Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

sendmail-starttls- RPM for noarch

From OpenSuSE Tumbleweed for noarch

Name: sendmail-starttls Distribution: openSUSE Tumbleweed
Version: Vendor: openSUSE
Release: 3.2 Build date: Sat Nov 20 23:30:48 2021
Group: Productivity/Networking/Security Build host: goat19
Size: 0 Source RPM: sendmail-
Summary: BSD Sendmail Starttls helper scripts
This package includes the directory layout as well as some useful
helper scripts for better SSL/TLS support.

"sendmail" is a trademark of Sendmail, Inc.






* Tue Nov 16 2021 Johannes Segitz <>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * sendmail-client.service
    * sendmail.service
* Tue Jul 06 2021 Dr. Werner Fink <>
  - Require libopenssl-1_1-devel on older SLE-11
* Thu Jul 01 2021 Dr. Werner Fink <>
  - Re-add 'sysvinit(network)' build dependency
* Tue Jun 29 2021 Dr. Werner Fink <>
  - Use %set_permissions on path /var/spool/clientmqueue/ as well (boo#1187809)
* Fri Jun 25 2021 Dr. Werner Fink <>
  - Update to pre version sendmail 8.17.1 ( (boo#1187688)
    * Deprecation notice: due to compatibility problems with some
      third party code, we plan to finally switch from K&R
      to ANSI C. If you are using sendmail on a system
      which does not have a compiler for ANSI C contact us
      with details as soon as possible so we can determine
      how to proceed.
    * Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533)
      is available when using the compile time option USE_EAI
      (see also devtools/Site/site.config.m4.sample for other
      required settings) and the cf option SMTPUTF8.
      If a mail submission via the command line requires
      the use of SMTPUTF8, e.g., because a header uses UTF-8
      encoding, but the addresses on the command line are all
      ASCII, then the new option -U must be used, and
      the cf option SMTPUTF8 must be set in
      Please test and provide feedback.
    * Experimental support for SMTP MTA Strict Transport Security
      (MTA-STS, see RFC 8461) is available when using
    - the compile time option _FFR_MTA_STS (which requires
    - FEATURE(sts), which implicitly sets the cf option
    - postfix-mta-sts-resolver, see
    * New ruleset check_other which is called for all unknown SMTP
      commands in the server and for commands which do not
      have specific rulesets, e.g., NOOP and VERB.
    * New ruleset clt_features which can be used to select features
      in the SMTP client per server.  Currently only two
      flags are available: D/M to disable DANE/MTA-STS,
    * Avoid leaking session macros for an envelope between
      delivery attempts to different servers.  This problem
      could have affected check_compat.
    * Avoid leaking actual SMTP replies between delivery attempts
      to different servers which could cause bogus logging
      of reply= entries.
    * Change default SMTP reply code for STARTTLS related problems
      from 403 to 454 to better match the RFCs.
    * Fix a theoretical buffer overflow when encountering an
      unknown/unsupported socket address family on an
      operating system where sa_data is larger than 30
      (the standard is 14).  Based on patch by Toomas Soome.
    * Previously the commands GET, POST, CONNECT, or USER terminate
      a connection immediately only if sent as first command.
      Now this is also done if any of these is sent directly
      after STARTTLS or if the 'h' option is set via
    * CDB map locking has been changed so a sendmail process which
      does have a CDB map open does not block an in-place
      update of the map by makemap.  The simple workaround
      for that problem in earlier versions is to create
      the map under a different name and then move it
      into place.
    * CONFIG: New FEATURE(`check_other') to provide a default
      check_other ruleset.
    * CONFIG: FEATURE(`tls_failures') is deprecated and will be
      removed in future versions because it has a fundamental
      problem: it is message oriented but STARTTLS is
      session oriented.  For example, having multiple
      RCPTs in one envelope for different destinations,
      with different temporary errors, does not work
      properly, as the persistent macro applies to all
      RCPTs and hence implicitly to all destinations (servers).
      The option TLSFallbacktoClear should be used if needed.
    * MAIL.LOCAL: Enhance some error messages to simplify
    * Portability:
      Add support for Darwin 19 & 20.
      NOTE: File locking using fcntl() does not interoperate
      with Berkeley DB 5.x (and probably later).  Use
      CDB, flock() (-DHASFLOCK), or an earlier Berkeley
      DB version.  Problem noted by Harald Hannelius.
    * New Files:
    * New compile time option NO_EOH_FIELDS to disable the special
      meaning of the headers Message: and Text: to denote the
      end of the message header.
    * CONTRIB: AuthRealm.p0 has been modified for 8.16.1 by Anne Bennett.
    * CONTRIB: Added cidrexpand -O option for suppressing duplicates from
      a CIDR expansion that overlaps a later entry and -S option
      for skipping comments exactly like makemap does.
    * Portability:
      Add support for Darwin 19 (Mac OS X 10.15).
      Use proper FreeBSD version define to allow for cross
      compiling.  Fix from Brooks Davis of the FreeBSD
    * New Files:
  - Modify patches
    * sendmail-8.14.7-select.dif
    * sendmail-fd-passing-libmilter.patch
  - Modify and renama patch sendmail-8.16.1.dif which is now sendmail-8.17.1.dif
  - Enable experimental support for SMTPUTF8 as well
    SMTP MTA Strict Transport Security
  - Update keyring
  - Make it build for older products as well
* Fri Jun 04 2021 Callum Farmer <>
  - sendmail-suse.tar.bz2: don't set /var/spool/mail perms, it is
    part of filesystem
* Fri May 28 2021 Dr. Werner Fink <>
  - sendmail-suse.tar.bz2: add file tmpfile which will be installed
    in tmpfiles.d as sendmail.conf.  With this /run/sendmail will
    be created at boot.
  - Fix locations in permissions files to fit _libexecdir change (boo#1186592)
* Thu May 27 2021 Matthias Gerstner <>
  - sendmail-suse.tar.bz2: add trailing slash to permissions entries for
    /var/spool/mail, because it is a directory and `chkstat` expects trailing
    slashes for directories.
* Sun May 16 2021 Callum Farmer <>
  - Remove /var/mail to /var/spool/mail patch
* Tue Mar 23 2021 Dr. Werner Fink <>
  - Make IPv6 work even with IPv4 in parallel
* Tue Feb 09 2021 Dominique Leuenberger <>
  - Fix up build dependencies. The construct:
      %%if %%{undefined systemd_requires}\n%%global with_sysvinit 1
    does not work as intended. The OBS scheduler for example does not
    have all the macros coming from 'random' rpmmacro files/packages
    (systemd-rpm-macros in this case) present, as such for OBS,
    systemd_requires is undefined, which in turn pulls in
    insserv_prereq. The build itself then does not use it though, as
    at this time, the correct macros are known (inside the build VM).
  - As we're at it: replace systemd_requires with systemd_ordering:
    people installing sendmail into a container do not require
    systemd as a dependency there. But for people installing sendmail
    in a transaction together with systemd, we prefer systemd to be
    installed first.
* Fri Jan 29 2021 Dr. Werner Fink <>
  - Correct path of update script for older products/distributions
* Wed Jan 27 2021 Dr. Werner Fink <>
  - Add qtool perl script from contrib as this is very handy
  - Make GLIBC_VERSION macro work again
* Wed Jan 27 2021 Dr. Werner Fink <>
  - Move SMTPD_LISTEN_REMOTE hack into valid code of update script
  - Change location of update script in fillup/sysconfig files
* Tue Jan 26 2021 Dr. Werner Fink <>
  - Add better support for IPv6
  - Fix bug in udage of fillup_only macro to get sysconfig file for
    sendmail written by fillup
* Tue Oct 27 2020 Matthias Gerstner <>
  - cleanup the sendmail permissions profile:
    - /var/run/sendmail was last used in SLE-11 with systemv init, is no longer
    - /var/spool/clientmqueue is now owned by the system-user-mail package.
      Nobody is calling %set_permissions and %verify_permissions on this
      directory anymore, therefore the permissions entry is useless.
    - /var/spool/mail is the same for all permissions profiles and also managed
      by systemd-tmpfiles via the filesystem package (fs-var.conf).
* Thu Oct 08 2020 Matthias Gerstner <>
  - adjust permissions.d entries to new %libexedir location (bsc#1171164).
* Tue Jul 28 2020 Dr. Werner Fink <>
  - Fix same strange permissions below /usr/share/sendmail
* Tue Jul 28 2020 Dr. Werner Fink <>
  - Update to sendmail 8.16.1 2020/07/05 (boo#1174572)
    SECURITY: If sendmail tried to reuse an SMTP session which had
      already been closed by the server, then the connection
      cache could have invalid information about the session.
      One possible consequence was that STARTTLS was not
      used even if offered.  This problem has been fixed
      by clearing out all relevant status information
      when a closed session is encountered.
