Subject: Announce: OpenSMTPD 5.3.2 released OpenSMTPD 5.3.2 has just been released and the archives are available at our main site: www.OpenSMTPD.org OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases. It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD and Linux. We would like to thank the OpenSMTPD community for their help in testing the snapshots, reporting bugs, contributing code and packaging for other systems. This is a bugfix and reliability release mostly, with few new features. Features: ========= * add support for transparent queue compression * fsqueue now keeps a safety disk space / inode 5% reserve * add SECURE and AUTH transmission type as specified in rfc3848 * add db(3) support for "helo" lookups * make "source" no longer required for "helo" lookups * add check to ensure smtpd and smtpctl are "compatible" * add new "error" alias kind to have an alias return 4xx or 5xx * source and session are now logged when relaying * make OpenSMTPD cope gracefully with many former "fatal" cases * detect and cope with "corrupted" envelopes at runtime * smtpd -d no longer implies "debug" logging * smtpd -v no longer requires -d to output debug logging * traces no longer require -dv and can be (de)activated at runtime * add support for Unix sockets in local LMTP deliveries contributed by Gleb Kozyrev BugFixes: ========= * fix logic error in our SSL layer causing possible DoS [1] * fix delivery_lmtp issues when dealing with multi-response LHLO * do not replace '/' with ':' in user.directory token * do not reject [IPv6:...] notation in clients HELO commands * do not close session on *recipient* temporary failures * fix possible spin when admin messes with queue perms at runtime * fix a bug where offline mails are not enqueued unless sent by root * support + as user-part "directory" separator in virtual domains * fix "reject" rules when used with senders * fix mbox deliveries when dealing with bounces * fix smtp-level sender rewriting when dealing with bounces * lowercase keys before performing table lookups * fix MTA to cope with reaching a limit on a MX * assorted minor bug fixes, memleak plugs and improvements * existing but empty ~/.forward should skip expansion contributed by "Naabed" [1] bug exists in both native and portable version but DoS doesn't seem to trigger on OpenBSD. you should update still. Checksums: ========== SHA256 (opensmtpd-5.3.2.tar.gz) = acd8654405b39e856d07b5a5a4feba804b89049d6ca880d582aa0ebf8108a403 SHA256 (opensmtpd-5.3.2p1.tar.gz) = 512a80333d267a3cecf858b5106200a386e96894907e18e105b69cbd27699a08 Support: ======== You are encouraged to register to our general purpose mailing-list: http://www.opensmtpd.org/list.html The "Official" IRC channel for the project is at: #OpenSMTPD @ irc.freenode.net Reporting Bugs: =============== Please read http://www.opensmtpd.org/report.html Security bugs should be reported directly to security@opensmtpd.org Other bugs may be reported to bugs@opensmtpd.org OpenSMTPD is brought to you by Gilles Chehade, Eric Faurot and Charles Longeau.