pkgsrc/mail/policyd-weight/distinfo

$NetBSD: distinfo,v 1.2 2008/03/31 20:50:11 tnn Exp $

SHA1 (policyd-weight-0.1.14.17.tar.gz) = 8b260869cc0206ba72f750d57df24df1de905a08
RMD160 (policyd-weight-0.1.14.17.tar.gz) = c668feedab8d4df85502eb0258f0924b20c1fcbb
Size (policyd-weight-0.1.14.17.tar.gz) = 54942 bytes
Maintainer update from PR pkg/38349, containing security fixes. While here, fix a minor DESTDIR botch. 0.1.14 beta-17 - (security) Using File::Spec->canonpath for normalization (trailing slashes) Check ownership of real directories to avoid race attacks for symlinks. Thanks to Robert Buchholz. 0.1.14 beta-16 (not released) - (security) The check for symlinked directories was half complete. perl ignores -l if the argument has a trailung slash. Thanks to Andrej Kacian. 0.1.14 beta-15 - (security) $LOCKPATH and its contents weren't checked for being a symlink which. Thanks to Chris Howells and Andrej Kacian. - (fix) "dedicated" added to the exclusion list for dialup checks. A better approach would be to let the user configure dialup and exclude patterns. 0.1.14 beta-14 - (change) rbls.org link changed to robtext.com - (change) results with 'rc:' as action are not cached - (fix) regexp check for dynamic helo/client did hit also some clients with "static" - (fix) helo numeric check was too fuzzy. - (fix) master didn't read config after policyd-weight reload - (fix) HELO_SEEMS_DIALUP may have scored even if the IP is listed for the sender domain. - (fix) An interrupt of policyd-weight -s may cause a SIGPIPE which killed the cache - (change) Implemented $NS list. Useful for users with split horizon DNS - (fix) don't cache rejections which were deferred (4xx and friends) - (fix) helo_numeric_score didn't catch [n.n.n.n] helos - (fix) Header was not included if $dnsbl_checks_only = 1; and $ADD_X_HEADER = 1; - Thanks to J. Genannt - (fix) Corrected handling of [n.n.n.n] HELOs and address-literals as sender (long standing issue) - (change) Introduced @dnsbl_checks_only_regexps in order to skip DNS checks for certain client hostnames - (change) Added -D (Don't detach) switch for daemon-tools/runit users - (change) Added signals handlers for most of signals so that they are at least logged, also, provide a perl backtrace. - (change) prerequisite steps for providing coredumps (build coredump directories, chdir) - coredumps are non-trivial: we start as root, change uid. At this moment coredumps are denied by kernel in order to protect root-data. The only workaround would be, to start cache and master via system() after changing uid - (change) In daemon mode wrongly crafted policy requests don't lead to a child-exit anymore, only the connection is closed - (change) log-facilities other than 'info' are now mentioned in log-lines - (change) SMTP information such as client, helo, sender and to are now logged in each log-message. If $DEBUG is set this also logs the instance variable. - (fix) rbl_lookup used sometimes 65536 as packet id which appeared to cause problems - (fix) Check for syslog absence. If syslog is not available then log temporarily to $LOCKPATH/polw-emergency.log - (tmpfix) Introduced $TRY_BALANCE which closes connections to smtpds after they got their response in order to avoid too many established smtpd->policyd-weight (child) connections. 2008-03-31 22:50:11 +02:00			$NetBSD: distinfo,v 1.2 2008/03/31 20:50:11 tnn Exp $
Initial import of policyd-weight-0.1.14.5, packaged by bartosz at atom.eu.org via pkgsrc-wip. policyd-weight is a Perl policy daemon for the Postfix MTA (2.1 and later) intended to eliminate forged envelope senders and HELOs (i.e. in bogus mails). It allows you to score DNSBLs (RBL/RHSBL), HELO, MAIL FROM and client IP addresses before any queuing is done. It allows you to REJECT messages which have a score higher than allowed, providing improved blocking of spam and virus mails. policyd-weight caches the most frequent client/sender combinations (SPAM as well as HAM) to reduce the number of DNS queries. 2007-07-06 15:49:46 +02:00
Maintainer update from PR pkg/38349, containing security fixes. While here, fix a minor DESTDIR botch. 0.1.14 beta-17 - (security) Using File::Spec->canonpath for normalization (trailing slashes) Check ownership of real directories to avoid race attacks for symlinks. Thanks to Robert Buchholz. 0.1.14 beta-16 (not released) - (security) The check for symlinked directories was half complete. perl ignores -l if the argument has a trailung slash. Thanks to Andrej Kacian. 0.1.14 beta-15 - (security) $LOCKPATH and its contents weren't checked for being a symlink which. Thanks to Chris Howells and Andrej Kacian. - (fix) "dedicated" added to the exclusion list for dialup checks. A better approach would be to let the user configure dialup and exclude patterns. 0.1.14 beta-14 - (change) rbls.org link changed to robtext.com - (change) results with 'rc:' as action are not cached - (fix) regexp check for dynamic helo/client did hit also some clients with "static" - (fix) helo numeric check was too fuzzy. - (fix) master didn't read config after policyd-weight reload - (fix) HELO_SEEMS_DIALUP may have scored even if the IP is listed for the sender domain. - (fix) An interrupt of policyd-weight -s may cause a SIGPIPE which killed the cache - (change) Implemented $NS list. Useful for users with split horizon DNS - (fix) don't cache rejections which were deferred (4xx and friends) - (fix) helo_numeric_score didn't catch [n.n.n.n] helos - (fix) Header was not included if $dnsbl_checks_only = 1; and $ADD_X_HEADER = 1; - Thanks to J. Genannt - (fix) Corrected handling of [n.n.n.n] HELOs and address-literals as sender (long standing issue) - (change) Introduced @dnsbl_checks_only_regexps in order to skip DNS checks for certain client hostnames - (change) Added -D (Don't detach) switch for daemon-tools/runit users - (change) Added signals handlers for most of signals so that they are at least logged, also, provide a perl backtrace. - (change) prerequisite steps for providing coredumps (build coredump directories, chdir) - coredumps are non-trivial: we start as root, change uid. At this moment coredumps are denied by kernel in order to protect root-data. The only workaround would be, to start cache and master via system() after changing uid - (change) In daemon mode wrongly crafted policy requests don't lead to a child-exit anymore, only the connection is closed - (change) log-facilities other than 'info' are now mentioned in log-lines - (change) SMTP information such as client, helo, sender and to are now logged in each log-message. If $DEBUG is set this also logs the instance variable. - (fix) rbl_lookup used sometimes 65536 as packet id which appeared to cause problems - (fix) Check for syslog absence. If syslog is not available then log temporarily to $LOCKPATH/polw-emergency.log - (tmpfix) Introduced $TRY_BALANCE which closes connections to smtpds after they got their response in order to avoid too many established smtpd->policyd-weight (child) connections. 2008-03-31 22:50:11 +02:00			`SHA1 (policyd-weight-0.1.14.17.tar.gz) = 8b260869cc0206ba72f750d57df24df1de905a08`
			`RMD160 (policyd-weight-0.1.14.17.tar.gz) = c668feedab8d4df85502eb0258f0924b20c1fcbb`
			`Size (policyd-weight-0.1.14.17.tar.gz) = 54942 bytes`