From the CHANGELOG:
> Store the filesystem identifier of the df/ subdirectory (if it
> exists) in an internal structure instead of the base
> directory. This structure is used decide whether there
> is enough free disk space when selecting a queue, hence
> without this change queue selection could fail if a df/
> subdirectory exists and is on a different filesystem
> than the base directory.
> Use the queue index of the df file (instead of the qf file) for
> checking whether a link(2) operation can be used to split
> an envelope across queue groups. Problem found by
> Werner Wiethege.
> If the list of items in the queue is larger than the maximum
> number of items to process, sort the queue first and
> then cut the list off instead of the other way around.
> Patch from Matej Vela of Rudjer Boskovic Institute.
> Fix helpfile to show full entry for ETRN. Problem noted by
> Penelope Fudd, patch from Neil Rickert of Northern Illinois
> University.
> FallbackSmartHost should also be tried on temporary errors.
> From John Beck of Sun Microsystems.
> When a server responds with 421 to the STARTTLS command then treat
> it as a temporary error, not as protocol error. Problem
> noted by Andrey J. Melnikoff.
> Properly define two functions in libsm as static because their
> prototype used static too. Patch from Peter Klein.
> Fix syntax errors in helpfile for MAIL and RCPT commands.
> LIBMILTER: When smfi_replacebody() is called with bodylen equals
> zero then do not silently ignore that call. Patch from
> Gurusamy Sarathy of Active State.
> LIBMILTER: Recognize "421" also in a multi-line reply to terminate
> the SMTP session with that error. Fix from Brian Kantor.
> Portability: New option HASSNPRINTF which can be set if the OS
> has a properly working snprintf(3) to get rid
> of the last two (safe) sprintf(3) calls in the
> source code.
> Add support for AIX 5.3.
> Add support for SunOS 5.11 (aka Solaris 11).
> Add support for Darwin 8.x. Patch from Lyndon Nerenberg.
> OpenBSD 3.7 has removed support for NETISO.
> CONFIG: Add OSTYPE(freebsd6) for FreeBSD 6.X.
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
- Remove old patch-ai
- From the ChangeLog:
> The bug fixes in 8.13.3 for connection handling uncovered a
> different error which could result in connections that
> stay in CLOSE_WAIT state due to a variable that was not
> properly initialized. Problem noted by Michael Sims.
> Deal with empty hostnames in hostsignature(). This bug could lead
> to an endless loop when doing LMTP deliveries to another
> host. Problem first reported by Martin Lathoud and
> tracked down by Gael Roualland.
> Make sure return parameters are initialized in getmxrr(). Problem
> found by Gael Roualland using valgrind.
> If shared memory is used and the RunAsUser option is set, then the
> owner and group of the shared memory segment is set to
> the ids specified RunAsUser and the access mode is set
> to 0660 to allow for updates by sendmail processes.
> The number of queue entries that is (optionally) kept in shared
> memory was wrong in some cases, e.g., envelope splitting
> and bounce generation.
> Undo a change made in 8.13.0 to silently truncate long strings
> in address rewriting because the message can be triggered
> for header checks where long strings are legitimate.
> Problem reported by Mary Verge DeSisto, and tracked
> down with the help of John Beck of Sun Microsystems.
> The internal stab map did not obey the -m flag. Patch from
> Rob McMahon of Warwick University, England.
> The socket map did not obey the -f flag. Problem noted by
> Dan Ringdahl, forwarded by Andrzej Filip.
> The addition of LDAP recursion in 8.13.0 broke enforcement of
> the LDAP map -1 argument which tells the MTA to only
> return success if and only if a single LDAP match is found.
> Add additional error checks in the MTA for milter communication
> to avoid a possible segmentation fault. Based on patch
> by Joe Maimon.
> Do not trigger an assertion if X509_digest() returns success but
> does not assign a value to its output parameter. Based
> on patch by Brian Kantor.
> Add more checks when resetting internal AUTH data (applies only
> to Cyrus SASL version 2). Otherwise an SMTP session might
> be dropped after an AUTH failure.
> Portability:
> Add LA_LONGLONG as valid LA_TYPE type for systems that use
> "long long" to read load average data, e.g.,
> AIX 5.1 in 32 bit mode. Note: this has to be set
> "by hand", it is not (yet) automatically detected.
> Problem noted by Burak Bilen.
> Use socklen_t for accept(), etc. on AIX 5.x. This should
> fix problems when compiling in 64 bit mode.
