Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
1227 lines (714 sloc) 37.9 KB
0.96 Feb 16, 2016
Fix DMARC authentication-result string (#244)
Replace all occurances of CR in X-Spam-Status (#247)
In helo, check *every* regex, not just first (#246)
badrcpt use reason, and defined-ness test (#245)
DMARC plugin: Added option to disable reporting (#242)
Add perms test to Qpsmtpd::DB::File::DBM::dir() (#234)
Skip greylisting when we can't talk to greylist DB (#233)
Change fake_{config,hook} to mock_{config,hook} (#232)
Use a fake greeting for testing run_continuation() (#231)
0.95 Feb 11, 2015
tls: adding support of Perfect Forward Secrecy (biergaizi)
more test coverage
misc updates to tests and docs
use perl DNS methods instead of shell cmds
tidier testing (t/tmp/*) vs scattershot
greylisting plugin adds Redis support
Qpsmtpd::DB with DBM and Redis classes
Auth-Results header won't be modified if DKIM signed
ordering headers to improve SpamAssassin interaction (priyadi)
disable SSLv3
fcrdns: add tests and improved localhost detection
added data_post_headers hook (priyadi)
added preliminary support for GeoIP v2 and ASN lookups from GeoIP DBs
make content log location configurable
added script for fetching GeoIP dbs
added auth_imap plugin (Graham Todd)
improved IPv6 support
removed async everything (unsupported and stagnant)
0.94 Sep 05, 2014
Added null char in username check to auth_cvm plugin
Build updates for CentOS 6 (Robert Siddall)
SpamAssassin plugin fixes (Priyadi Nurcahyo)
Added plugins/stunnel (luzluna)
Fixed a config error in Apache/ (luzluna)
loadcheck: imported (Robert Siddall)
return a useful error message when temp rejecting connections (Priyadi)
smtp_forward: added Postfix XCLIENT support (Chase Venters)
smtp_forward: add the remote message id in log entry (tpoindessous)
clamdscan: added support for remote (TCP/IP) clamd (M Simerson)
Updated DMARC plugin to use Mail::DMARC
Updated SPF & DKIM plugins to store data for DMARC processing
karma plugin: added spammy TLD penalty
a few more log prefixes (corralling stragglers)
0.93 Dec 17, 2013
Added Authentication-Results header
moves Authentication-Results to Original-Authentication-Results on inbound.
no longer puts auth info in Received header
TcpServer: ignore DNS search path and explicitely request PTR lookups (speedup)
store envelope TO/FROM in connection notes
raised max msg size in clamdscan
SPF enabled by default (if Mail::SPF available)
auth_vpopmaild: added taint checking to responses
added run files for most common deployment methods (easier install)
untaint config data passed to plugins split config args on /\s+/, was / /
(compatibility with newer versions of perl)
dmarc: added subdomain policy handling
0.92 Apr 20, 2013
new plugins: dmarc, fcrdns
new feature: DKIM message signing. See 'perldoc plugins/dkim' for details.
includes script for generating DKIM selectors, keys, and DNS records.
RAM bumped up to 300MB, to avoid memory exhaustion errors. untaint config options before passing them to plugins.
auth_vpopmaild: untaint responses obtained from network. Combined with the taint fix for config options, enables auth_vpopmaild to work when setting the host config and port
tls: added ability to store SSL keys in config/ssl
log2sql: added UPDATE query support
removed FAQ to:
helo: cease processing DNS records after first positive match
karma: sprinkled karma awards throughout other plugins
- limit poor karma hosts to 1 concurrent connection
- allow +3 conncurrent connections to hosts with good karma
- limit recipients to 1 for senders with negative karma
Sanitize spamd_sock path for perl taint mode - Markus Ullmann
geo_ip: added too_far option (deduct karma from distant senders)
bogus_bounce: add Return-Path check, per RFC 3834
Fix for Net::DNS break - Markus Ullmann
SPF: arrange logic to so improve reliability of spf pass reporting (helpful to DMARC plugin)
is_naughty removed from is_immune feature. Allows more granular handling by plugins.
0.91 Nov 20, 2012
a handful of minor changes to log messages, similar to v0.90
replace all instances of split '' with split // (required for 5.1?+)
clamdscan: skip processing of naughty messages
TcpServer: improved IPv6 support (Michael Holzt)
SPF: improved support for IPv6, removed is_in_relayclient in favor
of checking if relayclient() note is set.
spamassassin: added 'headers none' option
qmail_deliverable: added vpopmail extension support, reject null
senders to ezmlm mailing lists.
dnsbl rejections handled by naughty plugin
changed default loglevel from 9 to 6
allow messages with no body: (Robin's patch)
ordered config.sample/plugins roughly in SMTP phase order
added Plugins::adjust_karma, reduces code requirements in other plugins
added whitelist plugin
helo: added is_plain_ip to lenient checks
dspam improvements
added log2sql, log/, log/, and plugins/registry.txt
new dkim plugin added (deprecates domainkeys plugin).
