diff --git a/.gitignore b/.gitignore
index 6725802..e27edc8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
SOURCES/pflogsumm-1.1.5.tar.gz
-SOURCES/postfix-3.3.1.tar.gz
+SOURCES/postfix-3.5.8.tar.gz
diff --git a/.postfix.metadata b/.postfix.metadata
index 0735629..32c6f41 100644
--- a/.postfix.metadata
+++ b/.postfix.metadata
@@ -1,2 +1,2 @@
d18daa19d725e64c2b7e6c8da458b2d563272645 SOURCES/pflogsumm-1.1.5.tar.gz
-1b56e682298abf947be4921a5c0d50ba8012eee1 SOURCES/postfix-3.3.1.tar.gz
+1dfb10729498be5d387dc730117c2a845dd93ac0 SOURCES/postfix-3.5.8.tar.gz
diff --git a/SOURCES/README-RedHat.txt b/SOURCES/README-RedHat.txt
new file mode 100644
index 0000000..713eaf6
--- /dev/null
+++ b/SOURCES/README-RedHat.txt
@@ -0,0 +1,65 @@
+This Postfix build behaves differently from the upstream postfix-3.5.8.
+It's because in RHEL-8 backward compatibility is kept to postfix-3.3.1.
+
+For the upstream postfix-3.5.8 behavior either run the following commands:
+
+# postconf info_log_address_format=external
+# postconf smtpd_discard_ehlo_keywords=
+# postconf rhel_ipv6_normalize=yes
+
+Or go through the following steps:
+
+1. Change the configuration option 'info_log_address_format' to 'external'.
+In RHEL-8 it's by default set to 'internal' to mitigate [Incompat 20191109].
+
+2. Change the configuration option 'smtpd_discard_ehlo_keywords' to ''.
+In RHEL-8 it's by default set to 'chunking' to mitigate [Incompat 20180826].
+
+3. Add RHEL-8 specific configuration option 'rhel_ipv6_normalize' and set it
+to 'yes'. In RHEL-8 this option was added to mitigate [Incompat 20190427].
+
+Details from the upstream RELEASE_NOTES:
+
+[Incompat 20191109]
+Postfix daemon processes now log the from= and
+to= addresses in external (quoted) form in non-debug logging (info,
+warning, etc.). This means that when an address localpart contains
+spaces or other special characters, the localpart will be quoted,
+for example:
+
+ from=<"name with spaces"@example.com>
+
+Older Postfix versions would log the internal (unquoted) form:
+
+ from=
OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix -+this can be disabled, if need be, via "!TLSv1.3".
- -At the dane and - dane-only security -@@ -11405,6 +11411,9 @@ - disabled. The latest patch levels of Postfix ≥ 2.6, and all - versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or - "TLSv1.2".
-+ -+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix -+this can be disabled, if need be, via "!TLSv1.3".
- -Example:
- -@@ -12561,6 +12573,9 @@ - and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all - versions of Postfix ≥ 2.10 can explicitly disable support for - "TLSv1.1" or "TLSv1.2" -+ -+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix -+this can be disabled, if need be, via "!TLSv1.3".
- -To include a protocol list its name, to exclude it, prefix the name - with a "!" character. To exclude SSLv2 for opportunistic TLS set -@@ -12593,6 +12609,9 @@ - and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all - versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or - "TLSv1.2".
-+ -+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix -+this can be disabled, if need be, via "!TLSv1.3".
- - To include a protocol list its name, to exclude it, prefix the name
- with a "!" character. To exclude SSLv2 for opportunistic TLS set
---- postfix-3.3.1/src/tls/tls.h
-+++ postfix-3.3.2/src/tls/tls.h
-@@ -372,10 +415,15 @@
- #define SSL_OP_NO_TLSv1_2 0L /* Noop */
- #endif
-
--#ifdef SSL_TXT_TLSV1_3
-+ /*
-+ * OpenSSL 1.1.1 does not define a TXT macro for TLS 1.3, so we roll our
-+ * own.
