-
Notifications
You must be signed in to change notification settings - Fork 6
/
NEWS
233 lines (197 loc) · 9.05 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
Changes in PPolicy 2.7.0-beta10 (Jun 13 2011)
=============================================
- perRecipient/perMessage DOS checking
- added simple mechanism for loading/saving module state
Changes in PPolicy 2.7.0-beta9 (Nov 2 2008)
===========================================
- allow installation to custom directory
- correct ldap filter escaping
- fixed p0f data packing/unpacking (allow different versions)
- fixed IPv4 and IPv6 regex
- fixed caching all records from DB table
- fixed DB data escaping
- config file option to disable psyco
Changes in PPolicy 2.7.0-beta1 (Sep 12 2007)
============================================
- added LookupDB module
- code cleanup in List, ListBW, ListDyn, ListMailDomain
- case-(in)sensitive DB search depends on DB definition
(removed explicit DB case-insensitive search using LOWER,
because it can hurt DB performance)
- checked and fixed SQL query escaping
- checked and added indexes when creating new DB tables
- fixed possible race condition in PPolicyRequest
Changes in PPolicy 2.6.6 (Aug 10 2007)
======================================
- cleanup in connection threading using deferred
- switched to python twisted 2.4 (1.3 should still work)
- better handling of clients that don't wait for results
- commit database transactions
- support for twisted 2.5 (twisted Interface replaced with ZopeInterface)
- support for building RPM packages on Mandriva
- get rid of dependencies in RPM that are required only by some modules
- cleanup in getting/releasing connections from DB connection pool
- race condition in deferred checking (see Ticket #1)
Changes in PPolicy 2.6.5 (Jan 14 2007)
======================================
- fixed handlint < and > in sender/recipient address
- added LookupLDAP module
- changed transport output to unbuffered(?),
because of python-twisted 2.x compatibility
- added support to split tables in DumpDataDB
- scoring DNS blacklist rewritten
- added cache for negative DNS queries and DNS timeouts
- don't store greylist triplet info, when we see it only once
Changes in PPolicy 2.6.4 (Jul 10 2006)
======================================
- changed log dir to /var/log/ppolicy
- added support to reload ppolicy.conf on SIGHUP
(right now only simple changes in check method are safe)
- added P0f module
- added Whois module (dummy skeleton)
- changed return code for SPF module
- cleanup for IPv6 support
- ListMailDomain should work now
- better handling for check method parameters
- fixed bug passing wrong port number to check method
- changed algorithm to generate list of domains for ListMailDomain
(to be compatible with Amavis lookup list)
- fixed bug in ListBW (it returns 1 for blacklist)
- added tests for module DnsblDynamic
Changes in PPolicy 2.6.3 (Jun 12 2006)
======================================
- better performance logging with DEBUG log level
- fixed bug in spf in case of splitted TXT record in DNS
- disabled spf internal DNS cache (not thread safe, out of control)
- DB_ENGINE constant to specify mysql database type
- ppolicy can listen on more ports for conncetion from postfix
with different configuration
- added GeoIP/Country module
- fixed bug in greylist expiration
- updated dynamic patterns
- updated and patched pyspf from http://sourceforge.net/projects/pymilter
Changes in PPolicy 2.6.1 (May 16 2006)
======================================
- increased mem cache expiration for modules using DNS and DB
- added option cache all records from List and ListMailDomain in memory
- added ListBW to search data in blacklist/whitelist
- added simple debug interface listening at command port
- changed threadsafe caching of DNS answers
- improved performance of DumpDataDB insert
- added name->mx check to Resolve module
- changed DNS timeouts, info about slow resolver in dnspython >= 1.3.4
- logging gc status only when loglevel < DEBUG (consume lot of resources)
- minor SQL query optimization
- List now support array of parameters and columns
- fixed bug in searching domain mailhost IP addresses
Changes in PPolicy 2.5.3 (May 9 2006)
=====================================
- resEx returned from check method can be complex structure
(used by List*, Greylist, SPF, ...)