    OpenSSL versions before 0.9.8 are no longer supported.
    OpenSSL version 1.1.0 and 1.1.1 are supported.
    Initial support for DANE (see RFC 7672 is available if
      the compile time option DANE is set.  Only TLSA RR 3-1-x
      is currently implemented.
    New options SSLEngine and SSLEnginePath to support OpenSSL engines.
      Note: this feature has so far only been tested with the
      "chil" engine; please report problems with other engines
      if you encounter any.
    New option CRLPath to specify a directory which contains
      hashes pointing to certificate revocations files.
      Based on patch from Al Smith.
    New rulesets tls_srv_features and tls_clt_features which
      can return a (semicolon separated) list of TLS related
      options, e.g., CipherList, CertFile, KeyFile,
      see doc/op/ for details.
    To automatically handle TLS interoperability problems for outgoing
      mail, sendmail can now immediately try a connection again
      without STARTTLS after a TLS handshake failure.
      This can be configured globally via the option
      TLSFallbacktoClear or per session via the 'C' flag
      of tls_clt_features.
      This also adds the new value "CLEAR" for the macro
      {verify}: STARTTLS has been disabled internally for
      a clear text delivery attempt.
    Apply Timeout.starttls also to the server waiting for the TLS
      handshake to begin.  Based on patch from Simon Hradecky.
    New compile time option TLS_EC to enable the use of elliptic
      curve cryptography in STARTTLS (previously available as
    Handle MIME boundaries specified in headers which contain CRLF.
    Fix detection of loopback net (it was broken when compiled
      with NETINET6) and only set the macros {if_addr_out}
      and {if_family_out} if the interface of the outgoing
      connection does not belong to the loopback net.
    Fix logic to enable a milter to delete a recipient in
      DeliveryMode=interactive even if it might be subject
      to alias expansion.
    Log name of a milter making changes (this was missing for
      some functions).
    Log the actual reply of a server when an SMTP delivery problem
      occurs in a "reply=" field if possible.
    Log user= for failed AUTH attempts if possible.  Based on
      patch from Packet Hack, Jim Hranicky, Kevin A. McGrail,
      and Joe Quinn.
    Add CDB as map type. Note: CDB is a "Constant DataBase", i.e.,
      no changes can be made after it is created, hence it
      does not work with vacation(1) nor editmap(8) (except
      for query mode).
    Fix some memory leaks (mostly in error cases) and properly handle
      copied varargs in sm_io_vfprintf(). The issues were found
      using Coverity Scan and reported (including patches) by
      Ondřej Lysoněk of Red Hat.
    Do not override ServerSSLOptions and ClientSSLOptions when they
      are specified on the command line.  Based on patch from
      Hiroki Sato.
    Add RFC7505 Null MX support for domains that declare they do not
      accept mail.
    New compile time option LDAP_NETWORK_TIMEOUT which is set
      automatically when LDAPMAP is used and
      LDAP_OPT_NETWORK_TIMEOUT is available to enable the
      new -c option for LDAP maps to specify the network timeout.
    CONFIG: New FEATURE(`tls_session_features') to enable standard
      rules for tls_srv_features and tls_clt_features; for
      details see cf/README.
    CONFIG: New options confSSL_ENGINE and confSSL_ENGINE_PATH
      for SSLEngine and SSLEnginePath, respectively.
    CONFIG: New options confDANE to enable DANE support.
    CONFIG: New option confTLS_FALLBACK_TO_CLEAR for TLSFallbacktoClear.
    CONFIG: New extension CITag: for TLS restrictions, see cf/README
      for details.
    CONFIG: FEATURE(`blacklist_recipients') renamed to
    CONTRIB: cidrexpand updated to support IPv6 CIDR ranges and to
      canonicalize IPv6 addresses; if cidrexpand is used with IPv6
      addresses then UseCompressedIPv6Addresses must be disabled.
    DOC: The dns map can return multiple values in a single result
      if the -z option is used.
    DOC: Note to set MustQuoteChars=. due to DKIM signatures.
    LIBMILTER: Fix typo in a macro. Patch from Ignacio Goyret
      of Alcatel-Lucent.
    LIBMILTER: Fix reference in xxfi_negotiate documentation.
      Patch from Sven Neuhaus.
    LIBMILTER: Fix function name in smfi_addrcpt_par documentation.
      Patch from G.W. Haywood.
    LIBMILTER: Fix a potential memory leak in smfi_setsymlist().
      Patch from Martin Svec.
    MAKEMAP: New map type "implicit" refers to the first available type,
      i.e., it depends on the compile time options NEWDB, DBM,
      and CDB. This can be used in conjunction with the
      "implicit" map type in
      Note: makemap, libsmdb, and sendmail must be compiled
      with the same options (and library versions of course).
      Add support for Darwin 14-18 (Mac OS X 10.x).
      New option HAS_GETHOSTBYNAME2: set if your system
      supports gethostbyname2(2).
      Set SM_CONF_SEM=2 for FreeBSD 12 and later due to
      changes in sys/sem.h
      On Linux set MAXHOSTNAMELEN (the maximum length
      of a FQHN) to 256 if it is less than that value.
    Added Files:
  - Add upstream keyring and verify source signature
  - Use DANE and TLS_EC
  - Remove obsolete patches now solved upstream
    * 8.15.2.mci.p0
    * sendmail-8.15.2-glibc-2.30.patch
    * sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
    * sendmail-8.15.2-openssl-1.1.0-fix.patch
  - Port patches
    * sendmail-8.14.7-select.dif
    * sendmail-fd-passing-libmilter.patch
  - Port and rename patch sendmail-8.15.2.dif which is now sendmail-8.16.1.dif
* Tue Jun 23 2020 Callum Farmer <>
  - Fixes for %_libexecdir changing to /usr/libexec
  - Spec file cleanups
* Wed Jun 10 2020 Matthias Gerstner <>
  - sendmail-suse.tar.bz2: fix rpmlint warning W: permissions-dir-without-slash
    for /var/spool/clientmqueue. This wasn't noticed before, because the
    directory is not packaged by sendmail but by system-user-mail.
* Thu Jan 30 2020 Dr. Werner Fink <>
  - Add upstream patch 8.15.2.mci.p0 (boo#1164084)
    * If sendmail tried to reuse an SMTP session which had already been
      closed by the server, then the connection cache could have invalid
      information about the session.  One possible consequence was that
      STARTTLS was not used even if offered.
* Thu Dec 19 2019 Dominique Leuenberger <>
  - BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
    Allow OBS to shortcut through the -mini flavors.
* Mon Oct 14 2019 Dr. Werner Fink <>
  - Avoid recursion trouble in spec file cause by undefined _lto_cflags
* Sat Sep 28 2019 Dr. Werner Fink <>
  - Add patch sendmail-8.15.2-glibc-2.30.patch
    * The former deprecated macro RES_USE_INET6 is gone with glibc 2.30
* Mon Sep 09 2019 Dr. Werner Fink <>
  - Use FAT LTO objects in order to provide proper static library.
* Fri Jul 26 2019
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
* Fri Jan 04 2019 Dr. Werner Fink <>
  -  Remove alias to (boo#1116675)
* Fri Jul 27 2018
  - Replace exec rm by delete/print.
* Mon Jul 16 2018
  - Remove left over from last patch
  - Group daemon is required
* Tue Dec 05 2017
  - Add sendmail-8.15.2-reproducible.patch to make package build reproducible
* Wed Nov 29 2017
  - Add _FFR_TLS_EC m4 macro definition for site configuration as
    well (boo#1070065)
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017
  - Apply former patches only if openssl 1.1.0+ are installed
* Wed Nov 08 2017
  - support build with openssl 1.1 (bsc#1067222)
    * add patches from Fedora:
      sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch (rh#1473971)
* Thu Aug 17 2017
  - Add libnsl-devel build requires for glibc obsoleting libnsl
* Wed Jul 19 2017
  -  Change requirements for libmilter and sendmail-devel as
    the library is also used by other MTA like postfix (boo#1049188)
* Thu May 11 2017
  - Require user and group mail
* Wed Apr 12 2017
  - Add bitdomain and uudomain to possible targets for refresh
* Wed Apr 12 2017
  - Change spec file name scheme used for getting soname down into
* Tue Apr 11 2017
  - Replace a find|xargs rm by -delete
* Thu Mar 23 2017
  - New package libmilter1_0 for the shared library version of
    libmilter, the  Sendmail Content Management API
  - Also new package libmilter-doc for the substantial documentation
    about Sendmail Content Management API (milter)
  - Make sendmail-tls a noarch package
* Mon Mar 06 2017
  - Require m4 at build time
* Mon Feb 20 2017
  - Don't use insserv together with systemd
* Mon Sep 26 2016
  - Use _unitdir macro instead asking pkg config of systemd
* Tue Jul 19 2016
  - Fix License: Even lists
    "Sendmail" as the valid identifier. Same as does. "Sendmail License" is in the
    column "Full Name". The License: tag requires the identifier.
