Releases: notqmail/notqmail
notqmail 1.09
What's notqmail?
It's software for running an email server. For more information, see About, Install, and Help.
What's not new?
As usual, this release is intended as a safe, easy update path from a previous notqmail, netqmail, or qmail. Your local patches should mostly continue to apply.
To the best of our knowledge, qmail, netqmail, and therefore notqmail have never been vulnerable to "SMTP Smuggling" (#251). Your instance of notqmail may nonetheless be vulnerable if you've applied any patches or chained any programs (such as fixcrio
) that cause line endings to be changed in transit. Other forks of qmail may be vulnerable if they have have modified its handling of line endings in qmail-smtpd
and/or qmail-remote
.
What's new?
Regressions fixed
Patch adjustments
See also patches.
- big-todo: conflict in
qmail-qstat.sh
, skip that section; conflict inhier.c
, add the two lines insidehier_queue()
- dns-oversize: merged, no longer needed (#201)
- qmail-queue-custom-error: merged, no longer needed (#195)
- smtp-auth: conflicts in
Makefile
andTARGETS
, remove references tonow.o
andalloc.a
- smtp-tls: does not apply, please wait for a new upstream patch
- smtpd-spp: conflict in
Makefile
, remove references tonow.o
andalloc.a
All other changes, organized by project goal:
Preserve qmail's hard-earned security properties
qmail-local
: close race window when creating file intmp/
. (#119)
Add interfaces to make extensions possible
qmail-queue
: extend interface so a custom rejection message can be communicated to the caller. Based on Flavio Curti'sqmail-queue-custom-error-v2.netqmail-1.05.patch
. (#195)
Provide sensible defaults
qmail-remote
: stop rewritingRCPT TO:
domains when they are aCNAME
(RFC 5321 5.1). (#121)qmail-remote
: handle DNS packets up to max EDNS response size. Based on Christopher K. Davis'sqmail-103.patch
. (#201)qmail-remote
: honor all group memberships of theqmailr
user. This lets admins more precisely define read permissions on TLS or DKIM key material. (#153)qmail-smtpd
: allow[]
to appear inReceived:
lines. (#170)- docs: append
.md
suffix. (#36)
Reduce marginal cost of development
- Define
CODEOWNERS
with our default reviewers. (#192) - Remove
maildirwatch
. (#93) - Remove
qsmhook
. (#87) - Remove
elq
,pinq
, andqail
. (#99) - Ensure local headers are self-contained by including them before system headers. (#183)
- Say
NULL
instead of casting 0 to a pointer type. (#152, #161) auto-str
: make most output human-readable. (#144)- Add
ids.a
, a library containingauto_user*.o
andauto_group*.o
. (#182) Makefile
: remove stale references toauto-uid
. (#219)TARGETS
: remove unneededauto_uid*.o
andauto_gid*.o
entries. (#154)Makefile
: callhead
(but nottail
, for portability) in the POSIX style. (#105, #205)- Use
ssize_t
insubstdio
to match return types ofread()
andwrite()
. (#84) - Replace
error_*
variables with#define
s to theirerrno
equivalents. (#171) qmail-qstat
: remove unneeded dependencies, simplify logic, add compatibility with big-todo queues. (#234)qmail-qmtpd
,qmail-qmqpd
: validate that netstring length is a number. (#241)qmail-remote
: avoid sending CRCRLF if input contains CRLF. (#18)- Make
now()
an inline function. (#158, #169) qmail-remote
: fix warnings aboutget()
being used with wrong pointer signedness. (#162)- clean up
hier.h
and spawn functions. (#155) - Improve platform checks for
select()
. (#163) qmail-send
: useutimes()
instead ofutime()
. (#164)predate
: use better version of callingtime()
. (#150)- Add missing system headers for
close()
,chdir()
,getpid()
, other undeclared functions. (#237, #146) - Add prototypes for
scan.h
,fmt.h
. (#129, #126) - Use default
strdup()
instead of open coding it. (#130) - Remove functions that only reimplement standard C functions. (#103)
- Remove the custom allocator. (#124)
- Fix several classes of compiler warning. (#184, #185, #186, #187, #188, #200, #271, #273)
- Fix CodeQL cpp/integer-multiplication-cast-to-long. (#193)
- Add tests for
qmail-send:job_*()
andprioq_*()
functions. (#224, #179, #254) - Remove
register
storage class declaration. (#202) - Add
noreturn
attribute to a couple of functions. (#211) - Return
int
from allmain()
functions. (#145) - Add back accidentally removed typecast in
gen_allocdefs.h
. (#137) - Clean up
substdio
interface declarations. (#271) - TravisCI: remove. (#207, #216)
- CirrusCI: remove. (#253)
- GitHub: extend build matrix (
gcc
with and withoututmpx(5)
) withclang
, with and without-DDEPRECATED_FUNCTIONS_REMOVED
, with and withoutnroff/mandoc
, with and without compiler warnings turned up. (#181) - GitHub: enable CodeQL analysis. (#176, #253)
- FreeBSD: update. (#125, #216, #235, #253, #274)
- macOS: add, update. (#181, #253)
- OpenBSD: add, update. (#242), #253, #274)
- Solaris: add, fix, update. (#206, #231, #242, #253)
- Ubuntu: update. ([#231...
