-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathRELEASE_NOTES-2.0
853 lines (680 loc) · 38 KB
/
RELEASE_NOTES-2.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
==============================================================
NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE
==============================================================
Before upgrading from Postfix 1.1 you must stop Postfix ("postfix
stop"). Some internal protocols have changed. No mail will be
lost if you fail to stop and restart Postfix, but Postfix won't be
able to receive any new mail, either.
==============================================================
NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE
==============================================================
In the text below, changes are labeled with the Postfix snapshot
that introduced the change, and whether the change introduced a
feature, an incompatibility, or whether the feature is obsolete.
If you upgrade from a later Postfix version, then you do not have
to worry about incompatibilities introduced in earlier versions.
Official Postfix releases are called a.b.c where a=major release
number, b=minor release number, c=patchlevel. Snapshot releases
are now called a.b.c-yyyymmdd where yyyymmdd is the release date
(yyyy=year, mm=month, dd=day). The mail_release_date configuration
parameter contains the release date (both for official release and
snapshot release). Patches change the patchlevel and the release
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
Major changes with Postfix version 2.0.0 (released 20021222, 20021223)
======================================================================
First comes the bad news - things that may break when you upgrade
from Postfix 1.1. Then comes the good news - things that evolved
in snapshots over the past year.
For the release notes of Postfix 1.1 and earlier, see the
RELEASE_NOTES-1.1 file.
Unknown Recipients are now rejected by default
==============================================
[Incompatibility 20021209] The Postfix SMTP server now rejects mail
for $mydestination domain recipients that it does not know about.
This keeps undeliverable mail out of your queue.
[Incompatibility 20021209] To avoid losing mail when upgrading from
Postfix 1.1, you need to review the LOCAL_RECIPIENT_README file if
one of the following is true:
- You define $mydestination domain recipients in files other than
/etc/passwd or /etc/aliases. For example, you define $mydestination
domain recipients in the $virtual_mailbox_maps files.
- You run the Postfix SMTP server chrooted (see master.cf).
- You redefined the local delivery agent in master.cf.
- You redefined the "local_transport" setting in main.cf.
- You use the mailbox_transport feature of the Postfix local delivery agent.
- You use the fallback_transport feature of the Postfix local delivery agent.
- You use the luser_relay feature of the Postfix local delivery agent.
Name change of virtual domain tables
====================================
This release introduces separation of lookup tables for addresses
and for domain names of virtual domains.
[Incompat 20021209] the virtual_maps parameter is replaced by
virtual_alias_maps (for address lookups) and virtual_alias_domains
(for the names of what were formerly called "Postfix-style virtual
domains").
For backwards compatibility with Postfix version 1.1, the new
virtual_alias_maps parameter defaults to $virtual_maps, and the
new virtual_alias_domains parameter defaults to $virtual_alias_maps.
This means that you can still keep all information about a domain
in one file, just like before.
For details, see the virtual(5) and sample-virtual.cf files.
[Incompat 20021209] the virtual_mailbox_maps parameter now has a
companion parameter called virtual_mailbox_domains (for the names
of domains served by the virtual delivery agent). virtual_mailbox_maps
is now used for address lookups only.
For backwards compatibility with Postfix version 1.1,, the new
virtual_mailbox_domains parameter defaults to $virtual_mailbox_maps.
This means that you can still keep all information about a domain
in one file, just like before.
For details, see the VIRTUAL_README file.
[Incompat 20021209] If you use the "advanced content filter"
technique, you MUST NOT override the virtual aliases and virtual
mailbox settings in the SMTP server that receives mail from the
content filter, or else mail for virtual recipients will be rejected
with "User unknown".
For details, see the FILTER_README file.
Incompatible queue file format changes
======================================
[Incompat 20020527] Queue files created with the header/body_checks
"FILTER" feature are not compatible with "postqueue -r" (move queue
files back to the maildrop directory) of previous Postfix releases.
[Incompat 20020512] Postfix queue files contain records that are
incompatible with "postqueue -r" on all Postfix versions prior to
1.1 and release candidates. This happens whenever the sender
specifies MIME body type information via the SMTP `MAIL FROM'
command, via the `sendmail -B' command line option, or via the
Content-Transfer-Encoding: message header.