0.90 Jun 27, 2012
Many logging adjustments for plugins, to achieve the goal of emitting
a single message per plugin that provides a summary of that plugins
action(s) and/or outcome(s).
qmail_deliverable plugin added (depends on Qmail::Deliverable).
karma plugin added.
naughty plugin added.
count_unrecognized_commands: corrected variable assignment error
connection_time: added tcpserver deployment compatibility
loop: max_hops was sometimes unset
dnsbl,rhsbl: process DNS queries syncronously to improve overall efficiency
insert headers at top of message (consistent SMTP behavior) in uribl
domainkeys, spamassassin plugins.
spamassassin: consolidated two data_post methods (more linear, simpler)
rewrote check_basicheaders -> headers
renamed check_loop -> loop
renamed check_badrcptto -> badrcptto
renamed check_badmailfromto -> badmailfromto
renamed check_badmailfrom -> badmailfrom
check_badmailfrom_patterns, merged functionality into check_badmailfrom
check_badrcptto_patterns, merged functionality into check_badrcptto
check_basicheaders. New arguments available: past, future, reject, reject_type
sender_permitted_from. see UPGRADING (Matt Simerson)
dspam plugin added (Matt Simerson)
p0f version 3 supported and new default. see UPGRADING (Matt Simerson)
resolvable_fromhost ignores DNS search path (i.e. it expects fully resolved domains) (Robert Spier, Charlie Brady)
new plugin auth_vpopmaild (Robin Bowes)
new plugin auth_checkpassword (Matt Simerson)
auth_vpopmail_sql: more flexible db config (Matt Simerson)
new plugin check_bogus_bounce (Steve Kemp)
clamav: added ClamAV version to the X-Virus-Checked header,
as well as noting "no virus found". (Matt Simerson)
assorted documentation cleanups (Steve Kemp, Robert Spier)
Revert "Spool body when $transaction->body_fh() is called"
0.84 April 7, 2010
uribl: fix scan-headers option (Jost Krieger, Robert Spier)
exim: Use BSMTP response codes, various cleanups (Devin Carraway)
config: cache returned values from config plugins (Peter J. Holzer)
AUTH PLAIN bug with Alpine (Rick Richard)
resolvable_fromhost: Moved DENYSOFT for temp_resolver_failed
to the RCPT TO hook. (Larry Nedry)
Note Net::IP dependency (Larry Nedry)
Various minor spelling cleanups and such (Steve Kemp, Devin Carraway)
rpm: create .rpm files from the packaging/rpm directory (Peter J. Holzer,
Robin Bowes, Filippo Carletti, Richard Siddell)
spamassasin: Custom spam tag subject munging (Jonathan Martens, Robert Spier)
clamav: Fix typo in name of default configuration file (Filippo Carletti)
0.83 September 15, 2009
plugins/queue/maildir: Allow hyphens in the maildir path (Hinrik Örn Sigurðsson)
Modify plugins/virus/clamav no-summary option for ClamAV 0.95 (Jonathan Martens)
Temporary deny if clamd is not running (Shad L. Lords)
Fix spamassassin plugin log noise if spam score is 0.0
Fix spool_dir configuration documentation and README update (Tomas Lee)
Disconnect host in rhsbl (Charlie Brady)
POD cleanups (Steve Kemp)
check_badmailfrom: Fix parsing of reason messages etc (Robert Spier, Tomas Lee)
check_spamhelo disconnects after denying a 'helo' (Filippo Carletti)
Log even when aren't in a transaction (Jared Johnson)
prefork: More robust child spawning (Peter Samuelson)
Add dup_body_fh method to return a dup'd body FH (Jared Johnson)
0.82 - June 2, 2009
prefork: Fix problem with processes sometimes being "left behind" (Charlie Brady)
prefork: Fix startup when no interface addresses are specified (Devin Carraway)
prefork: add multi-address support
The clamdscan virus-scanning plugin now requires the ClamAV::Client
perl module instead of the older, deprecated Clamd module (Devin Carraway)
prefork: support --listen-address for consistency with forkserver
prefork: Sanitize the shell environment before loading modules
0.81 - April 2, 2009
Close spamd socket after reading the result back (Jared Johnson)
p0f plugin updates (Tom Callahan)
Change transaction->add_recipient to skip adding "null" rcpt if passed
Add logging/apache plugin for logging to the apache error log
Add connection_time plugin
Add git information to version number when running from a git clone
Add rcpt_regexp plugin (Hanno Hecker)
Add notes method to Qpsmtpd::Address objects (Jared Johnson)
Add remove_recipient method to the transaction object (Jared Johnson)
0.80 - February 27, 2009
moved development to git repository!
