masqmail
view NEWS @ 331:e507c854a63e
Security fix! Correct handling of seteuid() return value
See Debian bug #638002, reported by John Lightsey.
When possible the (already available) set_euidgid() function is used.
Additionally, it is unnecessary to change the identity when writing
into an already open file descriptor.
This should fix the problem.
author | markus schnalke <meillo@marmaro.de> |
---|---|
date | Sat, 27 Aug 2011 16:19:07 +0200 |
parents | 95d536599fd7 |
children | 2d4aa516ba0e |
line source
1 This NEWS file lists changes which may be important for you, especially
2 in regard to compatiblity in upgrades.
4 See ChangeLog file for more details and technical changes that don't
5 affect users directly.
7 The manual pages describe newly added options. Take them for reference.
10 0.3.2
12 - Fixed an important bug with folded headers! In earlier versions mail
13 to many recipients may, in unpredictable cases, only have been
14 delivered to the ones on the first line. This is fixed now. Sorry for
15 the inconvenience.
17 - Reworked allowed and denied addrs for routes to be more consistent
18 and allow more flexible matching:
19 o allowed_mail_locals + allowed_return_paths -> allowed_senders
20 o not_allowed_mail_locals + not_allowed_return_paths -> denied_senders
21 o allowed_rcpt_domains -> allowed_recipients
22 o not_allowed_rcpt_domains -> denied_recipients
23 See man page masqmail.route(5).
25 - Reworked online_detect to the simpler online_query. Only pipe is
26 supported now. Use
27 online_query="/bin/cat /path/to/file"
28 instead of
29 online_detect=file
30 online_file=/path/to/file
31 and
32 online_query="/path/to/some/script foo"
33 instead of
34 online_detect=pipe
35 online_pipe="/path/to/some/script foo"
36 See man page masqmail.conf(5) and admin/config-transition.
38 - Removed protocol option from route config because it was somehow
39 redundant. Now, if `pipe' is set, the protocol will be pipe, otherwise
40 it'll be smtp.
42 - Now the Received headers are much friendlier to read. The header for
43 locally (i.e. non-SMTP) received mail is changed to the format postfix
44 uses.
46 - Several improvements to the man pages.
48 - Updated autoconf.
51 0.3.1
53 - Changed the SMTP greeting behavior to match RFC 2821 (always try EHLO
54 first). Now always an EHLO greeting is sent first, no matter what kind of
55 greeting text the server had sent. If the EHLO failes, an HELO greeting
56 is tried as fall back. This change will fix setups in which it hadn't
57 been possible to send mail because the server required AUTH but hadn't
58 said ``ESMTP'' in its greeting message. Thanks to inne for pointing me
59 on that. This fixes also Debian bug #349211.
61 - The postmaster address is now matched caseless, as required by RFC.
63 - -qo (without argument) is now considered obsolete. Its behavior (online
64 detect and send over the available route) is included in -q. One may
65 simply use -q instead. In the -qo case no local mail is sent, but why
66 would be not want to do so? -qo (without arg) is still working but will
67 likely change its behavior to something more useful in the future.
69 - Command line address arguments are now added to the recipient
70 list instead of substracted, when -t is used. This coveres a rare
71 corner-case. It is a change from exim's behavior to postfix's.
73 - Several changes were made related to the operation modes: The situation
74 within the modes was made clear (see man page of masqmail(8)). If more
75 than one mode is specified then masqmail aborts. For the default operation
76 mode ``accept messages on stdin'' the command line switch -bm was added
77 (similar to othe MTAs). If masqmail is called without arguments, the
78 version information is printed now.
80 - The command line option -m is recognized now (although ignored).
81 Unknown -oXXX options are ignored. Some software (like spost of nmh)
82 calls the MTA with -m. This is mainly a relict of old sendmail times
83 but needed for compatibility.
85 - The implementation of the command line option -oem had been
86 weird. Now specifying -oem or -oee results in a (some kind of dumb but)
87 logical behavior. Common users will probably not notice any difference.
88 The changes affect only the exit code of the corner-case: Calling masqmail
89 with -oem but without -oi/-i while submitting messages on stdin.