[Incompat 20020512] Postfix queue files may contain records that
are incompatible with "postqueue -r" on previous 1.1 Postfix versions
and release candidates. This happens whenever the sender specifies
the MIME body type only via the Content-Transfer-Encoding: message
header, and not via `MAIL FROM' or `sendmail -B'.
Features that are going away
============================
[Obsolete 20021209] Sendmail-style virtual domains are no longer
documented. This part of Postfix was too confusing.
[Obsolete 20021209] The "reject_maps_rbl" restriction is going
away. The SMTP server now logs a warning and suggests using the
more flexible "reject_rbl_client" feature instead.
[Obsolete 20021209] The "check_relay_domains" restriction is going
away. The SMTP server logs a warning and suggests using the more
robust "reject_unauth_destination" instead. This means that Postfix
by default no longer grants relay permissions on the basis of the
client hostname, and that relay clients must be authorized via
other means such as permit_mynetworks.
[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
form. The old form still exists but is no longer documented, and
causes a warning (suggesting to use the new format) to be logged.
For details, see "man regexp_table".
[Obsolete 20020819] The qmgr_site_hog_factor feature is gone (this
would defer mail delivery for sites that occupy too much space in
the active queue, and be a real performance drain due to excessive
disk I/O). The new qmgr_clog_warn_time feature (see below) provides
more useful suggestions for dealing with Postfix congestion.
[Obsolete 20020819] The "permit_naked_ip_address" restriction on
HELO command syntax is unsafe when used with most smtpd_XXX_restrictions
and will go away. Postfix logs a warning, suggesting to use
"permit_mynetworks" instead.
MIME support
============
[Feature 20020527] Postfix now has real MIME support. This improves
content filtering efficiency and accuracy, and improves inter-operability
with mail systems that cannot receive 8-bit mail. See conf/sample-mime.cf
for details.
[Feature 20020527] Postfix header_checks now properly recognize
MIME headers in attachments. This is much more efficient than
previous versions that recognized MIME headers via body_checks.
MIME headers are now processed one multi-line header at a time,
instead of one body line at a time. To get the old behavior,
specify "disable_mime_input_processing = yes". More details in
conf/sample-filter.cf.
[Feature 20020527] Postfix now has three classes of header patterns:
header_checks (for primary message headers except MIME headers),
mime_header_checks (for MIME headers), and nested_header_checks
(for headers of attached email messages except MIME headers). By
default, all headers are matched with header_checks.
[Feature 20020527] The Postfix SMTP client will now convert 8BITMIME
mail to 7BIT when delivering to an SMTP server that does not announce
8BITMIME support. To disable, specify "disable_mime_output_conversion
= yes". However, this conversion is required by RFC standards.
[Feature 20020528] Postfix can enforce specific aspects of the MIME
standards while receiving mail.
* Specify "strict_7bit_headers = yes" to disallow 8-bit characters
in message headers. These are always illegal.
* Specify "strict_8bitmime_body = yes" to block mail with 8-bit
content that is not properly labeled as 8-bit MIME. This blocks
mail from poorly written mail software, including (bounces from
qmail, bounces from Postfix before snapshot 20020514, and Majordomo
approval requests) that contain valid 8BITMIME mail.
* Specify "strict_8bitmime = yes" to turn on both strict_7bit_headers
and strict_8bitmime_body.
* Specify "strict_mime_encoding_domain = yes" to block mail from
poorly written mail software. More details in conf/sample-mime.cf.
[Incompat 20020527] Postfix now rejects mail if the MIME multipart
structure is nested more than mime_nesting_limit levels (default:
100) when MIME input processing is enabled while receiving mail, or
when Postfix is performing 8BITMIME to 7BIT conversion while
delivering mail.
[Incompat 20020527] Postfix now recognizes "name :" as a valid
message header, but normalizes it to "name:" for consistency
(actually, there is so much code in Postfix that would break with
"name :" that there is little choice, except to not recognize "name
:" headers).
[Incompat 20020512] Postfix queue files contain records that are
incompatible with "postqueue -r" on all Postfix versions prior to
1.1 and release candidates. This happens whenever the sender
specifies MIME body type information via the SMTP `MAIL FROM'
command, via the `sendmail -B' command line option, or via the
Content-Transfer-Encoding: message header.
