Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

postfix-postgresql-3.2.0-2.3.1 RPM for ppc64le

From OpenSuSE Ports Leap 42.3 updates for ppc64le

Name: postfix-postgresql Distribution: openSUSE Leap 42.3
Version: 3.2.0 Vendor: openSUSE
Release: 2.3.1 Build date: Wed Apr 24 12:23:09 2019
Group: Productivity/Networking/Email/Servers Build host: obs-power8-06
Size: 67912 Source RPM: postfix-3.2.0-2.3.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.postfix.org/
Summary: Postfix plugin to support PostgreSQL maps
Postfix plugin to support PostgreSQL maps. This library will be loaded
by starting postfix if you'll access a postmap which is stored in
PostgreSQL.

Provides

Requires

License

IPL-1.0

Changelog

* Wed Apr 17 2019 Peter Varkoly <varkoly@suse.com>
  - bsc#1078843 Installation of package postfix fails if group mail
    is missing. Adapted patch from PTF.
* Tue Apr 02 2019 Peter Varkoly <varkoly@suse.com>
  - bsc#1120757 L3: File Permissions->Paranoid can cause a system hang
    Break loop if postfix has no permission in spool directory.
    - add postfix-avoid-infinit-loop-if-no-permission.patch
* Fri Sep 07 2018 varkoly@suse.com
  - bsc#1095073 postfix update S:M:5873:165830: openQA test fails in 1_postfix
    Daemon_directory must be changed befor starting the postfix-script
* Mon May 28 2018 varkoly@suse.com
  - bsc#1086465 L3: ignore non-default parent_domain_matches_subdomains setting
    - add parent_domain_matches_subdomains.diff
* Fri May 25 2018 varkoly@suse.com
  - bsc#1087471 Unreleased Postfix update breaks SUSE Manager
    o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty
* Mon Mar 19 2018 varkoly@suse.com
  - bsc#1082514 - L3: autoyast: postfix gets not set myhostname properly
    o When POSTFIX_MYHOSTNAME is empty the output of hostname -f will be used.
* Fri Oct 20 2017 varkoly@suse.com
  - bnc#1059512 L3: Postfix Problem
    The applied changes breaks existing postfix configurations because
    daemon_directory was not adapted to the new value.
* Wed Oct 04 2017 varkoly@suse.com
  - bnc#1059512 L3: Postfix Problem
    To manage multiple Postfix instances on a single host requires
    that daemon_directory and shlib_directory is different to
    avoid use of the shared directories also as per-instance directories.
    For this reason daemon_directory was set to /usr/lib/postfix/bin/.
    shlib_directory stands /usr/lib/postfix/.
* Thu Sep 28 2017 varkoly@suse.com
  - bnc#1016491 postfix raported to log "warning: group or other writable:"
    on each symlink in config.
    * Add fix-postfix-script.patch
  - bnc#1055995 L3: postfix set-permissions error, chown:
      cannot access ... No such file or directory
* Thu Jul 27 2017 varkoly@suse.com
  - bnc#1045264 L3: postmap problem
    * Applying proposed patch of leen.meyer@ziggo.nl in bnc#771811
* Wed Apr 19 2017 chris@computersalat.de
  - revert changes of postfix-main.cf.patch from rev=261
    * config.postfix will not 'enable' (remove #) var, but place
      modified (enabled) var at end of file, far away from place
      where it should be
    * keep vars enabled but empty
* Thu Apr 13 2017 werner@suse.de
  - Some cleanups
    * Avoid installing shared libraries twice
    * Refresh patch postfix-linux45.patch
* Sat Apr 08 2017 chris@computersalat.de
  - update postfix-master.cf.patch
    * recover lost (with 3.2.0 update) submission, smtps sections
    * merge with upstream update
  - update config.postfix
    * update master.cf generation for submission
  - rebase patches against 3.2.0
    * pointer_to_literals.patch
    * postfix-no-md5.patch
    * postfix-ssl-release-buffers.patch
    * postfix-vda-v14-3.0.3.patch
* Mon Mar 20 2017 kukuk@suse.de
  - Require system group mail
  - Use mail group name instead of GID
* Mon Mar 06 2017 mrueckert@suse.de
  - update to 3.2.0
    - [Feature 20170128] Postfix 3.2 fixes the handling of address
      extensions with email addresses that contain spaces. For
      example, the virtual_alias_maps, canonical_maps, and
      smtp_generic_maps features now correctly propagate an address
      extension from "aa bb+ext"@example.com to "cc
      dd+ext"@other.example, instead of producing broken output.
    - [Feature 20161008] "PASS" and "STRIP" actions in
      header/body_checks.  "STRIP" is similar to "IGNORE" but also
      logs the action, and "PASS" disables header, body, and Milter
      inspection for the remainder of the message content.
      Contributed by Hobbit.
    - [Feature 20160330] The collate.pl script by Viktor Dukhovni for
      grouping Postfix logfile records into "sessions" based on queue
      ID and process ID information. It's in the auxiliary/collate
      directory of the Postfix source tree.
    - [Feature 20160527] Postfix 3.2 cidr tables support if/endif and
      negation (by prepending ! to a pattern), just like regexp and
      pcre tables.  The primarily purpose is to improve readability
      of complex tables. See the cidr_table(5) manpage for syntax
      details.
    - [Incompat 20160925] In the Postfix MySQL database client, the
      default option_group value has changed to "client", to enable
      reading of "client" option group settings in the MySQL options
      file. This fixes a "not found" problem with Postfix queries
      that contain UTF8-encoded non-ASCII text.  Specify an empty
      option_group value (option_group =) to get backwards-compatible
      behavior.
    - [Feature 20161217] Stored-procedure support for MySQL
      databases.  Contributed by John Fawcett. See mysql_table(5) for
      instructions.
    - [Feature 20170128] The postmap command, and the inline: and
      texthash: maps now support spaces in left-hand field of the
      lookup table "source text". Use double quotes (") around a
      left-hand field that contains spaces, and use backslash (\) to
      protect embedded quotes in a left-hand field. There is no
      change in the processing of the right-hand field.
    - [Feature 20160611] The Postfix SMTP server local IP address and
      port are available in the policy delegation protocol (attribute
      names: server_address, server_port), in the Milter protocol
      (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
      protocol (attribute names: DESTADDR, DESTPORT).
    - [Feature 20161024] smtpd_milter_maps support for per-client
      Milter configuration that overrides smtpd_milters, and that has
      the same syntax. A lookup result of "DISABLE" turns off Milter
      support. See MILTER_README.html for details.
    - [Feature 20160611] The Postfix SMTP server local IP address and
      port are available in the policy delegation protocol (attribute
      names: server_address, server_port), in the Milter protocol
      (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
      protocol (attribute names: DESTADDR, DESTPORT).
    - [Incompat 20170129] The postqueue command no longer forces all
      message arrival times to be reported in UTC. To get the old
      behavior, set TZ=UTC in main.cf:import_environment (this
      override is not recommended, as it affects all Postfix utities
      and daemons).
    - [Incompat 20161227] For safety reasons, the sendmail -C option
      must specify an authorized directory: the default configuration
      directory, a directory that is listed in the default main.cf
      file with alternate_config_directories or
      multi_instance_directories, or the command must be invoked with
      root privileges (UID 0 and EUID 0).  This mitigates a recurring
      problem with the PHP mail() function.
    - [Feature 20160625] The Postfix SMTP server now passes remote
      client and local server network address and port information to
      the Cyrus SASL library. Build with ``make makefiles
      "CCARGS=$CCARGS -DNO_IP_CYRUS_SASL_AUTH"'' for backwards
      compatibility.
    - [Feature 20161103] Postfix 3.2 disables the 'transitional'
      compatibility between the IDNA2003 and IDNA2008 standards for
      internationalized domain names (domain names beyond the limits
      of US-ASCII).
      This change makes Postfix behavior consistent with contemporary
      web browsers. It affects the handling of some corner cases such
      as German sz and Greek zeta. See
      http://unicode.org/cldr/utility/idna.jsp for more examples.
      Specify "enable_idna2003_compatibility = yes" to restore
      historical behavior (but keep in mind that the rest of the
      world may not make that same choice).
    - [Feature 20160828] Fixes for deprecated OpenSSL 1.1.0 API
      features, so that Postfix will build without depending on
      backwards-compatibility support.
