8.14.7/8.14.7 2013/04/21
Drop support for IPv4-mapped IPv6 addresses to prevent the MTA
from using a mapped address over a legitimate IPv6 address
and to enforce the proper semantics over the IPv6
connection. Problem noted by Ulrich Sporlein.
Fix a regression introduced in 8.14.6: the wrong list of
macros was sent to a milter in the EHLO stage.
Problem found by Fabrice Bellet, reported via RedHat
(Jaroslav Skarvada).
Fix handling of ORCPT parameter for DSNs: xtext decoding
was not performed and a wrong syntax check was applied
to the "addr-type" field. Problem noted by Dan Lukes
of Obludarium.
Fix handling of NUL characters in the MIME conversion functions
so that message bodies containing them will be sent
on properly. Note: this usually also affects mails
that are not converted as those functions are used
for other purposes too. Problem noted by Elchonon
Edelson of Lockheed Martin.
Do not perform "duplicate" elimination of recipients if they
resolve to the error mailer using a temporary failure
(4xy) via ruleset 0. Problem noted by Akira Takahashi
of IIJ.
CONTRIB: Updated version of etrn.pl script from John Beck
of Oracle.
Portability:
Unlike gcc, clang doesn't apply full prototypes to K&R
definitions.
- will look at making recently requested changes in a subsequent commit
8.14.6/8.14.6 2012/12/23
Fix a regression introduced in 8.14.5: if a server offers
two AUTH lines, the MTA would not read them after
STARTTLS has been used and hence SMTP AUTH for
the client side would fail. Problem noted by Lena.
Do not cache hostnames internally in a non case sensitive way
as that may cause addresses to change from lower case
to upper case or vice versa. These header modifications
can cause problems with milters that rely on receiving
headers in the same way as they are being sent out such
as a DKIM signing milter.
If MaxQueueChildren is set then it was possible that new queue
runners could not be started anymore because an
internal counter was subject to a race condition.
If a milter decreases the timeout it waits for a communication
with the MTA, the MTA might experience a write() timeout.
In some situations, the resulting error might have been
ignored. Problem noted by Werner Wiethege.
Note: decreasing the communication timeout in a milter
should not be done without considering the potential
problems.
smfi_setsymlist() now properly sets the list of macros for
the milter which invoked it, instead of a global
list for all milters. Problem reported by
David Shrimpton of the University of Queensland.
If Timeout.resolver.retrans is set to a value larger than 20,
then resolver.retry was temporarily set to 0 for
gethostbyaddr() lookups. Now it is set to 1 instead.
Patch from Peter.
If sendmail could not lock the statistics file due to a system
error, and sendmail later sends a DSN for a mail that
triggered such an error, then sendmail tried to access
memory that was freed before (causing a crash on some
systems). Problem reported by Ryan Stone.
Do not log negative values for size= nor pri= to avoid confusing
log parsers, instead limit the values to LONG_MAX.
Account for an API change in newer versions of Cyrus-SASL.
Patch from Hajimu UMEMOTO from FreeBSD.
Do not try to resolve link-local addresses for IPv4 (just as it
is done for IPv6). Patch from John Beck of Oracle.
Improve logging of client and server STARTTLS connection failures
that may be due to incompatible cipher lists by including
the reason for the failure in a single log line. Suggested
by James Carey of Boeing.
Portability:
Add support for Darwin 11.x and 12.x (Mac OS X 10.7 and 10.8).
Add support for SunOS 5.12 (aka Solaris 12). Patch from
John Beck of Oracle.
8.14.5/8.14.5 2011/05/17
Do not cache SMTP extensions across connections as the cache
is based on hostname which may not be a unique identifier
for a server, i.e., different machines may have the
same hostname but provide different SMTP extensions.
Problem noted by Jim Hermann.
Avoid an out-of-bounds access in case a resolver reply for a DNS
map lookup returns a size larger than 1K. Based on a
patch from Dr. Werner Fink of SuSE.
If a job is aborted using the interrupt signal (e.g., control-C from
the keyboard), perform minimal cleanup to avoid invoking
functions that are not signal-safe. Note: in previous
versions the mail might have been queued up already
and would be delivered subsequently, now an interrupt
will always remove the queue files and thus prevent
delivery.