> Problem first reported by Harry Meiert of
> University of Bremen.
tracked the Cyrus SASL 1.5.x releases, which are no longer maintained.
Adjust packages to use security/cyrus-sasl2 instead for SASL support.
This closes PR pkg/28218 and PR pkg/29736.
- Fix smrsh man page patch
- Tidy up MESSAGE
- Replace 8.13.1 errata with 8.13.3 errata
- Remove rename of file outside ${PREFIX} on db2 installs
> 8.13.3/8.13.3 2005/01/11
> Enhance handling of I/O errors, especially EOF, when STARTTLS
> is active.
> Make sure a connection is not reused after it has been closed
> due to a 421 error. Problem found by Allan E Johannesen
> of Worcester Polytechnic Institute.
> Avoid triggering an assertion when sendmail is interrupted while
> closing a connection. Problem found by Allan E Johannesen
> of Worcester Polytechnic Institute.
> Regression: a change in 8.13.2 caused sendmail not to try the
> next MX host (or FallbackMXhost if configured) when, at
> connection open, the current server returns a 4xy or 5xy
> SMTP reply code. Problem noted by Mark Tranchant.
>
> 8.13.2/8.13.2 2004/12/15
> Do not split the first header even if it exceeds the internal
> buffer size. Previously a part of such a header would
> end up in the body of the message. Problem noted by
> Simple Nomad of BindView.
> Do not complain about "cataddr: string too long" when checking
> headers that do not contain RFC 2822 addresses.
> Problem noted by Rich Graves of Brandeis University.
> If a server returns a 421 reply to the RSET command between
> message deliveries, do not attempt to deliver any more
> messages on that connection. This prevents bogus "Bad
> file number" recipient status. Problem noted by
> Allan E Johannesen of Worcester Polytechnic Institute.
> Allow trailing white space in EHLO command as recommended by RFC
> 2821. Problem noted by Ralph Santagato of SBC Services.
> Deal with clients which use AUTH but negotiate a smaller buffer size
> for data exchanges than the value used by sendmail, e.g.,
> Cyrus IMAP lmtp server. Based on patch by Jamie Clark.
> When passing ESMTP arguments for RCPT to a milter, do not cut
> them off at a comma. Problem noted by Krzysztof Oledzki.
> Add more logging to milter change header functions to
> complement existing logging. Based on patch from
> Gurusamy Sarathy of Active State.
> Include <lber.h> in include/sm/config.h when LDAPMAP is defined.
> Patch from Edgar Hoch of the University of Stuttgart.
> Fix DNS lookup if IPv6 is enabled when converting an IP address
> to a hostname for use with SASL. Problem noted by Ken Jones;
> patch from Hajimu UMEMOTO.
> CONFIG: For consistency enable MODIFY_MAILER_FLAGS for the prog
> mailer. Patch from John Beck of Sun Microsystems.
> LIBMILTER: It was possible that xxfi_abort() was called after
> xxfi_eom() for a message if some timeouts were triggered.
> Patch from Alexey Kravchuk.
> LIBMILTER: Slightly rearrange mutex use in listener.c to allow
> different threads to call smfi_opensocket() and smfi_main().
> Patch from Jordan Ritter of Cloudmark.
> MAIL.LOCAL: Properly terminate MBDB before exiting. Problem
> noted by Nelson Fung.
> MAIL.LOCAL: make strip-mail.local used a wrong path to access
> mail.local. Problem noted by William Park.
> VACATION: Properly terminate MBDB before exiting. Problem noted
> by Nelson Fung.
> Portability:
> Add support for DragonFly BSD.
> New Files:
> cf/ostype/dragonfly.m4
> devtools/OS/DragonFly
> include/sm/os/sm_os_dragonfly.h
> Deleted Files:
> libsm/vsscanf.c
- Option handling was ignoring old USE_* statements
- Don't try and compile sendmail with SASLv1 _and_ SASLv2 support
- Add missing migration option for USE_STARTTLS
pkgsrc changes:
- move to use options.mk framework
- solaris support tidy-up
- fix linux man page extension handling bug
- allow for a user defined smrsh directory
- update MASTER_SITES
- optional SOCKETMAP support and sample script installation
- ok'ed snj@/wiz@
Summary of some of the major changes include:
- New map "socket" to query maps via TCP/IP sockets.
- Connection rate control as well as control over the number of incoming open
connections.
- Several LDAP enhancements such as LDAP recursion and LDAP URI support.
- Message quarantining.
