June 18, 2013
- Add hourly SpamAssassin rule updates from the FSL rules repository
- Speed up reports where a summary table can be used
- New option to enable/disable forced sub-domain routing for a domain
- Change ‘Click Whitelisting’ page to display TTLs in seconds instead of minutes.
- Fix quarantine report links when displayed on Webmail clients that do not support the use of the HTML tag.
- Strip any accidental whitespace from report filters
- Fix SQL error when non-boolean operators are used on boolean fields
- Fix handling of ‘like’ operator when applied to the ‘Client IP Address’ field in the reports.
- Fix pager display when the ‘Back to report’ button is clicked from the Message Detail page.
- Add pager and ‘Back to Reports’ button to the bottom of the page in the Message Listing report.
- Fix the storage and display of comments in the Exception List editor.
- Allow MIME boundaries with leading spaces but not trailing spaces.
- Add missing dependency for unrar
- Upgraded to 0.97.8
- Move sender_auth plugin run order as soon as possible after mail_from.is_resolvable
- If +one-domain-per-session is enabled – only enforce this if the domain cannot be linked to the connected system.
- Improve the greylisting algorithm where the IP address is being used as the host_id but the host can be linked to the sending domain.
- Always run MX records checks even if -mail-require-mx is set.
- Introduce a ‘strict’ mode for check_replyable plugin. The new default is to look up Reply-To, From and Sender headers in that order and to skip the rest as soon as an address is parsed. Strict mode checks all of the headers and they must all resolve to a valid MX.
- Fix incorrect SPF result when an exists: modifier is used and the lookup returns NXDOMAIN.
- Skip any SPF temporary failures if the sender can be authenticated to the connected host.
- Remove any whitespace from input before checking for MX
- check_replyable plugin updated to use the new address-rfc2822 module to parse e-mail addresses from Sender, From and Reply-To headers.
- Improve call-ahead mechanism return codes and error handling. Make sure QUIT is sent in response to 4xx errors received from upstream server before dropping the connection.
- Add X-Haraka-Relay and X-Haraka-RcptSummary headers as trace headers
- Improve concurrent rate-limiting by making concurrency limits process-wide by moving management of concurrency values into the master process.
- Minor fix to data.uribl plugin to check that returned DNS result is an array and not just an empty string.
- Improve handling of access-map DISCARD action when applied by a user-level rule with a multiple recipient message. Other recipients with conflicting actions will now be deferred to force the sender to retry the recipients with matching preferences again later.
- Allow for listening on multiple ports through the same daemon (e.g. port 25 and port 587)
- Move startup/shutdown log level to NOTICE (was INFO)
- Improve parsing of invalid UTF-8 and messages with broken character encodings
- Add new ‘Domain Info’ plugin that provides metadata and a ruleset to SpamAssassin to combat some new types of spam that use freshly registered domains (e.g. < 1 day old) along with looking for common signs of domain configuration used by spam domains.
- Improve async handling of connection timeouts
- Disable SMTP AUTH if -smtp-auth-enable set in smtpf.cf
- Add exponential delay for SMTP AUTH failures to prevent dictionary attacks (1, 2, 4, 8, 16, 32, 64 seconds)
- Add exponential delay for invalid recipients (1, 2, 4, 8, 16, 32, 64 seconds) for incoming domains that correctly reject invalid recipients at SMTP time.