Date: Wed, 26 Aug 2009 09:45:01 +0200 (CEST) From: olli hauer <ohauer@gmx.de> To: FreeBSD-gnats-submit@FreeBSD.org, sahil@tandon.net Cc: ohauer@gmx.de Subject: ports/138198: [patch] port mail/postfix update to version 2.6.4 Message-ID: <20090826074501.E7A8F26145@u18-124.dsl.vianetworks.de> Resent-Message-ID: <200908260750.n7Q7o3BO023629@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 138198
>Category: ports
>Synopsis: [patch] port mail/postfix update to version 2.6.4
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 26 07:50:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: olli hauer <ohauer@gmx.de>
>Release: FreeBSD 7.2-RELEASE-p3 i386
>Organization:
>Environment:
>Description:
Update postfix to version 2.6.4
Fixes from HISTORY:
=========================
20090805
Bugfix: don't panic when an unexpected smtpd access map is
specified. File: smtpd/smtpd_check.c.
20090807
Workaround: NS record lookups for certain domains always
fail, while other queries for those domains always succeed
(and even return replies with NS records as additional
information).
This inconsistency in DNS lookup results would allow spammers
to circumvent the Postfix check_{client,helo,sender,etc}_ns_access
restrictions, because those restrictions have effect only
for NS records that can be looked up in the DNS.
To address this inconsistency, check_{client,etc}_ns_access
now require that a known-in-DNS domain name (or parent
thereof) always resolves to at least one name server IP
address.
For consistency, check_{client,etc}_mx_access now require
that a known-in-DNS domain name always resolves to at least
one mail server IP address.
These measures merely raise the difficulty level for spammers.
The IP address information thus obtained is not necessarily
"correct". There is little to stop an uncooperative DNS
server from lying, especially when the owner of the domain
has no desire to receive email. File: smtpd/smtpd_check.c.
Problem reported by MXTools.com.
>How-To-Repeat:
>Fix:
--- patch_postfix-2.6.4.txt begins here ---
--- Makefile 2009/08/14 23:33:13 1.1
+++ Makefile 2009/08/26 07:11:26
@@ -6,7 +6,7 @@
#
PORTNAME= postfix
-PORTVERSION= 2.6.3
+PORTVERSION= 2.6.4
PORTEPOCH= 1
CATEGORIES= mail ipv6
MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ \
--- distinfo 2009/08/14 23:33:10 1.1
+++ distinfo 2009/08/26 07:14:11
@@ -1,6 +1,6 @@
-MD5 (postfix/postfix-2.6.3.tar.gz) = 9810a52d7df6718b9e7258caba6bebab
-SHA256 (postfix/postfix-2.6.3.tar.gz) = 69e31fa939b92f4520f4699e1362abcb5bbbb82c10d03493c31eea237a14c26a
-SIZE (postfix/postfix-2.6.3.tar.gz) = 3324979
+MD5 (postfix/postfix-2.6.4.tar.gz) = 578464f4dfee5468f8a6b5abfbb26bcc
+SHA256 (postfix/postfix-2.6.4.tar.gz) = 8a1d28c41859ba039de6e2d305735bb0e3634f1f661e52f3f492852c80deb0bc
+SIZE (postfix/postfix-2.6.4.tar.gz) = 3326428
MD5 (postfix/postfix-2.6.2-vda-ng.patch.gz) = 648f09acd31125c99d1bc36860e21910
SHA256 (postfix/postfix-2.6.2-vda-ng.patch.gz) = 2e49d9320a38d5d7ca246320127186cfacc3aced9a47aeced61151ee6eb620a4
SIZE (postfix/postfix-2.6.2-vda-ng.patch.gz) = 12661
--- patch_postfix-2.6.4.txt ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090826074501.E7A8F26145>