The stable Postfix release is called postfix-2.4.x where 2=major release number, 4=minor release number, x=patchlevel. The stable release never changes except for patches that address bugs or emergencies. Patches change the patchlevel and the release date. New features are developed in snapshot releases. These are called postfix-2.5-yyyymmdd where yyyymmdd is the release date (yyyy=year, mm=month, dd=day). Patches are never issued for snapshot releases; instead, a new snapshot is released. The mail_release_date configuration parameter (format: yyyymmdd) specifies the release date of a stable release or snapshot release. Incompatibility with Postfix 2.4.15 =================================== Postfix no longer appends the system-supplied default CA certificates to the lists specified with *_tls_CAfile or with *_tls_CApath. This prevents third-party certificates from getting mail relay permission with the permit_tls_all_clientcerts feature. Unfortunately this change may cause compatibility problems when configurations rely on certificate verification for other purposes. Specify "tls_append_default_CA = yes" for backwards compatibility. Incompatibility with Postfix 2.4.4 ================================== By default, the Postfix Cyrus SASL client no longer sends a SASL authoriZation ID (authzid); it sends only the SASL authentiCation ID (authcid) plus the authcid's password. Specify "send_cyrus_sasl_authzid = yes" to get the old behavior, which is to send the (authzid, authcid, password), with the authzid equal to the authcid. This workaround for non-Cyrus SASL servers is back-ported from Postfix 2.5. Release notes for Postfix 2.4.0 =============================== Major changes - critical ------------------------ See RELEASE_NOTES-2.3 if you upgrade from Postfix 2.2 or earlier. [Incompat 20070122] To take advantage of the new support for BSD kqueue, Linux epoll, or Solaris /dev/poll, you must restart (not reload) Postfix after upgrading from Postfix 2.3. [Incompat 20061209] If you upgrade Postfix without restarting, you MUST execute "postfix reload", otherwise the queue manager may log a warnings with: warning: connect to transport retry: Connection refused [Incompat 20061209] The upgrade procedure adds a new "retry" service to the master.cf file. If you make the mistake of copying old Postfix configuration files over the new files, the queue manager may log warnings with: warning: connect to transport retry: Connection refused To fix your master.cf file, use "postfix upgrade-configuration" followed by "postfix reload". Major changes - safety ---------------------- [Incompat 20070222] As a safety measure, Postfix now by default creates mailbox dotlock files on all systems. This prevents problems with GNU POP3D which subverts kernel locking by creating a new mailbox file and deleting the old one. Major changes - Milter support ------------------------------ [Feature 20070121] The support for Milter header modification requests was revised. With minimal change in the on-disk representation, the code was greatly simplified, and regression tests were updated to ensure that old errors were not re-introduced. The queue file format is entirely backwards compatible with Postfix 2.3. [Feature 20070116] Support for Milter requests to replace the message body. Postfix now implements all the header/body modification requests that are available with Sendmail 8.13. [Incompat 20070116] A new field is added to the queue file "size" record that specifies the message content length. Postfix 2.3 and older Postfix 2.4 snapshots will ignore this field, and will report the message size as it was before the body was replaced. Major changes - TLS support --------------------------- [Incompat 20061214] The check_smtpd_policy client sends TLS certificate attributes (client ccert_subject, ccert_issuer) only after successful client certificate verification. The reason is that the certification verification status itself is not available in the policy request. [Incompat 20061214] The check_smtpd_policy client sends TLS certificate fingerprint information even when the certificate itself was not verified. [Incompat 20061214] The remote SMTP client TLS certificate fingerprint can be used for access control even when the certificate itself was not verified. [Incompat 20061006] The format of SMTP server TLS session cache lookup keys has changed. The lookup key now includes the master.cf service name. Major changes - performance --------------------------- [Feature 20070212] Better support for systems that run thousands of Postfix processes. Postfix now supports FreeBSD kqueue(2), Solaris poll(7d) and Linux epoll(4) as more scalable alternatives to the traditional select(2) system call, and uses poll(2) when examining a single file descriptor for