-+ */
-+#define TLS_PROTOCOL_TXT_TLSV1_3 "TLSv1.3"
-+
-+#if defined(TLS1_3_VERSION) && defined(SSL_OP_NO_TLSv1_3)
- #define TLS_PROTOCOL_TLSv1_3 (1<<5) /* TLSv1_3 */
- #else
--#define SSL_TXT_TLSV1_3 "TLSv1.3"
- #define TLS_PROTOCOL_TLSv1_3 0 /* Unknown */
- #undef SSL_OP_NO_TLSv1_3
- #define SSL_OP_NO_TLSv1_3 0L /* Noop */
-@@ -383,7 +431,7 @@
-
- #define TLS_KNOWN_PROTOCOLS \
- ( TLS_PROTOCOL_SSLv2 | TLS_PROTOCOL_SSLv3 | TLS_PROTOCOL_TLSv1 \
-- | TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 )
-+ | TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3 )
- #define TLS_SSL_OP_PROTOMASK(m) \
- ((((m) & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L) \
- | (((m) & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L) \
---- postfix-3.3.1/src/tls/tls_misc.c
-+++ postfix-3.3.2/src/tls/tls_misc.c
-@@ -279,7 +306,7 @@
- SSL_TXT_TLSV1, TLS_PROTOCOL_TLSv1,
- SSL_TXT_TLSV1_1, TLS_PROTOCOL_TLSv1_1,
- SSL_TXT_TLSV1_2, TLS_PROTOCOL_TLSv1_2,
-- SSL_TXT_TLSV1_3, TLS_PROTOCOL_TLSv1_3,
-+ TLS_PROTOCOL_TXT_TLSV1_3, TLS_PROTOCOL_TLSv1_3,
- 0, TLS_PROTOCOL_INVALID,
- };
-
diff --git a/SOURCES/postfix-3.1.0-alternatives.patch b/SOURCES/postfix-3.3.3-alternatives.patch
similarity index 92%
rename from SOURCES/postfix-3.1.0-alternatives.patch
rename to SOURCES/postfix-3.3.3-alternatives.patch
index ff4e6c7..2c3ba18 100644
--- a/SOURCES/postfix-3.1.0-alternatives.patch
+++ b/SOURCES/postfix-3.3.3-alternatives.patch
@@ -1,8 +1,8 @@
diff --git a/conf/post-install b/conf/post-install
-index 904cefa..5f1039b 100644
+index 25ef7e6..4fd6434 100644
--- a/conf/post-install
+++ b/conf/post-install
-@@ -532,6 +532,17 @@ test -n "$create" && {
+@@ -537,6 +537,17 @@ test -n "$create" && {
case $path in
no|no/*) continue;;
esac
diff --git a/SOURCES/postfix-3.1.0-files.patch b/SOURCES/postfix-3.4.0-files.patch
similarity index 90%
rename from SOURCES/postfix-3.1.0-files.patch
rename to SOURCES/postfix-3.4.0-files.patch
index 273dbbd..ad73553 100644
--- a/SOURCES/postfix-3.1.0-files.patch
+++ b/SOURCES/postfix-3.4.0-files.patch
@@ -1,5 +1,5 @@
diff --git a/conf/postfix-files b/conf/postfix-files
-index a433f4f..3ecdb5b 100644
+index 4ed9d1f..19711d2 100644
--- a/conf/postfix-files
+++ b/conf/postfix-files
@@ -83,7 +83,6 @@ $shlib_directory/${LIB_PREFIX}sqlite${LIB_SUFFIX}:f:root:-:755
@@ -10,7 +10,7 @@ index a433f4f..3ecdb5b 100644
$meta_directory/master.cf.proto:f:root:-:644
$meta_directory/postfix-files.d:d:root:-:755
$meta_directory/postfix-files:f:root:-:644
-@@ -140,18 +139,13 @@ $command_directory/postqueue:f:root:$setgid_group:2755:u
+@@ -141,18 +140,13 @@ $command_directory/postqueue:f:root:$setgid_group:2755:u
$sendmail_path:f:root:-:755
$newaliases_path:l:$sendmail_path
$mailq_path:l:$sendmail_path