      [Incompat 20161204] Postfix 3.2 removes tentative features that
      were implemented before the DANE spec was finalized:
    - Support for certificate usage PKIX-EE(1),
    - The ability to disable digest agility (Postfix now behaves as
      if "tls_dane_digest_agility = on"), and
    - The ability to disable support for "TLSA 2 [01] [12]" records
      that specify the digest of a trust anchor (Postfix now
      behaves as if "tls_dane_trust_anchor_digest_enable = yes).
    - [Feature 20161217] Postfix 3.2 enables elliptic curve
      negotiation with OpenSSL >= 1.0.2.  This changes the default
      smtpd_tls_eecdh_grade setting to "auto", and introduces a new
      parameter tls_eecdh_auto_curves with the names of curves that
      may be negotiated.
      The default tls_eecdh_auto_curves setting is determined at
      compile time, and depends on the Postfix and OpenSSL versions.
      At runtime, Postfix will skip curve names that aren't supported
      by the OpenSSL library.
    - [Feature 20160611] The Postfix SMTP server local IP address and
      port are available in the policy delegation protocol (attribute
      names: server_address, server_port), in the Milter protocol
      (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
      protocol (attribute names: DESTADDR, DESTPORT).
  - refresh postfix-master.cf.patch
* Mon Mar 06 2017 wr@rosenauer.org
  - make sure that system users can be created in %pre
* Sat Feb 18 2017 kukuk@suse.com
  - Fix requires:
    - shadow is needed for postfix-mysql pre-install section
    - insserv is not needed if systemd is used
* Sat Jan 21 2017 chris@computersalat.de
  - update postfix-mysql
    * update  mysql_*.cf files
    * update postfix-mysql.sql (INNODB, utf8)
  - update postfix-main.cf.patch
    * uncomment smtpd_sasl_path, smtpd_sasl_type
      can be changed via POSTFIX_SMTP_AUTH_SERVICE=(cyrus,dovecot)
    * add option for smtp_tls_policy_maps (commented)
  - update postfix-master.cf.patch
    * fix indentation of submission, smtps options for correct
      enabling via config.postfix
  - update config.postfix
    * fix sync of CA certificates
    * fix master.cf generation for submission, smtps
  - rebase postfix-vda-v14-3.0.3.patch
* Wed Jan 11 2017 varkoly@suse.com
  - FATE#322322 Update postfix to version 3.X
    Merging changes with SLES12-SP2
    Removeved patches: add_missed_library.patch bnc#947707.diff dynamic_maps.patch postfix-db6.diff
      postfix-opensslconfig.patch bnc#947519.diff dynamic_maps_pie.patch
      postfix-post-install.patch
      These are included in the new version of postfix
  - Remove references to SuSEconfig.postfix from sysconfig docs.
    (bsc#871575)
  - bnc#947519 SuSEconfig.postfix should enforce umask 022
  - bnc#947707 mail generated by Amavis being prevented from being re-adressed by /etc/postfix/virtual
  - bnc#972346 /usr/sbin/SuSEconfig.postfix is wrong
  - postfix-linux45.patch: handle Linux 4.x and Linux 5.x (used by aarch64)
    (bsc#940289)
* Tue Jan 03 2017 varkoly@suse.com
  - update to 3.1.4
    * The postscreen daemon did not merge the client test status information
      for concurrent sessions from the same IP address.
    * The Postfix SMTP server falsely rejected a sender address when validating
      a sender address with "smtpd_reject_unlisted_recipient = yes" or with
      "reject_unlisted_sender". Cause: the address validation code did not query sender_canonical_maps.
    * The virtual delivery agent did not detect failure to skip to the end
      of a mailbox file, so that mail would be delivered to the beginning of the file.
      This could happen when a mailbox file was already larger than the virtual mailbox size limit.
    * The postsuper logged an incorrect rename operation count after creating a missing directory.
    * The Postfix SMTP server falsely rejected mail when a sender-dependent "error"
      transport was configured. Cause: the SMTP server address validation code
      was not updated when the sender_dependent_default_transport_maps feature
      was introduced.
    * The Postfix SMTP server falsely rejected an SMTPUTF8 sender address, when "smtpd_delay_reject = no".
    * The "postfix tls deploy-server-cert" command used the wrong certificate
      and key file. This was caused by a cut-and-paste error in the postfix-tls-script file.
* Sat Nov 26 2016 chris@computersalat.de
  - improve config.postfix
    * improve SASL stuff
    * add POSTFIX_SMTP_AUTH_SERVICE=(cyrus|dovecot)
* Mon Nov 14 2016 chris@computersalat.de
  - improve config.postfix
    * improve with MySQL stuff
* Mon Nov 07 2016 chris@computersalat.de
  - update vda patch to latest available
    * remove postfix-vda-v13-3.10.0.patch
    * add postfix-vda-v14-3.0.3.patch
  - rebase patches (and to be p0)
    * pointer_to_literals.patch
    * postfix-main.cf.patch
    * postfix-master.cf.patch
    * postfix-no-md5.patch
    * postfix-ssl-release-buffers.patch
  - add /etc/postfix/ssl as default DIR for SSL stuff
    * cacerts -> ../../ssl/certs/
    * certs/
  - revert POSTFIX_SSL_PATH from '/etc/ssl' to '/etc/postfix/ssl'
  - improve config.postfix
    * revert smtpd_tls_CApath to POSTFIX_SSL_PATH/cacerts which is a
      symlink to /etc/ssl/certs
      Without reverting, 'gen_CA' would create files which would then be on
      the previous defined 'sslpath(/etc/ssl)/certs' (smtpd_tls_CApath)
      Cert reqs would be placed in 'sslpath(/etc/ssl)/certs/postfixreq.pem'
      which is not a good idea.
    * mkchroot: sync '/etc/postfix/ssl' to chroot
    * improve PCONF for smtp{,d}_tls_{cert,key}_file, adding/removing from
      main.cf, show warning if enabled and file is missing
* Sun Oct 09 2016 michael@stroeder.com
  - update to 3.1.3:
    * The Postfix SMTP server did not reset a previous session's
      failed/total command counts before rejecting a client that
      exceeds request or concurrency rates. This resulted in incorrect
      failed/total command counts being logged at the end of the
      rejected session.
    * The unionmap multi-table interface did not propagate table
      lookup errors, resulting in false "user unknown" responses.
    * The documentation was updated with a workaround for false "not
      found" errors with MySQL map queries that contain UTF8-encoded
      text. The workaround is to specify "option_group = client" in
      Postfix MySQL configuration files. This will be the default
      setting with Postfix 3.2 and later.
* Sun Sep 04 2016 michael@stroeder.com
  - update to 3.1.2:
    * Changes to make Postfix build with OpenSSL 1.1.0.
    * The makedefs script ignored readme_directory=pathname overrides.
      Fix by Todd C. Olson.
    * The tls_session_ticket_cipher documentation says that the default
      cipher for TLS session tickets is aes-256-cbc, but the implemented
      default was aes-128-cbc. Note that TLS session ticket keys are
      rotated after 1/2 hour, to limit the impact of attacks on session
      ticket keys.
* Thu Jun 02 2016 schwab@suse.de
  - postfix-post-install.patch: remove empty patch
* Sun May 29 2016 chris@computersalat.de
  - fix Changelog cause of Factory decline
* Tue May 24 2016 varkoly@suse.com
  - Fix typo in config.postfix
* Tue May 24 2016 varkoly@suse.com
  - bnc#981097 config.postfix creates broken main.cf for tls client configuration
  - bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete
  - update to 3.1.1:
  - The new address_verify_pending_request_limit
    parameter introduces a safety limit for the number of address
    verification probes in the active queue.  The default limit is 1/4
    of the active queue maximum size. The queue manager enforces the
    limit by tempfailing probe messages that exceed the limit. This
    design avoids dependencies on global counters that get out of sync
    after a process or system crash.
  - Machine-readable, JSON-formatted queue listing with "postqueue -j"
    (no "mailq" equivalent).
  - The milter_macro_defaults feature provides an optional list of macro
    name=value pairs. These specify default values for Milter macros when
    no value is available from the SMTP session context.
