- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
* tmda-ofmipd now has native STARTTLS and SSL support courtesy of
Stephen Warren. The new options are '--tls', '--ssl', '--ssl-key',
and '--ssl-crt'. Note that the tlslite Python module needs to be
installed to use this feature. For more information, see the
"Builtin SSL/TLS" section of http://wiki.tmda.net/TmdaOfmipdHowto
* Fixed a minor bug that prevented the use of both SMTPSSL and
SMTPAUTH together.
Now one sets the host and port in rc.conf with tofmipd_tcp{host,port}
(default "localhost:8025") and manages logging with tofmipd_log
(default: "YES", to syslog) and friends. tofmipd_flags is still
useful for authentication and miscellaneous other options.
Bump PKGREVISION.
* The snapshot of the wiki documentation is now included within the
main tmda-1.1.x.tgz tarball in the 'doc' directory rather than in a
separate tmda-1.1.x-doc.tgz tarball.
* New feature courtesy of Vitor Espindola. A new configuration
variable, TIMEOUT_UNITS, to give users the ability to customize the
timeout unit value strings in the templates instead of using the
English defaults of "years", "months", "weeks", "days", "hours",
"minutes", and "seconds". For more information, see
http://wiki.tmda.net/ConfigurationVariables#TIMEOUT_UNITS
* Virtual domain improvements to tmda-pending courtesy of Lloyd
Zusman. A '--vhost-script' command-line option has been added to
match tmda-ofmipd and tmda-filter. Also two new options have been
added, '--vhost-user' and '--vhost-domain'. See the tmda-pending
--help output for more information, or for greater detail, see
http://article.gmane.org/gmane.mail.spam.tmda.devel/6584
* An alternative "simpler" example of how to use TLS with tmda-ofmipd
via stunnel has been added. See the contrib/ofmipd-stunnel-daemons/
directory.
* A bug that broke tmda-filter's '-e' command-line option has been
fixed.
* New feature. When a message is released from your pending queue via
tmda-cgi, a new trace header 'X-TMDA-CGI' is added to the message
which contains both the IP address of the remote host as well as the
browser the client used to send the request. This allows you to
visually discern that the message was released via tmda-cgi rather
than through email confirmation, and also allows for easier tracing.
* tmda-ofmipd has a new option courtesy of Robert P. Thille. `-L'
turns on logging prints which logs everything that `-d' logs, except
for the raw SMTP protocol data. Hence, it is useful if you want to
leave logging enabled permanently, but don't want your logs bloated
with AUTH data and/or the content of large attachments.
* Various tmda-ofmipd bugfixes and improvements from Stephen Warren.
* New feature courtesy of Mark Horn. ACTION_EXPIRED_DATED has been
extended to support handling multiple ages of dated messages. So you
could for example 'bounce' mail to dated addresses that have been
expired for more than a week, 'hold' if longer than a month, and
'drop' if over a year, while still setting the default behavior to
'confirm'. For more information and an illustrative example, see
http://wiki.tmda.net/ConfigurationVariables#ACTION_EXPIRED_DATED
* TMDA's internal copy of the Python email package has been upgraded
to v4.0.1.
* The bin/tmda-* programs have been revamped to use Python's new
'optparse' library.
* TMDA can now optionally store unconfirmed messages in a "Maildir"
rather than in TMDA's custom pending queue format. This allows you
to use any mail reading program that supports Maildir to browse or
search your pending queue, rather than the 'tmda-pending' and
'tmda-cgi' programs, though the latter will still work.
* tmda-filter has a new command-line option, '-e/--environ' which you
can use to add a VAR=value pair to the environment. One example use
of this is to allow TMDA to be setup as a Postfix transport.
Contributed by Bernard Johnson.
* tmda-filter will defer incoming deliveries if the sticky bit is set
on your home directory (as determined by the $HOME variable). This
allows you to safely edit the contents of ~/.tmda/ on a live system
if you need to.
* tmda-ofmipd now has "one-session" mode through the '--one-session'
command-line option, courtesy of Stephen Warren. This allows you to
use xinetd or tcpserver, possibly in conjunction with stunnel, to
spawn tmda-ofmipd, rather than having tmda-ofmipd bind to a port and
accept connections on its own.
* The new 'dot-tmda' directory in contrib contains a working ~/.tmda/
structure that can be used with only a few changes. See the README
in that directory for more info. Not documented yet outside of the
README, but this might help new TMDA users get started quicker.
* Some of the tmda-* programs will now run on native win32
(tmda-address, tmda-check-address, tmda-pending, and tmda-keygen).
