All Versions
38
Latest Version
Avg Release Cycle
73 days
Latest Release
202 days ago

Changelog History
Page 4

  • v2.7.0 Changes

    October 07, 2015
    • ๐Ÿ†• New Features

      • SPF bounce check
      • rspamd plugin (@fatalbanana)
      • watch plugin
      • limit plugin (connection concurrency, errors, unrecognized commands)
      • plugins can now be npm packages (see also #946)
      • built-in HTTP server (Express backed)
      • ESETS AV plugin
      • DCC plugin (incomplete)
      • Add LOGIN support to XCLIENT
      • backscatterer plugin
      • full IPv4 & IPv6 compatibility inbound #1120, #1123, #1154 (@Dexus)
      • Early talker #1075 (@smfreegard, @msimerson)
      • permit loading of plugins in node_modules #1056 (@msimerson)
    • ๐Ÿ‘Œ Improvements

      • Fix anti_spoof by use config #1171
      • Add license clause #1170
      • package.json dependencies and travis update #1147, #1168 (@Dexus)
      • logging: remove node-syslog and strong-fork-syslog with modern-syslog #1145 (@Dexus)
      • aliases: support for email, user and host aliases #1149 (@Dexus)
      • add docs for use private key with TLS #1130 (@Dexus)
      • outbound: ENOENT on dotfile - compatibility for windows #1129 (@Dexus)
      • plugin/attachment: block more attachment file types #1191 (@Dexus)
      • remove double functions #1126 (@Dexus)
      • Outbound Bounce messages according to RFC3464 #1189 (@hatsebutz)
      • toobusy: only run checks if toobusy.js installed and loads
      • HAProxy: set local_ip, local_port and remote_port
      • save auth pass/fail/user to result_store
      • ini files no longer require values (useful for storing lists)
      • connection: add MAIL and RCPT to results
      • results_store: enable 'emit' feature for .push()
      • add support for custom Outbound Received header value (@zombified)
      • save smtp_forward result to result_store
      • auth_base: permit a return message (@DarkSorrow)
      • add DSN.create() and RFC 4954 support
      • enhanced pipelining support
      • added config/access.domains with some tips (@EyePulp)
      • Add SSL detection over plain-text socket
      • earlytalker: store results
      • bounce: make it safe to check non_local_msgid
      • AVG: store results, added defer options
      • tls: change createCredentials to tls.createSecureContext (@DarkSorrow)
      • update dependency versions (esp async 0.2.9 -> 1.0.0)
      • ASN docs: add FTP download note for routeviews
      • karma: removed concurrency limits (see limit plugin) and penalty feature
      • added utils.elapsed()
      • deny message includes hostname
      • Add Fisher-Yates shuffle to randomize lookup order in data.uribl
      • change default message size limit to 25mb
      • auth_base: save auth results
      • upgrade toobusy plugin to toobusy-js (@alexkavon)
      • configfile: permit / char in ini keys
      • added utils.node_min()
      • added result_store.get_all()
      • updated ubuntu upstart script
      • plugin/rate_limit: return in no custom default is set 0 = unlimited #1186, #1185
      • Outbound.send_email: added dot-stuffing #1176, #1165 (@hatsebutz)
      • make sure server object is availabe to plugins loaded from node_modules #1162 (@bmonty)
      • Net_utils.get_ips_by_host #1160 (@msimerson)
      • fcrdns: don't log error for ENODATA #1140 (@msimerson)
      • improve MUA detection #1137 (@msimerson)
      • tls: tmp disable for hosts that fail STARTTLS #1136 (@msimerson)
      • karma: skip deny on outbound hooks #1100 (@msimerson)
      • Store HAProxy IP in connection object #1097 (@smfreegard)
      • Remove UUID from queued message #1092 (@smfreegard)
    • ๐Ÿ› Bug Fixes