  - Support to enforce a destination-independent delay between email
    deliveries.  The following example inserts 20 seconds of delay
    between all deliveries with the SMTP transport, limiting the delivery
    rate to at most three messages per minute.
      smtp_transport_rate_delay = 20s
  - Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
    that a "not found" result from a DNSBL server will be valid for one
    hour.  This may have been adequate five years ago when postscreen
    was first implemented, but nowadays, that one hour can result in
    missed opportunities to block new spambots.
    To address this, postscreen now respects the TTL of DNSBL "not
    found" replies, as well as the TTL of DNSWL replies (both "found"
    and "not found").  The TTL for a "not found" reply is determined
    according to RFC 2308 (the TTL of an SOA record in the reply).
    Support for DNSBL or DNSWL reply TTL values is controlled by two
    configuration parameters:
    postscreen_dnsbl_min_ttl (default: 60 seconds).
    postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
    The postscreen_dnsbl_ttl parameter is now obsolete, and has become
    the default value for the new postscreen_dnsbl_max_ttl parameter.
  - New "smtpd_client_auth_rate_limit" feature, to
    enforce an optional rate limit on AUTH commands per SMTP client IP
    address.  Similar to other smtpd_client_*_rate_limit features, this
    enforces a limit on the number of requests per $anvil_rate_time_unit.
  - New SMTPD policy service attribute "policy_context",
    with a corresponding "smtpd_policy_service_policy_context" configuration
    parameter.  Originally, this was implemented to share the same SMTPD
    policy service endpoint among multiple check_policy_service clients.
  - A new "postfix tls" command to quickly enable opportunistic TLS
    in the Postfix SMTP client or server, and to manage SMTP server keys
    and certificates, including certificate signing requests and
    TLSA DNS records for DANE.
* Tue Apr 19 2016 opensuse@dstoecker.de
  - build with working support for SMTPUTF8
* Sun Mar 20 2016 mrueckert@suse.de
  - fix build on sle11 by pointing _libexecdir to /usr/lib all the
    time.
* Sun Mar 20 2016 mrueckert@suse.de
  - some distros did not pull pkgconfig indirectly. pull it directly.
* Sun Mar 20 2016 mrueckert@suse.de
  - fix building the dynamic maps: the old build had postgresql e.g.
    with missing symbols.
    - convert to AUXLIBS_* instead of plain AUXLIBS which is needed
      for proper dynamic maps.
    - reordered the CCARGS and AUXLIBS* lines to group by feature
    - use pkgconfig or *_config tools where possible
  - picked up signed char from fedora spec file
  - enable lmdb support: new BR lmdb-devel, new subpackage
    postfix-lmdb.
  - don't delete vmail user/groups
* Wed Mar 09 2016 varkoly@suse.com
  - update to 3.1.0
  - Since version 3.0 postfix supports dynamic loading of cdb:, ldap:,
    lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients.
    Thats why the patches dynamic_maps.patch and dynamic_maps_pie.patch
    could be removed.
  - Adapting all the patches to postfix 3.1.0
  - remove obsolete patches
    * add_missed_library.patch
    * postfix-opensslconfig.patch
  - update vda patch
    * remove postfix-vda-v13-2.10.0.patch
    * add postfix-vda-v13-3.10.0.patch
  - The patch postfix-db6.diff is not more neccessary
  - Backwards-compatibility safety net.
    With NEW Postfix installs, you MUST install a main.cf file with
    the setting "compatibility_level = 2". See conf/main.cf for an
    example.
    With UPGRADES of existing Postfix systems, you MUST NOT change the
    main.cf compatibility_level setting, nor add this setting if it
    does not exist.
    Several Postfix default settings have changed with Postfix 3.0.  To
    avoid massive frustration with existing Postfix installations,
    Postfix 3.0 comes with a safety net that forces Postfix to keep
    running with backwards-compatible main.cf and master.cf default
    settings. This safety net depends on the main.cf compatibility_level
    setting (default: 0). Details are in COMPATIBILITY_README.
  - Major changes - tls
    * [Feature 20160207] A new "postfix tls" command to quickly enable
    opportunistic TLS in the Postfix SMTP client or server, and to
    manage SMTP server keys and certificates, including certificate
    signing requests and TLSA DNS records for DANE.
    * As of the middle of 2015, all supported Postfix releases no longer
    nable "export" grade ciphers for opportunistic TLS, and no longer
    use the deprecated SSLv2 and SSLv3 protocols for mandatory or
    opportunistic TLS.
    * [Incompat 20150719] The default Diffie-Hellman non-export prime was
    updated from 1024 to 2048 bits, because SMTP clients are starting
    to reject TLS handshakes with primes smaller than 2048 bits.
    * [Feature 20160103] The Postfix SMTP client by default enables DANE
    policies when an MX host has a (DNSSEC) secure TLSA DNS record,
    even if the MX DNS record was obtained with insecure lookups.  The
    existence of a secure TLSA record implies that the host wants to
    talk TLS and not plaintext. For details see the
    smtp_tls_dane_insecure_mx_policy configuration parameter.
  - Major changes - default settings
    [Incompat 20141009] The default settings have changed for relay_domains
    (new: empty, old: $mydestination) and mynetworks_style (new: host,
    old: subnet).  However the backwards-compatibility safety net will
    prevent these changes from taking effect, giving the system
    administrator the option to make an old default setting permanent
    in main.cf or to adopt the new default setting, before turning off
    backwards compatibility. See COMPATIBILITY_README for details.
    [Incompat 20141001] A new backwards-compatibility safety net forces
    Postfix to run with backwards-compatible main.cf and master.cf
    default settings after an upgrade to a newer but incompatible Postfix
    version. See COMPATIBILITY_README for details.
    While the backwards-compatible default settings are in effect,
    Postfix logs what services or what email would be affected by the
    incompatible change. Based on this the administrator can make some
    backwards-compatibility settings permanent in main.cf or master.cf,
    before turning off backwards compatibility.
  - Major changes - address verification safety
    [Feature 20151227] The new address_verify_pending_request_limit
    parameter introduces a safety limit for the number of address
    verification probes in the active queue.  The default limit is 1/4
    of the active queue maximum size. The queue manager enforces the
    limit by tempfailing probe messages that exceed the limit. This
    design avoids dependencies on global counters that get out of sync
    after a process or system crash.
    Tempfailing verify requests is not as bad as one might think.  The
    Postfix verify cache proactively updates active addresses weeks
    before they expire. The address_verify_pending_request_limit affects
    only unknown addresses, and inactive addresses that have expired
    from the address verify cache (by default, after 31 days).
  - Major changes - json support
    [Feature 20151129] Machine-readable, JSON-formatted queue listing
    with "postqueue -j" (no "mailq" equivalent).  The output is a stream
    of JSON objects, one per queue file.  To simplify parsing, each
    JSON object is formatted as one text line followed by one newline
    character. See the postqueue(1) manpage for a detailed description
    of the output format.
  - Major changes - milter support
    [Feature 20150523] The milter_macro_defaults feature provides an
    optional list of macro name=value pairs. These specify default
    values for Milter macros when no value is available from the SMTP
    session context.
    For example, with "milter_macro_defaults = auth_type=TLS", the
    Postfix SMTP server will send an auth_type of "TLS" to a Milter,
    unless the remote client authenticates with SASL.
    This feature was originally implemented for a submission service
    that may authenticate clients with a TLS certificate, without having
    to make changes to the code that implements TLS support.
  - Major changes - output rate control
    [Feature 20150710] Destination-independent delivery rate delay
    Support to enforce a destination-independent delay between email
    deliveries.  The following example inserts 20 seconds of delay
    between all deliveries with the SMTP transport, limiting the delivery
    rate to at most three messages per minute.
    /etc/postfix/main.cf:
      smtp_transport_rate_delay = 20s
    For details, see the description of default_transport_rate_delay
    and transport_transport_rate_delay in the postconf(5) manpage.
  - Major changes - postscreen dnsbl
    [Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL
    lookup results
    Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes
    that a "not found" result from a DNSBL server will be valid for one
    hour.  This may have been adequate five years ago when postscreen
    was first implemented, but nowadays, that one hour can result in
    missed opportunities to block new spambots.
    To address this, postscreen now respects the TTL of DNSBL "not
    found" replies, as well as the TTL of DNSWL replies (both "found"
    and "not found").  The TTL for a "not found" reply is determined
    according to RFC 2308 (the TTL of an SOA record in the reply).
