Ka dib 14 bilood oo horumarin ah, laan cusub oo xasilloon oo ka mid ah server-ka boostada Postfix - 3.8.0 - ayaa la sii daayay. Isla mar ahaantaana, waxay ku dhawaaqday dhamaadka taageerada laanta Postfix 3.4, oo la sii daayay bilowga 2019. Postfix waa mid ka mid ah mashaariicda naadir ah ee isku dara amniga sare, isku halaynta iyo waxqabadka isla mar ahaantaana, taas oo lagu gaadhay mahadnaqa qaab dhismeedka si wanaagsan looga fikiray iyo siyaasad cadaalad ah oo adag oo loogu talagalay naqshadaynta koodhka iyo xisaabinta balastar. Xeerka mashruuca waxa lagu qaybiyaa EPL 2.0 (Shatiga Dadweynaha Eclipse) iyo IPL 1.0 (IBM Public License).
Marka loo eego sahan otomaatig ah bishii Janaayo oo ku saabsan 400 kun oo adeegayaal boosto ah, Postfix waxaa loo isticmaalaa 33.18% (sanad ka hor 34.08%) server-yada boostada, saamiga Exim waa 60.27% (58.95%), Sendmail - 3.62% (3.58) %), MailEnable - 1.86% (1.99%), MDaemon - 0.39% (0.52%), Microsoft Exchange - 0.19% (0.26%), OpenSMTPD - 0.06% (0.06%).
Hal-abuurka ugu muhiimsan:
- Macmiilka SMTP/LMTP wuxuu awood u leeyahay inuu hubiyo diiwaanada DNS SRV si loo go'aamiyo martigeliyaha iyo dekedda server-ka boostada ee loo isticmaali doono wareejinta fariimaha. Tusaale ahaan, haddii aad ku qeexdo "use_srv_lookup = gudbinta" iyo "relayhost = example.com: soo gudbinta" goobaha, macmiilka SMTP wuxuu codsan doonaa diiwaanka martida loo yahay SRV _submission._tcp.example.com si loo go'aamiyo martigeliyaha iyo dekedda boostada irid. Habka la soo jeediyay waxaa loo isticmaali karaa kaabayaasha kuwaas oo adeegyada leh nambarada dekedda si firfircoon loo qoondeeyay loo isticmaalo gudbinta fariimaha iimaylka.
- Liistada algorithms-yada sida caadiga ah loogu isticmaalo goobaha TLS waxa ka reebaya SEED, IDEA, 3DES, RC2, RC4 iyo RC5 ciphers, MD5 hash iyo DH iyo ECDH algorithms-ga beddelka furaha, kuwaas oo loo kala saaray inay yihiin kuwo duugoobay ama aan la isticmaalin. Marka la qeexayo noocyada "dhoofinta" iyo "hooseeya" ee goobaha, nooca "dhexdhexaadka" dhab ahaantii hadda waa la dejiyay, maadaama taageerada noocyada "Dhoofinta" iyo "hooseeya" lagu joojiyay OpenSSL 1.1.1.
- Waxaa lagu daray goob cusub "tls_ffdhe_auto_groups" si ay awood ugu siiso kooxda FFDHE (Finite-Field Diffie-Hellman Ephemeral) borotokoolka gorgortanka ee TLS 1.3 markii lagu dhisay OpenSSL 3.0.
- Si looga hortago weerarrada loogu talagalay in lagu daaliyo xusuusta la heli karo, isu geynta tirakoobyada "smtpd_client_*_rate" iyo "smtpd_client_*_count" waxaa lagu bixiyaa macnaha guud ee blocks network, cabbirka kaas oo lagu qeexay dardaaranka "smtpd_client_ipv4_prefix_pent_pent_6" (smtpd_client_ipv32_prefix_length Sida caadiga ah /84 iyo /XNUMX)
- Ilaalinta dheeraadka ah ee ka dhanka ah weerarada adeegsada codsiga dib u gorgortanka xidhiidhka TLS ee ku dhex jira xidhiidh hore loo aasaasay oo SMTP si loo abuuro culays CPU aan loo baahnayn.
- Amarka postconf wuxuu bixiyaa digniin faallooyinka la cayimay isla markiiba ka dib qiyamka cabbirka ee faylka qaabeynta Postfix.
- Waa suurtagal in la habeeyo cod-bixinta macmiilka ee PostgreSQL iyada oo la qeexayo sifada "encoding" ee faylka qaabeynta (sida caadiga ah, qiimaha hadda waxaa loo dejiyay "UTF8", iyo markii hore "LATIN1" encoding ayaa la isticmaalay).
- Amarrada boostada iyo boostada, wax-soo-saarka log ee stderr hadda waa la soo saaray iyadoon loo eegin xidhiidhka qulqulka stderr ee terminalka.
- Geedka isha, faylalka "global/mkmap*.[hc]" waxaa loo raray tusaha "util", kaliya faylalka "global/mkmap_proxy.*" ayaa ku haray hagaha guud.
Source: opennet.ru