[Incompat 20020512] Postfix queue files may contain records that
are incompatible with "postqueue -r" on previous 1.1 Postfix versions
and release candidates. This happens whenever the sender specifies
the MIME body type only via the Content-Transfer-Encoding: message
header, and not via `MAIL FROM' or `sendmail -B'.
[Feature 20020512] The Postfix SMTP and LMTP clients now properly
pass on the MIME body type information (7BIT or 8BITMIME), provided
that the sender properly specifies MIME body type information via
the SMTP MAIL FROM command, via the sendmail -B command line option,
or via MIME message headers. This includes mail that is returned
as undeliverable.
Improved performance
====================
[Incompat 20021209] The default queue directory hash_queue_depth
setting is reduced to 1 level of subdirectories per Postfix queue.
This improves "mailq" performance on most systems, but can result
in poorer worst-case performance on systems with lots of mail in
the queue.
[Incompat 20021209] The Postfix SMTP client no longer expands CNAMEs
in MAIL FROM or RCPT TO addresses (as permitted by RFC 2821). This
eliminates one DNS lookup per sender and recipient, and can make
a dramatic difference when sending mailing list mail via a relayhost.
[Incompat 20021209] The Postfix installation procedure no longer
sets the "chattr +S" bit on Linux queue directories. Wietse has
gotten too annoyed with naive reviewers who complain about performance
without having a clue of what they are comparing.
[Feature 20021209] On mail gateway systems, separation of inbound
mail relay traffic from outbound traffic. This eliminates a problem
where inbound mail deliveries could become resource starved in the
presence of a high volume of outbound mail.
[Feature 20021013] The body_checks_size_limit parameter limits the
amount of text per message body segment (or attachment, if you
prefer to use that term) that is subjected to body_checks inspection.
The default limit is 50 kbytes. This speeds up the processing of
mail with large attachments.
[Feature 20020917] Speedups of regexp table lookups by optimizing
for the $number substitutions that are actually present in the
right-hand side. Based on a suggestion by Liviu Daia.
[Feature 20020917] Speedups of regexp and pcre tables, using
IF..ENDIF support. Based on an idea by Bert Driehuis. To protect
a block of patterns, use:
if /pattern1/
/pattern2/ result2
/pattern3/ result3
endif
IF..ENDIF can nest. Don't specify blanks at the beginning of lines
inside IF..ENDIF, because lines beginning with whitespace are
appended to the previous line. More details about the syntax are
given in the pcre_table(5) and regexp_table(5) manual pages.
[Feature 20020717] The default timeout for establishing an SMTP
connection has been reduced to 30 seconds, because many system
TCP/IP stacks have an atrociously large default timeout value.
[Feature 20020505] Finer control over Berkeley DB memory usage,
The parameter "berkeley_db_create_buffer_size" (default: 16 MBytes)
specifies the buffer size for the postmap and postalias commands.
The parameter "berkeley_db_read_buffer_size" (default: 128 kBytes)
specifies the buffer size for all other applications. Specify
"berkeley_db_read_buffer_size = 1048576" to get the old read buffer
size. Contributed by Victor Duchovni. For more information, see
the last paragraphs of the DB_README file.
[Incompat 20021211] The default process limit is doubled from 50
to 100. The default limits on the number of active queue files or
recipients are doubled from 10000 to 20000. The default concurrency
for parallel delivery to the same destination is doubled from 10
to 20.
Improved compatibility
======================
[Feature 20020527] The Postfix SMTP client will now convert 8BITMIME
mail to 7BIT when delivering to an SMTP server that does not announce
8BITMIME support. To disable, specify "disable_mime_output_conversion
= yes". However, this conversion is required by RFC standards.
[Feature 20020512] The Postfix SMTP and LMTP clients now properly
pass on the MIME body type information (7BIT or 8BITMIME), provided
that the sender properly specifies MIME body type information via
the SMTP MAIL FROM command, via the sendmail -B command line option,
or via MIME message headers. This includes mail that is returned
as undeliverable.
