Changes.md
### Unreleased
- dep(plugin-spf): bump version to 1.2.1
### [3.0.2] - 2023-06-12
#### Fixed
- feat(q_forward): add LMTP routing handling #3199
- chore(q_forward): tighten up queue.wants handling #3199
- doc(q_forward): improve markdown formatting #3199
- helo.checks: several fixes, #3191
- q/smtp_forward: correct path to next_hop #3186
- don't leak addr parsing errors into SMTP conversation #3185
- connection: handle dns.reverse invalid throws on node v20 #3184
- rename redis command setex to setEx #3181
#### Changed
- test(helo.checks): add regression tests for #3191 #3195
- connection: handle dns.reverse invalid throws on node v20
- build(deps): bump ipaddr.js from 2.0.1 to 2.1.0 #3194
- chore: bump a few dependency versions #3184
- dns_list_base: avoid test failure when public DNS used #3184
- doc(outbound.ini) update link #3159
- doc(clamd.md) fixed spelling error #3155
### [3.0.1] - 2023-01-19
#### Fixed
- fix(bin/haraka): set server.cfg and pass to conn, fixes #3143
- fix(bin/haraka): correct error messages for help options #3142
- fix: dkim_verify fails to find record #3149
#### Changed
- plugins: Add haraka-plugin-outbound-logger to registry #3146
- dep(pi-spf): bump version 1.1.3 to 1.2.0
### [3.0.0] - 2022-12-17
#### Added
- feat: prevent local delivery loop when target exchange resolves to a local hostname #3002
- feat: format DKIM signature to multiline #2991
#### Fixed
- fix(tls): redis promise syntax for tls & ob/tls #3064
- fix(attachment): error handling with complex archive #3035
- fix(smtp_client): run "secured" once, fixes #3020
- fix(smtp_client): add missing `$` char in front of interpolated string
- fix(auth_proxy): run "secured" only once, improvement for #3022
- fix(helo): remove multi-check from should_skip #3041
- fix(outbound): outbound local mx check #3010
- fix(outbound): prevent delivery loop when target MX resolves to local hostname #3002
- fix(conn): socket can't be released when disconnect after DATA command #2994
#### Changed
- dep(generic-pool): remove pooling from outbound #3115
- smtp_client: disable pooling in get_client_plugin, #3113
- smtp_forward: restore ability to enable queue_outbound #3119
- ./mailbody & ./mailheader moved to haraka-email-message #3071
- config/plugins: update name of uribl plugin
- doc(queue.js) spelling & grammar improvement #3051
- doc(rails): add haraka-plugin-queue-rails #2995
- doc(smtp.ini): correct spelling of SMTPUTF8 #2993
- style(es6): use optional chaining when accessing transactions #2732
- style(smtp_client): pass args as objects (was positional)
- style(plugin/\*): transaction guarding #3032
- dep(spf): remove to separate plugin #3078
- dep(iconv): removed, declared in haraka-email-message)
- dep(haraka-plugin-redis)!: 1.0 -> 2.0 #3038
- dep(redis)!: 3.1 -> 4.1 #3058
- dep(generic-pool): remove pooling from outbound #3115
- smtp_client: remove smtp_\* pooling support in #3113
- dep: bump plugin versions #3063
- dep: bump haraka-plugin-asn from 1.0.9 to 2.0.0 #3062
- dep(redis): 3.1 -> 4.1 #3058
- dep(nopt): 5 -> 6.0.0 #3076
- dep(haraka-plugin-fcrdns): 1.0.3 -> 1.1.0 #3076
- dep(haraka-plugin-redis): 1.0 -> 2.0 #3038
- dep(nodemailer): 6.7.0 to 6.7.2 #3000, #3004
- dep: add explicit dependency on node-gyp 9
- ci: github action tweaks #3047
- chore: transaction guarding #3032
- ci: enable windows node 16 testing #3036
- chore: update phusion image #2988
- chore: add lots of `if (!transaction) return` in places #2732
- chore(test): build shims for windows-2022 & node on windows #3052
- chore(test): restore CI tests to working order #3030
- dkim_sign: reformat dkim signature to multi-line #2991
- dkim_sign: remove spurious error logging #3034
- tls: add force_tls option to the ToDo object
- fix(banner): banner was inserted erroneously into text attachments
- outbound: remove hardcoded AUTH PLAIN authorization identity
- outbound: set acquireTimeoutMillis to prevent constant reconnect to unreachable servers
- style(smtp_client): pass args as objects (was positional)
- uribl: timeout DNS 1 second before plugin, #3077
- uribl: load .ini config to plugin.cfg, add basic tests #3077
## 2.8.28 - 2021-10-14
### Changes
- breaking: dkim.js has changed the constructor opts
- tls_socket: more flexible pem file parsing #2986
- move bad certs into different directory, avoid test suite noise
- added ability to define a default relay in relay_dest_domains
- spamassassin: replace msg_too_big & should_check with should_skip #2972
- spamassassin: allow returning DENYSOFT on errors #2967
- dep: use caret version range for all dependencies #2965
- outbound: disable outbound to localhost by default #2952
- connection error logging: use key-value pairs #2921
- tls: change default to NOT send TLS client certs #2902
- dep: redis is now a dependency #2896
- use address-rfc2821 2.0.0
- http: use CDN for bootstrap/jquery, drop bower #2891
- drop support for node 10 #2890
### New features
- tls: require secure and verified sockets for configured hosts/domains
- DKIM plugin has got a couple of config options now
- tls: add `no_starttls_ports` - an array of incoming ports where STARTTLS is not advertised
- outbound: add local_mx_ok config #2952
- skip plugins at runtime by pushing name into transaction.skip_plugins #2966
- outbound: add ability to specify delay times for temporary fails in `temp_fail_intervals` #2969
### Fixes
- bounce: correctly set fail recipients #2901
- bounce: correctly set bounce recipients #2899
- Get local_ip from getsockname() instead of server properties #2914
- Received header TLS section adheres more closely to RFC 8314 #2903
- use RFC-2045 Quoted-Printable in email message body
- use RFC-2047 Q encoded-words in email headers
## 2.8.27 - 2021-01-05
### Changes
- bump verions of several dependencies #2888
- propagate hmail notes to split copies #2887
- log.ini: add json to list of formats in config doc #2881
- exclude port 587 from TLS NO-GO feature #2875
- strip _haraka-plugin-_ prefixes off plugin names in config/plugins #2873
- pass smtp.ini config from Server into connections & transactions #2872
### New features
- add ability to disable SMTPUTF8 advertisement #2866
### Fixes
- assure headers.max_lines is initialized as integer #2878
- require haraka-net-utils >= 1.2.2 #2876
## 2.8.26 - 2020-11-18
### Changes
* add config options for OAR & AR headers #2855
* plugins.js: also strip haraka-plugin prefix from plugin.name #2846
* smtp_forward/spamssassin: grab refs of conn/txn to avoid crashes due to lack of existence. #2847
* outbound: add extended reason to bounce message #2843
* hgrep: replaced perl script with shell script #2842
* connection: send temp error when requested #2841
* headers: updated deprecated messages #2845
* hmail: socket.on -> socket.once #2838
* hmail: check for zero length queue file #2835
* outbound: add os.hostname() as default for outbound HELO #2813
* use node v10's mkdir instead of mkdirp #2797
* CI: drop appveyor and Travis #2784
* lint: add 'prefer-template'
* update async to version 3.2.0 #2764
