* lmtp: Start tracking lmtp_user_concurrency_limit and reject already
at RCPT TO stage. This avoids MTA unnecessarily completing DATA only
to get an error.
* doveadm: Previously only mail settings were read from protocol
doveadm { .. } section. Now all settings are.
+ quota: Added quota_over_flag_lazy_check setting. It avoids checking
quota_over_flag always at startup. Instead it's checked only when
quota is being read for some other purpose.
+ auth: Added a new auth policy service:
http://wiki2.dovecot.org/Authentication/Policy
+ auth: Added PBKDF2 password scheme
+ auth: Added %{auth_user}, %{auth_username} and %{auth_domain}
+ auth: Added ":remove" suffix to extra field names to remove them.
+ auth: Added "delay_until=<timestamp>[+<max random secs>]" passdb
extra field. The auth will wait until <timestamp> and optionally some
randomness and then return success.
+ dict proxy: Added idle_msecs=<n> parameter. Support async operations.
+ Performance improvements for handling large mailboxes.
+ Added lib-dcrypt API for providing cryptographic functions.
+ Added "doveadm mailbox update" command
+ imap commands' output now includes timing spent on the "syncing"
stage if it's larger than 0.
+ cassandra: Added metrics=<path> to connect setting to output internal
statistics in JSON format every second to <path>.
+ doveadm mailbox delete: Added -e parameter to delete only empty
mailboxes. Added --unsafe option to quickly delete a mailbox,
bypassing lazy_expunge and quota plugins.
+ doveadm user & auth cache flush are now available via doveadm-server.
+ doveadm service stop <services> will stop specified services while
leaving the rest of Dovecot running.
+ quota optimization: Avoid reading mail sizes for backends which
don't need them (count, fs, dirsize)
+ Added mailbox { autoexpunge_max_mails=<n> } setting.
+ Added welcome plugin: http://wiki2.dovecot.org/Plugins/Welcome
+ fts: Added fts_autoindex_exclude setting.
- v2.2.24's MIME parser was assert-crashing on mails having truncated
MIME headers.
- auth: With multiple userdbs the final success/failure result wasn't
always correct. The last userdb's result was always used.
- doveadm backup was sometimes deleting entire mailboxes unnecessarily.
- doveadm: Command -parameters weren't being sent to doveadm-server.
- If dovecot.index read failed e.g. because mmap() reached VSZ limit,
an empty index could have been opened instead, corrupting the
mailbox state.
- imapc: Fixed EXPUNGE handling when imapc_features didn't have modseq.
- lazy-expunge: Fixed a crash when copying failed. Various other fixes.
- fts-lucene: Fixed crash on index rescan.
- auth_stats=yes produced broken output
- dict-ldap: Various fixes
- dict-sql: NULL values crashed. Now they're treated as "not found".
Changelog:
Fixed When entering members into a mailing list, the enter key dismissed the panel instead of just moving onto the next line
Fixed Email without HTML elements was sent as HTML, despite "Delivery Format: Auto-detect" option
Fixed Options applied to a template were lost when the template was used.
Fixed Contacts could not be deleted when they were found through a search
Fixed Views from global searches did not respect "mail.threadpane.use_correspondents"
Version 1.2.5:
- Support SHA256 fingerprints for tls_fingerprint, and mark both SHA1 and MD5 as
deprecated.
Version 1.2.4:
- The system default policy is used with GnuTLS instead of a hardcoded one.
Version 1.2.3:
- A bug in SOCKS support was fixed.
- Handling non-fatal errors in TLS handshakes was fixed.
Version 1.2.2:
- No significant changes.
Version 1.2.1:
- The new configure option --with-tls replaces --with-ssl.
- A new configure option --disable-gai-idn was added.
Version 1.2.0:
- Support for SOCKS proxies was added. This allows mpop to be used with Tor.
- GNOME Keyring support now uses libsecret instead of libgnome-keyring. It is
now documented how to use secret-tool to manage passwords for mpop; the
obsolete mpop-gnome-tool script is removed.
- Configuration file security is now only checked if the file actually contains
secrets such as passwords. (If you still store passwords in the configuration
file, consider using the passwordeval command or a key ring instead.)
- The GSSAPI authentication method is not chosen automatically anymore, you have
to request it manually if you really want to use it.
- Libidn is not required for IDN support anymore on systems where getaddrinfo()
supports the AI_IDN flag and the GnuTLS version is >= 3.4.0.
