summaryrefslogtreecommitdiffstats
path: root/qmail-smtpd.c
Commit message (Collapse)AuthorAgeFilesLines
* Do not enable legacy TLS version any longermanuel2025-01-221-2/+0
|
* smtp: add support for auth fail reason passed from dovecot authmanuel2024-11-281-6/+27
|
* Add support for "require TLS"-settingsmanuel2023-09-261-3/+18
|
* qmail-smtpd: code cleanupmanuel2023-09-251-4/+4
|
* qmail-smtpd: reduce security level to 0 on port 25manuel2023-08-171-2/+2
|
* qmail-smtpd: print tls error message on stderrmanuel2023-08-171-1/+5
|
* openssl: ignore unexpected EOF + only 1 session ticketmanuel2023-08-101-0/+4
|
* Disable TLS renegotiationmanuel2023-08-101-0/+2
|
* add support for querying DNSSEC ad (validated) flagmanuel2023-08-101-1/+0
| | | | also migrate from deprecated resolver functions
* Make qmail openssl 3.0 compatiblemanuel2023-08-081-191/+22
| | | | | | | - remove support for loading custom DH params from pem. use opensslconf if really required - remove support for loading custom ec group from params - reimplement DANE support using openssl DANE functions
* add NOSESSIONHEADER env variablemanuel2023-04-041-2/+4
|
* SMTP: add support for required TLSmanuel2022-05-191-0/+5
|
* Add support for an alternative (ECDSA) certificatemanuel2022-01-261-8/+19
|
* Require HELO/EHLO before MAILManuel Mausz2021-08-161-2/+5
|
* Add X-UD-Smtp-Session to unauthed smtp session aswellmanuel2020-11-201-2/+5
|
* Require TLS 1.2 or above for smtp auth/submissionmanuel2020-08-311-4/+3
|
* increase recipients limit to 300manuel2019-06-121-1/+1
|
* SMTP: limit max errors to 20manuel2019-06-111-24/+40
|
* max recipients: make error message more consistentmanuel2019-06-111-1/+1
|
* Add max recipients limitmanuel2019-06-111-1/+10
|
* Fix compile warnings...Manuel Mausz2019-06-111-5/+6
|
* Fix CVE-2011-1431manuel2019-04-101-1/+4
|
* Remove client certificate left oversmanuel2019-02-011-12/+0
|
* Disable TLS 1.0 only for smtp auth/submissionmanuel2018-12-261-4/+7
|
* Disable TLS 1.0manuel2018-12-041-1/+1
|
* Enable PRIORITIZE_CHACHA per defaultmanuel2018-09-171-2/+3
|
* More OpenSSL 1.1 compatibilitymanuel2018-06-281-0/+4
|
* OpenSSL 1.1 compatibilityManuel Mausz2018-06-271-97/+80
| | | | | | | | | | | | | | This adds compatibility for OpenSSL 1.1 Since renegotiation is removed from TLS 1.3 we also removed support for authentication via client certificates (control/tlsclients). In general this is still supported by TLS 1.3 however I'm just lazy and we don't need this feature anyway. This also adds optional support for OpenSSL configuration commands for qmail-smtpd and qmail-remote. Commands are loaded from control/opensslconf. For a list of supported commands see https://www.openssl.org/docs/man1.0.2/ssl/SSL_CONF_cmd.html#SUPPORTED-CONFIGURATION-FILE-COMMANDS
* Disable SSLv3 and enable prefer server ciphersmanuel2018-04-161-1/+2
|
* Initialize session early for loggingmanuel2018-04-161-0/+1
|
* ignore AUTH parameters in MAIL FROMmanuel2018-04-041-1/+2
|
* add X-UD-Smtp-Session and remove ip from authed clientsmanuel2018-04-041-2/+55
|
* SMTPUTF8: convert UTF-8 domains to IDNAmanuel2017-08-181-1/+30
| | | | | | | | | | | | | This isn't entirely correct according to RFC 6531 as it's better to not convert at all. However this would require we additionally add the UTF-8 form to qmails local recipient users/domains. Plus our SMTPUTF8 implementation doesn't convert outgoing UTF-8 mails if receiving MTA doesn't support SMTPUTF8. So mail forwarding might generate a bounce the user very likely doesn't understand. As MTAs who support SMTPUTF8 most likely also support the IDNA form, always converting is probably a good trade-off.
* add support for SMTPUTF8manuel2017-08-171-1/+22
|
* make qmail support EC keysmanuel2016-08-071-2/+2
|
* implement tls before auth as environment variablemanuel2016-03-211-8/+10
|
* don't announce SMTP AUTH commands if not availablemanuel2016-03-211-7/+10
|
* disable SSLv2manuel2016-03-011-0/+1
|
* add SMTP DANE supportmanuel2015-07-041-11/+10
|
* add support for ECDH as well as custom ec+dh params in certificatemanuel2015-06-231-6/+66
|
* Use DH parameters from OpenSSL and remove support for ephemeral RSAmanuel2015-06-221-28/+64
| | | | This adds support for DH parameters from 1024 to 8192 bits.
* export TLS-Session to environmentmanuel2014-02-141-0/+1
|
* make commands argument mandatorymanuel2014-01-271-7/+7
|
* [PATCH] protect qmail-smtpd from large received-linesmanuel2014-01-271-1/+1
| | | | | | | | | | | This patch corrects a small programming error in the blast() routine of qmail-smtpd.c. This is sometimes referred to as the "Guninski" bug, in reference to its discoverer. see * http://www.guninski.com/qmailcrash.html * http://thedjbway.b0llix.net/qmail/patches/qmail-1.03.smtpd-blast.patch
* check for bad chars only for for non-relay sessionsmanuel2013-06-071-1/+1
| | | | | check introduced by ee944357ee374402f20eb1297a0b596f7ef4ea8d (qmail-smtpd-relay-reject.gentoo)
* disable CRAM_MD5 supportmanuel2013-02-061-1/+1
|
* [PATCH] rewriteuser-0.1-qmail-smtpdmanuel2013-02-061-0/+42
|
* [PATCH] qmail-smtpd_auth-ssl-fix-sppmanuel2013-02-061-2/+11
|
* [PATCH] qmail-1.03-r17-greetdelaymanuel2013-02-061-0/+36
|
* [PATCH] realrcpttomanuel2013-02-051-1/+26
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 23:46:22 +0000