Changelog:
version 3.08: Tue Jun 3 09:36:24 CEST 2008
Fixes:
- message_to_file used wrong command.
rt.cpan.org#36184 [Parse Int]
- oops, distribution released with OODoc/oodist, not make dist.
[Randy Harmon]
- fix parsing of body-structure information for multi-parts
rt.cpan.org#36279 [Doug Claar]
Improvements:
- Updated README and TODO (Was 'Todo')
version 3.07: Mon Apr 28 09:17:30 CEST 2008
Fixes:
- expunge with no folder specified produced "use of undef"
error. Fixed by [André Warnier]
- additional arguments for create [Michael Bacon]
- accepts LIST answer with multiple lines [Michael Bacon]
- ::BodyStructure::_address() should be _addresses()
Fixed by rt.cpan.org#35471 [Brian Kelly]
- The automatic conversion of a graylist directory structure could
generate errors for empty sender addresses (commonly used for
bounce messages). Thanks to David Stiller for reporting this one.
- Connections encrypted with TLS (not decrypted by spamdyke) weren't
always being rejected, even if there was no chance they should
be accepted. Thanks to Sergio Minini for reporting this one.
- A double-free() problem could result in crashes if the
"rejection-text-graylist" option was used within a configuration
directory.
- Compiling on Solaris was generating a warning.
Thanks to Julian Dunn in PR pkg/39031 for the notice. Since June CPAN-daily
messages were utf-8/base64 encoded and my procmail recipes did not handle
that...
Pkgsrc changes:
- Does not require security/p5-Digest-SHA1 anymore.
- Does not require devel/p5-Error anymore (already unnecessary for 0.29).
Changes since version 0.30:
===========================
Version 0.32 - released 2008-06-03
* removed requirement for Digest::SHA1 (issue #1832549).
We now use the more capable Digest::SHA module for SHA-1 and SHA-256.
* bugfixes:
* granularity checking should be case-sensitive (issue #1938112).
* identity tag now uses quoted-printable encoding (issue #1839015).
* API improvement:
* implemented identity_source() for DkSignature objects
Version 0.31 - released 2008-04-14
* some error detail messages were changed (see ChangeLog, 2008-01-10 entry)
* by default, and when possible, DKIM signatures now omit c= and q= tags
(they are optional tags) (issue #1878518)
* DKIM and DomainKey signatures are now wrapped so that line breaks
occur before colon (':') separators instead of after; this avoids
confusing some broken MUAs (issue #1868648)
* bugfixes:
* "undef value" error when DKIM signature appears at end of header
(issue #1878954)
* use proper regexp for splitting email address (issue #1878994)
* API improvements:
* can specify a domain for fetch_author_policy() (issue #1879197)
* can access a signature's public-key object (issue #1879215)
* can specify an OpenSSL-private-key object for PrivateKey->new()
(issue #1879209)
Version 0.30.1 - released 2008-01-24
* bugfix:
* email from cisco.com was failing to verify (issue #1878523)
Changelog:
2.134 2007-11-16
(no code changes from previous dev release)
2.133_05 2007-11-11
[BUG FIXES]
added is_available method to MIMEEntity plugin
2.133_04 2007-09-24
[ENHANCEMENTS]
created Email::Abstract::Plugin base class; please use it!
added is_available method to plugins
[BUG FIXES]
is_available in the Mail::Internet adapter should solve header
folding issues (by preventing you from using it when it can't work)
2.133_03 2007-08-??
diagnostics in output to indicate what version of a module we used
2.133_02 2007-07-??
fix test planning
2.133_01 2007-07-??
add test to ensure that "can't handle" exception is thrown ASAP
remove unexplained requirement for perl 5.6
fix Mail::Internet header fetching to unfold headers
fix Mail::Message body setter, which hosed newlines
fix body handling for Mail::Internet
improved consistency of method used to find adapter class
improved tests and test coverage
- took maintainership
Changelog:
1.861 2007-11-05
added perl-minver.t -- Email::MIME requires perl >= 5.006
we now require Email::Simple 2.003
1.860 2007-07-13
tentative tweak to tests and C-T-E handling for charset
probably needs more research, testing, and fixing
- took maintainership
Changelog:
2.004 2008-06-25
publicize default_header_class method
remove the long-deprecated Headers.pm
2.003 2007-07-19
improve tests, for 5.5 compat
remove conditional circular prereq on Email::MIME, replace it with a
warning and delay
2.002 2007-07-14
change initialization order to unbreak Email::MIME
do not return ->body from ->body_set to simplify subclass behavior
2.001 2007-07-13
fix t/perl-minver.t to properly skip if T::MV not installed
retroactively set 2.000 release date!
