![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / mail / sendmail
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.142 / (download) - annotate - [select for diffs], Tue Oct 24 22:09:50 2023 UTC (6 weeks, 1 day ago) by wiz
Branch: MAIN
CVS Tags: HEAD
Changes since 1.141: +2 -2
lines
Diff to previous 1.141 (colored)
*: bump for openssl 3
Revision 1.140.4.1 / (download) - annotate - [select for diffs], Fri May 20 12:58:37 2022 UTC (18 months, 2 weeks ago) by bsiegert
Branch: pkgsrc-2022Q1
Changes since 1.140: +2 -2
lines
Diff to previous 1.140 (colored) next main 1.141 (colored)
Pullup ticket #6634 - requested by sborrill mail/sendmail: bugfix for SMTP AUTH Revisions pulled up: - mail/sendmail/Makefile 1.141 - mail/sendmail/distinfo 1.68 - mail/sendmail/patches/patch-bo 1.5 --- Module Name: pkgsrc Committed By: sborrill Date: Tue May 10 13:46:49 UTC 2022 Modified Files: pkgsrc/mail/sendmail: Makefile distinfo pkgsrc/mail/sendmail/patches: patch-bo Log Message: sendmail: fix SMTP AUTH Pull in SMTP AUTH fix from 8.17.1.9. Bump PKGREVISION
Revision 1.141 / (download) - annotate - [select for diffs], Tue May 10 13:46:49 2022 UTC (18 months, 3 weeks ago) by sborrill
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base,
pkgsrc-2023Q3,
pkgsrc-2023Q2-base,
pkgsrc-2023Q2,
pkgsrc-2023Q1-base,
pkgsrc-2023Q1,
pkgsrc-2022Q4-base,
pkgsrc-2022Q4,
pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.140: +2 -2
lines
Diff to previous 1.140 (colored)
sendmail: fix SMTP AUTH Pull in SMTP AUTH fix from 8.17.1.9. Bump PKGREVISION
Revision 1.140 / (download) - annotate - [select for diffs], Tue Nov 9 22:02:36 2021 UTC (2 years ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Branch point for: pkgsrc-2022Q1
Changes since 1.139: +3 -2
lines
Diff to previous 1.139 (colored)
make sure that mail.local gets installed with appropriate permissions
Revision 1.139 / (download) - annotate - [select for diffs], Sun Jul 4 07:57:13 2021 UTC (2 years, 5 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3
Changes since 1.138: +7 -7
lines
Diff to previous 1.138 (colored)
comms/sendmail: update to 8.16.1
8.16.1/8.16.1 2020/07/05
SECURITY: If sendmail tried to reuse an SMTP session which had
already been closed by the server, then the connection
cache could have invalid information about the session.
One possible consequence was that STARTTLS was not
used even if offered. This problem has been fixed
by clearing out all relevant status information
when a closed session is encountered.
OpenSSL versions before 0.9.8 are no longer supported.
OpenSSL version 1.1.0 and 1.1.1 are supported.
Initial support for DANE (see RFC 7672 et.al.) is available if
the compile time option DANE is set. Only TLSA RR 3-1-x
is currently implemented.
New options SSLEngine and SSLEnginePath to support OpenSSL engines.
Note: this feature has so far only been tested with the
"chil" engine; please report problems with other engines
if you encounter any.
New option CRLPath to specify a directory which contains
hashes pointing to certificate revocations files.
Based on patch from Al Smith.
New rulesets tls_srv_features and tls_clt_features which
can return a (semicolon separated) list of TLS related
options, e.g., CipherList, CertFile, KeyFile,
see doc/op/op.me for details.
To automatically handle TLS interoperability problems for outgoing
mail, sendmail can now immediately try a connection again
without STARTTLS after a TLS handshake failure.
This can be configured globally via the option
TLSFallbacktoClear or per session via the 'C' flag
of tls_clt_features.
This also adds the new value "CLEAR" for the macro
{verify}: STARTTLS has been disabled internally for
a clear text delivery attempt.
Apply Timeout.starttls also to the server waiting for the TLS
handshake to begin. Based on patch from Simon Hradecky.
New compile time option TLS_EC to enable the use of elliptic
curve cryptography in STARTTLS (previously available as
_FFR_TLS_EC).
Handle MIME boundaries specified in headers which contain CRLF.
Fix detection of loopback net (it was broken when compiled
with NETINET6) and only set the macros {if_addr_out}
and {if_family_out} if the interface of the outgoing
connection does not belong to the loopback net.
Fix logic to enable a milter to delete a recipient in
DeliveryMode=interactive even if it might be subject
to alias expansion.
Log name of a milter making changes (this was missing for
some functions).
Log the actual reply of a server when an SMTP delivery problem
occurs in a "reply=" field if possible.
Log user= for failed AUTH attempts if possible. Based on
patch from Packet Hack, Jim Hranicky, Kevin A. McGrail,
and Joe Quinn.
Add CDB as map type. Note: CDB is a "Constant DataBase", i.e.,
no changes can be made after it is created, hence it
does not work with vacation(1) nor editmap(8) (except
for query mode).
Fix some memory leaks (mostly in error cases) and properly handle
copied varargs in sm_io_vfprintf(). The issues were found
using Coverity Scan and reported (including patches) by
Ondej Lysonk of Red Hat.
Do not override ServerSSLOptions and ClientSSLOptions when they
are specified on the command line. Based on patch from
Hiroki Sato.
Add RFC7505 Null MX support for domains that declare they do not
accept mail.
New compile time option LDAP_NETWORK_TIMEOUT which is set
automatically when LDAPMAP is used and
LDAP_OPT_NETWORK_TIMEOUT is available to enable the
new -c option for LDAP maps to specify the network timeout.
CONFIG: New FEATURE(`tls_session_features') to enable standard
rules for tls_srv_features and tls_clt_features; for
details see cf/README.
CONFIG: New options confSSL_ENGINE and confSSL_ENGINE_PATH
for SSLEngine and SSLEnginePath, respectively.
CONFIG: New options confDANE to enable DANE support.
CONFIG: New option confTLS_FALLBACK_TO_CLEAR for TLSFallbacktoClear.
CONFIG: New extension CITag: for TLS restrictions, see cf/README
for details.
CONFIG: FEATURE(`blacklist_recipients') renamed to
FEATURE(`blocklist_recipients').
CONTRIB: cidrexpand updated to support IPv6 CIDR ranges and to
canonicalize IPv6 addresses; if cidrexpand is used with IPv6
addresses then UseCompressedIPv6Addresses must be disabled.
DOC: The dns map can return multiple values in a single result
if the -z option is used.
DOC: Note to set MustQuoteChars=. due to DKIM signatures.
LIBMILTER: Fix typo in a macro. Patch from Ignacio Goyret
of Alcatel-Lucent.
LIBMILTER: Fix reference in xxfi_negotiate documentation.
Patch from Sven Neuhaus.
LIBMILTER: Fix function name in smfi_addrcpt_par documentation.
Patch from G.W. Haywood.
LIBMILTER: Fix a potential memory leak in smfi_setsymlist().
Patch from Martin Svec.
MAKEMAP: New map type "implicit" refers to the first available type,
i.e., it depends on the compile time options NEWDB, DBM,
and CDB. This can be used in conjunction with the
"implicit" map type in sendmail.cf.
Note: makemap, libsmdb, and sendmail must be compiled
with the same options (and library versions of course).
Portability:
Add support for Darwin 14-18 (Mac OS X 10.x).
New option HAS_GETHOSTBYNAME2: set if your system
supports gethostbyname2(2).
Set SM_CONF_SEM=2 for FreeBSD 12 and later due to
changes in sys/sem.h
On Linux set MAXHOSTNAMELEN (the maximum length
of a FQHN) to 256 if it is less than that value.
Added Files:
cf/feature/blocklist_recipients.m4
cf/feature/tls_failures.m4
devtools/OS/Darwin.14.x
devtools/OS/Darwin.15.x
devtools/OS/Darwin.16.x
libsmdb/smcdb.c
sendmail/ratectrl.h
Revision 1.138 / (download) - annotate - [select for diffs], Sat May 16 15:36:24 2020 UTC (3 years, 6 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1,
pkgsrc-2020Q4-base,
pkgsrc-2020Q4,
pkgsrc-2020Q3-base,
pkgsrc-2020Q3,
pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.137: +2 -1
lines
Diff to previous 1.137 (colored)
mail/sendmail: fix build in SUBST_NOOP_OK=no mode
Revision 1.137 / (download) - annotate - [select for diffs], Fri Apr 24 14:33:08 2020 UTC (3 years, 7 months ago) by manu
Branch: MAIN
Changes since 1.136: +2 -2
lines
Diff to previous 1.136 (colored)
Bug fix, submitted upstream Add missing curly brackets that caused res_ninit() to be called with non-zeroed state structure. In NetBSD, res_ninit() detects the mistake and quickly calls res_ndestroy(), which will close file descriptors based on the random data provided in the state structure. The result at mine is sendmail going mute after the MAIL FROM command.
Revision 1.136 / (download) - annotate - [select for diffs], Sun Apr 12 09:11:41 2020 UTC (3 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.135: +2 -2
lines
Diff to previous 1.135 (colored)
Allow the UseBlacklist configuration option, but ignore it, on systems that don't have blacklistd. This prevents configuration errors as the default config files have: O UseBlacklist=false
Revision 1.135 / (download) - annotate - [select for diffs], Sat Jan 18 21:49:54 2020 UTC (3 years, 10 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.134: +2 -2
lines
Diff to previous 1.134 (colored)
*: Recursive revision bump for openssl 1.1.1.
Revision 1.134 / (download) - annotate - [select for diffs], Tue Dec 3 18:51:02 2019 UTC (4 years ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.133: +2 -2
lines
Diff to previous 1.133 (colored)
To resole hostname to IPv6 addresses gethostbyname2() is needed. Fix spurious (may be forged) logs when receiving via IPv6 socket, and fix sending to IPv6-enabled relay. Bump PKGREVISION (no revision bump for libmilter, it's not affected)
Revision 1.133 / (download) - annotate - [select for diffs], Mon Jul 15 07:05:02 2019 UTC (4 years, 4 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.132: +2 -2
lines
Diff to previous 1.132 (colored)
Woops, didn't properly comment out a line that was disabling the use of res_n* functions.
Revision 1.132 / (download) - annotate - [select for diffs], Mon Jul 15 04:32:49 2019 UTC (4 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.131: +5 -2
lines
Diff to previous 1.131 (colored)
Add support for working with blacklistd. These patches were originally created for FreeBSD and were ported to pkgsrc by Hauke Fath with some cleanup by myself. These patches add a new "UseBlacklist" option to sendmail to have it send authentication failure notices to blacklistd.
Revision 1.131 / (download) - annotate - [select for diffs], Mon Jul 15 02:06:42 2019 UTC (4 years, 4 months ago) by jnemeth
Branch: MAIN
Changes since 1.130: +4 -1
lines
Diff to previous 1.130 (colored)
Add sendmail-ffr-badrcptshutdown option. This option enables the sendmail options BadRcptShutdown and BadRcptShutdownGood to be used. "ffr" stands for For Future Release, which means it is a beta test feature that may show up in a future release of sendmail. The sendmail-ffr-badrcptshutdown option is disabled by default so no change to binary packages, thus not bumping PKGREVISION.
Revision 1.130 / (download) - annotate - [select for diffs], Wed Dec 5 12:10:21 2018 UTC (5 years ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2,
pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.129: +2 -2
lines
Diff to previous 1.129 (colored)
Fix sendmail with OpenSSL 1.1. "Lightly edited" patch from Debian via PR pkg/53401. Bump revision.
Revision 1.129 / (download) - annotate - [select for diffs], Fri Dec 16 16:07:29 2016 UTC (6 years, 11 months ago) by hans
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2,
pkgsrc-2018Q1-base,
pkgsrc-2018Q1,
pkgsrc-2017Q4-base,
pkgsrc-2017Q4,
pkgsrc-2017Q3-base,
pkgsrc-2017Q3,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2,
pkgsrc-2017Q1-base,
pkgsrc-2017Q1,
pkgsrc-2016Q4-base,
pkgsrc-2016Q4
Changes since 1.128: +3 -2
lines
Diff to previous 1.128 (colored)
Update SMF manifest and add methods based on whats in illumos. This will create two sendmail service instances, :mta and :msp, to start the two sendmail instances that are usually required. The :mta instance optionally depends on spamassassin and spamass-milter.
Revision 1.128 / (download) - annotate - [select for diffs], Sat Mar 5 11:28:51 2016 UTC (7 years, 9 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Changes since 1.127: +2 -1
lines
Diff to previous 1.127 (colored)
Bump PKGREVISION for security/openssl ABI bump.
Revision 1.127 / (download) - annotate - [select for diffs], Sat Dec 6 23:22:20 2014 UTC (9 years ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base,
pkgsrc-2015Q4,
pkgsrc-2015Q3-base,
pkgsrc-2015Q3,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1,
pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.126: +1 -2
lines
Diff to previous 1.126 (colored)
Update sendmail to 8.15.1: this is mostly a feature/bugfix release.
Note that there was an incompatible config change for IPv6 users.
See the MESSAGE file for details.
pkgsrc change: delete a couple of patches that have been upstreamed
Proofpoint, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.15.1. This release:
o offers more TLS related features,
o does not ignore temporary map lookup failures during header rewriting,
o uses uncompressed IPv6 addresses by default, which is an incompatible
change that requires to update IPv6 related configuration data.
as well as many other enhancements. For details see the release
notes below.
SENDMAIL RELEASE NOTES
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.15.1/8.15.1 2014/12/06
SECURITY: Properly set the close-on-exec flag for file descriptors
(except stdin, stdout, and stderr) before executing mailers.
If header rewriting fails due to a temporary map lookup failure,
queue the mail for later retry instead of sending it
without rewriting the header. Note: this is done
while the mail is being sent and hence the transaction
is aborted, which only works for SMTP/LMTP mailers
hence the handling of temporary map failures is
suppressed for other mailers. SMTP/LMTP servers may
complain about aborted transactions when this problem
occurs.
See also "DNS Lookups" in sendmail/TUNING.
Incompatible Change: Use uncompressed IPv6 addresses by default,
i.e., they will not contain "::". For example,
instead of ::1 it will be 0:0:0:0:0:0:0:1. This
permits a zero subnet to have a more specific match,
such as different map entries for IPv6:0:0 vs IPv6:0.
This change requires that configuration data
(including maps, files, classes, custom ruleset,
etc) must use the same format, so make certain such
configuration data is updated before using 8.15.
As a very simple check search for patterns like
'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary,
the prior format can be retained by compiling with:
APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0')
in your devtools/Site/site.config.m4 file.
If debugging is turned on (-d0.14) also print the OpenSSL
versions, both build time and run time
(provided STARTTLS is compiled in).
If a connection to the MTA is dropped by the client before its
hostname can be validated, treat it as "may be forged",
so that the unvalidated hostname is not passed to a
milter in xxfi_connect().
Add a timeout for communication with socket map servers
which can be specified using the -d option.
Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow
numeric logins even if HESIOD is enabled.
The new option CertFingerprintAlgorithm specifies the finger-
print algorithm (digest) to use for the presented cert.
If the option is not set, md5 is used and the macro
{cert_md5} contains the cert fingerprint.
However, if the option is set, the specified algorithm
(e.g., sha1) is used and the macro {cert_fp} contains
the cert fingerprint.
That is, as long as the option is not set, the behaviour
does not change, but otherwise, {cert_md5} is superseded
by {cert_fp} even if you set CertFingerprintAlgorithm
to md5.
The options ServerSSLOptions and ClientSSLOptions can be used
to set SSL options for the server and client side
respectively. See SSL_CTX_set_options(3) for a list.
Note: this change turns on SSL_OP_NO_SSLv2 and
SSL_OP_NO_TICKET for the client. See doc/op/op.me
for details.
A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
address. It returns the string for the PTR lookup, but
without trailing {ip6,in-addr}.arpa.
New operation mode 'C' just checks the configuration file, e.g.,
sendmail -C new.cf -bC
will perform a basic syntax/consistency check of new.cf.
The mailer flag 'I' is deprecated and will be removed in a
future version.
Allow local (not just TCP) socket connections to the server, e.g.,
O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock
can be used.
If the new option MaxQueueAge is set to a value greater than zero,
entries in the queue will be retried during a queue run
only if the individual retry time has been reached which
is doubled for each attempt. The maximum retry time is
limited by the specified value.
New DontBlameSendmail option GroupReadableDefaultAuthInfoFile
to relax requirement for DefaultAuthInfo file.
Reset timeout after receiving a message to appropriate value if
STARTTLS is in use. Based on patch by Kelsey Cummings
of Sonic.net.
Report correct error messages from the LDAP library for a range of
small negative return values covering those used by OpenLDAP.
Fix compilation with Berkeley DB 5.0 and 6.0. Patch from
Allan E Johannesen of Worcester Polytechnic Institute.
CONFIG: FEATURE(`nopercenthack') takes one parameter: reject or
nospecial which describes whether to disallow "%" in the
local part of an address.
DEVTOOLS: Fix regression in auto-detection of libraries when only
shared libraries are available. Problem reported by
Bryan Costales.
LIBMILTER: Mark communication socket as close-on-exec in case
a user's filter starts other applications.
Based on patch from Paul Howarth.
Portability:
SunOS 5.12 has changed the API for sigwait(2) to conform
with XPG7. Based on patch from Roger Faulkner of Oracle.