readability or writability. These features are supported on sufficiently recent versions of FreeBSD, NetBSD, OpenBSD, Solaris and Linux; support for other systems will be added as evidence becomes available that usable implementations exist. [Incompat 20070201] Some default settings have been adjusted to better match contemporary requirements: - queue_run_delay and minimal_backoff_time were reduced from 1000s to 300s so that deliveries are retried earlier after the first failure. - ipc_idle was reduced from 100s to 5s, so that tlsmgr and scache clients will more quickly release unused file handles. [Feature 20061209] Improved worst-case (old and new) queue manager performance when deferring or bouncing large amounts of mail. Instead of talking to the bounce or defer service synchronously, this work is now done in the background by the error or retry service. [Feature 20061209] Improved worst-case (new) queue manager performance when delivering multi-recipient mail. The queue manager now proactively reads recipients from the queue file, instead of waiting for the slowest deliveries to complete before reading in new recipients. This introduces two parameters: default_recipient_refill_limit (how many recipient slots to refill at a time) and default_recipient_refill_delay (how long to wait between refill operations). These two parameters act as defaults for optional per-transport settings. Major changes - delivery status notifications --------------------------------------------- [Incompat 20061209] Small changes were made to the default bounce message templates, to prevent HTML-aware software from hiding or removing the text "", and producing misleading text. [Incompat 20060806] Postfix no longer announces its name in delivery status notifications. Users believe that Wietse provides a free help desk service that solves all their email problems. Major changes - ETRN support ---------------------------- [Feature 20061217] More precise queue flushing with the ETRN, "postqueue -s site", and "sendmail -qRsite" commands, after minimization of race conditions. New per-queue-file flushing with "postqueue -i queueid" and "sendmail -qIqueueid". Major changes - small office/home office support ------------------------------------------------ [Incompat 20061217] Postfix no longer requires a domain name. It uses "localdomain" as the default Internet domain name when no domain is specified via main.cf or via the machine's hostname. Major changes - SMTP access control ----------------------------------- [Incompat 20061214] The check_smtpd_policy client sends TLS certificate attributes (client ccert_subject, ccert_issuer) only after successful client certificate verification. The reason is that the certification verification status itself is not available in the policy request. [Incompat 20061214] The check_smtpd_policy client sends TLS certificate fingerprint information even when the certificate itself was not verified. [Incompat 20061214] The remote SMTP client TLS certificate fingerprint can be used for access control even when the certificate itself was not verified. [Incompat 20061209] The Postfix installation procedure no longer updates main.cf with "unknown_local_recipient_reject_code = 450". Four years after the introduction of mandatory recipient validation, this transitional tool is no longer neeed. Major changes - workarounds --------------------------- [Incompat 20070222] As a safety measure, Postfix now by default creates mailbox dotlock files on all systems. This prevents problems with GNU POP3D which subverts kernel locking by creating a new mailbox file and deleting the old one. [Feature 20061209] Better interoperability with non-conforming SMTP servers that reply and disconnect before Postfix has sent the complete message content. [Feature 20061209] Better support for queue file systems on file servers with drifting clocks. Clock skew can be a problem, because Postfix does not deliver mail until the local clock catches up with the queue file's last modification time stamp. On systems with usable futimes() or equivalent (Solaris, *BSD, MacOS, but not Linux), Postfix now always explicitly sets the queue file last modification time stamps while creating a queue file. On systems without usable futimes() (Linux, and ancient versions of Solaris, SunOS and *BSD) Postfix keeps using the slower utime() system call to update queue file time stamps when the file system clock is off with respect to the local system clock, and logs a warning. [Feature 20061006] Individual CISCO PIX bug workarounds are now on/off configurable. This introduces new parameters: smtp_pix_workarounds (default: disable_esmtp, delay_dotcrlf) and smtp_pix_workaround_maps (workarounds indexed by server IP address). The default settings are backwards compatible.