view NEWS @ 462:f3f1ece619ba stable-6-0-75

change dkim_from syntax to allow "signer1,signer2;spf data"
author Carl Byington <carl@five-ten-sg.com>
date Sat, 09 Mar 2019 18:46:25 -0800
parents ad05c61d6372
children 428de28b34b7
line wrap: on
line source

6.75 2019-03-09 change dkim_from syntax to allow "signer1,signer2;spf data"
6.74 2018-12-24 add debug code for spf check with microsoft /14
6.73 2018-09-18 ignore dnswl entries if the sender is <>
6.72 2018-06-06 add unsigned_black for enforcement of dmarc policy
6.69 2018-04-10 fix spf mx:domain.tld token parsing
6.68 2018-02-19 round spamassassin scores; check >= rather than >
6.67 2018-01-05 always call dcc code so we get log entries
6.66 2017-12-07 more changes for long syslog messages
6.65 2017-11-03 code cleanup
6.64 2017-11-03 fix syslog for long messages, supress dkim checks for mail from localhost
6.63 2017-10-24 allow syslogging of long txt records
6.62 2017-10-03 include arpa/nameser.h earlier
6.61 2017-10-02 allow 4000 byte spf txt records
6.60 2017-08-18 hosts-ignore.conf can be used to ignore nameserver names
6.59 2017-07-26 use both envelope from and header from for spf checks when envelope from is a subdomain of the header from domain.
6.58 2017-05-19 spf code now handles %{d} and %{h} macros, use envelope from value for spf if it is a subdomain of the header from domain.
6.57 2017-04-25 spf code now handles mx,exists,ptr tags, multiple A records, %{i} macro
6.56 2017-04-19 refactor spf code; allow wildcard *.example.com in dkim signing restrictions
6.55 2017-04-16 require 3 dots in bare ip addresses.
6.54 2017-03-30 document dmarc vs dnsbl dkim/spf; switch to . rather than " " for dkim impossible signer
6.53 2017-03-17 suppress duplicate calls to acceptable_content(); redirect= in spf
6.52 2017-03-09 document dkim/spf processing, handle a and a: elements
6.51 2017-03-06 parse spf txt records for required dkim signers
6.50 2017-02-22 reject if dkim signer is listed on surbl
6.49 2017-02-08 RHEL7 systemd and /var/run on tmpfs
6.48 2016-12-17 Add dkim white/black listing
6.47 2016-09-21 Better smtp verify logging
6.46 2016-09-19 Enable smtp verify logging
6.45 2015-04-09 Add bitcoin donation address
6.44 2014-10-13 Generic regex now matches against the reverse dns PTR value
6.43 2014-07-18 Allow broken SRS0+ rather than the correct SRS0= tag.
6.42 2014-06-28 Never add auto-whitelist entries for outgoing mail from localhost.
6.41 2014-03-21 Unique ip connection limits only apply to authenticated connections.
6.40 2014-02-05 Fix possible segfault in mlfi_connect, hostaddr might be null.
6.39 2013-12-31 Fix segfault caused by freeing unallocated memory.
6.38 2013-12-24 Activate check for unique ip connection limits.
6.37 2013-12-17 Add unique ip connection limits per authenticated id or email address.
6.36 2013-09-09 Code cleanup, increase minimum hostname length for uribl checking.
6.35 2013-09-09 Use mozilla prefix list for tld checking. Enable surbl/uribl/dbl rhs lists.
6.34 2013-05-22 Add require_rdns checking.
6.33 2012-07-21 Fix unauthenticated rate limit bug for empty mail from. Move unauthenticated rate limit checks after spam filtering.
6.32 2012-07-21 Allow rate limiting for unauthentication connections by mail from address or domain.
6.31 2012-07-01 Fix uribl lookups on client dns name.
6.30 2012-04-09 Allow dnswl_list and dnsbl_list to be empty; add daily recipient limits.
6.29 2012-04-08 Add dnswl support.
6.28 2011-09-30 Add prvs decoding to envelope addresses.
6.27 2011-08-15 const correctness fixes from new gcc
6.26 2010-11-19 64 bit fixes for libresolv.a
6.25 2009-09-29 Add surbl checks on the smtp helo value, client reverse dns name, and mail from domain name.
6.24 2009-06-09 Add SRS decoding to envelope addresses.
6.23 2009-05-25 Add whitelisting by regex expression filtering.
6.22 2009-05-08 Prevent auto whitelisting due to outgoing multipart/report delivery notifications.
6.21 2009-01-03 Fixes to compile on old systems without memrchr or string::clear().
6.20 2008-12-27 Never whitelist self addressed mail.
6.19 2008-06-10 Fixes to compile on Fedora 9 and for const correctness.
