixed in Postfix 2.11 and Postfix 2.12):

* With connection caching enabled (the default), recipients could
be given to the wrong mail server. The root cause was an incorrect
predicate.

Postfix legacy releases 2.10.3, 2.9.9, 2.8.17, and 2.7.16

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.10.3.html]

Postfix legacy releases 2.10.3, 2.9.9, 2.8.17, and 2.7.16 are
available. They contain fixes and workarounds that are also part
of Postfix 2.11. This is the final update for Postfix 2.7.

Postfix 2.10.3, 2.9.9, and 2.8.17:

* Future proofing against OpenSSL library API changes.

Postfix 2.11.0 stable release available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.11.0.html]

Postfix stable release 2.11.0 is available. This release ends support
for Postfix 2.7.

The main changes in no particular order are:

* Support for PKI-less TLS server certificate verification with
DANE (DNS-based Authentication of Named Entities) where the CA
public key or the server certificate is identified via DNSSEC
lookup. This requires a DNS resolver that validates DNSSEC
replies.

Postfix 2.10.2 and legacy releases 2.9.8, 2.8.16, 2.7.15

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.10.2.html]

Postfix stable release 2.10.2, and legacy releases 2.9.8, 2.8.16,
2.7.15 are available.

Postfix stable release 2.10.0

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.10.0.html]

Postfix stable release 2.10.0 is available. As of now, Postfix 2.6
is no longer updated.

Main changes (see the RELEASE_NOTES file for details):

* Separation of relay policy (with smtpd_relay_restrictions) from
spam policy (with smtpd_{client, helo, sender,
recipient}_restrictions), which makes accidental open relay
configuration less likely.

Postfix stable release 2.9.6 and legacy releases 2.8.14, 2.7.13, 2.6.19

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.6.html]

Postfix stable release 2.9.6, and legacy releases 2.8.14, 2.7.13,
2.6.19 are available. They contain fixes and workarounds that are
also part of Postfix 2.10.

Postfix 2.9:

* Thanks to OpenSSL documentation, the Postfix 2.9.0..2.9.5 SMTP
client and server used an incorrect procedure to compute TLS
certificate PUBLIC-KEY fingerprints (these may be used in the
check_ccert_access and in smtp_tls_policy_maps features).

Postfix stable release 2.9.5 and legacy releases 2.8.13, 2.7.12, 2.6.18

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.5.html]

Postfix stable release 2.9.5, and legacy releases 2.8.13, 2.7.12,
2.6.18 are available. They contain fixes and workarounds that are
also part of Postfix 2.10.

Postfix 2.9 only:

* False error (missing "]" character) when a reject_{rhs,dns}bl_*
or permit_{rhs,dns}wl_* reply pattern started with "[".

Postfix stable release 2.9.4 and legacy releases 2.8.12, 2.7.11, 2.6.17

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.4.html]

Postfix stable release 2.9.4, and legacy releases 2.8.12, 2.7.11,
2.6.17 are available. They contain fixes and workarounds that are
also part of Postfix 2.10.

All supported releases:

* The local(8) delivery agent's BIFF client leaked an unprivileged
UDP socket. Fix by Jaroslav Skarvada. This bug was introduced
19990127.

* The SMTP server did not reject the AUTH command while a MAIL
FROM transaction was in progress.

Postfix 2.9.2, 2.8.11, 2.7.10, 2.6.16 available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.3.html]

Postfix stable release 2.9.3, and legacy releases 2.8.11, 2.7.10,
2.6.16 are available. They contains workarounds that are already
part of Postfix 2.10.

* OpenSSL related (all supported Postfix versions).

o Some people have reported program crashes when the OpenSSL
library was updated while Postfix was accessing the Postfix
TLS session cache.

OpenSSL 1.0.1 workaround: Postfix 2.9.2, 2.8.10, 2.7.9, and 2.6.15

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.2.html]

Postfix stable release 2.9.2, and legacy releases 2.8.10, 2.7.9,
2.6.15 are available. They contains workarounds that are already
part of Postfix 2.10.

These releases add support to turn off the TLSv1.1 and TLSv1.2
protocols.

Postfix legacy release 2.8.9

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.9.html]

Postfix stable release 2.8.9 is available. This contains fixes that
are already part of Postfix 2.9 and 2.10.

* The "change header" milter request could replace the wrong
header. A long header name could match a shorter one, because
a length check was done on the wrong string. Reported by
Vladimir Vassiliev.

* Core dump when postlog emitted the "usage" message, caused
by an extraneous null assignment.