@@ -29,7 +29,7 @@ index a433f4f..3ecdb5b 100644
$config_directory/main.cf:f:root:-:644:p
$config_directory/master.cf:f:root:-:644:p
$config_directory/pcre_table:f:root:-:644:o
-@@ -164,8 +158,8 @@ $config_directory/postfix-script:f:root:-:755:o
+@@ -165,8 +159,8 @@ $config_directory/postfix-script:f:root:-:755:o
$config_directory/postfix-script-sgid:f:root:-:755:o
$config_directory/postfix-script-nosgid:f:root:-:755:o
$config_directory/post-install:f:root:-:755:o
@@ -40,7 +40,7 @@ index a433f4f..3ecdb5b 100644
$manpage_directory/man1/postalias.1:f:root:-:644
$manpage_directory/man1/postcat.1:f:root:-:644
$manpage_directory/man1/postconf.1:f:root:-:644
-@@ -179,9 +173,9 @@ $manpage_directory/man1/postmap.1:f:root:-:644
+@@ -180,9 +174,9 @@ $manpage_directory/man1/postmap.1:f:root:-:644
$manpage_directory/man1/postmulti.1:f:root:-:644
$manpage_directory/man1/postqueue.1:f:root:-:644
$manpage_directory/man1/postsuper.1:f:root:-:644
@@ -52,7 +52,7 @@ index a433f4f..3ecdb5b 100644
$manpage_directory/man5/body_checks.5:f:root:-:644
$manpage_directory/man5/bounce.5:f:root:-:644
$manpage_directory/man5/canonical.5:f:root:-:644
-@@ -228,7 +222,7 @@ $manpage_directory/man8/qmqpd.8:f:root:-:644
+@@ -230,7 +224,7 @@ $manpage_directory/man8/qmqpd.8:f:root:-:644
$manpage_directory/man8/scache.8:f:root:-:644
$manpage_directory/man8/showq.8:f:root:-:644
$manpage_directory/man8/smtp.8:f:root:-:644
diff --git a/SOURCES/postfix-3.2.0-large-fs.patch b/SOURCES/postfix-3.4.0-large-fs.patch
similarity index 92%
rename from SOURCES/postfix-3.2.0-large-fs.patch
rename to SOURCES/postfix-3.4.0-large-fs.patch
index 227d1b7..fbc55f1 100644
--- a/SOURCES/postfix-3.2.0-large-fs.patch
+++ b/SOURCES/postfix-3.4.0-large-fs.patch
@@ -21,10 +21,10 @@ index 50a4aa7..beef3db 100644
if (msg_verbose)
msg_info("%s: %s: block size %lu, blocks free %lu",
diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h
-index 3f570c4..611d9cd 100644
+index a8d2571..ad07498 100644
--- a/src/util/sys_defs.h
+++ b/src/util/sys_defs.h
-@@ -768,8 +768,8 @@ extern int initgroups(const char *, int);
+@@ -769,8 +769,8 @@ extern int initgroups(const char *, int);
#define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0)
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin"
#define FIONREAD_IN_TERMIOS_H
diff --git a/SOURCES/postfix-3.4.4-chroot-example-fix.patch b/SOURCES/postfix-3.4.4-chroot-example-fix.patch
new file mode 100644
index 0000000..5870b4c
--- /dev/null
+++ b/SOURCES/postfix-3.4.4-chroot-example-fix.patch
@@ -0,0 +1,35 @@
+--- a/examples/chroot-setup/LINUX2 2006-01-01 15:53:58.000000000 -0800
++++ b/examples/chroot-setup/LINUX2 2016-11-27 00:45:52.145301784 -0800
+@@ -45,14 +45,14 @@
+ # 20060101 /lib64 support by Keith Owens.
