The stable Postfix release is called postfix-2.5.x where 2=major
release number, 5=minor release number, x=patchlevel.  The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.

New features are developed in snapshot releases. These are called
postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day).  Patches are never issued for snapshot releases;
instead, a new snapshot is released.

The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.

Major changes with snapshot 20090121
====================================

Plug-in support for managing multiple Postfix instances.  This can
automatically apply your "postfix start" etc. command to multiple
Postfix instances, including upgrades to new Postfix versions.
Multi-instance support allows you to do the following and more:

- Simplify post-queue content filter configuration by using separate
  Postfix instances before and after the filter. This simplifies
  trouble shooting and performance tuning.

- Implement per-user content filters (or no filter) via transport
  map lookups instead of content_filter settings. Mail for some
  users can be sent directly from the before-filter instance to the
  after-filter instance.

- Test new configuration settings (on a different server IP address
  or TCP port) without disturbing production instances.

- Each additional Postfix instance uses a few files and directories,
  plus memory for an extra master daemon and queue manager. The
  pickup daemon is needed only if you use local submission or
  "postsuper -r".

Best of all, nothing changes when you use only one Postfix instance.

The postfix-wrapper script (in the daemon directory) implements a
simple but useful multi-instance manager, with instructions. The
plug-in API itself is described in the postfix-wrapper(5) manpage.

A more sophisticated multi-instance manager called postmulti(1) is
approaching completion. A prototype version has been used internally
at Morgan Stanley. This version will be adapted to the new plug-in
API which makes some simplification possible.

Major changes with snapshot 20090109
====================================

Support to selectively disable master(8) listener ports by service
type or by service name + type. Specify a list of service types
("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
"name" is the first field of a master.cf entry and "type" is a
service type. Examples: to turn off the main SMTP listener port,
use "master_service_disable = smtp.inet"; to turn off all TCP/IP
listeners, use "master_service_disable = inet". Changing this
parameter requires "postfix reload".

Specify "tcp_windowsize = 65535" (or less) to work around routers
with broken TCP window scaling implementations.  This is perhaps
more convenient than collecting tcpdump output and tuning kernel
parameters by hand.  With Postfix TCP servers (smtpd(8), qmqpd(8)),
this feature is implemented by the Postfix master(8) daemon.

To change this parameter without stopping Postfix, you need to first
terminate all Postfix TCP servers:

    # postconf -e master_service_disable=inet
    # postfix reload

This immediately terminates all processes that accept network
connections.  Then you enable Postfix TCP servers with the updated
tcp_windowsize setting:

    # postconf -e tcp_windowsize=65535 master_service_disable=
    # postfix reload

If you skip these steps with a running Postfix system, then the
tcp_windowsize change will work only for Postfix TCP clients (smtp(8),
lmtp(8)).

Of course you can also do "postfix stop" and "postfix start",
but that is more disruptive.

Major changes with snapshot 20081010
====================================

Controls for the protocols and ciphers that Postfix will use with
opportunistic TLS. The smtp_tls_protocols, smtp_tls_ciphers, and
equivalent parameters for lmtp and smtpd provide global settings;
the SMTP client TLS policy table provides ciphers and protocols
settings for specific peers.  Code by Victor Duchovni. Details are
given in the TLS_README and postconf(5) documents.

Incompatibility with snapshot 20080814
======================================

When a mailbox file is not owned by its recipient, the local and
virtual delivery agents now log a warning and defer delivery.
Specify "strict_mailbox_ownership = no" to ignore such ownership
discrepancies.

Incompatibility with snapshot 20080629
======================================

When TLS support is not compiled in, the Postfix SMTP server no
longer ignores the "smtpd_tls_auth_only = yes" parameter setting.
Earlier Postfix SMTP server versions would announce SASL support,
and would accept SASL login or sender information.

Incompatibility with snapshot 20080726
======================================

When a mailbox file is not owned by its recipient, the local and
virtual delivery agents now log a warning and defer delivery.
Specify "strict_mailbox_ownership = no" to ignore such ownership
discrepancies.

Major changes with snapshot 20080629
====================================

The Postfix SMTP server's SASL authentication was re-structured.
With "smtpd_tls_auth_only = yes", SASL support is now activated
only after a successful TLS handshake. Earlier Postfix SMTP server
versions could complain about unavailable SASL mechanisms during
the plaintext phase of the SMTP protocol.

Incompatibility with snapshot 20080510
======================================

In the policy delegation protocol, certificate common name attributes
are now xtext encoded UTF-8. The xtext decoded attributes may contain
any UTF-8 value except non-printable ASCII characters.

Incompatibility with snapshot 20080428
======================================

Postfix SMTP server replies for address verification have changed.
unverified_recipient_reject_code and unverified_sender_reject_code
now handle "5XX" rejects only. The "4XX" rejects are now controlled
with unverified_sender_defer_code and unverified_recipient_defer_code.

Major changes with snapshot 20080428
====================================

Finer control over the way that Postfix reports address verification
failures are reported to remote SMTP clients.

- unverified_sender/recipient_defer_code: the numerical Postfix
  SMTP server reply code when address verification failed due
  to some temporary error.

- unverified_sender/recipient_reject_reason: fixed text that Postfix
  will send to the remote SMTP client, instead of sending actual
  address verification details.

Incompatible changes with snapshot 20080207
===========================================

According to discussions on the mailing list, too many people are
breaking newly installed Postfix by overwriting the new /etc/postfix
files with versions from an older release, and end up with a broken
configuration that cannot repair itself. For this reason, postfix-script,
postfix-files and post-install are moved away from /etc/postfix to
$daemon_directory.

Incompatible changes with Postfix 2.5.0
=======================================

If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
before proceeding.
