Bayan watanni 10 na ci gaba, an fito da sabon reshe mai tsayayye na sabar saƙon Postfix - 3.7.0 -. A lokaci guda, ta sanar da ƙarshen tallafi ga reshen Postfix 3.3, wanda aka saki a farkon 2018. Postfix shine ɗayan ayyukan da ba kasafai ba wanda ya haɗu da babban tsaro, amintacce da aiki a lokaci guda, wanda aka samu godiya ga kyakkyawan tsarin gine-gine da ingantaccen tsari don ƙirar ƙira da faci. An rarraba lambar aikin a ƙarƙashin EPL 2.0 (Lasisi na Jama'a) da IPL 1.0 (Lasisin Jama'a IBM).
A cewar wani bincike ta atomatik na watan Janairu na kusan saƙonnin gidan waya 500 sabobin, Ana amfani da Postfix akan 34.08% (33.66% a shekara da ta gabata) na sabar wasiku, rabon Exim shine 58.95% (59.14%), Sendmail - 3.58% (3.6%), MailEnable - 1.99% (2.02%), MDaemon - 0.52% (0.60%), Microsoft Exchange - 0.26% (0.32%), OpenSMTPD - 0.06% (0.05%).
Manyan sabbin abubuwa:
- Yana yiwuwa a saka abubuwan da ke cikin ƙananan tebur "cidr:", "pcre:" da "regexp:" a cikin ma'auni na ma'auni na Postfix, ba tare da haɗa fayilolin waje ko bayanai ba. Ana bayyana maye gurbin wuri ta hanyar amfani da takalmin gyaran kafa, misali tsohuwar ƙimar sigar smtpd_forbidden_commands yanzu ta ƙunshi kirtani "CONNECT SAMU POST regexp:{{/^[^A-Z]/ Thrash}}" don tabbatar da haɗin kai daga abokan ciniki suna aika datti. maimakon umarni an jefar da su. Gabaɗaya syntax: /etc/postfix/main.cf: parameter = .. nau'in taswira: {{dokar-1}, {dokar-2} .. } .. /etc/postfix/master.cf: .. -o {parameter = .. nau'in taswira: {{dokar-1}, {dokar-2} .. } .. ..
- Mai kula da postlog ɗin yanzu yana sanye da tutar saiti-gid kuma, lokacin da aka ƙaddamar da shi, yana aiwatar da ayyuka tare da gata na rukunin postdrop, wanda ke ba da damar yin amfani da shi ta shirye-shiryen marasa gata don rubuta rajistan ayyukan ta hanyar bayanan postlogd na baya, wanda ke ba da damar haɓaka sassauci. a daidaita maillog_file kuma gami da shiga stdout daga akwati.
- Ƙara tallafin API don OpenSSL 3.0.0, PCRE2 da ɗakunan karatu na Berkeley DB 18.
- An ƙara kariya daga hare-haren ƙarfi mara kyau akan karo na hash. Ana aiwatar da wannan kariya ta hanyar yin bazuwar yanayin farko na teburin hash da aka adana a cikin RAM. A halin yanzu, an gano hanya ɗaya kawai ta gudanar da irin waɗannan hare-haren, wanda ya haɗa da hare-haren ƙarfi mara kyau akan adiresoshin IPv6 na abokan cinikin SMTP a cikin sabis na anvil. Wannan yana buƙatar kafa ɗaruruwan haɗin gwiwa na ɗan gajeren lokaci a kowane daƙiƙa yayin gwada dubban adiresoshin abokin ciniki daban-daban ta hanyar zagaye. Adireshin IPSauran teburin hash, waɗanda za a iya tabbatar da maɓallan su ta amfani da bayanan maharan, ba su da sauƙin kamuwa da irin waɗannan hare-hare, domin suna da iyaka girman (anvil ya yi amfani da tsarkakewa na daƙiƙa 100).
- Ƙarfafa kariya daga abokan ciniki na waje da sabar da ke canja wurin bayanai a hankali a hankali kaɗan don ci gaba da haɗin SMTP da LMTP aiki (misali, don toshe aiki ta hanyar ƙirƙirar yanayi don ƙare iyaka akan adadin kafaffen haɗin gwiwa). Maimakon ƙuntatawa lokaci dangane da bayanai, yanzu ana amfani da ƙuntatawa dangane da buƙatun, kuma an ƙara ƙuntatawa akan mafi ƙarancin yiwuwar canja wurin bayanai a cikin DATA da BDAT tubalan. Don haka, an maye gurbin saitunan {smtpd,smtp,lmtp}_per_record_deadline da {smtpd,smtp,lmtp}_per_request_deadline da {smtpd, smtp,lmtp}_min_data_rate.
- Umurnin bayan layi yana tabbatar da cewa haruffan da ba za a iya bugawa ba, kamar sabbin layukan, ana tsabtace su kafin bugu zuwa daidaitaccen fitarwa ko tsara kirtani cikin JSON.
- A cikin tlsproxy, an maye gurbin sigogin tlsproxy_client_level da tlsproxy_client_policy da sabbin saitunan tlsproxy_client_security_level da tlsproxy_client_policy_maps don haɗa sunayen sigogi a cikin Postfix (sunayen saitunan tlsproxy_client_xxx yanzu sun dace da saitunan smt_xx_).
- Kuskuren kulawa daga abokan ciniki ta amfani da LMDB an sake yin aiki.
source: budenet.ru