reorganized plugin author documentation
added End of headers hook: data_headers_end
added "random error plugin"
improve logging of plugins generating fatal errors (Steve Kemp)
async: added $connection->local_ip, $connection->local_port
async: Fix bug where the body_file/body_filename wouldn't have headers
lower log level of rcpt/from addresses
prefork: improve shutdown of parent (and children) on very busy
systems (Diego d'Ambra)
prefork: exit codes cleanup (based on patch by Diego d'Ambra)
prefork: detect and reset locked shared memory (based on patch by
Diego d'Ambra)
prefork: untaint the value of the --interface option (reported by
Diego d'Ambra)
prefork: the children pool size was sometimes not adjusted immediately
after the exit of children (reported by Diego d'Ambra)
async, prefork: detach and daemonize only after reading the configuration
and loading the plugins, to give the init scripts a chance to detect
failed startups due to broken configuration or plugins (Diego d'Ambra)
plugins/tls: close the file descriptor for the SSL socket
plugins/queue/maildir: multi user / multi domain support added
set the Return-Path header when queuing into maildir mailboxes
plugins/resolvable_fromhost: check all MX hosts, not just the first
remove outdated virus/check_for_hi_virus plugin
prefork, forkserver: restart on SIGHUP (reload all modules, with register()
or init() phase).
prefork: add --detach option to daemonize like forkserver
use user/group switching from forkserver to support secondary groups
(needed with plugins/queue/postfix-queue)
--pid-file now works
apache: add post-connection hook, connection->reset
Create async version of dns_whitelist_soft, rhsbl and uribl plugins.
async: added pre- and post-connection hooks
improve handling of inetd/xinetd connections (Hanno Hecker)
Qpsmtpd::Connection->notes are now reset on end of connection (currently
not in Apache). The workaround plugins/tls for -prefork is no longer
needed now.
keep the square brackets around the IP as "remote_host" if the reverse lookup failed (Hanno Hecker)
async: Dereference the DATA deny message before sending it to the client
Change async/resolvable_fromhost to match the logic of
the non-async version and other MTAs
async: Handle End-of-data marker split across packets
Allow plugins to use the post-fork hook
Add qpsmtpd-prefork to the install targets (Robin Bowes)
Address definitions are now package vars and can be overriden for
sites that wish to change the definition of an email address. (Jared Johnson)
New config option "spool_perms" to set permissions of spool_dir
(Jared Johnson)
leading/trailing whitespace in config files is ignored (Henry Baragar)
0.43 - February 5, 2008 - Never offically released; oops.
(This release was mostly done by Matt Sergeant and Hanno Hecker)
Allow qpsmtpd-async to detatch (Chris Lewis).
plugins/tls: work-around for failed connections in -prefork after
STARTTLS connection (Stefan Priebe, Hanno Hecker)
Make the cleanup socket location parameter in the postfix plugin work
Implement config caching properly (for async).
Hook/plugin caching
Remove the connection / transaction id feature (never released)
Option to clamdscan to scan all messages, even if there are no attachments
add new clamd_user parameter that sets the user we pass to clamd
async: Support for HUPing the server to clear the cache. Wake-one child support.
async: Don't listen for readiness in the parent any more - breaks
under high load.
Made user() and host() setters as well as getters in
Qpsmtpd::Address. Suggested by
Pluggable "help", based on patch by Jose Luis Martinez.
Updated plugin documentation.
0.42 - October 1, 2007 - Never released
Pluggable hook "noop"
Pluggable hook "help" (based on patch by Jose Luis Martinez)
async: better config caching (of flat files, not results from hook_config
or .cdb files), send SIGHUP to clear cache
New docs/plugins.pod documentation!