2.000 2007-07-13
huge improvement to speed of bodyless message parsing
pointed out by Dan Dascalescu; thanks!
more documentation of header class
new Header crlf defaults to real CRLF
fix tests to avoid requiring 5.6
Sends templated mail, based upon your default view. It captures
the output of the rendering path, slurps in based on mime-types
and assembles a multi-part email using Email::MIME::Creator and
sends it out.
1.454 2007-07-14
fix some spurious "Date" headers in badly-written tests
1.453 2007-04-19
fix a bizarre test that broke on some OSes (at least some Win32's)
thanks to "chris" for the report!
1.452 2007-03-22
packaging improvements
1.451 2006-08-04
require Email::MIME::Modifier 1.440 to avoid bug
1.45 2006-07-06
better detection of non-7bit parts
don't base64-encode 7bit parts
# IMAP with STARTTLS
The certificate port on TLS was fixed, however this will trigger
one wrong 'New certificate' warning on the first connection.
New in this release:
# Added an option, "Use secure file deletion if possible", which
enables shredding of temporary files and messages instead of
just removing them. This is available on the Other preferences
page.
# Added an option, "Select the HTML part of multipart/alternative
messages". This is available on the Message View/Text Options
preferences page.
# Added an option to the 'Create new folder' dialogue which enables
new folders to inherit the properties of their parent folders
during folder creation.
# Added a hidden option, "two_line_vertical", which toggles the
2-line view in the message list when using the 3-column layout.
Defaults to '1', show 2 lines.
# Added a hidden option, "outgoing_fallback_to_ascii", which allows
the user to specify an outgoing charset/encoding, but still fall
back to 7bit US-ASCII when possible.
Defaults to '1', fallback when possible.
# Added support for the Avant Window Navgator (Awn) information
bubble. This is automatically enabled if dbus is available.
# Face and X-Face headers can now be added globally and per-account
from configuration files under ~/.claws-mail/autofaces/. Further
information is provided in the manual.
# The SHA1 fingerprint is now shown on the SSL certificate dialogue
and the labels are now selectable.
# Several GUI improvements have been made, (Address book, filtering
dialogue, Actions dialogue, and Account preferences).
# New icons have been added for 'Reply to list' and 'Cancel'. The
'Insert file' and 'Close' icons have been improved, as have the
tray icons.
# Added the Trash and Delete icons to the Custom Toolbars options.
# SMTP-only accounts are now not shown in the Receive menus and
Account lists in filtering/processing, as they are irrelevant here.
# tools/csv2addressbook.pl
Support for a gmail exported csv address book was added.
# Updated English, French, and Spanish manuals.
# Updated translations: Brazilian Portuguese, Finnish, French,
German, and Spanish.
# Removed unmaintained translations: Bulgarian, Croatian, Czech,
Dutch, Greek, Hebrew, Japanese, Korean, Norwegian, Russian,
Swedish, and Taiwanese. (New maintainers are very welcome,
contact paul@claws-mail.org)
* fix handling of .cld files
* libclamav/ole2_extract.c, sigtool: make sigtool compatible with the new
OLE2 scan scheme (bb#1086)
* libclamav/petite.c: fix another out of bounds memory read (bb#1000)
Reported by Secunia (CVE-2008-2713)
* clamd/others.c: add missing checks for recv() failures (bb#1079)
* libclamav/scanners.c: add missing check for file open failure (bb #1083).
* sigtool/sigtool.c: make use of the UNLINK command in cdiffs (bb#1080)
* sigtool/sigtool.c: verify MD5's in --run-cdiff
* libclamav/matcher-ac.c: fix handling of nodes which also match single
bytes (bb#1054)
* libclamav: faster loading of uncompressed .cld files, also fixes bb#1064
* merge r3816 from trunk (bb #947, AIX name collisions)
* freshclam/manager.c: add missing closesocket on error path (bb #1073).
The Maildir patch was altered on the master server without changing the
URL, so we have to alter DIST_SUBDIR, which affects the main distfile
as well. Emailed author to see if putting up versioned patchfile URLs is
feasible
The change in the Maildir patch:
- Fixed a bug which made Alpine not to delete folders correctly in
a #mc/ collection.
- Add patch from Fedora which makes the gtkspell option build again, with
the enchant-backed gtkspell.
- Add DESTDIR support, from mail/sylpheed-devel
Changes from 2.4.8
* New features
o The vertical 3-paned view mode was added.
o The feature to save SSL peer certificate was added.
o The option 'Treat HTML only message as attachment' was added.
o The feature to confirm missing attachments was added.
o The feature to confirm recipients before sending was added.
* Feature improvements
o To: header is also searched by quick search in Sent/Draft/Queue folders.
o 'Edit/Quick search' menu was added.
o Spaces in address and server entries on account preferences dialog are now
automatically removed when applied.
o The compose window now remembers the maximized state.
o The focus will not move from the text view to the summary view with
'Next/Prev' keyboard operation now.
o The alert dialog is displayed now when PGP signing/encryption failed.
