From 47ae1804cce8f6f96975788bdba617199868c9da Mon Sep 17 00:00:00 2001
From: Wietse Z Venema <wietse@porcupine.org>
Date: Thu, 6 Feb 2025 00:00:00 -0500
Subject: [PATCH] postfix-3.10-20250206

---
 postfix/HISTORY                    |  2 +-
 postfix/README_FILES/TLSRPT_README | 30 ++++++++++++-------------
 postfix/html/TLSRPT_README.html    | 35 +++++++++++++++---------------
 postfix/html/postconf.5.html       | 14 ++++++++++--
 postfix/man/man5/postconf.5        | 13 ++++++++++-
 postfix/mantools/make-relnotes     | 15 ++++++-------
 postfix/proto/TLSRPT_README.html   | 35 +++++++++++++++---------------
 postfix/proto/postconf.proto       | 14 ++++++++++--
 postfix/proto/stop                 |  5 +++++
 postfix/src/global/mail_version.h  |  2 +-
 10 files changed, 99 insertions(+), 66 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index e30ce59cc..c4ad2197e 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -28038,7 +28038,7 @@ Apologies for any names omitted.
 
 	Documentation: replace the obsolete pickup service type
 	fifo with unix, and fix typos. Dilyan Palauzov. Files:
-	HISTORY< proto/BUILTIN_FILTER_README.html,
+	HISTORY, proto/BUILTIN_FILTER_README.html,
 	proto/STANDARD_CONFIGURATION_README.html
 
 20240418
diff --git a/postfix/README_FILES/TLSRPT_README b/postfix/README_FILES/TLSRPT_README
index fe26e3b04..a26253612 100644
--- a/postfix/README_FILES/TLSRPT_README
+++ b/postfix/README_FILES/TLSRPT_README
@@ -20,15 +20,12 @@ domain can publish a policy in DNS, and request daily summary reports for
 successful and failed SMTP over TLS connections to that domain's MX hosts.
 Support for TLSRPT was added in Postfix 3.10.
 
-A policy example looks like this:
+A policy for domain example.com could look like this:
 
     _smtp._tls.example.com. IN TXT "v=TLSRPTv1; rua=mailto:smtp-tls-
     report@example.com"
 
-Translation: email sending systems are requested to generate daily summaries of
-successful and failed SMTP over TLS connections to domain example.com, and to
-report those summaries via email to the specified address. Instead of mailto:,
-a policy may specify an https: destination.
+Instead of mailto:, a policy may specify an https: destination.
 
 The diagram below shows how Postfix TLS handshake success and failure events
 are collected and processed into daily summary reports.
@@ -52,8 +49,8 @@ TLSRPT information, are implemented and maintained by sys4 at https://
 github.com/sys4/libtlsrpt and https://github.com/sys4/tlsrpt-reporter,
 respectively.
 
-The Postfix implementation supports domains with DANE (Postfix built-in) and
-MTA-STS (through an smtp_tls_policy_maps plug-in).
+The Postfix implementation supports TLSRPT or domains with DANE (Postfix built-
+in) and MTA-STS (through an smtp_tls_policy_maps plug-in).
 
 The Postfix smtp(8) client process implements the SMTP client engine. With
 "smtp_tls_connection_reuse = no", the smtp(8) client process also implements
@@ -230,8 +227,8 @@ MMTTAA--SSTTSS SSuuppppoorrtt vviiaa ssmmttpp__ttllss_
 
 Postfix supports MTA-STS though an smtp_tls_policy_maps policy plugin, which
 replies with a TLS security level and name=value attributes with certificate
-matching requirements. Postfix 3.10 and later accept additional name=value
-attributes that are needed for TLSRPT.
+matching requirements. Postfix 3.10 and later extend the policy plugin response
+with additional name=value attributes that are needed for TLSRPT.
 