notqmail-1.08: notqmail 1.08
notqmail 1.08
- CVE-2005-1515: fix signedness wraparound in substdio_{put,bput}().
- CVE-2005-1514: fix possible signed integer overflow in commands().
- CVE-2005-1513: fix integer overflow in stralloc_readyplus().
- Fix several other places where variables could overflow.
- qmail-pop3d: instead of running as root if root authenticates (and being a vector for a dictionary attack on the root password), exit 1 to look just like a failed checkpassword login.
- qmail-inject: do not parse header recipients if -a is given.
- Correctly detect multiple IP addresses on the same interface.
- Remove workaround for ancient DNS servers that do not properly support CNAME. Patch by Jonathan de Boyne Pollard that was floating around the net for years.
- Fix possible integer overflow in alloc().
- Remove dnscname and dnsmxip programs that were being built but not installed.
- Remove systype and related platform detection.
- Remove unused variable in maildir.c.
- Reduce variable scope in tcpto.c.
- Avoid local variables shadowing same-named globals.
- Avoid needing exit.h in named-pipe bug check.
- Add a test target and some unit tests, using Check.
- Add missing function declarations in cdbmss.h, scan.h.
- Add missing return types to main().
- Add hier.h for inclusion in instcheck.c, instchown.c, instpackage.c.
- Use system headers and types instead of the HASSHORTSETGROUPS check.
- Use system headers instead of redeclaring exit(), read(), write(), malloc(), free(), fork(), uint32_t.
- Use C89 function signatures for code we've touched so far.
- TravisCI: move setting MAKEFLAGS out of the script and into the matrix.
- Add FreeBSD builds with CirrusCi.
- Add a GitHub Actions build.
- Remove DJB's TODO.
- Replace many pobox.com URLs.
- Acknowledge Erik Sjölund's qmail-local.c bugfix that we've inherited from netqmail.
- Avoid generating catted manpages by building with NROFF=true.
- Optionally create a systemd service file.
- Run an alternate qmail-remote by setting QMAILREMOTE in qmail-send's environment.
Complete release note for 1.08 in the wiki.
notqmail-1.07: notqmail 1.07
notqmail 1.07
- Support utmpx in qbiff(1) for systems that no longer provide utmp. (#24, #29, #57)
- Append .md extensions to INSTALL and SENDMAIL to disambiguate from install and sendmail on case-insensitive filesystems, such as HFS+. (#16)
- Enable BIND 8 API compatibility for systems with BIND 9 resolvers. (#16)
- Work around macOS linker error by explicitly initializing a struct. (#16)
- Add missing function arguments, includes, and Makefile dependencies. (#1, #20, #31, #53, #55)
- Fix builds on at least FreeBSD (#24) and macOS. (#16)
- Look up qmail's UIDs and GIDs at run time, not build time. (#15)
- Optionally install as non-root, to a staging area, with DESTDIR. (#4, #15)
- Remove precompiled var-qmail package support. (#15)
- Remove shar target and FILES. (#27)
- Remove SYSDEPS. (#33)
- Remove vfork(), fixing macOS runtime. (#38)
Complete release note for 1.07 in the wiki.
qmail-1.03
qmail 1.03