summaryrefslogtreecommitdiffstats
path: root/RELEASE_NOTES-3.0
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--RELEASE_NOTES-3.0628
1 files changed, 628 insertions, 0 deletions
diff --git a/RELEASE_NOTES-3.0 b/RELEASE_NOTES-3.0
new file mode 100644
index 0000000..62ee5e3
--- /dev/null
+++ b/RELEASE_NOTES-3.0
@@ -0,0 +1,628 @@
+The stable Postfix release is called postfix-3.0.x where 3=major
+release number, 0=minor release number, x=patchlevel. The stable
+release never changes except for patches that address bugs or
+emergencies. Patches change the patchlevel and the release date.
+
+New features are developed in snapshot releases. These are called
+postfix-3.1-yyyymmdd where yyyymmdd is the release date (yyyy=year,
+mm=month, dd=day). Patches are never issued for snapshot releases;
+instead, a new snapshot is released.
+
+The mail_release_date configuration parameter (format: yyyymmdd)
+specifies the release date of a stable release or snapshot release.
+
+If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
+before proceeding.
+
+Notes for distribution maintainers
+----------------------------------
+
+* New backwards-compatibility safety net.
+
+With NEW Postfix installs, you MUST install a main.cf file with
+the setting "compatibility_level = 2". See conf/main.cf for an
+example.
+
+With UPGRADES of existing Postfix systems, you MUST NOT change the
+main.cf compatibility_level setting, nor add this setting if it
+does not exist.
+
+Several Postfix default settings have changed with Postfix 3.0. To
+avoid massive frustration with existing Postfix installations,
+Postfix 3.0 comes with a safety net that forces Postfix to keep
+running with backwards-compatible main.cf and master.cf default
+settings. This safety net depends on the main.cf compatibility_level
+setting (default: 0). Details are in COMPATIBILITY_README.
+
+* New Postfix build system.
+
+The Postfix build/install procedure has changed to support Postfix
+dynamically-linked libraries and database plugins. These must not
+be "shared" with non-Postfix programs, and therefore must not be
+installed in a public directory.
+
+To avoid massive frustration due to broken patches, PLEASE BUILD
+POSTFIX FIRST WITHOUT APPLYING ANY PATCHES. Follow the INSTALL
+instructions (see "Building with Postfix dynamically-linked libraries
+and database plugins"), and see how things work and what the
+dynamically-linked libraries, database plugin, and configuration
+files look like. Then, go ahead and perform your platform-specific
+customizations. The INSTALL section "Tips for distribution maintainers"
+has further suggestions.
+
+Major changes - critical
+------------------------
+
+[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
+start/stop) is required. Several Postfix-internal protocols have
+been extended to support SMTPUTF8. Failure to reload or restart
+will result in mail staying queued, while Postfix daemons log
+warning messages about unexpected attributes.
+
+Major changes - default settings
+--------------------------------
+
+[Incompat 20141009] The default settings have changed for relay_domains
+(new: empty, old: $mydestination) and mynetworks_style (new: host,
+old: subnet). However the backwards-compatibility safety net will
+prevent these changes from taking effect, giving the system
+administrator the option to make an old default setting permanent
+in main.cf or to adopt the new default setting, before turning off
+backwards compatibility. See COMPATIBILITY_README for details.
+
+[Incompat 20141001] A new backwards-compatibility safety net forces
+Postfix to run with backwards-compatible main.cf and master.cf
+default settings after an upgrade to a newer but incompatible Postfix
+version. See COMPATIBILITY_README for details.
+
+While the backwards-compatible default settings are in effect,
+Postfix logs what services or what email would be affected by the
+incompatible change. Based on this the administrator can make some
+backwards-compatibility settings permanent in main.cf or master.cf,
+before turning off backwards compatibility.
+
+See postconf.5.html#compatibility_level for details.
+
+[Incompat 20141001] The default settings
+have changed for append_dot_mydomain (new: no. old: yes), master.cf
+chroot (new: n, old: y), and smtputf8 (new: yes, old: no).
+
+Major changes - access control
+------------------------------
+
+[Feature 20141119] Support for BCC actions in header/body_checks
+and milter_header_checks. There is no limit on the number of BCC
+actions that may be specified, other than the implicit limit due
+to finite storage. BCC support will not be implemented in Postfix
+delivery agent header/body_checks.
