[Valvula] [ANN] Valvula 1.0.8 "The trooper" is ready!
Francis Brosnan Blázquez
francis.brosnan en aspl.es
Mar Nov 28 17:32:07 CET 2017
--\\ Valvula //--
Advanced Software Production Line is happy to announce a new stable
release of the Valvula.
Valvula is a OpenSource high performance mail policy daemon for
Postfix, written in ANSI C, that provides out of the box support for
sender login mismatch, mail quotas, per user/domain
and much more.
Valvula is fully extensible through plugins and it is composed by a
base library (libValvula) that integrates into a ready to use server
(valvulad) that is able to run different ports with different modules
so you can connect same valvula process at different points inside
Postfix policy restriction sections.
[ http://www.aspl.es/valvula ]
[ http://www.aspl.es/valvula/commercial.html ]
Advanced Software Production Line, S.L.
[ http://www.aspl.es ]
Featured project: Core-Admin
[ http://www.core-admin.com ]
This release in short
- Added new module (mod-object-resolver) to help valvulad engine to
detect local addresses and domains for especific configurations not
using MySQL like Plesk.
- Added new policy (deny-unknown-local-mail-from='yes') to mod-bwl
that allows to deny transactions using valid local domains to
create forged mail-from addresses. This policy applies by default
and can be controlled using regular mod-bwl rules.
- Added new API interface that allows registering generic functions
that are called to resolve if a domain or local address is a valid
- Added generic SQLite interface to allow writing modules using this
backend (used by mod-object-resolver).
- Several corrections, improvements, doc updates...
Changes from previous release
* [fix] Making mod-object-resolver to also reconfigure
/var/spool/postfix/plesk/ directory to ensure (chmod o-rwx && chmod
o+x) so applications can read virtual.db and other root 644 files.
* [fix] Updated regression test (test_05) to check new API added:
..and to test new function introduced into mod-bwl to reject unknown
accounts targetting known local accounts
* [fix] Updated valvula to include a new type of protection to reject
unknown accounts targetting to known local accounts ::
* [fix] Reorganized valvulad_run_add_object_resolver function to use
code provided by new function (to remove handler) and make it
cleaner. API added:
* [fix] Updated code to preread and check uid and gid to be used so
modules can use this information to prepare itself...then, once
everything is loaded, valvula changes running uid and gid.
* [fix] Fixed mod-object-resolver to avoid changing permissions when
running uid and gid is 0
* [fix] Updated valvula engine to keep track about running uid and gid.
* [fix] Updated log reporting to state if a delivery is local or
* [fix] Updated mod-object-resolver to configure permissions on
startup to ensure passwd.db from plesk is correctly accessed by
* [fix] Fixed gid reporting..
* [fix] Updated valvulad_db_sqlite run query to report uid=, euid= and
errno in case of sqlite error
* [fix] More updates to fix sqlite3_errstr detection
* [fix] Indented code inside __valvulad_sqlite3_get_error_code and
added ENABLE_SQLITE_SUPPORT macro to avoid including this code.
* [fix] Updated configure process to detect if sqlite_errstr is
* [fix] Added initial code to substitute sqlite3_errstr with
__valvulad_sqlite3_get_error_code because the former is not always
available (ubuntu precise, squeeze and lenny has no support for
* [fix] Improved error message when valvulad is not able to open
* [fix] Updated valvula.spec to include reference to sqlite package
* [fix] More updates to control files (debian/ubuntu).
* [fix] Updated server/Makefile.am to include references to
sqlite3_libs for libvalvulad (seems to be causing problems in ubuntu
* [fix] Updated valvulad to support building mod-object-resolver for
* [fix] Adding install file for valvulad-mod-object-resolver
* [fix] Adding initial support for valvulad-mod-object-resolver.
* [fix] added initial documentation explaining how to use valvulad's
* [fix] Added additional documentation to explain module activation
with and without port association.
* [fix] Updated valvulad-mgr.py to support two new functions to enable
and disable modules without port association.
* [fix] Added initial complete implementation for mod-object-resolver
(a module that uses new API to add object resolutions that enables
valvulad to be able to detect domains and accounts that do not use
* [fix] Added new regression test (test_02h) to check external object
resolvers (functions that allows providing resolution support to
valvulad engine about accounts and domains that are local).