* Bugfixes
o The bug that caused busy loop when initial connection was immediately
refused was fixed.
o The bug that the quote description dialog never appeared again after closing it with the close button was fixed.
o The new/unread status display on quick search filtered mode was fixed.
o The windres command will not be enabled on non-win32 platforms now.
o The address completion was fixed.
o Win32: --attach option was fixed.
o The sylpheed.desktop file was fixed.
o A crash bug was fixed.
o Content-Transfer-Encoding header with comments was supported.
o UTF-8 locale strings with suffix '.utf8' were supported.
o The 8KB restriction of template body size was removed.
Pkgsrc changes:
- p5-DB_File is now required on all systems, even those where Perl
already detects the native db-functions (dbopen,...) and thus
provides DB_File.
This should prevent subtle errors like the one in PR pkg/37751 at
the price of installing an additional package.
- Added explanation to patch-ay.
- patch-bc was adapted to the changes for the path of compiled rulesets.
- patch-bd is no longer necessary, the public key is now cross-verified.
- shut up some warnings from pkglint regarding "set -e" and quoted
variables.
Changes since version 3.2.4:
============================
3.2.5 is a minor bug-fix release. Summary of changes:
- bug 5775: newer gpg versions require keys to be cross-certified (backsig).
Did a cross-verify on our sa-update public key and re-exported. (If you
are already seeing "GPG validation failed" errors from sa-update, see
http://wiki.apache.org/spamassassin/SaUpdateKeyNotCrossCertified .)
- bug 5899: add perl version string to the storage area for compiled
rulesets, to avoid crashes when perl is upgraded between major versions
(e.g perl 5.8.x to 5.10.0) and the ABI breaks
- bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives,
particularly on the new-format Message-ID generated by the Outlook
Express version used in Windows XP service pack 3
- bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs:
'WARNING: nonstandard use of \ in a string literal at character'. fix,
thanks to Tomasz Ostrowski
- bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error,
caused in rare circumstances when sa-compile attempted to deal with
rules written using 'replace_rules' features
- bug 5858: fix circular reference memory leak caused by some messages
- bug 5815: update 2TLD list to include .rs CCTLD
- bug 4706: remove HG_HORMOME rules due to poor performance
- bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix
- bug 5839: a missing or failed eval rule function could mistakenly count
as a rule hit, fixed
- trivial bugfix for the VBounce ruleset: __BOUNCE_FROM_DAEMON incorrectly
used + instead of *, so some From addresses were not being recognised as
bounce senders
copy from there.
Update the Sieve plugin accordingly to 1.1.5.
Major changes since 1.0:
* After Dovecot v1.1 has modified index or dovecot-uidlist files,
they can't be opened anymore with Dovecot versions earlier than
v1.0.2.
* See doc/wiki/Upgrading.1.1.txt (or for latest changes,
http://wiki.dovecot.org/Upgrading/1.1) for list of changes since
v1.0 that you should be aware of when upgrading.
+ IMAP: Added support for UIDPLUS and LIST-EXTENDED extensions.
+ IMAP SORT: Sort keys are indexed, which makes SORT commands faster.
+ When saving messages, update cache file immediately with the data
that we expect client to fetch later.
+ NFS caches are are flushed whenever needed. See mail_nfs_storage and
mail_nfs_index settings.
+ Out of order command execution (SEARCH, FETCH, LIST), nonstandard
command cancellation (X-CANCEL <tag>)
+ IMAP: STATUS-IN-LIST draft implementation
+ Expire plugin can be used to keep track of oldest messages in
specific mailboxes. A nightly run can then quickly expunge old
messages from the mailboxes that have them. The tracking is done
using lib-dict, so you can use either Berkeley DB or SQL database.
+ Namespaces are supported everywhere now.
+ Namespaces have new list and subscriptions settings.
+ Full text search indexing support with Lucene and Squat backends.
+ OTP and S/KEY authentication mechanisms (by Andrey Panin).
+ mbox and Maildir works with both Maildir++ and FS layouts. You can
change these by appending :LAYOUT=3Dmaildir++ or :LAYOUT=3Dfs to
mail_location.
+ LDAP: Support templates in pass_attrs and user_attrs
+ Support for listening in multiple IPs/ports.
+ Quota plugin rewrite: Support for multiple quota roots, warnings,
allow giving storage size in bytes or kilo/mega/giga/terabytes,
per-mailbox quota rules.
+ Filesystem quota backend supports inode limits, group quota and
RPC quota for NFS.
+ SEARCH and SORT finally compare non-ASCII characters
case-insensitively. We use i;unicode-casemap algorithm.