[Incompat 20020326] The Postfix SMTP client now breaks message
header or body lines that are longer than $smtp_line_length_limit
characters (default: 990). Earlier Postfix versions broke lines
at $line_length_limit characters (default: 2048). Postfix versions
before 20010611 did not break long lines at all. Reportedly, some
mail servers refuse to receive mail with lines that exceed the 1000
character limit that is specified by the SMTP standard.
[Incompat 20020326] The Postfix SMTP client now breaks long message
header or body lines by inserting <CR> <LF> <SPACE>. Earlier
Postfix versions broke long lines by inserting <CR> <LF> only. This
broke MIME encapsulation, causing MIME attachments to "disappear"
with Postfix versions after 20010611.
[Incompat 20020326] Postfix now discards text when a logical message
header exceeds $header_size_limit characters (default: 102400).
Earlier Postfix versions would place excess text, and all following
text, in the message body. The same thing was done when a physical
header line exceeded $line_length_limit characters (default: 2048).
Both behaviors broke MIME encapsulation, causing MIME attachments
to "disappear" with all previous Postfix versions.
[Incompat 20021015] The Postfix LMTP client no longer lowercases email
addresses in MAIL FROM and RCPT TO commands.
[Incompat 20021013] The default Linux kernel lock style for mailbox
delivery is changed from flock() to fcntl(). This has no impact if
your system uses procmail for local delivery, if you use maildir-style
mailboxes, or when mailbox access software locks mailboxes with
username.lock files (which is usually the case with non-maildir
mailboxes).
Address classes
===============
[Feature 20021209] This release introduces the concept of address
domain classes, each having its own default mail delivery transport:
Destination matches Default transport Default name
==============================================================
$mydestination or
$inet_interfaces $local_transport local
$virtual_alias_domains (not applicable) (not applicable)
$virtual_mailbox_domains $virtual_transport virtual
$relay_domains $relay_transport relay
other $default_transport smtp
The benefits of these changes are:
- You no longer need to specify all the virtual(8) domains in the
Postfix transport map. The virtual(8) delivery agent has
become a first-class citizen just like local(8) or smtp(8).
- On mail gateway systems, separation of inbound mail relay traffic
from outbound traffic. This eliminates a problem where inbound
mail deliveries could become resource starved in the presence of
a high volume of outbound mail.
- The SMTP server rejects unknown recipients in a more consistent
manner than was possible with previous Postfix versions.
See the ADDRESS_CLASS_README file for a description of address
classes, their benefits, and their incompatibilities.
New relay transport in master.cf
================================
[Incompat 20021209] Postfix no longer defaults to the "smtp"
transport for all non-local destinations. In particular, Postfix
now uses the "relay" mail delivery transport for delivery to domains
matching $relay_domains. This may affect your defer_transports
settings.
On mail gateway systems, this allows us to separate inbound mail
relay traffic from outbound traffic, and thereby eliminate a problem
where inbound mail deliveries could become resource starved in the
presence of a high volume of outbound mail.
[Incompat 20021209] This release adds a new "relay" service to the
Postfix master.cf file. This is a clone of the "smtp" service. If
your Postfix is unable to connect to the "relay" service then you
have not properly followed the installation procedure.
Revision of RBL blacklisting code
=================================
[Feature 20020923] Complete rewrite of the RBL blacklisting code.
The names of RBL restrictions are now based on a suggestion that
was made by Liviu Daia in October 2001. See conf/sample-smtpd.cf
or html/uce.html for details.
[Feature 20020923] "reject_rbl_client rbl.domain.tld" for client
IP address blacklisting. Based on code by LaMont Jones. The old
"reject_maps_rbl" is now implemented as a wrapper around the
reject_rbl_client code, and logs a warning that "reject_maps_rbl"
is going away. To upgrade, specify "reject_rbl_client domainname"
once for each domain name that is listed in maps_rbl_domains.
[Feature 20020923] "reject_rhsbl_sender rbl.domain.tld" for sender
domain blacklisting. Also: reject_rhsbl_client and reject_rhsbl_recipient
for client and recipient domain blacklisting.
[Feature 20020923] "rbl_reply_maps" configuration parameter for
lookup tables with template responses per RBL server. Based on code
by LaMont Jones. If no reply template is found the default template
is used as specified with the default_rbl_reply configuration
parameter. The template responses support $name expansion of
client, helo, sender, recipient and RBL related attributes.
