-In the text below, incompatible changes are labeled with the Postfix
-snapshot that introduced the change. If you upgrade from a later
-Postfix version, then you do not have to worry about that particular
-incompatibility.
+In the text below, changes are labeled with the Postfix snapshot
+that introduced the change, and whether the change introduced a
+feature, an incompatibility, or whether the feature is obsolete.
+If you upgrade from a later Postfix version, then you do not have
+to worry about incompatibilities introduced in earlier versions.
Official Postfix releases are called a.b.c where a=major release
number, b=minor release number, c=patchlevel. Snapshot releases
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
-Incompatible changes with Postfix snapshot 1.1.12-20021219
-==========================================================
+Major changes with Postfix version 2.0.0 (released 20021222)
+============================================================
-The use of the XVERP extension in the SMTP MAIL FROM command is
-now limited to SMTP clients that match the hostnames, domains or
-networks listed with the authorized_verp_clients parameter (default:
-$mynetworks).
+First comes the bad news - things that may break when you upgrade
+from Postfix 1.1. Then comes the good news - things that evolved
+in snapshots over the past year.
-Incompatible changes with Postfix snapshot 1.1.12-20021209
-==========================================================
+For the release notes of Postfix 1.1 and earlier, see the
+RELEASE_NOTES-1.1 file.
-This release adds a new "relay" service to the Postfix master.cf
-file. If your Postfix is unable to connect to the "relay" service
-then you have not properly followed the installation procedure.
+Unknown Recipients are now rejected by default
+==============================================
-The Postfix SMTP server now rejects mail for $mydestination domain
-recipients that it does not know about. This keeps undeliverable
-mail out of your queue.
+[Incompatibility 20021209] The Postfix SMTP server now rejects mail
+for $mydestination domain recipients that it does not know about.
+This keeps undeliverable mail out of your queue.
-To avoid losing mail when upgrading from Postfix 1.1, you need to
-review the LOCAL_RECIPIENT_README file if one of the following is
-true:
+[Incompatibility 20021209] To avoid losing mail when upgrading from
+Postfix 1.1, you need to review the LOCAL_RECIPIENT_README file if
+one of the following is true:
- You define $mydestination domain recipients in files other than
/etc/passwd or /etc/aliases. For example, you define $mydestination
- You use the fallback_transport feature of the Postfix local delivery agent.
- You use the luser_relay feature of the Postfix local delivery agent.
-Postfix no longer defaults to the "smtp" transport for all non-local
-destinations. This may affect your defer_transports settings. In
-particular, Postfix now uses the "relay" mail delivery transport
-for delivery to domains matching $relay_domains. The old "smtp"
-transport is now the default mail delivery transport for non-local
-domains that do not match relay_domains.
+Name change of virtual domain tables
+====================================
-The "virtual_maps" configuration parameter is now called
-"virtual_alias_maps", for consistency with "virtual_mailbox_maps".
-Default settings are backwards compatible with Postfix 1.1.
+This release introduces separation of lookup tables for addresses
+and for domain names of virtual domains.
+
+[Incompat 20021209] the virtual_maps parameter is replaced by
+virtual_alias_maps (for address lookups) and virtual_alias_domains
+(for the names of what were formerly called "Postfix-style virtual
+domains").
-Postfix-style virtual domains are now called virtual alias domains.
-Sendmail-style virtual domains are no longer documented. This part
-of Postfix was too confusing.
+ For backwards compatibility with Postfix version 1.1, the new
+ virtual_alias_maps parameter defaults to $virtual_maps, and the
+ new virtual_alias_domains parameter defaults to $virtual_alias_maps.
+ This means that you can still keep all information about a domain
+ in one file, just like before.
-The default queue directory hash_queue_depth setting is reduced to
-1 level of subdirectories per Postfix queue. This improves "mailq"
-performance on most systems, but can result in poorer worst-case
-performance on systems with lots of mail in the queue.
+For details, see the virtual(5) and sample-virtual.cf files.
-The "reject_maps_rbl" restriction is going away. The SMTP server
-logs a warning and suggests using the more flexible "reject_rbl_client"
-instead.
+[Incompat 20021209] the virtual_mailbox_maps parameter now has a
+companion parameter called virtual_mailbox_domains (for the names
+of domains served by the virtual delivery agent). virtual_mailbox_maps
+is now used for address lookups only.
-The "check_relay_domains" restriction is going away. The SMTP server
-logs a warning and suggests using "reject_unauth_destination"
-instead.
+ For backwards compatibility with Postfix version 1.1,, the new
+ virtual_mailbox_domains parameter defaults to $virtual_mailbox_maps.
+ This means that you can still keep all information about a domain
+ in one file, just like before.
-The Postfix SMTP client no longer expands CNAMEs in MAIL FROM or
-RCPT TO addresses (as permitted by RFC 2821).
+For details, see the VIRTUAL_README file.
-The Postfix installation procedure no longer sets the "chattr +S"
-bit on Linux queue directories. Wietse has gotten too annoyed with
-naive reviewers who complain about performance without having a
-clue of what they are comparing.
+Incompatible queue file format changes
+======================================
-Major changes with Postfix snapshot 1.1.12-20021209
-===================================================
+[Incompat 20020527] Queue files created with the header/body_checks
+"FILTER" feature are not compatible with "postqueue -r" (move queue
+files back to the maildrop directory) of previous Postfix releases.
-This release introduces separation of lookup tables for addresses
-and for domain names of virtual domains.
+[Incompat 20020512] Postfix queue files contain records that are
+incompatible with "postqueue -r" on all Postfix versions prior to
+1.1 and release candidates. This happens whenever the sender
+specifies MIME body type information via the SMTP `MAIL FROM'
+command, via the `sendmail -B' command line option, or via the
+Content-Transfer-Encoding: message header.
-- virtual_maps is replaced by virtual_alias_maps (for address
- lookups) and virtual_alias_domains (for the names of what were
- formerly called "Postfix-style virtual domains").
+[Incompat 20020512] Postfix queue files may contain records that
+are incompatible with "postqueue -r" on previous 1.1 Postfix versions
+and release candidates. This happens whenever the sender specifies
+the MIME body type only via the Content-Transfer-Encoding: message
+header, and not via `MAIL FROM' or `sendmail -B'.
+
+Features that are going away
+============================
+
+[Obsolete 20021209] Sendmail-style virtual domains are no longer
+documented. This part of Postfix was too confusing.
+
+[Obsolete 20021209] The "reject_maps_rbl" restriction is going
+away. The SMTP server now logs a warning and suggests using the
+more flexible "reject_rbl_client" feature instead.
+
+[Obsolete 20021209] The "check_relay_domains" restriction is going
+away. The SMTP server logs a warning and suggests using the more
+robust "reject_unauth_destination" instead.
+
+[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
+is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
+form. The old form still exists but is no longer documented, and
+causes a warning (suggesting to use the new format) to be logged.
+For details, see "man regexp_table".
+
+[Obsolete 20020819] The qmgr_site_hog_factor feature is gone (this
+would defer mail delivery for sites that occupy too much space in
+the active queue, and be a real performance drain due to excessive
+disk I/O). The new qmgr_clog_warn_time feature (see below) provides
+more useful suggestions for dealing with Postfix congestion.
+
+[Obsolete 20020819] The "permit_naked_ip_address" restriction on
+HELO command syntax is unsafe when used with most smtpd_XXX_restrictions
+and will go away. Postfix logs a warning, suggesting to use
+"permit_mynetworks" instead.
+
+MIME support
+============
+
+[Feature 20020527] Postfix now has real MIME support. This improves
+content filtering efficiency and accuracy, and improves inter-operability
+with mail systems that cannot receive 8-bit mail. See conf/sample-mime.cf
+for details.
- For backwards compatibility with Postfix version 1.1, the new
- virtual_alias_maps parameter defaults to $virtual_maps, and the
- new virtual_alias_domains parameter defaults to $virtual_alias_maps.
+[Feature 20020527] Postfix header_checks now properly recognize
+MIME headers in attachments. This is much more efficient than
+previous versions that recognized MIME headers via body_checks.
+MIME headers are now processed one multi-line header at a time,
+instead of one body line at a time. To get the the old behavior,
+specify "disable_mime_input_processing = yes". More details in
+conf/sample-filter.cf.
+
+[Feature 20020527] Postfix now has three classes of header patterns:
+header_checks (for primary message headers except MIME headers),
+mime_header_checks (for MIME headers), and nested_header_checks
+(for headers of attached email messages except MIME headers). By
+default, all headers are matched with header_checks.
-- virtual_mailbox_maps now has a companion parameter called
- virtual_mailbox_domains (for the names of domains served by the
- virtual delivery agent). virtual_mailbox_maps is now used for
- address lookups only.
+[Feature 20020527] The Postfix SMTP client will now convert 8BITMIME
+mail to 7BIT when delivering to an SMTP server that does not announce
+8BITMIME support. To disable, specify "disable_mime_output_conversion
+= yes". However, this conversion is required by RFC standards.
- For backwards compatibility with Postfix version 1.1,, the new
- virtual_mailbox_domains parameter defaults to $virtual_mailbox_maps.
+[Feature 20020528] Postfix can enforce specific aspects of the MIME
+standards while receiving mail.
+
+* Specify "strict_7bit_headers = yes" to disallow 8-bit characters
+ in message headers. These are always illegal.
+
+* Specify "strict_8bitmime_body = yes" to block mail with 8-bit
+ content that is not properly labeled as 8-bit MIME. This blocks
+ mail from poorly written mail software, including (bounces from
+ qmail, bounces from Postfix before snapshot 20020514, and Majordomo
+ approval requests) that contain valid 8BITMIME mail.
+
+* Specify "strict_8bitmime = yes" to turn on both strict_7bit_headers
+ and strict_8bitmime_body.
+
+* Specify "strict_mime_encoding_domain = yes" to block mail from
+ poorly written mail software. More details in conf/sample-mime.cf.
+
+[Incompat 20020527] Postfix now rejects mail if the MIME multipart
+structure is nested more than mime_nesting_limit levels (default:
+100) when MIME input processing is enabled while receiving mail, or
+when Postfix is performing 8BITMIME to 7BIT conversion while
+delivering mail.
+
+[Incompat 20020527] Postfix now recognizes "name :" as a valid
+message header, but normalizes it to "name:" for consistency
+(actually, there is so much code in Postfix that would break with
+"name :" that there is little choice, except to not recognize "name
+:" headers).
+
+[Incompat 20020512] Postfix queue files contain records that are
+incompatible with "postqueue -r" on all Postfix versions prior to
+1.1 and release candidates. This happens whenever the sender
+specifies MIME body type information via the SMTP `MAIL FROM'
+command, via the `sendmail -B' command line option, or via the
+Content-Transfer-Encoding: message header.
+
+[Incompat 20020512] Postfix queue files may contain records that
+are incompatible with "postqueue -r" on previous 1.1 Postfix versions
+and release candidates. This happens whenever the sender specifies
+the MIME body type only via the Content-Transfer-Encoding: message
+header, and not via `MAIL FROM' or `sendmail -B'.
+
+[Feature 20020512] The Postfix SMTP and LMTP clients now properly
+pass on the MIME body type information (7BIT or 8BITMIME), provided
+that the sender properly specifies MIME body type information via
+the SMTP MAIL FROM command, via the sendmail -B command line option,
+or via MIME message headers. This includes mail that is returned
+as undeliverable.
+
+Improved performance
+====================
+
+[Incompat 20021209] The default queue directory hash_queue_depth
+setting is reduced to 1 level of subdirectories per Postfix queue.
+This improves "mailq" performance on most systems, but can result
+in poorer worst-case performance on systems with lots of mail in
+the queue.
+
+[Incompat 20021209] The Postfix SMTP client no longer expands CNAMEs
+in MAIL FROM or RCPT TO addresses (as permitted by RFC 2821). This
+eliminates one DNS lookup per sender and recipient, and can make
+a dramatic difference when sending mailing list mail via a relayhost.
+
+[Incompat 20021209] The Postfix installation procedure no longer
+sets the "chattr +S" bit on Linux queue directories. Wietse has
+gotten too annoyed with naive reviewers who complain about performance
+without having a clue of what they are comparing.
+
+[Feature 20021209] On mail gateway systems, separation of inbound
+mail relay traffic from outbound traffic. This eliminates a problem
+where inbound mail deliveries could become resource starved in the
+presence of a high volume of outbound mail.
+
+[Feature 20021013] The body_checks_max_size parameter limits the
+amount of text per message body segment (or attachment, if you
+prefer to use that term) that is subjected to body_checks inspection.
+The default limit is 50 kbytes. This speeds up the processing of
+mail with large attachments.
+
+[Feature 20020917] Speedups of regexp table lookups by optimizing
+for the $number substitutions that are actually present in the
+right-hand side. Based on a suggestion by Liviu Daia.
+
+[Feature 20020917] Speedups of regexp and pcre tables, using
+IF..ENDIF support. Based on an idea by Bert Driehuis. To protect
+a block of patterns, use:
+
+ if /pattern1/
+ /pattern2/ result2
+ /pattern3/ result3
+ endif
+
+IF..ENDIF can nest. Don't specify blanks at the beginning of lines
+inside IF..ENDIF, because lines beginning with whitespace are
+appended to the previous line. More details about the syntax are
+given in the pcre_table(5) and regexp_table(5) manual pages.
+
+[Feature 20020717] The default timeout for establishing an SMTP
+connection has been reduced to 30 seconds, because many systems
+have an atrociously large default timeout value.
-This release introduces the concept of address domain classes, each
-having its own default mail delivery transport:
+[Feature 20020505] Finer control over Berkeley DB memory usage,
+The parameter "berkeley_db_create_buffer_size" (default: 16 MBytes)
+specifies the buffer size for the postmap and postalias commands.
+The parameter "berkeley_db_read_buffer_size" (default: 256 kBytes)
+speficies the buffer size for all other applications. Specify
+"berkeley_db_read_buffer_size = 1048576" to get the old read buffer
+size. For more information, see the last paragraphs of the DB_README
+file.
+
+Improved compatibitity
+======================
+
+[Feature 20020527] The Postfix SMTP client will now convert 8BITMIME
+mail to 7BIT when delivering to an SMTP server that does not announce
+8BITMIME support. To disable, specify "disable_mime_output_conversion
+= yes". However, this conversion is required by RFC standards.
+
+[Feature 20020512] The Postfix SMTP and LMTP clients now properly
+pass on the MIME body type information (7BIT or 8BITMIME), provided
+that the sender properly specifies MIME body type information via
+the SMTP MAIL FROM command, via the sendmail -B command line option,
+or via MIME message headers. This includes mail that is returned
+as undeliverable.
+
+[Incompat 20020326] The Postfix SMTP client now breaks message
+header or body lines that are longer than $smtp_line_length_limit
+characters (default: 990). Earlier Postfix versions broke lines
+at $line_length_limit characters (default: 2048). Postfix versions
+before 20010611 did not break long lines at all. Reportedly, some
+mail servers refuse to receive mail with lines that exceed the 1000
+character limit that is specified by the SMTP standard.
+
+[Incompat 20020326] The Postfix SMTP client now breaks long message
+header or body lines by inserting <CR> <LF> <SPACE>. Earlier
+Postfix versions broke long lines by inserting <CR> <LF> only. This
+broke MIME encapsulation, causing MIME attachments to "disappear"
+with Postfix versions after 20010611.
+
+[Incompat 20020326] Postfix now discards text when a logical message
+header exceeds $header_size_limit characters (default: 102400).
+Earlier Postfix versions would place excess text, and all following
+text, in the message body. The same thing was done when a physical
+header line exceeded $line_length_limit characters (default: 2048).
+Both behaviors broke MIME encapsulation, causing MIME attachments
+to "disappear" with all previous Postfix versions.
+
+[Incompat 20021015] The Postfix LMTP client no longer lowercases email
+addresses in MAIL FROM and RCPT TO commands.
+
+[Incompat 20021013] The default Linux kernel lock style for mailbox
+delivery is changed from flock() to fcntl(). This has no impact if
+your system uses procmail for local delivery, if you use maildir-style
+mailboxes, or when mailbox access software locks mailboxes with
+username.lock files (which is usually the case with non-maildir
+mailboxes).
+
+Address classes
+===============
+
+[Feature 20021209] This release introduces the concept of address
+domain classes, each having its own default mail delivery transport:
Destination matches Default transport Default name
- --------------------------------------------------------------
+ ==============================================================
$mydestination or
$inet_interfaces $local_transport local
$virtual_alias_domains (not applicable) (not applicable)
See the ADDRESS_CLASS_README file for a description of address
classes, their benefits, and their incompatibilities.
-Finally, regular expression maps are now allowed with local delivery
-agent alias tables and with all virtual delivery agent lookup tables.
-However, regular expression substitution of $1 etc. is still
-forbidden for security reasons.
-
-Incompatible changes with Postfix snapshot 1.1.11-20021108
-==========================================================
-
-The behavior of the SMTP server's defer_if_permit flag has changed,
-in order to maximize the opportunity to permanently reject mail
-without opening opportunities for losing legitimate mail.
-
-The flag is still set when an UCE reject restriction fails due to
-a temporary (DNS) problem, to prevent unwanted mail from slipping
-through. However, the flag is no longer tested at the end of client,
-helo or sender restrictions. Instead, the flag is now tested at
-the end of the ETRN and recipient restrictions only.
-
-The behavior of the warn_if_reject restriction has changed. It no
-longer activates any pending defer_if_permit or defer_if_reject
-decisions (the defer_if_reject flag is set when some UCE permit
-restriction fails due to a temporary (DNS) problem, to avoid loss
-of legitimate mail).
-
-Instead of setting the defer_if_permit flag, a failing reject
-restriction after warn_if_reject now merely logs that it would have
-caused mail to be deferred.
-
-A failing permit restriction after warn_if_reject still raises the
-defer_if_reject flag, to avoid loss of legitimate mail.
-
-Incompatible changes with Postfix snapshot 1.1.11-20021028
-==========================================================
-
-Logfile formats have changed. This may affect logfile processing
-software. The queue file format is still compatible with Postfix
-version 1.1 (stable release).
-
-- The Postfix SMTP server UCE reject etc. logging now includes the
-queue ID, the mail protocol (SMTP or ESMTP), and the hostname that
-was received with the HELO or EHLO command, if available.
-
-- The Postfix header/body_checks logging now includes the mail
-protocol (SMTP, ESMTP, QMQP) and the hostname that was received
-with the SMTP HELO or EHLO command, if available.
-
-The Postfix status=sent/bounced/deferred logging now shows the
-original recipient address (as received before any address rewriting
-or aliasing). The original recipient address is logged only when
-it differs from the final recipient address.
-
-Major changes with Postfix snapshot 1.1.11-20021028
-===================================================
-
-Postfix logs more information, as described in the "incompatibilities"
-section above.