+ #
+
+-CP="cp -p"
++CP="cp -p -Z"
+
+ cond_copy() {
+ # find files as per pattern in $1
+ # if any, copy to directory $2
+ dir=`dirname "$1"`
+ pat=`basename "$1"`
+- lr=`find "$dir" -maxdepth 1 -name "$pat"`
++ lr=`find "$dir/" -maxdepth 1 -name "$pat"`
+ if test ! -d "$2" ; then exit 1 ; fi
+ if test "x$lr" != "x" ; then $CP $1 "$2" ; fi
+ }
+@@ -63,8 +63,8 @@
+ POSTFIX_DIR=${POSTFIX_DIR-/var/spool/postfix}
+ cd ${POSTFIX_DIR}
+
+-mkdir -p etc lib usr/lib/zoneinfo
+-test -d /lib64 && mkdir -p lib64
++mkdir -p -Z etc lib usr/lib/zoneinfo
++test -d /lib64 && mkdir -p -Z lib64
+
+ # find localtime (SuSE 5.3 does not have /etc/localtime)
+ lt=/etc/localtime
+@@ -88,4 +88,3 @@
+ cond_copy '/lib64/libdb.so*' lib64
+ fi
+
+-postfix reload
diff --git a/SOURCES/postfix-3.2.0-config.patch b/SOURCES/postfix-3.5.0-config.patch
similarity index 94%
rename from SOURCES/postfix-3.2.0-config.patch
rename to SOURCES/postfix-3.5.0-config.patch
index fd62120..da42263 100644
--- a/SOURCES/postfix-3.2.0-config.patch
+++ b/SOURCES/postfix-3.5.0-config.patch
@@ -1,5 +1,5 @@
diff --git a/conf/main.cf b/conf/main.cf
-index 7af8bde..fbe5c62 100644
+index 7af8bde..495e346 100644
--- a/conf/main.cf
+++ b/conf/main.cf
@@ -132,6 +132,10 @@ mail_owner = postfix
@@ -123,15 +123,15 @@ index 7af8bde..fbe5c62 100644
+#
+smtp_tls_security_level = may
diff --git a/conf/master.cf b/conf/master.cf
-index b67ed59..a9633ba 100644
+index c0f2508..05c5d07 100644
--- a/conf/master.cf
+++ b/conf/master.cf
-@@ -96,14 +96,14 @@ scache unix - - n - 1 scache
+@@ -98,14 +98,14 @@ postlog unix-dgram n - n - 1 postlogd
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
--# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
-+# user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
+-# flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
++# flags=DRX user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
diff --git a/SOURCES/postfix-3.5.8-back-compat-3.3.1.patch b/SOURCES/postfix-3.5.8-back-compat-3.3.1.patch
new file mode 100644
index 0000000..c444912
--- /dev/null
+++ b/SOURCES/postfix-3.5.8-back-compat-3.3.1.patch
@@ -0,0 +1,158 @@
+diff --git a/src/global/mail_params.c b/src/global/mail_params.c
+index 91c70f7..483613c 100644
+--- a/src/global/mail_params.c
++++ b/src/global/mail_params.c
+@@ -379,6 +379,8 @@ int warn_compat_break_smtputf8_enable;
+ int warn_compat_break_chroot;
+ int warn_compat_break_relay_restrictions;
+
++bool var_rhel_ipv6_normalize;
++
+ /* check_myhostname - lookup hostname and validate */
+
+ static const char *check_myhostname(void)
+@@ -825,6 +827,7 @@ void mail_params_init()
+ VAR_LONG_QUEUE_IDS, DEF_LONG_QUEUE_IDS, &var_long_queue_ids,
+ VAR_STRICT_SMTPUTF8, DEF_STRICT_SMTPUTF8, &var_strict_smtputf8,
+ VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt,
++ VAR_RHEL_IPV6_NORMALIZE, DEF_RHEL_IPV6_NORMALIZE, &var_rhel_ipv6_normalize,
+ 0,
+ };
+ const char *cp;
+diff --git a/src/global/mail_params.h b/src/global/mail_params.h
+index e4358ca..74459d9 100644
+--- a/src/global/mail_params.h
++++ b/src/global/mail_params.h
+@@ -3153,7 +3153,7 @@ extern char *var_local_rwr_clients;
+ * EHLO keyword filter.