6.18 2008-03-22 Extend auto-whitelisting even if specified in a parent context.
6.17 2008-03-04 Verify all from/to pairs, fix dcc bulk thresholds of many.
6.16 2008-02-02 Switch to Mercurial source control.
6.15 2007-12-07 Fix null pointer dereference if macro _ not passed to this milter.
6.14 2007-11-10 Don't autowhitelist due to out of office reply bots.
6.13 2007-11-10 Fix null pointer dereference on missing HELO command.
6.12 2007-10-13 SMTP rejections take precedence over greylisting.
6.11 2007-10-07 Add DCC filtering via dccifd. Fix static buffer referenced by multiple threads.
6.10 2007-09-23 Don't whitelist addresses with embedded blanks, or the empty path.
6.09 2007-09-06 Fix memory leak. Update timestamps when receiving from auto-whitelisted sender.
6.08 2007-08-30 Don't do generic reverse dns filtering on authenticated connections.
6.07 2007-08-30 Add generic reverse dns filtering with regular expression.
6.06 2007-08-27 Fix bug that effectively disabled spamassassin filtering.
6.05 2007-08-26 Fix unitialized variable in my spamassassin code.
6.04 2007-08-26 Add spamassassin integration via spamc, code from spamass-milter.
6.03 2007-07-14 Don't add auto whitelist entries for our own domains.
6.02 2007-07-10 Allow manual updates to the auto whitelisting files.
6.01 2007-07-07 GPL3. Block mail to recipients that cannot reply. Start auto whitelisting.
5.30 2007-06-09 Selinux fixes
5.29 2007-03-27 Limit dns resolver to two retries five seconds apart.
5.28 2007-02-19 Change conflict resolution to "second context wins". Update ICANN tld list,
5.27 2007-01-30 Allow 'inherit' as an env_from target.
5.26 2006-12-04 Fix bug at 5.23 that prevented seeing host names in the mail bodies
5.25 2006-10-15 Dump the effective dnsbl list with the -c switch
5.24 2006-10-15 Allow child and parent context to specify the same fully qualified env_to address
5.23 2006-10-10 Require two periods in ip addresses
5.22 2006-09-27 Cleanup rate limit code
5.21 2006-09-26 Add SMTP AUTH recipient rate limits
5.20 2006-08-02 fully qualify all dns lookups; fix my_read() bug
5.19 2006-08-01 uribl dnsl lookups fully qualified; allow two component host names; rpm properly creates user
5.18 2006-04-27 sendmail no longer guarantees <> wrapper on envelopes, don't ask uribls about rfc1918 space either
5.17 2006-03-25 never ask dns blacklists about rfc1918 address space
5.16 2006-03-16 bug fix, smtp error message for uribl filtering needs host name, not ip address
5.15 2006-03-15 bug fix, failed to set reason code when rejecting mail from content filtering
5.14 2006-03-13 fix typo in default config and documentation for using multi.surbl.org
5.13 2006-03-12 patch from Jeff Evans <jeffe@tricab.com> to add SURBL/URIBL lookups
5.12 2006-01-08 use larger resolver buffer to accomodate spammers with many name servers
5.11 2005-12-20 switch to autoconf/automake/docbook
5.10 2005-10-16 fix compile error on FC3
5.9  2005-09-26 fix bug with empty return paths
5.8  2005-09-25 allow empty env_to at global context level
5.7  2005-09-23 fix bug - failed to return a value from parse_verify()
5.6  2005-09-22 tokenizer errors now go thru the syslog code
5.5  2005-09-21 cleanup debug logging
5.4  2005-09-18 add 'verify' statement
5.3  2005-08-07 properly quit if the config file has syntax errors
5.2  2005-08-02 fix bug - lack of a default return value in CONTEXT::acceptable_content()
5.1  2005-07-20 add multiple syslog debug levels
5.0  2005-07-16 major changes to the syntax of the config file
4.6  2005-04-02 fix bug - Fix enum compilation error on FC3
4.5  2005-01-22 add uuencode decoding for old style attachments
4.4  2005-01-18 fix bug in forked process termination
4.3  2005-01-16 only keep 20% of the resolver sockets in the ready pool
4.2  2005-01-08 always use the separate resolver processes
4.1  2005-01-06 use a local unix domain socket for the resolver process
4.0  2005-01-03 fork off a separate resolver listener process
3.7  2004-10-28 add 'ignore' statement
3.6  2004-09-08 better documentation regarding disabling the content filtering
3.5  2004-07-17 extend the error message for content filtering
3.4  2004-07-15 bug fix - ip addresses cannot have two consecutive periods
3.3  2004-07-09 drop root priviledges properly