    Support for DNSBL or DNSWL reply TTL values is controlled by two
    configuration parameters:
    postscreen_dnsbl_min_ttl (default: 60 seconds).
      This parameter specifies a minimum for the amount of time that
      a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
      This prevents an excessive number of postscreen cache updates
      when a DNSBL or DNSWL server specifies a very small reply TTL.
    postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour)
      This parameter specifies a maximum for the amount of time that
      a DNSBL or DNSWL result will be cached in the postscreen_cache_map.
      This prevents cache pollution when a DNSBL or DNSWL server
      specifies a very large reply TTL.
    The postscreen_dnsbl_ttl parameter is now obsolete, and has become
    the default value for the new postscreen_dnsbl_max_ttl parameter.
  - Major changes - sasl auth safety
    [Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to
    enforce an optional rate limit on AUTH commands per SMTP client IP
    address.  Similar to other smtpd_client_*_rate_limit features, this
    enforces a limit on the number of requests per $anvil_rate_time_unit.
  - Major changes - smtpd policy
    [Feature 20150913] New SMTPD policy service attribute "policy_context",
    with a corresponding "smtpd_policy_service_policy_context" configuration
    parameter.  Originally, this was implemented to share the same SMTPD
    policy service endpoint among multiple check_policy_service clients.
* Wed Dec 09 2015 varkoly@suse.com
  - bnc#958329 postfix fails to start when openslp is not installed
* Mon Oct 12 2015 michael@stroeder.com
  - upstream update postfix 2.11.7:
    * The Postfix Milter client aborted with a panic while adding a
      message header, after adding a short message header with the
      header_checks PREPEND action. Fixed by invoking the header
      output function while PREPENDing a message header.
    * False alarms while scanning the Postfix queue. Fixed by resetting
      errno before calling readdir(). This defect was introduced
      19970309.
    * The postmulti command produced an incorrect error message.
    * The postmulti command now refuses to create a new MTA instance
      when the template main.cf or master.cf file are missing. This
      is a common problem on Debian-like systems.
    * Turning on Postfix SMTP server HAProxy support broke TLS
      wrappermode. Fixed by temporarily using a 1-byte VSTREAM buffer
      to read the HAProxy connection hand-off information.
    * The xtext_unquote() function did not propagate error reports
      from xtext_unquote_append(), causing the decoder to return
      partial output, instead of rejecting malformed input. The Postfix
      SMTP server uses this function to parse input for the ENVID and
      ORCPT parameters, and for XFORWARD and XCLIENT command parameters.
* Wed Aug 12 2015 jkeil@suse.de
  - boo#934060: Remove quirky hostname logic from config.postfix
    * /etc/hostname doesn't contain anything useful
    * linux.local is no good either
    * postfix will use `hostname`.localdomain as fallback
* Tue Aug 04 2015 meissner@suse.com
  - postfix-no-md5.patch: replace fingerprint defaults by sha1. bsc#928885
* Tue Aug 04 2015 meissner@suse.com
  - %verifyscript is a new section, move it out of the %ifdef
    so the fillups are run afterwards.
* Wed Jul 22 2015 michael@stroeder.com
  - upstream update postfix 2.11.6:
    Default settings have been updated so that they no longer enable
    export-grade ciphers, and no longer enable the SSLv2 and SSLv3
    protocols.
  - removed postfix-2.11.5_linux4.patch because it's obsolete
  - Bugfix (introduced: Postfix 2.11): with connection caching
    enabled (the default), recipients could be given to the wrong
    mail server. (bsc#944722)
* Mon Jun 01 2015 crrodriguez@opensuse.org
  - postfix-SuSE.tar.gz/postfix.service: None of
    nss-lookup.target network.target local-fs.target time-sync.target
    should be Wanted or Required except by the services
    the implement the relevant functionality i.e network.target
    is wanted/required by networkmanager, wicked,
    systemd-network. other software must be ordered After them,
    see systemd.special(7)
* Sun May 17 2015 mpluskal@suse.com
  - Fix library symlink generation (boo#928662)
* Tue Apr 21 2015 mrueckert@suse.de
  - added postfix-2.11.5_linux4.patch:
    Allow building on kernel 4. Patch taken from:
    https://groups.google.com/forum/#!topic/mailing.postfix.users/fufS22sMGWY
* Sun Apr 19 2015 mrueckert@suse.de
  - update to postfix 2.11.5
    - Bugfix (introduced: Postfix 2.6):
      sender_dependent_relayhost_maps ignored the relayhost setting
      in the case of a DUNNO lookup result.  It would use the
      recipient domain instead.  Viktor Dukhovni. Wietse took the
      pieces of code that enforce the precedence of a
      sender-dependent relayhost, the global relayhost, and the
      recipient domain, and put that code together in once place so
      that it is easier to maintain.  File:
      trivial-rewrite/resolve.c.
    - Bitrot: prepare for future changes in OpenSSL API. Viktor
      Dukhovni. File: tls_dane.c.
    - Incompatibility: specifying "make makefiles" with "CC=command"
      will no longer override the default WARN setting.
* Mon Feb 09 2015 michael@stroeder.com
  - upstream update postfix 2.11.4:
    Postfix 2.11.4 only:
    * Fix a core dump when smtp_policy_maps specifies an invalid TLS
    level.
    * Fix a missing " in \%s\", in postconf(1) fatal error messages,
    which violated the C language spec. Reported by Iain Hibbert.
    All supported releases:
    * Stop excessive recursion in the cleanup server while recovering
    from a virtual alias expansion loop. Problem found at Two Sigma.
    * Stop exponential memory allocation with virtual alias expansion
    loops. This came to light after fixing the previous problem.
* Sun Feb 08 2015 varkoly@suse.com
  - correct pf_daemon_directory in spec. This must be /usr/lib/
* Thu Jan 22 2015 varkoly@suse.com
  - bnc#914086 syntax error in config.postfix
  - Adapt config.postfix to be able to run on SLE11 too.
* Mon Jan 19 2015 mpluskal@suse.com
  - Don't install sysvinit script when systemd is used
  - Make explicit PreReq dependencies conditional only for older
    systems
  - Don't try to set explicit attributes to symlinks
  - Cleanup spec file vith spec-cleaner
* Tue Jan 13 2015 varkoly@suse.com
  - bnc#912594 config.postfix creates config based on old options
* Tue Jan 06 2015 varkoly@suse.com
  - bnc#911806 config.postfix does not set up correct saslauthd socket directory for chroot
  - bnc#910265 config.postfix does not upgrade the chroot
  - bnc#908003 wrong access rights on /usr/sbin/postdrop causes
    permission denied when trying to send a mail as non root user
  - bnc#729154 wrong permissions for some postfix components
* Fri Nov 21 2014 tchvatal@suse.com
  - Remove keyring and things as it is md5 based one no longer
    accepted by gpg 2.1
* Fri Nov 14 2014 dimstar@opensuse.org
  - No longer perform gpg validation; osc source_validator does it
    implicit:
    + Drop gpg-offline BuildRequires.
    + No longer execute gpg_verify.
* Mon Oct 27 2014 dmueller@suse.com
  - restore previously lost fix:
    Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de
    - Ignore errors in %pre/%post.
* Mon Oct 20 2014 michael@stroeder.com
  - postfix 2.11.3:
    * Fix for configurations that prepend message headers with Postfix
      access maps, policy servers or Milter applications. Postfix now
      hides its own Received: header from Milters and exposes prepended
      headers to Milters, regardless of the mechanism used to prepend
      a header. This fix reverts a partial solution that was released
      on October 13, 2014, and replaces it with a complete solution.
    * Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure.
  - postfix 2.11.2:
    * Fix for DMARC implementations based on SPF policy plus DKIM
      Milter. The PREPEND access/policy action added headers ABOVE
      Postfix's own Received: header, exposing Postfix's own Received:
      header to Milters (protocol violation) and hiding the PREPENDed
      header from Milters. PREPENDed headers are now added BELOW
      Postfix's own Received: header and remain visible to Milters.
    * The Postfix SMTP server logged an incorrect client name in
      reject messages for check_reverse_client_hostname_access and
      check_reverse_client_hostname_{mx,ns}_access. They replied with
      the verified client name, instead of the name that was rejected.
    * The qmqpd daemon crashed with null pointer bug when logging a
      lost connection while not in a mail transaction.