+ */
+ #define VAR_SMTPD_EHLO_DIS_WORDS "smtpd_discard_ehlo_keywords"
+-#define DEF_SMTPD_EHLO_DIS_WORDS ""
++#define DEF_SMTPD_EHLO_DIS_WORDS "chunking"
+ extern char *var_smtpd_ehlo_dis_words;
+
+ #define VAR_SMTPD_EHLO_DIS_MAPS "smtpd_discard_ehlo_keyword_address_maps"
+@@ -4199,9 +4199,13 @@ extern int var_postlogd_watchdog;
+ #define INFO_LOG_ADDR_FORM_NAME_INTERNAL "internal"
+
+ #define VAR_INFO_LOG_ADDR_FORM "info_log_address_format"
+-#define DEF_INFO_LOG_ADDR_FORM INFO_LOG_ADDR_FORM_NAME_EXTERNAL
++#define DEF_INFO_LOG_ADDR_FORM INFO_LOG_ADDR_FORM_NAME_INTERNAL
+ extern char *var_info_log_addr_form;
+
++#define VAR_RHEL_IPV6_NORMALIZE "rhel_ipv6_normalize"
++#define DEF_RHEL_IPV6_NORMALIZE 0
++extern bool var_rhel_ipv6_normalize;
++
+ /* LICENSE
+ /* .ad
+ /* .fi
+diff --git a/src/smtpd/smtpd.c b/src/smtpd/smtpd.c
+index da7227f..53e640e 100644
+--- a/src/smtpd/smtpd.c
++++ b/src/smtpd/smtpd.c
+@@ -4334,6 +4334,7 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
+ SMTPD_TOKEN *argp;
+ char *raw_value;
+ char *attr_value;
++ const char *bare_value;
+ char *attr_name;
+ int update_namaddr = 0;
+ int name_status;
+@@ -4481,15 +4482,31 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
+ UPDATE_STR(state->addr, attr_value);
+ UPDATE_STR(state->rfc_addr, attr_value);
+ } else {
+- neuter(attr_value, NEUTER_CHARACTERS, '?');
+- if (normalize_mailhost_addr(attr_value, &state->rfc_addr,
++ if (var_rhel_ipv6_normalize) {
++ neuter(attr_value, NEUTER_CHARACTERS, '?');
++ }
++ if ((var_rhel_ipv6_normalize &&
++ normalize_mailhost_addr(attr_value, &state->rfc_addr,
+ &state->addr,
+- &state->addr_family) < 0) {
++ &state->addr_family) < 0) ||
++ (!var_rhel_ipv6_normalize &&
++ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
+ XCLIENT_ADDR, attr_value);
+ return (-1);
+ }
++ if (!var_rhel_ipv6_normalize) {
++ UPDATE_STR(state->addr, bare_value);
++ UPDATE_STR(state->rfc_addr, attr_value);
++#ifdef HAS_IPV6
++ if (strncasecmp(attr_value, INET_PROTO_NAME_IPV6 ":",
++ sizeof(INET_PROTO_NAME_IPV6 ":") - 1) == 0)
++ state->addr_family = AF_INET6;
++ else
++#endif
++ state->addr_family = AF_INET;
++ }
+ }
+ update_namaddr = 1;
+ }
+@@ -4569,17 +4586,25 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
+ attr_value = SERVER_ADDR_UNKNOWN;
+ UPDATE_STR(state->dest_addr, attr_value);
+ } else {
++ if (var_rhel_ipv6_normalize) {
+ #define NO_NORM_RFC_ADDR ((char **) 0)
+ #define NO_NORM_ADDR_FAMILY ((int *) 0)
+- neuter(attr_value, NEUTER_CHARACTERS, '?');
+- if (normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
++ neuter(attr_value, NEUTER_CHARACTERS, '?');
++ }
++ if ((var_rhel_ipv6_normalize &&
++ normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
+ &state->dest_addr,
+- NO_NORM_ADDR_FAMILY) < 0) {
++ NO_NORM_ADDR_FAMILY) < 0) ||
++ (!var_rhel_ipv6_normalize &&
++ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
+ XCLIENT_DESTADDR, attr_value);
+ return (-1);
+ }
++ if (!var_rhel_ipv6_normalize) {
++ UPDATE_STR(state->dest_addr, bare_value);
++ }
+ }
+ /* XXX Require same address family as client address. */
+ }
+@@ -4690,6 +4715,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
+ SMTPD_TOKEN *argp;
+ char *raw_value;
+ char *attr_value;
++ const char *bare_value;
+ char *attr_name;
+ int updated = 0;
+ static const NAME_CODE xforward_flags[] = {
+@@ -4808,15 +4834,22 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
+ UPDATE_STR(state->xforward.addr, attr_value);
+ } else {
+ neuter(attr_value, NEUTER_CHARACTERS, '?');
+- if (normalize_mailhost_addr(attr_value,