- SSLv3 is disabled, and the obsolete tls_force_sslv3 command and
--tls-force-sslv3 option have no effect anymore.
Version 1.0.29:
- No significant changes.
Upstream changes:
version 3.38: Tue Feb 9 02:48:21 UTC 2016
- rt.cpan.org#107592: redact credentials via debug if !Showcredentials
[Gilles Lamiral]
- rt.cpan.org#110273: failure to quote password values
(regression introduced in 3.36 via fix for rt.cpan.org#100601)
[Gilles Lamiral]
- rt.cpan.org#107593: allow getquota("")
- *Quote() now returns qq("") for defined but empty values
- rt.cpan.org#107011: fix folders_hash() docs and usage in is_parent()
[Gilles Lamiral]
- rt.cpan.org#106500: split UID EXPUNGE with a large sequence set
- added t/quota.t and t/lib/MyTest.pm for testing
- updated copyright for 2016
version 3.37: Fri Aug 14 11:04:53 EDT 2015
- regex fix in rt.cpan.org#96575 required Perl 5.10
updated regex to be backwards compatible with Perl 5.8
[Paul Howarth]
version 3.36: Fri Aug 14 01:40:50 UTC 2015
- rt.cpan.org#96575: parsing fixes for fetch_hash and bodystructure
+ better handling of data containing escaped characters
[Ken Neighbors]
- rt.cpan.org#97718: hang waiting for tag if DONE sent outside of IDLE
[Laurence Darby]
- rt.cpan.org#100683: failed literal commands hang waiting for '+'
[Matthias Pitzl]
- rt.cpan.org#100601: login() fails if username requires use of literals
[Andy Lyttle]
- *rt.cpan.org#103823: is_parent() should return undef on \NoInferiors
[Gilles Lamiral]
- rt.cpan.org#105456: fetch_hash fails if sequence number contains '*'
+ *no longer removing unrequested data (except UID) in returned hashes
[Gilles Lamiral]
- rt.cpan.org#91912: selectable broke in 3.29 due to \b around \NoSelect
[Justin Vallon, Gilles Lamiral]
- some documentation, test cleanup and new tests
version 3.35: Fri, Nov 22, 2013 2:18:41 PM
- *use Quote() over Massage() to avoid stripping double quotes from arg
+ removed constant NonFolderArg
+ may deprecate Massage() in a future release
- _list_or_lsub failed to handle folder names with double quotes
+ cleanup Escaped_results()
+ new methods: Escaped_history() _escaped_trans_data()
+ removed method: _list_response_preprocess()
[Gilles Lamiral, Victor L閉
- rt.cpan.org#90315: getacl on a folder returned as literal failed
+ _read_line could remove extra space when literal data was received
[Carl Karcher]
- rt.cpan.org#89040: typo fixes
[David Steinbrunner]
version 3.34: Fri, Sep 27, 2013 12:50:17 AM
- make Makefile.PL use non-interactive and document test.txt usage
- new attribute: Socketargs => [ (IO::Socket::.. args) ]
+ cleanup connect() to more flexible with IO::Socket::* args
- untagged server data during send literal may cause client to hang
[Arthur Wolfe, Josh Hillman]
+ _send_line() needs '+' only to know it is OK to send LITERAL data
+ created _response_code_sub() to simplify _get_response()
- remove internal "Folders" cache
- Allow for RFC 6154 "IMAP LIST Extension for Special-Use Mailboxes"
[Mathias Reitinger]
+ new method: folders_hash()
+ deprecate: xlist_folders(), xlist()
pkgsrc changes:
- (cosmetic) fix a pkglint warning and proper indent variables in options.mk
Changes:
Version 1.6.5:
- Support SHA256 fingerprints for tls_fingerprint, and mark both SHA1 and MD5 as
deprecated.