* update redis to version 3.0.0 #2759
* remove deprecated max_unrecognized_commands from config #2755
* CI: add ES2017 support, drop node 8 #2740
* fix broken bannering on nested mime parts #2736
* restore TLS version info, set correctly #2723
* better error message when invalid HELO hostname is rejected
* bring STARTTLS "TLS NO-GO" feature in line with Outbound's #2792
* add listener for secureConnect #2828
* removed plugins/data.headers to haraka-plugin-headers #2826
* add zero-length queue size check
* send temp instead of hard error when asked to by `unrecognized_command`
### New features
* Allow web interface to be bound to unix socket #2768
* tls: add configurable minVersion to tls socket options #2738
* connection_close_message: added ability to override close connection message replacing `closing connection. Have a jolly good day.` #2730
* add JSON format for logging #2739
* support binding web interface to unix socket
### Fixes
* check for punycode domain names when resolving MX, avoid crash #2861
* wait until entire message is spooled when spool_after in use #2840
* hmail: add missing space in temp_fail emitter #2837
* fix outbound config reloading after outbound split #2802
* smtp_forward: remove redundant outbound hook #2796
* smtp_forward: this plugin does not use the queue_outbound hook anymore #2795
* Fix connection pool not being unique when hosts and ports were equal between domains #2789
* fix connection pool not being unique when hosts and ports were equal between domains #2788
* Fix outbound.bounce_message To: header (and add Auto-Submitted) #2782
* Fix support for DKIM signing when forwarding and aliasing is enabled #2776
* Better error message when EHLO hostname does not have a dot #2775
* fix bannering on nested mime parts #2737
* TLS: don't abort loading certs in config/tls dir when an error is encountered. Process every cert file and then emit errors. #2729
* restore TLS version, correctly #2723
## 2.8.25 - 2019-10-11
### Changes
* conn: remove TLS version from header #2648
* Actually enforce using key for INTERNALCMD #2643
* trans: assign conditions to named vars #2638
* drop node.js v6 support #2632
* conn: use is_local instead of localhost addr tests #2627
* spamassassin: spamassassin: strip useless WS from tests #2624
* es6: many updates #2615, #2674, #2680
* systemctl: update service definition #2612
* lint: bracket style to match newer eslint:recommended #2680
* lint: use object shorthands (eslint:recommended) #2680
* logger: use safer Object.prototype.hasOwnProperty #2680
* outbound: permit # char in SMTP status code response #2689
* dkim_sign: improve docs, add tests, es6 updates #2649
* dkim_sign: restore default key signing feature #2649
* tmp module: update to latest #2614
* semver: update to latest #2616, #2651
* async: update to latest #2653, #2664
* repo cleanup: replaced deprecated plugins with list #2681
* spf: es6 patterns, results.pass, test improvements, es6 patterns #2700
### New features
* spf: add config option to fail on NONE #2644
### Fixes
* mailheader: fully quality header name in _remove_more #2647
* haraka: Connection.createConnection is not a constructor #2618
* problems with japanese characters in body and part header #2675
* toobusy: fix hook name (connect_pre -> connect) #2672
* outbound: watch for socket timeouts #2687
* outbound: permit # char prefix in SMTP status code response #2691
* mailheader: strip whitespace between encoded-words #2702
## 2.8.24 - Mar 12, 2019
### Changes
* early_talker: skip if sender has good karma #2551
* dockerfile: update to node 10 #2552
* Update deprecated usages of Buffer #2553
* early_talker: extend reasons to skip checking #2564
* tls: add 'ca' option (for CA root file) #2571
* outbound: little cleanups #2572
* smtp_client: pass pool_timeout to new SMTPClient #2574
* server: default to nodes=1 (was undefined) #2573
* test/server: use IPv4 127.0.0.1 instead of localhost #2584
* queue/smtp_*: add v3 upgrade notice and config setting #2585
* spf: use the skip config for helo/ehlo checks #2587
* spf: avoid 2nd EHLO evaluation if EHLO host is identical #2592
* queue.js refactoring #2593
* Log dkim_sign parse errors with connection ID #2596
* Update ipaddr.js to the latest version #2599
* make inactivity timeout match docs #2607
### New Features
* Implement SIGTERM graceful shutdown if pid is 1 #2547
* tls: require validated certs on some ports with requireAuthorized #2554
* spamassassin: disable checks when requested #2564
* clamd: permit skipping for relay clients #2564
* outbound: exported outbound.temp_fail_queue, outbound.delivery_queue and add TimerQueue.discard()
* status: new plugin #2577
### Fixes
* mf.resolvable: reduce timeout by one second (so < plugin.timeout) #2544
* LMTP blocks under stress #2556
* invalid DKIM when empty body #2410
* prevent running callback multiple times on TLS unix socket #2509
* add missing callback when listing queue and empty directory
* correct MIME parsing when charset: utf8 and encoding: 8bit #2582
* spamassassin: default check flags to true #2583
* smtp_client: destroy when connection gets conn timeout error #2604
* on error and timeout, remove listeners and destroy conn. #2606
## 2.8.23 - Nov 18, 2018
### Changes
* tighten Haraka pattern in .gitignore #2542
## 2.8.22 - Nov 17, 2018
### New Features
* enable tls/ssl for rabbitmq amqplib plugin #2518
### Fixes
* hmail: don't send RSET to LMTP #2530
### Changes
* clamd: add check.authenticated, check.private_ip, check.local_ip option
* use get_decoded on headers that may be encoded #2537
* connection: move max_mime_part config load to connection init #2528
* outbound: init TLS when we send email, not when old queue file is loaded #2503
### Changes
* relay: update port 465 doc #2522
* hmail: log the correct err message #2531
* ob/tls: consistently use obtls (vs plugin) for "this" name #2524
* outbound: add domain to loginfo message #2523
* Add connection.remote.is_local #2532
* update license #2525
* perf: move max_mime_parts config load to connection init #2529
* update semver to version 5.6.0 #2517
* added hint to encrypted file authentication #2514
* dkim_sign: improved log messages #2499
* ehlo_hello_message: config/ehlo_hello_message can be used to overwrite the EHLO/HELO msg replacing `, Haraka is at your service` #2498
* connection: add connection.remote.is_local flag for detecting loopback and link local IPs
* add .name to outbound TLS for logs #2492
## 2.8.21 - Jul 20, 2018
### New Features
* outbound: skip STARTTLS after remote host fails TLS upgrade #2429
* dns_list_base: introduce global plugin.lookback_is_rejected flag #2422
### Fixes
* replace all _ chars in hostnames with code points #2485
* Don't die on invalid commands #2481
* outbound: check list exists before attempting to use it #2478
* refactor outbound/hmail.process_ehlo_data #2488
* tls: skip when redis is undefined #2472
* Don't run delivered hook on LMTP fail #2470
* Add tls_socket.load_tls_ini() to tls.register() #2465
### Changes
* outbound/tls: make into a class #2474