+
+It works in the same way as always_bcc and sender/recipient_bcc_maps:
+there can be only one address per action, recipients are added with
+the NOTIFY=NONE delivery status notification option, and duplicate
+recipients are ignored (with the same delivery status notification
+options).
+
+[Incompat 20141009] The default settings have changed for relay_domains
+(new: empty, old: $mydestination) and mynetworks_style (new: host,
+old: subnet). However the backwards-compatibility safety net will
+prevent these changes from taking effect, giving the system
+administrator the option to make an old default setting permanent
+in main.cf or to adopt the new default setting, before turning off
+backwards compatibility. See COMPATIBILITY_README for details.
+
+[Feature 20140618] New INFO action in access(5) tables, for consistency
+with header/body_checks.
+
+[Feature 20140620] New check_xxx_a_access (for xxx in client,
+reverse_client, helo, sender, recipient) implements access control
+on all A and AAAA IP addresses for respectively the client hostname,
+helo parameter, sender domain or recipient domain. This complements
+the existing check_xxx_mx_access and check_xxx_ns_access features.
+
+Major changes - address rewriting
+---------------------------------
+
+[Incompat 20141001] The default settings have changed for
+append_dot_mydomain (new: no. old: yes), master.cf chroot (new:
+n, old: y), and smtputf8 (new: yes, old: no).
+
+Major changes - address verification
+------------------------------------
+
+[Feature 20141227] The new smtp_address_verify_target parameter
+(default: rcpt) specifies what protocol stage decides if a recipient
+is valid. Specify "data" for servers that reject invalid recipients
+in response to the DATA command.
+
+Major changes - database support
+--------------------------------
+
+[Feature 20140512] Support for Berkeley DB version 6.
+
+[Feature 20140618] The "randmap" lookup table performs random
+selection. This may be used to implement load balancing, for example:
+
+/etc/postfix/transport:
+ # Deliver my own domain as usual.
+ example.com :
+ .example.com :
+
+/etc/postfix/main.cf:
+ transport_maps =
+ # Deliver my own domain as usual.
+ hash:/etc/postfix/transport
+ # Deliver other domains via randomly-selected relayhosts
+ randmap:{smtp:smtp0.example.com, smtp:smtp1.example.com}
+
+A variant of this can randomly select SMTP clients with different
+smtp_bind_address settings.
+
+To implement different weights, specify lookup results multiple
+times. For example, to choose smtp:smtp1.example.com twice as often
+as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice.
+
+A future version may support randmap:/path/to/file to load a list
+of results from file.
+
+[Feature 20140618] As the name suggests, the "pipemap" table
+implements a pipeline of lookup tables. The name of the table
+specifies the pipeline as a sequence of tables. For example, the
+following prevents SMTP mail to system accounts that have "nologin"
+as their login shell:
+
+ /etc/postfix/main.cf:
+ local_recipient_maps =
+ pipemap:{unix:passwd.byname, pcre:/etc/postfix/no-nologin.pcre}
+ alias_maps
+
+ /etc/postfix/no-nologin.pcre:
+ !/nologin/ whatever
+
+Each "pipemap:" query is given to the first table. Each table
+lookup result becomes the query for the next table in the pipeline,
+and the last table produces the final result. When any table lookup
+produces no result, the entire pipeline produces no result.
+
+A future version may support pipemap:/path/to/file to load a list
+of lookup tables from file.
+
+[Feature 20140924] Support for unionmap, with the same syntax as
+pipemap. This sends a query to all tables, and concatenates non-empty
+results, separated by comma.
+
+[Feature 20131121] The "static" lookup table now supports whitespace
+when invoked as "static:{ text with whitespace }", so that it can
+be used, for example, at the end of smtpd_mumble_restrictions as
+"check_mumble_access static:{reject text...}".
+
+[Feature 20141126] "inline:{key=value, { key = text with comma/space}}"
+avoids the need to create a database for just a few entries.
+
+Major changes - delivery status notifications
+---------------------------------------------
+
+[Feature 20140321] Delivery status filter support, to replace the
+delivery status codes and explanatory text of successful or
+unsuccessful deliveries by Postfix mail delivery agents.
+
+This was originally implemented for sites that want to turn certain
+soft delivery errors into hard delivery errors, but it can also be
+used to censor out information from delivery confirmation reports.
+
+This feature is implemented as a filter that replaces the three-number
+enhanced status code and descriptive text in Postfix delivery agent
+success, bounce, or defer messages. Note: this will not override
+"soft_bounce=yes", and this will not change a successful delivery
+status into an unsuccessful status or vice versa.
+
+The first example turns specific soft TLS errors into hard
+errors, by overriding the first number in the enhanced status code.
+
+/etc/postfix/main.cf:
+ smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
+
+/etc/postfix/smtp_dsn_filter:
+ /^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
+ /^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1
+
+The second example removes the destination command name and file
+name from local(8) successful delivery reports, so that they will
+not be reported when a sender requests confirmation of delivery.
+
+/etc/postfix/main.cf:
+ local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
+
+/etc/postfix/local_dsn_filter:
+ /^(2\S+ delivered to file).+/ $1
+ /^(2\S+ delivered to command).+/ $1
+
+This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
+and virtual(8) delivery agents. That is, all delivery agents that
+actually deliver mail. It will not be implemented in the error and
+retry pseudo-delivery agents.
+
+The new main.cf parameters and default values are:
+
+ default_delivery_status_filter =
+ lmtp_delivery_status_filter = $default_delivery_status_filter
+ local_delivery_status_filter = $default_delivery_status_filter
+ pipe_delivery_status_filter = $default_delivery_status_filter
+ smtp_delivery_status_filter = $default_delivery_status_filter
+ virtual_delivery_status_filter = $default_delivery_status_filter
+
+See the postconf(5) manpage for more details.
+
+[Incompat 20140618] The pipe(8) delivery agent will now log a limited
+amount of command output upon successful delivery, and will report
+that output in "SUCCESS" delivery status reports. This is another
+good reason to disable inbound DSN requests at the Internet perimeter.
+
+[Feature 20140907] With "confirm_delay_cleared = yes", Postfix
+informs the sender when delayed mail leaves the queue (this is in
+addition to the delay_warning_time feature that warns when mail is
+still queued). This feature is disabled by default, because it can
+result in a sudden burst of notifications when the queue drains at
+the end of a prolonged network outage.
+
+Major changes - dns
+-------------------
+
+[Feature 20141128] Support for DNS server reply filters in the
+Postfix SMTP/LMTP client and SMTP server. This helps to work around
+mail delivery problems with sites that have incorrect DNS information.
+Note: this has no effect on the implicit DNS lookups that are made
+by nsswitch.conf or equivalent mechanisms.
+
+This feature renders each lookup result as one line of text in
+standard zone-file format as shown below. The class field is always
+"IN", the preference field exists only for MX records, the names
+of hosts, domains, etc. end in ".", and those names are in ASCII
+form (xn--mumble form for internationalized domain names).
+
+ name ttl class type preference value
+ ---------------------------------------------------------
+ postfix.org. 86400 IN MX 10 mail.cloud9.net.
+
+Typically, one would match this text with a regexp: or pcre: table.
+When a match is found, the table lookup result specifies an action.
+By default, the table query and the action name are case-insensitive.
+Currently, only the IGNORE action is implemented.
+
+For safety reasons, Postfix logs a warning or defers mail delivery
+when a DNS reply filter removes all lookup results from a successful
+query.
+
+The Postfix SMTP/LMTP client uses the smtp_dns_reply_filter and
+lmtp_dns_reply_filter features only for Postfix SMTP client lookups
+of MX, A, and AAAAA records to locate a remote SMTP or LMTP server,
+including lookups that implement the features reject_unverified_sender
+and reject_unverified_recipient. The filters are not used for lookups
+made through nsswitch.conf and similar mechanisms.
+
+The Postfix SMTP server uses the smtpd_dns_reply_filter feature
+only for Postfix SMTP server lookups of MX, A, AAAAA, and TXT records
+to implement the features reject_unknown_helo_hostname,
+reject_unknown_sender_domain, reject_unknown_recipient_domain,
+reject_rbl_*, and reject_rhsbl_*. The filter is not used for lookups
+made through nsswitch.conf and similar mechanisms, such as lookups
+of the remote SMTP client name.
