Changes since 1.4.0 from the RELEASE_NOTES file
NOTE: In response to CVE-2019-20790, opendmarc has changed
how it evaluates headers added by previous
SPF milters. Users are encouraged to read the
CVE-2019-20790 file in the "SECURITY" folder
for more details. (#49, #158). Originally reported by
Jianjun Chen, feedback by Simon Wilson and
David Bürgin <dbuergin@gluet.ch>.
NOTE: OpenDMARC's internal SPF handling will be removed
in a future version. Users are encouraged to
build linked against libspf2. Many pre-built
packages provided by OS packagers already do this.
(See https://www.libspf2.org)
Addition of defines for MUSL C Library. (#129/#133). Patches by
Marco Rebhan.
Updated opendmarc.conf manpage and opendmarc.conf.sample to point to
https://publicsuffix.org/list/.
Added a CONTRIBUTING document.
Fix two #ifdefs in arc functions for strlcpy. (#138). Reported by
Leo Bicknell.
Fixes to MySQL Schema (#98/#99). Patch by Bond Keevil.
LIBSPF2 calls would not compile on OpenBSD due to OpenBSD not
having the ns_type definition in arpa/resolv.h.
Added detection to configure script. (#134)
Reworked hcreate_r calls to use hcreate, to compile natively on
OpenBSD and MacOS. (Part of #94) Reported by Rupert
Gallagher.
Add compatibility with AutoConf 2.70. (#95)
Documentation updates about SourceForge being deprecated. (#101)
Only accept results from Received-SPF fields that indicate clearly
which identifier was being evaluated, since DMARC specifically
only wants results based on MAIL FROM.
Many build-time fixes (#100, #91, #90, #86, #85, #84, #83, #82, #81)
Patches provided by Rupert Gallagher (ruga@protonmail.com)
Added config option HoldQuarantinedMessages (default false), which
controls if messages with p=quarantine will be passed on to
the mail stream (if False) or placed in the MTA's "hold"
queue (if True). Issue #105. Patch by Marcos Moraes, on
the OpenDMARC mailing list.
Remove "--with-wall" from "configure". Suggested by Leo Bicknell.
LIBOPENDMARC: Fix bug #50: Ignore all RRTYPEs other than TXT.
Problem reported by Jan Bouwhuis.
LIBOPENDMARC: Fix bug #89: Repair absurd RRTYPE test in SPF code.
LIBOPENDMARC: Fix bug #104: Fix bogus header field parsing code.
LIBOPENDMARC: Fix bug #161: Don't pass the client IP address through
htonl() since it's already in network byte order. This
was causing SPF errors when the internal SPF
implementation was in use.
LIBOPENDMARC: Fix numerous problems with the internal SPF
implementation.
b87da4e084