Date: Wed, 26 Aug 2009 09:45:01 +0200 (CEST) From: olli hauer <ohauer@gmx.de> To: FreeBSD-gnats-submit@FreeBSD.org, sahil@tandon.net Cc: ohauer@gmx.de Subject: ports/138198: [patch] port mail/postfix update to version 2.6.4 Message-ID: <20090826074501.E7A8F26145@u18-124.dsl.vianetworks.de> Resent-Message-ID: <200908260750.n7Q7o3BO023629@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 138198 >Category: ports >Synopsis: [patch] port mail/postfix update to version 2.6.4 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Aug 26 07:50:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: olli hauer <ohauer@gmx.de> >Release: FreeBSD 7.2-RELEASE-p3 i386 >Organization: >Environment: >Description: Update postfix to version 2.6.4 Fixes from HISTORY: ========================= 20090805 Bugfix: don't panic when an unexpected smtpd access map is specified. File: smtpd/smtpd_check.c. 20090807 Workaround: NS record lookups for certain domains always fail, while other queries for those domains always succeed (and even return replies with NS records as additional information). This inconsistency in DNS lookup results would allow spammers to circumvent the Postfix check_{client,helo,sender,etc}_ns_access restrictions, because those restrictions have effect only for NS records that can be looked up in the DNS. To address this inconsistency, check_{client,etc}_ns_access now require that a known-in-DNS domain name (or parent thereof) always resolves to at least one name server IP address. For consistency, check_{client,etc}_mx_access now require that a known-in-DNS domain name always resolves to at least one mail server IP address. These measures merely raise the difficulty level for spammers. The IP address information thus obtained is not necessarily "correct". There is little to stop an uncooperative DNS server from lying, especially when the owner of the domain has no desire to receive email. File: smtpd/smtpd_check.c. Problem reported by MXTools.com. >How-To-Repeat: >Fix: --- patch_postfix-2.6.4.txt begins here --- --- Makefile 2009/08/14 23:33:13 1.1 +++ Makefile 2009/08/26 07:11:26 @@ -6,7 +6,7 @@ # PORTNAME= postfix -PORTVERSION= 2.6.3 +PORTVERSION= 2.6.4 PORTEPOCH= 1 CATEGORIES= mail ipv6 MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ \ --- distinfo 2009/08/14 23:33:10 1.1 +++ distinfo 2009/08/26 07:14:11 @@ -1,6 +1,6 @@ -MD5 (postfix/postfix-2.6.3.tar.gz) = 9810a52d7df6718b9e7258caba6bebab -SHA256 (postfix/postfix-2.6.3.tar.gz) = 69e31fa939b92f4520f4699e1362abcb5bbbb82c10d03493c31eea237a14c26a -SIZE (postfix/postfix-2.6.3.tar.gz) = 3324979 +MD5 (postfix/postfix-2.6.4.tar.gz) = 578464f4dfee5468f8a6b5abfbb26bcc +SHA256 (postfix/postfix-2.6.4.tar.gz) = 8a1d28c41859ba039de6e2d305735bb0e3634f1f661e52f3f492852c80deb0bc +SIZE (postfix/postfix-2.6.4.tar.gz) = 3326428 MD5 (postfix/postfix-2.6.2-vda-ng.patch.gz) = 648f09acd31125c99d1bc36860e21910 SHA256 (postfix/postfix-2.6.2-vda-ng.patch.gz) = 2e49d9320a38d5d7ca246320127186cfacc3aced9a47aeced61151ee6eb620a4 SIZE (postfix/postfix-2.6.2-vda-ng.patch.gz) = 12661 --- patch_postfix-2.6.4.txt ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090826074501.E7A8F26145>