summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* dnstlsa: remove stdio.hmanuel2023-08-071-1/+0
|
* dnstlsa: remove commentmanuel2023-08-071-1/+1
|
* remove "shar"-supportmanuel2023-08-071-80/+0
|
* add dns_tlsa(...) and dnstlsa utilitymanuel2023-08-074-1/+156
|
* add NOSESSIONHEADER env variablemanuel2023-04-045-25/+26
|
* SMTP: add support for required TLSmanuel2022-05-191-0/+5
|
* Add support for an alternative (ECDSA) certificatemanuel2022-01-261-8/+19
|
* Require HELO/EHLO before MAILManuel Mausz2021-08-161-2/+5
|
* Add X-UD-Smtp-Session to qmail-injectmanuel2020-11-202-2/+53
|
* Add X-UD-Smtp-Session to unauthed smtp session aswellmanuel2020-11-205-20/+29
|
* Require TLS 1.2 or above for smtp auth/submissionmanuel2020-08-311-4/+3
|
* sendmail: remove -bs and -bpmanuel2020-08-251-3/+3
|
* Revert "Rewrite 554 smtp code for web.de/gmx.net/1&1 servers"manuel2020-06-021-17/+1
| | | | This reverts commit f2ef25deb1aa356d41cdd3f6e46d9a68c48bfce0.
* Make sure to limit max alloc sizemanuel2020-05-191-0/+5
| | | | see https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt
* Rewrite 554 smtp code for web.de/gmx.net/1&1 serversmanuel2019-12-021-1/+17
|
* increase recipients limit to 300manuel2019-06-121-1/+1
|
* SMTP: limit max errors to 20manuel2019-06-111-24/+40
|
* max recipients: make error message more consistentmanuel2019-06-111-1/+1
|
* Add max recipients limitmanuel2019-06-111-1/+10
|
* Fix compile warnings...Manuel Mausz2019-06-1194-124/+200
|
* Only do deferrals in case qmail-remote does not spawnmanuel2019-05-281-1/+2
|
* Fix CVE-2011-1431manuel2019-04-101-1/+4
|
* Remove client certificate left oversmanuel2019-02-012-24/+0
|
* Disable TLS 1.0 only for smtp auth/submissionmanuel2018-12-261-4/+7
|
* Disable TLS 1.0manuel2018-12-041-1/+1
|
* plus addressing improvementsmanuel2018-10-152-23/+34
| | | | | * first `+` splits local part from sub-address * prioritize plus addressing over domain wildcards
* Enable PRIORITIZE_CHACHA per defaultmanuel2018-09-173-3/+6
|
* More OpenSSL 1.1 compatibilitymanuel2018-06-281-0/+4
|
* OpenSSL 1.1 compatibilityManuel Mausz2018-06-278-137/+125
| | | | | | | | | | | | | | This adds compatibility for OpenSSL 1.1 Since renegotiation is removed from TLS 1.3 we also removed support for authentication via client certificates (control/tlsclients). In general this is still supported by TLS 1.3 however I'm just lazy and we don't need this feature anyway. This also adds optional support for OpenSSL configuration commands for qmail-smtpd and qmail-remote. Commands are loaded from control/opensslconf. For a list of supported commands see https://www.openssl.org/docs/man1.0.2/ssl/SSL_CONF_cmd.html#SUPPORTED-CONFIGURATION-FILE-COMMANDS
* work around a libval bugmanuel2018-04-161-0/+3
|
* Disable SSLv3 and enable prefer server ciphersmanuel2018-04-162-2/+3
|
* Initialize session early for loggingmanuel2018-04-161-0/+1
|
* ignore AUTH parameters in MAIL FROMmanuel2018-04-041-1/+2
|
* add X-UD-Smtp-Session and remove ip from authed clientsmanuel2018-04-043-2/+87
|
* realrcptto: drop default QMAILQUEUE for catch-allmanuel2018-02-261-8/+0
|
* realrcptto: extract username from mailbox forwardsmanuel2017-12-061-0/+5
|
* realrcptto: stop resolving after dovecot-rda has been foundmanuel2017-12-061-4/+12
|
* SMTPUTF8: substract null terminationmanuel2017-10-101-0/+1
| | | | | qmail-remote assumes host is not null terminated. IDN requires null termination so subtract the trailing NULL after appending.
* SMTPUTF8: convert UTF-8 domains to IDNAmanuel2017-08-182-2/+31
| | | | | | | | | | | | | This isn't entirely correct according to RFC 6531 as it's better to not convert at all. However this would require we additionally add the UTF-8 form to qmails local recipient users/domains. Plus our SMTPUTF8 implementation doesn't convert outgoing UTF-8 mails if receiving MTA doesn't support SMTPUTF8. So mail forwarding might generate a bounce the user very likely doesn't understand. As MTAs who support SMTPUTF8 most likely also support the IDNA form, always converting is probably a good trade-off.
* add support for SMTPUTF8manuel2017-08-176-13/+126
|
* Implement plus addressing for virtualdomainsmanuel2017-08-162-1/+43
|
* realrcptto: extract username from dovecot-rda callsmanuel2017-08-161-1/+20
|
* make qmail support EC keysmanuel2016-08-072-3/+3
|
* implement tls before auth as environment variablemanuel2016-03-211-8/+10
|
* don't announce SMTP AUTH commands if not availablemanuel2016-03-211-7/+10
|
* disable SSLv2manuel2016-03-012-0/+2
|
* [PATCH] qmail queue custom error patchmanuel2015-07-272-1/+26
| | | | see google qmail-queue-custom-error-v2.patch
* update DANE support to libval 2.1 (+fixes)manuel2015-07-241-20/+35
|
* fix missing check for invalid dane statusmanuel2015-07-061-13/+14
| | | | | libval returns VAL_DANE_NOERROR if domain is insecure and no TLSA RR exists. we should stop all further dane handling in this case
* add SMTP DANE supportmanuel2015-07-043-63/+121
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-12 11:38:48 +0000