- Allow comments in domains-file (#181)
- Support for building against system libmilter library
- Fixed build with system libraries (#176)
- Create sockets non-blocking and with close-on-exec enabled
- Fixed socket creation for Milter
- Fixed Milter issue with IPv6 clients (#156)
- Support for system user management with
sysusers.d
- Better customization of the PostSRSd build with
POSTSRSD_CONFIGDIR
andINSTALL_SYSTEMD_SERVICE
- Improved documentation of the PostSRSd example configuration
- the parser callback for the
original-envelope
option used the wrong return type, which could prevent thedatabase
mode from activating - PostSRSd is confirmed to build and run on FreeBSD now
- New configuration option
debug
to increase log verbosity.
- Reduced default log verbosity: PostSRSd no longer prints messages for mail addresses which need no rewrite (#149)
- Do not try to set Keep-Alive on Redis unix sockets (#146)
- Worked around EXCLUDE_FROM_ALL bug in CMake 3.20.x and older
- Fixed a few compiler warnings in the test suite
- Added support for musl as libc alternative
- Added support for CPack to generate installable packages
- Added new CLI option -h to print a summary of CLI options
- The test suite no longer requires
faketime
as dependency - Improved error logging
- Close socketmap connection in main process to prevent resource exhaustion (#141)
- Explicitly set 0666 permissions on socketmap unix socket (#141)
- Improved detection logic for systemd system unit directory (#132)
- Drop supplementary groups when relinquishing root privileges (#133)
- Fixed improper linking against the pthread library on systems where pthread is separate from libc (#130)
- Added proper configuration file format
- Added support for unix sockets
- Added new rewrite mode with database backend
- Added experimental milter support
- PostSRSd uses
socketmap
tables instead oftcp
tables now
- Removed AppArmor and SELinux profiles
- Removed support for all init systems except systemd (Pull requests for needed init systems are welcome)
- Explicitly clear
O_NONBLOCK
to avoid inherited non-blocking sockets on some operating systems (#117) - Do not close all file descriptors up to
_SC_MAX_OPEN
, as this limit tends to be absurdly high in Docker containers (#122) - Check for the existence of the
faketime
tool before using it in the unit tests.
- The subprocess that talks to Postfix could be caused to hang with a very long email address (077be98d)
- Fixed CVE-2020-35573: PostSRSd could be tricked into consuming a lot of CPU time with an SRS address that has a very long time stamp tag (4733fb11)
- Fixed a bug where PostSRSd would occasionally create invalid SRS addresses if the used secret is extremely long
Hotfix release
- Added test that systemd service file is working properly
- Fixed systemd service file
- Added "Always Rewrite" option (#97)
- Added blackbox testing for PostSRSd daemon
- Improved syslog messages
- Fixed AppArmor and SELinux profiles
- Improved systemd auto detection
- Drop group privileges as well as user privileges
- Merged Debian adaptations (Thanks to Oxan van Leeuwen)
- CMake 2.x support
- Somewhat usable unit tests
- Fixed Big Endian issue with SHA-1 implementation (#90)
- Add configuration options for listening network interface
- Close all open file descriptors on startup
- Fixed SELinux policy
- Fixed handling of excluded domains in systemd startup file
- Added dual stack support
- Make startup scripts more robust in case of configuration errors
- Improved BSD compatibility
- Make SRS separator configurable
- Added support for even more init systems
- Added support for more init systems
- Listen to 127.0.0.1 by default
- Load correct timezone for logging
- Fixed various issues with the CMake script
- Fixed command line parsing bug
- First stable release