Changelog:
Version 1.4.28:
- Update autotools files.
- Improve error message on connection failures in some IPv6/IPv4 situations.
- Improve documentation of EHLO issues.
- Bug fix: expand tilde for the aliases command.
contains fixes for PR#45785.
Version 1.4.27:
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Fix a compiler warning with current OpenSSL versions.
* Introduce scripts option to install optional scripts.
Changelog:
Version 1.4.26:
- A new version of the msmtpq script fixes serious bugs. To update to the new
version of the script, you need to remove the old msmtpQ symlink, change
msmtpQ to msmtpq in your MUA config, and use msmtp-queue for queue management.
Changelog:
Version 1.4.25:
- DIGEST-MD5 authentication is not considered secure any longer. See RFC 6331.
- Support for alias expansion was added. See the aliases command and --aliases
option.
Changelog:
Version 1.4.24:
- Remove the unmaintained pt_BR translation.
- Simplify manual license: use a simple permissive license instead of GNU FDL.
- Replace a call to gnutls_protocol_set_priority(), which is deprecated in
GnuTLS >= 2.12.0. Fixes Debian bug #624048 (reported for mpop).
- Remove gnulib, for simplicity and maintainability.
- Update GNU autotools files, in particular configure.ac.
Changelog:
Version 1.4.23:
- Fix SCRAM-SHA-1 authentication via libgsasl. Reported and analyzed by
Steffen Lehmann for mpop.
Version 1.4.22:
- Update gnulib to 2010-12-23.
- Avoid different account selection behaviour in --pretend mode, and print more
informational messages about account selection in --pretend and --debug mode.
Suggested by Adam Spiers.
- Add a new passwordeval command and --passwordeval option, to set the password
from the output of a command. Written by Martin Stenberg.
- A few documentation improvements, suggested by Andries E. Brouwer.
Based on PR#43566, with additional clean up, exactly enable/disable options.
Version 1.4.21:
- No significant changes.
Version 1.4.20:
- Added support for authentication mechanism SCRAM-SHA-1 via GNU SASL.
- The new command tls_fingerprint allows one to trust one particular TLS
certificate, in case tls_trust_file cannot be used for some reason.
- The new script msmtp-gnome-tool.py manages Gnome Keyring passwords for msmtp.
Version 1.4.19:
- When using OpenSSL, msmtp now correctly handles NUL characters in the Common
Name and Subject Alternative Name fields of certificates. This fixes a
security problem. Note that msmtp is not affected by this problem if GnuTLS is
used.
(fix PR pkg/42054.)
Changes:
- Update gnulib to 2009-09-07.
- Use proper binary prefixes when handling sizes.
- Scripts msmtpq and msmtpQ: do not hardcode IP address of www.google.com
when testing connectivity. Use host name instead. Closes Debian bug #538328.
- Make the option -v an alias for -d/--debug, for compatibility with
other implementations of the sendmail interface. Closes Debian bug #487272.
- Add find_alias_for_msmtp.sh script by Jim Lofft.
- Update gnulib to 2009-08-02.
- Increase SMTP_MAXCMDLEN so that it is large enough to handle the
potentially very long lines generated by the GSSAPI authentication method.
- Update gnulib to 2009-03-07. Remove gnulib modules
fseek/fseeko/lseek because they cause errors on MinGW: files opened with
"r+" cannot be written to.
Provide our own fseeko instead if it does not exist; see configure.ac.
- Use "netrc" as SYSNETRCFILE, not ".netrc". Reported by Jim Pryor.
- Use more gnulib modules to remove more W32 workarounds from the source.
- Add missing gnulib module strerror for meaningful error messages on W32.
Based on PR 40278 by Leonardo Taccari.
Version 1.4.17:
- Remove most W32-specific code from net.c and use the appropriate gnulib
modules instead.
- Gnulib upate to 2008-12-24.
- Unified handling of the Gnome and MacOS keyrings. Both are disabled by default
and must be enabled using --with-*-keyring options.
- Support for SYSCONFDIR/netrc (as a fallback for ~/.netrc) was added by Jim
Pryor. Thanks!
