Postfix stable/legacy release 2.7.2, 2.6.8, 2.5.11, and 2.4.15

An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.7.2.html

The stable release Postfix 2.7.2 addresses the defects described
below.  These defects are also addressed in the legacy releases
that are still maintained.

Note: Postfix 2.3 and earlier are no longer updated. Support for
Postfix 2.4 will end in 2011.

Defects fixed with Postfix 2.7.2, 2.6.8, 2.5.11, and 2.4.15:

- Postfix no longer automatically appends the system default CA
  (certificate authority) certificates, when it reads the CA
  certificates specified with {smtp, lmtp, smtpd}_tls_CAfile or
  with {smtp, lmtp, smtpd}_tls_CApath.  This prevents third-party
  certificates from getting mail relay permission with the
  permit_tls_all_clientcerts feature.  Unfortunately, this change
  may cause compatibility problems with configurations that rely
  on certificate verification for other purposes.  To get the old
  behavior, specify "tls_append_default_CA = yes".

- A prior fix for compatibility with Postfix < 2.3 was incomplete.
  When pipe-to-command delivery fails with a signal, mail is now
  correctly deferred, instead of being returned to sender.

- Poor smtpd_proxy_filter TCP performance over loopback (127.0.0.1)
  connections was fixed by adapting the output buffer size to the
  MTU.