- update to 3.1.3

Changelog:
 20160911
  Bugfix (introduced: Postfix 3.0): the SMTP daemon did not
  reset a previous session's command counts before rejecting
  a client that exceeds request or concurrency rates. File:
  smtpd/smtpd.c.

 20160917
  Bugfix (introduced: Postfix 3.0): the unionmap did not
  propagate table lookup errors.  Based on patch by Roel van
  Meer.  Files: util/dict_union.c, util/dict_union_test.*.

 20160925
  Workaround (problem introduced: Postfix 2.11): to avoid
  false "not found" errors with MySQL map queries that contain
  UTF8-encoded text, specify "option_group = client" in Postfix
  MySQL configuration files.  This will be the default setting
  with Postfix 3.2 and later.

- Update devel/icu to 57.1.
- Clean up the Makefile.
- Follow some upstream recommendations (--with-data-packaging=archive,
  --disable-renaming, -DICU_NO_USER_DATA_OVERRIDE).
- Patch makefiles to install static libraries with INSTALL_DATA so they
  aren't stripped.
- Patch config/mh-bsd-gcc to sync with config/mh-linux-gcc.
- Fix endianness detection in ICU.  The code wanted to use BYTE_ORDER
  defined in machine/endian.h, but this isn't visible because ICU is
  compiled with _XOPEN_SOURCE.  Patch the code to use _BYTE_ORDER instead.
- Compile ICU with C++11 compiler to enable move constructors.
- Patch ICU to fix a problem with atomics in the case of a C++11 compiler
  without C++11 header <atomic> (like Clang on FreeBSD 9).
- Bump all ports that depend on it due to library version change.
- Add USES=compiler:c++0x to some ports that pick up -std=c++0x from ICU
  pkgconfig files.
- Add USES=compiler:c++11-lib to graphics/libcdr01 because it also needs
  a C++11 runtime library now.  Add this to all ports that depend on it
  so their executables load the right libstdc++.so on FreeBSD 9.

PR:		205120
Exp-run by:	antoine
Approved by:	portmgr (antoine)

mail/postfix: Fix typo in LibreSSL patch

  - Fix DANE support with LibreSSL

PR:		212223
Reported by:	Markus Kohlmeyer <rootservice@gmail.com>

mail/postfix: Fix runtime issues with LibreSSL

  - Add LibreSSL checks to <> 1.1.0 OpenSSL checks
  - Bump portrevision

PR:		212223
Submitted by:	Markus Kohlmeier <rootservice@gmail.com>
Reported by:	Markus Kohlmeier <rootservice@gmail.com>
Approved by:	ohauer (via PR)
MFH:		2016Q3

- update to 3.1.2

20160819
       Bugfix (introduced: Postfix 3.0): the makedefs script ignored
       readme_directory=pathname overrides. Fix by Todd C. Olson.
       File: makedefs.

20160821
       Bugfix (introduced: Postfix 3.0): the tls_session_ticket_cipher
       documentation says aes-256-cbc, but the implementation was
       using aes-128-cbc (note that Postfix SMTP server and client
       processes have a limited life time).

20160828
       Bitrot: fixes for incompatible OpenSSL 1.1.0 API changes.
       Viktor Dukhovni.  Files: posttls-finger/posttls-finger.c,
       tls/tls.h, tls/tls_dane.c, tls/tls_verify.c, tls/tls_server.c,
       tls/tls_client.c.

USE_BDB cleanup.

- USE_BDB=4x+ -> USES=bdb.
- USE_BDB=yes -> USES=bdb.
- USE_BDB=xx  -> USES=bdb:xx.

Other modernisations when I see them.

PR:		209183
Sponsored by:	Absolight

- fix build with libressl-devel

PR:		211502
Reported by:	Helmut Ritter
Obtained
from:	http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail/postfix/stable/patches/

- fix build on FreeBSD 12
- s/USE_OPENSSL=yes/USES=ssl/

Bump PORTREVISION for the icu revert.

This time not bumping lang/php70, but devel/php70-intl which is the one
really depending on icu.