- Support for the GNOME Keyring was added by Satoru SATOH. Thanks a lot!
- Added a vim syntax file for msmtprc files to scripts/vim. The file was
written by Simon Ruderich. Thanks!
- Updated the msmtpq/msmtpQ scripts.
Okayed by maintainer (private email to me).
Adds DESTDIR support.
Changes from ChangeLog:
Version 1.4.16:
- Changed all scripts to '#!/usr/bin/env bash' instead of '#!/bin/sh' or
'#!/bin/bash', because they use bash features that are not available in POSIX
/bin/sh and because bash might not live in /bin, e.g. on BSD systems. This is
a quick fix for Debian bug #489635.
- Accept both 250 and 251 in return of the RCPT TO command, as required by RFC
2821 sections 4.3.2 and 3.4. Reported and fixed by Matthias Bernhardt.
Thanks!
- Fix scripts/msmtpqueue/msmtp-runqueue.sh. An error made while applying a
patch accidently broke it. Reported by Thomas Weber. Thanks!
Version 1.4.15:
- Added the new tls_crl_file configuration command and the corresponding
--tls-crl-file option.
- Added the new tls_min_dh_prime_bits configuration command and the
corresponding --tls-min-dh-prime-bits option. This closes Debian bug
#440344.
- Added the new tls_priorities configuration command and the corresponding
--tls-priorities option.
- Gnulib upate to 2008-06-02. Use getpass-gnu instead of getpass module.
- Add msmtpq scripts by Chris Gianniotis to the scripts directory. Suggest
them as a replacement in the README of the msmtpqueue scripts.
- Do not let getpass() read from stdin, because we read the mail from there.
Reported by Karol Lewandowski. Thanks!
- Updated the set_sendmail script by Gautam Iyer. Thanks!
- Return EX_TEMPFAIL instead of EX_DATAERR in case of 4xx replies to the MAIL
FROM, RCPT TO and DATA commands. Reported by Kent Vinther Friis. Thanks!
Version 1.4.14:
- Add support for the SMTPSERVER and EMAIL environment variables. These
variables are used when no other configuration is available. Suggested by
Jari Aalto.
- Add the --read-envelope-from option, which extracts the envelope from address
from the From: header.
- Fix a typo in the man page.
- Add support for Resent-* headers to the -t/--read-recipients option. Fixes
Debian bug #464474, reported by Tim Abbott.
- Buffer read operations also when TLS/SSL is active. Fixes performance problems
with GnuTLS, reported by Dimitrios Apostolou for mpop.
- Fixed a potential problem with VPATH builds.
- Updated gnulib to 2008-02-26. Imported havelib module.
- Always log smtpstatus and smtpmsg, even in case of success. Suggested by
Bruno De Fraine.
- Use locale-independent c_toupper() instead of toupper() to avoid problems
with the tr_TR.UTF-8 locale. Reported by S.Çağlar Onur. Thanks!
- Updated gnulib to 2008-02-15. Imported c-ctype module.
- Support for the Max OS X keychain was added by Jay Soffian. Thanks a lot!
- Fix network input/output timeouts for W32. Bug reported and fixed by
Shoorick for mpop. Thanks!
Based on patch provided by L. Schmidt in PR 36939.
Version 1.4.13:
- Added the set_sendmail.sh script by Gautam Iyer to the new scripts
subdirectory.
- Added the msmtpqueue scripts to the new scripts subdirectory.
- Make the search of an account by the envelope from address case insensitive.
Problem reported and fixed by Brandon Philips.
- Update the license of the source code to GPLv3 or later, and change the
license of the documentation to the GFDLv1.2 or later.
- Gnulib update to 2007-07-15.
Version 1.4.12:
- Handle the special envelope from address MAILER-DAEMON correctly: send
"MAIL FROM:<>" instead of "MAIL FROM:<MAILER-DAEMON>". Reported by
Andre Egerer.
- Improve the documentation for TLS vs. SSL. Thanks to Carlos Martin Nieto for
suggestions.
