This file is indexed.

/usr/share/doc/mailfront/NEWS is in mailfront 1.16-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
-------------------------------------------------------------------------------
Changes in version 1.16

- Added missing plugin-spamassassin.so to installation.

- Fix bug in handling invalid message numbers in retrieving messages in
  pop3front-maildir.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.15

- Added a SpamAssassin scanning plugin.

- Optimized pop3front-maildir to avoid stat'ing each message twice, and
  to use sizes recorded in the filename to avoid stat'ing entirely.
  See pop3front.html for details on the filenames.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.12

- Fixed problem with overwriting existing session data items.

- Fixed several problems with handling of databytes in rules.

- Fixed crash in plugin cvm-validate when the lookup secret was unset.

- pop3front-auth now supports a no-argument variant on the AUTH command,
  used by KMail to test for authentication modes, and documented in
  http://www.tools.ietf.org/html/draft-myers-sasl-pop3-05
  Thanks Bernhard Graf for the initial patch

- pop3front-auth and -maildir now support the CAPA command.
  Thanks Bernhard Graf for the initial patch

- Made imapfront-auth more compatible with Courier IMAP by adding extra
  bits to the CAPABILITY command.  Thanks Bernhard Graf.

- plugin-cvm-validate handles modules that provide an "out of scope"
  fact by passing to the next plugin.

- Fixed handling of addresses without a domain in @file rules.
  Thanks Jorge Valdes

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.11

- Fixed the main mailfront program to clean up temporary files properly.

- Modified the SMTP protocol module to export the SASL authentication
  information internally.

- Modified the check-fqdn plugin to append $DEFAULTHOST and
  $DEFAULTDOMAIN to addresses if necessary.

- Added separate connect and send timeouts and a maximum message size to
  the ClamAV plugin, and fixed a bug with handling port numbers when
  using multiple IPs.

- Modified the ClamAV plugin to prefer $CLAMAV_* settings over $CLAMD_*

- Added plugin API documentation.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.10

- Added a ClamAV virus scanner plugin.  Note: Using this plugin will
  cause mailfront to save messages to temporary files.  See
  mailfront.html for details.

- Modified the plugin API to add a version code, a flags word, and to
  (optionally) save messages to a temporary file.

- Fixed a few cases where the UCSPI-TCP protocol was assumed.

- Fixed pop3front-maildir breakage on dietlibc/uClibc and empty
  maildirs.  Thanks Wayne Marshall.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.01

- Fixed a bug in the counters plugin that triggered a problem in the
  SMTP protocol when handling the SIZE=# parameter.

- Reversed the order of cvm-validate and qmail-validate in the wrapper
  scripts (and documentation) due to the semantics of the two plugins.

- Added a list of built-in plugins.  The list currently contains the
  three accept* plugins, which are extremely trivial.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 1.0

Mailfront has been rewritten to be totally modular.  The core mailfront
program loads the protocol, backend, and all plugin behaviors at run
time from shared objects.

The previous commands, such as smtpfront-qmail, are now shell script
wrappers for the main "mailfront" command, and as such are depricated in
favor of using "mailfront" directly.  The *front-qmail wrappers preload
all the plugins that were previously compiled into the corresponding
programs:

	check-fqdn counters mailrules relayclient cvm-validate
	qmail-validate add-received patterns accept-sender

NOTE: The *front-reject backends have been dropped in favor of a plugin.
In addition, the $REQUIRE_AUTH feature has been moved to another plugin.
If you used this backend or feature you will need to adjust your
configuration accordingly.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.98.1

- Fixed the $REQUIRE_AUTH feature to properly check for $RELAYCLIENT
  being set.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.98

- Added enhanced mail system status codes (RFC 1893/2034).

- Added support for rejecting all mail unless client is authenticated
  (either as a relay client or with SMTP authentication) if
  $REQUIRE_AUTH is set.

- Full domain names are now required in all addresses except for the
  null sender.

- Removed the "bounce must have a single recipient" rule, as it is
  currently causing more problems (with address checkers) than it is
  solving (spammers no longer use this technique).

- Fixed one-off bug in counting recipients for $MAXRCPTS.

- Truncate UIDL responses to 70 characters as per RFC 1939.

- Added QMQP and QMTP "reject" front ends, for completeness.