  - Fix some more rpmlint warnings:
    + sendmail: W: suse-missing-rclink sendmail:
    - Ship /usr/sbin/rcsendmail symlink to /usr/sbin/service
    + sendmail: W: suse-missing-rclink sendmail-client
    - Ship /usr/sbin/rcsendmail-client symlink to /usr/sbin/service
    + sendmail: W: suse-wrong-suse-capitalisation:
    - Rename README.SuSE to README.SUSE (fix spelling also inside
      the file).
    + sendmail: W: permissions-dir-without-slash
    - Fix permissions and permissions.paranoid inside
    + sendmail: W: systemd-service-without-service_del_postun:
    - Add corresponding macros to postun script when not building
      with sysvinit support.
    + sendmail: W: systemd-service-without-service_add_pre:
    - Add corresponding macros to pre script when not building
      with sysvinit support.
* Thu Jun 16 2016
  - Drop unused patch:
    * sendmail-8.14.7-warning.patch
* Thu Jun 16 2016
  - Split uucp to separate package, no technical reason for it to not
    stand on its own
  - Drop uucp related patches:
    + uucp-1.07-contrib.dif
    + uucp-1.07-cu.patch
    + uucp-1.07-grade.patch
    + uucp-1.07-lockdev.patch
    + uucp-1.07.dif
    + uucp-texinfo-5.0.patch
    + drop_ftime.patch
* Thu May 19 2016
  - Do not use as reference for the Sendmail
    license even if stated by rpmlint but
* Thu Apr 14 2016
  - Avoid warning from chkstat due slash on directory path as last character
* Thu Apr 14 2016
  - Update to sendmail 8.15.2 (boo#975416)
    * If FEATURE(`nopercenthack') is used then some bogus input triggered
      a recursion which was caught and logged as
      SYSERR: rewrite: excessive recursion (max 50) ...
      Fix based on patch from Ondrej Holas.
    * DHParameters now by default uses an included 2048 bit prime.
      The value 'none' previously caused a log entry claiming
      there was an error "cannot read or set DH parameters".
      Also note that this option applies to the server side only.
    * The U= mailer field didn't accept group names containing hyphens,
      underbars, or periods.  Based on patch from David Gwynne
      of the University of Queensland.
    * CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again.
      Patch from Lars-Johan Liman of Netnod Internet Exchange.
    * CONFIG: New option UseCompressedIPv6Addresses to select between
      compressed and uncompressed IPv6 addresses.  The default
      value depends on the compile-time option IPV6_FULL:
      For 1 the default is False, for 0 it is True, thus
      preserving the current behaviour.  Based on patch from
      John Beck of Oracle.
    * CONFIG: Account for IPv6 localhost addresses in
      FEATURE(`block_bad_helo').  Suggested by Andrey Chernov
      from FreeBSD and Robert Scheck from the Fedora Project.
    * CONFIG: Account for IPv6 localhost addresses in check_mail ruleset.
    * LIBMILTER: Deal with more invalid protocol data to avoid potential
      crashes.  Problem noted by Dimitri Kirchner.
    * LIBMILTER: Allow a milter to specify an empty macro list ("", not
      NULL) in smfi_setsymlist() so no macro is sent for the
      selected stage.
    * MAKEMAP: A change to check TrustedUser in fewer cases which was
      made in 2013 caused a potential regression when makemap
      was run as root (which should not be done anyway).
    * SECURITY: Properly set the close-on-exec flag for file descriptors
      (except stdin, stdout, and stderr) before executing mailers.
    * If header rewriting fails due to a temporary map lookup failure,
      queue the mail for later retry instead of sending it
      without rewriting the header.  Note: this is done
      while the mail is being sent and hence the transaction
      is aborted, which only works for SMTP/LMTP mailers
      hence the handling of temporary map failures is
      suppressed for other mailers. SMTP/LMTP servers may
      complain about aborted transactions when this problem
      See also "DNS Lookups" in sendmail/TUNING.
    * Incompatible Change: Use uncompressed IPv6 addresses by default,
      i.e., they will not contain "::".  For example,
      instead of ::1 it will be 0:0:0:0:0:0:0:1.  This
      permits a zero subnet to have a more specific match,
      such as different map entries for IPv6:0:0 vs IPv6:0.
      This change requires that configuration data
      (including maps, files, classes, custom ruleset,
      etc) must use the same format, so make certain such
      configuration data is updated before using 8.15.
      As a very simple check search for patterns like
      'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary,
      the prior format can be retained by compiling with:
      APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0')
      in your devtools/Site/site.config.m4 file.
    * If a connection to the MTA is dropped by the client before its
      hostname can be validated, treat it as "may be forged",
      so that the unvalidated hostname is not passed to a
      milter in xxfi_connect().
    * Add a timeout for communication with socket map servers
      which can be specified using the -d option.
    * Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow
      numeric logins even if HESIOD is enabled.
    - sendmail 8.15.1
    * The new option CertFingerprintAlgorithm specifies the finger-
      print algorithm (digest) to use for the presented cert.
      If the option is not set, md5 is used and the macro
      {cert_md5} contains the cert fingerprint.
      However, if the option is set, the specified algorithm
      (e.g., sha1) is used and the macro {cert_fp} contains
      the cert fingerprint.
      That is, as long as the option is not set, the behaviour
      does not change, but otherwise, {cert_md5} is superseded
      by {cert_fp} even if you set CertFingerprintAlgorithm
      to md5.
    * The options ServerSSLOptions and ClientSSLOptions can be used
      to set SSL options for the server and client side
      respectively. See SSL_CTX_set_options(3) for a list.
      Note: this change turns on SSL_OP_NO_SSLv2 and
      SSL_OP_NO_TICKET for the client. See doc/op/
      for details.
    * The option CipherList sets the list of ciphers for STARTTLS.
      See ciphers(1) for possible values.
    * Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL"
      if a CRLFfile is in use (and LogLevel is 14 or higher.)
    * Store a more specific TLS protocol version in ${tls_version}
      instead of a generic one, e.g., TLSv1 instead of
    * Properly set {client_port} value on little endian machines.
      Patch from Kelsey Cummings of
    * Per RFC 3848, indicate in the Received: header whether SSL or
      SMTP AUTH was negotiated by setting the protocol clause
      to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP.
    * If the 'C' flag is listed as TLSSrvOptions the requirement for the
      TLS server to have a cert is removed.  This only works
      under very specific circumstances and should only be used
      if the consequences are understood, e.g., clients
      may not work with a server using this.
    * The options ClientCertFile, ClientKeyFile, ServerCertFile, and
      ServerKeyFile can take a second file name, which must be
      separated from the first with a comma (note: do not use
      any spaces) to set up a second cert/key pair. This can
      be used to have certs of different types, e.g., RSA
      and DSA.
    * A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
      address. It returns the string for the PTR lookup, but
      without trailing {ip6,in-addr}.arpa.
    * New operation mode  'C' just checks the configuration file, e.g.,
      sendmail -C -bC
      will perform a basic syntax/consistency check of
    * The mailer flag 'I' is deprecated and will be removed in a
      future version.
    * Allow local (not just TCP) socket connections to the server, e.g.,
      O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock
      can be used.
    * If the new option MaxQueueAge is set to a value greater than zero,
      entries in the queue will be retried during a queue run
      only if the individual retry time has been reached which
      is doubled for each attempt.  The maximum retry time is
      limited by the specified value.
    * New DontBlameSendmail option GroupReadableDefaultAuthInfoFile
      to relax requirement for DefaultAuthInfo file.
    * Reset timeout after receiving a message to appropriate value if
      STARTTLS is in use.  Based on patch by Kelsey Cummings
    * Report correct error messages from the LDAP library for a range of
      small negative return values covering those used by OpenLDAP.
    * Fix compilation with Berkeley DB 5.0 and 6.0.  Patch from
      Allan E Johannesen of Worcester Polytechnic Institute.
    * CONFIG: FEATURE(`nopercenthack') takes one parameter: reject or
      nospecial which describes whether to disallow "%" in the
      local part of an address.
    * DEVTOOLS: Fix regression in auto-detection of libraries when only
      shared libraries are available.  Problem reported by
      Bryan Costales.
    * LIBMILTER: Mark communication socket as close-on-exec in case
      a user's filter starts other applications.
      Based on patch from Paul Howarth.
