From ed23703f2d1f5dc255a804c1da3a75b05876ec75 Mon Sep 17 00:00:00 2001 From: Matt Simerson Date: Wed, 21 Aug 2024 16:36:59 -0700 Subject: [PATCH] doc(Changes): markdown formatting updates --- Changes.md | 1804 +++++++++++++++++++++++++++------------------------- 1 file changed, 929 insertions(+), 875 deletions(-) diff --git a/Changes.md b/Changes.md index bfd54f747..452fbea9b 100644 --- a/Changes.md +++ b/Changes.md @@ -1,4 +1,3 @@ - ### Unreleased ### [3.0.4] - 2024-08-21 @@ -130,7 +129,6 @@ - dep(tld): bump version to 1.2.0 - remove defunct config files: lookup_rdns.strict.ini, lookup_rdns.strict.timeout, lookup_rdns.strict.whitelist, lookup_rdns.strict.whitelist_regex, rcpt_to.blocklist, rdns.allow_regexps, rdns.deny_regexps - ### [3.0.2] - 2023-06-12 #### Fixed @@ -154,7 +152,6 @@ - doc(outbound.ini) update link #3159 - doc(clamd.md) fixed spelling error #3155 - ### [3.0.1] - 2023-01-19 #### Fixed @@ -168,7 +165,6 @@ - plugins: Add haraka-plugin-outbound-logger to registry #3146 - dep(pi-spf): bump version 1.1.3 to 1.2.0 - ### [3.0.0] - 2022-12-17 #### Added @@ -206,7 +202,7 @@ - dep(haraka-plugin-redis)!: 1.0 -> 2.0 #3038 - dep(redis)!: 3.1 -> 4.1 #3058 - dep(generic-pool): remove pooling from outbound #3115 -- smtp_client: remove smtp_\* pooling support in #3113 +- smtp_client: remove smtp_* pooling support in #3113 - dep: bump plugin versions #3063 - dep: bump haraka-plugin-asn from 1.0.9 to 2.0.0 #3062 - dep(redis): 3.1 -> 4.1 #3058 @@ -232,10 +228,9 @@ - uribl: timeout DNS 1 second before plugin, #3077 - uribl: load .ini config to plugin.cfg, add basic tests #3077 +### 2.8.28 - 2021-10-14 -## 2.8.28 - 2021-10-14 - -### Changes +#### Changes - breaking: dkim.js has changed the constructor opts - tls_socket: more flexible pem file parsing #2986 @@ -252,7 +247,7 @@ - http: use CDN for bootstrap/jquery, drop bower #2891 - drop support for node 10 #2890 -### New features +#### New features - tls: require secure and verified sockets for configured hosts/domains - DKIM plugin has got a couple of config options now @@ -261,7 +256,7 @@ - skip plugins at runtime by pushing name into transaction.skip_plugins #2966 - outbound: add ability to specify delay times for temporary fails in `temp_fail_intervals` #2969 -### Fixes +#### Fixes - bounce: correctly set fail recipients #2901 - bounce: correctly set bounce recipients #2899 @@ -270,10 +265,9 @@ - use RFC-2045 Quoted-Printable in email message body - use RFC-2047 Q encoded-words in email headers +### 2.8.27 - 2021-01-05 -## 2.8.27 - 2021-01-05 - -### Changes +#### Changes - bump verions of several dependencies #2888 - propagate hmail notes to split copies #2887 @@ -282,19 +276,18 @@ - strip _haraka-plugin-_ prefixes off plugin names in config/plugins #2873 - pass smtp.ini config from Server into connections & transactions #2872 -### New features +#### New features - add ability to disable SMTPUTF8 advertisement #2866 -### Fixes +#### Fixes - assure headers.max_lines is initialized as integer #2878 - require haraka-net-utils >= 1.2.2 #2876 +### 2.8.26 - 2020-11-18 -## 2.8.26 - 2020-11-18 - -### Changes +#### Changes - add config options for OAR & AR headers #2855 - plugins.js: also strip haraka-plugin prefix from plugin.name #2846 @@ -322,7 +315,7 @@ - add zero-length queue size check - send temp instead of hard error when asked to by `unrecognized_command` -### New features +#### New features - Allow web interface to be bound to unix socket #2768 - tls: add configurable minVersion to tls socket options #2738 @@ -330,7 +323,7 @@ - add JSON format for logging #2739 - support binding web interface to unix socket -### Fixes +#### Fixes - check for punycode domain names when resolving MX, avoid crash #2861 - wait until entire message is spooled when spool_after in use #2840 @@ -347,10 +340,9 @@ - TLS: don't abort loading certs in config/tls dir when an error is encountered. Process every cert file and then emit errors. #2729 - restore TLS version, correctly #2723 +### 2.8.25 - 2019-10-11 -## 2.8.25 - 2019-10-11 - -### Changes +#### Changes - conn: remove TLS version from header #2648 - Actually enforce using key for INTERNALCMD #2643 @@ -372,13 +364,13 @@ - repo cleanup: replaced deprecated plugins with list #2681 - spf: es6 patterns, results.pass, test improvements, es6 patterns #2700 -### New features +#### New features - spf: add config option to fail on NONE #2644 -### Fixes +#### Fixes -- mailheader: fully quality header name in _remove_more #2647 +- mailheader: fully quality header name in \_remove_more #2647 - haraka: Connection.createConnection is not a constructor #2618 - problems with japanese characters in body and part header #2675 - toobusy: fix hook name (connect_pre -> connect) #2672 @@ -386,10 +378,9 @@ - outbound: permit # char prefix in SMTP status code response #2691 - mailheader: strip whitespace between encoded-words #2702 +### 2.8.24 - Mar 12, 2019 -## 2.8.24 - Mar 12, 2019 - -### Changes +#### Changes - early_talker: skip if sender has good karma #2551 - dockerfile: update to node 10 #2552 @@ -408,7 +399,7 @@ - Update ipaddr.js to the latest version #2599 - make inactivity timeout match docs #2607 -### New Features +#### New Features - Implement SIGTERM graceful shutdown if pid is 1 #2547 - tls: require validated certs on some ports with requireAuthorized #2554 @@ -417,7 +408,7 @@ - outbound: exported outbound.temp_fail_queue, outbound.delivery_queue and add TimerQueue.discard() - status: new plugin #2577 -### Fixes +#### Fixes - mf.resolvable: reduce timeout by one second (so < plugin.timeout) #2544 - LMTP blocks under stress #2556 @@ -429,33 +420,28 @@ - smtp_client: destroy when connection gets conn timeout error #2604 - on error and timeout, remove listeners and destroy conn. #2606 +### 2.8.23 - Nov 18, 2018 -## 2.8.23 - Nov 18, 2018 - -### Changes +#### Changes - tighten Haraka pattern in .gitignore #2542 +### 2.8.22 - Nov 17, 2018 -## 2.8.22 - Nov 17, 2018 - -### New Features +#### New Features - enable tls/ssl for rabbitmq amqplib plugin #2518 -### Fixes +#### Fixes - hmail: don't send RSET to LMTP #2530 -### Changes +#### Changes - clamd: add check.authenticated, check.private_ip, check.local_ip option - use get_decoded on headers that may be encoded #2537 - connection: move max_mime_part config load to connection init #2528 - outbound: init TLS when we send email, not when old queue file is loaded #2503 - -### Changes - - relay: update port 465 doc #2522 - hmail: log the correct err message #2531 - ob/tls: consistently use obtls (vs plugin) for "this" name #2524 @@ -470,16 +456,16 @@ - connection: add connection.remote.is_local flag for detecting loopback and link local IPs - add .name to outbound TLS for logs #2492 -## 2.8.21 - Jul 20, 2018 +### 2.8.21 - Jul 20, 2018 -### New Features +#### New Features - outbound: skip STARTTLS after remote host fails TLS upgrade #2429 - dns_list_base: introduce global plugin.lookback_is_rejected flag #2422 -### Fixes +#### Fixes -- replace all _ chars in hostnames with code points #2485 +- replace all \_ chars in hostnames with code points #2485 - Don't die on invalid commands #2481 - outbound: check list exists before attempting to use it #2478 - refactor outbound/hmail.process_ehlo_data #2488 @@ -487,810 +473,881 @@ - Don't run delivered hook on LMTP fail #2470 - Add tls_socket.load_tls_ini() to tls.register() #2465 -### Changes +#### Changes - outbound/tls: make into a class #2474 - plugins: clear timeout on cancel #2477 - txn.parse_body consistently a boolean #2476 - update ipaddr.js to version 1.8.0 #2468 +### 2.8.20 - Jun 29, 2018 + +#### Fixes + +- data_headers: check defined-ness of hdr_address _after_ try/catch #2458 +- tls: remove tls.ini loading from plugins/tls #2459 +- tls: remove invalid opt from load_tls_ini #2456 +- outbound: escape values in HTML bounce correctly #2446 +- dkim_sign: catch exceptions when address-rfc2822 fails to parse From #2457 + +#### Changes + +- logger: Add "obj" log param to log hook that contains log data by type #2425 +- logger: include outbound client ID in logging #2425 +- logger: allow specifying uuid in params when logging #2425 + +### 2.8.19 - Jun 26, 2018 + +#### New features + +- outbound: received_header=disabled supresses outbound Received header addition. #2409 +- auth_base.js: `check_plain_passwd` and `check_cram_md5_passwd` can now pass `message` and `code` to callback routine +- spf: allow bypass for relay and AUTH clients #2417 +- spf: optionally add OpenSPF help text to rejection #2417 +- auth_base: prevent storing of AUTH password in connection.notes.auth_passwd by setting plugin.blackout_password. #2421 + +#### Fixes + +- Mitigate MIME part explosion attack #2447 +- Always prefix ClamAV with a Received header #2407 +- plugins/data.headers.js: wrap address-rfc2822 header parse into try block #2373 +- tls_socket: as client, only apply TLS opts if config is valid #2414 +- when installing, creates config/me if missing #2413 +- queue/qmail-queue: fix a 2nd crash bug when client disconnects unexpectedly #2360 +- remove desconstruction of SMTP commands to prevent exception #2398 +- attstream: return self so that pipe() calls can be chained together. #2424 +- outbound: fix dotfile cleanup to consider platform-based prefix. #2395 +- outbound: fix handling of LMTP socket when a socket path is specified. #2376 + +#### Changes + +- relay: move relay acl check to connect_init so flag is set earlier #2442 +- process_title: add total recipients, avg rcpts/msg, recipients/sec cur/avg/max and messages/conn #2389 +- when relaying is set in a transaction, don't persist beyond the transaction #2393 +- connection.set supports dot delimited path syntax #2390 +- remove deprecated (since 2.8.16) ./dsn.js +- Add transaction.msg_status property that reflects message status. #2427 +- Add transaction.notes.proxy object that hold HAProxy