+ Config files support splitting values to multiple lines with \
Too many changes since 2.0.2. See CHANGELOG for the complete list.
pkgsrc CHANGES:
This version does not depend on ruby-tmail any longer. The dependency
should have been removed when it was switched to use rubygems.
- another fix for the case of two "Content-Type" lines, hit
by a recent, now frequently appearing, spam message.
- various IMAP4 improvements by [David Golden]
- stop when message coersion is called but not possible.
- fixtest, to work with MIME::Entity changes.
- field attributes which contained a '\' where considered
empty. Reported by [Ricardo Signes]
- Message rebuild with nested message failed. Fixed by
[Mat Johns]
Changes since version 8.14.2:
* the MTA accessed storage after it free()d it. This was a regression
introduced in 8.14.2, but the bug only showed up on a few operating
systems.
* ruleset processing: the function cataddr() could cause the addition of
the BlankSub character between some tokens when it should not happen
and thus failures in rule matching. It seems that none of the default
rules were affected by this bug and hence the problem did not show up
for default configurations.
* the libmilter state engine did not deal correctly with milters that
requested the omission of protocol steps during the negotiation callback.
Approved by John Nemeth.
Three pkgsrc patches integrated, plus changes since 1.1:
----- November 2007 - Version 1.6 released -----
1. Check for gpg2 first, and prefer it if available.
----- November 2007 - Version 1.5 released -----
3. Add a --- Status --- line for the beginning and end of the PGP
stuff which includes a timestamp to help avoid a socially engineered
message that includes the "good signature" output in the same format
as what we print.
2. Make sure that all --- Status --- messages are 76 characters long.
1. When displaying MIME messages after verification, substitute a space
for the MIME'ified =20 character at the end of a line, and substitute
an = sign for the MIME'ified =3D. This greatly improves readability
of the verified message.
----- July - October 2007 - Version 1.4 developed, not released -----
NB: Support for older versions of pgp, and PGP from PGP Inc. has
been dropped in this version. GnuPG is now a requirement. This is
in line with the requirements for other PGP addons such as enigmail
for Thunderbird.
Benjamin R. Haskell, pine-pgp ~ benizi.com was instrumental in helping
to suggest methods for and test the results of changes 1-5 in this
version. Thanks!
6. Fix error handling in ppf_mime_decrypt, and make use of the $cfile
variable instead of guessing which file has the message.
5. Look for gpg in PREFIX/bin, /usr/bin, and /bin in that order.
4. Move "build" of the scripts to an all target in the Makefile.
3. Change to using csplit since command line options for both
GNU and BSD versions are compatible, unlike split.
2. Improve portability for users of GNU make and mktemp.
1. Add error handling for failed TDIR creation in ppf_decrypt,
ppf_verify, and ppf_mime*.
----- October 2006 - Version 1.3 released -----
6. Include more mail headers in the grep'ed output of the MIME scripts,
and try to strip more MIME headers from the message.
5. Use local for function variables.
4. Remove commented out code for really old versions of pgp.
3. Do a better job of finding the crucial bits of a MIME message, and
fail more gracefully if we do not.
2. Fix bug that prevented ppf_mime* from working with messages sent by
Evolution, KMail, and any other MIME client that interprets RFC 3156
the same way. (Thanks to Bjoern A. Zeeb <bzeeb@zabbadoz.not> for the tip!)
1. Update e-mail and web addresses.
----- April 2005 - Version 1.2 released -----
7. Update copyright for this year, and use my full given name.
6. For sign and encrypt, scan the headers to determine the right user.
This requires adding _INCLUDEALLHDRS_ to the filter line.
5. Add a message to tell users why their password is needed for ppf_decrypt.
4. Create symlinks in PREFIX/bin for the ppf_mime* scripts.
3. Add User-Agent to the list of headers to display in mime filters.
2. Add a first pass at a ppf_mime_decrypt script. More work is
needed here, see BUGS.
1. In some past version of Pine, the display of filter output changed,
so adjust the line length of some of the messages to accommodate.
from <URL:http://cr.yp.to/distributors.html>:
What are the distribution terms for dot-forward?
2008.06.01: I hereby place the dot-forward package (in particular,
dot-forward-0.71.tar.gz, with MD5 checksum
1fefd9760e4706491fb31c7511d69bed) into the public domain. The
package is no longer copyrighted.
What are the distribution terms for ezmlm?
2008.06.01: I hereby place the ezmlm package (in particular,
ezmlm-0.53.tar.gz, with MD5 checksum 108c632caaa8cdbfd3041e6c449191b2)
into the public domain. The package is no longer copyrighted.
What are the distribution terms for fastforward?