-
-The local(8) and virtual(8) delivery agents now record the original
-recipient address in the X-Original-To: message header. This header
-can also be emitted by the pipe(8) delivery agent.
-
-Major changes with Postfix snapshot 1.1.11-20021024
-===================================================
-
-New proxy_interfaces parameter, for sites behind a network address
-translation gateway or other type of proxy. Specify all the proxy
-network addresses here, to avoid avoid mail delivery loops.
-
-Incompatible changes with Postfix snapshot 1.1.11-20021015
-==========================================================
-
-The Postfix LMTP client no longer lowercases email addresses in
-MAIL FROM and RCPT TO commands.
-
-Incompatible changes with Postfix snapshot 1.1.11-20021013
-==========================================================
-
-The default Linux kernel lock style for mailbox delivery is changed
-from flock() to fcntl(). This has no impact if your system uses
-procmail for local delivery, if you use maildir-style mailboxes,
-or when mailbox access software locks mailboxes with username.lock
-files (which is usually the case with non-maildir mailboxes).
-
-Major changes with Postfix snapshot 1.1.11-20021013
-===================================================
-
-The body_checks_max_size parameter limits the amount of text per
-message body segment (or attachment, if you prefer to use that
-term) that is subjected to body_checks inspection. The default
-limit is 50 kbytes. This speeds up the processing of mail with
-large attachments.
-
-Updated MacOS X support by Gerben Wierda. See the auxiliary/MacOSX
-directory.
-
-Incompatible changes with Postfix snapshot 1.1.11-20020923
-==========================================================
-
-Subtle change in ${name?result} macro expansions: the expansion
-no longer happens when $name is an empty string. This probably
-makes more sense than the old behavior.
-
-The default RBL "reject" server reply now includes an indication
-of *what* is being rejected: Client host, Helo command, Sender
-address, or Recipient address.
-
-Major changes with Postfix snapshot 1.1.11-20020923
-===================================================
-
-Complete rewrite of the RBL blacklisting code. The names of RBL
-restrictions are now based on a suggestion that was made by Liviu
-Daia in October 2001. See conf/sample-smtpd.cf or html/uce.html
-for details.
-
-Feature: "reject_rbl_client rbl.domain.tld" for client IP address
-blacklisting. Based on code by LaMont Jones. The old "reject_maps_rbl"
-is now implemented as a wrapper around the reject_rbl_client code.
-
-Feature: "reject_rhsbl_sender rbl.domain.tld" for sender domain
-blacklisting. Also: reject_rhsbl_client and reject_rhsbl_recipient
+New relay transport in master.cf
+================================
+
+[Incompat 20021209] Postfix no longer defaults to the "smtp"
+transport for all non-local destinations. In particular, Postfix
+now uses the "relay" mail delivery transport for delivery to domains
+matching $relay_domains. This may affect your defer_transports
+settings.
+
+On mail gateway systems, this allows us to separate inbound mail
+relay traffic from outbound traffic, and thereby eliminate a problem
+where inbound mail deliveries could become resource starved in the
+presence of a high volume of outbound mail.
+
+[Incompat 20021209] This release adds a new "relay" service to the
+Postfix master.cf file. This is a clone of the "smtp" service. If
+your Postfix is unable to connect to the "relay" service then you
+have not properly followed the installation procedure.
+
+Revision of RBL blacklisting code
+=================================
+
+[Feature 20020923] Complete rewrite of the RBL blacklisting code.
+The names of RBL restrictions are now based on a suggestion that
+was made by Liviu Daia in October 2001. See conf/sample-smtpd.cf
+or html/uce.html for details.
+
+[Feature 20020923] "reject_rbl_client rbl.domain.tld" for client
+IP address blacklisting. Based on code by LaMont Jones. The old
+"reject_maps_rbl" is now implemented as a wrapper around the
+reject_rbl_client code, and logs a warning that "reject_maps_rbl"
+is going away.
+
+[Feature 20020923] "reject_rhsbl_sender rbl.domain.tld" for sender
+domain blacklisting. Also: reject_rhsbl_client and reject_rhsbl_recipient
for client and recipient domain blacklisting.
-"rbl_reply_maps" configuration parameter for lookup tables with
-template responses per RBL server. Based on code by LaMont Jones.
-If no reply template is found the default template is used as
-specified with the default_rbl_reply configuration parameter. The
-template responses support $name expansion of client, helo, sender,
-recipient and RBL related attributes.
-
-"smtpd_expansion_filter" configuration parameter to control what
-characters are allowed in the expansion of template reply $name
-macros. Characters outside the allowed set are replaced by "_".
-
-Incompatible changes with Postfix snapshot 1.1.11-20020917
-==========================================================
-
-The relayhost setting now behaves as documented, i.e. you can no
-longer specify multiple destinations.
+[Feature 20020923] "rbl_reply_maps" configuration parameter for
+lookup tables with template responses per RBL server. Based on code
+by LaMont Jones. If no reply template is found the default template
+is used as specified with the default_rbl_reply configuration
+parameter. The template responses support $name expansion of
+client, helo, sender, recipient and RBL related attributes.
-In regexp lookup tables, the form /pattern1/!/pattern2/ is going
-away. Use the cleaner and more flexible "if !/pattern2/..endif"
-form. The old form still exists but is no longer documented.
+[Incompat 20020923] The default RBL "reject" server reply now
+includes an indication of *what* is being rejected: Client host,
+Helo command, Sender address, or Recipient address. This also
+changes the logfile format.
-Major changes with Postfix snapshot 1.1.11-20020917
-===================================================
+[Feature 20020923] "smtpd_expansion_filter" configuration parameter
+to control what characters are allowed in the expansion of template
+RBL reply $name macros. Characters outside the allowed set are
+replaced by "_".
-Speedups of regexp table lookups by optimizing for the $number
-substitutions that are actually present in the right-hand side.
-Based on a suggestion by Liviu Daia.
-
-Speedups of regexp and pcre tables, using IF..ENDIF support. Based
-on an idea by Bert Driehuis. To protect a block of patterns, use:
-
- if /pattern1/
- /pattern2/ result2
- /pattern3/ result3
- endif
-
-IF..ENDIF can nest. Don't specify blanks at the beginning of lines
-inside IF..ENDIF, because lines beginning with whitespace are
-appended to the previous line. More details about the syntax are
-given in the pcre_table(5) and regexp_table(5) manual pages.
+More sophisticated handling of UCE-related DNS lookup errors
+============================================================
-Incompatible changes with Postfix snapshot 1.1.11-20020906
-==========================================================
+[Feature 20020906] More sophisticated handling of UCE-related DNS
+lookup errors. These cause Postfix to not give up so easily, so
+that some deliveries will not have to be deferred after all.
-The permit_mx_backup restriction is made more strict. With older
-versions, some DNS failures would cause mail to be accepted anyway,
-and some DNS failures would cause mail to be rejected by later
-restrictions in the same restriction list. The improved version
-will defer delivery when Postfix could make the wrong decision.
+[Feature 20020906] The SMTP server sets a defer_if_permit flag when
+an UCE reject restriction fails due to a temporary (DNS) problem,
+to prevent unwanted mail from slipping through. The defer_if_permit
+flag is tested at the end of the ETRN and recipient restrictions.
-Major changes with Postfix snapshot 1.1.11-20020906
-===================================================
+[Feature 20020906] A similar flag, defer_if_reject, is maintained
+to prevent mail from being rejected because a whitelist operation
+(such as permit_mx_backup) fails due to a temporary (DNS) problem.
-More sophisticated handling of UCE-related DNS lookup errors.
-These cause Postfix to not give up so easily, so that some deliveries
-will not have to be deferred after all. This affects the following
-restrictions:
+[Feature 20020906] The permit_mx_backup restriction is made more
+strict. With older versions, some DNS failures would cause mail to
+be accepted anyway, and some DNS failures would cause mail to be
+rejected by later restrictions in the same restriction list. The
+improved version will defer delivery when Postfix could make the
+wrong decision.
- After DNS lookup failure, permit_mx_backup will now accept the
request if a subsequent restriction would cause the request to be
anyway, and will defer the request if a subsequent restriction
would cause the request to be accepted.
-Specify "smtpd_data_restrictions = reject_unauth_pipelining" to
-block mail from SMTP clients that send message content before
-Postfix has replied to the SMTP DATA command.
-
-Incompatible changes with Postfix snapshot 1.1.11-20020819
-==========================================================
-
-The qmgr_site_hog_factor feature is gone (this would defer mail
-delivery for sites that occupy too much space in the active queue,
-and be a real performance drain due to excessive disk I/O). The
-new qmgr_clog_warn_time feature (see below) provides more useful
-suggestions for dealing with Postfix congestion.
-
-LDAP API version 1 is no longer supported. The memory allocation
-and deallocation strategy has changed too much to maintain both
-version 1 and 2 at the same time.
-
-In mailq output, the queue ID is followed by the ! character when
-the message is in the "hold" queue (see below). This may break
-programs that process mailq output.
-
-The "permit_naked_ip_address" restriction on HELO command syntax
-is unsafe when used with most smtpd_XXX_restrictions, and will go
-away. The user is now requested to use "permit_mynetworks" instead.
-
-The smtpd_sasl_local_domain setting now defaults to the null string,
-rather than $myhostname. This seems to work better with Cyrus SASL
-version 2. This change may cause incompatibility with the saslpasswd2
-command.
-
-Major changes with Postfix snapshot 1.1.11-20020819
-===================================================
-
-When the Postfix local delivery agent detects a mail delivery loop
-(usually the result of mis-configured mail pickup software), the
-undeliverable mail is now sent to the mailing list owner instead
-of the envelope sender address (usually the original poster who
-has no guilt, and who cannot fix the problem).
-
-New "hold" queue for mail that should not be delivered. "postsuper
--h" puts mail on hold, and "postsuper -H" releases mail, moving
-mail that was "on hold" to the deferred queue.
-
-New header/body HOLD action that causes mail to be placed on the
-"hold" queue. Presently, all you can do with mail "on hold" is to
-examine it with postcat, to take it "off hold" with "postsuper -H",
-or to destroy it with "postsuper -d". See conf/sample-filter.cf.
-
-The Postfix queue manager now warns when mail for some destination
-is piling up in the active queue, and suggests a variety of remedies
-to speed up delivery (increase per-destination concurrency limit,
-increase active queue size, use a separate delivery transport,
-increase per-transport process limit). The qmgr_clog_warn_time
-parameter controls the time between warnings. To disable these
-warnings, specify "qmgr_clog_warn_time = 0".
-
-Incompatible changes with Postfix snapshot 1.1.11-20020717
-==========================================================
-
-The default timeout for establishing an SMTP connection has been
-reduced to 30 seconds, because many systems have an atrociously
-large default timeout value.
-
-The Postfix SMTP client now logs a warning when the same domain is
-listed in main.cf:mydestination as well as a Postfix-style virtual
-map. Such a mis-configuration may cause mail for users to be rejected
-with "user unknown".
-
-Postfix no longer strips multiple '.' characters from the end of
-an email address or domain name. Only one '.' is tolerated.
-
-The SMTP server reject_unknown_{sender,recipient}_domain etc.
-restrictions now also attempt to look up AAAA (IPV6 address) records.
-
-Major changes with Postfix snapshot 1.1.11-20020717
-===================================================
-
-The masquerade_domains feature now supports exceptions. Prepend
-a ! character to a domain name in order to not strip its subdomain
-structure. More information in conf/sample-rewrite.cf.
-
-The Postfix virtual delivery agent supports catch-all entries
-(@domain.tld) in lookup tables. These match users that do not
-have a specific user@domain.tld entry. The virtual delivery agent
-now ignores address extensions (user+foo@domain.tld) when searching
-its lookup tables, but displays the extensions in Delivered-To:
-message headers.
-
-Incompatible changes with Postfix snapshot 1.1.11-20020610
-==========================================================
-
-Regexp-based transport maps now see the entire recipient address
-instead of only the destination domain name.
-
-Major changes with Postfix snapshot 1.1.11-20020610
-===================================================
-
-A bizarre feature, sender-based routing, that could be useful in
-combination with user@domain address lookups in the transport map.
-
-An actually useful feature, user@domain address lookups in the
-transport map. This feature also understands address extensions.
-Transport maps still support lookup keys in the form of domain
-names, but only with non-regexp tables. Specify <> in order to
-match the null address. More in the transport(5) manual page.
-
-Together with sender-based routing, and a dual Postfix setup.
-user@domain transport map lookups could fulfill people's wishes to
-have multiple SMTP personalities for sending and receiving mail,
-including bounce processing. Details will have to be hammered out
-by users, as Wietse is now completely tied up by other business
-for the next three weeks.
-
-Incompatible changes with Postfix snapshot 1.1.11-20020528
-==========================================================
-
-With PCRE pattern matching, the `.' metacharacter now matches all
-characters including newline characters. This makes PCRE pattern
-matching more convenient to use with multi-line message headers,
-and also makes PCRE more compatible with regexp pattern matching.
-The pcre_table(5) manual page has been greatly revised.
-
-Major changes with Postfix snapshot 1.1.11-20020528
-===================================================
-
-Postfix can enforce specific aspects of the MIME standards while
-receiving mail.
-
-* Specify "strict_7bit_headers = yes" to disallow 8-bit characters
- in message headers. These are always illegal.
-
-* Specify "strict_8bitmime_body = yes" to block mail with 8-bit
- content that is not properly labeled as 8-bit MIME. This blocks
- mail from poorly written mail software, including (bounces from
- qmail, bounces from Postfix before snapshot 20020514, and Majordomo
- approval requests) that contain valid 8BITMIME mail.
-
-* Specify "strict_8bitmime = yes" to turn on both strict_7bit_headers
- and strict_8bitmime_body.
-
-* Specify "strict_mime_encoding_domain = yes" to block mail from
- poorly written mail software. More details in conf/sample-mime.cf.
-
-Incompatible changes with Postfix snapshot 1.1.11-20020527
-==========================================================
-
-Message headers in MIME attachments etc. are no longer matched by
-body_checks, one input line at a time. They are now by default
-matched by header_checks, one multi-line header at a time. To get
-the old behavior, specify "disable_mime_input_processing = yes",
-or specify separate patterns for header_checks, mime_header_checks
-and nested_header_checks. See conf/sample-mime.cf for details.
-
-Postfix now rejects mail if the MIME multipart structure is nested
-more than mime_nesting_limit levels (default: 20) when MIME input
-processing is enabled while receiving mail, or when Postfix is
-performing 8BITMIME to 7BIT conversion while delivering mail.
-
-Postfix now recognizes "name :" as a valid message header, but
-normalizes it to "name:" for consistency (actually, there is so
-much code in Postfix that would break with "name :" that there is
-little choice, except to not recognize "name :" headers).
+[Feature 20020906] Specify "smtpd_data_restrictions =
+reject_unauth_pipelining" to block mail from SMTP clients that send
+message content before Postfix has replied to the SMTP DATA command.
+
+Other UCE related changes
+=========================
+
+[Feature 20020717] The SMTP server reject_unknown_{sender,recipient}_domain
+etc. restrictions now also attempt to look up AAAA (IPV6 address)
+records.
+
+[Incompat 20020513] In order to allow user@domain@domain addresses
+from untrusted systems, specify "allow_untrusted_routing = yes" in
+main.cf. This opens opportunities for mail relay attacks when
+Postfix provides backup MX service for Sendmail systems.
+
+[Incompat 20020514] For safety reasons, the permit_mx_backup
+restriction no longer accepts mail for user@domain@domain. To
+recover the old behavior, specify "allow_untrusted_routing = yes"
+and live with the risk of becoming a relay victim.
+
+[Incompat 20020509] The Postfix SMTP server no longer honors OK
+access rules for user@domain@postfix-style.virtual.domain, to close
+a relaying loophole with postfix-style virtual domains that have
+@domain.name catch-all patterns.
+
+[Incompat 20020201] In Postfix SMTPD access tables, Postfix now
+uses <> as the default lookup key for the null address, in order
+to work around bugs in some Berkeley DB implementations. This
+behavior is controlled with the smtpd_null_access_lookup_key
+configuration parameter.
+
+Changes in transport table lookups
+==================================
+
+[Feature 20020610] user@domain address lookups in the transport
+map. This feature also understands address extensions. Transport
+maps still support lookup keys in the form of domain names, but
+only with non-regexp tables. Specify mailer-daemon@my.host.name
+in order to match the null address. More in the transport(5) manual
+page.
+
+[Feature 20020505] Friendlier behavior of Postfix transport tables.
+There is a new "*" wildcard pattern that always matches. The
+meaning of null delivery transport AND nexhop information field
+has changed to "do not modify": use the information that would be
+used if the transport table did not exist. This change makes it
+easier to route intranet mail (everything under my.domain) directly:
+you no longer need to specify explicit "local" transport table
+entries for every domain name that resolves to the local machine.
+For more information, including examples, see the updated transport(5)
+manual page.
+
+[Incompat 20020610] Regexp/PCRE-based transport maps now see the
+entire recipient address instead of only the destination domain
+name.
+
+[Incompat 20020505, 20021215] The meaning of null delivery transport
+and nexhop fields has changed incompatibly.
+
+- A null delivery transport AND nexthop information field means
+"do not modify": use the delivery transport or nexthop information
+that would be used if no transport table did not exist.
+
+- The delivery transport is not changed with a null delivery
+transport field and non-null nexthop field.
+
+- The nexthop is reset to the recipient domain with a non-null
+transport field and a null nexthop information field.
+
+Address manipulation changes
+============================
+
+[Incompat 20020717] Postfix no longer strips multiple '.' characters
+from the end of an email address or domain name. Only one '.' is
+tolerated.
+
+[Feature 20020717] The masquerade_domains feature now supports
+exceptions. Prepend a ! character to a domain name in order to
+not strip its subdomain structure. More information in
+conf/sample-rewrite.cf.
+
+[Feature 20020717] The Postfix virtual delivery agent supports
+catch-all entries (@domain.tld) in lookup tables. These match users
+that do not have a specific user@domain.tld entry. The virtual
+delivery agent now ignores address extensions (user+foo@domain.tld)
+when searching its lookup tables, but displays the extensions in
+Delivered-To: message headers.
+
+[Feature 20020610] user@domain address lookups in the transport
+map. This feature also understands address extensions. Transport
+maps still support lookup keys in the form of domain names, but
+only with non-regexp tables. Specify mailer-daemon@my.host.name
+in order to match the null address. More in the transport(5) manual
+page.
+
+[Incompat 20020610] Regexp/PCRE-based transport maps now see the
+entire recipient address instead of only the destination domain
+name.
