OPENDKIM RELEASE NOTES This listing shows the versions of the OpenDKIM package, the date of release, and a summary of the changes in that release. 2.10.3 2015/05/12 LIBOPENDKIM: Make strict header checking non-destructive. The last change to this code resulted in failing signatures. Reported by Pedro Morales and Wez Furlong. 2.10.2 2015/05/10 Fix bug #221: Report a DKIM result of "policy" if MinimumKeyBits or UnprotectedKey cause the signature to result in a "pass" override. Reported by Kurt Roeckx. Fix bug #227: Revert removal of SenderHeaders configuration setting. Document that it is now limited to signature selection. LIBOPENDKIM: Fix bug #226: Deal with header fields that are wrapped before there's any content. Reported by Alessandro Vesely. CONTRIB: Update to contrib/systemd/ from Steve Jenkins. 2.10.1 2015/02/03 Fix bug #214: Handle arbitrarily large From: fields. Reported by Tomohiko Sasaki. Fix bug #220: Make DB_SIGNINGTABLE symbol available in Lua scripts. Problem noted by Klaus Heinrich. LIBOPENDKIM: Fix bug #213: Remove "dkim_default_senderhdrs" from dkim.h. Problem noted by Daniel J. Luke. LIBOPENDKIM: Fix bug #219: Unresolved CNAMEs are not failures, according to the DNS (see RFC6604), so report them as NXDOMAIN or similar. Reported by Alessandro Vesely. 2.10.0 2014/12/27 Feature request #182: Remove "AddAllSignatureResults". All signature results will now be added via Authentication-Results header fields. Requested by Tomki Camp. Feature request #180: Rename "LDAPSoftStart" to "SoftStart" and apply it to SQL connections as well. Requested by Daniel Kauffman. Feature request #179: Add "IgnoreMalformedMail" option. Fix bug #183: Discontinue support for ADSP. This removes the following configuration file items: AddAllSignatureResults LocalADSP ADSPAction NoDiscardableMailTo ADSPNoSuchDomain On-PolicyError BogusPolicy SendADSPReports DisableADSP SenderHeaders LDAPSoftStart UnprotectedPolicy Make "rrvs" and "smime" recognized Authentication-Results methods. LIBOPENDKIM: Feature request #157: Add dkim_mail_parse_multi(). Suggested by Alessandro Vesely. LIBOPENDKIM: Feature request #185: Add dkim_set_dnssec(). Patch from Alec Peterson. LIBOPENDKIM: Fix bug #183: Discontinue support for ADSP. This means all of the following: - the dkim_policy_t type has been removed - the DKIM_POLICY_* constants have been removed - the DKIM_PRESULT_* constants have been removed - passing DKIM_OPTS_SENDERHDRS to dkim_options() now results in an error - the DKIM_PSTATE structure has been removed - all of the following functions have been removed: dkim_policy(), dkim_policy_dnssec(), dkim_policy_getqueries(), dkim_policy_getreportinfo(), dkim_policy_state_free(), dkim_policy_state_new(), dkim_policy_syntax(), dkim_getpolicystr(), dkim_getpresult(), dkim_getpresultstr(), dkim_set_policy_lookup(), dkim_test_adsp() LIBOPENDKIM: DKIM_LIBFLAGS_STRICTHDRS now also confirms syntactical validity of the From field before proceeding with a signing or verifying operation. Suggested by Wez Furlong. CONTRIB: Fix bug #207: Clean up the "stats" directory. CONTRIB: Add "repute" directory which could eventually replace the PHP implementation. Submitted by Daniel Black. CONTRIB: Patches to systemd and init/redhat from Steve Jenkins. 2.9.3 2014/12/27 Fix bug #177: Plug leaking "result" structures when OpenLDAP is in use. Truncate configuration file lines at carriage return. Replace overlapping strlcpy() with memmove() in dkim_get_key_file(). Reported by Daniel J. Luke. Patch #32: Re-arrange the execution logic to drop privileges in proper order. LIBOPENDKIM: dkim_header() is now a lot more strict about the input it will accept (see RFC5322 Section 2.2). LIBOPENDKIM: Tighten relaxed modes to break on only DKIM-defined whitespace characters. Problem noted by Elizabeth Zwicky. LIBOPENDKIM: Fix bug #208: If a signature fails to verify for either reason (header hash mismatched or body hash mismatched), set DKIM_SIGERROR_BADSIG so that Authentication-Results doesn't report a failure with "no signature error". TOOLS: Feature request #178: Add "-F" flag to opendkim-genzone so records are created with the FQDN. Patch from Andreas Schulze. REPUTATION: Handle parameters safely in repute.php. Reported by Daniel Black. 2.9.2 2014/04/02 Fix some conflicting unit tests. Reported by Eray Aslan. BUILD: Fix bug #195 part II: Compile all binaries with pthreads support as needed by libopendkim features. Reported by Walter Haidinger. BUILD: Fix packaging damage with autobuild. Reported by Andreas Schulze. 2.9.1 2014/03/15 Feature request #177: Add "LuaOnlySigning" so that only the Lua setup script makes signing requests; suppresses automatic application of the signing table. Requested by Daniele Orlandi. Fix bug #185: odkim.signfor() wasn't processing its arguments properly. Reported by Daniele Orlandi. Fix bug #199: Fix use of uninitialized buffer when generating SMTP response strings due to ADSP rejections. Problem noted by Ache. Fix infinite loop when mlfi_connect() is called with a hostname starting with a "." character. Reported by Philip Guenther. Fix loading of refiles when trailing spaces are present in the value. Problem noted by Amal Francis. LIBOPENDKIM: Only call dkiml_dns_close() if there was a dkiml_dns_service handle set by dkiml_dns_init(). Also, when closing, reset that handle to NULL. LIBOPENDKIM: The various dkim_dns_set_*() functions, when passed a NULL function pointer, merely store it, making the corresponding function a no-op. Previously, doing so restored the default. LIBOPENDKIM: Have dkim_sig_getreportinfo() return descriptors (if available) regardless of the signer's reporting parameters. Problem noted by Wez Furlong. BUILD: Fix bug #188: Clean up last remnants of libstrl. BUILD: Fix bug #190: Check for HAVE_SUN_LEN in opendkim-db.c. Problem noted by Patrick Laimbock. BUILD: Fix bug #191: Better minimum version checks for libmemcached. Problem noted by Patrick Laimbock. BUILD: Fix bug #192: Different test for libevent, from Patrick Laimbock. BUILD: Fix bug #193: Don't throw away user-provided compilation variables. Problem noted by Quanah Gibson-Mount. BUILD: Fix bug #195: Compile opendkim-genzone with pthreads support. Reported by Walter Haidinger. BUILD: Fix bug #202: Fix pkg-config check for GNUTLS. Reported by Dilian Wesselinov Palauzov. BUILD: Fix bug #203: opendkim-genzone requires pthreads. BUILD: Patch #29: Look for libmilter in lib64. Patch from Dilian Wesselinov Palauzov. BUILD: Patch #30: Include libdl when linking in Lua. Patch from Dilian Wesselinov Palauzov. BUILD: Don't throw away user-provided compilation variables. Problem noted by Quanah Gibson-Mount. BUILD: Rename "--with-mdb" to "--with-lmdb" for consistency with that package's naming conventions. CONTRIB: Fix bug #184: Update to contrib/systemd/opendkim.service from Steve Jenkins. MILTERTEST: Add "polite" flag to mt_disconnect(). TOOLS: Fix bug #187: Increase buffer size for the private key in opendkim-testkey. Problem noted by Andreas Schulze. TOOLS: Fix opendkim-spam to match the schema found in stats/mkdb.mysql. Problem noted by Benny Pedersen. 