PR:		205120
With hat:	portmgr
Sponsored by:	Absolight

devel/icu: bump PORTREVISION on dependent ports

- update to 3.1.1

Changelog:

20160228
       Documentation: typos in postfix-tls-script(1) manpage.

20160327
       Documentation: line wrapping in postconf(1) manpage.

20160310
       Bugfix (introduced: Postfix 2.6): the Milter SMFIR_CHGFROM
       (replace sender) request lost the sender_bcc_maps address.
       Fixed by moving some record keeping to the sender output
       function.  Files: cleanup/cleanup_envelope.c,

- remove ${PORTSDIR} from dependency

- update to postfix 3.1

Users updating from postfix 2.11 should read:
 ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.0.0.RELEASE_NOTES
 ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.1.0.RELEASE_NOTES

- s/always build in/always built in/

- add missing reload part into pkg-install

- rework SASL OPTIONS
  Dovecot SASL does not need any dependency, from now it will be always build
into postfix
  and the default SASL unless Cyrus is also added (there is no conflict between
them)

- add support for FreeBSD 10.3 mailwrapper (install mailer.conf into
LOCALBASE/mail instead /etc/mail)
- add better reload support to rc script
- display correct path in pkg-message
- add support for postfix-sasl slave port
- bump PORTREVISION

Many Thanks to all testers!

PR:	195662
PR: 	205162

- s/SQLITE_USE/SQLITE_USES/

- fix misplaced strip flag

MFH:		2016Q1

- rework pkg-install and pkg-message [1]

- install postfix specific mailer.conf.postfix into DATADIR [2]

- use new notation instead PATCH_DIST_STRIP

- bump PORTREVISION

1) detect if the port is installed without TERM, in this case
   do not ask the to make postfix the default mailer and respect
   the env POSTFIX_DEFAULT_MTA. This helps tools like salt,
   ansible, cfengine and puppet during the first package installation.

2) $DATADIR/mailer.conf.postfix can be used by the tools in 1)

MFH:		2016Q1

Improve shebangfix framework

- Support multiple values in *_OLD_CMD, i.e. we can now fix both
"/usr/bin/python" and "/usr/bin/env python" at the same time
- Default *_OLD_CMD values are now always appended, so you don't need to specify
them in individual ports
- Add lua support (depends on USES=lua)
- Add more default values, such as "/usr/bin/env foo" for python, perl, bash,
ruby and lua
- Shebangfix now matches whole words, e.g. we will no longer (erroneously)
replace "/usr/bin/perl5.005" with "${perl_CMD}5.005" (but "/usr/bin/perl -tt" is
still (correctly) replaced with "${perl_CMD} -tt")

Note that *_OLD_CMD items containing spaces must now be quoted (e.g.
perl_OLD_CMD=/bin/perl /usr/bin/perl "/usr/bin/env perl")

Update shebangfix usage according to new rules in many ports:

- Remove *_OLD_CMD for patterns now replaced by default
- Quote custom *_OLD_CMD which contain spaces

Fix shebangfix usage in many ports (irrelevant to infrastructure change):

- Remove redundant SHEBANG_LANG (no need to duplicate default langs)
- Remove redundant *_CMD (such as
python_CMD=${LOCALBASE}/bin/python${PYTHON_VER} when USES=python is present)
- Never use *_OLD_CMD in REINPLACE_CMD matchers, these should always look for
exact string

Approved by:	portmgr (bapt)
Differential Revision:	D3756

- update to 2.11.7
- use target helpers

ChangeLog:
20150903
	Workaround: disable DNSSEC support for AIX 7x and earlier.
	The AIX 6/7 resolver(5) API defines RES_USE_DNSSEC without
	defining the "ad" bit.  Viktor Dukhovni.  Files: makedefs,
	proto/INSTALL.html, dns/dns.h.

20150923
	Bugfix (introduced: 20120531-617): the Postfix SMTP server
	used a larger-than-1 VSTREAM buffer to read the HAProxy
	connection hand-off information. This broke TLS wrappermode,
	as the TLS helo packet would end up in the plaintext VSTREAM

- update to 2.11.6

20150501
       Support for Linux 4.*, and some simplification for future
       makedefs files. Files: makedefs, util/sys_defs.h.

20150718
       Security: opportunistic TLS by default uses "medium" or
       stronger ciphers instead of "export" or stronger. See the
       RELEASE_NOTES file for how to get the old settings back.
       Files: global/mail_params.h, proto/TLS_README.html,
       proto/postconf.proto, and files derived from those.

20150719
       Security: Postfix TLS support by default no longer uses

Always use USE_RC_SUBR now that it handles properly PREFIX=/usr

VDA: Remove misleading '32bit' in description.

