8.16.1/8.16.1 2020/07/05
SECURITY: If sendmail tried to reuse an SMTP session which had
already been closed by the server, then the connection
cache could have invalid information about the session.
One possible consequence was that STARTTLS was not
used even if offered. This problem has been fixed
by clearing out all relevant status information
when a closed session is encountered.
OpenSSL versions before 0.9.8 are no longer supported.
OpenSSL version 1.1.0 and 1.1.1 are supported.
Initial support for DANE (see RFC 7672 et.al.) is available if
the compile time option DANE is set. Only TLSA RR 3-1-x
is currently implemented.
New options SSLEngine and SSLEnginePath to support OpenSSL engines.
Note: this feature has so far only been tested with the
"chil" engine; please report problems with other engines
if you encounter any.
New option CRLPath to specify a directory which contains
hashes pointing to certificate revocations files.
Based on patch from Al Smith.
New rulesets tls_srv_features and tls_clt_features which
can return a (semicolon separated) list of TLS related
options, e.g., CipherList, CertFile, KeyFile,
see doc/op/op.me for details.
To automatically handle TLS interoperability problems for outgoing
mail, sendmail can now immediately try a connection again
without STARTTLS after a TLS handshake failure.
This can be configured globally via the option
TLSFallbacktoClear or per session via the 'C' flag
of tls_clt_features.
This also adds the new value "CLEAR" for the macro
{verify}: STARTTLS has been disabled internally for
a clear text delivery attempt.
Apply Timeout.starttls also to the server waiting for the TLS
handshake to begin. Based on patch from Simon Hradecky.
New compile time option TLS_EC to enable the use of elliptic
curve cryptography in STARTTLS (previously available as
_FFR_TLS_EC).
Handle MIME boundaries specified in headers which contain CRLF.
Fix detection of loopback net (it was broken when compiled
with NETINET6) and only set the macros {if_addr_out}
and {if_family_out} if the interface of the outgoing
connection does not belong to the loopback net.
Fix logic to enable a milter to delete a recipient in
DeliveryMode=interactive even if it might be subject
to alias expansion.
Log name of a milter making changes (this was missing for
some functions).
Log the actual reply of a server when an SMTP delivery problem
occurs in a "reply=" field if possible.
Log user= for failed AUTH attempts if possible. Based on
patch from Packet Hack, Jim Hranicky, Kevin A. McGrail,
and Joe Quinn.
Add CDB as map type. Note: CDB is a "Constant DataBase", i.e.,
no changes can be made after it is created, hence it
does not work with vacation(1) nor editmap(8) (except
for query mode).
Fix some memory leaks (mostly in error cases) and properly handle
copied varargs in sm_io_vfprintf(). The issues were found
using Coverity Scan and reported (including patches) by
Ondřej Lysoněk of Red Hat.
Do not override ServerSSLOptions and ClientSSLOptions when they
are specified on the command line. Based on patch from
Hiroki Sato.
Add RFC7505 Null MX support for domains that declare they do not
accept mail.
New compile time option LDAP_NETWORK_TIMEOUT which is set
automatically when LDAPMAP is used and
LDAP_OPT_NETWORK_TIMEOUT is available to enable the
new -c option for LDAP maps to specify the network timeout.
CONFIG: New FEATURE(`tls_session_features') to enable standard
rules for tls_srv_features and tls_clt_features; for
details see cf/README.
CONFIG: New options confSSL_ENGINE and confSSL_ENGINE_PATH
for SSLEngine and SSLEnginePath, respectively.
CONFIG: New options confDANE to enable DANE support.
CONFIG: New option confTLS_FALLBACK_TO_CLEAR for TLSFallbacktoClear.
CONFIG: New extension CITag: for TLS restrictions, see cf/README
for details.
CONFIG: FEATURE(`blacklist_recipients') renamed to
FEATURE(`blocklist_recipients').
CONTRIB: cidrexpand updated to support IPv6 CIDR ranges and to
canonicalize IPv6 addresses; if cidrexpand is used with IPv6
addresses then UseCompressedIPv6Addresses must be disabled.
DOC: The dns map can return multiple values in a single result
if the -z option is used.
DOC: Note to set MustQuoteChars=. due to DKIM signatures.
LIBMILTER: Fix typo in a macro. Patch from Ignacio Goyret
of Alcatel-Lucent.
LIBMILTER: Fix reference in xxfi_negotiate documentation.
Patch from Sven Neuhaus.
LIBMILTER: Fix function name in smfi_addrcpt_par documentation.
Patch from G.W. Haywood.
LIBMILTER: Fix a potential memory leak in smfi_setsymlist().
Patch from Martin Svec.
MAKEMAP: New map type "implicit" refers to the first available type,
i.e., it depends on the compile time options NEWDB, DBM,
and CDB. This can be used in conjunction with the
"implicit" map type in sendmail.cf.
Note: makemap, libsmdb, and sendmail must be compiled
with the same options (and library versions of course).
Portability:
Add support for Darwin 14-18 (Mac OS X 10.x).
New option HAS_GETHOSTBYNAME2: set if your system
supports gethostbyname2(2).
Set SM_CONF_SEM=2 for FreeBSD 12 and later due to
changes in sys/sem.h
On Linux set MAXHOSTNAMELEN (the maximum length
of a FQHN) to 256 if it is less than that value.
Added Files:
cf/feature/blocklist_recipients.m4
cf/feature/tls_failures.m4
devtools/OS/Darwin.14.x
devtools/OS/Darwin.15.x
devtools/OS/Darwin.16.x
libsmdb/smcdb.c
sendmail/ratectrl.h
1a1e994dc1