 Examples of smtp_tls_policy_maps plugins with MTA-STS support are:
 
@@ -244,7 +241,8 @@ Both plugins can generate the additional name=value attributes that Postfix
 needs for TLSRPT support (as of February 2025). This is enabled by setting a
 tlsrpt boolean in a plugin configuration file. This setting is safe with
 Postfix 3.10 and later, even if Postfix TLSRPT support is disabled (at build
-time or at run time).
+time or at run time). Postfix versions 3.9 and earlier will report a policy
+error with "invalid attribute name".
 
 The examples in the text below apply to this MTA-STS policy example given in
 RFC 8461 Section 3.2:
@@ -264,6 +262,8 @@ contain line breaks.
 
     Specify sts or no-policy-found.
 
+    Example: policy_type=sts
+
   * policy_domain=name
 
     The domain that the MTA-STS policy applies to.
@@ -297,7 +297,7 @@ contain line breaks.
 
     Example: policy_failure=sts-webpki-invalid
 
-  * policy_ttl=time
+  * policy_ttl=time (deprecated)
 
     This attribute is deprecated. The time value is not used, and support for
     this attribute will eventually be removed from the code.
@@ -305,10 +305,10 @@ contain line breaks.
 Notes:
 
   * Postfix 3.10 and later will accept these additional attributes in an MTA-
-    STS response even if TLSRPT support is disabled (at build time or at run
-    time). With TLSRPT support turned off, Postfix may still use the
-    policy_failure attribute, and will ignore the attributes that are used only
-    for TLSRPT.
+    STS response even if Postfix TLSRPT support is disabled (at build time or
+    at run time). With Postfix TLSRPT support turned off, Postfix may still use
+    the policy_failure attribute, and will ignore the attributes that are used
+    only for TLSRPT.
 
   * It is an error to specify these attributes for a non-STS policy.
 
diff --git a/postfix/html/TLSRPT_README.html b/postfix/html/TLSRPT_README.html
index cef622abd..8352008ac 100644
--- a/postfix/html/TLSRPT_README.html
+++ b/postfix/html/TLSRPT_README.html
@@ -41,7 +41,7 @@ summary reports for successful and failed SMTP over TLS connections
 to that domain's MX hosts. Support for TLSRPT was added in Postfix
 3.10. </p>
 
-<p> A policy example looks like this: </p>
+<p> A policy for domain <tt>example.com</tt> could look like this: </p>
 
 <blockquote>
 <pre>
@@ -49,11 +49,8 @@ _smtp._tls.example.com. IN TXT "v=TLSRPTv1; rua=mailto:smtp-tls-report@example.c
 </pre>
 </blockquote>
 
-<p> Translation: email sending systems are requested to generate daily
-summaries of successful and failed SMTP over TLS connections to domain
-<tt>example.com</tt>, and to report those summaries via email to the
-specified address. Instead of <tt>mailto:</tt>, a policy may specify an
-<tt>https:</tt> destination. </p>
+<p> Instead of <tt>mailto:</tt>, a policy may specify an <tt>https:</tt>
+destination. </p>
 
 <p> The diagram below shows how Postfix TLS handshake success and
 failure events are collected and processed into daily summary
@@ -102,9 +99,9 @@ fetch, and report TLSRPT information, are implemented and maintained
 by sys4 at <a href="https://github.com/sys4/libtlsrpt">https://github.com/sys4/libtlsrpt</a> and
 <a href="https://github.com/sys4/tlsrpt-reporter">https://github.com/sys4/tlsrpt-reporter</a>, respectively. </p>
 
-<p> The Postfix implementation supports domains with DANE (Postfix
-built-in) and MTA-STS (through an <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> plug-in).
-</p>
+<p> The Postfix implementation supports TLSRPT or domains with DANE
+(Postfix built-in) and MTA-STS (through an <a href="#mta-sts">
+smtp_tls_policy_maps plug-in</a>). </p>
 