2.9.0 2013/12/09 NOTE: During the development cycle for this release, SourceForge changed their bug numbering system. Bug numbers are recorded here as they were generated by the current system at the time they were filed. The older ones (prefixed "SF") have since been renumbered or may no longer be in the system. Feature request #169: Discontinue libxml2 support in the reputation code. Feature request #174: Drop internal libstrl implementation. Feature request #175: Discontinue support for libdkimrep. Feature request #176: Update to the final REPUTE RFCs. Activate _FFR_REDIRECT. Fix bug #178: Add support for "dmarc" as an authentication method (though it hasn't been formally registered yet) and fix a minor Authentication-Results parsing problem. Problem noted by Martin Kauchler. Fix bug #179: Correct handling of SignatureTTL. Problem noted by Kyle Cummings. Fix bug #180: Drain results object when doing a DB walk of a postgresql table. Problem noted by Szucs Adam. Fix bug #182: Add an Authentication-Results header field even for messages with no valid From: field or a fatal structural violation. Reported by John Wood. Teach dkimf_db_walk() about LDAP soft starting, and don't escape the forced "*" when walking. Also handle incorrect attribute counts without causing an assertion failure. Problem noted by Andreas Schulze. Call dkimf_config_free() on shutdown so that all DBs get properly closed and everything gets deallocated. LIBOPENDKIM: Fix bug #168: Report an unresolved CNAME for ADSP records as simply absent. Suggested by Eugene Crosser. LIBOPENDKIM: Add DKIM_LIBFLAGS_REQUESTREPORTS to request that an "r=y" tag be added to signatures, per RFC6651. TOOLS: Fix boundary condition in opendkim-testmsg. Reported by Wez Furlong. DOCS: Feature request #168: Improve documentation of signature verification failure debugging features. DOCS: Feature request #172: Describe socket selection procedure in detail, and mention selinux command to get set up. Suggested by Kevin San Diego. 2.8.4 2013/07/15 Fix bug #169: Add "::1" to the default InternalHosts list. Suggested by Norbert Aschendorff. Fix bug #171: Escape "+" character in regex generation. Reported by Scott Kitterman. Fix bug #172: Repair broken AutoRestartRate logic. Patch from Sho Kubata. Fix bug #SF3603525: Discard duplicate results from non-DKIM methods. Problem noted by John Wood. Fix bug #SF3611976: Fix up quarantine option handling. Problem noted by Claus Assmann. TOOLS: Fix bug #SF3609716: Fix meaning of "-S" in opendkim-genkey. Problem noted by Quanah Gibson-Mount. BUILD: Fix bug #SF3612816: Build compatibility with Lua 5.2. Patch from Hirohisa Yamaguchi. 2.8.3 2013/05/04 Log something when refusing to sign because the private key was too small. This also adds a new "On-SignatureError" handler setting, and a new status code DKIM_STAT_SIGGEN. Problem noted by Jim Fenton. Fix application of "On-InternalError" setting. Problem noted by Claus Assmann. Feature request #SF3609496: Don't apply reputation checks to internal clients. 2.8.2 2013/03/27 Authentication-Results tokens should be checked without case sensitivity. Problem noted by Chris Meidinger. Fix snprintf() arguments in dkimf_checkfsnode(). Problem noted by Scott Kitterman. CONTRIB: Patch #SF3608716: Fixes to spec/ from Kouhei Sutou. 2.8.1 2013/03/19 Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton. Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton. Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales. BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood. 2.8.0 2013/02/25 Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which inhibits signing of a handle tagged for resigning when the attached verifying handle had no valid signatures in it. Feature request #SF3155117: Do a more thorough check for writeable key files, checking more of the filesystem permission tree. Feature request #SF3530734: Add "LDAPDisableCache", which suppresses the creation of a local cache in front of LDAP queries. Requested by Quanah Gibson-Mount. Feature request #SF3547359: If compiled with libcurl, add "SMTPURI" configuration option that allows direct SMTP transmission failure reports. Requested by Andreas Schulze. Feature request #SF3578197: Allow per-message override of the list of header fields to be signed. Requested by Alec Peterson. Feature request #SF3590860: Combine collected reputation values into an overall allowed rate under _FFR_REPRRD, as is done for the other reputation code. Feature request #SF3598991: Add odkim.signfor() function to the Lua setup script. Requested by Marcin Owsiany. Feature request #SF3599409: Modify dkimf_checkip() to try surrounding the IP address part of every query with square brackets, which is a common way to do IP address literals in email contexts. Requested by Quanah Gibson-Mount. Fix bug #SF3531477: Add (hopefully temporary) configuration option "DisableCryptoInit" so that opendkim's initialization of the crypto library doesn't conflict with the same work done by other libraries. Reported by Quanah Gibson-Mount. Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and "InsecurePolicy" to "UnprotectedPolicy", as the term "insecure" in reference to a key is sometimes interpreted to mean "not enough random bits" rather than as a keyword describing the presence or absence of DNSSEC protection. What's logged in Authentication-Results header fields has been similarly modified. Suggested by Scott Kitterman. Fix bug #SF3604525: Don't divide by zero when the query cache hasn't been used. Reported by Denis Klimov. Protect against handling of signatures with empty domains, which could cause a NULL dereference and a crash. Problem noted by Motohiro Ishiyama and John Wood. Do ATPS checks when enabled even if ADSP is disabled. Don't fail to start on empty or null configuration files. Problem noted by Steve Jenkins. Patch #SF3593422: Update for MDB 0.9.5 support. Patch from Quanah Gibson-Mount. LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is used in combination with dkim_chunk(). Problem noted by Dave Kelly and Heather Lord. LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function to extract the current number of keys in the cache, and also provide a counter reset mechanism. BUILD: Feature request #SF3547151: Check for Lua package name variants in use on Debian. Requested by Scott Kitterman. BUILD: Feature request #SF3599902: Change OpenSSL existence test to help with Debian packaging. Requested by Scott Kitterman. BUILD: Add "--with-test-socket" to force all of the filter unit tests to use a specific socket. Based on a bug report from Scott Kitterman. BUILD: Add checks for strlcat()/strlcpy() in libbsd. Patch from Scott Kitterman. CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc. Suggested by Christophe Wolfhugel. CONTRIB: Add systemd directory. Contributed by Steve Jenkins. CONTRIB: Split out initial key generation function from contrib/init/redhat/opendkim. Contributed by Steve Jenkins. MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't contain a colon. MILTERTEST: When connect() fails for an AF_INET socket, it apparently leaves the socket unusable. Discard the socket when that happens and get a new one. MILTERTEST: Add a way to extend the mt.connect() retry interval via environment variables so a large test suite can be easily extended on slow systems. Problem noted by Scott Kitterman. TOOLS: Register DNS functions before calling dkim_dns_init() in opendkim-testkey. Problem noted by Jeff Anton. TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg. 2.7.4 2013/01/06 Fix bug #SF3596147: Allow arbitrarily long configuration file lines. Based on a patch from Daniel Black. Fix bug #SF3596229: Fix logging of signature errors, which logged the domain name twice instead of the domain name and the selector. Patch from Daniel Black. Safely handle incoming Authentication-Results fields with large number of tokens. Problem noted by Motohiro Ishiyama and John Wood. Avoid mixing up status codes when processing conf_logresults, leading to confusing log entries. Problem reported by John Wood. Fix ADSP logging. Problem noted by Claus Assmann. 2.7.3 2012/11/29 Log DB error string in dkimf_add_signrequest(), and fix a DSN handling error in dkimf_db_strerror(). Problem noted by Simone Caruso. LIBOPENDKIM: Ignore entries in the oversign header field name list that are empty, and an oversign header field name list that is present but empty. Problem noted by Alec Peterson. LIBOPENDKIM: Allow header field lists to be empty, flushing any that were previously defined. Problem noted by Alec Peterson. BUILD: Improve tests for including <strl.h>. Based on a patch from Eray Aslan. REPUTATION: Use lowercase for keywords in REPUTE query generation and handling. STATS: Clean up a dead link in opendkim-genstats. Patch from Andreas Schulze. 