* plugins: clear timeout on cancel #2477
* txn.parse_body consistently a boolean #2476
* update ipaddr.js to version 1.8.0 #2468
## 2.8.20 - Jun 29, 2018
* New Features
* n/a
* Fixes
* data_headers: check defined-ness of hdr_address *after* try/catch #2458
* tls: remove tls.ini loading from plugins/tls #2459
* tls: remove invalid opt from load_tls_ini #2456
* outbound: escape values in HTML bounce correctly #2446
* dkim_sign: catch exceptions when address-rfc2822 fails to parse From #2457
* Changes
* logger: Add "obj" log param to log hook that contains log data by type #2425
* logger: include outbound client ID in logging #2425
* logger: allow specifying uuid in params when logging #2425
## 2.8.19 - Jun 26, 2018
* New features
* outbound: received_header=disabled supresses outbound Received header addition. #2409
* auth_base.js: `check_plain_passwd` and `check_cram_md5_passwd` can now pass `message` and `code` to callback routine
* spf: allow bypass for relay and AUTH clients #2417
* spf: optionally add OpenSPF help text to rejection #2417
* auth_base: prevent storing of AUTH password in connection.notes.auth_passwd by setting plugin.blackout_password. #2421
* Fixes
* Mitigate MIME part explosion attack #2447
* Always prefix ClamAV with a Received header #2407
* plugins/data.headers.js: wrap address-rfc2822 header parse into try block #2373
* tls_socket: as client, only apply TLS opts if config is valid #2414
* when installing, creates config/me if missing #2413
* queue/qmail-queue: fix a 2nd crash bug when client disconnects unexpectedly #2360
* remove desconstruction of SMTP commands to prevent exception #2398
* attstream: return self so that pipe() calls can be chained together. #2424
* outbound: fix dotfile cleanup to consider platform-based prefix. #2395
* outbound: fix handling of LMTP socket when a socket path is specified. #2376
* Changes
* relay: move relay acl check to connect_init so flag is set earlier #2442
* process\_title: add total recipients, avg rcpts/msg, recipients/sec cur/avg/max and messages/conn #2389
* when relaying is set in a transaction, don't persist beyond the transaction #2393
* connection.set supports dot delimited path syntax #2390
* remove deprecated (since 2.8.16) ./dsn.js
* Add transaction.msg_status property that reflects message status. #2427
* Add transaction.notes.proxy object that hold HAProxy details. #2427
* spamassassin: make relay header configurable. #2418
* deprecate max_unrecognized_commands plugin in favor of limit. #2402
* xclient: add support for DESTADDR/DESTPORT. #2396
## 2.8.18 - Mar 8, 2018
* New features
* smtp_forward: domain configuration is now chosen based on domain_selector #2346
* Fixes
* queue/qmail-queue: fix crash bug when client disconnects unexpectedly #2360
* tls: fix crash bug in `unrecognized_command` hook
* `dkim_key_gen.sh`: improve usability and parameter parsing #2355
* Changes
* document `force_shutdown_timeout` and `graceful_shutdown` settings #2350
## 2.8.17 - Feb 16, 2017
* New Features
* SMTPS port is configurable #2269
* smtp_forward: enable_outbound can be set per domain #2335
* Fixes
* Fix ability to set log level to emerg #2128
* outbound/hmail: use Buffer to correctly read binary file data + tests #2231
* quarantine: consolidate 2x hook_init_master functions
* tls_socket: restore SNI functionality, emit count of TLS certs #2293
* fix smtp_client error handling #2298
* fix outbound pools #2317
* add openssl-wrapper as dependency #2320
* replace _ chars in hostnames with code points #2324
* add this.removeAllListeners('connection-error') #2323
* Fix crashing on RSET #2328
* Prevent data headers crit fail #2329
* Fix undefined max_lines in log message #2337
* Changes
* line_socket: remove superfluous function #2339
* consistent end of function declaration semicolon #2336
* connection: assure hostname is set #2338
* smtp_client: Fix log message typo #2334
* Update ipaddr.js to version 1.6.0 #2333
* Warn on max_header_lines #2331
* update jquery version #2322
* plugins: add SRS plugin to registry #2318
* tls_socket: only generate dhparam.pem on master process #2313
* add ENOTFOUND to also check A record #2310
* smtp_forward: correct config file name in docs #2309
* reduce severity of iconv conversion failure #2307
* Add txn UUID to "250 Message Queued" #2305
* mailheader: reduce log level priority #2299
* greylist: only log redis DB errors when exist #2295
* data.headers: reduce undef MLM logerror to logdebug #2294
* quarantine: consolidate 2x hook_init_master() #2292
* move test_queue to queue/test #2291
* in haraka plugin test mode, add server.notes #2248
* outbound/hmail: refactor #2238
* outbound/hmail: add JSON sanity test before JSON.parse #2231
* outbound/index: use newer Buffer.from syntax #2231
* outbound/hmail: make haraka queue files human friendly #2231
* plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144
* plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144
* plugins/smtp_forward: enable_outbound can be enabled/disabled for specific domains
* auth_proxy: read TLS key and cert files from tls.ini #2212
* README: typo fixes #2210
* incorrect RCPT TO reply message #2227
* Resolve decoding bug when root part is base64 encoded. #2204
* Resolve base64 data truncation #2188
* Fix damaged encoding when body is non-utf #2187
* Fix disconnect hooks #2184
* ability to set log level to emerg #2128
* Improve docs for `Address` objects #2224
* connection: replace 3x ternaries with get_remote() #2169
* connection.local.host populated with hostname (from config/me) #2165
* connection.local.info populated with Haraka/version #2196
* npm packaged plugins:
* plugins/rcpt_to.ldap -> haraka-plugin-rcpt-ldap #2144
* plugins/auth/auth_ldap -> haraka-plugin-auth-ldap #2144
* plugins/graph -> haraka-plugin-graph #2185
* config: replace ./config.js with haraka-config #2119
* Replace concatenated strings with template literals (#2129) in:
* attachment #2260
* bin/spf #2129
* bin/dkimverify #2278
* connection #2129, #2243
* delay_deny #2264
* dkim #2216
* dsn #2265
* host_pool #2198, #2245
* logger #2277, #2246
* mailbody #2280
* max_unrecognised_commands #2171
* outbound/hmail #2259
* outbound/index #2249
* outbound/todo #2233
* plugins #2239
* plugins/aliases #2229
* plugins/attachment #2155
* plugins/auth_base #2252
* plugins/avg #2156
* plugins/backscatterer #2261
* plugins/bounce #2229
* plugins/clamd #2237
* plugins/connect.rdns_access #2262
* plugins/data.headers #2263
* plugins/data.uribl #2258
* plugins/helo.checks #2255
* plugins/rcpt_to.in_host_list #2253
* plugins/spamassassin #2256
* plugins/profile #2170
* plugins/rcpt_to.host_list_base #2254
* plugins/relay #2174
* plugins/relay_acl #2177
* plugins/spf #2266
* plugins/toobusy #2186
* plugins/xclient #2159
* rfc1869 #2159
* smtp_client #2129, #2208
* tests/host_pool #2159
* use es6 destructuring (#2075) in:
* connection #2230
* dkim #2232
* use es6 classes (#2133) in:
* attachment #2260
* attachment_stream #2215
* chunkemitter #2219
* dkim #2206
* dsn #2247
* host_pool #2194
