* disable_plaintext_auth=yes: Removed hardcoded 127.* and ::1 IP
checks. Now we just assume that the connection is secure if the
local IP matches the remote IP address.
* SSL code rewrite which hopefully makes it work better than before.
Seems to work correctly, but if you suddently have trouble with SSL
connections this is likely the reason.
+ verbose_ssl=yes: Log also SSL alerts and BIO errors
- If namespace's location field wasn't set, the default location
was supposed to be used but it wasn't.
- When copying ssl-parameters.dat file from /var/lib to /var/run its
permissions went wrong if it couldn't be copied with hard linking.
- Fixed filesystem quota plugin to work with BSDs.
- Maildir: Saving mails didn't work if quota plugin was enabled (again)
- Maildir: Messages' received time wasn't saved properly when
saving/copying multiple messages at a time. Also if using quota
plugin the S= size was only set for the first saved file, and even
that was wrong.
- passdb passwd-file: Don't require valid uid/gid fields if file
isn't also being used as a userdb.
- PostgreSQL: Handle failures better so that there won't be
"invalid fd" errors in logs.
- Don't try to expunge messages if the mailbox is read-only. It'll
just cause our index files to go out of sync with the real
mailbox and cause errors.
- ANONYMOUS authentication mechanism couldn't work because
anonymous_username setting wasn't passed from master process.
* PAM: If user's password is expired, give "Password expired" error
message to the user. Now actually working thanks to Vaidas Pilkauskas
* Relicensed dovecot-auth, lib-sql and lib-ntlm to MIT license. See
COPYING file for more information.
* Abuse prevention: When creating a mailbox, limit the number of
hierarchies (up to 20) and the length of the mailbox name within
a hierarchy (up to 200 characters).
* mbox: If saved mail doesn't end with LF, add it ourself so that the
mails always have one empty line before the next From-line.
+ Added --with-statedir configure option which defaults to
$localstatedir/lib/dovecot. ssl-parameters.dat is permanently
stored in that directory and is copied to login_dirs from there.
+ IMAP: Support SASL-IR extension (SASL initial response)
+ Support initial SASL response with LOGIN mechanism. Patch by Anders
Karlsson
+ Added PLAIN-MD4 password scheme. Patch by Andrey Panin.
+ Added support for XFS disk quotas. Patch by Pawel Jarosz
+ If another process deletes the opened mailbox, try to handle it
without writing errors to log file. Handles the most common cases.
+ Added TLS support for LDAP if the library supports it.
- SEARCH command was more or less broken with OR and NOT conditions
- Dovecot corrupted mbox files which had CR+LF linefeeds in headers
- MySQL code could have crashed while escaping strings
- MD4 code with NTLM authentication was broken with 64bit systems.
Patch by Andrey Panin
- Plugin loading was broken in some OSes (eg. FreeBSD)
- Several fixes to handling empty values in configuration file
- Several fixes to dictionary quota backend and dict server.
Also changed how they're configured.
- deliver: Fixed plugin handling settings
- mbox_min_index_size handling was somewhat broken
- passdb passwd-file: extra_args field wasn't read unless the file
was also used as userdb.
- fix regression introduced in 4.6.0 where atime on mbox files would
get updated (i.e. not set back), making it difficult for other
programs to tell if there was new mail or not without actually
opening the mbox. Thanks: Tim van der Molen.
- fix regression: spurious errors thrown when required multidrop
retriever parameter "envelope_recipient" not present in getmailrc
file. Thanks: Elliot Schlegelmilch.
- fix regression: getmail_fetch no longer properly supported external
MDAs because of problems parsing the arguments to them. Thanks: ?.
- change getmail's handling of regular expressions in the "locals"
parameter of MultiSorter destination to allow it to handle
backslashes correctly. Unfortunately this means complicating
the configuration syntax slightly. Thanks: Tim van der Molen.
- update filters to use new configuration code. Remove obsolete code.
- Fixed the SMTP protocol module to send QUIT on protocol failures.
- Added support for the SMTP AUTH LOGIN method. Thanks to Sean
MacLennan for the suggestion.
