Postfix 2.5.6 has been released this morning and I just installed and tested it on my test and production server and it all works as one should expect. There are no major changes in this release just some bugfixes.

The bugfixes in 2.5.6 are:

• Postfix 2.5: the SMTP server did not ask for a client certificate
  with “smtpd_tls_req_ccert = yes”. Reported by Rob Foehl.
• Postfix 2.5, 2.4 and 2.3: avoid reduced TCP performance when
  reusing an SMTP connection with a larger than 4096-byte TCP MSS
  value. In practice, this could happen only with loopback (localhost)
  connections.

For instructions on how to upgrade Postifx please read Upgrading Postfix.

Well, as many others I joined Twitter. I did not want put everything here in the blog but still wanted to keep you informed on what I’m currently working on. So if you want to keep track of all the stuff I’m doing (strictly related to DIYMacServer of course) you can follow me at http://twitter.com/diymacserver.

I’ll be only tweeting what I’m doing at the moment or what I’m planning to do, if the task is finished and has some favorable results I will still blog about it here.

The developers at Roundcube finally decided to release version 0.2 as a stable release. I’ve been using the beta versions without problems but thought it wouldn’t be prudent to let you do the same.

New things included are a simple installer function, HTML editor (TniyMCE) for creating HTML email and collapsable folders and much more. If you want to upgrade there are some instructions on how to do that in the most simple way possible without interfering too much with existing users.

By the way, because of the installer option I’ve also rewritten the installation instructions.

Sam Varshavchik has released an update on Christmas day (go figure, what a commitment) to the Courier-Auth daemon, this release correct a couple of minor compiler warnings and errors.:

• cryptpassword.c: Fix compiler warnings
• checkpasswordsha1.c: Fix compiler warnings.
• authldaplib.c (auth_ldap_enumerate): Fix typo.

I’ve tested this release without a problem and my production server is running this version at the moment without a problem.

To upgrade your courier-auth installation read “Upgrading Courier-Auth”

I wanted to wish you all a very Merry Christmas, hopefully with some nice Mac releted stuff under the tree. Also all the best for the coming year, hopefully the recession will not hit us that hard.

I’m looking forward to a new Mac mini or any new Mac on my desktop.

If you have any wishes for the new year related to the content on this site please let me know perhaps I can make them come true. So what to add or what subject to cover anything goes as long as it falls within the boundaries of my abilities.

I know version 5.1.x has been released but there is still much debate on wether this is safe enough to use in a production environment. I haven’t fully tested it yet in all the different environments and setups I would like to (mostly due to time constraints) before I commit to this new release.

This (5.0.75) is the version that comes after 5.0.67. This is a bug and security fix release and it is available in source format only. Because this is a security fix I would urge you all to upgrade your MySQL server installation.

Check all the fixes that are listed on the release notes to see what issues are resolved.

I’ve compiled this version and did some simple tests on Leopard and Tiger and both can be compiled and installed using the instructions in the documentation set without problems

Sam Varshavchik has released an upgrade to the Courier-Auth daemon, it’s a minor bug fix which solves the following problems:

• authpgsqllib.c: Use PQescapeStringConn() instead of removing all apostrophes from query parameters. This fixes a potential SQL injection vulnerability if the Postgres database uses a non-Latin locale.
• Added support for {SSHA}-encrypted passwords. Based on a patch by Zou bin .
• Added support for {SHA512} hash function.

I’ve tested this release without a problem and my production server is running this version at the moment without a problem.

To upgrade your courier-auth installation read “Upgrading Courier-Auth”

Thanks to Steve who commented on the update notification we quikly discovered that the update cripples postfix just like it did with 10.5.5.

The update replaces the postfix binary (so there is no more support for mysql) and changes the configuration file main.cf so that postfix no longer accepts any connection from the outside world.

To solve these issues follow this procedure:

In the file /etc/postifx/main.cf comment out or delete the following line:

inet_interfaces = localhost

To solve the problem of the replaced binary you need to go nto the postfix source directoy of the last succesfull build and run:

sudo make install

Restarted postfix again and all was fine and running again.

Sorry, I’m still looking into the issue of missing this on my test system. I’ve upgraded my production system this morning before going into the office to make sure this was the case and how to solve it. My apologies for any inconviniences this might have caused.

After being annoyed for the nth time that my internal hard disk (still the standard 60 Gb) was full and hed to move some ofmy stuff to one of the 3 external hard disks connected to my desktop mini. I found a good deal and bought myself a Samsung 250 Gb, 7200rpm drive for 69 euro to replace the internal drive. I now can put my iTunes collection on the internal drive and as an added bonus the mini feels a bit more responsive. I haven’t actually measured it but compiling apache again looks like it is happening faster.

Why do I tell you this, because I paid for the drive partly with some of the money I got from the donations I received from some happy users. As this mini is used to test everything first I thought it was appropriate.

Next target for the donations is getting a new Mac (I hope for a new mini), I need it to be able to support you who want to compile everything in 64 bits mode. My current mini’s don’t support 64 bit. I’ve got one of the early Intel mini’s also paid for partly by donations in September 2006! (Boy does time pass quickly when you have fun)

Currently I can only support Tiger and Leopard on G4 and Intel 32 bits machines. Planning for the future I would like to support 64 bits Intel machines as well. As soon as Snow Leopard comes out the plan is to drop support for Tiger so from then on I will support Leopard on G4/G5 and Intel (32 and 64 bit) and Snow Leopard on Intel (32 and 64 bit).

I hope you agree with this decision as it is impossible to support every combination. I know some of you still use Tiger on older Macs and are unable to upgrade. Please know that I’ll try to help you to the best of my ability even if you are not using one of the supported combinations.

I’ve just finished updating my test server with Mac OSX 10.5.6. Both updates went without any problem and my setup was not affected in a negative way. Only had to get a new version of GPGmail. Every item had started after the reboot and worked according to expectations.

If you want to read more on what is affected in the updates I would suggest reading the Apple support site for the 10.5.6 update and the 2008-008 security update.

In case of doubt, please make a full bootable disk image backup with Cabon Copy Cloner before you start.

I will update my production machines this weekend when I’ve got some more spare time. If you want to be sure everything is allright please wait untill then.

Update: There was an issue with postfix, please read the update