Deleted Files:
libsm/path.c
Revision 1.126 / (download) - annotate - [select for diffs], Fri Sep 19 21:24:05 2014 UTC (9 years, 2 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base,
pkgsrc-2014Q3
Changes since 1.125: +2 -2
lines
Diff to previous 1.125 (colored)
build fix for clang
Revision 1.125 / (download) - annotate - [select for diffs], Sat Jun 21 18:39:27 2014 UTC (9 years, 5 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.124: +2 -3
lines
Diff to previous 1.124 (colored)
Bah! Don't bother installing rmail as it comes with the UUCP package
Revision 1.124 / (download) - annotate - [select for diffs], Fri Jun 20 16:26:55 2014 UTC (9 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.123: +2 -2
lines
Diff to previous 1.123 (colored)
Update to sendmail 8.14.9nb2: this is a pkgsrc bugfix update. This should be the last update during the freeze. PR/48566 - Emmanuel Dreyfus -- typo in patch-aw leading to build failure PR/48913 - Matthias Scheler -- libmilter fails on unprivileged builds
Revision 1.123 / (download) - annotate - [select for diffs], Fri Jun 20 05:24:32 2014 UTC (9 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.122: +2 -1
lines
Diff to previous 1.122 (colored)
Update to sendmail 8.14.9nb1: this is a pkgsrc bugfix update - remove some HTML cruft from netbsd-proto.mc - stop trying to set file ownership and group during stage-install - initialize sm_res earlier and test before calling res_ninit() - clear SSL_OP_TLSEXT_PADDING by defualt to fix interoperability issues - eliminate stray call to res_search() - verified with nm that all deprecated resolver functions have been eradicated The above should address the folling PRs: - PR/47207 - Richard Palo -- attempt to set ownership when unprivileged - PR/48566 - Emmanuel Dreyfus -- problem with TLS timeouts - PR/48913 - Matthias Scheler -- attempt to set ownership when unprivileged
Revision 1.122 / (download) - annotate - [select for diffs], Sun Jun 15 21:04:30 2014 UTC (9 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.121: +2 -2
lines
Diff to previous 1.121 (colored)
Rename ffr-tls option to sendmail-ffr-tls as requested by wiz@. Ride version change done a few minutes ago.
Revision 1.121 / (download) - annotate - [select for diffs], Sun Jun 15 20:48:49 2014 UTC (9 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.120: +43 -10
lines
Diff to previous 1.120 (colored)
Update to sendmail 8.14.9: this fixes a minor potential security issue
pkgsrc changes:
- consolidate several patches into site.config.m4
- pkgsrc LDFLAGS should always be used
- don't bother specifying file owner/group anywhere except in Makefile
- create include/sm/os/sm_os_netbsd.h to fix warnings and OS specific stuff
- install mail.local and rmail
- convert to use res_n* functions
- allows for linking against threaded libraries
- add a TODO file
- PR/35249 - Loren M. Lang
- can't find libraries on Linux, this should be fixed by using pkgsrc LDFLAGS
- PR/46694 - Makoto Fujiwara
- bring back netbsd-proto.mc from when sendmail was part of the base system
- PR/47207 - Richard Palo
- let pkgsrc infrastructure handle file ownership and group
- PR/48566 - Emmanuel Dreyfus
- always set _FFR_USE_GETPWNAM_ERRNO on NetBSD
- roll ffr_tls_1 and the suggested ffr_tls_ec into one new ffr_tls option
- not enabled by default because it changes behaviour
8.14.9/8.14.9 2014/05/21
SECURITY: Properly set the close-on-exec flag for file descriptors
(except stdin, stdout, and stderr) before executing mailers.
Fix a misformed comment in conf.c: "/*" within comment
which may cause a compilation error on some systems.
Problem reported by John Beck of Oracle.
DEVTOOLS: Fix regression in auto-detection of libraries when only
shared libraries are available. Problem reported by
Bryan Costales.
Revision 1.120 / (download) - annotate - [select for diffs], Sat May 10 14:38:26 2014 UTC (9 years, 6 months ago) by richard
Branch: MAIN
Changes since 1.119: +2 -2
lines
Diff to previous 1.119 (colored)
Fix INSTALLATION_DIRS to only append allowing SunOS smf support to work adding -lresolv to prevent linker unresolved symbols in site.config.m4 for SunOS as well.
Revision 1.119 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:09 2014 UTC (9 years, 9 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1
Changes since 1.118: +2 -1
lines
Diff to previous 1.118 (colored)
Recursive PKGREVISION bump for OpenSSL API version bump.
Revision 1.118 / (download) - annotate - [select for diffs], Sun Feb 9 02:02:46 2014 UTC (9 years, 9 months ago) by jnemeth
Branch: MAIN
Changes since 1.117: +1 -2
lines
Diff to previous 1.117 (colored)
Update to sendmail 8.14.8: this release contains some bug fixes plus some minor feature additions. 8.14.8/8.14.8 2014/01/26 Properly initialize all OpenSSL algorithms for versions before OpenSSL 0.9.8o. Without this SHA2 algorithms may not work properly, causing for example failures for certs that use sha256WithRSAEncryption as signature algorithm. When looking up hostnames, ensure only to return those records for the requested family (AF_INET or AF_INET6). On system that have NEEDSGETIPNODE and NETINET6 this may have failed and cause delivery problems. Problem noted by Kees Cook. A new mailer flag '!' is available to suppress an MH hack that drops an explicit From: header if it is the same as what sendmail would generate. Add an FFR (for future release) to use uncompressed IPv6 addresses, i.e., they will not contain "::". For example, instead of ::1 it will be 0:0:0:0:0:0:0:1. This means that configuration data (including maps, files, classes, custom ruleset, etc) have to use the same format. This will be turned on in 8.15. It can be enabled in 8.14 by compiling with: APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_IPV6_FULL') in your devtools/Site/site.config.m4 file. Add an additional case for the WorkAroundBrokenAAAA check when dealing with broken nameservers by ignoring SERVFAIL errors returned on T_AAAA (IPv6) lookups at delivery time. Problem noted by Pavel Timofeev of OCS. If available, pass LOGIN_SETCPUMASK and LOGIN_SETLOGINCLASS to setusercontext() on deliveries as a different user. Patch from Edward Tomasz Napierala from FreeBSD. Avoid compiler warnings from a change in Cyrus-SASL 2.1.25. Patch from Hajimu UMEMOTO from FreeBSD. Add support for DHParameters 2048-bit primes. CONFIG: Accept IPv6 literals when evaluating the HELO/EHLO argument in FEATURE(`block_bad_helo'). Suggested by Andrey Chernov. LIBSMDB: Add a missing check for malloc() in libsmdb/smndbm.c. Patch from Bill Parker. LIBSMDB: Fix minor memory leaks in libsmdb/ if allocations fail. Patch from John Beck of Oracle. Portability: Add support for Darwin 12.x and 13.x (Mac OS X 10.8 and 10.9). On Linux use socklen_t as the type for the 3rd argument for getsockname/getpeername if the glibc version is at least 2.1. Added Files: devtools/OS/Darwin.12.x devtools/OS/Darwin.13.x
Revision 1.117 / (download) - annotate - [select for diffs], Thu Sep 19 10:54:05 2013 UTC (10 years, 2 months ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base,
pkgsrc-2013Q4,
pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.116: +5 -2
lines
Diff to previous 1.116 (colored)
Add a ffr_tls_1 option to sendmail, which enable the O CipherList option for sendmail.cf. it is required in order to remove weak ciphers, and enforce Forward Secrecy on modern MUA Usage example: O CipherList=DH@STRENGTH:HIGH:!MD5:!DES:!aNULL:!eNULL
Revision 1.116 / (download) - annotate - [select for diffs], Fri Jul 12 10:44:58 2013 UTC (10 years, 4 months ago) by jperkin
Branch: MAIN
Changes since 1.115: +2 -1
lines
Diff to previous 1.115 (colored)
Bump PKGREVISION of all packages which create users, to pick up change of sysutils/user_* packages.
Revision 1.115 / (download) - annotate - [select for diffs], Sun May 5 02:36:20 2013 UTC (10 years, 7 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.114: +1 -2
lines
Diff to previous 1.114 (colored)
Update to sendmail 8.14.7: this is a bug fix release. 8.14.7/8.14.7 2013/04/21 Drop support for IPv4-mapped IPv6 addresses to prevent the MTA from using a mapped address over a legitimate IPv6 address and to enforce the proper semantics over the IPv6 connection. Problem noted by Ulrich Sporlein. Fix a regression introduced in 8.14.6: the wrong list of macros was sent to a milter in the EHLO stage. Problem found by Fabrice Bellet, reported via RedHat (Jaroslav Skarvada). Fix handling of ORCPT parameter for DSNs: xtext decoding was not performed and a wrong syntax check was applied to the "addr-type" field. Problem noted by Dan Lukes of Obludarium. Fix handling of NUL characters in the MIME conversion functions so that message bodies containing them will be sent on properly. Note: this usually also affects mails that are not converted as those functions are used for other purposes too. Problem noted by Elchonon Edelson of Lockheed Martin. Do not perform "duplicate" elimination of recipients if they resolve to the error mailer using a temporary failure (4xy) via ruleset 0. Problem noted by Akira Takahashi of IIJ. CONTRIB: Updated version of etrn.pl script from John Beck of Oracle. Portability: Unlike gcc, clang doesn't apply full prototypes to K&R definitions.
Revision 1.114 / (download) - annotate - [select for diffs], Wed Feb 6 23:22:48 2013 UTC (10 years, 10 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base,
pkgsrc-2013Q1
Changes since 1.113: +2 -1
lines
Diff to previous 1.113 (colored)
PKGREVISION bumps for the security/openssl 1.0.1d update.
Revision 1.113 / (download) - annotate - [select for diffs], Wed Feb 6 07:42:04 2013 UTC (10 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.112: +1 -2
lines
Diff to previous 1.112 (colored)
Update to sendmail 8.14.6: this is a general bug fix release. - will look at making recently requested changes in a subsequent commit 8.14.6/8.14.6 2012/12/23 Fix a regression introduced in 8.14.5: if a server offers two AUTH lines, the MTA would not read them after STARTTLS has been used and hence SMTP AUTH for the client side would fail. Problem noted by Lena. Do not cache hostnames internally in a non case sensitive way as that may cause addresses to change from lower case to upper case or vice versa. These header modifications can cause problems with milters that rely on receiving headers in the same way as they are being sent out such as a DKIM signing milter. If MaxQueueChildren is set then it was possible that new queue runners could not be started anymore because an internal counter was subject to a race condition. If a milter decreases the timeout it waits for a communication with the MTA, the MTA might experience a write() timeout. In some situations, the resulting error might have been ignored. Problem noted by Werner Wiethege. Note: decreasing the communication timeout in a milter should not be done without considering the potential problems. smfi_setsymlist() now properly sets the list of macros for the milter which invoked it, instead of a global list for all milters. Problem reported by David Shrimpton of the University of Queensland. If Timeout.resolver.retrans is set to a value larger than 20, then resolver.retry was temporarily set to 0 for gethostbyaddr() lookups. Now it is set to 1 instead. Patch from Peter. If sendmail could not lock the statistics file due to a system error, and sendmail later sends a DSN for a mail that triggered such an error, then sendmail tried to access memory that was freed before (causing a crash on some systems). Problem reported by Ryan Stone. Do not log negative values for size= nor pri= to avoid confusing log parsers, instead limit the values to LONG_MAX. Account for an API change in newer versions of Cyrus-SASL. Patch from Hajimu UMEMOTO from FreeBSD. Do not try to resolve link-local addresses for IPv4 (just as it is done for IPv6). Patch from John Beck of Oracle. Improve logging of client and server STARTTLS connection failures that may be due to incompatible cipher lists by including the reason for the failure in a single log line. Suggested by James Carey of Boeing. Portability: Add support for Darwin 11.x and 12.x (Mac OS X 10.7 and 10.8). Add support for SunOS 5.12 (aka Solaris 12). Patch from John Beck of Oracle.
Revision 1.112 / (download) - annotate - [select for diffs], Sun Dec 16 01:52:23 2012 UTC (10 years, 11 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base,
pkgsrc-2012Q4
Changes since 1.111: +2 -2
lines
Diff to previous 1.111 (colored)
recursive bump from cyrus-sasl libsasl2 shlib major bump.
Revision 1.111 / (download) - annotate - [select for diffs], Mon Oct 8 12:19:30 2012 UTC (11 years, 2 months ago) by asau
Branch: MAIN
Changes since 1.110: +1 -3
lines
Diff to previous 1.110 (colored)
Drop PKG_DESTDIR_SUPPORT setting, "user-destdir" is default these days.
Revision 1.110 / (download) - annotate - [select for diffs], Fri Jul 27 17:46:01 2012 UTC (11 years, 4 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base,
pkgsrc-2012Q3
Changes since 1.109: +2 -1
lines
Diff to previous 1.109 (colored)
enable reload in rc.d scripts
Revision 1.109 / (download) - annotate - [select for diffs], Fri Mar 12 13:19:49 2010 UTC (13 years, 8 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base,
pkgsrc-2012Q2,
pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1
Changes since 1.108: +2 -1
lines
Diff to previous 1.108 (colored)
marked as CONFLICTS with esmtp>=1.2 (bin/mailq and/or bin/newaliases)
Revision 1.108 / (download) - annotate - [select for diffs], Sat Jan 16 00:31:13 2010 UTC (13 years, 10 months ago) by jnemeth
Branch: MAIN
Changes since 1.107: +1 -2
lines
Diff to previous 1.107 (colored)
Update to 8.14.4:
8.14.4/8.14.4 2009/12/30
SECURITY: Handle bogus certificates containing NUL characters
in CNs by placing a string indicating a bad certificate
in the {cn_subject} or {cn_issuer} macro. Patch inspired
by Matthias Andree's changes for fetchmail.
During the generation of a queue identifier an integer overflow
could occur which might result in bogus characters
being used. Based on patch from John Vannoy of
Pepperdine University.
The value of headers, e.g., Precedence, Content-Type, et.al.,
was not processed correctly. Patch from Per Hedeland.
Between 8.11.7 and 8.12.0 the length limitation on a return
path was erroneously reduced from MAXNAME (256) to
MAXSHORTSTR (203). Patch from John Gardiner Myers
of Proofpoint; the problem was also noted by Steve
Hubert of University of Washington.
Prevent a crash when a hostname lookup returns a seemingly
valid result which contains a NULL pointer (this seems
to be happening on some Linux versions).
The process title was missing the current load average when
the MTA was delaying connections due to DelayLA.
Patch from Dick St.Peters of NetHeaven.
Do not reset the number of queue entries in shared memory if
only some of them are processed.
Fix overflow of an internal array when parsing some replies
from a milter. Problem found by Scott Rotondo
of Sun Microsystems.
If STARTTLS is turned off in the server (via M=S) then it
would not be initialized for use in the client either.
Patch from Kazuteru Okahashi of IIJ.
If a Diffie-Hellman cipher is selected for STARTTLS, the
handshake could fail with some TLS implementations
because the prime used by the server is not long enough.
Note: the initialization of the DSA/DH parameters for
the server can take a significant amount of time on slow
machines. This can be turned off by setting DHParameters
to none or a file (see doc/op/op.me). Patch from
Petr Lampa of the Brno University of Technology.
Fix handling of `b' modifier for DaemonPortOptions on little
endian machines for loopback address. Patch from
John Beck of Sun Microsystems.
Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
Based on patch from Jonathan Gray of OpenBSD.
If a milter sets the reply code to "421" during the transfer
of the body, the SMTP server will terminate the SMTP session
with that error to match the behavior of the other callbacks.
Return EX_IOERR (instead of 0) if a mail submission fails due to
missing disk space in the mail queue. Based on patch
from Martin Poole of RedHat.
CONFIG: Using FEATURE(`ldap_routing')'s `nodomain' argument would
cause addresses not found in LDAP to be misparsed.
CONFIG: Using a CN restriction did not work for TLS_Clt as it
referred to a wrong macro. Patch from John Gardiner
Myers of Proofpoint.
CONFIG: The option relaytofulladdress of FEATURE(`access_db')
did not work if FEATURE(`relay_hosts_only') is used too.
Problem noted by Kristian Shaw.
CONFIG: The internal function lower() was broken and hence
strcasecmp() did not work either, which could cause
problems for some FEATURE()s if upper case arguments
were used. Patch from Vesa-Matti J Kari of the
University of Helsinki.
LIBMILTER: Fix internal check whether a milter application
is compiled against the same version of libmilter as
it is linked against (especially useful for dynamic
libraries).
LIBMILTER: Fix memory leak that occurred when smfi_setsymlist()
was used. Based on patch by Dan Lukes.
LIBMILTER: Document the effect of SMFIP_HDR_LEADSPC for filters
which add, insert, or replace headers. From Benjamin
Pineau.
LIBMILTER: Fix error messages which refer to "select()" to be
correct if SM_CONF_POLL is used. Based on patch from
John Nemeth.
LIBSM: Fix handling of LDAP search failures where the error is
carried in the search result itself, such as seen with
OpenLDAP proxy servers.
VACATION: Do not refer to a local variable outside its scope.
Based on patch from Mark Costlow of Southwest Cyberport.
Portability:
Enable HAVE_NANOSLEEP for SunOS 5.11. Patch from
John Beck of Sun Microsystems.
Drop NISPLUS from default SunOS 5.11 map definitions.
Patch from John Beck of Sun Microsystems.
Revision 1.107 / (download) - annotate - [select for diffs], Sat Mar 21 21:30:58 2009 UTC (14 years, 8 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2,
pkgsrc-2009Q1-base,
pkgsrc-2009Q1
Changes since 1.106: +19 -16
lines
Diff to previous 1.106 (colored)
- various pkglint cleanups - add user-destdir support - this should fix PR/41004
Revision 1.106 / (download) - annotate - [select for diffs], Sat Mar 21 21:20:28 2009 UTC (14 years, 8 months ago) by jnemeth
Branch: MAIN
Changes since 1.105: +2 -2
lines
Diff to previous 1.105 (colored)
As owner of the package, I have not approved this patch. Having had a chance to closely examine it, I would prefer it be done slightly differently. Also, the patch patches multiple files in direct contravention of pkgsrc guidelines. One of the files is also patched by a different patch. Having multiple patches applied to a single file makes maitenance much more difficult.
Revision 1.105 / (download) - annotate - [select for diffs], Mon Mar 9 21:24:00 2009 UTC (14 years, 9 months ago) by manu
Branch: MAIN
Changes since 1.104: +2 -2
lines
Diff to previous 1.104 (colored)
This patch fixes an important reliability fix when Sendmail performs local mail delivery with non local NSS passwd source, such as LDAP. Stock LDAP uses getpwnam(3) to lookup recipients. As mandated by SUSv2, getpwnam(3) does not set errno, so Sendmail has no way of distinguishing a non existing user and an error with a remote NSS source. Therefore, when the LDAP server goes down, Sendmail bounces mail to valid recipients. A first workround is to remove F=w from Mlocal in sendmail.cf. This will inhibit local recipient lookups, but it has a two drawbacks - ~/.forward do not work anymore - For multi-recipient mails with a single inexistent user, mail.local cause a DSN reporting an error for all users, whereas all valid users do get the message. A better workaround is this patch, which calls getpwnam_r(3). This newer API do set errno and do return an error code. Sendmail is therefore able to detect that it had a transcient error in NSS, and it will react by queuing the message. This is what you really want to happen when LDAP is down. I have not been able to get any feedback from Sendmail developers about this patch.