+
+[Incompat 20020513] In order to allow user@domain@domain addresses
+from untrusted systems, specify "allow_untrusted_routing = yes" in
+main.cf. This opens opportunities for mail relay attacks when
+Postfix provides backup MX service for Sendmail systems.
+
+[Incompat 20020509] The Postfix SMTP server no longer honors OK
+access rules for user@domain@postfix-style.virtual.domain, to close
+a relaying loophole with postfix-style virtual domains that have
+@domain.name catch-all patterns.
+
+[Incompat 20020509] The appearance of user@domain1@domain2 addresses
+has changed. In mail headers, such addresses are now properly
+quoted as "user@domain1"@domain2. As a side effect, this quoted
+form is now also expected on the left-hand side of virtual and
+canonical lookup tables, but only by some of the Postfix components.
+For now, it is better not to use user@domain1@domain2 address forms
+on the left-hand side of lookup tables.
+
+Regular expression and PCRE related changes
+===========================================
-Queue files created with the header/body_checks "FILTER" feature
-are not compatible with "postqueue -r" (move queue files back to
-the maildrop directory) of previous Postfix releases.
+[Feature 20021209] Regular expression maps are now allowed with
+local delivery agent alias tables and with all virtual delivery
+agent lookup tables. However, regular expression substitution of
+$1 etc. is still forbidden for security reasons.
+
+[Obsolete 20020917] In regexp lookup tables, the form /pattern1/!/pattern2/
+is going away. Use the cleaner and more flexible "if !/pattern2/..endif"
+form. The old form still exists but is no longer documented, and
+causes a warning (suggesting to use the new format) to be logged.
+
+[Incompat 20020610] Regexp/PCRE-based transport maps now see the
+entire recipient address instead of only the destination domain
+name.
+
+[Incompat 20020528] With PCRE pattern matching, the `.' metacharacter
+now matches all characters including newline characters. This makes
+PCRE pattern matching more convenient to use with multi-line message
+headers, and also makes PCRE more compatible with regexp pattern
+matching. The pcre_table(5) manual page has been greatly revised.
+
+New mail "HOLD" action and "hold" queue
+=======================================
+
+[Feature 20020819] New "hold" queue for mail that should not be
+delivered. "postsuper -h" puts mail on hold, and "postsuper -H"
+releases mail, moving mail that was "on hold" to the deferred queue.
+
+[Feature 20020821] HOLD and DISCARD actions in SMTPD access tables.
+As with the header/body version of the same, these actions apply
+to all recipients of the same queue file.
+
+[Feature 20020819] New header/body HOLD action that causes mail to
+be placed on the "hold" queue. Presently, all you can do with mail
+"on hold" is to examine it with postcat, to take it "off hold" with
+"postsuper -H", or to destroy it with "postsuper -d". See
+conf/sample-filter.cf.
+
+[Incompat 20020819] In mailq output, the queue ID is followed by
+the ! character when the message is in the "hold" queue (see below).
+This may break programs that process mailq output.
+
+Content filtering
+=================
+
+[Feature 20020823] Selective content filtering. In in SMTPD access
+tables, specify "FILTER transport:nexthop" for mail that needs
+filtering. More info about content filtering is in the Postfix
+FILTER_README file. This feature overrides the main.cf content_filter
+setting. Presently, this applies to all the recipients of a queue
+file.
-Major changes with Postfix snapshot 1.1.11-20020527
-===================================================
+[Feature 20020527] Selective content filtering. In header/body_check
+patterns, specify "FILTER transport:nexthop" for mail that needs
+filtering. This requires different cleanup servers before and after
+the filter, with header/body checks turned off in the second cleanup
+server. More info about content filtering is in the Postfix
+FILTER_README file. This feature overrides the main.cf content_filter
+setting. Presently, this applies to all the recipients of a queue
+file.
-Postfix now has real MIME support. This improves content filtering
-efficiency and accuracy, and improves inter-operability with mail
-systems that cannot receive 8-bit mail. See conf/sample-mime.cf
+[Feature 20020527] Postfix now has real MIME support. This improves
+content filtering efficiency and accuracy, and improves inter-operability
+with mail systems that cannot receive 8-bit mail. See conf/sample-mime.cf
for details.
-Postfix header_checks now properly recognize MIME headers in
-attachments. This is much more efficient than previous versions
-that recognized MIME headers via body_checks. MIME headers are
-now processed one multi-line header at a time, instead of one body
-line at a time.
+[Feature 20020527] Postfix header_checks now properly recognize
+MIME headers in attachments. This is much more efficient than
+previous versions that recognized MIME headers via body_checks.
+MIME headers are now processed one multi-line header at a time,
+instead of one body line at a time. To get the the old behavior,
+specify "disable_mime_input_processing = yes". More details in
+conf/sample-filter.cf.
-In fact, Postfix now has three classes of header patterns:
+[Feature 20020527] Postfix now has three classes of header patterns:
header_checks (for primary message headers except MIME headers),
mime_header_checks (for MIME headers), and nested_header_checks
(for headers of attached email messages except MIME headers). By
-default, all headers are matched with header_checks. To get the
-the old behavior, specify "disable_mime_input_processing = yes".
-More details in conf/sample-filter.cf.
-
-Selective content filtering. In header/body_check patterns, specify
-"FILTER transport:nexthop" for mail that needs filtering. This
-requires different cleanup servers before and after the filter,
-with header/body checks turned off in the second cleanup server.
-More info about content filtering is in the Postfix FILTER_README
-file. Examples for this new feature still need to be developed.
-This feature overrides the main.cf content_filter setting.
-
-The Postfix SMTP client will now convert 8BITMIME mail to 7BIT when
-delivering to an SMTP server that does not announce 8BITMIME support.
-To disable, specify "disable_mime_output_conversion = yes". However,
-this conversion is required by RFC standards.
-
-Incompatible changes with Postfix snapshot 1.1.10-20020514
-==========================================================
-
-For safety reasons, the permit_mx_backup restriction no longer
-accepts mail for user@domain@domain. To recover the old behavior,
-specify "resolve_dequoted_address = no" which opens up a completely
-different can of worms as described a few paragraphs down in this
-document.
-
-Major changes with Postfix snapshot 1.1.9-20020513
-==================================================
-
-Updated LDAP client module with better handling of dead LDAP servers,
-and with configurable filtering of query results.
-
-In order to allow user@domain@domain addresses from untrusted
-systems, specify "resolve_dequoted_address = no" in main.cf (when
-resolving mail, quote the address localpart as per RFC 822, so that
-@ or % or ! operators in the address localpart remain invisible).
-Although this behavior is technically more correct, it also opens
-opportunities for mail relay attacks when Postfix provides backup
-MX service for Sendmail systems.
-
-Incompatible changes with Postfix snapshot 1.1.9-20020512
-=========================================================
-
-The Postfix SMTP client no longer uses the CNAME expanded recipient
-address when logging delivery or when bouncing mail. This makes
-trouble shooting somewhat easier.
-
-Postfix snapshot 1.1.9-20020512 queue files contain records that
-are incompatible with "postqueue -r" on all Postfix versions prior
-to 1.1 and release candidates. This happens whenever the sender
-specifies MIME body type information via the SMTP `MAIL FROM'
-command, via the `sendmail -B' command line option, or via the
-Content-Transfer-Encoding: message header.
+default, all headers are matched with header_checks.
-Postfix snapshot 1.1.9-20020512 queue files may contain records
-that are incompatible with "postqueue -r" on previous 1.1 Postfix
-versions and release candidates. This happens whenever the sender
-specifies the MIME body type only via the Content-Transfer-Encoding:
-message header, and not via `MAIL FROM' or `sendmail -B'.
-
-Major changes with Postfix snapshot 1.1.9-20020512
-==================================================
-
-The Postfix SMTP and LMTP clients now properly pass on the MIME
-body type information (7BIT or 8BITMIME), provided that the sender
-properly specifies MIME body type information via the SMTP MAIL
-FROM command, via the sendmail -B command line option, or via MIME
-message headers. This includes mail that is returned as undeliverable.
-Implementing MIME body type propagation was a low priority because
-qmail didn't implement this, either. However, Postfix will not
-convert 8BITMIME content into 7BIT, and probably never will.
-
-Incompatible changes with Postfix snapshot 1.1.9-20020509
-=========================================================
-
-The Postfix SMTP server no longer honors OK access rules for
-user@domain@postfix-style.virtual.domain, to close a relaying
-loophole with postfix-style virtual domains that have @domain.name
-catch-all patterns.
-
-The appearance of user@domain1@domain2 addresses has changed. In
-mail headers, such addresses are now properly quoted as
-"user@domain1"@domain2. As a side effect, this quoted form is now
-also expected on the left-hand side of virtual and canonical lookup
-tables, but only by some of the Postfix components. For now, it
-is better not to use user@domain1@domain2 address forms on the
-left-hand side of lookup tables.
-
-Incompatible changes with Postfix snapshot 1.1.8-20020508
-=========================================================
-
-The Postfix SMTP server by default no longer accepts mail for
-user@domain@postfix-style.virtual.domain, to close a relaying
-loophole with postfix-style virtual domains that have @domain.name
-catch-all patterns.
-
-Incompatible changes with Postfix snapshot 1.1.8-20020505
-=========================================================
-
-In the Postfix transport table, the meaning of null delivery
-transport and nexhop information fields has changed. As of now, a
-null delivery transport or nexthop information field means "do not
-modify": use the delivery transport or nexthop information that
-would be used if no transport table did not exist. This change
-results in the following incompatible changes in behavior:
-
-- A null delivery transport field no longer defaults to
-$default_transport. It now defaults to $local_transport or
-$default_transport depending on the destination.
-
-- A null nexthop information field no longer overrides the main.cf
-relayhost setting. To override the relayhost, specify explicit
-nexthop information in the Postfix transport table.
-
-The postalias command now copies the source file read permissions
-to the result file when creating a table for the first time. Until
-now, the result file was created with default read permissions.
-This change makes postalias more similar to postmap.
-
-The postalias and postmap commands now drop super-user privileges
-when processing a non-root source file. The file is now processed
-as the source file owner, and the owner must therefore have permission
-to update the result file. Specify the "-o" flag to get the old
-behavior (process non-root files with root privileges).
-
-The read buffer size for Berkeley DB lookup tables was decreased
-from 1MByte to 256kByte. Specify "berkeley_db_read_buffer_size =
-1048576" to get the old read buffer size.
-
-Major changes with Postfix snapshot 1.1.8-20020505
-==================================================
-
-Friendlier behavior of Postfix transport tables. There is a new
-"*" wildcard pattern that matches any domain. The meaning of a null
-delivery transport or nexhop information field has changed to "do
-not modify": use the information that would be used if the transport
-table did not exist. This change makes it easier to route internal
-mail (everything under my.domain) directly: you no longer need to
-specify explicit "local" transport table entries for the local
-machine. For more information, including examples, see the updated
-transport(5) manual page.
-
-Finer control over Berkeley DB memory usage, and more efficient
-usage of memory in applications that open lots of tables. The
-parameter "berkeley_db_create_buffer_size" (default: 16 MBytes)
-specifies the buffer size for the postmap and postalias commands.
-The parameter "berkeley_db_read_buffer_size" (default: 256 kBytes)
-speficies the buffer size for all other applications. For more
-information, see the last paragraphs of the DB_README file.
-
-Major changes with Postfix snapshot 1.1.7-20020331
-==================================================
+[Feature 20021013] The body_checks_max_size parameter limits the
+amount of text per message body segment (or attachment, if you
+prefer to use that term) that is subjected to body_checks inspection.
+The default limit is 50 kbytes. This speeds up the processing of
+mail with large attachments.
-Support for the Cyrus SASL version 2 library, contributed by Jason
-Hoos. This adds some new functionality that was not available in
-Cyrus SASL version 1, and provides bit-rot insurance for the time
-when Cyrus SASL version 1 eventually stops working.
+[Feature 20020917] Speedups of regexp table lookups by optimizing
+for the $number substitutions that are actually present in the
+right-hand side. Based on a suggestion by Liviu Daia.
-A new smtp_helo_name parameter that specifies the hostname to be
-used in HELO or EHLO commands; this can be more convenient than
-changing the myhostname parameter setting.
+[Feature 20020917] Speedups of regexp and pcre tables, using
+IF..ENDIF support. Based on an idea by Bert Driehuis. To protect
+a block of patterns, use:
-Choice between multiple instances of internal services: bounce,
-cleanup, defer, error, flush, pickup, queue, rewrite, showq. This
-allows you to use different cleanup server settings for different
-SMTP server instances. For example, specify in the master.cf file:
-
- localhost:10025 ... smtpd -o cleanup_service_name=cleanup2 ...
- cleanup2 ... cleanup -o header_checks= body_checks= ...
-
-Incompatible changes with Postfix version 1.1.6 (released 20020326)
-===================================================================
-
-The Postfix SMTP client now breaks message header or body lines
-that are longer than $smtp_line_length_limit characters (default:
-990). Earlier Postfix versions broke lines at $line_length_limit
-characters (default: 2048). Postfix versions before 20010611 did
-not break long lines at all. Reportedly, some mail servers refuse
-to receive mail with lines that exceed the 1000 character limit
-that is specified by the SMTP standard.
-
-The Postfix SMTP client now breaks long message header or body
-lines by inserting <CR> <LF> <SPACE>. Earlier Postfix versions
-broke long lines by inserting <CR> <LF> only. This broke MIME
-encapsulation, causing MIME attachments to "disappear" with Postfix
-versions after 20010611.
-
-Postfix now discards text when a logical message header exceeds
-$header_size_limit characters (default: 102400). Earlier Postfix
-versions would place excess text, and all following text, in the
-message body. The same thing was done when a physical header line
-exceeded $line_length_limit characters (default: 2048). Both
-behaviors broke MIME encapsulation, causing MIME attachments to
-"disappear" with all previous Postfix versions.
-
-Incompatible changes with Postfix version 1.1.3 (released 20020201)
-===================================================================
-
-In Postfix SMTPD access tables, Postfix now uses <> as the default
-lookup key for the null address, in order to work around bugs in
-some Berkeley DB implementations. This behavior is controlled with
-the smtpd_null_access_lookup_key configuration parameter.
-
-On SCO 3.2 UNIX, the input rate flow control is now turned off by
-default, because of limitations in the SCO UNIX kernel.
-
-Incompatible changes with Postfix version 1.1.2 (released 20020125)
-===================================================================
-
-Postfix now detects if the run-time Berkeley DB library routines
-do not match the major version number of the compile-time include
-file that was used for compiling Postfix. The software issues a
-warning and aborts in case of a discrepancy. If it didn't, the
-software was certain to crash with a segmentation violation.
-
-Incompatible changes with Postfix version 1.1.1 (released 20020122)
-===================================================================
-
-When the postmap command creates a non-existent result file, the
-new file inherits the group/other read permissions of the source
-file.
+ if /pattern1/
+ /pattern2/ result2
+ /pattern3/ result3
+ endif
-Incompatible changes with Postfix version 1.1.0 (released 20020117)
-===================================================================
-
-Changes are listed in order of decreasing importance, not release
-date.
-
-[snapshot-20010709] This release introduces a new queue file record
-type that is used only for messages that actually use VERP (variable
-envelope return path) support. With this sole exception, the queue
-file format is entirely backwards compatible with the previous
-official Postfix release (20010228, a.k.a. Postfix 1.0.0).
-
-[snapshot-20020106] This release modifies the existing master.cf
-file. The local pickup service is now unprivileged, and the cleanup
-and flush service are now "public". Should you have to back out to
-a previous release, then you must 1) edit the master.cf file, make
-the pickup service "privileged", and make the cleanup and flush
-services "private"; 2) "chmod 755 /var/spool/postfix/public". To
-revert to a world-writable mail submission directory, "chmod 1733
-/var/spool/postfix/maildrop".
-
-[snapshot-20020106, snapshot-20010808, snapshot-20011103,
-snapshot-20011121] You must stop and restart Postfix because of
-incompatible changes in the local Postfix security model and in
-the Postfix internal protocols. Old and new components will not
-work together.
-
-[snapshot-20020106] Simpler local Postfix security model.
-
-- No world-writable maildrop directory. Postfix now always uses
- the set-gid postdrop command for local mail submissions. The
- local mail pickup daemon is now an unprivileged process.
-
-- No world-accessible pickup and queue manager server FIFOs.
-
-- New set-gid postqueue command for the queue list/flush operations
- that used to implemented by the Postfix sendmail command.
-
-[snapshot-20020106..15] Simpler Postfix installation and upgrading.
-
-- All installation settings are now kept in the main.cf file, and
- better default settings are now generated for system dependent
- pathnames such as sendmail_path etc. The install.cf file is no
- longer used, except when upgrading from an older Postfix version.
-
-- Non-default installation parameter settings can (but do not have
- to) be specified on the "make install" or "make upgrade" command
- line as name=value arguments.
-
-- New postfix-files database (in /etc/postfix) with (pathname,
- owner, permission) information about all Postfix-related files.
-
-- New postfix-install script replaces the awkward INSTALL.sh script.
- This is driven by the postfix-files database. It has better
- support for building packages for distribution to other systems.
- See PACKAGE_README for details.
-
-- New post-install script (in /etc/postfix) for post-installation
- maintenance of directory/file permissions and ownership (this is
- used by "postfix check"). Example:
-
- # postfix stop
- # post-install set-permissions mail_owner=username setgid_group=groupname
- # postfix start
-
-[snapshot-20020106] Postfix will not run if it detects that the
-postfix user or group ID are shared with other accounts on the
-system. The checks aren't exhaustive (that would be too resource
-consuming) but should be sufficient to encourage packagers and
-developers to do the right thing. To fix the problem, use the above
-post-install command, after you have created the appropriate new
-mail_owner or setgid_group user or group IDs.
-
-[snapshot-20020106] If you run multiple Postfix instances on the
-same machine you now have to specify their configuration directories
-in the default main.cf file as "alternate_config_directories =
-/dir1 /dir2 ...". Otherwise, some Postfix commands will no longer
-work: the set-group ID postdrop command for mail submission and
-the set-group ID postqueue command for queue listing/flushing.
-
-[snapshot-20010808] The default setting for the maps_rbl_domains
-parameter is now "empty", because mail-abuse.org has become a
-subscription-based service. The names of the RBL parameters haven't
-changed.
-
-[snapshot-20020106] Postfix SMTP access maps will no longer return
-OK for non-local multi-domain recipient mail addresses (user@dom1@dom2,
-user%dom1@dom2, etcetera); the lookup now returns DUNNO (undetermined).
-Non-local multi-domain recipient addresses were already prohibited
-from matching the permit_mx_backup and the relay_domains-based
-restrictions.
-
-[snapshot-20011210] Stricter checking of Postfix chroot configurations.