  - Modified patches
    sendmail-8.14.9.dif becomes sendmail-8.15.2.dif
    Removed patches
* Tue Dec 01 2015
  -  Do not enforce dependencies like for amavis and saslauthd
* Mon May 26 2014
  - Add patch sendmail-fd-passing-libmilter.patch from Debian sendmail
    maintainer Mikhail Gusarov to support systemd socket activation
    support also in libmilter (bnc#879790)
  - Be aware that /var/run is a symbolic link to /run a tmpfs file
* Fri May 23 2014
  - Update to sendmail 8.14.9
    * Properly set the close-on-exec flag for file descriptors
      (except stdin, stdout, and stderr) before executing mailers.
    * Fix a misformed comment in conf.c: "/*" within comment
      which may cause a compilation error on some systems.
      Problem reported by John Beck of Oracle.
    * Fix regression in auto-detection of libraries when only
      shared libraries are available.  Problem reported by
      Bryan Costales.
  - Modify patch sendmail-8.14.8.dif which is now sendmail-8.14.9.dif
* Wed Apr 02 2014
  - In systemd is gone even if there are
    MTAs around which will be started without socket/bus activation
* Tue Apr 01 2014
  - Update to sendmail 8.14.8 (bnc#871258)
    * Properly initialize all OpenSSL algorithms for versions before
      OpenSSL 0.9.8o. Without this SHA2 algorithms may not
      work properly, causing for example failures for certs
      that use sha256WithRSAEncryption as signature algorithm.
    * When looking up hostnames, ensure only to return those records
      for the requested family (AF_INET or AF_INET6).
      On system that have NEEDSGETIPNODE and NETINET6
      this may have failed and cause delivery problems.
      Problem noted by Kees Cook.
    * A new mailer flag '!' is available to suppress an MH hack
      that drops an explicit From: header if it is the
      same as what sendmail would generate.
    * Add an FFR (for future release) to use uncompressed IPv6 addresses,
      i.e., they will not contain "::".  For example, instead
      of ::1 it will be 0:0:0:0:0:0:0:1.  This means that
      configuration data (including maps, files, classes,
      custom ruleset, etc) have to use the same format.
      This will be turned on in 8.15.  It can be enabled in 8.14
      by compiling with:
      APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_IPV6_FULL')
      in your devtools/Site/site.config.m4 file.
    * Add an additional case for the WorkAroundBrokenAAAA check when
      dealing with broken nameservers by ignoring SERVFAIL
      errors returned on T_AAAA (IPv6) lookups at delivery time.
      Problem noted by Pavel Timofeev of OCS.
    * If available, pass LOGIN_SETCPUMASK and LOGIN_SETLOGINCLASS to
      setusercontext() on deliveries as a different user.
      Patch from Edward Tomasz Napierala from FreeBSD.
    * Add support for DHParameters 2048-bit primes.
    * CONFIG: Accept IPv6 literals when evaluating the HELO/EHLO argument
      in FEATURE(`block_bad_helo').  Suggested by Andrey Chernov.
    * LIBSMDB: Add a missing check for malloc() in libsmdb/smndbm.c.
      Patch from Bill Parker.
    * LIBSMDB: Fix minor memory leaks in libsmdb/ if allocations
      fail.  Patch from John Beck of Oracle.
    * Portability:
      On Linux use socklen_t as the type for the 3rd argument
      for getsockname/getpeername if the glibc version is at
      least 2.1.
  - Add patch sendmail-8.14.8-m4header.patch from upstream
  - Update patch sendmail-8.14.7.dif to sendmail-8.14.8.dif
  - Modify the service files to be able to restart if a reload fails
    as well as use sync targets and Also propagate reload from main service to
    client service and install both
* Sun Mar 23 2014
  - Use _GNU_SOURCE in CFLAGS and %_smp_mflags at make, maybe related
    to bnc#865232, that is do not reset signal handler but SA_RESTART
* Wed Dec 18 2013
  - Do not use but to make sure that
    failing remote/cifs shares let sendmail fail (bnc#855688)
* Tue Oct 08 2013
  - Add config.starttls script to ask mail/imap server for certificates
* Tue Oct 01 2013
  - Add saslauthd as optional requirement in the systemd service unit
  - Split off SuSE specific file into a own tar ball
  - Avoid SysVinit boot scripts on systemd based systems
* Mon Sep 09 2013
  - Edit existing /etc/sysconfig/sendmail to add Command line (bnc#839033)
  - Add a config.sendmail script which calls the update script verbosely
* Thu Aug 08 2013
  - Use /etc/os-release instead of /etc/SuSE-release (bnc#833953)
* Mon Jul 15 2013
  - New rpm had removed "prereq" flag from installation script bits
    that is that `Requires(prereq)' is not valid anymore :(((
* Sun Jun 16 2013
  - sendmail-8.14.7.dif forces the use of SSL and SASL libraries,
    so make sure the BuildRequires are there
* Fri Jun 14 2013
  - Add sendmail-db6.diff to fix compile abort with db >= 5
* Tue May 28 2013
  - Fix errors in systemd services (bnc#820858).
* Tue Apr 23 2013
  - Remove FAQ.sendmail-8.14 but use a html link to upstream support
* Tue Apr 23 2013
  - Update to sendmail 8.14.7
    * Drop support for IPv4-mapped IPv6 addresses to prevent the MTA
      from using a mapped address over a legitimate IPv6 address
      and to enforce the proper semantics over the IPv6
      connection.  Problem noted by Ulrich Sporlein.
    * Fix a regression introduced in 8.14.6: the wrong list of
      macros was sent to a milter in the EHLO stage.
      Problem found by Fabrice Bellet, reported via RedHat
      (Jaroslav Skarvada).
    * Fix handling of ORCPT parameter for DSNs: xtext decoding
      was not performed and a wrong syntax check was applied
      to the "addr-type" field.  Problem noted by Dan Lukes
      of Obludarium.
    * Fix handling of NUL characters in the MIME conversion functions
      so that message bodies containing them will be sent
      on properly. Note: this usually also affects mails
      that are not converted as those functions are used
      for other purposes too.  Problem noted by Elchonon
      Edelson of Lockheed Martin.
    * Do not perform "duplicate" elimination of recipients if they
      resolve to the error mailer using a temporary failure
      (4xy) via ruleset 0.  Problem noted by Akira Takahashi
      of IIJ.
    * CONTRIB: Updated version of script from John Beck
      of Oracle.
  - Update to sendmail 8.14.6
    * Fix a regression introduced in 8.14.5: if a server offers
      two AUTH lines, the MTA would not read them after
      STARTTLS has been used and hence SMTP AUTH for
      the client side would fail.  Problem noted by Lena.
    * Do not cache hostnames internally in a non case sensitive way
      as that may cause addresses to change from lower case
      to upper case or vice versa. These header modifications
      can cause problems with milters that rely on receiving
      headers in the same way as they are being sent out such
      as a DKIM signing milter.
    * If MaxQueueChildren is set then it was possible that new queue
      runners could not be started anymore because an
      internal counter was subject to a race condition.
    * If a milter decreases the timeout it waits for a communication
      with the MTA, the MTA might experience a write() timeout.
      In some situations, the resulting error might have been
      ignored.  Problem noted by Werner Wiethege.
      Note: decreasing the communication timeout in a milter
      should not be done without considering the potential
    * smfi_setsymlist() now properly sets the list of macros for
      the milter which invoked it, instead of a global
      list for all milters.  Problem reported by
      David Shrimpton of the University of Queensland.
    * If Timeout.resolver.retrans is set to a value larger than 20,
      then resolver.retry was temporarily set to 0 for
      gethostbyaddr() lookups. Now it is set to 1 instead.
      Patch from Peter.
    * If sendmail could not lock the statistics file due to a system
      error, and sendmail later sends a DSN for a mail that
      triggered such an error, then sendmail tried to access
      memory that was freed before (causing a crash on some
      systems).  Problem reported by Ryan Stone.
    * Do not log negative values for size= nor pri= to avoid confusing
      log parsers, instead limit the values to LONG_MAX.
    * Account for an API change in newer versions of Cyrus-SASL.
      Patch from Hajimu UMEMOTO from FreeBSD.
    * Do not try to resolve link-local addresses for IPv4 (just as it
      is done for IPv6).  Patch from John Beck of Oracle.
    * Improve logging of client and server STARTTLS connection failures
      that may be due to incompatible cipher lists by including
      the reason for the failure in a single log line.  Suggested
      by James Carey of Boeing.