Per RFC 6176, when operating as a TLS client, do not offer SSLv2.
Since TLS session resumption is never used as a client, disable
use of RFC 4507-style session tickets.
Work around gcc4 versions which reverse 25 years of history and
no longer align char buffers on the stack, breaking calls
to resolver functions on strict alignment platforms.
Found by Stuart Henderson of OpenBSD.
Read at most two AUTH lines from a server greeting (up to two
lines are read because servers may use "AUTH mechs" and
"AUTH=mechs"). Otherwise a malicious server may exhaust
the memory of the client. Bug report by Nils of MWR
InfoSecurity.
Avoid triggering an assertion in the OpenLDAP code when the
connection to an LDAP server is lost while making a query.
Problem noted and patch provided by Andy Fiddaman.
If ConnectOnlyTo is set and sendmail is compiled with NETINET6
it would try to use an IPv6 address if an IPv4 (or
unparseable) address is specified.
If SASLv2 is used, make sure that the macro {auth_authen} is
stored in xtext format to avoid problems with parsing
it. Problem noted by Christophe Wolfhugel.
CONFIG: FEATURE(`ldap_routing') in 8.14.4 tried to add a missing
-T<TMPF> that is required, but failed for some cases
that did not use LDAP. This change has been undone
until a better solution can be implemented. Problem
found by Andy Fiddaman.
CONFIG: Add cf/ostype/solaris11.m4 for Solaris11 support.
Contributed by Casper Dik of Oracle.
CONTRIB: qtool.pl: Deal with H entries that do not have a
letter between the question marks. Patch from
Stefan Christensen.
DOC: Use a better description for the -i option in sendmail.
Patch from Mitchell Berger.
Portability:
Add support for Darwin 10.x (Mac OS X 10.6).
Enable HAVE_NANOSLEEP for FreeBSD 3 and later. Patch
from John Marshall.
Enable HAVE_NANOSLEEP for OpenBSD 4.3 and later.
Use new directory "/system/volatile" for PidFile on
Solaris 11. Patch from Casper Dik of Oracle.
Fix compilation on Solaris 11 (and maybe some other
OSs) when using OpenSSL 1.0. Based on patch from
Jan Pechanec of Oracle.
Set SOCKADDR_LEN_T and SOCKOPT_LEN_T to socklen_t
for Solaris 11. Patch from Roger Faulkner of Oracle.
New Files:
cf/ostype/solaris11.m4
8.14.4/8.14.4 2009/12/30
SECURITY: Handle bogus certificates containing NUL characters
in CNs by placing a string indicating a bad certificate
in the {cn_subject} or {cn_issuer} macro. Patch inspired
by Matthias Andree's changes for fetchmail.
During the generation of a queue identifier an integer overflow
could occur which might result in bogus characters
being used. Based on patch from John Vannoy of
Pepperdine University.
The value of headers, e.g., Precedence, Content-Type, et.al.,
was not processed correctly. Patch from Per Hedeland.
Between 8.11.7 and 8.12.0 the length limitation on a return
path was erroneously reduced from MAXNAME (256) to
MAXSHORTSTR (203). Patch from John Gardiner Myers
of Proofpoint; the problem was also noted by Steve
Hubert of University of Washington.
Prevent a crash when a hostname lookup returns a seemingly
valid result which contains a NULL pointer (this seems
to be happening on some Linux versions).
The process title was missing the current load average when
the MTA was delaying connections due to DelayLA.
Patch from Dick St.Peters of NetHeaven.
Do not reset the number of queue entries in shared memory if
only some of them are processed.
Fix overflow of an internal array when parsing some replies
from a milter. Problem found by Scott Rotondo
of Sun Microsystems.
If STARTTLS is turned off in the server (via M=S) then it
would not be initialized for use in the client either.
Patch from Kazuteru Okahashi of IIJ.
If a Diffie-Hellman cipher is selected for STARTTLS, the
handshake could fail with some TLS implementations
because the prime used by the server is not long enough.
Note: the initialization of the DSA/DH parameters for
the server can take a significant amount of time on slow
machines. This can be turned off by setting DHParameters
to none or a file (see doc/op/op.me). Patch from
Petr Lampa of the Brno University of Technology.
Fix handling of `b' modifier for DaemonPortOptions on little
endian machines for loopback address. Patch from
John Beck of Sun Microsystems.
Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
Based on patch from Jonathan Gray of OpenBSD.
If a milter sets the reply code to "421" during the transfer
of the body, the SMTP server will terminate the SMTP session
with that error to match the behavior of the other callbacks.
Return EX_IOERR (instead of 0) if a mail submission fails due to
missing disk space in the mail queue. Based on patch
from Martin Poole of RedHat.
CONFIG: Using FEATURE(`ldap_routing')'s `nodomain' argument would
cause addresses not found in LDAP to be misparsed.
CONFIG: Using a CN restriction did not work for TLS_Clt as it
referred to a wrong macro. Patch from John Gardiner
Myers of Proofpoint.
CONFIG: The option relaytofulladdress of FEATURE(`access_db')
did not work if FEATURE(`relay_hosts_only') is used too.
Problem noted by Kristian Shaw.
CONFIG: The internal function lower() was broken and hence
strcasecmp() did not work either, which could cause
problems for some FEATURE()s if upper case arguments
were used. Patch from Vesa-Matti J Kari of the
University of Helsinki.
LIBMILTER: Fix internal check whether a milter application
is compiled against the same version of libmilter as
it is linked against (especially useful for dynamic
libraries).
LIBMILTER: Fix memory leak that occurred when smfi_setsymlist()
was used. Based on patch by Dan Lukes.
LIBMILTER: Document the effect of SMFIP_HDR_LEADSPC for filters
which add, insert, or replace headers. From Benjamin
Pineau.
LIBMILTER: Fix error messages which refer to "select()" to be
correct if SM_CONF_POLL is used. Based on patch from
John Nemeth.
LIBSM: Fix handling of LDAP search failures where the error is
carried in the search result itself, such as seen with
OpenLDAP proxy servers.
VACATION: Do not refer to a local variable outside its scope.
Based on patch from Mark Costlow of Southwest Cyberport.
Portability:
Enable HAVE_NANOSLEEP for SunOS 5.11. Patch from
John Beck of Sun Microsystems.
Drop NISPLUS from default SunOS 5.11 map definitions.
Patch from John Beck of Sun Microsystems.
unconditionally. All supported systems should have poll(2). If
one is found that doesn't then this can be revisited and some way
of making it conditional can be implemented.
This resolves an issue with applications that have a large
number of open files and want to bump FD_SETSIZE. Since libmilter
no longer uses select(2), the application is free to monkey with
FD_SETSIZE as it pleases.
had a chance to closely examine it, I would prefer it be done
slightly differently. Also, the patch patches multiple files in
direct contravention of pkgsrc guidelines. One of the files is
also patched by a different patch. Having multiple patches applied
to a single file makes maitenance much more difficult.
mail delivery with non local NSS passwd source, such as LDAP.
Stock LDAP uses getpwnam(3) to lookup recipients. As mandated by SUSv2,
getpwnam(3) does not set errno, so Sendmail has no way of distinguishing
a non existing user and an error with a remote NSS source. Therefore,
when the LDAP server goes down, Sendmail bounces mail to valid recipients.
A first workround is to remove F=w from Mlocal in sendmail.cf. This will
inhibit local recipient lookups, but it has a two drawbacks
- ~/.forward do not work anymore
- For multi-recipient mails with a single inexistent user, mail.local
cause a DSN reporting an error for all users, whereas all valid users
do get the message.
A better workaround is this patch, which calls getpwnam_r(3). This newer
API do set errno and do return an error code. Sendmail is therefore able
to detect that it had a transcient error in NSS, and it will react by
queuing the message. This is what you really want to happen when LDAP
is down.
I have not been able to get any feedback from Sendmail developers about
this patch.
This feature adds a -c switch to LDAPMAP definitions, which can be used to
specify a connection timeout (the equivalent of ldap.conf's bind_timeout)
Here is an usage example, in sendmail.cf:
O LDAPDefaultSpec=-w 3 -c 1 -l 3
If the server does not connect after 1 second (-c 1), we give up. If it does
not anwer after 3 seconds (-l 3), we give up with a temporary failure.
Using -c is the only way to avoid sendmail getting stuck against a half-dead
slapd, where the TCP port is in listening state but the server will not
serve anything.