 <p> The Postfix <a href="smtp.8.html">smtp(8)</a> client process implements the SMTP client
 engine. With "<a href="postconf.5.html#smtp_tls_connection_reuse">smtp_tls_connection_reuse</a> = no", the <a href="smtp.8.html">smtp(8)</a> client
@@ -335,8 +332,8 @@ generator's sender address): </p>
 <p> Postfix supports MTA-STS though an <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> policy
 plugin, which replies with a TLS security level and name=value
 attributes with certificate matching requirements. Postfix 3.10 and
-later accept additional name=value attributes that are needed for
-TLSRPT. </p>
+later extend the policy plugin response with additional name=value
+attributes that are needed for TLSRPT. </p>
 
 <p> Examples of <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> plugins with MTA-STS support
 are: </p>
@@ -357,7 +354,8 @@ that Postfix needs for TLSRPT support (as of February 2025). This
 is enabled by setting a <tt>tlsrpt</tt> boolean in a plugin
 configuration file.  This setting is safe with Postfix 3.10 and
 later, even if Postfix TLSRPT support is disabled (at build time
-or at run time). </p>
+or at run time). Postfix versions 3.9 and earlier will report a
+policy error with "<tt>invalid attribute name</tt>". </p>
 
 <p> The examples in the text below apply to this MTA-STS policy example
 given in <a
@@ -384,13 +382,14 @@ may contain whitespace. A policy response may contain line breaks.
 
 <li> <p> <tt> policy_type=<i>type</i> </tt> </p>
 
-<p> Specify <tt>sts</tt> or <tt>no-policy-found</tt>. </p> </li>
+<p> Specify <tt>sts</tt> or <tt>no-policy-found</tt>. </p>
+
+<p> Example: <tt>policy_type=sts</tt> </p> </li>
 
 <li> <p> <tt> policy_domain=<i>name</i> </tt> </p>
 
 <p> The domain that the MTA-STS policy applies to. </p>
 
-
 <p> Example: <tt>policy_domain=example.com</tt> </p>
 
 </li>
@@ -425,7 +424,7 @@ informative <tt>validation-failure</tt>. </p>
 
 <p> Example: <tt>policy_failure=sts-webpki-invalid</tt> </p> </li>
 
-<li> <p> <tt> policy_ttl=<i>time</i> </tt> </p>
+<li> <p> <tt> policy_ttl=<i>time</i> </tt> (deprecated) </p>
 
 <p> This attribute is deprecated. The <i>time</i> value is not used,
 and support for this attribute will eventually be removed from the
@@ -438,9 +437,9 @@ code. </p> </li>
 <ul>
 
 <li> <p> Postfix 3.10 and later will accept these additional
-attributes in an MTA-STS response even if TLSRPT support is disabled
-(at build time or at run time). With TLSRPT support turned off,
-Postfix may still use the <tt>policy_failure</tt>
+attributes in an MTA-STS response even if Postfix TLSRPT support
+is disabled (at build time or at run time). With Postfix TLSRPT
+support turned off, Postfix may still use the <tt>policy_failure</tt>
 attribute, and will ignore the attributes that are used only for
 TLSRPT. </p>
 
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index f61e58ed4..91e4ca42d 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -14049,8 +14049,9 @@ Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tl
 <p> Optional lookup tables with the Postfix SMTP client TLS security
 policy by next-hop destination; when a non-empty value is specified,
 this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.  See
-<a href="TLS_README.html">TLS_README</a> for a more detailed discussion of TLS security levels.
-</p>
+<a href="TLS_README.html">TLS_README</a> for a more detailed discussion of TLS security levels,
+and see <a href="TLSRPT_README.html">TLSRPT_README</a> for additional configuration that may be
+needed for MTA-STS plugins. </p>
 
 <p>
 Specify zero or more "type:name" lookup tables, separated by
@@ -14856,6 +14857,9 @@ summaries of successful and failed SMTP over TLS connections to
 their MX servers. This feature requires that Postfix is built
 with a TLSRPT supporting library. </p>
 