-The Postfix startup procedure now warns if "system" directories
-(etc, bin, lib, usr) under the Postfix top-level queue directory
-are not owned by the super-user (usually the result of well-intended,
-but misguided, applications of "chown -R postfix /var/spool/postfix).
-
-[snapshot-20011008] The Postfix SMTP server now rejects requests
-with a generic "try again later" status (451 Server configuration
-error) when it detects an error in smtp_{client, helo, sender,
-recipient, etrn}_restrictions settings. More details about the
-problem are logged to the syslogd; sending such information to
-random clients would be inappropriate.
-
-[snapshot-20011008] Postfix no longer flushes the entire mail queue
-after receiving an ETRN request for a random domain name. Requests
-for domains that do not match $fast_flush_domains are now rejected
-instead.
-
-[snapshot-20011226] Postfix configuration file comments no longer
-continue on the next line when that next line starts with whitespace.
-This change avoids surprises, but it may cause unexpected behavior
-with existing, improperly formatted, configuration files. Caveat
-user. Comment lines are allowed to begin with whitespace. Multi-line
-input is no longer terminated by a comment line, by an all whitespace
-line, or by an empty line.
-
-[snapshot-20010714] Postfix delivery agents now refuse to create
-a missing maildir or mail spool subdirectory when its parent
-directory is world writable. This is necessary to prevent security
-problems with maildirs or with hashed mailboxes under a world
-writable mail spool directory.
-
-[snapshot-20010525] As per RFC 2821, the Postfix SMTP client now
-always sends EHLO at the beginning of an SMTP session. Specify
-"smtp_always_send_ehlo = no" for the old behavior, which is to send
-EHLO only when the server greeting banner contains the word ESMTP.
-
-[snapshot-20010525] As per RFC 2821, an EHLO command in the middle
-of an SMTP session resets the Postfix SMTP server state just like
-RSET. This behavior cannot be disabled.
-
-[snapshot-20010709] The SMTP client now by default breaks lines >
-2048 characters, to avoid mail delivery problems with fragile SMTP
-server software. To get the old behavior back, specify "smtp_break_lines
-= no" in the Postfix main.cf file.
-
-[snapshot-20010709] With recipient_delimiter=+ (or any character
-other than -) Postfix will now recognize address extensions even
-with owner-foo+extension addresses. This change was necessary to
-make VERP useful for mailing list bounce processing.
-
-[snapshot-20010610] The Postfix pipe delivery agent no longer
-automatically case-folds the expansion of $user, $extension or
-$mailbox command-line macros. Specify the 'u' flag to get the old
-behavior.
-
-[snapshot-20011210] The Postfix sendmail command no longer exits
-with status 1 when mail submission fails, but instead returns a
-sendmail-compatible status code as defined in /usr/include/sysexits.h.
-
-Major changes with Postfix version 1.1.0 (Released 20020117)
-============================================================
+IF..ENDIF can nest. Don't specify blanks at the beginning of lines
+inside IF..ENDIF, because lines beginning with whitespace are
+appended to the previous line. More details about the syntax are
+given in the pcre_table(5) and regexp_table(5) manual pages.
-Changes are listed in order of decreasing importance, not release
-date.
-
-The nqmgr queue manager is now bundled with Postfix. It implements
-a smarter scheduling strategy that allows ordinary mail to slip
-past mailing list mail, resulting in better response. This queue
-manager is expected to become the default queue manager shortly.
-
-[snapshot-20010709, snapshot-20010808] VERP (variable envelope
-return path) support. This is enabled by default, including in
-the SMTP server. See the VERP_README file for instructions. Specify
-"disable_verp_bounces = yes" to have Postfix send one RFC-standard,
-non-VERP, bounce report for multi-recipient mail, even when VERP
-style delivery was requested. This reduces the explosive behavior
-of bounces when sending mail to a list.
-
-[snapshot-20010709] QMQP server support, so that Postfix can be
-used as a backend mailer for the ezmlm-idx mailing list manager.
-You still need qmail to drive ezmlm and to process mailing list
-bounces. The QMQP service is disabled by default. To enable, follow
-the instructions in the QMQP_README file.
-
-[snapshot-20010709] You can now reject unknown virtual(8) recipients
-at the SMTP port by specifying a "domain.name whatever" entry in
-the tables specified with virtual_mailbox_maps, similar to Postfix
-virtual(5) domains. [virtual(8) is the Postfix virtual delivery
-agent, virtual(5) is the Postfix virtual map. The two implement
-virtual domains in a very different manner.]
-
-[snapshot-20011121] Configurable host/domain name wildcard matching
-behavior: choice between "pattern `domain.name' matches string
-`host.domain.name'" (this is to be deprecated in the future) and
-"pattern `.domain.name' matches string `host.domain.name'" (this
-is to be preferred in the future). The configuration parameter
-"parent_domain_matches_subdomains" specifies which Postfix features
-use the behavior that will become deprecated.
-
-[snapshot-20010808] Variable coupling between message receiving
-rates and message delivery rates. When the message receiving rate
-exceeds the message delivery rate, an SMTP server will pause for
-$in_flow_delay seconds before accepting a message. This delay
-gives Postfix a chance catch up and access the disk, while still
-allowing new mail to arrive. This feature currently has effect
-only when mail arrives via a small number of SMTP clients.
-
-[snapshot-20010610, snapshot-20011121, snapshot-20011210] Workarounds
-for a bug in old versions of the CISCO PIX firewall software that
-caused mail to be resent repeatedly. The workaround has no effect
-for other mail deliveries. The workaround is turned off when mail
-is queued for less than $smtp_pix_workaround_threshold_time seconds
-(default: 500 seconds) so that the workaround is normally enabled
-only for deferred mail. The delay before sending .<CR><LF> is now
-controlled by the $smtp_pix_workaround_delay_time setting (default:
-10 seconds).
-
-[snapshot-20011226] Postfix will now do null address lookups in
-SMTPD access maps. If your access maps cannot store or look up
-null string key values, specify "smtpd_null_access_lookup_key =
-<>" and the null sender address will be looked up as <> instead.
-
-[snapshot-20011210] More usable virtual delivery agent, thanks to
-a new "static" map type by Jeff Miller that always returns its map
-name as the lookup result. This eliminates the need for per-recipient
-user ID and group ID tables. See the VIRTUAL_README file for more
-details.
-
-[snapshot-20011125] Anti-sender spoofing. New main.cf parameter
-smtpd_sender_login_maps that specifies the (SASL) login name that
-owns a MAIL FROM sender address. Specify a regexp table in order
-to require a simple one-to-one mapping. New SMTPD restriction
-reject_sender_login_mismatch that refuses a MAIL FROM address when
-$smtpd_sender_login_maps specifies an owner but the client is not
-(SASL) logged in as the MAIL FROM address owner, or when a client
-is (SASL) logged in but does not own the address according to
-$smtpd_sender_login_maps.
-
-[snapshot-20011121] The mailbox_command_maps parameter allows you
-to configure the external delivery command per user (local delivery
-agent only). This feature has precedence over the mailbox_command
-and home_mailbox settings.
-
-[snapshot-20011121] New "warn_if_reject" smtpd UCE restriction that
-only warns if the restriction that follows would reject mail. Look
-for file records that contain the string "reject_warning".
-
-[snapshot-20011127] New header/body_check result "WARN" to make
-Postfix log a warning about a header/body line without rejecting
-the content.
-
-[snapshot-20011103] In header/body_check files, REJECT can now be
-followed by text that is sent to the originator. That feature was
-stuck waiting for years, pending the internal protocol revision.
-
-[snapshot-20011008] The permit_mx_backup feature allows you to
-specify network address blocks via the permit_mx_backup_networks
-parameter. This requires that the primary MX hosts for the given
-destination match the specified network blocks. When no value is
-given for permit_mx_backup_networks, Postfix will accept mail
-whenever the local MTA is listed in the DNS as an MX relay host
-for a destination, even when you never gave permission to do so.
-
-[snapshot-20010709] Specify "mail_spool_directory = /var/mail/"
-(note the trailing "/" character) to enable maildir format for
-/var/mail/username.
-
-[snapshot-20010808] Finer control over address masquerading. The
-masquerade_classes parameter now controls header and envelope sender
-and recipient addresses. With earlier Postfix versions, address
-masquerading rewrote all addresses except for the envelope recipient.
-
-[snapshot-20010610] The pipe mail delivery agent now supports proper
-quoting of white space and other special characters in the expansions
-of the $sender and $recipient command-line macros. This was necessary
-for correct operation of the "simple" content filter, and is also
-recommended for delivery via UUCP or BSMTP.
-
-[snapshot-20010610] The pipe mail delivery agent now supports case
-folding the localpart and/or domain part of expansions of the
-$nexthop, $recipient, $user, $extension or $mailbox command-line
-macros. This is recommended for mail delivery via UUCP. Bug: $nexthop
-is always case folded because of problems in the queue manager
-code.
-
-[snapshot-20010525] This release contains many little revisions of
-little details in the light of the new RFC 2821 and RFC 2822
-standards. Changes that may affect interoperability are listed
-above under "incompatible changes". Other little details are
-discussed in comments in the source code.
-
-[snapshot-20010502] The Postfix SMTP client now by default randomly
-shuffles destination IP addresses of equal preference (whether
-obtained via MX lookup or otherwise). Reportedly, this is needed
-for sites that use Bernstein's dnscache program. Specify
-"smtp_randomize_addresses = no" to disable this behavior. Based on
-shuffling code by Aleph1.
-
-[snapshot-20011127] New parameter smtpd_noop_commands to specify
-a list of commands that the Postfix SMTP server treats as NOOP
-commands (no syntax check, no state change). This is a workaround
-for misbehaving clients that send unsupported commands such as
-ONEX.
-
-[snapshot-20010502] "postmap -q -" and "postmap -d -" read key
-values from standard input, which makes it easier to drive them
-from another program. The same feature was added to the postalias
-command.
-
-[snapshot-20010502] The postsuper command now has a command-line
-option to delete queue files. In principle this command can be
-used while Postfix is running, but there is a possibility of deleting
-the wrong queue file when Postfix deletes a queue file and reuses
-the queue ID for a new message. In that case, postsuper will delete
-the new message.
-
-[snapshot-20010525] The postsuper queue maintenance tool now renames
-files whose name (queue ID) does not match the message file inode
-number. This is necessary after a Postfix mail queue is restored
-from another machine or from backups. The feature is selected with
-the -s option, which is the default, and runs whenever Postfix is
-started.
-
-[snapshot-20010525] The postsuper queue maintenance tool has a new
--r (requeue) option for subjecting some or all queue files to
-another iteration of address rewriting. This is useful after the
-virtual or canonical maps have changed.
-
-[snapshot-20010525] The postsuper queue maintenance tool was extended
-with options to read queue IDs from standard input. This makes the
-tool easier to drive from scripts.
-
-[snapshot-20010329] Better support for running multiple Postfix
-instances on one machine. Each instance can be recognized by its
-logging (defaults: "syslog_name = postfix", "syslog_facility =
-mail").
-
-Major incompatible changes with release-20010228 Patch 01 (a.k.a. Postfix 1.0.1)
-================================================================================
-
-This release changes the names of the "fast ETRN" logfiles with
-delayed mail per destination. These files are maintained by the
-Postfix "fast flush" daemon. The old scheme failed with addresses
-of the form user@[ip.address] and user@a.domain.name. In order to
-populate the new "fast ETRN" logfiles, execute the command "sendmail
--q". The old "fast ETRN" logfiles go away by themselves (default:
-after 7 days).
-
-Major incompatible changes with release-20010228 (a.k.a. Postfix 1.0.0)
-=======================================================================
-
-[snapshot-20010225] POSTFIX NO LONGER RELAYS MAIL FOR CLIENTS IN
-THE ENTIRE CLASS A/B/C NETWORK. To get the old behavior, specify
-"mynetworks_style = class" in the main.cf file. The default
-(mynetworks_style = subnet) is to relay for clients in the local
-IP subnet. See conf/main.cf.
-
-[snapshot-20001005, snapshot-20010225] You must execute "postfix
-stop" before installing this release. Some recommended parameter
-settings have changed, and a new entry must be added to the master.cf
-file before you can start Postfix again.
-
-1 - The recommended Postfix configuration no longer uses flat
- directories for the "incoming" "active", "bounce", and "defer"
- queue directories. The "flush" directory for the new "flush"
- service directory should not be flat either.
-
- Upon start-up, Postfix checks if the hash_queue_names configuration
- parameter is properly set up, and will add any queue directory
- names that are missing.
-
-2 - In order to improve performance of one-to-one mail deliveries
- the queue manager will now look at up to 10000 queue files
- (was: 1000). The default qmgr_message_active_limit setting
- was changed accordingly.
-
- If you have a non-default qmgr_message_active_limit in main.cf,
- you may want adjust it.
-
-3 - The new "flush" service needs to be configured in master.cf.
-
- Upon start-up, Postfix checks if the new "flush" service is
- configured in the master.cf file, and will add an entry if it
- is missing.
-
-Should you wish to back out to a previous Postfix release there is
-no need to undo the above queue configuration changes.
-
-[snapshot-20000921] The protocol between queue manager and delivery
-agents has changed. This means that you cannot mix the Postfix
-queue manager or delivery agents with those of Postfix versions
-prior to 20000921. This change does not affect Postfix queue file
-formats.
-
-[snapshot-20000529] This release introduces an incompatible queue
-file format change ONLY when content filtering is enabled (see text
-in FILTER_README). Old Postfix queue files will work fine, but
-queue files with the new content filtering info will not work with
-Postfix versions before 20000529. Postfix logs a warning and moves
-incompatible queue files to the "corrupt" mail queue subdirectory.
-
-Minor incompatible changes with release-20010228
-================================================
-
-[snapshot-20010225] The incoming and deferred queue directories
-are now hashed by default. This improves the performance considerably
-under heavy load, at the cost of a small but noticeable slowdown
-when one runs "mailq" on an unloaded system.
-
-[snapshot-20010222] Postfix no longer automatically delivers
-recipients one at a time when their domain is listed in $mydestination.
-This change solves delivery performance problems with delivery via
-LMTP, with virus scanning, and with firewall relays that forward
-all mail for $mydestination to an inside host.
-
-The "one recipient at a time" delivery behavior is now controlled
-by the per-transport recipient limit (xxx_destination_recipient_limit,
-where xxx is the name of the delivery mechanism). This parameter
-controls the number of recipients that can be sent in one delivery
-(surprise).
-
-The setting of the per-transport recipient limit also controls the
-meaning of the per-transport destination concurrency limit (named
-xxx_destination_concurrency_limit, where xxx is again the name of
-the delivery mechanism):
-
- 1) When the per-transport recipient limit is 1 (i.e., send one
- recipient per delivery), the per-transport destination concurrency
- limit controls the number of simultaneous deliveries to the
- same recipient. This is the default behavior for delivery via
- the Postfix local delivery agent.
-
- 2) When the per-transport recipient limit is > 1 (i.e., send
- multiple recipients per delivery), the per-transport destination
- concurrency limit controls the number of simultaneous deliveries
- to the same domain. This is the default behavior for all other
- Postfix delivery agents.
-
-[snapshot-20010128] The Postfix local delivery agent now enforces
-mailbox file size limits (default: mailbox_size_limit = 51200000).
-This limit affects all file write access by the local delivery
-agent or by a process run by the local delivery agent. The purpose
-of this parameter is to act as a safety for run-away software. It
-cannot be a substitute for a file quota management system. Specify
-a limit of 0 to disable.
-
-[snapshot-20010128] REJECT in header/body_checks is now flagged as
-policy violation rather than bounce, for consistency in postmaster
-notifications.
-
-[snapshot-20010128] The default RBL (real-time blackhole lists)
-domain examples have been changed from *.vix.com to *.mail-abuse.org.
-
-[snapshot-20001210] Several interfaces of libutil and libglobal
-routines have changed. This may break third-party code written
-for Postfix. In particular, the safe_open() routine has changed,
-the way the preferred locking method is specified in the sys_defs.h
-file, as well as all routines that perform file locking. When
-compiling third-party code written for Postfix, the incompatibilities
-will be detected by the compiler provided that #include file
-dependencies are properly maintained.
-
-[snapshot-20001210] When delivering to /file/name (as directed in
-an alias or .forward file), the local delivery agent now logs a
-warning when it is unable to create a /file/name.lock file. Mail
-is still delivered as before.
-
-[snapshot-20001210] The "sun_mailtool_compatibility" feature is
-going away (a compatibility mode that turns off kernel locks on
-mailbox files). It still works, but a warning is logged. Instead
-of using "sun_mailtool_compatibility", specify the mailbox locking
-strategy as "mailbox_delivery_lock = dotlock".
-
-[snapshot-20001210] The Postfix SMTP client now skips SMTP server
-replies that do not start with "CODE SPACE" or with "CODE HYPHEN"
-and flags them as protocol errors. Older Postfix SMTP clients
-silently treated "CODE TEXT" as "CODE SPACE TEXT", i.e. as a valid
-SMTP reply.
-
-[snapshot-20001121] On RedHat Linux 7.0, you must install the
-db3-devel RPM before you can compile the Postfix source code.
-
-[snapshot-20000924] The postmaster address in the "sorry" text at
-the top of bounced mail is now just postmaster, not postmaster@machine.
-The idea is to refer users to their own postmaster.
-
-[snapshot-20000921] The notation of [host:port] in transport tables
-etc. is going away but it is still supported. The preferred form
-is now [host]:port. This change is necessary to support IPV6
-address forms which use ":" as part of a numeric IP address. In a
-future release, Postfix will log a warning when it encounters the
-[host:port] form.
-
-[snapshot-20000921] In mail headers, Errors-To:, Reply-To: and
-Return-Receipt: addresses are now rewritten as a sender address
-(was: recipient).
-
-[snapshot-20000921] Postfix no longer inserts Sender: message
-headers.
-
-[snapshot-20000921] The queue manager now logs the original number
-of recipients when opening a queue file (example: from=<>, size=3502,
-nrcpt=1).
-
-[snapshot-20000921] The local delivery agent no longer appends a
-blank line to mail that is delivered to external command.
-
-[snapshot-20000921] The pipe delivery agent no longer appends a
-blank line when the F flag is specified (in the master.cf file).
-Specify the B flag if you need that blank line.
-
-[snapshot-20000507] As required by RFC 822, Postfix now inserts a
-generic destination message header when no destination header is
-present. The text is specified via the undisclosed_recipients_header
-configuration parameter (default: "To: undisclosed-recipients:;").
-
-[snapshot-20000507] The Postfix sendmail command treats a line with
-only `.' as the end of input, for the sake of sendmail compatibility.
-To disable this feature, specify the sendmail-compatible `-i' or
-`-oi' flags on the sendmail command line.