- Add documentation on how to find the right CA certificate for
tls_trust_file. Thanks to Bryan Kam for suggestions.
Version 1.4.11:
- Require either tls_trust_file or tls_certcheck=off for TLS sessions, so that
msmtp is not silently vulnerable to man-in-the-middle attacks.
- Do not use NTLM authentication automatically anymore unless TLS is active.
NTLM is not an open standard and must therefore be considered broken.
- Gnulib update 2007-04-07.
- Move build-aux files to separate directory build-aux.
- Provide a hstrerror() function for systems that lack getaddrinfo(), so that
gethostbyname() must be used instead, and do not provide hstrerror()
themselves. Needed for Solaris 2.6. Reported and tested by Chris Green.
Version 1.4.10:
- Updated copyright info to 2007.
- Gnulib update to 2007-01-10.
- From mpop: Switch to autoconf-2.61 and automake-1.10, to avoid problems with
configure trying to run "sh /usr/bin/install" where /usr/bin/install is not a
shell script on NetBSD. Reported by Jeremy C. Reed.
- From mpop: Remove the obsolete "extern int errno;" declaration. It does not
conform to POSIX and causes trouble. Thanks to Jeremy C. Reed for the patch.
- Added AC_SYS_LARGEFILE to configure.ac, for large file support. Removed the
unnecessary AC_C_CONST and AC_HEADER_STDC.
Version 1.4.9:
- Remove gnulib module nanosleep. This fixes more build problems.
Version 1.4.8:
- Gnulib update. There are no local changes anymore.
- Do not use nanosleep() on W32 anymore. Use Sleep() instead.
Do not use nanosleep() on DJGPP anymore. Use usleep() instead.
- Update gettext files to gettext-0.16.
- Improved the configure check for the OpenSSL libraries. This fixes a build
failure on Mac OS X. Reported by Michael Williams, who also tested the fix.
Thanks!
- Fix a bug in string_replace(). This bug did not affect msmtp.
- Gnulib update. Removes the initialization of pkgdata_DATA from
gnulib/Makefile.am, thanks to a fix by Bruno Haible. 'make install' will no
longer create an empty directory $(pkgdatadir) anymore (the default for
$(pkgdatadir) is /usr/local/share/msmtp). Reported by Roman Bogorodskiy.
Version 1.4.7:
- Gnulib update. The nanosleep module still differs from the official gnulib
source.
- Disable SSLv2 because it has known flaws. This only affects the OpenSSL
version because GNU TLS does not implement SSLv2.
- Add new command tls_force_sslv3 and option --tls-force-sslv3 to force
TLS/SSL version SSLv3. This is needed to use SSL with some old and broken
servers. Closes Debian bug #374610, reported by Marko Makela. Thanks to
Julien Louis for tracking this problem down and testing the patch.
- Changed detection of libgnutls so that it works with version >= 1.2.0 again.
- Improvements for the build system:
- Quote arguments of M4 macros.
- Use AC_LIB_HAVE_LINKFLAGS to detect libraries. Do not use *-config scripts
or pkg-config. This avoids problems that are reported in this thread:
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/
1610/focus=1610 .
- Use HAVE_LIB* macros instead of USE_* or others, for consistency.
- Link with LIB_NANOSLEEP as determined by the gnulib nanosleep module. This
fixes build problems on Solaris. Reported by Daniel Rechsteiner. Thanks!
- Update to gettext-0.15.
- W32/DJGPP: Assure that all files are opened in binary mode. This seems to
also apply to socket connections, therefore it is necessary.
- Fix error message typo in check_account().
- DJGPP port: include missing header <fcntl.h> in msmtp.c
- Sync from mpop:
- Adapt --version output to the latest GNU conventions.
- Clean up #includes.
- Renamed os_env.[ch] to tools.[ch].
- Replace __MINGW__ with W32_NATIVE in os_env.h.
Version 1.4.6:
- Updated README.
- Minor documentation improvements.
- Do not set a default port for LMTP, because none is officially defined.
- Update gettext files to gettext-0.14.5.