+
+[Feature 20141126] Nullmx support (MX records with a null hostname).
+This change affects error messages only. The Postfix SMTP client
+already bounced mail for such domains, and the Postfix SMTP server
+already rejected such domains with reject_unknown_sender/recipient_domain.
+This feature introduces a new SMTP server configuration parameter
+nullmx_reject_code (default: 556).
+
+Major changes - dynamic linking
+-------------------------------
+
+[Feature 20140530] Support to build Postfix with Postfix
+dynamically-linked libraries, and with dynamically-loadable database
+clients. These MUST NOT be used by non-Postfix programs. Postfix
+dynamically-linked libraries introduce minor runtime overhead and
+result in smaller Postfix executable files. Dynamically-loadable
+database clients are useful when you distribute or install pre-compiled
+packages. Postfix 3.0 supports dynamic loading for CDB, LDAP, LMDB,
+MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.
+
+This implementation is based on Debian code by LaMont Jones, initially
+ported by Viktor Dukhovni. Currently, support exists for recent
+versions of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.
+
+To support Postfix dynamically-linked libraries and dynamically-loadable
+database clients, the Postfix build procedure had to be changed
+(specifically, the files makedefs and Makefile.in, and the files
+postfix-install and post-install that install or update Postfix).
+
+[Incompat 20140530] The Postfix 3.0 build procedure expects that
+you specify database library dependencies with variables named
+AUXLIBS_CDB, AUXLIBS_LDAP, etc. With Postfix 3.0 and later, the
+old AUXLIBS variable still supports building a statically-loaded
+CDB etc. database client, but only the new AUXLIBS_CDB etc. variables
+support building a dynamically-loaded or statically-loaded CDB etc.
+database client. See CDB_README, LDAP_README, etc. for details.
+
+Failure to follow this advice will defeat the purpose of dynamic
+database client loading. Every Postfix executable file will have
+database library dependencies. And that was exactly what dynamic
+database client loading was meant to avoid.
+
+Major changes - future proofing
+-------------------------------
+
+[Cleanup 20141224] The changes described here have no visible effect
+on Postfix behavior, but they make Postfix code easier to maintain,
+and therefore make new functionality easier to add.
+
+* Compile-time argument typechecks of non-printf/scanf-like variadic
+ function argument lists.
+
+* Deprecating the use of "char *" for non-text purposes such as
+ memory allocation and pointers to application context for call-back
+ functions. This dates from long-past days before void * became
+ universally available.
+
+* Replace integer types for counters and sizes with size_t or ssize_t
+ equivalents. This eliminates some wasteful 64<->32bit conversions
+ on 64-bit systems.
+
+Major changes - installation pathnames
+--------------------------------------
+
+[Incompat 20140625] For compliance with file system policies, some
+non-executable files have been moved from $daemon_directory to the
+directory specified with the new meta_directory configuration
+parameter which has the same default value as the config_directory
+parameter. This change affects non-executable files that are shared
+between multiple Postfix instances such as postfix-files, dynamicmaps.cf,
+and multi-instance template files.
+
+For backwards compatibility with Postfix 2.6 .. 2.11, specify
+"meta_directory = $daemon_directory" in main.cf before installing
+or upgrading Postfix, or specify "meta_directory = /path/name" on
+the "make makefiles", "make install" or "make upgrade" command line.
+
+Major changes - milter
+----------------------
+
+[Feature 20140928] Support for per-Milter settings that override
+main.cf parameters. For details see the section "Advanced policy
+client configuration" in the SMTPD_POLICY_README document.
+
+Here is an example that uses both old and new syntax:
+
+ smtpd_milters = { inet:127.0.0.1:port1, default_action=accept, ... },
+ inet:127.0.0.1:port2, ...
+
+The supported attribute names are: command_timeout, connect_timeout,
+content_timeout, default_action, and protocol. These have the same
+names as the corresponding main.cf parameters, without the "milter_"
+prefix.
+
+The per-milter settings are specified as attribute=value pairs
+separated by comma or space; specify { name = value } to allow
+spaces around the "=" or within an attribute value.