* mailheader #2213
* mailbody #2213
* smtp_client #2221
* spf #2214
* tls_socket #2190
* timer_queue #2226
* outbound/hmail #2197
* outbound/todo #2233
* Automatically set connection.remote.is_private when connection.remote.ip is set #2192
* Add remove_msgid and remove_date options to outbound.send_email #2209
* Add origin option to outbound.send_mail #2314
## 2.8.16 - Sep 30, 2017
* Changes
* additional tests get var -> const/let medicine #2122
* move connection states into haraka-constants #2121
* lint: remove useless escapes #2117
* lint: switch no-var to error #2109
* rspamd: repackaged as NPM module #2106
* dsn: repackaged as NPM module haraka-dsn #2105
* outbound: add results when queueing #2103
* spamassassin: skip adding headers when value is empty #2102
* Replace console.log with stdout #2100
* update js-yaml to version 3.10.0 #2097
* repackage p0f plugin to NPM #2076
* ES6: replace var with const or let #2073
* New Features
* Bounces can have an HTML part #2091
* Fixes
* daemon cwd #2126
* updated fcrdns plugin name passed to results #2115
* tls: only apply default key/cert paths when undefined #2111
* dkim_verify: fix formatting of auth results #2107
* smtp_forward: consistently use queue.wants #2107
* haraka was adding TLS header on non-TLS connection #2103
* dkim typo fix #2101
* fix rfc2231 parsing code to cope with continuation #2089
## 2.8.15 - Sep 10, 2017
* Changes
* Permit log settings to be set w/o LOG prefix #2057
* additional results storing in smtp_forward and quarantine #2067
* publish p0f plugin to NPM #2076
* smtp_forward stores queue note at queue.wants #2083
* Remove unused folders from installation #2088
* smtp_forward stores queue note at queue.wants #2083
* add get/set to conn/txn.notes #2082
* additional results storing in smtp_forward and quarantine #2067
* Permit log settings to be set w/o LOG prefix #2057
* support INFO *and* LOGINFO as config settings #2056
* log.ini, new default location for log related settings #2054
* dcc: replace with npm packaged version #2052
* qmd: replace rcpt_to.qmail_deliverable with npm #2051
* rspamd: pass SPF evaluation #2050
* add logfmt support #2047
* update ipaddr.js to version 1.5.0 #2037
* update redis to version 2.8.0 #2033
* disable graceful for SIGTERM #2028
* add additional integration tests #2026
* move most npm packaged plugins into optionalDependencies #2023
* New Features
* TLS certificate directory (config/tls) #2032
* plugins can specify a queue plugin & next_hop route #2067
* connection/transaction notes now have get/set #2082
* Fixes
* haraka cli will now create folders if they don't exist #2088
* maybe fix for #1852 503 response #2064
* crash when 'AUTH LOGIN' is sent after a successful auth #2039
* docs: fixed swaks test command #2034
* dkim: prevent dkim_verify from causing 'cannot pipe' #1693
## 2.8.14 - Jul 26, 2017
* Changes
* Fix auth plugin failure when re-selecting auth method #2000
* don't crash Haraka when invalid YAML config encountered #2013
* update semver to version 5.4.0 #2015
* relay docs: correct the config file name #2012
* rename config/xclient.hosts to match plugin & docs #2014
* build_todo() is part of the outbound/index.js api #2016
* update js-yaml to version 3.9.0 #2002
* outbound/hmail: use WRITE_EXCL from haraka-constants #2011
* replace plugins/log.elasticsearch with npm packaged #2004
* Remove two spurious log statements #1989
* access: rebuild blacklist upon change (vs supplement) #1990
* deliver to qmail-queue with LF line endings (not CRLF) #1997
* doc: add note that smtp_forward only supports STARTTLS #1988
* import Plugins.md from v3 #1991
* update async to 2.5.0 #1982
* update iconv to 2.3.0 #1981
* require node.js v6+ #1958
* update ipaddr.js to 1.4.0 #1972
* support newer address-rfc2822 #1970
* update node-address-rfc2821 version to 1.1.1 #1968
* outbound: be consistent with todo.domain #1960
* bump haraka-results required version #1949
* logger: load in a setImmediate call #1948
* logger: strip intermediate \n chars #1947
* tls consistency cleanups #1851
* Get pool config handling simplifcation #1868
* add integration test: send message w/smtp_client
* replace some legacy code with es6 #1862
* update async to version 2.2.0 #1863
* update ipaddr.js to version 1.3.0 #1857
* update redis to version 2.7.0 #1854
* assure conn/tran still exists before storing results #1849
* moved tls.ini parsing to net_utils #1848
* smtp forward dest split routing #1847
* rspamd: refactor complex condition into function #1840
* block js attachments #1837
* helo.checks: bring plugin into alignment with docs #1833
* when proxy enabled, update remote.is_private too #1811
* create an outbound queue filename handler #1792
* replace fcrdns with npm package #1810
* add an additional node_modules plugin search path #1805
* Set graceful shutdown off by default #1927
* Allow outbound pools to be disabled #1917
* Outbound split and move into folder #1850
* don't emit binary characters into the logs #1902
* Add .editorconfig #1884
* tls: remove interim variables #1871
* New Features
* Use punycode domain (support SMTPUTF8) #1944
* Added RabbitMQ vhost support #1866
* clamav: allow "Unknown Result" and Socket Error to try next host #1931
* outbound client certificates #1908
* Implement the missing upgrade method on SMTPClient #1901
* Remove typo from relay.md #1886
* Fixes
* outbound: fix queue not loaded for single process #1941
* outbound: Fix undefined variable platformDOT in hmail.js #1943
* outbound: fix undefined FsyncWriteStream var #1953
* Fix cluster messaging for node v6+ #1938
* outbound: fix loading under cluster. #1934
* Check pool exists before delete #1937
* be more strict in attachment filename matching #1957
* doc typo fix #1963
* RabbitMQ: fix encoding of user and password string #1964
* spf: improve modifier regexp #1859
* rabbitmq doc typo in config file name #1865
* URL to manual was 404, point to Plugins.md #1844
* smtp_client: set idleTimeout to 1s < pool_timeout #1842
* fix broken continuations #1843
* doc error for the 'check.authenticated' setting in rspamd plugin #1834
* emit _the_ result, not all of them #1829
* fix outbound logger #1827
* fix forwarding with client auth over TLS (forward to gmail) #1803
* Don't blow the stack on qstat #1930
* run dumped logs through log plugins, not console #1929
* Fix path parsing bug on Windows platform #1919
* helo: make sure list_re is defined before access #1903
* TLS: handle case where OCSP server is unavailable #1880
* rspamd: add missing 'default' keyword #1856
* disable naïve comment stripping #1876
## 2.8.13 - Feb 03, 2017
* Changes
* new [haraka-plugin-limit](https://github.com/haraka/haraka-plugin-limit) #1785
* replaces plugin/limit, plugin/rate_limit, and haraka-plugin-outbound-rate-limit
* p0f: skip on private IPs (normally empty) #1758
* spf: skip for outbound when context != myself #1763
* redis: plugins using redis can inherit redis config #1777
* redis: replace plugins/redis with haraka-plugin-redis #1786
* lint: require space before function declaration #1784