RELEASE 1.1.5
-------------
- Plugin API: Add html2text hook
- Plugin API: Added addressbook_export hook
- Fix missing emoticons on html-to-text conversion
- Fix random "access to this resource is secured against CSRF" message at logout (#4956)
- Fix missing language name in "Add to Dictionary" request in HTML mode (#4951)
- Enable use of TLSv1.1 and TLSv1.2 for IMAP (#4955)
- Fix XSS issue in SVG images handling (#4949)
- Fix (again) security issue in DBMail driver of password plugin [CVE-2015-2181] (#4958)
- Fix bug where Archive/Junk buttons were not active after page jump with select=all mode (#4961)
- Fix bug in long recipients list parsing for cases where recipient name contained @-char (#4964)
- Fix additional_message_headers plugin compatibility with Mail_Mime >= 1.9 (#4966)
- Hide DSN option in Preferences when smtp_server is not used (#4967)
- Protect download urls against CSRF using unique request tokens (#4957)
- newmail_notifier: Refactor desktop notifications
- Fix so contactlist_fields option can be set via config file
- Fix so SPECIAL-USE assignments are forced only until user sets special folders (#4782)
- Fix performance in reverting order of THREAD result
- Fix converting mail addresses with @www. into mailto links (#5197)
Add SMF support, clean up etc.
* Mon Feb 13 2012 Martin Matuska <martin@matuska.org>
- 1.8.0 release
- Allow to specify complete DSN in configuration file
- Support listening on UNIX sockets
- Support pidfile command line argument
* Mon Feb 01 2010 Michal Ludvig <mludvig@logix.net.nz>
- Upgraded VERSION to 1.8.0-rc2
- Reverted GNU sed syntax in Makefile
* Sat Jan 23 2010 Michal Ludvig <mludvig@logix.net.nz>
- Upgraded VERSION to 1.8.0-rc1
- 'make dist' now creates sqlgrey-$VERSION.tar.gz with
the help of 'git archive'
* Mon Aug 17 2009 Michal Ludvig <mludvig@logix.net.nz>
- 1.7.7 release getting ready
- Reworked "smart"/"class-c" IPv6 address handling.
- Added IPv6 address support for clients_ip_whitelist(.local)
file
- client_ip_whitelist(.local) now supports address/prefix
notation both for IPv4 and IPv6 addresses.
* Sun Aug 05 2007 Lionel Bouton <lionel-dev@bouton.name>
- 1.7.6 release
- Database handling fix (deactivated InactiveDestroy unless
needed)
- Reopen database connection on SIGUSR1
* Thu Feb 15 2007 Dan Faerch <dan.sqlgrey @hacker.dk>
- 1.7.5 release
- Changed db_cleanup. clean time stored in db for better
handling,
especially in clustered environments
- Fix for harmless warnings about "possible typo"
- Fix for sqlgrey dying if syslog is offline
- Filled feature req from Riaan Kok. Support "postfix attributes
on both
sides".. Ie: "client_name !~ helo_name"
* Sun Aug 03 2006 Dan Faerch <dan-NOSPAM@hacker.dk>
- 1.7.4 release
- Added feature Discrimination
- Added feature DBCluster
- Added config option reject_code (eg. answer 451 instead of 450)
* Wed Nov 16 2005 Lionel Bouton <lionel-dev@bouton.name>
- 1.7.3 release
- fixes for a crash with '*' in email adresses
* Tue Oct 25 2005 Lionel Bouton <lionel-dev@bouton.name>
- 1.7.2 release
- fixes for several errors in logging
- clean_method ported from 1.6.x
* Thu Sep 15 2005 Lionel Bouton <lionel-dev@bouton.name>
- 1.7.1 release
- fix for a race condition in multiple instances configurations
- fix for weekly stats
* Tue Jun 21 2005 Lionel Bouton <lionel-dev@bouton.name>
- 1.7.0 release
- now continue if the DB isn't available at startup time
- based on 1.6.0 with Michel Bouissou's work:
. better connect cleanup when creating AWL entries
. source IP throttling
version 2.18: Wed 18 May 23:52:30 CEST 2016
Fixes:
- Mail::Header should accept \r in empty line which ends the
header. rt.cpan.org#114382 [Ricardo Signes]
Changelog:
Fixed in Thunderbird 45.1
2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
Christian Holler, Tyson Smith, and Phil Ringalda reported memory safety problems and crashes that are fixed in Firefox ESR 45.1, Firefox ESR 38.8 and Firefox 46.
Memory safety bugs fixed in Firefox ESR 45.1, Firefox ESR 38.8 and Firefox 46 (CVE-2016-2807)
Gary Kwong, Christian Holler, Jesse Ruderman, Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, and Randell Jesup reported memory safety problems and crashes that are fixed in Firefox ESR 45.1 and Firefox 46.
Memory safety bugs fixed in Firefox ESR 45.1 and Firefox 46 (CVE-2016-2806)
Gary Kwong, Christian Holler, Andrew McCreight, Boris Zbarsky, and Steve Fink reported memory safety problems and crashes that are fixed in Firefox 46.
Memory safety bugs fixed in Firefox 46 (CVE-2016-2804)
Christian Holler reported a memory safety problem that is fixed in Firefox ESR 38.8.
Memory safety bug fixed in Firefox ESR 38.8 (CVE-2016-2805)
version 2.17: Wed 11 May 17:20:21 CEST 2016
Fixes:
- Mail::Header should only accept totally empty lines as header
terminator, not to break MIME::Tools regression tests.
rt.cpan.org#113918 [David Cantrell]
for all pkgsrc dir/file ownership rules. Fixes unprivileged
user/group names from leaking into binary packages, manifest as
non-fatal chown/chgrp failure messages at pkg_add time.
Bump respective packages' PKGREVISION.
Upstream changes:
1.542 2016-01-28
Major overhaul to tests by Philipp Gortan
Tiny bug fixes
1.541 2015-10-06
Updated packaging: META.*, switch to ExtUtils::MakeMaker
Additions include:
- Upgrade UW-IMAP to Panda IMAP from https://github.com/jonabbey/panda-imap.
- S/MIME: Add screen to manage certificates.
- S/MIME: Signatures are validated using the user's certificates instead of the ones included in the message. Behavior can be disabled by disabling the option "Validate Using Certificate Store Only" which is enabled by default.
- S/MIME: sign messages using intermediate certificates when needed and possible.
- S/MIME: validation of certificates for servers that modify signed content.
- S/MIME: signed and encrypted messages will be signed first and encrypted second, so that they can be decoded by other clients.
- S/MIME: add the sender certificate to the list of certificates in encrypted messages to make it possible for the sender to decrypt the message they sent.
- S/MIME: When transferring certificates to a local container, create container with default names PublicContainer, PrivateContainer and CAContainer, as appropriate for these files, unless the user has provided some other names.
- HTML: Style tag in body of html message causes Alpine to not write its content until a new </style>
- HTML: <BR>, <BR />, and <BR/> are considered the same inline tag, the same is valid for the <HR> tag.
- S/MIME: Forwarding a message will include the signed part as part of the text and not as a multipart message, just as the reply command does.
- Unix Alpine: If a password file is defined, and S/MIME is enabled, the key and certificate used to encrypt the password file are saved in the ~/.alpine-smime/.pwd directory, or in the directory specified by the -pwdcertdir command line option.
- Add support to selective expunge through a subcommand of the select-apply commands.
- Pico: New subcommand of the search command, allows to reverse the direction of search.
- Add /tls1, /tls1_1, /tls1_2 and /dtls1 to the definition of a server to use different ways to connect using ssl, for example {server.com/tls1} will attempt to connect to server.com at the ssl imap port (port 993) and establish a connection using TLSv1. These flags can be used in conjunction with the /ssl flag, the ssl flag is redundant. Conversely, however, the /ssl flag does not imply any of these flags; the /ssl flag means SSLv3 or, if not available, SSLv2 in the SSL port.
- Alpine does not attempt to automatically reopen a collection that was not opened due to cancellation by the user. Instead, the user must try to open it explicitly.
- Alpine searches for a certificate that matches an email address in all addresses in a certificate (instead of just the first one) but when it tries to unlock the certificate, it asks for the password for the first email address in that certificate.
- Experimental: Write the content-type of a message in lowercase, as some non-compliant servers do not understand uppercase content-type, such as those of GMX.de.
- Experimental: Do not send the RSET command before attempting to send a message, as this causes a delay in some evily managed servers.
- Opening a folder updates recent count in maildrops (this already works for other types of folders)
- Automatically redraw screen after opening an attachment instead of simply clearing it.
- Pico: Justification works without need of a predefined quote string. This allows justification of blocks of text that are indented with spaces.
- Decode the name of attachment names, so they can be written as part of the description of the part.
- Check bounds and tie strings off to improve security. Contributed by James Jerkins.
- Replace tabs by spaces in From and Subject fields to control for size in screen of these fields. Change only in index screen display.
- Aggregate operations allows bouncing a list of messages using a role. Suggested by Ulf-Dietrich Braumann.
- Disable saving new passwords to the password file. Implemented by Louis Raphael from dpslabs.com.
- Makefile: Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and alpineldap because MAC OSX 10.8 x86_64 needs it. Reported by Charles M. Register.
Bugs that have been addressed include:
- S/MIME: signed messages that contained an attachment would not validate.
- S/MIME: signed and encrypted messages from Thunderbird would not validate.
Thanks to Andreas Schamanek for testing, debugging and advising during the
process of fixing this problem.
- S/MIME: Forwarding messages with multipart content-type failed to be signed
with "Error writing pipe" message. Reported by Andreas Schamanek and Stefan
Mueller.
- S/MIME: Certificates are lost when using a pinerc file outside of the home
directory.
- S/MIME: accessing the S/MIME configuration screen would deinitialize SMIME
making it not possible to sign or encrypt messages.
- S/MIME: Forwarding a signed message might make the body contain mime
information that is not part of the body, and hence making the body of the
message seem wrong.
- S/MIME Alpine would compute incorrectly the signature of a message that
contains 8bit if the option "Enable 8bit ESMTP Negotiation" is enabled, the
message contains 8bit characters and the smtp server supports 8bit sending.
- When replying to several messages, subject will be decoded first, and then
stripped from re/fwd before they are compared to determine the subject of
the replied message.
- Fix in WebAlpine: do not use deprecated dereference in pointer, needs to
use tcl_getstringresult() instead. Reported by Ulf-Dietrich Braumann.
- WebAlpine: fail to build with debug disabled. Fix from Sam Hathaway.
- WebAlpine: add _GNU_SOURCE to make pubcookie build.
- Transformation of UTF-8 to MUTF7 was not being done when creating a folder
in an IMAP server.
- Fix _INIT_ token for reply quote string to include support for 8-bit in
personal names. Reported by Lev Gorenstein.
- When writing the .pinerc file, lines were truncated if they were longer
than 10,000 characters. This could cause data corruption, so now lines are
allowed to be of any length.
- In Unix Alpine (but not in MAC OSX) fix a problem that made Alpine remove
attachments before they were open by a mailcap viewer. It requires that the
user has an equivalent to a command such as "ps auxww" to list the list of
processes, and check if there is any program using the attachment. The default
is "/bin/ps auxww", but it can be changed at compile time with the option
--with-ps-cmd. See the help of the variable mailcap-check-interval for more
information.
- Crash when tcp connection to NNTP server was lost after connection had been
established, but lost immediately afterwards.
- Crash with message "lock when already locked", when painting an index was
based on scores that needed information from a remote addressbook in the
same server as the folder opened. Reported by Peter Koellner.
- Crash in message/rfc822 attachments encoded in base64.
- Postponed messages whose content-type is text/html, text/enriched and
text/richtext are sent with that content-type, even though, after resuming
composition, Alpine had changed its type to text/plain.
- Alpine cannot handle correctly some characters in the Windows-1256
character set, which might lead to a crash or a corruption in the screen.
Work was done to contain the bug. A more complete fix will be done in a future
release. Reported by Professor Robert Funnell.
- WebAlpine: add _GNU_SOURCE to make pubcookie build.
- Save command did not warn of existence of a message with a deleted
attachment in an aggregate save, unless cursor was positioned on a message
with a deleted attachment. Reported by Florian Herzig.
- DATE tokens were not internally transformed to UTF-8, which made their
values not appear complete in the screen. Reported by Werner Scheinast.
- Fixes to configure script so that it will not require PAM for every system.
- Fix to configure script so that it will use CPPFLAGS instead of CPPCFLAGS,
and so the --with-ssl-include-dir option take effect during the build. Fix
by Ulf-Dietrich Braumann.
- Quoted string in URL Viewers configuration variable were not unquoted
before passing to viewer.
- Fix in configure script to detect location of tcl library; add /usr/local
in FreeBSD and fix a bug in configure script that used $alpine_TCLINC
instead of $alpine_TCLINC/tcl.h. Reported and fixed by Werner Scheinast.
- Move SSL configurations from UW-IMAP to configure script, and update
OpenSSL configuration for Mac OSX.
- Remove -lregex from linker flags when building --with-supplied-regex.
- When the download of an attachment is interrumpted, Alpine stills caches
what was downloaded, making the download incomplete for subsequent calls of
Alpine attempting to open the attachment. In the future, Alpine will not cache
any downloaded part of the attachment when it is interrupted. CVS:
----------------------------------------------------------------------