The enhanced mail system status codes together with the $REQUIRE_AUTH
change should make smtpfront compliant with RFC 2476's requirements for
a "message submission agent", suitable for use on TCP port 587.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.97

- Add support to the qmail backend for custom qmail-queue error messages
  taken from $QQERRMSG_#.

- Clear session timeouts (via alarm) before executing authenticated
  commands in imapfront-auth and pop3front-auth.

- Fixed typo in the CVM lookup code that would prevent the proper
  operation of lookup secrets.  Thanks Dale Woolridge.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.96

- Switched Pattern matching from the simpler mechanism (originated in
  multilog) to standard shell glob.

- Fixed the SMTP front-end's inability to handle quoted or escaped
  characters, or to strip source routing addresses.

- Fixed smtpfront-reject crashing on receipt of EHLO.
  Thanks Janos Farkas.

- Fixed extern/static conflict in smtp-respond.c.  Thanks Gerrit Pape.

NOTE: The pattern matching change has the (small) potential to break
existing rules' behavior, if the rules were depending on specific
behavior of the more simplistic pattern matching used previously.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.95

- Fixed bug in header pattern matching that made it only look at the
  first header line.  Thanks Janos Farkas.

- Fixed bug in handling of environment variables when applying multiple
  rules to the same message.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.94

- Switched to CVM 2 support.

- Added support for restricting patterns to match only in headers.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.93

- Fixed bug in pattern matching where the pattern was longer than the
  line that would other match.

- Fixed bug in parsing the databytes column in mail rules.

- Fixed omission of not resetting maxdatabytes, which could be set by a
  rule, after checking for sender rules.

- Fixed bug in handling multiple sender or recipient specific rules.

- Modified the CVM lookup secret handling to use $CVM_LOOKUP_SECRET just
  like the latest CVM code, falling back to $LOOKUP_SECRET if that isn't
  set.

- Added seperate $AUTH_TIMEOUT and $AUTH_SESSION_TIMEOUT overrides for
  the authentication front-ends (imapfront-auth and pop3front-auth).

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.92

- Fixed bug in QMQP front-end that prevented it from accepting relayed
  messages (relayclient wasn't getting set properly).

- Added qmqpfront-echo and qmtpfront-echo test front-ends, for
  completeness.

- Fixed bug in pattern handling that would cause a bogus "out of memory"
  error if the patterns file had a blank line.

- Fixed bug:  Only set $MAILDIR in imapfront-auth if the CVM set it.
  Thanks Charlie Brady.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.91

- Fixed a bug in the CVM lookup code that would cause failures if
  $LOOKUP_SECRET was not set.  Thanks Bernhard Graf.

- Explicitly set $MAILDIR in imapfront-auth, to provide the variable for
  Courier-IMAP's imapd.  Thanks Bernhard Graf.

- Fixed the generated Received: headers to always put the remote host
  name in the comment if tcpserver looked it up.  This fixes problems
  with SpamAssassin flagging messages as having forged sender addresses.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.90

- Added support for explicit application of mail rules to senders or
  recipients, as well as negation of rule patterns.

- Fixed a bug in handling patterns that are not after a blank line.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.89

- Added support for content pattern rejection.

- Added a new "no-op" mail rule type.

- Defer looking up $MAXRCPTS and $RELAYCLIENT as well so that they can
  be set in the mailrules.
 
- Drop connections after $MAXNOTIMPL unimplemented commands are given.

- The qmail home directory may be overridden with $QMAILHOME.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.88

- Fixed handling of "@domain" entries in mailrules lists and CDB files.

- Added patch from Marcelo Augusto <maugusto@stetnet.com.br> to allow
  for limits on the maximum number of recipients per message.

- Defer looking up $MAXHOPS and $HEADER_ADD so that they can be set in
  the mailrules.

- Added support for IMAP string literals in imapfront-auth.

- smtpfront now exports CVM environment variables after authentication.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.87

- Fixed a bug that prevented looping email detection from working.

- Fixed the Received: header generation to match the syntax described in
  RFC 2821.

- Added the link protocol (ie TCP or TCP6) to the Received: header.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.86

- Allow for addition of user-specified headers with $HEADER_ADD.

- SMTP front end now logs invalid commands.

- Added a hook for CVM validation of recipient addresses.

- Added support for RFC 1870 ESMTP SIZE extension.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.85

- Added a QMTP front-end, with many features in common with the SMTP
  front-end (excluding authentication, of course).