details. #2427 +- spamassassin: make relay header configurable. #2418 +- deprecate max_unrecognized_commands plugin in favor of limit. #2402 +- xclient: add support for DESTADDR/DESTPORT. #2396 + +### 2.8.18 - Mar 8, 2018 + +#### New features + +- smtp_forward: domain configuration is now chosen based on domain_selector #2346 + +#### Fixes + +- queue/qmail-queue: fix crash bug when client disconnects unexpectedly #2360 +- tls: fix crash bug in `unrecognized_command` hook +- `dkim_key_gen.sh`: improve usability and parameter parsing #2355 + +#### Changes + +- document `force_shutdown_timeout` and `graceful_shutdown` settings #2350 + +### 2.8.17 - Feb 16, 2017 + +#### New Features + +- SMTPS port is configurable #2269 +- smtp_forward: enable_outbound can be set per domain #2335 + +#### Fixes + +- Fix ability to set log level to emerg #2128 +- outbound/hmail: use Buffer to correctly read binary file data + tests #2231 +- quarantine: consolidate 2x hook_init_master functions +- tls_socket: restore SNI functionality, emit count of TLS certs #2293 +- fix smtp_client error handling #2298 +- fix outbound pools #2317 +- add openssl-wrapper as dependency #2320 +- replace \_ chars in hostnames with code points #2324 +- add this.removeAllListeners('connection-error') #2323 +- Fix crashing on RSET #2328 +- Prevent data headers crit fail #2329 +- Fix undefined max_lines in log message #2337 + +#### Changes + +- line_socket: remove superfluous function #2339 +- consistent end of function declaration semicolon #2336 +- connection: assure hostname is set #2338 +- smtp_client: Fix log message typo #2334 +- Update ipaddr.js to version 1.6.0 #2333 +- Warn on max_header_lines #2331 +- update jquery version #2322 +- plugins: add SRS plugin to registry #2318 +- tls_socket: only generate dhparam.pem on master process #2313 +- add ENOTFOUND to also check A record #2310 +- smtp_forward: correct config file name in docs #2309 +- reduce severity of iconv conversion failure #2307 +- Add txn UUID to "250 Message Queued" #2305 +- mailheader: reduce log level priority #2299 +- greylist: only log redis DB errors when exist #2295 +- data.headers: reduce undef MLM logerror to logdebug #2294 +- quarantine: consolidate 2x hook_init_master() #2292 +- move test_queue to queue/test #2291 +- in haraka plugin test mode, add server.notes #2248 +- outbound/hmail: refactor #2238 +- outbound/hmail: add JSON sanity test before JSON.parse #2231 +- outbound/index: use newer Buffer.from syntax #2231 +- outbound/hmail: make haraka queue files human friendly #2231 +- plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 +- plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 +- plugins/smtp_forward: enable_outbound can be enabled/disabled for specific domains +- auth_proxy: read TLS key and cert files from tls.ini #2212 +- README: typo fixes #2210 +- incorrect RCPT TO reply message #2227 +- Resolve decoding bug when root part is base64 encoded. #2204 +- Resolve base64 data truncation #2188 +- Fix damaged encoding when body is non-utf #2187 +- Fix disconnect hooks #2184 +- ability to set log level to emerg #2128 +- Improve docs for `Address` objects #2224 +- connection: replace 3x ternaries with get_remote() #2169 +- connection.local.host populated with hostname (from config/me) #2165 +- connection.local.info populated with Haraka/version #2196 +- npm packaged plugins: + - plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 + - plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 + - plugins/graph -> haraka-plugin-graph #2185 +- config: replace ./config.js with haraka-config #2119 +- Replace concatenated strings with template literals (#2129) in: + - attachment #2260 + - bin/spf #2129 + - bin/dkimverify #2278 + - connection #2129, #2243 + - delay_deny #2264 + - dkim #2216 + - dsn #2265 + - host_pool #2198, #2245 + - logger #2277, #2246 + - mailbody #2280 + - max_unrecognised_commands #2171 + - outbound/hmail #2259 + - outbound/index #2249 + - outbound/todo #2233 + - plugins #2239 + - plugins/aliases #2229 + - plugins/attachment #2155 + - plugins/auth_base #2252 + - plugins/avg #2156 + - plugins/backscatterer #2261 + - plugins/bounce #2229 + - plugins/clamd #2237 + - plugins/connect.rdns_access #2262 + - plugins/data.headers #2263 + - plugins/data.uribl #2258 + - plugins/helo.checks #2255 + - plugins/rcpt_to.in_host_list #2253 + - plugins/spamassassin #2256 + - plugins/profile #2170 + - plugins/rcpt_to.host_list_base #2254 + - plugins/relay #2174 + - plugins/relay_acl #2177 + - plugins/spf #2266 + - plugins/toobusy #2186 + - plugins/xclient #2159 + - rfc1869 #2159 + - smtp_client #2129, #2208 + - tests/host_pool #2159 +- use es6 destructuring (#2075) in: + - connection #2230 + - dkim #2232 +- use es6 classes (#2133) in: + - attachment #2260 + - attachment_stream #2215 + - chunkemitter #2219 + - dkim #2206 + - dsn #2247 + - host_pool #2194 + - mailheader #2213 + - mailbody #2213 + - smtp_client #2221 + - spf #2214 + - tls_socket #2190 + - timer_queue #2226 + - outbound/hmail #2197 + - outbound/todo #2233 +- Automatically set connection.remote.is_private when connection.remote.ip is set #2192 +- Add remove_msgid and remove_date options to outbound.send_email #2209 +- Add origin option to outbound.send_mail #2314 + +### 2.8.16 - Sep 30, 2017 + +#### Changes + + - additional tests get var -> const/let medicine #2122 + - move connection states into haraka-constants #2121 + - lint: remove useless escapes #2117 + - lint: switch no-var to error #2109 + - rspamd: repackaged as NPM module #2106 + - dsn: repackaged as NPM module haraka-dsn #2105 + - outbound: add results when queueing #2103 + - spamassassin: skip adding headers when value is empty #2102 + - Replace console.log with stdout #2100 + - update js-yaml to version 3.10.0 #2097 + - repackage p0f plugin to NPM #2076 + - ES6: replace var with const or let #2073 + +#### New Features + +- Bounces can have an HTML part #2091 + +#### Fixes + +- daemon cwd #2126 +- updated fcrdns plugin name passed to results #2115 +- tls: only apply default key/cert paths when undefined #2111 +- dkim_verify: fix formatting of auth results #2107 +- smtp_forward: consistently use queue.wants #2107 +- haraka was adding TLS header on non-TLS connection #2103 +- dkim typo fix #2101 +- fix rfc2231 parsing code to cope with continuation #2089 + +### 2.8.15 - Sep 10, 2017 + +#### Changes + +- Permit log settings to be set w/o LOG prefix #2057 +- additional results storing in smtp_forward and quarantine #2067 +- publish p0f plugin to NPM #2076 +- smtp_forward stores queue note at queue.wants #2083 +- Remove unused folders from installation #2088 +- smtp_forward stores queue note at queue.wants #2083 +- add get/set to conn/txn.notes #2082 +- additional results storing in smtp_forward and quarantine #2067 +- Permit log settings to be set w/o LOG prefix #2057 +- support INFO _and_ LOGINFO as config settings #2056 +- log.ini, new default location for log related settings #2054 +- dcc: replace with npm packaged version #2052 +- qmd: replace rcpt_to.qmail_deliverable with npm #2051 +- rspamd: pass SPF evaluation #2050 +- add logfmt support #2047 +- update ipaddr.js to version 1.5.0 #2037 +- update redis to version 2.8.0 #2033 +- disable graceful for SIGTERM #2028 +- add additional integration tests #2026 +- move most npm packaged plugins into optionalDependencies #2023 + +#### New Features + +- TLS certificate directory (config/tls) #2032 +- plugins can specify a queue plugin & next_hop route #2067 +- connection/transaction notes now have get/set #2082 + +#### Fixes + +- haraka cli will now create folders if they don't exist #2088 +- maybe fix for #1852 503 response #2064 +- crash when 'AUTH LOGIN' is sent after a successful auth #2039 +- docs: fixed swaks test command #2034 +- dkim: prevent dkim_verify from causing 'cannot pipe' #1693 + +### 2.8.14 - Jul 26, 2017 + +#### Changes + +- Fix auth plugin failure when re-selecting auth method #2000 +- don't crash Haraka when invalid YAML config encountered #2013 +- update semver to version 5.4.0 #2015 +- relay docs: correct the config file name #2012 +- rename config/xclient.hosts to match plugin & docs #2014 +- build_todo() is part of the outbound/index.js api #2016 +- update js-yaml to version 3.9.0 #2002 +- outbound/hmail: use WRITE_EXCL from haraka-constants #2011 +- replace plugins/log.elasticsearch with npm packaged #2004 +- Remove two spurious log statements #1989 +- access: rebuild blacklist upon change (vs supplement) #1990 +- deliver to qmail-queue with LF line endings (not CRLF) #1997 +- doc: add note that smtp_forward only supports STARTTLS #1988 +- import Plugins.md from v3 #1991 +- update async to 2.5.0 #1982 +- update iconv to 2.3.0 #1981 +- require node.js v6+ #1958 +- update ipaddr.js to 1.4.0 #1972 +- support newer address-rfc2822 #1970 +- update node-address-rfc2821 version to 1.1.1 #1968 +- outbound: be consistent with todo.domain #1960 +- bump haraka-results required version #1949 +- logger: load in a setImmediate call #1948 +- logger: strip intermediate \n chars #1947 +- tls consistency cleanups #1851 +- Get pool config handling simplifcation #1868 + - add integration test: send message w/smtp_client +- replace some legacy code with es6 #1862 +- update async to version 2.2.0 #1863 +- update ipaddr.js to version 1.3.0 #1857 +- update redis to version 2.7.0 #1854 +- assure conn/tran still exists before storing results #1849 +- moved tls.ini parsing to net_utils #1848 +- smtp forward dest split routing #1847 +- rspamd: refactor complex condition into function #1840 +- block js attachments #1837 +- helo.checks: bring plugin into alignment with docs #1833 +- when proxy enabled, update remote.is_private too #1811 +- create an outbound queue filename handler #1792 +- replace fcrdns with npm package #1810 +- add an additional node_modules plugin search