- Another gnulib update, with the additional sys_select module and a patch to
the nanosleep module. See the mailing list gnulib-bugs for these patches
that are not (yet?) part of the official gnulib.
- Gnulib update.
- Improved --help text output.
- Improved error messages when logging to a logfile fails.
- Sync from mpop:
- Enable network connection timeouts on DJGPP/Watt32. Thanks to Gisle Vanem
for pointing out that this works just like it does with UNIX. The
DJGPP/Watt32 port is now on par with the UNIX port.
- Update README.dos.
- Don't check configuration file permissions on Cygwin.
- Renamed README.win32 to README.w32. Updated README.w32 and README.dos.
- Replace '#ifdef _WIN32' with '#ifdef W32_NATIVE', where W32_NATIVE is
defined in config.h if the following is true:
'#if (defined _WIN32 || defined __WIN32__) && !defined __CYGWIN__'.
The reason is that Cygwin defines _WIN32 nowadays, but we want the UNIX API
on that platform.
- Include config.h in list.c.
- Fix warnings emitted for configure.ac by autoreconf.
- lock_file(): If another process holds a lock on the file, then wait 1/10
second instead of 1 second before the next try.
- Gnulib update. Added nanosleep module.
- Improve error handling for file locking: differentiate between timeouts and
other errors.
- Improve checks for libraries in configure.ac. The ./configure options have
changed! See INSTALL for more info.
- Improve --version output.
- Add (optional) support for Internationalized Domain Names (IDN) via
GNU Libidn.
- Initialize TLS only if pop3_connect() succeeded.
- Move SSL_LIBS and GSASL_LIBS into LIBS; do not put them in Makefile.am.
- Fix memory leak in GNU SASL variant of pop3_auth().
(This change applies to smtp_auth(), GNU SASL variant.)
- Fix memory leak in GnuTLS variant of tls_cert_info_get().
- pop3_auth(), GNU SASL variant:
- Check if authentication data is complete before trying to start
authentication.
- Never call password_callback() when no user name is given.
(This change applies to smtp_auth(), GNU SASL variant.)
- Prevent a double free if an invalid argument to the auth command is given.
- Prevent a double free if an invalid argument to --auth is given.
- Replace crypto.[ch] with gnulib hmac-md5 module.
- Gnulib update. Add hmac-md5 module.
- net.c, tls.c: allow all network operations to be interrupted with CTRL+C,
and print an appropriate error message in this case.
(This change does not affect msmtp.)
- tls.c: if an error occurs, clean up *after* building the error message. This
fixes a potential segfault in the OpenSSL version of tls_start().
- net_open_socket(): don't let net_close_socket() clobber errno.
- net_open_socket(): print correct error message if getaddrinfo() returns
EAI_SYSTEM.
- Fixed comment in net.h.
- net_get_canonical_hostname(): Only call freeaddrinfo() if getaddrinfo()
succeeded. Reported and fixed by Raul Nunez de Arenas Coronado.
(This change does not affect msmtp.)
- Update copyright message.
- Gnulib update.
- Minor Win32 portability/cross-compilation updates.
- configure.ac: Rely on PKG_CHECK_MODULES to find GSASL, do not fall back to
manual detection, to prevent using an incompatible version of GSASL.
Problem reported by Jari Aalto.
- Gnulibs sysexit_.h now defines EX_OK; there's no need to use a locally
modified version anymore.
- Use a locally modified version of gnulibs sysexit_.h that defines EX_OK to
0, since the gnulib maintainers apparently won't fix this file.
Include the sysexits.h header after all other system headers to override
previous definitions of EX_OK on systems that use EX_OK for other purposes.
This is needed on Interix, reported by Ben Collver.
- gnulib update.
- adapted configure.ac for new pkg-config version
- Use gnulib socklen module for socklen_t.
- Lock the logfile.
- W32/DJGPP: Use all files/streams in binary mode.
- W32: Allow %HOME% to override default user configuration directory.
- W32: Enable getpass and netrc functionality.
- Use gnulib getpass module since it now works on Win32.
- Shut down a GnuTLS TLS session with GNUTLS_SHUT_WR instead of
GNUTLS_SHUT_RDWR. This prevents session hangs in certain situations.