Add X-Spam-Level header in spamassassin plugin (idea from Werner Fleck)
prefork: support two or more parallel running instances (on different
ports; the first 4 digits of the port number must be different for each
instance - see IPC::Sharable).
prefork: Fix sporadic bug showing itself after millions of
connections (S. Priebe)
Remove the auth/authnull sample plugin (there are plenty proper examples now
so we don't have to include this insecure plugin)
POD syntax cleanup (Steve Kemp)
Fix Qpsmtpd::Plugins::isa_plugin() with multiple plugin dirs (Gavin Carr)
Fix false positives in check_for_hi_virus plugin (Jerry D. Hedden)
Make connection->local_ip available from the Apache transport (Peter Eisch)
Support checking for early talkers at DATA
Make the documented DENY{,SOFT}_DISCONNECT work in the data-post hook
Allow buffered writes in Postfix plugin (from Joe Schaefer)
Cleanup spamassassin plugin code a little
Fix bug which breaks queue plugins that implement continuations
Fix false positives in check_for_hi_virus plugin (Jerry D. Hedden)
Unrecognized command fix (issue #16)
Updated documentation (Apache 2.2, more)
Add uribl plugin (Devin Carraway)
0.40 - June 11, 2007
Add async server - uses epoll/kqueue/poll where available. (Matt Sergeant)
Add preforking qpsmtp server (Lars Roland)
Support SMTPS (John Peacock)
Support "module" plugins ("My::Plugin" in the config/plugins file)
Added IPv6 support. (Mike Williams)
Added tests for the rcpt_ok plugin (Guy Hulbert, issue #4)
Fix logging when dropping a mail due to size (m. allan noah /
kitno455, issue #13)
Don't drop privileges in forkserver if we don't have to.
greylisting: fix db_dir configuration option so it actually works
(kitno455, issue #6)
Correct header parsing of "space only" lines (Joerg Meyer, issue #11)
Update the sample configuration to use
Make the badmailfrom plugin support (optional) rejection messages after the
rejection pattern (Robin Hugh Johnson)
The ill-named $transaction->body_size() is depreceated now, use
$transaction->data_size() instead. Check your logs for LOGWARN messages
about "body_size" and fix your plugins. (Hanno Hecker)
Support pluggable Received headers (Matt Sergeant)
RFC3848 support for ESMTP. (Nick Leverton)
Updated the list of DNSBLs in the default config
Instead of failing with cryptic message, ignore lines in config/plugins
for uninstalled plugins. (John Peacock)
Clean up some of the logging (hjp)
Patch to prefork code to make it run (Leonardo Helman). Add --pretty
option to qpsmtpd-prefork to change $0 for child processes (John Peacock).
Add support for multiple plugin directories, whose paths are given by the
'plugin_dirs' configuration. (Devin Carraway, Nick Leverton)
Greylisting DBs may now be stored in a configured location, and are
looked for by default in /var/lib/qpsmtpd/greylisting in addition to the
previous locations relative to the qpsmtpd binary. (Devin Carraway)
New Qpsmtpd::Postfix::Constants to encapsulate all of the current return
codes from Postfix, plus script to generate it. (Hanno Hecker)
Add ability to specific socket for syslog (Peter Eisch)
Do the right thing for unimplemented AUTH mechanisms (Brian Szymanski)
relay_only plugin for smart relay host. (John Peacock)
Enhance the spamassassin plugin to support connecting to a remote
spamd process (Kjetil Kjernsmo).
Add domainkeys plugin (John Peacock)
Add SSL encryption method to header to mirror other qmail/SSL patches.
Add tls_before_auth to suppress AUTH unless TLS has already been
established (Robin Johnson).
Fix "help" command when there's no "smtpgreeting" configured (the default)
(Thanks to Thomas Ogrisegg)
Move the Qpsmtpd::Auth POD to a top-level README to be more obvious.
Add Qpsmtpd::Command to gather all parsing logic in one place (Hanno
Support multiline responses from plugins (Charlie Brady)
Added queue_pre and queue_post hooks (John Peacock)
Implement multiple host/port listening for qpsmtpd-forkserver (Devin
Fix a spurious newline at the start of messages queued via exim (Devin
Make the clamdscan plugin temporarily deny mail if if can't talk to clamd
(Filippo Carletti)
Improve Qpsmtpd::Transaction documentation (Fred Moyer)
0.32 - 2006/02/26
Add logging/file plugin for simple logging to a file (Devin Carraway and
Peter J. Holzer).
Add logging/syslog plugin for logging via the syslog facility (Devin
Add Qpsmtpd::DSN to return extended SMTP status codes from RFC-1893 and
patch existing plugins to use it when appropriate (Hanno Hecker).
