MINI MINI MANI MO
# Legend:
# --- = A new release
# + = Added a feature (in a backwards compatible way)
# ! = Changed something significant, or removed a feature
# * = Fixed a bug, or made a minor improvement
--- 1.3.2 (2015-08-12)
* Fix python3 incompatibility in cases where HELO name is somehow missing
(LP: #1184102)
* Updated README to mention the minimum ipaddr version, if needed, is 2.1.10
(LP: #1229862)
* Fix up header caching (LP: #1422325)
* Fix and refactor for simplicity detection of Authserv_Id missing from
configuration (LP: #1484239)
* Add try/except around SPF record queries of No_Mail option to avoid errors
on bogus TXT records
--- 1.3.1 (2014-06-14)
* Fix case where, when run with python3 the policy server would choke on
email addresses that contained non-ascii characters (LP: #1325579)
--- 1.3 (2014-05-09)
! Updates related to the new SPF RFC, RFC 7208
- Added new config option, Lookup_Time, to adjust SPF record timeout limit
(default 20 seconds per RFC 7208) Requires at least pyspf 2.0.7
- Added new config option, Void_Limit, to enable the new void lookup limit
instroduced in RFC 7208 to be adjusted - Default is 2 as recommended in
RFC 7208, section 4.6.4. Has no effect on pyspf before 2.0.9.
- Updated documentation to refer to RFC 7208 (and RFC 7001 for
authentication results)
- Updated descriptions in documentation to describe spec compliance
relative to RFC 7208 instead of RFC 4408
* Guard against crashes when forming header field contents if the receiver
is somehow missing
--- 1.2 (2013-07-25)
! Added external dependency on ipaddr module for python versions < 3.3
* Fix PTR whitelist to work with IPv6 connections (patch from Frank
Hunszinger) - LP: #1179266
* Replace custom code with use of ipaddr/ipaddress to perform CIDR matching
! CIDR network definitions are now more limited to correct networks
- Double slashes are no longer allowed
- Updated defaults and documentation for skip_addresses to match
--- 1.1.2 (2013-05-10 13:13 -0400)
Brown paper bag release
* Add MANIFEST.in and rename in setup.py to make package compatible with
using sdist (fixes missing files in 1.1.1)
--- 1.1.1 (2013-05-10 12:23 -0400)
* Fixed documentation to be more compatible with running with Python3.
--- 1.1 (2012-07-21 21:30 -0400)
+ Ported to Python 3. Tested on python3.2, python2.7, and python2.6.
Versions previous to python2.6 will not work.
--- 1.0 (2012-03-17 23:34 -0400)
* Fixed missing authentication results headers for no authentication
performed cases (when authres is enabled)
* Fixed ambiguous config file warning in per user processing
* Make functions private (leading underscore)
* Fixed erroneous use of syslog.LOG_ERR in per user processing
--- 0.9 (2012-01-10 22:35 -0500)
+ Add support for optionally generating RFC 5451 authentication results
headers
+ Add new Header_Type configuration option to support generating RFC 4408
Received-SPF and/or RFC 5451 Authentication-Results headers (default is
Received-SPF)
! Changed license from GPL version 2 to Apache 2.0 with agreement from all
copyright holders
* Log message to the error facility for all OSErrors
* Instead of crashing if per user configuration is missing, continue with
global configuration
* Use openspf.net instead of openspf.org for Why text in reject/defer
messages due to extended openspf.org downtime
* Fix install location of standard config file when installed with distutils
* Fix example syntax in policyd-spf.peruser.5
* Update and clarify inconsistencies in policyd-spf.conf.5
--- 0.8.1 (2010-11-27 22:41 -0500)
* Prepend headers even when defaultSeedOnly = 0 (now does what's documented)
* Fix typos in policyd-spf.conf(5)
--- 0.8 (2010-02-17 01:38 -0500)
+ Add Domain_Whitelist_PTR to allow whitelisting from SPF tests based on
rDNS PTR match (patch from Colin Stewart <colin@owlfish.com>)
* Only check Domain_Whitelist if it actually exists in the configuration
+ Add No_Mail option to allow for only rejecting from hosts/domains that
send no mail ("v=spf1 -all")
+ Add ability to provide per user (per recipient) settings
* Fixed a bug so that skipping SPF checks due to localhost or any whitelist
settings does not prepend multiple headers per message for multi recipient
messages
* Fixed a bug so that non-reject HELO results are correctly used when Mail
From checks are disabled (No_Check)
* Clean up unused code in policydspfsupp.py
--- 0.7.3 (2010-01-07 01:00 -0500)
* No longer require Python 2.5 (Thanks to Matthew Munsey
<openspf@msm.unending.org>)
* Update copyright for new year
* Update for new project location
* Clean up imports (PEP-8 style, remove redundancy, removed unused)
* Remove deprecated licence distribution option from setup.py
--- 0.7.2 (2009-10-22 02:54 -0400)
! Require at least Python 2.5
* Fix to not crash on invalid senders that lack a domain part
* Remove unused imports of deprecated popen2 module
--- 0.7.1 (2008-07-25 23:54 -0400)
* Fix default log level in policyd-spf.conf.commented to match default
* Update configuration recommendations in policyd-spf.1
--- 0.7 (2008-06-22 13:45 -0400)
+ Reject option for Mail From not pass or none (parallel HELO option)
+ Reject on Softfail for HELO and Mail From
+ Add receiver policy options per sender domain to reject non-SPF Pass mail
for specific domains
+ Update policyd-spf(5) for new options
! Refactor result processing for better scalability and easier testing
! Move commented config file to a new file and use/install an uncommented
minimal config file to reduce future churn in the operational config file
* Fix prepend only (no action) options to work
* Clarify in policyd-spf(5) that permerror and temperror setting affect
both HELO and Mail From checks when those checks are enabled
--- 0.6.1 (2008-04-05 01:23 -0400)
* Pre-initialize helo_result to None to avoid crash if HELO checking is
disabled
--- 0.6 (2008-02-20 16:35 -0500)
! Logging redesign:
- Change default loglevel to 1 and readjust loglevel 1 and 2 to 2 and 3
- Loglevel 0 changed to no logging
- Move all non-error config file related logging to level 5
- Don't log SPF result comments
- Updated policyd-spf(5) debugLevel description
- Don't log errors for known config options
* Added exit log message promised in policyd-spf(5)
* Removed adding policyd-spf to %PYTHONPATH
+ Added prospective SPF checks to see if mail sent from current IP would Fail
SPF after being sent. Don't add SPF Received headers for these.
