After a year of development, the launch of the new stable branch of the mail server Postfix, 3.5.0. At the same time, the end of support for the Postfix 3.1 branch, released in early 2016, was announced.
For those who are unfamiliar with Postfix, you should know that this is a free software mail server, which is destined to perform email routing and sending, created with the intention of being a faster, easier to administer and more secure alternative to the widely used Sendmail.
Postfix is one of the projects that combines high security, reliability and performance at the same time, which was achieved thanks to a well thought out architecture and a fairly strict policy for code design and patch auditing.
The software tries to be fast, easy to manage and secureat the same time that it is sufficiently compatible with sendmail not to disturb existing users. So on the outside it is similar to sendmail, but the inside is completely different
What's new in Postfix, 3.5.0?
In this new issue it is noted that support for the HAProxy 2.0 load balancer protocol was added with proxy requests over TCP over IPv4 and IPv6 or without proxy connections to send heartbeat validation requests confirming normal operation.
Also added the ability to force messages to be set to outdated status (undelivered) to return to sender. The status is saved in the delivery queue file in the form of a special attribute, in the presence of which any delivery attempt will lead to the message being returned to the sender, without queuing it to retry delivery attempts ( queue).
The "-e" and "-f" flags were added to the postsup command to set the attribute of an outdated message. The difference between the flag "-F" is that the message is immediately returned to the sender when it is in the queue to resend it. In the output of the mailq and postqueue commands, stale messages are marked with a "#" after the file name.
On clients SMTP and LMTP have been added support for listing multiple hosts to redirect messages to another server. This will try to get the listed hosts to transmit the message in the order that they follow if the first is not available, an attempt will be made to deliver the second, and so on. The listing is implemented for directives relayhost, transport_maps, default_transport and sender_dependent_default_transport_maps.
Another important change is that log behavior changed. Addresses in "from =" and "to =" are now saved using quotes: if the local part of the address contains a space or special characters, the specified part of the address it will be enclosed in quotation marks in the record.
To return the previous behavior to the configuration, added «info_log_address_format = internal«.
Before: from =
Now: from = <"name with spaces" @ example.com>
Of the other changes mentioned in the announcement of the new version:
- The IP addresses obtained from the headers XCLIENT y XFORWARD or through the HaProxy protocol are standardized. The change may lead to a violation of IPv6 subnet assignment and record level compatibility in the policy check_client_access.
- To increase the convenience of interacting with Dovecot, the headers Delivered-To, X-Original-To y Return-Path are attached to the delivery agent SMTP + LMTP using flags = DORX flags in master.cf, similar to local and pipeline delivery agents.
- The procedure to verify the certificates defined in the tables is defined check_ccert_access. First, the client's certificate nugget is verified, and then the client's public key (behavior is as if «search_order = cert_fingerprint, pubkey_fingerprint").
Finally if you want to know more about it About the release of this new version, you can check the details, as well as get the source code for the installation of the new version In the following link.