- AUTH EXTERNAL will only be enabled if STARTTLS was successful and the client
has been authenticated, i.e., {verify} is OK.
- Basic support for certificate revocation lists.
- New queue timeouts for DSN messages.
- Experimental support for MTAMark.
For a full list of changes see:
- http://www.sendmail.org/8.13.0.html
- http://www.sendmail.org/8.13.1.html
Changes since version 8.12.10:
Use QueueFileMode when opening qf files. This error was a
regression in 8.12.10. Problem detected and diagnosed
Lech Szychowski of the Polish Power Grid Company.
Properly count the number of queue runners in a work group and
make sure the total limit of MaxQueueChildren is not
exceeded. Based on patch from Takayuki Yoshizawa of
Techfirm, Inc.
Take care of systems that can generate time values where the
seconds can exceed the usual range of 0 to 59.
Problem noted by Randy Diffenderfer of EDS.
Avoid regeneration of identical queue identifiers by processes
whose process id is the same as that of the initial
sendmail process that was used to start the daemon.
Problem noted by Randy Diffenderfer of EDS.
When a milter invokes smfi_delrcpt() compare the supplied
recipient address also against the printable addresses
of the current list to deal with rewritten addresses.
Based on patch from Sean Hanson of The Asylum.
BadRcptThrottle now also works for addresses which return the
error mailer, e.g., virtusertable entries with the
right hand side error:. Patch from Per Hedeland.
Fix printing of 8 bit characters as octals in log messages.
Based on patch by Andrey J. Melnikoff.
Undo change of algorithm for MIME 7-bit base64 encoding to 8-bit
text that has been introduced in 8.12.3. There are some
examples where the new code fails, but the old code works.
To get the 8.12.3-8.12.10 version, compile sendmail with
-DMIME7TO8_OLD=0. If you have an example of improper
7 to 8 bit conversion please send it to us.
Return normal error code for unknown SMTP commands instead of
the one specified by check_relay or a milter for a
connection. Problem noted by Andrzej Filip.
Some ident responses contain data after the terminating CRLF which
causes sendmail to log "POSSIBLE ATTACK...newline in string".
To avoid this everything after LF is ignored.
If the operating system supports O_EXLOCK and HASFLOCK is set
then a possible race condition for creating qf files
can be avoided. Note: the race condition does not
exist within sendmail, but between sendmail and an
external application that accesses qf files.
Log the proper options name for TLS related mising files for
the CACertPath, CACertFile, and DHParameters options.
Do not split an envelope if it will be discarded, otherwise df
files could be left behind. Problem found by Wolfgang
Breyha.
The use of the environment variables HOME and HOSTALIASES has been
deprecated and will be removed in version 8.13. This only
effects configuration which preserve those variable via the
'E' command in the cf file as sendmail clears out its entire
environment.
Portability:
Add support for Darwin 7.0/Mac OS X 10.3 (a.k.a. Panther).
Solaris 10 has unsetenv(), patch from Craig Mohrman of
Sun Microsystems.
LIBMILTER: Add extra checks in case a broken MTA sends bogus data
to libmilter. Based on code review by Rob Grzywinski.
SMRSH: Properly assemble commands that contain '&&' or '||'.
Problem noted by Eric Lee of Talking Heads.
New Files:
devtools/OS/Darwin.7.0
that do make it into the binary package. Under the default configuration
on NetBSD these files are erroneous. This fix should resolve PR 20852
Here are the details:
1) /etc/mail/statistics
This file is created like so:
statistics:
${CP} /dev/null statistics
This file is not needed because sendmail is configured to use:
O StatusFile=/var/log/sendmail.st
To avoid creating this file, I added to devtools/OS/NetBSD:
define(`confNO_STATISTICS_INSTALL', `')
2) /etc/mail/submit.cf
This file is not needed because we install it as:
${PREFIX}/share/sendmail/cf/submit.cf
To avoid installing /etc/mail/submit.cf, I added to devtools/OS/NetBSD:
define(`confINST_DEP', `')
If confINST_DEP is undefined, then it will default to:
`${DESTDIR}/etc/mail/submit.cf ${DESTDIR}${MSPQ}'
3) /var/db/pkg/sendmail-8.12.8nb1/+INSTALL
This is now created by pkg_add with the binary package.
It appears the problem is resolved.
4) /var/spool/clientmqueue
This directory is not needed because sendmail is configured to use:
O QueueDirectory=/var/spool/mqueue
To avoid installing this directory, I added to devtools/OS/NetBSD:
define(`confINST_DEP', `')
