Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#13734 closed enhancement (fixed)


Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: normal Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version

Change History (5)

comment:1 by Bruce Dubbs, 2 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 2 years ago

Fixed in Postfix 3.5.4, 3.4.14:

  • The connection_reuse attribute in smtp_tls_policy_maps always resulted in an "invalid attribute name" error.
  • SMTP over TLS connection reuse always failed for configurations that use explicit trust anchors.

Fixed in Postfix versions 3.5.4, 3.4.14, 3.3.12, 3.2.17:

  • The Postfix SMTP client's DANE implementation would always send an SNI option with the name in a destination's MX record, even if the MX record pointed to a CNAME record. MX records that point to CNAME records are not conformant with RFC5321, and so are rare.
  • Based on the DANE survey of ~2 million hosts it was found that with the corrected SMTP client behavior, sending SNI with the CNAME-expanded name, the SMTP server would not send a different certificate. This fix should therefore be safe.

comment:3 by Bruce Dubbs, 2 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 23337.

comment:4 by Bruce Dubbs, 2 years ago

Milestone: 9.210,0

Milestone renamed

comment:5 by Bruce Dubbs, 2 years ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.