1The stable Postfix release is called postfix-2.11.x where 2=major 2release number, 11=minor release number, x=patchlevel. The stable 3release never changes except for patches that address bugs or 4emergencies. Patches change the patchlevel and the release date. 5 6New features are developed in snapshot releases. These are called 7postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year, 8mm=month, dd=day). Patches are never issued for snapshot releases; 9instead, a new snapshot is released. 10 11The mail_release_date configuration parameter (format: yyyymmdd) 12specifies the release date of a stable release or snapshot release. 13 14If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10 15before proceeding. 16 17Major changes - tls 18------------------- 19 20[Documentation 20131218] The new FORWARD_SECRECY_README document 21conveniently presents all information about Postfix "perfect" forward 22secrecy support in one place: what forward secrecy is, how to tweak 23settings, and what you can expect to see when Postfix uses ciphers 24with forward secrecy. 25 26[Feature 20130602] Support for PKI-less TLS server certificate 27verification, where the CA public key or the server certificate is 28identified via DNSSEC lookup. 29 30This feature introduces new TLS security levels called "dane" and 31"dane-only" (DNS-based Authentication of Named Entities) that use 32DNSSEC to look up CA or server certificate information. The details 33of DANE core protocols are still evolving, as are the details of 34how DANE should be used in the context of SMTP. Postfix implements 35what appears to be a "rational" subset of the DANE profiles that 36is suitable for SMTP. 37 38The problem with conventional PKI is that there are literally 39hundreds of organizations world-wide that can provide a certificate 40in anyone's name. There have been widely-published incidents in 41recent history where a certificate authority gave out an inappropriate 42certificate (e.g., a certificate in the name of Microsoft to someone 43who did not represent Microsoft), where a CA was compromised (e.g., 44DigiNotar, Comodo), or where a CA made operational mistakes (e.g., 45TURKTRUST). Another concern is that a legitimate CA might be coerced 46to provide a certificate that allows its government to play 47man-in-the-middle on TLS traffic and observe the plaintext. 48 49Major changes - LMDB database support 50------------------------------------- 51 52LMDB is a memory-mapped database that was originally developed as 53part of OpenLDAP. The Postfix LMDB driver was originally contributed 54by Howard Chu, LMDB's creator. 55 56LMDB can be used for all Postfix lookup tables and caches. It is 57the first persistent Postfix database that can be shared among 58multiple writers such as postscreen daemons (Postfix already supported 59shared non-persistent memcached caches). See lmdb_table(5) and 60LMDB_README for further information, including how to access Postfix 61LMDB databases with non-Postfix programs. 62 63Postfix currently requires LMDB version 0.9.11 or later. The minimum 64version may change over time in the light of deployment experience. 65 66Major changes - postscreen whitelisting 67--------------------------------------- 68 69[Feature 20130512] Allow a remote SMTP client to skip postscreen(8) 70tests based on its postscreen_dnsbl_sites score. 71 72Specify a negative "postscreen_dnsbl_whitelist_threshold" value to 73enable this feature. When a client passes the threshold value 74without having failed other tests, all pending or disabled tests 75are flagged as completed. 76 77This feature can mitigate the email delays due to "after 220 greeting" 78protocol tests, which otherwise require that a client reconnects 79before it can deliver mail. Some providers such as Google don't 80retry from the same IP address. This can result in large email 81delivery delays. 82 83Major changes - recipient_delimiter 84----------------------------------- 85 86[Feature 20130405] The recipient_delimiter parameter can now specify 87a set of characters. A user name is now separated from its address 88extension by the first character that matches the recipient_delimiter 89set. 90 91For example, specify "recipient_delimiter = +-" to support both the 92Postfix-style "+" and the qmail-style "-" extension delimiter. 93 94As before, this implementation recognizes one delimiter character 95per email address, and one address extension per email address. 96 97Major changes - smtpd access control 98------------------------------------ 99 100[Feature 20131031] The check_sasl_access feature can be used to 101block hijacked logins. Like other check_mumble_access features it 102queries a lookup table (in this case with the SASL login name), and 103it supports the same actions as any Postfix access(5) table. 104 105[Feature 20130924] The reject_known_sender_login_mismatch feature 106applies reject_sender_login_mismatch only to MAIL FROM addresses 107that are known in $smtpd_sender_login_maps. 108 109Major changes - MacOS X 110----------------------- 111 112[Feature 20130325] Full support for kqueue() event handling which 113scales better with large numbers of file handles, plus a workaround 114for timeout handling on file handles (such as /dev/urandom) that 115still do not correctly support poll(). 116 117Major changes - master 118---------------------- 119 120[Incompat 20131217] The master_service_disable parameter value 121syntax has changed: use "service/type" instead of "service.type". 