From de9ae4e770233488291d5f9595f31161bb31c6ad Mon Sep 17 00:00:00 2001 From: Matt Simerson Date: Wed, 21 Aug 2024 17:08:40 -0700 Subject: [PATCH] release 3.0.4 (#3393) Fixes #3301 --- .eslintrc.yaml | 4 +- .github/CONTRIBUTING.md | 20 +- .github/ISSUE_TEMPLATE/bug_report.md | 1 - .github/ISSUE_TEMPLATE/custom.md | 2 - .github/ISSUE_TEMPLATE/feature_request.md | 1 - .github/PULL_REQUEST_TEMPLATE.md | 6 +- .github/dependabot.yml | 16 +- .github/workflows/ci.yml | 40 +- .github/workflows/codeql.yml | 4 +- .github/workflows/coverage.yml | 52 +- .lgtm.yml | 1 - .release | 2 +- CONTRIBUTORS.md | 9 +- Changes.md | 2480 +++++++++++---------- Plugins.md | 189 +- README.md | 17 +- package.json | 9 +- 17 files changed, 1447 insertions(+), 1406 deletions(-) diff --git a/.eslintrc.yaml b/.eslintrc.yaml index d88a677ed..a70988f7d 100644 --- a/.eslintrc.yaml +++ b/.eslintrc.yaml @@ -6,7 +6,7 @@ env: extends: ['@haraka'] rules: - semi-style: [ error, last ] - prefer-template: "warn" + semi-style: [error, last] + prefer-template: 'warn' no-unneeded-ternary: 1 no-unused-vars: 0 diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 321ec8535..0b3c85ee2 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -30,19 +30,19 @@ To submit new_branch as a Pull Request, visit the [Haraka project page](https:// ### General Guidelines -* New features **must** be documented -* New features **should** include tests +- New features **must** be documented +- New features **should** include tests ### Style conventions -* 4 spaces for indentation (no tabs) -* Semi-colons on the end of statements are preferred -* Use whitespace between operators - we prefer `if (foo > bar)` over `if(foo>bar)` -* Don't comment out lines of code, remove them as they will be in the revision history. -* Use boolean true/false instead of numeric 0/1 -* See [Editor Settings](Editor-Settings) +- 4 spaces for indentation (no tabs) +- Semi-colons on the end of statements are preferred +- Use whitespace between operators - we prefer `if (foo > bar)` over `if(foo>bar)` +- Don't comment out lines of code, remove them as they will be in the revision history. +- Use boolean true/false instead of numeric 0/1 +- See [Editor Settings](Editor-Settings) ## Tests -* run all tests: ./run_tests (or "npm test") -* run tests for a single plugin: ./run_tests test/plugins/bounce.js +- run all tests: ./run_tests (or "npm test") +- run tests for a single plugin: ./run_tests test/plugins/bounce.js diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index f152cbedc..fc7d66278 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -4,7 +4,6 @@ about: Create a report to help us improve title: '' labels: '' assignees: '' - --- ### Describe the bug diff --git a/.github/ISSUE_TEMPLATE/custom.md b/.github/ISSUE_TEMPLATE/custom.md index 9bcce3fb6..58232a162 100644 --- a/.github/ISSUE_TEMPLATE/custom.md +++ b/.github/ISSUE_TEMPLATE/custom.md @@ -4,10 +4,8 @@ about: Issues that aren't bug reports or feature requests title: '' labels: '' assignees: '' - --- - ### System Info If relevant, please report your OS, Node version, and Haraka version by running this shell script on your Haraka server and replacing this section with the output. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 8769cbd8c..652da1881 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -4,7 +4,6 @@ about: Suggest an idea for this project title: '' labels: '' assignees: '' - --- - [ ] I already searched past issues diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index fafa73df2..bbdf56f3c 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,10 +1,12 @@ Fixes # Changes proposed in this pull request: -- -- + +- +- Checklist: + - [ ] docs updated - [ ] tests updated - [ ] [Changes](https://github.com/haraka/Haraka/blob/master/Changes.md) updated diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e01ce9d45..0264aac91 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,21 +5,21 @@ version: 2 updates: - - package-ecosystem: "npm" # See documentation for possible values - directory: "/" # Location of package manifests + - package-ecosystem: 'npm' # See documentation for possible values + directory: '/' # Location of package manifests schedule: - interval: "monthly" + interval: 'monthly' allow: - dependency-type: production groups: production-dependencies: - dependency-type: "production" + dependency-type: 'production' development-dependencies: - dependency-type: "development" + dependency-type: 'development' - - package-ecosystem: "docker" + - package-ecosystem: 'docker' # Look for a `Dockerfile` in the `root` directory - directory: "/" + directory: '/' # Check for updates once a month schedule: - interval: "monthly" + interval: 'monthly' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 58a4b7735..556eb4aec 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,6 @@ name: CI -on: [ pull_request, push ] +on: [pull_request, push] env: CI: true @@ -10,7 +10,7 @@ jobs: uses: haraka/.github/.github/workflows/lint.yml@master test: - needs: [ get-lts ] + needs: [get-lts] runs-on: ${{ matrix.os }} services: redis: @@ -19,18 +19,18 @@ jobs: - 6379:6379 strategy: matrix: - os: [ ubuntu-latest ] + os: [ubuntu-latest] node-version: ${{ fromJson(needs.get-lts.outputs.active) }} fail-fast: false steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - name: Node.js ${{ matrix.node-version }} on ${{ matrix.os }} - with: - node-version: ${{ matrix.node-version }} - # - run: openssl x509 -in test/config/tls/ec.pem -noout -enddate -subject -ext subjectAltName - - run: npm install --omit=optional - - run: npm run test + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + name: Node.js ${{ matrix.node-version }} on ${{ matrix.os }} + with: + node-version: ${{ matrix.node-version }} + # - run: openssl x509 -in test/config/tls/ec.pem -noout -enddate -subject -ext subjectAltName + - run: npm install --omit=optional + - run: npm run test # TODO: replace the above with this, after plugin/attachment is split # ubuntu: @@ -38,15 +38,15 @@ jobs: # uses: haraka/.github/.github/workflows/ubuntu.yml@master windows: - needs: [ lint ] + needs: [lint] uses: haraka/.github/.github/workflows/windows.yml@master get-lts: - runs-on: ubuntu-latest - steps: - - id: get - uses: msimerson/node-lts-versions@v1 - outputs: - active: ${{ steps.get.outputs.active }} - lts: ${{ steps.get.outputs.lts }} - min: ${{ steps.get.outputs.min }} + runs-on: ubuntu-latest + steps: + - id: get + uses: msimerson/node-lts-versions@v1 + outputs: + active: ${{ steps.get.outputs.active }} + lts: ${{ steps.get.outputs.lts }} + min: ${{ steps.get.outputs.min }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 36274515a..8314a66f1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -2,10 +2,10 @@ name: CodeQL on: push: - branches: [ master ] + branches: [master] pull_request: # The branches below must be a subset of the branches above - branches: [ master ] + branches: [master] schedule: - cron: '18 7 * * 4' diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 57ac96042..cceab4f0d 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -1,6 +1,6 @@ name: Test Coverage -on: [ pull_request ] +on: [pull_request] env: CI: true @@ -9,28 +9,28 @@ jobs: coverage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - name: Node.js - - - name: install libarchive-tools - run: | - sudo apt-get update - sudo apt-get install -y libarchive-tools - - - run: npm install - - - name: run coverage - run: | - npm install --no-save c8 - npx c8 --reporter=lcovonly npm test - env: - NODE_ENV: cov - - - name: codecov - uses: codecov/codecov-action@v2 - - - name: Coveralls - uses: coverallsapp/github-action@master - with: - github-token: ${{ secrets.GITHUB_TOKEN }} + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + name: Node.js + + - name: install libarchive-tools + run: | + sudo apt-get update + sudo apt-get install -y libarchive-tools + + - run: npm install + + - name: run coverage + run: | + npm install --no-save c8 + npx c8 --reporter=lcovonly npm test + env: + NODE_ENV: cov + + - name: codecov + uses: codecov/codecov-action@v2 + + - name: Coveralls + uses: coverallsapp/github-action@master + with: + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.lgtm.yml b/.lgtm.yml index cb0ba5ca6..b73ab4f75 100644 --- a/.lgtm.yml +++ b/.lgtm.yml @@ -1,3 +1,2 @@ - queries: - exclude: js/automatic-semicolon-insertion diff --git a/.release b/.release index 36bb27a93..afb1db801 160000 --- a/.release +++ b/.release @@ -1 +1 @@ -Subproject commit 36bb27a93862517943e04f24fd67b0df2da6cbbe +Subproject commit afb1db801607dda5e859f39b600f0dd0111e4651 diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 3f46b7764..045ceb6fc 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -1,12 +1,11 @@ - # Contributors This handcrafted artisinal software is brought to you by: -|
msimerson (1581)|
baudehlo (969)|
smfreegard (794)|
godsflaw (171)|
Dexus (42)|
analogic (39)|
gramakri (37)| +|
msimerson (1619)|
baudehlo (969)|
smfreegard (794)|
godsflaw (171)|
analogic (42)|
Dexus (42)|
gramakri (37)| | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -|
lnedry (23)|
celesteking (21)|
lpatters (20)|
chazomaticus (19)|
hayesgm (16)|
arlolra (16)|
gauravaror (14)| -|
typingArtist (14)|
darkpixel (12)|
superman20 (12)|
KingNoosh (11)|
tstonis (10)|
wltsmrz (9)|
fatalbanana (8)| -|
EyePulp (8)|
Synchro (8)|
gene-hightower (7)|
DarkSorrow (6)|
joshuathayer (6)|
zllovesuki (5)|
schamane (5)| +|
lnedry (23)|
celesteking (21)|
lpatters (20)|
chazomaticus (19)|
hayesgm (16)|
arlolra (16)|
gauravaror (14)| +|
typingArtist (14)|
darkpixel (12)|
superman20 (12)|
KingNoosh (11)|
tstonis (10)|
wltsmrz (9)|
fatalbanana (8)| +|
EyePulp (8)|
Synchro (8)|
gene-hightower (7)|
joshuathayer (6)|
DarkSorrow (6)|
hontas (5)|
ricardopolo (5)| this file is maintained by [.release](https://github.com/msimerson/.release) diff --git a/Changes.md b/Changes.md index 777955af4..00327e15f 100644 --- a/Changes.md +++ b/Changes.md @@ -1,6 +1,7 @@ - ### Unreleased +### [3.0.4] - 2024-08-21 + #### Added - doc: add CONTRIBUTORS #3312 @@ -128,7 +129,6 @@ - dep(tld): bump version to 1.2.0 - remove defunct config files: lookup_rdns.strict.ini, lookup_rdns.strict.timeout, lookup_rdns.strict.whitelist, lookup_rdns.strict.whitelist_regex, rcpt_to.blocklist, rdns.allow_regexps, rdns.deny_regexps - ### [3.0.2] - 2023-06-12 #### Fixed @@ -152,7 +152,6 @@ - doc(outbound.ini) update link #3159 - doc(clamd.md) fixed spelling error #3155 - ### [3.0.1] - 2023-01-19 #### Fixed @@ -166,7 +165,6 @@ - plugins: Add haraka-plugin-outbound-logger to registry #3146 - dep(pi-spf): bump version 1.1.3 to 1.2.0 - ### [3.0.0] - 2022-12-17 #### Added @@ -178,7 +176,7 @@ - fix(tls): redis promise syntax for tls & ob/tls #3064 - fix(attachment): error handling with complex archive #3035 -- fix(smtp_client): run "secured" once, fixes #3020 +- fix(smtp_client): run "secured" once, fixes #3020 - fix(smtp_client): add missing `$` char in front of interpolated string - fix(auth_proxy): run "secured" only once, improvement for #3022 - fix(helo): remove multi-check from should_skip #3041 @@ -201,16 +199,16 @@ - style(plugin/\*): transaction guarding #3032 - dep(spf): remove to separate plugin #3078 - dep(iconv): removed, declared in haraka-email-message) -- dep(haraka-plugin-redis)!: 1.0 -> 2.0 #3038 +- dep(haraka-plugin-redis)!: 1.0 -> 2.0 #3038 - dep(redis)!: 3.1 -> 4.1 #3058 - dep(generic-pool): remove pooling from outbound #3115 - smtp_client: remove smtp_\* pooling support in #3113 - dep: bump plugin versions #3063 - dep: bump haraka-plugin-asn from 1.0.9 to 2.0.0 #3062 - dep(redis): 3.1 -> 4.1 #3058 -- dep(nopt): 5 -> 6.0.0 #3076 -- dep(haraka-plugin-fcrdns): 1.0.3 -> 1.1.0 #3076 -- dep(haraka-plugin-redis): 1.0 -> 2.0 #3038 +- dep(nopt): 5 -> 6.0.0 #3076 +- dep(haraka-plugin-fcrdns): 1.0.3 -> 1.1.0 #3076 +- dep(haraka-plugin-redis): 1.0 -> 2.0 #3038 - dep(nodemailer): 6.7.0 to 6.7.2 #3000, #3004 - dep: add explicit dependency on node-gyp 9 - ci: github action tweaks #3047 @@ -230,14 +228,13 @@ - uribl: timeout DNS 1 second before plugin, #3077 - uribl: load .ini config to plugin.cfg, add basic tests #3077 +### 2.8.28 - 2021-10-14 -## 2.8.28 - 2021-10-14 - -### Changes +#### Changes - breaking: dkim.js has changed the constructor opts - tls_socket: more flexible pem file parsing #2986 - - move bad certs into different directory, avoid test suite noise + - move bad certs into different directory, avoid test suite noise - added ability to define a default relay in relay_dest_domains - spamassassin: replace msg_too_big & should_check with should_skip #2972 - spamassassin: allow returning DENYSOFT on errors #2967 @@ -248,9 +245,9 @@ - dep: redis is now a dependency #2896 - use address-rfc2821 2.0.0 - http: use CDN for bootstrap/jquery, drop bower #2891 -- drop support for node 10 #2890 +- drop support for node 10 #2890 -### New features +#### New features - tls: require secure and verified sockets for configured hosts/domains - DKIM plugin has got a couple of config options now @@ -259,7 +256,7 @@ - skip plugins at runtime by pushing name into transaction.skip_plugins #2966 - outbound: add ability to specify delay times for temporary fails in `temp_fail_intervals` #2969 -### Fixes +#### Fixes - bounce: correctly set fail recipients #2901 - bounce: correctly set bounce recipients #2899 @@ -268,10 +265,9 @@ - use RFC-2045 Quoted-Printable in email message body - use RFC-2047 Q encoded-words in email headers +### 2.8.27 - 2021-01-05 -## 2.8.27 - 2021-01-05 - -### Changes +#### Changes - bump verions of several dependencies #2888 - propagate hmail notes to split copies #2887 @@ -280,1221 +276,1279 @@ - strip _haraka-plugin-_ prefixes off plugin names in config/plugins #2873 - pass smtp.ini config from Server into connections & transactions #2872 -### New features +#### New features - add ability to disable SMTPUTF8 advertisement #2866 -### Fixes +#### Fixes - assure headers.max_lines is initialized as integer #2878 -- require haraka-net-utils >= 1.2.2 #2876 - - -## 2.8.26 - 2020-11-18 - -### Changes - -* add config options for OAR & AR headers #2855 -* plugins.js: also strip haraka-plugin prefix from plugin.name #2846 -* smtp_forward/spamssassin: grab refs of conn/txn to avoid crashes due to lack of existence. #2847 -* outbound: add extended reason to bounce message #2843 -* hgrep: replaced perl script with shell script #2842 -* connection: send temp error when requested #2841 -* headers: updated deprecated messages #2845 -* hmail: socket.on -> socket.once #2838 -* hmail: check for zero length queue file #2835 -* outbound: add os.hostname() as default for outbound HELO #2813 -* use node v10's mkdir instead of mkdirp #2797 -* CI: drop appveyor and Travis #2784 -* lint: add 'prefer-template' -* update async to version 3.2.0 #2764 -* update redis to version 3.0.0 #2759 -* remove deprecated max_unrecognized_commands from config #2755 -* CI: add ES2017 support, drop node 8 #2740 -* fix broken bannering on nested mime parts #2736 -* restore TLS version info, set correctly #2723 -* better error message when invalid HELO hostname is rejected -* bring STARTTLS "TLS NO-GO" feature in line with Outbound's #2792 -* add listener for secureConnect #2828 -* removed plugins/data.headers to haraka-plugin-headers #2826 -* add zero-length queue size check -* send temp instead of hard error when asked to by `unrecognized_command` - -### New features - -* Allow web interface to be bound to unix socket #2768 -* tls: add configurable minVersion to tls socket options #2738 -* connection_close_message: added ability to override close connection message replacing `closing connection. Have a jolly good day.