Version 2.6.8 of Postfix
Release Notes: Postfix no longer automatically appends the system default CA certificates. When pipe-to-command delivery fails with a signal, mail is now correctly deferred, instead of being returned to sender. Poor `smtpd_proxy_filter` TCP performance over loopback (127.0.0.1) connections was fixed by adapting the output buffer size to the MTU. The SMTP server no longer applies the `reject_rhsbl_helo` feature to non-domain forms such as network addresses. The Postfix SMTP server failed to deliver a "421" response and hang up the connection after Milter error.
Other releases
Release Notes: A high load of DSN success notification requests could slow down the queue manager, which is now worked around by making the trace client asynchronous, just like the bounce and defer clients. The local delivery agent ignored table lookup errors in mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps, and alias owner lookup, which is now fixed. Both RHSBL and RHSWL queries for names ending in a numerical suffix are now skipped. The Postfix Milter client reported a temporary error instead of "file too large" in three cases. Linux kernel version 3 support has been added.
Release Notes: A high load of DSN success notification requests could slow down the queue manager, which is now worked around by making the trace client asynchronous, just like the bounce and defer clients. The local delivery agent ignored table lookup errors in mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps, and alias owner lookup, which is now fixed. Both RHSBL and RHSWL queries for names ending in a numerical suffix are now skipped. The Postfix Milter client reported a temporary error instead of "file too large" in three cases. Linux kernel version 3 support has been added.
Release Notes: A high load of DSN success notification requests could slow down the queue manager, which is now worked around by making the trace client asynchronous, just like the bounce and defer clients. The local delivery agent ignored table lookup errors in mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps, and alias owner lookup, which is now fixed. Both RHSBL and RHSWL queries for names ending in a numerical suffix are now skipped. The Postfix Milter client reported a temporary error instead of "file too large" in three cases. Linux kernel version 3 support has been added.
Release Notes: The trace client was made asynchronous, since a high load of DSN success notification requests could slow down the queue manager. The local(8) delivery agent ignored certain table lookup errors. dbl.spamhaus.org rejects lookups with "No IP queries" even if the name has an alphanumerical prefix, so these lookups are now skipped. The "sendmail -t" command reported "protocol error" instead of "file too large", "no space left on device", etc. The Postfix Milter client reported a temporary error instead of "file too large" in three cases. Also, Linux kernel version 3 support has been added.
Release Notes: This version contains a fix for CVE-2011-1720, which affects Postfix SMTP server configurations that use Cyrus SASL authentication. This defect was introduced with the Postfix SASL patch, and is present in all Postfix versions where the command "postconf mail_release_date" reports a value of 20000314 (March 14, 2000) or greater. Note that CVE-2011-1720 does not affect Postfix SMTP servers that use Dovecot SASL authentication. It also does not affect the common Postfix SMTP server configurations that use only Cyrus SASL mechanisms PLAIN and LOGIN.