-
-[snapshot-20000507] For the sake of Sendmail compatibility, the
-Postfix SMTP client skips over SMTP servers that greet with a 4XX
-or 5XX reply code, treating them as unreachable servers. To obtain
-prior behavior (4XX=retry, 5XX=bounce), specify "smtp_skip_4xx_greeting
-= no" and "smtp_skip_5xx_greeting = no".
-
-Major changes with release-20010228
-===================================
-
-Postfix produces DSN formatted bounced/delayed mail notifications.
-The human-readable text still exists, so that users will not have
-to be unnecessarily confused by all the ugliness of RFC 1894. Full
-DSN support will be later.
-
-This release introduces full content filtering through an external
-process. This involves an incompatible change in queue file format.
-Mail is delivered to content filtering software via an existing
-mail delivery agent, and is re-injected into Postfix via an existing
-mail submission agent. See examples in the FILTER_README file.
-Depending on how the filter is implemented, you can expect to lose
-a factor of 2 to 4 in delivery performance of SMTP transit mail,
-more if the content filtering software needs lots of CPU or memory.
-
-Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick
-and dirty emergency content filter that looks at non-header lines
-one line at a time (including MIME headers inside the message body).
-Details in conf/sample-filter.cf.
-
-The header_checks and body_checks features can be used to strip
-out unwanted data. Specify IGNORE on the right-hand side and the
-data will disappear from the mail.
-
-Support for SASL (RFC 2554) authentication in the SMTP server and
-in the SMTP and LMTP clients. See the SASL_README file for more
-details. This file still needs better examples.
-
-Postfix now ships with an LMTP delivery agent that can deliver over
-local/remote TCP sockets and over local UNIX-domain sockets. The
-LMTP_README file gives example, but still needs to be revised.
-
-Fast "ETRN" and "sendmail -qR". Postfix maintains per-destination
-logfiles with information about what mail is queued for selected
-destinations. See the file ETRN_README for details.
-
-The mailbox locking style is now fully configurable at runtime.
-The new configuration parameter is called "mailbox_delivery_lock".
-Depending on the operating system type, mailboxes can be locked
-with one or more of "flock", "fcntl" or "dotlock". The command
-"postconf -l" shows the available locking styles. The default
-mailbox locking style is system dependent. This change affects
-all mailbox and all "/file/name" deliveries by the Postfix local
-delivery agent.
-
-Minor changes with release-20010228
-===================================
-
-You can now specify multiple SMTP destinations in the relayhost
-and fallback_relay configuration parameters. The destinations are
-tried in the specified order. Specify host or host:port (perform
-MX record lookups), [host] or [host]:port (no MX record lookups),
-[address] or [address]:port (numerical IP address).
-
-The "mailbox_transport" and "fallback_transport" parameters now
-understand the form "transport:nexthop", with suitable defaults
-when either transport or nexthop are omitted, just like in the
-Postfix transport map. This allows you to specify for example,
-"mailbox_transport = lmtp:unix:/file/name".
-
-The local_transport and default_transport configuration parameters
-can now be specified in transport:destination notation, just like
-the mailbox_transport and fallback_transport parameters. The
-:destination part is optional. However, these parameters take only
-one destination, unlike relayhost and fallback-relay which take
-any number of destinations.
-
-More general virtual domain support. Postfix now supports both
-Sendmail-style virtual domains and Postfix-style virtual domains.
-Details and examples are given in the revised virtual manual page.
-
-- With Sendmail-style virtual domains, local users/aliases/mailing
- lists are visible as localname@virtual.domain. This is convenient
- if you want to host mailing lists under virtual domains.
-
-- With Postfix-style virtual domains, local users/aliases/mailing
- lists are not visible as localname@virtual.domain. Each virtual
- domain has its own separate name space.
-
-More general "soft bounce" feature. Specify "soft_bounce = yes"
-in main.cf to prevent the SMTP server from bouncing mail while you
-are testing configurations. Until this release the SMTP server was
-not aware of soft bounces.
-
-Workarounds for non-standard RFC 2554 (AUTH command) implementations.
-Specify "broken_sasl_auth_clients = yes" to enable SMTP server
-support for old Microsoft client applications. The Postfix SMTP
-client supports non-standard RFC 2554 servers by default.
-
-All time-related configuration parameters now accept a one-letter
-suffix to indicate the time unit (s: second, m: minute, h: hour,
-d: day, w: week). The exceptions are the LDAP and MYSQL modules
-which are maintained separately.
-
-New "import_environment" and "export_environment" configuration
-parameters provide explicit control over what environment variables
-Postfix will import, and what environment variables Postfix will
-pass on to a non-Postfix process.
-
-In order to improve performance of one-to-one deliveries, Postfix
-by default now looks at up to 10000 messages at a time (was: 1000).
-
-Specify "syslog_facility = log_local1" etc. to separate the logging
-from multiple Postfix instances. However, a non-default logging
-facility takes effect only after process initialization. Errors
-during command-line parsing are still logged with the default syslog
-facility, as are errors while processing the main.cf file.
-
-Postfix now strips out Content-Length: headers in incoming mail to
-avoid confusion in mail user agents.
-
-Specify "require_home_directory = yes" to prevent mail from being
-delivered to a user whose home directory is not mounted. This
-feature is implemented by the Postfix local delivery agent.
-
-The pipe mailer has a size limit (size=nnn) command-line argument.
-
-The pipe delivery agent has a configurable end-of-line attribute.
-Specify "pipe ... eol=\r\n" for delivery mechanisms that require
-CRLF record delimiters. The eol attribute understands the following
-C-style escape sequences: \a \b \f \n \r \t \v \nnn \\.
-
-In master.cf you can selectively override main.cf configuration
-parameters, for example: "smtpd -o myhostname=foo.com".
-
-In main.cf, specify "smtp_bind_address=x.x.x.x" to bind SMTP
-connections to a specific local interface. Or override the default
-setting in master.cf with "smtp -o smtp_bind_address=x.x.x.x".
-For now, you must specify a numeric IP address.
-
-Questionable feature: with "smtp_always_send_ehlo = yes", the SMTP
-client sends EHLO regardless of the content of the SMTP server's
-greeting.
-
-Specify "-d key" to postalias or postmap in order to remove one
-key. This still needs to be generalized to multi-key removal (e.g.,
-read keys from stdin).
-
-Comments in Postfix configuration files no longer contain troff
-formatting codes. The text is now generated from prototype files
-in a new "proto" subdirectory.
-
-Major changes with postfix-19991231:
+Postmap/postalias/newaliases changes
====================================
-- It is now much more difficult to configure Postfix as an open
-relay. The SMTP server requires that "smtpd_recipient_restrictions"
-contains at least one restriction that by default refuses mail (as
-is the default). There were too many accidents with changes to
-the UCE restrictions.
-
-- The relay_domains parameter no longer needs to contain $virtual_maps.
-
-- Overhauled FAQ (html/faq.html) with many more examples.
-
-- Updated UCE documentation (html/uce.html) with more examples.
-More UCE configuration examples in sample configuration files.
-
-- Several little improvements to the installation procedure:
-relative symlinks, configurable directory for scratch files so the
-installation can be done without write access to the build tree.
-
-- Updated LDAP client code (John Hensley).
-
-- Updated mysql client code (Scott Cotton).
-
-- The SMTP server now rejects mail for unknown users in virtual
-domains that are defined by Postfix virtual maps.
-
-- The SMTP server can reject mail for unknown local users. Specify
-"local_recipient_maps = $alias_maps, unix:passwd.byname" if your
-local mail is delivered by a UNIX-style local delivery agent. See
-example in conf/main.cf.
-
-- Use "disable_vrfy_command = yes" to disable the SMTP VRFY command.
-This prevents some forms of address harvesting.
-
-- The sendmail "-f" option now understands <user> and even understands
-forms with RFC 822-style comments.
-
-- New "qmgr_fudge_factor" parameter allows you to balance mailing
-list performance against response time for one-to-one mail. The
-fudge factor controls what percentage of delivery resources Postfix
-will devote to one message. With 100%, delivery of one message
-does not begin before delivery of the previous message is completed.
-This is good for list performance, bad for one-to-one mail. With
-10%, response time for one-to-one mail improves much, but list
-performance suffers: in the worst case, people near the start of a
-mailing list get a burst of postings today, while people near the
-end of the list get that same burst of postings a whole day later.
-
-- It is now relatively safe to configure 550 status codes for the
-main.cf unknown_address_reject_code or unknown_client_reject_code
-parameters. The SMTP server now always sends a 450 (try again)
-reply code when an UCE restriction fails due to a soft DNS error,
-regardless of what main.cf specifies.
-
-- The RBL checks now show the content of TXT records (Simon J Mudd).
-
-- The Postfix SMTP server now understands a wider range of illegal
-address forms in MAIL FROM and RCPT TO commands. In order to disable
-illegal forms, specify "strict_rfc821_envelopes = yes". This also
-disables support for MAIL FROM and RCPT TO addresses without <>.
-
-- Per-client/helo/sender/recipient UCE restrictions (fully-recursive
-UCE restriction parser). See the RESTRICTION_CLASS file for details.
-
-- Use "postmap -q key" or "postalias -q key" for testing Postfix
-lookup tables or alias files.
-
-- Use "postconf -e name=value..." to edit the main.cf file. This
-is easier and safer than editing the main.cf file by hand. The
-edits are done on a temporary copy that is renamed into place.
-
-- Use "postconf -m" to display all supported lookup table types
-(Scott Cotton).
+[Incompat 20020505] The postalias command now copies the source
+file read permissions to the result file when creating a table for
+the first time. Until now, the result file was created with default
+read permissions. This change makes postalias more similar to
+postmap.
+
+[Incompat 20020505] The postalias and postmap commands now drop
+super-user privileges when processing a non-root source file. The
+file is now processed as the source file owner, and the owner must
+therefore have permission to update the result file. Specify the
+"-o" flag to get the old behavior (process non-root files with root
+privileges).
+
+[Incompat 20020122] When the postmap command creates a non-existent
+result file, the new file inherits the group/other read permissions
+of the source file.
+
+Assorted changes
+================
+
+[Feature 20021028] The local(8) and virtual(8) delivery agents now record
+the original recipient address in the X-Original-To: message header.
+This header can also be emitted by the pipe(8) delivery agent.
+
+[Feature 20021024] New proxy_interfaces parameter, for sites behind a
+network address translation gateway or other type of proxy. You
+should specify all the proxy network addresses here, to avoid avoid
+mail delivery loops.
+
+[Feature 20021013] Updated MacOS X support by Gerben Wierda. See
+the auxiliary/MacOSX directory.
+
+[Incompat 20021013] Subtle change in ${name?result} macro expansions:
+the expansion no longer happens when $name is an empty string. This
+probably makes more sense than the old behavior.
+
+[Incompat 20020917] The relayhost setting now behaves as documented,
+i.e. you can no longer specify multiple destinations.
+
+[Incompatibility 20021219] The use of the XVERP extension in the
+SMTP MAIL FROM command is now restricted to SMTP clients that match
+the hostnames, domains or networks listed with the authorized_verp_clients
+parameter (default: $mynetworks).
+
+[Feature 20020819] When the Postfix local delivery agent detects
+a mail delivery loop (usually the result of mis-configured mail
+pickup software), the undeliverable mail is now sent to the mailing
+list owner instead of the envelope sender address (usually the
+original poster who has no guilt, and who cannot fix the problem).
+
+[Warning 20020819] The Postfix queue manager now warns when mail
+for some destination is piling up in the active queue, and suggests
+a variety of remedies to speed up delivery (increase per-destination
+concurrency limit, increase active queue size, use a separate
+delivery transport, increase per-transport process limit). The
+qmgr_clog_warn_time parameter controls the time between warnings.
+To disable these warnings, specify "qmgr_clog_warn_time = 0".
+
+[Warning 20020717] The Postfix SMTP client now logs a warning when
+the same domain is listed in main.cf:mydestination as well as a
+Postfix-style virtual map. Such a mis-configuration may cause mail
+for users to be rejected with "user unknown".
+
+[Feature 20020331] A new smtp_helo_name parameter that specifies
+the hostname to be used in HELO or EHLO commands; this can be more
+convenient than changing the myhostname parameter setting.
+
+[Feature 20020331] Choice between multiple instances of internal
+services: bounce, cleanup, defer, error, flush, pickup, queue,
+rewrite, showq. This allows you to use different cleanup server
+settings for different SMTP server instances. For example, specify
+in the master.cf file:
-- New "permit_auth_destination" UCE restriction for finer-grained
-access control (Jesper Skriver).
-
-Incompatible changes with postfix-19990906
-==========================================
-
-- On systems that use user.lock files to protect system mailboxes
-against simultaneous updates, Postfix now uses /file/name.lock
-files while delivering to files specified in aliases/forward/include
-files. This is a no-op when the recipient lacks directory write
-permission.
-
-- The LDAP client code no longer looks up a name containing "*"
-because it could be abused. See the LDAP_README file for how to
-restore previous behavior.
-
-- The Postfix to PCRE interface now expects PCRE version 2.08.
-Postfix is no longer compatible with PCRE versions prior to 2.06.
+ localhost:10025 ... smtpd -o cleanup_service_name=cleanup2 ...
+ cleanup2 ... cleanup -o header_checks= body_checks= ...
-Major changes with postfix-19990906
-===================================
+Logfile format changes
+======================
-Several bugfixes, none related to security. See the HISTORY file
-for a complete list of changes.
+[Incompat 20021209] The Postfix SMTP client no longer expands CNAMEs
+in MAIL FROM addresses (as permitted by RFC 2821) before logging
+the recipient address.
-- Postfix is now distributed under IBM Public License Version 1.0
-which does not carry the controversial termination clause. The new
-license does have a requirement that contributors make source code
+[Incompat 20021028] The Postfix SMTP server UCE reject etc. logging
+now includes the queue ID, the mail protocol (SMTP or ESMTP), and
+the hostname that was received with the HELO or EHLO command, if
available.
-- INSTALL.sh install/upgrade procedure that replaces existing
-programs and shell scripts instead of overwriting them, and that
-leaves existing queue files and configuration files alone.
-
-- The ugly Delivered-To: header can now be turned off selectively.
-The default setting is: "prepend_delivered_header = command, file,
-forward". Turning off the Delivered-To: header when forwarding
-mail is not recommended.
-
-- mysql client support by Scott Cotton and Joshua Marcus, Internet
-Consultants Group, Inc. See the file MYSQL_README for instructions.
-
-- reject_unauth_destination SMTP recipient restriction that rejects
-destinations not in $relay_domains. Unlike the check_relay_domains
-restriction, reject_unauth_destination ignores the client hostname.
-By Lamont Jones of Hewlett-Packard.
-
-- reject_unauth_pipelining SMTP *anything* restriction to stop mail
-from spammers that improperly use SMTP command pipelining to speed
-up their deliveries.
-
-- Postfix "sendmail" now issues a warning and drops privileges if
-installed set-uid root.
-
-- No more duplicate delivery when "postfix reload" is immediately
-followed by "sendmail -q".
-
-- No more "invalid argument" errors when a Postfix daemon opens a
-DB/DBM file while some other process is changing the file.
-
-- Portability to the Mac OS X Server, Reliant Unix, AIX 3.2.5 and
-Ultrix 4.3.
-
-Incompatible changes with postfix-19990601:
-===========================================
-
-- The SMTP server now delays all UCE restrictions until the RCPT
-TO, VRFY or ETRN command. This makes the restrictions more useful,
-because many SMTP clients do not expect negative responses earlier
-in the protocol. In order to restore the old behavior, specify
-"smtpd_delay_reject = no" in /etc/postfix/main.cf.
-
-- The Postfix local delivery agent no longer automatically propagates
-address extensions to aliases/include/forward addresses. Specify
-"propagate_unmatched_extensions = canonical, virtual, alias, forward,
-include" to restore the old behavior.
-
-- The Postfix local delivery agent no longer does $name expansion
-on words found in the mailbox_command configuration parameter. This
-makes it easier to specify shell syntax. See conf/main.cf.
-
-- The luser_relay syntax has changed. You can specify one address;
-it is subjected to $user, etc. expansions. See conf/main.cf.
-
-- File system reorganization: daemon executables are now in the
-libexec subdirectory, command executables in the bin subdirectory.
-The INSTALL instructions now recommend installing daemons and
-commands into separate directories.
-
-Major changes with postfix-19990601:
-=====================================
-
-- New USER, EXTENSION, LOCAL, DOMAIN and RECIPIENT environment
-variables for delivery to command (including mailbox_command) by
-the local delivery agent. As you might expect, the information is
-censored. The list of acceptable characters is specified with the
-command_expansion_filter configuration parameter. Unacceptable
-characters are replaced by underscores. See html/local.8.html.
-
-- Specify "forward_path = /var/forward/$user" to avoid looking up
-.forward files in user home directories. The default value is
-$home/.forward$recipient_delimiter$extension, $home/.forward.
-Initial code by Philip A. Prindeville, Mirapoint, Inc., USA.
-
-- Conditional $name expansion in forward_path and luser_relay.
-Available names are: $user (bare user name) $shell (user login
-shell), $home (user home directory), $local (everything to the left
-of @), $extension (optional address extension), $domain (everything
-to the right of @), $recipient (the complete address) and
-$recipient_delimiter. A simple $name expands as usual. ${name?value}
-expands to value when $name is defined. ${name:value} expands to
-value when $name is not defined. With ${name?value} and ${name:value},
-the value is subject to another iteration of $name expansion.
-
-- POSIX regular expression support, enabled by default on 4.4BSD,
-LINUX, HP-UX, and Solaris 2.5 and later. See conf/sample-regexp.cf.
-Initial code by Lamont Jones, Hewlett-Packard, borrowing heavily
-from the PCRE implementation by Andrew McNamara, connect.com.au
-Pty. Ltd., Australia.
-
-- Regular expression checks for message headers. This requires
-support for POSIX or for PCRE regular expressions. Specify
-"header_checks = regexp:/file/name" or "header_checks = pcre:/file/name",
-and specify "/^header-name: badstuff/ REJECT" in the pattern file
-(patterns are case-insensitive by default). Code by Lamont Jones,
-Hewlett-Packard. It is to be expected that full content filtering
-will be delegated to an external command.
-
-- Regular expression support for all lookup tables, including access
-control (full mail addresses only), address rewriting (canonical/virtual,
-full mail addresses only) and transport tables (full domain names
-only). However, regular expressions are not allowed for aliases,
-because that would open up security exposures.
-
-- Automatic detection of changes to DB or DBM lookup tables. This
-eliminates the need to run "postfix reload" after each change to
-the SMTP access table, or to the canonical, virtual, transport or
-aliases tables.
-
-- New error mailer. Specify ".domain.name error:domain is undeliverable"
-in the transport table to bounce mail for entire domains.