` #2730 -* add JSON format for logging #2739 -* support binding web interface to unix socket - -### Fixes - -* check for punycode domain names when resolving MX, avoid crash #2861 -* wait until entire message is spooled when spool_after in use #2840 -* hmail: add missing space in temp_fail emitter #2837 -* fix outbound config reloading after outbound split #2802 -* smtp_forward: remove redundant outbound hook #2796 -* smtp_forward: this plugin does not use the queue_outbound hook anymore #2795 -* Fix connection pool not being unique when hosts and ports were equal between domains #2789 -* fix connection pool not being unique when hosts and ports were equal between domains #2788 -* Fix outbound.bounce_message To: header (and add Auto-Submitted) #2782 -* Fix support for DKIM signing when forwarding and aliasing is enabled #2776 -* Better error message when EHLO hostname does not have a dot #2775 -* fix bannering on nested mime parts #2737 -* TLS: don't abort loading certs in config/tls dir when an error is encountered. Process every cert file and then emit errors. #2729 -* restore TLS version, correctly #2723 - - -## 2.8.25 - 2019-10-11 - -### Changes - -* conn: remove TLS version from header #2648 -* Actually enforce using key for INTERNALCMD #2643 -* trans: assign conditions to named vars #2638 -* drop node.js v6 support #2632 -* conn: use is_local instead of localhost addr tests #2627 -* spamassassin: spamassassin: strip useless WS from tests #2624 -* es6: many updates #2615, #2674, #2680 -* systemctl: update service definition #2612 -* lint: bracket style to match newer eslint:recommended #2680 -* lint: use object shorthands (eslint:recommended) #2680 -* logger: use safer Object.prototype.hasOwnProperty #2680 -* outbound: permit # char in SMTP status code response #2689 -* dkim_sign: improve docs, add tests, es6 updates #2649 -* dkim_sign: restore default key signing feature #2649 -* tmp module: update to latest #2614 -* semver: update to latest #2616, #2651 -* async: update to latest #2653, #2664 -* repo cleanup: replaced deprecated plugins with list #2681 -* spf: es6 patterns, results.pass, test improvements, es6 patterns #2700 - -### New features - -* spf: add config option to fail on NONE #2644 - -### Fixes - -* mailheader: fully quality header name in _remove_more #2647 -* haraka: Connection.createConnection is not a constructor #2618 -* problems with japanese characters in body and part header #2675 -* toobusy: fix hook name (connect_pre -> connect) #2672 -* outbound: watch for socket timeouts #2687 -* outbound: permit # char prefix in SMTP status code response #2691 -* mailheader: strip whitespace between encoded-words #2702 - - -## 2.8.24 - Mar 12, 2019 - -### Changes - -* early_talker: skip if sender has good karma #2551 -* dockerfile: update to node 10 #2552 -* Update deprecated usages of Buffer #2553 -* early_talker: extend reasons to skip checking #2564 -* tls: add 'ca' option (for CA root file) #2571 -* outbound: little cleanups #2572 -* smtp_client: pass pool_timeout to new SMTPClient #2574 -* server: default to nodes=1 (was undefined) #2573 -* test/server: use IPv4 127.0.0.1 instead of localhost #2584 -* queue/smtp_*: add v3 upgrade notice and config setting #2585 -* spf: use the skip config for helo/ehlo checks #2587 -* spf: avoid 2nd EHLO evaluation if EHLO host is identical #2592 -* queue.js refactoring #2593 -* Log dkim_sign parse errors with connection ID #2596 -* Update ipaddr.js to the latest version #2599 -* make inactivity timeout match docs #2607 - -### New Features - -* Implement SIGTERM graceful shutdown if pid is 1 #2547 -* tls: require validated certs on some ports with requireAuthorized #2554 -* spamassassin: disable checks when requested #2564 -* clamd: permit skipping for relay clients #2564 -* outbound: exported outbound.temp_fail_queue, outbound.delivery_queue and add TimerQueue.discard() -* status: new plugin #2577 - -### Fixes - -* mf.resolvable: reduce timeout by one second (so < plugin.timeout) #2544 -* LMTP blocks under stress #2556 -* invalid DKIM when empty body #2410 -* prevent running callback multiple times on TLS unix socket #2509 -* add missing callback when listing queue and empty directory -* correct MIME parsing when charset: utf8 and encoding: 8bit #2582 -* spamassassin: default check flags to true #2583 -* smtp_client: destroy when connection gets conn timeout error #2604 -* on error and timeout, remove listeners and destroy conn. #2606 - - -## 2.8.23 - Nov 18, 2018 - -### Changes - -* tighten Haraka pattern in .gitignore #2542 - - -## 2.8.22 - Nov 17, 2018 - -### New Features - -* enable tls/ssl for rabbitmq amqplib plugin #2518 - -### Fixes - -* hmail: don't send RSET to LMTP #2530 - -### Changes - -* clamd: add check.authenticated, check.private_ip, check.local_ip option -* use get_decoded on headers that may be encoded #2537 -* connection: move max_mime_part config load to connection init #2528 -* outbound: init TLS when we send email, not when old queue file is loaded #2503 - -### Changes - -* relay: update port 465 doc #2522 -* hmail: log the correct err message #2531 -* ob/tls: consistently use obtls (vs plugin) for "this" name #2524 -* outbound: add domain to loginfo message #2523 -* Add connection.remote.is_local #2532 -* update license #2525 -* perf: move max_mime_parts config load to connection init #2529 -* update semver to version 5.6.0 #2517 -* added hint to encrypted file authentication #2514 -* dkim_sign: improved log messages #2499 -* ehlo_hello_message: config/ehlo_hello_message can be used to overwrite the EHLO/HELO msg replacing `, Haraka is at your service` #2498 -* connection: add connection.remote.is_local flag for detecting loopback and link local IPs -* add .name to outbound TLS for logs #2492 - -## 2.8.21 - Jul 20, 2018 - -### New Features - -* outbound: skip STARTTLS after remote host fails TLS upgrade #2429 -* dns_list_base: introduce global plugin.lookback_is_rejected flag #2422 - -### Fixes - -* replace all _ chars in hostnames with code points #2485 -* Don't die on invalid commands #2481 -* outbound: check list exists before attempting to use it #2478 - * refactor outbound/hmail.process_ehlo_data #2488 -* tls: skip when redis is undefined #2472 -* Don't run delivered hook on LMTP fail #2470 -* Add tls_socket.load_tls_ini() to tls.register() #2465 - -### Changes - -* outbound/tls: make into a class #2474 -* plugins: clear timeout on cancel #2477 -* txn.parse_body consistently a boolean #2476 -* update ipaddr.js to version 1.8.0 #2468 - - -## 2.8.20 - Jun 29, 2018 - -* New Features - * n/a -* Fixes - * data_headers: check defined-ness of hdr_address *after* try/catch #2458 - * tls: remove tls.ini loading from plugins/tls #2459 - * tls: remove invalid opt from load_tls_ini #2456 - * outbound: escape values in HTML bounce correctly #2446 - * dkim_sign: catch exceptions when address-rfc2822 fails to parse From #2457 -* Changes - * logger: Add "obj" log param to log hook that contains log data by type #2425 - * logger: include outbound client ID in logging #2425 - * logger: allow specifying uuid in params when logging #2425 - -## 2.8.19 - Jun 26, 2018 - -* New features - * outbound: received_header=disabled supresses outbound Received header addition. #2409 - * auth_base.js: `check_plain_passwd` and `check_cram_md5_passwd` can now pass `message` and `code` to callback routine - * spf: allow bypass for relay and AUTH clients #2417 - * spf: optionally add OpenSPF help text to rejection #2417 - * auth_base: prevent storing of AUTH password in connection.notes.auth_passwd by setting plugin.blackout_password. #2421 -* Fixes - * Mitigate MIME part explosion attack #2447 - * Always prefix ClamAV with a Received header #2407 - * plugins/data.headers.js: wrap address-rfc2822 header parse into try block #2373 - * tls_socket: as client, only apply TLS opts if config is valid #2414 - * when installing, creates config/me if missing #2413 - * queue/qmail-queue: fix a 2nd crash bug when client disconnects unexpectedly #2360 - * remove desconstruction of SMTP commands to prevent exception #2398 - * attstream: return self so that pipe() calls can be chained together. #2424 - * outbound: fix dotfile cleanup to consider platform-based prefix. #2395 - * outbound: fix handling of LMTP socket when a socket path is specified. #2376 -* Changes - * relay: move relay acl check to connect_init so flag is set earlier #2442 - * process\_title: add total recipients, avg rcpts/msg, recipients/sec cur/avg/max and messages/conn #2389 - * when relaying is set in a transaction, don't persist beyond the transaction #2393 - * connection.set supports dot delimited path syntax #2390 - * remove deprecated (since 2.8.16) ./dsn.js - * Add transaction.msg_status property that reflects message status. #2427 - * Add transaction.notes.proxy object that hold HAProxy details. #2427 - * spamassassin: make relay header configurable. #2418 - * deprecate max_unrecognized_commands plugin in favor of limit. #2402 - * xclient: add support for DESTADDR/DESTPORT. #2396 - -## 2.8.18 - Mar 8, 2018 - -* New features - * smtp_forward: domain configuration is now chosen based on domain_selector #2346 -* Fixes - * queue/qmail-queue: fix crash bug when client disconnects unexpectedly #2360 - * tls: fix crash bug in `unrecognized_command` hook - * `dkim_key_gen.sh`: improve usability and parameter parsing #2355 -* Changes - * document `force_shutdown_timeout` and `graceful_shutdown` settings #2350 - -## 2.8.17 - Feb 16, 2017 - -* New Features - * SMTPS port is configurable #2269 - * smtp_forward: enable_outbound can be set per domain #2335 -* Fixes - * Fix ability to set log level to emerg #2128 - * outbound/hmail: use Buffer to correctly read binary file data + tests #2231 - * quarantine: consolidate 2x hook_init_master functions - * tls_socket: restore SNI functionality, emit count of TLS certs #2293 - * fix smtp_client error handling #2298 - * fix outbound pools #2317 - * add openssl-wrapper as dependency #2320 - * replace _ chars in hostnames with code points #2324 - * add this.removeAllListeners('connection-error') #2323 - * Fix crashing on RSET #2328 - * Prevent data headers crit fail #2329 - * Fix undefined max_lines in log message #2337 -* Changes - * line_socket: remove superfluous function #2339 - * consistent end of function declaration semicolon #2336 - * connection: assure hostname is set #2338 - * smtp_client: Fix log message typo #2334 - * Update ipaddr.js to version 1.6.0 #2333 - * Warn on max_header_lines #2331 - * update jquery version #2322 - * plugins: add SRS plugin to registry #2318 - * tls_socket: only generate dhparam.pem on master process #2313 - * add ENOTFOUND to also check A record #2310 - * smtp_forward: correct config file name in docs #2309 - * reduce severity of iconv conversion failure #2307 - * Add txn UUID to "250 Message Queued" #2305 - * mailheader: reduce log level priority #2299 - * greylist: only log redis DB errors when exist #2295 - * data.headers: reduce undef MLM logerror to logdebug #2294 - * quarantine: consolidate 2x hook_init_master() #2292 - * move test_queue to queue/test #2291 - * in haraka plugin test mode, add server.notes #2248 - * outbound/hmail: refactor #2238 - * outbound/hmail: add JSON sanity test before JSON.parse #2231 - * outbound/index: use newer Buffer.from syntax #2231 - * outbound/hmail: make haraka queue files human friendly #2231 - * plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 - * plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 - * plugins/smtp_forward: enable_outbound can be enabled/disabled for specific domains - * auth_proxy: read TLS key and cert files from tls.ini #2212 - * README: typo fixes #2210 - * incorrect RCPT TO reply message #2227 - * Resolve decoding bug when root part is base64 encoded. #2204 - * Resolve base64 data truncation #2188 - * Fix damaged encoding when body is non-utf #2187 - * Fix disconnect hooks #2184 - * ability to set log level to emerg #2128 - * Improve docs for `Address` objects #2224 - * connection: replace 3x ternaries with get_remote() #2169 - * connection.local.host populated with hostname (from config/me) #2165 - * connection.local.info populated with Haraka/version #2196 - * npm packaged plugins: - * plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 - * plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 - * plugins/graph -> haraka-plugin-graph #2185 - * config: replace ./config.js with haraka-config #2119 - * Replace concatenated strings with template literals (#2129) in: - * attachment #2260 - * bin/spf #2129 - * bin/dkimverify #2278 - * connection #2129, #2243 - * delay_deny #2264 - * dkim #2216 - * dsn #2265 - * host_pool #2198, #2245 - * logger #2277, #2246 - * mailbody #2280 - * max_unrecognised_commands #2171 - * outbound/hmail #2259 - * outbound/index #2249 - * outbound/todo #2233 - * plugins #2239 - * plugins/aliases #2229 - * plugins/attachment #2155 - * plugins/auth_base #2252 - * plugins/avg #2156 - * plugins/backscatterer #2261 - * plugins/bounce #2229 - * plugins/clamd #2237 - * plugins/connect.rdns_access #2262 - * plugins/data.headers #2263 - * plugins/data.uribl #2258 - * plugins/helo.checks #2255 - * plugins/rcpt_to.in_host_list #2253 - * plugins/spamassassin #2256 - * plugins/profile #2170 - * plugins/rcpt_to.host_list_base #2254 - * plugins/relay #2174 - * plugins/relay_acl #2177 - * plugins/spf #2266 - * plugins/toobusy #2186 - * plugins/xclient #2159 - * rfc1869 #2159 - * smtp_client #2129, #2208 - * tests/host_pool #2159 - * use es6 destructuring (#2075) in: - * connection #2230 - * dkim #2232 - * use es6 classes (#2133) in: - * attachment #2260 - * attachment_stream #2215 - * chunkemitter #2219 - * dkim #2206 - * dsn #2247 - * host_pool #2194 - * mailheader #2213 - * mailbody #2213 - * smtp_client #2221 - * spf #2214 - * tls_socket #2190 - * timer_queue #2226 - * outbound/hmail #2197 - * outbound/todo #2233 - * Automatically set connection.remote.is_private when connection.remote.ip is set #2192 - * Add remove_msgid and remove_date options to outbound.send_email #2209 - * Add origin option to outbound.send_mail #2314 - - -## 2.8.16 - Sep 30, 2017 - -* Changes - * additional tests get var -> const/let medicine #2122 - * move connection states into haraka-constants #2121 - * lint: remove useless escapes #2117 - * lint: switch no-var to error #2109 - * rspamd: repackaged as NPM module #2106 - * dsn: repackaged as NPM module haraka-dsn #2105 - * outbound: add results when queueing #2103 - * spamassassin: skip adding headers when value is empty #2102 - * Replace console.log with stdout #2100 - * update js-yaml to version 3.10.0 #2097 - * repackage p0f plugin to NPM #2076 - * ES6: replace var with const or let #2073 - -* New Features - * Bounces can have an HTML part #2091 -* Fixes - * daemon cwd #2126 - * updated fcrdns plugin name passed to results #2115 - * tls: only apply default key/cert paths when undefined #2111 - * dkim_verify: fix formatting of auth results #2107 - * smtp_forward: consistently use queue.wants #2107 - * haraka was adding TLS header on non-TLS connection #2103 - * dkim typo fix #2101 - * fix rfc2231 parsing code to cope with continuation #2089 - -## 2.8.15 - Sep 10, 2017 - -* Changes - * Permit log settings to be set w/o LOG prefix #2057 - * additional results storing in smtp_forward and quarantine #2067 - * publish p0f plugin to NPM #2076 - * smtp_forward stores queue note at queue.wants #2083 - * Remove unused folders from installation #2088 - * smtp_forward stores queue note at queue.wants #2083 - * add get/set to conn/txn.notes #2082 - * additional results storing in smtp_forward and quarantine #2067 - * Permit log settings to be set w/o LOG prefix #2057 - * support INFO *and* LOGINFO as config settings #2056 - * log.ini, new default location for log related settings #2054 - * dcc: replace with npm packaged version #2052 - * qmd: replace rcpt_to.qmail_deliverable with npm #2051 - * rspamd: pass SPF evaluation #2050 - * add logfmt support #2047 - * update ipaddr.js to version 1.5.0 #2037 - * update redis to version 2.8.0 #2033 - * disable graceful for SIGTERM #2028 - * add additional integration tests #2026 - * move most npm packaged plugins into optionalDependencies #2023 -* New Features - * TLS certificate directory (config/tls) #2032 - * plugins can specify a queue plugin & next_hop route #2067 - * connection/transaction notes now have get/set #2082 -* Fixes - * haraka cli will now create folders if they don't exist #2088 - * maybe fix for #1852 503 response #2064 - * crash when 'AUTH LOGIN' is sent after a successful auth #2039 - * docs: fixed swaks test command #2034 - * dkim: prevent dkim_verify from causing 'cannot pipe' #1693 - -## 2.8.14 - Jul 26, 2017 - -* Changes - * Fix auth plugin failure when re-selecting auth method #2000 - * don't crash Haraka when invalid YAML config encountered #2013 - * update semver to version 5.4.0 #2015 - * relay docs: correct the config file name #2012 - * rename config/xclient.hosts to match plugin & docs #2014 - * build_todo() is part of the outbound/index.js api #2016 - * update js-yaml to version 3.9.0 #2002 - * outbound/hmail: use WRITE_EXCL from haraka-constants #2011 - * replace plugins/log.elasticsearch with npm packaged #2004 - * Remove two spurious log statements #1989 - * access: rebuild blacklist upon change (vs supplement) #1990 - * deliver to qmail-queue with LF line endings (not CRLF) #1997 - * doc: add note that smtp_forward only supports STARTTLS #1988 - * import Plugins.md from v3 #1991 - * update async to 2.5.0 #1982 - * update iconv to 2.3.0 #1981 - * require node.js v6+ #1958 - * update ipaddr.js to 1.4.0 #1972 - * support newer address-rfc2822 #1970 - * update node-address-rfc2821 version to 1.1.1 #1968 - * outbound: be consistent with todo.domain #1960 - * bump haraka-results required version #1949 - * logger: load in a setImmediate call #1948 - * logger: strip intermediate \n chars #1947 - * tls consistency cleanups #1851 - * Get pool config handling simplifcation #1868 - * add integration test: send message w/smtp_client - * replace some legacy code with es6 #1862 - * update async to version 2.2.0 #1863 - * update ipaddr.js to version 1.3.0 #1857 - * update redis to version 2.7.0 #1854 - * assure conn/tran still exists before storing results #1849 - * moved tls.ini parsing to net_utils #1848 - * smtp forward dest split routing #1847 - * rspamd: refactor complex condition into function #1840 - * block js attachments #1837 - * helo.checks: bring plugin into alignment with docs #1833 - * when proxy enabled, update remote.is_private too #1811 - * create an outbound queue filename handler #1792 - * replace fcrdns with npm package #1810 - * add an additional node_modules plugin search path #1805 - * Set graceful shutdown off by default #1927 - * Allow outbound pools to be disabled #1917 - * Outbound split and move into folder #1850 - * don't emit binary characters into the logs #1902 - * Add .editorconfig #1884 - * tls: remove interim variables #1871 -* New Features - * Use punycode domain (support SMTPUTF8) #1944 - * Added RabbitMQ vhost support #1866 - * clamav: allow "Unknown Result" and Socket Error to try next host #1931 - * outbound client certificates #1908 - * Implement the missing upgrade method on SMTPClient #1901 - * Remove typo from relay.md #1886 -* Fixes - * outbound: fix queue not loaded for single process #1941 - * outbound: Fix undefined variable platformDOT in hmail.js #1943 - * outbound: fix undefined FsyncWriteStream var #1953 - * Fix cluster messaging for node v6+ #1938 - * outbound: fix loading under cluster. #1934 - * Check pool exists before delete #1937 - * be more strict in attachment filename matching #1957 - * doc typo fix #1963 - * RabbitMQ: fix encoding of user and password string #1964 - * spf: improve modifier regexp #1859 - * rabbitmq doc typo in config file name #1865 - * URL to manual was 404, point to Plugins.md #1844 - * smtp_client: set idleTimeout to 1s < pool_timeout #1842 - * fix broken continuations #1843 - * doc error for the 'check.authenticated' setting in rspamd plugin #1834 - * emit _the_ result, not all of them #1829 - * fix outbound logger #1827 - * fix forwarding with client auth over TLS (forward to gmail) #1803 - * Don't blow the stack on qstat #1930 - * run dumped logs through log plugins, not console #1929 - * Fix path parsing bug on Windows platform #1919 - * helo: make sure list_re is defined before access #1903 - * TLS: handle case where OCSP server is unavailable #1880 - * rspamd: add missing 'default' keyword #1856 - * disable naïve comment stripping #1876 - -## 2.8.13 - Feb 03, 2017 - -* Changes - * new [haraka-plugin-limit](https://github.com/haraka/haraka-plugin-limit) #1785 - * replaces plugin/limit, plugin/rate_limit, and haraka-plugin-outbound-rate-limit - * p0f: skip on private IPs (normally empty) #1758 - * spf: skip for outbound when context != myself #1763 - * redis: plugins using redis can inherit redis config #1777 - * redis: replace plugins/redis with haraka-plugin-redis #1786 - * lint: require space before function declaration #1784 - * lint: added eslint:recommended #1790 - * logger: remove logger.colorize code for legacy node versions -* New Features - * redis: add `redis_subscribe_pattern()` #1766 - * queue/discard: add ENV that permits discarding #1791 -* Improvements - * rspamd: improve response parsing #1770 - * restore Windows testing to working state #1755 - * elasticsearch: use UTC dates for index creation #1771 - * tls: fix dhparam usage example syntax #1774 - * typo: logerr -> logerror #1776 - * when generating long DKIM keys, include a BIND compatible folded key #1775 - * in haraka-test-fixtures, access results via fixtures.results #1783 - * integration test: end to end server testing #1791 -* Bug Fixes - * spf: restore functionality for relay context=myself #1759 - * rate_limit:if incr creates a new record, assure it has a TTL #1781 - * tls: do not create a top level secureContext #1787 - * dnswl: swap lines to fix missing inherited methods #1793 - * dnswl: fix config loader callback syntax #1794 - * tests/plugins: unset process.env.HARAKA to avoid side effects that interfere with other tests - * remove auth_flat_file sample auth user #1796 - - -## 2.8.12 - Jan 03, 2017 - -* Changes - * plugin/karma -> npm packaged haraka-plugin-karma #1747 - * update generic-pool 2.4.2 -> 2.5.0 -* New Features - * Added option to bypass SpamAssassin headers' merge #1745 -* Improvements - * reduce severity of debug message #1744 - * fix misleading entries in config/tls.ini #1734 - * Misc. performance improvements #1738 - * set tls.sessionIdContext property (for Thunderbird compat) #1740 -* Bug Fixes - * Swap lines to avoid clobbering response array #1743 - - -## 2.8.11 - Nov 24, 2016 - -* Changes - * rename core_require to haraka_require #1708 - * move log.syslog to haraka-plugin-syslog #1698 - * remove tls.ini loading and is_no_tls_host to net_utils #1690 - * replace ./utils with npm packaged haraka-utils #1720 - * require node 4 - * karma: add .top TLD scoring #1714 - -* New Features - * Implement OCSP Stapling #1724 - -* Improvements - * show help for npm packaged plugins included in core #1698 - * use tls.connect for client #1682 - * bring port 465 SMTPS TLS config support on par with STARTTLS #1667 - * use tls.connect instead of createSecurePair #1678 - * redis: improve error handling in tests # - * replace / path seperators with path.\* for cross platform compat #1713 - -* Bug Fixes - * dkim_sign: per-domain key finding fixed #1707 - * Rspamd: restore spam report header #1702 - * auth/vpopmail: do not toString() when null #1695 - * fix outbound to avoid recursive reading key/cert after refactoring #1692 - * tls: fix option servername (not hostname) #1728 - * correct Auth-Results cleaning #1726 - * fix results for connection.remote_host and NXDOMAIN #1716 - - -## 2.8.10 - Oct 20, 2016 - -* Changes - * use standard npm syntax for lint and tests #1646 - * remove ./net_utils to haraka-net-utils #1644 - * remove incorrect and unused spf.hello_host #1635 - * remove rogue DENYSOFT copy-pasta error #1634 - * update async to v2 #1545 - * remove plugin/dir support from base haraka #1668 - * use node_modules_dir support instead - * use TLSSocket instead of createSecurePair #1672 - * refactor plugins/tls #1670 - * moved watch plugin to npm as haraka-plugin-watch #1657 - * normalize proxy properties #1650 - -* New Features - * added connection.remote.is_private boolean #1648 - * added additional TLS options (@typingArtist) #1651 - * added wildcard boolean support to config loader #1680 - * tls: allow multiple key and cert parameters for RSA+ECDSA #1663 - * permit specifying haraka plugins w/o haraka-plugin- prefix #1645 - * in config/plugins and resultstore - -* Improvements - * connection.geoip replaced by haraka-plugin-geoip #1645 - * connection.asn replaced by haraka-plugin-asn #1645 - * permit specifying npm packaged plugins w/o haraka-plugin prefix #1647 - * normalized connection properties #1547, #1577 - * Rspamd: fix spambar for negative scores #1630 - * set connection.remote.is_private early - * replace calls to net_utils with remote.is_private test - -* Bug Fixes - * Tidy-up graceful shutdown and fix for non-cluster mode #1639 - * Fix data.headers plugin crash #1641 - * Fix access plugin crash #1640 - * Minor DKIM fix #1642 - * do not set TLS timer if timeout=0 #1632 - * do not overwrite config/host_list on install #1637 - * correct smtp_forward cfg for multiple rcpts #1680 - * fix TLS timeout errors #1665 - - -## 2.8.9 - Oct 02, 2016 - -* Changes - -* New Features - * Support outbound.pool_timeout of 0 to effectively disable pooling. #1561 - * Added never_add_headers option to rspamd plugin. #1562 - * rcpt_to.routes URI format w/ LMTP support #1568 - -* Improvements - * The delay_deny plugin now has a whitelist mode (vs blacklist). #1564 - * Don't show the private key in logs for dkim_sign. #1565 - * update geoip for compat with newer ES (#1622) - * drop node 0.10 testing / official support (#1621) - * watch plugin displays UUIDs as URL (#1624) - * Catch errors on header decode in rfc2231 #1599 - * Attachment plugin updates (#1606) - * add outbound.ini pool_timeout example setting #1584 - -* Bug Fixes - * Fixed some small documentation issues. #1573, #1616, #1612 - * Fixed AUTH PLAIN when it spreads over two lines. #1550 - * Fixed dkim_verify calling next() too soon. #1566 - * Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572 - * outbound issues #1615, #1603 - * Fixed adding/removing headers in rspamd plugin. #1562 - * Fixed process_title not shutting down. #1560 - * fix a spurious error emitted by p0f (#1623) - * fix header version hiding (#1617) - * messagestream returns destination (#1610) - * plugins.getdenyfn now passed 3rd params arg (#1591) - * Fix scope of spf logdebug (#1598) - * fix rabbitmq deliveryMode bug (#1594) - * fix dkim_sign TypeError with null mail_from.host (#1592) - * fix dkim_sign attempting to lower an undefined (#1587) - -## 2.8.8 - Jul 20, 2016 - -* Changes - * removed UPGRADE.doc to [wiki](https://github.com/haraka/Haraka/wiki/Upgrade-Haraka) - -* Improvements - * support + wildcard in aliases plugin #1531 - * Support dkim_sign with outbound.send_email() #1512 - * spf: always check remote IP, then public IP if != pass #1528 - * spf: diplay IP used for SPF eval #1528 - -* Bug Fixes - * handle missing wss section in http.ini #1542 - * fix leak on socket write error #1541 - * add results property to outbound transaction #1535 - * don't unref unref'd wss server #1521 - -## 2.8.7 - Jun 18, 2016 - -* Changes - * Fix geoip test - -* Improvements - * Allow alias plugin to explode to a list of aliases - * Support IPv6 literals in HELO tests (#1507 thanks @gramakri) - * Make ldap plugin use the modified address if a rcpt hook - changes it (#1501 thanks @darkpixel) - -* Bug Fixes - * Fix loading plugins as npm modules (#1513) - * More DKIM fixes (#1506 thanks @zllovesuki) - * Fix the long failing host-pool-timer test (#1508) - * Fix clean shutdown of redis with new shutdown code - (#1504 and #1502 thanks @darkpixel) - * More fixes to clean shutdown (#1503) - -## 2.8.6 - Jun 06, 2016 - -* Bug Fixes - * Fix loading under Node v4 which sends a blank message - * Fix quit (SIGINT) when running without nodes= - -## 2.8.5 - Jun 04, 2016 - -* Changes - * The connection object is now passed to `get_plain_passwd`. Older - modules should continue to work as-is. - * The reseed_rng plugin now just uses the Crypto module from core. - Though it seems this plugin should be irrelevant with newer versions - of node.js - -* New Features - * Outbound mail now uses pooled connections, only sending a `QUIT` - message if the connection has been idle for a while. - -* Improvements - * Shut down and reload (via `haraka -c --graceful`) is now - graceful - allowing current connections to finish and plugins - to clean up before ending. - -* Bug Fixes - * Bind maxmind version to ignore API change (#1492) - * Fix encodings when banners are used (#1477) - * Various DKIM fixes (#1495) - -## 2.8.4 - May 24, 2016 - -* Bug Fixes - * Fix plugin loading override when installed (#1471) - -## 2.8.3 - May 18, 2016 - -* Bug Fixes - * Fix config overriding for core modules (#1468) - -## 2.8.2 - May 17, 2016 - -* Changes - * Added Node v6 to travis tests - -* New Features - * Added bin/haraka --qunstick to flush all mails - for that domain (#1460) - -* Improvements - * Make bin/haraka --qlist show much more information (#1452) - * Allow CIDR ranges in no_tls_hosts (#1450) - -* Bug Fixes - * 2.8.0 was shipped with a broken config/plugins. (#1453) - * Stop haraka dying when ldap connections fail (#1456) - * Pick up domain specific config correctly in ldap (#1456) - -## 2.8.0 - May 06, 2016 - -* Changes - * updated dependency versions (#1426, #1425) - * use utf8 encoding for body filters (#1429) - * remove spameatingmonkey from tests (#1421) - * replace ./constants.js with haraka-constants (#1353) - * Document HMail and TODO items (#1343) - * Copy only a minimal config/\* by default (#1341). - * cfreader/\* removed to haraka/haraka-config (#1350) - * outbound and smtp_client honor tls.ini settings (#1350) - * outbound TLS defaults to enabled - * lint: remove all unused variables (#1358) - * replace ./address.js with address-rfc2181 (#1359) - -* New Features - * smtp_forward: accepts a list of backend hosts, thanks @kgeoss (#1333) - * config: add array[] syntax to INI files (#1345) - * plugins.js: support require('./config') in plugins - * Load plugin config from own folder and merge (#1335) - * Allow original email's Subject to be included in bounce message (#1337) - * new queue/smtp_bridge plugin, thanks @jesucarr (#1351) - -* Improvements - * early_talker: supports IP whitelisting (#1423) - * loading plugins as packages (#1278) - * removed TLD stuff to haraka/haraka-tld (#1301) - * removed unused 'require('redis') in plugins/karma (#1348) - * improved MIME header support per rfc2231 (#1344) - * tls options can be defined for outbound and smtp\_\* (#1357) - * explicitly disable SSLv2 (#1395) - * cache STUN results - * xclient plugin improvements (#1405) - * tls: Set verify=NO correctly when no certificate presented (#1400) - * improved message header decoding (#1403, #1406) - * bounce: skip single_recipient check for relays/private_ips (#1385) - * rspamd docs: Clarify usage of check.private_ip (#1383) - * if rcpt_to returns DSN in msg, log it properly (#1375) - -* Bug Fixes - * fix out-of-range errors from banner insertion (#1334) - * dkim_verify: Call next only after message_stream ended (#1330) - * outbound: remove type check from pid match (#1322) - * lint: enable no-shadown and remove all shadow variables (#1349) - * spf: fix log_debug syntax (#1416) - * auto_proxy: fix a starttls loop (#1392) - * fcrdns: corrected err variable name (#1391) - * rspamd: Fix undefined variable (#1396) - * dkim_verify: Fix header handling (#1371) - * smtp_client: fix remote_ip (#1362) - - -## 2.7.3 - Feb 04, 2016 - -* Changes - * smtp_proxy & qmail-queue: default to enabled for outbound deliveries - (previously used Outbound), to better matches user expectations. - -* New Features - * outbound: allow passing notes to send_email (#1295) - -* Improvements - * logging: emit log message queue before shutting down (#1296) - * result_store: permit redis pub/sub to work when host != localhost (#1277) - * tests: quiet the extremely verbose messages (#1282) - * rspamd: add timeout error handling (#1276) - * watch: fix display of early_talker results (#1281) - * spamassassin: publish results to result_store (#1280) - * karma: can now connect to redis on hosts other than localhost (#1275) - * geoip & p0f: don't log empty/null values from RFC 1918 connects (#1267) - * redis: make plugin params match docs (#1273) - * mailbody: small refactoring (#1315) - * smtp_proxy & qmail-queue: default to enabled for outbound (#1308) - -* Bug Fixes - * redis: use correct path for db.select (#1273) - * count errors correctly (#1274) - * logger: ignore null arguments (#1299) - * connection: pause for hook_reset_transaction (#1303) - * rcpt_to.routes: update redis usage for compat with redis plugin (#1302) - * smtp_forward: use correct config path to auth settings (#1327) - * messagestream: correctly pass options parameter to get_data (#1316) - * spf: honour configuration for mfrom scope (#1322) - * outbound: Add missing dash to 'Final-Recipient' header name (#1320) - - -## 2.7.2 - Dec 15, 2015 - -* Bug Fixes - * Revert a change that broke plugin loading - - -## 2.7.1 - Dec 14, 2015 - -* New Features - * added debian init.d file (#1255) @slattery - -* Improvements - * smtp_forward auth settings