This stemmed from older VDA patches which provided a default patch which only
used 'long' for its data types and a '64bit' patch which used 'long long'.
On 32bit systems 'long' is limited to a 2GB quota while on 64bit systems it will
not be. They later renamed the '64bit' patch to be 'bigquota'. They no longer
provide a 'bigquota' patch due to less demand as most systems are 64bit
today and do not have the small 2GB quota limitation with the 'long' type.
The description of '32bit' was not accurate or useful anymore.

Upstream discussion: http://sourceforge.net/p/vda/mailman/message/24713171/

MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight

- update to version 2.11.5
- rename OPTIONS to match default name of most ports
  - SASL2 -> SASL
  - OPENLDAP -> LDAP
- install main.cf and master.cf with the @sample macro
- rework pkg-install
- fix wrong permission for /var/db/postfix [1]
- sets WANT_OPENLDAP_SASL option for openldap port when
  postfix LDAP_SASL option is set [2]
- make usage of new ${opt}_DEPENDS notation

Changelog:
20150324
        Bugfix (introduced: Postfix 2.6): sender_dependent_relayhost_maps
        ignored the relayhost setting in the case of a DUNNO lookup

- grap mail/postfix ports
  (I have some rewrites for them)

- Reassign to the heap after sahil@'s bit was taken in for safekeeping

- update to 2.11.4

Changes:
20141025
 Bugfix (introduced: Postfix 2.11): core dump when
 smtp_policy_maps specifies an invalid TLS level. Viktor
 Dukhovni. File: smtp/smtp_tls_policy.c.

20150106
 Robustness: don't segfault due to excessive recursion after
 a faulty configuration runs into the virtual_alias_recursion_limit.
 File: global/tok822_tree.c.

20150115
 Safety: stop aliasing loops that exponentially increase the
 address length with each iteration. Back-ported from Postfix
 3.0. File: cleanup/cleanup_map1n.c.

20150117
 Cleanup: missing " in \%s\" in postconf(1) fatal error
 messages. Iain Hibbert. File: postconf/postconf_master.c.

Approved by:	sahil (implicit)
MFH:		2015Q1

- remove dead mirrors from MASTER_SITES
  (a good overview can be taken by viewving the
   source of http://www.postfix.org/download.html)
- remove MASTER_SITE_SUBDIR, it should be used only for sites defined in
bsd.site.mk

- update conflicts for new postfix-current
- use OPTIONS_SUB
- enable TLS as default [1]
- use USE_OPENSSL instead including Mk/openssl.mk
- use new install instruction
- use new notation for @mode in pkg-plist
- bump PORTREVISON

[1] Users using packages should have the ability to
    use TLS from the default package, (this makes the
    the postfix-tls port obsolete)

Approved by:	sahil (implicit)
MFH:		2015Q1

- install posttls-finger and posttls-finger.man
  posttls-finger is handy for many tls related checks

PR:		195293
Submitted by:	Darren Pilgrim
Approved by:	sahil (implicit)

Finally retire USE_PGSQL

- fix wrong /var/spool/postfix permissions
  (broken by commit 372368 ,372370)

- bump PORTREVISION

- sort OPTIONS_DEFINE
- fix build and install for non root users,
  (sgid and group for sbin/postdrop and sbin/postqueue was lost if build
   as non root and installed with sudo)
- install /var/spool/postfix directories with correct owner/mode
- use $WRKDIR instead of /tmp

Approved by:	sahil (implicit)

- update to 2.11.3
- add CPE support
- use PORTDOCS macro
- remove check for OSVERSION >= 800037
- fix OPENLDAP_VER usage
- set PORTSCOUD
- always call set-permissions in post-install to set correct spool/postfix/*
permissions
  this is required with pkg to support non interrupted upgrade

Changes:
========
20140619
        Bugfix (introduced: 2001): qmqpd null pointer bug when it
        logs a lost connection while not in a mail transaction.
        Reported by Michal Adamek. File: qmqpd/qmqpd.c.

Berkeley DB cleanup, remove versions 4.0 ... 4.7.
- Mk/bsd.database.mk rewrite, new default to db5.
- db6 is eligible by default only if installed on the system.
- Bump PORTREVISION of all ports that directly depend on BerkeleyDB or
  where USE_BDB is found in the port's directory
- Patch a few ports such that they will pick up or work with newer
  versions.
- Add UPDATING entry
- Drive-by format fix for pks
- Drop BerkeleyDB option from mail/popular for now, requires more work.
- Exp-run logs linked from the PR below.
- Ports that do not build (IGNORE, BROKEN, etc.) have pro-forma changes
  for new Berkeley DB, but are untested.