-
-- No more Postfix lockups on Solaris (knock on wood). The code no
-longer uses Solaris UNIX-domain sockets, because they are still
-broken, even with Solaris 7.
-
-- Workaround for the Solaris mailtool, which keeps an exclusive
-kernel lock on the mailbox while its window is not iconified (specify
-"sun_mailtool_compatibility = yes" in main.cf).
-
-- Questionable workaround for Solaris, which reportedly loses
-long-lived exclusive locks that are held by the master daemon.
-
-- New reject_unknown_{sender,recipient}_domain restrictions for
-sender and recipient mail addresses that distinguish between soft
-errors (always 450) and hard errors (unknown_address_reject_code,
-default 450).
-
-- MIME-encapsulated bounce messages, making it easier to recover
-bounced mail. Initial implementation by Philip A. Prindeville,
-Mirapoint, Inc., USA. Support for RFC 1892 (multipart/report) and
-RFC 1894 (DSN) will have to wait until Postfix internals have been
-revised to support RFC 1893.
-
-- Separately configurable "postmaster" addresses for single bounces
-(bounce_notice_recipient), double bounces (2bounce_notice_recipient),
-delayed mail (delay_notice_recipient), and for mailer error reports
-(error_notice_recipient). See conf/main.cf.
-
-- Questionable feature: specify "best_mx_transport = local" if
-this machine is the best MX host for domains not in mydestinations.
-
-Incompatible changes with postfix-19990317:
-===========================================
-
-- You MUST install the new version of /etc/postfix/postfix-script.
-
-- The pipe mailer "flags" syntax has changed. You now explicitly
-MUST specify the R flag in order to generate a Return-Path: message
-header (as needed by, for example, cyrus).
-
-Major changes with postfix-19990317:
-====================================
-
-A detailed record of changes is given in the HISTORY file.
-
-- Less postmaster mail. Undeliverable bounce messages (double
-bounces) are now discarded. Specify "notify_classes = 2bounce..."
-to get copies of double bounces. Specify "notify_classes = bounce..."
-to get copies of normal and double bounces.
-
-- Improved LDAP client code by John Hensley of Merit Network, USA.
-See LDAP_README for details.
-
-- Perl-compatible regular expression support for lookup maps by
-Andrew McNamara, connect.com.au Pty. Ltd., Australia.. Example:
-"check_recipient_access pcre:/etc/postfix/sample-pcre.cf". Regular
-expressions provide a powerful tool not only for SMTP access control
-but also for address rewriting. See PCRE_README for details.
-
-- Automatic notification of delayed mail (disabled by default).
-With "delay_warning_time = 4", Postfix informs senders when mail
-has not been delivered after 4 hours. Initial version of the code
-by Daniel Eisenbud, University of California at Berkeley. In order
-to get postmaster copies of such warnings, specify "notify_classes
-= delay...".
+[Incompat 20021028] The Postfix header/body_checks logging now
+includes the mail protocol (SMTP, ESMTP, QMQP) and the hostname
+that was received with the SMTP HELO or EHLO command, if available.
-- More configurable local delivery: "mail_spool_directory" to
-specify the UNIX mail spool directory; "mailbox_transport" to
-delegate all mailbox delivery to, for example, cyrus, and
-"fallback_transport" to delegate delivery of only non-UNIX users.
-And all this without losing local aliases and local .forward
-processing. See config/main.cf and config/master.cf.
+[Incompat 20021028] The Postfix status=sent/bounced/deferred logging
+now shows the original recipient address (as received before any
+address rewriting or aliasing). The original recipient address is
+logged only when it differs from the final recipient address.
-- Several changes to improve Postfix behavior under worst-case
-conditions (frequent Postfix restarts/reloads combined with lots
-if inbound mail, intermittent connectivity problems, SMTP servers
-that become comatose after receiving QUIT).
+[Incompat 20020923] The default RBL "reject" server reply now
+includes an indication of *what* is being rejected: Client host,
+Helo command, Sender address, or Recipient address. This also
+changes the logfile format.
-- More NFS-friendly mailbox delivery. The local delivery agent
-now avoids using root privileges where possible.
+LDAP related changes
+====================
-- For sites that do not receive mail at all, mydestination can now
-be an empty string. Be sure to set up a transport table entry to
-prevent mail from looping.
+[Incompat 20020819] LDAP API version 1 is no longer supported. The
+memory allocation and deallocation strategy has changed too much
+to maintain both version 1 and 2 at the same time.
-- New "postsuper" utility to clean up stale files from Postfix
-queues.
+[Feature 20020513] Updated LDAP client module with better handling
+of dead LDAP servers, and with configurable filtering of query
+results.
-- Workaround for BSD select() collisions that cause performance
-problems on large BSD systems.
+SASL related changes
+====================
-- Several questionable but useful features to capture mail:
-"always_bcc = address" to capture a copy of every message that
-enters the system, and "luser_relay = address" to capture mail for
-unknown recipients (does not work when mailbox_transport or
-fallback_transport are being used).
+[Incompat 20020819] The smtpd_sasl_local_domain setting now defaults
+to the null string, rather than $myhostname. This seems to work
+better with Cyrus SASL version 2. This change may cause incompatibility
+with the saslpasswd2 command.
-- Junk mail controls: new reject_non_fqdn_{hostname,sender,recipient}
-restrictions to reject non-FQDN arguments in HELO, MAIL FROM and
-RCPT TO commands, and stricter checking of numeric HELO arguments.
+[Feature 20020331] Support for the Cyrus SASL version 2 library,
+contributed by Jason Hoos. This adds some new functionality that
+was not available in Cyrus SASL version 1, and provides bit-rot
+insurance for the time when Cyrus SASL version 1 eventually stops
+working.
-- "fallback_relay" feature for sites that use DNS but that can't
-talk to the entire world. The fall-back relay gets the mail when
-a destination is not found in the DNS or when the destination is
-found but not reachable.
+Berkeley DB related changes
+===========================
-- Several questionable controls that can help to keep mail going:
-specify "smtp_skip_4xx_greeting = yes" to skip SMTP servers that
-greet with 4XX, "ignore_mx_lookup_error = yes" to look up an A
-record when a DNS server does not respond to an MX query.
-
-Incompatible changes with postfix-beta-19990122-pl01:
-=====================================================
-
-None.
-
-Major changes with postfix-beta-19990122-pl01:
-==============================================
-
-- Restrict who may use ETRN and what domains may be specified.
-Example: "smtpd_etrn_restrictions = permit_mynetworks, reject".
-
-- BIFF notifications. For compatibility reasons this feature is
-on by default. Specify "biff = no" in main.cf if your machine has
-lots of shell users.
-
-- With "soft_bounce = yes", defer delivery instead of bouncing
-mail. This is a safety net for configuration errors with delivery
-agents. It has no effect on errors in virtual maps, canonical maps,
-or in junk mail restrictions.
-
-- Specify "owner_request_special = no" to turn off special treatment
-of owner-foo and foo-request addresses.
-
-Incompatible changes with postfix-beta-19990122:
-================================================
-
-- The syntax of the transport table has changed. An entry like:
-
- customer.org smtp:[gateway.customer.org]
-
- no longer forwards mail for anything.customer.org. For that you
- need to specify:
-
- customer.org smtp:[gateway.customer.org]
- .customer.org smtp:[gateway.customer.org]
-
- This change makes transport tables more compatible with
- sendmail mailer tables.
-
-- The format of syslog records has changed. A client is now always
-logged as hostname[address]; the pickup daemon logs queue file uid
-and sender address.
-
-Major changes with postfix-beta-19990122:
-=========================================
-
-- Junk mail restrictions can now be postponed to the RCPT TO command.
-Specify: "smtpd_recipient_restrictions = reject_maps_rbl...".
-
-- More flexible interface for delivery to e.g., cyrus IMAP without
-need for PERL scripts to munge recipient addresses. In addition to
-$sender, $nexthop and $recipient, the pipe mailer now also supports
-$user, $extension and $mailbox.
-
-- New mail now has precedence over deferred mail, plus some other
-tweaks to make bulk mail go faster. But it ain't no cure for massive
-network outages.
-
-- Watchdog timer for systems that cause the Postfix queue manager
-to lock up, so it recovers without human intervention.
-
-- Delivery to qmail-style maildir files, which is good for NFS
-environments. Specify "home_mailbox = Maildir/", or specify
-/file/name/ in aliases or in .forward files. The trailing / is
-required to turn on maildir delivery.
-
-- Incremental updates of aliases and maps. Specify "postmap -i
-mapname" and it will read new entries from stdin.
-
-- Newaliases will now update more than one alias database.
-Specify the names with the main.cf "alias_database" parameter.
-
-- Address masquerading exceptions to prevent users from being
-masqueraded. Specify "masquerade_exceptions = root".
-
-- A pipelined SMTP client. Deliveries to Postfix, qmail, LSOFT,
-zmailer, and exim (once it's fixed) speed up by some 30% for short
-messages with one recipient, with more for multi-recipient mails.
+[Feature 20020505] Finer control over Berkeley DB memory usage,
+The parameter "berkeley_db_create_buffer_size" (default: 16 MBytes)
+specifies the buffer size for the postmap and postalias commands.
+The parameter "berkeley_db_read_buffer_size" (default: 256 kBytes)
+speficies the buffer size for all other applications. Specify
+"berkeley_db_read_buffer_size = 1048576" to get the old read buffer
+size. For more information, see the last paragraphs of the DB_README
+file.
-- Hook for local delivery to "|command" via the smrsh restricted
-shell, to restrict what commands may be used in .forward etc. files.
-Specify "local_command_shell = /some/where/smrsh -c".
+[Incompat 20020201] In Postfix SMTPD access tables, Postfix now
+uses <> as the default lookup key for the null address, in order
+to work around bugs in some Berkeley DB implementations. This
+behavior is controlled with the smtpd_null_access_lookup_key
+configuration parameter.
+
+[Incompat 20020201] Postfix now detects if the run-time Berkeley
+DB library routines do not match the major version number of the
+compile-time include file that was used for compiling Postfix. The
+software issues a warning and aborts in case of a discrepancy. If
+it didn't, the software was certain to crash with a segmentation
+violation.
+
+Assorted workarounds
+====================
+
+[Incompat 20020201] On SCO 3.2 UNIX, the input rate flow control
+is now turned off by default, because of limitations in the SCO
+UNIX kernel.
--- /dev/null
+In the text below, incompatible changes are labeled with the Postfix
+snapshot that introduced the change. If you upgrade from a later
+Postfix version, then you do not have to worry about that particular
+incompatibility.
+
+Official Postfix releases are called a.b.c where a=major release
+number, b=minor release number, c=patchlevel. Snapshot releases
+are now called a.b.c-yyyymmdd where yyyymmdd is the release date
+(yyyy=year, mm=month, dd=day). The mail_release_date configuration
+parameter contains the release date (both for official release and
+snapshot release). Patches change the patchlevel and the release
+date. Snapshots change only the release date, unless they include
+the same bugfixes as a patch release.
+
+Incompatible changes with Postfix version 1.1.0 (released 20020117)
+===================================================================
+
+Changes are listed in order of decreasing importance, not release
+date.
+
+[snapshot-20010709] This release introduces a new queue file record
+type that is used only for messages that actually use VERP (variable
+envelope return path) support. With this sole exception, the queue
+file format is entirely backwards compatible with the previous
+official Postfix release (20010228, a.k.a. Postfix 1.0.0).
+
+[snapshot-20020106] This release modifies the existing master.cf
+file. The local pickup service is now unprivileged, and the cleanup
+and flush service are now "public". Should you have to back out to
+a previous release, then you must 1) edit the master.cf file, make
+the pickup service "privileged", and make the cleanup and flush
+services "private"; 2) "chmod 755 /var/spool/postfix/public". To
+revert to a world-writable mail submission directory, "chmod 1733
+/var/spool/postfix/maildrop".
+
+[snapshot-20020106, snapshot-20010808, snapshot-20011103,
+snapshot-20011121] You must stop and restart Postfix because of
+incompatible changes in the local Postfix security model and in
+the Postfix internal protocols. Old and new components will not
+work together.
+
+[snapshot-20020106] Simpler local Postfix security model.
+
+- No world-writable maildrop directory. Postfix now always uses
+ the set-gid postdrop command for local mail submissions. The
+ local mail pickup daemon is now an unprivileged process.
+
+- No world-accessible pickup and queue manager server FIFOs.
+
+- New set-gid postqueue command for the queue list/flush operations
+ that used to implemented by the Postfix sendmail command.
+
+[snapshot-20020106..15] Simpler Postfix installation and upgrading.
+
+- All installation settings are now kept in the main.cf file, and
+ better default settings are now generated for system dependent
+ pathnames such as sendmail_path etc. The install.cf file is no
+ longer used, except when upgrading from an older Postfix version.
+
+- Non-default installation parameter settings can (but do not have
+ to) be specified on the "make install" or "make upgrade" command
+ line as name=value arguments.
+
+- New postfix-files database (in /etc/postfix) with (pathname,
+ owner, permission) information about all Postfix-related files.
+
+- New postfix-install script replaces the awkward INSTALL.sh script.
+ This is driven by the postfix-files database. It has better
+ support for building packages for distribution to other systems.
+ See PACKAGE_README for details.
+
+- New post-install script (in /etc/postfix) for post-installation
+ maintenance of directory/file permissions and ownership (this is
+ used by "postfix check"). Example:
+
+ # postfix stop
+ # post-install set-permissions mail_owner=username setgid_group=groupname
+ # postfix start
+
+[snapshot-20020106] Postfix will not run if it detects that the
+postfix user or group ID are shared with other accounts on the
+system. The checks aren't exhaustive (that would be too resource
+consuming) but should be sufficient to encourage packagers and
+developers to do the right thing. To fix the problem, use the above
+post-install command, after you have created the appropriate new
+mail_owner or setgid_group user or group IDs.
+
+[snapshot-20020106] If you run multiple Postfix instances on the
+same machine you now have to specify their configuration directories
+in the default main.cf file as "alternate_config_directories =
+/dir1 /dir2 ...". Otherwise, some Postfix commands will no longer
+work: the set-group ID postdrop command for mail submission and
+the set-group ID postqueue command for queue listing/flushing.
+
+[snapshot-20010808] The default setting for the maps_rbl_domains
+parameter is now "empty", because mail-abuse.org has become a
+subscription-based service. The names of the RBL parameters haven't
+changed.
+
+[snapshot-20020106] Postfix SMTP access maps will no longer return
+OK for non-local multi-domain recipient mail addresses (user@dom1@dom2,
+user%dom1@dom2, etcetera); the lookup now returns DUNNO (undetermined).
+Non-local multi-domain recipient addresses were already prohibited
+from matching the permit_mx_backup and the relay_domains-based
+restrictions.
+
+[snapshot-20011210] Stricter checking of Postfix chroot configurations.
+The Postfix startup procedure now warns if "system" directories
+(etc, bin, lib, usr) under the Postfix top-level queue directory
+are not owned by the super-user (usually the result of well-intended,
+but misguided, applications of "chown -R postfix /var/spool/postfix).
+
+[snapshot-20011008] The Postfix SMTP server now rejects requests
+with a generic "try again later" status (451 Server configuration
+error) when it detects an error in smtp_{client, helo, sender,
+recipient, etrn}_restrictions settings. More details about the
+problem are logged to the syslogd; sending such information to
+random clients would be inappropriate.
+
+[snapshot-20011008] Postfix no longer flushes the entire mail queue
+after receiving an ETRN request for a random domain name. Requests
+for domains that do not match $fast_flush_domains are now rejected
+instead.
+
+[snapshot-20011226] Postfix configuration file comments no longer
+continue on the next line when that next line starts with whitespace.
+This change avoids surprises, but it may cause unexpected behavior
+with existing, improperly formatted, configuration files. Caveat
+user. Comment lines are allowed to begin with whitespace. Multi-line
+input is no longer terminated by a comment line, by an all whitespace
+line, or by an empty line.
+
+[snapshot-20010714] Postfix delivery agents now refuse to create
+a missing maildir or mail spool subdirectory when its parent
+directory is world writable. This is necessary to prevent security
+problems with maildirs or with hashed mailboxes under a world
+writable mail spool directory.
+
+[snapshot-20010525] As per RFC 2821, the Postfix SMTP client now
+always sends EHLO at the beginning of an SMTP session. Specify
+"smtp_always_send_ehlo = no" for the old behavior, which is to send
+EHLO only when the server greeting banner contains the word ESMTP.
+
+[snapshot-20010525] As per RFC 2821, an EHLO command in the middle
+of an SMTP session resets the Postfix SMTP server state just like
+RSET. This behavior cannot be disabled.
+
+[snapshot-20010709] The SMTP client now by default breaks lines >
+2048 characters, to avoid mail delivery problems with fragile SMTP
+server software. To get the old behavior back, specify "smtp_break_lines
+= no" in the Postfix main.cf file.
+
+[snapshot-20010709] With recipient_delimiter=+ (or any character
+other than -) Postfix will now recognize address extensions even
+with owner-foo+extension addresses. This change was necessary to
+make VERP useful for mailing list bounce processing.
+
+[snapshot-20010610] The Postfix pipe delivery agent no longer
+automatically case-folds the expansion of $user, $extension or
+$mailbox command-line macros. Specify the 'u' flag to get the old
+behavior.
+
+[snapshot-20011210] The Postfix sendmail command no longer exits
+with status 1 when mail submission fails, but instead returns a
+sendmail-compatible status code as defined in /usr/include/sysexits.h.
+
+Major changes with Postfix version 1.1.0 (Released 20020117)
+============================================================
+
+Changes are listed in order of decreasing importance, not release
+date.
+
+The nqmgr queue manager is now bundled with Postfix. It implements
+a smarter scheduling strategy that allows ordinary mail to slip
+past mailing list mail, resulting in better response. This queue
+manager is expected to become the default queue manager shortly.
+
+[snapshot-20010709, snapshot-20010808] VERP (variable envelope
+return path) support. This is enabled by default, including in
+the SMTP server. See the VERP_README file for instructions. Specify
+"disable_verp_bounces = yes" to have Postfix send one RFC-standard,
+non-VERP, bounce report for multi-recipient mail, even when VERP
+style delivery was requested. This reduces the explosive behavior
+of bounces when sending mail to a list.
+
+[snapshot-20010709] QMQP server support, so that Postfix can be
+used as a backend mailer for the ezmlm-idx mailing list manager.
+You still need qmail to drive ezmlm and to process mailing list
+bounces. The QMQP service is disabled by default. To enable, follow
+the instructions in the QMQP_README file.
+
+[snapshot-20010709] You can now reject unknown virtual(8) recipients
+at the SMTP port by specifying a "domain.name whatever" entry in
+the tables specified with virtual_mailbox_maps, similar to Postfix
+virtual(5) domains. [virtual(8) is the Postfix virtual delivery
+agent, virtual(5) is the Postfix virtual map. The two implement
+virtual domains in a very different manner.]