+
+[Feature 20141018] DMARC compatibility: when a Milter inserts a
+header ABOVE Postfix's own Received: header, Postfix no longer
+exposes its own Received: header to Milters (violating protocol)
+and Postfix no longer hides the Milter-inserted header from Milters
+(wtf).
+
+Major changes - parameter syntax
+--------------------------------
+
+[Feature 20140921] In preparation for configurable mail headers and
+logging, new main.cf support for if-then-else expressions:
+
+ ${name?{text1}:{text2}}
+
+and for logical expressions:
+
+ ${{text1}=={text2}?{text3}:{text4}}
+ ${{text1}!={text2}?{text3}:{text4}}
+
+Whitespace before and after {text} is ignored. This can help to
+make complex expressions more readable. See the postconf(5) manpage
+for further details.
+
+[Feature 20140928] Support for whitespace in daemon command-line
+arguments. For details, see the "Command name + arguments" section
+in the master(5) manpage. Example:
+
+ smtpd -o { parameter = value containing whitespace } ...
+
+The { ... } form is also available for non-option command-line
+arguments in master.cf, for example:
+
+ pipe ... argv=command { argument containing whitespace } ...
+
+In both cases, whitespace immediately after "{" and before "}"
+is ignored.
+
+[Feature 20141005] Postfix import_environment and export_environment
+now allow "{ name=value }" to protect whitespace in attribute values.
+
+[Feature 20141006] The new message_drop_header parameter replaces
+a hard-coded table that specifies what message headers the cleanup
+daemon will remove. The list of supported header names covers RFC
+5321, 5322, MIME RFCs, and some historical names.
+
+Major changes - pipe daemon
+---------------------------
+
+[Incompat 20140618] The pipe(8) delivery agent will now log a limited
+amount of command output upon successful delivery, and will report
+that output in "SUCCESS" delivery status reports. This is another
+good reason to disable inbound DSN requests at the Internet perimeter.
+
+Major changes - policy client
+-----------------------------
+
+[Feature 20140703] This release introduces three new configuration
+parameters that control error recovery for failed SMTPD policy
+requests.
+
+ * smtpd_policy_service_default_action (default: 451 4.3.5 Server
+ configuration problem): The default action when an SMTPD policy
+ service request fails.
+
+ * smtpd_policy_service_try_limit (default: 2): The maximal number
+ of attempts to send an SMTPD policy service request before
+ giving up. This must be a number greater than zero.
+
+ * smtpd_policy_service_retry_delay (default: 1s): The delay between
+ attempts to resend a failed SMTPD policy service request. This
+ must be a number greater than zero.
+
+See postconf(5) for details and limitations.
+
+[Feature 20140928] Support for per-policy service settings that
+override main.cf parameters. For details see the section "Different
+settings for different Milter applications" in the MILTER_README
+document.
+
+Here is an example that uses both old and new syntax:
+
+smtpd_recipient_restrictions = ...
+ check_policy_service { inet:127.0.0.1:port3, default_action=DUNNO }
+ check_policy_service inet:127.0.0.1:port4
+ ...
+
+The per-policy service settings are specified as attribute=value pairs
+separated by comma or space; specify { name = value } to allow
+spaces around the "=" or within an attribute value.
+
+The supported attribute names are: default_action, max_idle, max_ttl,
+request_limit, retry_delay, timeout, try_limit. These have the same
+names as the corresponding main.cf parameters, without the
+"smtpd_policy_service_" prefix.
+
+[Feature 20140505] A client port attribute was added to the policy
+delegation protocol.
+
+[Feature 20140630] New smtpd_policy_service_request_limit feature to
+limit the number of requests per Postfix SMTP server policy connection.
+This is a workaround to avoid error-recovery delays with policy
+servers that cannot maintain a persistent connection.
+
+Major changes - position-independent executables
+------------------------------------------------
+
+[Feature 20150205] Preliminary support for building position-independent
+executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
+9 and 10, and NetBSD 6. Specify:
+
+$ make makefiles pie=yes ...other arguments...
+
+On some systems, PIE is used by the ASLR exploit mitigation technique
+(ASLR = Address-Space Layout Randomization). Whether specifying
+"pie=yes" has any effect at all depends on the compiler. Reportedly,
+some compilers always produce PIE executables.
