Ngemva konyaka wokuthuthukiswa, igatsha elisha elizinzile leseva yemeyili ye-Postfix, inguqulo 3.12.0, selikhishwe. Ngesikhathi esifanayo, ukusekelwa kwe-Postfix 3.7, okwakhishwa ekuqaleni kuka-2022, kuyekisiwe. Ikhodi yephrojekthi ibhalwe ngo-C futhi isatshalaliswa ngaphansi kwe-EPL 2.0 (Ilayisensi Yomphakathi ye-Eclipse) kanye ne-IPL 1.0 (Ilayisensi Yomphakathi ye-IBM).
I-Postfix ingenye yamaphrojekthi angavamile ahlanganisa ukuphepha okuphezulu, ukuthembeka, kanye nokusebenza, okufezwa ngokwakhiwa kwezinqubo eziningi okuhlukanisa abaphathi ngabanye, kanye nenqubomgomo eqinile yesakhiwo sekhodi kanye nokuhlolwa kwe-patch. Ukuze kuvikelwe amaphutha ememori, iphrojekthi isebenzisa izinguqulo ezivikelwe zemisebenzi yokwabiwa kwememori kanye nokwabiwa kwe-deallocation, kanye nesethi yemisebenzi ye-abstract wrapper yokuphathwa kwe-buffer (ukuhlola ukweqiwa kwe-buffer nokufinyelela imemori ekhululekile), imisebenzi yamafayela, ukufometha kokukhipha, i-buffered I/O, kanye nokuphathwa kwezintambo (kufaka phakathi amakhono okusebenza ngezintambo ezinobukhulu obungahleliwe kanye nokushintsha usayizi wezintambo okuzenzakalelayo).
Ngokusho kocwaningo lokugcina oluzenzakalelayo lweposi elicishe libe yi-500 000 amaseva (ukushicilelwa kombiko kuzomiswa ngemuva kukaJulayi 2025), i-Postfix isetshenziswa kumaseva eposi angu-37.88% (36.81% ngonyaka odlule), isabelo se-Exim singama-55.59% (56.61% ngonyaka odlule), i-Sendmail - 3.55% (3.60%), i-MailEnable - 1.81% (1.82%), i-MDemon - 0.40% (0.40%), i-Microsoft Exchange - 0.20% (0.19%), i-OpenSMTPD - 0.12% (0.09%).
Okuqanjiwe okuyinhloko:
- Kuye kwenziwa umsebenzi wokwenza kube lula ukufuduka kusuka kumathebula okubheka "hash:" kanye "btree:" kuya ku-"lmdb:" noma "cdb:" ngenxa yokuyekiswa kwamalayibrari eBerkeleyDB kwezinye izabelo zeLinux. Ukuze kulondolozwe ukuhambisana namathuluzi e-Mailman asebenzisa umyalo we-"postmap hash:/path/to/file" lapho engeza noma esusa uhlu lokuposa, i-Postfix manje isekela ukuqondisa kabusha okuzenzakalelayo kwemiyalo enjalo ezinhlotsheni ezinezinhlobo zedathabheyisi ezisekelwayo.
- Ngokuzenzakalelayo, ukuxhumeka kumaseva e-SMTP kusetshenziswa ukubethela kwe-TLS kuyasebenza. Kuzilungiselelo zeklayenti le-SMTP, ipharamitha ye-smtp_tls_security_level isethwe ku-"may" uma i-Postfix yakhiwe ngokusekelwa kwe-TLS. Inani elithi "may" livumela i-TLS kumaseva asekela ukubethela, kodwa livumela ukubuyela emuva ekudlulisweni kwedatha okucacile uma iseva ingasekeli i-TLS.
- I-ESMTP isekela isandiso se-"REQUIRETLS" (RFC 8689), esivumela umthumeli ukuthi acele ukubethela kwe-TLS okuqinisekisiwe kuyo yonke indlela yokulethwa kwemiyalezo. Kule modi, noma iyiphi iseva ye-SMTP noma ye-LMTP ehlanganyela ekudlulisweni kwemiyalezo kumele isekele i-REQUIRETLS kanye nokuqinisekiswa okuqinile nge-DANE noma i-STS. Uma udlulisela umlayezo ngeketanga kwamanye amaseva, i-REQUIRETLS kumele isetshenziswe futhi.
- Izinga lokuphepha le-TLS manje selibonakala kumalogi, okusho ukuthi uma izinga le-REQUIRETLS lidingeka ukuze kudluliselwe umlayezo, ulwazi mayelana nokusetshenziswa kwe-REQUIRETLS manje seluzogcinwa kulogi.
- Ipharamitha ye-smtp_tls_enforce_sts_mx_patterns ingeziwe. Le pharamitha ivumela ukuhambisana phakathi kweklayenti le-Postfix SMTP kanye nama-plugin e-MTA-STS (MTA Strict Transport Security) adinga ukwesekwa kwe-TLSRPT kokuqondisa kabusha kwezimfanelo ze-STS. Uma le pharamitha inikwe amandla ngokuzenzakalelayo, iklayenti le-Postfix SMTP lizoxhuma kuseva ye-MX kuphela uma igama lalo lifana nephethini echazwe kuzinqubomgomo ze-STS. Ngaphandle kwalokho, ukuziphatha kwefa kuzosetshenziswa—ukuxhuma kumaseva e-MX ngokusekelwe kumarekhodi e-DNS MX uma isitifiketi seseva sihambisana nezinqubomgomo ze-STS. Indlela ye-MTA-STS ivumela ukwazisa iklayenti elixhuma ngesiteshi esingavikelekile mayelana nokwenzeka kanye nemingcele yokusungula uxhumano oluphephile lwe-TLS. Ukusekelwa kwale pharamitha kufakwe futhi kuzinsiza ze-postfix-tlspol kanye ne-postfix-mta-sts-resolver.
- Kungezwe ukwesekwa kwama-algorithms okubethela angamelana ne-quantum lapho kwakhiwe nge-OpenSSL 3.5 kanye nokukhishwa kamuva.
- Amapharamitha okucushwa ayishumi nesithupha ancishisiwe, futhi uma esetshenziswa, isixwayiso sizoboniswa kulogi esibonisa ukususwa kwawo ekukhishweni kwesikhathi esizayo. La mapharamitha ancishisiwe afaka phakathi "amamephu_abonakalayo," "i-fallback_relay," "ama-postscreen_whitelist_interfaces," kanye ne-"smtpd_client_connection_limit_exceptions."
- Kungezwe ukwesekwa kokukhipha idatha ngefomethi ye-JSON yemiyalo: "postconf -j|-jM|-jF|-jP", "postalias -jq|-js", "postmap -jq|-js" kanye ne-"postmulti -jl".
- Ukuphathwa okuthuthukisiwe kwamaphutha kuzihlungi ze-Milter ezenzeka lapho kucutshungulwa imiyalezo etholwe ngokuxhumeka kwe-SMTP osekunesikhathi eside kumisiwe. Ipharamitha ye-#milter_default_action ishintshiwe kusukela ku-"tempfail" kuya ku-"shutdown," okusho ukuvala uxhumano neklayenti.
Source: opennet.ru