  - Drop sendmail-8.14.5-auth2.patch0 as this is part of 8.14.6
  - Add sendmail-8.14.7-warning.patch to avoid useless gcc warning
  - Refresh sendmail-8.14.7-select.dif
  - Refresh sendmail-8.14.7.dif
* Fri Oct 26 2012
  - explicit buildrequire on groff, called from spec file
* Thu Oct 11 2012
  - buildrequire netcfg explicitly
* Fri Jul 13 2012
  - Make if build even with older distributions
* Fri Jul 13 2012
  - Use UTF-8 messages
* Fri Jul 13 2012
  - Do not depend on broken umask in rpm scriptlets
* Tue Jun 19 2012
  - Make SuSEconfig.sendmail a standalone update script (fate#313548)
* Fri May 25 2012
  - Help to do systemctl the obvoisly (bnc#754544)
* Thu Feb 09 2012
  - license update: SUSE-Sendmail
    SUSE- proprietary prefix added until Sendmail is accepted as valid SPDX
    license at
* Mon Nov 21 2011
  - Allow sendmail to authenticate as client to various mail servers
    in TLS mode even if servers send 2 headers (bnc#731658)
* Thu Aug 18 2011
  - Expand systemd configuration at build time
* Fri Aug 12 2011
  - Use Pre exec files for configuration on the fly
* Thu Aug 11 2011
  - Socket activation does not work for sendmail even with -bs
    on the command line of sendmail and StandardInput=socket
* Mon Aug 08 2011
  - The approach of using makefiles requires make for sendmail
* Fri Aug 05 2011
  - Make /var/run a ghost entry in spec as this is a tmpfs now and
    create it at start of sendmail if it does not exist (bnc#710279)
  - First try of using systemd unit configration files for both
    sendmail MTA and sendmail MT client.  Try to start them on
    demand using systemd unit socket files for both local and remote
    network as well as systemd unit path file for local mail queue
* Tue May 31 2011
  - Update to sendmail 8.14.5
    * Do not cache SMTP extensions across connections as the cache is
      based on hostname which may not be a unique identifier for a
      server, i.e., different machines may have the same hostname but
      provide different SMTP extensions.  Problem noted by Jim Hermann.
    * Avoid an out-of-bounds access in case a resolver reply for a DNS
      map lookup returns a size larger than 1K.  Based on a patch
      from Dr. Werner Fink of SuSE.
    * If a job is aborted using the interrupt signal (e.g., control-C
      from the keyboard), perform minimal cleanup to avoid invoking
      functions that are not signal-safe. Note: in previous versions
      the mail might have been queued up already and would be
      delivered subsequently, now an interrupt will always remove the
      queue files and thus prevent delivery.
    * Per RFC 6176, when operating as a TLS client, do not offer SSLv2.
    * Since TLS session resumption is never used as a client, disable
      use of RFC 4507-style session tickets.
    * Work around gcc4 versions which reverse 25 years of history and
      no longer align char buffers on the stack, breaking calls to
      resolver functions on strict alignment platforms.
      Found by Stuart Henderson of OpenBSD.
    * Read at most two AUTH lines from a server greeting (up to two
      lines are read because servers may use "AUTH mechs" and
      "AUTH=mechs"). Otherwise a malicious server may exhaust the
      memory of the client.  Bug report by Nils of MWR InfoSecurity.
    * Avoid triggering an assertion in the OpenLDAP code when the
      connection to an LDAP server is lost while making a query.
      Problem noted and patch provided by Andy Fiddaman.
    * If ConnectOnlyTo is set and sendmail is compiled with NETINET6
      it would try to use an IPv6 address if an IPv4 (or unparseable)
      address is specified.
    * If SASLv2 is used, make sure that the macro {auth_authen} is
      stored in xtext format to avoid problems with parsing it.
      Problem noted by Christophe Wolfhugel.
    * CONFIG: FEATURE(`ldap_routing') in 8.14.4 tried to add a missing
    - T<TMPF> that is required, but failed for some cases that did
      not use LDAP.  This change has been undone until a better
      solution can be implemented.  Problem found by Andy Fiddaman.
    * CONTRIB: Deal with H entries that do not have a letter
      between the question marks.  Patch from Stefan Christensen.
    * DOC: Use a better description for the -i option in sendmail.
      Patch from Mitchell Berger.
  - Add defines for nanaosleep and socklen_t for linux in conf.h
* Tue Dec 07 2010
  - prereq init scripts network and syslog
* Thu Sep 30 2010
  - Removed version-specific libdb-4_5-devel from BuildRequires to be
    able to build against newer libdb Versions.
* Fri Jul 16 2010
  - Newer killproc sends only SIGTERM as required by LSB if -TERM is
    specified on the command line.  Use the default which is SIGTERM
    followed by SIGKILL if the timeout of 5 seconds is reached.
* Fri Feb 05 2010
  - Use upstream patch for bnc#559517
* Wed Jan 27 2010
  - Update to bug fix release sendmail 8.14.4
    * Handle bogus certificates containing NUL characters
      in CNs by placing a string indicating a bad certificate
      in the {cn_subject} or {cn_issuer} macro.  Patch inspired
      by Matthias Andree's changes for fetchmail.
    * During the generation of a queue identifier an integer overflow
      could occur which might result in bogus characters
      being used.  Based on patch from John Vannoy of
      Pepperdine University.
    * Prevent a crash when a hostname lookup returns a seemingly
      valid result which contains a NULL pointer (this seems
      to be happening on some Linux versions).
    * Fix overflow of an internal array when parsing some replies
      from a milter.  Problem found by Scott Rotondo
    * Fix handling of `b' modifier for DaemonPortOptions on little
      endian machines for loopback address.  Patch from
      John Beck of Sun Microsystems.
    * Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
      Based on patch from Jonathan Gray of OpenBSD.
    * Fix memory leak that occurred when smfi_setsymlist()
      was used.  Based on patch by Dan Lukes.
  - Add patch to avoid overflow of buffer for DNS resolver (bnc#559517)
* Tue Nov 11 2008
  - drop klogd prereq (prereq cycle)
* Mon Nov 10 2008
  - drop sysconfig prereq
* Tue Sep 30 2008
  - Use -fPIC for libraries (bnc#428289)
* Sun Aug 24 2008
  - fix fillup_and_insserv options
* Wed Aug 06 2008
  - (bnc#414960) sendmail doesn't have any "Name: " tag in firewall definition
* Wed Jul 30 2008
  - Make boot script know about new upcoming startpar and insserv
* Wed Jul 16 2008
  - Make poll25 more fail safe
* Thu Jun 19 2008
  - Make /bin/fuser required (bnc#401477)
* Tue May 06 2008
  - Update to bug fix release sendmail 8.14.3:
    * the MTA accessed storage after it free()d it. This was a
      regression introduced in 8.14.2.
    * ruleset processing: the function cataddr() could cause the
      addition of the BlankSub character between some tokens when
      it should not happen and thus failures in rule matching.
    * the libmilter state engine did not deal correctly with
      milters that requested the omission of protocol steps during
      the negotiation callback.
* Fri Feb 22 2008
  - Make the name `smtp' of the smtp port to a real m4 string
* Wed Feb 20 2008
  - Clean up spec file
  - Add support for an other MTA port, be sure the client can connect
    to the new port of the MTA
* Mon Feb 18 2008
  - Don't forget port even if sendmail listen only local (bnc#362642)
* Fri Dec 14 2007
  - Update to release sendmail 8.14.1
    * fix an important bug in the milter function smfi_chgfrom()
      which could cause the loss of a message body.
    * fix the handling of queued messages with 8 bit characters in
      From: or To: header which could be "mistaken" for internal
      control characters during a queue run and trigger various
      consistency checks.
    * fix the handling of lines longer than MAXLINE-1 characters in
      certain cases.
* Fri Jul 20 2007
  - don't build require openldap2. all we need is a client
* Tue Jun 19 2007
  - sendmail rc script provides smtp
* Thu May 10 2007
  - Replace old RBL's with new RBL's (bug #272246)
* Tue Apr 24 2007
  - Add smtp configuration for pam (bug #247352)
  - Add sendmail configuration for SuSEfirewall (bug #247352)
* Mon Apr 16 2007
  - Update the boot script dependcies (bug #262215)
* Thu Apr 05 2007
  - Update to release sendmail 8.14.1
  - Add port check for polling smtp port (fate #302078)
* Fri Feb 16 2007
  - Branch new package rmail from sendmail source
  - Split off uucp spec file from this spec file
* Mon Feb 12 2007
  - Make it build nonroot
* Thu Feb 01 2007
  - Add socket mapping for usage of Cyrus IMAP server (#241060)
* Fri Jan 19 2007
  - update uucp configuration
* Thu Aug 10 2006
  - Update to bug fix release sendmail 8.13.8
  - Remove update messages
* Thu Jun 22 2006
  - Do not touch db files if makemap fails
* Tue Jun 20 2006
  - Update to sendmail version 8.13.7
  - Add some more comments to the dnsbl feature due no longer
    available free providers of DNS based rejection list.
  - Move the `accept unresolvable/unqualified domains/senders' from
    the expensive.m4 feature toward to the nodns.m4 hack.
