indimail-mta 3.0.2

Date: Mon Jan 30 2023 13:14:56 +0000

DNF / YUM / APT / Arch Binary Downloads

Open Build Service Binary Download

Docker / Podman Containers

indimail-mta

Release Highlights

What's Changed

indimail-mta 3.0.2

• SRS decoding in qmail-smtpd avoiding the need to create virtualdomain for srs and .qmail-srs-default in /var/indimail/alias
• qmail-remote can use credentials stored in remote_auth.cdb using simple or wildcard assignments
• qmail-smtpd: display auth method used in logs when SECURE_AUTH is set
• sys-checkpwd.c: display auth method in logs if DEBUG is set
• qmail-dkim: recursively replace all '%' characters with domain
• qmail queue error codes by @mbhangui in #36
• qmulti.c, qmail-spamfilter.c, qmail-queue.c, qmail-qfilter.c, qmail-multi.c, qmail-dkim.c, qmail-dk.c, mailfilter.c: use exit code defines from qmail.h
• refactored tls code by @mbhangui in #37
• TLS/SSL functions moved to dossl.c by @mbhangui in #38
• use varargs for log, output and other functions by @mbhangui in #39
• use subprintf (printf like function that can print to substdio). replaced qprintf with subprintf by @mbhangui in #40
• smtpd.c: added ssl cipher bits in Received header
• conf-cc Added flags to warn issues with variadic functions
• qmail-dkim: sign and verify ed25519 DKIM-Signature. added Ed25519-SHA256 cryptography method for DKIM by @mbhangui in #41
• qmail-dkim.c: added DKIMSIGNEXTRA, DKIMSIGNOPTIONSEXTRA env variables to insert additional signature

libdkim 1.6

• added rfc8463 ed25519 cryptographic method for signing and verification.
• removed allman legacy code

libqmail 1.1.2

• tls functions for indimail-mta, indimail-virtualdomains
• subprintf function - substdio equivalent of printf
• qsnprintf, qsprintf functions - equivalent of snprintf and sprintf functions using stralloc instead of fixed size buffer.

ucspi-tcp 1.1.1

• tcpserver, tcpclient, dotls: option to load ciphers from file
• tcpclient, tcpserver, dotls: set TLS_PROVIDER env variable for qmail-smtpd to insert into received header
• use tls functions from libqmail

daemontools 1.1.1

• added auto-start, auto-stop feature based on presence/absense of down file
• added subreaper functionality - ability to reap grandchilds

Full Changelog: v3.0.1...v3.0.2

indimail-mta

• 08/09/2022

1. First change
2. maildir_deliver.c: added comments

• 18/09/2022

3. instcheck.in: use uininstaller only for ucspi-tcp
4. INPUT, ETC: renamed DIR to DIRS

• 19/09/2022

5. svctool: added scram, salted, TIMESTAMP column to indimail table
6. create_services: run ischema -u to update indimail schema to current

• 25/09/2022

7. qmail-send: added feature to disconnect from todo-proc
8. todo-proc: added feature to disconnect from qmail-send

• 27/09/2022

9. qmail-send.c, slowq-send.c: auto attach to todo-processor when there are no pending delivery jobs
10. svctool: added --todo-proc option to create TODO_PROCESSOR env variable for external todo processor in slowq-send service
11. indimail-mta.spec.in, create_services, debian-postinst: Create slowq-send service with todo processor turned on

• 28/09/2022

12. dk-filter: remove '%' from filename if dkim key file not found

• 30/09/2022

13. set owner to root for important directories

• 02/10/2022

14. dknewkey.sh: refactored code
15. dkfliter.sh: don't treat missng private key as error when DKIMSIGN has %.
16. qmail-dk.c: fixed 'Private key file does not exist' for DKSIGN with '%'
17. qmail-dkim.c: fixed 'Private key file does not exist' for DKIMSIGN with '%'

• 03/10/2022

18. qscanq.c, qmail-dk.c, qmail-dkim.c: fixed return exit codes

• 04/10/2022

19. qmail.c, qmail.h: set ERROR_FD to -1 to disable custom error
20. qmail-queue.c: prefix qhpsi error messages with 'qhpsi: '

• 07/10/2022

21. smtpd.c: fixed length of BATV signkey

• 08/10/2022

22. smtpd.c: Set SPFRESULT env variable for qmail-queue frontend and qfilters

• 09/10/2022

23. smtpd.c, qmail-inject.c: removed include wildmat.h
24. sqlmatch.c: renamed check_db() to query_db().
25. qmail-local.c: fixed localdomains restricted delivery feature

