After 10 months of development, a new stable branch of the Postfix mail server, 3.7.0, was released. At the same time, the end of support for the Postfix 3.3 branch, which was released in early 2018, was announced. Postfix is one of the rare projects that combines high security, reliability and performance at the same time, which was achieved thanks to a well-thought-out architecture and a rather rigid policy for coding and patch auditing. The project code is distributed under EPL 2.0 (Eclipse Public license) and IPL 1.0 (IBM Public License).
According to a January automated survey of about 500 thousand mail servers, Postfix is used on 34.08% (33.66% a year ago) of mail servers, Exim's share is 58.95% (59.14%), Sendmail - 3.58% (3.6%), MailEnable - 1.99% ( 2.02%), MDaemon - 0.52% (0.60%), Microsoft Exchange - 0.26% (0.32%), OpenSMTPD - 0.06% (0.05%).
Main innovations:
- Added the ability to in-place the contents of small tables "cidr:", "pcre:" and "regexp:" inside Postfix configuration parameter values, without including external files or databases. In-place substitution is defined using curly braces, for example, the default value of the smtpd_forbidden_commands parameter now contains the string "CONNECT GET POST regexp:{{/^[^AZ]/ Thrash}}", which causes connections to be dropped from clients that send garbage instead of commands. General syntax: /etc/postfix/main.cf: parameter = .. map-type:{ { rule-1 }, { rule-2 } .. } .. /etc/postfix/master.cf: .. -o { parameter = .. map-type:{ { rule-1 }, { rule-2 } .. } .. } ..
- The postlog handler is now equipped with the set-gid flag and, at startup, it performs operations with the privileges of the postdrop group, which allows it to be used by unprivileged programs to write logs through the postlogd background process, which allows for more flexibility in setting maillog_file and implement, among other things, logging stdout from the container.
- Added API support for OpenSSL 3.0.0, PCRE2 and Berkeley DB 18 libraries.
- Added protection against attacks to detect collisions in hashes by brute-force keys. Protection is implemented through randomization of the initial state of hash tables stored in RAM. Currently, there is only one way to carry out such attacks, which is associated with enumeration of the IPv6 addresses of SMTP clients in the anvil service and requires the establishment of hundreds of short-term connections per second while cycling through thousands of different client IP addresses. The rest of the hash tables, whose keys can be checked based on the attacker's data, are not subject to such attacks, since they have a size limit (in anvil, cleaning was applied every 100 seconds).
- Enhanced protection against external clients and servers that transmit data very slowly bit by bit to keep active SMTP and LMTP connections (for example, to block work by creating conditions for the limit on the number of established connections to be exhausted). Instead of time limits in relation to records, a limit in relation to requests has now been applied, and a limit has been added to the minimum possible data transfer rate in DATA and BDAT blocks. Accordingly, the {smtpd,smtp,lmtp}_per_record_deadline settings were replaced by {smtpd,smtp,lmtp}_per_request_deadline and {smtpd, smtp,lmtp}_min_data_rate.
- The postqueue command cleans up non-printing characters, such as newlines, before printing to standard output or formatting the string into JSON.
- In tlsproxy, the tlsproxy_client_level and tlsproxy_client_policy parameters have been replaced by new tlsproxy_client_security_level and tlsproxy_client_policy_maps settings to unify the parameter names in Postfix (the tlsproxy_client_xxx settings name now matches the smtp_tls_xxx settings).
- Reworked error handling from clients using LMDB.
Source: opennet.ru