  - Add a comment that the nodns.m4 hack should be used in
    conjunction with a smart host
* Mon Jun 19 2006
  - The symlink /etc/mail/aliases is config(noreplace) (bug #185589)
* Tue May 30 2006
  - Proper update of the fix for VU#146718 (bug #173998)
* Wed May 24 2006
  - Don't strip binaries.
* Wed May 10 2006
  - VU#146718: Fix sendmail denial of service with MIME (bug #173998)
* Thu Mar 23 2006
  - Touch data source file instead of removeing data base (#160285)
* Wed Mar 22 2006
  - Use official sendmail 8.3.16 instead of the patched version for
    the security issue CERT VU834865 (#156417)
* Mon Mar 20 2006
  - Get CERT VU834865 patch working on s390x
  - Avoid invalid timeval's if select() catch EINTR
* Thu Mar 09 2006
  - Fix race condition in signal handling CERT VU834865 (#156417)
* Tue Feb 07 2006
  - Increase polling time for active port 25 to 10 seconds (#148563)
* Wed Jan 25 2006
  - converted neededforbuild to BuildRequires
* Fri Nov 11 2005
  - Do not use localhost as remote host with fuser
* Fri Nov 11 2005
  - Move /var/run/sendmail/statistics to /var/lib/sendmail/
* Thu Oct 13 2005
  - Update sendmail to version 8.13.5
  - Update sendmail faq
* Fri Sep 30 2005
  - I do not rewrite ldpa interface of sendmail with not documented
    ldap function calls, therefore set LDAP_DEPRECATED
* Tue Jun 28 2005
  - Make UUCP massage size an sysconfig option
* Mon Jun 20 2005
  - Add some clearing words to the comment for what is accepted for
    relaying with sendmail.
* Mon Jun 20 2005
  - Use -fPIE instead of -fpie
* Fri Jun 17 2005
  - Use -fpie/-pie
* Sun May 01 2005
  - Wait on port 25 of localhost to be sure that sendmail has
    open this port before we start the queue runner.
* Wed Mar 30 2005
  - fix version number for devel subpackage
* Wed Mar 30 2005
  - Update to sendmail version 8.13.4
  - Update sendmail faq
* Sun Feb 27 2005
  - package /usr/bin/cu as 755
* Wed Feb 23 2005
  - Add permissions file sendmail.paranoid to be able to disable MTA
* Wed Jan 26 2005
  - Update to sendmail 8.13.3
  - Add official close_wait patch
* Sat Jan 15 2005
  - Use <owner>:<group> in permissions file.
* Thu Dec 16 2004
  - Update to sendmail 8.13.2
  - Make it work
* Tue Dec 14 2004
  - Fix problem with two different session of one sendmail binary by
    using new ignore feature of start/killproc (bug #48790)
* Thu Nov 11 2004
  - adapt permssions in filelist to permissions in permissions file
* Wed Sep 15 2004
  - Better description of the sendmail options for both master daemon
    and client runner, shorten client sleeping time (bug #45309)
* Tue Aug 31 2004
  - Do only local port message and only in case of an update
    from a system without this feature.
* Tue Aug 31 2004
  - Move forward to new update messages scheme
* Mon Aug 30 2004
  - temporary solution: comment out all update mails
* Mon Aug 02 2004
  - Update to sendmail 8.13.1
  - Make access_db feature an option to avoud trouble with the
    default of the new  and automatic enabled greet_pause feature
* Fri Jul 30 2004
  - Remove /var/spool/clientmqueue from file list because this one
    is provided by RPM filesystem for the uid/gid mail.
  - Update FAQ.sendmail-8.12 to newest version.
* Thu Jul 29 2004
  - Add switch for masquerade_entire_domain and domaintable
    feature to SuSEconfig of sendmail.
  - Add missed statistics file for sendmail client (bug #40584)
* Fri Apr 02 2004
  - Add and generate the shipped out of
    them. This should avoid missing SuSEconfig runs or customers
    which do not move the over the
    (bugs #37952, #32348).
* Thu Mar 18 2004
  - SusEconfig.sendmail: return exit status of failed commands
    (bug #36492)
* Fri Feb 13 2004
  - Fix amavis package name (bug #34544)
* Wed Dec 17 2003
  - Fix typos (bug #32344, #32345)
  - Changes within SMTP AUTH
    * Add comment about rpm to be installed
    * Add an all option for all AUTH mechanisms
    * Make TLS and SASL work together
  - Test for dialup hosts
    * Add confTRY_NULL_MX_LIST for MSP
    * Add generics domain feature for MSP
* Mon Oct 06 2003
  - Remove backshlash in (bug #32037)
* Thu Sep 18 2003
  - Update to 8.12.10 due security fixes
* Wed Sep 17 2003
  - Security fix for sendmail (prescan2)
* Wed Sep 03 2003
  - Add try-restart option for update (bug #29044)
* Thu Aug 28 2003
  - Add sysconfig metadata [#28899]
* Thu Aug 28 2003
  - Sendmail requires m4, which is no longer default [#29454]
* Mon Jul 28 2003
  - Fix amavis(d) typo
* Mon Jul 28 2003
  - Fix chown usage
* Tue Jul 22 2003
  - Fix bug #27117: use asci file as reference for mode of db
  - Move from amavis(d) to amavis-new
* Mon Jun 30 2003
  - Add manual pages again
* Thu Jun 26 2003
  - Don't create .dif files
* Fri Jun 13 2003
  - Fix spec file to build again
* Thu Apr 24 2003
  - fix install_info --delete call and move from preun to postun
* Tue Apr 15 2003
  - Update to 8.12.9 (including the last two security patches)
  - Update FAQ
  - Add SENDMAIL_ALLMASQUERADE for servers using yp, DNS (etc/aliases,
  - Add /etc/mail/local-host-names for masquerade and generic domain
* Tue Apr 01 2003
  - sendmail.8.12-prescan.patch fixes another overflow security problem.
* Wed Feb 26 2003
  - Security fix to avoid remote root access
* Wed Feb 12 2003
  - The same procedure? The same procedure as every spec: Use
    preun not post for removing info entry
* Tue Feb 11 2003
  - Fix bug #22765: better description in auth-info
* Tue Feb 11 2003
  - Expand Amavis check
* Wed Jan 15 2003
  - Remove backup file of patch before installation
* Wed Jan 15 2003
  - Be sure that library directory exist on all architecture
* Tue Jan 14 2003
  - Update to senbdmail 8.12.7
  - Re-enable IPv6 support
  - Make GLIBC_VERSION macro work (sigh!)
  - Use BuildRoot
  - Use meta tags for sysconfig files (bug #22687)
* Tue Jan 14 2003
  - Add some more comments about smtp auth, correct replacement
    off encoded passphrase
  - Switch to SASL2
* Fri Nov 29 2002
  - SMRSH should check the called program
  - Fix bug #20475: now we've three sendmail processes:
    one master, one client for controlling the clientmqueue
    and its child for handling clientmqueue.
* Mon Sep 09 2002
  - sendmail depends on yp information (bug #18913)
* Mon Sep 02 2002
  - Switch to bugfix release 8.12.6
* Tue Aug 27 2002
  - Be paranoid: -fno-strict-aliasing on all platforms (bug #17432)
* Mon Aug 26 2002
  - Make amavis optional due its only available on i386 (bug #18337)
  - Rename require `ntp' to `$time' (bug #18337)
* Mon Aug 26 2002
  - Move NULLCLIENT from /etc/sysconfig/mail to
    /etc/sysconfig/sendmail  because  sendmail and postfix use this
    on different.
  - Add a line to the comment for NULLCLIENT to get correct values.
    (bug #18301)
* Fri Aug 16 2002
  - Add PreReq (bug #17990)
* Wed Aug 14 2002
  - Don't be fooled by "no" for variable values (bug #17749)
* Mon Aug 05 2002
  - Temporary fix for s390 to get makemap working
* Thu Jul 18 2002
  - Make nullclient work
* Tue Jul 16 2002
  - Add some more comments for localhost and masquerade (bug #16952)
  - Add DNS RBL support to SuSEconfig.sendmail (bug #16951)
  - Make last change work
* Mon Jul 15 2002
  - Remove /etc/aliases from filelist
* Thu Jul 11 2002
  - Try to use db4
* Thu Jul 11 2002
  - Enable trusted user file in both MSP and MTA (bug #16930)
  - Use confTRUSTED_USERS in MSP
  - Add changes from Volker Kuhlmann <>
    for supporting black lists with SuSEconfig
* Tue Jul 09 2002
  - Add /etc/aliases.d/ and a scanner in SuSeconfig.sendmail to
    get files therein into /etc/ Add check in
    /etc/mail/Makefile ... (bug #15921)
* Tue Jul 09 2002
  - Add sanity check for NULLCLIENT redirect (bug #16871)
  - Add user vscan to trusted user list (bug #16496)
  - Update to sendmail 8.12.5
* Thu Jul 04 2002
  - fix compilation with openldap-2.1
* Tue Apr 30 2002
  - Fix path of cyrus deliver program (bug# 16056)
  - Add m4 option for both and  (bug# 15409)
* Wed Apr 24 2002
  - Update ot bugfix release 8.12.3
  - Correction of the SMTP AUTH db generation
* Tue Apr 09 2002
  - Oops: move autoconf change log entry to uucp change log
* Thu Mar 28 2002
  - Add Obsoltes for sendmail-tls (bug #15579)
* Wed Mar 13 2002
  - Avoid header rewrite for sendmail client (fix bug #14910)
* Tue Mar 05 2002
  - Force insserv call (fix bug #14359)
* Fri Mar 01 2002
  - As requested: Add mailman and mailman-owner to aliases
* Fri Mar 01 2002
  - Fix small typo in mail sent after installation.