+
+[snapshot-20011121] Configurable host/domain name wildcard matching
+behavior: choice between "pattern `domain.name' matches string
+`host.domain.name'" (this is to be deprecated in the future) and
+"pattern `.domain.name' matches string `host.domain.name'" (this
+is to be preferred in the future). The configuration parameter
+"parent_domain_matches_subdomains" specifies which Postfix features
+use the behavior that will become deprecated.
+
+[snapshot-20010808] Variable coupling between message receiving
+rates and message delivery rates. When the message receiving rate
+exceeds the message delivery rate, an SMTP server will pause for
+$in_flow_delay seconds before accepting a message. This delay
+gives Postfix a chance catch up and access the disk, while still
+allowing new mail to arrive. This feature currently has effect
+only when mail arrives via a small number of SMTP clients.
+
+[snapshot-20010610, snapshot-20011121, snapshot-20011210] Workarounds
+for a bug in old versions of the CISCO PIX firewall software that
+caused mail to be resent repeatedly. The workaround has no effect
+for other mail deliveries. The workaround is turned off when mail
+is queued for less than $smtp_pix_workaround_threshold_time seconds
+(default: 500 seconds) so that the workaround is normally enabled
+only for deferred mail. The delay before sending .<CR><LF> is now
+controlled by the $smtp_pix_workaround_delay_time setting (default:
+10 seconds).
+
+[snapshot-20011226] Postfix will now do null address lookups in
+SMTPD access maps. If your access maps cannot store or look up
+null string key values, specify "smtpd_null_access_lookup_key =
+<>" and the null sender address will be looked up as <> instead.
+
+[snapshot-20011210] More usable virtual delivery agent, thanks to
+a new "static" map type by Jeff Miller that always returns its map
+name as the lookup result. This eliminates the need for per-recipient
+user ID and group ID tables. See the VIRTUAL_README file for more
+details.
+
+[snapshot-20011125] Anti-sender spoofing. New main.cf parameter
+smtpd_sender_login_maps that specifies the (SASL) login name that
+owns a MAIL FROM sender address. Specify a regexp table in order
+to require a simple one-to-one mapping. New SMTPD restriction
+reject_sender_login_mismatch that refuses a MAIL FROM address when
+$smtpd_sender_login_maps specifies an owner but the client is not
+(SASL) logged in as the MAIL FROM address owner, or when a client
+is (SASL) logged in but does not own the address according to
+$smtpd_sender_login_maps.
+
+[snapshot-20011121] The mailbox_command_maps parameter allows you
+to configure the external delivery command per user (local delivery
+agent only). This feature has precedence over the mailbox_command
+and home_mailbox settings.
+
+[snapshot-20011121] New "warn_if_reject" smtpd UCE restriction that
+only warns if the restriction that follows would reject mail. Look
+for file records that contain the string "reject_warning".
+
+[snapshot-20011127] New header/body_check result "WARN" to make
+Postfix log a warning about a header/body line without rejecting
+the content.
+
+[snapshot-20011103] In header/body_check files, REJECT can now be
+followed by text that is sent to the originator. That feature was
+stuck waiting for years, pending the internal protocol revision.
+
+[snapshot-20011008] The permit_mx_backup feature allows you to
+specify network address blocks via the permit_mx_backup_networks
+parameter. This requires that the primary MX hosts for the given
+destination match the specified network blocks. When no value is
+given for permit_mx_backup_networks, Postfix will accept mail
+whenever the local MTA is listed in the DNS as an MX relay host
+for a destination, even when you never gave permission to do so.
+
+[snapshot-20010709] Specify "mail_spool_directory = /var/mail/"
+(note the trailing "/" character) to enable maildir format for
+/var/mail/username.
+
+[snapshot-20010808] Finer control over address masquerading. The
+masquerade_classes parameter now controls header and envelope sender
+and recipient addresses. With earlier Postfix versions, address
+masquerading rewrote all addresses except for the envelope recipient.
+
+[snapshot-20010610] The pipe mail delivery agent now supports proper
+quoting of white space and other special characters in the expansions
+of the $sender and $recipient command-line macros. This was necessary
+for correct operation of the "simple" content filter, and is also
+recommended for delivery via UUCP or BSMTP.
+
+[snapshot-20010610] The pipe mail delivery agent now supports case
+folding the localpart and/or domain part of expansions of the
+$nexthop, $recipient, $user, $extension or $mailbox command-line
+macros. This is recommended for mail delivery via UUCP. Bug: $nexthop
+is always case folded because of problems in the queue manager
+code.
+
+[snapshot-20010525] This release contains many little revisions of
+little details in the light of the new RFC 2821 and RFC 2822
+standards. Changes that may affect interoperability are listed
+above under "incompatible changes". Other little details are
+discussed in comments in the source code.
+
+[snapshot-20010502] The Postfix SMTP client now by default randomly
+shuffles destination IP addresses of equal preference (whether
+obtained via MX lookup or otherwise). Reportedly, this is needed
+for sites that use Bernstein's dnscache program. Specify
+"smtp_randomize_addresses = no" to disable this behavior. Based on
+shuffling code by Aleph1.
+
+[snapshot-20011127] New parameter smtpd_noop_commands to specify
+a list of commands that the Postfix SMTP server treats as NOOP
+commands (no syntax check, no state change). This is a workaround
+for misbehaving clients that send unsupported commands such as
+ONEX.
+
+[snapshot-20010502] "postmap -q -" and "postmap -d -" read key
+values from standard input, which makes it easier to drive them
+from another program. The same feature was added to the postalias
+command.
+
+[snapshot-20010502] The postsuper command now has a command-line
+option to delete queue files. In principle this command can be
+used while Postfix is running, but there is a possibility of deleting
+the wrong queue file when Postfix deletes a queue file and reuses
+the queue ID for a new message. In that case, postsuper will delete
+the new message.
+
+[snapshot-20010525] The postsuper queue maintenance tool now renames
+files whose name (queue ID) does not match the message file inode
+number. This is necessary after a Postfix mail queue is restored
+from another machine or from backups. The feature is selected with
+the -s option, which is the default, and runs whenever Postfix is
+started.
+
+[snapshot-20010525] The postsuper queue maintenance tool has a new
+-r (requeue) option for subjecting some or all queue files to
+another iteration of address rewriting. This is useful after the
+virtual or canonical maps have changed.
+
+[snapshot-20010525] The postsuper queue maintenance tool was extended
+with options to read queue IDs from standard input. This makes the
+tool easier to drive from scripts.
+
+[snapshot-20010329] Better support for running multiple Postfix
+instances on one machine. Each instance can be recognized by its
+logging (defaults: "syslog_name = postfix", "syslog_facility =
+mail").
+
+Major incompatible changes with release-20010228 Patch 01 (a.k.a. Postfix 1.0.1)
+================================================================================
+
+This release changes the names of the "fast ETRN" logfiles with
+delayed mail per destination. These files are maintained by the
+Postfix "fast flush" daemon. The old scheme failed with addresses
+of the form user@[ip.address] and user@a.domain.name. In order to
+populate the new "fast ETRN" logfiles, execute the command "sendmail
+-q". The old "fast ETRN" logfiles go away by themselves (default:
+after 7 days).
+
+Major incompatible changes with release-20010228 (a.k.a. Postfix 1.0.0)
+=======================================================================
+
+[snapshot-20010225] POSTFIX NO LONGER RELAYS MAIL FOR CLIENTS IN
+THE ENTIRE CLASS A/B/C NETWORK. To get the old behavior, specify
+"mynetworks_style = class" in the main.cf file. The default
+(mynetworks_style = subnet) is to relay for clients in the local
+IP subnet. See conf/main.cf.
+
+[snapshot-20001005, snapshot-20010225] You must execute "postfix
+stop" before installing this release. Some recommended parameter
+settings have changed, and a new entry must be added to the master.cf
+file before you can start Postfix again.
+
+1 - The recommended Postfix configuration no longer uses flat
+ directories for the "incoming" "active", "bounce", and "defer"
+ queue directories. The "flush" directory for the new "flush"
+ service directory should not be flat either.
+
+ Upon start-up, Postfix checks if the hash_queue_names configuration
+ parameter is properly set up, and will add any queue directory
+ names that are missing.
+
+2 - In order to improve performance of one-to-one mail deliveries
+ the queue manager will now look at up to 10000 queue files
+ (was: 1000). The default qmgr_message_active_limit setting
+ was changed accordingly.
+
+ If you have a non-default qmgr_message_active_limit in main.cf,
+ you may want adjust it.
+
+3 - The new "flush" service needs to be configured in master.cf.
+
+ Upon start-up, Postfix checks if the new "flush" service is
+ configured in the master.cf file, and will add an entry if it
+ is missing.
+
+Should you wish to back out to a previous Postfix release there is
+no need to undo the above queue configuration changes.
+
+[snapshot-20000921] The protocol between queue manager and delivery
+agents has changed. This means that you cannot mix the Postfix
+queue manager or delivery agents with those of Postfix versions
+prior to 20000921. This change does not affect Postfix queue file
+formats.
+
+[snapshot-20000529] This release introduces an incompatible queue
+file format change ONLY when content filtering is enabled (see text
+in FILTER_README). Old Postfix queue files will work fine, but
+queue files with the new content filtering info will not work with
+Postfix versions before 20000529. Postfix logs a warning and moves
+incompatible queue files to the "corrupt" mail queue subdirectory.
+
+Minor incompatible changes with release-20010228
+================================================
+
+[snapshot-20010225] The incoming and deferred queue directories
+are now hashed by default. This improves the performance considerably
+under heavy load, at the cost of a small but noticeable slowdown
+when one runs "mailq" on an unloaded system.
+
+[snapshot-20010222] Postfix no longer automatically delivers
+recipients one at a time when their domain is listed in $mydestination.
+This change solves delivery performance problems with delivery via
+LMTP, with virus scanning, and with firewall relays that forward
+all mail for $mydestination to an inside host.
+
+The "one recipient at a time" delivery behavior is now controlled
+by the per-transport recipient limit (xxx_destination_recipient_limit,
+where xxx is the name of the delivery mechanism). This parameter
+controls the number of recipients that can be sent in one delivery
+(surprise).
+
+The setting of the per-transport recipient limit also controls the
+meaning of the per-transport destination concurrency limit (named
+xxx_destination_concurrency_limit, where xxx is again the name of
+the delivery mechanism):
+
+ 1) When the per-transport recipient limit is 1 (i.e., send one
+ recipient per delivery), the per-transport destination concurrency
+ limit controls the number of simultaneous deliveries to the
+ same recipient. This is the default behavior for delivery via
+ the Postfix local delivery agent.
+
+ 2) When the per-transport recipient limit is > 1 (i.e., send
+ multiple recipients per delivery), the per-transport destination
+ concurrency limit controls the number of simultaneous deliveries
+ to the same domain. This is the default behavior for all other
+ Postfix delivery agents.
+
+[snapshot-20010128] The Postfix local delivery agent now enforces
+mailbox file size limits (default: mailbox_size_limit = 51200000).
+This limit affects all file write access by the local delivery
+agent or by a process run by the local delivery agent. The purpose
+of this parameter is to act as a safety for run-away software. It
+cannot be a substitute for a file quota management system. Specify
+a limit of 0 to disable.
+
+[snapshot-20010128] REJECT in header/body_checks is now flagged as
+policy violation rather than bounce, for consistency in postmaster
+notifications.
+
+[snapshot-20010128] The default RBL (real-time blackhole lists)
+domain examples have been changed from *.vix.com to *.mail-abuse.org.
+
+[snapshot-20001210] Several interfaces of libutil and libglobal
+routines have changed. This may break third-party code written
+for Postfix. In particular, the safe_open() routine has changed,
+the way the preferred locking method is specified in the sys_defs.h
+file, as well as all routines that perform file locking. When
+compiling third-party code written for Postfix, the incompatibilities
+will be detected by the compiler provided that #include file
+dependencies are properly maintained.
+
+[snapshot-20001210] When delivering to /file/name (as directed in
+an alias or .forward file), the local delivery agent now logs a
+warning when it is unable to create a /file/name.lock file. Mail
+is still delivered as before.
+
+[snapshot-20001210] The "sun_mailtool_compatibility" feature is
+going away (a compatibility mode that turns off kernel locks on
+mailbox files). It still works, but a warning is logged. Instead
+of using "sun_mailtool_compatibility", specify the mailbox locking
+strategy as "mailbox_delivery_lock = dotlock".
+
+[snapshot-20001210] The Postfix SMTP client now skips SMTP server
+replies that do not start with "CODE SPACE" or with "CODE HYPHEN"
+and flags them as protocol errors. Older Postfix SMTP clients
+silently treated "CODE TEXT" as "CODE SPACE TEXT", i.e. as a valid
+SMTP reply.
+
+[snapshot-20001121] On RedHat Linux 7.0, you must install the
+db3-devel RPM before you can compile the Postfix source code.
+
+[snapshot-20000924] The postmaster address in the "sorry" text at
+the top of bounced mail is now just postmaster, not postmaster@machine.
+The idea is to refer users to their own postmaster.
+
+[snapshot-20000921] The notation of [host:port] in transport tables
+etc. is going away but it is still supported. The preferred form
+is now [host]:port. This change is necessary to support IPV6
+address forms which use ":" as part of a numeric IP address. In a
+future release, Postfix will log a warning when it encounters the
+[host:port] form.
+
+[snapshot-20000921] In mail headers, Errors-To:, Reply-To: and
+Return-Receipt: addresses are now rewritten as a sender address
+(was: recipient).
+
+[snapshot-20000921] Postfix no longer inserts Sender: message
+headers.
+
+[snapshot-20000921] The queue manager now logs the original number
+of recipients when opening a queue file (example: from=<>, size=3502,
+nrcpt=1).
+
+[snapshot-20000921] The local delivery agent no longer appends a
+blank line to mail that is delivered to external command.
+
+[snapshot-20000921] The pipe delivery agent no longer appends a
+blank line when the F flag is specified (in the master.cf file).
+Specify the B flag if you need that blank line.
+
+[snapshot-20000507] As required by RFC 822, Postfix now inserts a
+generic destination message header when no destination header is
+present. The text is specified via the undisclosed_recipients_header
+configuration parameter (default: "To: undisclosed-recipients:;").
+
+[snapshot-20000507] The Postfix sendmail command treats a line with
+only `.' as the end of input, for the sake of sendmail compatibility.
+To disable this feature, specify the sendmail-compatible `-i' or
+`-oi' flags on the sendmail command line.
+
+[snapshot-20000507] For the sake of Sendmail compatibility, the
+Postfix SMTP client skips over SMTP servers that greet with a 4XX
+or 5XX reply code, treating them as unreachable servers. To obtain
+prior behavior (4XX=retry, 5XX=bounce), specify "smtp_skip_4xx_greeting
+= no" and "smtp_skip_5xx_greeting = no".
+
+Major changes with release-20010228
+===================================
+
+Postfix produces DSN formatted bounced/delayed mail notifications.
+The human-readable text still exists, so that users will not have
+to be unnecessarily confused by all the ugliness of RFC 1894. Full
+DSN support will be later.
+
+This release introduces full content filtering through an external
+process. This involves an incompatible change in queue file format.
+Mail is delivered to content filtering software via an existing
+mail delivery agent, and is re-injected into Postfix via an existing
+mail submission agent. See examples in the FILTER_README file.
+Depending on how the filter is implemented, you can expect to lose
+a factor of 2 to 4 in delivery performance of SMTP transit mail,
+more if the content filtering software needs lots of CPU or memory.
+
+Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick
+and dirty emergency content filter that looks at non-header lines
+one line at a time (including MIME headers inside the message body).
+Details in conf/sample-filter.cf.
+
+The header_checks and body_checks features can be used to strip
+out unwanted data. Specify IGNORE on the right-hand side and the
+data will disappear from the mail.
+
+Support for SASL (RFC 2554) authentication in the SMTP server and
+in the SMTP and LMTP clients. See the SASL_README file for more
+details. This file still needs better examples.
+
+Postfix now ships with an LMTP delivery agent that can deliver over
+local/remote TCP sockets and over local UNIX-domain sockets. The
+LMTP_README file gives example, but still needs to be revised.
+
+Fast "ETRN" and "sendmail -qR". Postfix maintains per-destination
+logfiles with information about what mail is queued for selected
+destinations. See the file ETRN_README for details.
+
+The mailbox locking style is now fully configurable at runtime.
+The new configuration parameter is called "mailbox_delivery_lock".
+Depending on the operating system type, mailboxes can be locked
+with one or more of "flock", "fcntl" or "dotlock". The command
+"postconf -l" shows the available locking styles. The default
+mailbox locking style is system dependent. This change affects
+all mailbox and all "/file/name" deliveries by the Postfix local
+delivery agent.
+
+Minor changes with release-20010228
+===================================
+
+You can now specify multiple SMTP destinations in the relayhost
+and fallback_relay configuration parameters. The destinations are
+tried in the specified order. Specify host or host:port (perform
+MX record lookups), [host] or [host]:port (no MX record lookups),
+[address] or [address]:port (numerical IP address).
+
+The "mailbox_transport" and "fallback_transport" parameters now
+understand the form "transport:nexthop", with suitable defaults
+when either transport or nexthop are omitted, just like in the
+Postfix transport map. This allows you to specify for example,
+"mailbox_transport = lmtp:unix:/file/name".
+
+The local_transport and default_transport configuration parameters
+can now be specified in transport:destination notation, just like
+the mailbox_transport and fallback_transport parameters. The
+:destination part is optional. However, these parameters take only
+one destination, unlike relayhost and fallback-relay which take
+any number of destinations.
+
+More general virtual domain support. Postfix now supports both
+Sendmail-style virtual domains and Postfix-style virtual domains.
+Details and examples are given in the revised virtual manual page.
+
+- With Sendmail-style virtual domains, local users/aliases/mailing
+ lists are visible as localname@virtual.domain. This is convenient
+ if you want to host mailing lists under virtual domains.
+
+- With Postfix-style virtual domains, local users/aliases/mailing
+ lists are not visible as localname@virtual.domain. Each virtual
+ domain has its own separate name space.
+
+More general "soft bounce" feature. Specify "soft_bounce = yes"
+in main.cf to prevent the SMTP server from bouncing mail while you
+are testing configurations. Until this release the SMTP server was
+not aware of soft bounces.
+
+Workarounds for non-standard RFC 2554 (AUTH command) implementations.
+Specify "broken_sasl_auth_clients = yes" to enable SMTP server
+support for old Microsoft client applications. The Postfix SMTP
+client supports non-standard RFC 2554 servers by default.