2008.06.01: I hereby place the fastforward package (in particular,
fastforward-0.51.tar.gz, with MD5 checksum
6dc619180ba9726380dc1047e45a1d8d) into the public domain. The
package is no longer copyrighted.
Set DJB_RESTRICTED=no in these packages (and in ezmlm-idx, by
extension). Add commented-out LICENSE=public-domain. As usual,
pkgsrc will strive to keep modifications to a tasteful minimum.
* libclamav/petite.c: fix possible invalid memory access (bb#1000)
Reported by Damian Put
* clamdscan/clamdscan.c: don't show scan summary when clamd cannot be
contacted (bb#1041)
* libclamav/hashtab.[ch], scanners.c: avoid using C99 flexible array members
(bb #1039)
* libclamav/unzip.c: correct the previous fix
* libclamav/unzip.c: check for unprefixed bz2 - bb#1038
* libclamav/ole2_extract.c: revert last commit
* libclamav/ole2_extract.c: use cli_unlink
* libclamav/ole2_extract.c: partial scan of broken ole files
* contrib/init/RedHat: check for already running clamav-milter (bb #823)
* libclamav/regex: avoid name collisions on AIX (bb #947)
sync with libc: minor cleanups
* doc/clamdoc.tex: add a note about forking daemons (bb#906)
* libclamav/Makefile.am: link .la files first, this
should avoid linking to old libclamav as in bb #931
* libclamav/readdb.h: read daily.cfg stored inside .cld containers (bb#1006)
* libclamav/mbox.c, shared/network.c: prevent uninitialized use of hostent
structure (bb #1003).
* libclamav/mspack.c: downgrade some error messages (bb#911)
* clamav-milter: retrieve db version from daily.cld (bb#942)
* libclamav/scanners.c: don't return CL_EMAX* error codes to
applications (bb#1001)
* clamscan/manager.c: print information about clean files when the RAR
code is not compiled-in (bb#999)
* libclamav/unzip.c: remove detection of Suspect.Zip and
Exploit.Zip.ModifiedHeaders (bb#997)
* libclamav: scan for embedded PEs inside OLE2 files (bb#914)
* libclamav/cvd.c: add work-around for zlib issues with mixed data (bb#932)
* libclamav/others.h: explicitely cast some constants (bb#936)
* sigtool/sigtool.c: bb#938 (sigtool --list-sigs not working with .cld files)
* libclamav/dconf.h: fix flag code assignment (bb #952)
* libclamav/iana_tld.h, libclamav/phishcheck.c: update TLD list (bb #925)
is read-only but is faster than Berkeley DB and uses less memory. Use the
TinyCDB implementation which is in the public domain and a bit faster than
DJB's original CDB.
Since v1.1.0 release is getting near, this could well be the last v1.0
release. I'll still fix important bugs, but if the bugfix is large or
affects only few people it'll probably get fixed only in v1.1 releases.
* mbox: Enable mail_privileged_group while creating INBOX.
- IMAP: Fixed a rare crash in FETCH BODY/BODYSTRUCTURE
- IMAP: If mailbox is selected with EXAMINE, ignore flag changes
- proxy: Login success reply was sent in two IP packets, which
confused some IMAP/POP3 clients
- ACL plugin leaked memory a bit
- dovecot-auth: allow_nets setting with network masks didn't work
correctly with big endian machines.
* The compose window now remembers the maximized state.
* The focus will not move from the text view to the summary view with 'Next/Prev' keyboard operation now.
* The alert dialog is displayed now when PGP signing/encryption failed.
* The sylpheed.desktop file was fixed.
Email::Valid::Loose is a subclass of Email::Valid, which allows .
(dot) before @ (at-mark). It is invalid in RFC822, but is commonly
used in some of mobile phone addresses in Japan (like docomo.ne.jp
or jp-t.ne.jp).
This version fixes a bug with the recipient filters that could allow
a clever sender to use a spamdyke-protected server as an open relay.
The sequence of commands are not legal SMTP, so the sender would
have to know the server was running a vulnerable version of spamdyke
to exploit this bug. Thanks to Mirko Buffoni for reporting this
one.
This version also fixes two problems with the idle timeout filter.
The first could cause the connection to be rejected because qmail
is slow to respond (which isn't fair). The second was a tricky
issue where large messages from fast remote servers could be
improperly rejected because the idle timer wasn't being reset.
Thanks to Eric Shubert for reporting and helping me fix this one.
This version also fixes two compiling problems. The first was a
problem in the "configure" script on older Gentoo installations
running gcc 3.4.6 that was treating a preprocessor warning as an
error. Thanks to Thorsten Puzich for reporting and helping me fix
this one. The second was a problem with CentOS 3.8, which doesn't
install the OpenSSL headers in the system include folder. Thanks
to Bruce Schreiber for reporting this one.
version 1.24: Fri May 23 09:43:28 CEST 2008
- message/rfc822 relates to .eml [Jonas Liljegren]
- application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
is an .xlsx [Jonas Liljegren]
- added zillion of application/vnd.oasis.opendocument.* and
application/vnd.stardevision.* names [Michiel Leenaars]
version 1.23: Mon Dec 17 16:12:52 CET 2007
- /xml file attributes were separated by blanks, not commas.
[Alex Kapranoff]
version 1.22: Wed Nov 14 17:20:22 CET 2007
- use RFC4180 text/csv, not text/comma-separated-values
Reported by [Mike Eldridge]
- refer to File::TypeInfo for access to mime.types files.
version 1.21: Mon Sep 10 21:18:08 CEST 2007
- patch tests to work on VMS [Peter (Stig) Edwards]
- patch for image/pjpeg bug IE6 [Nicolas Mendosa]
version 1.20: Fri Jun 8 16:21:33 CEST 2007
- added application/xslt+xml (.xslt) [David Dierauer]
- moved extension .xml from text/xml (deprecated) to
application/xml, and added .xsl to it [David Dierauer]
- Moved .dtd from text/xml to application/xml-dtd
- added t/pod.t
version 1.19: Sun Mar 25 17:09:38 CEST 2007
- converted to use OODoc 0.99
- removed mkdist, mkdoc, README.oodoc, version
version 1.18: Fri Nov 17 21:20:20 CET 2006
- [David Nesting] application/atom+xml and image/svg+xml
- [Islue Hu] audio/3gpp2 and video/3gpp2
- [Stephen Steneken] application/octet-stream += dmg, so, dll
and videa/x-flv.
version 1.17: Sun Aug 13 10:32:37 CEST 2006
- [Hailin Hu] application/rdf+xml
- reprocessed manual-pages because FUNCTIONS chapers was lost
(bug in OODoc) [Schwern]
- use 'version' file for version
- added kml and kmz types by Google-Earth
----------------------------
- Fix saving of Read Receipts to Sent folder.
- Converted Romanian (ro_RO) to UTF-8.
- Converted Slovak (sk_SK) to UTF-8.
- Converted Swedish (sv_SE) to UTF-8.
- Added support for Macedonian.
- Don't allow invalid plugin names in conf.pl --install-plugin.
- Fix warning in Printer Friendly due to missing include (#1849101).
- Let configtest.php use optional PEAR dynamic extension loading,
patch by Walter Huijbers (#1833123).
- Fix for IMAP servers that were having problems saving sent messages.
- Fix broken <style> tag parsing for some HTML messages, thanks
Roalt Zijlstra.
- Re-added support for Vietnamese.
- Fixed broken MDN functionality (send read confirmation).
- Converted Norwegian Bokm�l (nb_NO) to UTF-8.
- Converted traditional Chinese (zh_TW) to UTF-8.
- Avoid deprecation notices on get_magic_quotes_* functions.
- Improved Message-ID generation code.
- Added edit list, checkbox, radio group, multiple-select folder
list and multiple-select string list option widget types,
as well as support for the "trailing_text" widget attribute.
- Boolean option widgets are henceforth presented as checkboxes.
- Tidied up fortune plugin to be inline with specifications for plugins.
- Enhanced address book page: added 'Compose to' button, put labels
around address entries tied to checkboxes, improved column spacing,
added hook for plugins that can filter address book listings.
Complements RisuMail team (risumail.jp).
these enhancements:
* The contact list can be sorted by multiple columns.
* Users can save their searches as Virtual Address Books.
* WCAG 1.0 Priority 2/Section 508 accessibility guidelines compliance.
* Improved default address book schema.
* Improved SyncML, WebDAV, and vCard support.
* Support for importing and exporting LDIF files.
* Support for address books based on favourite email recipients.
* Support for address books based on Horde Group membership.
* Database access can be split between read and write databases.
* More graceful operation if the calendar backend is not available.
* The IMSP backend now supports shared address books.
* Full Kolab webclient support.
* Advanced Search now renders custom contact field types.
* Improved address book management.
* Improved API support.
* and much, much more.
these enhancements:
* WCAG 1.0 Priority 2/Section 508 accessibility guidelines compliance.
* Timed vacation messages (I will be away from X to Y).
* Major improvements to the procmail driver, including negative matches,
body tests, loop prevention in vacation messages, full character set
support,
* Maildrop driver improvements, including vacation support and full
character set support in the maildrop driver.
* Sieve driver improvements, including numeric spam score tests, sivtest
support, and quota checks before uploading sieve rules.
* Filter rules can be stored in a SQL database.
* Administrators can change other user's filter rules.
* Added Japanese, Russian and Slovak translations.
these enhancements:
* Message and mailbox caching on the server side, resulting in much
increased performance and much less web server and IMAP server load.
