XMail Change Log as of Version 1.27
Support for using a chain of SSL certificates, instead of a single one.
Fixed SMTP explicit routing address parsing.
Fixed a bug that made XMail incorrectly handle extremely long header line lengths.
Faster shutdown time on Unix systems.
Tweaked DNS resolution to cope with lame name servers.
Support for greater than 2GB sizes in POP3 server and PSYNC.
Safer temporary file name generation.
Made the temporary directory on Unix, configurable via the "XMAIL_TEMP" environment variable.
Fixed a bug that was caused by the SSL code triggering the XMail binding locking code after XMail has already cleanup.
Fixed a bug in the SMTP external authentication.
Fixed Unix syslog logging facility to consider different logging levels.
Changed SMTP HELP response code to 214.
Fixed a bug where STARTTLS was resetting the session too much, by canceling certain flags/options read inside the SERVER.TAB.
Fixed a bug that happened if a message filter mistakenly remove the message file from under XMail control.
Fixed a bug that make XMail to wrongly report virtual memory sizes on 32 bit systems with larger than 4GB VM space.
Changed the line termination used to store messages into the mailboxes of Unix versions of XMail. Now messages are stored with the OS native LF termination, instead of the RFC CRLF that was used before. This allows other Unix softwares working together with XMail to not be confused by the extra CR present in the line termination.
The "smtprelay" behaviour with respect to 5xx responses from one of the servers in the relay list, has been changed. Now a 5xx response will stop the processing, instead of iterating on the remaining servers of the list.
Avoid to crawl all the USER.TAB file during a "userlist" CTRL command.
Fixed a bug that allowed non-RFC characters inside domain names.
Fixed OSX Leopard build error.
Added "timeo" option to flags execution.
Added "NoAuth", "EnableVRFY" and "EnableETRN" settings inside IP properties.
Added the ability to select SmtpConfig-IP options by local port too (SmtpConfig-IP,PORT).
Added a new -YT command line option to set the timeout used by a POP3 client connection.
Fixed a bug in the RFC822 ATEXT token definition.
If the recipient domain does not have an MX record, and does not have an A record, now XMail bounces immediately.
Fixed OpenSSL connection shutdown to avoid RST packet generation.
Changed SMTP AUTH LOGIN authentication to support the optional inline parameter.
Added IPV6 support. New command line options are available to select XMail's behaviour with respect to IPV4/IPV6 compatibility.
Fixed/strengthened RFC address parsing.
Drop the SMTP connection is case of timeout.
Fixed a bug caused by the new strict host/doman name check added in 1.24 (in the SMTPGW.TAB parsing).
Completely changed the DNS resolution code.
Do not try the A-record delivery in case of temporary DNS/network errors.
Added remote MTA message ID to SMAIL logging.
Added a new "POP3S" option to the POP3LINKS.TAB file, to allow connections to full POP3S remote servers.
Fixed a bug in the SMTP Outbind feature.
Changed POP3 log format to add information about the success or failure of the operation, and to report the number of messages and the total size of the mailbox (in case of successful login).
Added a new "Pop3LogPasswd" SERVER.TAB variable to control if POP3 passwords are logged into the POP3 log file.
Added a new "SmtpNoTLSAuths" SERVER.TAB variable. It allows to specify which SMTP authentications are allowed in non-TLS mode.
Fixed a small memory leak affecting users using the "OutBind" feature.
Removed the "SMTP-TLS" SERVER.TAB variable and replaced with "SmtpGwConfig" that supports the format described in "SMTP GATEWAY CONFIGURATION". The "SmtpGwConfig" allows the user to specify global options for remote SMTP connections.
Added $(RRCPT) macro to SMTP filters.
******************************************************************** * Removed the DynDNS feature. ********************************************************************
Added the new "OutBind" options for PSYNC accounts. It allows to specify the IP of the interface to be used when talking to the remote server.
Added a new "OutBind" option to the "SmtpConfig" SERVER.TAB variables. It allows to specify the IP of the interface to be used when talking to the remote server.
Added a new SMTP.HNPROP.TAB file to drive remote peers SMTP properties through host name.
Added command line options to disable single services.
******************************************************************** * The external SMTP authentication (both server and client) changed. * Changed is also the format of the SMTPEXTAUTH.TAB file. * The external SMTP client authentication has been removed. ********************************************************************
Added the new "Leave" options for PSYNC accounts, that allows messages to be left on the remote server. This option only works if the remote POP3 server supports the UIDL command.
Fixed a bug in the mailbox size check between SMTP and SMAIL layers. This resulted in EFULL errors never returned at SMTP level.
Fixed a bug in alias resolution for aliased users inside aliased domains.
******************************************************************** * SSL support has been added. See the "SSL CONFIGURATION" section of * the documentation to find out how to properly configure XMail. * You MUST do this in order to have SSL support working. ********************************************************************
******************************************************************** * The format of the "DefaultSMTPGateways" SERVER.TAB variable, of the * SMTPFWD.TAB relay list, and of the "smtprelay" list changed * (separator is now the ';' character and can have options attached, * separated by comma). * You need to adjust it according to the new format ********************************************************************
Added new "EnableCTRL-TLS", "EnableSMTP-TLS" and "EnablePOP3-TLS" SERVER.TAB variables.
Added SMTP gateway options to the "DefaultSMTPGateways" variable, to the SMTPFWD.TAB file, and to the "smtprelay" command inside the mail processing files.
Added a new "WantTLS" option to the "SmtpConfig" SERVER.TAB variables.
Added a new "EaseTLS" option to the SMTP.IPPROP.TAB file.
Added a new 'S' SMTP auth option to bypass a "WantTLS" configuration.
Added "SSLUseCertsFile", "SSLUseCertsDir", "SSLWantVerify", "SSLAllowSelfSigned", "SSLWantCert" and "SSLMaxCertsDepth" SERVER.TAB variables to configure XMail's SSL behaviour.
Added STARTTLS SMTP support.
Added STLS POP3 support (and the new CAPA command).
Added SMTPS support.
Added POP3S support.
Added CTRLS support.
Added FAPOP, STLS and FSTLS authentication options to the POP3LINKS.TAB file..
Added a new "SMTP-TLS" SERVER.TAB variable to tell XMail if it has to try to negotiate TLS sessions with remote SMTP servers.
Added SSL support to the CTRL protocol and to the CtrlClnt client.