path #1805 +- Set graceful shutdown off by default #1927 +- Allow outbound pools to be disabled #1917 +- Outbound split and move into folder #1850 +- don't emit binary characters into the logs #1902 +- Add .editorconfig #1884 +- tls: remove interim variables #1871 + +#### New Features + +- Use punycode domain (support SMTPUTF8) #1944 +- Added RabbitMQ vhost support #1866 +- clamav: allow "Unknown Result" and Socket Error to try next host #1931 +- outbound client certificates #1908 +- Implement the missing upgrade method on SMTPClient #1901 +- Remove typo from relay.md #1886 + +#### Fixes + +- outbound: fix queue not loaded for single process #1941 +- outbound: Fix undefined variable platformDOT in hmail.js #1943 +- outbound: fix undefined FsyncWriteStream var #1953 +- Fix cluster messaging for node v6+ #1938 +- outbound: fix loading under cluster. #1934 +- Check pool exists before delete #1937 +- be more strict in attachment filename matching #1957 +- doc typo fix #1963 +- RabbitMQ: fix encoding of user and password string #1964 +- spf: improve modifier regexp #1859 +- rabbitmq doc typo in config file name #1865 +- URL to manual was 404, point to Plugins.md #1844 +- smtp_client: set idleTimeout to 1s < pool_timeout #1842 +- fix broken continuations #1843 +- doc error for the 'check.authenticated' setting in rspamd plugin #1834 +- emit _the_ result, not all of them #1829 +- fix outbound logger #1827 +- fix forwarding with client auth over TLS (forward to gmail) #1803 +- Don't blow the stack on qstat #1930 +- run dumped logs through log plugins, not console #1929 +- Fix path parsing bug on Windows platform #1919 +- helo: make sure list_re is defined before access #1903 +- TLS: handle case where OCSP server is unavailable #1880 +- rspamd: add missing 'default' keyword #1856 +- disable naïve comment stripping #1876 + +### 2.8.13 - Feb 03, 2017 + +#### Changes + +- new [haraka-plugin-limit](https://github.com/haraka/haraka-plugin-limit) #1785 + - replaces plugin/limit, plugin/rate_limit, and haraka-plugin-outbound-rate-limit +- p0f: skip on private IPs (normally empty) #1758 +- spf: skip for outbound when context != myself #1763 +- redis: plugins using redis can inherit redis config #1777 +- redis: replace plugins/redis with haraka-plugin-redis #1786 +- lint: require space before function declaration #1784 +- lint: added eslint:recommended #1790 +- logger: remove logger.colorize code for legacy node versions + +#### New Features + +- redis: add `redis_subscribe_pattern()` #1766 +- queue/discard: add ENV that permits discarding #1791 + +#### Improvements + +- rspamd: improve response parsing #1770 +- restore Windows testing to working state #1755 +- elasticsearch: use UTC dates for index creation #1771 +- tls: fix dhparam usage example syntax #1774 +- typo: logerr -> logerror #1776 +- when generating long DKIM keys, include a BIND compatible folded key #1775 +- in haraka-test-fixtures, access results via fixtures.results #1783 +- integration test: end to end server testing #1791 + +#### Fixes + +- spf: restore functionality for relay context=myself #1759 +- rate_limit:if incr creates a new record, assure it has a TTL #1781 +- tls: do not create a top level secureContext #1787 +- dnswl: swap lines to fix missing inherited methods #1793 +- dnswl: fix config loader callback syntax #1794 +- tests/plugins: unset process.env.HARAKA to avoid side effects that interfere with other tests +- remove auth_flat_file sample auth user #1796 + +### 2.8.12 - Jan 03, 2017 + +#### Changes + +- plugin/karma -> npm packaged haraka-plugin-karma #1747 +- update generic-pool 2.4.2 -> 2.5.0 + +#### New Features + +- Added option to bypass SpamAssassin headers' merge #1745 + +#### Improvements + +- reduce severity of debug message #1744 +- fix misleading entries in config/tls.ini #1734 +- Misc. performance improvements #1738 +- set tls.sessionIdContext property (for Thunderbird compat) #1740 + +#### Fixes + +- Swap lines to avoid clobbering response array #1743 + +### 2.8.11 - Nov 24, 2016 + +#### Changes + +- rename core_require to haraka_require #1708 +- move log.syslog to haraka-plugin-syslog #1698 +- remove tls.ini loading and is_no_tls_host to net_utils #1690 +- replace ./utils with npm packaged haraka-utils #1720 +- require node 4 +- karma: add .top TLD scoring #1714 + +#### New Features + +- Implement OCSP Stapling #1724 + +#### Improvements + +- show help for npm packaged plugins included in core #1698 +- use tls.connect for client #1682 +- bring port 465 SMTPS TLS config support on par with STARTTLS #1667 +- use tls.connect instead of createSecurePair #1678 +- redis: improve error handling in tests # +- replace / path seperators with path.* for cross platform compat #1713 + +#### Fixes + +- dkim_sign: per-domain key finding fixed #1707 +- Rspamd: restore spam report header #1702 +- auth/vpopmail: do not toString() when null #1695 +- fix outbound to avoid recursive reading key/cert after refactoring #1692 +- tls: fix option servername (not hostname) #1728 +- correct Auth-Results cleaning #1726 +- fix results for connection.remote_host and NXDOMAIN #1716 + +### 2.8.10 - Oct 20, 2016 + +#### Changes + +- use standard npm syntax for lint and tests #1646 +- remove ./net_utils to haraka-net-utils #1644 +- remove incorrect and unused spf.hello_host #1635 +- remove rogue DENYSOFT copy-pasta error #1634 +- update async to v2 #1545 +- remove plugin/dir support from base haraka #1668 + - use node_modules_dir support instead +- use TLSSocket instead of createSecurePair #1672 +- refactor plugins/tls #1670 +- moved watch plugin to npm as haraka-plugin-watch #1657 +- normalize proxy properties #1650 + +#### New Features + +- added connection.remote.is_private boolean #1648 +- added additional TLS options (@typingArtist) #1651 +- added wildcard boolean support to config loader #1680 +- tls: allow multiple key and cert parameters for RSA+ECDSA #1663 +- permit specifying haraka plugins w/o haraka-plugin- prefix #1645 + - in config/plugins and resultstore + +#### Improvements + +- connection.geoip replaced by haraka-plugin-geoip #1645 +- connection.asn replaced by haraka-plugin-asn #1645 +- permit specifying npm packaged plugins w/o haraka-plugin prefix #1647 +- normalized connection properties #1547, #1577 +- Rspamd: fix spambar for negative scores #1630 +- set connection.remote.is_private early + - replace calls to net_utils with remote.is_private test + +#### Fixes + +- Tidy-up graceful shutdown and fix for non-cluster mode #1639 +- Fix data.headers plugin crash #1641 +- Fix access plugin crash #1640 +- Minor DKIM fix #1642 +- do not set TLS timer if timeout=0 #1632 +- do not overwrite config/host_list on install #1637 +- correct smtp_forward cfg for multiple rcpts #1680 +- fix TLS timeout errors #1665 + +### 2.8.9 - Oct 02, 2016 + +#### New Features + +- Support outbound.pool_timeout of 0 to effectively disable pooling. #1561 +- Added never_add_headers option to rspamd plugin. #1562 +- rcpt_to.routes URI format w/ LMTP support #1568 + +#### Improvements + +- The delay_deny plugin now has a whitelist mode (vs blacklist). #1564 +- Don't show the private key in logs for dkim_sign. #1565 +- update geoip for compat with newer ES (#1622) +- drop node 0.10 testing / official support (#1621) +- watch plugin displays UUIDs as URL (#1624) +- Catch errors on header decode in rfc2231 #1599 +- Attachment plugin updates (#1606) +- add outbound.ini pool_timeout example setting #1584 + +#### Fixes + +- Fixed some small documentation issues. #1573, #1616, #1612 +- Fixed AUTH PLAIN when it spreads over two lines. #1550 +- Fixed dkim_verify calling next() too soon. #1566 +- Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572 +- outbound issues #1615, #1603 +- Fixed adding/removing headers in rspamd plugin. #1562 +- Fixed process_title not shutting down. #1560 +- fix a spurious error emitted by p0f (#1623) +- fix header version hiding (#1617) +- messagestream returns destination (#1610) +- plugins.getdenyfn now passed 3rd params arg (#1591) +- Fix scope of spf logdebug (#1598) +- fix rabbitmq deliveryMode bug (#1594) +- fix dkim_sign TypeError with null mail_from.host (#1592) +- fix dkim_sign attempting to lower an undefined (#1587) + +### 2.8.8 - Jul 20, 2016 + +#### Changes + +- removed UPGRADE.doc to [wiki](https://github.com/haraka/Haraka/wiki/Upgrade-Haraka) + +#### Improvements + +- support + wildcard in aliases plugin #1531 +- Support dkim_sign with outbound.send_email() #1512 +- spf: always check remote IP, then public IP if != pass #1528 +- spf: diplay IP used for SPF eval #1528 + +#### Fixes + +- handle missing wss section in http.ini #1542 +- fix leak on socket write error #1541 +- add results property to outbound transaction #1535 +- don't unref unref'd wss server #1521 + +### 2.8.7 - Jun 18, 2016 + +#### Changes + +- Fix geoip test + +#### Improvements + +- Allow alias plugin to explode to a list of aliases +- Support IPv6 literals in HELO tests (#1507 thanks @gramakri) +- Make ldap plugin use the modified address if a rcpt hook + changes it (#1501 thanks @darkpixel) -## 2.8.20 - Jun 29, 2018 - -- Fixes - - data_headers: check defined-ness of hdr_address *after* try/catch #2458 - - tls: remove tls.ini loading from plugins/tls #2459 - - tls: remove invalid opt from load_tls_ini #2456 - - outbound: escape values in HTML bounce correctly #2446 - - dkim_sign: catch exceptions when address-rfc2822 fails to parse From #2457 -- Changes - - logger: Add "obj" log param to log hook that contains log data by type #2425 - - logger: include outbound client ID in logging #2425 - - logger: allow specifying uuid in params when logging #2425 - -## 2.8.19 - Jun 26, 2018 - -- New features - - outbound: received_header=disabled supresses outbound Received header addition. #2409 - - auth_base.js: `check_plain_passwd` and `check_cram_md5_passwd` can