s/qmail 4.0 CHANGE log ====================== Older changes can be found in CHANGELOG_V3. Version Descripition -------------------- 4.0.00 Initial version, removed SRS, fixed SPF. 4.0.01 Recovered SRS and added srsforward + srsreverse as compile option; still depending on librsrs2. Added man pages for srsforward + srsreverse. Fixed columnt (buf incorrectly used). B(2) Changed 'puts' to 'out'; where applicable. Fixed dnsq call in qmail-smtpd concerning lookup type "M" -> 'M', "A" -> 'A' (char ). B(3) Fixed missing timestamp for mails in maildir.c making qmail-pop3d behaving erratic. Substituted put -> out almost everywhere. Fixed wrong 'identity' in Received header ('unknown') due to misplaced 'if' nesting. Streamlined qmail-authuser to support APOP auth even for Unix system accounts (tx Drew). Fixed wrong CAPA announcement in qmail-popup (APOP instead of UIDL). 4.0.02 Removed dependency on libsrs2 providing srs2.[c|h] natively together with sha1[_hmac].[c|h]. Complete refactoring of sha1 and sha1_hmac. Included Drew W's enhancements for Dovecot auth in qmail-authuser. Fixed bug in IPv4/IPv6 matching for spf_mx. 4.0.03 Enhanced qmail-authuser. Redone srsforward and srsreverse + man pages. Fixed qmail-smtpd to cope with new DNS resolver behaviour (in particular for SPF segfaulting for bounces). Finally streamlined man pages. 4.0.04 SMTPUT8 is now triggered via environment variable UTF8 for qmail-smtpd. Fixed segfaulting qmail-smtpd in case of multiple recipients in the RCPT TO dialog. qmail-smtpd exits now if Auth and Auth not announced or PAM missing. 4.0.05 Fixed bug in qmail-remote with wrong CNAME address mangling (tx. Leah). Removed SMTPUTF8 compiler flags in qmail-remote and qmail-smtpam which now auto-detect UTF8 encoded addresses. 4.0.06 Fixed qmail-smtpd segfaulting while wrongly evalute 'fakehelo' for SPF. Added compatibility for other tcpserver/sslserver programs calling qmail-smtpd and different IPv6 environment variables (4Leah). 4.0.07 Straightend some code in SPF evalution which might prevent it (tx Leah). Fixed bug returning wrong SPF results in case a TXT but no SPF record is given. Fixed qmail-remote potentially not binding to IPv4 addresses (tx. MB). Fixed qmail-authuser insuffient handle of passwords using crypt (tx. MB). 4.0.08 Fix for qmail-vmailuser not respecting vpopmail's home dir (tx. Ueli H.). Changed qmail-remote to cope better with fehQlibs-15 and IPv4 qualification. Fixed CVE-2011-0411: Pipelining command injection for qmail-smtpd. Fixed the Guninski CVE-2005-1513 (in fehQlibs-15): Buffer overflow if size of mail > 4 GByte. 4.0.09 Reworked fix for CVE-2011-0411 to provide a general solution. (tx. Fabian) Applied fix to qmail-popup as well. 4.0.10 GCC 10 refactoring (together with fehQlibs-15b). qmail-remote now recognizes a MX retrieved IP to be itself and skips it. EOL for 4.0 4.1.00 Added TLSA DNS lookup for qmail-remote. 4.1.01 Added qmail-ldapam; needs tweaking and verification still. 4.1.02 Added qmail-postgrey client together with the qmail-smtpd IF (permisssion by jan.mojzis). 4.1.03 Fixed TLSA off-by-one error for qmail-remote. Removed idedit.c (could be used in later version). Disabled compilation of qmail-ldapam. (cleanups, beta version). Added postgrey run script together with adjustments for doc and man. 4.1.04 Included Reiser FS patch; see unlinking problems also with vdeliver (qmail-queue, qmail-local). Fixed 'incorrect' xtext generation in qmail-remote. Added qmail-qmaint providing sanity checks on the queue and allowing removal of messages (based on E. Huss code). Integrated DANE lookup (exceptions) into tlsdestinations + doc. 4.1.04+ Fixed bug not freeing X509 cert, thus TLSA fails. The X509_digest API is stupid. 4.1.05 Added selector evalution in tlsa_check and re-formulated logic. Moved header files to ./include directory (and changed conf-cc accordingly). 4.1.06 Compliance with fehQlibs-17 (could solve [20201123#1/4.0.10]). Fixed bug in smtproutes not authenticating [20210213#1/4.0.10]. Reformulated qmail-smtpd smtproutes to support setting localip [RfC:20201112#1/4.0.10]. 4.1.07 Fixed bug in qmail-smtpd confusing badmailfrom with badrcptto [20120312#1/4.0.10]. Adjusted header files to compile on ARM64 (Clang) and with GCC-10 (AMD64). 