Changed the filter log to include the full exec string (separated by semicolon).
Fix CTRL "poplnkadd" and "poplnkdel" to accept local domains strings starting with special characters.
Added (finally!) a command line makefile (Makefile.win) to build the whole XMail package without the usage of the MS VC++ IDE.
Reject a CTRL "domainadd" command if an alias domain already exists with the same name.
Changed the CTRL "usergetmproc" command to allow the caller to specify if it is the user or the domain one that is wanted. Or a merges of both, if "DU" is specified in the optional 3th parameter.
Changed the CTRL "usersetmproc" command to allow the caller to specify if it is the user ('U') or the domain ('D') one that is wanted to be set.
Added complex/multiple macro substitution capabilities to external programs argoument lists.
Added strictier SMTP address validation.
Check the mailbox size for every message coming into the mailbox (before it was only done during the SMTP phase).
Do not try to send to the 'A' record if the recipient domain does not exist at all (NXDOMAIN). Bounce immediately instead, avoiding lengthy retry policies.
Added the "wlex" flag to filter lines (works for the SMTP ones only), to exclude execution of the filter line in case the client IP is white-listed inside the ipprop file.
Added the post-RCPT SMTP filter, that is called before XMail acks the client recipient. A new "RCPT=EFILTER" long entry is emitted in case a recipient is rejected by a filter.
Added @@CRCPT (current recipient) and @@FROM (sender email address) macros to SMTP filter substitution.
Allow cmdaliases to work on aliased domains. Before a cmdalias defined on an alias-target domain was not working before the cmdalias check was done before the alias domain resolution.
Added the ability to bypass the SMTP.IPMAP.TAB inclusion using SMTP authentication.
Added a new SERVER.TAB variable "SMTP-IpMapDropCode" to control the drop code to be used for IPs listed inside the SMTP.IPMAP.TAB. Like other codes inside XMail, 1 means drop now, 0 means allow if auth, and -N means add N seconds delay. An immediate drop will emit a "SNDRIP=EIPBAN" log entry.
Added a new SERVER.TAB variable "SmtpMsgIPBan" to control the SMTP message returned in case of SMTP.IPMAP.TAB inclusion.
Added log message when the maximum number of SMTP/POP3/CTRL threads is hit.
Fixed documentation about the spool info line and the SMTP filters info line.
Fixed a build problem on OpenBSD related to the lack of c_r (reentrant C library) library.
Fixed greetings message to be RFC2821 compliant (server host must be first).
Fixed a NAME_MAX build error ond *BSD and Solaris.
Added a "Pop3ScanCur" USER.TAB variable to control the scan of the Maildir's "cur" directory during POP3 message list build. Now XMail only scans the "new" directory as default.
The POP3 before SMTP authentication is now correctly interpreted as real SMTP authentication, by the mean of @@USERAUTH.
'ATTENTION': Fixed a possible cause of buffer overflow in the XMail's sendmail binary.
Changed the DNS MX resolution to allow better handling of partially broken DNS servers configuations.
Added a fix for 64 bits porting compatibility.
Added the ability to exclude filters from execution in case of authenticated user. By pre-pending the filter command token with a token containing "!aex", the filters won't be run if the user authenticated himself.
Added @@USERAUTH macro even to standard in/out filters (before it was only defined for SMTP ones).
Added a new "NoSenderBounce" variable inside the SERVER.TAB file, to enable XMail generated bounce messages to have the empty SMTP sender ('MAIL FROM:<>').
Added a new "SMTP-MaxErrors" variable inside the SERVER.TAB file to set the maximum errors allowed in a single SMTP session (default zero, unlimited).
Added a "LastLoginTimeDate" variable to the "userstat" CTRL command.
Added external aliases support in the CTRL protocol.
The MESSAGE.ID file is now automatically created, if missing.
Changed the logic used to treat domain and user MAILPROC.TAB files. Before, a user's MAILPROC.TAB was overriding the domain one, while now the rules are merged together, with domain's ones first, followed by user's ones.
The maximum mailbox size of zero is now interpreted as unlimited.
Fixed XMail's sendmail to detect non-RFC822 data and handle it correctly.
The IP:PORT addresses emission in spool files (and Received: lines) has been changed to the form [IP]:PORT.
Added filter logging, that is enabled with the new -Qg command line option.
Fixed an error message in the SMTP server, that was triggered by the remote client not using the proper syntax for the "MAIL FROM:" and "RCPT TO:" commands.
Fixed explicit routing through SMTPGW.TAB file.
Fixed a possible problem with file locking that might be triggered from CTRL commands cfgfileget/cfgfileset.
Added a check to avoid the CTRL server to give an error when a domain created with older versions of XMail does not have the domain directory inside cmdaliases.
The SMTP server FQDN variable should be set to the value of "SmtpServerDomain", when this is used inside the SERVER.TAB file.
Fixed a possible memory leak and a possible source of crashes.
Implemented the "filter" command for custom mail processing (MAILPROC.TAB, cmdaliases and custom domains).
If "RemoveSpoolErrors" is set inside the SERVER.TAB file, messages are never frozen. Before there was a special case (delivery failure and delivery notification failure) that could have lead to frozen messages.
Made "aliasdomainadd" to check for the existence of the alias domain (and reject the command if existing).
Introduced a new environment variable recognized by XMail (XMAIL_PID_DIR), to let the user to specify a custom PID file directory (this is for Unix ports only).
Implemented ability to stop custom mail processing upon certain exit codes from external commands execution.
The SPAMMERS.TAB check is now bypassable (see doc for details).
'ATTENTION': Changed the "aliasdomainlist" syntax and output format (see doc for details).
Made (on Unix setups) the PID file name to be dependent on the daemon file name.
Implemeted a domain-wise MAILPROC.TAB and extended its "redirect" and "lredirect" commands to support account specific (USER@DOMAIN) and domain targets (DOMAIN).
Implemented SMTP filters to allow users to reject the SMTP session before and after the remote client data has been received.
Restructured the external program execution environment on Unix ports. Simplified, as a consequence of this, the system dependent portion of XMail (SysDep*).
Fixed a bug in the address range parsing (x.y.w.z/s).
Fixed the alias lookup to perform a better "best match" wildcard selection.
Fixed a bug in the DNS resolved that made XMail to not correctly handle domain CNAMEs.
Added Bcc: removal from message headers in XMail's sendmail.
Added PSYNC logging (-Yl).