2.7.2 2012/11/14 Log the author domain name when rejecting or discarding due to ADSP. LIBOPENDKIM: Improve re-entrancy of dkim_eoh() when verifying. Requested by Alec Peterson. LIBOPENDKIM: Only do a single read attempt of a private key under GNUTLS to avoid hiding a useful error code. Problem noted by Alec Peterson. STATS: Add long option support for opendkim-importstats. Based on a patch from Christian Roessner. STATS: Fix overly-strict domain name rules in opendkim-reportstats. Reported by Christian Roessner. TOOLS: Fix opendkim-genkey subdomains default. Problem noted by Quanah Gibson-Mount. TOOLS: Fix opendkim-testmsg GNUTLS initialization. Problem noted by Alec Peterson. TOOLS: Add ability to assert a reporter ID to opendkim-spam. Based on a patch from Christian Roessner. TOOLS: Add ability to skip a fixed number of Received: fields. Problem noted by Christian Roessner. TOOLS: Print a warning when asked to generate a key smaller than the recommended minimum. BUILD: Fix bug #SF3585163: Use a provided libstrl if detected. Based on a patch from Eray Aslan. BUILD: Portability fixes for Solaris 10 from Claus Assmann and Leena Heino. 2.7.1 2012/10/30 Fix bug #SF3581657: Fix faulty logic in LDAP open code. Problem noted by Quanah Gibson-Mount. Fix bug #SF3581743: Properly handle NULLs returned from OpenDBX queries and low field counts in dkimf_db_walk(). Problem noted by Adam M. Jacques. In the _FFR_REPUTATION code, free JSON objects when done with them. TOOLS: Fix argument parsing in new version of opendkim-genkey. Problem noted by Steve Jenkins. 2.7.0 2012/10/24 Feature request #SF2964375: Reject configuration files that have a SigningTable referencing a missing or malformed KeyTable entry. Feature request #SF3544764: Support for libar has been discontinued. For asynchronous and/or thread-safe resolver service, use libunbound or a suitable version of BIND. Feature request #SF3545658: Replace "ResolvConf" with "Nameservers" and add support for NS list overrides for versions of bind that have res_setservers(). Also rename "UnboundConfigFile" to "ResolverConfiguration", and make "TrustAnchorFile" generally available. Feature request #SF3547124: Skip reputation checks on passing signatures whose keys had a "t=y" value. Feature request #SF3555842: Add "ReputationTest" setting. Requested by Andreas Schulze. Feature request #SF3556439: Update opendkim-atpszone per RFC6541. Feature request #SF3559744: Add library option DKIM_OPTS_MINKEYBITS allowing one to specify a minimum number of key bits for acceptable keys and signatures. This is exposed through new configuration file option "MinimumKeyBits". The default is 1024. Fix bug #SF3536414: Activate _FFR_OVERSIGN, and remove DKIM_OPTS_ALWAYSHDRS. Fix bug #SF3536655: Rename "X-Header" to "SoftwareHeader", and rename all header fields added that start "X-" to remove that prefix, per RFC6648. The old name will be accepted through the end of the 2.7.x line. Fix bug #SF3538896: Remove antiquated CVS Id: tags, which cleans up some (harmless) build warnings. Suggested by Andreas Schulze. Fix bug #SF3548741: Add "ReputationTimeout" for use inside _FFR_REPUTATION, rather than using the built-in default or a hard-coded one. Fix bug #SF3549307: Remove _FFR_REPUTATION_CACHE, as it is redundant to caching code that's part of _FFR_REPUTATION already. Fix bug #SF3555844: Get repute client code in sync with repute.php (and the current REPUTE WG drafts). Problem noted by Andreas Schulze. Fix bounds checking in the dstring printf functions. Fix loop structure in the C side of odkim.get_rcpt(). Problem noted by Todd Lyons. Change all temporary directory defaults from /var/tmp to /tmp. Activate _FFR_LUA_GLOBALS. Request the milter permissions required to get _FFR_REDIRECT working. Patch from Andreas Schulze. Add _FFR_REPRRD, which is a second approach to DKIM-based reputation using round robin databases and Holt-Winters foreacasting using rrdtool (see Still experimental. Patch #SF3555843: With sufficient verbosity, report the default configuration file path. Patch from Andreas Schulze. BUILD: Fix bug #SF3531658: Move the strlcat() and strlcpy() implementations to their own library so that programs don't drag in crypto and other dependencies they don't need. Also clean up several other unnecessary dependencies imposed by imprecise use of autoconf. Problem noted by Andreas Schulze. BUILD: Patch #SF3555845: Add support for older versions of libcurl. Based on a patch by Andreas Schulze. BUILD: Install non-user things in sbin instead of bin. Suggested by Andreas Schulze. LIBOPENDKIM: Feature request #SF3565006: Add dkim_add_querymethod() and dkim_sig_seterror(), define DKIM_CBSTAT_DEFAULT, and remove an assertion in dkim_get_key_dns(), which together allow for applications to develop non-standard key retrieval mechanisms. Suggestion and patches from Ken Murchison. LIBOPENDKIM: Fix bug #SF3559080: Log correct domains and selectors with SSL errors. LIBOPENDKIM: Add DNS functions dkim_dns_config(), dkim_dns_init(), dkim_dns_nslist(), dkim_dns_set_init(), dkim_dns_set_close(), dkim_dns_set_nslist(), dkim_dns_set_config(), dkim_dns_set_trustanchor(), dkim_dns_trustanchor(). LIBOPENDKIM: Patch #SF3562496: Add DKIM_OPTS_REQUIREDHDRS to allow alteration of the mandatory header field set. Patch from Ken Murchison. LIBOPENDKIM: If "q=" is present and method "dns" is specified, it must be followed by "/txt", per RFC6376. LIBOPENDKIM: For dkim_add_xtag(), copy the provided values so the caller doesn't have to keep them around. LIBOPENDKIM: Allow dual signing of a single body with dkim_resign(). Suggested by Ken Murchison. STATS: Fix bug #SF3555847: Add "--nocircles" to opendkim-gengraphs to allow operation with versions of gnuplot that don't know what "with circles" means. Problem noted by Andreas Schulze. STATS: Patch #SF3555841: Temporary table SQL correction. Patch from Andreas Schulze. TOOLS: Feature request #SF3553918: Add "-u" flag to opendkim-atpszone and opendkim-genzone enabling them to produce output suitable for use as input to nsupdate(8). Based on a suggestion by Dave Crocker. TOOLS: Feature request #SF3558818: Teach opendkim-testkey about the new "ResolverConfiguration" setting. Based on a problem report from Patrick Ben Koetter. TOOLS: Fix bug #SF3565013: Replace opendkim-genkey with a perl script that knows how to do splitting of character-strings in DNS TXT records. Problem reported by Todd Lyons. TOOLS: Fix bug #SF3568846: Add "-t" to opendkim-testmsg to allow override of the directory where temporary files go. Also, clean up temporary files after creating them. TOOLS: Add opendkim-rephistory. 2.6.7 2012/07/23 Fix input handling for file data sets for the macro case. Problem noted by Allan Wind. Ensure NULL-termination of macro value tests. STATS: Fix hang bug in opendkim-reportstats. Problem noted by Todd Lyons. STATS: Fix bug #SF3547363: Fix "Top 10" and DNSSEC trend reports. Problem noted by Andreas Schulze. 2.6.6 2012/07/18 LIBAR: Fix bug #SF3544522: Not all systems define a "_len" member for the sockaddr structures. Reported by Stevan Bajic. LIBOPENDKIM: Fix bug #SF3545490: If the body handed to the library was missing a trailing line terminator, then dkim_canon_closebody() would end the hashes with some data not included. Now, if DKIM_LIBFLAGS_FIXCRLF is set, it will detect this condition and correct it; if not, an error is returned. Problem noted by James Erickson. LIBOPENDKIM: If the job ID passed in during handle creation includes slashes and temporary file creation is enabled, convert the slashes to dots in the temporary file template. Problem noted by James Erickson. 