Prereq: "2.10.0" diff -cr --new-file /var/tmp/postfix-2.10.0/src/global/mail_version.h ./src/global/mail_version.h *** /var/tmp/postfix-2.10.0/src/global/mail_version.h Mon Feb 11 11:10:29 2013 --- ./src/global/mail_version.h Sat Jun 22 19:00:05 2013 *************** *** 20,27 **** * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ ! #define MAIL_RELEASE_DATE "20130211" ! #define MAIL_VERSION_NUMBER "2.10.0" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE --- 20,27 ---- * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ ! #define MAIL_RELEASE_DATE "20130622" ! #define MAIL_VERSION_NUMBER "2.10.1" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff -cr --new-file /var/tmp/postfix-2.10.0/HISTORY ./HISTORY *** /var/tmp/postfix-2.10.0/HISTORY Mon Feb 11 11:09:23 2013 --- ./HISTORY Sat Jun 22 17:33:43 2013 *************** *** 18247,18249 **** --- 18247,18285 ---- Bugfix: an error handler for smtp_tls_policy_maps lookups was never invoked. File: smtp/smtp_session.c. + + 20130403 + + Bugfix (introduced: Postfix 2.3): don't reuse TCP connections + when smtp_tls_policy_maps is specified. Victor Duchovni. + Found during Postfix 2.11 code maintenance. File: + smtp/smtp_reuse.c. + + 20130423 + + Bugfix (introduced: Postfix 2.0): when myhostname is not + listed in mydestination, the trivial-rewrite resolver may + log "do not list in both mydestination + and ". The fix is + to re-resolve a domain-less address after adding $myhostname + as the surrogate domain, so that it pops out with the right + address-class label. Problem reported by Quanah Gibson-Mount. + File: trivial-rewrite/resolve.c. + + 20130425 + + Bugfix (introduced: Postfix 2.2): don't reuse TCP connections + when SASL authentication is enabled. SASL passwords may + depend on the remote SMTP server hostname, but the Postfix + <2.11 SMTP connection cache client does not distinguish + between different hostnames that resolve to the same IP + address. Found during Postfix 2.11 code maintenance. File: + smtp/smtp_connect.c. + + 20130613 + + Workaround: unhelpful down-stream maintainers fail to install + the new smtpd_relay_restrictions safety net, causing breakage + that could have been avoided. We now hard-code the safety + net instead. Files: global/mail_params.h, conf/post-install, + RELEASE_NOTES. diff -cr --new-file /var/tmp/postfix-2.10.0/RELEASE_NOTES ./RELEASE_NOTES *** /var/tmp/postfix-2.10.0/RELEASE_NOTES Mon Feb 4 17:30:06 2013 --- ./RELEASE_NOTES Fri Jun 14 09:09:41 2013 *************** *** 110,130 **** Major changes - relay safety ---------------------------- ! [Incompat 20121007] As part of a forward compatibility safety net, ! the Postfix installation procedure adds the following ! smtpd_relay_restrictions entry to main.cf when there is none: smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination If your site has a complex mail relay policy configured under ! smtpd_recipient_restrictions, this safety net will defer mail that ! the built-in smtpd_relay_restrictions setting would bounce. ! To eliminate this safety net, take one of the following three ! actions: - Set smtpd_relay_restrictions empty, and keep using the existing mail relay authorization policy in smtpd_recipient_restrictions. --- 110,131 ---- Major changes - relay safety ---------------------------- ! [Incompat 20130613] New smtpd_relay_restrictions parameter built-in ! default settings: smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination + This safety net prevents open relay problems due to mistakes + with spam filter rules in smtpd_recipient_restrictions. + If your site has a complex mail relay policy configured under ! smtpd_recipient_restrictions, this safety net may defer mail that ! Postfix should accept. ! To fix this safety net, take one of the following actions: - Set smtpd_relay_restrictions empty, and keep using the existing mail relay authorization policy in smtpd_recipient_restrictions. *************** *** 132,149 **** - Copy the existing mail relay authorization policy from smtpd_recipient_restrictions to smtpd_relay_restrictions. - - Set smtpd_relay_restrictions by hand to the new built-in - policy: permit_mynetworks reject_unauth_destination. - There is no need to change the value of smtpd_recipient_restrictions. ! [Feature 20121007] This version introduces the smtpd_relay_restrictions feature for mail relay control. The new built-in default settings are: smtpd_relay_restrictions = permit_mynetworks ! reject_unauth_destination smtpd_recipient_restrictions = ( optional spam blocking rules would go here ) --- 133,148 ---- - Copy the existing mail relay authorization policy from smtpd_recipient_restrictions to smtpd_relay_restrictions. There is no need to change the value of smtpd_recipient_restrictions. ! [Feature 20130613] This version introduces the smtpd_relay_restrictions feature for mail relay control. The new built-in default settings are: smtpd_relay_restrictions = permit_mynetworks ! permit_sasl_authenticated ! defer_unauth_destination smtpd_recipient_restrictions = ( optional spam blocking rules would go here ) *************** *** 164,203 **** policy under smtpd_recipient_restrictions will not unexpectedly result in a permissive mail relay policy. ! As usual, this new feature is introduced with safety nets to prevent ! surprises when a site upgrades from an earlier Postfix release. ! 1 - FORWARD COMPATIBILITY SAFETY NET: the Postfix installation ! procedure adds the following smtpd_relay_restrictions entry to ! main.cf when there is none: ! ! smtpd_relay_restrictions = ! permit_mynetworks ! permit_sasl_authenticated ! defer_unauth_destination ! If your site has a complex mail relay policy configured under ! smtpd_recipient_restrictions, this safety net will defer mail ! that the built-in smtpd_relay_restrictions setting would bounce. ! To eliminate this safety net, take one of the following three ! actions: ! - Set smtpd_relay_restrictions empty, and keep using the existing ! mail relay authorization policy in smtpd_recipient_restrictions. ! - Copy the existing mail relay authorization policy from ! smtpd_recipient_restrictions to smtpd_relay_restrictions. ! - Set smtpd_relay_restrictions by hand to the new built-in ! policy: permit_mynetworks reject_unauth_destination. ! There is no need to change the value of smtpd_recipient_restrictions. ! 2 - BACKWARDS COMPATIBILITY SAFETY NET: sites that migrate from ! Postfix versions before 2.10 can set smtpd_relay_restrictions ! to the empty value, and use smtpd_recipient_restrictions exactly ! as they used it before. Major changes - start-up ------------------------ --- 163,194 ---- policy under smtpd_recipient_restrictions will not unexpectedly result in a permissive mail relay policy. ! As of Postfix 2.10.0 the smtpd_relay_restrictions parameter built-in ! default settings are: ! smtpd_relay_restrictions = ! permit_mynetworks ! permit_sasl_authenticated ! defer_unauth_destination ! If your site has a complex mail relay policy configured under ! smtpd_recipient_restrictions, this safety net may defer mail that ! Postfix should accept. ! To migrate from an earlier Postfix release with the least amount ! of pain: ! - Set smtpd_relay_restrictions empty, and keep using the existing ! mail relay authorization policy in smtpd_recipient_restrictions. ! - There is no need to change the value of smtpd_recipient_restrictions. ! To take advantage of the new smtpd_relay_restrictions feature: ! - Copy the existing mail relay authorization policy from ! smtpd_recipient_restrictions to smtpd_relay_restrictions. ! - There is no need to change