* tmda-ofmipd has a new option (--pure-proxy) that can proxy mail for
non-TMDA users in addition to TMDA users. This might be useful if
you run a mixed environment, and want to use tmda-ofmipd for
everyone. See `tmda-ofmipd --help' for more on this option.
* New feature from David Bremner. Add 'shell=' and 'python=' tag
actions to the outgoing filter. This allows you to add
dynamic/shell escaped headers from the outgoing filter file. For
example usage, see the TMDA/Hashcash HOWTO I've prepared at
http://wiki.tmda.net/TmdaHashCashHowto
* The template system has been reorganized to simplify things for
users of multi-lingual templates among others. See
http://wiki.tmda.net/TemplateHowto and the UPGRADE notes below.
* Messages are now simply deleted from your pending queue once they
are confirmed or released rather than being renamed with a '3,C' or
'3,R' suffix. This provides simpler, more intuitive behavior and
decreased storage requirements.
* Fixed a bug in TMDAINJECT that caused Message-ID and Date headers to
differ when sending to multiple recipients.
* Fixes to the tmda.spec file that should allow RPMs to be built with
Python 2.3.x.
* Tilde expansion is now done automatically for variables in
/etc/tmdarc and ~/.tmda/config, so you no longer have to use
os.path.expanduser() to do this yourself. e.g,
TEMPLATE_DIR = "~/.tmda/templates"
now ``just works''.
* New 'whitelist' behavior for tmda-pending and tmda-cgi, controlled
by http://wiki.tmda.net/ConfigurationVariables#PENDING_WHITELIST_RELEASE
* A new 'pipe-headers' incoming filter file source. Identical to
'pipe' except that it only pipes the headers to the program, instead
of the headers + body. This should offer greater performance and
reliability when processing the message body isn't required.
* A new feature to add Mail-Followup-To headers from tmda-sendmail or
tmda-ofmipd to messages. See
http://wiki.tmda.net/ConfigurationVariables#MAIL_FOLLOWUP_TO
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
python*-pth packages into meta-packages which will install the non-pth
packages. Bump PKGREVISIONs on the non-pth versions to propagate the
thread change, but leave the *-pth versions untouched to not affect
existing installations.
Sync all PYTHON_VERSIONS_AFFECTED lines in package Makefiles.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
installation, the affected files are recompiled the first time
tmda-ofmipd runs with sufficient permissions. Force the recompile
during post-install to ensure the package tools record the right
checksums.
* Fixed a small bug in the auto-response rate limiting code that
choked on extremely long addresses.
(http://mla.libertine.org/tmda-users/2004-01/msg00375.html)
* Fixed a small bug in the X-Primary-Address header handling code that
was triggered by a broken MTA.
(http://mla.libertine.org/tmda-users/2004-01/msg00100.html)
* Fixed a bug in TMDAINJECT that caused Message-ID and Date headers to
differ when sending to multiple recipients.
* Fixed a bug that would cause pending message release to fail under
certain MTAs (particularily Exim) if the envelope sender was null <>.
pkgsrc changes:
* Add rc.d script for tmda-ofmipd.
* Create "tofmipd" user for tmda-ofmipd.
* Require Python 2.2 or higher, as needed by tmda-ofmipd.
* Use subst.mk to honor PKG_SYSCONFDIR.
* Set PKG_SYSCONFSUBDIR, as TMDA potentially has several config files.
* Update MASTER_SITES.
* Use shell globs to simplify some definitions.
* Remove MESSAGE, as TMDA provides its own upgrade instructions.
* Pass one file at a time to install(1) for the benefit of some of our
differently-abled platforms.
What's new?
* New feature: A new header called ``X-Primary-Address'' is now
supported in order to reduce the amount of thinking and planning
ahead you need to do when sending mail to a new correspondent who
may or may not use a challenge/response system like
TMDA. Essentially, this header allows a sender to specify the
address he prefers be whitelisted once he confirms his first
message.
For more information, see the following URLs:
<URL:http://tmda.net/config-vars.html#PRIMARY_ADDRESS_MATCH>
<URL:http://tmda.net/faq.cgi?req=show&file=faq04.005.htp>
* New feature. You can customize the header lines displayed by
tmda-pending in interactive mode by setting SUMMARY_HEADERS. See
<URL:http://tmda.net/config-vars.html#SUMMARY_HEADERS> for more
information.
* New version of Josh Huber's tmda.el.
* Bugfixes.
