diff options
Diffstat (limited to 'RELEASE_NOTES-2.2')
-rw-r--r-- | RELEASE_NOTES-2.2 | 443 |
1 files changed, 443 insertions, 0 deletions
diff --git a/RELEASE_NOTES-2.2 b/RELEASE_NOTES-2.2 new file mode 100644 index 0000000..e7e2cd8 --- /dev/null +++ b/RELEASE_NOTES-2.2 @@ -0,0 +1,443 @@ +The stable Postfix release is called postfix-2.2.x where 2=major +release number, 2=minor release number, x=patchlevel. The stable +release never changes except for patches that address bugs or +emergencies. Patches change the patchlevel and the release date. + +New features are developed in snapshot releases. These are called +postfix-2.3-yyyymmdd where yyyymmdd is the release date (yyyy=year, +mm=month, dd=day). Patches are never issued for snapshot releases; +instead, a new snapshot is released. + +The mail_release_date configuration parameter (format: yyyymmdd) +specifies the release date of a stable release or snapshot release. + +Main changes with Postfix version 2.2 +------------------------------------- + +This is a summary of the changes. These and more are detailed in +the following sections of this document. + +- TLS and IPv6 support are now built into Postfix, based on code +from third-party patches. + +- Extended query interface for LDAP, MySQL and PostgreSQL with free +form SQL queries, and domain filters to reduce unnecessary lookups. + +- SMTP client-side connection reuse. This can dramatically speed +up deliveries to high-volume destinations that have some servers +that respond, and some non-responding mail servers. + +- By default, Postfix no longer rewrites message headers in mail +from remote clients. This includes masquerading, canonical mapping, +replacing "!" and "%" by "@", and appending the local domain to +incomplete addresses. Thus, spam from poorly written software no +longer looks like it came from a local user. + +- When your machine does not have its own domain name, Postfix can +now replace your "home network" email address by your ISP account +in outgoing SMTP mail, while leaving your email address unchanged +when sending mail to someone on the local machine. + +- Compatibility workarounds: you can now selectively turn off ESMTP +features such as AUTH or STARTTLS in the Postfix SMTP client or +server, without having to "dumb down" other mail deliveries, and +without having to use transport maps for outgoing mail. + +- Remote SMTP client resource control (the anvil server). This +allows you to limit the number of connections, or the number of +MAIL FROM and RCPT TO commands that an SMTP client can send per +unit time. + +- Support for CDB, SDBM and NIS+ databases is now built into Postfix +(but the CDB and SDBM libraries are not). + +- New SMTP access control features, and more. + +Major changes - critical +------------------------ + +BEFORE upgrading from an older release you MUST stop Postfix, unless +you're running a Postfix 2.2 snapshot release that already has +Postfix 2.2 IPV6 and TLS support. + +AFTER upgrading from an older release DO NOT copy the old +master.cf/main.cf files over the new files. Instead, you MUST let +the Postfix installation procedure update the existing configuration +files with new service entries. + +[Incompat 20041118] The master-child protocol has changed. The +Postfix master daemon will log warnings about partial status updates +if you don't stop and start Postfix. + +[Incompat 20041023, 20041009] The queue manager to delivery agent +protocol has changed. Mail will remain queued if you do not restart +the queue manager. + +[Incompat 20050111] The upgrade procedure adds the tlsmgr service +to the master.cf file. This service entry is not compatible with +the Postfix/TLS patch. + +[Feature 20040919] The upgrade procedure adds the discard service +to the master.cf file. + +[Feature 20040720] The upgrade procedure adds the scache (shared +connection cache) service to the master.cf file. + +Major changes - IPv6 support +---------------------------- + +[Feature 20050111] Postfix version 2.2 IP version 6 support based +on the Postfix/IPv6 patch by Dean Strik and others. IPv6 support +is always compiled into Postfix on systems that have Postfix +compatible IPv6 support. On other systems Postfix will simply use +IP version 4 just like it did before. See the IPV6_README document +for what systems are supported, and how to turn on IPv6 in main.cf. + +[Incompat 20050111] Postfix version 2.2 IPv6 support differs from +the Postfix/IPv6 patch by Dean Strik in a few minor ways. + +- Network protocol support including DNS lookup is selected with +the inet_protocols parameter instead of the inet_interfaces parameter. +This is needed so that Postfix will not attempt to deliver mail via +IPv6 when the system has no IPv6 connectivity. + +- The lmtp_bind_address6 feature was omitted. The Postfix LMTP +client will be absorbed into the SMTP client, so there is no reason +to keep adding features to the LMTP client. + +- The CIDR-based address matching code was rewritten. The new +behavior is believed to be closer to expectation. The results may +be incompatible with that of the Postfix/IPv6 