Subject: Announce: OpenSMTPD 6.6.0 released OpenSMTPD 6.6.0 has just been released. OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases. It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD and glibc-based Linux. The archives are now available from the main site at www.OpenSMTPD.org We would like to thank the OpenSMTPD community for their help in testing the snapshots, reporting bugs, contributing code and packaging for other systems. This is a major release with multiple bug fixes and new features. Dependencies note: ================== This release builds with LibreSSL > 3.0.2 or OpenSSL > 1.1.0. It's preferable to depend on LibreSSL as OpenSMTPD is written and tested with that dependency. In addition, the features parity is not respected, some features will not be available with OpenSSL, like ECDSA server-side certificates support in this release. OpenSSL library is considered as a best effort target TLS library and provided as a commodity, LibreSSL has become our target TLS library. Changes in this release (since 6.4.0): ====================================== - various improvements to documentation and code - reverse dns session matching criteria added to smtpd.conf(5) - regex table lookup support added to smtpd.conf(5) - introduced support for ECDSA certificates with an ECDSA privsep engine - introduced builtin filters for basic filtering of incoming sessions - introduced option to deliver junk to a Junk folder in mail.maildir(8) - fixed the smtp(1) client so it uses correct default port for SMTPS - fixed an smtpd(8) crash on excessively large input - ensured mail rejected by an LMTP server stay queued Experimental features: - introduced a filters API to allow writing standalone filters for smtpd - introduced proxy-v2 support allowing smtpd to operate behind a proxy Checksums: ========== SHA256 (opensmtpd-6.6.0.tar.gz) = fcf4496493d211c7024798b8107194ff6f2469b143b232f8559d36ce98d5d728 SHA256 (opensmtpd-6.6.0p1.tar.gz) = 75a420941963a672b21fe6c820c51de07f1ac94a0d6d4aa4f7364124d85efce9 Verify: ======= Starting with version 5.7.1, releases are signed with signify(1). You can obtain the public key from our website, check with our community that it has not been altered on its way to your machine. $ wget https://www.opensmtpd.org/archives/opensmtpd-20181026.pub Once you are confident the key is correct, you can verify the release as described below: 1- download both release tarball and matching signature file to same directory: for OpenBSD version: $ wget https://www.opensmtpd.org/archives/opensmtpd-6.6.0.sum.sig $ wget https://www.opensmtpd.org/archives/opensmtpd-6.6.0.tar.gz for portable version: $ wget https://www.opensmtpd.org/archives/opensmtpd-6.6.0p1.sum.sig $ wget https://www.opensmtpd.org/archives/opensmtpd-6.6.0p1.tar.gz 2- use `signify` to verify that signature file is properly signed and that the checksum matches the release tarball you downloaded: for OpenBSD version: $ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-6.6.0.sum.sig Signature Verified opensmtpd-6.6.0.tar.gz: OK for portable version: $ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-6.6.0p1.sum.sig Signature Verified opensmtpd-6.6.0p1.tar.gz: OK If you don't get an OK message, then something is not right and you should not install without first understanding why it failed. Support: ======== You are encouraged to register to our general purpose mailing-list: http://www.opensmtpd.org/list.html The "Official" IRC channel for the project is at: #OpenSMTPD @ irc.freenode.net Support us: ======== The project is maintained by volunteers, you can support us by: - donating time to help test development branch during development cycle - donating money to either one of the OpenBSD or OpenSMTPD project - sponsoring developers through direct donations or patreon - sponsoring developers through contracts to write features Get in touch with us by e-mail or on IRC for more informations. Reporting Bugs: =============== Please read http://www.opensmtpd.org/report.html Security bugs should be reported directly to security@opensmtpd.org Other bugs may be reported to bugs@opensmtpd.org