Here are the new additions to UPGRADE:
* If you are using customized templates, you should replace
%(envelope_sender)s with %(confirm_append_address)s in your
confirm_request.txt. This is to support the new
<URL:http://tmda.net/config-vars.html#PRIMARY_ADDRESS_MATCH>
feature.
* When doing program deliveries to procmail, you should no longer be
using the ``-f'' option. e.g,
DELIVERY = "|/usr/bin/procmail -f $SENDER ~/.procmailrc-tmda"
becomes
DELIVERY = "|/usr/bin/procmail ~/.procmailrc-tmda"
* contrib/sample.tmdarc has been renamed contrib/sample.config.
* New feature. TEMPLATE_DIR_MATCH_SENDER provides a way to further
specialize the template selection process. When enabled, TMDA looks
for templates in a subdirectory of TEMPLATE_DIR that matches the
sender address, and then increasingly general portions of the domain
part of the address. For more information and an example, see
<URL:http://tmda.net/config-vars.html#TEMPLATE_DIR_MATCH_SENDER>
* tmda-pending now allows messages to be specified on standard input
instead of the command line by using `-' instead of a message
list. See ``tmda-pending -h'' for an example. Thanks to Michael
S. Fischer for the patch.
Only accept Python 2.2, as the PLIST is incorrect for 2.1 (due to one
file failing to compile).
* Python version 2.1 or greater is now required. Upgrade at
<URL:http://www.python.org/download/>
* When sending an auto response, a new configuration variable
(AUTORESPONSE_INCLUDE_SENDER_COPY) is used to control whether a copy
of the sender's message is included or not. For available options,
<URL:http://tmda.net/config-vars.html#AUTORESPONSE_INCLUDE_SENDER_COPY>
If you are using customized templates, you should remove the last
few lines in each template which include the sender's copy. For
example, in confirm_request.txt:
--- Enclosed is a copy of your message.
%(original_message)s
Otherwise, you'll include two copies of the sender's message.
* When sending confirmation requests, Reply-To is now set from the
confirm_request.txt template. This is to allow the option to not
include the confirmation address in a Reply-To header.
If you use a customized confirm_request.txt, you'll need to add the
following line to the top (header section) of your template:
Reply-To: %(confirm_accept_address)s
extension Makefile fragments, because they really don't have anything to
do with the buildlink[12] frameworks. Change all the Makefiles that use
application.buildlink.mk and extension.buildlink.mk to use application.mk
and extension.mk instead.
* New -A option for tmda-ofmipd to allow authentication against
checkpassword compatible programs such as checkpassword-pam
(http://checkpasswd-pam.sourceforge.net/).
* New -C option for tmda-ofmipd to set a limit on the number of
simultaneous connections. Default is 20.
* tmda-ofmipd general bugfixes and security improvements.
* New config variable, `X_TMDA_IN_SUBJECT' which turns on parsing of
the Subject header for X-TMDA override actions. See description in
Defaults.py for more information.
* New config variable, `ADDED_HEADERS_SERVER' which allows you to add
arbitrary headers to all server-sent (i.e, tmda-filter) messages.
* Josh Huber's tmda.el, an elisp module for integrating TMDA with Gnus
and Message mode, has been added to the contrib directory. This is
super-cool, Jason sez check it out!
* Major improvements to the filter file language, courtesy of Tim,
including:
- The addition of "macro" definition and expansion.
- The addition of variable interpolation.
- A new argument, `-optional', for all rules that access files.
- Support for nested filter files with the 'include' statement.
For more information on these new features, see the updated TMDA
Filter Specification (http://tmda.net/config-filter.html).
* Logging capability for client-side message (i.e, those sent with
tmda-sendmail). Set LOGFILE_OUTGOING in your config to enable this.
* New version of tmda.el.
* Fixed a bug which prevented the `from/to-mailman' filter sources
from working.
Changes to the package itself:
- Update MASTER_SITES and HOMEPAGE.
- Change iterator variables to something other than "file" to
placate pkglint.
From the changelog:
* 'keyword' addresses now use an identifying string like 'dated' and
'sender' addresses do. 'keyword' by default, and customizable via
TAGS_KEYWORD. This means you'll need to generate new addresses
using `tmda-address', as your old ones will no longer work.
If you want your old keyword addresses to be accepted until you can
transition to the new format, you can add entries for them in your
FILTER_INCOMING. e.g,
to jason-promos.8d06eu@mastaler.com ok
to jason-stupid_promo.289j76@mastaler.com ok
* RECIPIENT_DELIMITER is no longer allowed to be part of the keyword
in a keyword address. `?' will be substituted for it when a new
keyword address is created.