Added domain completion to XMail's sendmail when the specified sender address (-f or -F) does not contain one. The environment variable (or registry in Windows) DEFAULT_DOMAIN is looked up to try to complete the address.
Fixed a bug in the return code of
SysAccept() in all Unix versions.
Fixed a bug that was triggered by external command and filter exiting soon. XMail was not able to correctly sync with the child process by losing it. This apply only to Unix versions of XMail.
A notification message is now sent to the sender if the message is handled with "smtp" or "smtprelay" commands and a permanent error happen when sending to the remote SMTP server.
Added a new configuration file "smtp.ipprop.tab" to be able to specify peer IP based configuration option, like for example IP white listing against IP checks.
'ATTENTION': The filter return code has been changed and new return codes are expected to be returned by filters. Please che the documentation and update your filters before starting to use the new version.
Added the ability to specify a custom error message for filters.
Fixed a bug in the string quoting function that showed up when the string was empty ("").
Changed the order used by XMail to check the mailer domain. Now MX check is performed first, then A record check. This caused a slow down for domains having MX records but not A records.
Added two new Received: types to give the ability to hide client information if the SMTP client does authenticate with the server.
Added the rejection map name inside the SMTP log file in case of SNDRIP=EIPMAP error.
Modified XMail's sendmail to add the RFC822 Date: header if missing.
XMail now uses the name of the executable ( without .exe ) to both register the service name and fetch registry variables.
The POP3 server now picks up messages even from the Maildir's "cur" subdirectory.
Implemented a new filters feature that enable the user to stop the selected filters list processing upon receival of certain exit codes.
Fixed the wrong log file name generation when the daylight time is active.
Fixed a bug inside the DNS MX resolver.
Fixed a bug ( Windows OS bug ) that made XMail unable to create domains starting with reserved device names ( COM#, LPT, PRN, CON, ... ). So, for example, a domain named "com4.domain.org" couldn't be created because of this naming conflict.
Fixed a bug that made XMail to not apply filters for local mailing list.
Fixed a bug that made XMail to crash under certain conditions.
Added a "Server:" field to the notification message. It'll report the remote SMTP server host name and IP that issued the error. It will not be present if the error does not originate from a remote SMTP server.
Added a new command line parameter -MD to set the number of subdirectories allocated for the DNS cache files storage.
Messages with non RFC822 conforming headers are now handled by the PSYNC code.
'ATTENTION': The filter architecture has been completely changed. To correctly update to this version you have to create two empty files "filters.in.tab" and "filters.out.tab" inside the $MAIL_ROOT directory. Please refer to the documentation for more information about the new filter architecture. If you are not currently using filters, the simple creation of the two files listed above will be sufficent.
'ATTENTION': The internal spool file format is changed with the new line added ( the 1st one ) that contain various message information. Filters that rely on the internal spool file format must be changed to match the new structure.
Fixed a bug that made XMail to not correctly report zero sized files inside the mailbox.
Added file size to CTRL's "filelist" command.
Fixed a connect-error reporting bug on Windows platform.
Better check for user/domain names.
Changed search pattern for filters. Now a domain name is scanned for all sub-domains.
Fixed a boundary check inside the Base64 decoder.
Added the client FQDN inside the SMTP log file in case the RDNS check is enabled.
Added a new SERVER.TAB variable "SmtpMsgIPBanSpammers" to set the message that is sent to the SMTP client when the client IP is listed inside the file SPAMMER.TAB.
Added a new SERVER.TAB variable "SmtpMsgIPBanMaps" to set the message that is sent to the SMTP client when the client IP is listed inside one of the "CustMapsList".
Added a new SERVER.TAB variable "SmtpMsgIPBanSpamAddress" to set the message that is sent to the SMTP client when the client IP is listed inside the file SPAM-ADDRESS.TAB.
Fixed a bug inside the custom account handling that made XMail to pass the old password instead of the new one.
Added OpenBSD support.
Added a new command line parameter -QT to enable a configurable timeout for filter commands.
Fixed a bug that made XMail to ignore cmdalias accounts when a wildcard alias was matching the account itself.
Added the 'smtprelay' command to the MAILPROC.TAB processing.
Removed the 'wait' command from all custom processing.
Added a new macro @@RRCPT to filters commands to extract the real local recipient.
Changed the way the EXTALIASES.TAB mapping modify the return path. It now change the "Reply-To:" instead of the "From:" to avoid problems with signature verification software.
Implemented logging on SMTP transactions rejected because of mapped IP or failing RDNS check.
Added a new SERVER.TAB variable "SmtpServerDomain" to force the SMTP domain used by XMail in its banner string ( for CRAM-MD5 ESMTP authentication ).
Improved DNS resolution for not existing domains.
Added a variable 'CustomSMTPMessage' inside the server's configuration file SERVER.TAB to enable the postmaster to set a custom message that is appended to the standard XMail error response.
Added log entries in case of relay lists mapped IPs.
Fixed a build error on FreeBSD.
Added a new SERVER.TAB variable 'DisableEmitAuthUser' to block the emission the the header 'X-Auth-User:' for authenticated user.
Added a new USER.TAB variable 'DisableEmitAuthUser' to block the emission the the header 'X-Auth-User:' for authenticated users (this variable overrides the SERVER.TAB one).
Added command line driven mailbox delivery mode (-MM = Maildir , -Mm = mailbox).
Added sysv_inst.sh shell script to help creating SysV boot scripts for XMail.
Fixed a bug in HOSTNAME:PORT handing code inside the PSYNC server.
Fixed a bug introduced in 1.8 in the Windows version that made XMail to have bad behaviour when used with external programs.
Fixed a bug that resulted in XMail generating frozen messages even if the SERVER.TAB variable was set to not create them.
Fixed a bug that made it possible to send a 'MAIL FROM:<@localdomain:remoteaddress>' and to have the message relayed if the IP of the current machine was inside the smtprelay.tab of the machine handling the MX of @localdomain.
Implemented internal mail loop checking (internal redirects).
Added a new MLUSERS.TAB permissions flags 'A', that is similar to 'W' by instead of checking the 'MAIL FROM:<...>' address check the SMTP authentication address (this will prevent malicious users to forge the address to gain write permissions on the list).
Changed XMail's behaviour upon receival on long (RFC compared) data lines on SMTP and POP3 fetch inbound doors. Before the operation was aborted while now data is accepted without truncation, that might make XMail to behave non conforming the RFC.