- format resouce usage string, add to data hash (can be stored in db)
- case-insensitive search in List, hashArg updates
- use psyco if available to improve performance
- DnsblScore caching improved
- all db connection are now in try/except block to release connections
- fixed bug in ListMailDomain, added expiration time for mem cache
- cache size can be set in config file
Changes in PPolicy 2.4.2 (May 1 2006)
=====================================
- fixed bug: data was not handled in separate thread in previous version
(poor performance in case of many simultaneous connections)
- case-insensitive search for Greylist, create db index
- case-insensitive search for ListDyn
- stress test on 100k mails passed wihout any warning or error
- added more debugging to trace performance bottleneck
- thread-safe calling dns.resolver.query (because of internal hash cache)
- fixed bug in result cache expiration
- changed handling of incomming request to own Thread class
(because of resource leaking reactor.callInThread)
- added ListMailDomain module
Changes in PPolicy 2.3.1 (Apr 28 2006)
======================================
- changed method for searching MAX(`id`) in `dump` table for DumpDataDB
(MAX is performance problem, use separate table with sequence)
caution - new method is not thread safe, but it is only used to store
data for further analysis - so I don't care...
- using modules stop() method should be safe
- changed check method (added required "data" argument)
- result are now by default appended to data hash (you can disable it
using Base class parameter saveResults)
- disabled in memory caching for ListDyn
(needs careful code inspection before enabling)
- create indexes on "value" columns for ListDyn table
- updated examples
Changes in PPolicy 2.2.2 (Apr 9 2006)
=====================================
- fixed SQL escaping
- Verification return CHECK_FAILED in case of DNS error
- added module that return spamassassin blacklist score
- fixes in dnsbl module
- DnsblScore module that use spamassassin dnsbl score
for client ip and sender domain
- DnsblDynamic module try to identify clients on dynamic IP range
- updated documentation
- catch DNS exception in Resolve module
- unified lower/upper case of some values (e.g. sender, ...) for cached records
- fixed exception when using *args in check method (Base.hashArg method)
- config file check method examples
- updated init script for better handling daemon shutdown
- fixed bug in mail address parsing
- updated list of private/reserved networks in dnscache module
Changes in PPolicy 2.2.1 (Apr 6 2006)
=====================================
- added testing only mailhost and only tcp connection in Verification module
- escape strings that are inserted into DB
- DNS functions throws exception in case of DNS error
- added parameter to getDomainMailhost to exclude icorrect (local) addresses
- implemented Dnsbl to check client_address in selected blacklist
- SPF result should be now more reasonable (-1 - deny, 0 - unknown, 1 - pass)
- Greylist DNS error handling
Changes in PPolicy 2.1.1 (Apr 4 2006)
=====================================
- in memory cache for modules result (cachePositive, cacheUnknown, cacheNegative)
- changed check method parameters (custom parameters can be defined)
- ListDyn updates - changes in constructor parameters
- Verification use ListDyn for persistent cache
- names of some parameters was changed (tableName -> table, ...)
- python 2.3 compatibility fixes
Changes in PPolicy 2.0.1 (Mar 28 2006)
======================================
- checking framework rewritten
- each module in separate file
- checking flow defined in ppolicy.conf using python code
- modules passed basic tests
- make logging compatible with python 2.3
- support for older MySQLdb that doesn't support autocommit(false)
- added ListDyn module
Changes in PPolicy 1.4b4 (Dec 3 2005)
=====================================
- added AtLeastCheck (to specify that at least X from Y checks must be OK)
- added ResolveCheck
- script to create ppolicy MySQL database
- bug fixes
Changes in PPolicy 1.3 (Aug 28 2005)
====================================
- added DosCheck module
- added TrapCheck module
- added DnsblCheck module
- splitted tools package
- DbCache can optionaly throw exception in case of Db error
- disable graylisting if DbCache throw exception
- added timeout parameter to modules using SMTP
- disabled caching for logic modules (can be enabled in config file)
- changed caching for And, Or, ... checks (using lowest values of all checks)
- changed logging to default python logging class and twistedHandler
Changes in PPolicy 1.2 (Aug 22 2005)
====================================
- added GreylistCheck module
- module testing
- finished DomainVerificationCheck and UserVerificationCheck module
- finished database/mem caching
Changes in PPolicy 1.1 (Aug 17 2005)
====================================
- caching rewritten
Changes in PPolicy 1.0 (Aug 7 2005)
===================================
- first public release 1.0