* Rewrite of much of IMP's core libraries, resulting in more efficient
memory usage, more efficient IMAP queries, smaller session sizes, and
increased performance.
* WCAG 1.0 Priority 2/Section 508 accessibility guidelines compliance.
* Javascript auto-complete contact list searching.
* Can now have multiple browser windows open without destroying the
open session.
* Logging of sent messages.
* Add protection against CSRF attacks.
* Improve WYSIWYG editors to support more browsers and offer more choices.
* Server configuration to limit maximum number of recipients per message
and maximum number of sent messages over a certain period of time.
* Improved templating of output code to ease local customization.
* Additional maintenance tasks to clean old messages from mailboxes.
* Sorting is now saved per mailbox rather than across all mailboxes.
* On IE and Firefox, warn users before closing popup compose window.
* Add support for symmetric PGP encryption.
* Preference added to dictate default cursor location in compose textarea.
* Preference added to only verify PGP & S/MIME signed messages on
user request.
* Forward messages as RFC 822 parts by default; provide more options for
forwarding messages; and be smarter about what part to use as body
text depending on current editor (text vs. html).
* Javascript code now uses the prototype js library, resulting in more
robust code and more available functionality - for example, non-modal
newmail popups.
* Add server configuration to limit the maximum size of MIME message
data that can be displayed inline.
* Use tidy extension (if available) to clean up display of HTML messages
and clean up HTML composed messages.
* Add RSS/Atom feed for mailboxes.
* More/improved display options for the folder lists and better handling
of non-private namespaces.
* Improvements/cleanups to the imap quota drivers.
* Add additional hooks after certain actions (i.e. post-login,
post-compose).
* Add support for sending e-mails with Internationalized Domain Names
(IDN).
* Fetch public PGP keys from keyserver if not available in address book.
* Add configuration for folders that may not be modified.
* and much, much, much more.
patches to add it). Drop pax from the default USE_TOOLS list.
Make bsdtar the default for those places that wanted gtar to extract
long links etc, as bsdtar can be built of the tree.
stay on par with Firefox version numbering?)
Security fixes in this version:
MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.14/releasenotes/
From the announce:
"Mutt 1.5.18 contains 6 months of bug fixes, documentation improvements and
performance enhancements since the release of 1.5.17, but I believe only
one new feature ($time_inc, for controlling the rate at which status updates
are displayed)."
- Improved vacation reply checks, log discarded vacation replies
- Expand ~ to home directory in sieve path
- If compiled script has the exact same mtime as the source script, assume the
script hasn't changed (changed "<" check to "<=").
- Unfold multiline headers before comparing them.
- Improved error logging.
* README
Update Perl-GTK version info
* VERSION
* NEWS
Release 0.4.0
2008-02-26 11:41 mones 0.3.0svn75
* AUTHORS
* po/sr.po **NEW**
* po/sr@latin.po **NEW**
* po/Makefile
Added Serbian translations (cyrillic and latin)
by Aleksandar Urosevic
2008-02-25 18:02 mones 0.3.0svn72
* clawsker
Fixed encoding used (and messed up translations)
* po/es.po
* po/clawsker.pot
Updated translation and pot file.
2008-02-25 16:38 mones 0.3.0svn71
* clawsker
Added new hidden preference in 3.3.1 for
NetworkManager (use_networkmanager) in "Other" tab
2008-01-29 17:15 mones 0.3.0svn55
* clawsker
Default to C locale on empty environments
by default like NetBSD
2008-01-29 17:00 mones 0.3.0svn54
* clawsker
Add room for minimal Claws Mail version
and default values, including default values
* 3.4.0
-------
* Added support for /dev/mem_notify. This Linux kernel feature
will allow applications to be notified that memory has to be
freed before getting OOM-killed.
For more information: http://lwn.net/Articles/267013/
* Enabled moving/copying folders to root folders when using the
folder selection dialogue.
* Global and per-folder templates can now override the From name.
* Added a tooltip with extended folder stats. (Hover the cursor over
the short stats on the right, below the message list.)
* Implemented 2-line items in the message list when in three column
mode.
* Added support for png themes.
* Added an icon for attached patches (text/x-patch and text/x-diff).
* When viewing a message that has a large amount of text, show a
maximum of 1MB of text and add a noticeview to show optionally show
the whole message.
* Added a button to the templates preferences to restore defaults for
current language.
* Added search in filtering rules list.
* Bogofilter Plugin:
Added a "learn from whitelist" preference.
* MAEMO:
Added information when fetching large messages.
* tools/csv2addressbook.pl
Added support for Kmail/Kaddressbook.
* 3.3.1
-------
* Forbid attaching anything containing "../" or ".ssh/" in mailto:
URIs.