Added @@RRCPT macro to the 'external' MAILPROC.TAB command to emit the real recipient of the message (@@RCPT could be an alias).
Added HOSTNAME:PORT capability to POP3LINKS.TAB entries.
Added Linux/PowerPC port.
Added 'filelist' CTRL protocol command.
Added SMTP HELP command.
Changed bounce message format to add the last SMTP error and to make it works with Ecartis mail bounce processing.
Changed the XMail's sendmail implementation to accept '-f FROM' and '-F FROM' non standard sendmail paramenter specification.
Fixed a bug inside the PSYNC server code that made XMail to fail to resolve POP3 server addresses.
Various code cleanups.
Fixed a bug inside the POP3 server that caused bad responses to UIDL and LIST commands in case of certain command patterns.
Added support for HOSTNAME:PORT (or IP:PORT) for the DefaultSMTPGateways SERVER.TAB variable.
Added domain aliases cleanup upon main domain removal.
Added 'MaxMessageSize' inside USER.TAB files to override the global (SERVER.TAB) one.
Added a new USER.TAB variable 'UseReplyTo' (default 1) to make it possible to disable the emission of the Reply-To: header for mailing lists.
Fixed a bug that caused XMail to uncorrectly deliver POP3 fetched messages when used togheter with domain masquerading.
Changed index file structure to use an hash table for faster lookups and index rebuilding.
New files inside the tabindex directory now have the extension .hdx and old .idx files can be removed.
Added X-Deliver-To: header to messages redirected with MAILPROC.TAB file.
Added configurable Received: tag option in SERVER.TAB by using the variable 'ReceivedHdrType'.
Added a configurable list of header tags to be used to extract addresses for POP3 fetched messages by using the SERVER.TAB variable 'FetchHdrTags'.
History (change log) entries have been moved from the main documentation file and a new file (ChangeLog.txt) has been created to store change-log entries.
Removed RBL-MAPSCheck (currently blackholes.mail-abuse.org.), RSS-MAPSCheck (currently relays.mail-abuse.org.) and DUL-MAPSCheck (currently dialups.mail-abuse.org.) specific variables and now everything must be handled with CustMapsList (please look at the documentation).
Added NotifyMsgLinesExtra SERVER.TAB variable to specify the number of lines of the bounced message to include inside the notify reply (default zero, that means only header).
The message log file is now listed inside the notification message sent to ErrorsAdmin (or PostMaster ).
Added NotifySendLogToSender SERVER.TAB variable to enable/disable the send of the message log file inside the notify message to the sender (default is off).
Added TempErrorsAdmin SERVER.TAB variable to specify an account that will receive temporary delivery failures notifications (default is empty).
Added a new SERVER.TAB variable NotifyTryPattern to specify at which delivery attempt failure the system has to send the notification message.
Fixed a bug that caused alias domains to have higher priority lookup compared to standard domains.
Fixed a bug in wildcard aliases domain lookup.
Fixed a bug in CTRL command 'aliasdel' that failed to remove aliases with wildcard domains.
Fixed a bug that caused XMail to timeout on very slow network connections.
Fixed a bug that made XMail fail to parse custom maps lists in SERVER.TAB.
Fixed a bug that prevented XMail to add wildcard-domain aliases.
Added a filter feature to the CTRL commands 'domainlist' and 'aliasdomainlist'.
Added an extra message header field 'X-AuthUser:' to log the username used by the account to send the message.
Added Reply-To: RFC822 header for mailing lists sends.
Fixed a Win32 subsystem API to let XMail to correctly handle network shared MAIL_ROOTs.
ORBS maps test removed due old ORBS dead, the SERVER.TAB variable 'CustMapsList' can be used to setup new ORBS (and other) maps.
Fixed a bug in XMail's sendmail that was introduced in version 1.2 and made it to incorrectly interpret command line parameters.
Fixed a bug that made XMail not correctly recognize user type characters when lowercase.
Fixed a bug that caused XMail to not start is the MAIL_ROOT environment variable had a final slash on Windows.
Added a new filter return code (97) to reject messages without notification and without frozen processing.
Added two new command line options -MR and -MS to set the I/O socket buffers sizes in bytes (do not use them if You don't know what You're doing).
Changed system library to have a better performace, expecially on the Windows platform.
Users that are using XMail mainly inside their local LAN are strongly encouraged to switch to this version.
Fixed a bug that enabled insertion of aliases that overlapped real accounts.
A problem with log file names generation has been fixed.
Added a new CTRL command 'userstat'.
Implemented Linux/SPARC port and relative makefile (Makefile.slx).
Extended the XMail version of sendmail to support a filename as input (both XMail format that raw email format) and to accept a filename as recipient list.
Added a new kind of aliases named 'cmdaliases' that implements a sort of custom domains commands on a per-user basis (look at the CmdAliases section).
******************************************************************** * You must create the directory 'cmdaliases' inside $MAIL_ROOT * to have 1.2 work correctly ********************************************************************
Fixed a bug that had XMail not check for the user variable SmtpPerms with CRAM-MD5 authetication.
Fixed a bug in the XMail's sendmail implementation that made it unable to detect the '.' end of message condition.
Fixed a bug in the XMail's sendmail implementation that made it to skip cascaded command line parameters (-Ooet).
Implemented a new XMail's sendmail switch -i to relax the <CR><LF>.<CR><LF> ond of message indicator.
Fixed a bug in the XMail version of sendmail that made messages to be double sent.
The macro @@TMPFILE has been removed from filters coz it's useless.
The command line parameter -Lt NSEC has been added to set the sleep timeout of LMAIL threads.
Added domain aliasing (see ALIASDOMAIN.TAB section).
******************************************************************** * You must create the file ALIASDOMAIN.TAB inside $MAIL_ROOT * (even if empty) ********************************************************************
Added CTRL commands 'aliasdomainadd', 'aliasdomaindel' and 'aliasdomainlist' to handle domain aliases through the CTRL protocol.
Added wildcard matching in the domain part of ALIASES.TAB (see ALIASES.TAB section).
Changed the PSYNC scheduling behaviour to allow sync interval equal to zero (disabled) and let the file .psync-trigger to schedule syncs.
Solaris on Intel support added.
A new filter return code (98) has been added to give the ability to reject message without notify the sender.
A stack shifting call method has been implemented to make virtually impossible for attackers to guess the stack frame pointer.
