# SPF Milter changelog

All notable user-facing changes are listed in this changelog.

This project follows Rust-flavoured [semantic versioning], with changes to the
minimum supported Rust version being considered breaking changes.

[semantic versioning]: https://doc.rust-lang.org/cargo/reference/semver.html

## 0.7.0-alpha.1 (2024-06-13)

With this release, development has moved from GitLab to the [Codeberg] platform.

The minimum supported Rust version is now 1.74.0.

[Codeberg]: https://codeberg.org

### Changed

* The minimum supported Rust version has been raised to 1.74.0.

## 0.6.0 (2023-09-20)

The minimum supported Rust version is now 1.65.0.

### Changed

* The minimum supported Rust version has been raised to 1.65.0.
* In parameter `header`, the order of inserted headers is reversed. That is, the
  setting `header = Received-SPF, Authentication-Results` now behaves like
  `header = Authentication-Results, Received-SPF`, and vice versa.

## 0.5.0 (2023-02-07)

The minimum supported Rust version is now 1.61.0.

### Changed

* The minimum supported Rust version has been raised to 1.61.0.
* Deletion of incoming forged *Authentication-Results* headers is now logged at
  debug instead of info level.

### Fixed

* When log destination `stderr` is used, the milter no longer panics when it
  cannot log to standard error.

## 0.4.3 (2022-11-16)

### Changed

* The informational log messages for *temperror* and *permerror* verification
  results now state the reason for the result.

### Added

* The `temperror_reply_text` and `permerror_reply_text` parameters can now
  include the special token `%{reason}`. This token is expanded to a phrase
  describing the reason for a *temperror* or *permerror* result.

  The new default value of these parameters includes this token.

## 0.4.2 (2022-09-24)

### Changed

* The command-line user interface has been reimplemented using a lighter-weight,
  no-dependencies approach.

  While there are some differences in appearance and error reporting, there are
  no functional changes in using the program. Make sure that you are not relying
  on undocumented (and therefore unsupported) behaviour of the old CLI.

## 0.4.1 (2022-06-07)

### Changed

* In the underlying [viaspf] SPF library the implementation of the DNS lookup
  limits requirements of RFC 7208 has been revised. Consequently, handling of
  the DNS lookup limits in SPF Milter is now more lenient.

  You will notice that *permerror* results due to exceeded lookup limits occur
  less often.

* Text and style improvements in the man pages.

[viaspf]: https://crates.io/crates/viaspf

## 0.4.0 (2022-03-14)

In this release, the milter implementation has been replaced with the new
[indymilter] library. With this change, there is no longer a dependency on the
libmilter C library. SPF Milter is now a pure Rust application.

The minimum supported Rust version is now 1.56.1.

### Changed

* The minimum supported Rust version is now 1.56.1 (using Rust edition 2021).
* The syntax of the mandatory `socket` parameter has changed:
  - Use <code>inet:<em>host</em>:<em>port</em></code> for a TCP socket.
  - Use <code>unix:<em>path</em></code> for a UNIX domain socket.
* The signal that causes the milter to reload the configuration is now `SIGHUP`
  instead of `SIGUSR1`. Configuration reloading is no longer done asynchronously
  and delayed, but is instantaneous.
* The command-line help information has changed its appearance slightly with the
  update of the underlying [clap] CLI library.
* The changelog is now maintained in a more structured format, similar to
  https://keepachangelog.com.

### Removed

* The parameter `milter_debug_level`, which was related to the underlying milter
  library, has been removed.

### Added

* All SMTP reply text parameters now support macro expansion. Macros will be
  expanded according to spec. Previously this was only supported for parameter
  `fail_reply_text`.
* The new parameter `max_lookups` can be used to configure the number of DNS
  lookups allowed per SPF query
  ([glts/spf-milter#5](https://codeberg.org/glts/spf-milter/issues/5)).

### Fixed

* In generated *Authentication-Results* headers, internationalised domain names
  are recorded in Unicode instead of ASCII form, per RFCs 8616, 8601, and
  others.
* When multiple forged *Authentication-Results* headers are to be deleted when
  parameter `delete_incoming_authentication_results` is set, delete the headers
  at the correct indices.

[indymilter]: https://crates.io/crates/indymilter
[clap]: https://crates.io/crates/clap

## 0.3.3 (2021-11-20)

* Disable unused milter stages during milter protocol negotiation.
* Various minor updates to documentation and project metadata.
* Update dependencies.

## 0.3.2 (2021-07-31)

* Ensure that SMTP replies are ASCII-only, in accordance with the requirement in
  RFC 7208, section 6.2.
* Add parameter `skip_senders` to allow specifying inline a list of senders to
  ignore.
* Improve formatting of generated *Authentication-Results* headers.
* Update dependencies.

## 0.3.1 (2021-06-13)

* Insert headers before the MTA’s *Received* header instead of after it.
* Convey all available verification results (HELO and MAIL FROM) in a single
  *Authentication-Results* header.
* Add installation instructions for Red Hat. Contributed by Swallowtail23.
* Update dependencies.

## 0.3.0 (2021-05-20)

* (defaults and behaviour change) The default value of the
  `definitive_helo_results` parameter is now the empty set (instead of `pass,
  fail`). At the same time, the parameter `reject_helo_results` now applies
  unconditionally and is no longer constrained by the value of
  `definitive_helo_results`.

  With this change, use of `definitive_helo_results` has been deemphasised in
  the documentation. While this parameter is necessary for full RFC conformance,
  we find it is more of a niche feature in practice, and not appropriate to
  enable by default.
* Add parameter `skip_senders_file` to allow specifying a list of sender
  identities to ignore (ie, senders bypass SPF verification).
* Add parameter `include_all_results` to allow adding all available verification
  results (HELO and MAIL FROM) to the message header, instead of just one of
  them.
* Update dependencies.

## 0.2.2 (2021-03-27)

* Update dependencies.

## 0.2.1 (2021-03-01)

* Add parameter `include_mailfrom_local_part` to allow reporting the
  *local-part* of mailboxes in *Authentication-Results* headers.
* Properly specify minimal dependency versions in `Cargo.toml`.
* Update dependencies.

## 0.2.0 (2021-01-12)

* (behaviour change) The HELO identity is now verified at the `helo` stage of
  the milter protocol instead of at the `mail` stage
  ([glts/spf-milter#1](https://codeberg.org/glts/spf-milter/issues/1)).

  While this is mainly an implementation change, it is nevertheless observable
  in certain cases. In particular, the sender authentication status is not
  available at the `helo` stage and cannot be taken into account for the HELO
  authorisation decision; users should revisit and if necessary adjust their
  setup (eg, disable SPF Milter on the submission port).
* Add support for writing debug log output to syslog in integration tests
  (environment variable `SPF_MILTER_TEST_LOG`).
* Update dependency `signal-hook` to version 0.3.
* Update dependencies in `Cargo.lock` file.

## 0.1.0 (2020-11-28)

Initial release.