[Incompat 20020923] The default RBL "reject" server reply now
includes an indication of *what* is being rejected: Client host,
Helo command, Sender address, or Recipient address. This also
changes the logfile format.
[Feature 20020923] "smtpd_expansion_filter" configuration parameter
to control what characters are allowed in the expansion of template
RBL reply $name macros. Characters outside the allowed set are
replaced by "_".
More sophisticated handling of UCE-related DNS lookup errors
============================================================
[Feature 20020906] More sophisticated handling of UCE-related DNS
lookup errors. These cause Postfix to not give up so easily, so
that some deliveries will not have to be deferred after all.
[Feature 20020906] The SMTP server sets a defer_if_permit flag when
an UCE reject restriction fails due to a temporary (DNS) problem,
to prevent unwanted mail from slipping through. The defer_if_permit
flag is tested at the end of the ETRN and recipient restrictions.
[Feature 20020906] A similar flag, defer_if_reject, is maintained
to prevent mail from being rejected because a whitelist operation
(such as permit_mx_backup) fails due to a temporary (DNS) problem.
[Feature 20020906] The permit_mx_backup restriction is made more
strict. With older versions, some DNS failures would cause mail to
be accepted anyway, and some DNS failures would cause mail to be
rejected by later restrictions in the same restriction list. The
improved version will defer delivery when Postfix could make the
wrong decision.
- After DNS lookup failure, permit_mx_backup will now accept the
request if a subsequent restriction would cause the request to be
accepted anyway, and will defer the request if a subsequent
restriction would cause the request to be rejected.
- After DNS lookup failure, reject_unknown_hostname (the hostname
given in HELO/EHLO commands) reject_unknown_sender_domain and
reject_unknown_recipient_domain will now reject the request if a
subsequent restriction would cause the request to be rejected
anyway, and will defer the request if a subsequent restriction
would cause the request to be accepted.
[Feature 20020906] Specify "smtpd_data_restrictions =
reject_unauth_pipelining" to block mail from SMTP clients that send
message content before Postfix has replied to the SMTP DATA command.
Other UCE related changes
=========================
[Feature 20020717] The SMTP server reject_unknown_{sender,recipient}_domain
etc. restrictions now also attempt to look up AAAA (IPV6 address)
records.
[Incompat 20020513] In order to allow user@domain@domain addresses
from untrusted systems, specify "allow_untrusted_routing = yes" in
main.cf. This opens opportunities for mail relay attacks when
Postfix provides backup MX service for Sendmail systems.
[Incompat 20020514] For safety reasons, the permit_mx_backup
restriction no longer accepts mail for user@domain@domain. To
recover the old behavior, specify "allow_untrusted_routing = yes"
and live with the risk of becoming a relay victim.
[Incompat 20020509] The Postfix SMTP server no longer honors OK
access rules for user@[email protected], to close
a relaying loophole with postfix-style virtual domains that have
@domain.name catch-all patterns.
[Incompat 20020201] In Postfix SMTPD access tables, Postfix now
uses <> as the default lookup key for the null address, in order
to work around bugs in some Berkeley DB implementations. This
behavior is controlled with the smtpd_null_access_lookup_key
configuration parameter.
Changes in transport table lookups
==================================
[Feature 20020610] user@domain address lookups in the transport
map. This feature also understands address extensions. Transport
maps still support lookup keys in the form of domain names, but
only with non-regexp tables. Specify [email protected]
in order to match the null address. More in the transport(5) manual
page.
[Feature 20020505] Friendlier behavior of Postfix transport tables.
There is a new "*" wildcard pattern that always matches. The
meaning of null delivery transport AND nexhop information field
has changed to "do not modify": use the information that would be
used if the transport table did not exist. This change makes it
easier to route intranet mail (everything under my.domain) directly:
you no longer need to specify explicit "local" transport table
entries for every domain name that resolves to the local machine.
For more information, including examples, see the updated transport(5)
manual page.
[Incompat 20020610] Regexp/PCRE-based transport maps now see the
entire recipient address instead of only the destination domain
name.