Changes since version 8.14.2:
* the MTA accessed storage after it free()d it. This was a regression
introduced in 8.14.2, but the bug only showed up on a few operating
systems.
* ruleset processing: the function cataddr() could cause the addition of
the BlankSub character between some tokens when it should not happen
and thus failures in rule matching. It seems that none of the default
rules were affected by this bug and hence the problem did not show up
for default configurations.
* the libmilter state engine did not deal correctly with milters that
requested the omission of protocol steps during the negotiation callback.
Approved by John Nemeth.
patches to add it). Drop pax from the default USE_TOOLS list.
Make bsdtar the default for those places that wanted gtar to extract
long links etc, as bsdtar can be built of the tree.
8.14.2/8.14.2 2007/11/01
If a message was queued and it contained 8 bit characters in
a From: or To: header, then those characters could be
"mistaken" for internal control characters during a queue
run and trigger various consistency checks. Problem
noted by Neil Rickert of Northern Illinois University.
If MaxMimeHeaderLength is set to a value greater than 0 (which
it is by default) then even if the Linelimit parameter
is 0, sendmail corrupted in the non-transfer-encoding
case every MAXLINE-1 characters. Patch from John Gardiner
Myers of Proofpoint.
Setting the suboption DeliveryMode for DaemonPortOptions did not
work in earlier 8.14 versions.
Note: DeliveryMode=interactive is silently converted to
background if a milter can reject or delete a recipient.
Prior to 8.14 this happened only if milter could delete
recipients.
ClientRate should trigger when the limit was exceeded (as
documented), not when it was reached. Patch from
John Beck of Sun Microsystems.
Force a queue run for -qGqueuegroup even if no runners are
specified (R=0) and forking (F=f) is requested.
When multiple results are requested for a DNS map lookup
(-z and -Z), return only those that are relevant for
the query (not also those in the "additional section".)
If the message transfer time to sendmail (when acting as server)
exceeds Timeout.queuewarn or Timeout.queuereturn and
the message is refused (by a milter), sendmail previously
created a delivery status notification (DSN). Patch
from Doug Heath of The Hertz Corporation.
A code change in Cyrus-SASL 2.1.22 for sasl_decode64() requires
the MTA to deal with some input (i.e., "=") itself.
Problem noted by Eliot Lear.
sendmail counted a delivery as successful if PIPELINING is
compiled in but not offered by the server and the
delivery failed temporarily. Patch from Werner Wiethege.
If getting the result of an LDAP query times out then close the
map so it will be reopened on the next lookup. This
should help "failover" configurations that specify more
than one LDAP server.
If check_compat returns $#discard then a "savemail panic" could
be triggered under some circumstances (e.g., requiring
a system which does not have the compile time flag
HASFLOCK set). Based on patch by Motonori Nakamura
of National Institute of Informatics, Japan.
If a milter rejected a recipient, the count for nrcpts= in the
logfile entry might have been wrong. Problem found by
Petra Humann of TU Dresden.
If a milter invoked smfi_chgfrom() where ESMTP arguments are not
NULL, the message body was lost. Patch from Motonori
Nakamura of National Institute of Informatics, Japan.
sendmail(8) had a bogus space in -qGname. Patch from Peng Haitao.
CONTRIB: buildvirtuser: Preserve ownership and permissions when
replacing files.
CONTRIB: buildvirtuser: Skip dot-files (e.g., .cvsignore) when
reading the /etc/mail/virtusers/ directory.
CONTRIB: buildvirtuser: Emit warnings instead of exiting where
appropriate.
LIBMILTER: Fix ABI backwards compatibility so milters compiled
against an older libmilter.so shared library can use an
8.14 libmilter.so shared library.
LIBMILTER: smfi_version() did not properly extract the patchlevel
from the version number, however, the returned value was
correct for the current libmilter version.
particular, libmilter does *not* support "ldap", "sasl", etc. which are
supported by only sendmail. Do this through the following:
(1) Create libmilter/options.mk with support for the "inet6" option.
(2) Drop inclusion of options.mk from sendmail/Makefile.common and move
it to libmilter/Makefile and sendmail/Makefile.
While here, properly support IPv6 on FreeBSD, which like DragonFly has
getipnodebyname() in libc.
As a result of these changes, libmilter will no longer depend on
cyrus-sasl or openssl or openldap-client depending on what is set
in PKG_DEFAULT_OPTIONS.