Revision 1.104 / (download) - annotate - [select for diffs], Wed Aug 13 15:41:29 2008 UTC (15 years, 3 months ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.103: +2 -1
lines
Diff to previous 1.103 (colored)
Enable _FFR_LDAP_NETWORK_TIMEOUT This feature adds a -c switch to LDAPMAP definitions, which can be used to specify a connection timeout (the equivalent of ldap.conf's bind_timeout) Here is an usage example, in sendmail.cf: O LDAPDefaultSpec=-w 3 -c 1 -l 3 If the server does not connect after 1 second (-c 1), we give up. If it does not anwer after 3 seconds (-l 3), we give up with a temporary failure. Using -c is the only way to avoid sendmail getting stuck against a half-dead slapd, where the TCP port is in listening state but the server will not serve anything.
Revision 1.103 / (download) - annotate - [select for diffs], Sun May 25 21:42:21 2008 UTC (15 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
cwrapper
Changes since 1.102: +3 -1
lines
Diff to previous 1.102 (colored)
Explicitly add pax dependency in those Makefiles that use it (or have patches to add it). Drop pax from the default USE_TOOLS list. Make bsdtar the default for those places that wanted gtar to extract long links etc, as bsdtar can be built of the tree.
Revision 1.102 / (download) - annotate - [select for diffs], Fri Oct 19 09:11:45 2007 UTC (16 years, 1 month ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4
Changes since 1.101: +18 -20
lines
Diff to previous 1.101 (colored)
- create /var/spool/mqueue with mode 0700 - pre-create all directories with INSTALLATION_DIRS+=... - convert to DESTDIR
Revision 1.101 / (download) - annotate - [select for diffs], Tue Sep 25 20:05:23 2007 UTC (16 years, 2 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3
Changes since 1.100: +4 -3
lines
Diff to previous 1.100 (colored)
The sendmail and libmilter should have different sets of options. In
particular, libmilter does *not* support "ldap", "sasl", etc. which are
supported by only sendmail. Do this through the following:
(1) Create libmilter/options.mk with support for the "inet6" option.
(2) Drop inclusion of options.mk from sendmail/Makefile.common and move
it to libmilter/Makefile and sendmail/Makefile.
While here, properly support IPv6 on FreeBSD, which like DragonFly has
getipnodebyname() in libc.
As a result of these changes, libmilter will no longer depend on
cyrus-sasl or openssl or openldap-client depending on what is set
in PKG_DEFAULT_OPTIONS.
Bump the PKGREVISION of libmilter to 1 due to the changed dependency list.
No change to sendmail as the binary package does not change.
Revision 1.100 / (download) - annotate - [select for diffs], Tue Jun 19 17:10:55 2007 UTC (16 years, 5 months ago) by jnemeth
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base,
pkgsrc-2007Q2
Changes since 1.99: +2 -1
lines
Diff to previous 1.99 (colored)
create manpage directories
Revision 1.99 / (download) - annotate - [select for diffs], Thu Apr 26 06:26:27 2007 UTC (16 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.98: +17 -18
lines
Diff to previous 1.98 (colored)
Update to sendmail-8.14.1. Major changes since sendmail-8.13.8:
8.14.1/8.14.1 2007/04/03
Even though a milter rejects a recipient the MTA will still keep
it in its list of recipients and deliver to it if the
transaction is accepted. This is a regression introduced
in 8.14.0 due to the change for SMFIP_RCPT_REJ. Bug
found by Andy Fiddaman.
The new DaemonPortOptions which begin with a lower case character
could not be set in 8.14.0.
If a server shut down the connection in response to a STARTTLS
command, sendmail would log a misleading error message
due to an internal inconsistency. Problem found by
Werner Wiethege.
Document how some sendmail.cf options change the behavior of mailq.
Noted by Paul Menchini of the North Carolina School of
Science and Mathematics.
CONFIG: Add confSOFT_BOUNCE m4 option for setting SoftBounce.
CONFIG: 8.14.0's RELEASE_NOTES failed to mention the addition
of the confMAX_NOOP_COMMANDS and confSHARED_MEMORY_KEY_FILE
m4 options for setting MaxNOOPCommands and
SharedMemoryKeyFile.
CONFIG: Add confMILTER_MACROS_EOH and confMILTER_MACROS_DATA m4
options for setting Milter.macros.eoh and Milter.macros.data.
CONTRIB: Use flock() and fcntl() in qtool.pl if necessary.
Patch from Daniel Carroll of Mesa State College.
LIBMILTER: Make sure an unknown command does not affect the
currently available macros. Problem found by Andy Fiddaman.
LIBMILTER: The MTA did not offer SMFIF_SETSYMLIST during option
negotiation. Problem reported by Bryan Costales.
LIBMILTER: Fix several minor errors in the documentation.
Patches from Bryan Costales.
PORTABILITY FIXES:
AIX 5.{1,2}: libsm/util.c failed to compile due to
redefinition of several macros, e.g., SIG_ERR.
Patch from Jim Pirzyk with assistance by Bob
Booth, University of Illinois at Urbana-Champaign.
Add support for QNX.6. Patch from Sean Boudreau of QNX
Software Systems.
New Files:
devtools/M4/depend/QNX6.m4
devtools/OS/QNX.6.x
include/sm/os/sm_os_qnx.h
New Files added in 8.14.0, but not shown in the release notes entry:
libmilter/docs/smfi_chgfrom.html
libmilter/docs/smfi_version.html
8.14.0/8.14.0 2007/01/31
Header field values are now 8 bit clean. Notes:
- header field names are still restricted to 7 bit.
- RFC 2822 allows only 7 bit (US-ASCII) characters in
headers.
Preserve spaces after the colon in a header. Previously, any
number of spaces after the colon would be changed to
exactly one space.
In some cases of deeply nested aliases/forwarding, mail can
be silently lost. Moreover, the MaxAliasRecursion
limit may be reached too early, e.g., the counter
may be off by a factor of 4 in case of a sequence of
.forward files that refer to others. Patch from
Motonori Nakamura of Kyoto University.
Fix a regression in 8.13.8: if InputMailFilters is set then
"sendmail -bs" can trigger an assertion because the
hostname of the client is undefined. It is now set
to "localhost" for the xxfi_connect() callback.
Avoid referencing a freed variable during cleanup when terminating.
Problem reported and diagnosed by Joe Maimon.
New option HeloName to set the name for the HELO/EHLO command.
Patch from Nik Clayton.
New option SoftBounce to issue temporary errors (4xy) instead of
permanent errors (5xy). This can be useful for testing.
New suboptions for DaemonPortOptions to set them individually
per daemon socket:
DeliveryMode DeliveryMode
refuseLA RefuseLA
delayLA DelayLA
queueLA QueueLA
children MaxDaemonChildren
New option -K for LDAP maps to replace %1 through %9 in the
lookup key with the LDAP escaped contents of the
arguments specified in the map lookup. Loosely based
on patch from Wolfgang Hottgenroth.
Log the time after which a greet_pause delay triggered. Patch
from Nik Clayton.
If a client is rejected via TCP wrapper or some other check
performed by validate_connection() (in conf.c) then do
not also invoke greet_pause. Problem noted by Jim Pirzyk
of the University of Illinois at Urbana-Champaign.
If a client terminates the SMTP connection during a pause
introduced by greet_pause, then a misleading message
was logged previously. Problem noted by Vernon Schryver
et.al., patch from Matej Vela.
New command "mstat" for control socket to provide "machine
readable" status.
New named config file rule check_eom which is called at the end
of a message, its parameter is the size of the message.
If the macro {addr_type} indicates that the current address
is a header address it also distinguishes between
recipient and sender addresses (as it is done for
envelope addresses).
When a macro is set in check_relay, then its value is accessible
by all transactions in the same SMTP session.
Increase size of key for ldap lookups to 1024 (MAXKEY).
New option MaxNOOPCommands to override default of 20 for the
number of "useless" commands before the SMTP server will
slow down responding.
New option SharedMemoryKeyFile: if shared memory support is
enabled, the MTA can be asked to select a shared memory
key itself by setting SharedMemoryKey to -1 and specifying
a file where to store the selected key.
Try to deal with open HTTP proxies that are used to send spam
by recognizing some commands from them. If the first command
from the client is GET, POST, CONNECT, or USER, then the
connection is terminated immediately.
New PrivacyOptions noactualrecipient to avoid putting
X-Actual-Recipient lines in DSNs revealing the actual
account that addresses map to. Patch from Dan Harkless.
New options B, z, and Z for DNS maps:
-B: specify a domain that is always appended to queries.
-z: specify the delimiter at which to cut off the result of
a query if it is too long.
-Z: specify the maximum number of entries to be concatenated
to form the result of a lookup.
New target "check" in the Makefile of libsm: instead of running tests
implicitly while building libsm, they must be explicitly
started by using "make check".
Fixed some inconsistent checks for NULL pointers that have been
reported by the SATURN tool which has been developed by
Isil Dillig and Thomas Dillig of Stanford University.
Fix a potential race condition caused by a signal handler for
terminated child processes. Problem noted by David F. Skoll.
When a milter deleted a recipient, that recipient could cause a
queue group selection. This has been disabled as it was not
intended.
New operator 'r' for the arith map to return a random number.
Patch from Motonori Nakamura of Kyoto University.
New compile time option MILTER_NO_NAGLE to turn off the Nagle
algorithm for communication with libmilter ("cork" on Linux),
which may improve the communication performance on some
operating systems. Patch from John Gardiner Myers of
Proofpoint.
If sendmail received input that contained a CR without subsequent LF
(thus violating RFC 2821 (2.3.7)), it could previously
generate an additional blank line in the output as the last
line.
Restarting persistent queue runners by sending a HUP signal to
the "queue control process" (QCP) works now.
Increase the length of an input line to 12288 to deal with
really long lines during SMTP AUTH negotiations.
Problem noted by Werner Wiethege.
If ARPANET mode (-ba) was selected STARTTLS would fail (due to
a missing initialization call for that case). Problem
noted by Neil Rickert of Northern Illinois University.
If sendmail is linked against a library that initializes Cyrus-SASL
before sendmail did it (such as libnss-ldap), then SMTP AUTH
could fail for the sendmail client. A patch by Moritz Both
works around the API design flaw of Cyrus-SASLv2.
CONFIG: Make it possible to unset the StatusFile option by
undefining STATUS_FILE. By not setting StatusFile,
the MTA will not attempt to open a statistics file on
each delivery.
CONFIG: New FEATURE(`require_rdns') to reject messages from SMTP
clients whose IP address does not have proper reverse DNS.
Contributed by Neil Rickert of Northern Illinois University
and John Beck of Sun Microsystems.
CONFIG: New FEATURE(`block_bad_helo') to reject messages from SMTP
clients which provide a HELO/EHLO argument which is either
unqualified, or is one of our own names (i.e., the server
name instead of the client name). Contributed by Neil
Rickert of Northern Illinois University and John Beck of
Sun Microsystems.
CONFIG: New FEATURE(`badmx') to reject envelope sender addresses
(MAIL) whose domain part resolves to a "bad" MX record.
Based on contribution from William Dell Wisner.
CONFIG: New macros SMTP_MAILER_LL and RELAY_MAILER_LL to override
the maximum line length of the smtp mailers.
CONFIG: New option `relaytofulladdress' for FEATURE(`access_db')
to allow entries in the access map to be of the form
To:user@example.com RELAY
CONFIG: New subsuboptions eoh and data to specify the list of
macros a milter should receive at those stages in the
SMTP dialogue.
CONFIG: New option confHELO_NAME for HeloName to set the name
for the HELO/EHLO command.
CONFIG: dnsbl and enhdnsbl can now also discard or quarantine
messages by using those values as second argument.
Patches from Nelson Fung.
CONTRIB: cidrexpand uses a hash symbol as comment character and
ignores everything after it unless it is in quotes or
preceeded by a backslash.
DEVTOOLS: New macro confMKDIR: if set to a program that creates
directories, then it used for "make install" to create
the required installation directories.
DEVTOOLS: New macro confCCLINK to specify the linker to use for
executables (defaults to confCC).
LIBMILTER: A new version of the milter API has been created that
has several changes which are listed below and documented
in the webpages reachable via libmilter/docs/index.html.
LIBMILTER: The meaning of the version macro SMFI_VERSION has been
changed. It now refers only to the version of libmilter,
not to the protocol version (which is used only internally,
it is not user/milter-programmer visible). Additionally,
a version function smfi_version() has been introduced such
that a milter program can check the libmilter version also
at runtime which is useful if a shared library is used.
LIBMILTER: A new callback xxfi_negotiate() can be used to
dynamically (i.e., at runtime) determine the available
protocol actions and features of the MTA and also to
specify which of these a milter wants to use. This allows
for more flexibility than hardcoding these flags in the
xxfi_flags field of the smfiDesc structure.
LIBMILTER: A new callback xxfi_data() is available so milters
can act on the DATA command.
LIBMILTER: A new callback xxfi_unknown() is available so milters
can receive also unknown SMTP commands.
LIBMILTER: A new return code SMFIS_NOREPLY has been added which
can be used by the xxfi_header() callback provided the
milter requested the SMFIP_NOHREPL protocol action.
LIBMILTER: The new return code SMFIS_SKIP can be used in the
xxfi_body() callback to skip over further body chunks
and directly advance to the xxfi_eom() callback. This
is useful if a milter can make a decision based on the
body chunks it already received without reading the entire
rest of the body and the milter wants to invoke functions
that are only available from the xxfi_eom() callback.
LIBMILTER: A new function smfi_addrcpt_par() can be used to add
new recipients including ESMTP parameters.
LIBMILTER: A new function smfi_chgfrom() can be used to change the
envelope sender including ESMTP parameters.
LIBMILTER: A milter can now request to be informed about rejected
recipients (RCPT) too. This requires to set the protocol
flag SMFIP_RCPT_REJ during option negotiation. Whether
a RCPT has been rejected can be checked by comparing the
value of the macro {rcpt_mailer} with "error".
LIBMILTER: A milter can now override the list of macros that it
wants to receive from the MTA for each protocol step
by invoking the function smfi_setsymlist() during option
negotiation.
LIBMILTER: A milter can receive header field values with all
leading spaces by requesting the SMFIP_HDR_LEADSPC
protocol action. Also, if the flag is set then the MTA
does not add a leading space to headers that are added,
inserted, or replaced.
LIBMILTER: If a milter sets the reply code to "421" for the HELO
callback, the SMTP server will terminate the SMTP session
with that error to match the behavior of all other callbacks.
New Files:
cf/feature/badmx.m4
cf/feature/block_bad_helo.m4
cf/feature/require_rdns.m4
devtools/M4/UNIX/check.m4
include/sm/misc.h
include/sm/sendmail.h
include/sm/tailq.h
libmilter/docs/smfi_addrcpt_par.html
libmilter/docs/smfi_setsymlist.html
libmilter/docs/xxfi_data.html
libmilter/docs/xxfi_negotiate.html
libmilter/docs/xxfi_unknown.html
libmilter/example.c
libmilter/monitor.c
libmilter/worker.c
libsm/memstat.c
libsm/t-memstat.c
libsm/t-qic.c
libsm/util.c
sendmail/daemon.h
sendmail/map.h
Revision 1.98 / (download) - annotate - [select for diffs], Thu Apr 19 19:24:09 2007 UTC (16 years, 7 months ago) by joerg
Branch: MAIN
Changes since 1.97: +3 -1
lines
Diff to previous 1.97 (colored)
Precreate some directories for NO_MTREE.
Revision 1.97 / (download) - annotate - [select for diffs], Wed Apr 18 01:39:29 2007 UTC (16 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.96: +1 -2
lines
Diff to previous 1.96 (colored)
revert previous, turns out qmail and sendmail don't share any filenames
Revision 1.96 / (download) - annotate - [select for diffs], Tue Apr 17 10:35:50 2007 UTC (16 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.95: +2 -1
lines
Diff to previous 1.95 (colored)
add conflict with qmail
Revision 1.95 / (download) - annotate - [select for diffs], Sat Jan 20 20:08:31 2007 UTC (16 years, 10 months ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.94: +6 -14
lines
Diff to previous 1.94 (colored)
REPLACE_PERL works even if Perl is not registered as a dependency. So, compile socketmap support in unconditionally (as the Perl scripts are actually only examples of socketmap functionality; any language can be used in reality). Remove socketmap related OPTIONs completely.
Revision 1.94 / (download) - annotate - [select for diffs], Fri Dec 29 21:44:09 2006 UTC (16 years, 11 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4
Changes since 1.93: +2 -2
lines
Diff to previous 1.93 (colored)
Fix rpath for Solaris 10 and 11 so that pkg libraries are found. As per existing patches for earlier Solaris versions. Bump PKGREVISION.
Revision 1.93 / (download) - annotate - [select for diffs], Thu Oct 12 21:04:27 2006 UTC (17 years, 1 month ago) by tv
Branch: MAIN
Changes since 1.92: +12 -6
lines
Diff to previous 1.92 (colored)
8.13.8nb2: Don't install .cf files to /etc/mail directly at all; offer a message about how to install them instead. Don't create /etc/mail/statistics. Create mqueue dirs at install via MAKE_DIRS. Should fix PR pkg/20852. Make sure SMRSH_CMDDIR gets to the compile defs. Fixes PR pkg/34513.
Revision 1.92 / (download) - annotate - [select for diffs], Tue Sep 5 20:01:37 2006 UTC (17 years, 3 months ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.91: +2 -1
lines
Diff to previous 1.91 (colored)
nb1: Add patch at http://www.sendmail.org/patches/client_name.assert.p0. Non-critical, but could cause problems if "sendmail -bs" is used in conjunction with milters.