[Incompat 20020505, 20021215] The meaning of null delivery transport
and nexhop fields has changed incompatibly.
- A null delivery transport AND nexthop information field means
"do not modify": use the delivery transport or nexthop information
that would be used if no transport table did not exist.
- The delivery transport is not changed with a null delivery
transport field and non-null nexthop field.
- The nexthop is reset to the recipient domain with a non-null
transport field and a null nexthop information field.
Address manipulation changes
============================
[Incompat 20020717] Postfix no longer strips multiple '.' characters
from the end of an email address or domain name. Only one '.' is
tolerated.
[Feature 20020717] The masquerade_domains feature now supports
exceptions. Prepend a ! character to a domain name in order to
not strip its subdomain structure. More information in
conf/sample-rewrite.cf.
[Feature 20020717] The Postfix virtual delivery agent supports
catch-all entries (@domain.tld) in lookup tables. These match users
that do not have a specific [email protected] entry. The virtual
delivery agent now ignores address extensions ([email protected])
when searching its lookup tables, but displays the extensions in
Delivered-To: message headers.
[Feature 20020610] user@domain address lookups in the transport
map. This feature also understands address extensions. Transport
maps still support lookup keys in the form of domain names, but
only with non-regexp tables. Specify [email protected]
in order to match the null address. More in the transport(5) manual
page.
[Incompat 20020610] Regexp/PCRE-based transport maps now see the
entire recipient address instead of only the destination domain
name.
[Incompat 20020513] In order to allow user@domain@domain addresses
from untrusted systems, specify "allow_untrusted_routing = yes" in
main.cf. This opens opportunities for mail relay attacks when
Postfix provides backup MX service for Sendmail systems.
[Incompat 20020509] The Postfix SMTP server no longer honors OK
access rules for user@[email protected], to close
a relaying loophole with postfix-style virtual domains that have
@domain.name catch-all patterns.
[Incompat 20020509] The appearance of user@domain1@domain2 addresses
has changed. In mail headers, such addresses are now properly
quoted as "user@domain1"@domain2. As a side effect, this quoted
form is now also expected on the left-hand side of virtual and
canonical lookup tables, but only by some of the Postfix components.
For now, it is better not to use user@domain1@domain2 address forms
on the left-hand side of lookup tables.
Regular expression and PCRE related changes
===========================================
[Feature 20021209] Regular expression maps are now allowed with
local delivery agent alias tables and with all virtual delivery
agent lookup tables. However, regular expression substitution of
$1 etc. is still forbidden for security reasons.
[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
form. The old form still exists but is no longer documented, and
causes a warning (suggesting to use the new format) to be logged.
[Incompat 20020610] Regexp/PCRE-based transport maps now see the
entire recipient address instead of only the destination domain
name.
[Incompat 20020528] With PCRE pattern matching, the `.' metacharacter
now matches all characters including newline characters. This makes
PCRE pattern matching more convenient to use with multi-line message
headers, and also makes PCRE more compatible with regexp pattern
matching. The pcre_table(5) manual page has been greatly revised.
New mail "HOLD" action and "hold" queue
=======================================
[Feature 20020819] New "hold" queue for mail that should not be
delivered. "postsuper -h" puts mail on hold, and "postsuper -H"
releases mail, moving mail that was "on hold" to the deferred queue.
[Feature 20020821] HOLD and DISCARD actions in SMTPD access tables.
As with the header/body version of the same, these actions apply
to all recipients of the same queue file.
[Feature 20020819] New header/body HOLD action that causes mail to
be placed on the "hold" queue. Presently, all you can do with mail
"on hold" is to examine it with postcat, to take it "off hold" with
"postsuper -H", or to destroy it with "postsuper -d". See
conf/sample-filter.cf.
[Incompat 20020819] In mailq output, the queue ID is followed by
the ! character when the message is in the "hold" queue (see below).
This may break programs that process mailq output.
Content filtering
=================
[Feature 20020823] Selective content filtering. In in SMTPD access
tables, specify "FILTER transport:nexthop" for mail that needs
filtering. More info about content filtering is in the Postfix
FILTER_README file. This feature overrides the main.cf content_filter
setting. Presently, this applies to all the recipients of a queue
file.