now work (#430) - * better handling of broken messages (#1234) - * Docker: use latest Phusion image && stdout (#1238, #1239) - * Clean up plugin loading a tiny bit (#1242) - * make dkim keydir case insensitive (1251) - * ignore DNS errors that aren't errors (#1247) - * outbound doc updates (#1258) @Currerius - * outbound: return DENYSOFT on queue error (#1264) - * smtp_client: if enable_tls is set and TLS files missing, warn (#1266) - -* Bug Fixes - * Don't sent empty headers to rspamd (#1230) - * Fix auth_base.js key need to be a string - number.toString() (#1228) - * fix bug with empty charset= on mime parts … (#1225) - * Fix "passwd" check crash with numeric password. (#1254) - * result_store: show arrays when not empty (#1261) - - -## 2.7.0 - Oct 07, 2015 - -* New Features - * SPF bounce check - * rspamd plugin (@fatalbanana) - * watch plugin - * limit plugin (connection concurrency, errors, unrecognized commands) - * plugins can now be npm packages (see also #946) - * built-in HTTP server (Express backed) - * ESETS AV plugin - * DCC plugin (incomplete) - * Add LOGIN support to XCLIENT - * backscatterer plugin - * full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus) - * Early talker #1075 (@smfreegard, @msimerson) - * permit loading of plugins in node_modules #1056 (@msimerson) - -* Improvements - * Fix anti_spoof by use config #1171 - * Add license clause #1170 - * package.json dependencies and travis update #1147, #1168 (@Dexus) - * logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus) - * aliases: support for email, user and host aliases #1149 (@Dexus) - * add docs for use private key with TLS #1130 (@Dexus) - * outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus) - * plugin/attachment: block more attachment file types #1191 (@Dexus) - * remove double functions #1126 (@Dexus) - * Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz) - * toobusy: only run checks if toobusy.js installed and loads - * HAProxy: set local_ip, local_port and remote_port - * save auth pass/fail/user to result_store - * ini files no longer require values (useful for storing lists) - * connection: add MAIL and RCPT to results - * results_store: enable 'emit' feature for .push() - * add support for custom Outbound Received header value (@zombified) - * save smtp_forward result to result_store - * auth_base: permit a return message (@DarkSorrow) - * add DSN.create() and RFC 4954 support - * enhanced pipelining support - * added config/access.domains with some tips (@EyePulp) - * Add SSL detection over plain-text socket - * earlytalker: store results - * bounce: make it safe to check non_local_msgid - * AVG: store results, added defer options - * tls: change createCredentials to tls.createSecureContext (@DarkSorrow) - * update dependency versions (esp async 0.2.9 -> 1.0.0) - * ASN docs: add FTP download note for routeviews - * karma: removed concurrency limits (see limit plugin) and penalty feature - * added utils.elapsed() - * deny message includes hostname - * Add Fisher-Yates shuffle to randomize lookup order in data.uribl - * change default message size limit to 25mb - * auth_base: save auth results - * upgrade toobusy plugin to toobusy-js (@alexkavon) - * configfile: permit / char in ini keys - * added utils.node_min() - * added result_store.get_all() - * updated ubuntu upstart script - * plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185 - * Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz) - * make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty) - * Net_utils.get_ips_by_host #1160 (@msimerson) - * fcrdns: don't log error for ENODATA #1140 (@msimerson) - * improve MUA detection #1137 (@msimerson) - * tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson) - * karma: skip deny on outbound hooks #1100 (@msimerson) - * Store HAProxy IP in connection object #1097 (@smfreegard) - * Remove UUID from queued message #1092 (@smfreegard) - -* Bug Fixes - * fix windows build and test failures #1076 (@msimerson) - * Fix plugin ordering #1081 (@smfreegard) - * Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard) - * uribl: prevent calling next() more than 1x #1138 (@msimerson) - * Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty) - * Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz) - * TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard) - * Fix port to number instead of string for HAProxy #1108 (@DarkSorrow) - * Plugin dcc: fixed syntax error #1164 (@hatsebutz) - * config: fix flat files if \r\n lines #1187 (@Dexus) - * corrected hook_rcpt log code hook_rcpt_ok returns CONT - * fix crash bug when loglevel = LOGDEBUG - * corrected pathname in rcpt.ldap plugin (@abhas) - * added helo.checks boolean for proto_mismatch - * make rate_limit redis keys always expire @celesteking - * dkim_sign: Buffer.concat expects an array of buffers - * transaction: check discard_data before adding line end (@DarkSorrow) - * fix 8-bit msg not displayed properly in gmail - * fcrdns: always init results - * TLS timer on error - * dkim_verify: fixed timeout issue - * smtp\_[proxy|forward]: correct authentication example - * Fork child workers after init_master hook - * connection: return 450/550 for plugin DENY\* (was 452/552) - * spamassassin: don't call next() when transaction gone - * outbound: fix crash when sending bounce mail - * auth_base: fix bad protocol in auth_base.js #1121 (@Dexus) - * outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus) - * connection: Fix bug when client disconnect after sending data #1193 - * Fix connect.geoip bug #1144 (@smfreegard) - * Fix tiny bug in messagesniffer #1198 (@smfreegard) - -## 2.6.1 - Mar 27, 2015 - -* added sedation timers for config file re-reading -* Add AUTH support to outbound -* tests/spf: quiet excessive DEBUG noise -* allow domains with underscore -* correct name of domains config file in access -* Fix SMTP AUTH in smtp_forward/proxy and add docs -* Fix opts not being passed to HMailItem \_bounce function -* log.syslog will try strong-fork-syslog (for node 0.12 compat) -* improvements to Plugin docs -* rename net_utils.is_rfc1918 -> is_private_ip - * IPv6 compat - * test coverage - * add IPv6 unique local fc00::/7 -* pre-populated config/plugins -* added utils.extend, copies props onto objects - -## 2.6.0 - Feb 21, 2015 - -* other bug fixes -* updated a few tests so test suite passes on Windows -* log.syslog: handle failure to load node-syslog -* plugin directory is $ENV definable (@martin1yness) -* logging timestamps were static, fixed by @cloudbuy -* queue/rabbitmq_amqplib, new plugin for RabbitMQ using amqplib (@esevece) -* outbound: - * plugins can set the outbound IP (during get_mx) - * only replace line endings if not \r\n - * bannering fixes - * added support for per recipient routes -* tls: don't register hooks upless certs exist -* removed contrib/geolite-mirror-simple.pl (replaced by +- require haraka-net-utils >= 1.2.2 #2876 + +### 2.8.26 - 2020-11-18 + +#### Changes + +- add config options for OAR & AR headers #2855 +- plugins.js: also strip haraka-plugin prefix from plugin.name #2846 +- smtp_forward/spamssassin: grab refs of conn/txn to avoid crashes due to lack of existence. #2847 +- outbound: add extended reason to bounce message #2843 +- hgrep: replaced perl script with shell script #2842 +- connection: send temp error when requested #2841 +- headers: updated deprecated messages #2845 +- hmail: socket.on -> socket.once #2838 +- hmail: check for zero length queue file #2835 +- outbound: add os.hostname() as default for outbound HELO #2813 +- use node v10's mkdir instead of mkdirp #2797 +- CI: drop appveyor and Travis #2784 +- lint: add 'prefer-template' +- update async to version 3.2.0 #2764 +- update redis to version 3.0.0 #2759 +- remove deprecated max_unrecognized_commands from config #2755 +- CI: add ES2017 support, drop node 8 #2740 +- fix broken bannering on nested mime parts #2736 +- restore TLS version info, set correctly #2723 +- better error message when invalid HELO hostname is rejected +- bring STARTTLS "TLS NO-GO" feature in line with Outbound's #2792 +- add listener for secureConnect #2828 +- removed plugins/data.headers to haraka-plugin-headers #2826 +- add zero-length queue size check +- send temp instead of hard error when asked to by `unrecognized_command` + +#### New features + +- Allow web interface to be bound to unix socket #2768 +- tls: add configurable minVersion to tls socket options #2738 +- connection_close_message: added ability to override close connection message replacing `closing connection. Have a jolly good day.` #2730 +- add JSON format for logging #2739 +- support binding web interface to unix socket + +#### Fixes + +- check for punycode domain names when resolving MX, avoid crash #2861 +- wait until entire message is spooled when spool_after in use #2840 +- hmail: add missing space in temp_fail emitter #2837 +- fix outbound config reloading after outbound split #2802 +- smtp_forward: remove redundant outbound hook #2796 +- smtp_forward: this plugin does not use the queue_outbound hook anymore #2795 +- Fix connection pool not being unique when hosts and ports were equal between domains #2789 +- fix connection pool not being unique when hosts and ports were equal between domains #2788 +- Fix outbound.bounce_message To: header (and add Auto-Submitted) #2782 +- Fix support for DKIM signing when forwarding and aliasing is enabled #2776 +- Better error message when EHLO hostname does not have a dot #2775 +- fix bannering on nested mime parts #2737 +- TLS: don't abort loading certs in config/tls dir when an error is encountered. Process every cert file and then emit errors. #2729 +- restore TLS version, correctly #2723 + +### 2.8.25 - 2019-10-11 + +#### Changes + +- conn: remove TLS version from header #2648 +- Actually enforce using key for INTERNALCMD #2643 +- trans: assign conditions to named vars #2638 +- drop node.js v6 support #2632 +- conn: use is_local instead of localhost addr tests #2627 +- spamassassin: spamassassin: strip useless WS from tests #2624 +- es6: many updates #2615, #2674, #2680 +- systemctl: update service definition #2612 +- lint: bracket style to match newer eslint:recommended #2680 +- lint: use object shorthands (eslint:recommended) #2680 +- logger: use safer Object.prototype.hasOwnProperty #2680 +- outbound: permit # char in SMTP status code response #2689 +- dkim_sign: improve docs, add tests, es6 updates #2649 +- dkim_sign: restore default key signing feature #2649 +- tmp module: update to latest #2614 +- semver: update to latest #2616, #2651 +- async: update to latest #2653, #2664 +- repo cleanup: replaced deprecated plugins with list #2681 +- spf: es6 patterns, results.pass, test improvements, es6 patterns #2700 + +#### New features + +- spf: add config option to fail on NONE #2644 + +#### Fixes + +- mailheader: fully quality header name in \_remove_more #2647 +- haraka: Connection.createConnection is not a constructor #2618 +- problems with japanese characters in body and part header #2675 +- toobusy: fix hook name (connect_pre -> connect) #2672 +- outbound: watch for socket timeouts #2687 +- outbound: permit # char prefix in SMTP status code response #2691 +- mailheader: strip whitespace between encoded-words #2702 + +### 2.8.24 - Mar 12, 2019 + +#### Changes + +- early_talker: skip if sender has good karma #2551 +- dockerfile: update to node 10 #2552 +- Update deprecated usages of Buffer #2553 +- early_talker: extend reasons to skip checking #2564 +- tls: add 'ca' option (for CA root file) #2571 +- outbound: little cleanups #2572 +- smtp_client: pass pool_timeout to new SMTPClient #2574 +- server: default to nodes=1 (was undefined) #2573 +- test/server: use IPv4 127.0.0.1 instead of localhost #2584 +- queue/smtp_*: add v3 upgrade notice and config setting #2585 +- spf: use the skip config for helo/ehlo checks #2587 +- spf: avoid 2nd EHLO evaluation if EHLO host is identical #2592 +- queue.js refactoring #2593 +- Log dkim_sign parse errors with connection ID #2596 +- Update ipaddr.js to the latest version #2599 +- make inactivity timeout match docs #2607 + +#### New Features + +- Implement SIGTERM graceful shutdown if pid is 1 #2547 +- tls: require validated certs on some ports with requireAuthorized #2554 +- spamassassin: disable checks when requested #2564 +- clamd: permit skipping for relay clients #2564 +- outbound: exported outbound.temp_fail_queue, outbound.delivery_queue and add TimerQueue.discard() +- status: new plugin #2577 + +#### Fixes + +- mf.resolvable: reduce timeout by one second (so < plugin.timeout) #2544 +- LMTP blocks under stress #2556 +- invalid DKIM when empty body #2410 +- prevent running callback multiple times on TLS unix socket #2509 +- add missing callback when listing queue and empty directory +- correct MIME parsing when charset: utf8 and encoding: 8bit #2582 +- spamassassin: default check flags to true #2583 +- smtp_client: destroy when connection gets conn timeout error #2604 +- on error and timeout, remove listeners and destroy conn. #2606 + +### 2.8.23 - Nov 18, 2018 + +#### Changes + +- tighten Haraka pattern in .gitignore #2542 + +### 2.8.22 - Nov 17, 2018 + +#### New Features + +- enable tls/ssl for rabbitmq amqplib plugin #2518 + +#### Fixes + +- hmail: don't send RSET to LMTP #2530 + +#### Changes + +- clamd: add check.authenticated, check.private_ip, check.local_ip option +- use get_decoded on headers that may be encoded #2537 +- connection: move max_mime_part config load to connection init #2528 +- outbound: init TLS when we send email, not when old queue file is loaded #2503 +- relay: update port 465 doc #2522 +- hmail: log the correct err message #2531 +- ob/tls: consistently use obtls (vs plugin) for "this" name #2524 +- outbound: add domain to loginfo message #2523 +- Add connection.remote.is_local #2532 +- update license #2525 +- perf: move max_mime_parts config load to connection init #2529 +- update semver to version 5.6.0 #2517 +- added hint to encrypted file authentication #2514 +- dkim_sign: improved log messages #2499 +- ehlo_hello_message: config/ehlo_hello_message can be used to overwrite the EHLO/HELO msg replacing `, Haraka is at your service` #2498 +- connection: add connection.remote.is_local flag for detecting loopback and link local IPs +- add .name to outbound TLS for logs #2492 + +### 2.8.21 - Jul 20, 2018 + +#### New Features + +- outbound: skip STARTTLS after remote host fails TLS upgrade #2429 +- dns_list_base: introduce global plugin.lookback_is_rejected flag #2422 + +#### Fixes + +- replace all \_ chars in hostnames with code points #2485 +- Don't die on invalid commands #2481 +- outbound: check list exists before attempting to use it #2478 + - refactor outbound/hmail.process_ehlo_data #2488 +- tls: skip when redis is undefined #2472 +- Don't run delivered hook on LMTP fail #2470 +- Add tls_socket.load_tls_ini() to tls.register() #2465 + +#### Changes + +- outbound/tls: make into a class #2474 +- plugins: clear timeout on cancel #2477 +- txn.parse_body consistently a boolean #2476 +- update ipaddr.js to version 1.8.0 #2468 + +### 2.8.20 - Jun 29, 2018 + +#### Fixes + +- data_headers: check defined-ness of hdr_address _after_ try/catch #2458 +- tls: remove tls.ini loading from plugins/tls #2459 +- tls: remove invalid opt from load_tls_ini #2456 +- outbound: escape values in HTML bounce correctly #2446 +- dkim_sign: catch exceptions when address-rfc2822 fails to parse From #2457 + +#### Changes + +- logger: Add "obj" log param to log hook that contains log data by type #2425 +- logger: include outbound client ID in logging #2425 +- logger: allow specifying uuid in params when logging #2425 + +### 2.8.19 - Jun 26, 2018 + +#### New features + +- outbound: received_header=disabled supresses outbound Received header addition. #2409 +- auth_base.js: `check_plain_passwd` and `check_cram_md5_passwd` can now pass `message` and `code` to callback routine +- spf: allow bypass for relay and AUTH clients #2417 +- spf: optionally add OpenSPF help text to rejection #2417 +- auth_base: prevent storing of AUTH password in connection.notes.auth_passwd by setting plugin.blackout_password. #2421 + +#### Fixes + +- Mitigate MIME part explosion attack #2447 +- Always prefix ClamAV with a Received header #2407 +- plugins/data.headers.js: wrap address-rfc2822 header parse into try block #2373 +- tls_socket: as client, only apply TLS opts if config is valid #2414 +- when installing, creates config/me if missing #2413 +- queue/qmail-queue: fix a 2nd crash bug when client disconnects unexpectedly #2360 +- remove desconstruction of SMTP commands to prevent exception #2398 +- attstream: return self so that pipe() calls can be chained together. #2424 +- outbound: fix dotfile cleanup to consider platform-based prefix. #2395 +- outbound: fix handling of LMTP socket when a socket path is specified. #2376 + +#### Changes + +- relay: move relay acl check to connect_init so flag is set earlier #2442 +- process_title: add total recipients, avg rcpts/msg, recipients/sec cur/avg/max and messages/conn #2389 +- when relaying is set in a transaction, don't persist beyond the transaction #2393 +- connection.set supports dot delimited path syntax #2390 +- remove deprecated (since 2.8.16) ./dsn.js +- Add transaction.msg_status property that reflects message status. #2427 +- Add transaction.notes.proxy object that hold HAProxy details. #2427 +- spamassassin: make relay header configurable. #2418 +- deprecate max_unrecognized_commands plugin in favor of limit. #2402 +- xclient: add support for DESTADDR/DESTPORT. #2396 + +### 2.8.18 - Mar 8, 2018 + +#### New features + +- smtp_forward: domain configuration is now chosen based on domain_selector #2346 + +#### Fixes + +- queue/qmail-queue: fix crash bug when client disconnects unexpectedly #2360 +- tls: fix crash bug in `unrecognized_command` hook +- `dkim_key_gen.sh`: improve usability and parameter parsing #2355 + +#### Changes + +- document `force_shutdown_timeout` and `graceful_shutdown` settings #2350 + +### 2.8.17 - Feb 16, 2017 + +#### New Features + +- SMTPS port is configurable #2269 +- smtp_forward: enable_outbound can be set per domain #2335 + +#### Fixes + +- Fix ability to set log level to emerg #2128 +- outbound/hmail: use Buffer to correctly read binary file data + tests #2231 +- quarantine: consolidate 2x hook_init_master functions +- tls_socket: restore SNI functionality, emit count of TLS certs #2293 +- fix smtp_client error handling #2298 +- fix outbound pools #2317 +- add openssl-wrapper as dependency #2320 +- replace \_ chars in hostnames with code points #2324 +- add this.removeAllListeners('connection-error') #2323 +- Fix crashing on RSET #2328 +- Prevent data headers crit fail #2329 +- Fix undefined max_lines in log message #2337 + +#### Changes + +- line_socket: remove superfluous function #2339 +- consistent end of function declaration semicolon #2336 +- connection: assure hostname is set #2338 +- smtp_client: Fix log message typo #2334 +- Update ipaddr.js to version 1.6.0 #2333 +- Warn on max_header_lines #2331 +- update jquery version #2322 +- plugins: add SRS plugin to registry #2318 +- tls_socket: only generate dhparam.pem on master process #2313 +- add ENOTFOUND to also check A record #2310 +- smtp_forward: correct config file name in docs #2309 +- reduce severity of iconv conversion failure #2307 +- Add txn UUID to "250 Message Queued" #2305 +- mailheader: reduce log level priority #2299 +- greylist: only log redis DB errors when exist #2295 +- data.headers: reduce undef MLM logerror to logdebug #2294 +- quarantine: consolidate 2x hook_init_master() #2292 +- move test_queue to queue/test #2291 +- in haraka plugin test mode, add server.notes #2248 +- outbound/hmail: refactor #2238 +- outbound/hmail: add JSON sanity test before JSON.parse #2231 +- outbound/index: use newer Buffer.from syntax #2231 +- outbound/hmail: make haraka queue files human friendly #2231 +- plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 +- plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 +- plugins/smtp_forward: enable_outbound can be enabled/disabled for specific domains +- auth_proxy: read TLS key and cert files from tls.ini #2212 +- README: typo fixes #2210 +- incorrect RCPT TO reply message #2227 +- Resolve decoding bug when root part is base64 encoded. #2204 +- Resolve base64 data truncation #2188 +- Fix damaged encoding when body is non-utf #2187 +- Fix disconnect hooks #2184 +- ability to set log level to emerg #2128 +- Improve docs for `Address` objects #2224 +- connection: replace 3x ternaries with get_remote() #2169 +- connection.local.host populated with hostname (from config/me) #2165 +- connection.local.info populated with Haraka/version #2196 +- npm packaged plugins: + - plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144 + - plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144 + - plugins/graph -> haraka-plugin-graph #2185 +- config: replace ./config.js with haraka-config #2119 +- Replace concatenated strings with template literals (#2129) in: + - attachment #2260 + - bin/spf #2129 + - bin/dkimverify #2278 + - connection #2129, #2243 + - delay_deny #2264 + - dkim #2216 + - dsn #2265 + - host_pool #2198, #2245 + - logger #2277, #2246 + - mailbody #2280 + - max_unrecognised_commands #2171 + - outbound/hmail #2259 + - outbound/index #2249 + - outbound/todo #2233 + - plugins #2239 + - plugins/aliases #2229 + - plugins/attachment #2155 + - plugins/auth_base #2252 + - plugins/avg #2156 + - plugins/backscatterer #2261 + - plugins/bounce #2229 + - plugins/clamd #2237 + - plugins/connect.rdns_access #2262 + - plugins/data.headers #2263 + - plugins/data.uribl #2258 + - plugins/helo.checks #2255 + - plugins/rcpt_to.in_host_list #2253 + - plugins/spamassassin #2256 + - plugins/profile #2170 + - plugins/rcpt_to.host_list_base #2254 + - plugins/relay #2174 + - plugins/relay_acl #2177 + - plugins/spf #2266 + - plugins/toobusy #2186 + - plugins/xclient #2159 + - rfc1869 #2159 + - smtp_client #2129, #2208 + - tests/host_pool #2159 +- use es6 destructuring (#2075) in: + - connection #2230 + - dkim #2232 +- use es6 classes (#2133) in: + - attachment #2260 + - attachment_stream #2215 + - chunkemitter #2219 + - dkim #2206 + - dsn #2247 + - host_pool #2194 + - mailheader #2213 + - mailbody #2213 + - smtp_client #2221 + - spf #2214 + - tls_socket #2190 + - timer_queue #2226 + - outbound/hmail #2197 + - outbound/todo #2233 +- Automatically set connection.remote.is_private when connection.remote.ip is set #2192 +- Add remove_msgid and remove_date options to outbound.send_email #2209 +- Add origin option to outbound.send_mail #2314 + +### 2.8.16 - Sep 30, 2017 + +#### Changes + + - additional tests get var -> const/let medicine #2122 + - move connection states into haraka-constants #2121 + - lint: remove useless escapes #2117 + - lint: switch no-var to error #2109 + - rspamd: repackaged as NPM module #2106 + - dsn: repackaged as NPM module haraka-dsn #2105 + - outbound: add results when queueing #2103 + - spamassassin: skip adding headers when value is empty #2102 + - Replace console.log with stdout #2100 + - update js-yaml to version 3.10.0 #2097 + - repackage p0f plugin to NPM #2076 + - ES6: replace var with const or let #2073 + +#### New Features + +- Bounces can have an HTML part #2091 + +#### Fixes + +- daemon cwd #2126 +- updated fcrdns plugin name passed to results #2115 +- tls: only apply default key/cert paths when undefined #2111 +- dkim_verify: fix formatting of auth results #2107 +- smtp_forward: consistently use queue.wants #2107 +- haraka was adding TLS header on non-TLS connection #2103 +- dkim typo fix #2101 +- fix rfc2231 parsing code to cope with continuation #2089 + +### 2.8.15 - Sep 10, 2017 + +#### Changes + +- Permit log settings to be set w/o LOG prefix #2057 +- additional results storing in smtp_forward and quarantine #2067 +- publish p0f plugin to NPM #2076 +- smtp_forward stores queue note at queue.wants #2083 +- Remove unused folders from installation #2088 +- smtp_forward stores queue note at queue.wants #2083 +- add get/set to conn/txn.notes #2082 +- additional results storing in smtp_forward and quarantine #2067 +- Permit log settings to be set w/o LOG prefix #2057 +- support INFO _and_ LOGINFO as config settings #2056 +- log.ini, new default location for log related settings #2054 +- dcc: replace with npm packaged version #2052 +- qmd: replace rcpt_to.qmail_deliverable with npm #2051 +- rspamd: pass SPF evaluation #2050 +- add logfmt support #2047 +- update ipaddr.js to version 1.5.0 #2037 +- update redis to version 2.8.0 #2033 +- disable graceful for SIGTERM #2028 +- add additional integration tests #2026 +- move most npm packaged plugins into optionalDependencies #2023 + +#### New Features + +- TLS certificate directory (config/tls) #2032 +- plugins can specify a queue plugin & next_hop route #2067 +- connection/transaction notes now have get/set #2082 + +#### Fixes + +- haraka cli will now create folders if they don't exist #2088 +- maybe fix for #1852 503 response #2064 +- crash when 'AUTH LOGIN' is sent after a successful auth #2039 +- docs: fixed swaks test command #2034 +- dkim: prevent dkim_verify from causing 'cannot pipe' #1693 + +### 2.8.14 - Jul 26, 2017 + +#### Changes + +- Fix auth plugin failure when re-selecting auth method #2000 +- don't crash Haraka when invalid YAML config encountered #2013 +- update semver to version 5.4.0 #2015 +- relay docs: correct the config file name #2012 +- rename config/xclient.hosts to match plugin & docs #2014 +- build_todo() is part of the outbound/index.js api #2016 +- update js-yaml to version 3.9.0 #2002 +- outbound/hmail: use WRITE_EXCL from haraka-constants #2011 +- replace plugins/log.elasticsearch with npm packaged #2004 +- Remove two spurious log statements #1989 +- access: rebuild blacklist upon change (vs supplement) #1990 +- deliver to qmail-queue with LF line endings (not CRLF) #1997 +- doc: add note that smtp_forward only supports STARTTLS #1988 +- import Plugins.md from v3 #1991 +- update async to 2.5.0 #1982 +- update iconv to 2.3.0 #1981 +- require node.js v6+ #1958 +- update ipaddr.js to 1.4.0 #1972 +- support newer address-rfc2822 #1970 +- update node-address-rfc2821 version to 1.1.1 #1968 +- outbound: be consistent with todo.domain #1960 +- bump haraka-results required version #1949 +- logger: load in a setImmediate call #1948 +- logger: strip intermediate \n chars #1947 +- tls consistency cleanups #1851 +- Get pool config handling simplifcation #1868 + - add integration test: send message w/smtp_client +- replace some legacy code with es6 #1862 +- update async to version 2.2.0 #1863 +- update ipaddr.js to version 1.3.0 #1857 +- update redis to version 2.7.0 #1854 +- assure conn/tran still exists before storing results #1849 +- moved tls.ini parsing to net_utils #1848 +- smtp forward dest split routing #1847 +- rspamd: refactor complex condition into function #1840 +- block js attachments #1837 +- helo.checks: bring plugin into alignment with docs #1833 +- when proxy enabled, update remote.is_private too #1811 +- create an outbound queue filename handler #1792 +- replace fcrdns with npm package #1810 +- add an additional node_modules plugin search path #1805 +- Set graceful shutdown off by default #1927 +- Allow outbound pools to be disabled #1917 +- Outbound split and move into folder #1850 +- don't emit binary characters into the logs #1902 +- Add .editorconfig #1884 +- tls: remove interim variables #1871 + +#### New Features + +- Use punycode domain (support SMTPUTF8) #1944 +- Added RabbitMQ vhost support #1866 +- clamav: allow "Unknown Result" and Socket Error to try next host #1931 +- outbound client certificates #1908 +- Implement the missing upgrade method on SMTPClient #1901 +- Remove typo from relay.md #1886 + +#### Fixes + +- outbound: fix queue not loaded for single process #1941 +- outbound: Fix undefined variable platformDOT in hmail.js #1943 +- outbound: fix undefined FsyncWriteStream var #1953 +- Fix cluster messaging for node v6+ #1938 +- outbound: fix loading under cluster. #1934 +- Check pool exists before delete #1937 +- be more strict in attachment filename matching #1957 +- doc typo fix #1963 +- RabbitMQ: fix encoding of user and password string #1964 +- spf: improve modifier regexp #1859 +- rabbitmq doc typo in config file name #1865 +- URL to manual was 404, point to Plugins.md #1844 +- smtp_client: set idleTimeout to 1s < pool_timeout #1842 +- fix broken continuations #1843 +- doc error for the 'check.authenticated' setting in rspamd plugin #1834 +- emit _the_ result, not all of them #1829 +- fix outbound logger #1827 +- fix forwarding with client auth over TLS (forward to gmail) #1803 +- Don't blow the stack on qstat #1930 +- run dumped logs through log plugins, not console #1929 +- Fix path parsing bug on Windows platform #1919 +- helo: make sure list_re is defined before access #1903 +- TLS: handle case where OCSP server is unavailable #1880 +- rspamd: add missing 'default' keyword #1856 +- disable naïve comment stripping #1876 + +### 2.8.13 - Feb 03, 2017 + +#### Changes + +- new [haraka-plugin-limit](https://github.com/haraka/haraka-plugin-limit) #1785 + - replaces plugin/limit, plugin/rate_limit, and haraka-plugin-outbound-rate-limit +- p0f: skip on private IPs (normally empty) #1758 +- spf: skip for outbound when context != myself #1763 +- redis: plugins using redis can inherit redis config #1777 +- redis: replace plugins/redis with haraka-plugin-redis #1786 +- lint: require space before function declaration #1784 +- lint: added eslint:recommended #1790 +- logger: remove logger.colorize code for legacy node versions + +#### New Features + +- redis: add `redis_subscribe_pattern()` #1766 +- queue/discard: add ENV that permits discarding #1791 + +#### Improvements + +- rspamd: improve response parsing #1770 +- restore Windows testing to working state #1755 +- elasticsearch: use UTC dates for index creation #1771 +- tls: fix dhparam usage example syntax #1774 +- typo: logerr -> logerror #1776 +- when generating long DKIM keys, include a BIND compatible folded key #1775 +- in haraka-test-fixtures, access results via fixtures.results #1783 +- integration test: end to end server testing #1791 + +#### Fixes + +- spf: restore functionality for relay context=myself #1759 +- rate_limit:if incr creates a new record, assure it has a TTL #1781 +- tls: do not create a top level secureContext #1787 +- dnswl: swap lines to fix missing inherited methods #1793 +- dnswl: fix config loader callback syntax #1794 +- tests/plugins: unset process.env.HARAKA to avoid side effects that interfere with other tests +- remove auth_flat_file sample auth user #1796 + +### 2.8.12 - Jan 03, 2017 + +#### Changes + +- plugin/karma -> npm packaged haraka-plugin-karma #1747 +- update generic-pool 2.4.2 -> 2.5.0 + +#### New Features + +- Added option to bypass SpamAssassin headers' merge #1745 + +#### Improvements + +- reduce severity of debug message #1744 +- fix misleading entries in config/tls.ini #1734 +- Misc. performance improvements #1738 +- set tls.sessionIdContext property (for Thunderbird compat) #1740 + +#### Fixes + +- Swap lines to avoid clobbering response array #1743 + +### 2.8.11 - Nov 24, 2016 + +#### Changes + +- rename core_require to haraka_require #1708 +- move log.syslog to haraka-plugin-syslog #1698 +- remove tls.ini loading and is_no_tls_host to net_utils #1690 +- replace ./utils with npm packaged haraka-utils #1720 +- require node 4 +- karma: add .top TLD scoring #1714 + +#### New Features + +- Implement OCSP Stapling #1724 + +#### Improvements + +- show help for npm packaged plugins included in core #1698 +- use tls.connect for client #1682 +- bring port 465 SMTPS TLS config support on par with STARTTLS #1667 +- use tls.connect instead of createSecurePair #1678 +- redis: improve error handling in tests # +- replace / path seperators with path.