2.6.5 2012/07/14 Swap order of "header.d" and "header.i" values in Authentication-Results fields. BUILD: Fix bug #SF3543282: Corrections to Darwin/libar build adjustment made in 2.6.3. Problem noted by Daniel J. Luke. 2.6.4 2012/07/12 Feature request #SF3542099: Include "header.d" in all Authentication-Results fields, not just "header.i". This makes life easier for users of OpenDMARC. BUILD: Fix SHA256 test on some systems. Problem noted by James Erickson. 2.6.3 2012/07/11 Add "ResolvConf" setting, allowing the ability to pass a resolv.conf-like file to unbound to allow specific nameservers to be used instead of the default. LIBOPENDKIM: Return the correct error code when a SHA1-only library encounters a SHA1 signature that references a SHA256-only key. Problem noted by Andrew Birchall. LIBAR: Add ar_resolvconf(). BUILD: Fix bug #SF3538676: Build with -DDARWIN on MacOSX, and default to arlib if unbound isn't selected. Patch from Daniel J. Luke. 2.6.2 2012/07/02 Fix build confusion between _FFR_RATE_LIMIT and _FFR_RESIGN. Problem noted by Rolf Sonneveld. Fix bug #SF3538639: Fix error when --domain is not provided to opendkim-genrates. Problem noted by Andreas Schulze. Fix bug #SF3539449: Clarify legal "Socket" values. Requested by Scott Kitterman. Fix bug #SF3539493: Handle certain cases of data set names that appear to be comma-separated lists which include IPv6 addresses. Reported by Scott Kitterman. 2.6.1 2012/06/25 Restore and activate _FFR_SELECT_CANONICALIZATION. Also adds a SelectCanonicalizationHeader configuration option. Remove _FFR_SELECTOR_HEADER. Update Authentication-Results parsing to understand "dkim-atps" (RFC6541) and no longer understand "hardfail" (RFC6577). LIBAR: Fix bug #SF3309946: Ensure the dispatcher doesn't hold the master lock when it might enter a read wait. STATS: Add a database index on messages.msgtime to aid with expiration performance. TOOLS: Feature request #SF3536385: Add "-a" to opendkim-genkey to include a domain name in the generated TXT record. Requested by Quanah Gibson-Mount. 2.6.0 2012/06/07 Feature request #SF3495969: Add support for Lua v5.2.0. Requested by Rolf Sonneveld. Feature request #SF3502777: Log all authentication results rather than relying on logging of Authentication-Results header fields. Requested by Andreas Schulze. Feature request #SF3512286: Add "LDAPSoftStart" flag so the filter doesn't abort on startup when LDAP is not available. Feature request #SF3512836: Add _FFR_SOCKETDB, which enables support for a generic socket data set. Feature request #SF3514982: Add Erlang data set support. Patch provided by Andre Nathan. Feature request #SF3516253: Update to newest "repute" working group documents, which mainly means adding JSON support and promoting application-specific extensions to the top level in the reputon structure. Feature request #SF3518593: Add support for OpenLDAP's MDB as a data set backend. Requested by Quanah Gibson-Mount. Feature request #SF3519002: Put reason information inside a "reason" tag in Authentication-Results header fields rather than in comments. Feature request #SF3521000: Log hostname and daemon name (taken from macros) when logging "no MTA name match". Requested by Andreas Schulze. Feature request #SF3524756: Add ability to request TCP keepalive features via the OpenLDAP client library. Requested by Quanah Gibson-Mount. Feature request #SF3529233: Add odkim.get_envfrom() to all Lua scripts. Requested by Charles Cazabon. Fix bug #SF3518877: Separate variable expansion from literal text in opendkim-genkey. Fix bug #SF3522883: Allow TLS for ldapi URIs. Problem noted by Quanah Gibson-Mount. Fix bug #SF3527428: Construct the LDAP URI list properly, rather than only keeping the last one, and add failover code. Problems noted by Quanah Gibson-Mount. Patch #SF3522895: Add contrib/ldap/opendkim.ldif. Contributed by Quanah Gibson-Mount. Activate _FFR_XTAGS. Remove _FFR_SELECT_CANONICALIZATION. LIBAR: Fix bug #SF3444318: Do proper buffer size calculations to avoid valgrind warnings about references to unaddressable space. Reported by Todd Lyons. LIBOPENDKIM: Fix bug #SF3496041: Remove _FFR_PARSETIME. LIBOPENDKIM: Fix bug #SF3516653: By default, treat a syntax error in an ADSP record as an NXDOMAIN. Add new library flag DKIM_LIBFLAGS_REPORTBADADSP to restore the original behaviour. Suggested by Scott Kitterman. LIBOPENDKIM: Fix bug #SF3524865: Disallow generation of signatures where signer and signing domain don't match per the DKIM specification. Add DKIM_LIBFLAGS_DROPSIGNER which, if set, will still generate signatures in that case, but with the signer omitted so the signature is still compliant. BUILD: Fix bug #SF3425384: Add missing support for compiling against libevent2, which is an option for unbound. Noted by Andreas Schulze. BUILD: Fix bug #SF3475799: Don't do a manual check for libdb.a. Use the AC_CHECK_* macros instead. DOCS: Fix bug #SF3518864: The license for IETF documents is not compatible with free software licensing, which makes packaging a bit of a chore. Replace all the text files in the "docs" directory with a single HTML page that includes links to all the things we used to include here. Requested by Scott Kitterman. STATS: Feature request #SF3110059: Move opendkim-reportstats from contrib/stats to stats, making it fully supported. STATS: Feature request #SF3525786: Add opendkim-expire script. Requested by Andreas Schulze. STATS: Feature request #SF3528652: Allow a specific list of domains, possibly read from a file, for opendkim-gengraphs and opendkim-genrates. Requested by Andreas Schulze. 2.5.2 2012/04/09 Fix bug #SF3496208: Replace stats/opendkim-genstats with a perl script so it's far more efficient. Fix bug #SF3514793: Pass proper flags to libdb when creating temporary LDAP caches. Problem noted by Sergey Romanov. Fix a crash bug when using LocalADSP with a message with no parseable From: field. Problem noted by John Merriam. Fix a crash bug when using LDAP with authentication when LDAPAuthUser is not defined. Problem noted by Christian Roessner. STATS: Fix bug #SF3510729: Convert stats/opendkim-gengraphs to a perl script. 2.5.1 2012/03/15 Fix bug #SF3496131: Fix query cache build problem. Reported by Dilian Wesselinov Palauzov. Fix bug #SF3500660: Add Date: header field to generated reports. Reported by Andreas Schulze. BUILD: A few subsidiary libraries need to know about -lresolv on systems that need it. Reported by Scott Kitterman. STATS: Add "-E" command line flag to opendkim-importstats, forcing an abort on any input error. 2.5.0 2012/02/29 ##################################################################### ### ### ### This release is dedicated to the memory of J.D. Falk, a ### ### tireless champion of anti-abuse technology and collaboration ### ### and a founding member of the Board of the Trusted Domain ### ### Project, a participant in related IETF work, and a long-time ### ### particpant and supporter of MAAWG. J.D. was taken by cancer ### ### on November 16, 2011. His enthusiasm and perspective for ### ### all of this work will be sorely missed. ### ### ### ##################################################################### Feature request #SF3385816: Discontinue DomainKeys support. Feature request #SF3393282: Update ARF output per draft-ietf-marf-authfailure-report-03 et seq. Feature request #SF3406814: Add ability to invoke chroot(). Requested by Andreas Schulze. Feature request #SF3477908: Update DKIM reporting per draft-ietf-marf-dkim-reporting-10. Add "WeakSyntaxChecks" suppressing some short-circuiting error checks on syntax. Requested by Todd Nagengast. Allow a set of test files to be passed via "-t" rather than just one. Add _FFR_REPUTATION, and several new support libraries (in the libut/ and reputation/ directories) for doing DKIM-based reputation evaluations of arriving messages. Full documentation of the algorithms will appear in an upcoming white paper. This also includes several new configuration options that make use of reputation data pulled from servers: ReputationCache ReputationCacheTTL ReputationLimits ReputationLowTime ReputationMinimum ReputationLimitModifiers ReputationRatios ReputationSpamCheck ReputationTimeFactor For now these are briefly documented in reputation/README. As this subsystem matures, they will be fully documented in opendkim.conf(5). Fix bug #SF3471520: Don't crash when the first line of a configuration file is an "Include" instruction. Reported by Dilian Wesselinov Palauzov. Fix bug #SF3475149: Apply RFC2254 encoding to LDAP queries. Problem noted by Yoshiaki Yanagihara. LIBOPENDKIM: Feature request #SF3317160: Per RFC6376, remove granularity checks. LIBOPENDKIM: Feature request #SF3385768: Add dkim_privkey_load(), allowing validation of a private key before reaching end-of-message. Requested by Heikki Gruner. LIBOPENDKIM: Feature request #SF3423226: Copy header field name lists instead of using the caller's copy. Suggested by Heikki Gruner. LIBOPENDKIM: Update list of header fields that should be signed per RFC6376. LIBOPENDKIM: Don't report the absence of "c=" as an error, since there is a default. LIBOPENDKIM: Add DKIM_SIG_CHECK() macro. Suggested by Heikki Gruner. LIBAR: Fix bug #SF2917856: Rename "ar.h" to "async-resolv.h" since "ar.h" is already in common use. STATS: Feature request #SF3397903: Drop all support for data needed for the DKIM Implementation Report, as it has been completed. Leave stuff that's useful for reputation R&D. STATS: Feature request #SF3402857: Modify opendkim-spam to be able to write update records to statistics files. STATS: Feature request #SF3439384: Make opendkim-importstats more backend-agnostic. Requested by Andreas Schulze. TOOLS: Add opendkim-testmsg, for signing/verifying messages without all the milter code being invoked. Requested by Todd Nagengast. CONTRIB: Add LDAP documentation and examples. Provided by Patrick Ben Koetter. 2.4.3 2011/12/26 Fix bug #SF3400670: Send ADSP failure reports when rejecting a message. Reported by Andreas Schulze. Fix bug #SF3419149: Add MaximumSignedBytes to opendkim-config.h. Reported by Adam Bernstein. Fix bug #SF3441240: Apply ReportBccAddress when generating ADSP reports. Reported by Richard Rognlie. Fix bug #SF3447199: Fix logic preventing the application of the BodyLengthDB. Problem noted by Richard Rognlie. Fix Authentication-Results generation with "AddAllSignatureResults" enabled. Reported by Todd Nagengast. Fix a crash bug when trying to handle certain malformed header fields in verify-only mode. Reported by Todd Lyons. Improve error checking in the callback provided to libunbound to avoid crashes. Problem noted by Todd Lyons. Cope with versions of Sleepycat DB that crash when asking for a file descriptor for in-memory databases. Problem reported by Todd Lyons. Don't override "On-NoSignature" when "Quarantine" is set. Reported by Jarry Jeremy. Ignore header field names that contain semi-colons, as they produce syntactically invalid signatures. Problem noted by Heikki Gruner. LIBOPENDKIM: Fix bug #SF3465400: Don't use "new" as a parameter name in dkim.h since that's an error for C++. Reported by Amit Schreiber. LIBOPENDKIM: NOERROR is the same as NXDOMAIN for the purposes of the ADSP existence check. Problem noted by Todd Nagengast. LIBOPENDKIM: Return DKIM_STAT_SYNTAX from dkim_header() if the header field name contained a semi-colon. LIBAR: After computing a timeout, if the fractional seconds portion adds to exactly a second, convert that amount to seconds. Previous versions only converted when the fractional portion exceeded a second. This led to threads that spin indefinitely. Problem noted by Todd Lyons and Gary Mills; forensic evidence revealing the problem at long last provided by Todd Lyons. STATS: Fix a crash bug in opendkim-importstats due to improper handling of NULL returns from SQL. Reported by Andreas Schulze. 2.4.2 2011/08/05 Don't apply BodyLengthDB when not signing. Problem noted by Andreas Schulze. LIBOPENDKIM: Update for draft-kucherawy-dkim-atps-06. LIBOPENDKIM: Terminate the strings returned by dkim_sig_getsubstring() and dkim_sig_getidentity() whenever possible. Suggested by Heikki Gruner. CONTRIB: Change "chkconfig" instruction in RHEL init script, and a minor tweak to the RPM spec file. From Steve Jenkins. 2.4.1 2011/06/28 Fix bug #SF3312691: Add "-e" command line switch to extract a value from configuration. Fix bug #SF3324488: Accommodate postfix's job ID generation by moving the BodyLengthDB check down to EOH. Reported by Andreas Schulze. Fix bug #SF3327106: Fix mode-based short-circuit logic. Reported by Yoshiaki Yanagihara. Patch #SF3321766: Remove "-d" from usage message (not implemented). Patch from Andreas Schulze. Print database error strings instead of just return codes in query test mode, and clean up error strings when extracting them from the layers below. Minor fixes related to use of OpenDBX. LIBOPENDKIM: Fix bug #SF3328330: Correct generation of "z=" tags. Problem reported by Christophe Wolfhugel. LIBOPENDKIM: Patch #SF3313534: Improve thread-safe use of OpenSSL in dkim_init() and dkim_free(). Patch from Masatake Daimon. LIBOPENDKIM: Patch #SF3314269: Change all uses of off_t to ssize_t, as the former is reserved for use with filesystem APIs. Patch from Manuel Mausz. LIBOPENDKIM: Make the user context pointer (void) rather than (const void) since the caller is allowed to change it. Problem noted by Heikki Gruner. LIBOPENDKIM: Proper handling of DKIM_CBSTAT_ERROR from the prescreen and final callbacks. Problem noted by Heikki Gruner. LIBOPENDKIM: Fix up initialization under _FFR_OVERSIGN. Problem noted by Eray Aslan. BUILD: Adjust gprof code to accomodate systems that put profiling output in <binary>.gmon rather than gmon.out. 2.4.0 2011/06/06 Feature request #SF3060140: Extension of odkim.sign() to include maximum signed byte count. Feature request #SF3171865: Add _FFR_LUA_GLOBALS, enabling a mechanism to maintain state between Lua scripts. Feature request #SF3241982: Optionally add an Authentication-Results field for all signatures present, not just the first good one. Feature request #SF3256630: Add _FFR_RATE_LIMIT, enabling hooks for post-verification rate controls. Feature request #SF3290461: Add optional support for querying a memcache daemon via libmemcached. Feature request #SF3299041: Be tougher on use of the "l=" tag by removing "BodyLengths", renaming "BodyLengthDBFile" to "BodyLengthDB", and allowing pattern matches. This effectively activates _FFR_BODYLENGTH_DB as well. Feature request #SF3303911: Add "DisableADSP" setting. In the stats recording code, only check for a domain match for signatures that don't have errors (i.e., short circuit if sigerror is not zero). LIBOPENDKIM: Feature request #SF2969516: Teach dkim_chunk() about DKIM_LIBFLAGS_FIXCRLF. LIBOPENDKIM: Feature request #SF3123731: Extend FixCRLF to cover header fields. LIBOPENDKIM: Feature request #SF3151534: Extract DKIM reputation support to its own library. LIBOPENDKIM: Feature request #SF3279589: Add _FFR_XTAGS, adding support for generic extension tags in signatures. LIBOPENDKIM: Feature request #SF3300738: Add dkim_sig_getqueries() and dkim_policy_getqueries() to assist API consumers that have their own DNS mechanisms not directly adaptable to ours. Requested by Heikki Gruner. LIBOPENDKIM: Return an error from dkim_getsighdr() or dkim_getsighdr_d() if called after a key load failure. Problem noted by Heikki Gruner. LIBAR: Check that the descriptor's write socket is writable before calling ar_sendquery() when trying to identify open requests that need retransmission. STATS: Feature request #SF3066106: Add "opendkim-anonstats" tool. CONTRIB: Paths in init/redhat/opendkim are now auto-generated. Activate _FFR_MAXVERIFY. 