* Sun Sep 14 2014 andreas.stieger@gmx.de
  - switch from md5 based signature to one using the SHA-512 digest
    algorithm supplied by maintainer on ML to pass source_validator
* Sat Sep 13 2014 andreas.stieger@gmx.de
  - postfix 2.11.1:
    * With connection caching enabled (the default), recipients could
      be given to the wrong mail server.
    * Enforce TLS when TLSA records exist, but all are unusable.
    * Don't leak memory when TLSA records exist, but all are unusable.
    * Prepend "-I. -I../../include" to the compiler command-line
      options, to avoid name clashes with non-Postfix header files.
    * documentation fixes
    * logging fixes
* Fri Aug 29 2014 rusjako@rus.uni-stuttgart.de
  - fix dynamic_maps patch to enable memcache support, which does not
    need any libraries
* Thu Jul 31 2014 dimstar@opensuse.org
  - Rename rpmlintrc to %{name}-rpmlintrc.
    Follow the packaging guidelines.
* Fri Jun 27 2014 chris@computersalat.de
  - fix typo in postfix-SuSE/update_chroot.systemd
  - fix config.postfix
    * 'insserv amavis' -> 'chkconfig amavis on'
  - rework main.cf patch
    * fix virtual stuff
    * add some dovecot stuff
  - rework master.cf patch
    * add some dovecot stuff
* Mon Jun 23 2014 jamesp@vicidial.com
  - The included postfix-mysql.tar.bz2 was using a MySQL 4.1 style of
    table engine specification. Modified so that the sql uses
    'ENGINE=' instead of 'TYPE=' for creating tables.
* Mon Jun 23 2014 varkoly@suse.com
  - bnc#816769 - config.postfix issues warnings about missing master.cf
* Tue Jun 10 2014 varkoly@suse.com
  - bnc#882033 - Package postfix has changed files according to rpm
  - bnc#855688 - possible systemd bug: postfix & cifs dependency confict
* Mon Jun 09 2014 varkoly@suse.com
  - bnc#863350 - SuSEconfig.postfix complains about modified /etc/postfix/main.cf after updating postfix
* Mon May 26 2014 chris@computersalat.de
  - replace vda patch:
    * add postfix-vda-v13-2.10.0.patch
    * remove postfix-vda-v11-2.9.6.patch
  - rebase patches
  - config.postfix
    * add master.cf support for submission (587)
    * rework master.cf support for smtps
* Wed Feb 12 2014 varkoly@suse.com
  - bnc#862662 - Unable to configure postfix SMTP with forced TLS using YaST2
  - Update to 2.11.0
    * TLS
      o Support for PKI-less TLS server certificate verification, where
      the CA public key or the server certificate is identified via DNSSEC lookup
    * LMDB database support
    * master
      o The master_service_disable parameter value syntax has changed:
      use "service/type" instead of "service.type".
    * postconf:
      o Support for advanced master.cf query and update operations.
      This was implemented primarily to support automated system management tools.
      o The postconf command produces more warnings
    * relay safety
      New smtpd_relay_restrictions parameter built-in default settings:
      smtpd_relay_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    defer_unauth_destination
    * postscreen whitelisting
      Allow a remote SMTP client to skip postscreen(8) tests based on
      its postscreen_dnsbl_sites score.
* Fri Oct 11 2013 matz@suse.de
  - Ignore errors in %pre/%post.
* Thu Oct 03 2013 crrodriguez@opensuse.org
  - two improvements for 13.1 and factory
    * postfix-opensslconfig.patch call openSSL_config
    so postfix respects the system's openssl configuration
    * postfix-SuSE/postfix.service since a few months there
    is no mail-transfer-agent.target, units must be ordered
    after a list of smtpd implementations instead.
* Fri Sep 20 2013 varkoly@suse.com
  - Proc is not needed in chroot anymore
* Tue Jul 30 2013 schwab@suse.de
  - postfix-main.cf.patch: remove duplicate entry for inet_protocols
* Mon Jun 17 2013 chris@computersalat.de
  - fix for warning
    * unused parameter: virtual_create_maildirsize=yes
    * unused parameter: virtual_mailbox_extended=yes
    * rework main.cf.patch
  - fix rcpostfix for sysvinit systems
    * /etc/postfix/system/update_postmaps: No such file or directory
  - rebase patches
    * vda-v11-2.9.5 -> vda-v11-2.9.6
  - fix file postfix-SuSE.tar.gz
    * made a tar.gz
* Sun Jun 16 2013 jengelh@inai.de
  - postfix.spec forces the use of SSL and SASL libraries,
    so make sure the BuildRequires are there
* Fri Jun 14 2013 jengelh@inai.de
  - Add postfix-db6.diff to fix compile abort with libdb-6.0
* Mon Apr 22 2013 idonmez@suse.com
  - Add Source URL, see https://en.opensuse.org/SourceUrls
  - Add GPG verification
* Sat Apr 20 2013 crrodriguez@opensuse.org
  -  postfix-SuSE/postfix.service do not Require or
    order after syslog.target as it no longer exists
    postfix will fail to start in the next systemd version.
* Sat Feb 23 2013 rmilasan@suse.com
  - Install postfix.service accordingly (/usr/lib/systemd for 12.3
    and up or /lib/systemd for older versions).
* Wed Feb 06 2013 varkoly@suse.com
  - update to 2,9.6
    Bugfix: the local(8) delivery agent dereferenced a null pointer
    while delivering to null command (for example, "|" in a .forward file).
    Bugfix: memory leak in program initialization. tls/tls_misc.c.
    Bugfix: he undocumented OpenSSL X509_pubkey_digest() function is
    unsuitable for computing certificate PUBLIC KEY fingerprints.
    Postfix now provides a correct procedure that accounts for
    the algorithm and parameters in addition to the key data.  Specify
    "tls_legacy_public_key_fingerprints = yes" if you need backwards compatibility.
* Thu Jan 17 2013 varkoly@suse.com
  - bnc#796162 - script to assign path elements not working in postfix install Build-0284(iso)
* Thu Jan 10 2013 chris@computersalat.de
  - rebase patches
    * vda-v10-2.8.12 -> vda-v11-2.9.5 (and to be a p0)
    * main, master, post-instal, ssl-release-buffers (remove version)
    * dynamic_maps, dynamic_maps_pie, pointer_to_literals
* Thu Jan 10 2013 varkoly@suse.com
  - update to 2,9.5
    * tls support:
      Support to turn off the TLSv1.1 and TLSv1.2 protocols:
      To temporarily turn off problematic protocols globally:
      /etc/postfix/main.cf:
      smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
      smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
      However, it may be better to temporarily turn off problematic
      protocols for broken sites only:
      /etc/postfix/main.cf:
      smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
      /etc/postfix/tls_policy:
      example.com         may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
    * 20111012 To simplify integration with third-party
      applications, the Postfix sendmail command now always transforms
      all input lines ending in <CR><LF> into UNIX format (lines ending
      in <LF>). Specify "sendmail_fix_line_endings = strict" to restore
      historical Postfix behavior (i.e. convert all input lines ending
      in <CR><LF> only if the first line ends in <CR><LF>).
    * 20120114 Logfile-based alerting systems may need to be
      updated to look for "error" messages in addition to "fatal" messages.
      Specify "daemon_table_open_error_is_fatal = yes" to get the historical
      behavior (immediate termination with "fatal" message).
    * enable_long_queue_ids Postfix 2.9 introduces support for non-repeating queue IDs (also
      used as queue file names). These names are encoded in a mix of upper
      case, lower case and decimal digit characters.  Long queue IDs are
      disabled by default to avoid breaking tools that parse logfiles and
      that expect queue IDs with the smaller [A-F0-9] character set.
    * 20111209 memcache lookup and update support. This provides
      a way to share postscreen(8) or verify(8) caches between Postfix
      instances.  See MEMCACHE_README and memcache_table(5) for details
      and limitations.
    * 20111218 To support external SASL authentication, e.g.,
      in an NGINX proxy daemon, the Postfix SMTP server now always checks
      the smtpd_sender_login_maps table, even without having
      "smtpd_sasl_auth_enable = yes" in main.cf.
    * ipv6
      o The default inet_protocols value is now "all" instead of "ipv4",
      meaning use both IPv4 and IPv6.
      o The default smtp_address_preference value is now "any" instead
      of "ipv6", meaning choose randomly between IPv6 and IPv4. With
      this the Postfix SMTP client will have more success delivering
      mail to sites that have problematic IPv6 configurations.