Add plugins/tls_cert to generate appropriately shaped self-signed certs for
TLS support. Add explicit use of CA used to sign cert. Abstract clone()ing
of connection information when switching to TLS. Fix the AUTH code to work
correctly with TLS.
Add hosts_allow plugin to support pre- and post-connection hooks as well
as move --max-from-ip tests out of core (Hanno Hecker).
Improve postfix-queue plugin to support the known processing flags (Hanno
Drop root privileges before loading plugins, rather than after.
A few fixes to the clamdscan plugin (Dave Rolsky)
Various minor fixes and improvements
0.31.1 - 2005/11/18
Add missing files to the distribution, oops... (Thanks Budi Ang!)
(exim plugin, tls plugin, various sample configuration files)
0.31 - 2005/11/16
STARTTLS support (see plugins/tls)
Added queue/exim-bsmtp plugin to spool accepted mail into an Exim
backend via BSMTP. (Devin Carraway)
New plugin inheritance system, see the bottom of README.plugins for
more information
qpsmtpd-forkserver: --listen-address may now be given more than once, to
request listening on multiple local addresses (Devin Carraway)
(also: no more signal problems making qpsmtpd-forkserver crash/loop
when forking).
qpsmtpd-forkserver: add an option for writing a PID file (pjh)
qpsmtpd-forkserver: set auxiliary groups (this is needed for the
postfix backend, which expects to have write permission to a fifo
which usually belongs to group postdrop). (pjh)
qpsmtpd-forkserver: if -d or --detach is given on the commandline,
forkserver will detach from the controlling terminal and daemonize
itself (Devin Carraway)
replace some fun smtp comments with boring ones.
example patterns for badrcptto plugin - Gordon Rowell
Extend resolvable_fromhost to include a configurable list of
"impossible" addresses to combat spammer forging. (Hanno Hecker)
Use qmail/control/smtpdgreeting if it exists, otherwise
show the original qpsmtpd greeting (with version information).
Apply slight variation on patch from Peter Holzer to allow specification of
an explicit $QPSMTPD_CONFIG variable to specify where the config lives,
overriding $QMAIL/control and /var/qmail/control if set. The usual
"last location with the file wins" rule still applies.
Refactor Qpsmtpd::Address
when disconncting with a temporary failure, return 421 rather than
450 or 451. (Peter J. Holzer)
The unrecognized_command hook now uses DENY_DISCONNECT return
for disconnecting the user.
If the environment variable $QPSMTPD_CONFIG is set, qpsmtpd will look
for its config files in the directory given therein, in addition to (and
in preference to) other locations. (Peter J. Holzer)
Updated documentation
Various minor cleanups
0.30 - 2005/07/05
Add plugable logging support include sample plugin which replicates
the existing core code. Add OK hook.
Add new logging plugin, logging/adaptive, which logs at different
levels depending on whether the message was accepted/rejected.
(See README.logging for information about the new logging system by
John Peacock)
plugins/auth/auth_ldap_bind - New plugin to authenticate against an
LDAP database. Thanks to Elliot Foster <>
new plugin: plugins/auth/auth_flat_file - flat file auth plugin
new plugin: plugins/auth/auth_cvm_unix_local - Only DENY if the
credentials were accepted but incorrect (bad password?). Interfaces
with Bruce Guenther's Credential Validation Module (CVM)
Revamp Qpsmtpd::Constants so it is possible to retrieve the text
representation from the numeric (for logging purposes).
new plugin: plugins/check_badrcptto_patterns - Match bad RCPTO
address with regex (Gordon Rowell)
new plugin: plugins/check_norelay - Carve out holes from larger
relay blocks (Also Gordon Rowell)
new plugin: plugins/virus/sophie - Uses SOPHOS Antivirus via Sophie
resident daemon.
Store mail in memory up to a certain threshold (default 10k).
Remove needless restriction on temp_file() to allow the spool
directory path to include dots (as in ../)
Fix off-by-one line numbers in warnings from plugins (thanks to
Brian Grossman).
Don't check the HELO host for rfc-ignorant compliance
body_write patches from Brian Grossman
Fix for corruption problem under Apache
Update Apache::Qpsmtpd to work with the latest Apache/mod_perl 2.0
API. Fix various bucket issues.
Replace $ENV{RELAYCLIENT} with $connection->relay_client in last plugin.
Fix typo in qpsmtpd-forkserver commandline help
0.29 - 2005/03/03
Store entire incoming message in spool file (so that scanners can read
the complete message) and ignore old headers before adding lines and
queuing for delivery.
