1This is the Postfix 3.2 (stable) release. 2 3The stable Postfix release is called postfix-3.2.x where 3=major 4release number, 2=minor release number, x=patchlevel. The stable 5release never changes except for patches that address bugs or 6emergencies. Patches change the patchlevel and the release date. 7 8New features are developed in snapshot releases. These are called 9postfix-3.3-yyyymmdd where yyyymmdd is the release date (yyyy=year, 10mm=month, dd=day). Patches are never issued for snapshot releases; 11instead, a new snapshot is released. 12 13The mail_release_date configuration parameter (format: yyyymmdd) 14specifies the release date of a stable release or snapshot release. 15 16If you upgrade from Postfix 3.0 or earlier, read RELEASE_NOTES-3.1 17before proceeding. 18 19Invisible changes 20----------------- 21 22In addition to the visible changes described below, there is an 23ongoing overhaul of low-level code. With each change come updated 24tests to ensure that future changes will not 'break' compatibility 25with past behavior. 26 27Major changes - address mapping 28------------------------------- 29 30[Feature 20170128] Postfix 3.2 fixes the handling of address 31extensions with email addresses that contain spaces. For example, 32the virtual_alias_maps, canonical_maps, and smtp_generic_maps 33features now correctly propagate an address extension from "aa 34bb+ext"@example.com to "cc dd+ext"@other.example, instead of 35producing broken output. 36 37Major changes - header/body_checks 38---------------------------------- 39 40[Feature 20161008] "PASS" and "STRIP" actions in header/body_checks. 41"STRIP" is similar to "IGNORE" but also logs the action, and "PASS" 42disables header, body, and Milter inspection for the remainder of 43the message content. Contributed by Hobbit. 44 45Major changes - log analysis 46---------------------------- 47 48[Feature 20160330] The collate.pl script by Viktor Dukhovni for 49grouping Postfix logfile records into "sessions" based on queue ID 50and process ID information. It's in the auxiliary/collate directory 51of the Postfix source tree. 52 53Major changes - maps support 54---------------------------- 55 56[Feature 20160527] Postfix 3.2 cidr tables support if/endif and 57negation (by prepending ! to a pattern), just like regexp and pcre 58tables. The primarily purpose is to improve readability of complex 59tables. See the cidr_table(5) manpage for syntax details. 60 61[Incompat 20160925] In the Postfix MySQL database client, the default 62option_group value has changed to "client", to enable reading of 63"client" option group settings in the MySQL options file. This fixes 64a "not found" problem with Postfix queries that contain UTF8-encoded 65non-ASCII text. Specify an empty option_group value (option_group 66=) to get backwards-compatible behavior. 67 68[Feature 20161217] Stored-procedure support for MySQL databases. 69Contributed by John Fawcett. See mysql_table(5) for instructions. 70 71[Feature 20170128] The postmap command, and the inline: and texthash: 72maps now support spaces in left-hand field of the lookup table 73"source text". Use double quotes (") around a left-hand field that 74contains spaces, and use backslash (\) to protect embedded quotes 75in a left-hand field. There is no change in the processing of the 76right-hand field. 77 78Major changes - milter support 79------------------------------ 80 81[Feature 20160611] The Postfix SMTP server local IP address and 82port are available in the policy delegation protocol (attribute 83names: server_address, server_port), in the Milter protocol (macro 84names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol 85(attribute names: DESTADDR, DESTPORT). 86 87[Feature 20161024] smtpd_milter_maps support for per-client Milter 88configuration that overrides smtpd_milters, and that has the same 89syntax. A lookup result of "DISABLE" turns off Milter support. See 90MILTER_README.html for details. 91 92Major changes - policy delegation 93--------------------------------- 94 95[Feature 20160611] The Postfix SMTP server local IP address and 96port are available in the policy delegation protocol (attribute 97names: server_address, server_port), in the Milter protocol (macro 98names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol 99(attribute names: DESTADDR, DESTPORT). 100 101Major changes - postqueue 102------------------------- 103 104[Incompat 20170129] The postqueue command no longer forces all 105message arrival times to be reported in UTC. To get the old behavior, 106set TZ=UTC in main.cf:import_environment (this override is not 107recommended, as it affects all Postfix utities and daemons). 108 109Major changes - safety 110---------------------- 111 112[Incompat 20161227] For safety reasons, the sendmail -C option must 113specify an authorized directory: the default configuration directory, 114a directory that is listed in the default main.cf file with 115alternate_config_directories or multi_instance_directories, or the 116command must be invoked with root privileges (UID 0 and EUID 0). 117This mitigates a recurring problem with the PHP mail() function. 118 119Major changes - sasl 120-------------------- 121 122[Feature 20160625] The Postfix SMTP server now passes remote client 123and local server network address and port information to the Cyrus 124SASL library. Build with ``make makefiles "CCARGS=$CCARGS 125-DNO_IP_CYRUS_SASL_AUTH"'' for backwards compatibility. 126 127Major changes - smtputf8 128------------------------ 129 130[Feature 20161103] Postfix 3.2 disables the 'transitional' compatibility 131between the IDNA2003 and IDNA2008 standards for internationalized 132domain names (domain names beyond the limits of US-ASCII). 133 134This change makes Postfix behavior consistent with contemporary web 135browsers. It affects the handling of some corner cases such as 136German sz and Greek zeta. See http://unicode.org/cldr/utility/idna.jsp 137for more examples. 138 139Specify "enable_idna2003_compatibility = yes" to restore historical 140behavior (but keep in mind that the rest of the world may not make 141that same choice). 142 143Major changes - tls 144------------------- 145 146[Feature 20160828] Fixes for deprecated OpenSSL 1.1.0 API features, 147so that Postfix will build without depending on backwards-compatibility 148support. 149 150[Incompat 20161204] Postfix 3.2 removes tentative features that 151were implemented before the DANE spec was finalized: 152 153- Support for certificate usage PKIX-EE(1), 154 155- The ability to disable digest agility (Postfix now behaves as if 156 "tls_dane_digest_agility = on"), and 157 158- The ability to disable support for "TLSA 2 [01] [12]" records 159 that specify the digest of a trust anchor (Postfix now behaves 160 as if "tls_dane_trust_anchor_digest_enable = yes). 161 162[Feature 20161217] Postfix 3.2 enables elliptic curve negotiation 163with OpenSSL >= 1.0.2. This changes the default smtpd_tls_eecdh_grade 164setting to "auto", and introduces a new parameter tls_eecdh_auto_curves 165with the names of curves that may be negotiated. 166 167The default tls_eecdh_auto_curves setting is determined at compile 168time, and depends on the Postfix and OpenSSL versions. At runtime, 169Postfix will skip curve names that aren't supported by the OpenSSL 170library. 171 172Major changes - xclient 173----------------------- 174 175[Feature 20160611] The Postfix SMTP server local IP address and 176port are available in the policy delegation protocol (attribute 177names: server_address, server_port), in the Milter protocol (macro 178names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol 179(attribute names: DESTADDR, DESTPORT). 180 181