4.1.08 Removed references to qmail-ldapam in package. Changed SPF DEFEXP macro using expand for domaiGn rather than 'spf.pobox.com' [20210212#1/4.0.10]. 4.1.09 Fixes for qmail-remote and rewriting the SIZE extension interface (tx. Drew): a) (Occasional) wrong parsing of multiple X.509 fingerprints in dnstlsa and tls_remote.c which might qmail-remote advice to reject valid TLSA indicated connections. b) Wrong SIZE indication (mailfrom, mailfrom_xtext) in SMTP dialogue [20210622#1/4.1.08] (tx. Drew). c) Wrong SMTPUTF8 indication (mailfrom, mailfrom_xtext) [20210622#2/4.1.08]. Note: qmail-rspawn API left unchanged wrt vanilla qmail. 4.1.10 Fixed flaw in qmail-remote not producing immediate bounce for server's 5xx reply code. Fixed bug in qmail-remote introduded in sqmail-4.1.09 evaluating size information for qmtp delivery. 4.1.11 Fixed bug in qmail-vmailuser not evaluating vpopmail's user directories correctly. Fixed bug in qmail-smtpam segfaulting. Sitting there since 3.0; nobody is using it. Added 'implicit TLS' support for qmail-remote in control/smtproutes, ./authusers, ./tlsdestinations. Added 'implicit TLS' support for qmail-smtpam on the command line. 4.1.12 Improved and streamlined qmail-remote TLS errors. Multiple DNS queries vor TLSA check; first early; second after cert received. TLSA check working again; stupid OpenSSL doc ;-) 4.1.13 Better RFC 6698 (TLSA) conformance for PKIX-EE (with full X.509 chain given). 4.1.14 TLSA record lookup follows now a CNAME query. Pretty unusual for MX environments. Removed recognition of 451 SMTP return code as greylisting in qmail-remote logs. 4.1.14a Fixed two integration bugs in 4.1.14 and straightend TLSA lookup and evalution. 4.1.15 Off-by-one error in dnstlsa (cert finterprint too short) and corrections (and simplifications) to evaluate the TLSA finterprints (tls_remote.c). 4.1.16 Additional corrections for TLSA evaluation with several fingerprints. TLSA lookup not bound to PTR lookup anymore but just hostname of MX. qmail-local does not disclose virtual user name extension in 'Delivered-To' field. Installation routine removes now potential remnants in ./src diretory. Removed irritating 'greylisting' log info from qmail-remote for certain SMTP reply codes. qmail-queue fast injection race condition fix from Manvendra included. qmail-remote evaluates MX distance according to IPv4/IPv6 local bindings. 4.1.17 Fixed OpenSSL's X509_pubkey_digest() function for TLSA. EOL for 4.1 4.2.00 Taken over qmail-ldapam development from 4.1. 4.2.03 Synced with current s/qmail (4.1.16); enhanced RECIPIENTS mechanmism to read users/assign.cdb. Note: This breaks old qmail, since the name was just 'cdb' here. Adjusted qmail-newu to confirm with this decision. 4.2.04 First step integrating libdkim (from Kai Peter's implementation and adjustments for current OpenSSL and LibreSSL). 4.2.05 libdkim implemented (native C++) als qmail-dkim; added stub qmail-dksign. Synced with sqmail-4.1.17. New requirement: fehQlibs-20 due to dns_txt.c changes. 4.2.06 Integration tests and documentation for qmail-dksign. 4.2.07 Integration tests successful; except for DKIM over QMTP. Needs changes for qmail-qmtpd. Included man pages for qmail-dkim.8 and qmail-dksign.8. 4.2.08 Replace 'execve' with 'pathexec' in qmail-rspawn and qmail-dksign. Fixed permissions on DKIM 'default' files. Preliminary qmail-dkverify.c. Removed creation of qmail-ldapam; still a useful solution is required (separate package?). Changed defaults for qmail-dksign to the anticipated ones; verified CRLF prior of signing. qmail-dkim options work now as expected. Fixed wrong hash functions in dkimsign (tx. Pascal). DKIM signing working now. 4.2.09 Removed 'Allman' code from DKIM. Adjusted qmail-dksign man page. First attempt for qmail-dkverify.c. Removed the qmail-ldap dependencies. 4.2.10 Included 'Ed25519' signatures in dkimsign.cpp. Works fine - but untested. Removed chdir(auto_qmail) dependency from qmail-dkim; universal usage again. Moved back to include tabs for the DKIM header; double WSP seems not to work well here. Removed ADSP (Author Domain Signing Practice) from dkverify.cpp (RFC 6541; experimental). 4.2.11 qmail-remote recognizes now Greylisting after HELO with SMTP Reply > 400 (and tries again). Big reminder: Always use byte arrays in constmap hash tables => tls_destination()++. Added 'l' (length) flag in dkimdomains for specific customization. Changed dkimsign's BodyLength calculation; was strange before. 