+<p> See <a href="TLSRPT_README.html">TLSRPT_README</a> for configuration examples and additional
+requirements for MTA-STS <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> plugins. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 
@@ -14871,6 +14875,9 @@ sessions. Set this to "no" to log the TLSRPT status of all TLS
 handshakes, for example to troubleshoot Postfix TLSRPT support.
 </p>
 
+<p> Note: if an SMTP over TLS connection is reused, there is no
+second etc. TLS handshake to report. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 
@@ -14884,6 +14891,9 @@ by a local TLSRPT reporting service. This parameter must specify a
 pathname (absolute, or relative to $<a href="postconf.5.html#queue_directory">queue_directory</a>) when
 "<a href="postconf.5.html#smtp_tlsrpt_enable">smtp_tlsrpt_enable</a> = yes". </p>
 
+<p> See <a href="TLSRPT_README.html">TLSRPT_README</a> for configuration examples and additional
+requirements for MTA-STS <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> plugins. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 14cbf0155..c9d8793ba 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -9168,7 +9168,9 @@ Postfix 2.3 and later use smtp_tls_policy_maps instead.
 Optional lookup tables with the Postfix SMTP client TLS security
 policy by next\-hop destination; when a non\-empty value is specified,
 this overrides the obsolete smtp_tls_per_site parameter.  See
-TLS_README for a more detailed discussion of TLS security levels.
+TLS_README for a more detailed discussion of TLS security levels,
+and see TLSRPT_README for additional configuration that may be
+needed for MTA\-STS plugins.
 .PP
 Specify zero or more "type:name" lookup tables, separated by
 whitespace or comma. Tables will be searched in the specified order
@@ -9911,6 +9913,9 @@ summaries of successful and failed SMTP over TLS connections to
 their MX servers. This feature requires that Postfix is built
 with a TLSRPT supporting library.
 .PP
+See TLSRPT_README for configuration examples and additional
+requirements for MTA\-STS smtp_tls_policy_maps plugins.
+.PP
 This feature is available in Postfix >= 3.10.
 .SH smtp_tlsrpt_skip_reused_handshakes (default: yes)
 Do not report the TLSRPT status for TLS protocol handshakes
@@ -9919,6 +9924,9 @@ information to report). Report the TLSRPT status only for "new" TLS
 sessions. Set this to "no" to log the TLSRPT status of all TLS
 handshakes, for example to troubleshoot Postfix TLSRPT support.
 .PP
+Note: if an SMTP over TLS connection is reused, there is no
+second etc. TLS handshake to report.
+.PP
 This feature is available in Postfix >= 3.10.
 .SH smtp_tlsrpt_socket_name (default: empty)
 The pathname of a UNIX\-domain datagram socket that is managed
@@ -9926,6 +9934,9 @@ by a local TLSRPT reporting service. This parameter must specify a
 pathname (absolute, or relative to $queue_directory) when
 "smtp_tlsrpt_enable = yes".
 .PP
+See TLSRPT_README for configuration examples and additional
+requirements for MTA\-STS smtp_tls_policy_maps plugins.
+.PP
 This feature is available in Postfix >= 3.10.
 .SH smtp_use_tls (default: no)
 Opportunistic mode: use TLS when a remote SMTP server announces
diff --git a/postfix/mantools/make-relnotes b/postfix/mantools/make-relnotes
index f5d26f37b..75f1be3a7 100755
--- a/postfix/mantools/make-relnotes
+++ b/postfix/mantools/make-relnotes
@@ -5,15 +5,14 @@
 #
 # Input format: the leader text is copied verbatim; each section
 # starts with "Incompatible changes with snapshot YYYYMMDD" or "Major
-# changes with snapshot YYYYMMDD"; each paragraph starts with [class,
-# class] where a class specifies one or more categories that the
-# change should be listed under. Adding class info is the only manual
-# processing needed to go from a RELEASE_NOTES file to the transformed
-# representation.
+# changes with snapshot YYYYMMDD" underlined with "=======..."; each
+# paragraph starts with [class, class] where a class specifies one or
+# more categories that the change should be listed under. Adding class
+# info is the only manual processing needed to go from a RELEASE_NOTES
+# file to the transformed representation.
 #
-# Output format: each category is printed with a little header and
-# each paragraph is tagged with [Incompat yyyymmdd] or with [Feature
-# yyyymmdd].
+# Output format: each category is printed with a little header and each
+# paragraph is tagged with [Incompat yyyymmdd] or with [Feature yyyymmdd].
 