Postfix legacy release 2.7.8, 2.6.14 and 2.5.17

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.7.8.html]

Postfix legacy releases 2.7.8, 2.6.14 and 2.5.17 are available.
This is the final update for Postfix 2.5, released in 2008. From
now on, the supported stable and legacy releases are Postfix 2.6
.. 2.9.

Postfix stable release 2.9.0

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.0.html]

Postfix stable release 2.9.0 is available. The main changes in no
particular order are:

* Support for long, non-repeating, queue IDs (queue file names).
The main benefit of non-repeating names is simpler logfile
analysis. See the description of "enable_long_queue_ids" in
postconf(5) for details.

* Memcache client support, and support to share postscreen(8)
and verify(8) caches via the proxymap server.

Postfix legacy release 2.8.8

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.8.html]

Postfix legacy release 2.8.8 is available. This contains fixes that
are already part of Postfix 2.9 and 2.10.

* The Postfix sqlite client, introduced with Postfix 2.8, had
an embarassing bug in its quoting routine. As the result of
a last-minute code cleanup before release, this routine
returned the unquoted text instead of the quoted text.

Postfix stable release 2.8.7

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.7.html]

Postfix stable release 2.8.7 is available. This contains a workaround
for a problem that is fixed in Postfix 2.9.

* The postscreen daemon, which is not enabled by default, sent
non-compliant SMTP responses (220- followed by 421) when it
could not give a connection to a real smtpd process.

Postfix stable release 2.8.6, 2.7.7, 2.6.13, 2.5.16

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.6.html]

Postfix stable release 2.8.6, 2.7.7, 2.6.13 and 2.5.16 are available.
These contain fixes that are also included with the Postfix 2.9
experimental release.

* The Postfix SMTP daemon sent "bare" newline characters instead
of <CR><LF> when a header_checks REJECT pattern matched
multi-line header.

Postfix stable release 2.8.5, 2.7.6, 2.6.12, 2.5.15

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.5.html]

Postfix stable release 2.8.5, 2.7.6, 2.6.12, and 2.5.15 are available.
These contain fixes and workarounds for the Postfix Milter client
that were already included with the Postfix 2.9 experimental release.

* The Postfix Milter client logged a "milter miltername: malformed
reply" error when a Milter sent an SMTP response without
enhanced status code (i.e.

Postfix legacy releases 2.7.5, 2.6.11 and 2.5.14

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.7.5.html]

Postfix legacy releases 2.7.5, 2.6.11 and 2.5.14 are available.
These contain fixes and workarounds that were already included
with Postfix stable release 2.8.4.

Fixed with Postfix version 2.7.5, 2.6.11 and 2.5.14:

* Performance: a high load of DSN success notification requests
could slow down the queue manager.

Postfix 2.8.4 available

Postfix stable release 2.8.4

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.4.html]

Postfix stable release 2.8.4 is available. This contains fixes and
workarounds that were already included with the Postfix 2.9
experimental release. Where applicable these fixes will also be
made available for the legacy releases Postfix 2.5..2.7.

* Performance: a high load of DSN success notification requests
could slow down the queue manager.

Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)

[On-line version will be at http://www.postfix.org/CVE-2011-1720.html]

Summary
=======

The Postfix SMTP server has a memory corruption error when the Cyrus
SASL library is used with authentication mechanisms other than PLAIN
and LOGIN (the ANONYMOUS mechanism is unaffected but should not be
enabled for different reasons).

Postfix 2.8.2 stable release available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.2.html]

Postfix stable release 2.8.2 is available. This release has minor
fixes that are already in the experimental (2.9) release.

- Bugfix: postscreen DNSBL scoring error. When a client disconnected
and then reconnected before all DNSBL results for the earlier
session arrived, DNSBL results for the earlier session would be
added to the score for the later session.

Postfix 2.7.3, 2.6.9, 2.5.12 and 2.4.16 available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.7.3.html]

Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available.
These releases contain a fix for CVE-2011-0411 which allows plaintext
command injection with SMTP sessions over TLS. This defect was
introduced with Postfix version 2.2. The same flaw exists in other
implementations of the STARTTLS command.

Note: CVE-2011-0411 is an issue only for the minority of SMTP
clients that actually verify server certificates.

Postfix stable release 2.8.1 available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.1.html]

Postfix stable release 2.8.1 is available.

Postfix 2.8.0 available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.8.0.html]

Postfix stable release 2.8.0 is available. This release continues
the move towards improving code and documentation, and making the
system better prepared for changes in the threat environment.

- The postscreen daemon (a zombie blocker in front of Postfix) is
now included with the stable release.