Bump the PKGREVISION of libmilter to 1 due to the changed dependency list.
No change to sendmail as the binary package does not change.
8.14.1/8.14.1 2007/04/03
Even though a milter rejects a recipient the MTA will still keep
it in its list of recipients and deliver to it if the
transaction is accepted. This is a regression introduced
in 8.14.0 due to the change for SMFIP_RCPT_REJ. Bug
found by Andy Fiddaman.
The new DaemonPortOptions which begin with a lower case character
could not be set in 8.14.0.
If a server shut down the connection in response to a STARTTLS
command, sendmail would log a misleading error message
due to an internal inconsistency. Problem found by
Werner Wiethege.
Document how some sendmail.cf options change the behavior of mailq.
Noted by Paul Menchini of the North Carolina School of
Science and Mathematics.
CONFIG: Add confSOFT_BOUNCE m4 option for setting SoftBounce.
CONFIG: 8.14.0's RELEASE_NOTES failed to mention the addition
of the confMAX_NOOP_COMMANDS and confSHARED_MEMORY_KEY_FILE
m4 options for setting MaxNOOPCommands and
SharedMemoryKeyFile.
CONFIG: Add confMILTER_MACROS_EOH and confMILTER_MACROS_DATA m4
options for setting Milter.macros.eoh and Milter.macros.data.
CONTRIB: Use flock() and fcntl() in qtool.pl if necessary.
Patch from Daniel Carroll of Mesa State College.
LIBMILTER: Make sure an unknown command does not affect the
currently available macros. Problem found by Andy Fiddaman.
LIBMILTER: The MTA did not offer SMFIF_SETSYMLIST during option
negotiation. Problem reported by Bryan Costales.
LIBMILTER: Fix several minor errors in the documentation.
Patches from Bryan Costales.
PORTABILITY FIXES:
AIX 5.{1,2}: libsm/util.c failed to compile due to
redefinition of several macros, e.g., SIG_ERR.
Patch from Jim Pirzyk with assistance by Bob
Booth, University of Illinois at Urbana-Champaign.
Add support for QNX.6. Patch from Sean Boudreau of QNX
Software Systems.
New Files:
devtools/M4/depend/QNX6.m4
devtools/OS/QNX.6.x
include/sm/os/sm_os_qnx.h
New Files added in 8.14.0, but not shown in the release notes entry:
libmilter/docs/smfi_chgfrom.html
libmilter/docs/smfi_version.html
8.14.0/8.14.0 2007/01/31
Header field values are now 8 bit clean. Notes:
- header field names are still restricted to 7 bit.
- RFC 2822 allows only 7 bit (US-ASCII) characters in
headers.
Preserve spaces after the colon in a header. Previously, any
number of spaces after the colon would be changed to
exactly one space.
In some cases of deeply nested aliases/forwarding, mail can
be silently lost. Moreover, the MaxAliasRecursion
limit may be reached too early, e.g., the counter
may be off by a factor of 4 in case of a sequence of
.forward files that refer to others. Patch from
Motonori Nakamura of Kyoto University.
Fix a regression in 8.13.8: if InputMailFilters is set then
"sendmail -bs" can trigger an assertion because the
hostname of the client is undefined. It is now set
to "localhost" for the xxfi_connect() callback.
Avoid referencing a freed variable during cleanup when terminating.
Problem reported and diagnosed by Joe Maimon.
New option HeloName to set the name for the HELO/EHLO command.
Patch from Nik Clayton.
New option SoftBounce to issue temporary errors (4xy) instead of
permanent errors (5xy). This can be useful for testing.
New suboptions for DaemonPortOptions to set them individually
per daemon socket:
DeliveryMode DeliveryMode
refuseLA RefuseLA
delayLA DelayLA
queueLA QueueLA
children MaxDaemonChildren
New option -K for LDAP maps to replace %1 through %9 in the
lookup key with the LDAP escaped contents of the
arguments specified in the map lookup. Loosely based
on patch from Wolfgang Hottgenroth.
Log the time after which a greet_pause delay triggered. Patch
from Nik Clayton.
If a client is rejected via TCP wrapper or some other check
performed by validate_connection() (in conf.c) then do
not also invoke greet_pause. Problem noted by Jim Pirzyk
of the University of Illinois at Urbana-Champaign.