122The new form is consistent with postconf(1) namespaces for master.cf. 123The old form is still supported to avoid breaking existing 124configurations. 125 126Major changes - milter 127---------------------- 128 129[Feature 20131126] Support for ESMTP parameters "NOTIFY" and "ORCPT" 130in the SMFIR_ADDRCPT_PAR (add recipient with parameters) request. 131Credits: Andrew Ayer. 132 133Major changes - mysql 134--------------------- 135 136[Feature 20131117] MySQL client support for option_file, option_group, 137tls_cert_file, tls_key_file, tls_CAfile, tls_CApath, tls_verify_cert. 138Credits: Gareth Palmer. 139 140Major changes - postconf 141------------------------ 142 143[Feature 20131217] Support for advanced master.cf query and update 144operations. This was implemented primarily to support automated 145system management tools. 146 147The goal is to make all Postfix master.cf details accessible as 148lists of "name=value" pairs, where the names are organized into 149structured name spaces. This allows other programs to query 150information or request updates, without having to worry about the 151exact layout of master.cf files. 152 153Managing master.cf service attributes 154------------------------------------- 155 156First, an example that shows the smtp/inet service in the traditional 157form: 158 159 $ postconf -M smtp/inet 160 smtp inet n - n - - smtpd 161 162Different variants of this command show different amounts of output. 163For example, "postconf -M smtp" enumerates all services that have 164a name "smtp" and any service type ("inet", "unix", etc.), and 165"postconf -M" enumerates all master.cf services. 166 167General rule: each name component that is not present becomes a "*" 168wildcard. 169 170Coming back to the above example, the postconf -F option can now 171enumerate the smtp/inet service fields as follows: 172 173 $ postconf -F smtp/inet 174 smtp/inet/service = smtp 175 smtp/inet/type = inet 176 smtp/inet/private = n 177 smtp/inet/unprivileged = - 178 smtp/inet/chroot = n 179 smtp/inet/wakeup = - 180 smtp/inet/process_limit = - 181 smtp/inet/command = smtpd 182 183This form makes it very easy to change one field in master.cf. 184For example to turn on chroot on the smtp/inet service you use: 185 186 $ postconf -F smtp/inet/chroot=y 187 $ postfix reload 188 189Moreover, with "-F" you can specify "*" for service name or service 190type to get a wild-card match. For example, to turn off chroot on 191all Postfix daemons, use this: 192 193 $ postconf -F '*/*/chroot=n' 194 $ postfix reload 195 196Managing master.cf service "-o parameter=value" settings 197-------------------------------------------------------- 198 199For a second example, let's look at the submission service. This 200service typically has multiple "-o parameter=value" overrides. First 201the traditional view: 202 203 $ postconf -Mf submission 204 submission inet n - n - - smtpd 205 -o smtpd_tls_security_level=encrypt 206 -o smtpd_sasl_auth_enable=yes 207 ... 208 209The postconf -P option can now enumerate these parameters as follows: 210 211 $ postconf -P submission 212 submission/inet/smtpd_sasl_auth_enable = yes 213 submission/inet/smtpd_tls_security_level = encrypt 214 ... 215 216Again, this form makes it very easy to modify one parameter 217setting. For example, to change the smtpd_tls_security_level setting 218for the submission/inet service: 219 220 $ postconf -P 'submission/inet/smtpd_tls_security_level=may' 221 222You can create or remove a parametername=parametervalue setting: 223 224Create: 225 $ postconf -P 'submission/inet/parametername=parametervalue' 226 227Remove: 228 $ postconf -PX submission/inet/parametername 229 230Finally, always execute "postfix reload" after updating master.cf. 231 232Managing master.cf service entries 233---------------------------------- 234 235Finally, adding master.cf entries is possible, but currently this 236does not yet have "advanced" support. It can only be done at the 237level of the traditional master.cf file format. 238 239Suppose that you need to configure a Postfix SMTP client that will 240handle slow email deliveries. To implement this you need to clone 241the smtp/unix service settings and create a new delay/unix service. 242 243First, you would enumerate the smtp/unix service like this: 244 245 $ postconf -M smtp/unix 246 smtp unix - - n - - smtp 247 248Then you would copy those fields (except the first field) by hand 249to create the delay/unix service: 250 251 $ postconf -M delay/unix="delay unix - - n - - smtp" 252 253To combine the above steps in one command: 254 255 $ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`" 256 257This is perhaps not super-convenient for manual cloning, but it 258should be sufficient for programmatic configuration management. 259 260Again, always execute "postfix reload" after updating master.cf. 261 262Deleting or commenting out master.cf entries 263-------------------------------------------- 264 265The -X (delete entry) and -# (comment out entry) options already 266exist for main.cf, and they now also work work for entire master.cf 267entries: 268 269Remove main.cf or master.cf entry: 270 $ postconf -X parametername 271 $ postconf -MX delay/unix 272 273Comment out main.cf or master.cf entry: 274 $ postconf -# parametername 275 $ postconf -M# delay/unix 276 277As with main.cf, there is no support to "undo" master.cf changes 278that are made with -X or -#. 279 280Again, always execute "postfix reload" after updating master.cf. 281