2.3.2 2011/04/14 Fix bug #SF3067338: Create a pool of DB handles for SQL operations so that queries don't all share one serially. Fix bug #SF3156559: Don't compile Lua scripts anew for each execution. Fix bug #SF3210385: Fix issue with configuration reload failures having some side effects on the remaining active configuration handle. Reported by Andreas Schulze. Fix bug #SF3235131: Don't report ADSP errors as signature errors in Authentication-Results header fields. Fix bug #SF3258459: Don't send progress messages during EOH. Problem reported by Gary Mills. Add ADSP processing error information to A-R header fields. LIBOPENDKIM: Fix bug #SF3276469: When generating "z=" tags, apply omit and sign header field lists. Problem noted by Todd Lyons. LIBOPENDKIM: Use a time_t to store TTL and clock drift options rather than unsigned long. Patch from Piotr Sikora. LIBAR: Include class and type in debugging messages. Suggested by Gary Mills. LIBAR: Start the dispatcher on the first query, not in ar_init(). Allows ar_init() to be called before a fork() safely. CONTRIB: Adjust installed path in RedHat start script. Patch from Naresh V. CONTRIB: Require the current libopendkim in the opendkim definition in the RPM spec file. Patch from Naresh V. 2.3.1 2011/03/28 Feature request #SF3196060: Log retrieved reputation values. Patch from Andreas Schulze. Feature request #SF3199824: Don't log "no signature data" unless LogWhy is enabled or the action for unsigned mail is something other than "accept". Fix bug #SF3196069: Log more detail when dkimf_config_setlib() fails. Problem noted by Andreas Schulze. Fix bug #SF3197890: Update ARF report format for DKIM verification failures to use what's in draft-ietf-dkim-marf-reporting. Fix bug #SF3204725: Add "ReplaceHeaders" data set to constrain what header fields are affected by "ReplaceRules". Problem noted by Chris Callegari. Fix bug #SF3211114: Extract "BaseDirectory" from configuration file properly. Fix bug #SF3234178: Correct handling of a KeyTable entry for which the key data is empty. Based on a patch from Yoshiaki Yanagihara. Patch #SF3205699: Make all header field name and domain name data sets case insensitive. Submitted by Richard Rognlie. Add a case-insensitivity flag to odkim.db_open(). Minor correction to DNS function return codes for unbound, which doesn't have an expired/no-reply distinction like libar does. LIBOPENDKIM: Fix up timeout handling with a DNS callback is in use. LIBOPENDKIM: Update for draft-kucherawy-dkim-atps-03. STATS: Fix bug #SF3195449: Omit data from reporters that are not currently marked "enabled" in the reporters table. STATS: Evaluate "i=" against the "d=" domain, not the "From" domain. Problem noted by Mark Martinec. STATS: A few more reports. MILTERTEST: Don't use non-standard printf() conversions. MILTERTEST: Get the SMFIP_HDR_LEADSPC logic right. TOOLS: Feature request #SF3200848: Add a backgrounding option (on by default) to opendkim-spam. 2.3.0 2011/02/21 Feature request #SF2964396: Allow SignHeaders, OmitHeaders and SenderHeaders to be specified as deltas to the default lists. Feature request #SF3053094: Correct documentation and improve function of the AuthservID configuration setting. Requested by Andreas Schulze. Feature request #SF3060152: Add odkim.replace_header() function. Feature request #SF3060161: Add odkim.del_header() function. Feature request #SF3061189: Add new "quarantine" option to all the various "On-" settings. Feature request #SF3066104: Add "AnonymousDomains" configuration option. Feature request #SF3074290: Add _FFR_ATPS, experimental support for draft-kucherawy-dkim-atps. Feature request #SF3076684: Add "VBR-TrustedCertifiersOnly" flag. Feature request #SF3080604: Add odkim.parse_field() function. Requested by Todd Lyons. Feature request #SF3081697: Add "OversignHeaders" configuration option. Feature request #SF3085536: Activate _FFR_STATS_I, providing statistics reporting about use of "i=" in signatures. Feature request #SF3096630: Add odkim.rbl_check() function. Feature request #SF3097083: Make SigningTable accessible from Lua. Feature request #SF3103095: Allow "%" in a KeyTable entry's filename component as well as the domain name. Feature request #SF3105480: Improved VBR correctness; don't conduct VBR checks at all if there are disagreeing "mc" values in multiple VBR-Info header fields. Feature request #SF3106132: Allow "%" in a SigningTable's value. Feature request #SF3109963: Add "MaximumSignaturesToVerify" setting. Suggested by John Wood. Feature request #SF3110593: Add compile-time support for GnuTLS as an alternative to OpenSSL. Suggested by Alessandro Vesely. Feature request #SF3136772: Sign the VBR-Info header field, if added. Requested by Frederik Pettai. Fix bug #SF3134119: With AutoRestart enabled, arrange to relay SIGUSR1 from the parent to the child rather than terminating. Reported by Yoshiaki Yanagihara. Fix bug #SF3141313: Trim whitespace from values in in-core data sets. Reported by Todd Lyons. Fix bug #SF3156124: More robust handling of database disconnects. Also add _FFR_POSTGRESQL_RECONNECT_HACK, which will hopefully be temporary. Reported by Miha Vrhovnik. Fix bug #SF3181180: Correct handling of quoted strings containing parentheses (and the opposite) when parsing Authentication-Results header fields. Reported by Mark Martinec. Fix back-compatibility with very old implementations of milter in MTAs. Fix case-insensitive matching for domain names when doing signing selection. Problem noted by John Espiro. New configuration file options: - "CaptureUnknownErrors", replacing the FFR of the same name - "DNSConnect", requesting the resolver use TCP mode - "KeepAuthResults", suppressing required removal of Authentication-Results header fields - "ResolverTracing", adding detailed logging of libar activity - "StrictHeaders", requesing libopendkim to assert header field counts according to the standards - "UnboundConfigFile", passing a configuration file name to libunbound (suggested by Andreas Schulze) - "VBR-PurgeFields", removing "X-VBR-*" fields after using them Trim whitespace from the end of all values in a config file, not just strings. Problem noted by Reuben Farrelly. Assume a default location for opendkim.conf. Suggested by Andreas Schulze. Don't needlessly demand milter features, causing aborts when they're not available. Problem noted by Todd Lyons. Make odkim.get_clienthost(), odkim.get_clientip() and odkim.get_fromdomain() available in the final script. When "SyslogSuccess" is active, log the selector and domain used. Suggested by Miha Vrhovnik. LIBAR: Feature request #SF3115073: Add flag for fine-grained activity logging for debugging purposes. LIBAR: Add support for using poll() instead of socket(). LIBOPENDKIM: Feature request #SF3087029: Add DKIM_LIBFLAGS_STRICTHDRS. LIBOPENDKIM: Feature request #SF3089990: Add dkim_sig_getsignedhdrs(). LIBOPENDKIM: Fix bug #SF3079094: Have dkim_diffheaders() take canonicalization into account when generating its results to avoid false positives. LIBOPENDKIM: Fix bug #SF3184670: Add error codes for missing and empty "v=" tags, thus avoiding a possible assertion failure when DKIM_LIBFLAGS_BADSIGHANDLES is in use. Reported by J. Coloos. LIBOPENDKIM: Fix up handling of multi-TXT DNS replies inside dkim_get_policy_dns(). LIBOPENDKIM: Add dkim_getid(). LIBOPENDKIM: Treat no answers as an NXDOMAIN with respect to retrieving ADSP records. LIBOPENDKIM: When an unexpected DNS type or class is received, log the received values. LIBVBR: Feature request #SF3105477: Copy the generic DNS work from libopendkim. LIBVBR: Feature request #SF3127200: Add proper documentation (i.e., a man page). STATS: Feature request #SF3085536: Activate _FFR_STATS_I, providing statistics reporting about use of "i=" in signatures. STATS: Feature request #SF3125701: Add "s=" key value tracking. STATS: Feature request #SF3137445: Track key sizes. Suggested by Todd Lyons. MILTERTEST: When asserting negotiation state, don't forget to capture what was negotiated. TOOLS: Feature request #SF3106876: Amend opendkim-testkey to return the DNSSEC results as well. TOOLS: Feature request #SF3074290: Add a zone file generation tool for ATPS. TOOLS: Fix bug #SF3143922: Command line parameters to opendkim-testkey now override their configuration file counterparts. TOOLS: Experimental new "opendkim-spam" tool to let users update a stats database to indicate a message is spam, for possible later correlation use. BUILD: opendkim-genzone needs LIBCRYPTO_LDFLAGS. Reported by John Smith. Activate _FFR_CAPTURE_UNKNOWN_ERRORS. 