• 10/10/2022

26. renamed qmail-control to indimail-control, qmail-srs to indimail-srs

• 12/10/2022

27. srs.c: return -1 in setup() for control file open failure
28. srs.c: added documentation
29. smtpd.c: added SRS code to decode SRS addresses
30. srs.c: added feature to set SRS parameters using environment variables

• 13/10/2022

31. batv.h: added header to define constants for batv functions for use in qmail-smtpd, qmail-remote, batv frontent
32. qmail-remote.c: refactored batv code
33. qmail-smtpd.c: refactored batv code
34. qmail-smtpd, qmail-remote: use batv prefix for batv control files
35. qmail-smtpd, qmail-remote: allow batv parameters to be set via env variables
36. renamed batv control files: signkey - batvkey, signkeystale, batvkeystale, nonsignhosts - batvnosignremote, nosignmyvdoms - batvnosignlocals

• 14/10/2022

37. smtpd.c: corrected helocheck
38. smtpd.c: display auth method used in logs when SECURE_AUTH is set
39. spf.c, smtpd.c, spfquery.c: renamed variable for localhost from local to localhost

• 15/10/2022

40. qmail-smtpd.c: updated control file list and env variable list
41. smtpd.c: reorganized opening of control files in to functions - open_control_files1() and open_control_files2()

• 17/10/2022

41. qmail-dkim.c, qmail-dk.c: replace all '%' characters with domain
42. qmail.c, qmail.h: use exit code defines from qmail.h
43. qmulti.c, qmail-spamfilter.c, qmail-queue.c, qmail-qfilter.c, qmail-multi.c, qmail-dkim.c, qmail-dk.c, mailfilter.c: use exit code defines from qmail.h

• 19/10/2022

44. ofmipd.c: authorize mails using RELAYCLIENT

• 22/10/2022

45. qmail-queue.c: treat auto_uidd as another uid for Received header
46. smtpd.c, qmail-qmqpd.c, qmail-qmtpd.c, mini-smtpd.c: added program identifier to Received header

• 30/10/2022

47. smtpd.c: removed skip setting STOREDKEY, SERVERKEY using GSASL_PASSWORD env variable
48. sys-checkpwd.c: display auth method in logs if DEBUG is set
49. qmail-daned.c, qmail-greyd.c, qmail-remote.c: replaced cdb_match() with cdb_matchaddr() in cdb_match.c
50. cdb_match.c, cdb_match.h: added cdb_match(), cdb_matchaddr()
51. ctrlenv.c: added -c option to clear existing env variables
52. ctrlenv.c: moved cdb_match() function to cdb_match.c
53. qmail-remote.c: fetch username password for authenticated smtp from remote_auth.cdb

• 31/10/2022

54. cdb-database.c, ctrlenv.c: look at last colon when parsing data
55. qmail-smtpd: do chdir /etc/indimail as default cwd
56. svctool: PLUGIN0_dir - use /etc/indimail as cwd for smtpd plugin
57. remove qmail-newmrh. Use qmail-cdb instead of qmail-newmrh
58. qmail-cdb.c: added feature to create recipient.cdb from users/recipients making recipient-cdb redundant
59. recipients.c: use control/recipients insead of user/recipients
60. recipients.c: fix for SRS rewritten addresses.

• 01/11/2022

61. added test-recipients, make-recipients programs

• 03/11/2022

62. qmail-showctl.c: added remote_auth, recipients control file

• 05/11/2022

63. svctool: added --enablecram option to enable CRAM authentication using encrypted password
64. sys-checkpwd.c: Use ENABLE_CRAM env variable to enable CRAM authentication using encrypted password

• 07/11/2022

65. create_services: removed domainkeys setup for new installations

• 08/11/2022

66. qmail-remote.c: clear input buffer when trying next MX (Franz Sirl)

• 09/11/2022

67. dk-filter.sh, make-recipients.sh, svctool.in: replaced deprecated egrep with grep -E

• 14/11/2022

68. smtpd.c: set DISABLE_EXTRA_GREET environment variable to disable extra information in greeting
69. svctool.in: when importing variables don't treat existing variables as error

• 23/11/2022

70. config-fast: added command line options --destdir, --quiet, --verbose
71. load_mysql.c, qmail-showctl.c, smtpd.c, svctool: renamed control file mysql_lib to libmysql
72. qlocal_upgrade.sh: rename mysql_lib to libmysql on upgrade
73. svctool.in: change invocation of config-fast for command line args
74. svctool.in: create backup.conf config file in default_qmail_control

• 24/11/2022

75. slowq-send.c, todo-proc.c: in todo-processor changed variable type to char when reading single byte from send process
76. timeoutconn.c - Converted functions to ANSIC prototype