now pass `message` and `code` to callback routine - - spf: allow bypass for relay and AUTH clients #2417 - - spf: optionally add OpenSPF help text to rejection #2417 - - auth_base: prevent storing of AUTH password in connection.notes.auth_passwd by setting plugin.blackout_password. #2421 -- Fixes - - Mitigate MIME part explosion attack #2447 - - Always prefix ClamAV with a Received header #2407 - - plugins/data.headers.js: wrap address-rfc2822 header parse into try block #2373 - - tls_socket: as client, only apply TLS opts if config is valid #2414 - - when installing, creates config/me if missing #2413 - - queue/qmail-queue: fix a 2nd crash bug when client disconnects unexpectedly #2360 - - remove desconstruction of SMTP commands to prevent exception #2398 - - attstream: return self so that pipe() calls can be chained together. #2424 - - outbound: fix dotfile cleanup to consider platform-based prefix. #2395 - - outbound: fix handling of LMTP socket when a socket path is specified. #2376 -- Changes - - relay: move relay acl check to connect_init so flag is set earlier #2442 - - process\_title: add total recipients, avg rcpts/msg, recipients/sec cur/avg/max and messages/conn #2389 - - when relaying is set in a transaction, don't persist beyond the transaction #2393 - - connection.set supports dot delimited path syntax #2390 - - remove deprecated (since 2.8.16) ./dsn.js - - Add transaction.msg_status property that reflects message status. #2427 - - Add transaction.notes.proxy object that hold HAProxy details. #2427 - - spamassassin: make relay header configurable. #2418 - - deprecate max_unrecognized_commands plugin in favor of limit. #2402 - - xclient: add support for DESTADDR/DESTPORT. #2396 - -## 2.8.18 - Mar 8, 2018 - -- New features - - smtp_forward: domain configuration is now chosen based on domain_selector #2346 -- Fixes - - queue/qmail-queue: fix crash bug when client disconnects unexpectedly #2360 - - tls: fix crash bug in `unrecognized_command` hook - - `dkim_key_gen.sh`: improve usability and parameter parsing #2355 -- Changes - - document `force_shutdown_timeout` and `graceful_shutdown` settings #2350 - -## 2.8.17 - Feb 16, 2017 - -- New Features - - SMTPS port is configurable #2269 - - smtp_forward: enable_outbound can be set per domain #2335 -- Fixes - - Fix ability to set log level to emerg #2128 - - outbound/hmail: use Buffer to correctly read binary file data + tests #2231 - - quarantine: consolidate 2x hook_init_master functions - - tls_socket: restore SNI functionality, emit count of TLS certs #2293 - - fix smtp_client error handling #2298 - - fix outbound pools #2317 - - add openssl-wrapper as dependency #2320 - - replace _ chars in hostnames with code points #2324 - - add this.removeAllListeners('connection-error') #2323 - - Fix crashing on RSET #2328 - - Prevent data headers crit fail #2329 - - Fix undefined max_lines in log message #2337 -- Changes - - line_socket: remove superfluous function #2339 - - consistent end of function declaration semicolon #2336 - - connection: assure hostname is set #2338 - - smtp_client: Fix log message typo #2334 - - Update ipaddr.js to version 1.6.0 #2333 - - Warn on max_header_lines #2331 - - update jquery version #2322 - - plugins: add SRS plugin to registry #2318 - - tls_socket: only generate dhparam.pem on master process #2313 - - add ENOTFOUND to also check A record #2310 - - smtp_forward: correct config file name in docs #2309 - - reduce severity of iconv conversion failure #2307 - - Add txn UUID to "250 Message Queued" #2305 - - mailheader: reduce log level priority #2299 - - greylist: only log redis DB errors when exist #2295 - - data.headers: reduce undef MLM logerror to logdebug #2294 - - quarantine: consolidate 2x hook_init_master() #2292 - - move test_queue to queue/test #2291 - - in haraka plugin test mode, add server.notes #2248 - - outbound/hmail: refactor #2238 - - outbound/hmail: add JSON sanity test before JSON.parse #2231 - - outbound/index: use newer Buffer.from syntax #2231 - - outbound/hmail: make haraka queue files human friendly #2231 - - plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 - - plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 - - plugins/smtp_forward: enable_outbound can be enabled/disabled for specific domains - - auth_proxy: read TLS key and cert files from tls.ini #2212 - - README: typo fixes #2210 - - incorrect RCPT TO reply message #2227 - - Resolve decoding bug when root part is base64 encoded. #2204 - - Resolve base64 data truncation #2188 - - Fix damaged encoding when body is non-utf #2187 - - Fix disconnect hooks #2184 - - ability to set log level to emerg #2128 - - Improve docs for `Address` objects #2224 - - connection: replace 3x ternaries with get_remote() #2169 - - connection.local.host populated with hostname (from config/me) #2165 - - connection.local.info populated with Haraka/version #2196 - - npm packaged plugins: - - plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 - - plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 - - plugins/graph -> haraka-plugin-graph #2185 - - config: replace ./config.js with haraka-config #2119 - - Replace concatenated strings with template literals (#2129) in: - - attachment #2260 - - bin/spf #2129 - - bin/dkimverify #2278 - - connection #2129, #2243 - - delay_deny #2264 - - dkim #2216 - - dsn #2265 - - host_pool #2198, #2245 - - logger #2277, #2246 - - mailbody #2280 - - max_unrecognised_commands #2171 - - outbound/hmail #2259 - - outbound/index #2249 - - outbound/todo #2233 - - plugins #2239 - - plugins/aliases #2229 - - plugins/attachment #2155 - - plugins/auth_base #2252 - - plugins/avg #2156 - - plugins/backscatterer #2261 - - plugins/bounce #2229 - - plugins/clamd #2237 - - plugins/connect.rdns_access #2262 - - plugins/data.headers #2263 - - plugins/data.uribl #2258 - - plugins/helo.checks #2255 - - plugins/rcpt_to.in_host_list #2253 - - plugins/spamassassin #2256 - - plugins/profile #2170 - - plugins/rcpt_to.host_list_base #2254 - - plugins/relay #2174 - - plugins/relay_acl #2177 - - plugins/spf #2266 - - plugins/toobusy #2186 - - plugins/xclient #2159 - - rfc1869 #2159 - - smtp_client #2129, #2208 - - tests/host_pool #2159 - - use es6 destructuring (#2075) in: - - connection #2230 - - dkim #2232 - - use es6 classes (#2133) in: - - attachment #2260 - - attachment_stream #2215 - - chunkemitter #2219 - - dkim #2206 - - dsn #2247 - - host_pool #2194 - - mailheader #2213 - - mailbody #2213 - - smtp_client #2221 - - spf #2214 - - tls_socket #2190 - - timer_queue #2226 - - outbound/hmail #2197 - - outbound/todo #2233 - - Automatically set connection.remote.is_private when connection.remote.ip is set #2192 - - Add remove_msgid and remove_date options to outbound.send_email #2209 - - Add origin option to outbound.send_mail #2314 - - -## 2.8.16 - Sep 30, 2017 - -- Changes - - additional tests get var -> const/let medicine #2122 - - move connection states into haraka-constants #2121 - - lint: remove useless escapes #2117 - - lint: switch no-var to error #2109 - - rspamd: repackaged as NPM module #2106 - - dsn: repackaged as NPM module haraka-dsn #2105 - - outbound: add results when queueing #2103 - - spamassassin: skip adding headers when value is empty #2102 - - Replace console.log with stdout #2100 - - update js-yaml to version 3.10.0 #2097 - - repackage p0f plugin to NPM #2076 - - ES6: replace var with const or let #2073 - -- New Features - - Bounces can have an HTML part #2091 -- Fixes - - daemon cwd #2126 - - updated fcrdns plugin name passed to results #2115 - - tls: only apply default key/cert paths when undefined #2111 - - dkim_verify: fix formatting of auth results #2107 - - smtp_forward: consistently use queue.wants #2107 - - haraka was adding TLS header on non-TLS connection #2103 - - dkim typo fix #2101 - - fix rfc2231 parsing code to cope with continuation #2089 - -## 2.8.15 - Sep 10, 2017 - -- Changes - - Permit log settings to be set w/o LOG prefix #2057 - - additional results storing in smtp_forward and quarantine #2067 - - publish p0f plugin to NPM #2076 - - smtp_forward stores queue note at queue.wants #2083 - - Remove unused folders from installation #2088 - - smtp_forward stores queue note at queue.wants #2083 - - add get/set to conn/txn.notes #2082 - - additional results storing in smtp_forward and quarantine #2067 - - Permit log settings to be set w/o LOG prefix #2057 - - support INFO *and* LOGINFO as config settings #2056 - - log.ini, new default location for log related settings #2054 - - dcc: replace with npm packaged version #2052 - - qmd: replace rcpt_to.qmail_deliverable with npm #2051 - - rspamd: pass SPF evaluation #2050 - - add logfmt support #2047 - - update ipaddr.js to version 1.5.0 #2037 - - update redis to version 2.8.0 #2033 - - disable graceful for SIGTERM #2028 - - add additional integration tests #2026 - - move most npm packaged plugins into optionalDependencies #2023 -- New Features - - TLS certificate directory (config/tls) #2032 - - plugins can specify a queue plugin & next_hop route #2067 - - connection/transaction notes now have get/set #2082 -- Fixes - - haraka cli will now create folders if they don't exist #2088 - - maybe fix for #1852 503 response #2064 - - crash when 'AUTH LOGIN' is sent after a successful auth #2039 - - docs: fixed swaks test command #2034 - - dkim: prevent dkim_verify from causing 'cannot pipe' #1693 - -## 2.8.14 - Jul 26, 2017 - -- Changes - - Fix auth plugin failure when re-selecting auth method #2000 - - don't crash Haraka when invalid YAML config encountered #2013 - - update semver to version 5.4.0 #2015 - - relay docs: correct the config file name #2012 - - rename config/xclient.hosts to match plugin & docs #2014 - - build_todo() is part of the outbound/index.js api #2016 - - update js-yaml to version 3.9.0 #2002 - - outbound/hmail: use WRITE_EXCL