[Feature 20020527] Selective content filtering. In header/body_check
patterns, specify "FILTER transport:nexthop" for mail that needs
filtering. This requires different cleanup servers before and after
the filter, with header/body checks turned off in the second cleanup
server. More info about content filtering is in the Postfix
FILTER_README file. This feature overrides the main.cf content_filter
setting. Presently, this applies to all the recipients of a queue
file.
[Feature 20020527] Postfix now has real MIME support. This improves
content filtering efficiency and accuracy, and improves inter-operability
with mail systems that cannot receive 8-bit mail. See conf/sample-mime.cf
for details.
[Feature 20020527] Postfix header_checks now properly recognize
MIME headers in attachments. This is much more efficient than
previous versions that recognized MIME headers via body_checks.
MIME headers are now processed one multi-line header at a time,
instead of one body line at a time. To get the old behavior,
specify "disable_mime_input_processing = yes". More details in
conf/sample-filter.cf.
[Feature 20020527] Postfix now has three classes of header patterns:
header_checks (for primary message headers except MIME headers),
mime_header_checks (for MIME headers), and nested_header_checks
(for headers of attached email messages except MIME headers). By
default, all headers are matched with header_checks.
[Feature 20021013] The body_checks_size_limit parameter limits the
amount of text per message body segment (or attachment, if you
prefer to use that term) that is subjected to body_checks inspection.
The default limit is 50 kbytes. This speeds up the processing of
mail with large attachments.
[Feature 20020917] Speedups of regexp table lookups by optimizing
for the $number substitutions that are actually present in the
right-hand side. Based on a suggestion by Liviu Daia.
[Feature 20020917] Speedups of regexp and pcre tables, using
IF..ENDIF support. Based on an idea by Bert Driehuis. To protect
a block of patterns, use:
if /pattern1/
/pattern2/ result2
/pattern3/ result3
endif
IF..ENDIF can nest. Don't specify blanks at the beginning of lines
inside IF..ENDIF, because lines beginning with whitespace are
appended to the previous line. More details about the syntax are
given in the pcre_table(5) and regexp_table(5) manual pages.
Postmap/postalias/newaliases changes
====================================
[Incompat 20020505] The postalias command now copies the source
file read permissions to the result file when creating a table for
the first time. Until now, the result file was created with default
read permissions. This change makes postalias more similar to
postmap.
[Incompat 20020505] The postalias and postmap commands now drop
super-user privileges when processing a non-root source file. The
file is now processed as the source file owner, and the owner must
therefore have permission to update the result file. Specify the
"-o" flag to get the old behavior (process non-root files with root
privileges).
[Incompat 20020122] When the postmap command creates a non-existent
result file, the new file inherits the group/other read permissions
of the source file.
Assorted changes
================
[Feature 20021028] The local(8) and virtual(8) delivery agents now record
the original recipient address in the X-Original-To: message header.
This header can also be emitted by the pipe(8) delivery agent.
[Incompat 20021028] With "domain in one mailbox", one message with
multiple recipients is no longer delivered only once. It is now
delivered as one copy for each original recipient, with the original
recipient address listed in the X-Original-To: message header.
[Feature 20021024] New proxy_interfaces parameter, for sites behind a
network address translation gateway or other type of proxy. You
should specify all the proxy network addresses here, to avoid avoid
mail delivery loops.
[Feature 20021013] Updated MacOS X support by Gerben Wierda. See
the auxiliary/MacOSX directory.
[Incompat 20021013] Subtle change in ${name?result} macro expansions:
the expansion no longer happens when $name is an empty string. This
probably makes more sense than the old behavior.
[Incompat 20020917] The relayhost setting now behaves as documented,
i.e. you can no longer specify multiple destinations.
[Incompatibility 20021219] The use of the XVERP extension in the
SMTP MAIL FROM command is now restricted to SMTP clients that match
the hostnames, domains or networks listed with the authorized_verp_clients
parameter (default: $mynetworks).
[Feature 20020819] When the Postfix local delivery agent detects
a mail delivery loop (usually the result of mis-configured mail
pickup software), the undeliverable mail is now sent to the mailing
list owner instead of the envelope sender address (usually the
original poster who has no guilt, and who cannot fix the problem).