* for cross platform compat #1713 + +#### Fixes + +- dkim_sign: per-domain key finding fixed #1707 +- Rspamd: restore spam report header #1702 +- auth/vpopmail: do not toString() when null #1695 +- fix outbound to avoid recursive reading key/cert after refactoring #1692 +- tls: fix option servername (not hostname) #1728 +- correct Auth-Results cleaning #1726 +- fix results for connection.remote_host and NXDOMAIN #1716 + +### 2.8.10 - Oct 20, 2016 + +#### Changes + +- use standard npm syntax for lint and tests #1646 +- remove ./net_utils to haraka-net-utils #1644 +- remove incorrect and unused spf.hello_host #1635 +- remove rogue DENYSOFT copy-pasta error #1634 +- update async to v2 #1545 +- remove plugin/dir support from base haraka #1668 + - use node_modules_dir support instead +- use TLSSocket instead of createSecurePair #1672 +- refactor plugins/tls #1670 +- moved watch plugin to npm as haraka-plugin-watch #1657 +- normalize proxy properties #1650 + +#### New Features + +- added connection.remote.is_private boolean #1648 +- added additional TLS options (@typingArtist) #1651 +- added wildcard boolean support to config loader #1680 +- tls: allow multiple key and cert parameters for RSA+ECDSA #1663 +- permit specifying haraka plugins w/o haraka-plugin- prefix #1645 + - in config/plugins and resultstore + +#### Improvements + +- connection.geoip replaced by haraka-plugin-geoip #1645 +- connection.asn replaced by haraka-plugin-asn #1645 +- permit specifying npm packaged plugins w/o haraka-plugin prefix #1647 +- normalized connection properties #1547, #1577 +- Rspamd: fix spambar for negative scores #1630 +- set connection.remote.is_private early + - replace calls to net_utils with remote.is_private test + +#### Fixes + +- Tidy-up graceful shutdown and fix for non-cluster mode #1639 +- Fix data.headers plugin crash #1641 +- Fix access plugin crash #1640 +- Minor DKIM fix #1642 +- do not set TLS timer if timeout=0 #1632 +- do not overwrite config/host_list on install #1637 +- correct smtp_forward cfg for multiple rcpts #1680 +- fix TLS timeout errors #1665 + +### 2.8.9 - Oct 02, 2016 + +#### New Features + +- Support outbound.pool_timeout of 0 to effectively disable pooling. #1561 +- Added never_add_headers option to rspamd plugin. #1562 +- rcpt_to.routes URI format w/ LMTP support #1568 + +#### Improvements + +- The delay_deny plugin now has a whitelist mode (vs blacklist). #1564 +- Don't show the private key in logs for dkim_sign. #1565 +- update geoip for compat with newer ES (#1622) +- drop node 0.10 testing / official support (#1621) +- watch plugin displays UUIDs as URL (#1624) +- Catch errors on header decode in rfc2231 #1599 +- Attachment plugin updates (#1606) +- add outbound.ini pool_timeout example setting #1584 + +#### Fixes + +- Fixed some small documentation issues. #1573, #1616, #1612 +- Fixed AUTH PLAIN when it spreads over two lines. #1550 +- Fixed dkim_verify calling next() too soon. #1566 +- Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572 +- outbound issues #1615, #1603 +- Fixed adding/removing headers in rspamd plugin. #1562 +- Fixed process_title not shutting down. #1560 +- fix a spurious error emitted by p0f (#1623) +- fix header version hiding (#1617) +- messagestream returns destination (#1610) +- plugins.getdenyfn now passed 3rd params arg (#1591) +- Fix scope of spf logdebug (#1598) +- fix rabbitmq deliveryMode bug (#1594) +- fix dkim_sign TypeError with null mail_from.host (#1592) +- fix dkim_sign attempting to lower an undefined (#1587) + +### 2.8.8 - Jul 20, 2016 + +#### Changes + +- removed UPGRADE.doc to [wiki](https://github.com/haraka/Haraka/wiki/Upgrade-Haraka) + +#### Improvements + +- support + wildcard in aliases plugin #1531 +- Support dkim_sign with outbound.send_email() #1512 +- spf: always check remote IP, then public IP if != pass #1528 +- spf: diplay IP used for SPF eval #1528 + +#### Fixes + +- handle missing wss section in http.ini #1542 +- fix leak on socket write error #1541 +- add results property to outbound transaction #1535 +- don't unref unref'd wss server #1521 + +### 2.8.7 - Jun 18, 2016 + +#### Changes + +- Fix geoip test + +#### Improvements + +- Allow alias plugin to explode to a list of aliases +- Support IPv6 literals in HELO tests (#1507 thanks @gramakri) +- Make ldap plugin use the modified address if a rcpt hook + changes it (#1501 thanks @darkpixel) + +#### Fixes + +- Fix loading plugins as npm modules (#1513) +- More DKIM fixes (#1506 thanks @zllovesuki) +- Fix the long failing host-pool-timer test (#1508) +- Fix clean shutdown of redis with new shutdown code + (#1504 and #1502 thanks @darkpixel) +- More fixes to clean shutdown (#1503) + +### 2.8.6 - Jun 06, 2016 + +#### Fixes + +- Fix loading under Node v4 which sends a blank message +- Fix quit (SIGINT) when running without nodes= + +### 2.8.5 - Jun 04, 2016 + +#### Changes + +- The connection object is now passed to `get_plain_passwd`. Older modules should continue to work as-is. +- The reseed_rng plugin now just uses the Crypto module from core. Though it seems this plugin should be irrelevant with newer versions of node.js + +#### New Features + +- Outbound mail now uses pooled connections, only sending a `QUIT` message if the connection has been idle for a while. + +#### Improvements + +- Shut down and reload (via `haraka -c --graceful`) is now graceful - allowing current connections to finish and plugins to clean up before ending. + +#### Fixes + +- Bind maxmind version to ignore API change (#1492) +- Fix encodings when banners are used (#1477) +- Various DKIM fixes (#1495) + +### 2.8.4 - May 24, 2016 + +#### Fixes + +- Fix plugin loading override when installed (#1471) + +### 2.8.3 - May 18, 2016 + +#### Fixes + +- Fix config overriding for core modules (#1468) + +### 2.8.2 - May 17, 2016 + +#### Changes + +- Added Node v6 to travis tests + +#### New Features + +- Added bin/haraka --qunstick to flush all mails + for that domain (#1460) + +#### Improvements + +- Make bin/haraka --qlist show much more information (#1452) +- Allow CIDR ranges in no_tls_hosts (#1450) + +#### Fixes + +- 2.8.0 was shipped with a broken config/plugins. (#1453) +- Stop haraka dying when ldap connections fail (#1456) +- Pick up domain specific config correctly in ldap (#1456) + +### 2.8.0 - May 06, 2016 + +#### Changes + +- updated dependency versions (#1426, #1425) +- use utf8 encoding for body filters (#1429) +- remove spameatingmonkey from tests (#1421) +- replace ./constants.js with haraka-constants (#1353) +- Document HMail and TODO items (#1343) +- Copy only a minimal config/* by default (#1341). +- cfreader/* removed to haraka/haraka-config (#1350) +- outbound and smtp_client honor tls.ini settings (#1350) +- outbound TLS defaults to enabled +- lint: remove all unused variables (#1358) +- replace ./address.js with address-rfc2181 (#1359) + +#### New Features + +- smtp_forward: accepts a list of backend hosts, thanks @kgeoss (#1333) +- config: add array[] syntax to INI files (#1345) +- plugins.js: support require('./config') in plugins +- Load plugin config from own folder and merge (#1335) +- Allow original email's Subject to be included in bounce message (#1337) +- new queue/smtp_bridge plugin, thanks @jesucarr (#1351) + +#### Improvements + +- early_talker: supports IP whitelisting (#1423) +- loading plugins as packages (#1278) +- removed TLD stuff to haraka/haraka-tld (#1301) +- removed unused 'require('redis') in plugins/karma (#1348) +- improved MIME header support per rfc2231 (#1344) +- tls options can be defined for outbound and smtp_* (#1357) +- explicitly disable SSLv2 (#1395) +- cache STUN results +- xclient plugin improvements (#1405) +- tls: Set verify=NO correctly when no certificate presented (#1400) +- improved message header decoding (#1403, #1406) +- bounce: skip single_recipient check for relays/private_ips (#1385) +- rspamd docs: Clarify usage of check.private_ip (#1383) +- if rcpt_to returns DSN in msg, log it properly (#1375) + +#### Fixes + +- fix out-of-range errors from banner insertion (#1334) +- dkim_verify: Call next only after message_stream ended (#1330) +- outbound: remove type check from pid match (#1322) +- lint: enable no-shadown and remove all shadow variables (#1349) +- spf: fix log_debug syntax (#1416) +- auto_proxy: fix a starttls loop (#1392) +- fcrdns: corrected err variable name (#1391) +- rspamd: Fix undefined variable (#1396) +- dkim_verify: Fix header handling (#1371) +- smtp_client: fix remote_ip (#1362) + +### 2.7.3 - Feb 04, 2016 + +#### Changes + +- smtp_proxy & qmail-queue: default to enabled for outbound deliveries (previously used Outbound), to better matches user expectations. + +#### New Features + +- outbound: allow passing notes to send_email (#1295) + +#### Improvements + +- logging: emit log message queue before shutting down (#1296) +- result_store: permit redis pub/sub to work when host != localhost (#1277) +- tests: quiet the extremely verbose messages (#1282) +- rspamd: add timeout error handling (#1276) +- watch: fix display of early_talker results (#1281) +- spamassassin: publish results to result_store (#1280) +- karma: can now connect to redis on hosts other than localhost (#1275) +- geoip & p0f: don't log empty/null values from RFC 1918 connects (#1267) +- redis: make plugin params match docs (#1273) +- mailbody: small refactoring (#1315) +- smtp_proxy & qmail-queue: default to enabled for outbound (#1308) + +#### Fixes + +- redis: use correct path for db.select (#1273) +- count errors correctly (#1274) +- logger: ignore null arguments (#1299) +- connection: pause for hook_reset_transaction (#1303) +- rcpt_to.routes: update redis usage for compat with redis plugin (#1302) +- smtp_forward: use correct config path to auth settings (#1327) +- messagestream: correctly pass options parameter to get_data (#1316) +- spf: honour configuration for mfrom scope (#1322) +- outbound: Add missing dash to 'Final-Recipient' header name (#1320) + +### 2.7.2 - Dec 15, 2015 + +#### Fixes + +- Revert a change that broke plugin loading + +### 2.7.1 - Dec 14, 2015 + +#### New Features + +- added debian init.d file (#1255) @slattery + +#### Improvements + +- smtp_forward auth settings now work (#430) +- better handling of broken messages (#1234) +- Docker: use latest Phusion image && stdout (#1238, #1239) +- Clean up plugin loading a tiny bit (#1242) +- make dkim keydir case insensitive (1251) +- ignore DNS errors that aren't errors (#1247) +- outbound doc updates (#1258) @Currerius +- outbound: return DENYSOFT on queue error (#1264) +- smtp_client: if enable_tls is set and TLS files missing, warn (#1266) + +#### Fixes + +- Don't sent empty headers to rspamd (#1230) +- Fix auth_base.js key need to be a string - number.toString() (#1228) +- fix bug with empty charset= on mime parts … (#1225) +- Fix "passwd" check crash with numeric password. (#1254) +- result_store: show arrays when not empty (#1261) + +### 2.7.0 - Oct 07, 2015 + +#### New Features + +- SPF bounce check +- rspamd plugin (@fatalbanana) +- watch plugin +- limit plugin (connection concurrency, errors, unrecognized commands) +- plugins can now be npm packages (see also #946) +- built-in HTTP server (Express backed) +- ESETS AV plugin +- DCC plugin (incomplete) +- Add LOGIN support to XCLIENT +- backscatterer plugin +- full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus) +- Early talker #1075 (@smfreegard, @msimerson) +- permit loading of plugins in node_modules #1056 (@msimerson) + +#### Improvements + +- Fix anti_spoof by use config #1171 +- Add license clause #1170 +- package.json dependencies and travis update #1147, #1168 (@Dexus) +- logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus) +- aliases: support for email, user and host aliases #1149 (@Dexus) +- add docs for use private key with TLS #1130 (@Dexus) +- outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus) +- plugin/attachment: block more attachment file types #1191 (@Dexus) +- remove double functions #1126 (@Dexus) +- Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz) +- toobusy: only run checks if toobusy.js installed and loads +- HAProxy: set local_ip, local_port and remote_port +- save auth pass/fail/user to result_store +- ini files no longer require values (useful for storing lists) +- connection: add MAIL and RCPT to results +- results_store: enable 'emit' feature for .push() +- add support for custom Outbound Received header value (@zombified) +- save smtp_forward result to result_store +- auth_base: permit a return message (@DarkSorrow) +- add DSN.create() and RFC 4954 support +- enhanced pipelining support +- added config/access.domains with some tips (@EyePulp) +- Add SSL detection over plain-text socket +- earlytalker: store results +- bounce: make it safe to check non_local_msgid +- AVG: store results, added defer options +- tls: change createCredentials to tls.createSecureContext (@DarkSorrow) +- update dependency versions (esp async 0.2.9 -> 1.0.0) +- ASN docs: add FTP download note for routeviews +- karma: removed concurrency limits (see limit plugin) and penalty feature +- added utils.elapsed() +- deny message includes hostname +- Add Fisher-Yates shuffle to randomize lookup order in data.uribl +- change default message size limit to 25mb +- auth_base: save auth results +- upgrade toobusy plugin to toobusy-js (@alexkavon) +- configfile: permit / char in ini keys +- added utils.node_min() +- added result_store.get_all() +- updated ubuntu upstart script +- plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185 +- Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz) +- make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty) +- Net_utils.get_ips_by_host #1160 (@msimerson) +- fcrdns: don't log error for ENODATA #1140 (@msimerson) +- improve MUA detection #1137 (@msimerson) +- tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson) +- karma: skip deny on outbound hooks #1100 (@msimerson) +- Store HAProxy IP in connection object #1097 (@smfreegard) +- Remove UUID from queued message #1092 (@smfreegard) + +#### Fixes + +- fix windows build and test failures #1076 (@msimerson) +- Fix plugin ordering #1081 (@smfreegard) +- Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard) +- uribl: prevent calling next() more than 1x #1138 (@msimerson) +- Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty) +- Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz) +- TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard) +- Fix port to number instead of string for HAProxy #1108 (@DarkSorrow) +- Plugin dcc: fixed syntax error #1164 (@hatsebutz) +- config: fix flat files if \r\n lines #1187 (@Dexus) +- corrected hook_rcpt log code hook_rcpt_ok returns CONT +- fix crash bug when loglevel = LOGDEBUG +- corrected pathname in rcpt.ldap plugin (@abhas) +- added helo.checks boolean for proto_mismatch +- make rate_limit redis keys always expire @celesteking +- dkim_sign: Buffer.concat expects an array of buffers +- transaction: check discard_data before adding line end (@DarkSorrow) +- fix 8-bit msg not displayed properly in gmail +- fcrdns: always init results +- TLS timer on error +- dkim_verify: fixed timeout issue +- smtp\_[proxy|forward]: correct authentication example +- Fork child workers after init_master hook +- connection: return 450/550 for plugin DENY* (was 452/552) +- spamassassin: don't call next() when transaction gone +- outbound: fix crash when sending bounce mail +- auth_base: fix bad protocol in auth_base.js #1121 (@Dexus) +- outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus) +- connection: Fix bug when client disconnect after sending data #1193 +- Fix connect.geoip bug #1144 (@smfreegard) +- Fix tiny bug in messagesniffer #1198 (@smfreegard) + +### 2.6.1 - Mar 27, 2015 + +- added sedation timers for config file re-reading +- Add AUTH support to outbound +- tests/spf: quiet excessive DEBUG noise +- allow domains with underscore +- correct name of domains config file in access +- Fix SMTP AUTH in smtp_forward/proxy and add docs +- Fix opts not being passed to HMailItem \_bounce function +- log.syslog will try strong-fork-syslog (for node 0.12 compat) +- improvements to Plugin docs +- rename net_utils.is_rfc1918 -> is_private_ip + - IPv6 compat + - test coverage + - add IPv6 unique local fc00::/7 +- pre-populated config/plugins +- added utils.extend, copies props onto objects + +### 2.6.0 - Feb 21, 2015 + +- other bug fixes +- updated a few tests so test suite passes on Windows +- log.syslog: handle failure to load node-syslog +- plugin directory is $ENV definable (@martin1yness) +- logging timestamps were static, fixed by @cloudbuy +- queue/rabbitmq_amqplib, new plugin for RabbitMQ using amqplib (@esevece) +- outbound: + - plugins can set the outbound IP (during get_mx) + - only replace line endings if not \r\n + - bannering fixes + - added support for per recipient routes +- tls: don't register hooks upless certs exist +- removed contrib/geolite-mirror-simple.pl (replaced by docs update pointing to maxmind-geolite-mirror) -* rcpt.routes: new plugin by @msimerson -* make haproxy IPv6 compatible -* record_envelope_addresses: new plugin by @deburau -* prevent_credential_leaks: new plugin by @smfreegard -* config: - * configfile: added .yaml support - * improved config file 'watch' logic - * Allow hyphens in params in config files (@abhas) - * cached requests include options in cache key name -* asn: updates for