Changes:
1.8.5
-----
- Fixed OAUTHBEARER.
- Support for TLS client certificates via PKCS11 devices, e.g. smart cards.
- Various small bug fixes and improvements.
Changes:
1.8.3
-----
This version fixes a security problem that affects version 1.8.2
(older versions are not affected): when the new default value system
for tls_trust_file is used, the result of certificate verification
was not properly checked.
Changes:
Version 1.8.2:
- To simplify TLS setup, the tls_trust_file command has a new default value
'system' that selects the system default trust. Now you just need tls=on to
use TLS; the other TLS options are only required in special cases.
To make this work without breaking compatibility with older msmtp versions,
tls_fingerprint now overrides tls_trust_file, and tls_certcheck=off overrides
both (previously, you could not specify contradicting options).
- To simplify setup, a new option '--configure <mailaddress>' was added that
automatically generates a configuration file for a given mail address.
However, this only works if the mail domain publishes appropriate SRV records.
Version 1.8.1:
- Fixed our TLS code to support TLS 1.3 with GnuTLS.
pkgsrc changes:
- Update HOMEPAGE and MASTER_SITES
- Remove inet6 option (it was actually a no-op)
- Adjust libidn dependency to libidn2 per 1.8.0 change
- Cleanup the options.mk a bit: no need to add pkg-config to USE_TOOLS, it was
already needed as tool and remove all --with-*-prefix= because pkg-config is
used for that
Changes:
Version 1.8.0:
- A minimal SMTP server called msmtpd was added that listens on the local host
and pipes mails to msmtp (or another program). It is intended to be used with
system services that cannot be configured to call msmtp directly. You can
disable it with the configure option --without-msmtpd.
- Using OpenSSL is discouraged and may not be supported in the future. Please
use GnuTLS instead. The reasons are explained here:
https://marlam.de/msmtp/news/openssl-discouraged/
- As using GNU SASL is most likely unnecessary, it is disabled by default now.
Since everything uses TLS nowadays and thus can use PLAIN authentication, you
really only need it for GSSAPI.
- If your system requires a library for IDN support, libidn2 is now used instead
of the older libidn.
- The CRAM-MD5 authentication method is marked as obsolete / insecure and will
not be chosen automatically anymore.
- The passwordeval command does not require the password to be terminated by a
new line character anymore.
- The new logfile_time_format command allows to customize log file time stamps.
- Builtin default port numbers are now used instead of consulting /etc/services.
- Support for DJGPP and for systems lacking vasprintf(), mkstemp(), or tmpfile()
is removed.
Version 1.6.8:
- Add --source-ip option and source_ip command to bind the outgoing connection
to a specific source IP address.
- Enable SNI for TLS
Version 1.6.7:
- Add support for ~/.config/msmtp/config as configuration file
- Add network timeout handling on Windows
- Fix command line handling of SHA256 TLS fingerprints
- Fix SIGPIPE handling (affects at least Mac OS X)
- Add french translation, and update german translation
msmtp provides MacOS X Keychain support by using the configuration
option `--with-macosx-keyring`. With this setting enabled passwords
for msmtp can be stored in the MacOS X keychain.
From Thomas Merkel in NetBSD/pkgsrc#14
pkgsrc changes:
- (cosmetic) fix a pkglint warning and proper indent variables in options.mk
Changes:
Version 1.6.5:
- Support SHA256 fingerprints for tls_fingerprint, and mark both SHA1 and MD5 as
deprecated.
pkgsrc changes:
- Remove patches/patch-src_Makefile.in that seems no more needed
Changes:
Version 1.6.3:
- A bug in SOCKS support was fixed.
- Handling non-fatal errors in TLS handshakes was fixed.
pkgsrc changes:
- gnome-keyring option has changed to secret option to reflect the upstream
change. For more information please read the changelog below.
Changes:
Version 1.6.1:
- The new configure option --with-tls replaces --with-ssl.
- A new configure option --disable-gai-idn was added.
Version 1.6.0:
- Support for SOCKS proxies was added. This allows msmtp to be used with Tor.
- GNOME Keyring support now uses libsecret instead of libgnome-keyring. It is
now documented how to use secret-tool to manage passwords for msmtp; the
obsolete msmtp-gnome-tool script is removed.
- Configuration file security is now only checked if the file actually contains
secrets such as passwords. (If you still store passwords in the configuration
file, consider using the passwordeval command or a key ring instead.)
- The GSSAPI authentication method is not chosen automatically anymore, you have
to request it manually if you really want to use it.
- From: and Date: headers are now added to mails if necessary, for compatibility
with sendmail, postfix, exim, and other MTAs. This can be disabled with the
add_missing_from_header and add_missing_date_header commands.
- Libidn is not required for IDN support anymore on systems where getaddrinfo()
supports the AI_IDN flag and the GnuTLS version is >= 3.4.0.
- The new remove_bcc_headers command replaces the old keepbcc command (but the
old command is still supported for compatibility).
- SSLv3 is disabled, and the obsolete tls_force_sslv3 command and
--tls-force-sslv3 option have no effect anymore.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
Changelog:
Version 1.4.28:
- Update autotools files.
- Improve error message on connection failures in some IPv6/IPv4 situations.
- Improve documentation of EHLO issues.
- Bug fix: expand tilde for the aliases command.
contains fixes for PR#45785.
Version 1.4.27:
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Fix a compiler warning with current OpenSSL versions.
* Introduce scripts option to install optional scripts.
Changelog:
Version 1.4.26:
- A new version of the msmtpq script fixes serious bugs. To update to the new
version of the script, you need to remove the old msmtpQ symlink, change
msmtpQ to msmtpq in your MUA config, and use msmtp-queue for queue management.
Changelog:
Version 1.4.25:
- DIGEST-MD5 authentication is not considered secure any longer. See RFC 6331.
- Support for alias expansion was added. See the aliases command and --aliases
option.
Changelog:
Version 1.4.24:
- Remove the unmaintained pt_BR translation.
- Simplify manual license: use a simple permissive license instead of GNU FDL.
- Replace a call to gnutls_protocol_set_priority(), which is deprecated in
GnuTLS >= 2.12.0. Fixes Debian bug #624048 (reported for mpop).
- Remove gnulib, for simplicity and maintainability.
- Update GNU autotools files, in particular configure.ac.
Changelog:
Version 1.4.23:
- Fix SCRAM-SHA-1 authentication via libgsasl. Reported and analyzed by
Steffen Lehmann for mpop.
Version 1.4.22:
- Update gnulib to 2010-12-23.
- Avoid different account selection behaviour in --pretend mode, and print more
informational messages about account selection in --pretend and --debug mode.
Suggested by Adam Spiers.
- Add a new passwordeval command and --passwordeval option, to set the password
from the output of a command. Written by Martin Stenberg.
- A few documentation improvements, suggested by Andries E. Brouwer.