patch. + +[Incompat 20050117] The Postfix SMTP server now requires that IPv6 +addresses in SMTP commands are specified as [ipv6:ipv6address], as +described in RFC 2821. + +Major changes - TLS support +--------------------------- + +[Feature 20041210] Postfix version 2.2 TLS support, based on the +Postfix/TLS patch by Lutz Jaenicke. TLS support is not compiled +in by default. For more information about Postfix 2.2 TLS support, +see the TLS_README document. + +[Incompat 20041210] Postfix version 2.2 TLS support differs from +the Postfix/TLS patch by Lutz Jaenicke in a few minor ways. + +- main.cf: Use btree instead of sdbm for TLS session cache databases. + + Session caches are now accessed only by the tlsmgr(8) process, + so there are no concurrency issues. Although Postfix still has + an SDBM client, the SDBM library (1000 lines of code) is no longer + included with Postfix. + + TLS session caches can use any database that can store objects + of several kbytes or more, and that implements the sequence + operation. In most cases, btree databases should be adequate. + + NOTE: You cannot use dbm databases. TLS session objects are too + large. + +- master.cf: Specify unix instead of fifo for the tlsmgr service type. + This change is automatically made by the Postfix upgrade procedure. + + The smtp(8) and smtpd(8) processes use a client-server protocol + in order to access the tlsmgr(8)'s pseudo-random number generation + (PRNG) pool, and in order to access the TLS session cache databases. + Such a protocol cannot be run across fifos. + +[Feature 20050209] The Postfix SMTP server policy delegation protocol +now supplies TLS client certificate information after successful +verification. The new policy delegation protocol attribute names +are ccert_subject, ccert_issuer and ccert_fingerprint. + +[Feature 20050208] New "check_ccert_maps maptype:mapname" feature +to enforce access control based on hexadecimal client certificate +fingerprints. + +Major changes - SMTP client connection cache +-------------------------------------------- + +[Feature 20040720] SMTP client-side connection caching. Instead of +disconnecting immediately after a mail transaction, the Postfix +SMTP client can save the open connection to the scache(8) connection +cache daemon, so that any SMTP client process can reuse that session +for another mail transaction. See the CONNECTION_CACHE_README +document for a description of configuration and implementation. + +This feature introduces the scache (connection cache) server, which +is added to your master.cf file when you upgrade Postfix. + +[Feature 20040729] Opportunistic SMTP connection caching. When a +destination has a high volume of mail in the active queue, SMTP +connection caching is enabled automatically. This is controlled +with a new configuration parameter "smtp_connection_cache_on_demand" +(default: yes). + +[Feature 20040723] Per-destination SMTP connection caching. This +is enabled with the smtp_connection_cache_destinations parameter. +The parameter requires "bare" domain names or IP addresses without +"[]" or TCP port, to avoid a syntax conflict between host:port and +maptype:mapname entries. + +[Feature 20040721] The scache(8) connection cache manager logs cache +hit and miss statistics every $connection_cache_status_update_time +seconds (default: 600s). It reports the hit and miss rates for +lookups by domain, as well as for lookups by network address. + +Major changes - address rewriting +--------------------------------- + +[Feature 20050206] Support for address rewriting in outgoing SMTP +mail (headers and envelopes). This is useful for sites that have a +fantasy Internet domain name such as localdomain.local. Mail +addresses that use fantasy domain names are often rejected by mail +servers. + +The smtp_generic_maps feature allows you to replace a local mail +address (user@localdomain.local) by a valid Internet address +(account@isp.example) when mail is sent across the Internet. The +feature has no effect on mail that is sent between accounts on the +local machine. The syntax is described in generic(5) and a detailed +example is in the STANDARD_CONFIGURATION_README document, the section +titled "Postfix on hosts without a real Internet hostname". + +[Feature 20041023] By default, Postfix no longer rewrites message +headers in mail from remote clients. This includes masquerading, +canonical mapping, replacing "!" and "%" by "@", and appending the +local domain to incomplete addresses. Thus, spam from poorly written +software no longer looks like it came from a local user. + +By default, Postfix rewrites message header addresses only when the +client IP address matches the local machine's interface addresses, +or when mail is submitted with the Postfix sendmail(1) command. + +Postfix rewrites message headers in mail from other clients only +when the remote_header_rewrite_domain parameter specifies a domain +name (such as "domain.invalid"); this domain is appended to incomplete +addresses. Rewriting also includes masquerading, canonical mapping, +and replacing "!" and "%" by "@". + +To