+
+All time-related configuration parameters now accept a one-letter
+suffix to indicate the time unit (s: second, m: minute, h: hour,
+d: day, w: week). The exceptions are the LDAP and MYSQL modules
+which are maintained separately.
+
+New "import_environment" and "export_environment" configuration
+parameters provide explicit control over what environment variables
+Postfix will import, and what environment variables Postfix will
+pass on to a non-Postfix process.
+
+In order to improve performance of one-to-one deliveries, Postfix
+by default now looks at up to 10000 messages at a time (was: 1000).
+
+Specify "syslog_facility = log_local1" etc. to separate the logging
+from multiple Postfix instances. However, a non-default logging
+facility takes effect only after process initialization. Errors
+during command-line parsing are still logged with the default syslog
+facility, as are errors while processing the main.cf file.
+
+Postfix now strips out Content-Length: headers in incoming mail to
+avoid confusion in mail user agents.
+
+Specify "require_home_directory = yes" to prevent mail from being
+delivered to a user whose home directory is not mounted. This
+feature is implemented by the Postfix local delivery agent.
+
+The pipe mailer has a size limit (size=nnn) command-line argument.
+
+The pipe delivery agent has a configurable end-of-line attribute.
+Specify "pipe ... eol=\r\n" for delivery mechanisms that require
+CRLF record delimiters. The eol attribute understands the following
+C-style escape sequences: \a \b \f \n \r \t \v \nnn \\.
+
+In master.cf you can selectively override main.cf configuration
+parameters, for example: "smtpd -o myhostname=foo.com".
+
+In main.cf, specify "smtp_bind_address=x.x.x.x" to bind SMTP
+connections to a specific local interface. Or override the default
+setting in master.cf with "smtp -o smtp_bind_address=x.x.x.x".
+For now, you must specify a numeric IP address.
+
+Questionable feature: with "smtp_always_send_ehlo = yes", the SMTP
+client sends EHLO regardless of the content of the SMTP server's
+greeting.
+
+Specify "-d key" to postalias or postmap in order to remove one
+key. This still needs to be generalized to multi-key removal (e.g.,
+read keys from stdin).
+
+Comments in Postfix configuration files no longer contain troff
+formatting codes. The text is now generated from prototype files
+in a new "proto" subdirectory.
+
+Major changes with postfix-19991231:
+====================================
+
+- It is now much more difficult to configure Postfix as an open
+relay. The SMTP server requires that "smtpd_recipient_restrictions"
+contains at least one restriction that by default refuses mail (as
+is the default). There were too many accidents with changes to
+the UCE restrictions.
+
+- The relay_domains parameter no longer needs to contain $virtual_maps.
+
+- Overhauled FAQ (html/faq.html) with many more examples.
+
+- Updated UCE documentation (html/uce.html) with more examples.
+More UCE configuration examples in sample configuration files.
+
+- Several little improvements to the installation procedure:
+relative symlinks, configurable directory for scratch files so the
+installation can be done without write access to the build tree.
+
+- Updated LDAP client code (John Hensley).
+
+- Updated mysql client code (Scott Cotton).
+
+- The SMTP server now rejects mail for unknown users in virtual
+domains that are defined by Postfix virtual maps.
+
+- The SMTP server can reject mail for unknown local users. Specify
+"local_recipient_maps = $alias_maps, unix:passwd.byname" if your
+local mail is delivered by a UNIX-style local delivery agent. See
+example in conf/main.cf.
+
+- Use "disable_vrfy_command = yes" to disable the SMTP VRFY command.
+This prevents some forms of address harvesting.
+
+- The sendmail "-f" option now understands <user> and even understands
+forms with RFC 822-style comments.
+
+- New "qmgr_fudge_factor" parameter allows you to balance mailing
+list performance against response time for one-to-one mail. The
+fudge factor controls what percentage of delivery resources Postfix
+will devote to one message. With 100%, delivery of one message
+does not begin before delivery of the previous message is completed.
+This is good for list performance, bad for one-to-one mail. With
+10%, response time for one-to-one mail improves much, but list
+performance suffers: in the worst case, people near the start of a
+mailing list get a burst of postings today, while people near the
+end of the list get that same burst of postings a whole day later.
+
+- It is now relatively safe to configure 550 status codes for the
+main.cf unknown_address_reject_code or unknown_client_reject_code
+parameters. The SMTP server now always sends a 450 (try again)
+reply code when an UCE restriction fails due to a soft DNS error,
+regardless of what main.cf specifies.
+
+- The RBL checks now show the content of TXT records (Simon J Mudd).
+
+- The Postfix SMTP server now understands a wider range of illegal
+address forms in MAIL FROM and RCPT TO commands. In order to disable
+illegal forms, specify "strict_rfc821_envelopes = yes". This also
+disables support for MAIL FROM and RCPT TO addresses without <>.
+
+- Per-client/helo/sender/recipient UCE restrictions (fully-recursive
+UCE restriction parser). See the RESTRICTION_CLASS file for details.
+
+- Use "postmap -q key" or "postalias -q key" for testing Postfix
+lookup tables or alias files.
+
+- Use "postconf -e name=value..." to edit the main.cf file. This
+is easier and safer than editing the main.cf file by hand. The
+edits are done on a temporary copy that is renamed into place.
+
+- Use "postconf -m" to display all supported lookup table types
+(Scott Cotton).
+
+- New "permit_auth_destination" UCE restriction for finer-grained
+access control (Jesper Skriver).
+
+Incompatible changes with postfix-19990906
+==========================================
+
+- On systems that use user.lock files to protect system mailboxes
+against simultaneous updates, Postfix now uses /file/name.lock
+files while delivering to files specified in aliases/forward/include
+files. This is a no-op when the recipient lacks directory write
+permission.
+
+- The LDAP client code no longer looks up a name containing "*"
+because it could be abused. See the LDAP_README file for how to
+restore previous behavior.
+
+- The Postfix to PCRE interface now expects PCRE version 2.08.
+Postfix is no longer compatible with PCRE versions prior to 2.06.
+
+Major changes with postfix-19990906
+===================================
+
+Several bugfixes, none related to security. See the HISTORY file
+for a complete list of changes.
+
+- Postfix is now distributed under IBM Public License Version 1.0
+which does not carry the controversial termination clause. The new
+license does have a requirement that contributors make source code
+available.
+
+- INSTALL.sh install/upgrade procedure that replaces existing
+programs and shell scripts instead of overwriting them, and that
+leaves existing queue files and configuration files alone.
+
+- The ugly Delivered-To: header can now be turned off selectively.
+The default setting is: "prepend_delivered_header = command, file,
+forward". Turning off the Delivered-To: header when forwarding
+mail is not recommended.
+
+- mysql client support by Scott Cotton and Joshua Marcus, Internet
+Consultants Group, Inc. See the file MYSQL_README for instructions.
+
+- reject_unauth_destination SMTP recipient restriction that rejects
+destinations not in $relay_domains. Unlike the check_relay_domains
+restriction, reject_unauth_destination ignores the client hostname.
+By Lamont Jones of Hewlett-Packard.
+
+- reject_unauth_pipelining SMTP *anything* restriction to stop mail
+from spammers that improperly use SMTP command pipelining to speed
+up their deliveries.
+
+- Postfix "sendmail" now issues a warning and drops privileges if
+installed set-uid root.
+
+- No more duplicate delivery when "postfix reload" is immediately
+followed by "sendmail -q".
+
+- No more "invalid argument" errors when a Postfix daemon opens a
+DB/DBM file while some other process is changing the file.
+
+- Portability to the Mac OS X Server, Reliant Unix, AIX 3.2.5 and
+Ultrix 4.3.
+
+Incompatible changes with postfix-19990601:
+===========================================
+
+- The SMTP server now delays all UCE restrictions until the RCPT
+TO, VRFY or ETRN command. This makes the restrictions more useful,
+because many SMTP clients do not expect negative responses earlier
+in the protocol. In order to restore the old behavior, specify
+"smtpd_delay_reject = no" in /etc/postfix/main.cf.
+
+- The Postfix local delivery agent no longer automatically propagates
+address extensions to aliases/include/forward addresses. Specify
+"propagate_unmatched_extensions = canonical, virtual, alias, forward,
+include" to restore the old behavior.
+
+- The Postfix local delivery agent no longer does $name expansion
+on words found in the mailbox_command configuration parameter. This
+makes it easier to specify shell syntax. See conf/main.cf.
+
+- The luser_relay syntax has changed. You can specify one address;
+it is subjected to $user, etc. expansions. See conf/main.cf.
+
+- File system reorganization: daemon executables are now in the
+libexec subdirectory, command executables in the bin subdirectory.
+The INSTALL instructions now recommend installing daemons and
+commands into separate directories.
+
+Major changes with postfix-19990601:
+=====================================
+
+- New USER, EXTENSION, LOCAL, DOMAIN and RECIPIENT environment
+variables for delivery to command (including mailbox_command) by
+the local delivery agent. As you might expect, the information is
+censored. The list of acceptable characters is specified with the
+command_expansion_filter configuration parameter. Unacceptable
+characters are replaced by underscores. See html/local.8.html.
+
+- Specify "forward_path = /var/forward/$user" to avoid looking up
+.forward files in user home directories. The default value is
+$home/.forward$recipient_delimiter$extension, $home/.forward.
+Initial code by Philip A. Prindeville, Mirapoint, Inc., USA.
+
+- Conditional $name expansion in forward_path and luser_relay.
+Available names are: $user (bare user name) $shell (user login
+shell), $home (user home directory), $local (everything to the left
+of @), $extension (optional address extension), $domain (everything
+to the right of @), $recipient (the complete address) and
+$recipient_delimiter. A simple $name expands as usual. ${name?value}
+expands to value when $name is defined. ${name:value} expands to
+value when $name is not defined. With ${name?value} and ${name:value},
+the value is subject to another iteration of $name expansion.
+
+- POSIX regular expression support, enabled by default on 4.4BSD,
+LINUX, HP-UX, and Solaris 2.5 and later. See conf/sample-regexp.cf.
+Initial code by Lamont Jones, Hewlett-Packard, borrowing heavily
+from the PCRE implementation by Andrew McNamara, connect.com.au
+Pty. Ltd., Australia.
+
+- Regular expression checks for message headers. This requires
+support for POSIX or for PCRE regular expressions. Specify
+"header_checks = regexp:/file/name" or "header_checks = pcre:/file/name",
+and specify "/^header-name: badstuff/ REJECT" in the pattern file
+(patterns are case-insensitive by default). Code by Lamont Jones,
+Hewlett-Packard. It is to be expected that full content filtering
+will be delegated to an external command.
+
+- Regular expression support for all lookup tables, including access
+control (full mail addresses only), address rewriting (canonical/virtual,
+full mail addresses only) and transport tables (full domain names
+only). However, regular expressions are not allowed for aliases,
+because that would open up security exposures.
+
+- Automatic detection of changes to DB or DBM lookup tables. This
+eliminates the need to run "postfix reload" after each change to
+the SMTP access table, or to the canonical, virtual, transport or
+aliases tables.
+
+- New error mailer. Specify ".domain.name error:domain is undeliverable"
+in the transport table to bounce mail for entire domains.
+
+- No more Postfix lockups on Solaris (knock on wood). The code no
+longer uses Solaris UNIX-domain sockets, because they are still
+broken, even with Solaris 7.
+
+- Workaround for the Solaris mailtool, which keeps an exclusive
+kernel lock on the mailbox while its window is not iconified (specify
+"sun_mailtool_compatibility = yes" in main.cf).
+
+- Questionable workaround for Solaris, which reportedly loses
+long-lived exclusive locks that are held by the master daemon.
+
+- New reject_unknown_{sender,recipient}_domain restrictions for
+sender and recipient mail addresses that distinguish between soft
+errors (always 450) and hard errors (unknown_address_reject_code,
+default 450).
+
+- MIME-encapsulated bounce messages, making it easier to recover
+bounced mail. Initial implementation by Philip A. Prindeville,
+Mirapoint, Inc., USA. Support for RFC 1892 (multipart/report) and
+RFC 1894 (DSN) will have to wait until Postfix internals have been
+revised to support RFC 1893.
+
+- Separately configurable "postmaster" addresses for single bounces
+(bounce_notice_recipient), double bounces (2bounce_notice_recipient),
+delayed mail (delay_notice_recipient), and for mailer error reports
+(error_notice_recipient). See conf/main.cf.
+
+- Questionable feature: specify "best_mx_transport = local" if
+this machine is the best MX host for domains not in mydestinations.
+
+Incompatible changes with postfix-19990317:
+===========================================
+
+- You MUST install the new version of /etc/postfix/postfix-script.
+
+- The pipe mailer "flags" syntax has changed. You now explicitly
+MUST specify the R flag in order to generate a Return-Path: message
+header (as needed by, for example, cyrus).
+
+Major changes with postfix-19990317:
+====================================
+
+A detailed record of changes is given in the HISTORY file.
+
+- Less postmaster mail. Undeliverable bounce messages (double
+bounces) are now discarded. Specify "notify_classes = 2bounce..."
+to get copies of double bounces. Specify "notify_classes = bounce..."
+to get copies of normal and double bounces.
+
+- Improved LDAP client code by John Hensley of Merit Network, USA.
+See LDAP_README for details.
+
+- Perl-compatible regular expression support for lookup maps by
+Andrew McNamara, connect.com.au Pty. Ltd., Australia.. Example:
+"check_recipient_access pcre:/etc/postfix/sample-pcre.cf". Regular
+expressions provide a powerful tool not only for SMTP access control
+but also for address rewriting. See PCRE_README for details.
+
+- Automatic notification of delayed mail (disabled by default).
+With "delay_warning_time = 4", Postfix informs senders when mail
+has not been delivered after 4 hours. Initial version of the code
+by Daniel Eisenbud, University of California at Berkeley. In order
+to get postmaster copies of such warnings, specify "notify_classes
+= delay...".
+
+- More configurable local delivery: "mail_spool_directory" to
+specify the UNIX mail spool directory; "mailbox_transport" to
+delegate all mailbox delivery to, for example, cyrus, and
+"fallback_transport" to delegate delivery of only non-UNIX users.
+And all this without losing local aliases and local .forward
+processing. See config/main.cf and config/master.cf.
+
+- Several changes to improve Postfix behavior under worst-case
+conditions (frequent Postfix restarts/reloads combined with lots
+if inbound mail, intermittent connectivity problems, SMTP servers
+that become comatose after receiving QUIT).
+
+- More NFS-friendly mailbox delivery. The local delivery agent
+now avoids using root privileges where possible.
+
+- For sites that do not receive mail at all, mydestination can now
+be an empty string. Be sure to set up a transport table entry to
+prevent mail from looping.
+
+- New "postsuper" utility to clean up stale files from Postfix
+queues.
+
+- Workaround for BSD select() collisions that cause performance
+problems on large BSD systems.
+
+- Several questionable but useful features to capture mail:
+"always_bcc = address" to capture a copy of every message that
+enters the system, and "luser_relay = address" to capture mail for
+unknown recipients (does not work when mailbox_transport or
+fallback_transport are being used).
+
+- Junk mail controls: new reject_non_fqdn_{hostname,sender,recipient}
+restrictions to reject non-FQDN arguments in HELO, MAIL FROM and
+RCPT TO commands, and stricter checking of numeric HELO arguments.
+
+- "fallback_relay" feature for sites that use DNS but that can't
+talk to the entire world. The fall-back relay gets the mail when
+a destination is not found in the DNS or when the destination is
+found but not reachable.
+
+- Several questionable controls that can help to keep mail going:
+specify "smtp_skip_4xx_greeting = yes" to skip SMTP servers that
+greet with 4XX, "ignore_mx_lookup_error = yes" to look up an A
+record when a DNS server does not respond to an MX query.
+
+Incompatible changes with postfix-beta-19990122-pl01:
+=====================================================
+
+None.
+
+Major changes with postfix-beta-19990122-pl01:
+==============================================
+
+- Restrict who may use ETRN and what domains may be specified.
+Example: "smtpd_etrn_restrictions = permit_mynetworks, reject".
+
+- BIFF notifications. For compatibility reasons this feature is
+on by default. Specify "biff = no" in main.cf if your machine has
+lots of shell users.
+
+- With "soft_bounce = yes", defer delivery instead of bouncing
+mail. This is a safety net for configuration errors with delivery
+agents. It has no effect on errors in virtual maps, canonical maps,
+or in junk mail restrictions.
+
+- Specify "owner_request_special = no" to turn off special treatment
+of owner-foo and foo-request addresses.
+
+Incompatible changes with postfix-beta-19990122:
+================================================
+
+- The syntax of the transport table has changed. An entry like:
+
+ customer.org smtp:[gateway.customer.org]
+
+ no longer forwards mail for anything.customer.org. For that you
+ need to specify:
+
+ customer.org smtp:[gateway.customer.org]
+ .customer.org smtp:[gateway.customer.org]
+
+ This change makes transport tables more compatible with
+ sendmail mailer tables.
+
+- The format of syslog records has changed. A client is now always
+logged as hostname[address]; the pickup daemon logs queue file uid
+and sender address.
+
+Major changes with postfix-beta-19990122:
+=========================================
+
+- Junk mail restrictions can now be postponed to the RCPT TO command.
+Specify: "smtpd_recipient_restrictions = reject_maps_rbl...".
+
+- More flexible interface for delivery to e.g., cyrus IMAP without
+need for PERL scripts to munge recipient addresses. In addition to
+$sender, $nexthop and $recipient, the pipe mailer now also supports
+$user, $extension and $mailbox.
+
+- New mail now has precedence over deferred mail, plus some other
+tweaks to make bulk mail go faster. But it ain't no cure for massive
+network outages.
+
+- Watchdog timer for systems that cause the Postfix queue manager
+to lock up, so it recovers without human intervention.
+
+- Delivery to qmail-style maildir files, which is good for NFS
+environments. Specify "home_mailbox = Maildir/", or specify
+/file/name/ in aliases or in .forward files. The trailing / is
+required to turn on maildir delivery.
+
+- Incremental updates of aliases and maps. Specify "postmap -i
+mapname" and it will read new entries from stdin.
+
+- Newaliases will now update more than one alias database.
+Specify the names with the main.cf "alias_database" parameter.
+
+- Address masquerading exceptions to prevent users from being
+masqueraded. Specify "masquerade_exceptions = root".
+
+- A pipelined SMTP client. Deliveries to Postfix, qmail, LSOFT,
+zmailer, and exim (once it's fixed) speed up by some 30% for short
+messages with one recipient, with more for multi-recipient mails.
+
+- Hook for local delivery to "|command" via the smrsh restricted
+shell, to restrict what commands may be used in .forward etc. files.
+Specify "local_command_shell = /some/where/smrsh -c".
projects / thirdparty / postfix.git / commitdiff