- Fixed the SMTP protocol module to send EHLO instead of HELO when doing
authentication. Thanks to Norbert Tretkowski for pointing this out.
- Fixed compile breakage on Solaris due to use of setenv.
- Fixed netstring length bug in QMQP sending module.
- If the sender name cannot be determined from the environment
variables, try to pull it from /etc/passwd before using "unknown".
Thanks Roderick Schertler.
- Total rewrite of email code that should fix encoding problems
- Added configurable timeout for nonresponsive feeds
- Fixed incorrectly using text summary_detail instead of html content
- Fixed bug with deleting feed 0 if no default email was set
- Print name of feed that is being deleted
- Finally added oft-requested support for enclosures. Any enclosures,
such as a podcast MP3, will be listed under the entry URL
- Made feed timeout compatible with Python versions 2.2 and higher,
instead of v2.4 only
- Added optional, configurable CSS styling to HTML mail. Set
USE_CSS_STYLING=1 in your config.py to enable this. If you want
to tweak the look, modify STYLE_SHEET.
- Improved empty feed checking
- Improved invalid feed messages
- Unfortunately, rss2email is no longer compatible with Python v2.1.
Two of the most serious lingering issues with rss2email were
waiting forever for non-responsive feeds and its inablility to
properly handle feeds with international characters. To properly
fix these once and for all, rss2email now depends on functionality
that was not available until Python v2.2. Hopefully this does
not unduly inconvenience anyone that has not yet upgraded to a
more current version of Python.
$smtp_sasl_security_options (as documented in postconf(5)) instead of
$var_smtp_sasl_opts, which is never defined. This is a bug that exists
in the Postfix-2.2.x series but has been fixed in the (current)
Postfix-2.3.x series. This fixes PR pkg/29631 by Christoph Badura.
Bump the PKGREVISION to 1.
It seg faults (with some double free() it looks like) when DNS
is not working. So after the freeze I will explore this more.
I also see a new version is available -- maybe it fixes it...
(1) they are more likely to do the right thing if the user sets
rc_fast_and_loose; and
(2) they pre-create any necessary directories prior to start the
respective services.
Also, fix the path to the courierwebadmin binary in SPECIAL_PERMS for the
courier-mta package.
Bump the PKGREVISION.
the pkglint warning:
As {INSTALL,DEINSTALL}_TEMPLATE is modified using "+=", its name
should indicate plural.
This does make the variables a bit more suggestive of the fact that they
hold lists of values.
This avoids the need for a confusing line of the form:
DEINSTALL_TEMPLATE+= path/to/INSTALL
in the package Makefile, and actually removes the need to specify it
altogether since by convention, the existence of the DEINSTALL script
is enough to add it to DEINSTALL_TEMPLATE.
C++ and Fortran by default, but doing so does not bomb configure or build,
so there's no harm in the pkgsrc warnings.)
Because this changes the dependencies on systems using pkgsrc-supplied gcc,
bump PKGREVISION. <sigh>
mail related after all. The logging message also contains confidential
information like sender, recipient and subject which shouldn't go to
a public readable logfile. Bump package revision because of this fix.
mail related after all. The logging message also contains confidential
information like sender, recipient and subject which shouldn't go to
a public readable logfile. Bump package revision because of this fix.
A malformed MIME structure with many parts can cause sendmail to
crash while trying to send a mail due to a stack overflow,
e.g., if the stack size is limited (ulimit -s). This
happens because the recursion of the function mime8to7()
was not restricted. The function is called for MIME 8 to
7 bit conversion and also to enforce MaxMimeHeaderLength.
To work around this problem, recursive calls are limited to
a depth of MAXMIMENESTING (20); message content after this
limit is treated as opaque and is not checked further.
SSL libraries to build couriertls, which encapsulates the logic for
handling SSL connections for Courier services. Drop the dependency
on openssl from both courier-imap and courier-mta, which only need
the "openssl" tool instead. Bump the PKGREVISIONs for all three
packages due to the changed dependencies. Problem noted by Ondrej
Tuma in private email.