Revision 1.90.2.1 / (download) - annotate - [select for diffs], Tue Aug 29 06:53:23 2006 UTC (17 years, 3 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.90: +7 -5
lines
Diff to previous 1.90 (colored) next main 1.91 (colored)
Pullup ticket 1812 - requested by tv
security/bugfix update for sendmail
Revisions pulled up:
- pkgsrc/mail/sendmail/Makefile 1.91
- pkgsrc/mail/sendmail/Makefile.common 1.37-1.38
- pkgsrc/mail/sendmail/distinfo 1.31-1.32
- pkgsrc/mail/sendmail/patches/patch-aj 1.4
- pkgsrc/mail/sendmail/patches/patch-ak removed
- pkgsrc/mail/sendmail/patches/patch-al removed
- pkgsrc/mail/sendmail/patches/patch-am removed
Module Name: pkgsrc
Committed By: tv
Date: Fri Jul 7 18:06:28 UTC 2006
Modified Files:
pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
pkgsrc/mail/sendmail/patches: patch-aj
Removed Files:
pkgsrc/mail/sendmail/patches: patch-ak patch-al patch-am
Log Message:
Update to 8.13.7; changelog below. (8.13.6nb3 already had the security
fixes by patch.)
While here, fix PR pkg/33821 by substituting pkgsrc's BINOWN, BINGRP, and
INSTALL definitions into the installed share/sendmail/cf/Makefile.
8.13.7/8.13.7 2006/06/14
A malformed MIME structure with many parts can cause sendmail to
crash while trying to send a mail due to a stack overflow,
e.g., if the stack size is limited (ulimit -s). This
happens because the recursion of the function mime8to7()
was not restricted. The function is called for MIME 8 to
7 bit conversion and also to enforce MaxMimeHeaderLength.
To work around this problem, recursive calls are limited to
a depth of MAXMIMENESTING (20); message content after this
limit is treated as opaque and is not checked further.
Problem noted by Frank Sheiness.
The changes to the I/O layer in 8.13.6 caused a regression for
SASL mechanisms that use the security layer, e.g.,
DIGEST-MD5. Problem noted by Robert Stampfli.
If a timeout occurs while reading a message (during the DATA phase)
a df file might have been left behind in the queue.
This was another side effect of the changes to the I/O
layer made in 8.13.6.
Several minor problems have been fixed that were found by a
Coverity scan of sendmail 8 as part of the NetBSD
distribution. See http://scan.coverity.com/
Note: the scan generated also a lot of "false positives",
e.g., "error" reports about situations that cannot happen.
Most of those code places are marked with lint(1) comments
like NOTREACHED, but Coverity does not understand those.
Hence an explicit assertion has been added in some cases
to avoid those false positives.
If the start of the sendmail daemon fails due to a configuration
error then in some cases shared memory segments or pid
files were not removed.
If DSN support is disabled via access_db, then related ESMTP
parameters for MAIL and RCPT should be rejected. Problem
reported by Akihiro Sagawa.
Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding
bug work-around. Hence if sendmail is linked against
either of these versions and compression is available,
the padding bug work-around is turned off. Based on
patch from Victor Duchovni of Morgan Stanley.
CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used
blackholes.mail-abuse.org as default domain for lookups,
however, that list is no longer available. To avoid
further problems, no default value is available anymore,
but an argument must be specified.
Portability:
Fix compilation on OSF/1 for sfsasl.c. Patch from
Pieter Bowman of the University of Utah.
---
Module Name: pkgsrc
Committed By: tv
Date: Wed Aug 9 21:23:00 UTC 2006
Modified Files:
pkgsrc/mail/sendmail: Makefile.common distinfo
Log Message:
Update to 8.13.8. Changes:
8.13.8/8.13.8 2006/08/09
Fix a regression in 8.13.7: if shared memory is activated, then
the server can erroneously report that there is
insufficient disk space. Additionally make sure that
an internal variable is set properly to avoid those
misleading errors. Based on patch from Steve Hubert
of University of Washington.
Fix a regression in 8.13.7: the PidFile could be removed after
the process that forks the daemon exited, i.e., if
sendmail -bd is invoked. Problem reported by Kan Sasaki
of Fusion Communications Corp. and Werner Wiethege.
Avoid opening qf files if QueueSortOrder is "none". Patch from
David F. Skoll.
Avoid a crash when finishing due to referencing a freed variable.
Problem reported and diagnosed by Moritz Jodeit.
CONTRIB: cidrexpand now deals with /0 by issuing the entire IPv4
range (0..255).
LIBMILTER: The "hostname" argument of the xxfi_connect() callback
previously was the equivalent of {client_ptr}. However,
this did not match the documentation of the function, hence
it has been changed to {client_name}. See doc/op/op.*
about these macros.
Revision 1.91 / (download) - annotate - [select for diffs], Fri Jul 7 18:06:27 2006 UTC (17 years, 5 months ago) by tv
Branch: MAIN
Changes since 1.90: +7 -5
lines
Diff to previous 1.90 (colored)
Update to 8.13.7; changelog below. (8.13.6nb3 already had the security fixes by patch.) While here, fix PR pkg/33821 by substituting pkgsrc's BINOWN, BINGRP, and INSTALL definitions into the installed share/sendmail/cf/Makefile. 8.13.7/8.13.7 2006/06/14 A malformed MIME structure with many parts can cause sendmail to crash while trying to send a mail due to a stack overflow, e.g., if the stack size is limited (ulimit -s). This happens because the recursion of the function mime8to7() was not restricted. The function is called for MIME 8 to 7 bit conversion and also to enforce MaxMimeHeaderLength. To work around this problem, recursive calls are limited to a depth of MAXMIMENESTING (20); message content after this limit is treated as opaque and is not checked further. Problem noted by Frank Sheiness. The changes to the I/O layer in 8.13.6 caused a regression for SASL mechanisms that use the security layer, e.g., DIGEST-MD5. Problem noted by Robert Stampfli. If a timeout occurs while reading a message (during the DATA phase) a df file might have been left behind in the queue. This was another side effect of the changes to the I/O layer made in 8.13.6. Several minor problems have been fixed that were found by a Coverity scan of sendmail 8 as part of the NetBSD distribution. See http://scan.coverity.com/ Note: the scan generated also a lot of "false positives", e.g., "error" reports about situations that cannot happen. Most of those code places are marked with lint(1) comments like NOTREACHED, but Coverity does not understand those. Hence an explicit assertion has been added in some cases to avoid those false positives. If the start of the sendmail daemon fails due to a configuration error then in some cases shared memory segments or pid files were not removed. If DSN support is disabled via access_db, then related ESMTP parameters for MAIL and RCPT should be rejected. Problem reported by Akihiro Sagawa. Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding bug work-around. Hence if sendmail is linked against either of these versions and compression is available, the padding bug work-around is turned off. Based on patch from Victor Duchovni of Morgan Stanley. CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used blackholes.mail-abuse.org as default domain for lookups, however, that list is no longer available. To avoid further problems, no default value is available anymore, but an argument must be specified. Portability: Fix compilation on OSF/1 for sfsasl.c. Patch from Pieter Bowman of the University of Utah.
Revision 1.84.2.2 / (download) - annotate - [select for diffs], Wed Jun 14 21:06:26 2006 UTC (17 years, 5 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.84.2.1: +2 -1
lines
Diff to previous 1.84.2.1 (colored) to branchpoint 1.84 (colored) next main 1.85 (colored)
Pullup ticket 1700 - requested by adrianp security fix for sendmail Patch provided by the submitter. Module Name: pkgsrc Committed By: adrianp Date: Wed Jun 14 18:53:54 UTC 2006 Modified Files: pkgsrc/mail/sendmail: Makefile distinfo Added Files: pkgsrc/mail/sendmail/patches: patch-aj patch-ak patch-al patch-am Log Message: Bump PKGREVISION. A malformed MIME structure with many parts can cause sendmail to crash while trying to send a mail due to a stack overflow, e.g., if the stack size is limited (ulimit -s). This happens because the recursion of the function mime8to7() was not restricted. The function is called for MIME 8 to 7 bit conversion and also to enforce MaxMimeHeaderLength. To work around this problem, recursive calls are limited to a depth of MAXMIMENESTING (20); message content after this limit is treated as opaque and is not checked further.
Revision 1.90 / (download) - annotate - [select for diffs], Wed Jun 14 18:53:54 2006 UTC (17 years, 5 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.89: +2 -2
lines
Diff to previous 1.89 (colored)
Bump PKGREVISION. A malformed MIME structure with many parts can cause sendmail to crash while trying to send a mail due to a stack overflow, e.g., if the stack size is limited (ulimit -s). This happens because the recursion of the function mime8to7() was not restricted. The function is called for MIME 8 to 7 bit conversion and also to enforce MaxMimeHeaderLength. To work around this problem, recursive calls are limited to a depth of MAXMIMENESTING (20); message content after this limit is treated as opaque and is not checked further.
Revision 1.89 / (download) - annotate - [select for diffs], Wed Jun 7 14:48:28 2006 UTC (17 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.88: +2 -2
lines
Diff to previous 1.88 (colored)
Prefer PATH_MAX over MAXPATHLEN. Use a better boundary check, which doesn't depend on PATH_MAX >> NAME_MAX. Both changes are from DragonFly and have been reported upstream. Install only man pages, not the catpages. The installation was inconsistent before. Bump revision. OK from tv@.
Revision 1.88 / (download) - annotate - [select for diffs], Tue Jun 6 22:03:36 2006 UTC (17 years, 6 months ago) by adrianp
Branch: MAIN
Changes since 1.87: +16 -14
lines
Diff to previous 1.87 (colored)
Add sendmail and smmsp startup files for -current users Make pkglint happy Pass MAINTAINERship to tv@ Bump PKGREVISION
Revision 1.84.2.1 / (download) - annotate - [select for diffs], Mon May 22 14:15:25 2006 UTC (17 years, 6 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.84: +1 -2
lines
Diff to previous 1.84 (colored)
Pullup ticket 1644 - requested by adrianp sync sendmail with HEAD Revisions pulled up: - pkgsrc/mail/sendmail/Makefile 1.87 - pkgsrc/mail/sendmail/Makefile.common 1.34 - pkgsrc/mail/sendmail/distinfo 1.28 - pkgsrc/mail/sendmail/patches/patch-ag 1.12 - pkgsrc/mail/sendmail/patches/patch-ai removed - pkgsrc/mail/sendmail/patches/patch-aj removed - pkgsrc/mail/sendmail/patches/patch-ak removed - pkgsrc/mail/sendmail/patches/patch-al removed Module Name: pkgsrc Committed By: adrianp Date: Fri May 12 22:23:09 UTC 2006 Modified Files: pkgsrc/mail/sendmail: Makefile Makefile.common distinfo pkgsrc/mail/sendmail/patches: patch-ag Removed Files: pkgsrc/mail/sendmail/patches: patch-ai patch-aj patch-ak patch-al Log Message: Update to sendmail 8.13.6 > 8.13.6/8.13.6 2006/03/22 > SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server > and client side of sendmail with timeouts in the libsm I/O > layer and fix problems in that code. Also fix handling of > a buffer in sm_syslog() which could have been used as an > attack vector to exploit the unsafe handling of > setjmp(3)/longjmp(3) in combination with signals. > Problem detected by Mark Dowd of ISS X-Force. > Handle theoretical integer overflows that could triggered if > the server accepted headers larger than the maximum > (signed) integer value. This is prevented in the default > configuration by restricting the size of a header, and on > most machines memory allocations would fail before reaching > those values. Problems found by Phil Brass of ISS. > If a server returns 421 for an RSET command when trying to start > another transaction in a session while sending mail, do > not trigger an internal consistency check. Problem found > by Allan E Johannesen of Worcester Polytechnic Institute. > If a server returns a 5xy error code (other than 501) in response > to a STARTTLS command despite the fact that it advertised > STARTTLS and that the code is not valid according to RFC > 2487 treat it nevertheless as a permanent failure instead > of a protocol error (which has been changed to a > temporary error in 8.13.5). Problem reported by Jeff > A. Earickson of Colby College. > Clear SMTP state after a HELO/EHLO command. Patch from John > Myers of Proofpoint. > Observe MinQueueAge option when gathering entries from the queue > for sorting etc instead of waiting until the entries are > processed. Patch from Brian Fundakowski Feldman. > Set up TLS session cache to properly handle clients that try to > resume a stored TLS session. > Properly count the number of (direct) child processes such that > a configured value (MaxDaemonChildren) is not exceeded. > Based on patch from Attila Bruncsak. > LIBMILTER: Remove superfluous backslash in macro definition > (libmilter.h). Based on patch from Mike Kupfer of > Sun Microsystems. > LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets. > This generates an error message from libmilter on > Solaris, though other systems appear to just discard the > request silently. > LIBMILTER: Deal with sigwait(2) implementations that return > -1 and set errno instead of returning an error code > directly. Patch from Chris Adams of HiWAAY Informations > Services. > Portability: > Fix compilation checks for closefrom(3) and statvfs(2) > in NetBSD. Problem noted by S. Moonesamy, patch from > Andrew Brown.
Revision 1.87 / (download) - annotate - [select for diffs], Fri May 12 22:23:09 2006 UTC (17 years, 6 months ago) by adrianp
Branch: MAIN
Changes since 1.86: +1 -2
lines
Diff to previous 1.86 (colored)
Update to sendmail 8.13.6 > 8.13.6/8.13.6 2006/03/22 > SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server > and client side of sendmail with timeouts in the libsm I/O > layer and fix problems in that code. Also fix handling of > a buffer in sm_syslog() which could have been used as an > attack vector to exploit the unsafe handling of > setjmp(3)/longjmp(3) in combination with signals. > Problem detected by Mark Dowd of ISS X-Force. > Handle theoretical integer overflows that could triggered if > the server accepted headers larger than the maximum > (signed) integer value. This is prevented in the default > configuration by restricting the size of a header, and on > most machines memory allocations would fail before reaching > those values. Problems found by Phil Brass of ISS. > If a server returns 421 for an RSET command when trying to start > another transaction in a session while sending mail, do > not trigger an internal consistency check. Problem found > by Allan E Johannesen of Worcester Polytechnic Institute. > If a server returns a 5xy error code (other than 501) in response > to a STARTTLS command despite the fact that it advertised > STARTTLS and that the code is not valid according to RFC > 2487 treat it nevertheless as a permanent failure instead > of a protocol error (which has been changed to a > temporary error in 8.13.5). Problem reported by Jeff > A. Earickson of Colby College. > Clear SMTP state after a HELO/EHLO command. Patch from John > Myers of Proofpoint. > Observe MinQueueAge option when gathering entries from the queue > for sorting etc instead of waiting until the entries are > processed. Patch from Brian Fundakowski Feldman. > Set up TLS session cache to properly handle clients that try to > resume a stored TLS session. > Properly count the number of (direct) child processes such that > a configured value (MaxDaemonChildren) is not exceeded. > Based on patch from Attila Bruncsak. > LIBMILTER: Remove superfluous backslash in macro definition > (libmilter.h). Based on patch from Mike Kupfer of > Sun Microsystems. > LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets. > This generates an error message from libmilter on > Solaris, though other systems appear to just discard the > request silently. > LIBMILTER: Deal with sigwait(2) implementations that return > -1 and set errno instead of returning an error code > directly. Patch from Chris Adams of HiWAAY Informations > Services. > Portability: > Fix compilation checks for closefrom(3) and statvfs(2) > in NetBSD. Problem noted by S. Moonesamy, patch from > Andrew Brown.
Revision 1.86 / (download) - annotate - [select for diffs], Mon May 1 02:57:03 2006 UTC (17 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.85: +2 -2
lines
Diff to previous 1.85 (colored)
Conflict with courier-mta.
Revision 1.85 / (download) - annotate - [select for diffs], Sun Apr 23 00:12:39 2006 UTC (17 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.84: +4 -3
lines
Diff to previous 1.84 (colored)
Modify packages that set PKG_USERS and PKG_GROUPS to follow the new syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.
Revision 1.80.2.1 / (download) - annotate - [select for diffs], Fri Mar 24 16:12:18 2006 UTC (17 years, 8 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.80: +2 -1
lines
Diff to previous 1.80 (colored) next main 1.81 (colored)
Pullup ticket 1255 - requested by Todd Vierling security fix for sendmail Revisions pulled up: - pkgsrc/mail/sendmail/Makefile 1.84 - pkgsrc/mail/sendmail/Makefile.common 1.32 - pkgsrc/mail/sendmail/distinfo 1.27 Module Name: pkgsrc Committed By: adrianp Date: Wed Mar 22 19:56:37 UTC 2006 Modified Files: pkgsrc/mail/sendmail: Makefile Makefile.common distinfo Log Message: Update sendmail to address the current security issue Bump to nb2 This will change the internal version of sendmail to 8.13.5.20060308 > SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server > and client side of sendmail with timeouts in the libsm I/O > layer and fix problems in that code. Also fix handling of > a buffer in sm_syslog() which could have been used as an > attack vector to exploit the unsafe handling of > setjmp(3)/longjmp(3) in combination with signals. > Problem detected by Mark Dowd of ISS X-Force. > Handle theoretical integer overflows that could triggered if > the server accepted headers larger than the maximum > (signed) integer value. This is prevented in the default > configuration by restricting the size of a header, and on > most machines memory allocations would fail before reaching > those values. Problems found by Phil Brass of ISS.
Revision 1.84 / (download) - annotate - [select for diffs], Wed Mar 22 19:56:36 2006 UTC (17 years, 8 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base
Branch point for: pkgsrc-2006Q1
Changes since 1.83: +2 -2
lines
Diff to previous 1.83 (colored)
Update sendmail to address the current security issue Bump to nb2 This will change the internal version of sendmail to 8.13.5.20060308 > SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server > and client side of sendmail with timeouts in the libsm I/O > layer and fix problems in that code. Also fix handling of > a buffer in sm_syslog() which could have been used as an > attack vector to exploit the unsafe handling of > setjmp(3)/longjmp(3) in combination with signals. > Problem detected by Mark Dowd of ISS X-Force. > Handle theoretical integer overflows that could triggered if > the server accepted headers larger than the maximum > (signed) integer value. This is prevented in the default > configuration by restricting the size of a header, and on > most machines memory allocations would fail before reaching > those values. Problems found by Phil Brass of ISS.
Revision 1.83 / (download) - annotate - [select for diffs], Mon Jan 23 17:28:41 2006 UTC (17 years, 10 months ago) by tv
Branch: MAIN
Changes since 1.82: +2 -2
lines
Diff to previous 1.82 (colored)
Skip ".orig" files in the pax copy, in case local patches (or possible pkgsrc patches) patch things in cf/.
Revision 1.82 / (download) - annotate - [select for diffs], Wed Jan 18 21:00:48 2006 UTC (17 years, 10 months ago) by adrianp
Branch: MAIN
Changes since 1.81: +2 -1
lines
Diff to previous 1.81 (colored)
Fix build on -HEAD Identified by Jean-Luc Wasmer in PR# 32527 Fixes from -HEAD by christos@ (setuserenv -> setuserenviron) Bump to nb1
Revision 1.81 / (download) - annotate - [select for diffs], Thu Dec 29 06:21:53 2005 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.80: +1 -2
lines
Diff to previous 1.80 (colored)
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk automatically detects whether we want the pkginstall machinery to be used by the package Makefile.
Revision 1.80 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:35 2005 UTC (18 years ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.79: +3 -3
lines
Diff to previous 1.79 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.79 / (download) - annotate - [select for diffs], Tue Aug 23 11:48:49 2005 UTC (18 years, 3 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3
Changes since 1.78: +2 -2
lines
Diff to previous 1.78 (colored)
The real user name in PKG_USERS does not need to be escaped with double backslashes anymore. A single backslash is enough. Changed the definition in all affected packages. For those that are not caught, an additional check is placed into bsd.pkginstall.mk.
Revision 1.78 / (download) - annotate - [select for diffs], Mon Aug 1 15:30:52 2005 UTC (18 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.77: +3 -3
lines
Diff to previous 1.77 (colored)
Adapt for socketmap -> sendmail-socketmap.
Revision 1.77 / (download) - annotate - [select for diffs], Mon Jul 18 21:33:24 2005 UTC (18 years, 4 months ago) by adrianp
Branch: MAIN
Changes since 1.76: +2 -2
lines
Diff to previous 1.76 (colored)
- Move option from "starttls" to "tls" as pointed out by schmonz@ in private email. - Use PKG_OPTIONS_LEGACY_OPTS to deal with the change.
Revision 1.76 / (download) - annotate - [select for diffs], Sat May 21 04:10:17 2005 UTC (18 years, 6 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.75: +2 -2
lines
Diff to previous 1.75 (colored)
SUBST_FILES.* must be relative to ${WRKSRC}.
Revision 1.75 / (download) - annotate - [select for diffs], Fri Apr 1 18:42:08 2005 UTC (18 years, 8 months ago) by adrianp
Branch: MAIN
Changes since 1.74: +1 -4
lines
Diff to previous 1.74 (colored)
- Fix builds with SASLv2 following removal of SASLv1 support - Patch submitted by Shin'ichiro TAYA in PR 29857, thanks.
Revision 1.74 / (download) - annotate - [select for diffs], Thu Feb 10 22:17:24 2005 UTC (18 years, 9 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base,
pkgsrc-2005Q1
Changes since 1.73: +1 -11
lines
Diff to previous 1.73 (colored)
- Update sendmail to 8.13.3
- Fix smrsh man page patch
- Tidy up MESSAGE
- Replace 8.13.1 errata with 8.13.3 errata
- Remove rename of file outside ${PREFIX} on db2 installs
> 8.13.3/8.13.3 2005/01/11
> Enhance handling of I/O errors, especially EOF, when STARTTLS
> is active.
> Make sure a connection is not reused after it has been closed
> due to a 421 error. Problem found by Allan E Johannesen
> of Worcester Polytechnic Institute.
> Avoid triggering an assertion when sendmail is interrupted while
> closing a connection. Problem found by Allan E Johannesen
> of Worcester Polytechnic Institute.
> Regression: a change in 8.13.2 caused sendmail not to try the
> next MX host (or FallbackMXhost if configured) when, at
> connection open, the current server returns a 4xy or 5xy
> SMTP reply code. Problem noted by Mark Tranchant.
>
> 8.13.2/8.13.2 2004/12/15
> Do not split the first header even if it exceeds the internal
> buffer size. Previously a part of such a header would
> end up in the body of the message. Problem noted by
> Simple Nomad of BindView.
> Do not complain about "cataddr: string too long" when checking
> headers that do not contain RFC 2822 addresses.
> Problem noted by Rich Graves of Brandeis University.
> If a server returns a 421 reply to the RSET command between
> message deliveries, do not attempt to deliver any more
> messages on that connection. This prevents bogus "Bad
> file number" recipient status. Problem noted by
> Allan E Johannesen of Worcester Polytechnic Institute.
> Allow trailing white space in EHLO command as recommended by RFC
> 2821. Problem noted by Ralph Santagato of SBC Services.
> Deal with clients which use AUTH but negotiate a smaller buffer size
> for data exchanges than the value used by sendmail, e.g.,
> Cyrus IMAP lmtp server. Based on patch by Jamie Clark.
> When passing ESMTP arguments for RCPT to a milter, do not cut
> them off at a comma. Problem noted by Krzysztof Oledzki.
> Add more logging to milter change header functions to
> complement existing logging. Based on patch from
> Gurusamy Sarathy of Active State.
> Include <lber.h> in include/sm/config.h when LDAPMAP is defined.
> Patch from Edgar Hoch of the University of Stuttgart.
> Fix DNS lookup if IPv6 is enabled when converting an IP address
> to a hostname for use with SASL. Problem noted by Ken Jones;
> patch from Hajimu UMEMOTO.
> CONFIG: For consistency enable MODIFY_MAILER_FLAGS for the prog
> mailer. Patch from John Beck of Sun Microsystems.
> LIBMILTER: It was possible that xxfi_abort() was called after
> xxfi_eom() for a message if some timeouts were triggered.
> Patch from Alexey Kravchuk.
> LIBMILTER: Slightly rearrange mutex use in listener.c to allow
> different threads to call smfi_opensocket() and smfi_main().
> Patch from Jordan Ritter of Cloudmark.
> MAIL.LOCAL: Properly terminate MBDB before exiting. Problem
> noted by Nelson Fung.
> MAIL.LOCAL: make strip-mail.local used a wrong path to access
> mail.local. Problem noted by William Park.
> VACATION: Properly terminate MBDB before exiting. Problem noted
> by Nelson Fung.
> Portability:
> Add support for DragonFly BSD.
> New Files:
> cf/ostype/dragonfly.m4
> devtools/OS/DragonFly
> include/sm/os/sm_os_dragonfly.h
> Deleted Files:
> libsm/vsscanf.c
Revision 1.73 / (download) - annotate - [select for diffs], Mon Aug 30 20:16:28 2004 UTC (19 years, 3 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base,
pkgsrc-2004Q4,
pkgsrc-2004Q3-base,
pkgsrc-2004Q3
Changes since 1.72: +65 -68
lines
Diff to previous 1.72 (colored)
Update of sendmail to 8.13.1
pkgsrc changes:
- move to use options.mk framework
- solaris support tidy-up
- fix linux man page extension handling bug
- allow for a user defined smrsh directory
- update MASTER_SITES
- optional SOCKETMAP support and sample script installation
- ok'ed snj@/wiz@
Summary of some of the major changes include:
- New map "socket" to query maps via TCP/IP sockets.
- Connection rate control as well as control over the number of incoming open
connections.
- Several LDAP enhancements such as LDAP recursion and LDAP URI support.
- Message quarantining.
- AUTH EXTERNAL will only be enabled if STARTTLS was successful and the client
has been authenticated, i.e., {verify} is OK.
- Basic support for certificate revocation lists.
- New queue timeouts for DSN messages.
- Experimental support for MTAMark.
For a full list of changes see:
- http://www.sendmail.org/8.13.0.html
- http://www.sendmail.org/8.13.1.html
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jul 21 23:30:16 2004 UTC (19 years, 4 months ago) by schmonz
Branch: MAIN
Changes since 1.71: +2 -2
lines
Diff to previous 1.71 (colored)
Add CONFLICTS with the upcoming mail/fastforward update.
Revision 1.71 / (download) - annotate - [select for diffs], Wed Jun 23 11:02:02 2004 UTC (19 years, 5 months ago) by cjep
Branch: MAIN
Changes since 1.70: +3 -2
lines
Diff to previous 1.70 (colored)
Handle installation of PREFIX/share/sendmail better. Fixes PR#23735
Revision 1.70 / (download) - annotate - [select for diffs], Sun May 9 21:14:43 2004 UTC (19 years, 7 months ago) by snj
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base,
pkgsrc-2004Q2
Changes since 1.69: +8 -8
lines
Diff to previous 1.69 (colored)
Convert to buildlink3.
Revision 1.69 / (download) - annotate - [select for diffs], Wed Apr 21 21:09:31 2004 UTC (19 years, 7 months ago) by cube
Branch: MAIN
Changes since 1.68: +3 -3
lines
Diff to previous 1.68 (colored)
Drop localized *_USE_LDAP definitions and consistently use USE_OPENLDAP instead. As announced on tech-pkg. Most notably affected are Postfix, sendmail, Samba and cyrus-saslauthd. Be sure to update your mk.conf accordingly.
Revision 1.68 / (download) - annotate - [select for diffs], Sat Mar 27 22:07:32 2004 UTC (19 years, 8 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.67: +1 -2
lines
Diff to previous 1.67 (colored)
Update "sendmail" and "libmilter" packages to version 8.12.11. Changes since version 8.12.10: Use QueueFileMode when opening qf files. This error was a regression in 8.12.10. Problem detected and diagnosed Lech Szychowski of the Polish Power Grid Company. Properly count the number of queue runners in a work group and make sure the total limit of MaxQueueChildren is not exceeded. Based on patch from Takayuki Yoshizawa of Techfirm, Inc. Take care of systems that can generate time values where the seconds can exceed the usual range of 0 to 59. Problem noted by Randy Diffenderfer of EDS. Avoid regeneration of identical queue identifiers by processes whose process id is the same as that of the initial sendmail process that was used to start the daemon. Problem noted by Randy Diffenderfer of EDS. When a milter invokes smfi_delrcpt() compare the supplied recipient address also against the printable addresses of the current list to deal with rewritten addresses. Based on patch from Sean Hanson of The Asylum. BadRcptThrottle now also works for addresses which return the error mailer, e.g., virtusertable entries with the right hand side error:. Patch from Per Hedeland. Fix printing of 8 bit characters as octals in log messages. Based on patch by Andrey J. Melnikoff. Undo change of algorithm for MIME 7-bit base64 encoding to 8-bit text that has been introduced in 8.12.3. There are some examples where the new code fails, but the old code works. To get the 8.12.3-8.12.10 version, compile sendmail with -DMIME7TO8_OLD=0. If you have an example of improper 7 to 8 bit conversion please send it to us. Return normal error code for unknown SMTP commands instead of the one specified by check_relay or a milter for a connection. Problem noted by Andrzej Filip. Some ident responses contain data after the terminating CRLF which causes sendmail to log "POSSIBLE ATTACK...newline in string". To avoid this everything after LF is ignored. If the operating system supports O_EXLOCK and HASFLOCK is set then a possible race condition for creating qf files can be avoided. Note: the race condition does not exist within sendmail, but between sendmail and an external application that accesses qf files. Log the proper options name for TLS related mising files for the CACertPath, CACertFile, and DHParameters options. Do not split an envelope if it will be discarded, otherwise df files could be left behind. Problem found by Wolfgang Breyha. The use of the environment variables HOME and HOSTALIASES has been deprecated and will be removed in version 8.13. This only effects configuration which preserve those variable via the 'E' command in the cf file as sendmail clears out its entire environment. Portability: Add support for Darwin 7.0/Mac OS X 10.3 (a.k.a. Panther). Solaris 10 has unsetenv(), patch from Craig Mohrman of Sun Microsystems. LIBMILTER: Add extra checks in case a broken MTA sends bogus data to libmilter. Based on code review by Rob Grzywinski. SMRSH: Properly assemble commands that contain '&&' or '||'. Problem noted by Eric Lee of Talking Heads. New Files: devtools/OS/Darwin.7.0
Revision 1.67 / (download) - annotate - [select for diffs], Sun Mar 7 10:20:06 2004 UTC (19 years, 9 months ago) by grant
Branch: MAIN
Changes since 1.66: +3 -1
lines
Diff to previous 1.66 (colored)
add CONFLICT on postfix, which also installs bin/mailq and bin/newaliases.
Revision 1.66 / (download) - annotate - [select for diffs], Wed Dec 3 22:11:02 2003 UTC (20 years ago) by reed
Branch: MAIN
Changes since 1.65: +4 -4
lines
Diff to previous 1.65 (colored)
Replace any "/" in OPSYS name with a "-". Sendmail's build mechanism already does this, so pkgsrc for this should do the same. Make sure getipnodebyaddr is used under BSD/OS. This closes PR #23060.
Revision 1.65 / (download) - annotate - [select for diffs], Tue Dec 2 05:45:12 2003 UTC (20 years ago) by ben
Branch: MAIN
Changes since 1.64: +2 -2
lines
Diff to previous 1.64 (colored)
This package would install a directory and two files on the build machine
that do make it into the binary package. Under the default configuration
on NetBSD these files are erroneous. This fix should resolve PR 20852
Here are the details:
1) /etc/mail/statistics
This file is created like so:
statistics:
${CP} /dev/null statistics
This file is not needed because sendmail is configured to use:
O StatusFile=/var/log/sendmail.st
To avoid creating this file, I added to devtools/OS/NetBSD:
define(`confNO_STATISTICS_INSTALL', `')
2) /etc/mail/submit.cf
This file is not needed because we install it as:
${PREFIX}/share/sendmail/cf/submit.cf
To avoid installing /etc/mail/submit.cf, I added to devtools/OS/NetBSD:
define(`confINST_DEP', `')
If confINST_DEP is undefined, then it will default to:
`${DESTDIR}/etc/mail/submit.cf ${DESTDIR}${MSPQ}'
3) /var/db/pkg/sendmail-8.12.8nb1/+INSTALL
This is now created by pkg_add with the binary package.
It appears the problem is resolved.
4) /var/spool/clientmqueue
This directory is not needed because sendmail is configured to use:
O QueueDirectory=/var/spool/mqueue
To avoid installing this directory, I added to devtools/OS/NetBSD:
define(`confINST_DEP', `')
Revision 1.64 / (download) - annotate - [select for diffs], Wed Nov 12 03:39:41 2003 UTC (20 years ago) by jschauma
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Changes since 1.63: +2 -1
lines
Diff to previous 1.63 (colored)
PKGREVISION++ after openssl update.
Revision 1.63 / (download) - annotate - [select for diffs], Thu Sep 18 09:01:03 2003 UTC (20 years, 2 months ago) by grant
Branch: MAIN
Changes since 1.62: +1 -2
lines
Diff to previous 1.62 (colored)
update to sendmail 8.12.10.
8.12.10/8.12.10 2003/09/24
SECURITY: Fix a buffer overflow in address parsing. Problem
detected by Michal Zalewski, patch from Todd C. Miller
of Courtesan Consulting.
Fix a potential buffer overflow in ruleset parsing. This problem
is not exploitable in the default sendmail configuration;
only if non-standard rulesets recipient (2), final (4), or
mailer-specific envelope recipients rulesets are used then
a problem may occur. Problem noted by Timo Sirainen.
Accept 0 (and 0/0) as valid input for set MaxMimeHeaderLength.
Problem noted by Thomas Schulz.
Add several checks to avoid (theoretical) buffer over/underflows.
Properly count message size when performing 7->8 or 8->7 bit MIME
conversions. Problem noted by Werner Wiethege.
Properly compute message priority based on size of entire message,
not just header. Problem noted by Axel Holscher.
Reset SevenBitInput to its configured value between SMTP
transactions for broken clients which do not properly
announce 8 bit data. Problem noted by Stefan Roehrich.
Set {addr_type} during queue runs when processing recipients.
Based on patch from Arne Jansen.
Better error handling in case of (very unlikely) queue-id conflicts.
Perform better error recovery for address parsing, e.g., when
encountering a comment that is too long. Problem noted by
Tanel Kokk, Union Bank of Estonia.
Add ':' to the allowed character list for bogus HELO/EHLO
checking. It is used for IPv6 domain literals. Patch from
Iwaizako Takahiro of FreeBit Co., Ltd.
Reset SASL connection context after a failed authentication attempt.
Based on patch from Rob Siemborski of CMU.
Check Berkeley DB compile time version against run time version
to make sure they match.
Do not attempt AAAA (IPv6) DNS lookups if IPv6 is not enabled
in the kernel.
When a milter adds recipients and one of them causes an error,
do not ignore the other recipients. Problem noted by
Bart Duchesne.
CONFIG: Use specified SMTP error code in mailertable entries which
lack a DSN, i.e., "error:### Text". Problem noted by
Craig Hunt.
CONFIG: Call Local_trust_auth with the correct argument. Patch
from Jerome Borsboom.
CONTRIB: Better handling of temporary filenames for doublebounce.pl
and expn.pl to avoid file overwrites, etc. Patches from
Richard A. Nelson of Debian and Paul Szabo.
MAIL.LOCAL: Fix obscure race condition that could lead to an
improper mailbox truncation if close() fails after the
mailbox is fsync()'ed and a new message is delivered
after the close() and before the truncate().
MAIL.LOCAL: If mail delivery fails, do not leave behind a
stale lockfile (which is ignored after the lock timeout).
Patch from Oleg Bulyzhin of Cronyx Plus LLC.
Portability:
Port for AIX 5.2. Thanks to Steve Hubert of University
of Washington for providing access to a computer
with AIX 5.2.
setreuid(2) works on OpenBSD 3.3. Patch from
Todd C. Miller of Courtesan Consulting.
Allow for custom definition of SMRSH_CMDDIR and SMRSH_PATH
on all operating systems. Patch from Robert Harker
of Harker Systems.
Use strerror(3) on Linux. If this causes a problem on
your Linux distribution, compile with
-DHASSTRERROR=0 and tell sendmail.org about it.
Added Files:
devtools/OS/AIX.5.2
update provided by Adrian Portelli in PR pkg/22836.
Revision 1.62 / (download) - annotate - [select for diffs], Mon Sep 15 11:59:11 2003 UTC (20 years, 2 months ago) by markd
Branch: MAIN
Changes since 1.61: +2 -6
lines
Diff to previous 1.61 (colored)
Build Milter support in sendmail unconditionally. There is little impact if no milters configured and setting is consistent with how the in-tree version is built. Bump PKGREVISION. Closes PR pkg/21010 from Todd Vierling.
Revision 1.61 / (download) - annotate - [select for diffs], Mon Aug 11 11:41:51 2003 UTC (20 years, 4 months ago) by markd
Branch: MAIN
Changes since 1.60: +3 -3
lines
Diff to previous 1.60 (colored)
All sun4's are created equal (as far as sendmail is concerned).