* [fix] Added new functions to support registering an external handler
that works as an object resolver (account or domain that are
detected as local). API added:
- ValvuladObjectResolver (handler)
- ValvuladObjectRequest (enum)
* [fix] Added initial working initialization code to have support for
object resolvers at valvulad (external handlers that tells if an
object is a local domain or a local account).
* [fix] Added complete regression test (test_02g) to check new Sqlite
* [fix] Exported hidden function for valvulad main server..
* [fix] Updated valvulad server to also load modules when requested to
check for local domain or local account (-l option).
* [fix] added initial working support for valvula SQLite library API.
* [fix] Added support to detect and compile valvula with SQLIte
* [fix] Updated regression test_01.c (test_07a) to include new file
reported but no error was found..
* [fix] adding test_07a3.conf configuration example to improve
regression test (test_07a) but no failure found.
* [fix] Upgraded version to compilation..
* [fix] Adding some more additional debug to mod-mquota to better
report what is doing when no match was found..
* [fix] Added more regression tests to test_07 to check mod-mquota..
* [fix] Added new regression test to check bug reported. Everything ok
* [fix] Added some debug to mod-mquota module to better report what's
* [fix] Updated valvulad mysql configuration detection to better
report it is not able to find right indication (instead of failing
with a split error).
* [fix] Updated valvula regression test to add more checks to check
valvula address matching for tld domains
* [fix] Fixed valvula_get_tld_extension to support domains with more
dots than one ... making implementation more robust
* [fix] Adding additional debug to mod-bwl to trace when rules does
not match and what parameters were passed..
* [fix] Updated mod-bwl (varchar(1024) -> "who")
* [fix] Updated regression test (test_00) to check new api to get top
level extensions. Updated test_05 to check new support included in
mod-bwl to allow rejecting/accepting top level domains..
* [fix] Making valvula mod-bwl to allow creating rules for top level
domains (.com, .org, .us, .top ... for example). This allow
rejecting or accepting globally, domain level or account level
complete domain zones...
* [fix] Updated libValvula to include new function to get domain
extension (to level extension). API added:
* [fix] More regression test updates..
* [fix] Corrected postfix configuration variables handling. Updated
regression test files to ensure it is working right.
* [fix] Fixed memory leaks at postfix configuration parse to
support/resist those configurations with repeated declarations..
* [fix] Added additional code to support old mysql postfix interface
based on select_field/where_field/table/additional. Updated test_02b
to include a regression test to check this.
* [fix] Updated valvula support to read postfix variables (to load
* [fix] Updated __valvulad_run_request_common_object to check
* [fix] Updated valvulad-db module to include new functions to detect
* [fix] Updated valvula.example.conf to include a good example about
how to enable mod-bwl debug..
* [fix] More fixings applied to mod-bwl..
* [fix] Making mod-bwl to only skip rules that are not local delivery
they they have "OK" as status to also check if the request we are
matching to is not authenticated.
* [fix] Added additional debug information to mod-bwl to explain what
does mod-bwl with generic and specific rules..
* [fix] Updated mod-slm/mod-slm.c to avoid applying its rules when it
is found request is a local delivery
* [fix] Updated valvula plugins/Makefile.am to avoid building
mod-transport for now..
* [fix] Adding more documentation to about whey OK rules are skipped
by mod-bwl when it is not targeted to a local delivery..
* [fix] Updated mod-bwl to report skip rule when non local delivery
* [fix] Updated mod-bwl to avoid logging some messages if debug is not
* [fix] Fixed valvula cron to include all needed PATH elements to make
it find "sed" command (failure found at jessie platform).
* [fix] Updated mod-transport.c (few lines)..
* [fix] Added initial code to implement mod-transport: a flexible
Postfix map module that helps to create rules that, if matches, a
particular postfix transport will be applied.
* [fix] Several updates to valvula core to improve sql injection
About Advanced Software Production Line, S.L. (ASPL)
Advanced Software Production Line (ASPL) provides GNU/Linux support
and consulting services to enable organisation to introduce
GNU/Linux into their processes, making other platforms to properly
interact with it.
You can contact us, using English or Spanish, at:
http://www.aspl.es - info en aspl.es
We hope Valvula may be useful you. Enjoy Valvula!
Francis Brosnan Blázquez - francis en aspl.es
Advanced Software Production Line - http://www.aspl.es
28th Nov 2017, Madrid (Spain)
Más información sobre la lista de distribución Valvula