Postfix stable/legacy release 2.7.2, 2.6.8, 2.5.11, and 2.4.15

An on-line version of this announcement will be available at
<a href="http://www.postfix.org/announcements/postfix-2.7.2.html" title="http://www.postfix.org/announcements/postfix-2.7.2.html">http://www.postfix.org/announcements/postfix-2.7.2.html</a>

The stable release Postfix 2.7.2 addresses the defects described
below. These defects are also addressed in the legacy releases
that are still maintained.

Note: Postfix 2.3 and earlier are no longer updated.

Postfix 2.6.7 legacy release available

An on-line version of this announcement is available at
<a href="http://www.postfix.org/announcements/postfix-2.6.7.html" title="http://www.postfix.org/announcements/postfix-2.6.7.html">http://www.postfix.org/announcements/postfix-2.6.7.html</a>

Postfix legacy release 2.6.7 contains fixes that are also included
with Postfix 2.7 (stable release) and Postfix 2.8 (experimental
release).

NOTE: Postfix versions 2.3 and earlier are no longer updated.

NOTE: Postfix versions 2.4 and 2.5 are updated only for bugfixes
or critical problems.

* Bugfix (introduced Postfix 2.6) in the XFORWARD implementation,
which sends remote SMTP client attributes through SMTP-based
content filters.

Postfix 2.7.1 stable release available

An on-line version of this announcement is available at
<a href="http://www.postfix.org/announcements/postfix-2.7.1.html" title="http://www.postfix.org/announcements/postfix-2.7.1.html">http://www.postfix.org/announcements/postfix-2.7.1.html</a>

Postfix stable release 2.7.1 fixes one defect in the XFORWARD
implementation (for SMTP-based content filters), improves robustness,
and has updates for changes in system or library interfaces.

* Bugfix (introduced Postfix 2.6) in the XFORWARD implementation,
which sends remote SMTP client attributes through SMTP-based
content filters.

Postfix legacy releases 2.6.6, 2.5.10, 2.4.14 available

[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.6.6.html]

Postfix legacy releases 2.6.6, 2.5.10 and 2.4.14 contain fixes that
were already included with Postfix 2.7 (stable release) and Postfix
2.8 (experimental release).

NOTE: Postfix 2.3 is no longer updated.

Defects fixed with Postfix 2.6.6 only (more in the next section):

- "postmulti -p command" did not skip disabled instances.

- In the multi_instance_wrapper parameter, the expansion of
$command_directory and $daemon_directory was broken.

- The address_verify_poll_count

Postfix stable release 2.6.5, 2.5.9, 2.4.13 and 2.3.19

The stable release Postfix 2.6.5 addresses the defects described
below (some already addressed with the not-announced Postfix 2.6.3
release). These defects are also addressed in the legacy releases
that are still maintained: Postfix 2.5.9, 2.4.13 and 2.3.19.

Do not use Postfix 2.6.4, 2.5.8, 2.4.12, 2.3.18, 2.7-20090807, and
2.7-20090807-nonprod. These contain a DNS workaround that causes
more trouble than it prevents.

Postfix 2.6.2 available (SASL)

Postfix stable release 2.6.2 fixes one defect in SASL support.
This does not affect Postfix versions 2.5 and earlier.

With plaintext SMTP sessions AND smtpd_tls_auth_only=yes AND
smtp_sasl_auth_enable=yes, the SMTP server logged warnings for
reject_*_sender_login_mismatch, instead of enforcing them.

You can find Postfix version 2.6.2 at the mirrors listed at
<a href="http://www.postfix.org/" title="http://www.postfix.org/">http://www.postfix.org/</a>

The same fix is also available in Postfix snapshot 2.7-20090528.
Postfix versions 2.5 and earlier are not affected.

Wietse

Postfix 2.6.1 available (file corruption)

Postfix stable release 2.6.1 fixes one defect in Milter support.
This does not affect Postfix versions 2.5 and earlier.

- Queue file corruption under very specific conditions: (smtpd_milters
or non_smtpd_milters) enabled, AND delay_warning_time enabled,
AND mail delivery delays, AND short envelope sender addresses
(e.g., sendmail command-line submissions with bare usernames as
the sender, but not bounce messages).

The queue file would be corrupted when the delay_warning_time
record was marked as "done" after sending the "your mail is
delayed" notice.

Postfix version 2.6.0 available

Postfix stable release 2.6.0 is available. After Postfix was declared
"complete" with version 2.3, the focus has moved towards improving
the code/documentation, and updating it for changing environments.

- Multi-instance support introduces a new postmulti(1) command to
create/add/remove/etc. additional Postfix instances. The familiar
"postfix start" etc. commands now automatically start multiple
Postfix instances. The good news: nothing changes when you use
only one Postfix instance.

Syndicate content