[An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-2.10.1.html]
Postfix stable release 2.10.1, and legacy releases 2.9.7, 2.8.15, 2.7.14 are available. They contain fixes and workarounds that are also part of Postfix 2.11.
Postfix 2.10 only:
Workaround: down-stream maintainers fail to install the new smtpd_relay_restrictions safety net, causing breakage that could have been avoided. We now hard-code the safety net instead.
See the RELEASE_NOTES file for more details.
All supported releases:
Bugfix (introduced: Postfix 2.0): when myhostname is not listed in mydestination, the trivial-rewrite resolver may log "do not list <myhostname value> in both mydestination and <name of non-mydestination domain list>". The fix is to re-resolve a domain-less address after adding $myhostname as the surrogate domain, so that it pops out with the right address-class label. Reported by Quanah Gibson-Mount.
Bugfix (introduced: Postfix 2.3): don't reuse TCP connections when smtp_tls_policy_maps is specified. TLS policies may depend on the remote destination, but the Postfix < 2.11 SMTP connection cache client does not distinguish between different destinations that resolve to the same IP address. Victor Duchovni. Found during Postfix 2.11 code maintenance.
Bugfix (introduced: Postfix 2.2): don't reuse TCP connections when SASL authentication is enabled. SASL passwords may depend on the remote SMTP server hostname, but the Postfix < 2.11 SMTP connection cache client does not distinguish between different hostnames that resolve to the same IP address. Found during Postfix 2.11 code maintenance.
You can find the updated Postfix source code at the mirrors listed at http://www.postfix.org/.