With this new feature, even if buffer overflows are present, the worst thing that could happen is a server crash and not the attacker that execute root code on the server machine.
Implemented the SIZE ESMTP extension and introduced a new SERVER.TAB variable 'MaxMessageSize' that set the maximum message size that the server will accept (in Kb).
If this variable is not set or if it's zero, any message will be accepted.
A new SMTP authentication permission ('Z') has been added to allow authenticated users to bypass the check.
The SMTP sender now check for the remote support of the SIZE ESMTP extension.
A new SERVER.TAB variable has been added 'CustMapsList' to enable the user to enter custom maps checking (look at the section 'SERVER.TAB variables').
Fixed a bug in 'frozdel' CTRL command.
Fixed a possible buffer overflow bug inside the DNS resolver.
Fixed build errors in MkUsers.cpp and SendMail.cpp (FreeBSD version).
Added the ability to specify a list of matching domains when using PSYNC with masquerading domains (see POP3LINKS.TAB section).
The auxiliary program sendmail now reads the MAIL_ROOT environment from registry (Win32 version) and if it fails it reads from the environment.
Fixed a bug that made XMail to crash if the first line of ALIASES.TAB was empty.
RPM packaging added.
Added a new feature to the custom domain commands 'redirect' and 'lredirect' that will accept email addresses as redirection target.
Fixed a bug in MkUsers.
Added system resource checking before accepting SMTP connections (see 'SmtpMinDiskSpace' and 'SmtpMinVirtMemSpace' SERVER.TAB variables).
Added system resource checking before accepting POP3 connections (see 'Pop3MinVirtMemSpace' SERVER.TAB variable).
A new command line param -t has been implemented in sendmail.
A new USER.TAB variable 'SmtpPerms' has been added to enable account based SMTP permissions.
If 'SmtpPerms' is not found the SERVER.TAB variable 'DefaultSmtpPerms' is checked.
A new USER.TAB variable 'ReceiveEnable' has been added to enable/disable the account from receiving emails.
A new USER.TAB variable 'PopEnable' has been added to enable/disable the account from fetching emails.
Removed the SERVER.TAB variable 'HeloUseRootDomain' and introduced a new one 'HeloDomain' to specify the name to send as HELO domain (look at variable documentation).
If 'HeloDomain' is not specified or if empty then the reverse lookup of the local IP is sent as HELO domain.
Added a new SERVER.TAB variable 'DUL-MAPSCheck' to implement the 'dialups.mail-abuse.org' maps check.
Changed the meaning of the SERVER.TAB variables SMTP-RDNSCheck, RBL-MAPSCheck, RSS-MAPSCheck, ORBS-MAPSCheck and DUL-MAPSCheck to give XMail the ability to delay SMTP commands for clients that fail the check.
The old behaviour (dropped connection) is obtained by setting values greater than zero, while You can set the delay (in seconds) by specifying negative values.
For SMTP-RDNSCheck and DUL-MAPSCheck variables the connection is no more dropped at welcome time but a 'server use forbidden' message is given at MAIL_FROM time.
In this way XMail give authenticated users the ability to get in from 'mapped' IPs.
Fixed a bug that cause XMail to crash if there is an empty line in a MLUSERS.TAB file.
Added a new SERVER.TAB variable 'ErrorsAdmin' that will receive the notification message for every message that has had delivery errors.
The feature to force XMail to initiate a PSYNC transfer has been added. This is implemented by making XMail to check for a file named '.psync-trigger' inside MAIL_ROOT. When this file is found a PSYNC tranfer is started and the file is deleted.
Added a new SERVER.TAB variable 'MaxMTAOps' to set the maximum number of relay steps before to declare the message as looped.
Added SMTP after POP3 authentication and one new command line switch (-Se) to set the expire time of the POP3 IP.
A new SERVER.TAB variable has been added to enable/disable SMTP after POP3 authentication (EnableAuthSMTP-POP3).
Added the replacement for sendmail that will use the local mail delivery of XMail (look at the sendmail section).
The ESMTP command ETRN has been added has long as a new SMTP perm flag 'T' to give access to this feature and a new SERVER.TAB variable 'AllowSmtpETRN' to set the default feature access.
Added a new CTRL command 'etrn' to support the same SMTP feature through the CTRL protocol.
Fixed a bug in filters selection that made XMail to case-sensitive compare user and domain filters.
Changed the name of the default filter to '.tab' instead of 'defaultfilter.tab'.
Finally, FreeBSD port added !!
Added the message ID to the received tag and extended the SMTP log file with the username of the authenticated user (if any).
Fixed a bug in external authentication (POP3).
The USERDEF.TAB file is now checked inside $MAIL_ROOT/domains/DOMAIN before and then in $MAIL_ROOT.
This permit per domain user default configuration.
Added a new CTRL server command 'frozsubmit' to reschedule a frozen message.
Added a new CTRL server command 'frozdel' to delete a frozen message.
Added a new CTRL server command 'frozgetlog' to retrieve the frozen file log file.
Added a new CTRL server command 'frozgetmsg' to retrieve the frozen message file.
Fixed a bug that made XMail to grant Read permissions to mailing lists users.
Fixed a bug that made XMail to delete SMTP rights granted during authentication when sending multiple messages.
Fixed a bug in SMTP CRAM-MD5 authentication.
Fixed a bug that caused XMail to break the header when an headers tag is made by 'tag-name:[CR][LF]tag-string'.
Added the delete functionality to the CTRL command 'uservarsset' by giving the string value '.|rm' the delete capability.
Fixed a buffer overflow vulnerability in CTRL server and added command string validation to all servers.
Added 8BITMIME and PIPELINING support (it was already compliant).
Added a new SERVER.TAB option 'HeloUseRootDomain' to make XMail to use the 'RootDomain' like HELO domain.
Added FINGER service access control based on the peer IP address. A new file FINGER.IPMAP.TAB has been added to MAIL_ROOT with the same meaning of the ones used with SMTP, POP3 and CTRL services.
Fixed a bug that caused XMail to drop the first character of the headers if there was no space between the colon and the header value.
Added extended SMTP log information by adding an extra (last) field to the log file.
Added a new SERVER.TAB variable 'AllowSmtpVRFY' (default off) to enable the SMTP VRFY command.
Added a new SMTP auth flag 'V' to enable VRFY command (bypassing SERVER.TAB settings).
