Postfix legacy releases 3.9.2, 3.8.8, 3.7.13, 3.6.17

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.9.2.html]

These releases add forward compatibility with upcoming Postfix and OpenSSL versions, improve PostgreSQL and MySQL performance, and fix minor bugs. This will be the last update for Postfix 3.6.

Fixes for Postfix 3.9.2, 3.8.8, 3.7.13, 3.6.17:

• Forward compatibility: Support for OpenSSL 3.5 post-quantum cryptography. To manage algorithm selection, OpenSSL introduces new TLS group syntax that Postfix will not attempt to imitate. Instead, Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups parameter values to have an empty value. When both are set empty, the algorithm selection can be managed through OpenSSL configuration. Viktor Dukhovni.

• Forward compatibility: ignore new queue file flag bits that may be used with Postfix 3.10 and later. This is a safety in case a Postfix 3.10 upgrade needs to be rolled back, after the new TLS-Required feature has been used.

• Performance: when a mysql: or pgsql: configuration specifies a single host, assume that it is a load balancer and reconnect immediately after a single failure, instead of failing all requests for 60s.

• Bugfix (defect introduced: Postfix 3.4, date 20181113): a server with multiple TLS certificates could report, for a resumed TLS session, the wrong server-signature and server-digest names in logging and Received: message headers. Viktor Dukhovni.

• Bugfix (defect introduced: Postfix 3.3, date 20180107) small memory leak in the cleanup daemon when generating a "From: full-name " message header. The impact is limited because the number of requests is bounded by the "max_use" configuration parameter. Found during code maintenance.

• Bugfix (defect introduced: Postfix 3.0): the bounce daemon mangled a non-ASCII address localpart in the "X-Postfix-Sender:" field of a delivery status notification. It backslash-escaped each byte in a multi-byte character. This behavior was implemented in Postfix 2.1 (no support for UTF8 local-parts), but it became incorrect after SMTPUTF8 support was implemented in Postfix 3.0.

• Bugfix (defect introduced: Postfix 3.6): Reverted the default smtp_tls_dane_insecure_mx_policy setting to "dane" as of Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and 3.10.0. By mistake the default was dependent on the smtp_tls_security_level setting. Problem reported by Ömer Güven.

• Portability: added "include <sys_socket.h>" for a SUNOS5 workaround. Gary R. Schmidt.

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.