get the behavior before Postfix 2.2 (always append Postfix's own +domain to incomplete addresses in message headers, always subject +message headers to canonical mapping, address masquerading, and +always replace "!" and "%" by "@") specify: + +/etc/postfix/main.cf: + local_header_rewrite_clients = static:all + +If you must rewrite headers in mail from specific clients then you +can specify, for example, + +/etc/postfix/main.cf: + local_header_rewrite_clients = permit_mynetworks, + permit_sasl_authenticated, permit_tls_clientcerts, + check_address_map hash:/etc/postfix/pop-before-smtp + +Postfix always appends local domain information to envelope addresses +(as opposed to header addresses), because an unqualified envelope +address is effectively local for the purpose of delivery, and for +the purpose of replying to it. + +Full details are given in ADDRESS_REWRITING_README, and in the +postconf(5) manual. For best results, point your browser at the +ADDRESS_REWRITING_README.html file and navigate to the section +titled " To rewrite message headers or not, or to label as invalid". + +[Incompat 20050212] When header address rewriting is enabled, Postfix +now updates a message header only when at least one address in that +header is modified. Older Postfix versions first parse and then +un-parse a header so that there may be subtle changes in formatting, +such as the amount of whitespace between tokens. + +[Incompat 20050227] Postfix no longer changes message header labels. +Thus, FROM: or CC: are no longer replaced by From: or Cc:. + +[Feature 20040827] Finer control over canonical mapping with +canonical_classes, sender_canonical_classes and +recipient_canonical_classes. These specify one or more of +envelope_sender, header_sender, envelope_recipient or header_recipient. +The default settings are backwards compatible. + +Major changes - SMTP compatibility controls +------------------------------------------- + +[Feature 20041218] Fine control for SMTP inter-operability problems, +by discarding keywords that are sent or received with the EHLO +handshake. Typically one would discard "pipelining", "starttls", +or "auth" to work around systems with a broken implementation. +Specify a list of EHLO keywords with the smtp(d)_discard_ehlo_keywords +parameters, or specify one or more lookup tables, indexed by remote +network address, with the smtp(d)_discard_ehlo_keyword_address_maps +parameters. + +Note: this feature only discards words from the EHLO conversation; +it does not turn off the actual features in the SMTP server. + +Major changes - database support +-------------------------------- + +[Feature 20050209] Extended LDAP, MySQL and PgSQL query interface +with free form SQL queries, the domain filter optimization that was +already available with LDAP and more. This code was worked on by +many people but Victor Duchovni took the lead. See the respective +{LDAP,MYSQL,PGSQL}_README and {ldap,mysql,pgsql}_table documents. + +[Feature 20041210] You can now dump an entire database with the new +postmap/postalias "-s" option. This works only for database types +with Postfix sequence operator support: hash, btree, dbm, and sdbm. + +[Feature 20041208] Support for CDB databases by Michael Tokarev. +This supports both Michael's tinycdb and Daniel Bernstein's cdb +implementations, but neither of the two implementations is bundled +with Postfix. + +[Feature 20041023] The NIS+ client by Geoff Gibbs is now part of +the Postfix source tree. Details are given in the nisplus_table(5) +manual page. + +[Feature 20040827] Easier use of the proxymap(8) service with the +virtual(8) delivery agent. The virtual(8) delivery agent will +silently open maps directly when those maps can't be proxied for +security reasons. This means you can now specify "virtual_mailbox_maps += proxy:mysql:whatever" without triggering a fatal error in the +virtual(8) delivery agent. + +Major changes - remote SMTP client resource control +--------------------------------------------------- + +[Incompat 20041009] The smtpd_client_connection_limit_exceptions +parameter is renamed to smtpd_client_event_limit_exceptions. Besides +connections it now also applies to per-client message rate and +recipient rate limits. + +[Feature 20041009] Per SMTP client message rate and recipient rate +limits. These limit the number of MAIL FROM or RCPT TO requests +regardless of whether or not Postfix would have accepted them +otherwise. The user interface (smtpd_client_message_rate_limit and +smtpd_client_recipient_rate_limit) is similar to that of the existing +per SMTP client connection rate limit, and the same warnings apply: +these features are to be used to stop abuse, and must not be used +to regulate legitimate mail. More details can be found in the +postconf(5) manual. + +Major changes - remote SMTP client access control +------------------------------------------------- + +[Feature 20050209] The Postfix SMTP server policy delegation protocol +now supplies TLS client certificate information after successful +verification. The new policy delegation protocol attribute names +are ccert_subject, ccert_issuer and ccert_fingerprint. + +[Feature 20050208] New "check_ccert_maps maptype:mapname" feature +to enforce access control based on hexadecimal client certificate +fingerprints. + +[Feature 20050203] New "permit_inet_interfaces" access restriction +to allow access from local IP addresses only. This is used for the +default, purist, setting of local_header_rewrite_clients (rewrite +only headers in mail from this machine). + +[Feature 20050203] New "sleep time-in-seconds" pseudo access +restriction to block zombie clients with reject_unauthorized_pipelining +before the Postfix SMTP server sends the SMTP greeting. See postconf(5) +for example. This feature is not available the stable Postfix 2.2 +release, but it is documented here so that it will not get lost. + +[Feature 20041118] New "smtpd_end_of_data_restrictions" feature +that is invoked after the client terminates the SMTP DATA command. +The syntax is the same as with "smtpd_data_restrictions". In the +SMTPD policy delegation request, the message size is the actual +byte count of the message content, instead of the message size +announced by the client in the MAIL FROM command. + +Major changes - SASL authentication +----------------------------------- + +[Feature 20040827] Better SMTP client control over the use of SASL +mechanisms. New smtp_sasl_mechanism_filter mechanism to shorten the +list of SASL mechanisms from a remote server to just those that the +local SASL library can actually use. + +Major changes - header/body patterns +------------------------------------ + +[Feature 20050205] REPLACE action in header_checks and body_checks, +to replace a message header or body line. See header_checks(5) for +details. + +Major changes - local delivery +------------------------------ + +[Feature 20040621] Control over the working directory when executing +an external command. With the pipe(8) mailer, specify directory=pathname, +and with local(8) specify "command_execution_directory = expression" +where "expression" is subject to $home etc. macro expansion. The +result of macro expansion is restricted by the set of characters +specified with execution_directory_expansion_filter. + +Major changes - mail delivery attributes +---------------------------------------- + +[Feature 20041218] More client attributes for delivery to command +with the local(8) and pipe(8) delivery agents: client_hostname, +client_address, client_protocol, client_helo, sasl_method, sasl_sender, +and sasl_username. With local(8), attribute names must be specified +in upper case. + +Major changes - package creation +-------------------------------- + +[Feature 20050203] To create a ready-to-install package for +distribution to other systems you can now use "make package" or +"make non-interactive-package", instead of invoking the internal +postfix-install script by hand. See the PACKAGE_README file for +details. + +Major changes - performance +--------------------------- + +[Incompat 20050117] Only the deferred and defer queue directories +are now hashed by default, instead of eight queue directories. This +may speed up Postfix boot time on low-traffic systems without +compromising performance under high load too much. Hashing must be +turned on for the defer and deferred queue directories, because +those directories contain lots of files when undeliverable mail is +backing up. + +[Incompat 20040720] The default SMTP/LMTP timeouts for sending RSET +are reduced to 20s. + +Major changes - miscellaneous +----------------------------- + +[Feature 20050203] Safety: Postfix no longer tries to send mail to +the fallback_relay when the local machine is MX host for the mail +destination. See the postconf(5) description of the fallback_relay +feature for details. + +[Incompat 20041023] Support for the non-standard Errors-To: return +addresses is now removed from Postfix. It was already disabled by +default with Postfix version 2.1. Since Errors-To: is non-standard, +there was no guarantee that it would have the desired effect with +other MTAs. + +[Feature 20040919] A new discard(8) mail delivery agent that makes +throwing away mail easier and more efficient. It's the Postfix +equivalent of /dev/null for mail deliveries. On the mail receiving +side, Postfix already has a /dev/null equivalent in the form of the +DISCARD action in access maps and header_body_checks. + +[Feature 20040919] Access control for local mail submission, for +listing the queue, and for flushing the queue. These features are +controlled with authorized_submit_users, authorized_mailq_users, +and with authorized_flush_users, respectively. The last two controls +are always permitted for the super-user and for the mail system +owner. More information is in the postconf(5) manual. + +[Incompat 20040829] When no recipients are specified on the command +line or via the -t option, the Postfix sendmail command terminates +with status EX_USAGE and produces an error message instead of +accepting the mail first and bouncing it later. This gives more +direct feedback in case of a common client configuration error. + |