 %leader = (); %body = ();
 $append_to = \%leader;
diff --git a/postfix/proto/TLSRPT_README.html b/postfix/proto/TLSRPT_README.html
index 7468b6fb1..9d4812dca 100644
--- a/postfix/proto/TLSRPT_README.html
+++ b/postfix/proto/TLSRPT_README.html
@@ -41,7 +41,7 @@ summary reports for successful and failed SMTP over TLS connections
 to that domain's MX hosts. Support for TLSRPT was added in Postfix
 3.10. </p>
 
-<p> A policy example looks like this: </p>
+<p> A policy for domain <tt>example.com</tt> could look like this: </p>
 
 <blockquote>
 <pre>
@@ -49,11 +49,8 @@ _smtp._tls.example.com. IN TXT "v=TLSRPTv1; rua=mailto:smtp-tls-report@example.c
 </pre>
 </blockquote>
 
-<p> Translation: email sending systems are requested to generate daily
-summaries of successful and failed SMTP over TLS connections to domain
-<tt>example.com</tt>, and to report those summaries via email to the
-specified address. Instead of <tt>mailto:</tt>, a policy may specify an
-<tt>https:</tt> destination. </p>
+<p> Instead of <tt>mailto:</tt>, a policy may specify an <tt>https:</tt>
+destination. </p>
 
 <p> The diagram below shows how Postfix TLS handshake success and
 failure events are collected and processed into daily summary
@@ -102,9 +99,9 @@ fetch, and report TLSRPT information, are implemented and maintained
 by sys4 at https://github.com/sys4/libtlsrpt and
 https://github.com/sys4/tlsrpt-reporter, respectively. </p>
 
-<p> The Postfix implementation supports domains with DANE (Postfix
-built-in) and MTA-STS (through an smtp_tls_policy_maps plug-in).
-</p>
+<p> The Postfix implementation supports TLSRPT or domains with DANE
+(Postfix built-in) and MTA-STS (through an <a href="#mta-sts">
+smtp_tls_policy_maps plug-in</a>). </p>
 
 <p> The Postfix smtp(8) client process implements the SMTP client
 engine. With "smtp_tls_connection_reuse = no", the smtp(8) client
@@ -335,8 +332,8 @@ generator's sender address): </p>
 <p> Postfix supports MTA-STS though an smtp_tls_policy_maps policy
 plugin, which replies with a TLS security level and name=value
 attributes with certificate matching requirements. Postfix 3.10 and
-later accept additional name=value attributes that are needed for
-TLSRPT. </p>
+later extend the policy plugin response with additional name=value
+attributes that are needed for TLSRPT. </p>
 
 <p> Examples of smtp_tls_policy_maps plugins with MTA-STS support
 are: </p>
@@ -357,7 +354,8 @@ that Postfix needs for TLSRPT support (as of February 2025). This
 is enabled by setting a <tt>tlsrpt</tt> boolean in a plugin
 configuration file.  This setting is safe with Postfix 3.10 and
 later, even if Postfix TLSRPT support is disabled (at build time
-or at run time). </p>
+or at run time). Postfix versions 3.9 and earlier will report a
+policy error with "<tt>invalid attribute name</tt>". </p>
 
 <p> The examples in the text below apply to this MTA-STS policy example
 given in <a
@@ -384,13 +382,14 @@ may contain whitespace. A policy response may contain line breaks.
 