the value of smtpd_recipient_restrictions. Major changes - start-up ------------------------ diff -cr --new-file /var/tmp/postfix-2.10.0/conf/post-install ./conf/post-install *** /var/tmp/postfix-2.10.0/conf/post-install Wed Oct 31 09:00:08 2012 --- ./conf/post-install Thu Jun 13 10:07:46 2013 *************** *** 809,833 **** $POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1 } ! # Postfix 2.10. ! # Safety net for incompatible changes due to the introduction ! # of the smtpd_relay_restrictions feature to separate the ! # mail relay policy from the spam blocking policy. ! # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT ! # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM ! # POSTFIX BEFORE 2.10. ! test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || { ! cat <

smtpd_relay_restrictions ! (default: permit_mynetworks, reject_unauth_destination)

Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before --- 13892,13898 ----

smtpd_relay_restrictions ! (default: permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination)

Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before diff -cr --new-file /var/tmp/postfix-2.10.0/man/man5/postconf.5 ./man/man5/postconf.5 *** /var/tmp/postfix-2.10.0/man/man5/postconf.5 Wed Feb 6 19:36:22 2013 --- ./man/man5/postconf.5 Thu Jun 13 10:06:06 2013 *************** *** 9169,9175 **** .br .PP This feature is available in Postfix 2.1 and later. ! .SH smtpd_relay_restrictions (default: permit_mynetworks, reject_unauth_destination) Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before smtpd_recipient_restrictions. --- 9169,9175 ---- .br .PP This feature is available in Postfix 2.1 and later. ! .SH smtpd_relay_restrictions (default: permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination) Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before smtpd_recipient_restrictions. diff -cr --new-file /var/tmp/postfix-2.10.0/proto/postconf.proto ./proto/postconf.proto *** /var/tmp/postfix-2.10.0/proto/postconf.proto Wed Feb 6 19:34:05 2013 --- ./proto/postconf.proto Thu Jun 13 09:48:55 2013 *************** *** 5901,5907 **** smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination ! %PARAM smtpd_relay_restrictions permit_mynetworks, reject_unauth_destination

Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before --- 5901,5907 ---- smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination ! %PARAM smtpd_relay_restrictions permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination

Access restrictions for mail relay control that the Postfix SMTP server applies in the context of the RCPT TO command, before diff -cr --new-file /var/tmp/postfix-2.10.0/src/global/mail_params.h ./src/global/mail_params.h *** /var/tmp/postfix-2.10.0/src/global/mail_params.h Sun Feb 3 13:22:21 2013 --- ./src/global/mail_params.h Sat Jun 22 19:57:19 2013 *************** *** 1959,1965 **** #define VAR_RELAY_CHECKS "smtpd_relay_restrictions" #define DEF_RELAY_CHECKS PERMIT_MYNETWORKS ", " \ ! REJECT_UNAUTH_DEST extern char *var_relay_checks; #define VAR_RCPT_CHECKS "smtpd_recipient_restrictions" --- 1959,1966 ---- #define VAR_RELAY_CHECKS "smtpd_relay_restrictions" #define DEF_RELAY_CHECKS PERMIT_MYNETWORKS ", " \ ! PERMIT_SASL_AUTH ", " \ ! DEFER_UNAUTH_DEST extern char *var_relay_checks; #define VAR_RCPT_CHECKS "smtpd_recipient_restrictions" diff -cr --new-file /var/tmp/postfix-2.10.0/src/postscreen/postscreen.h ./src/postscreen/postscreen.h *** /var/tmp/postfix-2.10.0/src/postscreen/postscreen.h Mon Nov 5 11:04:01 2012 --- ./src/postscreen/postscreen.h Mon May 13 17:50:10 2013 *************** *** 418,423 **** --- 418,424 ---- (dst)->pregr_stamp = PSC_TIME_STAMP_INVALID; \ (dst)->dnsbl_stamp = PSC_TIME_STAMP_INVALID; \ (dst)->pipel_stamp = PSC_TIME_STAMP_INVALID; \ + (dst)->nsmtp_stamp = PSC_TIME_STAMP_INVALID; \ (dst)->barlf_stamp = PSC_TIME_STAMP_INVALID; \ (dst)->penal_stamp = PSC_TIME_STAMP_INVALID; \ } while (0) diff -cr --new-file /var/tmp/postfix-2.10.0/src/smtp/smtp_connect.c ./src/smtp/smtp_connect.c *** /var/tmp/postfix-2.10.0/src/smtp/smtp_connect.c Mon Jan 2 19:57:59 2012 --- ./src/smtp/smtp_connect.c Tue May 7 19:40:27 2013 *************** *** 457,468 **** state->misc_flags &= ~SMTP_MISC_FLAG_CONN_CACHE_MASK; /* ! * XXX Disable connection caching when sender-dependent authentication is * enabled. We must not send someone elses mail over an authenticated * connection, and we must not send mail that requires authentication * over a connection that wasn't authenticated. */ ! if (var_smtp_sender_auth) return; if (smtp_cache_dest && string_list_match(smtp_cache_dest, dest)) { --- 457,468 ---- state->misc_flags &= ~SMTP_MISC_FLAG_CONN_CACHE_MASK; /* ! * XXX Disable connection caching when SASL authentication is * enabled. We must not send someone elses mail over an authenticated * connection, and we must not send mail that requires authentication * over a connection that wasn't authenticated. */ ! if (var_smtp_sasl_passwd && *var_smtp_sasl_passwd) return; if (smtp_cache_dest && string_list_match(smtp_cache_dest, dest)) { diff -cr --new-file /var/tmp/postfix-2.10.0/src/smtp/smtp_reuse.c ./src/smtp/smtp_reuse.c *** /var/tmp/postfix-2.10.0/src/smtp/smtp_reuse.c Sun Apr 1 12:01:01 2012 --- ./src/smtp/smtp_reuse.c Tue May 7 19:38:21 2013 *************** *** 274,280 **** * credentials or the wrong TLS policy. */ if ((var_smtp_tls_per_site && *var_smtp_tls_per_site) ! || (var_smtp_sasl_passwd && *var_smtp_sasl_passwd)) return (0); /* --- 274,280 ---- * credentials or the wrong TLS policy. */ if ((var_smtp_tls_per_site && *var_smtp_tls_per_site) ! || (var_smtp_tls_policy && *var_smtp_tls_policy)) return (0); /* diff -cr --new-file /var/tmp/postfix-2.10.0/src/tls/tls_client.c ./src/tls/tls_client.c *** /var/tmp/postfix-2.10.0/src/tls/tls_client.c Thu May 17 13:14:52 2012 --- ./src/tls/tls_client.c Tue Feb 12 07:40:06 2013 *************** *** 994,1000 **** if (TLScontext->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) msg_info("%s: subject_CN=%s, issuer_CN=%s, " ! "fingerprint %s, pkey_fingerprint=%s", props->namaddr, TLScontext->peer_CN, TLScontext->issuer_CN, TLScontext->peer_fingerprint, TLScontext->peer_pkey_fprint); --- 994,1000 ---- if (TLScontext->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) msg_info("%s: subject_CN=%s, issuer_CN=%s, " ! "fingerprint=%s, pkey_fingerprint=%s", props->namaddr, TLScontext->peer_CN, TLScontext->issuer_CN, TLScontext->peer_fingerprint, TLScontext->peer_pkey_fprint); diff -cr --new-file /var/tmp/postfix-2.10.0/src/trivial-rewrite/resolve.c ./src/trivial-rewrite/resolve.c *** /var/tmp/postfix-2.10.0/src/trivial-rewrite/resolve.c Mon Oct 1 16:57:50 2012 --- ./src/trivial-rewrite/resolve.c Tue May 7 14:41:03 2013 *************** *** 324,332 **** tok822_free(tree->head); tree->head = 0; } ! /* XXX must be localpart only, not user@domain form. */ ! if (tree->head == 0) tree->head = tok822_scan(var_empty_addr, &tree->tail); /* * We're done. There are no domains left to strip off the address, --- 324,341 ---- tok822_free(tree->head); tree->head = 0; } ! /* XXX Re-resolve the surrogate, in case already in user@domain form. */ ! if (tree->head == 0) { tree->head = tok822_scan(var_empty_addr, &tree->tail); + continue; + } + + /* XXX Re-resolve with @$myhostname for backwards compatibility. */ + if (domain == 0 && saved_domain == 0) { + tok822_sub_append(tree, tok822_alloc('@', (char *) 0)); + tok822_sub_append(tree, tok822_scan(var_myhostname, (TOK822 **) 0)); + continue; + } /* * We're done. There are no domains left to strip off the address,