* Wed Feb 27 2002
  - Be sure that we catch all rc.config variables
  - Be sure that the new required sendmail options will be included
* Tue Feb 26 2002
  - More work for SMTPD_LISTEN_REMOTE: if the old system has
    SMTP=yes in /etc/rc.config we remember this decision at
    pre install time and change the default for SMTPD_LISTEN_REMOTE
    from "no" to "yes" at post install time.
* Tue Feb 26 2002
  - Fix bug #13905: With 8.12 we need to add our domain used in
    FROM_HEADER in the class G (generic domains)
* Mon Feb 25 2002
  - Export %_lib to site.config.m4 to make it work on ia64.
* Mon Feb 25 2002
  - fix bug #13830: catch EINTR on select.
* Thu Feb 21 2002
  - Add SMTPD_LISTEN_REMOTE to be able to switch off remote
    mail connections.
* Wed Feb 20 2002
  - Fix bug #13188 and #13521: Avoid mail loss by running both
    sendmail master and client.
  - Add and correct comments
  - Install sendmail/SECURITY
  - Fix bug #12462 by new configure option SENDMAIL_LUSER to map
    local mail with unknown local recipients.
* Thu Feb 14 2002
  - Correct comment about full qualified hostname which is located
    in /etc/HOSTNAME now.
* Wed Feb 13 2002
  - Run two daemons: one for sendmail server acts and one for the
    new client msp acts to deserve mails to port 25
  - Insserv by default, because the server daemons must listen on
    port 25 for the msp sendmail client used by  MTA's.
  - Create /etc/mal/ to get nocanonify, nodns, and
    masquerade into /etc/mal/
* Sun Feb 10 2002
  - new option for bz2 tar is "j"
* Tue Feb 05 2002
  - rename old rc.config variable names on update
* Wed Jan 30 2002
  - Remove YAST_ASK (#12972)
* Mon Jan 28 2002
  - sysconfig.mail changes
  - remove rc.config from README's
* Wed Jan 23 2002
  - Minor changes like including new features into
    and using the official MILTER macro of 8.12.2.
* Mon Jan 21 2002
  - Package split into sendmail and sendmail-devel
  - Notify if user has /etc/mail/sendmail.ct or /etc/mail/
  - Correct LICENSE in PDB
* Sun Jan 20 2002
  - for compiling a milter client, we need /usr/lib/libsm.a and
* Fri Jan 18 2002
  - Use clientmqueue interface, that means there is a user and
    group mail together with group writable directory for group
    mail and sendmail is sgid mail.
  - Implement STARTTLS and SASL interface for client and server side
  - Move /etc/mail/default-auth-info to /etc/mail/auth/auth-info(.db)
    and use the FEATURE(authinfo) not DefaultAuthInfo
  - Use /etc/mail/certs/ for STARTTLS data
  - Install editmap
  - Use FEATURE(delay_checks) in dialup.m4
  - Use `.' at the end of MAIL_HUP, LOCAL_RELAY, and SMART_HOST if
    a FQDN is used.
  - Fix bug #10601: Use content of /etc/HOSTNAME if FQDN
* Thu Jan 17 2002
  - Update to 8.12.2
    Use official MILTER now
  - Move from sendmail.ct and to local-host-names
    and local-host-names
  - Enable STARTTLS, and SASL by default
  - Make NULLCLIENT and SMTP-AUTH a configure option
  - Remove rc.config from any comment
  - DOMAIN macro should be called before MAILER macro
  - Use /etc/sysconfig/mail and /etc/sysconfig/amavis
  - Make it compile
* Tue Jan 15 2002
  - removed colons from startup/shutdown messages
* Fri Dec 14 2001
  - moved rc.config.d -> sysconfig, removed SMTP variable
* Thu Nov 22 2001
  - Do not escape backquote within (#12429)
* Thu Aug 30 2001
  - More on bug #9097
* Wed Aug 22 2001
  - Security update to 8.11.6 (bugtraq id 3163)
* Tue Aug 14 2001
  - Update to 8.11.5
  - Fix bug #9097
* Wed Jun 27 2001
  - More re-ordering of cpp directives
* Wed Jun 27 2001
  - Re-order cpp directive to be not included within printf
* Wed Jun 06 2001
  - Simple fix in sendmail.nissl script
  - Add hops fix
* Wed May 09 2001
  - bzip2 sources
* Thu Apr 26 2001
  - Add missed entries in /etc/mail/
* Thu Apr 05 2001
  - Add alias for amavis
* Wed Apr 04 2001
  - Add message about libwrap and sendmail if host.allow is used
* Thu Mar 29 2001
  - Add interface for amavis
  - Move mfapi.h to /usr/include/libmilter/
* Wed Mar 21 2001
  - Update to sendmail 8.11.3
  - Add libmilter.a and co
* Thu Mar 15 2001
  - changed for openldap2
* Thu Mar 15 2001
  - fixed neededforbuild for openldap
* Fri Feb 23 2001
  - Check for YAST_ASK value for all variables used be SuSEconfig
* Wed Jan 17 2001
  - Change init.d location in sendmails permission file
* Tue Jan 09 2001
  - re-added sfio compile fix from Andreas Schwab
* Tue Jan 09 2001
  - Update to 8.11.2 due BUG fixes
    * Sendmail, Inc. and the Sendmail Consortium are proud to
      announce the release of sendmail 8.11.2. This is a maintenance
      release which contains bug fixes for problems found after
      8.11.1 was released.
* Mon Dec 18 2000
  - Add touch of *.db file to set mtime of those files
* Mon Dec 11 2000
  - Add LSB header to init script
* Wed Dec 06 2000
  - add /usr/lib/sendmail.d/bin (like /usr/lib/sendmail.d) to %files
* Tue Nov 28 2000
  - Move init script to /etc/init.d
* Fri Nov 24 2000
  - Update to 8.11.1
  - Add a Makefile for /etc/mail/
  - Minor changes within suse-linux.m4
* Mon Nov 06 2000
  - fixed neededforbuild
* Wed Sep 27 2000
  - Fix VERSIONID format handling
* Mon Sep 11 2000
  - Fix some typos in README.SuSE (Thanks to Pavel Janik)
* Tue Sep 05 2000
  - correct FAQ name
* Mon Sep 04 2000
  - Update to 8.11.0
    * Hopefully reverse lookup works even with IPv6
    * Adapted the patches of 8.10.2
  - Add MASQUERADE_DOMAINS for masquerade of disjoint namespaces
  - Move /var/run/sendmail.control to /var/run/sendmail/control
* Tue Jul 25 2000
  - Add missed helpfile to file list.
  - Correct two typo's
* Fri Jul 14 2000
  - Use FQHOSTNAME in /etc/rc.config or /etc/HOSTNAME before calling
    hostname because the hostname maybe configured but not active.
* Tue Jul 11 2000
  - Set Timeout.ident to `0s' for SuSE Linux because many sites do
    not run identd or have disabled auth/ident protocol
* Tue Jun 20 2000
  - Remove FROM_HEADER from /etc/rc.config.d/sendmail.rc.config
    (bug #2881)
* Mon Jun 19 2000
  - Security update to 8.10.2
* Wed May 10 2000
  - Add a README.SuSE at /usr/share/doc/packages/sendmail/
  - Make sendmail accept sticky but group writable directories
  - Correct order of mailers in SuSEconfig script
* Tue May 09 2000
  - Add loud comment to hopefully weak up otherwise not thinking
    system adiminstrators.
  - Use dummy domains only within
* Fri Apr 14 2000
  - New version 8.10.1 (some security fixes)
* Fri Apr 14 2000
  - Add tcpd into neededforbuild
* Thu Apr 06 2000
  - Update to version 8.10.0 of sendmail
    * convert SuSE patches if not already in there
    * change our extensions to the new version (e.g. bsmtp, fido)
    * add mail500 mailer for (open)ldap
    * local mailer shouldn't use MX records
    * a few fixes withion the M4 macro tools
    * fix configure script
    * make libc5/nis+ changes dynamically
    * add example /etc/mail/relay-domains
    * add some informations on various files in /etc/mail/
    * move /etc/smrsh/ to /usr/lib/sendmail.d/bin/
    * install helpfile into /usr/lib/sendmail.d/
    * do NOT build and install vacation, we have our own
* Tue Feb 29 2000
  - Fix inconsistent printf format/arguments.
* Mon Feb 28 2000
  - Add patch which avoid alignment problems
* Mon Feb 21 2000
  - add Copyright tag to the uucp subpackage
  - beautify Group tags
* Mon Feb 14 2000
  - move man to /usr/share using macro
* Fri Feb 11 2000
  - Fix m4 source path during installation
* Mon Jan 10 2000
  - Correct stupid ` ' bug ;^)
* Thu Dec 23 1999
  - Move DOMAIN(generic) from suse-linux.m4 to and
  - Add /etc/mail/README.linux to the rpm binary file.
* Tue Dec 14 1999
  - create directory /var/lib/uucp (no longer in aaa_dir)
* Thu Dec 02 1999
  - Make it ready for 5.3 (libc5)
* Mon Nov 08 1999
  - Fix some permissions
* Fri Nov 05 1999
  - Fix typo in %post
* Wed Nov 03 1999
  - Workaround for fillup kludge
* Wed Nov 03 1999
  - really disable tcpwrapper
* Tue Nov 02 1999
  - Adapted the db1 patch to the last change
* Mon Nov 01 1999
  - Currently disabled: libwrap from tcpd (feature for next SuSE)
  - Don't use passwd in service switches because currently not used
    by sendmail
* Fri Oct 29 1999
  - Remove doubled alias `abuse'
* Thu Oct 28 1999
  - Add some more comments
  - Split nocanonify and nodns to support configurations found
    with an update.
  - Still unresolved: Usage of TCPWRAPPER
* Wed Oct 27 1999
  - Add linebreak in warning
* Wed Oct 27 1999
  - Add description for SENDMAIL_GENERICS_DOMAIN
* Wed Oct 27 1999
  - Fix some minor bugs:
    * source /etc/rc.config.d/sendmail.rc.config if available
    * Expand AliasFile for ldap
    * Locate AliasFile at /etc/aliases
    * Add some more comments about nis, nisplus in service.switch
    * Make FEATURE ldap usable
* Tue Oct 26 1999
  - Add some patches
    * ldap.893.patch (some fixes for ldap support)
    * mime.c.patch.893 (avoid buffer overflow die mime mails)
    * mrbl.p3.893 (enable multiple realtime blackhole list)
    * util.c.893.patch (avoid freeing of pointer in signal handler)
  - Add own changes
    * a new feature/ldap.m4 for (open)ldap support
    * a new feature/expensive.m4 (expensive smtp)
    * a new feature/dialup.m4 (defer delivery mode)
    * a new hack/nodns.m4 (combine nocanonify and service-nodns.switch)
    * add service-nodns.switch and service.switch (passwd with nis)
      in /etc/mail/
    * add a new ostype/suse-linux.m4 with our default configuration
    * change /etc/mail/, /etc/mail/,
      and /sbin/conf.d/SuSEconfig to fit new suse-linux.m4
    * add some anti-spam possibilities in /etc/mail/
    * make IP_SRCROUTE work for newer kernels and glibc
    * make USESETEUID and HASSETREUID work for the
      appropiate kernel and glibc version.
    * add IP adresses 127.x.x.x for relaying in /etc/mail/access
    * change permissions for /var/spool/mqueue
    * use `.hoststat' directory
    * use DOMAIN(generic)
    * add some default aliases (abuse and spam)
    * use wrapper library (/etc/hosts.allow and /etc/hosts.deny)
    * enable nisplus support
    * enable ldap support
    * add text version of intro, op, and usenix
* Mon Sep 20 1999
  - added provides smtp_daemon
* Mon Sep 13 1999
  - ran old prepare_spec on spec file to switch to new prepare_spec.
* Fri Sep 10 1999
  - fixed manpath in Linux.ppc
* Thu Aug 05 1999
  - updated FAQ
* Thu Jul 22 1999
  - switched back to prior version, because /etc/mail/ is mentioned
    in our manual.
* Tue Jul 20 1999
  - better configuration and anti spam option
  - delete FAQ from distribution
  - sample config files only in /usr/doc
* Mon Jul 12 1999
  - do not pre-format man-pages
* Thu Jun 10 1999
  - fixed build for libc5
* Tue May 18 1999
  - updated db1-patch
* Fri May 14 1999
  - add on for SuSEconfig.sendmail for DoD Sites
    will be set if SENDMAIL_EXPENSIVE=yes
* Tue Apr 06 1999
  - removed feature nodns, because it's declared as no-op
* Sun Apr 04 1999
  - new package sendmail-8.9.3
  - new feature /etc/mail/access
* Wed Feb 17 1999
  - removed rmail and rmail.8 (moved to package uucp)
  - build uucp from same specfile
* Mon Jan 11 1999
  - Makefile.Linux: objdir changed to Linux.2.* (respect alpha)
* Mon Dec 14 1998
  - created notify message
  - fixed comment in rc.config
* Thu Dec 10 1998
  - update check.tar.gz to the newest version
  - use /var/spool/mqueue instead of /var/mqueue
  - add statistics prog sendmail.nissl
  - mv smrsh prog dir to /etc/smrsh
  - add userdb
  - etc/aliases: add more logic and fix some paths
  - add /tmp-race-fixes to
  - mv /etc/mail/ /var/log/
  - fix some paths in sendmail docu
  - add LUSER_RELAY example to /etc/mail/
  - add bug-fixes if someone recompiles with TCPWRAPPERS defined
  - add SENDMAIL_GENERICS_DOMAIN to rc.config
  - change most files in /etc/mail to config(noreplace)
  - dynamic linking against -lresolv -lnsl
  - do not compile with XDEBUG
* Mon Dec 07 1998
  - updated init-script
  - build for libc5 as well as for glibc
* Sat Dec 05 1998
  - mark /etc/ and /etc/aliases as "noreplace".
  - mark mailertable, virtusertable, genericstable as "noreplace".
  - skipped notice mail for sys admin.
  - don't include *.db
  - SuSEconfig.sendmail: fixed problem, if *.db do not exist.
* Thu Nov 05 1998
  - use -ldb (db1 exists only for glibc-2.1)
* Tue Sep 29 1998
  - BETA ONLY: use /usr/include/db1 and -ldb1
    use -lresolv and -lnsl
* Wed Mar 04 1998
  - add newer anti-spam rules
  - comment out majordomo-entries in /etc/aliases
  - do not use "smtp:" for nullclient file
* Mon Mar 02 1998
  - marked /etc/mail/aliases as %config
* Mon Feb 09 1998
  - newer /etc/mail/README
  - newer anti-spam rules
  - make all database files optional in
  - do not use the "-f" option for the database files
  - use the new SuSE-functions to check with md5sums if a new
    should be written
* Fri Jan 16 1998
  - minor bugfix in /sbin/conf.d/SuSEconfig.sendmail
    (exit if no rc.config exists)
* Thu Nov 27 1997
  - fix some typos in docu files
  - update to newest version of Anti-Spam support
* Wed Nov 19 1997
  - enable NIS support
* Sun Nov 16 1997
  - update /etc/mail/README
* Mon Oct 27 1997
  - update to sendmail 8.8.8
  - first start for a docu file in /etc/mail/README
  - new parameters in rc.config (/var/adm/fillup-templates/rc.config.sendmail)
  - per default additional database files in /etc/mail are used
  - /sbin/conf.d/SuSEconfig.sendmail gernerates /etc/
  - add support for anti-spam macros from Claus Aßmann
  - sample /etc/mail/ for complex email setups
* Sun Apr 27 1997
  start sendmail in background in sbin/init.d/sendmail
* Thu Feb 27 1997
  added alias faxmaster
* Wed Jan 22 1997
  - add uucp and mdom to the list of trusted users
  - update to version 8.8.5
  - add slightly better /etc/aliases
* Thu Jan 02 1997
  - update to 8.8.4 (due to a security hole)
* Thu Jan 02 1997
  - update to 8.8.3 (due to a big security hole)
* Thu Jan 02 1997
  - Update auf neue Version 8.8.2.
  - Vorbereitung von mehr Konfigurationsmoeglichkeiten in rc.config.
* Thu Jan 02 1997
  - added two small patches from Eric Allman(?)
* Thu Jan 02 1997
  - update to newer version
* Thu Jan 02 1997
  - added security fix
  - use "FEATURE(nocanonify)" instead of editing the .cf file



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 9 11:29:24 2022