++ if ((var_rhel_ipv6_normalize &&
++ normalize_mailhost_addr(attr_value,
+ &state->xforward.rfc_addr,
+ &state->xforward.addr,
+- NO_NORM_ADDR_FAMILY) < 0) {
++ NO_NORM_ADDR_FAMILY) < 0) ||
++ (!var_rhel_ipv6_normalize &&
++ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
+ XFORWARD_ADDR, attr_value);
+ return (-1);
+ }
++ if (!var_rhel_ipv6_normalize) {
++ UPDATE_STR(state->xforward.addr, bare_value);
++ UPDATE_STR(state->xforward.rfc_addr, attr_value);
++ }
+ }
+ break;
+
diff --git a/SPECS/postfix.spec b/SPECS/postfix.spec
index 8c91f14..5dc9c82 100644
--- a/SPECS/postfix.spec
+++ b/SPECS/postfix.spec
@@ -6,6 +6,7 @@
%bcond_without sqlite
%bcond_without cdb
%bcond_without ldap
+%bcond_without lmdb
%bcond_without pcre
%bcond_without sasl
%bcond_without tls
@@ -47,13 +48,13 @@
Name: postfix
Summary: Postfix Mail Transport Agent
-Version: 3.3.1
-Release: 12%{?dist}.1
+Version: 3.5.8
+Release: 1%{?dist}
Epoch: 2
Group: System Environment/Daemons
URL: http://www.postfix.org
License: (IBM and GPLv2+) or (EPL-2.0 and GPLv2+)
-Requires(post): systemd
+Requires(post): systemd hostname
Requires(post): %{_sbindir}/alternatives
Requires(post): %{_bindir}/openssl
Requires(post): %{_bindir}/hostname
@@ -63,7 +64,7 @@ Requires(preun): %{_sbindir}/alternatives
Requires(preun): systemd
Requires(postun): systemd
# Required by /usr/libexec/postfix/postfix-script
-Requires: diffutils
+Requires: diffutils, findutils
Provides: MTA smtpd smtpdaemon server(smtp)
Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz
@@ -71,6 +72,7 @@ Source2: postfix.service
Source3: README-Postfix-SASL-RedHat.txt
Source4: postfix.aliasesdb
Source5: postfix-chroot-update
+Source6: README-RedHat.txt
# Sources 50-99 are upstream [patch] contributions
@@ -86,17 +88,15 @@ Source101: postfix-pam.conf
# Patches
-Patch1: postfix-3.2.0-config.patch
-Patch2: postfix-3.1.0-files.patch
-Patch3: postfix-3.1.0-alternatives.patch
-Patch4: postfix-3.2.0-large-fs.patch
-Patch5: postfix-3.3.1-posttls-finger-unix-fix.patch
+Patch1: postfix-3.5.0-config.patch
+Patch2: postfix-3.4.0-files.patch
+Patch3: postfix-3.3.3-alternatives.patch
+Patch4: postfix-3.4.0-large-fs.patch
Patch9: pflogsumm-1.1.5-datecalc.patch
# rhbz#1384871, sent upstream
Patch10: pflogsumm-1.1.5-ipv6-warnings-fix.patch
-# rhbz#1723950, included upstream
-Patch11: postfix-3.3.1-ref-search-fix.patch
-Patch12: postfix-3.3.1-tlsv13.patch
+Patch11: postfix-3.4.4-chroot-example-fix.patch
+Patch12: postfix-3.5.8-back-compat-3.3.1.patch
# Optional patches - set the appropriate environment variables to include
# them when building the package/spec file
@@ -105,9 +105,10 @@ Patch12: postfix-3.3.1-tlsv13.patch
# Determine the different packages required for building postfix
BuildRequires: libdb-devel, perl-generators, pkgconfig, zlib-devel
BuildRequires: systemd-units, libicu-devel, libnsl2-devel
-BuildRequires: gcc, m4
+BuildRequires: gcc, m4, findutils
%{?with_ldap:BuildRequires: openldap-devel}
+%{?with_lmdb:BuildRequires: lmdb-devel}
%{?with_sasl:BuildRequires: cyrus-sasl-devel}
%{?with_pcre:BuildRequires: pcre-devel}
%{?with_mysql:BuildRequires: mariadb-connector-c-devel}
@@ -190,6 +191,16 @@ This provides support for LDAP maps in Postfix. If you plan to use LDAP
maps with Postfix, you need this.
%endif
+%if %{with lmdb}
+%package lmdb
+Summary: Postfix LDMB map support
+Requires: %{name} = %{epoch}:%{version}-%{release}
+
+%description lmdb
+This provides support for LMDB maps in Postfix. If you plan to use LMDB
+maps with Postfix, you need this.