Improved the POP3 sync method to fetch and distribute mail that uses an external POP3 mailbox to collect more accounts togheter. Before the method failed if the user was not in the first 'To:' address, while now all addresses contained in 'To:', 'Cc:' and 'Bcc:' are checked. There is also a new SERVER.TAB variable 'Pop3SyncErrorAccount' whose use is catch all emails that has been fetched but has had delivery errors.
Fixed a bug in 'poplnkenable' CTRL server command.
Changed the report of 'poplnklist' CTRL server command to include the authentication mode and the enabled status.
Fixed a bug in 'poplnkdel' that left around the .disable file.
A new directory 'pop3links' has to be added to store POP3 links disable files for non-local links.
This will fix also a bug in multi-account and masquerading POP3 sync.
A new way to retrieve the POP3 domain has been coded by doing a reverse DNS lookup from the server IP. If the result of the lookup will be xxxx.yyyy.zzzz then XMail will test if xxxx.yyyy.zzzz is handled, then yyyy.zzzz and then zzzz.
The first of these domains that is handled by XMail will be the POP3 domain.
Added a new SERVER.TAB variable 'CheckMailerDomain' that, if on ('1'), force XMail to validate the sender domain ('MAIL FROM:<...@xxx>') by looking up DNS/MX entries.
Fixed the bug that made XMail to not accept users to add if a wildcard alias were defined.
The SMTP command RSET no more clean the authentication status of the client.
Improved MX records resolution and fixed a bug in MD5 algo.
A new USER.TAB variable (for Mailing Lists) 'ListSender' has been added to hide real senders from SMTP protocol.
If this variable does not exist the 'MAIL FROM:<>' command will contain the 'real' sender address.
This variable should be set to the email address of the mailing list admin that will receive all the notification and error messages, preventing this error to reach real senders.
Fixed an RFC conformance bug in SMTP protocol that made XMail to accept the MAIL_FROM command even if the HELO (or EHLO) command was not issued.
Fixed a bug in
SysExec() in Linux and Solaris versions that made all external programs to
have a bad behaviour or fail. This bug was introduced in 0.65 version.
Fixed a bug in the Windows version that results in a failure to resolve MX queries.
This bug was introduced in 0.65.
Complete Linux library rewrite, now using PThread library instead of forking.
Solaris/SPARC port added (HPUX/PARISC incoming).
Removed the -Ma flags for the maximum number of accounts coz it's no more needed due the new Linux system library (now the memory shares is given for free instead of having to rely on IPC).
Removed the -Mk parameter due the IPC stuff removal.
Extra domain aliases has been added (see ALIASES.TAB section).
A new feature has been added to XMail to enable XMail users to prepare mail files in a given format, put them in /spool/local directory and get them delivered by the server (see 'XMail local mailer' section).
Two new directories 'local' and 'temp' must be created inside the 'spool' directory.
The meaning of the command line param '-Mr ...' has changed from days to hours.
Added permissions to mailing list users (see MLUSERS.TAB section). This enable You to have read only users as long as read/write users.
This is implemented by adding a new extra field to MLUSERS.TAB to store permissions ('R' or 'RW').
The lack of this extra field (old MLUSERS.TAB files) will be interpreted as 'RW'.
The command 'mluseradd' has been extended to hold the new permission parameter (see section 'XMail admin protocol').
Added a new CTRL command 'frozlist' to list files that are in frozen status (see section 'XMail admin protocol').
Fixed a bug in the new masquerading feature of XMail (POP3LINKS.TAB).
Fixed a bug that makes XMail crashes when a mail loop condition is detected.
Removed the strict RFC compliant check on messages.
Added a feature that makes usable the new POP3LINKS.TAB fetching option by masquerading incoming recipient. This can be done by replacing the domain part or by adding a constant string to the To: address (see POP3LINKS.TAB section).
Added a new custom domain processing command 'smtprelay' that can be used to route messages to other smtp servers (see section 'Custom domain mail processing').
New search method for custdomains/ files : now the test to find out if the domain sub1.sub2.domain.net will get a custom domain processing is done by looking up sub1.sub2.domain.net.tab , .sub2.domain.net.tab , .domain.net.tab , .net.tab and then .tab.
There is a new POP3 sync method now that enables users that receives mail for multiple recipients into a single external POP3 account to get all mail to be distributed locally.
You've to be sure, to not create mail loops, that all recipients domains are locally handled in a way or another (see section POP3LINKS.TAB).
Added the random order option to SMTPFWD.TAB gateways to randomly select the order of the try list (see section SMTPFWD.TAB).
Added the random order option to 'smtprelay' custom domain processing (see section 'Custom domain mail processing').
The use of
realloc() function has been removed to make place for free()/malloc() due a glibc bug
with such function.
Added a new CTRL command 'userauth' that helps to check users authentication.
This command can be used by external modules that need to check XMail username/password authentication (ex: external IMAP auth modules).
A new file SMTPFWD.TAB has been introduced to supply customizable mail exchangers for external domains (see section SMTPFWD.TAB).
Not local POP3 sync has been introduced to make it possible to download external POP3 accounts without having to setup local accounts (see section POP3LINKS.TAB).
This feature can be used, for example, to catch mails from a set of remote accounts and redirect these to another SMTP server.
Now it's possible to set per IP server port in command line params by specifying bindip[:port] PSYNC flags -Qx has been removed due the new queue system.
A new global command line parameter -Mx has been introduced to setup the queue split level even if my suggestion is to leave the default value (23 , that means that the queue is splitted in 23 * 23 = 529 subdirectories).
******************************************************************** * A new spool format has been coded to enable XMail to handle very * large sending queues. * See section 'XMail spool design' for a description of how the spool * works. * Due to the new spool format the following directories can be * removed: * * custdomains/spool * spool/tmp * spool/errors * spool/logs * spool/locks * * You've to leave XMail flush its queue (spool) before upgrading * to this version. * A more complex solution, if You've a lot of file pending into the * spool, is : * * 1) Stop XMail * 2) Upgrade to 0.61 * 3) Start XMail and wait it has created all the queue tree structure * 4) Stop XMail * 5) Move all old spool/ files into 0/0/mess * 6) Rename all spool/logs/ files removing the .log extension * 7) Move all spool/logs/ file into 0/0/slog * 8) Now You can remove the above directories and restart XMail ********************************************************************
ORBS relays checking has been added and is activated by the new SERVER.TAB option 'ORBS-MAPSCheck'.
