Commit graph

14 commits

Author SHA1 Message Date
schmonz
f2f4d0ed1b Update to 2.21. From the changelog:
- Fixed crash bug in STARTTLS handling of loaded DH parameters.

- Added $TLS_COMPAT flag to disable certain TLS (security) features for
  maximum compatibility with buggy clients.
2018-06-21 04:33:54 +00:00
schmonz
9a1dff7225 Update to 2.20. From the changelog:
- Added support for STARTTLS directly in the SMTP protocol.
  Adapted from contribution by John R. Levine.

- Added support for "final ok" rules in mailrules plugin.

- Added hook for debugging plugin invocation (set $MSG_DEBUG=1).
2018-06-02 00:10:48 +00:00
schmonz
a2378107d2 Update to 2.15. From the changelog:
- Added support for "and" lines to mailrules plugin.
- Modified rbl plugin to log all responses in a single line.
- Fixed minor memory leak in the rbl plugin.
2018-05-17 12:15:18 +00:00
schmonz
d28afd2deb Update to 2.13. From the changelog:
- Fix build issue with redefining the "accept" function.
- Added support for whitelists in the rbl plugin.
- Added option to skip the Received header for authenticated connections.
2018-02-24 01:08:28 +00:00
schmonz
0865ead95a Build on systems without O_DIRECTORY. 2017-08-21 18:16:29 +00:00
schmonz
8ddba22754 Let bg-installer follow the .so symlinks. Fixes install on at least NetBSD. 2017-01-03 13:56:41 +00:00
schmonz
716d5bfa7e Update to 2.12. From the changelog:
- Added ability for rbl plugin to capture messages before rejecting them.
- Fixed broken use of -lbg-sysdeps in modules.
- Fixed missing plugin-rbl in installed image.
- Updated for bglibs v2
- Added new "rbl" plugin, to block messages from IPs in an RBL.
- Added new "queuedir" backend, to save messages to simple files.
- Make sure plugin reset functions get called before exiting.
- Added missing plugin-starttls-ucspi to installed files.
- Added support for limiting the number of messages to plugin-counters.
- This version updates the plugin API to add new features:
  - Capabilities reported by the SMTP EHLO response can be added by
    plugins.
  - Plugins are passed any SMTP parameters given with the sender and
    recipient commands.
  - Plugins can add new commands to the SMTP protocol.
  Plugins compiled for previous versions of mailfront will not work
  without recompiling.  The short-circuit on accept logic has also been
  eliminated to fix a semantic issue.
- SMTP AUTH support has been moved into a new plugin, cvm-authenticate.
  Existing installations relying on SMTP AUTH support will need to make
  sure they are using this new plugin.  The smtpfront-qmail wrapper
  has been modified to provide this additional plugin.
- Fixed plugin-add-received to add the "IPv6:" prefix in the Received:
  header when the protocol is TCP6.
- Added plugin starttls-ucspi to implement STARTTLS using ucspi-tls.
- SMTP AUTH can now be restricted to TLS-enabled sessions.
- Added controls for pop3front-auth to limit the number of USER commands
  and authentication failures allowed per session.
- Added control to imapfront-auth to limit the number of authentication
  failures allowed per session.
- Modified the clamav plugin to use the newer INSTREAM protocol.
- imapfront-auth now sets $DOVECONF_ENV in Dovecot mode in order to
  avoid having Dovecot imapd reset it through doveconf.
- Added Lua scripting plugin (optional, build with 'make lua').
- Modified the qmail backend to evaluate $QMAILQUEUE as late as possible.
  This allows more options for changing $QMAILQUEUE in plugins.
- Added support for running Dovecot IMAP from imapfront-auth.
  See imapfront.html for details on how to set this up.
- Added support for rejecting whole messages when the recipient count is
  exceeded in plugin-counters.
- Made the check-fqdn plugin explicitly reject empty recipients.
- Added a sender domain restriction to the check-fqdn plugin.
- Added missing plugin-spamassassin.so to installation.
- Fix bug in handling invalid message numbers in retrieving messages in
  pop3front-maildir.
- Added a SpamAssassin scanning plugin.
- Optimized pop3front-maildir to avoid stat'ing each message twice, and
  to use sizes recorded in the filename to avoid stat'ing entirely.
  See pop3front.html for details on the filenames.

pkgsrc changes:

- Libtoolize to fix build on OS X.
2017-01-02 02:19:46 +00:00
agc
ddbf6ddecd Add SHA512 digests for distfiles for mail category
Problems found locating distfiles:
	Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
	Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
	Package pine: missing distfile fancy.patch.gz
	Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
	Package qmail: missing distfile badrcptto.patch
	Package qmail: missing distfile outgoingip.patch
	Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
	Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
	Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
	Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-03 23:27:00 +00:00
schmonz
f07decb692 Update to 1.12, addressing PR pkg/34765. From the changelog:
1.12:
- Fixed problem with overwriting existing session data items.
- Fixed several problems with handling of databytes in rules.
- Fixed crash in plugin cvm-validate when the lookup secret was unset.
- pop3front-auth now supports a no-argument variant on the AUTH command,
    used by KMail to test for authentication modes, and documented
    in http://www.tools.ietf.org/html/draft-myers-sasl-pop3-05
    Thanks Bernhard Graf for the initial patch
- pop3front-auth and -maildir now support the CAPA command.
    Thanks Bernhard Graf for the initial patch
- Made imapfront-auth more compatible with Courier IMAP by adding extra
    bits to the CAPABILITY command.  Thanks Bernhard Graf.
- plugin-cvm-validate handles modules that provide an "out of scope"
    fact by passing to the next plugin.
- Fixed handling of addresses without a domain in @file rules.
    Thanks Jorge Valdes

1.11:
- Fixed the main mailfront program to clean up temporary files properly.
- Modified the SMTP protocol module to export the SASL authentication
    information internally.
- Modified the check-fqdn plugin to append $DEFAULTHOST and
    $DEFAULTDOMAIN to addresses if necessary.
- Added separate connect and send timeouts and a maximum message size to
    the ClamAV plugin, and fixed a bug with handling port numbers
    when using multiple IPs.
- Modified the ClamAV plugin to prefer $CLAMAV_* settings over $CLAMD_*
- Added plugin API documentation.

1.10:
- Added a ClamAV virus scanner plugin.  Note: Using this plugin will
    cause mailfront to save messages to temporary files.  See
    mailfront.html for details.
- Modified the plugin API to add a version code, a flags word, and to
    (optionally) save messages to a temporary file.
- Fixed a few cases where the UCSPI-TCP protocol was assumed.
- Fixed pop3front-maildir breakage on dietlibc/uClibc and empty
    maildirs.  Thanks Wayne Marshall.

1.01:
- Fixed a bug in the counters plugin that triggered a problem in the
    SMTP protocol when handling the SIZE=# parameter.
- Reversed the order of cvm-validate and qmail-validate in the wrapper
    scripts (and documentation) due to the semantics of the two plugins.
- Added a list of built-in plugins.  The list currently contains the
    three accept* plugins, which are extremely trivial.

1.0:

Mailfront has been rewritten to be totally modular.  The core mailfront
program loads the protocol, backend, and all plugin behaviors at run
time from shared objects.

The previous commands, such as smtpfront-qmail, are now shell script
wrappers for the main "mailfront" command, and as such are depricated in
favor of using "mailfront" directly.  The *front-qmail wrappers preload
all the plugins that were previously compiled into the corresponding
programs:

	check-fqdn counters mailrules relayclient cvm-validate
	qmail-validate add-received patterns accept-sender

NOTE: The *front-reject backends have been dropped in favor of a plugin.
In addition, the $REQUIRE_AUTH feature has been moved to another plugin.
If you used this backend or feature you will need to adjust your
configuration accordingly.
2009-04-08 01:44:04 +00:00
schmonz
cd81631fa3 Pass the runtime path to bglibs to the linker, now that they're dynamic.
Bump PKGREVISION since mailfront was building but failed to run.
2006-08-02 02:42:22 +00:00
schmonz
c977f4c6b8 Update to 0.98.1. From the changelog:
- Fixed the $REQUIRE_AUTH feature to properly check for $RELAYCLIENT
    being set.
2006-07-29 00:59:48 +00:00
schmonz
1424530229 Update to 0.98. From the changelog:
- Added enhanced mail system status codes (RFC 1893/2034).

- Added support for rejecting all mail unless client is authenticated
  (either as a relay client or with SMTP authentication) if
  $REQUIRE_AUTH is set.

- Full domain names are now required in all addresses except for the
  null sender.

- Removed the "bounce must have a single recipient" rule, as it is
  currently causing more problems (with address checkers) than it is
  solving (spammers no longer use this technique).

- Fixed one-off bug in counting recipients for $MAXRCPTS.

- Truncate UIDL responses to 70 characters as per RFC 1939.

- Added QMQP and QMTP "reject" front ends, for completeness.

The enhanced mail system status codes together with the $REQUIRE_AUTH
change should make smtpfront compliant with RFC 2476's requirements for
a "message submission agent", suitable for use on TCP port 587.
2005-11-21 05:54:03 +00:00
schmonz
de93b90277 Update to 0.97. From the changelog:
- Add support to the qmail backend for custom qmail-queue error messages
  taken from $QQERRMSG_#.

- Clear session timeouts (via alarm) before executing authenticated
  commands in imapfront-auth and pop3front-auth.

- Fixed typo in the CVM lookup code that would prevent the proper
  operation of lookup secrets.  Thanks Dale Woolridge.
2005-10-08 21:00:58 +00:00
schmonz
6ab74552cf Initial import of mailfront, a package containing customizeable
network front-ends for mail servers. It contains complete SMTP,
QMQP, QMTP, and POP3 front-ends as well as an authentication module
for IMAP. The mail delivery front-ends also contain internal address
filtering features.
2005-07-20 03:30:19 +00:00