* lint: added eslint:recommended #1790
* logger: remove logger.colorize code for legacy node versions
* New Features
* redis: add `redis_subscribe_pattern()` #1766
* queue/discard: add ENV that permits discarding #1791
* Improvements
* rspamd: improve response parsing #1770
* restore Windows testing to working state #1755
* elasticsearch: use UTC dates for index creation #1771
* tls: fix dhparam usage example syntax #1774
* typo: logerr -> logerror #1776
* when generating long DKIM keys, include a BIND compatible folded key #1775
* in haraka-test-fixtures, access results via fixtures.results #1783
* integration test: end to end server testing #1791
* Bug Fixes
* spf: restore functionality for relay context=myself #1759
* rate_limit:if incr creates a new record, assure it has a TTL #1781
* tls: do not create a top level secureContext #1787
* dnswl: swap lines to fix missing inherited methods #1793
* dnswl: fix config loader callback syntax #1794
* tests/plugins: unset process.env.HARAKA to avoid side effects that interfere with other tests
* remove auth_flat_file sample auth user #1796
## 2.8.12 - Jan 03, 2017
* Changes
* plugin/karma -> npm packaged haraka-plugin-karma #1747
* update generic-pool 2.4.2 -> 2.5.0
* New Features
* Added option to bypass SpamAssassin headers' merge #1745
* Improvements
* reduce severity of debug message #1744
* fix misleading entries in config/tls.ini #1734
* Misc. performance improvements #1738
* set tls.sessionIdContext property (for Thunderbird compat) #1740
* Bug Fixes
* Swap lines to avoid clobbering response array #1743
## 2.8.11 - Nov 24, 2016
* Changes
* rename core_require to haraka_require #1708
* move log.syslog to haraka-plugin-syslog #1698
* remove tls.ini loading and is_no_tls_host to net_utils #1690
* replace ./utils with npm packaged haraka-utils #1720
* require node 4
* karma: add .top TLD scoring #1714
* New Features
* Implement OCSP Stapling #1724
* Improvements
* show help for npm packaged plugins included in core #1698
* use tls.connect for client #1682
* bring port 465 SMTPS TLS config support on par with STARTTLS #1667
* use tls.connect instead of createSecurePair #1678
* redis: improve error handling in tests #
* replace / path seperators with path.\* for cross platform compat #1713
* Bug Fixes
* dkim_sign: per-domain key finding fixed #1707
* Rspamd: restore spam report header #1702
* auth/vpopmail: do not toString() when null #1695
* fix outbound to avoid recursive reading key/cert after refactoring #1692
* tls: fix option servername (not hostname) #1728
* correct Auth-Results cleaning #1726
* fix results for connection.remote_host and NXDOMAIN #1716
## 2.8.10 - Oct 20, 2016
* Changes
* use standard npm syntax for lint and tests #1646
* remove ./net_utils to haraka-net-utils #1644
* remove incorrect and unused spf.hello_host #1635
* remove rogue DENYSOFT copy-pasta error #1634
* update async to v2 #1545
* remove plugin/dir support from base haraka #1668
* use node_modules_dir support instead
* use TLSSocket instead of createSecurePair #1672
* refactor plugins/tls #1670
* moved watch plugin to npm as haraka-plugin-watch #1657
* normalize proxy properties #1650
* New Features
* added connection.remote.is_private boolean #1648
* added additional TLS options (@typingArtist) #1651
* added wildcard boolean support to config loader #1680
* tls: allow multiple key and cert parameters for RSA+ECDSA #1663
* permit specifying haraka plugins w/o haraka-plugin- prefix #1645
* in config/plugins and resultstore
* Improvements
* connection.geoip replaced by haraka-plugin-geoip #1645
* connection.asn replaced by haraka-plugin-asn #1645
* permit specifying npm packaged plugins w/o haraka-plugin prefix #1647
* normalized connection properties #1547, #1577
* Rspamd: fix spambar for negative scores #1630
* set connection.remote.is_private early
* replace calls to net_utils with remote.is_private test
* Bug Fixes
* Tidy-up graceful shutdown and fix for non-cluster mode #1639
* Fix data.headers plugin crash #1641
* Fix access plugin crash #1640
* Minor DKIM fix #1642
* do not set TLS timer if timeout=0 #1632
* do not overwrite config/host_list on install #1637
* correct smtp_forward cfg for multiple rcpts #1680
* fix TLS timeout errors #1665
## 2.8.9 - Oct 02, 2016
* Changes
* New Features
* Support outbound.pool_timeout of 0 to effectively disable pooling. #1561
* Added never_add_headers option to rspamd plugin. #1562
* rcpt_to.routes URI format w/ LMTP support #1568
* Improvements
* The delay_deny plugin now has a whitelist mode (vs blacklist). #1564
* Don't show the private key in logs for dkim_sign. #1565
* update geoip for compat with newer ES (#1622)
* drop node 0.10 testing / official support (#1621)
* watch plugin displays UUIDs as URL (#1624)
* Catch errors on header decode in rfc2231 #1599
* Attachment plugin updates (#1606)
* add outbound.ini pool_timeout example setting #1584
* Bug Fixes
* Fixed some small documentation issues. #1573, #1616, #1612
* Fixed AUTH PLAIN when it spreads over two lines. #1550
* Fixed dkim_verify calling next() too soon. #1566
* Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572
* outbound issues #1615, #1603
* Fixed adding/removing headers in rspamd plugin. #1562
* Fixed process_title not shutting down. #1560
* fix a spurious error emitted by p0f (#1623)
* fix header version hiding (#1617)
* messagestream returns destination (#1610)
* plugins.getdenyfn now passed 3rd params arg (#1591)
* Fix scope of spf logdebug (#1598)
* fix rabbitmq deliveryMode bug (#1594)
* fix dkim_sign TypeError with null mail_from.host (#1592)
* fix dkim_sign attempting to lower an undefined (#1587)
## 2.8.8 - Jul 20, 2016
* Changes
* removed UPGRADE.doc to [wiki](https://github.com/haraka/Haraka/wiki/Upgrade-Haraka)
* Improvements
* support + wildcard in aliases plugin #1531
* Support dkim_sign with outbound.send_email() #1512
* spf: always check remote IP, then public IP if != pass #1528
* spf: diplay IP used for SPF eval #1528
* Bug Fixes
* handle missing wss section in http.ini #1542
* fix leak on socket write error #1541
* add results property to outbound transaction #1535
* don't unref unref'd wss server #1521
## 2.8.7 - Jun 18, 2016
* Changes
* Fix geoip test
* Improvements
* Allow alias plugin to explode to a list of aliases
* Support IPv6 literals in HELO tests (#1507 thanks @gramakri)
* Make ldap plugin use the modified address if a rcpt hook
changes it (#1501 thanks @darkpixel)
* Bug Fixes
* Fix loading plugins as npm modules (#1513)
* More DKIM fixes (#1506 thanks @zllovesuki)
* Fix the long failing host-pool-timer test (#1508)
* Fix clean shutdown of redis with new shutdown code
(#1504 and #1502 thanks @darkpixel)
* More fixes to clean shutdown (#1503)
## 2.8.6 - Jun 06, 2016
* Bug Fixes
* Fix loading under Node v4 which sends a blank message
* Fix quit (SIGINT) when running without nodes=
## 2.8.5 - Jun 04, 2016
* Changes
* The connection object is now passed to `get_plain_passwd`. Older
modules should continue to work as-is.