* Fixed IP whitelisting to work with multiple IP ranges (patch from Nicolas
Litchinko)
* Fixed 'seed only' option to work (patch from Nicolas Litchinko)
* Fixed domain whitelist to work
* Fixed domain whitelist to work with multiple domains (patch from Nicolas
Litchinko)
* Correctly detect IPv6 addresses in skip and white lists and use correct
implicit CIDR for IPv6
* Correct examples and policyd-spf(5) to not have spaces in IP and domain
lists
+ Log error if IP whitelist or skip list have non-IP address items in the
lists and then don't crash
! Install man pages and config files in FHS compliant locations.
! Removed spec files since I'm not qualified to maintain them
--- 0.5.2 (2007-10-26 15:30 -0400)
* Corrected regression so appending a header on Permerror works (introduced
in 0.4) - Thanks to "John A. Martin" <jam@jamux.com> for the bug report.
* Log and prepend Mail From result instead of HELO result if both are None.
* Provide default explanation for None results (so header and log fields are
not left empty
* Use correct RFC 4408 identity names (mailfrom/helo) in headers, logging,
and SMTP replies
* Use package installed config file if none is specified and related
documentation updates
* Fix default installation location for man pages and config file
* Revised README.per_user_whitelisting
--- 0.5.1 (2007-10-17 14:47 -0400)
* Corrected regression so reject on Permerror works (introduced in 0.4)
Thanks to "John A. Martin" <jam@jamux.com> for the bug report.
* Fixed Restriction Class option to be useful.
+ Made restriction class names configurable
+ Added per user whitelisting README to explain how it's useful
Thanks to "John A. Martin" <jam@jamux.com> for the contribution.
* Corrected SPF-Recieved header to us <> for null sender
* Corrected Postfix integration section of policyd-spf(1) to reflect correct
policy service time limit name.
* Corrected installed config file locations in both man pages.
* Header and logging cleanup (removed trailing ';' and adjusted whitespace).
--- 0.5 (2007-10-03 13:39 -0400)
+ Added man page for configuration file formatting (man 5 policyd-spf.conf)
* Moved explicit logging of the result headers for HELO and Mail From from
debug level 1 to debug level 2 (SPF results are already logged at debug
level 1)
* Moved config file item logging to a new debug level 5. This should only be
needed for development and not for operational use.
! Shifted list of local addresses to skip SPF from hard coded to a config
option.
* Changed default (no config file) TempError defer to False to match docs and
default in config file.
! Refactored Whitelisting/SPF skipping code for reduced size and better
extensibility and maintainability.
+ Added Forwarder Domain SPF Whitelist
+ Added Restriction Class mode to return only SPF result to Postfix
+ Return link to SPF "Why" page for reject/defer actions.
--- 0.4.1 (2007-08-13 11:00 -0400)
* Correct multi-recipient caching to work for multi-recipient rejections
--- 0.4 (2007-07-09 17:24)
+ Process HELO first and reject if allowed before looking up Mail From
+ Log failure to find SPF library
! Rationalize text of logging and comments back to Postfix - any script that
parses logs from this program automatically will need to be updated.
* Remove obsolete code for using non-Python SPF libraries
+ Activate support for config files (refactored legacy code)
! Change PermError default from Reject to Prepend
- Reject on PermError was inconsistent with traditional SPF usage.
! Remove obsolete undistributed files from SVN trunk
! Remove INSTALL file (redundant to man 1 policyd-spf)
* Adjust master.cf recommendations in INSTALL for new recommendations from
Weitse Venema (postfix-users mailing list).
* Change indentation from tabs to spaces in legacy code
+ Support case insensitive SPF results as required by RFC 4408.
+ SPF results reported with initial capitalization.
+ Add SPF whitelist facility in config file
--- 0.3 (2007-02-23 11:54)
* Refactored and simplified SPF results reporting/logging
* Changed logging to match RFC 4408 SPF-Received: terminology
* Fixed processing to skip SPF for localhost connections to work for IPv6
+ Implemented prepending of SPF-Received: header.
+ Added man page (man 1 policyd-spf)
--- 0.2 (2007-02-07 16:50)
* Changed skip local connections to use CIDR match rather than string.
* Log non-fail/error results to syslog
--- 0.1 (2007-01-17 18:00)
! Initial release
! Removed greylisting
! Stubbed out config files until they can be updated and integrated
+ Defer on temperror
+ Reject on permerror
+ Check HELO for null Sender (Mail From)
--- 0.0 Source from Tumgreyspf (2007-01-11 00:00)
! Source Tumgreyspf Version 1.24
OHA YOOOO