summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix utf8received failing to detect empty newlines (body starts)HEADmastermanuel2025-01-271-1/+4
| | | | This resulted in invalid mail encoding (bare LF, \r\n\n)
* Do not enable legacy TLS version any longermanuel2025-01-222-3/+0
|
* Fix `implicit declaration of function` in install-big/hiermanuel2024-11-285-34/+23
|
* smtp: add support for auth fail reason passed from dovecot authmanuel2024-11-281-6/+27
|
* Add support for "require TLS"-settingsmanuel2023-09-262-13/+56
|
* qmail-smtpd: code cleanupmanuel2023-09-251-4/+4
|
* qmail-smtpd: reduce security level to 0 on port 25manuel2023-08-171-2/+2
|
* qmail-smtpd: print tls error message on stderrmanuel2023-08-171-1/+5
|
* fix openssl compatibility with <3.0manuel2023-08-101-3/+5
|
* openssl: ignore unexpected EOF + only 1 session ticketmanuel2023-08-102-0/+6
|
* Disable TLS renegotiationmanuel2023-08-102-0/+4
|
* Get rid of useless "User and password not set, continuing withoutmanuel2023-08-101-4/+4
| | | | authentication...." message
* Use ASN1_STRING_...-functions where possiblemanuel2023-08-101-1/+1
|
* dnsmxip: sync validated outputmanuel2023-08-101-1/+1
|
* DANE: only enabled if MX lookup has been validatedmanuel2023-08-101-28/+23
| | | | additionally require TLSA RRs to be validated as well
* add support for querying DNSSEC ad (validated) flagmanuel2023-08-1010-37/+45
| | | | also migrate from deprecated resolver functions
* qmail-remote: disable QMTPmanuel2023-08-091-0/+2
|
* Make qmail openssl 3.0 compatiblemanuel2023-08-083-282/+130
| | | | | | | - remove support for loading custom DH params from pem. use opensslconf if really required - remove support for loading custom ec group from params - reimplement DANE support using openssl DANE functions
* dnstlsa: fix missing paranthesismanuel2023-08-081-4/+4
|
* dnstlsa: remove stdio.hmanuel2023-08-071-1/+0
|
* dnstlsa: remove commentmanuel2023-08-071-1/+1
|
* remove "shar"-supportmanuel2023-08-071-80/+0
|
* add dns_tlsa(...) and dnstlsa utilitymanuel2023-08-074-1/+156
|
* add NOSESSIONHEADER env variablemanuel2023-04-045-25/+26
|
* SMTP: add support for required TLSmanuel2022-05-191-0/+5
|
* Add support for an alternative (ECDSA) certificatemanuel2022-01-261-8/+19
|
* Require HELO/EHLO before MAILManuel Mausz2021-08-161-2/+5
|
* Add X-UD-Smtp-Session to qmail-injectmanuel2020-11-202-2/+53
|
* Add X-UD-Smtp-Session to unauthed smtp session aswellmanuel2020-11-205-20/+29
|
* Require TLS 1.2 or above for smtp auth/submissionmanuel2020-08-311-4/+3
|
* sendmail: remove -bs and -bpmanuel2020-08-251-3/+3
|
* Revert "Rewrite 554 smtp code for web.de/gmx.net/1&1 servers"manuel2020-06-021-17/+1
| | | | This reverts commit f2ef25deb1aa356d41cdd3f6e46d9a68c48bfce0.
* Make sure to limit max alloc sizemanuel2020-05-191-0/+5
| | | | see https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt
* Rewrite 554 smtp code for web.de/gmx.net/1&1 serversmanuel2019-12-021-1/+17
|
* increase recipients limit to 300manuel2019-06-121-1/+1
|
* SMTP: limit max errors to 20manuel2019-06-111-24/+40
|
* max recipients: make error message more consistentmanuel2019-06-111-1/+1
|
* Add max recipients limitmanuel2019-06-111-1/+10
|
* Fix compile warnings...Manuel Mausz2019-06-1194-124/+200
|
* Only do deferrals in case qmail-remote does not spawnmanuel2019-05-281-1/+2
|
* Fix CVE-2011-1431manuel2019-04-101-1/+4
|
* Remove client certificate left oversmanuel2019-02-012-24/+0
|
* Disable TLS 1.0 only for smtp auth/submissionmanuel2018-12-261-4/+7
|
* Disable TLS 1.0manuel2018-12-041-1/+1
|
* plus addressing improvementsmanuel2018-10-152-23/+34
| | | | | * first `+` splits local part from sub-address * prioritize plus addressing over domain wildcards
* Enable PRIORITIZE_CHACHA per defaultmanuel2018-09-173-3/+6
|
* More OpenSSL 1.1 compatibilitymanuel2018-06-281-0/+4
|
* OpenSSL 1.1 compatibilityManuel Mausz2018-06-278-137/+125
| | | | | | | | | | | | | | This adds compatibility for OpenSSL 1.1 Since renegotiation is removed from TLS 1.3 we also removed support for authentication via client certificates (control/tlsclients). In general this is still supported by TLS 1.3 however I'm just lazy and we don't need this feature anyway. This also adds optional support for OpenSSL configuration commands for qmail-smtpd and qmail-remote. Commands are loaded from control/opensslconf. For a list of supported commands see https://www.openssl.org/docs/man1.0.2/ssl/SSL_CONF_cmd.html#SUPPORTED-CONFIGURATION-FILE-COMMANDS
* work around a libval bugmanuel2018-04-161-0/+3
|
* Disable SSLv3 and enable prefer server ciphersmanuel2018-04-162-2/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 08:14:36 +0000