FFe: Upgrade to opendkim 2.5.0.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
opendkim (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Upstream recently released a feature release of opendkim and I've (finally) had time to package it. It is currently in Debian New due to a library soname change. It brings a number of bug fixes in addition to the features. Request a FFe to bring this version into precise. I'll either sync or do a direct upload depending on how long the New queue in Debian takes.
I've pasted the release notes related to 2.5.0 (2.5.0.1 only changed a broken test). Most of the features are either updating to more recent versions of draft IETF standards or disabled by default (and the package doesn't enable them). The one real loss is the removal of DomainKeys support. This is a minor issue as it is a historic protocol that no one should be using anymore.
Upstream does not maintain old branches, so updating will make it easier to get support if issues are discovered. Upstream has a history of being responsive with patches when issues are encountered. See Bug #937533 for an example. I'm going to be helping out with maintaining this package in Debian now, so Debian maintenance should be more current than it has been as well.
2.5.0 2012/02/29
######
### ###
### This release is dedicated to the memory of J.D. Falk, a ###
### tireless champion of anti-abuse technology and collaboration ###
### and a founding member of the Board of the Trusted Domain ###
### Project, a participant in related IETF work, and a long-time ###
### particpant and supporter of MAAWG. J.D. was taken by cancer ###
### on November 16, 2011. His enthusiasm and perspective for ###
### all of this work will be sorely missed. ###
### ###
######
Feature request #SF3385816: Discontinue DomainKeys support.
Feature request #SF3393282: Update ARF output per
draft-
Feature request #SF3406814: Add ability to invoke chroot().
Requested by Andreas Schulze.
Feature request #SF3477908: Update DKIM reporting per
draft-
Add "WeakSyntaxChecks" suppressing some short-circuiting error checks
on syntax. Requested by Todd Nagengast.
Allow a set of test files to be passed via "-t" rather than just one.
Add _FFR_REPUTATION, and several new support libraries (in the
libut/ and reputation/ directories) for doing DKIM-based
reputation evaluations of arriving messages. Full
documentation of the algorithms will appear in an upcoming
white paper. This also includes several new configuration
options that make use of reputation data pulled from servers:
ReputationCache
ReputationCa
ReputationLimits
ReputationLo
ReputationMi
ReputationLi
ReputationRatios
ReputationSp
ReputationTi
For now these are briefly documented in reputation/README.
As this subsystem matures, they will be fully documented in
opendkim.conf(5).
Fix bug #SF3471520: Don't crash when the first line of a configuration
file is an "Include" instruction. Reported by Dilian
Wesselinov Palauzov.
Fix bug #SF3475149: Apply RFC2254 encoding to LDAP queries.
Problem noted by Yoshiaki Yanagihara.
LIBOPENDKIM: Feature request #SF3317160: Per RFC6376, remove
granularity checks.
LIBOPENDKIM: Feature request #SF3385768: Add dkim_privkey_
allowing validation of a private key before reaching
end-of-message. Requested by Heikki Gruner.
LIBOPENDKIM: Feature request #SF3423226: Copy header field name lists
instead of using the caller's copy. Suggested by
Heikki Gruner.
LIBOPENDKIM: Update list of header fields that should be signed
per RFC6376.
LIBOPENDKIM: Don't report the absence of "c=" as an error, since
there is a default.
LIBOPENDKIM: Add DKIM_SIG_CHECK() macro. Suggested by Heikki
Gruner.
LIBAR: Fix bug #SF2917856: Rename "ar.h" to "async-resolv.h" since
"ar.h" is already in common use.
STATS: Feature request #SF3397903: Drop all support for data needed
for the DKIM Implementation Report, as it has been completed.
Leave stuff that's useful for reputation R&D.
STATS: Feature request #SF3402857: Modify opendkim-spam to be able
to write update records to statistics files.
STATS: Feature request #SF3439384: Make opendkim-
backend-agnostic. Requested by Andreas Schulze.
TOOLS: Add opendkim-testmsg, for signing/verifying messages without
all the milter code being invoked. Requested by
Todd Nagengast.
CONTRIB: Add LDAP documentation and examples. Provided by
Patrick Ben Koetter.
It's accepted in Debian, so this would be a sync.