91 - Fixed the recognition of lists of unqualified addresses in headers
92 when using -t. E.g. `To: alice, bob'.
94 - Renamed the config file option `alias_local_caseless' to
95 `caseless_matching' because the option affects any address matching.
97 - Renamed the default route for the local network to
98 `default local_net_route'. This is only of interest for log/debug file
99 studies.
101 - Improved and updated the man page for masqmail(8), especially in
102 respect to -oem which appears to be wrongly implemented. Minor
103 improvements of debug messages.
106 0.3.0
108 - Start of the new development branch. Attention: Backward
109 compatibility with 0.2.x versions will *NOT* be maintained. Upgrading
110 from 0.2.x to 0.3.x will probably require manual adjustment of the
111 configuration. The script admin/config-tansition can be used to check
112 the config files for obsolete options.
114 - Removed POP3 support (also pop-before-smtp/smtp-after-pop). Use some
115 other POP3 client instead.
117 - Removed maildir support. Use an MDA, like procmail, to deliver to
118 maildir.
120 - Removed the built-in mserver functionality. Use the mservdetect
121 program instead. See masqmail.conf(5) under `online_pipe' for details.
123 - Removed --disable-smtp-server and --with-glib-static configure
124 options. We see no more need to not compile the SMTP server function.
125 For static linking, see docs/howto-static-linking.
127 - `host_name' is the only mandatory config option now. If you only set
128 host_name, then masqmail will:
129 o accept mail on the command line
130 o listen on the local port 25 for incoming mail
131 o deliver mail locally
132 o not know how to handle mail for remote destinations
133 Therefore you should set up at least one route configuration.
135 - Default values are available for: listen_addresses, local_hosts,
136 log_dir, spool_dir, mail_dir. See masqmail.conf(5) for the values.
138 - Mservdetect works much better now.
140 - Improved the documentation:
141 o Added setup guides
142 o Improved and simplified the example config
143 And removed the old manual because it is really outdated now.
145 - Renamed misc/ to devel/ and contrib/ to admin/. devel/ contains
146 stuff for developers of masqmail, admin/ contains stuff for people who
147 install, upgrade, and configure masqmail.
150 0.2.28
152 - Added STARTTLS support with external wrappers like OpenSSL. See
153 `wrapper' and `instant_helo' in masqmail.route(5) for examples how to
154 use it. `instant_helo' is a new route config option.
157 0.2.27
159 - Replaced contributed code with possible licensing problems with
160 alternatives. The MD5 implementation changed from the reference
161 implementation of RFC 1321 to the Public Domain implementation of
162 Solar Designer. The HMAC-MD5 implementation changed from the reference
163 implementation of RFC 2104 to an own implementation (ISC License).
165 - Added the authors of contributed parts to the AUTHORS file.
168 0.2.26
170 - Write a log message when the daemon starts up. Thanks to Juergen
171 Daubert.
173 - Fix handling of --with-liblockfile=no or --without-liblockfile for
174 configure script. Thanks to Nico Roeser.
176 - Improved the INSTALL file and some man pages. Thanks to Nico Roeser
177 Improved the documentation of the wrapper option of route files.
180 0.2.25
182 - Added server-side SMTP SIZE support. Thanks to Paolo.
184 - Masqmail will from now on:
185 o always remove Bcc: headers
186 o never create headers from envelope recipients
187 o add ``To: undisclosed-recipients:;'' if no recipient header (To:
188 or Cc:) is present in the mail
190 - Colons (`:') don't need to be quoted in the config file anymore.
191 Thanks to Paolo.
193 - Added checks for too long addresses in SMTP dialog. Thanks to Paolo.
195 - Moved rmail to sbin and added a man page for it.
197 - Added warnmsg.tpl.it. Thanks to Paolo.
199 - The tests do not get installed any longer. All on install created
200 dirs are removed on uninstall, except they contain generated data like
201 logs, spooled files, or configuration.
203 - Documented some, yet undocumented, config options. Several typo
204 fixes in man pages and code comments.
207 0.2.24
209 - This version keeps on logging after an restart of the deamon, for
210 instance when sending SIGHUP to the daemon process for rereading its
211 config.