[Warning 20020819] The Postfix queue manager now warns when mail
for some destination is piling up in the active queue, and suggests
a variety of remedies to speed up delivery (increase per-destination
concurrency limit, increase active queue size, use a separate
delivery transport, increase per-transport process limit). The
qmgr_clog_warn_time parameter controls the time between warnings.
To disable these warnings, specify "qmgr_clog_warn_time = 0".
[Warning 20020717] The Postfix SMTP client now logs a warning when
the same domain is listed in main.cf:mydestination as well as a
Postfix-style virtual map. Such a mis-configuration may cause mail
for users to be rejected with "user unknown".
[Feature 20020331] A new smtp_helo_name parameter that specifies
the hostname to be used in HELO or EHLO commands; this can be more
convenient than changing the myhostname parameter setting.
[Feature 20020331] Choice between multiple instances of internal
services: bounce, cleanup, defer, error, flush, pickup, queue,
rewrite, showq. This allows you to use different cleanup server
settings for different SMTP server instances. For example, specify
in the master.cf file:
localhost:10025 ... smtpd -o cleanup_service_name=cleanup2 ...
cleanup2 ... cleanup -o header_checks= body_checks= ...
Logfile format changes
======================
[Incompat 20021209] The Postfix SMTP client no longer expands CNAMEs
in MAIL FROM addresses (as permitted by RFC 2821) before logging
the recipient address.
[Incompat 20021028] The Postfix SMTP server UCE reject etc. logging
now includes the queue ID, the mail protocol (SMTP or ESMTP), and
the hostname that was received with the HELO or EHLO command, if
available.
[Incompat 20021028] The Postfix header/body_checks logging now
includes the mail protocol (SMTP, ESMTP, QMQP) and the hostname
that was received with the SMTP HELO or EHLO command, if available.
[Incompat 20021028] The Postfix status=sent/bounced/deferred logging
now shows the original recipient address (as received before any
address rewriting or aliasing). The original recipient address is
logged only when it differs from the final recipient address.
[Incompat 20020923] The default RBL "reject" server reply now
includes an indication of *what* is being rejected: Client host,
Helo command, Sender address, or Recipient address. This also
changes the logfile format.
LDAP related changes
====================
[Incompat 20020819] LDAP API version 1 is no longer supported. The
memory allocation and deallocation strategy has changed too much
to maintain both version 1 and 2 at the same time.
[Feature 20020513] Updated LDAP client module with better handling
of dead LDAP servers, and with configurable filtering of query
results.
SASL related changes
====================
[Incompat 20020819] The smtpd_sasl_local_domain setting now defaults
to the null string, rather than $myhostname. This seems to work
better with Cyrus SASL version 2. This change may cause incompatibility
with the saslpasswd2 command.
[Feature 20020331] Support for the Cyrus SASL version 2 library,
contributed by Jason Hoos. This adds some new functionality that
was not available in Cyrus SASL version 1, and provides bit-rot
insurance for the time when Cyrus SASL version 1 eventually stops
working.
Berkeley DB related changes
===========================
[Feature 20020505] Finer control over Berkeley DB memory usage,
The parameter "berkeley_db_create_buffer_size" (default: 16 MBytes)
specifies the buffer size for the postmap and postalias commands.
The parameter "berkeley_db_read_buffer_size" (default: 256 kBytes)
specifies the buffer size for all other applications. Specify
"berkeley_db_read_buffer_size = 1048576" to get the old read buffer
size. For more information, see the last paragraphs of the DB_README
file.
[Incompat 20020201] In Postfix SMTPD access tables, Postfix now
uses <> as the default lookup key for the null address, in order
to work around bugs in some Berkeley DB implementations. This
behavior is controlled with the smtpd_null_access_lookup_key
configuration parameter.
[Incompat 20020201] Postfix now detects if the run-time Berkeley
DB library routines do not match the major version number of the
compile-time include file that was used for compiling Postfix. The
software issues a warning and aborts in case of a discrepancy. If
it didn't, the software was certain to crash with a segmentation
violation.
Assorted workarounds
====================
[Incompat 20020201] On SCO 3.2 UNIX, the input rate flow control
is now turned off by default, because of limitations in the SCO
UNIX kernel.