Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

HEADS UP: Postfix 2.11.1 imported



        Hello,

I've imported Postfix 2.11.1 into NetBSD-current today. It builds and works
fine under NetBSD/amd64. Please submit a bug report with "send-pr" in
category "bin" if you find any problems.

Here is a list of the major changes since version 2.10.3:
- Support for PKI-less TLS server certificate verification with DANE
  (DNS-based Authentication of Named Entities) where the CA public key
  or the server certificate is identified via DNSSEC lookup. This
  requires a DNS resolver that validates DNSSEC replies. The problem
  with conventional PKI is that there are literally hundreds of
  organizations world-wide that can provide a certificate in anyone's
  name. DANE limits trust to the people who control the target DNS
  zone and its parent zones.
- A new postscreen_dnsbl_whitelist_threshold feature to allow clients
  to skip postscreen tests based on their DNSBL score. This can
  eliminate email delays due to "after 220 greeting" protocol tests,
  which otherwise require that a client reconnects before it can
  deliver mail. Some providers such as Google don't retry from the
  same IP address, and that can result in large email delivery delays.
- The recipient_delimiter feature now supports different delimiters,
  for example both "+" and "-". As before, this implementation
  recognizes exactly one delimiter character per email address, and
  exactly one address extension per email address.
- Advanced master.cf query/update support to access service attributes
  as "name = value" pairs. For example to turn off chroot on all
  services use "postconf -F '*/*/chroot = n'", and to change/add a
  "-o name=value" setting use "postconf -P 'smtp/inet/name = value'".
  This was developed primarily to allow automated tools to manage Postfix
  systems without having to parse Postfix configuration files.

        Kind regards

-- 
Matthias Scheler                                 https://zhadum.org.uk/

Attachment: pgpsypti3B_YC.pgp
Description: PGP signature



Home | Main Index | Thread Index | Old Index