head 1.43; access; symbols pkgsrc-2026Q1:1.42.0.30 pkgsrc-2026Q1-base:1.42 pkgsrc-2025Q4:1.42.0.28 pkgsrc-2025Q4-base:1.42 pkgsrc-2025Q3:1.42.0.26 pkgsrc-2025Q3-base:1.42 pkgsrc-2025Q2:1.42.0.24 pkgsrc-2025Q2-base:1.42 pkgsrc-2025Q1:1.42.0.22 pkgsrc-2025Q1-base:1.42 pkgsrc-2024Q4:1.42.0.20 pkgsrc-2024Q4-base:1.42 pkgsrc-2024Q3:1.42.0.18 pkgsrc-2024Q3-base:1.42 pkgsrc-2024Q2:1.42.0.16 pkgsrc-2024Q2-base:1.42 pkgsrc-2024Q1:1.42.0.14 pkgsrc-2024Q1-base:1.42 pkgsrc-2023Q4:1.42.0.12 pkgsrc-2023Q4-base:1.42 pkgsrc-2023Q3:1.42.0.10 pkgsrc-2023Q3-base:1.42 pkgsrc-2023Q2:1.42.0.8 pkgsrc-2023Q2-base:1.42 pkgsrc-2023Q1:1.42.0.6 pkgsrc-2023Q1-base:1.42 pkgsrc-2022Q4:1.42.0.4 pkgsrc-2022Q4-base:1.42 pkgsrc-2022Q3:1.42.0.2 pkgsrc-2022Q3-base:1.42 pkgsrc-2022Q2:1.41.0.10 pkgsrc-2022Q2-base:1.41 pkgsrc-2022Q1:1.41.0.8 pkgsrc-2022Q1-base:1.41 pkgsrc-2021Q4:1.41.0.6 pkgsrc-2021Q4-base:1.41 pkgsrc-2021Q3:1.41.0.4 pkgsrc-2021Q3-base:1.41 pkgsrc-2021Q2:1.41.0.2 pkgsrc-2021Q2-base:1.41 pkgsrc-2021Q1:1.40.0.14 pkgsrc-2021Q1-base:1.40 pkgsrc-2020Q4:1.40.0.12 pkgsrc-2020Q4-base:1.40 pkgsrc-2020Q3:1.40.0.10 pkgsrc-2020Q3-base:1.40 pkgsrc-2020Q2:1.40.0.8 pkgsrc-2020Q2-base:1.40 pkgsrc-2020Q1:1.40.0.4 pkgsrc-2020Q1-base:1.40 pkgsrc-2019Q4:1.40.0.6 pkgsrc-2019Q4-base:1.40 pkgsrc-2019Q3:1.40.0.2 pkgsrc-2019Q3-base:1.40 pkgsrc-2019Q2:1.39.0.20 pkgsrc-2019Q2-base:1.39 pkgsrc-2019Q1:1.39.0.18 pkgsrc-2019Q1-base:1.39 pkgsrc-2018Q4:1.39.0.16 pkgsrc-2018Q4-base:1.39 pkgsrc-2018Q3:1.39.0.14 pkgsrc-2018Q3-base:1.39 pkgsrc-2018Q2:1.39.0.12 pkgsrc-2018Q2-base:1.39 pkgsrc-2018Q1:1.39.0.10 pkgsrc-2018Q1-base:1.39 pkgsrc-2017Q4:1.39.0.8 pkgsrc-2017Q4-base:1.39 pkgsrc-2017Q3:1.39.0.6 pkgsrc-2017Q3-base:1.39 pkgsrc-2017Q2:1.39.0.2 pkgsrc-2017Q2-base:1.39 pkgsrc-2017Q1:1.37.0.4 pkgsrc-2017Q1-base:1.37 pkgsrc-2016Q4:1.37.0.2 pkgsrc-2016Q4-base:1.37 pkgsrc-2016Q3:1.36.0.10 pkgsrc-2016Q3-base:1.36 pkgsrc-2016Q2:1.36.0.8 pkgsrc-2016Q2-base:1.36 pkgsrc-2016Q1:1.36.0.6 pkgsrc-2016Q1-base:1.36 pkgsrc-2015Q4:1.36.0.4 pkgsrc-2015Q4-base:1.36 pkgsrc-2015Q3:1.36.0.2 pkgsrc-2015Q3-base:1.36 pkgsrc-2015Q2:1.35.0.8 pkgsrc-2015Q2-base:1.35 pkgsrc-2015Q1:1.35.0.6 pkgsrc-2015Q1-base:1.35 pkgsrc-2014Q4:1.35.0.4 pkgsrc-2014Q4-base:1.35 pkgsrc-2014Q3:1.35.0.2 pkgsrc-2014Q3-base:1.35 pkgsrc-2014Q2:1.34.0.4 pkgsrc-2014Q2-base:1.34 pkgsrc-2014Q1:1.34.0.2 pkgsrc-2014Q1-base:1.34 pkgsrc-2013Q4:1.33.0.16 pkgsrc-2013Q4-base:1.33 pkgsrc-2013Q3:1.33.0.14 pkgsrc-2013Q3-base:1.33 pkgsrc-2013Q2:1.33.0.12 pkgsrc-2013Q2-base:1.33 pkgsrc-2013Q1:1.33.0.10 pkgsrc-2013Q1-base:1.33 pkgsrc-2012Q4:1.33.0.8 pkgsrc-2012Q4-base:1.33 pkgsrc-2012Q3:1.33.0.6 pkgsrc-2012Q3-base:1.33 pkgsrc-2012Q2:1.33.0.4 pkgsrc-2012Q2-base:1.33 pkgsrc-2012Q1:1.33.0.2 pkgsrc-2012Q1-base:1.33 pkgsrc-2011Q4:1.32.0.2 pkgsrc-2011Q4-base:1.32 pkgsrc-2011Q3:1.31.0.6 pkgsrc-2011Q3-base:1.31 pkgsrc-2011Q2:1.31.0.4 pkgsrc-2011Q2-base:1.31 pkgsrc-2011Q1:1.31.0.2 pkgsrc-2011Q1-base:1.31 pkgsrc-2010Q4:1.30.0.6 pkgsrc-2010Q4-base:1.30 pkgsrc-2010Q3:1.30.0.4 pkgsrc-2010Q3-base:1.30 pkgsrc-2010Q2:1.30.0.2 pkgsrc-2010Q2-base:1.30 pkgsrc-2010Q1:1.29.0.2 pkgsrc-2010Q1-base:1.29 pkgsrc-2009Q4:1.28.0.6 pkgsrc-2009Q4-base:1.28 pkgsrc-2009Q3:1.28.0.4 pkgsrc-2009Q3-base:1.28 pkgsrc-2009Q2:1.28.0.2 pkgsrc-2009Q2-base:1.28 pkgsrc-2009Q1:1.27.0.4 pkgsrc-2009Q1-base:1.27 pkgsrc-2008Q4:1.27.0.2 pkgsrc-2008Q4-base:1.27 pkgsrc-2008Q3:1.26.0.2 pkgsrc-2008Q3-base:1.26 cube-native-xorg:1.25.0.2 cube-native-xorg-base:1.25 pkgsrc-2008Q2:1.24.0.14 pkgsrc-2008Q2-base:1.24 cwrapper:1.24.0.12 pkgsrc-2008Q1:1.24.0.10 pkgsrc-2008Q1-base:1.24 pkgsrc-2007Q4:1.24.0.8 pkgsrc-2007Q4-base:1.24 pkgsrc-2007Q3:1.24.0.6 pkgsrc-2007Q3-base:1.24 pkgsrc-2007Q2:1.24.0.4 pkgsrc-2007Q2-base:1.24 pkgsrc-2007Q1:1.24.0.2 pkgsrc-2007Q1-base:1.24 pkgsrc-2006Q4:1.23.0.2 pkgsrc-2006Q4-base:1.23 pkgsrc-2006Q3:1.22.0.2 pkgsrc-2006Q3-base:1.22 pkgsrc-2006Q2:1.19.0.6 pkgsrc-2006Q2-base:1.19 pkgsrc-2006Q1:1.19.0.4 pkgsrc-2006Q1-base:1.19 pkgsrc-2005Q4:1.19.0.2 pkgsrc-2005Q4-base:1.19 pkgsrc-2005Q3:1.16.0.2 pkgsrc-2005Q3-base:1.16 pkgsrc-2005Q2:1.15.0.2 pkgsrc-2005Q2-base:1.15 pkgsrc-2005Q1:1.14.0.4 pkgsrc-2005Q1-base:1.14 pkgsrc-2004Q4:1.14.0.2 pkgsrc-2004Q4-base:1.14 pkgsrc-2004Q3:1.13.0.2 pkgsrc-2004Q3-base:1.13 pkgsrc-2004Q2:1.11.0.2 pkgsrc-2004Q2-base:1.11 pkgsrc-2004Q1:1.10.0.2 pkgsrc-2004Q1-base:1.10 pkgsrc-2003Q4:1.8.0.2 pkgsrc-2003Q4-base:1.8 netbsd-1-6:1.4.0.6 netbsd-1-6-RELEASE-base:1.4 pkgviews:1.4.0.2 pkgviews-base:1.4 buildlink2-base:1.3 netbsd-1-5-RELEASE:1.2 netbsd-1-4-PATCH003:1.2 netbsd-1-4-PATCH002:1.1 comdex-fall-1999:1.1 netbsd-1-4-PATCH001:1.1; locks; strict; comment @# @; 1.43 date 2026.05.04.23.58.58; author taca; state Exp; branches; next 1.42; commitid h4oTRLCg3U9pxyEG; 1.42 date 2022.07.21.15.08.39; author taca; state Exp; branches 1.42.30.1; next 1.41; commitid 0wOD8w4PHTPW3MMD; 1.41 date 2021.06.02.15.29.57; author taca; state Exp; branches; next 1.40; commitid 0haljfqoMb4kuzVC; 1.40 date 2019.07.17.13.33.00; author triaxx; state Exp; branches; next 1.39; commitid czyC6gbhCz8mTovB; 1.39 date 2017.06.23.19.18.07; author maya; state Exp; branches; next 1.38; commitid Z3SN6UdA2iR82xWz; 1.38 date 2017.06.17.08.02.22; author taca; state Exp; branches; next 1.37; commitid 75zlMyFED5nnuHVz; 1.37 date 2016.11.04.17.10.10; author sevan; state Exp; branches; next 1.36; commitid 11NN4sU9XyDJKPsz; 1.36 date 2015.09.07.09.47.01; author fhajny; state Exp; branches; next 1.35; commitid 42C2mmB9De5xViAy; 1.35 date 2014.08.25.16.00.54; author taca; state Exp; branches; next 1.34; commitid zD04RvVMmtMk9LNx; 1.34 date 2014.02.09.05.34.13; author taca; state Exp; branches; next 1.33; commitid Hb7Q42Kygw4Q0oox; 1.33 date 2012.02.27.03.01.30; author taca; state Exp; branches; next 1.32; 1.32 date 2011.11.07.15.36.07; author taca; state Exp; branches 1.32.2.1; next 1.31; 1.31 date 2011.03.22.09.37.27; author taca; state Exp; branches; next 1.30; 1.30 date 2010.04.16.15.32.58; author taca; state Exp; branches 1.30.6.1; next 1.29; 1.29 date 2010.02.25.13.01.23; author martti; state Exp; branches 1.29.2.1; next 1.28; 1.28 date 2009.05.13.10.33.23; author martti; state Exp; branches; next 1.27; 1.27 date 2008.11.03.00.47.17; author taca; state Exp; branches; next 1.26; 1.26 date 2008.09.17.13.21.19; author joerg; state Exp; branches; next 1.25; 1.25 date 2008.09.04.08.25.20; author martti; state Exp; branches; next 1.24; 1.24 date 2007.04.03.07.27.51; author martti; state Exp; branches 1.24.14.1; next 1.23; 1.23 date 2006.11.07.07.08.26; author martti; state Exp; branches; next 1.22; 1.22 date 2006.09.16.15.29.36; author hira; state Exp; branches; next 1.21; 1.21 date 2006.08.31.18.44.50; author martti; state Exp; branches; next 1.20; 1.20 date 2006.08.11.12.34.25; author taca; state Exp; branches; next 1.19; 1.19 date 2005.12.01.06.46.41; author martti; state dead; branches; next 1.18; 1.18 date 2005.11.13.10.37.09; author martti; state Exp; branches; next 1.17; 1.17 date 2005.11.12.05.19.24; author martti; state Exp; branches; next 1.16; 1.16 date 2005.09.06.08.10.58; author abs; state Exp; branches 1.16.2.1; next 1.15; 1.15 date 2005.04.04.18.13.32; author martti; state Exp; branches; next 1.14; 1.14 date 2004.09.23.16.10.07; author martti; state Exp; branches; next 1.13; 1.13 date 2004.08.10.16.49.47; author schmonz; state Exp; branches; next 1.12; 1.12 date 2004.06.21.16.13.24; author martti; state Exp; branches; next 1.11; 1.11 date 2004.05.04.19.59.06; author minskim; state Exp; branches 1.11.2.1; next 1.10; 1.10 date 2004.03.05.22.59.32; author grant; state dead; branches; next 1.9; 1.9 date 2004.01.21.06.56.48; author martti; state Exp; branches; next 1.8; 1.8 date 2003.04.17.06.22.19; author martti; state Exp; branches; next 1.7; 1.7 date 2003.03.20.22.23.22; author christos; state Exp; branches; next 1.6; 1.6 date 2003.03.20.22.04.47; author christos; state Exp; branches; next 1.5; 1.5 date 2003.01.06.09.15.51; author martti; state dead; branches; next 1.4; 1.4 date 2002.06.27.04.47.55; author itojun; state Exp; branches; next 1.3; 1.3 date 2001.03.20.12.50.51; author hubertf; state dead; branches; next 1.2; 1.2 date 2000.04.10.00.19.17; author bad; state Exp; branches; next 1.1; 1.1 date 99.05.30.18.18.31; author tron; state Exp; branches; next ; 1.42.30.1 date 2026.05.07.22.40.07; author maya; state Exp; branches; next ; commitid OFJ3wVBW6ELI0WEG; 1.32.2.1 date 2012.02.29.19.32.08; author spz; state Exp; branches; next ; 1.30.6.1 date 2011.03.09.19.22.12; author tron; state Exp; branches; next ; 1.29.2.1 date 2010.04.25.18.16.59; author tron; state Exp; branches; next ; 1.24.14.1 date 2008.09.05.11.55.45; author ghen; state Exp; branches; next ; 1.16.2.1 date 2005.11.15.11.42.44; author salo; state Exp; branches; next ; 1.11.2.1 date 2004.07.08.08.33.49; author agc; state Exp; branches; next ; desc @@ 1.43 log @mail/postfix: update to 3.11.2 Postfix 3.11.2 (2026-05-03) Fixed in Postfix 3.11: * Bugfix (defect introduced: Postfix 3.11): the proxymap(8) daemon dereferenced an uninitialized pointer after a request protocol error. This daemon is not exposed to local or remote users. Found by Claude Opus 4.6. * Bugfix (defect introduced: 20260309) a change, to set the service_name default value to "amnesiac", violated a test that parameter names in postconf output must match 1:1 with parameter names in the postlink script. Fixed in Postfix 3.8, 3.9, 3.10. 