* The reseed_rng plugin now just uses the Crypto module from core.
Though it seems this plugin should be irrelevant with newer versions
of node.js
* New Features
* Outbound mail now uses pooled connections, only sending a `QUIT`
message if the connection has been idle for a while.
* Improvements
* Shut down and reload (via `haraka -c <path> --graceful`) is now
graceful - allowing current connections to finish and plugins
to clean up before ending.
* Bug Fixes
* Bind maxmind version to ignore API change (#1492)
* Fix encodings when banners are used (#1477)
* Various DKIM fixes (#1495)
## 2.8.4 - May 24, 2016
* Bug Fixes
* Fix plugin loading override when installed (#1471)
## 2.8.3 - May 18, 2016
* Bug Fixes
* Fix config overriding for core modules (#1468)
## 2.8.2 - May 17, 2016
* Changes
* Added Node v6 to travis tests
* New Features
* Added bin/haraka --qunstick <domain> to flush all mails
for that domain (#1460)
* Improvements
* Make bin/haraka --qlist show much more information (#1452)
* Allow CIDR ranges in no_tls_hosts (#1450)
* Bug Fixes
* 2.8.0 was shipped with a broken config/plugins. (#1453)
* Stop haraka dying when ldap connections fail (#1456)
* Pick up domain specific config correctly in ldap (#1456)
## 2.8.0 - May 06, 2016
* Changes
* updated dependency versions (#1426, #1425)
* use utf8 encoding for body filters (#1429)
* remove spameatingmonkey from tests (#1421)
* replace ./constants.js with haraka-constants (#1353)
* Document HMail and TODO items (#1343)
* Copy only a minimal config/\* by default (#1341).
* cfreader/\* removed to haraka/haraka-config (#1350)
* outbound and smtp_client honor tls.ini settings (#1350)
* outbound TLS defaults to enabled
* lint: remove all unused variables (#1358)
* replace ./address.js with address-rfc2181 (#1359)
* New Features
* smtp_forward: accepts a list of backend hosts, thanks @kgeoss (#1333)
* config: add array[] syntax to INI files (#1345)
* plugins.js: support require('./config') in plugins
* Load plugin config from own folder and merge (#1335)
* Allow original email's Subject to be included in bounce message (#1337)
* new queue/smtp_bridge plugin, thanks @jesucarr (#1351)
* Improvements
* early_talker: supports IP whitelisting (#1423)
* loading plugins as packages (#1278)
* removed TLD stuff to haraka/haraka-tld (#1301)
* removed unused 'require('redis') in plugins/karma (#1348)
* improved MIME header support per rfc2231 (#1344)
* tls options can be defined for outbound and smtp\_\* (#1357)
* explicitly disable SSLv2 (#1395)
* cache STUN results
* xclient plugin improvements (#1405)
* tls: Set verify=NO correctly when no certificate presented (#1400)
* improved message header decoding (#1403, #1406)
* bounce: skip single_recipient check for relays/private_ips (#1385)
* rspamd docs: Clarify usage of check.private_ip (#1383)
* if rcpt_to returns DSN in msg, log it properly (#1375)
* Bug Fixes
* fix out-of-range errors from banner insertion (#1334)
* dkim_verify: Call next only after message_stream ended (#1330)
* outbound: remove type check from pid match (#1322)
* lint: enable no-shadown and remove all shadow variables (#1349)
* spf: fix log_debug syntax (#1416)
* auto_proxy: fix a starttls loop (#1392)
* fcrdns: corrected err variable name (#1391)
* rspamd: Fix undefined variable (#1396)
* dkim_verify: Fix header handling (#1371)
* smtp_client: fix remote_ip (#1362)
## 2.7.3 - Feb 04, 2016
* Changes
* smtp_proxy & qmail-queue: default to enabled for outbound deliveries
(previously used Outbound), to better matches user expectations.
* New Features
* outbound: allow passing notes to send_email (#1295)
* Improvements
* logging: emit log message queue before shutting down (#1296)
* result_store: permit redis pub/sub to work when host != localhost (#1277)
* tests: quiet the extremely verbose messages (#1282)
* rspamd: add timeout error handling (#1276)
* watch: fix display of early_talker results (#1281)
* spamassassin: publish results to result_store (#1280)
* karma: can now connect to redis on hosts other than localhost (#1275)
* geoip & p0f: don't log empty/null values from RFC 1918 connects (#1267)
* redis: make plugin params match docs (#1273)
* mailbody: small refactoring (#1315)
* smtp_proxy & qmail-queue: default to enabled for outbound (#1308)
* Bug Fixes
* redis: use correct path for db.select (#1273)
* count errors correctly (#1274)
* logger: ignore null arguments (#1299)
* connection: pause for hook_reset_transaction (#1303)
* rcpt_to.routes: update redis usage for compat with redis plugin (#1302)
* smtp_forward: use correct config path to auth settings (#1327)
* messagestream: correctly pass options parameter to get_data (#1316)
* spf: honour configuration for mfrom scope (#1322)
* outbound: Add missing dash to 'Final-Recipient' header name (#1320)
## 2.7.2 - Dec 15, 2015
* Bug Fixes
* Revert a change that broke plugin loading
## 2.7.1 - Dec 14, 2015
* New Features
* added debian init.d file (#1255) @slattery
* Improvements
* smtp_forward auth settings now work (#430)
* better handling of broken messages (#1234)
* Docker: use latest Phusion image && stdout (#1238, #1239)
* Clean up plugin loading a tiny bit (#1242)
* make dkim keydir case insensitive (1251)
* ignore DNS errors that aren't errors (#1247)
* outbound doc updates (#1258) @Currerius
* outbound: return DENYSOFT on queue error (#1264)
* smtp_client: if enable_tls is set and TLS files missing, warn (#1266)
* Bug Fixes
* Don't sent empty headers to rspamd (#1230)
* Fix auth_base.js key need to be a string - number.toString() (#1228)
* fix bug with empty charset= on mime parts … (#1225)
* Fix "passwd" check crash with numeric password. (#1254)
* result_store: show arrays when not empty (#1261)
## 2.7.0 - Oct 07, 2015
* New Features
* SPF bounce check
* rspamd plugin (@fatalbanana)
* watch plugin
* limit plugin (connection concurrency, errors, unrecognized commands)
* plugins can now be npm packages (see also #946)
* built-in HTTP server (Express backed)
* ESETS AV plugin
* DCC plugin (incomplete)
* Add LOGIN support to XCLIENT
* backscatterer plugin
* full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus)
* Early talker #1075 (@smfreegard, @msimerson)
* permit loading of plugins in node_modules #1056 (@msimerson)
* Improvements
* Fix anti_spoof by use config #1171
* Add license clause #1170
* package.json dependencies and travis update #1147, #1168 (@Dexus)
* logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus)
* aliases: support for email, user and host aliases #1149 (@Dexus)
* add docs for use private key with TLS #1130 (@Dexus)
* outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus)
* plugin/attachment: block more attachment file types #1191 (@Dexus)
* remove double functions #1126 (@Dexus)
* Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz)
* toobusy: only run checks if toobusy.js installed and loads
* HAProxy: set local_ip, local_port and remote_port
* save auth pass/fail/user to result_store
* ini files no longer require values (useful for storing lists)
* connection: add MAIL and RCPT to results
* results_store: enable 'emit' feature for .push()
* add support for custom Outbound Received header value (@zombified)