A new SERVER.TAB variable 'AllowNullSender' (default true) has been introduced to change the XMail default behaviour that reject null sender messages. Now if You want null sender messages to be rejected You've to set this variable to zero.
Fixed a bug in Linux XMail debug startup.
Now SMTP authentication does a previous lookup in mailusers.tab using the complete email address as username (@ or : as separators).
Authenticated users will get the permission stored in the new 'DefaultSmtpPerms' SERVER.TAB variable.
The XMail executable filename has been modified to XMail.
A better (even if not perfect) Linux SysV startup script (xmail) has been coded.
Fixed a bug in locking procedures (.lock file oriented) and introduced a correct SIGPIPE handling.
Improved I/O performance due to a new way of sending files through TCP/IP connections, to a more efficent way to copy message files and to a reduced number of temporary files that are created by XMail.
DNS MX queries caching has been added to lower DNS network traffic and to speed up message delivery.
A new directory dnscache must be added to MAIL_ROOT as long as the two subdirectories dnscache/mx and dnscache/ns .
A possible buffer overflow error has been fixed.
Some code rewrites.
Maildir mailbox format has been introduced as an optional mail storage other than the proprietary mailbox structure (You need to change CFLAGS definition in Makefile.lnx to build the Maildir version of XMail or edit SvrConfig.h defining CONFIG_MAILDIR for both Linux and NT version).
If You want to switch to the new Maildir version You MUST convert Your accounts and You MUST create a tmp directory inside $MAIL_ROOT/spool.
The maximum number of recipients for a single SMTP message has been made tunable by a new command line parameter (-Sr ... , default 100).
Fixed a small memory leak in SMTP server in case of multiple recipients.
New POP3 username/domain separator (:) has been introduced other than (@) that is not a valid char for Netscape mail system.
A buffer overflow bug has been corrected (the bug outcrop when a line is longer than the supplied buffer and a newline char is exactly placed at the buffer[sizeof(buffer)-1]).
Mail loop check has been introduced.
Fixed a bug that makes XMail unable to correctly handle SMTP lines terminated by <CR><CR><LF>.
SMTP server 'Received:' tag has been changed to suite 'MAIL FROM:<>' and 'RCPT TO:<>' addresses.
Fixed a SERIOUS bug introduced with the new indexing features of XMail that makes names case sensitive. You must also empty the tabindex directory to enable XMail to rebuild indexes in a case insensitive way. Update SOON to this version.
The maximum number of accounts has been removed due the new locking method.
Now the -Ma ... parameter give XMail a way to allocate locking resources, but it's not as strict as it was with previous versions.
New CTRL commands has been added (cfgfileget, cfgfileset).
A new command line utility to create user accounts based on a formatted text file has been added (watch at MkUsers section).
******************************************************************** * WARNING * The MAIL_ROOT directory organization has been changed ! * A new directory domains MUST be created inside MAIL_ROOT to get * a cleaner configuration for XMail installations that handle * several domains. * In order to use this new version You MUST move Your domains * directories inside the new domains directory ********************************************************************
SMAIL scheduling times in sending messages has been changed (see -Qi command line option).
The file domains.tab has been put under index.
Completely rewrited lock procedures.
New CTRL commands has been added (usergetmproc, usersetmproc, custdomget, custdomset, custdomlist).
A syntax bug has been corrected, 'SMTP-RARPCheck' leave place to the correct 'SMTP-RDNSCheck'.
Now the files mailusers.tab , aliases.tab and extaliases.tab are indexed for a faster lookup in case of having several thousands of users and / or aliases. For this need a new directory named tabindex __MUST__ be added to MAIL_ROOT path.
As a consequence of this new feature You __CANNOT__ edit files under index while XMail is running.
POP3 mailbox locking method is changed to speedup startup time in case of thousand of users.
Remember to __ADD__ the directory pop3locks inside MAIL_ROOT path.
A user level grained control over incoming POP3 connections based on peer IP has been added (see at the section dedicated to POP3.IPMAP.TAB).
A new XMail command line parameter has been added to increase the maximum number of accounts that can be handled by the server (now defaults to 25000 while previous versions defaults to 7500).
Fixed a bug in XMail alias removal.
Some code rewrites.
The ability to setup a spammer protection based on sender address has been added (see section dedicated to SPAM-ADDRESS.TAB).
The ability to disable PSYNC server by setting sync timeout to zero (-Yi 0) has been added.
SMTP client authentication has been added (see SMTP Client Authentication section).
SMTP server authentication (PLAIN LOGIN CRAM-MD5) has been added (see SMTPAUTH.TAB description).
SMTP server custom authentication has been added (see SMTPEXTAUTH.TAB description).
Added 'aliaslist' command to controller server.
Wildcard matching has been added in 'userlist' and 'aliaslist' controller server commands.
Fixed a SERIOUS bug in
SysExec() on Linux port - upgrade asap Your version.
MD5 authentication has been added to CTRL server to enforce server security (watch at XMail admin protocol section).
Users of CTRL protocol are ancouraged to use this new authentication mode.
POP3 TOP command has been implemented.
Fixed a SERIOUS bug in custom (external) POP3 authentication procedures, it always give auth :(( APOP POP3 authentication has been added to POP3 server as long as to PSYNC server (POP3 client).
PSYNC server configuration file (POP3LINKS.TAB) IS CHANGED to enable APOP authentication (watch at POP3LINKS.TAB section).
The command 'poplnkadd' of CTRL server has been extended to another parameter that store authentication method to be used.
Correct handling of mail routing through 'RCPT TO: <>' has been added (see Mail Routing Through Addresses section).
Added wildcard matching and complex mail routing in SMTPGW.TAB.
Fixed a bug in PSYNC server that makes XMail to test for '+OK ' response instead that for '+OK' (and '-ERR ' for '-ERR').
Added configuration steps in Part 7 of this doc.
The ability to handle custom (external) POP3 authentication procedures has been added (see section External Authentication).
Bug fixes in controller server and in PSYNC server.
Added --install-auto to install XMail as an autostart service (NT).
Better reliability in custom domain processing has been coded (REMEMBER to add the spool directory inside custdomains ).
Improved delivery error logs for a better problem understanding and fix.
Some code rewrites.
CtrlClnt improved in error control and bug fixes.
Changes in controller protocol for commands that has output.
The command 'userpasswd' has been added in controller server to allow user password changes.