+
+Major changes - postscreen
+--------------------------
+
+[Feature 20140501] Configurable time limit (postscreen_dnsbl_timeout)
+for DNSBL or DNSWL lookups. This is separate from the timeouts in
+the dnsblog(8) daemon which are controlled by system resolver(3)
+routines.
+
+Major changes - session fingerprint
+-----------------------------------
+
+[Feature 20140801] The Postfix SMTP server now logs at the end of
+a session how many times an SMTP command was successfully invoked,
+followed by the total number of invocations if some invocations
+were unsuccessful.
+
+This logging will enough to diagnose many problems without using
+verbose logging or network sniffer.
+
+ Normal session, no TLS:
+ disconnect from name[addr] ehlo=1 mail=1 rcpt=1 data=1 quit=1
+
+ Normal session. with TLS:
+ disconnect from name[addr] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1
+
+ All recipients rejected, no ESMTP command pipelining:
+ disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 quit=1
+
+ All recipients rejected, with ESMTP command pipelining:
+ disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1
+
+ Password guessing bot, hangs up without QUIT:
+ disconnect from name[addr] ehlo=1 auth=0/1
+
+ Mis-configured client trying to use TLS wrappermode on port 587:
+ disconnect from name[addr] unknown=0/1
+
+Logfile analyzers can trigger on the presence of "/". It indicates
+that Postfix rejected at least one command.
+
+[Feature 20150118] As a late addition, the SMTP server now also
+logs the total number of commands (as "commands=x/y") even when the
+client did not send any commands. This helps logfile analyzers to
+recognize sessions without commands.
+
+Major changes - smtp client
+---------------------------
+
+[Feature 20141227] The new smtp_address_verify_target parameter
+(default: rcpt) determines what protocol stage decides if a recipient
+is valid. Specify "data" for servers that reject recipients after
+the DATA command.
+
+Major changes - smtputf8
+------------------------
+
+[Incompat 20141001] The default settings have changed for
+append_dot_mydomain (new: no, old: yes), master.cf chroot (new:
+n, old: y), and smtputf8 (new: yes, old: no).
+
+[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
+start/stop) is required. Several Postfix-internal protocols have
+been extended to support SMTPUTF8. Failure to reload or restart
+will result in mail staying queued, while Postfix daemons log
+warning messages about unexpected attributes.
+
+[Feature 20140715] Support for Email Address Internationalization
+(EAI) as defined in RFC 6531..6533. This supports UTF-8 in SMTP/LMTP
+sender addresses, recipient addresses, and message header values.
+The implementation is based on initial work by Arnt Gulbrandsen
+that was funded by CNNIC.
+
+See SMTPUTF8_README for a description of Postfix SMTPUTF8 support.
+
+[Feature 20150112] UTF-8 Casefolding support for Postfix lookup
+tables and matchlists (mydestination, relay_domains, etc.). This
+is enabled only with "smtpuf8 = yes".
+
+[Feature 20150112] With smtputf8_enable=yes, SMTP commands with
+UTF-8 syntax errors are rejected, table lookup results with invalid
+UTF-8 syntax are handled as configuration errors, and UTF-8 syntax
+errors in policy server replies result in execution of the policy
+server's default action.
+
+Major changes - tls support
+---------------------------
+
+(see "Major changes - delivery status notifications" above for
+turning 4XX soft errors into 5XX bounces when a remote SMTP server
+does not offer STARTTLS support).
+
+[Feature 20140209] the Postfix SMTP client now also falls back to
+plaintext when TLS fails AFTER the TLS protocol handshake.
+
+[Feature 20140218] The Postfix SMTP client now requires that a queue
+file is older than $minimal_backoff_time, before falling back from
+failed TLS to plaintext (both during or after the TLS handshake).
+
+[Feature 20141021] Per IETF TLS WG consensus, the tls_session_ticket_cipher
+default setting was changed from aes-128-cbc to aes-256-cbc.
+
+[Feature 20150116] TLS wrappermode support in the Postfix smtp(8)
+client (new smtp_tls_wrappermode parameter) and in posttls-finger(1)
+(new -w option). There still is life in that deprecated protocol,
+and people should not have to jump hoops with stunnel.