On Mon, Jul 25, 2011 at 04:59:32PM +0200, Marc Weber wrote: > > I am using postfix-2.3.3-2.3.el5_6,dovecot-1.2.17-0_115.el5 on centos 5.6.I > > Consider upgrading to 2.8. I tried 2.2 in the past and failed. Don't > know whether 2.3.3 works much better.
While the older releases are no longer maintained, and upgrades are encouraged, it is NOT the case that the older releases are substantially defective, and do not function as designed. For 2.3, the only critical patch is the one for CVE-2011-1720, which is only needed at sites that provide SASL authentication and offer two or more mechanisms other than PLAIN. Vendor distributions of 2.3.3 should be patched by now, so if the OP is using the latest vendor update of this RPM, it should function as designed, and provide a usable set of features from Postfix 2.3. An upgrade is only *required*, if the OP needs specific features from 2.4 or later. -- Viktor.