* save smtp_forward result to result_store
* auth_base: permit a return message (@DarkSorrow)
* add DSN.create() and RFC 4954 support
* enhanced pipelining support
* added config/access.domains with some tips (@EyePulp)
* Add SSL detection over plain-text socket
* earlytalker: store results
* bounce: make it safe to check non_local_msgid
* AVG: store results, added defer options
* tls: change createCredentials to tls.createSecureContext (@DarkSorrow)
* update dependency versions (esp async 0.2.9 -> 1.0.0)
* ASN docs: add FTP download note for routeviews
* karma: removed concurrency limits (see limit plugin) and penalty feature
* added utils.elapsed()
* deny message includes hostname
* Add Fisher-Yates shuffle to randomize lookup order in data.uribl
* change default message size limit to 25mb
* auth_base: save auth results
* upgrade toobusy plugin to toobusy-js (@alexkavon)
* configfile: permit / char in ini keys
* added utils.node_min()
* added result_store.get_all()
* updated ubuntu upstart script
* plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185
* Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz)
* make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty)
* Net_utils.get_ips_by_host #1160 (@msimerson)
* fcrdns: don't log error for ENODATA #1140 (@msimerson)
* improve MUA detection #1137 (@msimerson)
* tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson)
* karma: skip deny on outbound hooks #1100 (@msimerson)
* Store HAProxy IP in connection object #1097 (@smfreegard)
* Remove UUID from queued message #1092 (@smfreegard)
* Bug Fixes
* fix windows build and test failures #1076 (@msimerson)
* Fix plugin ordering #1081 (@smfreegard)
* Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard)
* uribl: prevent calling next() more than 1x #1138 (@msimerson)
* Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty)
* Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz)
* TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard)
* Fix port to number instead of string for HAProxy #1108 (@DarkSorrow)
* Plugin dcc: fixed syntax error #1164 (@hatsebutz)
* config: fix flat files if \r\n lines #1187 (@Dexus)
* corrected hook_rcpt log code hook_rcpt_ok returns CONT
* fix crash bug when loglevel = LOGDEBUG
* corrected pathname in rcpt.ldap plugin (@abhas)
* added helo.checks boolean for proto_mismatch
* make rate_limit redis keys always expire @celesteking
* dkim_sign: Buffer.concat expects an array of buffers
* transaction: check discard_data before adding line end (@DarkSorrow)
* fix 8-bit msg not displayed properly in gmail
* fcrdns: always init results
* TLS timer on error
* dkim_verify: fixed timeout issue
* smtp\_[proxy|forward]: correct authentication example
* Fork child workers after init_master hook
* connection: return 450/550 for plugin DENY\* (was 452/552)
* spamassassin: don't call next() when transaction gone
* outbound: fix crash when sending bounce mail
* auth_base: fix bad protocol in auth_base.js #1121 (@Dexus)
* outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus)
* connection: Fix bug when client disconnect after sending data #1193
* Fix connect.geoip bug #1144 (@smfreegard)
* Fix tiny bug in messagesniffer #1198 (@smfreegard)
## 2.6.1 - Mar 27, 2015
* added sedation timers for config file re-reading
* Add AUTH support to outbound
* tests/spf: quiet excessive DEBUG noise
* allow domains with underscore
* correct name of domains config file in access
* Fix SMTP AUTH in smtp_forward/proxy and add docs
* Fix opts not being passed to HMailItem \_bounce function
* log.syslog will try strong-fork-syslog (for node 0.12 compat)
* improvements to Plugin docs
* rename net_utils.is_rfc1918 -> is_private_ip
* IPv6 compat
* test coverage
* add IPv6 unique local fc00::/7
* pre-populated config/plugins
* added utils.extend, copies props onto objects
## 2.6.0 - Feb 21, 2015
* other bug fixes
* updated a few tests so test suite passes on Windows
* log.syslog: handle failure to load node-syslog
* plugin directory is $ENV definable (@martin1yness)
* logging timestamps were static, fixed by @cloudbuy
* queue/rabbitmq_amqplib, new plugin for RabbitMQ using amqplib (@esevece)
* outbound:
* plugins can set the outbound IP (during get_mx)
* only replace line endings if not \r\n
* bannering fixes
* added support for per recipient routes
* tls: don't register hooks upless certs exist
* removed contrib/geolite-mirror-simple.pl (replaced by
docs update pointing to maxmind-geolite-mirror)
* rcpt.routes: new plugin by @msimerson
* make haproxy IPv6 compatible
* record_envelope_addresses: new plugin by @deburau
* prevent_credential_leaks: new plugin by @smfreegard
* config:
* configfile: added .yaml support
* improved config file 'watch' logic
* Allow hyphens in params in config files (@abhas)
* cached requests include options in cache key name
* asn: updates for node 0.11 compat
* dnsbl: use aysync.each vs forEach (avoid race condition)
* spamassassin: improved config loading and test coverage
* geoip: deprecate geoip-lite in favor of maxmind, IPv6 compatible
* disable SSLv3 (due to POODLE)
* dkim & spf, updates for node 0.11 compatibiilty
* karma: move neighbor scoring from code to karma.ini
* move excludes list to karma.ini
* apply awards before adding message header & permit rejection at queue
* karma.ini: score updates for access & uribl plugins
* score denials issued by skipped plugins
* add scores for specific DNSBLs
* add transaction body filters (@chazomaticus)
* change bannering to use them
* helo.checks: fix timeout bug
* match_re now validates and pre-compiles all REs
* Add new proto_mismatch check
* p0f: add register(), load config once, early
* server: improved config handling
* data.headers: add Delivered-To check
* rcpt_to.ldap: new plugin by @abhas
* smtp_client: only load tls_* when cfg.enable_tls
* added plugins/host_list_base
* Platform independent temp dir (thanks @martinvd)
* move deprecated docs into docs/deprecated
* Switch to Phusion baseimage instead of stock Ubuntu (thanks @Synchro)
* dkim_verify: new plugin by @smfreegard
* many new tests
* improved URI parser (for URIBL plugin)
* Allow mixed case STARTTLS command
* Install Node via package manager (Mohd Rozi)
* Fix a couple crit errors (@Illirgway)
* Add noisy/bulk out-of-band rule support to MessaageSniffer plugin
* initial support for rabbitmq plugin (@samuelharden)
* bounce, added non_local_msgid checks and much faster lookups
* vpopmail: fail faster during a CRAM-MD5 auth attempt with an invalid user
* fcrdns: handle a null hostname
* Improve HAProxy support code and documentation
* tls: reworked for efficiency and linear style
* access: test hostname validity before PSL lookup
* load lists into objects (vs arrays), for much faster runtime access
* host_list: huge performance increase, esp for many hosts
## 2.5.0 - May 24, 2014
* added automated build testing via Travis-CI.org
* fixed dkim_sign crash issue #560
* geoip can discover external IP via net_utils.get_public_ip
* geoip: skip private IPs
* qmd: when relaying, validate MAIL FROM against QMD, add per-domain
configurations, added reject option, added tests and bug fixes.