2.2.2 2010/11/28 Fix bug #SF2903325: Clean up numerous signed vs. unsigned warnings. Fix bug #SF3095782: When VBR is enabled, only perform a query when the "md" domain in the VBR-Info header field matches the "d" field for any valid signature. Fix bug #SF3105993: Better handling of missing records in Lua DB lookups. Reported by Luci Stanescu. When reading keys, ensure what's being read is a regular file and not something else. Complain if TrustAnchorFile names something that can't be opened for reading. LIBOPENDKIM: Don't complain about multiple records returned if one of them was an RRSIG. Problem noted by Andreas Schulze. LIBAR: Rework some I/O logic to avoid a deadlock when the nameserver becomes unresponsive during response processing. Problem noted by Gary Mills. BUILD: Move all scripts and executables except opendkim to a bin directory for adminstrator convenience. They were previously in sbin. BUILD: Fix bug #SF3101842: Fix opendkim-genzone build when OpenDBX is in use. BUILD: opendkim-testkey can require SASL build information when used with OpenLDAP, or Lua information when built with Lua. BUILD: Dissociate libopendkim and libunbound, as this is now handled through the application rather than the library. BUILD: Convert to using git for source code management. STATS: Additional reporting improvements. STATS: Fix bug #SF3107659: Add additional diagnostic output to opendkim-importstats when malformed input is found. TOOLS: Handle input generated with and without the _FFR_STATS_I extensions. Problem noted by Graham Murray. 2.2.1 2010/10/25 Avoid assertion failures when using "-V" and arlib. Fix "refile" loading. Problem noted by Steve Jenkins. Fix collision between "ReputationRoot" and "StatisticsName" in the configuration file. Reported by Andreas Schulze. Convert sender's domain name to lowercase prior to doing any database queries with it. This was done before, but lost during the database overhaul in 1.2.0. Reported by Gary Mills. Fix up Authentication-Results header field generation for VBR. Reported by Fredrik Pettai. Add _FFR_STATS_I enabling statistics reporting of "i=" signature properties. LIBOPENDKIM: Fix bug #SF3081964: dkim.h requires <sys/time.h>. Patch from Kaspar Brand. LIBOPENDKIM: Fix bug #SF3087251: Use thread-safe resolver functions when avaialble. Problem noted by Christian Pelissier. LIBOPENDKIM: Cancel completed reputation queries. Problem noted by John Wood. LIBOPENDKIM: Simplify DKIM_OPTS_ALWAYSHDRS handling. LIBAR: Fix bug #SF3080720: Don't compute timeouts based on completed or dead queries. Problem noted by John Wood. LIBVBR: Fix some pointer errors causing false negatives. Problem noted by Fredrik Pettai. TOOLS: Write "v=" tags in key records output by opendkim-genzone. 2.2.0 2010/10/03 Feature request #SF2874043: Add _FFR_ADSP_LISTS allowing control over action taken when mail is sent to known lists from ADSP "discardable" sources. Feature request #SF2964366: Allow arbitrary data set operations from inside Lua script hooks. Feature request #SF2981598: Add "NoHeaderB" and "SingleAuthResult" settings so that only one Authentication-Results header field is added, and reduce its variability. Requested by Gary Mills. Feature request #SF3013084: Add "DomainKeysCompat" setting. Feature request #SF3017358: Allow a token in the KeyTable that gets replaced with the sender's domain name. Feature request #SF3019876: Enable registration and use of generic DNS functions. Feature request #SF3021566: Change "ADSPDiscard" to "ADSPAction", allowing selection of what action to take when a message is determined by ADSP to be "discardable". Feature request #SF3023232: Allow selection of a signer (for the signature's "i=" tag) when calling odkim.sign() or via an optional second parameter in the SigningTable. Feature request #SF3024854: Always log a warning if a key file has unsafe group/other read/write bits set. Further, if the new "RequireSafeKeys" setting is true, refuse to use the data. Feature request #SF3030548: Add _FFR_DEFAULT_SENDER, adding the "DefaultSender" setting. Requested by Andreas Schulze. Feature request #SF3049483: Use ReportAddress for ADSP Reports and for the sender envelope address. Reported by Andreas Schulze. Feature request #SF3056571: Extend signer selection in the SigningTable to include a token that will be replaced by the From: domain. Requested by Richard Rognlie. Feature request #SF3062077: Allow the specification of additional recipients when delivering DKIM/ADSP failure reports through a new ReportBccAddress configuration option. Requested by Andreas Schulze. Fix bug #SF3004995: Don't apply "SenderHeaders" to the library as that impacts how ADSP works. Fix bug #SF3025856: Fix "AllowSHA1Only", which was not working at all. Fix bug #SF3037504: Rework database schema and tools to meet revised reporting requirements. Fix bug #SF3051536: Allow disabling of reputation queries. Requested by Andreas Schulze. Fix bug #SF3058204: Fix numerous possible double-free() incidents in dkimf_config_free(). Reported by Richard Rognlie. Fix PeerList to work with IPv6 addresses. Fix loop boundary check in dkimf_db_close(). Reported by Richard Rognlie. Fix assertion failure in dkimf_db_get() when used with a "match both" operation. Reported by Richard Rognlie. Fix "LocalADSP", which was not working at all. Fix some Lua test mode logic and a build issue that prevented "ScreenPolicyScript" from working. Added MTACommand for overriding default (mainly for testing). Ignore "Domain" and "Selector" settings if "KeyTable" is set. Problem noted by Rolf Sonneveld. Add "On-PolicyError" to configuration tables. Reported by Richard Rognlie. Don't automatically temp-fail messages bearing signatures that reference revoked keys. Some fixes to the "final" Lua script self-test code. Include libmilter version in "-V" output. Single-thread DB queries done via OpenDBX handles as they can't be used to do parallel queries. Attempt to reconnect after SQL disconnections. Revise text/plain portion of policy reports. Noted by Andreas Schulze. Fix up DSN parsing so that it is not needlessly restrictive. Reported by Todd Lyons. Add _FFR_STATSEXT: Allows arbitrary local extensions to statistics gathering via a fourth Lua script that can cause the generation of additional SQL insertion operations. LIBOPENDKIM: Feature request #SF3026287: Add dkim_getuser() function. Requested by Ale Vesely. LIBOPENDKIM: Feature request #SF3065035: Apply library query configuration to ADSP lookups as well, mainly to support auotmated testing. LIBOPENDKIM: Fix bug #SF3071368: Fix tiny memory leak in dkim_init(). Reported by Al Garcia. LIBOPENDKIM: Fix bug #SF3051762: Don't error out of dkim_get_key() when in test mode by testing signature-specific features when against dummy data. Problem noted by Andreas Schulze. LIBOPENDKIM: Don't build against pthread libraries if not needed. Requested by Ale Vesely. LIBOPENDKIM: Add dkim_get_signer(), dkim_policy_state_new() and dkim_policy_state_free(). LIBOPENDKIM: Don't assert a "g=" default when processing keys so that statistics reporting can tell whether or not it was originally there. LIBOPENDKIM: Minor fix to internal state machine when dealing with unsigned messages. LIBOPENDKIM: Rename DKIM_PRESULT_AUTHOR to DKIM_PRESULT_FOUND. LIBOPENDKIM: Improved error reporting from dkim_ohdrs(). LIBOPENDKIM: Improved re-entrancy of dkim_eoh_verify(), requested by Frederik Deweerdt. LIBOPENDKIM: Undefine DKIM_FEATURE_ASYNC_DNS (obsolete). LIBOPENDKIM: Rework logic implementing "AlwaysSignHeaders". MILTERTEST: Feature request #SF3005002: Enable testing of "unspecified" protocol family connections. MILTERTEST: Add "-u" option to report resource usage statistics on completion. MILTERTEST: Add mt.signal() to allow signaling of filters for things like configuration file reloads. MILTERTEST: Enhance mt.connect() to accept optional retry and interval arguments. MILTERTEST: Add "-w" option to request no waiting for the child process to exit and report status. MILTERTEST: Allow partial seconds argument to mt.sleep(). TOOLS: Feature request #SF3004335: Add support to opendkim-testkey to get configuration file values and validate an entire KeyTable. TOOLS: Update opendkim-genkeys script to support draft-ietf-marf-dkim-reporting. TOOLS: Flip logic of "-a" flag to opendkim-stats. TOOLS: Fix bug #SF3037452: Change owner/group/mode of stats database when resetting it to whatever the replaced file had. Problem noted by Andreas Schulze. CONTRIB: Add opendkim-reportstats, contributed by John Wood. BUILD: Fix --with-db. Reported by John Wood. Activate _FFR_ZTAGS. 2.1.3 2010/07/15 Fix build when enabling LDAP. Fix portability issue with DB 1.x. Patch from Kaspar Brand. Fix bug #SF3026261: Don't try to open the statistics database before possibly changing userid. Reported by Andreas Schulze. Plug a couple of potential but minor memory leaks, avoid some NULL dereferences, rewrite some clearly incorrect code, and several other fixes found by a code analysis tool, used by courtesy of Cloudmark. Restore "-P" to the command line as it's convenient for start/stop scripts. MILTERTEST: Support multiple macro values in mt_macros(). BUILD: Improved support for Sleepycat DB file locations. 2.1.2 2010/07/06 When testing the domains data set for a domain match for signing, check for an explicit "*" record for back-compatibility with versions prior to v1.2.0. Avoid segmentation faults when colon-separated data in a data set isn't formatted properly or has too few fields. Add additional database error logging. Rework OpenDBX query function use for correctness. Problem reported by Naresh V. Fix an internal database call that caused false errors to be reported with recent DB versions. Fix bug #SF3021228: Avoid a NULL dereference in dkimf_xs_requestsig() when the function is called in test mode. Fix bug #SF3022409: Improve error logging from dkimf_db_open(). Patch #SF3023224: Fix up a man page generation warning for opendkim(8). From Andreas Schulze. Patch #SF3023521: Tidy up some compiler warnings. From Andreas Schulze. BUILD: opendkim-stats needs to know where to find the OpenSSL includes. Reported by Andreas Schulze. TOOLS: Patch #SF3023404: Fix up opendkim-stats usage message. From Andreas Schulze. MILTERTEST: Fix bug #SF3020662: Add compatibility with older versions of libmilter. Problem reported by Naresh V. 2.1.1 2010/06/22 Force IPv6 addresses to lowercase, which is about to become standard (see draft-ietf-6man-text-addr-representation). Problem noted by Reuben Farrelly. Permit configurations in which KeyTable and SetupPolicyScript are defined but SigningTable isn't. Return an error when making a default signing request if KeyFile and Selector were not both specified. Fix odkim.sign() so that it pulls from the correct Lua stack index, avoiding a NULL dereference and a crash. Problem noted by Jozsef Kovacs. Fix bug #SF3015441: Argument processing for odkim.log() was incorrect. Problem reported by Jozsef Kovacs. Fix bug #SF3016124: odbx_field_value() returns NULL if the requested column contains an SQL NULL. Problem reported by Jozsef Kovacs. Patch #SF3015439: Fix bugs in data set name parsing (e.g. allow dots in fields so that fully qualified hostnames can be given). Patch from Jozsef Kovacs. MILTERTEST: Fix bug #SF3005615: Observe negotiated SMFIP_NO* protocol option bits. 2.1.0 2010/06/07 Feature request #SF2964369: Add _FFR_LDAP_CACHING to cache and share common LDAP queries using an internal query cache for better optimization of LDAP resources. Feature request #SF2964378: Overhaul statistics collection code enabled by "--enable-stats". See stats/README for details. Feature request #SF2964380: Do some limited pattern matching for ResignMailTo. Feature request #SF2964381: The value in the ResignMailTo data set can now name a key in the KeyTable to use when re-signing a message. Feature request #SF2964388: Add a "lua" dataset type. Feature request #SF3007640: Add odkim.add_header() function, available to the final script. Log more information when loading data from the KeyTable fails. Remove several command line options that are redundant to the configuration file and not useful in test mode. These include: -a, -C, -h, -i, -I, -m, -M, -P, -R and -U. Add support for draft-kucherawy-authres-header-b. Properly deal with critical errors from libdb that otherwise lead to a descriptor leak (because the close operation fails). Reported by Warren Horvath; data provided by Graham Murray. Don't allow Domain without KeyFile and Selector, which causes an assertion failure when calling dkim_sign(). Problem noted by Todd Lyons. Fix configuration logic around DontSignMailTo that prevented it from working. Reported by Warren Horvath. When data set open operations fail during configuration file processing, report the name of the data set instead of just the error. CONTRIB: Patch #SF3010443: Improvements to opendkim.init and opendkim.spec from Kaspar Brand. LIBOPENDKIM: Add dkim_get_sigsubstring(), required for "header.b" production on Authentication-Results: header fields. LIBOPENDKIM: Initialize canon_buf in dkim_add_canon() to avoid a garbage dereference later during an abort. MILTERTEST: Fix SMFIR_ADDHEADER tests. STATS: Add "stats" subdirectory including tools for collecting and reporting aggregated statistics. TOOLS: Feature request #SF2964364: Have opendkim-genzone use the KeyTable if defined in a provided configuration file. 2.0.4 2010/05/17 Fix logic enabling AlwaysAddARHeader. Reported by Thomas Arnett. Return SMFIR_SKIP if available when reaching mlfi_body() if the filter is not interested in the body, such as on an unsigned message. Add more unit tests (but many more are needed). LIBOPENDKIM: In dkim_eoh() when verifying, set the DKIM error string to something if there was at least one signature on the message but none passed. MILTERTEST: Add SMFIR_SKIP as a testable milter reply code. MILTERTEST: Add mt.chdir(). 2.0.3 2010/04/30 Fix bug #SF2986301: Initialize a pointer for AutoRestart before using it, avoiding a segmentation fault. Fix bug #SF2992571: Rename _FFR_DNS_UPGRADE to _FFR_DNSUPGRADE to match what the build system does. Problem noted by Gary Mills. Don't let Authentication-Results: logic from DomainKeys verification interfere with that of DKIM verification. MILTERTEST: Break out of the sending loop in mt_bodyrandom() if something other than SMFIR_CONTINUE comes back from the MTA. MILTERTEST: Add support for milter's UNKNOWN and DATA steps. MILTERTEST: Fix bug #SF2991011: Honour SMFIP_NR_* no-reply requests that may have been made by the filter. 2.0.2 2010/04/12 Fix bug #SF2983979: Fix a configuration buffer initialization error tripped when running in test mode. Patch from Kaspar Brand. LIBOPENDKIM