New in OpenSMTPD 5.4.1p1 (Dec 23, 2013)
- Improved configuration file:
- removed last known ambiguity in grammar
- much simpler configuration for TLS-enabled hosts
- most parameters are now swappable in listen and accept rules
- conditions may be negated (ie: accept from ! ...)
- forward-only rules can be declared to impose ~/.forward files
- new "recipient" keyword allows accept rule to provide a whitelist
- sender and recipient tables accept wildcard in their domains
- /!\ configuration file must be edited with this new release ! /!\
- /!\ please refer to smtpd.conf(5) and use smtpd -nf smtpd.conf /!\
- /!\ to validate. /!\
- TLS generic improvements:
- support for TLS Perfect Forward Secrecy
- support for providing custom CA certificate
- MTA improvements:
- mta may now require remote hosts to present valid certificates
- always attempt TLS before falling back to plaintext
- always present certificate if one is available
- AUTH LOGIN now supported
- mta can now specify a EHLO-hostname when relaying
- SMTP server improvements:
- inet4-only and inet6-only listeners are now possible
- listeners may now hide the From part in a Received-line
- listeners may require clients to provide a valid certificate
- banner hostname can now be dynamically fetched from a table
- Queue improvements:
- Introduce an envelope cache in the queue to improve disk-IO pattern
- smtpctl(8) improvements:
- show relays: displays list of currently active relays
- show routes: displays status of routes currently known by smtpd
- show hosts: displays list of known remote MX
- show hoststats: display status of last delivery for active domains
- resume route: resumes route temporarily disable by the MTA
- pause/resume envelope: allows pausing individual envelopes
- pause/resume message: allows pausing individual messages
- encrypt: allows generating credentials suitable for authentication
- show message/envelope is now compression/encryption aware
- documentation:
- table(5) describes format for static, file and db backends
- sendmail(8) describes our "sendmail" interface
- Reduced memory-usage in both general and stressed cases
- OpenSMTPD now automagically upgrades queue if format changes !
- Support Qmail-like "sticky home"
- Support for authenticating users from a credentials table
- Introduce passwd(5) table backend for user and credentials lookup
- Expansion variables in ~/.forward now supports modifiers
- much more efficient scheduler !
- And a lot of minor bug-fixes and internal cleanup !
- Experimental:
- SQLite table backend
- LDAP table backend
- MySQL table backend
- Postgres table backend
- Portable:
- Completely reworked autotools layout
- Limitations:
- No filters support yet (we're almost there)
- No masquerading or address rewrite yet (we're almost there)