3.11: * Portability: support for recent FreeBSD, NetBSD, and OpenBSD versions. Brad Smith. * Bugfix (defect introduced: Postfix 2.2, date 20041207): When truncating a database file, the cdb: database client looked at the file size from before requesting an exclusive lock on a database file, instead of the file size after the exclusive lock was granted. Found by Claude Opus 4.6. * Bugfix (defect introduced: Postfix alpha, date 19980309): file descriptor leak after fork() failure. Found by Claude Opus 4.6. * Mistakes in debug logging. Found by Claude Opus 4.6. This affected two files in Postfix 3.8 and 3.9, three files in Postfix 3.10 and 3.11. * Unchecked null pointer results after an out-of-memory condition in a library dependency. Found by Claude Opus 4.6. The fix is to return an error status or to log a fatal error. This affected three source files. * Missing or incomplete guards for ssize_t or int overflow, found by Claude Opus 4.6. This affected three source files. These limits are unlikely to be exceeded because the size of in-memory objects is limited by design (the number of in-memory objects is also limited). @ text @$NetBSD: patch-ag,v 1.42 2022/07/21 15:08:39 taca Exp $ * Add common support for NetBSD. * Only define HAS_DB if it hasn't been defined. * Add support for FreeBSD 11 and 12. --- src/util/sys_defs.h.orig 2026-05-01 18:55:47.000000000 +0000 +++ src/util/sys_defs.h @@@@ -40,6 +40,7 @@@@ || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ || defined(NETBSD7) | defined(NETBSD8) || defined(NETBSD9) \ || defined(NETBSD10) || defined(NETBSD11) || defined(NETBSD12) \ + || defined(NETBSD) \ || defined(EKKOBSD1) || defined(DRAGONFLY) #define SUPPORTED #include @@@@ -52,7 +53,9 @@@@ #define DEF_MAILBOX_LOCK "flock, dotlock" #define HAS_SUN_LEN #define HAS_FSYNC +#ifndef HAS_DB #define HAS_DB +#endif #define HAS_SA_LEN #define NATIVE_DB_TYPE "hash" #if (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 104250000) @@@@ -1263,6 +1266,8 @@@@ extern int h_errno; #define DEF_SMTP_CACHE_DEMAND 0 #endif +#define RECEIVED_ENVELOPE_FROM + /* * We're not going to try to guess like configure does. */ @ 1.42 log @mail/postfix: update to 3.7.2 3.7.0 (2022-02-07) * Support to inline the content of small cidr:, pcre:, and regexp: tables in Postfix parameter values. An example is the new smtpd_forbidden_commands default value, "CONNECT GET POST regexp:{{/^[^A-Z]/ Thrash}}", to quickly drop connections from clients that send garbage. * To make the maillog_file feature more useful, including stdout logging from a container, the postlog(1) command is now set-gid postdrop, so that unprivileged programs can use it to write logging through the postlogd(8) daemon. This required hardening the postlog(1) command against privilege escalation attacks. * Support for library APIs: OpenSSL 3.0.0, PCRE2, Berkeley DB 18. * Postfix programs now randomize the initial state of in-memory hash tables, to defend against hash collision attacks involving a large number of attacker-chosen lookup keys. Presently, the only known opportunity for such attacks involves remote SMTP client IPv6 addresses in the anvil(8) service, and requires making hundreds of short-lived connections per second while cycling through thousands of different client IP addresses. * Updated defense against remote clients or servers that 'trickle' SMTP or LMTP traffic. This replaces the old per-record deadlines with per-request deadlines and minimum data rates. * Many typofixes by raf and Wietse. 3.7.1 (2022-04-18) * (problem introduced: Postfix 2.7) The milter_header_checks maps are now opened before the cleanup(8) server enters the chroot jail. Problem reported by Jesper Dybdal. * In an internal client module, "host or service not found" was a fatal error, causing the milter_default_action setting to be ignored. It is now a non-fatal error, just like a failure to connect. Problem reported by Christian Degenkolb. * The proxy_read_maps default value was missing up to 27 parameter names. The corresponding lookup tables were not automatically authorized for use with the proxymap(8) service. The parameter names were ending in _checks, _reply_footer, _reply_filter, _command_filter, and _delivery_status_filter. * (problem introduced: Postfix 3.0) With dynamic map loading enabled, an attempt to create a map with "postmap regexp:path" would result in a bogus error message "Is the postfix-regexp package installed?" instead of "unsupported map type for this operation". This happened with all non-dynamic map types (static, cidr, etc.) that have no 'bulk create' support. Problem reported by Greg Klanderman. * In PCRE_README, "pcre2 --libs" should be "pcre2 --libs8". Problem reported by Carlos Velasco. * Documented in the postlogd(8) daemon manpage that the Postfix >= 3.7 postlog(1) command can run with setgid permissions. 3.7.2 (2022-04-28) This reverts an overly complex change in the postscreen SMTP engine (made during Postfix 3.7 development), and replaces it with much simpler code. The bad change was crashing postscreen on some systems after receiving malformed input (for example, a TLS "hello" message). @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.41 2021/06/02 15:29:57 taca Exp $ d7 1 a7 1 --- src/util/sys_defs.h.orig 2021-12-05 18:59:27.000000000 +0000 d9 4 a12 8 @@@@ -35,10 +35,7 @@@@ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ || defined(OPENBSD5) || defined(OPENBSD6) || defined(OPENBSD7) \ - || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ - || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ - || defined(NETBSD7) | defined(NETBSD8) || defined(NETBSD9) \ - || defined(NETBSD10) \ d17 1 a17 1 @@@@ -51,7 +48,9 @@@@ d27 1 a27 1 @@@@ -1257,6 +1256,8 @@@@ extern int h_errno; @ 1.42.30.1 log @Pullup ticket #7098 - requested by taca mail/postfix: Security fix Revisions pulled up: - mail/postfix/Makefile.common 1.64 - mail/postfix/distinfo 1.223 - mail/postfix/patches/patch-ag 1.43 - mail/postfix/patches/patch-ai 1.48 --- Module Name: pkgsrc Committed By: taca Date: Mon May 4 23:58:58 UTC 2026 Modified Files: pkgsrc/mail/postfix: Makefile.common distinfo pkgsrc/mail/postfix/patches: patch-ag patch-ai Log Message: mail/postfix: update to 3.11.2 Postfix 3.11.2 (2026-05-03) Fixed in Postfix 3.11: * Bugfix (defect introduced: Postfix 3.11): the proxymap(8) daemon dereferenced an uninitialized pointer after a request protocol error. This daemon is not exposed to local or remote users. Found by Claude Opus 4.6. * Bugfix (defect introduced: 20260309) a change, to set the service_name default value to "amnesiac", violated a test that parameter names in postconf output must match 1:1 with parameter names in the postlink script. Fixed in Postfix 3.8, 3.9, 3.10. 3.11: * Portability: support for recent FreeBSD, NetBSD, and OpenBSD versions. Brad Smith. * Bugfix (defect introduced: Postfix 2.2, date 20041207): When truncating a database file, the cdb: database client looked at the file size from before requesting an exclusive lock on a database file, instead of the file size after the exclusive lock was granted. Found by Claude Opus 4.6. * Bugfix (defect introduced: Postfix alpha, date 19980309): file descriptor leak after fork() failure. Found by Claude Opus 4.6. * Mistakes in debug logging. Found by Claude Opus 4.6. This affected two files in Postfix 3.8 and 3.9, three files in Postfix 3.10 and 3.11. * Unchecked null pointer results after an out-of-memory condition in a library dependency. Found by Claude Opus 4.6. The fix is to return an error status or to log a fatal error. This affected three source files. * Missing or incomplete guards for ssize_t or int overflow, found by Claude Opus 4.6. This affected three source files. These limits are unlikely to be exceeded because the size of in-memory objects is limited by design (the number of in-memory objects is also limited). @ text @d1 1 a1 1 $NetBSD$ d7 1 a7 1 --- src/util/sys_defs.h.orig 2026-05-01 18:55:47.000000000 +0000 d9 8 a16 4 @@@@ -40,6 +40,7 @@@@ || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ || defined(NETBSD7) | defined(NETBSD8) || defined(NETBSD9) \ || defined(NETBSD10) || defined(NETBSD11) || defined(NETBSD12) \ d21 1 a21 1 @@@@ -52,7 +53,9 @@@@ d31 1 a31 1 @@@@ -1263,6 +1266,8 @@@@ extern int h_errno; @ 1.41 log @mail/postfix: update to 3.6.0 Postfix stable release 3.6.0 is available. This ends the support for legacy release Postfix 3.2. The main changes are below. See the RELEASE_NOTES file for further details. Incompatible changes: * This release requires "postfix stop" before updating, or before backing out to an earlier release, because some internal protocols have changed. Otherwise, long-running daemons (pickup, qmgr, verify, tlsproxy, postscreen) may fail to communicate with the rest of Postfix, causing mail delivery delays until Postfix is restarted. * Respectful logging. Postfix version 3.6 deprecates terminology that implies white is better than black. Instead, Postfix prefers 'allowlist', 'denylist', and variations on those words. This change affects Postfix documentation, and postscreen parameters and logging. To keep the old postscreen logging set "respectful_logging = no" in main.cf before setting "compatibility_level = 3.6". In any case, the old postscreen parameter names will keep working as before. Other changes: * The minimum supported OpenSSL version is 1.1.1, which will reach the end of life by 2023-09-11. Postfix 3.6 is expected to reach the end of support in 2025. Until then, Postfix will be updated as needed for compatibility with OpenSSL. The default fingerprint digest has changed from md5 to sha256 (Postfix 3.6 with compatibility_level >= 3.6). With a lower compatibility_level setting, Postfix defaults to using md5, and logs a warning when a Postfix configuration specifies no explicit digest type. The export-grade Diffie-Hellman key exchange is no longer supported, and the tlsproxy_tls_dh512_param_file parameter is ignored, * Better error messages when someone configures an incorrect program in master.cf. To recognize such mistakes, every Postfix internal service, including the postdrop command, announces the name of its protocol before doing any other I/O, and every Postfix client program, including the Postfix sendmail command, will verify that the protocol name matches what it expects. * Fine-grained control over the envelope sender address for submission with the Postfix sendmail (or postdrop) commands. Example: /etc/postfix/main.cf: # Allow root and postfix full control, anyone else can only # send mail as themselves. Use "uid:" followed by the numerical # UID when the UID has no entry in the UNIX password file. local_login_sender_maps = inline:{ { root = *}, { postfix = * } }, pcre:/etc/postfix/login_senders /etc/postfix/login_senders: # Allow both the bare username and the user@@domain forms. /(.+)/ $1 $1@@example.com * Threaded bounces. This allows mail readers to present a non-delivery, delayed delivery, or successful delivery notification in the same email thread as the original message. Unfortunately, this also makes it easy for users to mistakenly delete the whole email thread (all related messages), instead of deleting only the delivery status notification. To enable, specify "enable_threaded_bounces = yes". * Postfix by default no longer uses the services(5) database to look up the TCP ports for SMTP and LMTP services. Instead, this information is configured with the new known_tcp_ports configuration parameter (default: lmtp=24, smtp=25, smtps=submissions=465, submission=587). When a service is not specified in known_tcp_ports, Postfix will still query the services(5) database. * Starting with Postfix version 3.6, the compatibility level is "3.6". In future Postfix releases, the compatibility level will be the Postfix version that introduced the last incompatible change. The level is formatted as 'major.minor.patch', where 'patch' is usually omitted and defaults to zero. Earlier compatibility levels are 0, 1 and 2. This also introduces main.cf and master.cf support for the <=level, < level, and other operators to compare compatibility levels. With the standard <=, <, etc. operators, compatibility level 3.10 would be less than 3.9, which is undesirable. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.40 2019/07/17 13:33:00 triaxx Exp $ d7 1 a7 1 --- src/util/sys_defs.h.orig 2020-05-21 13:34:23.000000000 +0000 d9 1 a9 6 @@@@ -30,14 +30,11 @@@@ #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \ || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \ || defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \ - || defined(FREEBSD11) || defined(FREEBSD12) \ + || defined(FREEBSD11) || defined(FREEBSD12) || defined(FREEBSD13) \ d12 1 a12 1 || defined(OPENBSD5) || defined(OPENBSD6) \ d15 4 a18 3 - || defined(NETBSD7) \ - || defined(EKKOBSD1) || defined(DRAGONFLY) + || defined(NETBSD) || defined(EKKOBSD1) || defined(DRAGONFLY) d21 1 a21 2 #define UINT32_TYPE unsigned int @@@@ -49,7 +46,9 @@@@ d31 1 a31 1 @@@@ -1252,6 +1251,8 @@@@ extern int h_errno; @ 1.40 log @postfix: update to 3.4.6 pkgsrc changes: --------------- * change COMMENT to make pkglint happy (inspired by http://www.postfix.org/) * update PLIST using make print-PLIST (missing @@pkgdir) upstream changes: ----------------- 20181125 Cleanup: dict_file_to_xxx() takes a list of file names separated by CHARS_COMMA_SP. Shoe-horned into the existing API, make it nicer when there is time. File: util/dict_file.c. 20181127 Cleanup: encapsulated clumsy 'read into VSTRING' code with easier-to-use vstream_fread_buf() and vstream_fread_app() primitives. Files: global/memcache_proto.c, global/record.c, global/smtp_stream.c, global/smtp_stream.h, global/uxtext.c, global/xtext.c, milter/milter8.c, util/dict_file.c, util/hex_quote.c, util/netstring.c, util/vstream.c, util/vstream.h. Verified with "make tests". Cleanup: simplified the smtp_fread() API (introduced for BDAT support), and changed the name to smtp_fread_buf(). Files: global/smtp_stream.c, smtpd/smtpd.c. Verified with ~megabyte BDAT commands. Cleanup: simplified a tlsproxy-internal API. File: tlsproxy/tlsproxy.c. 20181128 Initial support for key/certificate chain files that will replace the proliferation of separate parameters for RSA/DSA/ECC/etc. key and certificate files. Viktor Dukhovni. 20181201 Cleanup: replaced the remaining unsafe VSTRING_AT_OFFSET() calls with safe vstring_set_payload_size() calls, in code that directly writes into VSTRING. Files: tls/tls_session.c, tlsmgr/tlsmgr.c, util/casefold.c, util/vstring.c, util/vstring.h, xsasl/xsasl_cyrus_client.c. Cleanup: postscreen_command_time_limit did not need to be a 'raw' parameter. This makes "postconf -x" behavior more consistent. Files: global/mail_params.h, postscreen/postscreen.c. Documentation: added text that the following parameter values are not subject to Postfix parameter $name expansion: default_rbl_reply, command_execution_directory, luser_relay, smtpd_reject_footer. These have their own documented $name substitution mechanism. File: proto/postconf.proto. 20181202 Bugfix: posttls-finger reported an error for UNIX-domain connections, even if they did not fail. Found by Coverity. File: posttls-finger/posttls-finger.c. 20181208 Documentation: add even more redundancy to the rate-delay description. File: proto/postconf.proto. 20181210 Cleanup: code deduplication. File: util/dict_file.c. 20181226 Cleanup: code deduplication and better encapsulation with PSC_DEL_CLIENT_STATE() and PSC_DEL_SERVER_STATE() macros. Files: postscreen/postscreen.h, postscreen/postscreen_state.c. Documentation: POSTSCREEN_README did not describe the postscreen_post_queue_limit, and attributed the wrong reject message to the postscreen_pre_queue_limit. Problem reported by Michael Orlitzky. File: proto/POSTSCREEN_README.html. (20181226-nonprod) Compatibility: removed support for OpenSSL 1.0.1 (not supported since December 31, 2016) and earlier releases. This eliminated a large number of #ifdefs with bitrot workarounds. Viktor Dukhovni. Files: global/mail_params.h, posttls-finger/posttls-finger.c, tls/tls.h, tls/tls_certkey.c, tls/tls_client.c, tls/tls_dane.c, tls/tls_dh.c, tls/tls_misc.c, tls/tls_proxy_client_scan.c, tls/tls_rsa.c, tls/tls_server.c, tls/tls_session.c. (20181226-nonprod) Use the OpenSSL 1.0.2 and later API for setting ECDHE curves. Viktor Dukhovni. Files: tls/tls.h, tls/tls_client.c, tls/tls_dh.c. (20181226-nonprod) Documentation update for TLS support. Viktor Dukhovni. Files: mantools/postlink, proto/TLS_README.html, proto/postconf.proto, src/sendmail/sendmail.c, src/smtpd/smtpd.c. 20181229 Explicit maps_file_find() and dict_file_lookup() methods that decode base64 content. Decoding content is not built into the dict->lookup() method, because that would complicate the implementation of map nesting (inline, thash), map composition (pipemap, unionmap), and map proxying. For consistency, decoding base64 file content is also not built into the maps_find() method. Files: util/dict.h. util/dict_file.c, global/maps.[hc], postmap/postmap.c. 20190106 Documentation: documented the SRC_RHS_IS_FILE flag in dict_open.c, and updated the -F description in the postmap manpage. Files: util/dict_open.c, postmap/postmap.c. (20190106-nonprod) Feature: support for files that combine multiple (key, certificate, trust chain) instances in one file, to avoid separate files for RSA, DSA, Elliptic Curve, and so on. Viktor Dukhovni. Files: .indent.pro, global/mail_params.h, posttls-finger/posttls-finger.c, smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp_params.c, smtp/smtp_proto.c, smtpd/smtpd.c, tls/tls.h, tls/tls_certkey.c, tls/tls_client.c, tls/tls_proxy.h, tls/tls_proxy_client_print.c, tls/tls_proxy_client_scan.c, tls/tls_proxy_server_print.c, tls/tls_proxy_server_scan.c, tls/tls_server.c, tlsproxy/tlsproxy.c. (20190106-nonprod) Create a second, no-key no-cert, SSL_CTX for use with SNI. Viktor Dukhovni. Files: src/tls/tls.h, src/tls/tls_client.c, src/tls/tls_misc.c, src/tls/tls_server.c. (20190106-nonprod) Server-side SNI support. Viktor Dukhovni. Files: src/global/mail_params.h, src/smtp/smtp.c, src/smtpd/smtpd.c, src/tls/tls.h, src/tls/tls_certkey.c, src/tls/tls_misc.c, src/tlsproxy/tlsproxy.c, (20190106-nonprod) Configurable client-side SNI signal. Viktor Dukhovni. Files: global/mail_params.h, posttls-finger/posttls-finger.c, smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp.h, smtp/smtp_params.c, smtp/smtp_proto.c, smtp/smtp_tls_policy.c, tls/tls.h, tls/tls_client.c, tls/tls_proxy.h, tls/tls_proxy_client_print.c, tls/tls_proxy_client_scan.c. 20190121 Logging: support for internal logging file, without using syslog (it uses the new postlogd daemon instead). This solves a usability problem for MacOS, may help getting around systemd, and solves 99% of the problem for logging to stdout in a container (hopefully we have 100% soon). Enable by setting, for example, "maillog_file = /var/log/postfix.log"). This works fine for daemons, and with some limitations for non-daemon programs. See RELEASE_NOTES for more details. Files: conf/master.cf, conf/post-install, conf/postfix-files, conf/postfix-script, mantools/postlink, proto/master, proto/postconf.proto, global/mail_params.c, global/mail_params.h, global/mail_proto.h, global/maillog_client.c, global/maillog_client.h, master/dgram_server.c, master/event_server.c, master/mail_server.h, master/master.c, master/master.h, master/master_ent.c, master/master_listen.c, master/master_proto.h, master/master_wakeup.c, master/multi_server.c, master/single_server.c, master/trigger_server.c, postalias/postalias.c, postconf/postconf_master.c, postdrop/postdrop.c, postfix/postfix.c, postkick/postkick.c, postlog/postlog.c, postlogd/postlogd.c, postmap/postmap.c, postmulti/postmulti.c, postqueue/postqueue.c, postsuper/postsuper.c, sendmail/sendmail.c, util/connect.h, util/listen.h, util/logwriter.c, util/logwriter.h, util/msg_logger.c, util/msg_logger.h, util/msg_output.c, util/msg_output.h, util/unix_dgram_connect.c, util/unix_dgram_listen.c. Cleanup: cert/key/chain loading, plus unit tests to exercise non-error and error cases. Viktor Dukhovni. Files: tls/*.pem, tls*.pem.ref, tls/tls_certkey.c. 20190126 Safety: Postfix programs will log to either syslog or postlog but not both; and postlogd forwards postlog logging to syslog, when a configuration change removes the maillog_file pathname, but some programs still use the old configuration. Files: util/msg_syslog.[hc], util/msg_logger.c, global/maillog_client.c, postlogd/postlogd.c, Bugfix (introduced: Postfix 20110109, Postfix 2.10): watchdog pipe file descriptor leak. This pipe provides one source of liveness, data from this pipe is discarded, and therefore this does not enable privilege escalation or DOS. File: util/watchdog.c. Feature: stdout logging support; requires "postfix start-fg" and "maillog_file = /dev/stdout". Files: master/master.c, conf/postfix-script. 20190127 Safety: when maillog_file is specified, 'postfix check' now requires that the postlog service is enabled in master.cf. Otherwise 'postfix start' etc. will log a fatal error. File: conf/postfix-script. Documentation: added policy_context example. File: proto/SMTPD_POLICY_README.html. 20190128 Testing: run libtls tests under Valgrind. File tls/Makefile.in. 20190129 Safety: require that $maillog_file matches one of the pathname prefixes specified in $maillog_file_prefixes. The maillog file is created by root, and the prefixes limit the damage from a single configuration error. Files: global/mail_params.[hc], global/maillog_client.c. 20191201 Feature: "postfix logrotate" command with configurable compression program and datestamp filename suffix. File: conf/postfix-script. 20190202 Cleanup: log a warning when the client sends a malformed SNI; log an info message when the client sends a valid SNI that does not match the SNI lookup tables; update the FORWARD_SECRECY_README logging examples. Viktor Dukhovni. Files: proto/FORWARD_SECRECY_README.html, tls/tls.h, tls/tls_client.c, tls/tls_misc.c. 20190208 Debugging: the master(8) daemon now logs a warning if a master.cf entry is defined multiple times. File: src/master/master_conf.c. 20190209 Debugging: tlsproxy(8) now logs more details about unexpected configuration differences between the Postfix SMTP client and the tlsproxy(8) daemon. 20190210 Documentation: Postfix 3.4.0 RELEASE NOTES. Documentation: added BDAT_README. Documentation: global TLS settings. Files: mantools/postlink, smtp/smtp.c, tlsproxy/tlsproxy.c. 20190211 Cleanup: removed obsolete parameters: tls_dane_digest_agility, tls_dane_trust_anchor_digest_enable; removed openssl_path parameter from configuration difference checks in tlsproxy. Files: global/mail_params.h, tls/tls_misc.c, tls/tls_proxy_client_misc.c, tls/tls_proxy_client_print.c, tls/tls_proxy_client_scan.c, tls/tls_proxy.h. 20190212 Cleanup: missing #ifdef USE_TLS. Files: smtp/smtp_session.c, posttls-finger/posttls-finger.c. 20190217 Cleanup: when the master daemon runs with PID=1 (init mode), reap orhpan processes from non-Postfix code running in the same container, instead of terminating with a panic. File: master/master_spawn.c. 20190218 Bugfix: tlsproxy did not enable DANE-style PKI because libtls seems to have to accreted multiple init functions instead of reusing the tls_client_init() and tls_client_start() API. And some functions that do initialization don't even have init in their name! Problem report by Andreas Schulze. Viktor Dukhovni. Files: tls/tls_misc.c, tlsproxy/tlsproxy.c. Workaround: Postfix libtls makes DANE-specific changes to the shared SSL_CTX. To avoid false sharing, tlsproxy needs to label the SSL_CTX cache with DANE bits until we can remove the code that modifies SSL_CTX. File: tlsproxy/tlsproxy.c. Cleanup: Postfix libtls changed the shared SSL_CTX to override ciphers. instead of changing the SSL handle. To avoid false sharing in tlsproxy, the changes are now made to the SSL handle. Viktor Dukhovni. Files: tls/tls.h, tls/tls_client.c, tls/tls_misc.c, tls/tls_server.c. 20190219 Bugfix: in the Postfix SMTP client, TLS wrappermode was not tested in tlsproxy mode. It needed some setup for buffering and timeouts. Problem report by Andreas Schulze. File: smtp/smtp_proto.c. 20190304 Bugfix: a reversed test broke TLS configurations that specify the same filename for a private key and certificate. Reported by Mike Kazantsev. Fix by Viktor Dukhovni. Wietse fixed the test. Files: tls/tls_certkey.c, tls/Makefile.in. 20190310 Bitrot: LINUX5s support, after some sanity checks with a rawhide prerelease version. Files: makedefs, util/sys_defs.h. Bugfix (introduced: 20181226): broken DANE trust anchor file support, caused by left-over debris from the 20181226 TLS library overhaul. By intrigeri. File: tls/tls_dane.c. Bugfix (introduced: Postfix-1.0.1): null pointer read, while logging a warning after a corrupted bounce log file. File: global/bounce_log.c. Bugfix (introduced: Postfix-2.9.0): null pointer read, while logging a warning after a postscreen_command_filter read error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c 20190312 Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce has been producing false rejects starting with the Postfix 2.2 smtpd_end_of_data_restrictons, and for the same reasons, does the same with the Postfix 3.4 BDAT command. The latter was reported by Andreas Schulze. File: smtpd/smtpd_check.c. 20190319 With message_size_limit=0 (which is NOT DOCUMENTED), BDAT chunks were always rejected as too large. File: smtpd/smtpd.c 20190328 Bugfix (introduced: Postfix 3.0): LMTP connections over UNIX-domain sockets were cached but not reused, due to a cache lookup key mismatch. Therefore, idle cached connections could exhaust LMTP server resources, resulting in two-second pauses between email deliveries. This problem was investigated by Juliana Rodrigueiro. File: smtp/smtp_connect.c. 20190331 Documentation: tlsext_padding is not a tls_ssl_options feature. File: proto/postconf.proto. 20190401 Portability: added "#undef sun" to util/unix_dgram_connect.c. 20190403 Bugfix (introduced: Postfix 2.3): a censoring filter broke multiline Milter responses for header/body events. Problem report by Andreas Thienemann. Files: util/printable.c, util/stringops.h, smtpd/smtpd.c Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit = 0" no longer meant 'unlimited'. Problem report by Luc Pardon. File: smtp/smtp_addr.c. 20190615 Documentation: updated the BUGS section in the smtp(8) manpage about TLS connection reuse. File: smtp/smtp.c. Workaround for implementations that hang Postfix while shutting down a TLS session, until Postfix times out. With "tls_fast_shutdown_enable = yes" (the default), Postfix no longer waits for the TLS peer to respond to a TLS 'close' request. This is recommended with TLSv1.0 and later. Files: global/mail_params.h, tls/tls_session.c, and documentation. 20190621 Bugfix (introduced: Postfix 3.0): the code to reset Postfix SMTP server command counts was not called after a HaProxy handshake failure, causing stale numbers to be reported. The command counts are now reset in the function that reports the counts. File: smtpd/smtpd.c. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.39 2017/06/23 19:18:07 maya Exp $ d3 1 a3 1 * Add support for NetBSD 8. d7 1 a7 1 --- src/util/sys_defs.h.orig 2019-03-10 16:58:04.000000000 +0000 d13 2 a14 2 - || defined(FREEBSD11) \ + || defined(FREEBSD11) || defined(FREEBSD12) \ @ 1.39 log @Make NetBSD support version agnostic. Checks are against __NetBSD__Version__ anyway. Fixes NetBSD 8.99.1 build @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.38 2017/06/17 08:02:22 taca Exp $ d7 1 a7 1 --- src/util/sys_defs.h.orig 2017-02-02 01:31:15.000000000 +0000 d9 1 a9 1 @@@@ -30,13 +30,11 @@@@ d13 1 d26 1 a26 1 @@@@ -48,7 +46,9 @@@@ d36 1 a36 1 @@@@ -1250,6 +1250,8 @@@@ extern int h_errno; @ 1.38 log @Update postfix to 3.2.2. pkgsrc change: Add support for NetBSD 8. This announcement (June 13, 2017) includes changes that were released with an earlier update (June 10, 2017). The announcement was postponed to avoid confusion due to repeated notification. Fixed in all supported releases: * Security: Berkeley DB versions 2 and later try to read settings from a file DB_CONFIG in the current directory. This undocumented feature may introduce undisclosed vulnerabilities resulting in privilege escalation with Postfix set-gid programs (postdrop, postqueue) before they chdir to the Postfix queue directory, and with the postmap and postalias commands depending on whether the user's current directory is writable by other users. This fix does not change Postfix behavior for Berkeley DB versions < 3, but it does reduce postmap and postalias 'create' performance with Berkeley DB versions 3.0 .. 4.6. Fixed in Postfix 3.2 and later: * The SMTP server receive_override_options were not restored at the end of an SMTP session, after the options were modified by an smtpd_milter_maps setting of "DISABLE". Milter support remained disabled for the life time of the smtpd process. * After the Postfix 3.2 address/domain table lookup overhaul, the check_sender_access and check_recipient_access features ignored a non-default parent_domain_matches_subdomains setting. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.37 2016/11/04 17:10:10 sevan Exp $ d9 1 a9 1 @@@@ -30,12 +30,13 @@@@ d17 2 a18 2 || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ d20 2 a21 2 + || defined(NETBSD7) || defined(NETBSD8) \ || defined(EKKOBSD1) || defined(DRAGONFLY) d24 2 a25 1 @@@@ -48,7 +49,9 @@@@ d35 1 a35 1 @@@@ -1250,6 +1253,8 @@@@ extern int h_errno; @ 1.37 log @Add support for FreeBSD 11 & 12 via FreeBSD ports. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 * Add support for NetBSD 7. d7 1 a7 1 --- src/util/sys_defs.h.orig 2016-05-15 16:39:11.000000000 +0000 d9 1 a9 1 @@@@ -26,6 +26,7 @@@@ d17 8 a24 1 @@@@ -45,7 +46,9 @@@@ d34 1 a34 1 @@@@ -1268,6 +1271,8 @@@@ extern int h_errno; @ 1.36 log @Update mail/postfix to 3.0.2. Database and regexp map functionality is now split into separate packages: - postfix-cdb - postfix-ldap - postfix-lmdb - postfix-mysql - postfix-pcre - postfix-pgsql - postfix-sqlite Upstream changelog follows. Postfix 3.0.2 ------------- No delta against 2.11.6. Postfix 3.0.1 ------------- - Build error when compiling the Postfix SMTP server with SASL support but no TLS support. - The DNS "resource record to text" converter, used for xxx_dns_reply_filter pattern matching, appended a '.' to TXT record resource values. - The postscreen(8) manpage specified an incorrect Postfix version number for the postscreen_dnsbl_timeout parameter. - The postfix-install script expanded macros in parameter values when trying to detect parameter overrides, causing unnecessary main.cf updates during "postfix start" etc. - Some low-level cleanup of UTF-8 string handling with no visible change in behavior (besides better performance). Postfix 3.0.0 ------------- - SMTPUTF8 support for internationalized domain names and address localparts as defined in RFC 6530 and related documents. - Support for Postfix dynamically-linked libraries and database plugins. - An OPT-IN safety net for the selective adoption of new Postfix default settings. If you do nothing, the old Postfix default settings *should* remain in effect (complain to your downstream maintainer if that is not the case). - Support for operations on multiple lookup tables. The pipemap:{map1,map2...} database type implements a pipeline of lookup tables where the result from one lookup table becomes a query for the next table; the unionmap:{map1,map2,...} database type sends the @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.35 2014/08/25 16:00:54 taca Exp $ d5 1 d7 1 a7 1 --- src/util/sys_defs.h.orig 2015-07-18 13:28:17.000000000 +0000 d9 9 a17 1 @@@@ -45,7 +45,9 @@@@ d27 1 a27 1 @@@@ -1267,6 +1269,8 @@@@ extern int h_errno; @ 1.35 log @Fix build on NetBSD 7.*. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.34 2014/02/09 05:34:13 taca Exp $ d6 1 a6 1 --- src/util/sys_defs.h.orig 2013-09-29 20:51:55.000000000 +0000 d8 1 a8 9 @@@@ -31,6 +31,7 @@@@ || defined(OPENBSD5) \ || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ + || defined(NETBSD7) \ || defined(EKKOBSD1) || defined(DRAGONFLY) #define SUPPORTED #include @@@@ -44,7 +45,9 @@@@ d18 1 a18 1 @@@@ -1265,6 +1268,8 @@@@ extern int h_errno; @ 1.34 log @Update postfix to 2.11.0. Quote from release announce: The main changes in no particular order are: * Support for PKI-less TLS server certificate verification with DANE (DNS-based Authentication of Named Entities) where the CA public key or the server certificate is identified via DNSSEC lookup. This requires a DNS resolver that validates DNSSEC replies. The problem with conventional PKI is that there are literally hundreds of organizations world-wide that can provide a certificate in anyone's name. DANE limits trust to the people who control the target DNS zone and its parent zones. * Support for LMDB databases. Originally developed as part of OpenLDAP, LMDB is the first persistent Postfix database that can be shared among multiple writers such as postscreen daemons (Postfix already supported shared non-persistent memcached caches). Postfix currently requires LMDB version 0.9.11 or later. See LMDB_README for details and limitations. * A new postscreen_dnsbl_whitelist_threshold feature to allow clients to skip postscreen tests based on their DNSBL score. This can eliminate email delays due to "after 220 greeting" protocol tests, which otherwise require that a client reconnects before it can deliver mail. Some providers such as Google don't retry from the same IP address, and that can result in large email delivery delays. * The recipient_delimiter feature now supports different delimiters, for example both "+" and "-". As before, this implementation recognizes exactly one delimiter character per email address, and exactly one address extension per email address. * Advanced master.cf query/update support to access service attributes as "name = value" pairs. For example to turn off chroot on all services use "postconf -F '*/*/chroot = n'", and to change/add a "-o name=value" setting use "postconf -P smtp/inet/name = value". This was developed primarily to allow automated tools to manage Postfix systems without having to parse Postfix configuration files. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.33 2012/02/27 03:01:30 taca Exp $ d3 2 a4 1 Only define HAS_DB if it hasn't been defined. d8 9 a16 1 @@@@ -44,7 +44,9 @@@@ d26 9 @ 1.33 log @Build fix for NetBSD 6.0_BETA. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.32 2011/11/07 15:36:07 taca Exp $ a3 2 Add support for NetBSD 5.x, NetBSD 6.x and DragonFly BSD. Handle closefrom() on FreeBSD. d5 1 a5 1 --- src/util/sys_defs.h.orig 2011-11-02 23:46:22.000000000 +0000 a6 11 @@@@ -30,8 +30,8 @@@@ || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ || defined(OPENBSD5) \ || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ - || defined(NETBSD4) \ - || defined(EKKOBSD1) + || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ + || defined(EKKOBSD1) || defined(DRAGONFLY) #define SUPPORTED #include #include d15 1 a15 1 #define DEF_DB_TYPE "hash" a16 39 @@@@ -165,9 +167,19 @@@@ #define HAS_FUTIMES #endif +#if defined(__DragonFly__) +#define HAS_DEV_URANDOM +#define HAS_ISSETUGID +#define HAS_FUTIMES +#define SOCKADDR_SIZE socklen_t +#define SOCKOPT_SIZE socklen_t +#define HAS_DUPLEX_PIPE +#endif + #if (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 105000000) \ || (defined(__FreeBSD__) && __FreeBSD__ >= 4) \ || (defined(OpenBSD) && OpenBSD >= 200003) \ + || defined(__DragonFly__) \ || defined(USAGI_LIBINET6) #ifndef NO_IPV6 # define HAS_IPV6 @@@@ -176,14 +188,16 @@@@ #if (defined(__FreeBSD_version) && __FreeBSD_version >= 300000) \ || (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 103000000) \ - || (defined(OpenBSD) && OpenBSD >= 199700) /* OpenBSD 2.0?? */ + || (defined(OpenBSD) && OpenBSD >= 199700) /* OpenBSD 2.0?? */ \ + || defined(__DragonFly__) # define USE_SYSV_POLL #endif #ifndef NO_KQUEUE # if (defined(__FreeBSD_version) && __FreeBSD_version >= 410000) \ || (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 200000000) \ - || (defined(OpenBSD) && OpenBSD >= 200105) /* OpenBSD 2.9 */ + || (defined(OpenBSD) && OpenBSD >= 200105) /* OpenBSD 2.9 */ \ + || defined(__DragonFly__) # define EVENTS_STYLE EVENTS_STYLE_KQUEUE # endif #endif @ 1.32 log @Update postfix pacakge to 2.8.7. Postfix stable release 2.8.7 is available. This contains a workaround for a problem that is fixed in Postfix 2.9. * The postscreen daemon, which is not enabled by default, sent non-compliant SMTP responses (220- followed by 421) when it could not give a connection to a real smtpd process. These responses caused some remote SMTP clients to return mail as undeliverable. The workaround is to hang up after sending 220- without sending the 421 "sorry" reply; this is harmless. The complete fix involves too much change for a stable release: send the 220 greeting, wait for the EHLO command, then send the 421 "sorry" reply and hang up. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.31 2011/03/22 09:37:27 taca Exp $ d4 1 a4 1 Add support for NetBSD 5.x and DragonFly BSD. d15 1 a15 1 + || defined(NETBSD4) || defined(NETBSD5) \ @ 1.32.2.1 log @Pullup ticket #3691 - requested by tron mail/postfix: build fix Revisions pulled up: - mail/postfix/distinfo 1.141 - mail/postfix/patches/patch-ag 1.33 - mail/postfix/patches/patch-ai 1.27 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Feb 27 03:01:30 UTC 2012 Modified Files: pkgsrc/mail/postfix: distinfo pkgsrc/mail/postfix/patches: patch-ag patch-ai Log Message: Build fix for NetBSD 6.0_BETA. To generate a diff of this commit: cvs rdiff -u -r1.140 -r1.141 pkgsrc/mail/postfix/distinfo cvs rdiff -u -r1.32 -r1.33 pkgsrc/mail/postfix/patches/patch-ag cvs rdiff -u -r1.26 -r1.27 pkgsrc/mail/postfix/patches/patch-ai @ text @d1 1 a1 1 $NetBSD$ d4 1 a4 1 Add support for NetBSD 5.x, NetBSD 6.x and DragonFly BSD. d15 1 a15 1 + || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \ @ 1.31 log @Update mail/postfix pacakge to 2.8.2. Postfix stable release 2.8.2 is available. This release has minor fixes that are already in the experimental (2.9) release. - Bugfix: postscreen DNSBL scoring error. When a client disconnected and then reconnected before all DNSBL results for the earlier session arrived, DNSBL results for the earlier session would be added to the score for the later session. This is very unlikely to have affected any legitimate mail. - Workaround: the SMTP client did not support mail to [ipv6:ipv6addr]. - Portability: FreeBSD closefrom() was back-ported to FreeBSD 7, breaking FreeBSD 7.x support retroactively. - Portability: the SUN compiler had trouble with a pointer expression of the form ``("text1" "text2") + constant'' so we don't try to be so clever. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.30 2010/04/16 15:32:58 taca Exp $ d7 1 a7 1 --- src/util/sys_defs.h.orig 2009-11-14 23:32:37.000000000 +0000 d9 1 a9 2 @@@@ -29,8 +29,8 @@@@ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ d11 1 d20 1 a20 1 @@@@ -43,7 +43,9 @@@@ d30 1 a30 1 @@@@ -163,9 +166,19 @@@@ d50 1 a50 1 @@@@ -174,14 +187,16 @@@@ @ 1.30 log @Add patch to fix closefrom() problem on FreeBSD. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.29 2010/02/25 13:01:23 martti Exp $ a29 10 @@@@ -111,7 +113,8 @@@@ #define HAS_DUPLEX_PIPE /* 4.1 breaks with kqueue(2) */ #endif -#if __FreeBSD_version >= 800107 /* safe; don't believe the experts */ +#if (__FreeBSD_version >= 702104 && __FreeBSD_version <= 800000) \ + || __FreeBSD_version >= 800100 #define HAS_CLOSEFROM #endif @ 1.30.6.1 log @Pullup ticket #3384 - requested by taca mail/postfix: security update Revisions pulled up: - mail/postfix/Makefile patch - mail/postfix/distinfo patch - mail/postfix/patches/patch-ag patch --- Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available. These releases contain a fix for CVE-2011-0411 which allows plaintext command injection with SMTP sessions over TLS. This defect was introduced with Postfix version 2.2. The same flaw exists in other implementations of the STARTTLS command. Note: CVE-2011-0411 is an issue only for the minority of SMTP clients that actually verify server certificates. Without server certificate verification, clients are always vulnerable to man-in-the-middle attacks that allow attackers to inject plaintext commands or responses into SMTP sessions, and more. Postfix 2.8 and 2.9 are not affected. The following problems were fixed with the Postfix legacy releases: * Fix for CVE-2011-0411: discard buffered plaintext input, after reading the SMTP "STARTTLS" command or response. * Fix to the local delivery agent: look up the "unextended" address in the local aliases database, when that address has a malformed address extension. * Fix to virtual alias expansion: report a tempfail error, instead of silently ignoring recipients that exceed the virtual_alias_expansion_limit or the virtual_alias_recursion_limit. * Fix for Solaris: the Postfix event engine was deaf for SIGHUP and SIGALRM signals after the switch from select() to /dev/poll. Symptoms were delayed "postfix reload" response, and killed processes with watchdog timeout values under 100 seconds. * Fix for HP-UX: the Postfix event engine was deaf for SIGALRM signals. Symptoms were killed processes with watchdog timeout values under 100 seconds. * Fix for BSD-ish mkdir() to prevent maildir directories from inheriting their group ownership from the parent directory. * Fix to the SMTP client: missing support for mail to [ipv6:ipv6addr] address literal destinations. * FreeBSD back-ported closefrom() from FreeBSD 8x to 7x, breaking Postfix builds retroactively. Historical note: Wietse Venema discovered the problem two weeks before the Postfix 2.8 release, and silently fixed it pending further investigation. While investigating the problem's scope and impact, Victor Duchovni found that many other TLS applications were also affected. At that point, CERT/CC was asked to coordinate with the problem's resolution. You can find the updated Postfix source code at the mirrors listed at http://www.postfix.org/. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.30 2010/04/16 15:32:58 taca Exp $ d30 10 @ 1.29 log @Updated mail/postfix to 2.7.0 Postfix stable release 2.7.0 is available. For the past several releases, the focus has moved towards improving the code and documentation, and updating the system for changing environments. - Improved before-queue content filter performance. With "smtpd_proxy_options = speed_adjust", the Postfix SMTP server receives the entire message before it connects to a before-queue content filter. Typically, this allows Postfix to handle the same mail load with fewer content filter processes. - Improved address verification performance. The verify database is now persistent by default, and it is automatically cleaned periodically, Under overload conditions, the Postfix SMTP server no longer waits up to 6 seconds for an address probe to complete. - Support for reputation management based on the local SMTP client IP address. This is typically implemented with "FILTER transportname:" actions in access maps or header/body checks, and mail delivery transports in master.cf with unique smtp_bind_address values. - The postscreen daemon (a zombie-blocker in front of Postfix) is still too rough for a stable release, and will be made "mature" in the Postfix 2.8 development cycle (however you can use Postfix 2.7 with the Postfix 2.8 postscreen and dnsblog executables and master.cf configuration; this code has already proven itself). No functionality has been removed, but it is a good idea to review the RELEASE_NOTES file for the usual minor incompatibilities or limitations. You can find Postfix version 2.7.0 at the mirrors listed at http://www.postfix.org/ The same code is also available as Postfix snapshot 2.8-20100213. Updated versions of Postfix version 2.6, 2.5 and perhaps earlier will be released with the same fixes that were already included with Postfix versions 2.7 and 2.8. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.28 2009/05/13 10:33:23 martti Exp $ d5 1 d7 2 a8 2 --- src/util/sys_defs.h.orig 2009-11-15 01:32:37.000000000 +0200 +++ src/util/sys_defs.h 2010-02-25 14:47:46.000000000 +0200 d30 11 a40 1 @@@@ -163,9 +165,19 @@@@ d60 1 a60 1 @@@@ -174,14 +186,16 @@@@ @ 1.29.2.1 log @Pullup ticket #3094 - requested by taca mail/postfix: build fix mail/postfix-current: build fix Revisions pulled up: - mail/postfix-current/distinfo 1.58 - mail/postfix-current/patches/patch-ag 1.22 - mail/postfix/distinfo 1.130 - mail/postfix/patches/patch-ag 1.30 --- Module Name: pkgsrc Committed By: taca Date: Fri Apr 16 15:32:59 UTC 2010 Modified Files: pkgsrc/mail/postfix: distinfo pkgsrc/mail/postfix-current: distinfo pkgsrc/mail/postfix-current/patches: patch-ag pkgsrc/mail/postfix/patches: patch-ag Log Message: Add patch to fix closefrom() problem on FreeBSD. @ text @d1 1 a1 1 $NetBSD$ a4 1 Handle closefrom() on FreeBSD. d6 2 a7 2 --- src/util/sys_defs.h.orig 2009-11-14 23:32:37.000000000 +0000 +++ src/util/sys_defs.h d29 1 a29 11 @@@@ -111,7 +113,8 @@@@ #define HAS_DUPLEX_PIPE /* 4.1 breaks with kqueue(2) */ #endif -#if __FreeBSD_version >= 800107 /* safe; don't believe the experts */ +#if (__FreeBSD_version >= 702104 && __FreeBSD_version <= 800000) \ + || __FreeBSD_version >= 800100 #define HAS_CLOSEFROM #endif @@@@ -163,9 +166,19 @@@@ d49 1 a49 1 @@@@ -174,14 +187,16 @@@@ @ 1.28 log @Updated mail/postfix to 2.6.0 - Multi-instance support introduces a new postmulti(1) command to create/add/remove/etc. additional Postfix instances. The familiar "postfix start" etc. commands now automatically start multiple Postfix instances. The good news: nothing changes when you use only one Postfix instance. See MULTI_INSTANCE_README for details. - Multi-instance support required that some files be moved from the non-shared $config_directory to the shared $daemon_directory. The affected files are postfix-script, postfix-files and post-install. - TLS (SSL) support was updated for elliptic curve encryption. This requires OpenSSL version 0.9.9 or later. The SMTP client no longer uses the SSLv2 protocol by default. See TLS_README for details. - The Milter client now supports all Sendmail 8.14 Milter requests, including requests for rejected recipient addresses, and requests to replace the envelope sender address. See MILTER_README for details. - Postfix no longer adds (Resent-) From:, Date:, Message-ID: or To: headers to email messages with "remote" origins (these are origins that don't match $local_header_rewrite_clients). Adding such headers breaks DKIM signatures that explicitly cover non-present headers. For compatibility with existing logfile processing software, Postfix will log ``message-id=<>'' for email messages that have no Message-Id header. - Stress-adaptive behavior is now enabled by default. This allows the Postfix SMTP server to temporarily reduce time limits and error-count limits under conditions of overload, such as a malware attack or backscatter flood. See STRESS_README for details. No functionality has been removed, but it is a good idea to review the RELEASE_NOTES file for the usual minor incompatibilities or limitations. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.27 2008/11/03 00:47:17 taca Exp $ d6 3 a8 3 --- src/util/sys_defs.h.orig 2009-05-11 03:45:27.000000000 +0300 +++ src/util/sys_defs.h 2009-05-13 12:25:40.000000000 +0300 @@@@ -28,8 +28,8 @@@@ d19 1 a19 1 @@@@ -42,7 +42,9 @@@@ d29 1 a29 1 @@@@ -158,9 +160,19 @@@@ d49 1 a49 1 @@@@ -169,14 +181,16 @@@@ @ 1.27 log @Make it build on NetBSD current (and NetBSD 5.x). @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.26 2008/09/17 13:21:19 joerg Exp $ d6 2 a7 2 --- src/util/sys_defs.h.orig 2008-01-15 09:51:44.000000000 +0900 +++ src/util/sys_defs.h d29 1 a29 1 @@@@ -155,9 +157,19 @@@@ d49 1 a49 1 @@@@ -166,14 +178,16 @@@@ @ 1.26 log @Support newer DragonFly versions. From PR 39148. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.25 2008/09/04 08:25:20 martti Exp $ d4 1 d6 4 a9 3 --- src/util/sys_defs.h.orig 2008-01-15 02:51:44 +0200 +++ src/util/sys_defs.h 2008-07-18 22:24:22 +0300 @@@@ -29,7 +29,7 @@@@ d12 1 a12 1 || defined(NETBSD4) \ d14 1 @ 1.25 log @Updated mail/postfix to 2.5.5 Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a denial of service attack by a local user. There is no breach of data confidentiality or data integrity. This problem was found by the Postfix author during routine source code maintenance. An on-line version of this announcement is available at http://www.postfix.org/announcements/20080902.html @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.24 2007/04/03 07:27:51 martti Exp $ d5 11 a15 2 --- src/util/sys_defs.h.orig 2007-03-25 00:45:33.000000000 +0200 +++ src/util/sys_defs.h 2007-04-03 08:51:26.000000000 +0300 d26 39 @ 1.24 log @Updated mail/postfix to 2.4.0 The footprint of new features with Postfix 2.4.0 is significantly smaller than with earlier releases. And that is the whole point of approaching completeness: fewer visible changes. Below is a brief summary of what has changed. See the RELEASE_NOTES file for more, including compatibility issues that may affect your site. The HISTORY file gives a blow-by-blow account of what happened over the past year. Wietse - Postfix can now manage thousands of connections without needing special main.cf, master.cf, or compile-time tweaks, on systems with BSD kqueue, Solaris /dev/poll, or Linux epoll support. - Milter support for message body replacement. The resulting queue files are backwards compatible with Postfix 2.3. The existing Milter support for message header manipulations was revised and is now implemented by much simpler code. - Minor improvements in TLS session cache management and in the implementation of certificate fingerprint based authentication. A more extensive revision of TLS internals will appear first in Postfix 2.5 snapshots. - Improvements in queue manager performance when deferring large amounts of mail, or when delivering mail with lots of recipients. - Workarounds for SMTP servers that reply and hang up prematurely, for file system clocks that are out of sync, and for broken kernel lock management in POP servers. @ text @d1 3 a3 1 $NetBSD: patch-ag,v 1.23 2006/11/07 07:08:26 martti Exp $ @ 1.24.14.1 log @Pullup ticket 2518 - requested by martti security update for postfix - pkgsrc/mail/postfix/Makefile 1.219, 1.220 - pkgsrc/mail/postfix/distinfo 1.119 - pkgsrc/mail/postfix/patches/patch-aa 1.21 - pkgsrc/mail/postfix/patches/patch-ag 1.25 - pkgsrc/mail/postfix/patches/patch-ai 1.22 - pkgsrc/mail/postfix-current/Makefile 1.100, 1.101 - pkgsrc/mail/postfix-current/distinfo 1.46 - pkgsrc/mail/postfix-current/patches/patch-aa 1.19 - pkgsrc/mail/postfix-current/patches/patch-ag 1.17 - pkgsrc/mail/postfix-current/patches/patch-ai 1.20 Module Name: pkgsrc Committed By: ghen Date: Fri Aug 22 20:29:55 UTC 2008 Modified Files: pkgsrc/mail/postfix: Makefile pkgsrc/mail/postfix-current: Makefile Log Message: Add some (http) mirrors. --- Module Name: pkgsrc Committed By: martti Date: Thu Sep 4 08:25:20 UTC 2008 Modified Files: pkgsrc/mail/postfix: Makefile distinfo pkgsrc/mail/postfix/patches: patch-aa patch-ag patch-ai Log Message: Updated mail/postfix to 2.5.5 Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a denial of service attack by a local user. There is no breach of data confidentiality or data integrity. This problem was found by the Postfix author during routine source code maintenance. An on-line version of this announcement is available at http://www.postfix.org/announcements/20080902.html --- Module Name: pkgsrc Committed By: martti Date: Thu Sep 4 08:25:31 UTC 2008 Modified Files: pkgsrc/mail/postfix-current: Makefile distinfo pkgsrc/mail/postfix-current/patches: patch-aa patch-ag patch-ai Log Message: Updated mail/postfix-current to 2.6.20080903 Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a denial of service attack by a local user. There is no breach of data confidentiality or data integrity. This problem was found by the Postfix author during routine source code maintenance. An on-line version of this announcement is available at http://www.postfix.org/announcements/20080902.html @ text @d1 1 a1 3 $NetBSD: patch-ag,v 1.24 2007/04/03 07:27:51 martti Exp $ Only define HAS_DB if it hasn't been defined. @ 1.23 log @Updated mail/postfix to 2.3.4 Postfix 2.3 Patch 04 fixes minor problems as detailed in the change history below. The patch as well as complete source code tarballs were uploaded last week to the mirrors listed at http://www.postfix.org/ 20060831 Bugfix (introduced with initial implementation): missing "dict_errno = 0" caused mis-leading error messages after non-error lookup failure. Victor Duchovni. File: util/dict_cidr.c. Robustness: the default TLS cipher lists were changed from !foo:ALL into ALL:!foo. Victor Duchovni. Files: global/mail_params.h and documentation. 20060902 Bugfix (introduced Postfix 2.3): the LMTP client stripped "inet": from the next-hop destination, but still used the complete next-hop from the delivery request. File: smtp/smtp_connect.c. 20060903 Cleanup: record loop detection. File: global/record.c. 20060929 Workaround: AIX 5.[1-3] getaddrinfo() creates socket address structures with a non-zero port value. This breaks the smtp_bind_address etc. features, and breaks inet_interfaces settings with only one IP address. Problem reported by Hamish Marson. Files: util/sock_addr.[hc], util/myaddrinfo.c. Bugfix (introduced with the Postfix TLS patch): memory leak in verify_extract_peer(). The OpenSSL documentation provides no information on how subjectAltNames are managed. Sam Rushing, ironport. File: tls/tls_client.c. Bugfix (introduced with Postfix 2.2): smtp_generic_maps turned on MIME conversion. File: smtp/smtp_proto.c. Workaround: don't send SIZE information in the MAIL FROM command when message content will be subject to 8bit -> quoted-printable conversion. File: smtp/smtp_proto.c. 20061002 Compatibility: Sendmail now invokes the Milter connect action with the verified hostname instead of the name obtained with PTR lookup. File: smtpd/smtpd.c. 20061004 Cleanup: force space between mailq queueid+status and file size items. File: showq/showq.c. 20061015 Cleanup: convert the Milter {mail_addr} and {rcpt_addr} macro values to external form. File: smtpd/smtpd_milter.c. Cleanup: the Milter {mail_addr} and {rcpt_addr} macros are now available with non-SMTP mail. File: cleanup/cleanup_milter.c. Cleanup: convert addresses in Milter recipient add/delete requests to internal form. File: cleanup/cleanup_milter.c. Cleanup: with non-SMTP mail, convert addresses in simulated MAIL FROM and RCPT TO events to external form. File: cleanup/cleanup_milter.c. 20061017 Cleanup: removed spurious warning when the cleanup server attempts to bounce mail with soft_bounce=yes. Problem reported by Ralf Hildebrandt. File: cleanup/cleanup_bounce.c. Bugfix: null pointer bug when receiving a non-protocol response on a cached SMTP/LMTP connection. Report by Brian Kantor. Fix by Victor Duchovni. File: smtp/smtp_reuse.c. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.22 2006/09/16 15:29:36 hira Exp $ d3 2 a4 2 --- src/util/sys_defs.h.orig 2006-09-28 22:55:47.000000000 +0000 +++ src/util/sys_defs.h 2006-11-07 08:48:52.000000000 +0000 d6 1 a6 1 #define DEF_MAILBOX_LOCK "flock" @ 1.22 log @Add missing RCS Id. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 11 --- src/util/sys_defs.h.orig 2006-07-31 13:04:29.000000000 +0000 +++ src/util/sys_defs.h 2006-08-31 19:37:16.000000000 +0000 @@@@ -28,6 +28,7 @@@@ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ + || defined(NETBSD4) \ || defined(EKKOBSD1) #define SUPPORTED #include @@@@ -41,7 +42,9 @@@@ @ 1.21 log @Updated mail/postfix-2.3.3 - File corruption while executing a Milter "header insert" action with headers-only mail (found with dk-filter). Delivery agents would go into an infinite loop because some queue file update had been done in the wrong order. As a precaution, delivery agents now detect such loops, and the queue manager now saves such mail to the "corrupt" directory. - Segmentation fault in the SMTP client while saving a cached connection with unsent data. Postfix indexed some table with -1, because some I/O cleanup had been done in the wrong order. The same problem should exist in Postfix 2.2. - Postfix no longer announces its name in delivery status notifications. All other details of the default bounce text remain unchanged. The reason for this change is that too many people believe that Wietse provides a free helpdesk service that solves all their email problems. @ text @d1 2 @ 1.20 log @Accept NetBSD 4.* as NETBSD4 to compile on NetBSD current. Bump PKGREVISION. @ text @d1 2 a2 4 $NetBSD$ --- src/util/sys_defs.h.orig 2006-07-03 21:37:32.000000000 +0900 +++ src/util/sys_defs.h d5 1 a5 1 || defined(OPENBSD2) || defined(OPENBSD3) \ @ 1.19 log @Updated mail/postfix to 2.2.6 Postfix 2.2 patch 06 catches up with minor fixes that were fielded earlier in the experimental Postfix 2.3 snapshots. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.18 2005/11/13 10:37:09 martti Exp $ d3 20 a22 16 --- src/util/sys_defs.h.orig 2005-07-15 00:28:33.000000000 +0300 +++ src/util/sys_defs.h 2005-11-13 09:22:07.000000000 +0200 @@@@ -52,3 +52,3 @@@@ #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin" -#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 200040000) +#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 299000900) # define USE_STATVFS @@@@ -124,3 +124,3 @@@@ -#if __NetBSD_Version__ >= 200060000 /* 2.0F */ +#if __NetBSD_Version__ >= 299000900 /* 2.99.9 */ #define HAS_CLOSEFROM @@@@ -157,2 +157,3 @@@@ #define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0) +#define RESOLVE_H_NEEDS_NAMESER8_COMPAT_H #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin" @ 1.18 log @Regenerate the patches not to add NetBSD stuff inside Mac OS X section. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.17 2005/11/12 05:19:24 martti Exp $ @ 1.17 log @Make this compile on NetBSD 2.1. Does not affect other versions so no version bump. Fixes pkg/31952. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.16 2005/09/06 08:10:58 abs Exp $ d3 2 a4 2 --- src/util/sys_defs.h.orig 2005-07-11 23:00:38.000000000 +0300 +++ src/util/sys_defs.h 2005-11-11 06:01:49.000000000 +0200 d15 1 a15 1 @@@@ -157,5 +157,11 @@@@ a18 8 +#if (defined(__NetBSD__) && __NetBSD_Version__ >= 299000900) /* NetBSD 2.99.9 */ +#define USE_STATVFS +#define STATVFS_IN_SYS_STATVFS_H +#else #define USE_STATFS #define STATFS_IN_SYS_MOUNT_H +#endif #define HAS_POSIX_REGEXP @ 1.16 log @Fix NetBSD statvfs check to be >= 299000900 not >= 200040000 No pkgrevision bumps needed. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.15 2005/04/04 18:13:32 martti Exp $ d3 12 a14 2 --- src/util/sys_defs.h.orig 2005-02-04 02:07:44.000000000 +0200 +++ src/util/sys_defs.h 2005-04-04 20:55:05.000000000 +0300 @ 1.16.2.1 log @Pullup ticket 905 - requested by Martti Kuparinen portability fixes for postfix Revisions pulled up: - pkgsrc/mail/postfix/distinfo 1.90, 1.91, 1.92 - pkgsrc/mail/postfix/patches/patch-ag 1.17, 1.18 - pkgsrc/mail/postfix/patches/patch-ai 1.14 - pkgsrc/mail/postfix-current/distinfo 1.15, 1.16, 1.17 - pkgsrc/mail/postfix-current/patches/patch-ag 1.10, 1.11 - pkgsrc/mail/postfix-current/patches/patch-ai 1.11 Module Name: pkgsrc Committed By: joerg Date: Thu Oct 13 13:06:38 UTC 2005 Modified Files: pkgsrc/mail/postfix: distinfo pkgsrc/mail/postfix/patches: patch-ai Log Message: Treat DragonFly as FreeBSD 4 to let Postfix build. --- Module Name: pkgsrc Committed By: martti Date: Sat Nov 12 05:19:25 UTC 2005 Modified Files: pkgsrc/mail/postfix: distinfo pkgsrc/mail/postfix/patches: patch-ag Log Message: Make this compile on NetBSD 2.1. Does not affect other versions so no version bump. Fixes pkg/31952. --- Module Name: pkgsrc Committed By: martti Date: Sat Nov 12 05:23:18 UTC 2005 Modified Files: pkgsrc/mail/postfix-current: distinfo pkgsrc/mail/postfix-current/patches: patch-ag Log Message: Make this compile on NetBSD 2.1. Does not affect other versions so no version bump. Fixes same problem as pkg/31952. --- Module Name: pkgsrc Committed By: martti Date: Sun Nov 13 10:37:10 UTC 2005 Modified Files: pkgsrc/mail/postfix: distinfo pkgsrc/mail/postfix-current: distinfo pkgsrc/mail/postfix-current/patches: patch-ag pkgsrc/mail/postfix/patches: patch-ag Log Message: Regenerate the patches not to add NetBSD stuff inside Mac OS X section. --- Module Name: pkgsrc Committed By: martti Date: Tue Nov 15 10:43:20 UTC 2005 Modified Files: pkgsrc/mail/postfix-current: distinfo pkgsrc/mail/postfix-current/patches: patch-ai Log Message: Treat DragonFly as FreeBSD 4 to let Postfix build. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.18 2005/11/13 10:37:09 martti Exp $ d3 3 a5 13 --- src/util/sys_defs.h.orig 2005-07-15 00:28:33.000000000 +0300 +++ src/util/sys_defs.h 2005-11-13 09:22:07.000000000 +0200 @@@@ -52,3 +52,3 @@@@ #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin" -#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 200040000) +#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 299000900) # define USE_STATVFS @@@@ -124,3 +124,3 @@@@ -#if __NetBSD_Version__ >= 200060000 /* 2.0F */ +#if __NetBSD_Version__ >= 299000900 /* 2.99.9 */ #define HAS_CLOSEFROM @@@@ -157,2 +157,3 @@@@ d9 8 @ 1.15 log @Updated postfix to 2.2.2 - A more usable REPLACE action in header/body_checks. The old version produced unexpected results. - Portability to HP-UX. - Two harmless defects in the SMTP and LMTP clients that go back to before the first Postfix release, and that were found while doing code maintenance on the experimental release. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.14 2004/09/23 16:10:07 martti Exp $ d9 1 a9 1 +#if (defined(__NetBSD__) && __NetBSD_Version__ >= 200040000) /* NetBSD 2.0D */ @ 1.14 log @Updated postfix to 2.1.5 - The code to eliminate the local MTA from an MX address list did not handle the case that the local MTA could appear with different MX preferences in both inet_interfaces and proxy_interfaces. - The SMTP server's kiss-of-death message "421 Timeout exceeded" wasn't guarded by setjmp(). - The SMTP server didn't update the per-session error counter when a client was denied access with smtpd_delay_reject=no. - The Postfix sendmail command leaked file descriptors when it was unable to execute the postdrop mail submission command. - The bounce daemon sent the wrong type of bounce message when a - Plus some portability, safety and documentation fixes. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.13 2004/08/10 16:49:47 schmonz Exp $ d3 3 a5 3 --- src/util/sys_defs.h.orig 2004-08-02 00:05:23.000000000 +0300 +++ src/util/sys_defs.h 2004-09-23 19:01:03.000000000 +0300 @@@@ -128,5 +128,11 @@@@ @ 1.13 log @Define RESOLVE_H_NEEDS_NAMESER8_COMPAT_H for Mac OS X, and include before if it's defined. Along with Johnny's recent buildlink3 fixes, this fixes the build for me on Mac OS X Server 10.3.4. Should address pkg/26584. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 5 --- src/util/sys_defs.h.orig Tue Aug 10 02:27:04 2004 +++ src/util/sys_defs.h @@@@ -134,9 +134,15 @@@@ #define DEF_DB_TYPE "hash" #define ALIAS_DB_MAP "hash:/etc/aliases" a16 2 #define NORETURN void #define PRINTFLIKE(x,y) @ 1.12 log @Updated postfix to 2.1.3 This is the new 2.1.x series, please see www.postfix.org for complete list of changes since 2.0.20. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.11 2004/05/04 19:59:06 minskim Exp $ d3 4 a6 3 --- src/util/sys_defs.h.orig 2004-06-14 21:13:40.000000000 +0300 +++ src/util/sys_defs.h 2004-06-20 11:40:54.000000000 +0300 @@@@ -127,8 +127,13 @@@@ d9 1 @ 1.11 log @statvfs fix for postfix and postfix-current on NetBSD-current>=2.0D. Patch provided by John R. Shannon in PR pkg/25430. @ text @d1 1 a1 1 $NetBSD$ d3 5 a7 5 --- src/util/sys_defs.h.orig 2003-11-05 14:17:37.000000000 -0600 +++ src/util/sys_defs.h @@@@ -48,8 +48,13 @@@@ #endif #define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0) d17 2 a18 2 #define HAS_ST_GEN /* struct stat contains inode generation number */ #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" @ 1.11.2.1 log @Pullup ticket 47 to the pkgsrc-2004Q2 branch, requested by Martti Kuparinen. Update postfix to 2.1.3. Module Name: pkgsrc Committed By: martti Date: Mon Jun 21 16:13:24 UTC 2004 Modified Files: pkgsrc/mail/postfix: Makefile PLIST PLIST.tls distinfo pkgsrc/mail/postfix/patches: patch-aa patch-ae patch-af patch-ag patch-ai Removed Files: pkgsrc/mail/postfix/patches: patch-ad patch-ba patch-bb patch-bc patch-bd Log Message: Updated postfix to 2.1.3 This is the new 2.1.x series, please see www.postfix.org for complete list of changes since 2.0.20. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.11 2004/05/04 19:59:06 minskim Exp $ d3 5 a7 5 --- src/util/sys_defs.h.orig 2004-06-14 21:13:40.000000000 +0300 +++ src/util/sys_defs.h 2004-06-20 11:40:54.000000000 +0300 @@@@ -127,8 +127,13 @@@@ #define ALIAS_DB_MAP "hash:/etc/aliases" #define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0) d17 2 a18 2 #define NORETURN void #define PRINTFLIKE(x,y) @ 1.10 log @don't patch the same file twice, don't patch multiple files in a single patch. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.9 2004/01/21 06:56:48 martti Exp $ d3 16 a18 72 --- src/cleanup/cleanup.c.orig 2003-08-10 03:40:30.000000000 +0300 +++ src/cleanup/cleanup.c 2004-01-21 08:41:03.000000000 +0200 @@@@ -335,2 +335,3 @@@@ single_server_main(argc, argv, cleanup_service, + MAIL_SERVER_BOOL_TABLE, cleanup_bool_table, MAIL_SERVER_INT_TABLE, cleanup_int_table, --- src/cleanup/cleanup.h.orig 2002-12-03 16:58:11.000000000 +0200 +++ src/cleanup/cleanup.h 2004-01-21 08:41:03.000000000 +0200 @@@@ -120,2 +120,3 @@@@ extern void cleanup_post_jail(char *, char **); +extern CONFIG_BOOL_TABLE cleanup_bool_table[]; extern CONFIG_INT_TABLE cleanup_int_table[]; --- src/cleanup/cleanup_envelope.c.orig 2003-05-23 00:03:20.000000000 +0300 +++ src/cleanup/cleanup_envelope.c 2004-01-21 08:41:03.000000000 +0200 @@@@ -196,11 +196,15 @@@@ cleanup_rewrite_internal(clean_addr, *buf ? buf : var_empty_addr); - if (cleanup_rcpt_canon_maps) - cleanup_map11_internal(state, clean_addr, cleanup_rcpt_canon_maps, - cleanup_ext_prop_mask & EXT_PROP_CANONICAL); - if (cleanup_comm_canon_maps) - cleanup_map11_internal(state, clean_addr, cleanup_comm_canon_maps, - cleanup_ext_prop_mask & EXT_PROP_CANONICAL); - if (cleanup_masq_domains - && (cleanup_masq_flags & CLEANUP_MASQ_FLAG_ENV_RCPT)) - cleanup_masquerade_internal(clean_addr, cleanup_masq_domains); + if (var_canon_env_rcpt) { + if (cleanup_rcpt_canon_maps) + cleanup_map11_internal(state, clean_addr, + cleanup_rcpt_canon_maps, + cleanup_ext_prop_mask & EXT_PROP_CANONICAL); + if (cleanup_comm_canon_maps) + cleanup_map11_internal(state, clean_addr, + cleanup_comm_canon_maps, + cleanup_ext_prop_mask & EXT_PROP_CANONICAL); + if (cleanup_masq_domains + && (cleanup_masq_flags & CLEANUP_MASQ_FLAG_ENV_RCPT)) + cleanup_masquerade_internal(clean_addr, cleanup_masq_domains); + } cleanup_out_recipient(state, state->orig_rcpt, STR(clean_addr)); --- src/cleanup/cleanup_init.c.orig 2002-12-03 16:56:56.000000000 +0200 +++ src/cleanup/cleanup_init.c 2004-01-21 08:41:03.000000000 +0200 @@@@ -8,2 +8,4 @@@@ /* +/* CONFIG_BOOL_TABLE cleanup_bool_table[]; +/* /* CONFIG_INT_TABLE cleanup_int_table[]; @@@@ -30,3 +32,3 @@@@ /* -/* cleanup_{int,str,time}_table[] specify configuration +/* cleanup_{bool,int,str,time}_table[] specify configuration /* parameters that must be initialized before calling any functions @@@@ -111,2 +113,3 @@@@ char *var_masq_classes; /* what to masquerade */ +bool var_canon_env_rcpt; /* canonicalize envelope recipient */ int var_qattr_count_limit; /* named attribute limit */ @@@@ -147,2 +150,7 @@@@ +CONFIG_BOOL_TABLE cleanup_bool_table[] = { + VAR_CANON_ENV_RCPT, DEF_CANON_ENV_RCPT, &var_canon_env_rcpt, + 0, +}; + /* --- src/global/mail_params.h.orig 2004-01-21 08:40:40.000000000 +0200 +++ src/global/mail_params.h 2004-01-21 08:41:03.000000000 +0200 @@@@ -326,2 +326,6 @@@@ +#define VAR_CANON_ENV_RCPT "canonicalize_envelope_recipient" +#define DEF_CANON_ENV_RCPT 1 +extern bool var_canon_env_rcpt; + #define VAR_TRANSPORT_MAPS "transport_maps" @ 1.9 log @Updated postfix to 2.0.17 - Portability to MacOSX: Bind8 compatibility, core dumps in mailq and postdrop, and changes in netinfo support. - Elimination of some DNS lookup problems in third-party library routines (typically resulting in localhost not being found). - More agressive delivery to sites that defer a lot of mail. - Correction of a few obscure error messages. - Several small documentation fixes. - Minor fixes for robustness problems that no-one has experienced. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.8 2003/04/17 06:22:19 martti Exp $ @ 1.8 log @Updated postfix to 2.0.8 - Postfix processes now abort when given a net/mask pattern with a non-zero host portion (for example, 168.100.189.2/28), instead of risking to become an open mail relay. - Workaround for file system clock drift that caused Postfix to ignore new mail (this could happen with queue file systems mounted from a server). @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.7 2003/03/20 22:23:22 christos Exp $ d3 3 a5 5 --- src/cleanup/cleanup.c.orig 2002-12-20 03:33:40.000000000 +0200 +++ src/cleanup/cleanup.c 2003-04-17 08:54:39.000000000 +0300 @@@@ -333,6 +333,7 @@@@ * Pass control to the single-threaded service skeleton. */ a8 2 MAIL_SERVER_STR_TABLE, cleanup_str_table, MAIL_SERVER_TIME_TABLE, cleanup_time_table, d10 2 a11 4 +++ src/cleanup/cleanup.h 2003-04-17 08:54:39.000000000 +0300 @@@@ -118,6 +118,7 @@@@ extern void cleanup_all(void); extern void cleanup_pre_jail(char *, char **); d15 3 a17 7 extern CONFIG_STR_TABLE cleanup_str_table[]; extern CONFIG_TIME_TABLE cleanup_time_table[]; --- src/cleanup/cleanup_envelope.c.orig 2002-11-01 15:34:02.000000000 +0200 +++ src/cleanup/cleanup_envelope.c 2003-04-17 08:54:39.000000000 +0300 @@@@ -192,15 +192,19 @@@@ if (state->orig_rcpt == 0) state->orig_rcpt = mystrdup(buf); a41 2 if (state->recip == 0) state->recip = mystrdup(STR(clean_addr)); d43 2 a44 4 +++ src/cleanup/cleanup_init.c 2003-04-17 08:54:39.000000000 +0300 @@@@ -6,6 +6,8 @@@@ /* SYNOPSIS /* #include "cleanup.h" d49 1 a49 5 /* /* CONFIG_STR_TABLE cleanup_str_table[]; @@@@ -28,7 +30,7 @@@@ /* for one-time initializations that must be done before any message /* processing can take place. d54 1 a54 5 /* in this module. These tables satisfy the interface as specified in /* single_service(3). @@@@ -109,6 +111,7 @@@@ int var_extra_rcpt_limit; /* recipient extract limit */ char *var_rcpt_witheld; /* recipients not disclosed */ d58 1 a58 5 int var_body_check_len; /* when to stop body scan */ @@@@ -145,6 +148,11 @@@@ 0, }; d66 3 a68 7 * Mappings. */ --- src/global/mail_params.h.orig 2003-04-17 08:54:22.000000000 +0300 +++ src/global/mail_params.h 2003-04-17 08:54:39.000000000 +0300 @@@@ -324,6 +324,10 @@@@ #define DEF_RCPT_CANON_MAPS "" extern char *var_rcpt_canon_maps; a74 2 #define DEF_TRANSPORT_MAPS "" extern char *var_transport_maps; @ 1.7 log @- upgrade to 2.0.7 - add kim's recipient canonicalization patch. NOTE: TLS was disabled and is still disabled in this version. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.6 2003/03/20 22:04:47 christos Exp $ d3 3 a5 3 --- src/cleanup/cleanup.c Mon Nov 5 11:25:58 2001 +++ src/cleanup/cleanup.c Thu Jan 17 21:50:18 2002 @@@@ -281,6 +281,7 @@@@ d13 3 a15 3 --- src/cleanup/cleanup.h Tue Oct 30 19:39:06 2001 +++ src/cleanup/cleanup.h Thu Jan 17 21:50:18 2002 @@@@ -109,6 +109,7 @@@@ d23 2 a24 2 --- src/cleanup/cleanup_envelope.c.orig 2002-11-01 08:34:02.000000000 -0500 +++ src/cleanup/cleanup_envelope.c 2003-03-20 17:09:12.000000000 -0500 d54 2 a55 2 --- src/cleanup/cleanup_init.c.orig 2002-12-03 09:56:56.000000000 -0500 +++ src/cleanup/cleanup_init.c 2003-03-20 17:10:34.000000000 -0500 d94 3 a96 3 --- src/global/mail_params.h Tue Jan 15 10:24:34 2002 +++ src/global/mail_params.h Thu Jan 17 21:50:19 2002 @@@@ -295,6 +295,10 @@@@ @ 1.6 log @Add kim's recipient canocalization patch @ text @d1 1 a1 1 $NetBSD$ d23 5 a27 5 --- src/cleanup/cleanup_envelope.c Fri Dec 21 20:11:40 2001 +++ src/cleanup/cleanup_envelope.c Thu Jan 17 21:50:18 2002 @@@@ -166,15 +166,19 @@@@ return; } d41 2 a42 2 + cleanup_rcpt_canon_maps, + cleanup_ext_prop_mask & EXT_PROP_CANONICAL); d45 2 a46 2 + cleanup_comm_canon_maps, + cleanup_ext_prop_mask & EXT_PROP_CANONICAL); d48 1 a48 1 + && (cleanup_masq_flags & CLEANUP_MASQ_FLAG_ENV_RCPT)) d51 1 a51 1 cleanup_out_recipient(state, STR(clean_addr)); d54 2 a55 2 --- src/cleanup/cleanup_init.c Fri Aug 3 18:39:18 2001 +++ src/cleanup/cleanup_init.c Thu Jan 17 21:50:18 2002 d74 1 a74 2 @@@@ -107,6 +109,7 @@@@ char *var_always_bcc; /* big brother */ d77 1 d79 6 a84 1 char *var_masq_classes; /* what to masquerade */ d86 2 a87 5 CONFIG_INT_TABLE cleanup_int_table[] = { @@@@ -136,6 +139,11 @@@@ VAR_ALWAYS_BCC, DEF_ALWAYS_BCC, &var_always_bcc, 0, 0, VAR_RCPT_WITHELD, DEF_RCPT_WITHELD, &var_rcpt_witheld, 1, 0, VAR_MASQ_CLASSES, DEF_MASQ_CLASSES, &var_masq_classes, 0, 0, d91 3 a93 5 +CONFIG_BOOL_TABLE cleanup_bool_table[] = { + VAR_CANON_ENV_RCPT, DEF_CANON_ENV_RCPT, &var_canon_env_rcpt, 0, }; @ 1.5 log @Updated postfix to 2.0.0.2 IMPORTANT: read the documents in /usr/pkg/share/doc/postfix/ before upgrading from Postfix 1.1. Hightlights: - MIME support (including 8bit->7bit conversion and more accurate matching of MIME headers in message bodies) - completely rewritten RBL client code - smarter handling of DNS lookup errors in UCE restrictions - virtual delivery agent without transport map for every domain - a long list of other things that are meant to improve performance or functionality without compromising what already existed. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.4 2002/06/27 04:47:55 itojun Exp $ d3 104 a106 38 --- src/smtpd/smtpd_check.c- Thu Jun 27 13:46:28 2002 +++ src/smtpd/smtpd_check.c Thu Jun 27 13:46:44 2002 @@@@ -920,7 +920,7 @@@@ return (stat); } -/* reject_unknown_hostname - fail if name has no A or MX record */ +/* reject_unknown_hostname - fail if name has no A, AAAA or MX record */ static int reject_unknown_hostname(SMTPD_STATE *state, char *name, char *reply_name, char *reply_class) @@@@ -932,7 +932,7 @@@@ msg_info("%s: %s", myname, name); dns_status = dns_lookup_types(name, 0, (DNS_RR **) 0, (VSTRING *) 0, - (VSTRING *) 0, T_A, T_MX, 0); + (VSTRING *) 0, T_A, T_AAAA, T_MX, 0); if (dns_status != DNS_OK) return (smtpd_check_reject(state, MAIL_ERROR_POLICY, "%d <%s>: %s rejected: Host not found", @@@@ -942,7 +942,7 @@@@ return (SMTPD_CHECK_DUNNO); } -/* reject_unknown_mailhost - fail if name has no A or MX record */ +/* reject_unknown_mailhost - fail if name has no A, AAAA or MX record */ static int reject_unknown_mailhost(SMTPD_STATE *state, const char *name, const char *reply_name, const char *reply_class) @@@@ -954,7 +954,7 @@@@ msg_info("%s: %s", myname, name); dns_status = dns_lookup_types(name, 0, (DNS_RR **) 0, (VSTRING *) 0, - (VSTRING *) 0, T_A, T_MX, 0); + (VSTRING *) 0, T_A, T_AAAA, T_MX, 0); if (dns_status != DNS_OK) return (smtpd_check_reject(state, MAIL_ERROR_POLICY, "%d <%s>: %s rejected: Domain not found", @ 1.4 log @accept emails with domains with AAAA only. the patch was sent to wietse already. @ text @d1 1 a1 1 $NetBSD$ @ 1.3 log @Move files from postfix-current to postfix, as that's actually the latest release (it's also in the base src). Adresses PR 12426 by Martti Kuparinen @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.2 2000/04/10 00:19:17 bad Exp $ d3 38 a40 19 --- dns/Makefile.orig Sat Apr 8 22:14:35 2000 +++ dns/Makefile Sat Apr 8 23:18:53 2000 @@@@ -0,0 +1,16 @@@@ +# $NetBSD: patch-ag,v 1.2 2000/04/10 00:19:17 bad Exp $ + +LIB = dns +SRCS = dns_lookup.c dns_rr.c dns_strerror.c dns_strtype.c + +MKLINT= no +MKPIC= no +MKPROFILE= no +NOLINT= yes +NOPIC= yes +NOPROFILE= yes + +# only needed during build +libinstall:: + +.include @ 1.2 log @Some more changes besides the update to which Simon beat me: Create the /var/spool/postfix on install so that "postfix check" can create the directories below it. Create /etc/postfix/postfix-scrip on "make install". Make the library Makefiles DTRT on systems that don't understand MKXXX=no. Remover owner write permission from "maildrop" binary. Adjust offsets in a couple of patches. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.1 1999/05/30 18:18:31 tron Exp $ d6 1 a6 1 +# $NetBSD: patch-ag,v 1.1 1999/05/30 18:18:31 tron Exp $ @ 1.1 log @Patch one file per patch file. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 --- dns/Makefile.orig Sun May 30 18:49:12 1999 +++ dns/Makefile Sun May 30 18:49:12 1999 @@@@ -0,0 +1,13 @@@@ +# $NetBSD: patch-aa,v 1.1 1999/05/29 20:57:19 christos Exp $ d14 3 @