from haraka-constants #2011 - - replace plugins/log.elasticsearch with npm packaged #2004 - - Remove two spurious log statements #1989 - - access: rebuild blacklist upon change (vs supplement) #1990 - - deliver to qmail-queue with LF line endings (not CRLF) #1997 - - doc: add note that smtp_forward only supports STARTTLS #1988 - - import Plugins.md from v3 #1991 - - update async to 2.5.0 #1982 - - update iconv to 2.3.0 #1981 - - require node.js v6+ #1958 - - update ipaddr.js to 1.4.0 #1972 - - support newer address-rfc2822 #1970 - - update node-address-rfc2821 version to 1.1.1 #1968 - - outbound: be consistent with todo.domain #1960 - - bump haraka-results required version #1949 - - logger: load in a setImmediate call #1948 - - logger: strip intermediate \n chars #1947 - - tls consistency cleanups #1851 - - Get pool config handling simplifcation #1868 - - add integration test: send message w/smtp_client - - replace some legacy code with es6 #1862 - - update async to version 2.2.0 #1863 - - update ipaddr.js to version 1.3.0 #1857 - - update redis to version 2.7.0 #1854 - - assure conn/tran still exists before storing results #1849 - - moved tls.ini parsing to net_utils #1848 - - smtp forward dest split routing #1847 - - rspamd: refactor complex condition into function #1840 - - block js attachments #1837 - - helo.checks: bring plugin into alignment with docs #1833 - - when proxy enabled, update remote.is_private too #1811 - - create an outbound queue filename handler #1792 - - replace fcrdns with npm package #1810 - - add an additional node_modules plugin search path #1805 - - Set graceful shutdown off by default #1927 - - Allow outbound pools to be disabled #1917 - - Outbound split and move into folder #1850 - - don't emit binary characters into the logs #1902 - - Add .editorconfig #1884 - - tls: remove interim variables #1871 -- New Features - - Use punycode domain (support SMTPUTF8) #1944 - - Added RabbitMQ vhost support #1866 - - clamav: allow "Unknown Result" and Socket Error to try next host #1931 - - outbound client certificates #1908 - - Implement the missing upgrade method on SMTPClient #1901 - - Remove typo from relay.md #1886 -- Fixes - - outbound: fix queue not loaded for single process #1941 - - outbound: Fix undefined variable platformDOT in hmail.js #1943 - - outbound: fix undefined FsyncWriteStream var #1953 - - Fix cluster messaging for node v6+ #1938 - - outbound: fix loading under cluster. #1934 - - Check pool exists before delete #1937 - - be more strict in attachment filename matching #1957 - - doc typo fix #1963 - - RabbitMQ: fix encoding of user and password string #1964 - - spf: improve modifier regexp #1859 - - rabbitmq doc typo in config file name #1865 - - URL to manual was 404, point to Plugins.md #1844 - - smtp_client: set idleTimeout to 1s < pool_timeout #1842 - - fix broken continuations #1843 - - doc error for the 'check.authenticated' setting in rspamd plugin #1834 - - emit _the_ result, not all of them #1829 - - fix outbound logger #1827 - - fix forwarding with client auth over TLS (forward to gmail) #1803 - - Don't blow the stack on qstat #1930 - - run dumped logs through log plugins, not console #1929 - - Fix path parsing bug on Windows platform #1919 - - helo: make sure list_re is defined before access #1903 - - TLS: handle case where OCSP server is unavailable #1880 - - rspamd: add missing 'default' keyword #1856 - - disable naïve comment stripping #1876 - -## 2.8.13 - Feb 03, 2017 - -- Changes - - new [haraka-plugin-limit](https://github.com/haraka/haraka-plugin-limit) #1785 - - replaces plugin/limit, plugin/rate_limit, and haraka-plugin-outbound-rate-limit - - p0f: skip on private IPs (normally empty) #1758 - - spf: skip for outbound when context != myself #1763 - - redis: plugins using redis can inherit redis config #1777 - - redis: replace plugins/redis with haraka-plugin-redis #1786 - - lint: require space before function declaration #1784 - - lint: added eslint:recommended #1790 - - logger: remove logger.colorize code for legacy node versions -- New Features - - redis: add `redis_subscribe_pattern()` #1766 - - queue/discard: add ENV that permits discarding #1791 -- Improvements - - rspamd: improve response parsing #1770 - - restore Windows testing to working state #1755 - - elasticsearch: use UTC dates for index creation #1771 - - tls: fix dhparam usage example syntax #1774 - - typo: logerr -> logerror #1776 - - when generating long DKIM keys, include a BIND compatible folded key #1775 - - in haraka-test-fixtures, access results via fixtures.results #1783 - - integration test: end to end server testing #1791 -- Bug Fixes - - spf: restore functionality for relay context=myself #1759 - - rate_limit:if incr creates a new record, assure it has a TTL #1781 - - tls: do not create a top level secureContext #1787 - - dnswl: swap lines to fix missing inherited methods #1793 - - dnswl: fix config loader callback syntax #1794 - - tests/plugins: unset process.env.HARAKA to avoid side effects that interfere with other tests - - remove auth_flat_file sample auth user #1796 - -## 2.8.12 - Jan 03, 2017 - -- Changes - - plugin/karma -> npm packaged haraka-plugin-karma #1747 - - update generic-pool 2.4.2 -> 2.5.0 -- New Features - - Added option to bypass SpamAssassin headers' merge #1745 -- Improvements - - reduce severity of debug message #1744 - - fix misleading entries in config/tls.ini #1734 - - Misc. performance improvements #1738 - - set tls.sessionIdContext property (for Thunderbird compat) #1740 -- Bug Fixes - - Swap lines to avoid clobbering response array #1743 - - -## 2.8.11 - Nov 24, 2016 - -- Changes - - rename core_require to haraka_require #1708 - - move log.syslog to haraka-plugin-syslog #1698 - - remove tls.ini loading and is_no_tls_host to net_utils #1690 - - replace ./utils with npm packaged haraka-utils #1720 - - require node 4 - - karma: add .top TLD scoring #1714 - -- New Features - - Implement OCSP Stapling #1724 - -- Improvements - - show help for npm packaged plugins included in core #1698 - - use tls.connect for client #1682 - - bring port 465 SMTPS TLS config support on par with STARTTLS #1667 - - use tls.connect instead of createSecurePair #1678 - - redis: improve error handling in tests # - - replace / path seperators with path.\* for cross platform compat #1713 - -- Bug Fixes - - dkim_sign: per-domain key finding fixed #1707 - - Rspamd: restore spam report header #1702 - - auth/vpopmail: do not toString() when null #1695 - - fix outbound to avoid recursive reading key/cert after refactoring #1692 - - tls: fix option servername (not hostname) #1728 - - correct Auth-Results cleaning #1726 - - fix results for connection.remote_host and NXDOMAIN #1716 - - -## 2.8.10 - Oct 20, 2016 - -- Changes - - use standard npm syntax for lint and tests #1646 - - remove ./net_utils to haraka-net-utils #1644 - - remove incorrect and unused spf.hello_host #1635 - - remove rogue DENYSOFT copy-pasta error #1634 - - update async to v2 #1545 - - remove plugin/dir support from base haraka #1668 - - use node_modules_dir support instead - - use TLSSocket instead of createSecurePair #1672 - - refactor plugins/tls #1670 - - moved watch plugin to npm as haraka-plugin-watch #1657 - - normalize proxy properties #1650 - -- New Features - - added connection.remote.is_private boolean #1648 - - added additional TLS options (@typingArtist) #1651 - - added wildcard boolean support to config loader #1680 - - tls: allow multiple key and cert parameters for RSA+ECDSA #1663 - - permit specifying haraka plugins w/o haraka-plugin- prefix #1645 - - in config/plugins and resultstore - -- Improvements - - connection.geoip replaced by haraka-plugin-geoip #1645 - - connection.asn replaced by haraka-plugin-asn #1645 - - permit specifying npm packaged plugins w/o haraka-plugin prefix #1647 - - normalized connection properties #1547, #1577 - - Rspamd: fix spambar for negative scores #1630 - - set connection.remote.is_private early - - replace calls to net_utils with remote.is_private test - -- Bug Fixes - - Tidy-up graceful shutdown and fix for non-cluster mode #1639 - - Fix data.headers plugin crash #1641 - - Fix access plugin crash #1640 - - Minor DKIM fix #1642 - - do not set TLS timer if timeout=0 #1632 - - do not overwrite config/host_list on install #1637 - - correct smtp_forward cfg for multiple rcpts #1680 - - fix TLS timeout errors #1665 - - -## 2.8.9 - Oct 02, 2016 - -- Changes - -- New Features - - Support outbound.pool_timeout of 0 to effectively disable pooling. #1561 - - Added never_add_headers option to rspamd plugin. #1562 - - rcpt_to.routes URI format w/ LMTP support #1568 - -- Improvements - - The delay_deny plugin now has a whitelist mode (vs blacklist). #1564 - - Don't show the private key in logs for dkim_sign. #1565 - - update geoip for compat with newer ES (#1622) - - drop node 0.10 testing / official support (#1621) - - watch plugin displays UUIDs as URL (#1624) - - Catch errors on header decode in rfc2231 #1599 - - Attachment plugin updates (#1606) - - add outbound.ini pool_timeout example setting #1584 - -- Bug Fixes - - Fixed some small documentation issues. #1573, #1616, #1612 - - Fixed AUTH PLAIN when it spreads over two lines. #1550 - - Fixed dkim_verify calling next() too soon. #1566 - - Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572 - - outbound issues #1615, #1603 - - Fixed adding/removing headers in rspamd plugin. #1562 - - Fixed process_title not shutting down. #1560 - - fix a spurious error emitted by p0f (#1623) - - fix header version hiding (#1617) - - messagestream returns destination (#1610) - - plugins.getdenyfn now passed 3rd params arg (#1591) - - Fix scope of spf logdebug (#1598) - - fix rabbitmq deliveryMode bug (#1594) - - fix dkim_sign TypeError with null mail_from.host (#1592) - - fix dkim_sign attempting to lower an