- use new AUXLIBS_(CDB|LDAP|LMDB|MYSQL|PCRE|PGSQL) build instructions
- use OPTIONS_SUB
- install posttls-finger
- build dynamic AUXLIBS (shared=yes and dynamicmaps=yes)
- set META_DIRECTORY to DAEMONDIR (this may change in future to ETCDIR)
Parts from HISTORY (heavily shortened)
20141126
Cleanup: report nullmx DNS records as "domain does not
accept mail", instead of "invalid DNS response". The Postfix
SMTP client already bounced mail for such domains, and the
Postfix SMTP server already rejected such domains with
reject_unknown_sender/recipient_domain. This introduces a
new SMTP server configuration parameter nullmx_reject_code
(default: 556).
20141127
Feature: DNS reply filter, configured with smtp_dns_reply_filter,
20141130
Cleanup: when searching multiple DNS record types for a
specific name, and not all queries return the same result
status, do not blindly return the last query's rcode and
diagnostic text. Instead, return rcode and text that is
consistent with the aggregate result status.
Documentation: added note on Milter-signing bounces.
20141202
Cleanup: to increase clarity. rename DNS result status from
DNS_UNAVAIL to DNS_NULLMX. If someone uses the same zero-length
name trick with some other resource type, then we will worry
about that later.
20141203
Feature: support to match UTF8 domain names against ASCII
names in TLS certificates.
20141212
Cleanup: nullmx SMTP reply codes 550 and 556, and enhanced
status codes X.1.10 and X.7.27. The nullmx SMTP reply codes
are no longer configurable.
20141224
Cleanup: the compile-time argument typechecks for attribute-value
APIs are now by default implemented with inline functions.
Compile with -DNO_INLINE to implement the argument typechecks
with ternary operators and unreachable assignments.
20141227
Feature: smtp_address_verify_target (default: rcpt) that
determines what protocol stage decides if a recipient is
valid. Specify "data" for servers that reject recipients
after the DATA command.
20141228
Cleanup: the IDNA conversion routines now accept both
ASCII and UTF8 inputs. The functions als verify that
either their result is a valid ASCII domain name or that
it converts into a valid ASCII domain name.
Approved by: sahil (implicit)
- add OPTION for Email Address Internationalization
(EAI, RFC 6531..6533) [1]
- sort OPTIONS_DEFINE
- fix build and install for non root users,
(sgid and group for sbin/postdrop and sbin/postqueue was lost if build
as non root and installed with sudo)
- install /var/spool/postfix directories with correct owner/mode
- use $WRKDIR instead of /tmp
Changes:
20141021
Per IETF TLS WG consensus, the tls_session_ticket_cipher
default setting was changed from aes-128-cbc to aes-256-cbc.
Take that, you quantum computer attackers! Viktor Dukhovni.
Files: proto/postconf.proto, global/mail_params.h.
20141024
Cleanup: added $smtpd_mumble_restrictions to the proxy_read_maps
default setting. File: global/mail_params.h.
Documentation: different header/body checks for MX service
and SMTP submissions. File: proto/BUILTIN_FILTER_README.html.
Cleanup: don't send "bare" original recipient in SMTP DSN
attributes. File: cleanup/cleanup_addr.c.
Feature: smtp-sink -N option to suppress DSN announcement.
File: smtpstone/smtp-sink.c.
20141025
Bugfix (introduced: Postfix 2,11): core dump when
smtp_policy_maps specifies an invalid TLS level. Viktor
Dukhovni. File: smtp/smtp_tls_policy.c.
20141103
Logging: when a connection is closed, log the request counts
for unimplemented STARTTLS or AUTH commands separately,
instead of logging such commands as "unknown". File:
smtpd/smtpd.c.
20141106
Cleanup: set errno to ETIMEDOUT after postscreen handshake
timeout event, so that warnings report the correct error.
File: tlsproxy/tlsproxy.c.
PR: 194786 [1]
Submitted by: Mark Martinec
Approved by: sahil (imlicit)
- use PORTDOCS macro
- remove check for OSVERSION >= 800037
- fix OPENLDAP_VER usage
- always call set-permissions in post-install to set correct spool/postfix/* permissions
this is required with pkg to support non interrupted upgrade
Approved by: sahil (explicit)
- Mk/bsd.database.mk rewrite, new default to db5.
- db6 is eligible by default only if installed on the system.
- Bump PORTREVISION of all ports that directly depend on BerkeleyDB or
where USE_BDB is found in the port's directory
- Patch a few ports such that they will pick up or work with newer
versions.
- Add UPDATING entry
- Drive-by format fix for pks
- Drop BerkeleyDB option from mail/popular for now, requires more work.
- Exp-run logs linked from the PR below.
- Ports that do not build (IGNORE, BROKEN, etc.) have pro-forma changes
for new Berkeley DB, but are untested.
NOTE: please read UPDATING and the Wiki page before proceeding!
Announcement: http://lists.freebsd.org/pipermail/freebsd-ports-announce/2014-August/000090.html
Wiki reference: https://wiki.freebsd.org/Ports/BerkeleyDBCleanup
PR: 192690
Approved by: portmgr (implicit, PORTREVISION bump on unstaged ports)
- Add LICENSE information
- Canonicalize 'Created by:' Makefile header
- Remove shlib version from LIB_DEPENDS assignment
- Correct LDAP_SASL logic
- Replace tab with a single space after 'WWW:' in pkg-descr
PR: ports/177127 (inspired by)
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
- Modify pkg-install to handle situations in which
/etc/mail/mailer.conf does not exist, e.g. when
FreeBSD is built WITHOUT_MAILWRAPPER. [1]
Requested by: miwi [1]