It is safe to do this because we never reuse a connection when TLS was shut
down. Thanks to Jens Kammler for the problem report!
- Do not rely on a failing malloc setting errno in xalloc_die()
- Make the GnuTLS code accept old version 1 CA certificates when verifying
certificates.
- Renamed LOCK_(READ|WRITE) to OSENV_LOCK_(READ|WRITE) in os_env.[ch] to avoid
name clashes with <fcntl.h>
Most of these exit codes are defined in gnulib/sysexit_.h
EX_OK is defined as 0 in src/msmtp.c if it wasn't already defined.
The variable error_code is assigned these exit values, and returned at
the end of main().
On Interix, EX_OK is defined in unistd.h:
#define EX_OK 0x8001 /* test for regular executable */
patch-ab changes the logic so that when error_code == EX_OK, the exit
code is 0 instead of EX_OK. This should work everywhere.
- Automatic envelope-from addresses are only generated when auto_from is enabled
with the new auto_from command or --auto-from option.
This allow empty envelope from addresses to be set with the from command or
--from option.
- The 'connect_timeout' setting was replaced by a 'timeout' setting that applies
to all network operations. The old option and command are still accepted, but
they are not restricted to connection attempts anymore.
- Native language support (NLS) was added. Currently the only supported language
besides english is german, but it is easy to add more translations (hint,
hint)!
Changes 1.4.1:
- Only bug fixes, no new features.
- This is the new stable release of msmtp.
BEWARE: When upgrading from 1.2.4, note that
- Authentication is not enabled automatically anymore! Insert the command
"auth on" into account definitions that need it.
- Some command line options have changed!
- Summary of new features since 1.2.4:
- Sendmail compatible command line options, including -t, -N, and -R
- New long options to configure almost everything on the command line
- Optional account selection with -f/--from
- Support for a system wide configuration file
- Optional automatic construction of envelope from addresses
- More flexible account definitions
- Configurable connection timeouts
- Improved log file logging
- Syslog logging
- Improved TLS/SSL support
- Support for LMTP
- Support for the EXTERNAL and GSSAPI authentication methods
- Support for .netrc and password prompting
- Rewritten documentation, available in various formats
- Changed return code in case of authentication error from EX_DATAERR
to EX_NOPERM
- Changed return code in case of missing/invalid configuration file or
nonexistent account from EX_NOINPUT/EX_DATAERR to EX_CONFIG
- Test return value of localtime(3) in msmtp_log()
- Windows specific code in net.c: moved translation of error code from
WSAStartup() from net_lib_init() to wsa_strerror()
- OpenSSL specific code in tls.c: minor cleanup in openssl_io_error()
- Always keep control of the format string in calls to merror(). (There
were four cases where the result of strerror() was passed as the format
string in smtp.c.)
- Clarified usage instructions of merror() in merror.h
- Check at initialization time whether support for a manually requested
authentication mechanism is compiled, *before* establishing a network
connection.
This required a change from smtp_auth_caps() to the (equally trivial)
smtp_authmech_is_supported() function.
Made the output of both "not compiled in" messages (TLS and auth mech)
consistent.
The return code for these error conditions is EX_UNAVAILABLE now.
- Make the output of -h/--help and -v/--version consistent with the GNU
utilities by including copyright and no-warranty notice (version) and
a short description and the bug report address (--help).
- Add missing declarations of optarg and optind to msmtp.c, needed for
getopt() handling. No compiler complained so far, though.
- Fixed stupid error in smtp.c that prevented the detection of output
errors when sending the RCPT TO command (highly unlikely to occur).
- Cosmetic change in -v/--version output that avoids lines longer than
80 characters
- Fixed some man page typos
- Fixed typos in conffile.c error message
- Fixed typo in tls.c error message (OpenSSL code only)
- Changed error messages: "bla [blub]" -> "bla: blub"
- Improved some TLS error messages
- Corrected short description in man page, README and code comments
- Updated README.dos
Changes since 1.0.0:
Version 1.2.3:
- IPv6 support on Windows systems
- The configuration file supports all commands and arguments related to
TLS and authentication, even if TLS and/or GNU SASL support is not
compiled in
- The GNU SASL library is not required to support DIGEST-MD5 and NTLM
anymore. This means you can now use the packaged versions of the library
from Gentoo or Debian sarge.
