postfix-3.10.1

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 34109c2385b6f97e3ae2c1a84dcf1ddb994545d1..2cae52077c73d6c1633da5000d3b42b45c3f649a 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -28995,3 +28995,10 @@ Apologies for any names omitted.
        Bugfix (defect introduced: Postfix 3.10): Postfix SMTP
        client segfault while reporting a 'certificate expired'
        event. Problem reported by Oemer Gueven. File: tls/tls_verify.c.
+
+20250221
+
+       Bugfix (defect introduced: 20250210): a recent 'fix' for the
+       default smtp_tls_dane_insecure_mx_policy setting resulted in
+       unnecessary 'dnssec_probe' warnings, on systems that disable
+       DNSSEC lookups (the default). File: smtp/smtp_addr.c.

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 828b6a9d984b10596f87133fa3e09653b592655c..b7c2ba9e961e2de6f055b5cd7383d45761005e40 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20250217"
-#define MAIL_VERSION_NUMBER    "3.10.0"
+#define MAIL_RELEASE_DATE      "20250224"
+#define MAIL_VERSION_NUMBER    "3.10.1"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE      "-" MAIL_RELEASE_DATE

diff --git a/postfix/src/smtp/smtp_addr.c b/postfix/src/smtp/smtp_addr.c
index b7a63a4ffd00b44f42ddd2b1cb3c7a2f48f7421b..476ac87c42bb757e7d3e507292648d767e1e5d5c 100644 (file)
--- a/postfix/src/smtp/smtp_addr.c
+++ b/postfix/src/smtp/smtp_addr.c
@@ -299,7 +299,8 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
     if (mx_names->dnssec_valid)
        res_opt = RES_USE_DNSSEC;
 #ifdef USE_TLS
-    else if (smtp_tls_insecure_mx_policy > TLS_LEV_MAY)
+    else if (smtp_tls_insecure_mx_policy > TLS_LEV_MAY
+            && smtp_dns_support == SMTP_DNS_DNSSEC)
        res_opt = RES_USE_DNSSEC;
 #endif