* Sat Dec 15 2012 chris@computersalat.de
  - update to 2.8.13
    * 20121029
      Workaround: strip datalink suffix from IPv6 addresses
      returned by the system getaddrinfo() routine.  Such suffixes
      mess up the default mynetworks value, host name/address
      verification and possibly more. This change obsoletes the
      20101108 change that removes datalink suffixes in the SMTP
      and QMQP servers, but we leave that code alone.  File:
      util/myaddrinfo.c.
    * 20121013
      Cleanup: to compute the LDAP connection cache lookup key,
      join the numeric fields with null, just like string fields.
      Viktor Dukhovni. File: global/dict_ldap.c.
    * 20121010
      Bugfix (introduced: Postfix 2.5): memory leak in program
      initialization. Reported by Coverity. File: tls/tls_misc.c.
      Bugfix (introduced: Postfix 2.3): memory leak in the unused
      oqmgr program. Reported by Coverity. File: oqmgr/qmgr_message.c.
    * 20121003
      Bugfix: the postscreen_access_list feature was case-sensitive
      in the first character of permit, reject, etc. Reported by
      Feancis Picabia. File: global/server_acl.c.
  - rebase dynamic_maps_pie patch
  - rpmlint
    * invalid-suse-version-check 1140
    * obsolete-suse-version-check 920 (changes file)
* Fri Dec 14 2012 varkoly@suse.com
  - bnc#790141 - Command SuSEconfig.postfix reports ERROR -
    "can not find /lib/YaST/SuSEconfig.functions!!"
* Thu Nov 08 2012 varkoly@suse.com
  - bnc#782048 - postfix uses /sbin/conf.d
  - bnc#784659 - remove SuSEconfig calls from yast2-mail
* Fri Aug 10 2012 chris@computersalat.de
  - update to 2.8.12
    * 20120730
      Bugfix (introduced: 20000314): AUTH is not allowed after
      MAIL. Timo Sirainen.  File: smtpd/smtpd_sasl_proto.c.
    * 20120702
      Bugfix (introduced: 19990127): the BIFF client leaked an
      unprivileged UDP socket. Fix by Jaroslav Skarvada.  File:
      local/biff_notify.c.
    * 20120621
      Bugfix (introduced: Postfix 2.8): the unused "pass" trigger
      client could close the wrong file descriptors.  File:
      util/unix_pass_trigger.c.
  - fix for bnc#771303
    * add 'version = 3' to ldap_aliases.cf
  - rebase patches
    * main, master, post-install: 2.8.3 -> 2.8.12
    * ssl-release-buffers: 2.8.5 -> 2.8.12
    * vda-v10: 2.8.9 -> 2.8.12
    * dynamic_maps, dynamic_maps_pie, ipv6_disabled, pointer_to_literals
  - fix changes file
* Thu Jul 19 2012 varkoly@suse.com
  - bnc#771811 - postfix update does not regenerate the maps
* Mon Jun 11 2012 varkoly@suse.com
  - update to 2.8.11
    * 20120520
    - Bugfix (introduced Postfix 2.4): the event_drain() function
      was comparing bitmasks incorrectly causing the program to
      always wait for the full time limit. This error affected
      the unused postkick command, but only after s/fifo/unix/
      in master.cf.  File: util/events.c.
    - Cleanup: laptop users have always been able to avoid
      unnecessary disk spin-up by doing s/fifo/unix/ in master.cf
      (this is currently not supported on Solaris systems).
      However, to make this work reliably, the "postqueue -f"
      command must wait until its requests have reached the pickup
      and qmgr servers before closing the UNIX-domain request
      sockets.  Files: postqueue/postqueue.c, postqueue/Makefile.in.
* Wed May 09 2012 varkoly@suse.com
  - bnc#753910 - {name} instead of %{name} in postfix .spec
  - bnc#756452 - VUL-1: postfix: VRFY allows enumerating users
* Thu May 03 2012 chris@computersalat.de
  - update to 2.8.10
    * 20120401
      Bitrot: shut up useless warnings about Cyrus SASL call-back
      function pointer type mis-matches. Files: xsasl/xsasl_cyrus.h,
      xsasl/xsasl_cyrus_server.c, xsasl/xsasl_client.c.
    * 20120422
      Bit-rot: OpenSSL 1.0.1 introduces new protocols. Update the
      known TLS protocol list so that protocols can be turned off
      selectively to work around implementation bugs.  Based on
      a patch by Victor Duchovni.  Files: proto/TLS_README.html,
      proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c,
      tls/tls_server.c.
  - update to 2.8.9
    * 20120217
      Cleanup: missing #include statement for bugfix code added
      20111226. File: local/unknown.c.
    * 20120214
      Bugfix (introduced: Postfix 2.4): extraneous null assignment
      caused core dump when postlog emitted the "usage" message.
      Reported by Kant (fnord.hammer). File: postlog/postlog.c.
    * 20120202
      Bugfix (introduced: Postfix 2.3): the "change header" milter
      request could replace the wrong header. A long header name
      could match a shorter one, because a length check was done
      on the wrong string.  Reported by Vladimir Vassiliev.  File:
      cleanup/cleanup_milter.c.
  - use latest VDA patch (2.8.9)
* Thu Apr 12 2012 varkoly@suse.com
  - bnc#756450 - postfix: remove version from banner
* Mon Apr 09 2012 bruno@ioda-net.ch
  - add port 587 smtp-auth submission to postfix-fw bnc#756289
* Mon Apr 02 2012 dmueller@suse.de
  - set exit code explicitely in cond_slp, systemd checks for it
* Tue Mar 13 2012 varkoly@suse.com
  - Documentation for bnc#751994 - SuSEconfig module postfix does not exist
* Wed Mar 07 2012 varkoly@suse.com
  - rcpostfix now updates the aliases too
* Mon Feb 27 2012 chris@computersalat.de
  - update to 2.8.8
    Bugfixes:
    tlsproxy(8) stored TLS sessions with a serverID of
      "tlsproxy" instead of "smtpd", wasting an opportunity for
      session reuse.  File: tlsproxy/tlsproxy.c.
    missing lookup table entry and terminator, causing
      proxymap server segfault when postscreen(8) or verify(8)
      attempted to access their cache via the proxymap server.
      This could never have worked anyway, because the Postfix
      2.8 proxymap protocol does not support cache cleanup.  File
      util/dict.c.
    the Postfix client sqlite
      quoting routine returned the unquoted result instead of the
      quoted text.  The opportunities for misuse are limited,
      because Postfix sqlite files are usually owned by root, and
      Postfix daemons usually run with non-root privileges so
      they can't corrupt the database. Problem reported by Rob
      McGee (rob0).  File: global/dict_sqlite.c.
    the trace service did not
      distinguish between notifications for a non-bounce or a
      bounce message. This code pre-dates DSN support and should
      have been updated when it was re-purposed to handle DSN
      SUCCESS notifications. Problem reported by Sabahattin
      Gucukoglu.  File: bounce/bounce_trace_service.c.
  - use latest VDA patch (2.8.5)
* Wed Jan 25 2012 varkoly@suse.com
  - bnc#743369 - yast2 mail module does not open the firewall
  - Set MD5DIR in SuSEconfig.postfix to avoid warnings
* Tue Jan 17 2012 varkoly@suse.com
  - bnc738693 - upgrade from 11.4 enables mysql service for systemd
* Thu Jan 12 2012 varkoly@suse.com
  - Add postmap rebuild script to systemv init script too
* Wed Jan 11 2012 varkoly@suse.com
  - bnc#738900 - cyrus-imapd not receiving mail from postfix
* Tue Dec 13 2011 varkoly@suse.com
  -  Move the post map rebuild script into the start script
* Tue Dec 06 2011 varkoly@suse.com
  - Fix the last change in %post
* Fri Dec 02 2011 varkoly@suse.com
  - bnc#728308 - warning output after update the postfix package
* Wed Nov 09 2011 varkoly@suse.com
  - update to 2.8.7
    Bugfixes:
    smtpd(8) did not sanitize newline characters in cleanup(8)
      REJECT messages, causing them to be sent out via SMTP as bare newline characters.
    smtpd(8) sent multi-line responses from a before-queue content filter as text with
      bare <LF> instead of <CR><LF>.
    Workaround: postscreen sent non-compliant SMTP responses (220- followed by 421)
      when it could not give a connection to a real smtpd process, causing some
      remote SMTP clients to bounce mail.
* Thu Nov 03 2011 varkoly@suse.com
  - Use the systemd macros in the spec file
* Fri Oct 14 2011 mhrusecky@suse.cz
  - only fix files that exists in %post
* Sun Oct 09 2011 crrodriguez@opensuse.org
  - Use SSL_MODE_RELEASE_BUFFERS if available, see
    SSL_CTX_set_mode man page and
    http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
    for the full details.
* Tue Sep 06 2011 chris@computersalat.de
  - update to 2.8.5
    * Bugfix: allow for Milters that send an SMTP server reply
      without RFC 3463 enhanced status code. Reported by Vladimir
      Vassiliev.  File: milter/milter8.c.
* Mon Aug 22 2011 varkoly@novell.com
  - bnc#684304 - server:mail/postfix: Bugs in SuSEconfig chroot setup script
  - Aplly SASL_SOCKET_DIR patch
* Thu Aug 18 2011 varkoly@novell.com
  - Move SuSEconfig.postfix into /usr/sbin/
    (FATE#311272: Do not rewrite postfix.cf via SuSEconfig)
    SuSEconfig.postfix will be executed only once after installation
    automaticaly. Afterwards only you can start it manually or via
    yast2 mail module.
* Fri Aug 12 2011 werner@suse.de
  - Just the first strep forward to systemd, please test out
      /etc/postfix/system/update_chroot
      /etc/postfix/system/wait_qmgr
      /etc/postfix/system/cond_slp
    and
      /lib/systemd/system/postfix.service
    and also fill out the missing description.
* Tue Aug 09 2011 chris@computersalat.de
  - rework SuSE patch
    * add missing SASL stuff in rc.postfix
* Mon Jul 25 2011 chris@computersalat.de
  - when chrooted and using SASL
    o mount -o bind SASL_SOCKET_DIR into postfix CHROOT
* Mon Jul 11 2011 chris@computersalat.de
  - update to 2.8.4
    o Linux kernel version 3 support.
    for more info see ChangeLog
* Wed Jul 06 2011 varkoly@novell.com
  - bnc#686436 - postfix bounces messages with improper use of 8-bit data in message body
  - Apply patch
* Fri Jul 01 2011 chris@computersalat.de
  - rework master.cf patch
    o fix receive_override_options line
  - rework SuSE patch
    o sysconfig: remove POSTFIX_WITH_POP_BEFORE_SMTP
    o SuSEconfig: fix receive_override_options line
* Thu Jun 30 2011 chris@computersalat.de
  - replace vda patch
    o 2.8.1 -> 2.8.3
  - fix files doc
    o remove 'doc auxiliary'
      instead cp to pf_docdir
* Sat May 28 2011 varkoly@novell.com
  - fix spec for building on all repos
* Tue May 24 2011 varkoly@novell.com
  - bnc#679187 - suseconfig/postfix: missing dependency
* Tue May 17 2011 chris@computersalat.de
  - fix master.cf
    o fix missing
    - amavis    unix  -       -       n       -       4       smtp
    - localhost:10025 inet   n       -       n       -       -       smtpd
    o add master.cf patch
  - rework patches
    o main.cf (add two missing sasl vars)
    o postfix-SuSE (SuSEconfig, cleanup those vars,...)
* Sun May 15 2011 chris@computersalat.de
  - rework TLS stuff
    o reworked main.cf patch
    o added postfix-SuSE patch
    o added post-install patch
      Editing /etc/postfix/master.cf, adding missing entry for tlsmgr service
      add only if it really does not exist
  - removed Author from description
  - updated vda patch
    o vda-2.7.1 > vda-v10-2.8.1
  - fix build for SLE_10
    o no fdupes ;)
* Wed May 11 2011 varkoly@novell.com
  - remove document paths from postfix-files to avoid error messages
    when postfix-doc is not installed
* Tue May 10 2011 varkoly@novell.com
  - update to 2.8.3 - VUL-0: postfix memory corruption
* Sun Apr 10 2011 varkoly@novell.com
  - bnc#641271 - postfix-2.7.1: init script cannot properly stop
    multi-instance configurations
* Wed Mar 30 2011 varkoly@novell.com
  - update to 2.8.2
    * DNSBL/DNSWL:
      o Support for address patterns in DNS blacklist and whitelist lookup results.
      o The Postfix SMTP server now supports DNS-based whitelisting with several safety features
    * Support for read-only sqlite database access.
    * Alias expansion:
      o Postfix now reports a temporary delivery error when the result
      of virtual alias expansion would exceed the virtual_alias_recursion_limit
      or virtual_alias_expansion_limit.
      o To avoid repeated delivery to mailing lists with pathological
      nested alias configurations, the local(8) delivery agent now keeps
      the owner-alias attribute of a parent alias, when delivering mail
      to a child alias that does not have its own owner alias.
    * The Postfix SMTP client no longer appends the local domain when
      looking up a DNS name without ".".
    * The SMTP server now supports contact information that is appended
      to "reject" responses: smtpd_reject_footer
    * Postfix by default no longer adds a "To: undisclosed-recipients:;"
      header when no recipient specified in the message header.
    * tls support:
      o The Postfix SMTP server now always re-computes the SASL mechanism
      list after successful completion of the STARTTLS command.
      o The smtpd_starttls_timeout default value is now stress-dependent.
      o Postfix no longer appends the system-supplied default CA certificates
      to the lists specified with *_tls_CAfile or with *_tls_CApath.
    * New feature: Prototype postscreen(8) server that runs a number
      of time-consuming checks in parallel for all incoming SMTP connections,
      before clients are allowed to talk to a real Postfix SMTP server.
      It detects clients that start talking too soon, or clients that appear
      on DNS blocklists, or clients that hang up without sending any command.
* Thu Feb 10 2011 varkoly@novell.com
  - bnc#667299 - Postfix LICENSE not marked as documentation
* Mon Jan 17 2011 chris@computersalat.de
  - add some min LDAP support for virtual LDAP-users
    o sysconfig "WITH_LDAP"
    o add ldap_aliases.cf
    o SuSEconfig.postfix
      virtual_alias_maps = ... ldap:/etc/postfix/ldap_aliases.cf
* Tue Jan 04 2011 chris@computersalat.de
  - update to 2.7.2
    * Bugfix (introduced Postfix 2.2): Postfix no longer appends
      the system default CA certificates to the lists specified
      with *_tls_CAfile or with *_tls_CApath.  This prevents
      third-party certificates from getting mail relay permission
      with the permit_tls_all_clientcerts feature.  Unfortunately
      this may cause compatibility problems with configurations
      that rely on certificate verification for other purposes.
      To get the old behavior, specify "tls_append_default_CA =
      yes".  Files: tls/tls_certkey.c, tls/tls_misc.c,
      global/mail_params.h.  proto/postconf.proto, mantools/postlink.
    * Compatibility with Postfix < 2.3: fix 20061207 was incomplete
      (undoing the change to bounce instead of defer after
      pipe-to-command delivery fails with a signal). Fix by Thomas
      Arnett. File: global/pipe_command.c.
    * Bugfix: the milter_header_checks parser provided only the
      actions that change the message flow (reject, filter,
      discard, redirect) but disabled the non-flow actions (warn,
      replace, prepend, ignore, dunno, ok).  File:
      cleanup/cleanup_milter.c.
    * Performance: fix for poor smtpd_proxy_filter TCP performance
      over loopback (127.0.0.1) connections. Problem reported by
      Mark Martinec.  Files: smtpd/smtpd_proxy.c.
    * Cleanup: don't apply reject_rhsbl_helo to non-domain forms
      such as network addresses.  This would cause false positives
      with dbl.spamhaus.org.  File: smtpd/smtpd_check.c.
    * Bugfix: the "421" reply after Milter error was overruled
      by Postfix 1.1 code that replied with "503" for RFC 2821
      compliance. We now make an exception for "final" replies,
      as permitted by RFC. Solution by Victor Duchovni. File:
      smtpd/smtpd.c.
* Sat Dec 11 2010 chris@computersalat.de
  - update vda patch
    o remove 2.6.1-vda-ng.patch
    o remove 2.6.1-vda-ng-64bit.patch
    o add vda-2.7.1.patch
  - rework main.cf.patch
    o remove 2.2.9-main.cf.patch
    o add 2.7.1-main.cf.patch
* Tue Dec 07 2010 coolo@novell.com
  - prereq init scripts network and syslog
* Thu Aug 12 2010 varkoly@novell.com
  - Remove obsolate postscripts
  - bnc#625657 - SuSEconfig.postfix and smtp_use_tls
  - bnc#622873 - postfix doesn't start if ipv6 is disabled
* Tue Jul 06 2010 chris@computersalat.de
  - reworked bnc#606251 stuff (not checked in to Factory)
    o used my_print_defaults command for parsing of /etc/my.cnf
    o using quotation marks: "$PF_CHROOT"
    o added sysconfig option POSTFIX_MYSQL_CONN=(socket,tcp)
* Wed Jun 16 2010 chris@computersalat.de
  - bnc#606251 - postfix chrooted mysql.sock lost on mysql restart
    o Now MYSQL_SOCK_DIR is mounted with '-o bind' to postfix CHROOT
* Thu Jun 10 2010 varkoly@novell.com
  - update to 2.7.1
    * Bugfix (introduced Postfix 2.6) in the XFORWARD implementation,
      which sends remote SMTP client attributes through SMTP-based content filters.
      The Postfix SMTP client did not skip "unknown" SMTP client attributes,
      causing a syntax error when sending an "unknown" client PORT attribute.
    * Robustness: skip LDAP queries with non-ASCII search strings, instead of failing with a database lookup error.
    * Safety: Postfix processes now log a warning when a matchlist has
      a #comment at the end of a line (for example mynetworks or relay_domains).
    * Portability: OpenSSL 1.0.0 changes the priority of anonymous cyphers.
    * Portability: Berkeley DB 5.x is now supported.
* Thu May 20 2010 chris@computersalat.de
  - fix obviously lost POSTFIX_MYHOSTNAME in SuSEconfig.postfix
* Wed Apr 07 2010 varkoly@novell.com
  - New file check_mail_queue. This script checks if there are some
    mails in the queue and starts postfix if necessary. After delivering
    the mails postfix will be stoped.
* Thu Apr 01 2010 varkoly@novell.com
  - bnc#559145 - Changed Domain name not reflected when sending mail
    First /var/run/dhcp-hostname will be evaluated
  - Now POSTFIX_SMTP_TLS_CLIENT is ternary : no yes must
* Sun Feb 28 2010 varkoly@novell.com
  - update to 2.7.0
    * performance
    - Periodic cache cleanup for the verify(8) cache database.
    - Improved before-queue filter performance.
    * sender reputation
    - The FILTER action in access maps or header/body_checks now supports sender
      reputation schemes that dynamically choose the SMTP source IP address.
    * address verification
    - The verify(8) service now uses a persistent cache by default.
    * content filter
    - The meaning of an empty filter next-hop destination has changed.
    - The FILTER action in access maps or header/body_checks now supports sender
      reputation schemes that dynamically choose the SMTP source IP address.
    * milter
    - Support for header checks on Milter-generated message headers.
    Please read /usr/share/doc/packages/postfix/RELEASE_NOTES for details.
* Thu Feb 11 2010 coolo@novell.com
  - revert the change to PreReq openldap-devel, this increases the
    default installation several MBs
* Tue Feb 02 2010 varkoly@novell.com
  - bnc#567569 - Postfix: move ldap support to a separate package
  - bnc#557239 - postfix delivers mail to user's home instead of /var/spool/mail
* Tue Jan 05 2010 chris@computersalat.de
  - rpmlint fixes
    o init-script-undefined-dependency $network-remotefs
  - fix for SuSEconfig.postfix
    o if use_amavis eq "yes"
      then content_filter "amavis:[127.0.0.1]:10024]" is defined,
      so removed "-o content_filter=smtp:[127.0.0.1]:10024" for smtp
  - s#ldconfig#/sbin/ldconfig#
* Tue Dec 22 2009 freespacer@gmx.de
  - Add support for dovecot as MDA to SuSEconfig.
* Wed Dec 16 2009 jengelh@medozas.de
  - Package documentation as noarch
* Thu Dec 10 2009 varkoly@suse.de
  - Remove postfixs update script. This does not work now.
* Tue Dec 08 2009 varkoly@suse.de
  - Fix the %post section add missed %{fillup_only -an mail}
* Mon Nov 16 2009 varkoly@suse.de
  - bnc#555814 – VUL-0: SMTPD_LISTEN_REMOTE="yes" by default
  - bnc#555732 - Invalid $(hostname -i) usage SuSEconfig.postfix
  - bnc#547928 – Postfix does not start during boot process
  - Avoid append relay multiple times in POSTFIX_MAP_LIST
* Mon Oct 26 2009 varkoly@suse.de
  - bnc#549612 – SuSEconfig.postfix
* Mon Sep 28 2009 varkoly@suse.de
  - bnc#540538 – postfix-2.6.1-10.1 installs new files in /etc/postfix and does not generate <file>.db
  - bnc#519438 - Postfix: Running chrooted lets qmgr loosing his syslog-socket
  - remove obsolate version tests from SuSEconfig.postfix
* Mon Sep 28 2009 varkoly@suse.de
  - bnc#525825 - when using cyrus in a chroot environment Suseconfig does not
    create socket /var/lib/imap/socket/lmtp
* Mon Sep 14 2009 chris@computersalat.de
  - spec
    o fdupes if >= 1100
* Thu Sep 10 2009 chris@computersalat.de
  - update to 2.6.1
    o merge home:varkoly:Factory and o:F
  - spec mods
    o use of getent
  - rpmlint
    o remove unneeded dists from examples/chroot-setup/
    o postin-without-ldconfig
    o files-duplicate /usr/share/doc/packages/postfix-doc/html/
    o files-duplicate /usr/share/man/man?
* Mon Apr 13 2009 chris@computersalat.de
  - added VDA patch
    o Mailbox / Maildir size limit, known also as "soft quota",
      to avoid user take all you disk space
    o Customizable "limit" message when the soft quota limit is reached.
      NOTE: message is sent to senders, but NOT to the owner of the mailbox.
    o Limit only 'INBOX', because some people use IMAP and don't want
      the same limit in IMAP folder that are differents from INBOX.
    o Support for 'Courier' style Maildir, usefull for people that
      use courier as pop3/imap server and to get fast soft quota summary.
      Note that it is also compatible with qmail maildir per default.
    o Supports for Courier 'maildirsize' file in Maildir folder that
      is used to read quotas quickly. Note that this option is not
      actived per default and can be dangerous on some NFS client
      implementation
      (like for example Solaris that cache some filesystem operations).
    o Customisable suffix for Maildir support, when share same external
      dict between postfix and pop3/imap server sometime "Maildir/" suffix
      is needed to avoid extra database handling (eg LDAP, MySQL...).
  - some improvements of SuSEconfig.postfix
    o POSTFIX_LISTEN: Comma separated list of IP's
    o POSTFIX_INET_PROTO: ipv4, ipv6, all
    o POSTFIX_MYHOSTNAME: define SMTPs FQHOSTNAME
    o POSTFIX_WITH_MYSQL: when using MySQL as backend
    o POSTFIX_BASIC_SPAM_PREVENTION: "custom"
      you can now define your own rules
    - POSTFIX_SMTPD_CLIENT_RESTRICTIONS
    - POSTFIX_SMTPD_HELO_RESTRICTIONS
    - POSTFIX_SMTPD_SENDER_RESTRICTIONS
    - POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS
  - added helo_access for helo checks
  - added relay for relaying domain
  - added MySQL stuff when using MySQL as backend (virtuser)
    o you should consider postfixAdmin as mgmnt interface
    o when runninng postfix chrooted:
      you have to run SUSEconfig each time when you have restarted MySQL
      because of linking mysql.sock
* Sun Mar 29 2009 varkoly@suse.de
  - bnc#439287 - not all POSTFIX_ADD_* values are properly handled
      by SuSEconfig.postfix
  - bnc#483208 - Postfix configuration trashed after update
  - bnc#488268 - SuSEconfig.postfix chroot setup misses /etc/ssl/certs

Files

/usr/lib/postfix/postfix-pgsql.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 9 10:42:49 2021