213 - Now the daemon keeps the same process id when it receives SIGHUP to
214 reread the config.
216 - Mail messages with lines longer than 4096 characters do not get
217 truncated anymore.
219 - Fixed checking of the trusted group. Primary groups are now
220 detected too.
222 - Mservdetect's man page is now in section 1.
224 - An `rmail' command is now included and gets installed with
225 masqmail. See docs/uucp-setup for more information.
227 - Docs and thelike, that masqmail installs, is removed on uninstall
228 now.
231 0.2.23
233 - This release fixes a major bug in 0.2.22 which made online detection
234 by file unusable. Thanks to Juergen Daubert for reporting and providing
235 a patch.
237 - Masqmail installs to /usr/local by default now. Previously it
238 installed to /usr. To regain the old behavior, add
239 --prefix=/usr
240 to the configure call.
242 - Man pages get installed again; in 0.2.22 they were not. Again thanks
243 to Juergen Daubert. Docs and examples do get installed now too.
245 - Updated the docs. Moved the man pages from docs/ to man/. Added the
246 old manual from the old website to the distribution. Added a bug
247 reporting howto.
250 0.2.22
252 - Hello, I'm meillo, the new maintainer and developer of masqmail. Oku
253 handed masqmail over to me, because he wasn't active anymore.
255 - This release includes various fixes for problems in 0.2.21, mainly
256 based on bugs from Debian.
258 - Distribution specific data has been excluded from the distribution,
259 but is separately available on the project's website.
261 - Man pages will not be generated from xml sources in future, but the
262 nroff sources will be maintained directly.
264 - The default online status file is now
265 /var/run/masqmail/masqmail-route, as it already was in the Debian
266 package.
269 0.2.21
271 - Retrospective: Probably, this version was not published in the usual
272 way by oku. I (meillo) grabbed it from Debian's package archive. It does
273 not introduce new functions but fixes security problems, such as writing
274 log files as user `mail'. It also changes the location for pid files;
275 they are stored in /var/run/masqmail/ now.
278 0.2.18
280 - delivery warnings and failures are now also implemented if the
281 connection to a server fails. Because masqmail is designed for dialup
282 networks, a connection failure will merely generate a warning by default.
283 If you deliver in a local network and use the default local_net route,
284 this would generte a failure. You can change this behaviour by setting
285 'connect_error_fail' to either true or false in the route configurations.
287 0.2.17
289 - delivery warnings have been finally implemented: if delivery of a mail
290 fails temporarily, warning mail will be generated, informing the sender
291 of the problem. After some time, the mail will be handled as failing
292 permanently, and be bounced. New options: 'warn_intervals',
293 'max_defer_time' and 'warnmsg_file'.
295 - the message templates for failures and warnings will now be installed
296 into /usr/share/masqmail/tpl/, and no longer to /etc/masqmail/tpl/. The
297 default for the search path (options 'errmsg_file' and 'warnmsg_file'
298 has been changed accordingly.
300 - new option 'last_route'. See man 5 masqmail.route.
302 0.2.12
303 two new options have been added:
304 - do_pipelining will be used only in broken mail setups. Actually, I
305 implemented it only to test such a setup.
307 - helo_name for routes sets the helo_name. This may be useful for
308 eg. ssh tunneling, or if do_correcthelo does not work, because you are
309 behind a firewall.
311 - the old 'remote_port' option should not be used any more. Set the
312 port with mail_host="foo.bar.com:1234" in the route file instead.
314 0.2.11
316 - two new options have been added: do_save_envelope_to for the main
317 configuration and map_h_mail_followup_to_addresses for the route
318 files. See the man pages on purpose and usage.
320 - the route files can now be mode 0400, owned by root. Previous
321 versions had problems when sendmail was called directly by a
322 non-priviledged user, because the route files could not be read.
324 0.2.10
326 - this version should work on FreeBSD. At least I care now if it does not.
328 - masqmail now writes pid files to /var/run/, one for the smtp/queue
329 daemon and one for the get daemon. So you now know whom to kill ;-)
331 - much effort has been put into the Debian package, which now uses debconf.
