1
The stable Postfix release is called postfix-2.10.x where 2=major
2
release number, 10=minor release number, x=patchlevel. The stable
3
release never changes except for patches that address bugs or
4
emergencies. Patches change the patchlevel and the release date.
6
New features are developed in snapshot releases. These are called
7
postfix-2.11-yyyymmdd where yyyymmdd is the release date (yyyy=year,
8
mm=month, dd=day). Patches are never issued for snapshot releases;
9
instead, a new snapshot is released.
11
The mail_release_date configuration parameter (format: yyyymmdd)
12
specifies the release date of a stable release or snapshot release.
14
If you upgrade from Postfix 2.8 or earlier, read RELEASE_NOTES-2.9
17
Major changes - laptop-friendliness
18
-----------------------------------
20
[Incompat 20120924] Postfix no longer uses FIFOs to emulate UNIX-domain
21
sockets on Solaris 9 (Vintage 2002!) and later. If you install
22
Postfix for the first time on an older Solaris system, edit the
23
master.cf file and replace "unix" with "fifo" for the pickup and
26
[Feature 20120924] the default master.cf file now uses "unix" instead
27
of "fifo" for the pickup and qmgr services. This avoids periodic
30
Major changes - permit logging
31
------------------------------
33
[Feature 20120303] [Feature 20120303] New control for "permit"
34
logging in smtpd_mumble_restrictions (by default, the SMTP server
35
logs "reject" actions but not "permit" actions). Specify
36
"smtpd_log_access_permit_actions = static:all" to log all "permit"-style
37
actions, or specify a list of explicit action names. More details
38
are in the postconf(5) manpage.
40
Major changes - postconf
41
------------------------
43
[Incompat 20121224] The postconf command produces more warnings:
45
- An attempt to modify a read-only parameter (process_name, process_id)
46
in main.cf or master.cf.
48
- An undefined $name in a parameter value in main.cf or master.cf
49
(except for backwards-compatibility parameters such as $virtual_maps).
51
[Feature 20121224] The postconf command has been updated to make
52
trouble-shooting (and support) easier. In summary, use "postconf
53
-Mxf" and "postconf -nxf" to review master.cf and main.cf parameter
54
settings with expanded parameter values.
56
- "postconf -x" now expands $name in main.cf and master.cf parameter
59
- postconf warns about attempts to modify a read-only parameter
60
(process_name, process_id) in main.cf or master.cf.
62
- postconf warns about an undefined $name in a parameter value in
63
main.cf or master.cf (except for backwards-compatibility parameters
64
such as $virtual_maps).
68
- "postconf -o name=value" overrides main.cf parameter settings.
69
This can be used, for example, to examine stress-dependent settings
70
with "postconf -x -o stress=yes".
72
Major changes - postscreen
73
--------------------------
75
[Incompat 20121123] The postscreen deep protocol tests now log the
76
last command before a protocol error ("UNIMPLEMENTED" when the last
77
command is not implemented, "CONNECT" when there was no prior
78
command). The changed logfile messages are:
80
NON-SMTP COMMAND from [address]:port after command: text
81
BARE NEWLINE from [address]:port after command
82
COMMAND TIME LIMIT from [address]:port after command
83
COMMAND COUNT LIMIT from [address]:port after command
84
COMMAND LENGTH LIMIT from [address]:port after command
86
Major changes - load-balancer support
87
-------------------------------------
89
[Incompat 20120625] The postscreen(8)-to-smtpd(8) protocol has
90
changed. To avoid "cannot receive connection attributes" warnings
91
and dropped connections, execute the command "postfix reload". No
92
mail will be lost as long as the remote SMTP client tries again
95
[Feature 20120625] Support for upstream proxy agent in the postscreen(8)
96
and smtpd(8) daemons. To enable the haproxy protocol, specify one
99
postscreen_upstream_proxy_protocol = haproxy
100
smtpd_upstream_proxy_protocol = haproxy
102
Note 1: smtpd_upstream_proxy_protocol can't be used in smtpd processes
103
that are behind postscreen. Configure postscreen_upstream_proxy_protocol
106
Note 2: To use the nginx proxy with smtpd(8), enable the XCLIENT
107
protocol with smtpd_authorized_xclient_hosts. This supports SASL
108
authentication in the proxy agent (Postfix 2.9 and later).
110
Major changes - relay safety
111
----------------------------
113
[Incompat 20130613] New smtpd_relay_restrictions parameter built-in
116
smtpd_relay_restrictions =
118
permit_sasl_authenticated
119
defer_unauth_destination
121
This safety net prevents open relay problems due to mistakes
122
with spam filter rules in smtpd_recipient_restrictions.
124
If your site has a complex mail relay policy configured under
125
smtpd_recipient_restrictions, this safety net may defer mail that
126
Postfix should accept.