NOTE: please read UPDATING and the Wiki page before proceeding!

Announcement:	http://lists.freebsd.org/pipermail/freebsd-ports-announce/2014-August/000090.html
Wiki reference:	https://wiki.freebsd.org/Ports/BerkeleyDBCleanup
PR:		192690
Approved by:	portmgr (implicit, PORTREVISION bump on unstaged ports)

- Move RESETPREFIX to default PLIST_SUB

With hat:	portmgr

mail/libspf2:
- Convert to USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip

(Also some white space fixes in dependent ports)

Approved by:	portmgr (implicit, bump unstaged port)

Rename all patches that contain '::' as a path separator, and use
'__' instead.

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

Bump PORTREVISION on all ports with USE_SQLITE=yes or USE_SQLITE=3 that
have not been bumped yet after the latest libsqlite3.so library version
change.

Approved by:	portmgr (implicit)

- Update to 2.11.1
- Refactor to support staging [1]
- Support "developer mode" [2]

Submitted by:	[1]: ohauer
		[2]: mandree

Repo-copy mail/postfix -> mail/postfix210, and update
both ports to the latest version.  Also:

- Set INVALID_BDB_VER [1]
- Adopt new LIB_DEPENDS syntax [2]
- Add option to support LMDB databases [2]
- Modify shell command to quiet warnings on 10+ [3]
- Respect upstream Makefile's warning suppression [4]

PR:		[1]: ports/185446
		[2]: ports/185860
		[3]: ports/185857

Submitted by:	[1]: Eero Hanninen <fax@nohik.ee>
		[2]: Yasuhiro KIMURA <yasu@utahime.org>
		[3]: adamw
		[4]: koobs (via email)

Links dynamically to libcdb after databases/tinycdb update

PR:		ports/184666
Submitted by:	me
Approved by:	bapt (portmgr)

Fixup pkgnames.

PR:		ports/184440, ports/184441, ports/184442, ports/184443, ports/184444,
ports/184445, ports/184446, ports/184447, ports/184448, ports/184449,
ports/184450
Submitted by:	mat
Approved by:	portmgr (bapt)

- Update to 2.10.2

Add NO_STAGE all over the place in preparation for the staging support (cat:
mail)

- convert to the new perl5 framework
- convert USE_GMAKE to Uses

Approved by:	portmgr (bapt@, blanket)

- Update to 2.10.1 and bump VDAVERSION

- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)

Fix a regression that had crept in with r314621.  Do not
bump PORTREVISION because this does not affect the default
package.

Repo-copy mail/postfix -> mail/postfix29, and update
both ports to the latest version and make a note in
UPDATING.  Also:

- Adjust CONFLICTS
- Add LICENSE information
- Canonicalize 'Created by:' Makefile header
- Remove shlib version from LIB_DEPENDS assignment
- Correct LDAP_SASL logic
- Replace tab with a single space after 'WWW:' in pkg-descr

PR:		ports/177127
Submitted by:	Yasuhiro KIMURA <yasu@utahime.org>

- adopt optionsNG
- trim historical header
- tighten COMMENT

Approved by: portmgr (bapt)

Update to 2.9.5 and revise the PKGINSTALL script to
distinguish between upgrades and fresh installs. Also,
mark BROKEN when users try to build WITH_LDAP_SASL but
WITHOUT_SASL2.

Update PCRE to 8.32
Introduces the UTF-32 library pcre32
Bump PORTREVISION in dependent ports

Update cyrus-sasl2 to 2.1.26.
This bumps shlib version of libsasl2.

Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op

Update to 2.9.4

- extend CONFLICTS

Approved by:    sahil (maintainer)

- Update to 2.9.3

- Update to 2.9.2

Update VDA patch and tweak the conditional that
sets IS_INTERACTIVE.

- Update to 2.9.1
- Remove library number from pcre LIB_DEPENDS, as this
  port can compile without incident against older pcre
  libraries.

Bump pcre library dependency due to 8.30 update

Update to 2.9.0 and revise IS_INTERACTIVE logic to
account for additional situations.

In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.

Shorten some OPTION descriptions such that they
fit neatly within the dialog(1) box.

PR:             ports/162688
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
Feature safe:   yes

- Update to 2.8.7

Feature safe:   yes

- Restore all patches

- Fix build on FreeBSD 10

- Update to 2.8.5 and point to newer VDA patch

Update to 2.8.4 and use the ports framework to
create USERS and GROUPS. Also remove replace()
function from pkg-install script.

