Postsrsd Versions Save

Postfix Sender Rewriting Scheme daemon

2.0.0a2

1 year ago

...because it would not have been a proper pre-release without some obvious bugs 😉

  • Properly rewrite SRS addresses with database backend
  • Fix crash due to faulty log statement
  • More tests!

2.0.0a1

1 year ago

This is a complete rewrite of PostSRSd, with the following features:

  • Proper configuration file, no more fiddling with environment variables
  • Now with socketmap interface (requires Postfix 2.10+)
  • Unix socket support
  • New rewrite mode with database backend, supports unlimited email address length
  • Experimental Milter support

This is a pre-release for anyone who is interested in the new features. Please give it a try, report bugs and give feedback!

1.12

1 year ago
  • Explicitly clear O_NONBLOCK to avoid inherited non-blocking sockets on some operating systems
  • Do not close all file descriptors up to _SC_MAX_OPEN, that limit can be absurdly high and hang PostSRSd for minutes
  • Check for faketime before using it in the unit tests

1.11

3 years ago
  • SECURITY FIX: The subprocess that talks to Postfix could be caused to hang with a very long email address (see 077be98 for details, thanks to Mateusz JoÅ„czyk for the report). [Note: This bug seems only exploitable if Postfix is tricked into passing a whole list of addresses as single query to PostSRSd, such as it was observed in #37.]

1.10

3 years ago
  • SECURITY FIX [CVE-2020-35573]: PostSRSd could be tricked into consuming a lot of CPU time with an SRS address that has a very long time stamp tag (see 4733fb1 for details)
  • Fixed a bug where PostSRSd would occasionally create invalid SRS addresses if the used secret is extremely long

1.9

3 years ago
  • Another hotfix release
  • Fix issues with systemd service file

I'm sorry for any disruption that might have occurred. I learned my lesson not to trust in my assumed knowledge about systemd too much, and set up a proper Github Action test.

1.8

3 years ago
  • Add new "always rewrite" option -A
  • Improved syslog messages for PostSRSd activity
  • Fix AppArmor and SELinux profiles
  • Add blackbost testing for PostSRSd daemon

1.7

3 years ago
  • Improve systemd auto detection
  • Drop group privileges as well as user privileges
  • Adopt modifications from Debian (Thanks to Oxan van Leeuwen)
  • Clean up CMakeLists.txt. The minimum required version is CMake 3.0 now.

1.6

5 years ago
  • Bugfix release
  • Fix endianness issue with SHA-1 implementation
  • Improve unit test to minimize the risk of spurious failures due to hash prefix collisions

1.5

5 years ago
  • Maintenance release.
  • Fix SElinux policy.
  • Fix handling of excluded domains in systemd startup file.
  • Close file descriptors on startup.
  • Add a few more configuration options.