- Added a QMQP front-end.

- The front-ends optionally add an extra "fixup" Received: header if
  $FIXUP_RECEIVED_HOST and $FIXUP_RECEIVED_IP are set and differ from
  $TCPLOCALHOST and $TCPLOCALIP.

- Fixed internal variable transposition bug in smtp-commands.c.

- Switched to bglibs 1.006 library scheme.

- Fixed bug: aborting DATA command does not work, must only give
  responses once all the data is received.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.81

- Fixed bug: the qmail backend didn't honour $QMAILQUEUE.

- Fixed bug: environment variables set multiple times in mail rules
  would use the first value.

- Fixed bug: databytes would not be set internally if $DATABYTES was not
  set.

- Fixed bug: all bounces following the first in a single connection
  would be rejected.

- Fixed bug: The "*" pattern failed to match the empty string.

- Abort the DATA command immediately if the databytes limit is reached.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.80

- Fixed bug: setting $SMTPGREETING caused smtpfront to crash when issued
  HELO or EHLO commands.

- Fixed bug: lookups in badmailfrom in smtpfront-qmail did not properly
  lowercase the address.

- Fixed bug: qmail-validate didn't handle wildcards in rcpthosts or
  morercpthosts.cdb.

- Added sender and recipient pattern matching to all SMTP front-ends.
  See mailrules.html for full details.

Development of this version has been sponsored by Mitel Networks
Corporation. http://www.mitel.com/ http://www.e-smith.com/
-------------------------------------------------------------------------------
Changes in version 0.77

- Added missing imapfront-auth to insthier.

- Made smtpfront-qmail handle wildcards in badrcptto.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.76

- Fixed missing "OK" bug in imapfront-auth.

- Log SASL authenticated credentials and failures.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.75

- Modified pop3front to log all commands and responses.

- Added support for $SMTPGREETING to smtpfront.

- Added an IMAP front end.  Works with Courier IMAP presently.

- Switched to using external bglibs.

- smtpfront rejects bounce messages with multiple recipients.  See
  http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/12/msg00405.html

- Added a session timeout, controlled by $SESSION_TIMEOUT, defaults to
  24 hours.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.74

- Modified quit code in pop3front to properly tag only read messages as
  "read".

- Implemented the obsolete LAST command.

- Messages are now sorted in numerical order of their UID.

- Added an exit hook to both pop3front and smtpfront to print the number
  of bytes input and output.

- Fixed a one-off bug in handling "@domain" entries in badmailfrom in
  smtpfront-qmail.

- pop3front-auth now logs the user name.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.73

- Fixed bugs in the RETR/TOP function of pop3front-maildir which would
  cause message corruption.

- Fixed bugs in the DELE/STAT functions of pop3front-maildir which
  neglected to remove the deleted message count/bytes from the totals
  reported by STAT.

- Added a "maximum message count" option to pop3front-maildir, which
  limits the number of visible messages.

- Added timeouts to pop3front.

- All POP3 error responses are now printed to stderr.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.72

- This version includes a one-off bug fix in the CVM client code.

- Added the missing pop3front-* targets in insthier.c

- Added missing Solaris/SysV -lsocket -lnsl linker flags.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.71

- Log the parameters to the MAIL and RCPT commands in smtpfront.

- Fixed missing lowercase conversion when handling validating domain
  names against rcpthosts and company.

- Fixed a number of bugs in the SASL implementation.  SMTP AUTH PLAIN
  and/or LOGIN have now been tested with Mozilla Mail (PLAIN), Pegasus
  (PLAIN I think), PMMail (LOGIN), The Bat (PLAIN), Eudora (LOGIN), and
  Outlook Express (LOGIN).

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.70

- Added a POP3 authenticator and maildir handler, complete with support
  for the RFC 1734 AUTH command.  If you can believe it, the maildir
  portion is actually smaller than qmail-pop3d, and just as functional!

- Fixed the AUTH PLAIN mechanism in the cvm-sasl library.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------
Changes in version 0.60

- Adds support for the SMTP AUTH command, supporting LOGIN, PLAIN, and
  CRAM-MD5 mechanisms via CVM.

Development of this version has been sponsored by FutureQuest, Inc.
ossi@FutureQuest.net  http://www.FutureQuest.net/
-------------------------------------------------------------------------------