If a client terminates the SMTP connection during a pause
introduced by greet_pause, then a misleading message
was logged previously. Problem noted by Vernon Schryver
et.al., patch from Matej Vela.
New command "mstat" for control socket to provide "machine
readable" status.
New named config file rule check_eom which is called at the end
of a message, its parameter is the size of the message.
If the macro {addr_type} indicates that the current address
is a header address it also distinguishes between
recipient and sender addresses (as it is done for
envelope addresses).
When a macro is set in check_relay, then its value is accessible
by all transactions in the same SMTP session.
Increase size of key for ldap lookups to 1024 (MAXKEY).
New option MaxNOOPCommands to override default of 20 for the
number of "useless" commands before the SMTP server will
slow down responding.
New option SharedMemoryKeyFile: if shared memory support is
enabled, the MTA can be asked to select a shared memory
key itself by setting SharedMemoryKey to -1 and specifying
a file where to store the selected key.
Try to deal with open HTTP proxies that are used to send spam
by recognizing some commands from them. If the first command
from the client is GET, POST, CONNECT, or USER, then the
connection is terminated immediately.
New PrivacyOptions noactualrecipient to avoid putting
X-Actual-Recipient lines in DSNs revealing the actual
account that addresses map to. Patch from Dan Harkless.
New options B, z, and Z for DNS maps:
-B: specify a domain that is always appended to queries.
-z: specify the delimiter at which to cut off the result of
a query if it is too long.
-Z: specify the maximum number of entries to be concatenated
to form the result of a lookup.
New target "check" in the Makefile of libsm: instead of running tests
implicitly while building libsm, they must be explicitly
started by using "make check".
Fixed some inconsistent checks for NULL pointers that have been
reported by the SATURN tool which has been developed by
Isil Dillig and Thomas Dillig of Stanford University.
Fix a potential race condition caused by a signal handler for
terminated child processes. Problem noted by David F. Skoll.
When a milter deleted a recipient, that recipient could cause a
queue group selection. This has been disabled as it was not
intended.
New operator 'r' for the arith map to return a random number.
Patch from Motonori Nakamura of Kyoto University.
New compile time option MILTER_NO_NAGLE to turn off the Nagle
algorithm for communication with libmilter ("cork" on Linux),
which may improve the communication performance on some
operating systems. Patch from John Gardiner Myers of
Proofpoint.
If sendmail received input that contained a CR without subsequent LF
(thus violating RFC 2821 (2.3.7)), it could previously
generate an additional blank line in the output as the last
line.
Restarting persistent queue runners by sending a HUP signal to
the "queue control process" (QCP) works now.
Increase the length of an input line to 12288 to deal with
really long lines during SMTP AUTH negotiations.
Problem noted by Werner Wiethege.
If ARPANET mode (-ba) was selected STARTTLS would fail (due to
a missing initialization call for that case). Problem
noted by Neil Rickert of Northern Illinois University.
If sendmail is linked against a library that initializes Cyrus-SASL
before sendmail did it (such as libnss-ldap), then SMTP AUTH
could fail for the sendmail client. A patch by Moritz Both
works around the API design flaw of Cyrus-SASLv2.
CONFIG: Make it possible to unset the StatusFile option by
undefining STATUS_FILE. By not setting StatusFile,
the MTA will not attempt to open a statistics file on
each delivery.
CONFIG: New FEATURE(`require_rdns') to reject messages from SMTP
clients whose IP address does not have proper reverse DNS.
Contributed by Neil Rickert of Northern Illinois University
and John Beck of Sun Microsystems.
CONFIG: New FEATURE(`block_bad_helo') to reject messages from SMTP
clients which provide a HELO/EHLO argument which is either
unqualified, or is one of our own names (i.e., the server
name instead of the client name). Contributed by Neil
Rickert of Northern Illinois University and John Beck of
Sun Microsystems.
CONFIG: New FEATURE(`badmx') to reject envelope sender addresses
(MAIL) whose domain part resolves to a "bad" MX record.
Based on contribution from William Dell Wisner.
CONFIG: New macros SMTP_MAILER_LL and RELAY_MAILER_LL to override
the maximum line length of the smtp mailers.