PR:             ports/158765
Submitted by:   ohauer

Update to 2.8.3 and point to newer VDA patch.  Also address
the problem described in ports/155885 by passing additional
parameters to the upstream install script.

Security:       CVE-2011-1720

- Update to 2.8.2

- Update to 2.8.1

Reactive VDA support with a new upstream patch released
specifically for Postfix version 2.8.0.

- Unbreak SPF option with new patch for 2.8.0

PR:             ports/154465
Submitted by:   mm
Feature safe:   yes

Set IS_INTERACTIVE if BATCH and PACKAGE_BUILDING are
undefined[1]; also, add missing 'ver' in description
of the PGSQL option[2].

Prompted by:    dougb[1], wxs[2]
Feature safe:   yes

Update to 2.8.0, tweak CONFLICTS, mark MAKE_JOBS_SAFE
and note that the SPF and VDA options are unavailable
with this release.

Feature safe:   yes

Add OPTION for SASL authentication via Dovecot 2.x and
warn users if they erroneously elect both 1.x and 2.x.

No bump of PORTREVISION because the default package is
unchanged.

Update to 2.7.2 and modify pkg-install script to check
whether Postfix is already enabled in mailer.conf[1].

Submitted by:   ohauer (via email) [1]

- Remove dead MASTER_SITE

Reported by:    distilator

- Update optional SPF patch to version 1.1.0 [1]
- Fix CONFLICTS [2]

PR:             ports/151134 [1]
Submitted by:   mm@  [1]
Noticed by:     pav@ [2]

- Fix IPv6 support in SPF patch

PR:             ports/150749
Submitted by:   mm@

- Update VDA patch to version 2.7.0 [1]
- Remove "empty variable" assignment from rc script [1]
- Re-introduce optional SPF support [2]
- Remove default DISTNAME assignment from Makefile
- The affected OPTIONS are off by default, so do not
  bump PORTREVISION

PR:             [1]: ports/147731
                [2]: ports/150428
Submitted by:   [1]: ohauer@
                [2]: mm@

- Update to 2.7.1
- Unset INVALID_BDB_VER; Berkeley DB 5.x is now supported

Approved by:    wxs@/itectu@ (mentors, implicit)

- Set INVALID_BDB_VER; upstream does not yet support Berkeley DB 5 [1]
- Remove OPTION for Kerberos IV
- Change my email to @FreeBSD.org

PR:             ports/146371 [1]
Reported by:    Volodymyr Kostyrko <c.kworr@gmail.com> [1]
Approved by:    itetcu@ (mentor)

Fix plist for the default (non-base) package

Submitted by:   Dimitry Andric <dimitry@andric.com>
Approved by:    maintainer

Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#

Add an option to install into the base, and related support

Approved by:    maintainer

- Update to 2.7.0
- users wanting to continue on 2.6 series should use mail/postfix26

PR:             144189
Submitted by:   Sahil Tandon (maintainer)
Feature safe:   yes

- Add a note about possibly needing to create /etc/periodic.conf if it
  does not exist.

Approved by:    Sahil Tandon <sahil@tandon.net> (maintainer)

Fix build with Kerberbos5 on 8.0 and 9.0 which have new Heimdal.

PR:             141045
Submitted by:   maintainer (Sahil Tandon)

- Update VDA patch to 2.6.5

PR:             ports/138777
Submitted by:   Sahil Tandon <sahil@tandon.net> (maintainer)
Feature safe:   yes

Fix build on 9.

Approved by:    maintainer
Reviewed by:    wxs@, keramida@

Update tp 2.6.5

PR:     138301

- Update to 2.6.3
- Keep the VDA patch at 2.6.2
- Use bsd.port.options.mk

PR:             ports/137460
Submitted by:   olli hauer <ohauer@gmx.de>
Approved by:    Sahil Tandon <sahil@tandon.net> (maintainer)

Now that closefrom() has been merged to 7.X too, we have to patch sys_defs.h
of Postfix to use closefrom() for __FreeBSD_version >= 702104 too.

Submitted by:   Sahil Tandon, sahil at tandon.net (maintainer)
Tested by:      wxs (7.X), keramida (head)

- un-IGNORE VDA patch for version 2.6.2
- no PORTVERSION bump necessary since this option is off by default

PR:             ports/135902
Submitted by:   Sahil Tandon <sahil@tandon.net>