New anti-virus scanners: hbedv (Hanno Hecker), bitdefender, and clamdscan
(John Peacock). Update clamav plugin to directly scan the spool file.
New temp_file() and temp_dir() methods; when used by plugins, they create
a filename or directory which will last only as long as the current
transaction. Also created a spool_dir() method which checks/creates the
spool_dir when the application starts up. All three methods are also
available in the base class where the temp_* objects are not automatically
limited to the transaction's lifetime. (John Peacock)
Added Gavin Carr's greylisting plugin
Renamed config/ to config.sample/
Qpsmtpd::Auth - document $mechanism option, improve fallback to generic
hooks, document that auth-login works now, stash auth user and method for
later use by Qpsmtpd::SMTP to generate authentication header.
(Michael Toren)
Qpsmtpd::SMTP - "MAIL FROM: <#@[]>" now works like qmail (null sender),
add LOGIN to default auth mechanisms, display auth user and method in
Received: line instead of X-Qpsmtpd-Auth header.
(Michael Toren)
check_badmailfromto - NEW PLUGIN - like check_badmailfrom except matches
both FROM: and TO:, and effectively makes it seem like the recipient
no longer exists for that sender (great for harassment cases).
(John Peacock)
earlytalker and resolvable_fromhost - short circuit test if
whitelistclient is set. (Michael Toren)
check_badmailfrom - Do not say why a given message is denied.
(Michael Toren)
dns_whitelist_soft - NEW PLUGIN - dns-based whitelist override for
other qpsmtpd plugins. Add suuport for whitelisthost to dnsbl.
(John Peacock)
auth/auth_vpopmail_sql - Support CRAM-MD5 (requires clear_passwd)
(John Peacock)
plugins/queue/qmail-queue - Added a timestamp and the qmail-queue qp
identifier to the "Queued!" message, for compatibility with qmail-smtpd
(Michael Toren)
Support qmail-smtpd's timeoutsmtpd config file
Many improvements to the forking server (qpsmtpd-forkserver)
Plugin testing framework (Matt)
Added Apache::Qpsmtpd (Apache/mod_perl 2.0 connection handler)
Allow for multiple instances of a single plugin by using plugin:0
notation (Robert)
Fix CDB support so the server can work without it
VRFY plugin support (Robert Spier)
Added Makefile.PL etc to make it easier to build a package (Matt).
Added Apache::Qpsmtpd to the distro.
Make the distro follow the CPAN module style (Makefile.PL, MANIFEST, etc)
Make the rhsbl plugin do DNS lookups in the background. (Mark Powell)
Fix warning in count_unrecognized_commands plugin (thanks to spaze
and Roger Walker)
Improve error messages from the Postfix module (Erik I. Bolsø,
<knan at>)
make the maildir plugin record who the message was to (with a bit of improvements
this could make a decent local delivery plugin)
Pass extra "stuff" to HELO/EHLO callbacks (to make it easier to
support SMTP extensions)
Renamed the *HARD return codes to DENY_DISCONNECT and
Mail::Address does RFC822 addresses, we need SMTP addresses.
Replace Mail::Address with Peter J. Holzer's Qpsmtpd::Address module.
Don't keep adding ip addresses to the process status line ($0) when
running under PPerl.
Include the date and time the session started in the process status line.
Add "plugin/virus/uvscan" - McAfee commandline virus scanner
Inbound connections logged as soon as the remote host address is known
when running under tcpserver.
Add Qpsmtpd::Auth (authentication handlers! See plugins/auth/) (John Peacock)
Add a plugin hook for the DATA command
earlytalker -
+ optionally react to an earlytalker by denying all MAIL-FROM commands
rather than issuing a 4xx/5xx greeting and disconnecting. (Mark
+ initial "awkward silence" period now configurable (Mark Powell)
+ DENY/DENYSOFT now configurable
Move relay flag to connection object (John Peacock):
+ add relay_client() method to
+ Remove $transaction->relaying() completely (due to popular demand)
Split check_relay plugin into two plugins (John Peacock):
+ check_relay now fires on connect and sets relay_client() flag
+ rcpt_ok runs last of rcpt plugins and performs final OK/DENY
+ change default config/plugins to reflect new order
0.28 - 2004/06/05
Don't keep adding ip addresses to the process status line ($0) when running under PPerl.
Include the date and time the session started in the process status line.
Added a "queue/maildir" plugin for writing incoming mails to a maildir.