      • fix windows build and test failures #1076 (@msimerson)
      • Fix plugin ordering #1081 (@smfreegard)
      • Fix distance reporting to X-Haraka-GeoIP for geoip-lite #1086 (@smfreegard)
      • uribl: prevent calling next() more than 1x #1138 (@msimerson)
      • Fix so constants are imported when plugin is loaded from node_modules. #1133 (@bmonty)
      • Include STMP-code in bounce-reason string for upstream 5XX responses #1117 (@hatsebutz)
      • TLS fixes: add timed_out flag and karma should not run deny hook on it. #1109 (@smfreegard)
      • Fix port to number instead of string for HAProxy #1108 (@DarkSorrow)
      • Plugin dcc: fixed syntax error #1164 (@hatsebutz)
      • config: fix flat files if \r\n lines #1187 (@Dexus)
      • corrected hook_rcpt log code hook_rcpt_ok returns CONT
      • fix crash bug when loglevel = LOGDEBUG
      • corrected pathname in rcpt.ldap plugin (@abhas)
      • added helo.checks boolean for proto_mismatch
      • make rate_limit redis keys always expire @celesteking
      • dkim_sign: Buffer.concat expects an array of buffers
      • transaction: check discard_data before adding line end (@DarkSorrow)
      • fix 8-bit msg not displayed properly in gmail
      • fcrdns: always init results
      • TLS timer on error
      • dkim_verify: fixed timeout issue
      • smtp_[proxy|forward]: correct authentication example
      • Fork child workers after init_master hook
      • connection: return 450/550 for plugin DENY* (was 452/552)
      • spamassassin: don't call next() when transaction gone
      • outbound: fix crash when sending bounce mail
      • auth_base: fix bad protocol in auth_base.js #1121 (@Dexus)
      • outbound: Fix HELO/rDNS issue while using multiple outbound ip #1128 (@Dexus)
      • connection: Fix bug when client disconnect after sending data #1193
      • Fix connect.geoip bug #1144 (@smfreegard)
      • Fix tiny bug in messagesniffer #1198 (@smfreegard)
  • v2.6.1 Changes

    March 27, 2015
    • โž• added sedation timers for config file re-reading
    • โž• Add AUTH support to outbound
    • โœ… tests/spf: quiet excessive DEBUG noise
    • ๐Ÿ‘ allow domains with underscore
    • correct name of domains config file in access
    • ๐Ÿ›  Fix SMTP AUTH in smtp_forward/proxy and add docs
    • ๐Ÿ›  Fix opts not being passed to HMailItem _bounce function
    • ๐ŸŒฒ log.syslog will try strong-fork-syslog (for node 0.12 compat)
    • ๐Ÿ‘Œ improvements to Plugin docs
    • rename net_utils.is_rfc1918 -> is_private_ip
      • IPv6 compat
      • test coverage
      • add IPv6 unique local fc00::/7
    • ๐Ÿ”Œ pre-populated config/plugins
    • โž• added utils.extend, copies props onto objects
  • v2.6.0 Changes

    February 21, 2015
    • ๐Ÿ›  other bug fixes
    • โšก๏ธ updated a few tests so test suite passes on Windows
    • ๐ŸŒฒ log.syslog: handle failure to load node-syslog
    • ๐Ÿ”Œ plugin directory is $ENV definable (@martin1yness)
    • ๐Ÿ›  logging timestamps were static, fixed by @cloudbuy
    • ๐Ÿ”Œ queue/rabbitmq_amqplib, new plugin for RabbitMQ using amqplib (@esevece)
    • outbound:
      • plugins can set the outbound IP (during get_mx)
      • only replace line endings if not \r\n
      • bannering fixes
      • added support for per recipient routes
    • tls: don't register hooks upless certs exist
    • โœ‚ removed contrib/geolite-mirror-simple.pl (replaced by docs update pointing to maxmind-geolite-mirror)
    • ๐Ÿ”Œ rcpt.routes: new plugin by @msimerson
    • ๐Ÿ‘‰ make haproxy IPv6 compatible
    • record_envelope_addresses: new plugin by @deburau
    • prevent_credential_leaks: new plugin by @smfreegard
    • config:
      • configfile: added .yaml support
      • improved config file 'watch' logic
      • Allow hyphens in params in config files (@abhas)
      • cached requests include options in cache key name
    • โšก๏ธ asn: updates for node 0.11 compat
    • dnsbl: use aysync.each vs forEach (avoid race condition)
    • โœ… spamassassin: improved config loading and test coverage
    • ๐Ÿ—„ geoip: deprecate geoip-lite in favor of maxmind, IPv6 compatible
    • disable SSLv3 (due to POODLE)
    • โšก๏ธ dkim & spf, updates for node 0.11 compatibiilty
    • ๐Ÿšš karma: move neighbor scoring from code to karma.ini
      • move excludes list to karma.ini
      • apply awards before adding message header & permit rejection at queue
      • karma.ini: score updates for access & uribl plugins
      • score denials issued by skipped plugins
      • add scores for specific DNSBLs
    • โž• add transaction body filters (@chazomaticus)
      • change bannering to use them
    • โฑ helo.checks: fix timeout bug
      • match_re now validates and pre-compiles all REs
      • Add new proto_mismatch check
    • p0f: add register(), load config once, early
    • server: improved config handling
    • data.headers: add Delivered-To check
    • ๐Ÿ”Œ rcpt_to.ldap: new plugin by @abhas
    • smtp_client: only load tls_* when cfg.enable_tls
    • added plugins/host_list_base
    • Platform independent temp dir (thanks @martinvd)
    • ๐Ÿšš move deprecated docs into docs/deprecated
    • ๐Ÿ”€ Switch to Phusion baseimage instead of stock Ubuntu (thanks @Synchro)
    • ๐Ÿ”Œ dkim_verify: new plugin by @smfreegard
    • โœ… many new tests
    • ๐Ÿ‘Œ improved URI parser (for URIBL plugin)
    • ๐Ÿ‘ Allow mixed case STARTTLS command
    • ๐Ÿ“ฆ Install Node via package manager (Mohd Rozi)
    • ๐Ÿ›  Fix a couple crit errors (@Illirgway)
    • โž• Add noisy/bulk out-of-band rule support to MessaageSniffer plugin
    • ๐ŸŽ‰ initial support for rabbitmq plugin (@samuelharden)
    • bounce, added non_local_msgid checks and much faster lookups
    • vpopmail: fail faster during a CRAM-MD5 auth attempt with an invalid user
    • fcrdns: handle a null hostname
    • ๐Ÿ‘Œ Improve HAProxy support code and documentation
    • ๐Ÿ’… tls: reworked for efficiency and linear style
    • โœ… access: test hostname validity before PSL lookup
      • load lists into objects (vs arrays), for much faster runtime access
    • ๐ŸŽ host_list: huge performance increase, esp for many hosts
  • v2.5.0 Changes

    May 24, 2014
    • โž• added automated build testing via Travis-CI.org
    • ๐Ÿ›  fixed dkim_sign crash issue #560
    • geoip can discover external IP via net_utils.get_public_ip
    • geoip: skip private IPs
    • qmd: when relaying, validate MAIL FROM against QMD, add per-domain configurations, added reject option, added tests and bug fixes.
    • net_utils: added is_ipv4_literal, is_public_suffix, get_public_ip, added tests, shed some CamelCase.
    • โœ… asn: looksup up ASN of connection, uses 3 providers, tests providers, saves results, optionally adds headers. Includes tests.
    • access: new plugin that merges rdns_access, mail_from.access, and rcpt_to.access.
    • ๐Ÿ”Œ fcrdns: new plugin (Forward Confirmed Reverse DNS)
    • ๐Ÿ”€ bounce: new plugin (merges
    • data.headers: new plugin added direct_to_mx, check & reject settings, added MLM detection, tests.
    • โ™ป๏ธ helo.checks: refactored, better config handling, new tests (match_rdns, mismatch, results), reject option.
    • results_store: store processing results in data structures (vs notes)
    • โ™ป๏ธ spf: refactored, added outbound checks when relaying, added 15 tests,
    • dnsbl: return errors as Error objects, reduce list to unique zones, added tests, added search=multi option, handle ENOTFOUND error, added reject=false option.
    • dns_list_base: bug fixes (race condition, returning invalid results)
    • โ™ป๏ธ bounce: refactored, each check has enable and reject switches, added tests, added bad_bounce_to
    • ๐Ÿ“œ clamav: add virus name to results, better config parsing, typo fixes
    • uribl:
    • mf_resolvable:
    • tls: add link to wiki article on TLS setup
    • โ™ป๏ธ relay_acl: fix issue #428, refactored, don't crash when relay_dest_domains.ini missing, added tests
    • ๐Ÿ›  fix mx mechanism when no records are returned
    • vpopmaild: added per-domain feature
    • karma: added whitelist award, pass through temp (DENYSOFT) errors, made tarpit variable, configurable reject hooks, doc rewrite, ASN awards, fix penalty days calculation, new DSL for karma awards,
    • ๐Ÿ›  bannering fixes
    • โž• added log* stubs to test/fixtures/[plugin|connection]
    • โœ… tests/fixtures/stub_plugin: set name property
    • config: corrected handling of config.arg gets, fix caching bug, fix boolean handling, added missing 'type' handling.
    • โž• Adding the option of using CIDR ranges in the haproxy_hosts file
    • tarpit: added config option hooks_to_delay, added docs
    • contrib/haraka.bsd.rc: startup file for *BSD
    • Store attachment headers on stream
    • Record accepted domains at hook_rcpt and improve queue/lmtp
    • return after next() in the whitelist checks
    • โž• Add new -o option to bin/haraka
  • v2.4.0 Changes

    February 12, 2014
    • ๐Ÿ”Œ Trim whitespace when reading "list" type config files (such as config/plugins)
    • โž• Added LMTP via queue/lmtp plugin
    • ๐Ÿ›  Fixed bug in outbound when temp failing some of the recipients that would prevent delivery working to those recipients for future delivery attempts
    • โž• Add additional details/parameters to delivered hook for outbound mail
    • Removed the hmail.bounce_extra object as that information now stored with the rcpt_to list
    • Store the RCPT TO rejection reason on the address object
  • v2.3.0 Changes

    February 07, 2014
    • ๐Ÿ›  Fix memory leak when watching config files for changes
    • ๐Ÿ‘Œ Support for badly formatted MAIL FROM/RCPT TO lines
    • ๐Ÿ›  Fix a memory corruption when fixing line endings
    • ๐Ÿ›  Fix breakpoints in plugins when using node inspector
    • ๐Ÿ‘ฎ Reload config in relay_force_routing without restart
    • โฌ†๏ธ Don't re-attempt TLS upgrade if upgraded already and STARTTLS is re-advertised
    • ๐Ÿ‘Œ Improved outbound logging
    • Pass failed recipients to bounce hook in outbound processing
    • โž• Added startup checks to ensure Haraka has been installed correctly
    • ๐Ÿ– Handle case of Haraka server running out of disk space better
    • In mail_from.is_resolvable: move re_bogus_ip into config
    • โž• Added auth/auth_vpopmaild plugin - SMTP AUTH against a vpopmaild server
    • ๐Ÿ›  Fixed graph plugin to work with sqlite3
    • Added rcpt_to.qmail_deliverable plugin - Authenticate inbound RCPT TOs against Qmail::Deliverable daemon
    • โž• Added data.headers plugin which merges header checks into one place. Deprecates data.noreceived, data.rfc5322_header_checks, and data.nomsgid.
    • โž• Added documentation for logging system
    • โž• Added DKIM per-domain signing support
    • โž• Added p0f plugin
    • In relay_acl, if host is allowed by acl, don't deny the recipient because the domain isn't in the allow list
    • โž• Add Authentication-Results header (RFC 5451) to all emails
    • ๐Ÿ›  Fixed writing the todo file in outbound for newer Node versions
    • โž• Added Karma plugin to support penalizing consistently evil senders
    • โž• Added GeoIP plugin including distance calculation from your mail server
    • โž• Added bounce plugin for handling incoming bounce messages in various ways
    • ๐Ÿ›  Fix underscores in documentation so web version doesn't look so weird
    • ๐Ÿ”’ By default prevent SMTP AUTH unless on a private IP or using TLS WARNING: May break some uses of Haraka, but is worth it for security
    • In lookup_rdns.strict, check whitelist before looking up IP
    • ๐Ÿ”Œ Big rewrite of the SpamAssassin plugin for simplicity and mainly to pass through X-Spam-* headers provided
    • โž• Added delay_deny plugin allowing more flexibility on when to reject mail
    • ๐Ÿ‘Œ Improvements to ini file parsing allowing floats and negative integers, and specifying boolean keys
    • ๐Ÿ›  Fix issue causing a CRIT/crash with lost transaction/connection while sending inbound to ongoing SMTP server
    • ๐Ÿ‘ Allow setting of spamd_user for spamassassin plugin
  • v2.0.0 Changes

    November 28, 2012
    • ๐Ÿ›  Various fixes to SMTP AUTH code, including providing SMTP AUTH to inbound mail forwarders.
    • โšก๏ธ Updates to process_title plugin to show more details
    • ๐Ÿ”„ Changed transaction.data_lines to a Stream (this will break all code which uses transaction.data_lines currently - see the migration guide)
    • ๐Ÿ”„ Changed attachments to be a Stream (this will break some code which uses transaction.attachment_hooks - see the migration guide)
    • ๐Ÿšฆ Capture and log signals sent to Haraka
    • ๐ŸŽ Various performance improvements
    • ๐Ÿ›  Fixed a memory leak in connection pool
    • ๐Ÿ‘Œ Improvements to TLS compatibility
    • RFC compliance improvements with greeting, EHLO/HELO, QUIT, and dot stuffing
    • ๐Ÿ‘ป Throw exception with set_banner as it is now non-functional. Will be returned in a future version.
    • ๐Ÿ›  Small fixes to data.uribl
  • v1.4.0