CONFIG: New option `relaytofulladdress' for FEATURE(`access_db')
to allow entries in the access map to be of the form
To:user@example.com RELAY
CONFIG: New subsuboptions eoh and data to specify the list of
macros a milter should receive at those stages in the
SMTP dialogue.
CONFIG: New option confHELO_NAME for HeloName to set the name
for the HELO/EHLO command.
CONFIG: dnsbl and enhdnsbl can now also discard or quarantine
messages by using those values as second argument.
Patches from Nelson Fung.
CONTRIB: cidrexpand uses a hash symbol as comment character and
ignores everything after it unless it is in quotes or
preceeded by a backslash.
DEVTOOLS: New macro confMKDIR: if set to a program that creates
directories, then it used for "make install" to create
the required installation directories.
DEVTOOLS: New macro confCCLINK to specify the linker to use for
executables (defaults to confCC).
LIBMILTER: A new version of the milter API has been created that
has several changes which are listed below and documented
in the webpages reachable via libmilter/docs/index.html.
LIBMILTER: The meaning of the version macro SMFI_VERSION has been
changed. It now refers only to the version of libmilter,
not to the protocol version (which is used only internally,
it is not user/milter-programmer visible). Additionally,
a version function smfi_version() has been introduced such
that a milter program can check the libmilter version also
at runtime which is useful if a shared library is used.
LIBMILTER: A new callback xxfi_negotiate() can be used to
dynamically (i.e., at runtime) determine the available
protocol actions and features of the MTA and also to
specify which of these a milter wants to use. This allows
for more flexibility than hardcoding these flags in the
xxfi_flags field of the smfiDesc structure.
LIBMILTER: A new callback xxfi_data() is available so milters
can act on the DATA command.
LIBMILTER: A new callback xxfi_unknown() is available so milters
can receive also unknown SMTP commands.
LIBMILTER: A new return code SMFIS_NOREPLY has been added which
can be used by the xxfi_header() callback provided the
milter requested the SMFIP_NOHREPL protocol action.
LIBMILTER: The new return code SMFIS_SKIP can be used in the
xxfi_body() callback to skip over further body chunks
and directly advance to the xxfi_eom() callback. This
is useful if a milter can make a decision based on the
body chunks it already received without reading the entire
rest of the body and the milter wants to invoke functions
that are only available from the xxfi_eom() callback.
LIBMILTER: A new function smfi_addrcpt_par() can be used to add
new recipients including ESMTP parameters.
LIBMILTER: A new function smfi_chgfrom() can be used to change the
envelope sender including ESMTP parameters.
LIBMILTER: A milter can now request to be informed about rejected
recipients (RCPT) too. This requires to set the protocol
flag SMFIP_RCPT_REJ during option negotiation. Whether
a RCPT has been rejected can be checked by comparing the
value of the macro {rcpt_mailer} with "error".
LIBMILTER: A milter can now override the list of macros that it
wants to receive from the MTA for each protocol step
by invoking the function smfi_setsymlist() during option
negotiation.
LIBMILTER: A milter can receive header field values with all
leading spaces by requesting the SMFIP_HDR_LEADSPC
protocol action. Also, if the flag is set then the MTA
does not add a leading space to headers that are added,
inserted, or replaced.
LIBMILTER: If a milter sets the reply code to "421" for the HELO
callback, the SMTP server will terminate the SMTP session
with that error to match the behavior of all other callbacks.
New Files:
cf/feature/badmx.m4
cf/feature/block_bad_helo.m4
cf/feature/require_rdns.m4
devtools/M4/UNIX/check.m4
include/sm/misc.h
include/sm/sendmail.h
include/sm/tailq.h
libmilter/docs/smfi_addrcpt_par.html
libmilter/docs/smfi_setsymlist.html
libmilter/docs/xxfi_data.html
libmilter/docs/xxfi_negotiate.html
libmilter/docs/xxfi_unknown.html
libmilter/example.c
libmilter/monitor.c
libmilter/worker.c
libsm/memstat.c
libsm/t-memstat.c
libsm/t-qic.c
libsm/util.c
sendmail/daemon.h
sendmail/map.h
So, compile socketmap support in unconditionally (as the Perl scripts
are actually only examples of socketmap functionality; any language can be
used in reality). Remove socketmap related OPTIONs completely.