 <li> <p> <tt> policy_type=<i>type</i> </tt> </p>
 
-<p> Specify <tt>sts</tt> or <tt>no-policy-found</tt>. </p> </li>
+<p> Specify <tt>sts</tt> or <tt>no-policy-found</tt>. </p>
+
+<p> Example: <tt>policy_type=sts</tt> </p> </li>
 
 <li> <p> <tt> policy_domain=<i>name</i> </tt> </p>
 
 <p> The domain that the MTA-STS policy applies to. </p>
 
-
 <p> Example: <tt>policy_domain=example.com</tt> </p>
 
 </li>
@@ -425,7 +424,7 @@ informative <tt>validation-failure</tt>. </p>
 
 <p> Example: <tt>policy_failure=sts-webpki-invalid</tt> </p> </li>
 
-<li> <p> <tt> policy_ttl=<i>time</i> </tt> </p>
+<li> <p> <tt> policy_ttl=<i>time</i> </tt> (deprecated) </p>
 
 <p> This attribute is deprecated. The <i>time</i> value is not used,
 and support for this attribute will eventually be removed from the
@@ -438,9 +437,9 @@ code. </p> </li>
 <ul>
 
 <li> <p> Postfix 3.10 and later will accept these additional
-attributes in an MTA-STS response even if TLSRPT support is disabled
-(at build time or at run time). With TLSRPT support turned off,
-Postfix may still use the <tt>policy_failure</tt>
+attributes in an MTA-STS response even if Postfix TLSRPT support
+is disabled (at build time or at run time). With Postfix TLSRPT
+support turned off, Postfix may still use the <tt>policy_failure</tt>
 attribute, and will ignore the attributes that are used only for
 TLSRPT. </p>
 
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 25eef4da9..0a7b4702d 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -11532,8 +11532,9 @@ configuration parameter.  See there for details. </p>
 <p> Optional lookup tables with the Postfix SMTP client TLS security
 policy by next-hop destination; when a non-empty value is specified,
 this overrides the obsolete smtp_tls_per_site parameter.  See
-TLS_README for a more detailed discussion of TLS security levels.
-</p>
+TLS_README for a more detailed discussion of TLS security levels,
+and see TLSRPT_README for additional configuration that may be
+needed for MTA-STS plugins. </p>
 
 <p>
 Specify zero or more "type:name" lookup tables, separated by
@@ -19406,6 +19407,9 @@ summaries of successful and failed SMTP over TLS connections to
 their MX servers. This feature requires that Postfix is built
 with a TLSRPT supporting library. </p>
 
+<p> See TLSRPT_README for configuration examples and additional
+requirements for MTA-STS smtp_tls_policy_maps plugins. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 %PARAM smtp_tlsrpt_socket_name
@@ -19415,6 +19419,9 @@ by a local TLSRPT reporting service. This parameter must specify a
 pathname (absolute, or relative to $queue_directory) when
 "smtp_tlsrpt_enable = yes". </p>
 
+<p> See TLSRPT_README for configuration examples and additional
+requirements for MTA-STS smtp_tls_policy_maps plugins. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 %PARAM smtp_tlsrpt_skip_reused_handshakes yes
@@ -19426,6 +19433,9 @@ sessions. Set this to "no" to log the TLSRPT status of all TLS
 handshakes, for example to troubleshoot Postfix TLSRPT support.
 </p>
 
+<p> Note: if an SMTP over TLS connection is reused, there is no
+second etc. TLS handshake to report. </p>
+
 <p> This feature is available in Postfix &ge; 3.10. </p>
 
 %PARAM full_name_encoding_charset utf-8
diff --git a/postfix/proto/stop b/postfix/proto/stop
index a8b5522a5..d3c8a5cd8 100644
--- a/postfix/proto/stop
+++ b/postfix/proto/stop
@@ -1665,3 +1665,8 @@ RequireTLS
 requiretls
 sendopts
 tz
+GID
+SIGKILL
+URI
+URIs
+bugfix
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 27e83993c..f55824292 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20250205"
+#define MAIL_RELEASE_DATE	"20250206"
 #define MAIL_VERSION_NUMBER	"3.10"
 
 #ifdef SNAPSHOT
-- 
2.47.3