ProHoster > Блог > izindaba ze-inthanethi > Iseva yeposi ye-Postfix 3.7.0 iyatholakala

Iseva yeposi ye-Postfix 3.7.0 iyatholakala

Ngemva kwezinyanga ezingu-10 zokuthuthukiswa, igatsha elisha elizinzile le-Postfix mail server likhishwe - 3.7.0. Ngesikhathi esifanayo, yamemezela ukuphela kokusekelwa kwegatsha le-Postfix 3.3, elikhishwe ekuqaleni kuka-2018. I-Postfix ingenye yamaphrojekthi ayivelakancane ahlanganisa ukuphepha okuphezulu, ukwethembeka nokusebenza ngasikhathi sinye, okuzuzwe ngenxa yesakhiwo esicatshangelwe kahle kanye nenqubomgomo eqinile eqinile yokuklama ikhodi nokuhlolwa kwe-patch audit. Ikhodi yephrojekthi isatshalaliswa ngaphansi kwe-EPL 2.0 (Eclipse Public License) kanye ne-IPL 1.0 (IBM Public License).

Ngokusho kocwaningo olwenziwa ngoJanuwari oluzenzakalelayo lweposi ezingaba ngu-500 amaseva, I-Postfix isetshenziswa ku-34.08% (33.66% ngonyaka odlule) yamaseva eposi, isabelo se-Exim singama-58.95% (59.14%), i-Sendmail - 3.58% (3.6%), i-MailEnable - 1.99% (2.02%), i-MDaemon - 0.52% (0.60%), i-Microsoft Exchange - 0.26% (0.32%), i-OpenSMTPD - 0.06% (0.05%).

Okuqanjiwe okuyinhloko:

  • Kungenzeka ukufaka okuqukethwe kwamathebula amancane "cidr:", "pcre:" kanye "regexp:" ngaphakathi kwamanani epharamitha yokumisa ye-Postfix, ngaphandle kokuxhuma amafayela angaphandle noma imininingwane yolwazi. Ukushintsha endaweni kuchazwa kusetshenziswa izikaki ezigoqekile, isibonelo inani elimisiwe lepharamitha ye-smtpd_forbidden_commands manje liqukethe uchungechunge oluthi "XHUMANA THOLA POST regexp:{{/^[^A-Z]/ Thrash}}" ukuze kuqinisekiswe ukuthi ukuxhumana okuvela kumakhasimende athumela udoti. esikhundleni imiyalo ziyalahlwa. I-syntax evamile: /etc/postfix/main.cf: ipharamitha = .. uhlobo lwemephu:{{ rule-1 }, {rule-2 } .. } .. /etc/postfix/master.cf: .. -o { ipharamitha = .. uhlobo lwemephu:{ { umthetho-1 }, { umthetho-2 } .. } .. } ..
  • Umphathi we-postlog manje usefakwe ifulegi le-set-gid futhi, lapho yethulwa, yenza imisebenzi ngamalungelo eqembu le-postdrop, elivumela ukuthi lisetshenziswe izinhlelo ezingafaneleki ukubhala izingodo ngenqubo ye-postlogd yangemuva, evumela ukuguquguquka okukhulu. ekulungiseleleni i-maillog_file futhi kufaka phakathi ukungena kwe-stdout kusuka esitsheni.
  • Usekelo lwe-API olungeziwe lwemitapo yolwazi ye-OpenSSL 3.0.0, PCRE2 kanye ne-Berkeley DB 18.
  • Ukuvikelwa okwengeziwe ekuhlaselweni kwe-brute-force ngokumelene nokushayisana kwe-hash. Lokhu kuvikelwa kusetshenziswa ngokuhlela ngokungahleliwe isimo sokuqala samathebula e-hash agcinwe ku-RAM. Njengamanje, indlela eyodwa kuphela yokwenza ukuhlaselwa okunjalo itholakele, ehilela ukuhlaselwa kwe-brute-force ngokumelene namakheli e-IPv6 amaklayenti e-SMTP kusevisi ye-anvil. Lokhu kudinga ukusungula amakhulu okuxhumana kwesikhashana ngomzuzwana ngenkathi kuzama ngokujikeleza izinkulungwane zamakheli amaklayenti ahlukene. Amakheli e-IPAmanye amathebula e-hash, okhiye bawo abangaqinisekiswa kusetshenziswa idatha yabahlaseli, awakwazi ukuhlaselwa okunjalo, njengoba enomkhawulo wosayizi (i-anvil isebenzise ukuhlanza kwemizuzwana eyi-100).
  • Ukuvikela okuqinisiwe kumaklayenti angaphandle namaseva adlulisela kancane kancane idatha kancane kancane ukuze kugcinwe ukuxhumana kwe-SMTP ne-LMTP kusebenza (isibonelo, ukuvimba umsebenzi ngokudala izimo zokuqeda umkhawulo enanini loxhumo olumisiwe). Esikhundleni semikhawulo yesikhathi ehlobene namarekhodi, umkhawulo ohlobene nezicelo manje ususetshenziswa, futhi umkhawulo wesilinganiso esincane esingaba khona sokudlulisa idatha kumabhulokhi e-DATA kanye ne-BDAT seyengeziwe. Ngokufanelekile, izilungiselelo ze-{smtpd,smtp,lmtp}_per_record_deadline zithathelwe indawo {smtpd,smtp,lmtp}_per_request_deadline kanye ne-{smtpd, smtp,lmtp}_min_data_rate.
  • Umyalo womugqa wokuthunyelwe uqinisekisa ukuthi izinhlamvu ezingaphrinteki, njengemigqa emisha, ziyahlanzwa ngaphambi kokuphrinta ukuze zibe okukhiphayo okuvamile noma ukufometha iyunithi yezinhlamvu ibe yi-JSON.
  • Ku-tlsproxy, amapharamitha we-tlsproxy_client_level kanye ne-tlsproxy_client_policy athathelwe indawo yizilungiselelo ezintsha ezithi tlsproxy_client_security_level kanye ne-tlsproxy_client_policy_maps ukuze kuhlanganiswe amagama amapharamitha ku-Postfix (amagama wezilungiselelo ze-tlsproxyxsmxx izilungiselelo_xxtxxxxxxxxxxxxx
  • Iphutha lokuphatha elivela kumakhasimende esebenzisa i-LMDB selisetshenziswe kabusha.

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster