GNU Anubis NEWS -- history of user-visible changes. 2014-05-23 Copyright (C) 2001-2014 The Anubis Team. See the end of file for copying conditions. Please send your bug reports to . * Version 4.2, 2014-05-23 ** New operation mode: proxy ** Command line option precedence Command line options take precedence over configuration file statements. ** elif statement A familiar `elif' statement is supported, e.g.: if condition-1 action-list-1 elif condition-2 action-list-2 elif condition-3 action-list-3 else action-list-4 fi ** New CONTROL statement esmtp-auth-delayed. When set to `yes', this statement instructs Anubis to postpone ESMTP authentication until MAIL command is issued by the client. This allows to change authentication credentials in the SMTP section (see below). ** SMTP section The new section "SMTP" is invoked each time an SMTP command is received. This section may alter the command's argument, using the "modify command", e.g.: BEGIN SMTP regex :extended modify command [ehlo] "foo.bar.net" if command ["mail from:"] "<(.*)>(.*)" modify command ["mail from:"] "\2" fi END It is also allowed to use esmtp-* keywords in this section, provided that `esmtp-auth-delayed yes' is set in the CONTROL section. Changes in the ESMTP authentication credentials take effect if they occur either before receiving MAIL command from the client, or when handling this command, e.g.: BEGIN SMTP if command ["mail from:"] "" esmtp-auth-id smith esmtp-password guessme else esmtp-auth no fi END ** New keywords: log-facility and log-tag ** Guile output By default Scheme's standard error and output ports are redirected to syslog, using priorities `err' and `warning' correspondingly. ** MySQL options file When using MySQL for Anubis user database, the database parameters and access credentials are read from the file /etc/my.cnf, section "anubis". Additionally, two URL parameters are provided: "options-file", which sets the name of the options file, and "options-group", which sets the name of the group. * Version 4.1.1, 2008-12-20 ** Automatic correction of MAIL and RCPT SMTP commands. Some mail software inserts whitespace between 'MAIL TO:' or 'RCPT FROM:' command and its argument. When handling these commands, Anubis removes this extra whitespace, thereby making them compliant to RFC 2821. This feature is particularly useful when working with MTAs that enforce strict RFC compliance, such as MeTA1. ** Fix loop-detection code. ** New configuration keywords sasl-realm, sasl-hostname and sasl-service. ** Minor improvements and bugfixes. ** New Danish, Indonesian, Italian, and Swedish message translations. * Version 4.1, 2007-11-04 The package is licensed under GPL version 3 (see COPYING for the details). ** New features: *** New working mode: MDA *** The != (``not match'') operator is implemented. The statement: if header ["To:"] != "smith@.*" is equivalent to if not header ["To:"] = "smith@.*" *** Concatenation operator Concatenation operator allows to run tests on a concatenation of values of all headers or commands having same key. For example to get a comma-separated list of all recipients, one could use: if command ["rcpt to:"] (",") = "(.*)" Here, the (",") instructs Anubis to concatenate the values of all RCPT TO commands, using comma as a separator. The match on the right hand side will always succeed, and the concatenated value will be available via the "\1" substitution. *** Guile With guile support enabled, Guile version 1.8.0 or later is required. ** Bug fixes *** Fixed handling of regular expressions *** Got rid of arbitrary-sized buffers. All memory is allocated on request. *** Fix handling of the main configuration file Main configuration file is processed no matter was the client recognized or not. *** Catch errors in Guile scripts. Errors in Guile scripts are catched and displayed early. In previous versions they could cause aborting the subprocess. *** Support for GPGME 1.0.2 *** Fixed minor bug in handling identd responses. *** Fixed SIGCHLD handling. * Version 4.0, 2004-12-18 GNU Anubis 4.0 has been rewritten from scratch. The message processing algorithm has been changed. Apart from that, this release includes a lot of other improvements and bugfixes. ** New operation modes. The new authentication and authorization mode has been introduced. In contrast to the method used previously, the new mode does not require client machines to run AUTH server (identd). It uses standard SMTP AUTH capability and can therefore be used with most contemporary MUAs. ** User database. User database can be kept on the server machine in any of the following formats: - Plain text - GDBM - MySQL - PostgreSQL ** Extensions GNU Anubis is extensible via Guile (requires Guile 1.6 or newer). Several Guile extension modules are shipped with the package, among them a module for GPG signing ** Added test suite (make check). ** Configuration file Configuration file grammar is rewritten. It features several new syntactical entities, allows nesting of conditional statements to arbitrary depth, and is easily extended using Guile. Refer to the documentation for the detailed information. *** New options - drop-unknown-user. - gpg-sign-encrypt, allows to encrypt and sign messages simultaneously. *** RULEs The RULE section is allowed both in system-wide and in user configuration files. The statement `rule-priority' in the system CONTROL section defines the order of execution of the two sections. *** Per-user sections and the `call' statement User-defined sections are allowed in either configuration file. Such sections may be invoked from RULE section or from another user-defined section using `call' statement. *** Section priority Order of processing the user CONTROL sections may be altered by setting `control-priority' in the system-wide CONTROL section. *** Tracing Execution of the configuration files can be traced using the `tracefile' statement in CONTROL section of the configuration file. ** Other changes: *** Remailers and Rot-13 support. Support for remailers and rot-13 has been removed from the main engine and rewritten as the loadable extension modules. *** Emacs New file `anubis-mode.el' provides an Emacs major mode for editing Anubis configuration files. *** Translations New Dutch, Malay, Polish, Romanian, Russian, and Ukrainian message translations. * Version 3.6.2, 2002-12-15 ** URGENCY: HIGH. Some serious bugs have been fixed (since 3.6.1). ** Default daemon's port number is now 24 (private mail system). ** The MODIFY keyword has been hugely improved. Its syntax has been changed, so please read the GNU Anubis Manual before using it. ** The DEBUG mode has been improved (now it's also built-in by default). ** The boundary-search code has been fixed (for e.g. MS Outlook). Reported by David Roberts . ** Some minor changes and fixes in the documentation have been made. The `anubis.1' man page will not be maintained anymore. The full documentation is maintained as a Texinfo manual. ** The Free Documentation License has been upgraded from 1.1 to 1.2. ** The `msg2smtp.pl' Perl script (revision 1.5) has been fixed. ** Switched to GNU Autoconf 2.57 and GNU Automake 1.7.2. * Version 3.6.1, 2002-11-16 ** URGENCY: MEDIUM. A serious code optimization, changes, and bug fixes have been made, but most not visible to end-users. ** GNU Anubis requires now GPGME 0.3.12 or later (and at least GnuPG 1.2.0). ** The Turkish NLS has been added. * Version 3.6.0, 2002-11-02 ** Now this program is part of GNU! We celebrate with a new name "GNU Anubis". We have moved the home page to http://www.gnu.org/software/anubis/. ** The GnuTLS is now supported by default. To enable OpenSSL (and disable GnuTLS), please compile GNU Anubis with `./configure --with-openssl; make'. ** The ESMTP CRAM-MD5 authentication method is now supported by libgcrypt if compiling with GnuTLS, or `openssl/md5.h' if compiling with OpenSSL. * Version 3.5.2, 2002-10-21 ** URGENCY: MEDIUM. The GnuTLS support has been added. To enable it, please compile Anubis with `./configure --with-gnutls; make' (this will disable OpenSSL). There is also a new keyword CAFILE to specify a CA certificate. ** Some build fixes have been made. Thanks to Olaf Püschel and Ayamura KIKUCHI. The setenv function should now works properly under Solaris and IRIX. The ESMTP CRAM-MD5 authentication method is now disabled, when compiling without the OpenSSL support (CRAM-MD5 requires MD5 via `openssl/md5.h'). ** The '--stdio' command line option has been fixed. * Version 3.5.1, 2002-10-16 ** URGENCY: LOW. A WinGate proxy support has been removed. ** The SOCKS-USERNAME and SOCKS-PASSWORD keywords have been replaced with the SOCKS-AUTH keyword ("socks-auth = USERNAME:PASSWORD"). * Version 3.5.0, 2002-10-14 ** URGENCY: MEDIUM. Support for the ESMTP authentication (CRAM-MD5 and LOGIN) has been added. This feature has been designed for MUAs, which cannot speak the ESMTP AUTH command. ** The "EXTERNAL" section has been replaced with a translation map for remote or local users (The "TRANSLATION" section). A new syntax is: "translate = [USER@]ADDRESS into = USERNAME". ** The `msg2smtp.pl' Perl code has been added to the `contrib' directory. This is a very useful script for all Mutt users, who would like to use Anubis. Thanks to Michael de Beer . ** The OUTPUT keyword (a temporary alias since 3.4.7) has been removed. ** The French NLS has been added. * Version 3.4.9, 2002-09-22 ** URGENCY: LOW. An experimental NLS (Native Language Support) has been added (no `po' files yet). ** The specgen.sh file has been updated. ** Some minor changes and bug fixes have been made. * Version 3.4.8, 2002-09-20 ** URGENCY: MEDIUM. Support for substitutions (RE back-references to subexpressions) has been added. ** Anubis now recognizes a client if IDENTD server returns only UID number. * Version 3.4.7, 2002-09-17 ** URGENCY: HIGH. The Rule System now supports an extra regexp options, and in addition you can use the following regular expression syntaxes in a run time: "POSIX Basic", "POSIX Extended", "Perl regular expression". ** The "REGEX" section has been renamed to the "RULE" section. (---BEGIN RULE---). Please update your configuration files. ** The Trigger mechanism has replaced the DCM system (a new syntax). ** Some keywords have been renamed (again): > SIGNATURE-FILE-APPEND instead of SIGNATURE-FILE-ATTACH > BODY-APPEND instead of BODY-ATTACH > BODY-CLEAR-APPEND instead of BODY-CLEAR-ATTACH. > TERMLEVEL instead of OUTPUT (OUTPUT is now a temporary alias). ** The documentation has been improved. * Version 3.4.6, 2002-09-08 ** URGENCY: HIGH. The "TUNNEL" section has been renamed to the "CONTROL" section (---BEGIN CONTROL---). Please update your configuration files. ** An optional support for Pluggable Authentication Modules (PAM) has been added. To add this feature, compile with './configure --with-pam'. ** The AUTH-LOCAL keyword has been removed. Now, local processing is a default mode. ** Anubis doesn't set a client's EGID and EUID anymore. For security reasons, the RGID and RUID are set instead. ** A major documentation changes and improvements have been made. * Version 3.4.5, 2002-09-02 ** URGENCY: HIGH. An optional support for libwrap (TCP wrappers) has been added (recommended when using the "EXTERNAL" section). To add this feature, compile with './configure --with-tcp-wrappers'. ** A serious bug in the main engine has been fixed, now it is possible to make a transparent authentication with an SMTP server (ESMTP AUTH). ** A new GPG-PASSPHRASE keyword has been added (USER MODE). ** The REMOTE-MTA is now a default keyword for a remote mail transport agent. The SERVER keyword, since now, is only an alias. ** The SIGNATURE keyword has been renamed to SIGNATURE-FILE-ATTACH to prevent any likeness with GnuPG/PGP signatures. ** The "-h,--host" command line options have been renamed to "-r,--remote-mta". ** A big docs improvements have been made. The TUTORIAL file has been removed. Read the documentation in Texinfo (anubis.info) format instead. ** Some additional changes and security fixes have been made. * Version 3.4.2, 2002-08-22 ** URGENCY: LOW. A new documentation in Texinfo format has been added. Some additional documentation changes have been made. ** The TUTORIAL and anubis.1 files have been moved to the 'doc' directory. ** The specgen.sh file has been updated. * Version 3.4.1, 2002-08-18 ** URGENCY: MEDIUM. For security reasons, a new keyword USER-NOTPRIVILEGED has been added. It specifies a user which the server runs as most of the time, when doing unprivileged operations. ** Some additional changes and fixes have been made. ** The Tips & Hints section has been added to the documentation. ** The THANKS file has been added. * Version 3.4.0, 2002-08-01 ** URGENCY: MEDIUM. A new support for an external clients has been added. Now it is possible to allow an extenal user to use the local configuration file, and process outgoing mail. There is a new ALLOW-EXTERNAL-PROCESSING keyword and the "remapping table" with the following syntax: "external = [user@]address local = username". This idea has been suggested by Mikael Ringeval. ** Some minor changes have been made. * Version 3.3.0, 2002-07-23 ** URGENCY: HIGH. A new rule system style has been introduced. It has been also slightly extended by adding the '!=' (FALSE) control operator. Read the TUTORIAL file for more information. ** An external message body processor support has been added (there is a new EXTERNAL-BODY-PROCESSOR keyword). ** The BODY-FILE keyword has been renamed to BODY-ATTACH. ** A new BODY-CLEAR-ATTACH function has been added. ** The code has been optimized a bit. Some bugs have been fixed. ** The specgen.sh file has been updated. * Version 3.2.3, 2002-07-06 ** URGENCY: LOW. The specgen.sh file has been improved. ** The compilation with a custom CFLAGS environment variable has been fixed. * Version 3.2.2, 2002-07-01 ** URGENCY: LOW. The configure scripts have been modified to be compatible with GNU Autoconf 2.53 or later. ** Another build fixes (configure.ac) by Ayamura KIKUCHI. * Version 3.2.1, 2002-06-26 ** URGENCY: LOW. Some minor bugs have been fixed. ** A small OpenSSL build fix has been made. Thanks to Ayamura KIKUCHI . ** The default install path has been changed from /usr/sbin/ to /usr/local/sbin/. * Version 3.2.0, 2002-06-23 ** URGENCY: MEDIUM. A new Dynamic Commands Manipulation system (aka DCM) has been added. Read the TUTORIAL file for more information. ** A useful personal logger (per-user logging) has been added. There are new USER MODE keywords (LOGFILE and LOGLEVEL). ** The ROT13SUBJECT and ROT13BODY keywords have been renamed to ROT13-SUBJECT and ROT13-BODY. ** A small fix for systems without setegid(2) and seteuid(2) has been made. * Version 3.1.1, 2002-06-20 ** URGENCY: LOW. The MTA-ARGS keyword has been removed. The LOCAL-MTA parser has been rewritten. ** An additional check for seteuid(2) and setegid(2) has been added in the configure script. ** The specgen.sh file has been improved. ** A small code cleanup has been done. * Version 3.1.0, 2002-06-14 ** URGENCY: HIGH. A major security fixes have been made. The SETREMOTEUSER keyword has been removed. Now Anubis is always changing its privileges to a client's EGID, EUID, and HOME directory. Moreover a new keyword for a supervisor has been added: ALLOW-LOCAL-MTA, which slightly increases a security level. ** The IDENT-ONLY keyword has been removed, now the only way to authenticate a user is the TCP/IP IDENT protocol server. ** The NOFORK macro has been removed, this means that Anubis will not support systems without the fork(2) function anymore. ** The ONEWAY-SSL keyword has been added. It can be used when your MUA doesn't support the TLS/SSL encryption, but your MTA does. ** The code has been optimized a bit. * Version 3.0.2, 2002-06-10 ** URGENCY: HIGH. A serious bug has been fixed: While sending more than one email in a one connection, the OMP had processed every message in the same way, but now this has been successfully fixed. ** Some additional security fixes have been made. * Version 3.0.1, 2002-06-08 ** URGENCY: LOW. Some minor changes have been made. ** Some bugs have been fixed. ** The documentation has been improved. ** The portability has been slightly improved, especially under Darwin. * Version 3.0.0, 2002-06-01 ** The Anubis has become only an outgoing mail processor and the SMTP tunnel between the MUA and the MTA. Any other functions/features have been removed. ---------------------------------------------------------------------- Copyright information: Copyright (C) 2001, 2002, 2003, 2004, 2007, 2008 The Anubis Team. Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that the copyright notice and this permission notice are preserved, thus giving the recipient permission to redistribute in turn. Permission is granted to distribute modified versions of this document, or of portions of it, under the above conditions, provided also that they carry prominent notices stating who last changed them. Local variables: mode: outline paragraph-separate: "[ ]*$" eval: (add-hook 'write-file-hooks 'time-stamp) time-stamp-start: "changes. " time-stamp-format: "%:y-%02m-%02d" time-stamp-end: "\n" end: