Changelog:
Implemented Features:
* Added Mail_mime::setContentType() function with possibility to set various
types in Content-Type header (also fixes problem with boundary parameter
when Content-Type header was specified by user) [alec]
1.) Always install the binary. The permissions of "/var/mail" on
the build system are just no good indicator to determine whether
this program is required or not.
2.) Don't try to set the permissions of the binary in the makefile
and add it to "SPECIAL_PERMS" instead. Mark the package as capable
of user destinaton directory installation again.
Bump package revision because the binary package has changed at least
under NetBSD with default permissions for "/var/mail".
1.3.1 09-February-2010
---------------------------------------------
- Fix D-Bus connection leak in Nepomuk search backend.
- Disable slow query logging by default for internal MySQL.
1.3.0 20-January-2010
---------------------------------------------
- Work around D-Bus bug that could cause SEARCH to hang.
1.2.90 06-January-2010
---------------------------------------------
- Fix change notifications for search results.
- Fix database creation with PostgreSQL.
- Fix copying of item flags.
- Fix internal MySQL shutdown.
- Support PostgreSQL in internal mode.
- Fix table name case mismatch.
1.2.80 01-December-2009
---------------------------------------------
- Support for collection content type filtering as part of LIST.
- Adapt to Nepomuk query service changes.
- Experimental support for PostgreSQL.
- Support for preprocessor agents.
- Support for distributed searching.
- Support for agents creating virtual collections.
- Protocol parser fixes for non-Linux/non-KDE clients.
- Support for single-shot searches using the Nepomuk query service.
- Support HRID-based LIST operations.
- Support RID-based MOVE, COLMOVE, LINK and UNLINK opertions.
- Respect cache-only retrieval also regarding on-demand syncing.
- Add configuration accepted/rejected signals to the agent interface.
- Fix change notification compression when using modified parts sets.
- Use one retrieval pipeline per resource.
- Reduce unecessary change notification on flag changes.
- Fix RID quoting.
- Fix resource creating race for autostarted agents.
- Create new database also when using external db servers.
- Return the created result collection when creating a persistent search.
milter manager is a milter to use multiple milters effectively.
If milter manager is introduced, milter manager administrates milters instead of
MTA. The was has some advantages:
* reduce milter administration cost
* combine milters flexibly
* The random scrolling problem on selecting folders with GTK+ 2.12 or later
was fixed.
* The problem that config files are not updated after creating new accounts
was fixed.
* The problem that folder config file was not updated after changing IMAP
or News account name was fixed.
* Several typos in some dialogs were fixed.
* The Japanese manual was updated.
This release of ClamAV introduces new malware detection mechanisms and other
significant improvements to the scan engine. The key features include:
- The Bytecode Interpreter: the interpreter built into LibClamAV allows
the signature writers to create and distribute very complex detection
routines and remotely enhance the scanner's functionality
- Heuristic improvements: improve the PE heuristics detection engine by
adding support of bogus icons and fake PE header information. In a
nutshell, ClamAV can now detect malware that tries to disguise itself
as a harmless application by using the most common Windows program icons.
- Signature Improvements: logical signature improvements to allow more
detailed matching and referencing groups of signatures. Additionally,
improvements to wildcard matching on word boundaries and newlines.
- Support for new archives: 7zip, InstallShield and CPIO. LibClamAV
can now transparently unpack and inspect their contents.
- Support for new executable file formats: 64-bit ELF files and OS X
Universal Binaries with Mach-O files. Additionally, the PE module
can now decompress and inspect executables packed with UPX 3.0.
- Support for DazukoFS in clamd
- Performance improvements: overall performance improvements and memory
optimizations for a better overall resource utilization experience.
- Native Windows Support: ClamAV will now build natively under Visual
Studio. This will allow 3rd Party application developers on Windows
to easily integrate LibClamAV into their applications.
The complete list of changes is available in the ChangeLog file. For upgrade
notes and tips please see: https://wiki.clamav.net/Main/UpgradeNotes096
Pkgsrc changes:
- Removed most of the package options; using the options framework for
those choices was not quite correct in the first place. Some have now
fixed values (Perl warnings and taint checks always enabled), some
got converted to variables settable from the make command line, see
options.mk.
- pkglint complained about the variable PLIST_ADD so I renamed it to
DYNAMIC_PLIST.
- SpamAssassin does not come with rules anymore. As a starting point
the official archive of rules at the time of the SA release is
included. At installation time this set of rules gets installed
through the pkgsrc INSTALL file.
- Removed patch-ba and patch-bc, both were integrated upstream.
- Removed patch-be. The quick fix for the bad rule was replaced by
a permanent solution.
Summary of major changes since 3.3.0
====================================
bug 6335: add Spamhaus DBL as URIBL_DBL_SPAM rule
Bug 6370: update ImageInfo plugin to latest release
bug 6215, bug 6294: RCVD_IN_CSS rule was broken. the check_rbl_sub() syntax
was incorrect, resulting in missing hits
bug 6361: list 2tld and 3tld sub-domain hosters for URIBL/SURBL/DBL queries;
NOTE for SARE users: This file replaces the SARE file
http://www.rulesemporium.com/rules/90_2tld.cf, which will be deprecated as from
2010-05-01.
Bug 6369, 6356, 6373: WIN32 support for spamd improved
Bug 6267: Solaris 10 requires --syslog-socket=native
bug 6304 spamd is spawning and killing processes too often - Added spamd
adjustments to info level and more information for administrators + small fix
to Makefile.PL
Bug 6310: sa-learn --import gives Insecure dependency in open
Bug 6313: -Q or -q AND -x should not result in creation of a ~/.spamassassin
dir; plus: taint issues fixed
Bug 6342: make test failure on if_can under perl 5.6
Bug 6340: Impossible to find user home directory of VPOPMAIL alias
Bug 6072, 6343: POD warnings, documentation fixes
Bug 6304 (trivial), reduce sysadmin's stress level by lowercasing
the 'INTERRUPTED' in a logged message:
spamd: handled cleanup of child pid [...] due to SIGCHLD: INTERRUPTED
Bug 6329: POSIX::strftime in call under Win32 ActivePerl causes Perl to hang up;
formatting option %e is not in a POSIX standard, use %d instead and edit
Bug 6322: In DKIM ADSP eval test check_dkim_adsp() the '*' is handled incorrectly
Bug 6327: Fix calling argument in utility used to determine DCC's homedir
Bug 6316: DCC.pm, wrong options for dcc_proc, (plus: avoid a warning on undef
in logger when dccifd socket is not provided)
Bug 6287: improved DKIM plugin debugging
Bug 6321 - _TOKENSUMMARY_ not working in 3.3.0 (Plugin/Bayes.pm looks-up a tag
from wrong location)
Bug 6312 - uninitialized value $start_time in spamd
bug 5761: trivial doc fix: document SPAMD_LOCALHOST test-control env variable
Summary of major changes since 3.2.5
====================================
COMPATIBILITY WITH 3.2.5
- rules are no longer distributed with the package, but installed by
sa-update - either automatically fetched from the network (preferably)
or from a tar archive, which is available for downloading separately
(see below, section INSTALLING RULES);
- CPAN module requirements:
- minimum required version of ExtUtils::MakeMaker is 6.17;
- modules now required: Time::HiRes, NetAddr::IP (4.000 or later),
Archive::Tar (1.23 or later), IO::Zlib;
- minimal version of Mail::DKIM is 0.31 (preferred: 0.37 or later);
expect some tests in t/dkim2.t to fail with versions older than 0.36_5;
- no longer used: Mail::DomainKeys, Mail::SPF::Query;
- either Digest::SHA or the older Digest::SHA1 is required, though
note that the DKIM plugin requires Digest::SHA for sha256 hashes
and Razor agents still need Digest::SHA1;
- some IPv6 functionality requires IO::Socket::INET6;
- if keeping the AWL database in SQL, the field awl.ip must be extended to
40 characters. The change is necessary to allow AWL to keep track of IPv6
addresses which may appear in a mail header even on non-IPv6 -enabled host.
While at it, consider also adding a field 'signedby' to the SQL table 'awl'
(and adding 'auto_whitelist_distinguish_signed 1' to local.cf);
see sql/README.awl for details. The change need not be undone even if
downgrading back to 3.2.* for some reason;
- fixing a protocol implementation error regarding a PING command required
bumping up the SPAMC protocol version to 1.5. Spamd retains compatibility
with older spamc clients. Combining new spamc clients with pre-3.3 versions
of a spamd daemon is not supported (but happens to work, except for the
PING and SKIP commands);
- if using one of the plugins (FreeMail, PhishTag, Reuse) which were
previously not part of the official package, please retire your local copy
to avoid it conflicting with a new native plugin;
- as the plugin AWL is no longer loaded by default, to continue using it
the following line is needed in one of the .pre files (e.g. local.pre):
loadplugin Mail::SpamAssassin::Plugin::AWL
- it may be worth mentioning that a rule DKIM_VERIFIED has been renamed
to DKIM_VALID to match its semantics;
- the DKIM plugin is now enabled by default for new installs, if the perl
module Mail::DKIM is installed. However, installation of SpamAssassin
will not overwrite existing .pre configuration files, so to use DKIM when
upgrading from a previous release that did not use DKIM, a directive:
loadplugin Mail::SpamAssassin::Plugin::DKIM
will need to be uncommented in file "v312.pre", or added to some
other .pre file, such as local.pre;
- due to changes in some internal data structures (like Bug 6185, 6254),
some third-party plugins may need to be updated. One such example is
the ClamAVPlugin plugin - please find a fresh version, which can be used
with both SpamAssassin versions 3.2.5 and 3.3.0, on its wiki page at
http://wiki.apache.org/spamassassin/ClamAVPlugin
- versions of amavisd-new between 2.5.2 and 2.6.1 (inclusive) are incompatible
with SpamAssassin 3.3; please upgrade amavisd to 2.6.2 or later, or apply
a workaround https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6257
- support for versions of perl 5.6.* is being gradually revoked
(may still work, but no promises and no support);
- preferred versions of perl are 5.8.8, 5.8.9, and 5.10.1 or later;
- on FreeBSD, please avoid using multithreaded versions of perl older
than 5.10.0 due to small default main thread's stack size, which may
not suffice for some regular expression evaluations;
INSTALLING RULES
Rules are normally installed by running a sa-update command.
The version of sa-update program should match the version of SpamAssassin
modules, so invoking sa-update should be performed only after installing
or upgrading SpamAssassin code, not before.
Installing rules from network is done with a single command,
normally run as root:
sa-update
Installing rules from files:
obtain all the following files:
Mail-SpamAssassin-rules-xxx.tgz
Mail-SpamAssassin-rules-xxx.tgz.asc
Mail-SpamAssassin-rules-xxx.tgz.md5
Mail-SpamAssassin-rules-xxx.tgz.sha1
(where xxx may look something like '3.3.0.r893295')
install rules from a compressed tar archive:
sa-update --install Mail-SpamAssassin-rules-xxx.tgz
(sa-update will need corresponding .asc and .sha1 files with the
same base name in the same directory as the .tgz file)
MAIN NEW FEATURES
- IPv6 support was substantially improved (see below);
- many improvements to the DKIM plugin (understands author domain signatures,
supports multiple signatures, ADSP support with overrides) - (see below);
- added 'if can(Class::method)' conditional statement, allowing configuration
settings to be conditional on plugin capabilities without requiring
new version releases to do so;
- added a --verbose option to the sa-update utility to show updated channels;
- added a configuration option 'time_limit', defaulting to 300 seconds
or whatever the caller (like spamd) provides; attempting to gracefully
terminate the checking when a time limit is reached, reporting the score
and test hits that were collected so far, along with an added hit on
a rule TIME_LIMIT_EXCEEDED;
- more expensive code sections are now instrumented with timing measurements;
timing report is logged as a debug message by the end of processing,
and made available to a caller and to 'add_header' directives through
a TIMING tag;
- added a configuration option skip_uribl_checks to the URIDNSBL plugin,
cross-documented it with skip_rbl_checks;
- preserve order of declared 'add_header' header fields;
- configurable network mask length for the AWL plugin (see below);
- added support for DCC reputations (see below);
- improved error handling and robustness (see below);
- added timestamps when logging on stderr;
- allowed debug areas to be excluded from debugging,
e.g.: -D all,norules,noconfig,nodcc
BUILDING AND PACKAGING
- rules are no longer distributed with the package, but installed by
sa-update
- Makefile.PL has been simplified and a bug fixed in a DESTDIR support
by increasing the minimum required version of ExtUtils::MakeMaker to 6.17
- tools check_whitelist and check_spamd are now included in the distribution,
now called 'sa-awl' and 'sa-check_spamd'
WORKAROUNDS TO PERL BUGS AND LIMITATIONS
- modified the Check.pm plugin to produce smaller chunks of source code
from rules (60 kB) to avoid Perl compiler crashing on exceeding stack size;
- localized global variables $1, $2, etc at several places, avoiding taint
issue from propagating;
- avoided Perl I/O bug by replacing line-by-line reading with read() where
suitable, or played down the EBADF status in other places and only report
it as a dbg instead of a die - while also providing a little speedup
(10 .. 25 %) on reading a message;
- provided a new sub Message::split_into_array_of_short_lines to split
a text into array of paragraph chunks of sizes between 1 kB and 2 kB,
giving less opportunity to runaway regular expressions in rules;
fixes bugs: 5717, 5644, 5795, 5486, 5801, 5041;
MEMORY FOOTPRINT
- as a side-effect of compiling rules in smaller chunks (to avoid compiler
crashes), virtual memory footprint of SpamAssassin is reduced;
- saved some memory by not importing the Pod::Usage unless it is needed;
- saved 350k+ of memory in sa-compile by replacing DynaLoader with XSLoader;
- removed unneeded index from MySQL bayes_token table;
IPv6 SUPPORT
- added IPv6 support for trusted_networks, internal_networks, msa_networks,
whitelist_from_rcvd, and other stuff that uses NetSet and the Received
header field parser, using NetAddr::IP;
- allowed usage of a remote dccifd host through an INET or INET6 socket;
- added IPv6 support to AWL plugin and its utility modules; a network
mask length is now configurable and defaults to /48, which controls
what data is stored in an AWL database;
- sql/README.awl and sql/awl_*.sql: increased suggested awl.ip field width
to 40 characters to be able to hold IPv6 addresses;
- IP_PRIVATE now includes ipv6 variants of private address space,
as well as the ipv6-mapped ipv4 addresses.
- NetSet now understands that ::ffff:192.168.1.2 and 192.168.1.2 are
the same address;
- IPv6 addresses are now properly read from Received header fields;
- when reading Received header fields, the "IPv6:" prefix is stripped from
IPv6 addresses, and "::ffff:" is removed from IPv6-mapped IPv4 addresses
(so strings can match them as simply IPv4 addresses);
- ::1/128 is always included in the trusted_networks/internal_networks set
similar to 127.0.0.0/8;
- some of the IPv6 functionality in SpamAssassin requires that a perl module
IO::Socket::INET6 is available (like accessing a DNS resolver over inet6,
talking to a dccifd host over inet6 socket, SPAMC protocol);
SPAMC
- Mail::SpamAssasin::Client ping may erroneously result in broken pipe;
bump spamc protocol version to 1.5, updated spamd, spamc and Client.pm;
- added -n / --connect-timeout switch to spamc, allowing to separate
a connection timeout from communication timeout;
- added --filter-retries and --filter-retry-sleep;
- increased allowed line length in spamc.conf files to 8 KiB and report
an error when the limit is exceeded;
- fixed issue where spamc would not time out connections to a hung spamd;
- spamc client library leaked the zlib compression buffer if compression
is used;
- spamc long option '--dest' was broken;
SPAMD
- when spamd is started with the daemonize option do not exit the parent
until a child signals that it has logged the pid, to allow a wrapper
script to simply continue immediately after starting spamd;
- additional tempfile cleanup in kill_handler;
- added SPAMD_LOCALHOST option to "make test" to allow specifying
non-127.0.0.1 IP address for use in FreeBSD jail;
API
- adding one optional argument to Mail::SpamAssassin::parse allows caller
to pass additional out-of-band information to SpamAssassin (such as a
deadline time, DKIM verification results, information about a SMTP session,
or dynamic rule hits); this information is made available to plugins and
the rest of the code through a 'suppl_attrib' hash;
- added option 'master_deadline' to the suppl_attrib argument of a
Mail::SpamAssassin::parse method, allowing the caller to override a
time_limit configuration setting;
- Plugin::Check - pick up 'rule_hits' from caller via the new mechanism
and call got_hit() on them;
- simplified adding dynamic score hits and dynamic rules by plugins
(such as AWL, CRM114, FuzzyOcr, Check) by letting got_hit() accept
options tflags and description, and letting it store a supplied
dynamic score for proper reporting;
- let the timing breakdown information be accessible to a caller through
the existing get_tag mechanism (tag TIMING);
- let the generated header fields ('add_header' configuration options)
be accessible to a caller through the existing get_tag mechanism
(tags ADDEDHEADER, ADDEDHEADERHAM, ADDEDHEADERSPAM);
RULES
- rules are no longer distributed with the package;
- new scores were generated by a genetic algorithm (GA) and then manually
tweaked based on cleaned datasets supplied by a dozen volunteers;
- dropped redundant rules or rules causing too many false positives;
- added or updated many rules; incomplete list in no particular order:
vbounce, lotsa_money, muchmoney, image spam, fill_this_form, FreeMail,
European Parliament, HTML attachments, uri_obfu*, urinsrhsbl, urinsrhssub,
urifullnsrhsbl, URI_OBFU_X9_WS, rDNS=localhost, INVALID_DATE_TZ_ABSURD,
RCVD_IN_PSBL, FRT_VALIUM*, BOUNCE_MESSAGE, VBOUNCE_MESSAGE,
__BOUNCE_UNDELIVERABLE, HELO_STATIC_HOST, FILL_THIS_FORM_FRAUD_PHISH,
CHALLENGE_RESPONSE, DKIM_VALID, DKIM_VALID_AU, DKIM_ADSP_*,
NML_ADSP_CUSTOM_{LOW,MED,HIGH}, __VIA_ML, MIME_BASE64_TEXT, LOTTO_URI,
FORGED_MUA_THEBAT_BOUN, FORGED_MUA_THEBAT_CS, UNRESOLVED_TEMPLATE,
__THEBAT_MUA, __ANY_OUTLOOK_MUA, RP_MATCHES_RCVD, one-word X-Mailer,
SPAN rules, skype and misquoted-HTML rules, HTML obfuscation and
Google feedproxy URI rules, advance_fee updates including further
evolved advance fee second-order metarules, test rule for
postmaster+abuse missing, FROM_MISSPACED, fixed FROM_CONTAINS_TAB, a
Facebook redirector pattern, fixed FPs with TVD_SPACE_RATIO regarding
one-word emails and ISO-2022-JP, added exclusion for __ISO_2022_JP_DELIM
to OBFUSCATING_COMMENT, GAPPY_SUBJECT, PLING_QUERY and FM_FRM_RN_L_BRACK
rules, RATWARE_BOUNDARY plus variant, superseded all previous
RATWARE_OUTLOOK stuff, resolved FP in obfuscated URI rule, fixed breakage
in tbird image rule, fixed SUBJECT_FUZZY_MEDS FP on unobfuscated "meds",
added misspaced From header field rule, numeric+cctld URI rule,
updated FH_DATE_PAST_20XX, ...
- added PSBL blacklist - http://psbl.surriel.com/
- added support for http://www.spamhaus.org/css/
- replaces HABEAS, BSP and SSC with RP CERTIFIED;
- use ReturnPath's RNBL, replacing SSBL;
- added rule for plain text attachments with octet-stream MIME type;
- avoided false positives on ISO-2022-JP messages in several rules;
- removed massmailers from uridnsbl_skip_domain in 25_uribl.cf;
- updated various default whitelists, uridnsbl_skip_domain, adsp_override, ...
PLUGINS
- new plugins: FreeMail, PhishTag, Reuse;
- now enabled by default: DKIM;
- now disabled by default: AWL;
- retired plugin: DomainKeys;
AWL PLUGIN
- plugin AWL is now disabled by default;
- added new configuration options auto_whitelist_ipv4_mask_len and
auto_whitelist_ipv6_mask_len to allow more control on what part of
an IP address is stored into an AWL database;
- README.awl: increased a suggested awl.ip field width to 40 characters
to support IPv6 addresses;
- AutoWhitelist.pm: allowed storing a canonicalized IPv6 address, cropped
to a configurable network mask (previously causing SQL server errors:
'value too long');
- let AWL with SQL keep separate records for DKIM-signed and unsigned mail
(when auto_whitelist_distinguish_signed configuration option is true,
and a field awl.signedby exists);
- avoided a race condition in SQLBasedAddrList.pm when multiple processes
try to insert-or-update an awl SQL record: trying INSERT first, and if
that fails go for UPDATE;
- gracefully handle NaN from corrupted database or a broken emulator or
virtualizer;
DCC PLUGIN
- added support for DCC reputations, added setting dcc_rep_percent,
new test check_dcc_reputation_range(), new tag DCCREP
(DCC servers supply reputation data only to licensed clients);
- allowed usage of a remote dccifd host through an INET or INET6 socket;
DKIM PLUGIN
- the DKIM plugin is now enabled by default for new installs if the perl
module Mail::DKIM is installed. However, installing SpamAssassin will
not overwrite existing .pre configuration files, so to use DKIM when
upgrading from a previous release that did not use DKIM, the directive:
loadplugin Mail::SpamAssassin::Plugin::DKIM
will need to be uncommented in file "v312.pre", or added to some
other .pre file, such as local.pre;
- absolute minimal version of Mail::DKIM is 0.31;
support for ADSP requires Mail::DKIM 0.34;
a DNS test (and rule) for NXDOMAIN is operational since Mail::DKIM 0.36_5,
so effectively the recommended version is Mail::DKIM 0.37 or later;
- a perl module Digest::SHA is required if the DKIM plugin is enabled.
If a perl module Digest::SHA is available, the module Digest::SHA1
becomes optional as far as SpamAssassin is concerned, but is still
needed by Razor agents;
- added support for multiple signatures (useful for whitelisting);
- plugin now distinguishes author domain signatures from third party
signatures (useful for whitelisting);
- provides a tag DKIMIDENTITY (in addition to DKIMDOMAIN);
- DKIM now supports Author Domain Signing Practices - ADSP (RFC 5617);
- use the Mail::DKIM::AuthorDomainPolicy instead of Mail::DKIM::DkimPolicy,
when available (since Mail::DKIM 0.34);
- implements an 'adsp_override' configuration directive and adds
an eval:check_dkim_adsp check, which is used by new DKIM_ADSP_* rules;
- rules contain an initial set of 'adsp_override' directives, listing
some of the more popular target domains for phishing (applicable only to
domains which sign all their direct mail with a DKIM or DK signature);
- this plugin can now re-use Mail::DKIM verification results if made
available by a caller, which saves resources and makes it possible
for SpamAssassin to work on a truncated large mail without breaking
DKIM signatures;
- check_dkim_signed and check_dkim_adsp eval rules can now take an optional
list of domain names, which limits their action to listed domains only.
It facilitates building DKIM-based rules for specific domains, without
having to resort to meta rules;
- draft-ietf-dkim-ssp-10/RFC-5617 made Author Domain Signature based on 'd':
updated ADSP code accordingly; changed whitelisting code to be based on
SDID ('d') instead of AUID ('i');
- Plugin/DKIM.pm: terminology changes in comments and logging according
to RFC 5617 and draft-ietf-dkim-rfc4871-errata-07;
BUG FIXES
- fixed Rule2XSBody segfaults;
- no longer treat user data as perl booleans (a string "0" is a false);
- avoid data from the wild be interpreted as perl regular expressions;
- ArchiveIterator: prevent _scan_directory from passing directories
to _scan_file (on NFS it would fail with EISDIR on read(2);
- fixed inserting the SpamAssassin -generated header fields after a
multiline Return-Path header field;
- fixed vpopmail support;
- fixed incorrect mode bits when creating lock files for AWL;
- fixed some cases where :addr headers were parsed incorrectly;
- fixed leakage of 'whitelist_from_rcvd' entries between spamd users;
- fixing run_and_catch, which failed to catch a non-timed run;
- 127/8 isn't an illegal IP;
- reworked the M::S::Timeout module to deal with nested timers as one would
expect: an inner timer shouldn't be able to extend an outer timer's limit;
account for time elapsed in the submitted subroutine when restarting an
outer timer; reset() should have accounted for time already spent;
deal with nested timed runs where alarm(0) does not provide remaining time;
- the 'exists:' evaluator in HEADER rules now works as documented
and tests for existence of a header field, instead of testing for
a header field body being nonempty; internally, the pms->get can
also now distinguish between empty and nonexistent header fields;
- applied fixes to header fields parsing in several places: header field
names are case-insensitive, whitespace is not required after a colon,
obsolete rfc822 syntax allowed whitespace before a colon;
VBounce: match "Received:" only at the beginning of a line;
- fixed bugs 6237 and 6295: 1.0.0.0/8 and 2.0.0.0/8 are now valid allocated
address ranges, fixed a corresponding rule RCVD_ILLEGAL_IP;
- fixed bug 6205 comment 5 in URIDetail.pm;
- 'pyzor_options' in Plugin/Pyzor.pm was not untainted;
- made the URIDetail plugin taint safe;
- fixed parsing of multi-line Received header fields for
BOUNCE_MESSAGE/VBOUNCE_MESSAGE et al;
- Bug 6206, Bug 2536: spamd: untaint directory as obtained from a password
file or from vpopmail utilities, avoid implicit untainting; report error
if user preferences file exists but cannot be accessed;
- avoided using raw data from DNS as a regexp in Plugin/ASN.pm;
- ensured the dbg() and info() calls always return the same value (true)
regardless of log level;
- suppressed logging of $& when its value is not available (i.e. when
no regexp has been evaluated during rule evaluation);
- Exporter never really worked in SA, was not enclosed in BEGIN {};
- masses/runGA and masses/mk-baseline-results: prevent a shell 'source'
command from loading an unrelated file named 'config' which happens to be
in the current PATH - must use a ./ in an arg to a 'source' command;
ERROR HANDLING, ROBUSTNESS
- improved error detection and reporting: test status of all system calls
and I/O operations (or explicitly document where not), and report
unexpected failures;
- eval calls now check for eval result instead of testing the $@, which
is not always reliable;
- localized $@ and $! in DESTROY methods to prevent potential calls to eval
and calls to system routines in code executed from a DESTROY method
from clobbering global variables $@ and $!;
- Util::helper_app_pipe_open_unix: contain a failing exec with an eval
to prevent additional cases of process cloning. The exec could fail
this way when given tainted arguments;
- Util::helper_app_pipe_open_unix: flush stdout and stderr before forking,
otherwise an error reported by exec (such as 'insecure dependency')
was lost in a buffer;
- eval-protected an open($fh,'-|') to capture implied fork failures
due to lack of system resource;
- explicit untainting: combine "use re 'taint'" with untaint_var(),
avoiding implicit perl untainting, along with workarounds to prevent it;
- added 'use strict' where missing;
- avoided a bunch of warnings on "Use of uninitialized value";
- clearly report reasons for helper application process failures;
- t/SATest.pm: provide information about the process failure reason
if a system() call fails; improved its reporting of failures;
- improved error reporting in Plugin/DCC.pm on finding a DCC home directory
to facilitate troubleshooting;
OTHER CHANGES
- pseudoheader "ALL:raw" returns a pristine header section,
and pseudoheader "ALL" returns a cleaned header section
- total rewrite of URI detection in plain text body;
- many updates to the list of top level domains;
- added 'util_rb_3tld', allowing 3-level TLDs to be listed in URIBLs and
allowing new 3TLDs to be added from rule updates;
- avoided trusted_networks bog down due to O(n^2) loop with millions
of entries;
- applied fixes to Plugin/VBounce.pm, updated VBounce ruleset;
- added support for a 'Communigate Pro' Received header field;
- parse Communigate Pro "with HTTPU" auth token;
- let DependencyInfo.pm understand a concept of recommended module version,
besides a required version;
- provided a workaround for Net::DNS::Packet::new inconsistency;
- let SpamAssassin use either Digest::SHA or Digest::SHA1, whichever is
available (the Digest::SHA is now a base module since perl 5.10.0);
- improved parsing of eval-type rules: allow unquoted domain names as
arguments, disallow unmatched quotes;
- provided a new module Mail::SpamAssassin::BayesStore::BDB. It should be
treated as alpha-quality (needs more testing) and is not yet ready for
production use;
- exposed existing function 'received_within_months' as an eval function
in Plugin/HeaderEval.pm;
- moved rc script to /var/lock/subsys/spamd instead of
/var/lock/subsys/spamassassin so 'service spamd status' will work;
- added feature to re-download MIRRRORED.BY files at least once a week, or if
'sa-update --refreshmirrors' switch is used;
- input delimiter $/ can be corrupted by a plugin, localize $/ and $\ before
calling a plugin;
- bumped the retry counter to 180 seconds for starting spamd on slow machines;
- resolved Bug 5325: syslog severity level in spamc/libspamc.c for max
message size (changed LOG_ERR into LOG_NOTICE for the message:
"skipped message, greater than max message size");
- added checker to avoid taint warnings if hostname is returned as '(none)';
- altered sa-update to produce an error message if a channel doesn't exist;
- Bug 6150, Bug 6127, Bug 5981, Bug 5950, Bug 6191: let spamd log/report
a child process exit status or aborting condition in an informative way;
- added checker to detect accidental match-everything regexps in rules;
- updated garescorer for 3.3.0: use more epochs in GA runs for better scores;
clarify some mass-check warning output, ensure rule name always appears at
start of line; if a rule had no default/existing score in 50_scores.cf,
don't tell the GA that 1.0 is an appropriate default value, instead pick
the midway point of its score range. this produces better results;
remove some dead code from masses/score-ranges-from-freqs;
- set garescorer.c to report performance as iterations per second;
- added test to ensure that all config settings are correctly handled when
switching between users; added more config setting type metadata to enable
those tests to work; and fix URIDetail to store config on the {conf} object,
not on the plugin;
- moved 'release tests' to xt/ directory; mirror long-running, net-tests and
stress tests with xt/50_testname.t scripts to enforce their run before a
release;
- made numerous additional and updated self-tests;
- added a Test::Perl::Critic release-test;
- cleaned up some code based on suggestions by perl module Test::Perl::Critic,
among others:
. enable TestingAndDebugging::ProhibitNoStrict test but allow the
use of 'no strict "refs"';
. deal with BuiltinFunctions::RequireGlobFunction;
. deal with ControlStructures::ProhibitMutatingListFunctions
removing this exception from xt/60_perlcritic.t;
. deal with BayesStore/BDB.pm, Variables::ProhibitConditionalDeclarations
. now that the module Time::HiRes is a required module, we can afford
to replace a select() with Time::HiRes::sleep, and remove exception
BuiltinFunctions::ProhibitSleepViaSelect from xt/60_perlcritic.t;
- updated documentation, fixing numerous typos and mistakes in documentation
text and in log messages;
- extensively improved development process:
. automated testing through Hudson, a continuous integration tool;
. improved mass-check system and rules oversight;
mbox users really should upgrade, because by sending a message with a huge
header you could basically cause a DoS (this problem exists only with v1.2.x,
not with v1.0 or v1.1).
- mbox: Message header reading was unnecessarily slow. Fetching a huge header
could have resulted in Dovecot eating a lot of CPU. Also searching messages
was much slower than necessary.
- mbox, dbox, cydir: Mail root directory was created with 0770 permissions,
instead of 0700.
- maildir: Reading uidlist could have ended up in an infinite loop.
- IMAP IDLE: v1.2.7+ caused extra load by checking changes every 0.5 seconds
after a change had occurred in mailbox
Close the configuration file after reading it, plugging a
descriptor leak.
Release memory associated with old configuration nodes (i.e. strings)
as well as the nodes themselves.
Connect the configuration handle to its allocated data so cleanup can
actually be thorough.
Fix an error message reported inside _FFR_REPLACE_RULES.
Plug a memory leak in mlfi_header() tripped when errors occur.
Since ADSP has not yet been registered by IANA, adjust its method
label in Authentication-Results accordingly.
Include selector, domain and other text if possible when logging
key retrieval failures.
Add _FFR_SENDER_HEADERS, allowing user control over which header
fields are used to make the sign/verify decision and
perform key selection.
LIBDKIM: Initialize canon_lastchar in dkim_add_canon().
LIBDKIM: Clean up any compiled regular expressions in dkim_close().
LIBDKIM: Fix some type-related compiler warnings.
SPF sender authentication systems.
Sender-ID and SPF have both been published by the IETF (RFC4406 and RFC4408,
respectively) as experimental proposals.
This package consists of a library that implements the record parsers needed
to provide the authentication service, and a milter-based filter application
that can plug in to the sendmail MTA to provide that service to sufficiently
recent sendmail and postfix MTAs.
An optional asynchronous resolver library is also provided to work around
limitations of the basic BIND resolver which comes installed on most
systems.
While here, set LICENSE=gnu-gpl-v2 and add user-destdir installation support.
News
~~~~
THIS PROJECT IS NO LONGER BEING MAINTAINED. IF IT DOESN'T WORK FOR YOU SEE
THESE LINKS <http://esmtp.sourceforge.net/links.html>.
* Version 1.2 (2009-12-24):
* Make force_mda in the esmtprc to work with the -t option (based on patch
by Sourav K. Mandal)
* Version 1.1 (2009-12-16):
* Option to force local only MDA (Robert A.M. Diamond).
* Use locking in esmtp-wrapper (Phil Sutter).
* Update mutt option name in the user manual (Wu Fengguang).
* Version 1.0 (2008-10-09):
* Fix NTLM authentication (Nils Rennebarth).
* Option to disable Message-ID header (Phil Sutter).
* Version 0.6.0 (2007-09-03):
* Handle CR-LF newline endings when parsing the headers.
* Wrapper script for off-line mail delivery (Phil Sutter).
* Document how to get CA certificates.
* Corrections to the manpages (Reuben Thomas).
* Tips for adding missing Date: headers in messages for local delivery
(Bruce Schultz).
* Use a reasonable default for the reverse path when one is not
specified, instead of an empty one.
* Prevent segfault expanding %F in the MDA string when the reverse
path is not specified.
pkgsrc changes:
- Add license definition
- Adjust dependencies
Upstream changes:
0.23 2010-01-30
- removed Email::Send::Test from t/lib/* views
0.22 2010-01-28
- small fixes, version bumpage etc
0.21_01 2010-01-27
- dev release to test recent fixes
0.21 2010-01-27
- provided a sane MANIFEST.SKIP for dzil
0.20 2010-01-26
- fix transport instantiation thanks to Chris Nehren <apeiron@cpan.org>
0.19 2010-01-18
- fixed optional dependencies
- added META stuff back in
0.18 2010-01-17
- Fixed version dependencies for failing regressions
- added Email::Send::Test as a dependency
0.17 2010-01-14
- fixed MANIFEST
0.16 2010-01-12
- Fixed a Makefile.PL issue
0.15 2010-01-12
- Fixed teeny version issue with Email::Sender::Simple
0.14 2010-01-09
- Ported over to using Email::Sender::Simple, and Moose
- Fixed Mason test so that it doesn't choke, as around 'process'
seems to make it die.
pkgsrc changes:
- Adjust license
- Adjust dependencies
Upstream changes:
0.100460 2010-02-15 12:58:18 America/New_York
avoid using AutoPrereq, as it brings in build_requires as requires
0.100450 2010-02-14 17:55:48 America/New_York
allow timeout option to SMTP transport
0.100110 2010-01-11 10:43:57 America/New_York
Email::Sender::Failure is now a Throwable::Error
now uses Try::Tiny for internal exception handling
0.093380 2009-12-04 12:29:55 America/New_York
bump Moose prereq to 0.70 based on feedback from ANDK
0.093110 2009-11-07
allow uppercase env vars to set transport attributes (charsbar)
add "message" attribute to successes returned by SMTP transports
0.092840 2009-10-10
fix packaging error
0.092820 2009-10-09
improve reliability of t/sendmail.t (thanks, Mark Grimes)
0.091940 2009-07-12
packaging fixes (EU:MM version for LICENSE param) rt #47817
0.091930 2009-07-12
add some more common sendmail locations to default search
0.091870 2009-07-06
exclude unwanted methods from Email::Sender::Transport
to suppress a new warning from Moose role composition
0.091740 2009-06-23
no code changes
remove prereq of Test::More 0.88; weird things happened
0.091661 2009-06-15
THIS RELEASE MAY BREAK YOUR CODE... but probably not
Email::Sender::Simple has been added, along with a manual
Email::Sender is now a role
Email::Sender::Transport is now a role, too; subclasses will break
pkgsrc changes:
- Add license definition
- Add conflict/supersedes entry for merged modules
- Adjust dependencies
Upstream changes:
1.903 2009-12-23
correct typo in body_set_str (RT #53004) (thanks, Herbert Leitz)
1.902 2009-11-11
allow for padding spaces in the Content-Transfer-Encoding header
(Geraint Edwards)
1.901 2009-11-05
bump up Email::MIME::Encodings version required
1.900 2009-11-03
merge in Email-MIME-Modifier and Email-MIME-Creator
add better support for Unicode with body_str, header_str_set, etc.
that uses the sendmail Mail Transport Agent (MTA).
* mailqs reads the output from sendmail's mailq(8) command and summarizes
each queue entry, one entry per line. As such, its output is more easily
consumed by other scripts.
* rmmq is a convenience command for removing items from a sendmail queue.
When you run mailq(8) or mailqs, you get a list of sendmail queue IDs.
These queue IDs map to several files in a sendmail queue directory. This
command automatically maps the queue IDs to the files and removes them for you.
(imported from pkgsrc-wip)
described in RFC 822 using regular expressions. This module is
functionally equivalent to RFC::RFC822::Address, but uses regular
expressions rather than the Parse::RecDescent parser.
* Detect Sys::Syslog vs. Unix::Syslog at run-time
rather than when running ./configure.
* Bug fix: Don't change Content-Disposition to "inline" by default.
This was causing weird bugs with Outlook iCalendar attachments.
* Various crash fixes.
* Make relay_is_blacklisted and relay_is_blacklisted_multi handle
IPv6 addresses.
* Make the C code call smfi_setmlreply if the milter library supports it
and the Perl code returns a multi-line reply.
(And take over maintainer)
pkgsrc changes:
- Add license definition
Upstream changes:
version 0.93: Thu Dec 24 11:09:49 CET 2009
Fixes:
- Mail::Identity->from(Mail::Address) produced error
rt.cpan.org#52115 [Dmitry Bigunyak]
Improvements:
- do not run t/pod.t in devel environment.
Version 1.4.20 - 06 Mar 2010
---------------------------
- Fixed issue with search not using literals correctly (#2846511).
- Fixed issue with returning to search results due to new security token
code.
- Fixed issue with multi-part related messages not showing all attachments
(#2830140).
- Fixed for security token missing in newmail plugin (#2919418).
- Fixed sort in Sent folder to sort by "To" field instead of "From" field
(#2907412).
- Fixed mailto: urls containing + characters. Thanks to Michael Puls II
for the patch.
- Made base URL autodetection more robust; fixes some lighttpd issues
(probably #1741469).
- Encoded From headers are now properly quoted (#2830141).
- Multibyte strings (notably subjects) are now handled correctly (#2824813,
#2925731).
- X-DNS-Prefetch-Control: off header is now sent to browsers to prevent
information leakage when Firefox does DNS prefetching for URLs contained
in emails.
- Added unread links in message view.
- Added the ability to configure Google Mail (Gmail) as the mail server
behind SquirrelMail.
- Added option in display preferences that allows the signature to be
stripped from the original message when replying (#2952876). Thanks to
Sven Strickroth.
* Add DESTDIR support.
* Add more changes from squirrelmail's repositry including
secure token support, hoping early release of real 1.4.20.
Bump PKGREVISION.
by Wen Heping.
Changelog:
QA release - stable.
* Updated minimum dependencies (Net_SMTP, PEAR, PHP)
* Doc Bug #15620 Licence change to BSD
* Bug #13659 Mail parse error in special condition
* Bug #16200 - Security hole allow to read/write Arbitrary File
* _hasUnclosedQuotes() doesn't properly handle a double slash before an end
quote (slusarz at curecanti.org, Bug #9137).
* Make sure Net_SMTP is defined when calling getSMTPObject() directly
(slusarz at curecanti.org, Bug #13772).
* Add addServiceExtensionParameter() to the SMTP driver
(slusarz at curecanti.org, Bug #13764).
* Add a method to obtain the Net_SMTP object from the SMTP driver
(slusarz at curecanti.org, Bug #13766).
Many bugfixes. New features include:
* multi-threading was introduced
* add new recipients to address book automatically on sending was added.
* The new filter match type 'is in addressbook' was added.
* Address book is now sortable by each column.
* Address book search feature was added.
* The setup dialog on the first run became user-friendly.
* The new account setup dialog was implemented. Easy Gmail setup.
* SHA1/MD5 fingerprint and validity period of certificate is now displayed
* menu item to request disposition notification was added
* The feature to customize the color label text was added.
* The option to set only mail address of recipients when replying was added.
Postfix stable release 2.7.0 is available. For the past several
releases, the focus has moved towards improving the code and
documentation, and updating the system for changing environments.
- Improved before-queue content filter performance. With
"smtpd_proxy_options = speed_adjust", the Postfix SMTP server
receives the entire message before it connects to a before-queue
content filter. Typically, this allows Postfix to handle the same
mail load with fewer content filter processes.
- Improved address verification performance. The verify database
is now persistent by default, and it is automatically cleaned
periodically, Under overload conditions, the Postfix SMTP server
no longer waits up to 6 seconds for an address probe to complete.
- Support for reputation management based on the local SMTP client
IP address. This is typically implemented with "FILTER transportname:"
actions in access maps or header/body checks, and mail delivery
transports in master.cf with unique smtp_bind_address values.
- The postscreen daemon (a zombie-blocker in front of Postfix) is
still too rough for a stable release, and will be made "mature"
in the Postfix 2.8 development cycle (however you can use Postfix
2.7 with the Postfix 2.8 postscreen and dnsblog executables and
master.cf configuration; this code has already proven itself).
No functionality has been removed, but it is a good idea to review
the RELEASE_NOTES file for the usual minor incompatibilities or
limitations.
You can find Postfix version 2.7.0 at the mirrors listed at
http://www.postfix.org/
The same code is also available as Postfix snapshot 2.8-20100213.
Updated versions of Postfix version 2.6, 2.5 and perhaps earlier
will be released with the same fixes that were already included
with Postfix versions 2.7 and 2.8.
Upstream changes:
2009-10-19 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Release 1.008.
* Imp: support for iso-8859-6-[ei], iso-8859-8-[ei]. cf. report by
Hanne Moa on Sympa bug #6385 at <http://sourcesup.cru.fr/>.
* Imp: support for iso-8859-16.
* Imp: Allow body transfer-encoding profile "S".
* Chg: Default body transfer-encoding for UTF-8 from "B" to "S".
* Doc: Some fixes. New section "Incompatible changes".
* Fix: META.yml: optional_features is not hashref but arrayref.
Thanks SREZIC@CPAN.
While here, set LICENSE=modified-bsd and add user-destdir support.
150 (2010/02/15)
* IM/Pop.pm: Move exec_getsbrfile() from pop_repr() to pop_inc() to work
GetSbr correctly. (Thanks to Jacques Garrigue)
* imput.in: Add msgid, nomsgid, nomime, noverbose, version and help to
@CmpConfig, and Doc fix. (Thanks to HAT)
* IM/EncDec.pm (mime_encode_string): Fix that iso-2022-jp strings are garbled
to iso-8859-1.
* IM/EncDec.pm (mime_decode): Use local variables $bq and $str instead of
numbered variables. (Thanks to Kiyoshi OHGISHI)
* IM/Config.pm.in: Set NamazuV2=yes as the default value.
* IM/Config.pm.in: New subroutine mknmz_options.
* immknmz.in: Use mknmz_options.
* imsetup.in, cnf.im/SiteConfig.in, dot.im/Config: Add comment for
MknmzOptions.
* IM/Scan.pm, imput.in: Typo fix.
* configure: Update using Debian autoconf 2.65-3.
* config.guess, config.sub: Update using Debian autotools-dev 20090611.1.
* t-prot: Release as v2.15.
* t-prot.1: Describe --sani more precisely.
* t-prot: Fine-tune some regex.
* t-prot: Fix merging of multiple blank lines within pgp output
using -Mmutt.
* t-prot: Simplify expression.
* t-prot, t-prot.1: Add --reply and --sani for fixing annoying
headers. Add documentation for both. Many thanks to Matthias
Kilian and Martin Neitzel for suggesting and providing some script
invoked by procmail rules.
* t-prot.1: Suggest reading about -p when using -P.
* t-prot.1: Sort options in a consistent, alphabetical way.
* t-prot.1: Fix hyphenation. Thanks to Gerfried Fuchs for noticing!
* t-prot.1: Jeff Covey's article should not be missing under SEE
* t-prot: Release as v2.14.
* t-prot: Code cleanup for --pgp-short. Should get better
performance now.
* t-prot: Tighten --help output.
* t-prot.1: Add fields of usage and mention the INN2 filter file.
* t-prot.1: Improve word flow.
* t-prot.1: Another occurence of RFC 2822, update to RFC 5322.
* t-prot.1: RFC 5322 is offficial standard for the Internet Message
Format since October 2008, obsoleting RFC 2822.
* t-prot: Adjust comment to modern t-prot times.
* t-prot.1: Update contributers list.
* t-prot.1: Update date string.
* t-prot.1: Remove redundancies, improve some descriptions.
* contrib/muttrc.t-prot: By now, --bigq is pretty much standard and
extremely well-tested, so we include it into default configuration.
* t-prot: Revert thinko from r1.272.
* t-prot: Fix syntax to match coding style.
* t-prot: Release as v2.13.
* t-prot: Fix long standig false positive for mutt<1.5.18 with
Microsoft TOFU inside a PGP signed message and no lines above the
full quote (indicating a forwarded message rather than a lazy full
quote). Thanks to Gerfried Fuchs.
* t-prot: Fix newline stripping for locales.
* t-prot: Release as v2.12.
* t-prot, t-prot.1: Exit with exit status EX_OK when --max-lines
hits and -Mmutt is set (mutt is picky when a display_filter fails).
Provide a notification line in that case. Update man page. Many
thanks to Gerfried Fuchs, Martin F. Krafft and Tino Keitel for
reporting, providing a patch and testing.
* t-prot: Release as v2.11.
* contrib/filter_innd.pl: Command line default has changed, check
flags must be set now.
* t-prot.1: Better explain ratio check value.
* t-prot.1: Update copyright time stamp.
* t-prot, t-prot.1: Fix initialization and command line parsing for
--check (this should work as advertised now). Make the ratio check
code a little easier to read. Add the default value for the ratio
check to the man page.
* t-prot.1: Remove URLs to example scripts and configs. The files
are provided with the package.
* t-prot, t-prot.1: Fix last commit, release as t-prot v2.10.
Update man page.
* t-prot: Release as t-prot v2.9.
* t-prot: Do not check for message length in attachments (we
checked already for the entire message). Do exit with proper exit
code if message is longer than set in --max-lines (so scripts can
see if we gave up processing).
* t-prot.1: Fix speling.
* t-prot.1: Fix time stamp.
* t-prot.1: Fix rendering for anyone out there using UTF-8. Many
thanks (and a very merry Christmas) to Alfie.
* t-prot: Release as v2.8.
* t-prot, t-prot.1: Update documentation to reflect last change.
Avoid being tripped by endless (or non-existant) headers.
* t-prot: Change check order and remove duplicated code for
--max-lines.
version 2.06: Tue Jan 26 10:01:22 CET 2010
Improvements:
- express more clearly that Authen::SASL needs to be installed
manually if you need the functionality
- support for smtps via Net::SMTP::SSL, by [Maciej Żenczykowski]
fetchmail 6.3.14 (released 2010-02-05, 25487 LoC):
# SECURITY FIXES
* SSL/TLS certificate information is now also reported properly on computers
that consider the "char" type signed. Fixes malloc() buffer overrun.
Workaround for older versions: do not use verbose mode.
See fetchmail-SA-2010-01.txt for details, including a minimal patch.
# BUG FIXES
* The IMAP client no longer skips messages from several IMAP servers including
Dovecot if fetchmail's "idle" is in use. Causes were that fetchmail (a)
ignored some untagged responses when it should not (b) relied on EXISTS
messages in response to EXPUNGE, which aren't mandated by RFC-3501 (the IMAP
standard) and aren't sent by Dovecot either.
Fix by Sunil Shetye (the fix also consolidates IMAP response handling,
improving overall robustness of the IMAP client), bug report and testing by
Matt Doran, with further hints from Timo Sirainen.
* The SMTP client now recovers from errors (such as servers dropping the
connection after errors) when sending an RSET command.
Fix by Sunil Shetye. Report by James Moe.
* The IMAP client now uses "SEARCH UNSEEN" rather than "SEARCH UNSEEN NOT
DELETED" again on IMAP2, to fix a regression in fetchmail 6.2.5 reported by
Will Stringer in June 2004. (Sunil Shetye)
* The IMAP client now uses "SEARCH UNSEEN UNDELETED" on IMAP4 and IMAP4r1
servers (Sunil Shetye).
* Workaround: The IMAP client now falls back to "FETCH n:m FLAGS" if the server
does not support "SEARCH". (Sunil Shetye)
* The IMAP client now requests message numbers in batches of 1,000 to avoid
problems if there are more than 1860 unseen messages. (Sunil Shetye)
Note that this wasn't security relevant because fetchmail would only read up
to the maximum buffer size and leave the remainder of the string unread, going
out of synch afterwards.
* Stricter validation of IMAP responses containing byte or message counts.
# CHANGES
* Only include gssapi.h if we're not including gssapi/gssapi.h, to fix a FreeBSD
compiler warning about gssapi.h being obsolete.
# DOCUMENTATION
* The README.SSL document was revised for grammar, spelling, and clarity.
Courtesy of Robert Mullin.
fetchmail 6.3.13 (released 2009-10-30, 25333 LoC):
# REGRESSION FIXES
* The multiline SMTP error fix in release 6.3.12 caused fetchmail to lose
message codes 400..599 and treat all of these as temporary error. This would
cause messages to be left on the server even if softbounce was turned off.
Reported by Thomas Jarosch.
fetchmail 6.3.12 (released 2009-10-05):
# REGRESSION FIXES
* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of
unallocated memory on SSL connections, which caused crashes or program aborts
on some systems (depending on how initialization and free() of unallocated
memory is handled in compiler and libc).
Workaround for older versions: run in verbose mode.
Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760.
This regression affected only the 6.3.11 release, but not the patch that was
part of the security announcement fetchmail-SA-2009-01.
# BUG FIXES
* Fix error reporting for GSSAPI on Heimdal (h5l) Kerberos.
* Look for MD5_Init in libcrypto rather than libssl, fixes Gentoo Kerberos
builds; fixes upstream parts of Gentoo Bugs #231400 and #185652, and fixes
BerliOS Bug #16134.
* Report multiline SMTP errors properly, reported by Earl Chew; fixes Debian Bug
#529899, reported by Akihiro Terasaki.
Note: This fix introduced a regression, fixed in 6.3.13.
* Replace control characters in SMTP replies by '?'.
* Fetchmailconf: Fix descriptions for smtpaddress and smtpname options;
smtpaddress is for RCPT TO, not MAIL FROM. Found by Gerard Seibert.
...as well as translation updates in all three releases.
IMAP (Internet Message Access Protocol) is an Internet standards-track
protocol for accessing messages (mail, bboards, news, etc). The Cyrus
IMAP server differs from other IMAP server implementations in that it
is generally intended to be run on "sealed" servers, where normal users
are not permitted to log in. The mailbox database is stored in parts of
the filesystem that are private to the Cyrus IMAP system. All user
access to mail is through the IMAP, POP3, or KPOP protocols.
Collection.
The Perl 5 module Mail::Alias can read various formats of mail
alias. Once an object has been created it can be used to expand
aliases and output in another format.
Provides a class to deal with the decoding and interpreting of mime messages.
This package used to be part of the Mail_Mime package, but has been split off.
1.6.0
Bugs Fixed:
* Don't break specified headers folding [alec]
* Bug #17025: Wrong headers() result for long unwrapable header value [alec]
Implemented Features:
* Allow setting Content-ID for HTML Images [alec]
* Added one setParam() in place of many set*() functions [alec]
* Added getParam(), getTXTBody(), getHTMLBody() [alec]
* Skip RFC2231's charset if filename contains only ASCII characters [alec]
* Make sure that Received: headers are returned on the top [alec]
* Added saveMessageBody() and getMessageBody() functions [alec]
1.6.0RC2
Fixed Bugs:
* Bug #7561: _encodeQuotedPrintable() with mbstring function overloading
broken in 1.6.0RC1 [alec]
* Fixed quoted-printable encoding of characters with ord(char) < 10 [alec]
1.6.0RC1
Fixed Bugs:
* Bug #13444: Problem in multipart mail with txt, html and images. Reverted
fix for #9725 [alec]
* Bug #14780: Content-Type is not set correctly when calling headers() before
get() [alec]
Implemented Features:
* Feature #10884: Provide easy way to set build params [alec]
* Feature #13962: Multiple header support [alec]
* Use class (private) variables instead of MAIL_MIME_CRLF and
MAIL_MIMEPART_CRLF constants [alec]
* Feature #12411: Support both RFC2047 and RFC2231 for attachments filenames
encoding [alec]
* Optimized memory usage in quoted-printable encoding function [alec]
* Feature #13969: Big attachments support [alec]
* Changed default value of text_encoding to quoted-printable [alec]
1.5.3
Fixed bugs:
* Fix Bug #14678: srand() lowers security [clockwerx]
* Fix Bug #12921: _file2str not binary safe [walter]
* Fix Bug #12385: Bad regex when replacing css style attachments [cipri]
* Fix Bug #16911: Excessive semicolon in MIME header [alec]
* Fix Bug #15320: Attachment charset is not set in Content-Type header [alec]
* Fix Bug #16911: Lack of semicolon separator for MIME header parameters [alec]
* Fix Bug #16846: Use preg_replace_callback() instead of /e modifier [alec]
* Fix Bug #14779: Problem with an empty attachment [alec]
* Fix Bug #15913: Optimize the memory used by Mail_mimePart::encode.
Avoid having attachments data duplicated in memory [alec]
* Fix Bug #16539: Headers longer than 998 characters aren't wrapped [alec]
* Fix Bug #11238: Wrong encoding of structured headers [alec]
* Fix Bug #13641: iconv_mime_encode() seems to work different/errorious than
the build in logic. Removed 'ignore_iconv' param. [alec]
* Fix Bug #16706: Incorrect double-quotes RFC 2231-encoded parameter values
[alec]
* Fix Bug #14232: RFC2231: tspecials encoding in _buildHeaderParam() [alec]
Implemented Features:
* Implement Feature #10438: Function (encodeHeader) for encoding of given
header [alec]
1.5.2
* Fix Bug #11381: domain name is attached to content-id, trailing greater-than
sign is not remove [cipri]
1.5.1
* Fix Bug #11344: Error at line 644 in mime.php [cipri]
1.5.0
Split off Mail_MimeDecode
1.5.0RC2
Fixed accidental characters included in mime.php
QA release
* Move SVN to proper directory structure [cweiske]
* Fix Bug #8775: Error in package.xml
* Fix Bug #14671: Security issue due to seeding random number generator
[cweiske]
Release 2.67 adds the following features since 2.65 (there was no public
2.66 release):
* The ability for mimedefang-multiplexor to use poll rather than select.
This removes the FD_SETSIZE limit on the number of file descriptors
the multiplexor can handle.
* Support for FPROTD version 6 daemonized virus scanner.
2.65
There is only one change since 2.64: An error in the way the embedded
perl interpreter was initialized has been fixed. This fixes problems
on the Debian HPPA architecture and possibly others.
2.64
This is a minor bugfix release;
* Add support for NOD32 command-line scanner
* Add support for Sophos "savscan" scanner
2010-01-30 Jeffrey Stedfast <fejj@novell.com>
* README: Bumped version
* configure.in: Bumped version to 2.2.25
* configure.in: Disabled strict-aliasing to work around subtle
bugs generated by gcc 4.4 when optimizations are enabled.
version 3.23: Fri Jan 29 00:39:27 EST 2010
- new beta idle_data() method to retrieve untagged messages during idle
similar to method suggested by Daniel Richard G
- added/updated documentation for idle, idle_data, and done
- rt.cpan.org#53998: fix NTLM auth: call ntlm with challenge string
[Dragoslav Mlakar]
- report the return value from select/_read_more on errors
- logout() again returns the success/failure of the LOGOUT command
- set/return error when $response->() returns undef in authenticate()
- new internal method _load_module() centralizing some 'require' calls
- localize use $@ in several places to avoid stomping on global val
- refactor code calling _read_more() to centralize error handling
version 3.22: Thu Jan 21 15:25:54 EST 2010
- rt.cpan.org#52313: Getting read errors if Fast_io is set to 1
[Jukka Huhta]
- updated Maxttemperrors docs related to EAGAIN handling
- new starttls() method and Starttls attribute to support STARTTLS
- update parse_headers to try harder to find UID in fetch response
version 3.21: Tue Sep 22 19:45:13 EDT 2009
- rt.cpan.org#49691: rewrite of fetch_hash to resolve several issues
[Robert Norris]
includes new tests via t/fetch_hash.t
- rt.cpan.org#48980: (enhancement) add support for XLIST extension
[Robert Norris]
- rt.cpan.org#49024: NIL personal name returned by *_addresses methods
[Dmitry Bigunyak]
- rt.cpan.org#49401: IMAPClient expunge fails (unless folder arg used)
[Gary Baluha]
- update/clarify close and expunge documentation a little
version 3.20: Fri Aug 21 17:40:40 EDT 2009
- added file/tests in t/simple.t
- added methods Rfc3501_date/Rfc3501_datetime
used by deprecated methods Rfc2060_date/Rfc2060_datetime
rt.cpan.org#48510: Rfc3501_date/Rfc3501_datetime methods do
not exist [sedmonds]
- login() hack to quote an empty password
rt.cpan.org#48107: Cannot LOGIN with empty password [skunk]
* gmime/gmime-encodings.h (GMIME_UUENCODE_LEN): Fixed to prevent
possible buffer overflows.
* configure.in: Bumped version to 2.4.14 and disabled
strict-aliasing which causes bugs in GMime.
* gmime/gmime-filter-crlf.c (filter_filter): Fixed bug #606875 by
not trying to skip multiple characters per pass thru the loop when
encountering the first '.' of a possible '..' sequence.
* configure.in: Bumped version to 2.4.12
* gmime/gmime-utils.c (g_mime_utils_decode_8bit): Make sure to
always increment inptr as we force-convert it to ascii. Thanks to
Damian Pietras for finding this bug.
* gmime-2.4.pc.in: Moved -lz -lnsl, etc into Libs.private. Fixes
bug #603273.
file cannot run without EXIM_USER being present on the system, so
scripts/exim_install was changed to derive the Exim version from the
pkgsrc package version (see PKGSRC_EXIM_VERSION in the Makefile and patch-ae).
Added LICENSE information.
Ok'd by abs@
Changelog for Dovecot 1.2.10:
+ %variables now support %{host}, %{pid} and %{env:ENVIRONMENT_NAME}
everywhere.
+ LIST-STATUS capability is now advertised
- maildir: Fixed several assert-crashes.
- imap: LIST "" inbox shouldn't crash when using namespace with
"INBOX." prefix.
- lazy_expunge now ignores non-private namespaces.
Changelog for Sieve 0.1.15:
* Enotify extension:
- Adjusted notify method API for addition of new notification
methods.
- Set default importance level to 'normal' (was 'high').
* Include extension: updated implementation towards most recent
specification (all should be backwards compatible):
- Implemented global variables namespace.
- Global command may now appear anywhere in a script.
- Implemented script name checking using the requirements specified
in the ManageSieve draft.
- One issue remains: ManageSieve currently requires included scripts
to be uploaded first, which is not according to specification.
* Changed envelope path parser to allow to and from envelope addresses
that have no domain part.
+ Added preliminary support for Sieve plugins and added support for
installing Sieve development headers.
+ Started work on the implementation of the spamtest, spamtestplus and
virustest extensions (unfinished).
+ Deprecated notify extension: implemented denotify command.
+ Variables extension: added support for variable namespaces.
+ Added configurable script size limit. Compiler will refuse to
compile files larger than sieve_max_script_size.
+ Testsuite changes:
- Added support for changing and testing an extension's
configuration.
- Added a command line parameter for copying errors to stderr.
- Fixed a bug in the i;ascii-numeric comparator. If one of the
strings started with a non-digit character, the comparator would
always yield less-than.
- Imap4flags extension: fixed bug in removeflag: removing a single
flag failed due to off-by-one error (bug report by Julian Cowley).
- Improved EACCES error messages for stat() and lstat() syscalls and
slightly improved error messages that may uccur when saving a
binary.
- Vacation extension: fixed typo in runtime log message (patch by
Julian Cowley).
- Fixed use of minus '-' in man pages; it is now properly escaped.
- Fixed parser recovery. In particular cases it would trigger spurious
errors after an initial valid error and sometimes additional errors
were inappropriately ignored.
Changelog for ManageSieve 0.11.11:
* This release contains adjustments to match changes in the Sieve API.
This means that this release will only compile against Pigeonhole
Sieve v0.1.15.
+ Implemented ManageSieve QUOTA enforcement.
+ Added MAXREDIRECTS capability after login.
+ Implemented new script name rules specified in most recent
ManageSieve draft.
- Fixed assertion failure occuring with challenge-response SASL
mechanisms.
- Made configure complain about trying to compile against installed
Dovecot headers alone.
- Fixed compile warning for compilation against CMUSieve.
version 2.05: Fri Dec 18 22:39:21 CET 2009
Fixes:
- no de-ref error when index out of range in Mail::Header::get()
[Bob Rogers]
- repaired fixed selection of smtp for non-unix systems.
Improvements:
- do not run pod.t in devel environment.
- set default output filename for Mail::Mailer::testfile::PRINT
[Kaare Rasmussen[
- warn when no mailers were found.
rt.cpan.org#52901 [Christoph Zimmermann]
8.14.4/8.14.4 2009/12/30
SECURITY: Handle bogus certificates containing NUL characters
in CNs by placing a string indicating a bad certificate
in the {cn_subject} or {cn_issuer} macro. Patch inspired
by Matthias Andree's changes for fetchmail.
During the generation of a queue identifier an integer overflow
could occur which might result in bogus characters
being used. Based on patch from John Vannoy of
Pepperdine University.
The value of headers, e.g., Precedence, Content-Type, et.al.,
was not processed correctly. Patch from Per Hedeland.
Between 8.11.7 and 8.12.0 the length limitation on a return
path was erroneously reduced from MAXNAME (256) to
MAXSHORTSTR (203). Patch from John Gardiner Myers
of Proofpoint; the problem was also noted by Steve
Hubert of University of Washington.
Prevent a crash when a hostname lookup returns a seemingly
valid result which contains a NULL pointer (this seems
to be happening on some Linux versions).
The process title was missing the current load average when
the MTA was delaying connections due to DelayLA.
Patch from Dick St.Peters of NetHeaven.
Do not reset the number of queue entries in shared memory if
only some of them are processed.
Fix overflow of an internal array when parsing some replies
from a milter. Problem found by Scott Rotondo
of Sun Microsystems.
If STARTTLS is turned off in the server (via M=S) then it
would not be initialized for use in the client either.
Patch from Kazuteru Okahashi of IIJ.
If a Diffie-Hellman cipher is selected for STARTTLS, the
handshake could fail with some TLS implementations
because the prime used by the server is not long enough.
Note: the initialization of the DSA/DH parameters for
the server can take a significant amount of time on slow
machines. This can be turned off by setting DHParameters
to none or a file (see doc/op/op.me). Patch from
Petr Lampa of the Brno University of Technology.
Fix handling of `b' modifier for DaemonPortOptions on little
endian machines for loopback address. Patch from
John Beck of Sun Microsystems.
Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
Based on patch from Jonathan Gray of OpenBSD.
If a milter sets the reply code to "421" during the transfer
of the body, the SMTP server will terminate the SMTP session
with that error to match the behavior of the other callbacks.
Return EX_IOERR (instead of 0) if a mail submission fails due to
missing disk space in the mail queue. Based on patch
from Martin Poole of RedHat.
CONFIG: Using FEATURE(`ldap_routing')'s `nodomain' argument would
cause addresses not found in LDAP to be misparsed.
CONFIG: Using a CN restriction did not work for TLS_Clt as it
referred to a wrong macro. Patch from John Gardiner
Myers of Proofpoint.
CONFIG: The option relaytofulladdress of FEATURE(`access_db')
did not work if FEATURE(`relay_hosts_only') is used too.
Problem noted by Kristian Shaw.
CONFIG: The internal function lower() was broken and hence
strcasecmp() did not work either, which could cause
problems for some FEATURE()s if upper case arguments
were used. Patch from Vesa-Matti J Kari of the
University of Helsinki.
LIBMILTER: Fix internal check whether a milter application
is compiled against the same version of libmilter as
it is linked against (especially useful for dynamic
libraries).
LIBMILTER: Fix memory leak that occurred when smfi_setsymlist()
was used. Based on patch by Dan Lukes.
LIBMILTER: Document the effect of SMFIP_HDR_LEADSPC for filters
which add, insert, or replace headers. From Benjamin
Pineau.
LIBMILTER: Fix error messages which refer to "select()" to be
correct if SM_CONF_POLL is used. Based on patch from
John Nemeth.
LIBSM: Fix handling of LDAP search failures where the error is
carried in the search result itself, such as seen with
OpenLDAP proxy servers.
VACATION: Do not refer to a local variable outside its scope.
Based on patch from Mark Costlow of Southwest Cyberport.
Portability:
Enable HAVE_NANOSLEEP for SunOS 5.11. Patch from
John Beck of Sun Microsystems.
Drop NISPLUS from default SunOS 5.11 map definitions.
Patch from John Beck of Sun Microsystems.
Changelog for Dovecot 1.2.9:
* maildir: When saving, filenames now always contain ,S=<size>.
Previously this was done only when quota plugin was loaded. It's
required for zlib plugin and may be useful for other things too.
+ lazy-expunge: Support a single-namespace configuration. If a mailbox
is deleted, its messages are merged with its old expunged messages
(if there were any).
+ expire: Settings now support spaces in mailbox names by using
quoted strings.
- maildir: v1.2.7 and v1.2.8 caused assert-crashes in
maildir_uidlist_records_drop_expunges()
- maildir_copy_preserve_filename=yes could have caused crashes.
- Maildir++ quota: % limits weren't updated when limits were read
from maildirsize.
- virtual: v1.2.8 didn't fully fix the "lots of mailboxes" bug
- virtual: Fixed updating virtual mailbox based on flag changes.
- fts-squat: Fixed searching multi-byte characters.
Changelog for Sieve 0.1.14:
* Made the imposed limits on the number of redirects and the number
of actions configurable. The settings are called sieve_max_actions
and sieve_max_redirects.
* Did a major rework of extension handling, making sure that no global
state is maintained. This change was triggered by problems that
global state info would cause for Dovecot v2.0, but it is also
important for v1.2 as it significantly cleans up the library
implementation.
+ Made LDA Sieve plugin recognize the deliver_log_format setting.
+ Message headers produced from user-supplied data are now
RFC2047-encoded if necessary for outgoing messages. This is for
example important for the :subject argument of the vacation action.
+ Added support for the $text$ substitution in the deprecated notify
extension.
+ The subaddress extension now also accepts recipient_delimiter
setting as an alias for sieve_subaddress_sep setting. This
anticipates the recipient_delimiter setting in v2.0.
- Fixed logging of mailbox names. It logged the converted mUTF7
version in stead of the original UTF8 version supplied by the user.
- Fixed a minor memory leak in the multiscript support.
- Fixed a bug in the recompilation of Sieve scripts. Made sure that
scripts are only recompiled when the script file - or the symlink
pointing to it - is strictly newer.
Changelog for ManageSieve 0.11.10:
* This release contains adjustments to match changes in the Sieve API.
This means that this release will only compile against Pigeonhole
Sieve v0.1.14.
- Fixed compilation of ManageSieve against CMUSieve.
Special permissions for filterctl and courierfilter have to be applied
in an install script at installation time.
Actions for the post-install target forgot to propagate DESTDIR
appropriately as a make parameter.
Recognized_Att_Keys) were made private, which broke SpamAssassin's
(ab)use of those variables. For details see
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6131.
Perl 5.10.1 includes ExtUtils::MakeMaker 6.55_2 and consequently building
SpamAssassin 3.2.5 with DESTDIR support in pkgsrc does not work anymore.
The fix changes the decision whether the used EU::MM module has good
enough DESTDIR support to depend only on the version number
(ie. mm_has_good_destdir is true) instead of the availability of the
key 'DESTDIR' in the (now non-public) Recognized_Att_Keys hash.
Ok to commit during freeze by wiz@
Fixes mime type when attaching an Office (MS or Open*.org) file.
Prior to this commit would always be tagged as application/octet-stream.
Bump pkgrevision
qpopper:
* add user-destdir support
* add ${QPOPPER_USER}:${QPOPPER_GROUP} to PKG_USERS, fixes PR#28807.
* honor VARBASE.
common:
* update ipv6 patch to appropriate one for base version.
* some pkglint cleanup.
Bump PKGREVISION.
unconditionally. All supported systems should have poll(2). If
one is found that doesn't then this can be revisited and some way
of making it conditional can be implemented.
This resolves an issue with applications that have a large
number of open files and want to bump FD_SETSIZE. Since libmilter
no longer uses select(2), the application is free to monkey with
FD_SETSIZE as it pleases.
Evolution-Data-Server 2.28.2 2009-12-14
---------------------------------------
Bug Fixes:
#394567 - Use correct FBTYPE values in GroupWise calendar backend
(Jari Urpalainen)
#574940 - Crash in message_info_to_db() (Milan Crha)
#593023 - Deleting an imported recurrent event will remain (Milan Crha)
#594502 - Some google calendar meetings don't show up (Milan Crha)
#598971 - Preserve selection in ENameSelectorEntry if possible
(Milan Crha)
#599671 - gtk_tree_view_column_get_cell_renderers() is deprecated
(Matthew Barnes)
#600449 - segfault in camel_msgport_destroy (Milan Crha)
#600573 - e-addressbook-factory aborts on ldap lookup (Milan Crha)
#602719 - Crash in ep_set_proxy with no proxy user or password
(Milan Crha)
#603437 - Fix few memory leaks (Milan Crha)
#603689 - Improper escaping of folder name (Lucian Langa)
Other Changes:
Use EAGAIN instead of ETIMEDOUT on Windows (Tor Lillqvist)
Don't use commas on the Requires line (Tor Lillqvist)
Fix a memory leak. (Wang Xin)
Fix a crash due to un initialized variable. (Srinivasa Ragavan)
Use SQLite's default cache size of 2000 pages in folders.db
(C de-Avillez)
Translations:
Ivar Smolin (et)
Lucian Grijincu (ro)
Leonid Kanter (ru)
* Add patches to fix build problem with OpenSSL 1.0.0 beta and later.
* Generase "-DUSE_SSL" instead of "-DSSL". Similar changes are CANNA
and ZLIB. (In the case of ZLIB, it could be change to use HAVE_ZLIB_H.)
* Split Makefile to use hacks.mk and options.mk.
* And miscellaneous pkglint clean up.
There should be no functional change and fix PR pkg/42452.
Fuß <ef@math.uni-bonn.de>.
The package now contains Stephan Bosch' new Dovecot Sieve plugin as a pkgsrc
option (instead of the old CMU Sieve plugin that was a separate package), as
well as the ManageSieve extension. The dovecot-sieve package will be removed.
Upgrading from Dovecot 1.1.x may require changes to your configuration file,
see this webpage for more information: http://wiki.dovecot.org/Upgrading/1.2
Major changes since Dovecot 1.1:
* When creating files or directories to mailboxes, Dovecot now uses
the mailbox directory's permissions and GID for them. Previous
versions simply used 0600 mode always. For backwards compatibility
dovecot-shared file's permissions still override these with Maildir.
* SQL dictionary (quota) configuration file is different than in v1.1.
See doc/dovecot-dict-sql-example.conf for the new format.
* deliver -m: Mailbox name is now assumed to be in UTF-8 format,
not modified-UTF7. Stephan Bosch's new Sieve implementation also
assumes UTF-8 format in fileinto parameters.
+ Full support for shared mailboxes and IMAP ACL extension.
The code is mainly from Sascha Wilde and Bernhard Herzog.
+ IMAP: Added support for extensions: CONDSTORE, QRESYNC, ESEARCH,
ESORT, SEARCHRES, WITHIN, ID and CONTEXT=SEARCH.
+ SEARCH supports INTHREAD search key, but the rest of the INTHREAD
draft isn't implemented yet so it's not advertised in capability.
+ THREAD REFS algorithm where threads are sorted by their latest
message instead of the thread root message. There is also no base
subject merging.
+ IMAP: Implemented imap-response-codes draft.
+ Thread indexes for optimizing IMAP THREAD command and INTHREAD
search key.
+ Added userdb checkpassword (by Sascha Wilde)
+ Virtual mailboxes: http://wiki.dovecot.org/Plugins/Virtual
+ Autocreate plugin: http://wiki.dovecot.org/Plugins/Autocreate
+ Listescape plugin: http://wiki.dovecot.org/Plugins/Listescape
vulnerability in ruby-actionpack.
Major changes:
- Improved compatibility with Ruby 1.9
- RailsXss plugin availability
- Fixes for the Nokogiri backend for XmlMini
The 2.x version is still available in mail/thunderbird2.
Major changes:
- New Mail Account Setup Wizard
- Redesigned Mail Toolbar
- Tabbed Email Messages
- Smart Folders
- New Message Summary View
- Column Headings
- Message Archive
- Activity Manager
- New Add-ons Manager
- Improved Address Book
- Improved Gmail Integration
Full release notes:
http://www.mozillamessaging.com/en-US/thunderbird/3.0rc1/releasenotes/
- handle additional cases where IMAP (and for good measure, POP3) server is
broken and offers a message that it then fails to return. Thanks: Eric
Waguespack.
* Specify toolbar container in compose template (#1486247)
* Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243)
* Avoid unnecessary page loads for selected tab (#1486032)
* Fix quota indicator issues by content generation on client-size (#1486197, #1486220)
* Don't display disabled sections in Settings (#1486099)
* Added server-side e-mail address validation with 'email_dns_check' option (#1485857)
* Fix login page loading into an iframe when session expires (#1485952)
* Allow setting port number in 'force_https' option (#1486091)
* Option 'force_https' replaced by 'force_https' plugin
* Fix IE issue with non-UTF-8 characters in AJAX response (#1486159)
* Partially fixed "empty body" issue by showing raw body of malformed message (#1486166)
* Fix importing/sending to email address with whitespace (#1486214)
* Added XIMSS (CommuniGate) driver for Password plugin
* Fix newly attached files are not saved in drafts w/o editing any text (#1486202)
* Added attachment upload indicator with parallel upload (#1486058)
* Use default_charset for bodies of messages without charset definition (#1486187)
* Password: added cPanel driver
* Fix return to first page from e-mail screen (#1486105)
* Fix handling HTML comments in HTML messages (#1486189)
* Fix folder/messagelist controls alignment - icons used (#1486072)
* Fix LDAP addressbook shows 'Contact not found' error sometimes (#1486178)
* Fix cache status checking + improve cache operations performance (#1486104)
* Prevent from setting INBOX as any of special folders (#1486114)
* Fix regular expression for e-mail address (#1486152)
* Fix Received header format
* Implemented sorting by message index - added 'index_sort' option (#1485936)
* Fix dl() use in installer (#1486150)
* Added 'ldap_debug' option
* Fix "Empty startup greeting" bug (#1486085)
* Fix setting user name in 'new_user_identity' plugin (#1486137)
* Fix incorrect count of new messages in folder list when using multiple IMAP clients (#1485995)
* Fix all folders checking for new messages with disabled caching (#1486128)
* Support skins in 'archive' and 'markasjunk' plugins
* Added 'html_editor' hook (#1486068)
* Fix DB constraint violation when populating messages cache (#1486052)
* Password: added password strength options (#1486062)
* Fix LDAP partial result warning (#1485536)
* Fix delete in message view deletes permanently with flag_for_deletion=true (#1486101)
* Use faster/secure mt_rand() (#1486094)
* Fix roundcube hangs on empty inbox with bincimapd (#1486093)
* Fix wrong headers for IE on servers without $_SERVERHTTPS? (#1485926)
* Force IE style headers for attachments in non-HTTPS session, 'use_https' option (#1485655)
* Check 'post_max_size' for upload max filesize (#1486089)
* Password Plugin: Fix %d inserts username instead of domain (#1486088)
* Fix rcube_mdb2::affected_rows() (#1486082)
* Added patch by Johannes Berg that expands the main option
"spamd_servers" if it starts with a dollar sign.
* Write list of recipients to X-Envelope-Sender header when building
the mbox-format spool file for content scanning.
* Added patch by Wolfgang Breyha that adds experimental DCC
(http://www.dcc-servers.net/) support via dccifd. Activated by
setting EXPERIMENTAL_DCC=yes in Local/Makefile. Check out
experimental_spec.txt for more documentation.
* Bugzilla 673: Add f-protd malware scanner support.
* Bugzilla 657: Embedded PCRE removed from the exim source tree.
When building exim an external PCRE library is now needed -
PCRE is a system library on the majority of modern systems.
See entry on PCRE_LIBS in EDITME file.
* Bugzilla 646: Removed unwanted C/R in Dovecot authenticator
conversation. Added nologin parameter to request.
* Do not log submission mode rewrites if they do not change the address.
* Bugzilla 662: Fix stack corruption before exec() in daemon.c.
* Bugzilla 602: exicyclog now handles panic log, and creates empty
log files in place. Contributed by Roberto Lima
* Bugzilla 667: close socket used by dovecot authenticator
* Bugzilla 615: When checking the local_parts router precondition
after a local_part_suffix or local_part_prefix option, Exim now
does not use the address's named list lookup cache, since this
contains cached lookups for the whole local part.
* Bugzilla 521: Integrated SPF Best Guess support contributed by
Robert Millan. Documentation is in experimental-spec.txt
* Bugzilla 668: Fix parallel build (make -j).
* Bugzilla 437: Prevent Maildir aux files being created with mode 000
* Bugzilla 598: Improvement to Dovecot authenticator handling.
* Leading white space used to be stripped from $spam_report which
wrecked the formatting. Now it is preserved.
* Save $spam_score, $spam_bar, and $spam_report in spool files, so
that they are available at delivery time.
* Fix the way ${extract is skipped in the untaken branch of a conditional.
* TLS error reporting now respects the incoming_interface and
incoming_port log selectors.
* more...
2009-11-07 Jeffrey Stedfast <fejj@novell.com>
* README: Bumped version
* configure.in: Bumped version to 2.4.11
* build/vs2008/gmime.vcproj: Bumped version.
2009-11-05 Jeffrey Stedfast <fejj@novell.com>
* gmime/gmime-multipart.c (ptr_array_insert): Fixed to handle an
index larger than the current array length as well as fixing the
true insert case to shift items when index is les than the current
array length (as opposed to when it is equal-to). Thanks to
harven@gingers.rulez.pl for finding this bug.
2009-10-10 Jeffrey Stedfast <fejj@novell.com>
* gmime/gmime-utils.c: Fixed the military timezone offsets.
* Upgraded to Unicode 5.2.0
- Maildir: Fixed crash when using a lot of keywords.
- file_set_size() was broken with OSes that didn't support posix_fallocate()
(almost everyone except Linux), causing all kinds of index file errors.
pkgsrc changes: patch to use gmime24
Changes since 5.3:
* The regression which caused some read IMAP messages to be reported as
unread has been fixed.
* And more, see the NEWS file.
Changes since 5.2:
* A crash affecting IMAP, Maildir and POP3 mailboxes has been fixed.
* A crash affecting Evolution mailboxes on 64-bit systems has been fixed.
* And more, see the NEWS file.
Changes since 5.1:
* Default configuration values were not registered.
Changes since 5.0:
* A number of minor issues have been fixed. Most notably, the message
count is now drawn properly.
* And more, see the NEWS file.
Pkgsrc changes:
- Added LICENSE
Relevant changes since version 0.32:
====================================
Version 0.37 - released 2009-09-08
* New/changed functionality:
* ADSP records now check whether the domain itself exists, in
accordance to the ADSP specification
* bugfixes:
* fixed regexp used to detect header field names (issue #2803465)
* various fixes to ADSP checking
Version 0.36 - released 2009-06-02
* API changes:
* restore the as_string() method which was accidentally removed
in version 0.34
Version 0.35 - released 2009-05-22
* bugfixes:
* fixed a runaway regular expression in the canonicalization
routines (patch provided by Mark Martinec)
Version 0.34 - released 2009-05-20
* New/changed functionality:
* support for ADSP (author-domain-signing-practices) records
* removed support for pre-standardized DKIM signatures (i.e. these
are DKIM signatures without a v= or bh= tag).
* DNS resolver errors are detected and reported as such
* API changes:
* renamed Mail::DKIM::Policy to Mail::DKIM::DkPolicy. Programs using
the former name to create policy objects directly (though it would
be more expected to fetch the objects through
Mail::DKIM::Verifier) should update their code
* new policies() method in Mail::DKIM::Verifier for fetching all
applicable sender/author signing policies
* bugfixes:
* Signer object would die if first line of input wasn't a header
(rt.cpan.org issue #46179)
Version 0.33 - released 2009-03-10
* bugfixes:
* signature wrapping would sometimes cause improper preparation of
DKIM signatures, with "simple" canonicalization (issue #2257046)
* test scripts:
* the included corpus is now verified using a fake-DNS resolver,
which means the test corpus can validate even when your DNS
servers are really slow
Pkgsrc changes:
- Submitted patch-aa upstream.
- Added LICENSE.
- Put PKG_INSTALLATION_TYPES and PKG_DESTDIR_SUPPORT in section 4 of Makefile.
- Shut up a pkglint warning about quoting.
Changes since version 2.84:
===========================
2.85 (July 21, 2008)
Relicense under Artistic License 2.0. See LICENSE for details.
would otherwise cause a chown of the trigger file. (with DESTDIR,
the "nullmail" user & group are not yet created)
Because this leaves the trigger file possibly owned by root, add
a test in the rc "start" path to [re]make it when necessary.
put this test and the daemon background and logging into a
separate script so that it can be run by the rc framework as the
nullmail user in the normal way, and add a procname argument to
allow the "status" and "stop" rc commands to work properly.
bump PKGREVISION
Changes since 2.2.11:
* Backport IPv6 support
* Remove generated autoconf files from the release. Please install
automake-1.9 and run autoreconf -i before running configure
* Backport the fix for duplicate mailboxes in LIST/LSUB responses
* Backport for internaldate as UTC
* Fix for file descriptor leakage
Bugs fixed since 2.2.10:
0000742: [Authentication layer] PATCH: authldap.c - multiple attributes
for field_mail (Toast) - resolved.
0000731: [Documentation] Missing documentation of database layer logging
control (paul) - resolved.
0000723: [Database layer] simultaneous mailbox creation (paul) -
resolved.
0000709: [Database layer] Some sql optimizations (paul) - resolved.
0000721: [Authentication layer] mail quota in ldap not used during
delivery (paul) - resolved.
0000698: [IMAP daemon] PostgreSQL 8.3.1 can't execute query (paul) -
resolved.
0000712: [General] traces to stderr may cause core dumps if hostname
>=16 (paul) - resolved.
0000710: [IMAP daemon] eliminate annoying "[Illegal seek] on
read-stream" message from imap4d - resolved.
0000704: [IMAP daemon] IMAP TEXT searches stop at headers - resolved.
0000670: [IMAP daemon] IMAP TEXT searches only seem to search headers
(paul) - resolved.
* Use case ignore match for detecting encoded header. This is
language independent problem.
* Improve handling of file name of attachment in Japanese environment.
These fixes make squirrelmail usable after remove of japaneses patch.
Bump PKGREVISION.
* Currently, squirrelmail package is brokwn when enable squirrelmail-japanese
option and are/squirrelmail/functions/decode/iso_2022_jp.php was conflicted
between squirrelmail and squirrelmail-decode package.
* squirrelmail-japanese isn't available for squirrelmail-1.4.20-RC2.
Bump PKGREVISION.