* The format for a confirmation request address is now:
RECIPIENT-confirm-TIMESTAMP.PID.HMAC, instead of
RECIPIENT-confirm-accept.TIMESTAMP.PID.HMAC
The new format is detailed in CRYPTO. Because of this change, it's
recommended that you run tmda-pending to make sure your queue is
free of legitimate messages, since the old confirmation addresses
will no longer work.
If you are unable to do this and need temporary backward
compatibility with the old format, there is a patch against 0.56
available at:
<URL:http://mla.libertine.org/tmda-users/200206/msg00193.html>
* Confirmed messages are now reinjected to the original envelope
recipient address (RECIPIENT) rather than to:
RECIPIENT-confirm-done.TIMESTAMP.PID.HMAC
See CRYPTO for more details.
* TMDA now sends outgoing mail by handing it off to an SMTP server
instead of the /usr/sbin/sendmail program. By default it will use
the standard SMTP port (25) on the local host. You can modify this
by setting the "SMTPHOST" variable in your tmdarc. See
TMDA/Defaults.py for further information.
* tmdarc variable SENDMAIL has been renamed SENDMAIL_PROGRAM, but is
irrelevant unless OUTGOINGMAIL = "sendmail".
* tmdarc variable PURGED_HEADERS now lists "Bcc:" and "Resent-Bcc" by
default. If you define this variable in your tmdarc, be sure to add
these two headers.
* CRYPT_KEY should be removed from ~/.tmdarc or ~/.tmda/config. Your
secret key is now read from CRYPT_KEY_FILE, which defaults to
~/.tmda/crypt_key. To make this conversion, move your existing
CRYPT_KEY to ~/.tmda/crypt_key, but without the double-quotes. e.g,
if CRYPT_KEY = "df7a18a8d95f02ff94bf6463a8ec214cf20cb9e8"
~/.tmda/crypt_key should contain:
df7a18a8d95f02ff94bf6463a8ec214cf20cb9e8
* ~/.tmdarc and ~/.tmda/config are no longer checked for file
permissions. Instead, make sure ~/.tmda/crypt_key is chmod 400 or
600 (or 640 if ALLOW_MODE_640 = 1).
* An exception is no longer be raised if ~/.tmdarc or ~/.tmda/config
is missing. However, a ~/.tmda/crypt_key file is required.
* tmda-keygen now outputs an unquoted key instead of a CRYPT_KEY line.
* Template variables dated_cookie_address and sender_cookie_address
were replaced with dated_recipient_address and
sender_recipient_address, which are based on the RECIPIENT address.
* Tighter integration of the local delivery code. An external LDA
like procmail is now required only if you are running Sendmail.
Further, if you are driving TMDA with procmail, you no longer need
to maintain a second procmailrc (e.g, ~/.procmailrc-tmda) for final
delivery.
* Improvements to the mailing list filter file sources.
* Bugfixes.
* New ``--terse-summary'' option to tmda-pending which can be used as
an alternative to ``--summary''. See ``tmda-pending -h'' for more.
* New tmdarc options PENDING_DELETE_APPEND and PENDING_RELEASE_APPEND
which define filenames to which the sender address will be appended
when a message is deleted or released by tmda-pending. This can be
used for example to update your white/blacklist from tmda-pending.
* In addition to ~/.tmdarc, ~/.tmda/config is now a valid location for
your TMDA configuration file.
* Performance improvements.
* Bugfixes.
* Messages in the pending directory are no longer deleted after they
are confirmed (or released) and delivered. Now they are simply
noted in the DELIVERED_CACHE file.
* BOUNCE_TEXT_ALREADY_CONFIRMED has been deprecated.
* The confirm_accept.txt template has been modified. The message body
of the notification is no longer hardcoded, but rather stored in
%(confirm_accept_text)s, which comes from one of the following
tmdarc variables depending on context:
CONFIRM_ACCEPT_TEXT_INITIAL
CONFIRM_ACCEPT_TEXT_ALREADY_CONFIRMED
CONFIRM_ACCEPT_TEXT_ALREADY_RELEASED
* Custom templates are now referred to by a template directory rather
than individually. Any templates found in this directory will be
used, otherwise the default templates will be used. You can specify
a custom template directory in one of two ways:
A TEMPLATE_DIR setting in your tmdarc. This replaces use of
CONFIRM_ACCEPT_TEMPLATE and CONFIRM_REQUEST_TEMPLATE.
tmda-filter's -t option, which replaces both -A and -R.
* The 'unquoted' and 'parens' options to MESSAGE_FROM_STYLE have been
deprecated. 'angles' now double-quotes the fullname only when
necessary.