333 0.2.7
335 - sorry for my reluctany in the last months...
336 - my email address is oku@masqmail.cx. I hope that I keep this for the rest
337 of my life...
339 0.2.6
341 - you can configure the prefered local delivery mechanism for each user. See
342 man page masqmail.conf (5), options mbox_default, mbox_users, mda_users and
343 maildir_users. BIT FAT NOTE: if you used an mda, set mbox_default = "mda"
344 (or use the mda_users option). Just setting mda is not enough any more.
346 - there are the allowed_return_paths and not_allowed_return_paths for the
347 route configurations, this enables better checking for return path addresses
348 than allowed_mail_locals. You can also use this to enable or disable messages
349 from null sender addresses (<>) using "<>".
350 note: this option has been there for quite a time... I just forgot to document it.
352 0.2.5
354 - simple relay checking: if you set do_relay=false in masqmail.conf, users
355 with a return path that is not local will get a 550 reply if they try to
356 deliver to a not local address. This is for users to force them to have a
357 proper configuration. It is _not_ to prevent spammers from using your MTA
358 as a relay, it can be easily forged! masqmail is not designed to be an always
359 accessible MTA for an internet site.
361 - added Maildir support. To use it, add --enable-maildir as ./configure
362 optiom. Currently, if enabled, all local deliveries are to Maildir
363 (in ~user/Maildir), and none to mailbox. This is preliminary, future versions
364 will be configurable (probably together with mda delivery).
366 0.2.4
368 - added -v option, this logs to stdout, so you see what happens when
369 calling masqmail from command line. This is not yet finished, and only
370 for fetching mails completed.
372 0.2.3
374 - new option lock_dir where locks will be put to. Defaults to the spool
375 dir with '/lock/' appended (if spool_dir is /var/spool/masqmail/, lock_dir
376 is /var/spool/masqmail/lock/).
378 - You can use the 'do_uidl_dele' option more reliably. The uidl list
379 will be written immediately after a message was fetched, so if you use the
380 do_uidl and do_uidl_dele option you can safely interrupt masqmail when it is
381 getting mail via pop3, and do not get the message again next time.
383 - there are a lot of new options for ./configure to customize masqmail
384 to your needs. See INSTALL.
386 - Uli Funcke sent a patch with the new options 'local_addresses' and
387 'not_local_addresses' for masqmail.conf. With these, you can declare single
388 email addresses as local, though they normally are not, and vice versa,
389 declare addresses as not local though normally they are (determined with
390 local_hosts). These options are not yet documented.
392 0.2.2
393 - with -go5m you can now run a get daemon, the command 'masqmail -go5m' will fetch
394 mail every five minutes, using the detected online configuration.
396 0.2.1
398 - there is a new option for the main conf: online_gets. Using this option,
399 you can retrieve mail with just calling masqmail -go, masqmail will detect
400 whether it is online (similar to connect_routes (which is now called
401 online_routes)).
403 0.2.0
405 This is the first release of he development branch of masqmail
407 - the default configuration is now /etc/masqmail/masqmail.conf
408 (as it already was for the debian package). The --with-conffile
409 option for configure has been replaced by the --with-confdir option.
411 - added delivery failure notices:
412 o you can customize your own delivery failure report, its
413 default location is /etc/masqmail/tpl/failmsg.tpl
414 o if a delivery via a route fails permanently (the server replied with a 5xx status)
415 the message will be bounced, if it is bounced, no further delivery will be attempted.
416 This is different to previous versions, where failed messages were kept in the queue until
417 it was finally delivered, deleted or forever.
419 - there is a new online detection method: pipe. This allows you more
420 flexibility to detect the current online status, eg. the DHCP status on notebooks.
422 This method will once replace the 'mserver' option,
423 you can already use the program mservdetect to use it:
425 online_method=pipe
426 online_pipe="/usr/bin/mservdetect localhost 222"
428 instead of
430 online_detect=mserver
431 mserver_iface="localhost:222"
433 0.1.9
435 - you can use pipes in routes to implement gateways to uucp, fax, sms etc.