+%endif
+
%if %{with pcre}
%package pcre
Summary: Postfix PCRE map support
@@ -207,7 +218,6 @@ maps with Postfix, you need this.
%patch2 -p1 -b .files
%patch3 -p1 -b .alternatives
%patch4 -p1 -b .large-fs
-%patch5 -p1 -b .posttls-finger-unix-fix
# Change DEF_SHLIB_DIR according to build host
sed -i \
@@ -221,8 +231,10 @@ pushd pflogsumm-%{pflogsumm_ver}
%patch10 -p1 -b .ipv6-warnings-fix
popd
%endif
-%patch11 -p1 -b .ref-search-fix
-%patch12 -p1 -b .tlsv13
+%patch11 -p1 -b .chroot-example-fix
+# Improve backward compatibility with postfix-3.3.1,
+# for details see rhbz#1688389
+%patch12 -p1 -b .back-compat-3.3.1
for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do
iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
@@ -230,8 +242,8 @@ for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do
done
%build
-unset AUXLIBS AUXLIBS_LDAP AUXLIBS_PCRE AUXLIBS_MYSQL AUXLIBS_PGSQL AUXLIBS_SQLITE AUXLIBS_CDB
-CCARGS="-fPIC"
+unset AUXLIBS AUXLIBS_LDAP AUXLIBS_LMDB AUXLIBS_PCRE AUXLIBS_MYSQL AUXLIBS_PGSQL AUXLIBS_SQLITE AUXLIBS_CDB
+CCARGS="-fPIC -fcommon"
AUXLIBS="-lnsl"
%ifarch s390 s390x ppc
@@ -242,6 +254,10 @@ CCARGS="${CCARGS} -fsigned-char"
CCARGS="${CCARGS} -DHAS_LDAP -DLDAP_DEPRECATED=1 %{?with_sasl:-DUSE_LDAP_SASL}"
AUXLIBS_LDAP="-lldap -llber"
%endif
+%if %{with lmdb}
+ CCARGS="${CCARGS} -DHAS_LMDB"
+ AUXLIBS_LMDB="-llmdb"
+%endif
%if %{with pcre}
# -I option required for pcre 3.4 (and later?)
CCARGS="${CCARGS} -DHAS_PCRE -I%{_includedir}/pcre"
@@ -292,19 +308,17 @@ LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-Wl,-z,relro,-z,now}"
# way how to get them in
make -f Makefile.init makefiles shared=yes dynamicmaps=yes \
%{?_hardened_build:pie=yes} CCARGS="${CCARGS}" AUXLIBS="${AUXLIBS}" \
- AUXLIBS_LDAP="${AUXLIBS_LDAP}" AUXLIBS_PCRE="${AUXLIBS_PCRE}" \
- AUXLIBS_MYSQL="${AUXLIBS_MYSQL}" AUXLIBS_PGSQL="${AUXLIBS_PGSQL}" \
- AUXLIBS_SQLITE="${AUXLIBS_SQLITE}" AUXLIBS_CDB="${AUXLIBS_CDB}"\
+ AUXLIBS_LDAP="${AUXLIBS_LDAP}" AUXLIBS_LMDB="${AUXLIBS_LMDB}" \
+ AUXLIBS_PCRE="${AUXLIBS_PCRE}" AUXLIBS_MYSQL="${AUXLIBS_MYSQL}" \
+ AUXLIBS_PGSQL="${AUXLIBS_PGSQL}" AUXLIBS_SQLITE="${AUXLIBS_SQLITE}" \
+ AUXLIBS_CDB="${AUXLIBS_CDB}" \
DEBUG="" SHLIB_RPATH="-Wl,-rpath,%{postfix_shlib_dir} $LDFLAGS" \
OPT="$RPM_OPT_FLAGS -fno-strict-aliasing -Wno-comment" \
POSTFIX_INSTALL_OPTS=-keep-build-mtime
-make %{?_smp_mflags}
+%make_build
%install
-rm -rf $RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT
-
# install postfix into $RPM_BUILD_ROOT
# Move stuff around so we don't conflict with sendmail
@@ -344,8 +358,8 @@ for i in active bounce corrupt defer deferred flush incoming private saved maild
mkdir -p $RPM_BUILD_ROOT%{postfix_queue_dir}/$i
done
-# install performance benchmark tools by hand
-for i in smtp-sink smtp-source ; do
+# install performance benchmark and test tools by hand
+for i in smtp-sink smtp-source posttls-finger ; do