* net_utils: added is_ipv4_literal, is_public_suffix, get_public_ip, added
tests, shed some CamelCase.
* asn: looksup up ASN of connection, uses 3 providers, tests providers, saves
results, optionally adds headers. Includes tests.
* access: new plugin that merges rdns_access, mail_from.access, and
rcpt_to.access.
* fcrdns: new plugin (Forward Confirmed Reverse DNS)
* bounce: new plugin (merges
* data.headers: new plugin added direct_to_mx, check & reject settings, added MLM detection,
tests.
* helo.checks: refactored, better config handling, new tests (match_rdns,
mismatch, results), reject option.
* results_store: store processing results in data structures (vs notes)
* spf: refactored, added outbound checks when relaying, added 15 tests,
* dnsbl: return errors as Error objects, reduce list to unique zones, added
tests, added search=multi option, handle ENOTFOUND error, added reject=false option.
* dns_list_base: bug fixes (race condition, returning invalid results)
* bounce: refactored, each check has enable and reject switches, added tests,
added bad_bounce_to
* clamav: add virus name to results, better config parsing, typo fixes
* uribl:
* mf_resolvable:
* tls: add link to wiki article on TLS setup
* relay_acl: fix issue #428, refactored, don't crash when relay_dest_domains.ini
missing, added tests
* fix mx mechanism when no records are returned
* vpopmaild: added per-domain feature
* karma: added whitelist award, pass through temp (DENYSOFT) errors, made
tarpit variable, configurable reject hooks, doc rewrite, ASN awards, fix penalty days calculation, new DSL for karma awards,
* bannering fixes
* added log\* stubs to test/fixtures/[plugin|connection]
* tests/fixtures/stub_plugin: set name property
* config: corrected handling of config.arg gets, fix caching bug, fix boolean
handling, added missing 'type' handling.
* Adding the option of using CIDR ranges in the haproxy_hosts file
* tarpit: added config option hooks_to_delay, added docs
* contrib/haraka.bsd.rc: startup file for \*BSD
* Store attachment headers on stream
* Record accepted domains at hook_rcpt and improve queue/lmtp
* return after next() in the whitelist checks
* Add new -o option to bin/haraka
## 2.4.0 - Feb 12, 2014
* Trim whitespace when reading "list" type config files (such as config/plugins)
* Added LMTP via queue/lmtp plugin
* Fixed bug in outbound when temp failing some of the recipients that would prevent delivery working to those recipients for future delivery attempts
* Add additional details/parameters to delivered hook for outbound mail
* Removed the hmail.bounce_extra object as that information now stored with the rcpt_to list
* Store the RCPT TO rejection reason on the address object
## 2.3.0 - Feb 07, 2014
* Fix memory leak when watching config files for changes
* Support for badly formatted MAIL FROM/RCPT TO lines
* Fix a memory corruption when fixing line endings
* Fix breakpoints in plugins when using node inspector
* Reload config in relay_force_routing without restart
* Don't re-attempt TLS upgrade if upgraded already and STARTTLS is re-advertised
* Improved outbound logging
* Pass failed recipients to bounce hook in outbound processing
* Added startup checks to ensure Haraka has been installed correctly
* Handle case of Haraka server running out of disk space better
* In mail_from.is_resolvable: move re_bogus_ip into config
* Added auth/auth_vpopmaild plugin - SMTP AUTH against a vpopmaild server
* Fixed graph plugin to work with sqlite3
* Added rcpt_to.qmail_deliverable plugin - Authenticate inbound RCPT TOs against Qmail::Deliverable daemon
* Added data.headers plugin which merges header checks into one place.
Deprecates data.noreceived, data.rfc5322_header_checks, and data.nomsgid.
* Added documentation for logging system
* Added DKIM per-domain signing support
* Added p0f plugin
* In relay_acl, if host is allowed by acl, don't deny the recipient because the domain isn't in the allow list
* Add Authentication-Results header (RFC 5451) to all emails
* Fixed writing the todo file in outbound for newer Node versions
* Added Karma plugin to support penalizing consistently evil senders
* Added GeoIP plugin including distance calculation from your mail server
* Added bounce plugin for handling incoming bounce messages in various ways
* Fix underscores in documentation so web version doesn't look so weird
* By default prevent SMTP AUTH unless on a private IP or using TLS WARNING: May break some uses of Haraka, but is worth it for security
* In lookup_rdns.strict, check whitelist before looking up IP
* Big rewrite of the SpamAssassin plugin for simplicity and mainly to pass through X-Spam-* headers provided
* Added delay_deny plugin allowing more flexibility on when to reject mail
* Improvements to ini file parsing allowing floats and negative integers, and specifying boolean keys
* Fix issue causing a CRIT/crash with lost transaction/connection while sending inbound to ongoing SMTP server
* Allow setting of spamd_user for spamassassin plugin
## 2.0.0 - Nov 28, 2012
* Various fixes to SMTP AUTH code, including providing SMTP AUTH to inbound
mail forwarders.
* Updates to process_title plugin to show more details
* Changed transaction.data_lines to a Stream (this will break all code which
uses transaction.data_lines currently - see the migration guide)
* Changed attachments to be a Stream (this will break some code which uses
transaction.attachment_hooks - see the migration guide)
* Capture and log signals sent to Haraka
* Various performance improvements
* Fixed a memory leak in connection pool
* Improvements to TLS compatibility
* RFC compliance improvements with greeting, EHLO/HELO, QUIT, and dot stuffing
* Throw exception with set_banner as it is now non-functional. Will be returned in a future version.
* Small fixes to data.uribl
## 1.4.0 -
[3.0.0]: https://github.com/haraka/Haraka/releases/tag/3.0.0
[3.0.1]: https://github.com/haraka/Haraka/releases/tag/3.0.1
[3.0.2]: https://github.com/haraka/Haraka/releases/tag/3.0.2