128
To fix this safety net, take one of the following actions:
130
- Set smtpd_relay_restrictions empty, and keep using the existing
131
mail relay authorization policy in smtpd_recipient_restrictions.
133
- Copy the existing mail relay authorization policy from
134
smtpd_recipient_restrictions to smtpd_relay_restrictions.
136
There is no need to change the value of smtpd_recipient_restrictions.
138
[Feature 20130613] This version introduces the smtpd_relay_restrictions
139
feature for mail relay control. The new built-in default settings
142
smtpd_relay_restrictions =
144
permit_sasl_authenticated
145
defer_unauth_destination
147
smtpd_recipient_restrictions =
148
( optional spam blocking rules would go here )
150
For comparison, this is the Postfix before 2.10 default:
152
smtpd_recipient_restrictions =
154
reject_unauth_destination
155
( optional spam blocking rules would go here )
157
With Postfix versions before 2.10, the mail relay policy and spam
158
blocking policy were combined under smtpd_recipient_restrictions,
159
resulting in error-prone configuration.
161
As of Postfix 2.10, the mail relay policy is preferably implemented
162
with smtpd_relay_restrictions, so that a permissive spam blocking
163
policy under smtpd_recipient_restrictions will not unexpectedly
164
result in a permissive mail relay policy.
166
As of Postfix 2.10.0 the smtpd_relay_restrictions parameter built-in
167
default settings are:
169
smtpd_relay_restrictions =
171
permit_sasl_authenticated
172
defer_unauth_destination
174
If your site has a complex mail relay policy configured under
175
smtpd_recipient_restrictions, this safety net may defer mail that
176
Postfix should accept.
178
To migrate from an earlier Postfix release with the least amount
181
- Set smtpd_relay_restrictions empty, and keep using the existing
182
mail relay authorization policy in smtpd_recipient_restrictions.
184
- There is no need to change the value of smtpd_recipient_restrictions.
186
To take advantage of the new smtpd_relay_restrictions feature:
188
- Copy the existing mail relay authorization policy from
189
smtpd_recipient_restrictions to smtpd_relay_restrictions.
191
- There is no need to change the value of smtpd_recipient_restrictions.
193
Major changes - start-up
194
------------------------
196
[Feature 20120306] New master "-w" option, to wait for master daemon
197
process initialization to complete. This feature returns an error
198
exit status if master daemon initialization fails, or if it does
199
not complete in a reasonable amount of time. The exit status is
200
used by "postfix start" to provide more accurate information to
201
system start-up scripts.
206
[Incompat 20130203] Thanks to OpenSSL documentation, the Postfix
207
2.9.0..2.9.5 SMTP client and server server used an incorrect procedure
208
to compute TLS certificate PUBLIC-KEY fingerprints (these may be
209
used in the check_ccert_access and in smtp_tls_policy_maps features).
210
Support for certificate PUBLIC-KEY finger prints was introduced
211
with Postfix 2.9; there is no known problem with the certificate
212
fingerprint algorithms available since Postfix 2.2.
214
Certificate PUBLIC-KEY finger prints may be used in the Postfix
215
SMTP server (with "check_ccert_access") and in the Postfix SMTP
216
client (with the "fingerprint" security level).
218
Specify "tls_legacy_public_key_fingerprints = yes" temporarily,
219
pending a migration from configuration files with incorrect Postfix
220
2.9.0..2.9.5 certificate PUBLIC-KEY finger prints, to the correct
221
fingerprints used by Postfix 2.9.6 and later.
223
To compute the correct PUBLIC-KEY finger prints:
225
# OpenSSL 1.0 with all certificates and SHA-1 fingerprints.
226
$ openssl x509 -in cert.pem -noout -pubkey | \
227
openssl pkey -pubin -outform DER | \
228
openssl dgst -sha1 -c
230
# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints.
231
$ openssl x509 -in cert.pem -noout -pubkey | \
232
openssl rsa -pubin -outform DER | \
235
[Feature 20120422] This release adds support to turn off the TLSv1.1
236
and TLSv1.2 protocols. Introduced with OpenSSL version 1.0.1, these
237
are known to cause inter-operability problems with for example
240
The radical workaround is to temporarily turn off problematic
243
/etc/postfix/main.cf:
244
smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
245
smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
247
smtpd_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
248
smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
250
However, it may be better to temporarily turn off problematic
251
protocols for broken sites only:
253
/etc/postfix/main.cf:
254
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
256
/etc/postfix/tls_policy:
257
example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
261
- Note the use of ":" instead of comma or space. Also, note that
262
there is NO space around the "=" in "protocols=".
264
- The smtp_tls_policy_maps lookup key must match the "next-hop"
265
destination that is given to the Postfix SMTP client. If you
266
override the next-hop destination with transport_maps, relayhost,
267
sender_dependent_relayhost_maps, or otherwise, you need to specify
268
the same destination for the smtp_tls_policy_maps lookup key.