436 The setup is similar to mda transport. See man pages.
438 - for each connection (connect_routes), you can now give a list of
439 route files, which will be used in the order given. You can use the
440 filter rules (allowed_* and not_allowed_* rules) within each route.
442 0.1.8
444 - for pop retrieval and smtp sending you can use a wrapper for eg. ssl
445 tunneling. See man pages.
447 - a user can delete his mail from the spool with -Mrm if received
448 locally, and if you configure with --enable-ident and set
449 ident_trusted_nets also if received via smtp.
451 - a backslash now works to escape characters in the configuration, so
452 you can now use quotes inside quotes. All other characters with a
453 leading backslash will be converted to itself (\a becomes a, \\
454 becomes \).
456 - you can now use an mda for local mails. The mda will be called
457 *after* alias expansion. See documentation for more.
459 0.1.0
460 - masqmail can now retrieve mail with pop3. See the manual on how to do that.
461 - supports now ESMTP AUTH as a client.
462 - when called with -qo (without a connection name), the online status
463 will be checked with the configured method.
465 0.0.10
466 - there is now alias support. Give the location of the alias file (usually /etc/aliases) with eg.
467 alias_file = "/etc/aliases"
468 - delivery to pipes is now possible, but only if it appears in an alias file. Example:
469 pipe: |/usr/bin/command
470 will expand the address pipe to "|/usr/bin/command" which invokes '/usr/bin/command'
471 as the user and group masqmail is running as.
472 - entries starting with '\' in alias files will not be exanded further
474 - changed permissions for queue runs again: got to be root, mail or in group trusted.
476 - some configuration parameters can be read from files, these are
477 allowed_mail_locals, not_allowed_mail_locals, allowed_rcpt_domains, not_allowed_rcpt_domains,
478 map_return_path_addresses, map_h_from_addresses, map_h_reply_to_addresses
479 any entry in these list beginning with a '/' are regarded as
480 filenames, the content of these will be put at that location. Entries
481 in these files are separated by new lines. Example:
482 in the route file you have:
483 map_h_from_addresses = "/etc/masqmail/hfrom.map"
484 and hfrom.map contains:
486 john: John Smith <jsmith@mail.academic.edu>
487 cmiller: "Charlie Miller" <cmiller@foo.com>
489 UPDATE (Jan 2000): The new home location of MasqMail is
490 http://www.innominate.org/~oku/masqmail/, the new email adress of the
491 author is Oliver Kurth <kurth@innominate.de>.
493 0.0.9
494 - see ChangeLog.
496 NOTE: The home location of MasqMail at
497 http://merlin.uni-sw.gwdg.de/~okurth/masqmail/ is uncertain from the
498 beginning of Nov. 1999! See http://www.freshmeat.net for new
499 announcements. I leave the university and begin a new job on Nov. 1st 1999
500 in Berlin :-).
502 0.0.8:
503 - there is now a FAQ page. See docs/faq.html.
504 - added allowed_rcpt_domains option for routes.
505 - added allowed_mail_locals and not_allowed_mail_locals options for routes.
506 - mailq now gives information about the time mails spent in the queue,
507 the message size and the received host.
509 0.0.7:
510 -bug fix release: for statements in two adjacent lines, the second was not recognized.
512 0.0.6:
513 - bug fix release: some MUAs (cucipop) saw the locally delivered mails
514 concatenated. (cucipop is not a MUA but a pop server, but it has to read the
515 mails).
517 0.0.5:
518 - fixed a bug that caused the headers to be lost under some circumstances.
519 - added expand_h_sender_domain option for routes.
520 - rewrote the libresolv part in configure. Should work better now.
522 0.0.4:
523 - MM should now recognize whether libresolv should be linked.
524 - added --with-logdir=LOGDIR and --with-spooldir=SPOOLDIR to set directories.
525 These will be created if not already existent.
526 - added --with-user=USER, --with-group=GROUP options to set user and group id
527 for MasqMail.
529 0.0.3:
530 - MasqMail can now deliver mails that are received at online
531 time immediately to the internet. See the options detect_online,
532 mserver_iface and online_file.
533 - You can define a route configuration for the local net. See option
534 local_net_route.