- You can use the -v/--version option to find out which authentication
methods are supported.
Version 1.2.2:
- Enhancements to the logfile command:
- All available information is now written to the logfile (new fields:
mailsize=..., smtpmsg='...', errormsg='...').
- Logging to standard output is possible by using "logfile -"
Version 1.2.1:
- No new features.
Version 1.2.0:
- This version can be compiled without TLS/SSL support; use
--disable-ssl if you really want that.
- Read the entries for versions 1.1.x for more changes since the last
stable version 1.0.0.
Version 1.1.3:
- New option -i for compatibility with mail(1).
- New 'logfile' command; see man page for details.
Version 1.1.2:
- No user visible changes.
Version 1.1.1:
- The tls_nostarttls command now sets the default port to 465 (ssmtp).
Version 1.1.0:
- Support for SMTP command pipelining. On high latency networks, this
may increase transmission speed, especially when sending to many
recipients.
- The short option for --file, -f, has changed to -F
- A new option --from/-f is available to set the envelope from address.
- A new option --serverinfo/-S is available to print information
about the capabilities and limitations of an SMTP server
eslack dot org> in private email.
Changes:
Version 1.0.0:
- New feature: tilde expansion for filenames in the configuration file
Version 0.7.2:
- This version adds native support for Windows 9x/ME/NT/2000/XP/2003
(with MinGW) and DOS (with DJGPP and the Watt32 library).
Version 0.7.1:
- New command: 'domain'
- New options: --pretend and --debug
Version 0.7.0:
- Support for DSN (Delivery Status Notifications) was added via
the new commands 'dsn_notify' and 'dsn_return'.
- The 'tls_nocertcheck' command was added. It disables all server
certificate checks. Use it if you get certificate check errors but
still want to use the SMTP server with TLS/SSL.
- The 'nostarttls' command is now called 'tls_nostarttls'.
Please update your configuration file.
Version 0.6.5:
- License clarification:
msmtp is released under the GPL with the additional exemption that
compiling, linking, and/or using OpenSSL is allowed.
- If you want to use GnuTLS instead of OpenSSL, you will now need
GnuTLS >= 1.0.0 and libgcrypt >= 1.1.90!
- msmtp now works on systems that lack IPv6 support
- msmtp now accepts arbitrary long lines in mails
Version 0.6.4:
- fixed configuration file code
Version 0.6.3:
- portability fix for Mac OS X (Randolph Fritz)
- fixed --disable-gsasl configure option
- man page improvements
Version 0.6.2:
- use GNU Autotools (Christophe Nowicki)
- fixed wildcard support in server certificate's Common Name field
Version 0.6.1:
- improved certificate check/verification with OpenSSL
- code cleanups
Version 0.6.0:
- Added sanity checks of server certificate when using TLS
- Strict server certificate verification with tls_trust_file command
- Possibility to send client certificate if requested (tls_key_file and
tls_cert_file commands)
- Optional support for GnuTLS instead of OpenSSL
- Optional support for GSASL (adds DIGEST-MD5 and NTLM authentication methods)
- Arguments in the configuration file may now contain blanks
- Removed the possibility to choose the TLS version with the tls command
- Proper recognition of server capabilities (EHLO response)
Bryan Carter Vyhmeister in PR 22840.
and probably other MUAs (mail user agents). msmtp forwards mails
to an SMTP server (for example at a free mail provider) which does
the delivery.
Features include:
* SMTP AUTH methods PLAIN, LOGIN and CRAM-MD5
* TLS encrypted connections
* IPv6 support
* robustness
* detailed error messages (including the full answer of the
SMTP server) if something goes wrong
* sendmail compatible exit codes (which most MUAs understand).
Simply tell your MUA to call msmtp instead of /usr/sbin/sendmail.