4.2.12 Progress on dkimverify.cpp. 4.2.13 dkimverify.cpp stripped down and working now with socket interface. 4.2.14 Fixed bug in spf_exists return wrong results for DNS lookup (tx. Laurentiu). First version with working qmail-dkverify. Tests pending. 4.2.15 qmail-dkverify working now; except for Ed25519 signatures. Replaced socket interface by file interface for reporting results to qmail-dkverify. Stripped CR from outgoing mails. qmail-dksign ignores input domains for which no privkey exists. 4.2.16 qmail-dkverify considers now d=domain in X-Authentication results. Removed obsolete 'selector' file in ssl/domainkeys/ and rather permit now tailored selector names in ssl/domainkeys// to pick up private key. Ed25519 signing and verification working now. Fixed wrong variable for 'sender' upon call. 4.2.17 Fixed premature close of cdb in fastforward; removed slurpclose.c. Final trimming and documentation. qmail-remotes's cafile and cipher handling reworked. 4.2.18 Removed 'selector' as file name for qmail-dksign and used 'default' instead, making it more robust. Changed erroneous 'domain' to 'sdid' in qmail-dksign (tx. Pascal). Udated man page for qmail-dksign. 4.2.19 Changed back to 4.2.16 behavior of reading the DKIM private key based on selector. Added new default signing capability for qmail-dksign to consider only 'own' domains, which are given in rcpthosts. The token '=:' can be used in control/dkimdomains. Compatibility with LibreSSL 3.7.x and Ed25519 signature operations (tx. Nicolai). Improved robustness and error message handling for qmail-dksign. 4.2.20 Updated mkdkimkey.sh; no TLSA lookup for bounces. dkimverify update for message with both RSA and Ed25519 signatures and selection. Added more verbose logging to qmail-remote in case of unsuccessful delivery. qmail-rspawn does not read control/dkimdomains but rather stats it -> less FDs. 4.2.21 Fixed wrong DKIM ed25519 indication in DKIM header. DKIM ed25519 key stripped from ASN.1 header in order to conform with RFC 8463 while prepending that for DKIM verification. SPF evaluation considers now fehQlibs-22 new CIDR API. 4.2.22 Internal version with first attempt for hybrid DKIM signatures. Fixed qmail-remote abends in case of contacting RFC (2)821 none-compliant SMTP MTAs. 4.2.23 Fix for qmail-remote handling of none StartTLS MTAs to fallback for unencrypted service. 4.2.23 Hybrid DKIM signatures working now; required changes of qmail-dkim API and qmail-dksign. 4.2.23a Some typos in documentation and spelling mistakes fixed. 4.2.24 Fixed SPF PTR lookup (cleared up weired logic) [202310503#1/4.2.24] and straightened error output line. Tweaks for DNS behavior in case of missing DNS records and bouncing for qmail-remote. Added Return Code values in man pages for DNS client programs. 4.2.25 Fixed bug in DKIM validation not considering Pubkey if k= is missing in DNS TXT record => DKIM fail. 4.2.26 Backported fixes for [20230922#1/4.3.01], [20230920#1/4.3.01], and [20230823#1/4.3.00] included. 4.2.27 Fixed qmail-smtpd Auth bug segfaulting if no/wrong arguments [20230931#1/4.2.27] 4.2.27a Misspelled prototype in smtpd.log may lead to confusing auth eror messages [20231003#1/4.2.27a]. 4.2.27b control/domainips adds erroneously a \0 to helohost which violates RFC 2821 [20231004#1/4.2.27b]. 4.2.28 Backported TLSA handling for qmail-remote from s/qmail 4.3. 4.2.29 DKIM sender evaluated in lowercase for signing [20231109#1/4.2.29]; DKIM header for verification does not depend on position of 'Content' header (missing verification). Fixed irritating log output in case no DKIM key is found. DKIM signing now robust against wrong keys and remnant files left in DKIM staging area. Fixed crash in qmail-smtpd while logging SPF evaluation with un-terminated spfbounce [20231203#1/4.2.29]. Fixed 'missing' mails for bounces problem in case DKIM signing failed due to missing key [20231119#1/4.2.29]. EOL for 4.2 4.2.29a Fix for EHLO X-fields and StartTLS in qmail-remote. Fix for recipients() and assign.cdb reading. Fix for qmail-dkverify with incomplete information in email header. Fix for qmail-dksign reading from inital stage file in case of signing errors.