install -c -m 755 bin/$i $RPM_BUILD_ROOT%{postfix_command_dir}/
install -c -m 755 man/man1/$i.1 $RPM_BUILD_ROOT%{_mandir}/man1/
done
@@ -367,7 +381,7 @@ install -m 644 %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/smtp.postfix
# prepare documentation
mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}
-cp -p %{SOURCE3} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir}
+cp -p %{SOURCE3} %{SOURCE6} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir}
mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}/examples{,/chroot-setup}
cp -pr examples/{qmail-local,smtpd-policy} $RPM_BUILD_ROOT%{postfix_doc_dir}/examples
@@ -422,7 +436,7 @@ function split_file
# split global dynamic maps configuration to individual sub-packages
pushd $RPM_BUILD_ROOT%{postfix_config_dir}
for map in %{?with_mysql:mysql} %{?with_pgsql:pgsql} %{?with_sqlite:sqlite} \
-%{?with_cdb:cdb} %{?with_ldap:ldap} %{?with_pcre:pcre}; do
+%{?with_cdb:cdb} %{?with_ldap:ldap} %{?with_lmdb:lmdb} %{?with_pcre:pcre}; do
rm -f dynamicmaps.cf.d/"$map" "postfix-files.d/$map"
split_file "^\s*$map\b" "$map" dynamicmaps.cf
sed -i "s|postfix-$map\\.so|%{postfix_shlib_dir}/\\0|" "dynamicmaps.cf.d/$map"
@@ -557,6 +571,8 @@ exit 0
%exclude %{postfix_doc_dir}/README_FILES/CDB_README
%exclude %{_mandir}/man5/ldap_table.5*
%exclude %{postfix_doc_dir}/README_FILES/LDAP_README
+%exclude %{_mandir}/man5/lmdb_table.5*
+%exclude %{postfix_doc_dir}/README_FILES/LMDB_README
%exclude %{_mandir}/man5/pcre_table.5*
%exclude %{postfix_doc_dir}/README_FILES/PCRE_README
@@ -597,6 +613,7 @@ exit 0
%attr(0755, root, root) %{postfix_command_dir}/smtp-sink
%attr(0755, root, root) %{postfix_command_dir}/smtp-source
+%attr(0755, root, root) %{postfix_command_dir}/posttls-finger
%attr(0755, root, root) %{postfix_command_dir}/postalias
%attr(0755, root, root) %{postfix_command_dir}/postcat
@@ -633,6 +650,7 @@ exit 0
%attr(0755, root, root) %{postfix_daemon_dir}/postfix-wrapper
%attr(0755, root, root) %{postfix_daemon_dir}/postmulti-script
%attr(0755, root, root) %{postfix_daemon_dir}/postscreen
+%attr(0755, root, root) %{postfix_daemon_dir}/postlogd
%attr(0755, root, root) %{postfix_daemon_dir}/proxymap
%attr(0755, root, root) %{postfix_shlib_dir}/libpostfix-*.so
%{_bindir}/mailq.postfix
@@ -711,6 +729,15 @@ exit 0
%attr(0644, root, root) %{postfix_doc_dir}/README_FILES/LDAP_README
%endif
+%if %{with lmdb}
+%files lmdb
+%attr(0644, root, root) %{postfix_config_dir}/dynamicmaps.cf.d/lmdb
+%attr(0644, root, root) %{postfix_config_dir}/postfix-files.d/lmdb
+%attr(0755, root, root) %{postfix_shlib_dir}/postfix-lmdb.so
+%attr(0644, root, root) %{_mandir}/man5/lmdb_table.5*
+%attr(0644, root, root) %{postfix_doc_dir}/README_FILES/LMDB_README
+%endif
+
%if %{with pcre}
%files pcre
%attr(0644, root, root) %{postfix_config_dir}/dynamicmaps.cf.d/pcre
@@ -721,9 +748,9 @@ exit 0
%endif
%changelog
-* Tue Jan 26 2021 Jan Zerdik