Revision 1.60 / (download) - annotate - [select for diffs], Tue Jun 10 09:56:17 2003 UTC (20 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.59: +2 -2
lines
Diff to previous 1.59 (colored)
Bump PKGREVISION because of db4 shlib major bump.
Revision 1.59 / (download) - annotate - [select for diffs], Fri May 2 11:55:40 2003 UTC (20 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.58: +2 -2
lines
Diff to previous 1.58 (colored)
Dependency bumps, needed because of devel/pth's major bump, and related dependency bumps.
Revision 1.58 / (download) - annotate - [select for diffs], Thu May 1 15:19:12 2003 UTC (20 years, 7 months ago) by jmmv
Branch: MAIN
Changes since 1.57: +5 -3
lines
Diff to previous 1.57 (colored)
Move the example mailer.conf file to the examples directory. Bump PKGREVISION to 2 (and fix PKGNAME).
Revision 1.57 / (download) - annotate - [select for diffs], Thu Apr 17 16:13:54 2003 UTC (20 years, 7 months ago) by manu
Branch: MAIN
Changes since 1.56: +11 -2
lines
Diff to previous 1.56 (colored)
If USE_MILTER, install libsm.a and libsmutil.a. They are needed in order to build amavis-perl 0.1 with milter support.
Revision 1.56 / (download) - annotate - [select for diffs], Tue Mar 4 00:21:31 2003 UTC (20 years, 9 months ago) by seb
Branch: MAIN
Changes since 1.55: +8 -3
lines
Diff to previous 1.55 (colored)
Update to version 8.12.8. Security related change included. Also SASL 2 support added and PLIST tuning. 8.12.8/8.12.8 2003/02/11 SECURITY: Fix a remote buffer overflow in header parsing by dropping sender and recipient header comments if the comments are too long. Problem noted by Mark Dowd of ISS X-Force. Fix a potential non-exploitable buffer overflow in parsing the .cf queue settings and potential buffer underflow in parsing ident responses. Problem noted by Yichen Xie of Stanford University Compilation Group. Fix ETRN #queuegroup command: actually start a queue run for the selected queue group. Problem noted by Jos Vos. If MaxMimeHeaderLength is set and a malformed MIME header is fixed, log the fixup as "Fixed MIME header" instead of "Truncated MIME header". Problem noted by Ian J Hart. CONFIG: Fix regression bug in proto.m4 that caused a bogus error message: "FEATURE() should be before MAILER()". MAIL.LOCAL: Be more explicit in some error cases, i.e., whether a mailbox has more than one link or whether it is not a regular file. Patch from John Beck of Sun Microsystems. 8.12.7/8.12.7 2002/12/29 Properly clean up macros to avoid persistence of session data across various connections. This could cause session oriented restrictions, e.g., STARTTLS requirements, to erroneously allow a connection. Problem noted by Tim Maletic of Priority Health. Do not lookup MX records when sorting the MSP queue. The MSP only needs to relay all mail to the MTA. Problem found by Gary Mills of the University of Manitoba. Do not restrict the length of connection information to 100 characters in some logging statements. Problem noted by Erik Parker. When converting an enhanced status code to an exit status, use EX_CONFIG if the first digit is not 2, 4, or 5 or if *.1.5 is used. Reset macro $x when receiving another MAIL command. Problem noted by Vlado Potisk of Wigro s.r.o. Don't bother setting the permissions on the build area statistics file, the proper permissions will be put on the file at install time. This fixes installation over NFS for some users. Problem noted by Martin J. Dellwo of 3-Dimensional Pharmaceuticals, Inc. Fix problem of decoding SASLv2 encrypted data. Problem noted by Alex Deiter of Mobile TeleSystems, Komi Republic. Log milter socket open errors at MilterLogLevel 1 or higher instead of 11 or higher. Print early system errors to the console instead of silently exiting. Problem noted by James Jong of IBM. Do not process a queue group if Runners is set to 0, regardless of whether F=f or sendmail is run in verbose mode (-v). The use of -qGname will still force queue group "name" to be run even if Runners=0. Change the level for logging the fact that a daemon is refusing connections due to high load from LOG_INFO to LOG_NOTICE. Patch from John Beck of Sun Microsystems. Use location information for submit.cf from NetInfo (/locations/sendmail/submit.cf) if available. Re-enable ForkEachJob which was lost in 8.12.0. Problem noted by Neil Rickert of Northern Illinois University. Make behavior of /canon in debug mode consistent with usage in rulesets. Patch from Shigeno Kazutaka of IIJ. Fix a potential memory leak in envelope splitting. Problem noted by John Majikes of IBM. Do not try to share an mailbox database LDAP connection across different processes. Problem noted by Randy Kunkee. Fix logging for undelivered recipients when the SMTP connection times out during message collection. Problem noted by Neil Rickert of Northern Illinois University. Avoid problems with QueueSortOrder=random due to problems with qsort() on Solaris (and maybe some other operating systems). Problem noted by Stephan Schulz of Gruner+Jahr.. If -f "" is specified, set the sender address to "<>". Problem noted by Matthias Andree. Fix formatting problem of footnotes for plain text output on some versions of tmac. Patch from Per Hedeland. Portability: Berkeley DB 4.1 support (requires at least 4.1.25). Some getopt(3) implementations in GNU/Linux are broken and pass a NULL pointer to an option which requires an argument, hence the builtin version of sendmail is used instead. This can be overridden by using -DSM_CONF_GETOPT=0. Problem noted by Vlado Potisk of Wigro s.r.o. Support for nph-1.2.0 from Mark D. Roth of the University of Illinois at Urbana-Champaign. Support for FreeBSD 5.0's MAC labeling from Robert Watson of the TrustedBSD Project. Support for reading the number of processors on an IRIX system from Michel Bourget of SGI. Support for UnixWare 7.1 based on input from Larry Rosenman. Interix support from Nedelcho Stanev of Atlantic Sky Corporation. Update Mac OS X/Darwin portability from Wilfredo Sanchez. CONFIG: Enforce tls_client restrictions even if delay_checks is used. Problem noted by Malte Starostik. CONFIG: Deal with an empty hostname created via bogus DNS entries to get around access restrictions. Problem noted by Kai Schlichting. CONFIG: Use FEATURE(`msp', `[127.0.0.1]') in submit.mc by default to avoid problems with hostname resolution for localhost which on many systems does not resolve to 127.0.0.1 (or ::1 for IPv6). If you do not use IPv4 but only IPv6 then you need to change submit.mc accordingly, see the comment in the file itself. CONFIG: Set confDONT_INIT_GROUPS to True in submit.mc to avoid error messages from initgroups(3) on AIX 4.3 when sending mail to non-existing users. Problem noted by Mark Roth of the University of Illinois at Urbana-Champaign. CONFIG: Allow local_procmail to override local_lmtp settings. CONFIG: Always allow connections from 127.0.0.1 or IPv6:::1 to relay. CONTRIB: cidrexpand: Deal with the prefix tags that may be included in access_db. CONTRIB: New version of doublebounce.pl contributed by Leo Bicknell. LIBMILTER: On Solaris libmilter may get into an endless loop if an error in the communication from/to the MTA occurs. Patch from Gurusamy Sarathy of Active State. LIBMILTER: Ignore EINTR from sigwait(3) which may happen on Tru64. Patch from from Jose Marcio Martins da Cruz of Ecole Nationale Superieure des Mines de Paris. MAIL.LOCAL: Fix a truncation race condition if the close() on the mailbox fails. Problem noted by Tomoko Fukuzawa of Sun Microsystems. MAIL.LOCAL: Fix a potential file descriptor leak if mkstemp(3) fails. Patch from John Beck of Sun Microsystems. SMRSH: SECURITY: Only allow regular files or symbolic links to be used for a command. Problem noted by David Endler of iDEFENSE, Inc. New Files: devtools/OS/Interix include/sm/bdb.h
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jan 28 22:03:39 2003 UTC (20 years, 10 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-6-1-base,
netbsd-1-6-1
Changes since 1.54: +2 -2
lines
Diff to previous 1.54 (colored)
Instead of including bsd.pkg.install.mk directly in a package Makefile, have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set to "YES". This enforces the requirement that bsd.pkg.install.mk be included at the end of a package Makefile. Idea suggested by Julio M. Merino Vidal <jmmv at menta.net>.
Revision 1.54 / (download) - annotate - [select for diffs], Thu Oct 3 10:09:03 2002 UTC (21 years, 2 months ago) by markd
Branch: MAIN
Changes since 1.53: +2 -2
lines
Diff to previous 1.53 (colored)
Add missing uid field in PKG_USERS entry. From kivinen@ssh.fi in pkg/18518
Revision 1.53 / (download) - annotate - [select for diffs], Mon Sep 23 12:56:57 2002 UTC (21 years, 2 months ago) by markd
Branch: MAIN
Changes since 1.52: +20 -60
lines
Diff to previous 1.52 (colored)
Update to sendmail-8.12.6 Large number of bug fixes and feature enhancements, especially Milter (Mail Filter) support and by default installation of sendmail does not use set-user-ID root anymore.
Revision 1.51.6.1 / (download) - annotate - [select for diffs], Wed Aug 21 09:50:30 2002 UTC (21 years, 3 months ago) by agc
Branch: netbsd-1-6
Changes since 1.51: +5 -1
lines
Diff to previous 1.51 (colored) next main 1.52 (colored)
Pull up revision 1.52 of the package Makefile onto the 1.6 pkgsrc branch. Requested by Stoned Elipot. > From: Stoned Elipot <seb@netbsd.org> > Date: Wed, 21 Aug 2002 10:47:07 +0300 (EEST) > > Module Name: pkgsrc > Committed By: seb > Date: Wed Aug 21 07:47:06 UTC 2002 > > Modified Files: > pkgsrc/mail/sendmail: Makefile > > Log Message: > If using SASL cyrus-sasl package is actually needed.
Revision 1.52 / (download) - annotate - [select for diffs], Wed Aug 21 07:47:05 2002 UTC (21 years, 3 months ago) by seb
Branch: MAIN
Changes since 1.51: +5 -1
lines
Diff to previous 1.51 (colored)
If using SASL cyrus-sasl package is actually needed.
Revision 1.42.2.1 / (download) - annotate - [select for diffs], Sun Jun 23 18:52:04 2002 UTC (21 years, 5 months ago) by jlam
Branch: buildlink2
Changes since 1.42: +22 -16
lines
Diff to previous 1.42 (colored) next main 1.43 (colored)
Merge from pkgsrc-current to buildlink2 branch.
Revision 1.51 / (download) - annotate - [select for diffs], Sun Jun 23 12:15:03 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
CVS Tags: pkgviews-base,
pkgviews,
netbsd-1-6-RELEASE-base
Branch point for: netbsd-1-6
Changes since 1.50: +24 -20
lines
Diff to previous 1.50 (colored)
Add optional SASL support via the "cyrus-sasl" package. Based on changes supplied by Stoned Elipot in PR pkg/13316.
Revision 1.50 / (download) - annotate - [select for diffs], Sun Jun 23 11:46:03 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.49: +6 -4
lines
Diff to previous 1.49 (colored)
Improve buildlink support by adding the required "-I" and "-L" definitions only once in "site.config.m4" and not in each configuration file.
Revision 1.49 / (download) - annotate - [select for diffs], Mon Jun 17 21:08:16 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
CVS Tags: buildlink2-base
Changes since 1.48: +2 -2
lines
Diff to previous 1.48 (colored)
Complete buildlink conversation of this package by using it for the "db" package, too.
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jun 17 21:05:06 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored)
Fix and buildlinkify broken LDAP support.
Revision 1.47 / (download) - annotate - [select for diffs], Mon Jun 17 20:56:53 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.46: +17 -10
lines
Diff to previous 1.46 (colored)
Don't use TCP wrappers only under NetBSD. Turn it into a build option and use the "tcp_wrapper" package if necessary.
Revision 1.46 / (download) - annotate - [select for diffs], Mon Jun 17 20:21:46 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored)
Record various build definitions.
Revision 1.45 / (download) - annotate - [select for diffs], Mon Jun 17 20:13:10 2002 UTC (21 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.44: +5 -6
lines
Diff to previous 1.44 (colored)
Fix this package to use buildlink instead of "USE_SSL".
Revision 1.44 / (download) - annotate - [select for diffs], Mon Jun 17 13:27:14 2002 UTC (21 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.43: +1 -1
lines
Diff to previous 1.43 (colored)
Undo last for now -- needs more changes.
Revision 1.43 / (download) - annotate - [select for diffs], Mon Jun 17 13:07:01 2002 UTC (21 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored)
Use openssl buildlink.mk instead of USE_SSL.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Nov 29 01:12:40 2001 UTC (22 years ago) by hubertf
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Changes since 1.41: +3 -2
lines
Diff to previous 1.41 (colored)
Get rid of manually adding "nbX" to PKGNAME when a pkg was changed in
pkgsrc. Instead, a new variable PKGREVISION is invented that can get
bumped independent of DISTNAME and PKGNAME.
Example #1:
DISTNAME= foo-X.Y
PKGREVISION= Z
=> PKGNAME= foo-X.YnbZ
Example #2:
DISTNAME= barthing-X.Y
PKGNAME= bar-X.Y
PKGREVISION= Z
=> PKGNAME= bar=X.YnbZ (!)
On subsequent changes, only PKGREVISION needs to be bumped, no more risk
of getting DISTNAME changed accidentally.
Revision 1.41 / (download) - annotate - [select for diffs], Fri Oct 19 08:51:31 2001 UTC (22 years, 1 month ago) by veego
Branch: MAIN
Changes since 1.40: +5 -2
lines
Diff to previous 1.40 (colored)
Switch back to one PLIST file by adding a site.config.m4-solaris for the manpage extensions and directories.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Sep 9 16:41:40 2001 UTC (22 years, 3 months ago) by taca
Branch: MAIN
Changes since 1.39: +5 -5
lines
Diff to previous 1.39 (colored)
Enable wide patch and make this package sendmail-8.11.6nb1.
Please look at ${WRKSRC}/sendmail/00READ_ME.WIDE file created by
sendmail8.11.6+3.4W.patch.gz for detail of the patch.
Revision 1.39 / (download) - annotate - [select for diffs], Tue Aug 21 06:49:53 2001 UTC (22 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.38: +3 -3
lines
Diff to previous 1.38 (colored)
upgrade to 8.11.6. fixes a security problem with command line processing.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Aug 1 02:39:38 2001 UTC (22 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.37: +3 -3
lines
Diff to previous 1.37 (colored)
upgrade to 8.11.5. minor bug fixes from 8.11.4. patch-zz (security patch on signal handling) is now in 8.11.5.
Revision 1.37 / (download) - annotate - [select for diffs], Tue May 29 03:31:26 2001 UTC (22 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.36: +8 -3
lines
Diff to previous 1.36 (colored)
update to 8.11.4. security related change included (no exploit available yet) 8.11.4/8.11.4 2001/05/28 Clean up signal handling routines to reduce the chances of heap corruption and other potential race conditions. Terminating and restarting the daemon may not be instantaneous due to this change. Also, non-root users can no longer send out-of-band signals. Problem reported by Michal Zalewski of BindView. If LogLevel is greater than 9 and SASL fails to negotiate an encryption layer, avoid core dump logging the encryption strength. Problem noted by Miroslav Zubcic of Crol. If a server offers "AUTH=" and "AUTH " and the list of mechanisms is different in those two lines, sendmail might not have recognized (and used) all of the offered mechanisms. Fix an IP address lookup problem on Solaris 2.0 - 2.3. Patch from Kenji Miyake. This time, really don't use the .. directory when expanding QueueDirectory wildcards. If a process is interrupted while closing a map, don't try to close the same map again while exiting. Allow local mailers (F=l) to contact remote hosts (e.g., via LMTP). Problem noted by Norbert Klasen of the University of Tuebingen. If Timeout.QueueReturn was set to a value less the time it took to write a new queue file (e.g., 0 seconds), the bounce message would be lost. Problem noted by Lorraine L Goff of Oklahoma State University. Pass map argument vector into map rewriting engine for the regex and prog map types. Problem noted by Stephen Gildea of InTouch Systems, Inc. When closing an LDAP map due to a temporary error, close all of the other LDAP maps which share the original map's connection to the LDAP server. Patch from Victor Duchovni of Morgan Stanley. To detect changes of NDBM aliases files check the timestamp of the .pag file instead of the .dir file. Problem noted by Neil Rickert of Northern Illinois University. Don't treat temporary hesiod lookup failures as permanent. Patch from Werner Wiethege. If ClientPortOptions is set, make sure to create the outgoing socket with the family set in that option. Patch from Sean Farley. Avoid a segmentation fault trying to dereference a NULL pointer when logging a MaxHopCount exceeded error with an empty recipient list. Problem noted by Chris Adams of HiWAAY Internet Services. Fix DSN for "Too many hops" bounces. Problem noticed by Ulrich Windl of the Universitaet Regensburg. Fix DSN for "mail loops back to me" bounces. Problem noticed by Kari Hurtta of the Finnish Meteorological Institute. Portability: OpenBSD has a broken setreuid() implementation. CONFIG: Undo change from 8.11.1: change 501 SMTP reply code back to 553 since it is allowed by DRUMS. CONFIG: Add OSTYPE(freebsd4) for FreeBSD 4.X. DEVTOOLS: install.sh did not properly handle paths in the source file name argument. Noted by Kari Hurtta of the Finnish Meteorological Institute. DEVTOOLS: Add FAST_PID_RECYCLE to compile time options for OpenBSD since it generates random process ids. PRALIASES: Add back adaptive algorithm to deal with different endings of entries in the database (with/without trailing '\0'). Patch from John Beck of Sun Microsystems. New Files: cf/ostype/freebsd4.m4
Revision 1.36 / (download) - annotate - [select for diffs], Sun Apr 15 01:18:06 2001 UTC (22 years, 7 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.35: +11 -11
lines
Diff to previous 1.35 (colored)
go back to 8.11.3. it was my mistake that i have committed 8.12.0Beta into mail/sendmail.
Revision 1.35 / (download) - annotate - [select for diffs], Fri Apr 13 05:07:50 2001 UTC (22 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.34: +12 -12
lines
Diff to previous 1.34 (colored)
upgrade to 8.12.0.Beta7.
confDELIVERBYMIN and confSHAREDMEMORYKEY have been renamed to
confDELIVER_BY_MIN and confSHARED_MEMORY_KEY, respectively.
