Postfix 3.7 MTA Released with OpenSSL 3.0 Support

Postfix attempts to be fast and secure, while at the same time being sendmail compatible enough to not upset existing users.

Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail. Designed by Wietse Venema, Postfix is a mail server built with security in mind and specifically designed to replace Sendmail.

Because of its modular pipeline-based architecture, Postfix is versatile and integrates easily with many other services, such as spam and antivirus processing, as well as with message store software, such as the Dovecot IMAP and POP3 server.

In addition, Postfix is also quite resource efficient. Nowadays, many ISPs are using it to handle millions of messages a day.

What’s New in Postfix 3.7

We start with the fact that the new version of this widely-used MTA adds support to inline the content of small cidr:, pcre:, and regexp: tables in Postfix parameter values. For those of you unaware, Postfix uses lookup tables to store and look up information for access control, address rewriting, and even for content filtering.

All of the above means that Postfix 3.7 now gives you even more flexibility in configuring it. For example, you can use the new smtpd_forbidden_commands default value, CONNECT GET POST regexp:{{/^[^A-Z]/ Thrash}}, to quickly drop connections from clients that send garbage.

Nowadays, logging becoming an important part of almost every service. Since Postfix 3.4, the mail server offers build-in logging support available via the maillog_file configuration directive. With Postfix 3.7, this option becomes even more powerful. The postlog command is now set-gid postdrop, so that unprivileged programs can use it to write logging through the postlogd daemon.

Postfix 3.7 ships with the updated defense against remote clients or servers that ‘trickle’ SMTP or LMTP traffic, based on per-request deadlines and minimum data rates. The new smtpd_per_record_deadline parameter limits the combined time for the Postfix SMTP server to receive a request and to send a response, while the new {smtp,lmtp}_per_record_deadline parameters limit the combined time for the Postfix SMTP or LMTP client to send a request and to receive a response.

In addition to the security features included in this release, we can’t fail to mention that Postfix was updated to support OpenSSL 3.0.0 API features and to work around OpenSSL 3.0.0 bit-rot.

For detailed information about all changes in Postfix 3.7, you can refer to the release notes.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%