node 0.11 compat -* dnsbl: use aysync.each vs forEach (avoid race condition) -* spamassassin: improved config loading and test coverage -* geoip: deprecate geoip-lite in favor of maxmind, IPv6 compatible -* disable SSLv3 (due to POODLE) -* dkim & spf, updates for node 0.11 compatibiilty -* karma: move neighbor scoring from code to karma.ini - * move excludes list to karma.ini - * apply awards before adding message header & permit rejection at queue - * karma.ini: score updates for access & uribl plugins - * score denials issued by skipped plugins - * add scores for specific DNSBLs -* add transaction body filters (@chazomaticus) - * change bannering to use them -* helo.checks: fix timeout bug - * match_re now validates and pre-compiles all REs - * Add new proto_mismatch check -* p0f: add register(), load config once, early -* server: improved config handling -* data.headers: add Delivered-To check -* rcpt_to.ldap: new plugin by @abhas -* smtp_client: only load tls_* when cfg.enable_tls -* added plugins/host_list_base -* Platform independent temp dir (thanks @martinvd) -* move deprecated docs into docs/deprecated -* Switch to Phusion baseimage instead of stock Ubuntu (thanks @Synchro) -* dkim_verify: new plugin by @smfreegard -* many new tests -* improved URI parser (for URIBL plugin) -* Allow mixed case STARTTLS command -* Install Node via package manager (Mohd Rozi) -* Fix a couple crit errors (@Illirgway) -* Add noisy/bulk out-of-band rule support to MessaageSniffer plugin -* initial support for rabbitmq plugin (@samuelharden) -* bounce, added non_local_msgid checks and much faster lookups -* vpopmail: fail faster during a CRAM-MD5 auth attempt with an invalid user -* fcrdns: handle a null hostname -* Improve HAProxy support code and documentation -* tls: reworked for efficiency and linear style -* access: test hostname validity before PSL lookup - * load lists into objects (vs arrays), for much faster runtime access -* host_list: huge performance increase, esp for many hosts - -## 2.5.0 - May 24, 2014 - -* added automated build testing via Travis-CI.org -* fixed dkim_sign crash issue #560 -* geoip can discover external IP via net_utils.get_public_ip -* geoip: skip private IPs -* qmd: when relaying, validate MAIL FROM against QMD, add per-domain +- rcpt.routes: new plugin by @msimerson +- make haproxy IPv6 compatible +- record_envelope_addresses: new plugin by @deburau +- prevent_credential_leaks: new plugin by @smfreegard +- config: + - configfile: added .yaml support + - improved config file 'watch' logic + - Allow hyphens in params in config files (@abhas) + - cached requests include options in cache key name +- asn: updates for node 0.11 compat +- dnsbl: use aysync.each vs forEach (avoid race condition) +- spamassassin: improved config loading and test coverage +- geoip: deprecate geoip-lite in favor of maxmind, IPv6 compatible +- disable SSLv3 (due to POODLE) +- dkim & spf, updates for node 0.11 compatibiilty +- karma: move neighbor scoring from code to karma.ini + - move excludes list to karma.ini + - apply awards before adding message header & permit rejection at queue + - karma.ini: score updates for access & uribl plugins + - score denials issued by skipped plugins + - add scores for specific DNSBLs +- add transaction body filters (@chazomaticus) + - change bannering to use them +- helo.checks: fix timeout bug + - match_re now validates and pre-compiles all REs + - Add new proto_mismatch check +- p0f: add register(), load config once, early +- server: improved config handling +- data.headers: add Delivered-To check +- rcpt_to.ldap: new plugin by @abhas +- smtp*client: only load tls*- when cfg.enable_tls +- added plugins/host_list_base +- Platform independent temp dir (thanks @martinvd) +- move deprecated docs into docs/deprecated +- Switch to Phusion baseimage instead of stock Ubuntu (thanks @Synchro) +- dkim_verify: new plugin by @smfreegard +- many new tests +- improved URI parser (for URIBL plugin) +- Allow mixed case STARTTLS command +- Install Node via package manager (Mohd Rozi) +- Fix a couple crit errors (@Illirgway) +- Add noisy/bulk out-of-band rule support to MessaageSniffer plugin +- initial support for rabbitmq plugin (@samuelharden) +- bounce, added non_local_msgid checks and much faster lookups +- vpopmail: fail faster during a CRAM-MD5 auth attempt with an invalid user +- fcrdns: handle a null hostname +- Improve HAProxy support code and documentation +- tls: reworked for efficiency and linear style +- access: test hostname validity before PSL lookup + - load lists into objects (vs arrays), for much faster runtime access +- host_list: huge performance increase, esp for many hosts + +### 2.5.0 - May 24, 2014 + +- added automated build testing via Travis-CI.org +- fixed dkim_sign crash issue #560 +- geoip can discover external IP via net_utils.get_public_ip +- geoip: skip private IPs +- qmd: when relaying, validate MAIL FROM against QMD, add per-domain configurations, added reject option, added tests and bug fixes. -* net_utils: added is_ipv4_literal, is_public_suffix, get_public_ip, added +- net_utils: added is_ipv4_literal, is_public_suffix, get_public_ip, added tests, shed some CamelCase. -* asn: looksup up ASN of connection, uses 3 providers, tests providers, saves +- asn: looksup up ASN of connection, uses 3 providers, tests providers, saves results, optionally adds headers. Includes tests. -* access: new plugin that merges rdns_access, mail_from.access, and +- access: new plugin that merges rdns_access, mail_from.access, and rcpt_to.access. -* fcrdns: new plugin (Forward Confirmed Reverse DNS) -* bounce: new plugin (merges -* data.headers: new plugin added direct_to_mx, check & reject settings, added MLM detection, +- fcrdns: new plugin (Forward Confirmed Reverse DNS) +- bounce: new plugin (merges +- data.headers: new plugin added direct_to_mx, check & reject settings, added MLM detection, tests. -* helo.checks: refactored, better config handling, new tests (match_rdns, +- helo.checks: refactored, better config handling, new tests (match_rdns, mismatch, results), reject option. -* results_store: store processing results in data structures (vs notes) -* spf: refactored, added outbound checks when relaying, added 15 tests, -* dnsbl: return errors as Error objects, reduce list to unique zones, added +- results_store: store processing results in data structures (vs notes) +- spf: refactored, added outbound checks when relaying, added 15 tests, +- dnsbl: return errors as Error objects, reduce list to unique zones, added tests, added search=multi option, handle ENOTFOUND error, added reject=false option. -* dns_list_base: bug fixes (race condition, returning invalid results) -* bounce: refactored, each check has enable and reject switches, added tests, +- dns_list_base: bug fixes (race condition, returning invalid results) +- bounce: refactored, each check has enable and reject switches, added tests, added bad_bounce_to -* clamav: add virus name to results, better config parsing, typo fixes -* uribl: -* mf_resolvable: -* tls: add link to wiki article on TLS setup -* relay_acl: fix issue #428, refactored, don't crash when relay_dest_domains.ini +- clamav: add virus name to results, better config parsing, typo fixes +- uribl: +- mf_resolvable: +- tls: add link to wiki article on TLS setup +- relay_acl: fix issue #428, refactored, don't crash when relay_dest_domains.ini missing, added tests -* fix mx mechanism when no records are returned -* vpopmaild: added per-domain feature -* karma: added whitelist award, pass through temp (DENYSOFT) errors, made +- fix mx mechanism when no records are returned +- vpopmaild: added per-domain feature +- karma: added whitelist award, pass through temp (DENYSOFT) errors, made tarpit variable, configurable reject hooks, doc rewrite, ASN awards, fix penalty days calculation, new DSL for karma awards, -* bannering fixes -* added log\* stubs to test/fixtures/[plugin|connection] -* tests/fixtures/stub_plugin: set name property -* config: corrected handling of config.arg gets, fix caching bug, fix boolean +- bannering fixes +- added log* stubs to test/fixtures/[plugin|connection] +- tests/fixtures/stub_plugin: set name property +- config: corrected handling of config.arg gets, fix caching bug, fix boolean handling, added missing 'type' handling. -* Adding the option of using CIDR ranges in the haproxy_hosts file -* tarpit: added config option hooks_to_delay, added docs -* contrib/haraka.bsd.rc: startup file for \*BSD -* Store attachment headers on stream -* Record accepted domains at hook_rcpt and improve queue/lmtp -* return after next() in the whitelist checks -* Add new -o option to bin/haraka - -## 2.4.0 - Feb 12, 2014 - -* Trim whitespace when reading "list" type config files (such as config/plugins) -* Added LMTP via queue/lmtp plugin -* Fixed bug in outbound when temp failing some of the recipients that would prevent delivery working to those recipients for future delivery attempts -* Add additional details/parameters to delivered hook for outbound mail -* Removed the hmail.bounce_extra object as that information now stored with the rcpt_to list -* Store the RCPT TO rejection reason on the address object - - -## 2.3.0 - Feb 07, 2014 - -* Fix memory leak when watching config files for changes -* Support for badly formatted MAIL FROM/RCPT TO lines -* Fix a memory corruption when fixing line endings -* Fix breakpoints in plugins when using node inspector -* Reload config in relay_force_routing without restart -* Don't re-attempt TLS upgrade if upgraded already and STARTTLS is re-advertised -* Improved outbound logging -* Pass failed recipients to bounce hook in outbound processing -* Added startup checks to ensure Haraka has been installed correctly -* Handle case of Haraka server running out of disk space better -* In mail_from.is_resolvable: move re_bogus_ip into config -* Added auth/auth_vpopmaild plugin - SMTP AUTH against a vpopmaild server -* Fixed graph plugin to work with sqlite3 -* Added rcpt_to.qmail_deliverable plugin - Authenticate inbound RCPT TOs against Qmail::Deliverable daemon -* Added data.headers plugin which merges header checks into one place. +- Adding the option of using CIDR ranges in the haproxy_hosts file +- tarpit: added config option hooks_to_delay, added docs +- contrib/haraka.bsd.rc: startup file for *BSD +- Store attachment headers on stream +- Record accepted domains at hook_rcpt and improve queue/lmtp +- return after next() in the whitelist checks +- Add new -o option to bin/haraka + +### 2.4.0 - Feb 12, 2014 + +- Trim whitespace when reading "list" type config files (such as config/plugins) +- Added LMTP via queue/lmtp plugin +- Fixed bug in outbound when temp failing some of the recipients that would prevent delivery working to those recipients for future delivery attempts +- Add additional details/parameters to delivered hook for outbound mail +- Removed the hmail.bounce_extra object as that information now stored with the rcpt_to list +- Store the RCPT TO rejection reason on the address object + +### 2.3.0 - Feb 07, 2014 + +- Fix memory leak when watching config files for changes +- Support for badly formatted MAIL FROM/RCPT TO lines +- Fix a memory corruption when fixing line endings +- Fix breakpoints in plugins when using node inspector +- Reload config in relay_force_routing without restart +- Don't re-attempt TLS upgrade if upgraded already and STARTTLS is re-advertised +- Improved outbound logging +- Pass failed recipients to bounce hook in outbound processing +- Added startup checks to ensure Haraka has been installed correctly +- Handle case of Haraka server running out of disk space better +- In mail_from.is_resolvable: move re_bogus_ip into config +- Added auth/auth_vpopmaild plugin - SMTP AUTH against a vpopmaild server +- Fixed graph plugin to work with sqlite3 +- Added rcpt_to.qmail_deliverable plugin - Authenticate inbound RCPT TOs against Qmail::Deliverable daemon +- Added data.headers plugin which merges header checks into one place. Deprecates data.noreceived, data.rfc5322_header_checks, and data.nomsgid. -* Added documentation for logging system -* Added DKIM per-domain signing support -* Added p0f plugin -* In relay_acl, if host is allowed by acl, don't deny the recipient because the domain isn't in the allow list -* Add Authentication-Results header (RFC 5451) to all emails -* Fixed writing the todo file in outbound for newer Node versions -* Added Karma plugin to support penalizing consistently evil senders -* Added GeoIP plugin including distance calculation from your mail server -* Added bounce plugin for handling incoming bounce messages in various ways -* Fix underscores in documentation so web version doesn't look so weird -* By default prevent SMTP AUTH unless on a private IP or using TLS WARNING: May break some uses of Haraka, but is worth it for security -* In lookup_rdns.strict, check whitelist before looking up IP -* Big rewrite of the SpamAssassin plugin for simplicity and mainly to pass through X-Spam-* headers provided -* Added delay_deny plugin allowing more flexibility on when to reject mail -* Improvements to ini file parsing allowing floats and negative integers, and specifying boolean keys -* Fix issue causing a CRIT/crash with lost transaction/connection while sending inbound to ongoing SMTP server -* Allow setting of spamd_user for spamassassin plugin - - -## 2.0.0 - Nov 28, 2012 - -* Various fixes to SMTP AUTH code, including providing SMTP AUTH to inbound +- Added documentation for logging system +- Added DKIM per-domain signing support +- Added p0f plugin +- In relay_acl, if host is allowed by acl, don't deny the recipient because the domain isn't in the allow list +- Add Authentication-Results header (RFC 5451) to all emails +- Fixed writing the todo file in outbound for newer Node versions +- Added Karma plugin to support penalizing consistently evil senders +- Added GeoIP plugin including distance calculation from your mail server +- Added bounce plugin for handling incoming bounce messages in various ways +- Fix underscores in documentation so web version doesn't look so weird +- By default prevent SMTP AUTH unless on a private IP or using TLS WARNING: May break some uses of Haraka, but is worth it for security +- In lookup_rdns.strict, check whitelist before looking up IP +- Big rewrite of the SpamAssassin plugin for simplicity and mainly to pass through X-Spam-* headers provided +- Added delay_deny plugin allowing more flexibility on when to reject mail +- Improvements to ini file parsing allowing floats and negative integers, and specifying boolean keys +- Fix issue causing a CRIT/crash with lost transaction/connection while sending inbound to ongoing SMTP server +- Allow setting of spamd_user for spamassassin plugin + +### 2.0.0 - Nov 28, 2012 + +- Various fixes to SMTP AUTH code, including providing SMTP AUTH to inbound mail forwarders. -* Updates to process_title plugin to show more details -* Changed transaction.data_lines to a Stream (this will break all code which +- Updates to process_title plugin to show more details +- Changed transaction.data_lines to a Stream (this will break all code which uses transaction.data_lines currently - see the migration guide) -* Changed attachments to be a Stream (this will break some code which uses +- Changed attachments to be a Stream (this will break some code which uses transaction.attachment_hooks - see the migration guide) -* Capture and log signals sent to Haraka -* Various performance improvements -* Fixed a memory leak in connection pool -* Improvements to TLS compatibility -* RFC compliance improvements with greeting, EHLO/HELO, QUIT, and dot stuffing -* Throw exception with set_banner as it is now non-functional. Will be returned in a future version. -* Small fixes to data.uribl - -## 1.4.0 - +- Capture and log signals sent to Haraka +- Various performance improvements +- Fixed a memory leak in connection pool +- Improvements to TLS compatibility +- RFC compliance improvements with greeting, EHLO/HELO, QUIT, and dot stuffing +- Throw exception with set_banner as it is now non-functional. Will be returned in a future version. +- Small fixes to data.uribl +### 1.4.0 - [3.0.0]: https://github.com/haraka/Haraka/releases/tag/3.0.0 -[3.0.1]: https://github.com/haraka/Haraka/releases/tag/3.0.1 -[3.0.2]: https://github.com/haraka/Haraka/releases/tag/3.0.2 -[3.0.3]: https://github.com/haraka/Haraka/releases/tag/3.0.3 +[3.0.1]: https://github.com/haraka/Haraka/releases/tag/v3.0.1 +[3.0.2]: https://github.com/haraka/Haraka/releases/tag/v3.0.2 +[3.0.3]: https://github.com/haraka/Haraka/releases/tag/v3.0.3 +[3.0.4]: https://github.com/haraka/Haraka/releases/tag/3.0.4 diff --git a/Plugins.md b/Plugins.md index 1387d74dc..94ae7f712 100644 --- a/Plugins.md +++ b/Plugins.md @@ -4,12 +4,12 @@ To create your own plugin, see [Write a Plugin][write-plugin]. ## Installing NPM packaged plugins -Plugins can be installed in the directory where Haraka was installed (where depends on your OS platform and whether you specified `-g`) or the Haraka install directory (haraka -i this_path). This example installs _my-great-plugin_ in the Haraka install directory: +Plugins can be installed in the directory where Haraka was installed (where depends on your OS platform and whether you specified `-g`) or the Haraka install directory (haraka -i this\_path). This example installs _my-great-plugin_ in the Haraka install directory: -```` +``` cd /etc/haraka npm install haraka-plugin-my-great-plugin -```` +``` NPM then installs the plugin and its dependencies in a `node_modules` directory within the Haraka install directory. @@ -19,108 +19,105 @@ A comprehensive list of known plugins. Create a PR to add yours to these lists. ### Auth Plugins -| Name | Description | -| ------------------------- | ------------- | -| [auth-enc-file][url-authencflat] | Auth against user/pass in an encrypted file | -| [flat_file][url-authflat] | Auth against user/pass in a file | -| [auth_bridge][url-authbridge] | Auth against remote MTA | -| [auth-imap][url-auth-imap] | Auth against IMAP server | -| [auth_ldap][url-auth-ldap] | Auth against LDAP | -| [auth_proxy][url-authproxy] | Auth against remote MTA | -| [auth_vpopmaild][url-authvpop] | Auth against vpopmaild | -| [dkim][url-dkim] | DKIM sign & verify | -| [dovecot][url-dovecot] | SMTP AUTH & recipient validation against dovecot | -| [LDAP][url-ldap] | Aliases, Auth, and Recipient validation from LDAP | -| [mailauth][url-mailauth] | Email Auth (SPF, DKIM, DMARC, ARC, & BIMI) | -| [opendkim][url-opendkim] | DKIM sign and verify email messages | -| [spf][url-spf] | Perform SPF checks | +| Name | Description | +| -------------------------------- | ------------------------------------------------- | +| [auth-enc-file][url-authencflat] | Auth against user/pass in an encrypted file | +| [flat_file][url-authflat] | Auth against user/pass in a file | +| [auth_bridge][url-authbridge] | Auth against remote MTA | +| [auth-imap][url-auth-imap] | Auth against IMAP server | +| [auth_ldap][url-auth-ldap] | Auth against LDAP | +| [auth_proxy][url-authproxy] | Auth against remote MTA | +| [auth_vpopmaild][url-authvpop] | Auth against vpopmaild | +| [dkim][url-dkim] | DKIM sign & verify | +| [dovecot][url-dovecot] | SMTP AUTH & recipient validation against dovecot | +| [LDAP][url-ldap] | Aliases, Auth, and Recipient validation from LDAP | +| [mailauth][url-mailauth] | Email Auth (SPF, DKIM, DMARC, ARC, & BIMI) | +| [opendkim][url-opendkim] | DKIM sign and verify email messages | +| [spf][url-spf] | Perform SPF checks | ### Queue Plugins -| Name | Description | -| -------------------------- | ------------- | -| [discard][url-qdisc] | queues messages to /dev/null | -| [kafka][url-kafka] | Queue inbound mail to a Kafka topic | -| [lmtp][url-qlmtp] | deliver queued messages via LMTP | -| [mongodb][mongo-url] | Queue emails to MongoDB | -| [qmail-queue][url-qmail] | queue to qmail | -| [quarantine][url-qquart] | queue to a quarantine directory | -| [rabbitmq][url-qrabbit] | queue to RabbitMQ | -| [rabbitmq_amqplib][url-qrabbita] | queue to RabbitMQ using amqplib | -| [rails][url-qrails] | queue messages to a Rails app using [Action Mailbox][url-action-mailbox] | -| [smtp_bridge][url-qbridge] | Bridge SMTP sessions to another MTA | -| [smtp_forward][url-qforward] | Forward emails to another MTA | -| [smtp_proxy][url-qproxy] | Proxy SMTP connections to another MTA | -| [wildduck][url-wildduck] | queue messages to Wild Duck | +| Name | Description | +| -------------------------------- | ------------------------------------------------------------------------ | +| [discard][url-qdisc] | queues messages to /dev/null | +| [kafka][url-kafka] | Queue inbound mail to a Kafka topic | +| [lmtp][url-qlmtp] | deliver queued messages via LMTP | +| [mongodb][mongo-url] | Queue emails to MongoDB | +| [qmail-queue][url-qmail] | queue to qmail | +| [quarantine][url-qquart] | queue to a quarantine directory | +| [rabbitmq][url-qrabbit] | queue to RabbitMQ | +| [rabbitmq_amqplib][url-qrabbita] | queue to RabbitMQ using amqplib | +| [rails][url-qrails] | queue messages to a Rails app using [Action Mailbox][url-action-mailbox] | +| [smtp_bridge][url-qbridge] | Bridge SMTP sessions to another MTA | +| [smtp_forward][url-qforward] | Forward emails to another MTA | +| [smtp_proxy][url-qproxy] | Proxy SMTP connections to another MTA | +| [wildduck][url-wildduck] | queue messages to Wild Duck | ### Filtering Plugins -| Name | Description | -| ------------------------- | ------------- | -| [attachment][url-attach] | Restrict attachment types | -| [avg][url-avg] | AVG antivirus scanner | -| [clamd][url-clamd] | Anti-Virus scanning with ClamAV | -| [data.signatures][url-sigs] | Block emails whose bodies match signatures | -| [dcc][url-dcc] | Distributed Checksum Clearinghouse | -| [esets][url-esets] | Virus scanning with ESET Mail Security | -| [messagesniffer][url-msgsniff] | Anti-spam via [MessageSniffer][url-ms] | -| [milter][url-milter] | milter support | -| [rspamd][url-rspamd] | Scan emails with rspamd | -| [spamassassin][url-spamass] | Scan emails with SpamAssassin | -| [uribl][url-uribl] | Block based on URI blacklists | - +| Name | Description | +| ------------------------------ | ------------------------------------------ | +| [attachment][url-attach] | Restrict attachment types | +| [avg][url-avg] | AVG antivirus scanner | +| [clamd][url-clamd] | Anti-Virus scanning with ClamAV | +| [data.signatures][url-sigs] | Block emails whose bodies match signatures | +| [dcc][url-dcc] | Distributed Checksum Clearinghouse | +| [esets][url-esets] | Virus scanning with ESET Mail Security | +| [messagesniffer][url-msgsniff] | Anti-spam via [MessageSniffer][url-ms] | +| [milter][url-milter] | milter support | +| [rspamd][url-rspamd] | Scan emails with rspamd | +| [spamassassin][url-spamass] | Scan emails with SpamAssassin | +| [uribl][url-uribl] | Block based on URI blacklists | ### Every other Plugin -| Name | Description | -| ------------------------- | ------------- | -| [access][url-access] | ACLs based on IPs, domains, email addrs, etc. | -| [accounting_files][url-acc-files] | Retrieve, Store and Archive custom information of outbound traffic | -| [aliases][url-aliases] | Email aliases | -| [ASN][url-asn] | Get ASN info for remote senders | -| [block_me][url-blockme] | Populate block list via forwarded emails | -| [bounce][url-bounce] | Many options for bounce processing | -| [delay_deny][url-delay] | Delays all pre-DATA 'deny' results | -| [dns-list][url-dns-list] | Check remote MTAs against DNS black, white, and karma lists | -| [dovecot][url-dovecot] | Recipient validation & SMTP AUTH against dovecot | -| [early_talker][url-early] | Reject remotes that talk early | -| [fcrdns][url-fcrdns] | Forward Confirmed reverse DNS | -| [geoip][url-geoip] | get geographic information about mail senders | -| [greylist][url-greylist] | Greylisting | -| [headers][url-headers] | Inspect and verify various email headers | -| [helo.checks][url-helo] | Validity checks of the HELO string | -| [karma][url-karma] | Dynamic scoring of incoming connections | -| [known-senders][url-known-senders] | Reward emails from those you send mail to | -| [LDAP][url-ldap] | Aliases, Auth, and Recipient validation from LDAP | -| [Limit][url-limit] | Apply many types of limits to SMTP connections | -| [log.elasticsearch][url-elastic] | Store message metadata in Elasticsearch | -| [log reader][url-logreader] | extract log entries from the haraka log file | -| [syslog][url-syslog] | Log to syslog | -| [mail_from.is_resolvable][url-mfres] | Verifies the MAIL FROM domain resolves to a MX | -| [outbound-logger][url-outbound-logger] | JSON logging of outbound email traffic. Logs useful metadata about delivered/bounced emails | -| [p0f][url-p0f] | TCP Fingerprinting | -| [prevent_credential_leaks][url-creds] | Prevent users from emailing their credentials | -| [process_title][url-proctitle] | Populate `ps` output with activity counters | -| [recipient-routes][url-rroutes] | Route emails based on their recipient(s) | -| [redis][url-redis] | multi-purpose Redis db connection(s) | -| [rcpt_to.in_host_list][url-rhost] | Define local email domains in a file | -| [rcpt_to.ldap][url-rcpt-ldap] | Validate recipients against LDAP | -| [rcpt-postgresql][url-postgres] | validate recipients against PostgreSQL -| [qmail-deliverable][url-rqmd] | Validate recipients against Qmail-Deliverable | -| [record_envelope_addresses][url-recordenv] | Adds message headers with ENV recips | -| [relay][url-relay] | Manage relay permissions | -| [reseed_rng][url-rng] | Reseed the RNG | -| [batv-srs][url-batv] | BATV & SRS | -| [srs][url-srs] | Sender Rewriting Scheme | -| [tarpit][url-tarpit] | Slow down connections | -| [tls][url-tls] | Implements TLS | -| [toobusy][url-toobusy] | Defers connections when too busy | -| [vmta][url-vmta] | Virtual MTA management | -| [watch][url-watch] | Watch live SMTP traffic in a web interface | -| [wildduck][url-wildduck] | provides recipient checks against Wild Duck | -| [xclient][url-xclient] | Implements XCLIENT | - - +| Name | Description | +| ------------------------------------------ | ------------------------------------------------------------------------------------------- | +| [access][url-access] | ACLs based on IPs, domains, email addrs, etc. | +| [accounting_files][url-acc-files] | Retrieve, Store and Archive custom information of outbound traffic | +| [aliases][url-aliases] | Email aliases | +| [ASN][url-asn] | Get ASN info for remote senders | +| [block_me][url-blockme] | Populate block list via forwarded emails | +| [bounce][url-bounce] | Many options for bounce processing | +| [delay_deny][url-delay] | Delays all pre-DATA 'deny' results | +| [dns-list][url-dns-list] | Check remote MTAs against DNS black, white, and karma lists | +| [dovecot][url-dovecot] | Recipient validation & SMTP AUTH against dovecot | +| [early_talker][url-early] | Reject remotes that talk early | +| [fcrdns][url-fcrdns] | Forward Confirmed reverse DNS | +| [geoip][url-geoip] | get geographic information about mail senders | +| [greylist][url-greylist] | Greylisting | +| [headers][url-headers] | Inspect and verify various email headers | +| [helo.checks][url-helo] | Validity checks of the HELO string | +| [karma][url-karma] | Dynamic scoring of incoming connections | +| [known-senders][url-known-senders] | Reward emails from those you send mail to | +| [LDAP][url-ldap] | Aliases, Auth, and Recipient validation from LDAP | +| [Limit][url-limit] | Apply many types of limits to SMTP connections | +| [log.elasticsearch][url-elastic] | Store message metadata in Elasticsearch | +| [log reader][url-logreader] | extract log entries from the haraka log file | +| [syslog][url-syslog] | Log to syslog | +| [mail_from.is_resolvable][url-mfres] | Verifies the MAIL FROM domain resolves to a MX | +| [outbound-logger][url-outbound-logger] | JSON logging of outbound email traffic. Logs useful metadata about delivered/bounced emails | +| [p0f][url-p0f] | TCP Fingerprinting | +| [prevent_credential_leaks][url-creds] | Prevent users from emailing their credentials | +| [process_title][url-proctitle] | Populate `ps` output with activity counters | +| [recipient-routes][url-rroutes] | Route emails based on their recipient(s) | +| [redis][url-redis] | multi-purpose Redis db connection(s) | +| [rcpt_to.in_host_list][url-rhost] | Define local email domains in a file | +| [rcpt_to.ldap][url-rcpt-ldap] | Validate recipients against LDAP | +| [rcpt-postgresql][url-postgres] | validate recipients against PostgreSQL | +| [qmail-deliverable][url-rqmd] | Validate recipients against Qmail-Deliverable | +| [record_envelope_addresses][url-recordenv] | Adds message headers with ENV recips | +| [relay][url-relay] | Manage relay permissions | +| [reseed_rng][url-rng] | Reseed the RNG | +| [batv-srs][url-batv] | BATV & SRS | +| [srs][url-srs] | Sender Rewriting Scheme | +| [tarpit][url-tarpit] | Slow down connections | +| [tls][url-tls] | Implements TLS | +| [toobusy][url-toobusy] | Defers connections when too busy | +| [vmta][url-vmta] | Virtual MTA management | +| [watch][url-watch] | Watch live SMTP traffic in a web interface | +| [wildduck][url-wildduck] | provides recipient checks against Wild Duck | +| [xclient][url-xclient] | Implements XCLIENT | diff --git a/README.md b/README.md index d70978c8f..5136e3857 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,8 @@ - -Haraka - a Node.js Mail Server ------------------------------- +## Haraka - a Node.js Mail Server ![Tests](https://github.com/haraka/Haraka/actions/workflows/ci.yml/badge.svg) [![Coverage Status][cov-img]][cov-url] - - Haraka is a highly scalable [node.js][1] email server with a modular plugin architecture. Haraka can serve thousands of concurrent connections and deliver thousands of messages per second. Haraka and plugins are written @@ -26,9 +22,8 @@ queued for outbound delivery. ### Getting Help -* [Join the mailing list][8] (implemented as a Haraka plugin) -* [GitHub Issues][15] - +- [Join the mailing list][8] (implemented as a Haraka plugin) +- [GitHub Issues][15] ### Screencast @@ -49,7 +44,6 @@ code in Haraka. Plugins are provided for running mail through [SpamAssassin][9], validating [HELO][10] names, checking [DNS Blocklists][11], and [many others][12]. - ### Installing Haraka Haraka requires [node.js][1] to run. Install Haraka with [npm][2]: @@ -93,7 +87,6 @@ overall behaviour of Haraka. By default, only messages to domains listed in `config/host_list` will be accepted and then delivered via the `smtp-forward` plugin. Configure the destination in `config/smtp_forward.ini`. - ### Read the Fine Manual ```sh @@ -103,7 +96,6 @@ haraka -h plugins/$name The docs detail how each plugin is configured. After editing `config/plugins`, restart Haraka and enjoy! - ### Running from git If you are unable to use npm to install Haraka, you can run from git by @@ -140,7 +132,7 @@ SpamAssassin and a hacker on [Qpsmtpd][13]. [6]: https://github.com/haraka/Haraka/blob/master/docs/plugins/dkim_sign.md [7]: https://en.wikipedia.org/wiki/Mail_delivery_agent [8]: mailto:haraka-sub@harakamail.com -[9]: https://haraka.github.io/plugins/spamassassin +[9]: https://haraka.github.io/plugins/spamassassin [10]: https://haraka.github.io/plugins/helo.checks [11]: https://haraka.github.io/plugins/dnsbl [12]: https://github.com/haraka/Haraka/blob/master/Plugins.md @@ -148,6 +140,5 @@ SpamAssassin and a hacker on [Qpsmtpd][13]. [15]: https://github.com/haraka/Haraka/issues [16]: https://github.com/haraka/Haraka/blob/master/LICENSE [17]: https://github.com/baudehlo - [cov-img]: https://codecov.io/github/haraka/Haraka/coverage.svg [cov-url]: https://codecov.io/github/haraka/Haraka?branch=master diff --git a/package.json b/package.json index 081c17737..fe66fc012 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "server", "email" ], - "version": "3.0.3", + "version": "3.0.4", "homepage": "http://haraka.github.io", "repository": { "type": "git", @@ -97,10 +97,13 @@ "haraka_grep": "./bin/haraka_grep" }, "scripts": { - "test": "npx mocha --exit --timeout=4000 test test/outbound test/plugins/auth test/plugins/queue test/plugins", + "format": "npm run prettier:fix && npm run lint:fix", "lint": "npx eslint@^8 *.js outbound plugins plugins/*/*.js test test/*/*.js test/*/*/*.js bin/haraka", "lint:fix": "npx eslint@^8 --fix *.js outbound plugins plugins/*/*.js test test/*/*.js test/*/*/*.js bin/haraka", + "prettier": "npx prettier . --check", + "prettier:fix": "npx prettier . --write --log-level=warn", + "test": "npx mocha --exit --timeout=4000 test test/outbound test/plugins/auth test/plugins/queue test/plugins", "versions": "npx dependency-version-checker check", "versions:fix": "npx dependency-version-checker update && npm run prettier:fix" } -} \ No newline at end of file +}