• 25/11/2022

77. svctool: include output of --dumpconfig, --print-all-variables in backup

• 28/11/2022

78. dknewkey.sh: list public, private key using ls

• 30/11/2022

79. svctool.in: create servercert.rand file

• 02/12/2022

80. qlocal_upgrade.in: add env variable AUTOSCAN for svscan if missing

• 03/12/2022

81. svctool: do ssl/rsa setup for mysql/mariadb before creating indimail.cnf

• 07/12/2022

82. svctool: fixes for MySQL db, ssl certificates creation

• 14/12/2022

83. svctool: svscan run - check if /etc/indimail/resolv.conf exists before attempting mount --bind

• 18/12/2022

84. autoresponder.c, qmail-qfilter.c, serialcmd.c, sslerator.c, sys-checkpwd.c: handle wait status in detail

• 20/12/2022

85. dns.c: Fixed dns_txt(), dns_ptr() strsalloc_append
86. spf.c: added ssa_free() to free strsalloc variable

• 21/12/2022

87. spf.c: changed scope of strsalloc ssa variable to local
88. dns.c: renamed dns_txtplus(), dns_ptrplus() as dns_txt(), dns_ptr()

• 22/12/2022

89. smtpd.c: log timeouts, regex compilation error, Bare LF errors in error log

• 24/12/2022

90. smtpd.c: removed incorrect call to constmap_free()

• 25/12/2022

91. sslerator.c: refactored code
92. sslerator.c: added options to specify cipher file, CA file and TLS method

• 26/12/2022

92. smtpd.c: use TLS_PROVIDER env variable to write TLS info in logs, headers
93. smtpd.c: use env variable HOSTNAME, gethostname to set localhost variable

• 03/01/2023

94. 822date.c, 822print.c, 822received.c, maildirserial.c, new-inject.c, nowutc.c, ofmipd.c, parsedate.c, set_environment.c: removed auto_sysconfdir.h dependency
95. dnstlsarr.c, qmail-daned.c: use tls.h from libqmail
96. Makefile: removed ssl functions and auto_sysconfdir dependency for programs not using auto_sysconfdir
97. tablematch.c: Set hints.ai_socktype to SOCK_STREAM
98. qmail-remote.c: set default certificate dir to /etc/indimail/certs
99. qmail-remote.c: use set_tls_method() from libqmail
    100.starttls.h: define variables used in qmail-daned, dnstlsarr as extern
    101.smtpd.c: redefine saferead, safewrite to use tlsread, tlswrite from libqmail
    102.smtpd.c, sslerator.c: replace internal TLS function with TLS functions from libqmail
    103.smtpd.c: made global variables static
    104.smtpd.c: fixed erroneous "out of memory" instead of "command too long" error
    105.sslerator.c: changed default cert location to /etc/indimail/certs
    106.sslerator.c: replace internal TLS function with TLS functions from libqmail
    107.sslerator.c: added timeouts for connection accept
    108.starttls.c: replace set_tls_method() from libqmail
    109.starttls.c: made global variables static
    110.qmail-greyd.c, qmail-daned.c, udplogger.c: removed __USE_GNU

• 04/01/2023
  111.starttls.c: fixed incorrect setting of smtptext
• 06/01/2023
  112.startls.c, qmail-remote.c: moved tls/ssl functions to dossl.c
  113.dossl.c, dossl.h: tls/ssl support functions for qmail-remote, qmail-daned, dnstlsarr
  114.qmail-daned, qmail-remote, dnstlsarr, Makefile: Link with dossl.o
  115.smtpd.c: Fixed compilation for non-tls
  116.smtpd.c: shutdown ssl on smtp quit
• 07/01/2023
  117.smtpd.c: remove duplicate free of ssl object after tls_accept
• 11/01/2023
  118.sslerator.c: added -N option to allow client side renegotiation
  119.smtpd.c: Use env variable CLIENT_RENEGOTIATION to allow client-side renegotiation.
• 13/01/2023
  120.envrules.c, Makefile: moved parse_env function to parse_env.c
  121.indimail-mta.spec, indimail-mta.postinst.in: use AUTH=login as default for qmail-remote auth smtp
  122.qmail-remote.c: moved setting relayhosts variable to get_relayhosts()
  123.qmail-remote.c: added feature to set env variables from [q,s]mtproutes, remote_auth.cdb
  124.parse_env.c, parse_env.h: added parse_env function
  125.qmail-remote.c: fixed bug with AUTH PLAIN authentication
• 15/01/2023
  126.delivery_rate.c: use slog() with varargs for logging errors
  127.dossl.c, dossl.h: prototype change for quit function with varargs
  128.Makeflie: added varargs.h dependency for files using varargs
  129.qmail-smtpd.c, qmail-greyd.c: logerr(), out() changed to have varargs
  130.qmail-remote.c, starttls.c: quit() function changed to have varargs
  131.qmail-remote.c: handle auth smtp error codes using decode_smtpauth_err() as per RFC4954
  132.qmail-remote.c: Use env variable SMPTS to immediately start in encrypted mode
  133.qmail-send.c, qmta-send.c, slowq-send.c: use slog() function with varargs to log error messages
  134.slowq-send.c: use todo_log() function with varargs to communicate with todo process
  135.qsutil.c: use slog() function with varargs to replace all log functions
  136.todo-proc.c: use todo_log() function with varargs to log messages to qmail-send
  137.mail_acl.c: changed function out() to match function in qmail-smtpd
  138.smtpd.c: set remoteip variable before first use of logerr()
  129.smtpd.c: make logerr safe by checking for remoteip
  130.spf.c: documented macros
  131.spf.h: changed SPF_DEFEXP to use open-spf.org/Why
  132.uacl.c: out() changed to have varargs
  133.received.c: folded Received header line to put date below
  134.smtpd.c: added ssl cipher bits in Received header
• 18/01/2023
  135.nowutc.c, qmail-qread.c, qmail-smtpd.c, qmail-showctl.c, qmonitor.c: replaced qprintf with subprintf
• 21/01/2023
  136.Added flags to warn issues with variadic functions
• 26/01/2023
  137.dknewkey.sh: added option to generate ed25519 DKIM keys
  138.qmail-dkim.c, dk-filter.sh: removed setting redundant -b option
  139.qmail-dkim.c: update verification message to include ED25519 failure
• 29/01/2023
  140.qmail-dkim.c: fixed getopt setting to set ed25519 signing
  141.qmail-dkim.c: added DKIMSIGNEXTRA, DKIMSIGNOPTIONSEXTRA env variables to insert additional signature
• 30/01/2023
  Final Release 3.0.2

daemontools

• 12/09/2022

1. Added runpod command to execute indimail-mta, indimail in a containerized pod

• 18/09/2022

2. instcheck.in: use uininstaller only for ucspi-tcp

• 19/09/2022

3. runpod: added SYS_NICE capability to defaults

• 01/11/2022

4. runpod: fixed port clash

• 07/11/2022

5. runpod: prevent output of test on stdout

• 08/11/2022

6. runpod: added case for name=svscan to run in foreground

• 09/11/2022

7. docker-entrypoint: fixed fix-queue argument for slowq
8. svps.in, minisvc.in, qmailctl.sh: replaced deprecated egrep with grep -E

• 10/11/2022

9. docker-entrypoint: fixed extra_args variable getting clobbered.

• 14/11/2022

10. minisvc: when importing variables don't treat existing variables as error

• 17/11/2022

11. qmailctl.sh: made dash portable

• 27/11/2022

12. moved set-network-wait to Linux specific LIBEXEC

• 02/12/2022

13. supervise.c: sleep SCANINTERVAL seconds if supervise for waited service is not running
14. svscan.c: use 'down' file to start or stop service automatically. auto-start, auto-stop feature
15. svscan.c: scan immediately instead of SCANINTERVAL on termination of a supervised service if SCANNOW env variable is set

• 07/12/2022

16. runpod: run bash in foreground if name is test, devel
17. runpod: added port 8081 for mapping to port 443 on container OS

• 08/12/2022

18. runpod: fixed setting of arguments passed to docker-entrypoint

• 13/12/2022

19. supervise.c: added subreaper mode using prctl(2) PR_SET_CHILD_SUBREAPER on Linux or procctl(2) PROC_REAP_ACQUIRE on FreeBSD.
20. subreaper.c, subreaper.h: added subreaper function
21. supervise.c, svscan.c: display exit status and termination signal

• 14/12/2022

22. svscan.c: added -v, -s option to control logging of info, warn messages
23. supervise.c: use VERBOSE, SILENT environment variables to control logging of info, warn messages.

• 18/12/2022

24. fghack.c: handle wait status with details

• 30/01/2023 - indimail-mta-3.0.2

ucspi-tcp

• 18/09/2022

1. instcheck.in: use uininstaller only for ucspi-tcp

• 23/11/2022

2. load_mysql.c: renamed mysql_lib to libmysql

• 13/12/2022

3. tcpserver.c, tcpclient.c: display diagnostic on exit status

• 21/12/2022

4. tcpserver.c, dotls.c: added -f option to load ciphers from a file.

• 22/12/2022

5. tls.c: log ssl error on SSL_accept() failure
6. dotls.c: fixed missing carriage return in EHLO output
7. dotls.c: log client, server ssl versions on connnect
8. dotls.c: bypass SSL/TLS if NOTLS is set

• 23/12/2022

9. tcpserver.c, tcpclient.c, dotls.c: added -M option to set TLS / SSL client/server method
10. tcpclient.c: added -f option to load ciphers from a file
11. tls.c: added set_tls_method to set TLS / SSL client/server method
12. tcpserver.c, dotls.c: use ssl_free() to shutdown ssl
13. dotls.c: fixed non-tls incorrect linemode setting

• 24/12/2022

14. tls.c: decode TLS/SSL SSL_connect, SSL_accept
15. tls.c: added functions to set RSA/DH parameters
16. tcpserver.c, dotls.c: set RSA/DH parameters
17. tcpserver.c: added -i option to specify certdir
18. dotls.c: added -d option to specify certdir

• 25/12/2022

19. dotls.c: append certdir and certfile only when certfile is not an absolute path
20. dotls.c: print value of BANNER env variable if set for clients to initiate STARTTLS TLS/SSL session.
21. tcpclient.c: added -C arguemnt to specify certdir
22. tls.c: refactored TLS code
23. tcpserver.c: use TLS_CERTFILE for default servercert

• 26/12/2022

24. dotls.c: added sigchild handler
25. dotls.c, tcpclient.c, tcpserver.c, tls.c: added option to specify CRL
26. dotls.c, tcpclient.c, tcpserver.c: set TLS_PROVIDER env variable
27. tls.c, tls.h: function allwrite() made visible for non-TLS
28. tcpclient.c: skip TLS/SSL if -n option is not provided and cert doesn't exist

• 27/12/2022

29. dotls: disable write_provider_data, read_provider_data for starttls

• 29/12/2022

30. dotls: added -t option to specify TLS/SSL connect/accept timeout
31. tcpserver.c: added -S option to specify TLS/SSL accept timeout
32. tcpclient.c: use -T option to timeout TLS/SSL connect

• 03/01/2023

33. moved tls functions to libqmail. tls.c, tls.h removed
34. dotls.c: added -D, -t option for timeoutdata, timeoutconn.
35. dotls.c, tcpclient.c, tcpserver.c: added -z option to turn on setting of TLS_PROVIDER env variable
36. dotls.c: log ssl cipher bits
37. dotls.c, tcpserver.c, tcpclient.c: replace internal TLS function with TLS functions from libqmail
38. removed iopause.c, iopause.h. Use iopause functions from libqmail
39. tcpserver.c: added -S option for connection timeout

• 08/01/2023

40. dotls.c: added -q, -Q, -v option to control verbosity

• 10/01/2023

41. tcpserver.c, dotls.c: added -N option to allow client side renegotiation

• 30/01/2023 - indimail-mta-3.0.2

libdkim

• 27/11/2022

1. dkim.c: updated help message for -h option

• 26/01/2023

2. dkim.cpp: removed -b option. Option kept for backward compatibility
3. dkim.cpp: added -z 4 for setting Ed25519 DKIM signature
4. dkim.h: added definition for DKIM_HASH_ED25519
5. dkimsign.cpp: added creation of Ed25519 DKIM signatures
6. dkimverify.cpp: added verification of Ed25519 DKIM signatures

• 29/02/2023

7. dkimverify.cpp: fixed verification for mail having multiple DKIM-Signature of different methods
8. dkimverify.h: added member 'method' to store encryption method
9. dkimsign.cpp, dkimsign.h: renamed SignThisTag() to SignThisHeader()
10. dkim.cpp: set verbose flag for dkimvery, dkimsign methods

• 30/01/2023

11. released libdkim-1.6

• 30/01/2023 - indimail-mta-3.0.2

libsrs2

• Thu 08 Sep 2022 12:31:45 +0000 Manvendra Bhangui [email protected] 1.0.18-1.1%{?dist}
  Release 1.0.18 Start 05/06/2004 End 08/09/2022

• 05/06/2004

1. First Release

• 01/10/2020

2. FreeBSD, Darwin Port

• 13/10/2020 - indimail-mta-2.12

3. added debuginfo package

• 18/07/2021 - indimail-mta-2.13
• 20/07/2021

4. updated configure.ac

• 12/09/2021 - indimail-mta-2.14.0
• 18/05/2022 - indimail-mta-3.0.0
• 08/09/2022 - indimail-mta-3.0.1
• 11/10/2022

5. updated srs man page

• 31/01/2023 - indimail-mta-3.0.2