undefined (#1587) - -## 2.8.8 - Jul 20, 2016 - -- Changes - - removed UPGRADE.doc to [wiki](https://github.com/haraka/Haraka/wiki/Upgrade-Haraka) - -- Improvements - - support + wildcard in aliases plugin #1531 - - Support dkim_sign with outbound.send_email() #1512 - - spf: always check remote IP, then public IP if != pass #1528 - - spf: diplay IP used for SPF eval #1528 - -- Bug Fixes - - handle missing wss section in http.ini #1542 - - fix leak on socket write error #1541 - - add results property to outbound transaction #1535 - - don't unref unref'd wss server #1521 - -## 2.8.7 - Jun 18, 2016 - -- Changes - - Fix geoip test - -- Improvements - - Allow alias plugin to explode to a list of aliases - - Support IPv6 literals in HELO tests (#1507 thanks @gramakri) - - Make ldap plugin use the modified address if a rcpt hook - changes it (#1501 thanks @darkpixel) - -- Bug Fixes - - Fix loading plugins as npm modules (#1513) - - More DKIM fixes (#1506 thanks @zllovesuki) - - Fix the long failing host-pool-timer test (#1508) - - Fix clean shutdown of redis with new shutdown code - (#1504 and #1502 thanks @darkpixel) - - More fixes to clean shutdown (#1503) - -## 2.8.6 - Jun 06, 2016 - -- Bug Fixes - - Fix loading under Node v4 which sends a blank message - - Fix quit (SIGINT) when running without nodes= - -## 2.8.5 - Jun 04, 2016 - -- Changes - - The connection object is now passed to `get_plain_passwd`. Older - modules should continue to work as-is. - - The reseed_rng plugin now just uses the Crypto module from core. - Though it seems this plugin should be irrelevant with newer versions - of node.js - -- New Features - - Outbound mail now uses pooled connections, only sending a `QUIT` - message if the connection has been idle for a while. - -- Improvements - - Shut down and reload (via `haraka -c --graceful`) is now - graceful - allowing current connections to finish and plugins - to clean up before ending. - -- Bug Fixes - - Bind maxmind version to ignore API change (#1492) - - Fix encodings when banners are used (#1477) - - Various DKIM fixes (#1495) - -## 2.8.4 - May 24, 2016 - -- Bug Fixes - - Fix plugin loading override when installed (#1471) - -## 2.8.3 - May 18, 2016 - -- Bug Fixes - - Fix config overriding for core modules (#1468) - -## 2.8.2 - May 17, 2016 - -- Changes - - Added Node v6 to travis tests - -- New Features - - Added bin/haraka --qunstick to flush all mails - for that domain (#1460) - -- Improvements - - Make bin/haraka --qlist show much more information (#1452) - - Allow CIDR ranges in no_tls_hosts (#1450) - -- Bug Fixes - - 2.8.0 was shipped with a broken config/plugins. (#1453) - - Stop haraka dying when ldap connections fail (#1456) - - Pick up domain specific config correctly in ldap (#1456) - -## 2.8.0 - May 06, 2016 - -- Changes - - updated dependency versions (#1426, #1425) - - use utf8 encoding for body filters (#1429) - - remove spameatingmonkey from tests (#1421) - - replace ./constants.js with haraka-constants (#1353) - - Document HMail and TODO items (#1343) - - Copy only a minimal config/\* by default (#1341). - - cfreader/\* removed to haraka/haraka-config (#1350) - - outbound and smtp_client honor tls.ini settings (#1350) - - outbound TLS defaults to enabled - - lint: remove all unused variables (#1358) - - replace ./address.js with address-rfc2181 (#1359) - -- New Features - - smtp_forward: accepts a list of backend hosts, thanks @kgeoss (#1333) - - config: add array[] syntax to INI files (#1345) - - plugins.js: support require('./config') in plugins - - Load plugin config from own folder and merge (#1335) - - Allow original email's Subject to be included in bounce message (#1337) - - new queue/smtp_bridge plugin, thanks @jesucarr (#1351) - -- Improvements - - early_talker: supports IP whitelisting (#1423) - - loading plugins as packages (#1278) - - removed TLD stuff to haraka/haraka-tld (#1301) - - removed unused 'require('redis') in plugins/karma (#1348) - - improved MIME header support per rfc2231 (#1344) - - tls options can be defined for outbound and smtp\_\* (#1357) - - explicitly disable SSLv2 (#1395) - - cache STUN results - - xclient plugin improvements (#1405) - - tls: Set verify=NO correctly when no certificate presented (#1400) - - improved message header decoding (#1403, #1406) - - bounce: skip single_recipient check for relays/private_ips (#1385) - - rspamd docs: Clarify usage of check.private_ip (#1383) - - if rcpt_to returns DSN in msg, log it properly (#1375) - -- Bug Fixes - - fix out-of-range errors from banner insertion (#1334) - - dkim_verify: Call next only after message_stream ended (#1330) - - outbound: remove type check from pid match (#1322) - - lint: enable no-shadown and remove all shadow variables (#1349) - - spf: fix log_debug syntax (#1416) - - auto_proxy: fix a starttls loop (#1392) - - fcrdns: corrected err variable name (#1391) - - rspamd: Fix undefined variable (#1396) - - dkim_verify: Fix header handling (#1371) - - smtp_client: fix remote_ip (#1362) - - -## 2.7.3 - Feb 04, 2016 - -- Changes - - smtp_proxy & qmail-queue: default to enabled for outbound deliveries - (previously used Outbound), to better matches user expectations. - -- New Features - - outbound: allow passing notes to send_email (#1295) - -- Improvements - - logging: emit log message queue before shutting down (#1296) - - result_store: permit redis pub/sub to work when host != localhost (#1277) - - tests: quiet the extremely verbose messages (#1282) - - rspamd: add timeout error handling (#1276) - - watch: fix display of early_talker results (#1281) - - spamassassin: publish results to result_store (#1280) - - karma: can now connect to redis on hosts other than localhost (#1275) - - geoip & p0f: don't log empty/null values from RFC 1918 connects (#1267) - - redis: make plugin params match docs (#1273) - - mailbody: small refactoring (#1315) - - smtp_proxy & qmail-queue: default to enabled for outbound (#1308) - -- Bug Fixes - - redis: use correct path for db.select (#1273) - - count errors correctly (#1274) - - logger: ignore null arguments (#1299) - - connection: pause for hook_reset_transaction (#1303) - - rcpt_to.routes: update redis usage for compat with redis plugin (#1302) - - smtp_forward: use correct config path to auth settings (#1327) - - messagestream: correctly pass options parameter to get_data (#1316) - - spf: honour configuration for mfrom scope (#1322) - - outbound: Add missing dash to 'Final-Recipient' header name (#1320) - - -## 2.7.2 - Dec 15, 2015 - -- Bug Fixes - - Revert a change that broke plugin loading - - -## 2.7.1 - Dec 14, 2015 - -- New Features - - added debian init.d file (#1255) @slattery - -- Improvements - - smtp_forward auth settings now work (#430) - - better handling of broken messages (#1234) - - Docker: use latest Phusion image && stdout (#1238, #1239) - - Clean up plugin loading a tiny bit (#1242) - - make dkim keydir case insensitive (1251) - - ignore DNS errors that aren't errors (#1247) - - outbound doc updates (#1258) @Currerius - - outbound: return DENYSOFT on queue error (#1264) - - smtp_client: if enable_tls is set and TLS files missing, warn (#1266) - -- Bug Fixes - - Don't sent empty headers to rspamd (#1230) - - Fix auth_base.js key need to be a string - number.toString() (#1228) - - fix bug with empty charset= on mime parts … (#1225) - - Fix "passwd" check crash with numeric password. (#1254) - - result_store: show arrays when not empty (#1261) - - -## 2.7.0 - Oct 07, 2015 - -- New Features - - SPF bounce check - - rspamd plugin (@fatalbanana) - - watch plugin - - limit plugin (connection concurrency, errors, unrecognized commands) - - plugins can now be npm packages (see also #946) - - built-in HTTP server (Express backed) - - ESETS AV plugin - - DCC plugin (incomplete) - - Add LOGIN support to XCLIENT - - backscatterer plugin - - full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus) - - Early talker #1075 (@smfreegard, @msimerson) - - permit loading of plugins in node_modules #1056 (@msimerson) - -- Improvements - - Fix anti_spoof by use config #1171 - - Add license clause #1170 - - package.json dependencies and travis update #1147, #1168 (@Dexus) - - logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus) - - aliases: support for email, user and host aliases #1149 (@Dexus) - - add docs for use private key with TLS #1130 (@Dexus) - - outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus) - - plugin/attachment: block more attachment file types #1191 (@Dexus) - - remove double functions #1126 (@Dexus) - - Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz) - - toobusy: only run checks if toobusy.js installed and loads - - HAProxy: set local_ip, local_port and remote_port - - save auth pass/fail/user to result_store - - ini files no longer require values (useful for storing lists) - - connection: add MAIL and RCPT to results - - results_store: enable 'emit' feature for .push() - - add support for custom Outbound Received header value (@zombified) - - save smtp_forward result to result_store - - auth_base: permit a return message (@DarkSorrow) - - add DSN.create() and RFC 4954 support - - enhanced pipelining support - - added config/access.domains with some tips (@EyePulp) - - Add SSL detection over plain-text socket - - earlytalker: store results - - bounce: make it safe to check non_local_msgid - - AVG: store results, added defer options - - tls: change createCredentials to tls.createSecureContext (@DarkSorrow) - - update dependency versions (esp async 0.2.9 -> 1.0.0) - - ASN docs: add FTP download note for routeviews - - karma: removed concurrency limits (see limit plugin) and penalty feature - - added utils.elapsed() - - deny message includes hostname - - Add Fisher-Yates shuffle to randomize lookup order in data.uribl - - change default message size limit to 25mb - - auth_base: save auth results - - upgrade toobusy plugin to toobusy-js (@alexkavon) - - configfile: permit / char in ini keys - - added utils.node_min() - - added result_store.get_all() - - updated ubuntu upstart script - - plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185 - - Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz) - - make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty) - - Net_utils.get_ips_by_host #1160 (@msimerson) - - fcrdns: don't log error for ENODATA #1140 (@msimerson) - - improve MUA detection #1137 (@msimerson) - - tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson) - - karma: skip deny on outbound hooks #1100 (@msimerson) - - Store HAProxy IP in connection object #1097 (@smfreegard) - - Remove UUID from queued message #1092 (@smfreegard) - -- Bug Fixes - - fix windows build and test failures #1076 (@msimerson) - - Fix plugin ordering #1081 (@smfreegard) - - Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard) - - uribl: prevent calling next() more than 1x #1138 (@msimerson) - - Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty) - - Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz) - - TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard) - - Fix port to number instead of string for HAProxy #1108 (@DarkSorrow) - - Plugin dcc: fixed syntax error #1164 (@hatsebutz) - - config: fix flat files if \r\n lines #1187 (@Dexus) - - corrected hook_rcpt log code hook_rcpt_ok returns CONT - - fix crash bug when loglevel = LOGDEBUG - - corrected pathname in rcpt.ldap plugin (@abhas) - - added helo.checks boolean for proto_mismatch - - make rate_limit redis keys always expire @celesteking - - dkim_sign: Buffer.concat expects an array of buffers - - transaction: check discard_data before adding line end (@DarkSorrow) - - fix 8-bit msg not displayed properly in gmail - - fcrdns: always init results - - TLS timer on error - - dkim_verify: fixed timeout issue - - smtp\_[proxy|forward]: correct authentication example - - Fork child workers after init_master hook - - connection: return 450/550 for plugin DENY\* (was 452/552) - - spamassassin: don't call next() when transaction gone - - outbound: fix crash when sending bounce mail - - auth_base: fix bad protocol in auth_base.js #1121 (@Dexus) - - outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus) - - connection: Fix bug when client disconnect after sending data #1193 - - Fix connect.geoip bug #1144 (@smfreegard) - - Fix tiny bug in messagesniffer #1198 (@smfreegard) - -## 2.6.1 - Mar 27, 2015 +#### Fixes + +- Fix loading plugins as npm modules (#1513) +- More DKIM fixes (#1506 thanks @zllovesuki) +- Fix the long failing host-pool-timer test (#1508) +- Fix clean shutdown of redis with new shutdown code + (#1504 and #1502 thanks @darkpixel) +- More fixes to clean shutdown (#1503) + +### 2.8.6 - Jun 06, 2016 + +#### Fixes + +- Fix loading under Node v4 which sends a blank message +- Fix quit (SIGINT) when running without nodes= + +### 2.8.5 - Jun 04, 2016 + +#### Changes + +- The connection object is now passed to `get_plain_passwd`. Older modules should continue to work as-is. +- The reseed_rng plugin now just uses the Crypto module from core. Though it seems this plugin should be irrelevant with newer versions of node.js + +#### New Features + +- Outbound mail now uses pooled connections, only sending a `QUIT` message if the connection has been idle for a while. + +#### Improvements + +- Shut down and reload (via `haraka -c --graceful`) is now graceful - allowing current connections to finish and plugins to clean up before ending. + +#### Fixes + +- Bind maxmind version to ignore API change (#1492) +- Fix encodings when banners are used (#1477) +- Various DKIM fixes (#1495) + +### 2.8.4 - May 24, 2016 + +#### Fixes + +- Fix plugin loading override when installed (#1471) + +### 2.8.3 - May 18, 2016 + +#### Fixes + +- Fix config overriding for core modules (#1468) + +### 2.8.2 - May 17, 2016 + +#### Changes + +- Added Node v6 to travis tests + +#### New Features + +- Added bin/haraka --qunstick to flush all mails + for that domain (#1460) + +#### Improvements + +- Make bin/haraka --qlist show much more information (#1452) +- Allow CIDR ranges in no_tls_hosts (#1450) + +#### Fixes + +- 2.8.0 was shipped with a broken config/plugins. (#1453) +- Stop haraka dying when ldap connections fail (#1456) +- Pick up domain specific config correctly in ldap (#1456) + +### 2.8.0 - May 06, 2016 + +#### Changes + +- updated dependency versions (#1426, #1425) +- use utf8 encoding for body filters (#1429) +- remove spameatingmonkey from tests (#1421) +- replace ./constants.js with haraka-constants (#1353) +- Document HMail and TODO items (#1343) +- Copy only a minimal config/* by default (#1341). +- cfreader/* removed to haraka/haraka-config (#1350) +- outbound and smtp_client honor tls.ini settings (#1350) +- outbound TLS defaults to enabled +- lint: remove all unused variables (#1358) +- replace ./address.js with address-rfc2181 (#1359) + +#### New Features + +- smtp_forward: accepts a list of backend hosts, thanks @kgeoss (#1333) +- config: add array[] syntax to INI files (#1345) +- plugins.js: support require('./config') in plugins +- Load plugin config from own folder and merge (#1335) +- Allow original email's Subject to be included in bounce message (#1337) +- new queue/smtp_bridge plugin, thanks @jesucarr (#1351) + +#### Improvements + +- early_talker: supports IP whitelisting (#1423) +- loading plugins as packages (#1278) +- removed TLD stuff to haraka/haraka-tld (#1301) +- removed unused 'require('redis') in plugins/karma (#1348) +- improved MIME header support per rfc2231 (#1344) +- tls options can be defined for outbound and smtp_* (#1357) +- explicitly disable SSLv2 (#1395) +- cache STUN results +- xclient plugin improvements (#1405) +- tls: Set verify=NO correctly when no certificate presented (#1400) +- improved message header decoding (#1403, #1406) +- bounce: skip single_recipient check for relays/private_ips (#1385) +- rspamd docs: Clarify usage of check.private_ip (#1383) +- if rcpt_to returns DSN in msg, log it properly (#1375) + +#### Fixes + +- fix out-of-range errors from banner insertion (#1334) +- dkim_verify: Call next only after message_stream ended (#1330) +- outbound: remove type check from pid match (#1322) +- lint: enable no-shadown and remove all shadow variables (#1349) +- spf: fix log_debug syntax (#1416) +- auto_proxy: fix a starttls loop (#1392) +- fcrdns: corrected err variable name (#1391) +- rspamd: Fix undefined variable (#1396) +- dkim_verify: Fix header handling (#1371) +- smtp_client: fix remote_ip (#1362) + +### 2.7.3 - Feb 04, 2016 + +#### Changes + +- smtp_proxy & qmail-queue: default to enabled for outbound deliveries (previously used Outbound), to better matches user expectations. + +#### New Features + +- outbound: allow passing notes to send_email (#1295) + +#### Improvements + +- logging: emit log message queue before shutting down (#1296) +- result_store: permit redis pub/sub to work when host != localhost (#1277) +- tests: quiet the extremely verbose messages (#1282) +- rspamd: add timeout error handling (#1276) +- watch: fix display of early_talker results (#1281) +- spamassassin: publish results to result_store (#1280) +- karma: can now connect to redis on hosts other than localhost (#1275) +- geoip & p0f: don't log empty/null values from RFC 1918 connects (#1267) +- redis: make plugin params match docs (#1273) +- mailbody: small refactoring (#1315) +- smtp_proxy & qmail-queue: default to enabled for outbound (#1308) + +#### Fixes + +- redis: use correct path for db.select (#1273) +- count errors correctly (#1274) +- logger: ignore null arguments (#1299) +- connection: pause for hook_reset_transaction (#1303) +- rcpt_to.routes: update redis usage for compat with redis plugin (#1302) +- smtp_forward: use correct config path to auth settings (#1327) +- messagestream: correctly pass options parameter to get_data (#1316) +- spf: honour configuration for mfrom scope (#1322) +- outbound: Add missing dash to 'Final-Recipient' header name (#1320) + +### 2.7.2 - Dec 15, 2015 + +#### Fixes + +- Revert a change that broke plugin loading + +### 2.7.1 - Dec 14, 2015 + +#### New Features + +- added debian init.d file (#1255) @slattery + +#### Improvements + +- smtp_forward auth settings now work (#430) +- better handling of broken messages (#1234) +- Docker: use latest Phusion image && stdout (#1238, #1239) +- Clean up plugin loading a tiny bit (#1242) +- make dkim keydir case insensitive (1251) +- ignore DNS errors that aren't errors (#1247) +- outbound doc updates (#1258) @Currerius +- outbound: return DENYSOFT on queue error (#1264) +- smtp_client: if enable_tls is set and TLS files missing, warn (#1266) + +#### Fixes + +- Don't sent empty headers to rspamd (#1230) +- Fix auth_base.js key need to be a string - number.toString() (#1228) +- fix bug with empty charset= on mime parts … (#1225) +- Fix "passwd" check crash with numeric password. (#1254) +- result_store: show arrays when not empty (#1261) + +### 2.7.0 - Oct 07, 2015 + +#### New Features + +- SPF bounce check +- rspamd plugin (@fatalbanana) +- watch plugin +- limit plugin (connection concurrency, errors, unrecognized commands) +- plugins can now be npm packages (see also #946) +- built-in HTTP server (Express backed) +- ESETS AV plugin +- DCC plugin (incomplete) +- Add LOGIN support to XCLIENT +- backscatterer plugin +- full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus) +- Early talker #1075 (@smfreegard, @msimerson) +- permit loading of plugins in node_modules #1056 (@msimerson) + +#### Improvements + +- Fix anti_spoof by use config #1171 +- Add license clause #1170 +- package.json dependencies and travis update #1147, #1168 (@Dexus) +- logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus) +- aliases: support for email, user and host aliases #1149 (@Dexus) +- add docs for use private key with TLS #1130 (@Dexus) +- outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus) +- plugin/attachment: block more attachment file types #1191 (@Dexus) +- remove double functions #1126 (@Dexus) +- Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz) +- toobusy: only run checks if toobusy.js installed and loads +- HAProxy: set local_ip, local_port and remote_port +- save auth pass/fail/user to result_store +- ini files no longer require values (useful for storing lists) +- connection: add MAIL and RCPT to results +- results_store: enable 'emit' feature for .push() +- add support for custom Outbound Received header value (@zombified) +- save smtp_forward result to result_store +- auth_base: permit a return message (@DarkSorrow) +- add DSN.create() and RFC 4954 support +- enhanced pipelining support +- added config/access.domains with some tips (@EyePulp) +- Add SSL detection over plain-text socket +- earlytalker: store results +- bounce: make it safe to check non_local_msgid +- AVG: store results, added defer options +- tls: change createCredentials to tls.createSecureContext (@DarkSorrow) +- update dependency versions (esp async 0.2.9 -> 1.0.0) +- ASN docs: add FTP download note for routeviews +- karma: removed concurrency limits (see limit plugin) and penalty feature +- added utils.elapsed() +- deny message includes hostname +- Add Fisher-Yates shuffle to randomize lookup order in data.uribl +- change default message size limit to 25mb +- auth_base: save auth results +- upgrade toobusy plugin to toobusy-js (@alexkavon) +- configfile: permit / char in ini keys +- added utils.node_min() +- added result_store.get_all() +- updated ubuntu upstart script +- plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185 +- Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz) +- make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty) +- Net_utils.get_ips_by_host #1160 (@msimerson) +- fcrdns: don't log error for ENODATA #1140 (@msimerson) +- improve MUA detection #1137 (@msimerson) +- tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson) +- karma: skip deny on outbound hooks #1100 (@msimerson) +- Store HAProxy IP in connection object #1097 (@smfreegard) +- Remove UUID from queued message #1092 (@smfreegard) + +#### Fixes + +- fix windows build and test failures #1076 (@msimerson) +- Fix plugin ordering #1081 (@smfreegard) +- Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard) +- uribl: prevent calling next() more than 1x #1138 (@msimerson) +- Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty) +- Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz) +- TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard) +- Fix port to number instead of string for HAProxy #1108 (@DarkSorrow) +- Plugin dcc: fixed syntax error #1164 (@hatsebutz) +- config: fix flat files if \r\n lines #1187 (@Dexus) +- corrected hook_rcpt log code hook_rcpt_ok returns CONT +- fix crash bug when loglevel = LOGDEBUG +- corrected pathname in rcpt.ldap plugin (@abhas) +- added helo.checks boolean for proto_mismatch +- make rate_limit redis keys always expire @celesteking +- dkim_sign: Buffer.concat expects an array of buffers +- transaction: check discard_data before adding line end (@DarkSorrow) +- fix 8-bit msg not displayed properly in gmail +- fcrdns: always init results +- TLS timer on error +- dkim_verify: fixed timeout issue +- smtp\_[proxy|forward]: correct authentication example +- Fork child workers after init_master hook +- connection: return 450/550 for plugin DENY* (was 452/552) +- spamassassin: don't call next() when transaction gone +- outbound: fix crash when sending bounce mail +- auth_base: fix bad protocol in auth_base.js #1121 (@Dexus) +- outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus) +- connection: Fix bug when client disconnect after sending data #1193 +- Fix connect.geoip bug #1144 (@smfreegard) +- Fix tiny bug in messagesniffer #1198 (@smfreegard) + +### 2.6.1 - Mar 27, 2015 - added sedation timers for config file re-reading - Add AUTH support to outbound @@ -1302,13 +1359,13 @@ - log.syslog will try strong-fork-syslog (for node 0.12 compat) - improvements to Plugin docs - rename net_utils.is_rfc1918 -> is_private_ip - - IPv6 compat - - test coverage - - add IPv6 unique local fc00::/7 + - IPv6 compat + - test coverage + - add IPv6 unique local fc00::/7 - pre-populated config/plugins - added utils.extend, copies props onto objects -## 2.6.0 - Feb 21, 2015 +### 2.6.0 - Feb 21, 2015 - other bug fixes - updated a few tests so test suite passes on Windows @@ -1317,10 +1374,10 @@ - logging timestamps were static, fixed by @cloudbuy - queue/rabbitmq_amqplib, new plugin for RabbitMQ using amqplib (@esevece) - outbound: - - plugins can set the outbound IP (during get_mx) - - only replace line endings if not \r\n - - bannering fixes - - added support for per recipient routes + - plugins can set the outbound IP (during get_mx) + - only replace line endings if not \r\n + - bannering fixes + - added support for per recipient routes - tls: don't register hooks upless certs exist - removed contrib/geolite-mirror-simple.pl (replaced by docs update pointing to maxmind-geolite-mirror) @@ -1329,10 +1386,10 @@ - record_envelope_addresses: new plugin by @deburau - prevent_credential_leaks: new plugin by @smfreegard - config: - - configfile: added .yaml support - - improved config file 'watch' logic - - Allow hyphens in params in config files (@abhas) - - cached requests include options in cache key name + - configfile: added .yaml support + - improved config file 'watch' logic + - Allow hyphens in params in config files (@abhas) + - cached requests include options in cache key name - asn: updates for node 0.11 compat - dnsbl: use aysync.each vs forEach (avoid race condition) - spamassassin: improved config loading and test coverage @@ -1340,21 +1397,21 @@ - disable SSLv3 (due to POODLE) - dkim & spf, updates for node 0.11 compatibiilty - karma: move neighbor scoring from code to karma.ini - - move excludes list to karma.ini - - apply awards before adding message header & permit rejection at queue - - karma.ini: score updates for access & uribl plugins - - score denials issued by skipped plugins - - add scores for specific DNSBLs + - move excludes list to karma.ini + - apply awards before adding message header & permit rejection at queue + - karma.ini: score updates for access & uribl plugins + - score denials issued by skipped plugins + - add scores for specific DNSBLs - add transaction body filters (@chazomaticus) - - change bannering to use them + - change bannering to use them - helo.checks: fix timeout bug - - match_re now validates and pre-compiles all REs - - Add new proto_mismatch check + - match_re now validates and pre-compiles all REs + - Add new proto_mismatch check - p0f: add register(), load config once, early - server: improved config handling - data.headers: add Delivered-To check - rcpt_to.ldap: new plugin by @abhas -- smtp_client: only load tls_- when cfg.enable_tls +- smtp*client: only load tls*- when cfg.enable_tls - added plugins/host_list_base - Platform independent temp dir (thanks @martinvd) - move deprecated docs into docs/deprecated @@ -1373,10 +1430,10 @@ - Improve HAProxy support code and documentation - tls: reworked for efficiency and linear style - access: test hostname validity before PSL lookup - - load lists into objects (vs arrays), for much faster runtime access + - load lists into objects (vs arrays), for much faster runtime access - host_list: huge performance increase, esp for many hosts -## 2.5.0 - May 24, 2014 +### 2.5.0 - May 24, 2014 - added automated build testing via Travis-CI.org - fixed dkim_sign crash issue #560 @@ -1414,19 +1471,19 @@ - karma: added whitelist award, pass through temp (DENYSOFT) errors, made tarpit variable, configurable reject hooks, doc rewrite, ASN awards, fix penalty days calculation, new DSL for karma awards, - bannering fixes -- added log\* stubs to test/fixtures/[plugin|connection] +- added log* stubs to test/fixtures/[plugin|connection] - tests/fixtures/stub_plugin: set name property - config: corrected handling of config.arg gets, fix caching bug, fix boolean handling, added missing 'type' handling. - Adding the option of using CIDR ranges in the haproxy_hosts file - tarpit: added config option hooks_to_delay, added docs -- contrib/haraka.bsd.rc: startup file for \*BSD +- contrib/haraka.bsd.rc: startup file for *BSD - Store attachment headers on stream - Record accepted domains at hook_rcpt and improve queue/lmtp - return after next() in the whitelist checks - Add new -o option to bin/haraka -## 2.4.0 - Feb 12, 2014 +### 2.4.0 - Feb 12, 2014 - Trim whitespace when reading "list" type config files (such as config/plugins) - Added LMTP via queue/lmtp plugin @@ -1435,8 +1492,7 @@ - Removed the hmail.bounce_extra object as that information now stored with the rcpt_to list - Store the RCPT TO rejection reason on the address object - -## 2.3.0 - Feb 07, 2014 +### 2.3.0 - Feb 07, 2014 - Fix memory leak when watching config files for changes - Support for badly formatted MAIL FROM/RCPT TO lines @@ -1472,8 +1528,7 @@ - Fix issue causing a CRIT/crash with lost transaction/connection while sending inbound to ongoing SMTP server - Allow setting of spamd_user for spamassassin plugin - -## 2.0.0 - Nov 28, 2012 +### 2.0.0 - Nov 28, 2012 - Various fixes to SMTP AUTH code, including providing SMTP AUTH to inbound mail forwarders. @@ -1490,8 +1545,7 @@ - Throw exception with set_banner as it is now non-functional. Will be returned in a future version. - Small fixes to data.uribl -## 1.4.0 - - +### 1.4.0 - [3.0.0]: https://github.com/haraka/Haraka/releases/tag/3.0.0 [3.0.1]: https://github.com/haraka/Haraka/releases/tag/v3.0.1