The macro {sendmailMTACluster} replaces {LDAPCluster}.
Added FEATURE(`queuegroup') for selecting a queue group in the
access database.
Added OSTYPE(`freebsd4')
sendmail/TUNING gives some hints about performance tuning.
Any IPv6 addresses used in configuration should be prefixed by the
"IPv6:" tag to identify the address properly. For example, if you
want to add the IPv6 address [2002:c0a8:51d2::23f4] to class {w},
you would need to add [IPv6:2002:c0a8:51d2::23f4]; if you want to
use it in the access database, you would need to use
IPv6:2002:c0a8:51d2::23f4 on the left hand side.
Revision 1.34 / (download) - annotate - [select for diffs], Mon Mar 5 11:33:47 2001 UTC (22 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.33: +9 -9
lines
Diff to previous 1.33 (colored)
pull in WIDE patch for 8.11.3. this speeds up pkgsrc/mail/smtpfeed (better LMTP).
Revision 1.33 / (download) - annotate - [select for diffs], Wed Feb 28 09:30:01 2001 UTC (22 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.32: +2 -2
lines
Diff to previous 1.32 (colored)
Use "ftp.fu-berlin.de" as german mirror because newer sendmail version appear there earlier than on "ftp.cert.dfn.de".
Revision 1.32 / (download) - annotate - [select for diffs], Wed Feb 28 03:52:18 2001 UTC (22 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.31: +10 -10
lines
Diff to previous 1.31 (colored)
upgrade to 8.11.3. WIDE patch is not supplied yet, so it is not included.
8.11.3/8.11.3 2001/02/27
Prevent a segmentation fault when a bogus value was used in the
LDAPDefaultSpec option's -r, -s, or -M flags and if a bogus
option was used. Problem noted by Allan E Johannesen of
Worcester Polytechnic Institute.
Prevent "token too long" message by shortening {currHeader} which
could be too long if the last copied character was a quote.
Problem detected by Jan Krueger of digitalanswers
communications consulting gmbh.
Additional IPv6 check for unspecified addresses. Patch from
Jun-ichiro itojun Hagino of the KAME Project.
Do not ignore the ClientPortOptions setting if DaemonPortOptions
Modifier=b (bind to same interface) is set and the
connection came in from the command line.
Do not bind to the loopback address if DaemonPortOptions
Modifier=b (bind to same interface) is set. Patch from
John Beck of Sun Microsystems.
Properly deal with open failures on non-optional maps used in
check_* rulesets by returning a temporary failure.
Buffered file I/O files were not being properly fsync'ed to disk
when they were committed.
Properly encode '=' for the AUTH= parameter of the MAIL command.
Problem noted by Hadmut Danisch.
Under certain circumstances the macro {server_name} could be set
to the wrong hostname (of a previous connection), which may
cause some rulesets to return wrong results. This would
usually cause mail to be queued up and delivered later on.
Ignore F=z (LMTP) mailer flag if $u is given in the mailer A=
equate. Problem noted by Motonori Nakamura of Kyoto
University.
Work around broken accept() implementations which only partially
fill in the peer address if the socket is closed before
accept() completes.
Return an SMTP "421" temporary failure if the data file can't be
opened where the "354" reply would normally be given.
Prevent a CPU loop in trying to expand a macro which doesn't exist
in a queue run. Problem noted by Gordon Lack of Glaxo
Wellcome.
If delivering via a program and that program exits with EX_TEMPFAIL,
note that fact for the mailq display instead of just showing
"Deferred". Problem noted by Motonori Nakamura of Kyoto
University.
If doing canonification via /etc/hosts, try both the fully
qualified hostname as well as the first portion of the
hostname. Problem noted by David Bremner of the
University of New Brunswick.
Portability:
Fix a compilation problem for mail.local and rmail if SFIO
is in use. Problem noted by Auteria Wally
Winzer Jr. of Champion Nutrition.
IPv6 changes for platforms using KAME. Patch from
Jun-ichiro itojun Hagino of the KAME Project.
OpenBSD 2.7 and higher has srandomdev(3). OpenBSD 2.8 and
higher has BSDI-style login classes. Patch from
Todd C. Miller of Courtesan Consulting.
Unixware 7.1.1 doesn't allow h_errno to be set directly if
sendmail is being compiled with -kthread. Problem
noted by Orion Poplawski of CQG, Inc.
CONTRIB: buildvirtuser: Substitute current domain for $DOMAIN and
current left hand side for $LHS in virtuser files.
DEVTOOLS: Do not pass make targets to recursive Build invocations.
Problem noted by Jeff Bronson of J.D. Bronson, Inc.
MAIL.LOCAL: In LMTP mode, do not return errors regarding problems
storing the temporary message file until after the remote
side has sent the final DATA termination dot. Problem
noted by Allan E Johannesen of Worcester Polytechnic
Institute.
MAIL.LOCAL: If LMTP mode is set, give a temporary error if users
are also specified on the command line. Patch from
Motonori Nakamura of Kyoto University.
PRALIASES: Skip over AliasFile specifications which aren't based on
database files (i.e., only show dbm, hash, and btree).
Renamed Files:
devtools/OS/OSF1.V5.0 => devtools/OS/OSF1.V5.x
Revision 1.31 / (download) - annotate - [select for diffs], Sun Feb 25 04:17:59 2001 UTC (22 years, 9 months ago) by hubertf
Branch: MAIN
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
Cleanup MKDIR usage => INSTALL_*_DIR XXX need to teach pkglint to be more picky about this
Revision 1.30 / (download) - annotate - [select for diffs], Sat Feb 17 18:25:04 2001 UTC (22 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.29: +2 -1
lines
Diff to previous 1.29 (colored)
Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.
Revision 1.29 / (download) - annotate - [select for diffs], Thu Feb 1 10:33:23 2001 UTC (22 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.28: +1 -2
lines
Diff to previous 1.28 (colored)
Remove a test target I forgot I had added.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jan 29 11:34:31 2001 UTC (22 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.27: +7 -8
lines
Diff to previous 1.27 (colored)
Add automatic ${VARIABLE} handling for MESSAGE files.
Convert most MESSAGE files to new syntax (${VARIABLE} gets replaced,
not @VARIABLE@, nor @@VARIABLE@@).
By default, substitutions are done for LOCALBASE, PKGNAME, PREFIX,
X11BASE, X11PREFIX; additional patterns can be added via MESSAGE_SUBST.
Clean up some packages while I'm there; add RCS tags to most MESSAGEs.
Remove some uninteresting MESSAGEs.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Jan 21 05:58:50 2001 UTC (22 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.26: +9 -1
lines
Diff to previous 1.26 (colored)
bring in WIDE patch for 8.11.2, to support mail/smtpfeed better.
Revision 1.26 / (download) - annotate - [select for diffs], Thu Jan 4 12:09:28 2001 UTC (22 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.25: +4 -11
lines
Diff to previous 1.25 (colored)
upgrade to sendmail 8.11.2.
8.11.2/8.11.2 2000/12/29
Prevent a segmentation fault when trying to set a class in
address test mode due to a negative array index. Audit
other array indexing. This bug is not believed to be
exploitable. Noted by Michal Zalewski of the "Internet for
Schools" project (IdS).
Add an FFR (for future release) to drop privileges when using
address test mode. This will be turned on in 8.12. It can
be enabled by compiling with:
APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TESTMODE_DROP_PRIVS')
in your devtools/Site/site.config.m4 file. Suggested by
Michal Zalewski of the "Internet for Schools" project (IdS).
Fix potential problem with Cyrus-SASL security layer which may have
caused I/O errors, especially for mechanism DIGEST-MD5.
When QueueSortOrder was set to host, sendmail might not read
enough of the queue file to determine the host, making the
sort sub-optimal. Problem noted by Jeff Earickson of
Colby College.
Don't issue DSNs for addresses which use the NOTIFY parameter (per
RFC 1891) but don't have FAILURE as value.
Initialize Cyrus-SASL library before the SMTP daemon is started.
This implies that every change to SASL related files requires
a restart of the daemon, e.g., Sendmail.conf, new SASL
mechanisms (in form of shared libraries).
Properly set the STARTTLS related macros during a queue run for
a cached connection. Bug reported by Michael Kellen of
NxNetworks, Inc.
Log the server name in relay= for ruleset tls_server instead of the
client name.
Include original length of bad field/header when reporting
MaxMimeHeaderLength problems. Requested by Ulrich Windl of
the Universitat Regensburg.
Fix delivery to set-user-ID files that are expanded from aliases in
DeliveryMode queue. Problem noted by Ric Anderson of the
University of Arizona.
Fix LDAP map -m (match only) flag. Problem noted by Jeff Giuliano
of Collective Technologies.
Avoid using a negative argument for sleep() calls when delaying answers
to EXPN/VRFY commands on systems which respond very slowly.
Problem noted by Mikolaj J. Habryn of Optus Internet
Engineering.
Make sure the F=u flag is set in the default prog mailer
definition. Problem noted by Kari Hurtta of the Finnish
Meteorological Institute.
Fix IPv6 check for unspecified addresses. Patch from
Jun-ichiro itojun Hagino of the KAME Project.
Fix return values for IRIX nsd map. From Kari Hurtta of the Finnish
Meteorological Institute.
Fix parsing of DaemonPortOptions and ClientPortOptions. Read all
of the parameters to find Family= setting before trying to
interpret Addr= and Port=. Problem noted by Valdis
Kletnieks of Virginia Tech.
When delivering to a file directly from an alias, do not call
initgroups(); instead use the DefaultUser group information.
Problem noted by Marc Schaefer of ALPHANET NF.
RunAsUser now overrides the ownership of the control socket, if
created. Otherwise, sendmail can not remove it upon
close. Problem noted by Werner Wiethege.
Fix ConnectionRateThrottle counting as the option is the number of
overall connections, not the number of connections per
socket. A future version may change this to per socket
counting.
Portability:
Clean up libsmdb so it functions properly on platforms
where sizeof(u_int32_t) != sizeof(size_t). Problem
noted by Rein Tollevik of Basefarm AS.
Fix man page formatting for compatibility with Solaris'
whatis. From Stephen Gildea of InTouch Systems, Inc.
UnixWare 7 includes snprintf() support. From Larry
Rosenman.
IPv6 changes for platforms using KAME. Patch from
Jun-ichiro itojun Hagino of the KAME Project.
Avoid a typedef compile conflict with Berkeley DB 3.X and
Solaris 2.5 or earlier. Problem noted by Bob Hughes
of Pacific Access.
Add preliminary support for AIX 5. Contributed by
Valdis Kletnieks of Virginia Tech.
Solaris 9 load average support from Andrew Tucker of Sun
Microsystems.
CONFIG: Reject addresses of the form a!b if FEATURE(`nouucp', `r')
is used. Problem noted by Phil Homewood of Asia Online,
patch from Neil Rickert of Northern Illinois University.
CONFIG: Change the default DNS based blacklist server for
FEATURE(`dnsbl') to blackholes.mail-abuse.org.
CONFIG: Deal correctly with the 'C' flag in {daemon_flags}, i.e.,
implicitly assume canonical host names.
CONFIG: Deal with "::" in IPv6 addresses for access_db. Based on
patch by Motonori Nakamura of Kyoto University.
CONFIG: New OSTYPE(`aix5') contributed by Valdis Kletnieks of
Virginia Tech.
CONFIG: Pass the illegal header form <list:;> through untouched
instead of making it worse. Problem noted by Motonori
Nakamura of Kyoto University.
CONTRIB: Added buildvirtuser (see `perldoc contrib/buildvirtuser`).
CONTRIB: qtool.pl: An empty queue is not an error. Problem noted
by Jan Krueger of digitalanswers communications consulting
gmbh.
CONTRIB: domainmap.m4: Handle domains with '-' in them. From Mark
Roth of the University of Illinois at Urbana-Champaign.
DEVTOOLS: Change the internal devtools OS, REL, and ARCH m4
variables into bldOS, bldREL, and bldARCH to prevent
namespace collisions. Problem noted by Motonori Nakamura
of Kyoto University.
RMAIL: Undo the 8.11.1 change to use -G when calling sendmail. It
causes some changes in behavior and may break rmail for
installations where sendmail is actually a wrapper to
another MTA. The change will re-appear in a future
version.
SMRSH: Use the vendor supplied directory on HPUX 10.X, HPUX 11.X,
and SunOS 5.8. Requested by Jeff A. Earickson of Colby
College and John Beck of Sun Microsystems.
VACATION: Fix pattern matching for addresses to ignore.
VACATION: Don't reply to addresses of the form owner-*
or *-owner.
New Files:
cf/ostype/aix5.m4
contrib/buildvirtuser
devtools/OS/AIX.5.0
Revision 1.25 / (download) - annotate - [select for diffs], Sun Nov 19 07:44:38 2000 UTC (23 years ago) by taca
Branch: MAIN
Changes since 1.24: +7 -7
lines
Diff to previous 1.24 (colored)
- re-enable using WIDE patch with sendmail8.11.1+3.4W.patch.
Revision 1.24 / (download) - annotate - [select for diffs], Sun Oct 15 14:30:21 2000 UTC (23 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.23: +10 -13
lines
Diff to previous 1.23 (colored)
update to 8.11.1. make SASL-enabled build to use tolek stdio code, not
sfio code (no longer depends onto devel/sfio)
8.11.1/8.11.1 2000/09/27
Fix SMTP EXPN command output if the address expands to a single
name. Fix from John Beck of Sun Microsystems.
Don't try STARTTLS in the client if the PRNG has not been properly
seeded. This problem only occurs on systems without
/dev/urandom. Problem detected by Jan Krueger of
digitalanswers communications consulting gmbh and
Neil Rickert of Northern Illinois University.
Don't use the . and .. directories when expanding QueueDirectory
wildcards.
Do not try to cache LDAP connections across processes as a parent
process may close the connection before the child process
has completed. Problem noted by Lai Yiu Fai of the Hong
Kong University of Science and Technology and Wolfgang
Hottgenroth of UUNET.
Use Timeout.fileopen to limit the amount of time spent trying to
read the LDAP secret from a file.
Prevent SIGTERM from removing a command line submitted item after
the user submits the message and before the first delivery
attempt completes. Problem noted by Max France of AlphaNet.
Fix from Neil Rickert of Northern Illinois University.
Deal correctly with MaxMessageSize restriction if message size is
greater than 2^31.
Turn off queue checkpointing if CheckpointInterval is set to zero.
Treat an empty home directory (from getpw*() or $HOME) as
non-existent instead of treating it as /. Problem noted by
Todd C. Miller of Courtesan Consulting.
Don't drop duplicate headers when reading a queued item. Problem
noted by Motonori Nakamura of Kyoto University.
Avoid bogus error text when logging the savemail panic "cannot
save rejected email anywhere". Problem noted by Marc G.
Fournier of Acadia University.
If an LDAP search fails because the LDAP server went down, close
the map so subsequent searches reopen the map. If there are
multiple LDAP servers, the down server will be skipped and
one of the others may be able to take over.
Set the ${load_avg} macro to the current load average, not the
previous load average query result.
If a non-optional map used in a check_* ruleset can't be opened,
return a temporary failure to the remote SMTP client
instead of ignoring the map. Problem noted by Allan E
Johannesen of Worcester Polytechnic Institute.
Avoid a race condition when queuing up split envelopes by saving
the split envelopes before the original envelope.
Fix a bug in the PH_MAP code which caused mail to bounce instead of
defer if the PH server could not be contacted. From Mark
Roth of the University of Illinois at Urbana-Champaign.
Prevent QueueSortOrder=Filename from interfering with -qR, -qS, and
ETRN. Problem noted by Erik R. Leo of SoVerNet.
Change error code for unrecognized parameters to the SMTP MAIL and
RCPT commands from 501 to 555 per RFC 1869. Problem
reported to Postfix by Robert Norris of Monash University.
Prevent overwriting the argument of -B on certain OS. Problem
noted by Matteo Gelosa of I.NET S.p.A.
Use the proper routine for freeing memory with Netscape's LDAP
client libraries. Patch from Paul Hilchey of the
University of British Columbia.
Portability:
Move the NETINET6 define to devtools/OS/SunOS.5.{8,9}
instead of defining it in conf.h so users can
override the setting. Suggested by
Henrik Nordstrom of Ericsson.
On HP-UX 10.X and 11.X, use /usr/sbin/sendmail instead of
/usr/lib/sendmail for rmail and vacation. From
Jeff A. Earickson of Colby College.
On HP-UX 11.X, use /usr/sbin instead of /usr/libexec (which
does not exist). From Jeff A. Earickson of Colby
College.
Avoid using the UCB subsystem on NCR MP-RAS 3.x. From
Tom Moore of NCR.
NeXT 3.X and 4.X installs man pages in /usr/man. From
Hisanori Gogota of NTT/InterCommunicationCenter.
Solaris 8 and later include /var/run. The default PID file
location is now /var/run/sendmail.pid. From John
Beck of Sun Microsystems.
SFIO includes snprintf() for those operating systems
which do not. From Todd C. Miller of Courtesan
Consulting.
CONFIG: Use the result of _CERT_REGEX_SUBJECT_ not {cert_subject}.
Problem noted by Kaspar Brand of futureLab AG.
CONFIG: Change 553 SMTP reply code to 501 to avoid problems with
errors in the MAIL address.
CONFIG: Fix FEATURE(nouucp) usage in example .mc files. Problem
noted by Ron Jarrell of Virginia Tech.
CONFIG: Add support for Solaris 8 (and later) as OSTYPE(solaris8).
Contributed by John Beck of Sun Microsystems.
CONFIG: Set confFROM_HEADER such that the mail hub can possibly add
GECOS information for an address. This more closely
matches pre-8.10 nullclient behavior. From Per Hedeland of
Ericsson.
CONFIG: Fix MODIFY_MAILER_FLAGS(): apply the flag modifications for
SMTP to all *smtp* mailers and those for RELAY to the relay
mailer as described in cf/README.
MAIL.LOCAL: Open the mailbox as the recipient not root so quotas
are obeyed. Problem noted by Damian Kuczynski of NIK.
MAKEMAP: Do not change a map's owner to the TrustedUser if using
makemap to 'unmake' the map.
RMAIL: Avoid overflowing the list of recipients being passed to
sendmail.
RMAIL: Invoke sendmail with '-G' to indicate this is a gateway
submission. Problem noted by Kari Hurtta of the Finnish
Meteorological Institute.