Bug fixes in controller server.
Added wildchar (* ?) compare in aliases that allow to give a default processing to group of users (ie users that does not have an account).
XMail init.d startup script has been added (xmail).
Added CtrlClnt to give a access to remote administration of XMail (see CtrlClnt section).
This permit You to add, delete, list users as long as many other administration procedures (see XMail controller protocol).
Closed mailing lists has been added ('ClosedML' variable in USER.TAB).
The concept of filtering as message content testing has been extended to a message processing (address rewriting, attachment purging, etc ...).
Now message filtering can have a 'per user' processing to give a more fine grained control.
Added the way to specify a default domain filter with the presence of the file defaultfilter.tab into the filters subdirectory.
Improved PSYNC error handling.
Improved shutdown condition sensing (read Server Shutdown section).
Fixed a bug in SysDepLinux.cpp in function
SysMakeDir() - permission mask changed to 0700.
Improved external programs execution behaviour under NT (no console is displayed).
Added the option to setup domain message filters with external programs exection (remember to add the filters subdirectory if You're upgrading an existing XMail).
This can help to filter messages based on its content to avoid mail worms and viruses that travel in attachments with given dangerous extensions.
******************************************************************** * WARNING * The spool file format is changed ! * In order to use this new version You MUST flush the spool before * starting the new version of XMail. ********************************************************************
MscMoveFile() to avoid errors in all cases where files are
positioned on differents mount points (Unixes versions).
Added log files rotate function as long as a new command line parameter (-Mr ndays) to specify the rotate delay.
Added message-id to SMAIL and SMTP log file.
Added @@MSGID macro in custom mail processing (external commands).
Added @@MSGREF macro in custom mail processing (external commands).
Now messages coming from external POP3 links are pushed into the spool and not directly into the target user mailbox - this enable custom user mail processing also on this kind of messages.
Added 'lredirect' command to MAILPROC.TAB that makes XMail to impersonate the local domain when redirect messages.
Added 'lredirect' command to custom domain mail processing that makes XMail to impersonate the local domain when redirect messages.
A @@TMPFILE macro has been added to MAILPROC.TAB syntax as long as to custom domain processing syntax. It will create a temporary file which hold the copy of the message.
It's external program resposibility to delete such file when it has finished its processing.
Messages generated as response to a delivery failure has target address remapped with the meanings of the file EXTALIASES.TAB.
Fixed a bug that makes XMail write a bad 'Received: ...' message tag.
This error cause mail readers to display bad message's datetimes.
Added 'uservars' command to the controller protocol to list user defined variables.
Added 'uservarsset' command to the controller protocol to set user defined variables.
IP access control has been added to POP3, SMTP and CTRL servers (pop3.ipmap.tab , smtp.ipmap.tab , ctrl.ipmap.tab). I suggest You to setup at least ctrl.ipmap.tab.
Permanent SMTP error detect has been added to avoid to send N times a message that will be always rejected.
Some code rewrite.
Linux daemon startup code has been added.
Modified the means of 'smtprelay.tab' and 'spammers.tab' with the introduction of a netmask (MODIFY YOUR FILES EVEN IF FOR NOW THE OLD VERSION IS STILL SUPPORTED !).
Service threads limit has been added to POP3 and SMTP servers.
Fixed a bug in new Linux semaphore code.
Added 'POP3Domain' configuration variable that gives the possibility to set the default (primary) POP3 domain.
Users of such domain can log to the server using only the name part of their email address.
Enached daemon (or service) mode with no messages printed onto console.
A -Md flag has been added to activate the debug mode that will restore verbose behaviour.
Error messages, in daemon mode, will be now printed to
or to EventViewer (NT).
Improved semaphore handling in Linux that prevent from allocation a great number of semaphores. SysV semaphore array capability of Linux is used to reduce the number of allocated semaphores.
Fixed other possible points of buffer overflow attacks.
My Co. XMail server has reached 100000 messages exchanged without a single crash ! Custom domain mail processing has been added.
MAIL_CMD_LINE environment (or registry) has been added to give XMail a way to get a command line even when it's started as service.
Command line option -?I xxx.yyy.zzz.www has been added to bind to specified server interfaces.
Added UIDL POP3 server command to make XMail work with clients that needs that feature.
Fixed a bug that prevent to send mail introduced with the previous version.
Fixed a bug that can cause XMail to fall in a long CPU eating loop.
Added a delay to bad POP3 logins to prevent POP3 mailboxes attacks.
Added the option to shutdown the connection in a bad POP3 login case.
Fixed a bug that makes XMail (as NT service) shutdown at user logoff.
Fixed a bug that makes XMail unable to work with machine that are unable to RDNS its own socket addresses.
Fixed some possible points of buffer overflow attacks.
Added 'poplnkenable' controller command.
Added RSS maps check option (relays.mail-abuse.org).
Added VRFY SMTP command.
Coded a better Service exit under Windows NT.
Added MAILPROC.TAB that enable custom processing of user messages.
Fixed a compilation bug under certain distributions of Linux.
The ability to make a dynamic DNS registration has been added with the 'DynDnsSetup' configuration option in SERVER.TAB.
'SmartDNSHost' option added to redirect all DNS queries to a list of DNS hosts. This option can be used to avoid MSProxyServer-WS2_32.DLL bug that not allow to send UDP packets out of the local net.
User mailbox size check has been added.
Added UDP DNS query support when searching MX records.
This fixes a bug that makes XMail unable to send its mails if it deals with name servers that works only in UDP.
Fixed a bug that prevent XMail POP3 server to handle multiple domains if there are more nic-names over a single IP address.
Improved controller protocol.
Added RBL maps check option (rbl.maps.vix.com).
Added 'spammers.tab' file that control SMTP client connections.
Added controller login check.
Fixed a bug caused by a case sensitive compare in domain and users names.
Improved controller protocol for remote admin.
Fixed a Linux compilation bug and implemented controller protocol for remote admin.
Log locking and some code rewrite.
Added DNSROOTS file to avoid to repeat queries for roots domains.
Fixed a bug that can lead to a infinite loop under DNS queries.
Some code rewrite.
Improved DNS search for MX records (bug fix).
Some code rewrite.
Now if there are no MX records for destination domain, it'll be tried an SMTP connection to that domain directly.
Some code rewrite and SMTP RDNS check added.
Bug Fixes, some code rewrite and added NT service startup.