• sendmail snapshot 8.17.0.1 is available

    From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to All on Mon May 31 18:28:48 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    sendmail snapshot 8.17.0.1 is available for testing. Please see
    the first entry in the release notes below - if you know someone
    who might be affected, please tell them about it.

    8.17.1/8.17.1 202X/XX/XX
    Deprecation notice: due to compatibility problems with some
    third party code, we plan to finally switch from K&R
    to ANSI C. If you are using sendmail on a system
    which does not have a compiler for ANSI C contact us
    with details as soon as possible so we can determine
    how to proceed.
    Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533)
    is available when using the compile time option USE_EAI
    (see also devtools/Site/site.config.m4.sample for other
    required settings) and the cf option SmtpUTF8.
    For mail submission the new command line option -U must
    be used to specify SMTPUTF8 and the cf option SmtpUTF8
    must be set in submit.cf.
    Please test and provide feedback.
    Experimental support for SMTP MTA Strict Transport Security
    (MTA-STS, see RFC 8461) is available when using
    - the compile time option _FFR_MTA_STS (which requires
    STARTTLS, MAP_REGEX, SOCKETMAP, and _FFR_TLS_ALTNAMES),
    - FEATURE(sts), which implicitly sets the cf option
    StrictTransportSecurity,
    - postfix-mta-sts-resolver, see
    https://github.com/Snawoot/postfix-mta-sts-resolver.git
    New ruleset check_other which is called for all unknown SMTP
    commands in the server and for commands which do not
    have specific rulesets, e.g., NOOP and VERB.
    New ruleset clt_features which can be used to select features
    in the SMTP client per server. Currently only two
    flags are available: D/M to disable DANE/MTA-STS,
    respectively.
    Avoid leaking session macros for an envelope between
    delivery attempts to different servers. This problem
    could have affected check_compat.
    Avoid leaking actual SMTP replies between delivery attempts
    to different servers which could cause bogus logging
    of reply= entries.
    Change default SMTP reply code for STARTTLS related problems
    from 403 to 454 to better match the RFCs.
    Fix a theoretical buffer overflow when encountering an
    unknown/unsupported socket address family on an
    operating system where sa_data is larger than 30
    (the standard is 14). Based on patch by Toomas Soome.
    Previously the commands GET, POST, CONNECT, or USER terminate
    a connection immediately only if sent as first command.
    Now this is also done if any of these is sent directly
    after STARTTLS or if the 'h' option is set via
    srv_features.
    CDB map locking has been changed so a sendmail process which
    does have a CDB map open does not block an in-place
    update of the map by makemap. The simple workaround
    for that problem in earlier versions is to create
    the map under a different name and then move it
    into place.
    CONFIG: New FEATURE(`check_other') to provide a default
    check_other ruleset.
    MAIL.LOCAL: Enhance some error messages to simplify
    troubleshooting.
    Portability:
    Add support for Darwin 19.
    NOTE: File locking using fcntl() does not interoperate
    with Berkeley DB 5.x (and probably later).
    Use CDB, flock() (-DHASFLOCK), or an earlier
    Berkeley DB version.
    Added Files:
    cf/feature/check_other.m4
    cf/feature/sts.m4
    devtools/OS/Darwin.19.x
    libsmutil/t-lockfile.c
    libsmutil/t-lockfile-0.sh
    libsmutil/t-maplock-0.sh

    Available at:
    https://ftp.sendmail.org/snapshots/sendmail.8.17.0.1.tar.gz https://ftp.sendmail.org/snapshots/sendmail.8.17.0.1.tar.gz.sig

    SHA256 (sendmail.8.17.0.1.tar.gz) = 4847779d1bebf288f2467ab7c4d1425c3f49cb21cce0d571c549d4879f10ee96
    SHA256 (sendmail.8.17.0.1.tar.gz.sig) = 517898cc837175292ba788162944811c5c9e0e517653a933e71515ab00d38ac8
    -----BEGIN PGP SIGNATURE-----

    iQIcBAEBAgAGBQJgtScyAAoJEExm6o1L7hvuHfgP/02YhUjCmwDZJywCPwsW6Thf sQHnh2YDZN1a8pUGXKJsnq3srjIQjiVoqVmwSBrIj8oDtkNgGKCjPlhLbTLMbeTT +sLKIr9rswW2LZQ09SldZygT1xTvRwOIHFziqk67w2O+JChOGAZbtErhY7ogOLdO V88t6Ey6523N3fsl0U5Ga8F6G6igPBoXsUlxNoQ72vEXvWtHD8gCYJT2joizyeBo ZayKrcHFFjctr9NkSxoIt2KkzZMJXtlk5+moMkU/kn33GWcBvZ3sMNZRlBOmpdBj Gh3149kPZh1VCoo81TaxozRMEQYuxJ46gqupuO9GArmsR+P6jXEB2NwI9xXI1BIY iXt0Cv8ZN8AmD+MjATuS3UHXLoJ1N/0MLxHANLpICfkQ4cEHt/kq3NETPJbnx2ZQ T0Du9hloOX6qsnQ+cQ331b14QcytpSWVPbjpqgSFGi0Pqw9kMEAkomfGQy8olOep VuZqUuifYJFrx5c+wcRrmfGZlK1KAw1jnL6ZKQ/ZHadCsYh+jEc2SAdUOUD5MRK3 eqsRGAO90SViyFdYzSIWl7KovDeFE11wgAAC9DeQmnAAhUgpn54nZerKn+OCdJsq xCeBp0JzNydRUlBX0PCJO+pepCq3Niayy5qahgyB4eFaqamKrDzcKX7NXTdNxKZF HVDo9nsGUEgqxzFtZrxy
    =8KUi
    -----END PGP SIGNATURE-----

    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)