postfix: Update to version 3.8.4 + prevent smtp smuggling

- Update from version 3.8.3 to 3.8.4
- Update of rootfile not required
- Permanent fix for smtp smuggling will be in version 3.9. However the fix has been
   backported into version 3.8.4 but with the default for the parameter of "no".
- This patch sets the defaults for all the main.cf parameters highlighted by Wietse
   Venema in http://www.postfix.org/smtp-smuggling.html
- Additionally the implementation of smtpd_forbid_bare_newline = yes has been added to
   the install.sh pak for postfix so that it will be included into any main.cf file being
   restored from backup. This parameter is available for the first time in 3.8.4 so will
   not be in any backup prior to this release and can therefore be safely applied to
   restored versions of main.cf.
- This fix in install.sh will be able to be removed when version 3.9 is released early
   in 2024 as the default for that parameter in that version onwards will then be "yes"
- Changelog
    3.8.4
	Security: with "smtpd_forbid_bare_newline = yes" (default
	 "no" for Postfix < 3.9), reply with "Error: bare <LF>
	 received" and disconnect when an SMTP client sends a line
	 ending in <LF>, violating the RFC 5321 requirement that
	 lines must end in <CR><LF>. This prevents SMTP smuggling
	 attacks that target a recipient at a Postfix server. For
	 backwards compatibility, local clients are excluded by
	 default with "smtpd_forbid_bare_newline_exclusions =
	 $mynetworks". Files: mantools/postlink, proto/postconf.proto,
	 global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
	 smtpd/smtpd.c.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/lfs/postfix b/lfs/postfix
index aab683f4c33148b264ce6c4e388cabb8a401dc4a..7f2625a4e841d8a4ae1bf0ef5f15391f760b0c38 100644 (file)
--- a/lfs/postfix
+++ b/lfs/postfix
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = A fast, secure, and flexible mailer
 
-VER        = 3.8.3
+VER        = 3.8.4
 
 THISAPP    = postfix-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = postfix
-PAK_VER    = 43
+PAK_VER    = 44
 
 DEPS       =
 
@@ -70,7 +70,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = a656606c2a46671548cb954a65d769ba5bf68a5c8f0ccdc0e753b03386956eef3e264b696a306c586f1df1b06fb173e5f3db74c6a9e4d3686c86b8f53be585ed
+$(DL_FILE)_BLAKE2 = 200ce3d72444da05e42fc8627002d53d68c1b3d78b7f74b0130ac958c23d16454783ef4849a8c9a4e3cba8ae36646e921f7e94ac4fb819b597e1a5ab1a875272
 
 install : $(TARGET)
 
@@ -110,13 +110,20 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        cd $(DIR_APP) && sh postfix-install -non-interactive
        ## Install configuration
        rm -vf /etc/postfix/main.cf.default
+       
+       # update main.cf parameters to prevent smtp smuggling attack
+       postconf -e 'smtpd_forbid_bare_newline = yes'
+       postconf -e 'smtpd_forbid_unauth_pipelining = yes'
+       postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining'
+       postconf -e 'smtpd_discard_ehlo_keywords = chunking'
+       
        mkdir -p /var/lib/postfix
        chown postfix.root /var/lib/postfix
 
        install -v -m 644 $(DIR_SRC)/config/backup/includes/postfix \
                         /var/ipfire/backup/addons/includes/postfix
        mv /usr/sbin/sendmail /usr/sbin/sendmail.postfix
-
+       
        #install initscripts
        $(call INSTALL_INITSCRIPTS,$(SERVICES))
 

diff --git a/src/paks/postfix/install.sh b/src/paks/postfix/install.sh
index 1629d21c18ce772aa1843f3b06c8b49e2ac2619b..2e04e74a86345ef7e901ea2c005c1977b5c25dcd 100644 (file)
--- a/src/paks/postfix/install.sh
+++ b/src/paks/postfix/install.sh
@@ -24,6 +24,11 @@
 . /opt/pakfire/lib/functions.sh
 extract_files
 restore_backup ${NAME}
+
+# change main.cf parameter from default value to prevent smtp smuggling attack
+# will not be required once postfix-3.9.x is released as default will then be yes
+postconf -e 'smtpd_forbid_bare_newline = yes'
+
 postalias /etc/aliases
 # Set postfix's hostname
 postconf -e "myhostname=$(hostname -f)"