VACATION: Read the complete message to avoid "broken pipe" signals.
VACATION: Do not cut off vacation.msg files which have a single
dot as the only character on the line.
New Files:
cf/ostype/solaris8.m4
Revision 1.23 / (download) - annotate - [select for diffs], Sun Sep 3 10:31:27 2000 UTC (23 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: netbsd-1-5-RELEASE,
netbsd-1-4-PATCH003
Changes since 1.22: +10 -10
lines
Diff to previous 1.22 (colored)
echo -> ${ECHO}
Revision 1.22 / (download) - annotate - [select for diffs], Sun Aug 13 18:10:29 2000 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.21: +2 -1
lines
Diff to previous 1.21 (colored)
mention inclusion of WIDE patch in installed DESCR
Revision 1.21 / (download) - annotate - [select for diffs], Sun Aug 13 17:52:31 2000 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.20: +20 -1
lines
Diff to previous 1.20 (colored)
add USE_STARTTLS case (requires sfio-1999 and RSA-capable openssl). need testing (needs certificate properly installed into filesystem). append compiled-in features at the bottom of installed DESCR, as we have so many USE_xx.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Aug 1 12:02:40 2000 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.19: +8 -10
lines
Diff to previous 1.19 (colored)
chmod +w to files we append something. PR10728. From: Wolfgang Rupprecht <wolfgang@wsrcc.com> not sure if this PR is a generic problem - it seems to me that Wolfgang may checked things out from pkgsrc tree with non-writable permission.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Jul 30 17:49:00 2000 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.18: +8 -1
lines
Diff to previous 1.18 (colored)
include wide patch, which is necessary to work better with pkgsrc/mail/smtpfeed.
Revision 1.18 / (download) - annotate - [select for diffs], Mon Jul 24 04:22:31 2000 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.17: +23 -35
lines
Diff to previous 1.17 (colored)
upgrade to 8.11.0 from sendmail.org.
the new Makefile tries to obey sendmail "Build" script better than before.
need checking for solaris build, and ldap build.
TODO: STARTTLS support
--- 8.10.2 -> 8.11.0
8.11.0/8.11.0 2000/07/19
SECURITY: If sendmail is installed as a non-root set-user-ID binary
(not the normal case), some operating systems will still
keep a saved-uid of the effective-uid when sendmail tries
to drop all of its privileges. If sendmail needs to drop
these privileges and the operating system doesn't set the
saved-uid as well, exit with an error. Problem noted by
Kari Hurtta of the Finnish Meteorological Institute.
SECURITY: sendmail depends on snprintf() NUL terminating the string
it populates. It is possible that some broken
implementations of snprintf() exist that do not do this.
Systems in this category should compile with
-DSNPRINTF_IS_BROKEN=1. Use test/t_snprintf.c to test your
system and report broken implementations to
sendmail-bugs@sendmail.org and your OS vendor. Problem
noted by Slawomir Piotrowski of TELSAT GP.
Support SMTP Service Extension for Secure SMTP (RFC 2487) (STARTTLS).
Implementation influenced by the example programs of
OpenSSL and the work of Lutz Jaenicke of TU Cottbus.
Add new STARTTLS related options CACERTPath, CACERTFile,
ClientCertFile, ClientKeyFile, DHParameters, RandFile,
ServerCertFile, and ServerKeyFile. These are documented in
cf/README and doc/op/op.*.
New STARTTLS related macros: ${cert_issuer}, ${cert_subject},
${tls_version}, ${cipher}, ${cipher_bits}, ${verify},
${server_name}, and ${server_addr}. These are documented
in cf/README and doc/op/op.*.
Add support for the Entropy Gathering Daemon (EGD) for better
random data.
New DontBlameSendmail option InsufficientEntropy for systems which
don't properly seed the PRNG for OpenSSL but want to
try to use STARTTLS despite the security problems.
Support the security layer in SMTP AUTH for mechanisms which
support encryption. Based on code contributed by Tim
Martin of CMU.
Add new macro ${auth_ssf} to reflect the SMTP AUTH security
strength factor.
LDAP's -1 (single match only) flag was not honored if the -z
(delimiter) flag was not given. Problem noted by ST Wong of
the Chinese University of Hong Kong. Fix from Mark Adamson
of CMU.
Add more protection from accidentally tripping OpenLDAP 1.X's
ld_errno == LDAP_DECODING_ERROR hack on ldap_next_attribute().
Suggested by Kurt Zeilenga of OpenLDAP.
Fix the default family selection for DaemonPortOptions. As
documented, unless a family is specified in a
DaemonPortOptions option, "inet" is the default. It is
also the default if no DaemonPortOptions value is set.
Therefore, IPv6 users should configure additional sockets
by adding DaemonPortOptions settings with Family=inet6 if
they wish to also listen on IPv6 interfaces. Problem noted
by Jun-ichiro itojun Hagino of the KAME Project.
Set ${if_family} when setting ${if_addr} and ${if_name} to reflect
the interface information for an outgoing connection.
Not doing so was creating a mismatch between the socket
family and address used in subsequent connections if the
M=b modifier was set in DaemonPortOptions. Problem noted
by John Beck of Sun Microsystems.
If DaemonPortOptions modifier M=b is used, determine the socket
family based on the IP address. ${if_family} is no longer
persistent (i.e., saved in qf files). Patch from John Beck
of Sun Microsystems.
sendmail 8.10 and 8.11 reused the ${if_addr} and ${if_family}
macros for both the incoming interface address/family and
the outgoing interface address/family. In order for M=b
modifier in DaemonPortOptions to work properly, preserve
the incoming information in the queue file for later
delivery attempts.
Use SMTP error code and enhanced status code from check_relay in
responses to commands. Problem noted by Jeff Wasilko of
smoe.org.
Add more vigilance in checking for putc() errors on output streams
to protect from a bug in Solaris 2.6's putc(). Problem
noted by Graeme Hewson of Oracle.
The LDAP map -n option (return attribute names only) wasn't working.
Problem noted by Ajay Matia.
Under certain circumstances, an address could be listed as deferred
but would be bounced back to the sender as failed to be
delivered when it really should have been queued. Problem
noted by Allan E Johannesen of Worcester Polytechnic Institute.
Prevent a segmentation fault in a child SMTP process from getting
the SMTP transaction out of sync. Problem noted by Per
Hedeland of Ericsson.
Turn off RES_DEBUG if SFIO is defined unless SFIO_STDIO_COMPAT
is defined to avoid a core dump due to incompatibilities
between sfio and stdio. Problem noted by Neil Rickert
of Northern Illinois University.
Don't log useless envelope ID on initial connection log. Problem
noted by Kari Hurtta of the Finnish Meteorological Institute.
Convert the free disk space shown in a control socket status query
to kilobyte units.
If TryNullMXList is True and there is a temporary DNS failure
looking up the hostname, requeue the message for a later
attempt. Problem noted by Ari Heikkinen of Pohjois-Savo
Polytechnic.
Under the proper circumstances, failed connections would be recorded
as "Bad file number" instead of "Connection failed" in the
queue file and persistent host status. Problem noted by
Graeme Hewson of Oracle.
Avoid getting into an endless loop if a non-hoststat directory exists
within the hoststatus directory (e.g., lost+found).
Patch from Valdis Kletnieks of Virginia Tech.
Make sure Timeout.queuereturn=now returns a bounce message to the
sender. Problem noted by Per Hedeland of Ericsson.
If a message data file can't be opened at delivery time, panic and
abort the attempt instead of delivering a message that
states "<<< No Message Collected >>>".
Fixup the GID checking code from 8.10.2 as it was overly
restrictive. Problem noted by Mark G. Thomas of Mark
G. Thomas Consulting.
Preserve source port number instead of replacing it with the ident
port number (113).
Document the queue status characters in the mailq man page.
Suggested by Ulrich Windl of the Universitat Regensburg.
Process queued items in which none of the recipient addresses have
host portions (or there are no recipients). Problem noted
by Valdis Kletnieks of Virginia Tech.
If a cached LDAP connection is used for multiple maps, make sure
only the first to open the connection is allowed to close
it so a later map close doesn't break the connection for
other maps. Problem noted by Wolfgang Hottgenroth of UUNET.
Netscape's LDAP libraries do not support Kerberos V4
authentication. Patch from Rainer Schoepf of the
University of Mainz.
Provide workaround for inconsistent handling of data passed
via callbacks to Cyrus SASL prior to version 1.5.23.
Mention ENHANCEDSTATUSCODES in the SMTP HELP helpfile. Omission
noted by Ulrich Windl of the Universitat Regensburg.
Portability:
Add the ability to read IPv6 interface addresses into class
'w' under FreeBSD (and possibly others). From Jun
Kuriyama of IMG SRC, Inc. and the FreeBSD Project.
Replace code for finding the number of CPUs on HPUX.
NCRUNIX MP-RAS 3.02 SO_REUSEADDR socket option does not
work properly causing problems if the accept()
fails and the socket needs to be reopened. Patch
from Tom Moore of NCR.
NetBSD uses a .0 extension of formatted man pages. From
Andrew Brown of Graffiti World Wide, Inc.
Return to using the IPv6 AI_DEFAULT flag instead of AI_V4MAPPED
for calls to getipnodebyname(). The Linux
implementation is broken so AI_ADDRCONFIG is stripped
under Linux. From John Beck of Sun Microsystems and
John Kennedy of Cal State University, Chico.
CONFIG: Catch invalid addresses containing a ',' at the wrong place.
Patch from Neil Rickert of Northern Illinois University.
CONFIG: New variables for the new sendmail options:
confCACERT_PATH CACERTPath
confCACERT CACERTFile
confCLIENT_CERT ClientCertFile
confCLIENT_KEY ClientKeyFile
confDH_PARAMETERS DHParameters
confRAND_FILE RandFile
confSERVER_CERT ServerCertFile
confSERVER_KEY ServerKeyFile
CONFIG: Provide basic rulesets for TLS policy control and add new
tags to the access database to support these policies. See
cf/README for more information.
CONFIG: Add TLS information to the Received: header.
CONFIG: Call tls_client ruleset from check_mail in case it wasn't
called due to a STARTTLS command.
CONFIG: If TLS_PERM_ERR is defined, TLS related errors are permanent
instead of temporary.
CONFIG: FEATURE(`relay_hosts_only') didn't work in combination with
the access map and relaying to a domain without using a To:
tag. Problem noted by Mark G. Thomas of Mark G. Thomas
Consulting.
CONFIG: Set confEBINDIR to /usr/sbin to match the devtools entry in
OSTYPE(`linux') and OSTYPE(`mklinux'). From Tim Pierce of
RootsWeb.com.
CONFIG: Make sure FEATURE(`nullclient') doesn't use aliasing and
forwarding to make it as close to the old behavior as
possible. Problem noted by George W. Baltz of the
University of Maryland.
CONFIG: Added OSTYPE(`darwin') for Mac OS X and Darwin users. From
Wilfredo Sanchez of Apple Computer, Inc.
CONFIG: Changed the map names used by FEATURE(`ldap_routing') from
ldap_mailhost and ldap_mailroutingaddress to ldapmh and
ldapmra as underscores in map names cause problems if
underscore is in OperatorChars. Problem noted by Bob Zeitz
of the University of Alberta.
CONFIG: Apply blacklist_recipients also to hosts in class {w}.
Patch from Michael Tratz of Esosoft Corporation.
CONFIG: Use A=TCP ... instead of A=IPC ... in SMTP mailers.
CONTRIB: Add link_hash.sh to create symbolic links to the hash
of X.509 certificates.
CONTRIB: passwd-to-alias.pl: More protection from special characters;
treat special shells as root aliases; skip entries where the
GECOS full name and username match. From Ulrich Windl of the
Universitat Regensburg.
CONTRIB: qtool.pl: Add missing last_modified_time method and fix a
typo. Patch from Graeme Hewson of Oracle.
CONTRIB: re-mqueue.pl: Improve handling of a race between re-mqueue
and sendmail. Patch from Graeme Hewson of Oracle.
CONTRIB: re-mqueue.pl: Don't exit(0) at end so can be called as
subroutine Patch from Graeme Hewson of Oracle.
CONTRIB: Add movemail.pl (move old mail messages between queues by
calling re-mqueue.pl) and movemail.conf (configuration
script for movemail.pl). From Graeme Hewson of Oracle.
CONTRIB: Add cidrexpand (expands CIDR blocks as a preprocessor to
makemap). From Derek J. Balling of Yahoo,Inc.
DEVTOOLS: INSTALL_RAWMAN installation option mistakenly applied any
extension modifications (e.g., MAN8EXT) to the installation
target. Patch from James Ralston of Carnegie Mellon
University.
DEVTOOLS: Add support for SunOS 5.9.
DEVTOOLS: New option confLN contains the command used to create
links.
LIBSMDB: Berkeley DB 2.X and 3.X errors might be lost and not
reported.
MAIL.LOCAL: DG/UX portability. Problem noted by Tim Boyer of
Denman Tire Corporation.
MAIL.LOCAL: Prevent a possible DoS attack when compiled with
-DCONTENTLENGTH. Based on patch from 3APA3A@SECURITY.NNOV.RU.
MAILSTATS: Fix usage statement (-p and -o are optional).
MAKEMAP: Change man page layout as workaround for problem with nroff
and -man on Solaris 7. Patch from Larry Williamson.
RMAIL: AIX 4.3 has snprintf(). Problem noted by David Hayes of
Black Diamond Equipment, Limited.
RMAIL: Prevent a segmentation fault if the incoming message does not
have a From line.
VACATION: Read all of the headers before deciding whether or not
to respond instead of stopping after finding recipient.
Added Files:
cf/ostype/darwin.m4
contrib/cidrexpand
contrib/link_hash.sh
contrib/movemail.conf
contrib/movemail.pl
devtools/OS/SunOS.5.9
test/t_snprintf.c
Revision 1.17 / (download) - annotate - [select for diffs], Thu Jun 15 12:55:07 2000 UTC (23 years, 5 months ago) by kleink
Branch: MAIN
Changes since 1.16: +2 -2
lines
Diff to previous 1.16 (colored)
Match openldap-1.2.*.
Revision 1.16 / (download) - annotate - [select for diffs], Thu Jun 15 12:32:33 2000 UTC (23 years, 5 months ago) by veego
Branch: MAIN
Changes since 1.15: +4 -3
lines
Diff to previous 1.15 (colored)
Fix the PLIST_SRC problem.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jun 14 16:40:53 2000 UTC (23 years, 5 months ago) by veego
Branch: MAIN
Changes since 1.14: +7 -1
lines
Diff to previous 1.14 (colored)
Now fix the libwrap compile problem on NetBSD. Thanks to Matthias Scheler for noticing it.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jun 14 13:02:16 2000 UTC (23 years, 5 months ago) by veego
Branch: MAIN
Changes since 1.13: +7 -3
lines
Diff to previous 1.13 (colored)
Add Solaris support and move the libwrap support from patch-ab to patch-aa.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jun 14 07:30:23 2000 UTC (23 years, 5 months ago) by kleink
Branch: MAIN
Changes since 1.12: +11 -1
lines
Diff to previous 1.12 (colored)
Add support to plug in LDAP maps easily.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Jan 9 01:29:07 2000 UTC (23 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: netbsd-1-4-PATCH002
Changes since 1.11: +5 -3
lines
Diff to previous 1.11 (colored)
replaced some commands by their ${COMMAND} counterparts
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jan 2 17:46:47 2000 UTC (23 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.10: +21 -2
lines
Diff to previous 1.10 (colored)
incorporate WIDE sendmail patch (IPv6 support and other enhancements). enable USE_INET6 cases.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Dec 1 21:55:12 1999 UTC (24 years ago) by tron
Branch: MAIN
Changes since 1.9: +6 -3
lines
Diff to previous 1.9 (colored)
Only remind user to rebuild databases if DB 2.x is used.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Dec 1 21:32:08 1999 UTC (24 years ago) by tron
Branch: MAIN
Changes since 1.8: +3 -1
lines
Diff to previous 1.8 (colored)
Let "post-install" rule recognize "${USE_DB2}", too.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Dec 1 21:31:04 1999 UTC (24 years ago) by tron
Branch: MAIN
Changes since 1.7: +11 -3
lines
Diff to previous 1.7 (colored)
Rename "/usr/sbin/makemap" only if DB 2.x is used.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Dec 1 21:15:20 1999 UTC (24 years ago) by tron
Branch: MAIN
Changes since 1.6: +12 -3
lines
Diff to previous 1.6 (colored)
Because sendmail 8.9.3 works fine for several NetBSD users with the
bug fixed DB 1.85 code in "libc" and using DB 2.x causes problems with
3rd party applications we use it only if "${USE_DB2}" is set to "YES".
Revision 1.6 / (download) - annotate - [select for diffs], Tue Nov 23 09:57:17 1999 UTC (24 years ago) by tron
Branch: MAIN
Changes since 1.5: +2 -2
lines
Diff to previous 1.5 (colored)
Update dependence on "db" package.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Oct 7 17:41:55 1999 UTC (24 years, 2 months ago) by tron
Branch: MAIN
CVS Tags: comdex-fall-1999
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
Remove me as maintainer of those packages.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 30 17:07:11 1999 UTC (24 years, 7 months ago) by tv
Branch: MAIN
CVS Tags: netbsd-1-4-RELEASE,
netbsd-1-4-PATCH001
Changes since 1.3: +2 -1
lines
Diff to previous 1.3 (colored)
Move /usr/sbin/makemap to /usr/sbin/makemap.8.8 while the pkg is installed, since the DB formats are radically different.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Apr 10 17:22:43 1999 UTC (24 years, 8 months ago) by tron
Branch: MAIN
Changes since 1.2: +3 -2
lines
Diff to previous 1.2 (colored)
Use correct users for owning binaries and manual pages.
Revision 1.2 / (download) - annotate - [select for diffs], Sat Apr 10 16:41:21 1999 UTC (24 years, 8 months ago) by tron
Branch: MAIN
Changes since 1.1: +10 -17
lines
Diff to previous 1.1 (colored)
Major cleanup: - Use Sleepycat Software's DB library from "db-2.7.3" package. - Install complete package because we need a tools using the new DB library.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Thu Apr 8 23:00:33 1999 UTC (24 years, 8 months ago) by tron
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
New "sendmail-8.9.3" package: The well known Mail Transport Agent.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Apr 8 23:00:33 1999 UTC (24 years, 8 months ago) by tron
Branch: MAIN
Initial revision