Create temp files with permissions 0600 (thanks to Robert James Kaes again)
Fix warning in check_badrcptto plugin (Thanks to Robert James Kaes)
Proper "Log levels" with a configuration option
$Include feature in config/plugins
0.27.1 - 2004/03/11
SpamAssassin plugin Outlook compatibility fix (Thanks to Gergely Risko)
0.27 - 2004/03/10
Support for unix sockets in the spamassassin plugin (requires SA
2.60 or higher). Thanks to John Peacock!
Modified the dnsbl plugin to better support both A and TXT records and
support all of the RBLSMTPD functionality. (Thanks to Mark Powell)
reject bare carriage-returns in addition to the bare line-feeds
(based on a patch from Robert James Kaes, thanks!)
Bugfix to the count_unrecognized_commands plugin so it works
under PPerl (it wasn't resetting the count properly).
reset_transaction is called after disconnect plugins are called so
the Transaction objects DESTROY method is called. (Thanks to Robert
James Kaes <>)
Made the SpamAssassin plugin work with SA 2.6+ (thanks to numerous
contributors, thanks everyone!). Note that for now it's not
including the Spam: headers with the score explained. For that use
the spamassassin_spamc plugin from
(for now).
Added Postfix queue plugin thanks to Peter J Holzer!
Took out the last "exit" call from the SMTP object; the "transport"
module ("TcpServer", "SelectServer") needs to do the right thing in
it's disconnect method.
Update the SPF plugin (Philip Gladstone,
* Integrated with Mail::SPF::Query 1.991
* Don't do SPF processing when you are acting as a relay system
* Remove the MX changes as they are now inside Mail::SPF::Query
Take out Data::Dumper to save a few bytes of memory
Say Received: ... via ESMTP instead of via SMTP when the client
speaks ESMTP. (Hoping this can be a useful SpamAssassin rule).
Take out the X-SMTPD header.
Add pod documentation and sanity checking of the config to
Use $ENV{QMAIL} to override /var/qmail for where to find the
control/ directory.
Enable "earlytalker" in the default plugins config
Added a milter plugin to allow use of sendmail milters
Don't store the Qpsmtpd object in the Plugin object any more (this
caused a circular reference)
Added a new qpsmtpd-server - a select() based server for qpsmtpd
Allow a config/relayclients and config/morerelayclients files to
define who can relay (useful with the select() server)
Fixed qpsmtpd unfolding all header lines
Speed up persistent qpsmtpd's by checking for plugin functions after
munging the name (the main breakage was with queue/qmail-queue)
Use dup2() instead of perl open("<&") style. POSIX seems to work better.
Added SPF, sender permitted from, plugin
More minor changes and probably a few big ones that we missed adding here :-)
0.26 - 2003/06/11
Add queue/smtp-forward plugin (Matt Sergeant)
Add documentation to Qpsmtpd::Transaction (Matt Sergeant)
Fix bug in dnsbl that made it sometimes ignore "hits" (thanks to
James H. Thompson <>)
Fix bug hiding the error message when an existing configuration file
isn't readable.
If a plugin running the ehlo hook add something to the ARRAY
reference $self->transaction->notes('capabilities') then it will be
added to the EHLO response.
Add command_counter method to the SMTP object. Plugins can use this
to catch (or not) consecutive commands. In particular useful with
the unrecognized_command hook.
Filter out all uncommon characters from the remote_host
setting. (thanks to Frank Denis / Jedi/Sector One for the hint).
Added a check for the spool_dir having mode 0700.
Don't break under taint mode on OpenBSD. (thanks to Frank Denis /
Jedi/Sector One)
Have the qmail-queue plugin add the message-id to the "Queued!"
message we send back to the client (to help those odd sendmail using
people debug their logs)
Set the process name to "qpsmtpd [ :]"
Fixed timeout bug when the client sent DATA and then stopped before
sending the next line. (Gergely Risko <>)
unrecognized_command hook and a count_unrecognized_commands
plugin. (Rasjid Wilcox)
earlytalker plugin. Deny the connection if the client talks
before we show our SMTP banner. (From Devin Carraway)
Patch Qpsmtpd::SMTP to allow connect plugins to give DENY and
DENYSOFT return codes. Based on patch from Devin Carraway.
Support morercpthosts.cdb
config now takes an extra "type" parameter. If it's "map" then a
reference to a tied hash will be returned.
0.25 - 2003/03/18
Use the proper RFC2822 date format in the Received headers. (Somehow
I had convinced myself that ISO8601 dates were okay). Thanks to
Kee Hinckley <>.
Print the date in the local timezone instead of in -0000. (Not
entirely convinced this is a good idea)
Lots of changes from Rasjid Wilcox <>:
Fix error handling in queue/qmail-queue. (Rasjid)
Add option to queue/qmail-queue to specify an alternate qmail-queue
location. (Rasjid)
Add support for the QMAILQUEUE environment variable. (Rasjid)
PPerl compatibility (yay!) (Rasjid)
Allow mail to <abuse> and <postmaster> to go through. (Rasjid)
Add "deny" hook that gets called when another hook returns DENY or
DENYSOFT. (Rasjid)
Add list of required modules to the README. Thanks to Skaag Argonius
Fix dnsbl plugin to give us all the results. (Patch from Matt
Sergeant <>)
Disable identd lookups by passing -R to tcpserver. (Thanks to Matt)
add plugin hooks for HELO and EHLO (Devin Carraway
check_spamhelo plugin to deny mail from claimed senders from the
list specified in F<badhelo>. (For example or
(Devin Carraway)
0.20 - 2002/12/09
Fix the "too many dots in the beginning of the line" bug.
Add munge_subject_threshold and reject_threshold options to the
spamassassin plugin. Add documentation to the spamassassin plugin.
Add -p to mkdir in log/run (Rasjid Wilcox <>)
clamav plugin, thanks to Matt Sergeant,
Enabling this might require you to increase your "softlimit" in
the run file.
Make the spamassassin plugin not stop the next content plugins from
Store hooks runtime config globally so they will work within the
transaction objects too.
content_log plugin - log the content of all mails for
debugging. Robert Spier <>.
http_config plugin - get configuration via http
plugins can take arguments via their line in the "plugins" file
make the quit_fortune plugin check that the fortune program exists
0.12 - 2002/10/17
Better error messages when a plugin fails
Remove some debug messages in the log
Fix NOOP command with perl 5.6.
Better installation instructions and error message when no plugin
allowed or denied relaying (thanks to Lars Rander
Use /usr/bin/perl instead of the non-standard /home/perl/bin/perl
0.11 - 2002/10/09
Make a "queue" plugin hook and move the qmail-queue functionality
to plugins/queue/qmail-queue. This allows you to make qpsmtpd
delivery mail via smtp or lmtp or into a database or whatever you want.
Reorganize most of into Qpsmtpd/
Add spool_dir option (thanks to Ross Mueller <>)
Add plugin name to the "hooks" data structure, so we can log plugin
module had an error when we run a hook.
Make klez filter run for mails bigger than 220KB; they are sometimes
bigger than that.
Avoid "use of uninitialized variable" warning when the "MAIL" or the
"RCPT" command is executed without a parameter.
Compatibility with perl 5.5.3.
Fix "Could not print" error message in the TcpServer object. (Thanks
to Ross Mueller <>)
dnsbl plugin queues lookups in the background upon connect but
doesn't block for the results until they are needed, greatly
speeding up connection times. Also fix a typo in the dnsbl plugin
so it'll actually work(!).
check_badmailfrom and check_badrcptto plugins (Jim Winstead
Better RFC conformance. (Reset transactions after the DATA command and
when the MAIL command is being done)
0.10 - 2002/09/08
New object oriented internals
Very flexible plugin
All functionality not core to SMTP moved to plugins
Can accept mails as large as your file system will allow (instead of
up to as much memory you would allow qpsmtpd to eat).
Add klez_filter plugin
Support more return codes for data_post
Document data_post
Add plugin name to the log entries when plugins use log()
Add plugin_name method to the default plugin object.
Improve error handling in the spamassassin plugin
Spool message bodies to a tmp file so we can support HUGE messages
API to read the message body (undocumented, subject to change)
data_post hook (undocumented)
SpamAssassin plugin (connects to spamd on localhost), see
DNS RBL and RHSBL support via plugins.
More hooks.
First (non functional) version of the new object oriented mail engine (0.10).
Changes on the old v0.0x branch:
Klez filter (thanks to Robert Spier)
Bumped version number to 0.07
Support comments in configuration files (prefix the line with #)
Support RELAYCLIENT like qmail-smtpd (thanks to Marius Kjeldahl
<> and Zukka Zitting <>)
If the connection fails while in DATA we would just accept the
message. Ouch! Thanks to Devin Carraway <> for the
Allow [] for the hostname when checking if the dns resolves
assorted fixes; getting dnsbl's to actually work
fixing the maximum message size (databytes) stuff (thanks for the
spot to Andrew Pam <>)
support and enable taint checking (thanks to Devin Carraway
Make the MAIL FROM host dns check configurable. (thanks to Devin
Add more documentation to the README file.