* Add a hidden preference, 'use_networkmanager', to disable
NetworkManager handling
* 3.3.0
-------
* Due to licensing problems, the ClamAV plugin has been removed from
the Claws Mail core distribution and can now been found packaged
separately or with the 'extra plugins' package.
* Added NetworkManager support
This is built by default if the dependencies are satisfied; it can
be specifically disabled with '--disable-networkmanager-support'.
This enables Claws Mail to track changes to the network status.
* Added DIGEST-MD5 support for IMAP authentication
* Added Folder Properties option, 'Run processing rules when opening'
to the General page.
* Added sub-sorting to the Message List; when the Sort type is either
Subject, From, To or Tags, sub-sorting by Date will be active.
* Added from=address to the mailto sequence
The 'from' will try to select the first matching account in the
Accounts list, otherwise it will use the usual account selection
mechanism but will override it with the given 'from' address.
* Added insert=FILE to the mailto sequence (stands for 'insert file')
This adds the ability to create a new message from the command-line,
with the body set from the contents of an existing file.
* Added mailto with NNTP accounts
This comes into play if mailto is used when an NNTP account is the
default account or if an NNTP account address is used with 'from'.
* Added several GUI improvements to the Filtering, Processing, Tags,
Actions, Templates, Logging and Address Book dialogues
* Added a tooltip to the 'replied' icon in the Message List which
indicates 'click to see your reply' feature.
* Added 'claws-mail --version-full' to display the version and a list
of the compiled-in features
* Implemented speed-ups to list operations, deletions and cache
updates.
* Updated the man page
* The Trayicon plugin icons are now themable.
* text/calendar message parts are now automatically displayed if a
plugin handling text/calendar is loaded, e.g. vCalendar.
* Maemo: connect HW status change signal for shutdown
* Maemo: identify mmc1 and mmc2 more clearly in the GUI
* Maemo: Make dnd threshold higher
pkgsrc changes:
- Use the 'dep' version to install roundcube with no included dependencies
and instead manage it all through pkgsrc - suggestion from schmonz@
- Move the config files to ${PREFIX}/share/roundcube/config as it was
becomming difficult to manage them under ${PKG_SYSCONFDIR}
- Add the GUI installer scripts to the install so users can use it for the
initial setup and generation of the configuration files.
- Add a note to the roundcube.conf file about protection of the
installer directory once initially used.
- Don't assume apache is the only supported web server (because it's not)
we don't support any additional ones now but this will make integration
down the track easier if we do.
- Increased PKG_SUGGESTED_OPTIONS based on documentation in the INSTALL file.
- Add more required PHP options to roundcube.conf
Thanks to Dan Engholm for feedback on the package.
From the ChangeLog:
* Clear selection when selecting single item (1484942)
* Remove hard-coded image size in skin templates (1484893)
* Database schema improvements (dropped unnecessary indexes)
* Fixed creating a new folder with a comma in its name (1484681)
* Fixed sorting of messages when default mailbox is empty (1484317)
* Improve message previewpane - less loading (1484316)
* Fixed login form autocompletion (1484839)
* Fixed virtuser_query option for mdb2 backend (1484874)
* Fixed attachment resoting from Drafts when message body was empty (1484506)
* Fixed usage of ob_gzhandler (1484851)
* Fixed message part window in IE6 (1484610)
* Fixed decoding of mime-encoded strings (1484191)
* Fixed some iconv/mb_string problems (1484598)
* Correctly quote mailbox name when using in URL (1484313)
* Fixed "headers already sent" errors (1484860)
* Implement Feature #2952: Mail_mime::headers() saves extra headers [cipri]
* Implement Feature #3636: Allow specification of charsets and encoding [cipri]
* Implement Feature #4057: Mail_Mime: Add name parameter for Content-Type [cipri]
* Implement Feature #4504: addHTMLImage does not work in cases when filename contains a path [cipri]
* Implement Feature #5837: Mail_Mime: Build message for Net_SMTP [cipri]
* Implement Feature #5934: Mail_Mime: choice for content disposition [cipri]
* Implement Feature #6568: Mail_Mime: inline images referenced in CSS definitions not replaced. [cipri]
* Implement Feature #10604: Put an option to specify Content-Location in the header [cipri]
Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
Fix CVE-2008-1648 (denial of service)
Several new translations (some of them disabled, because of missing locale
support on NetBSD-3).
Introduction of HTTP session in order to replace a lot of cookies, for better
usability and security. This also allows some new features, from
listing active session in admin page to crawler detection.
per list custom user attributes (defined by the list owner)
per list custom list parameters for use in authorization scenarios and
mail templates
LDAP alias manager can now be LDAPS
XSS protection
Session hijacking protection
The performances mainly regarding the web interface have been
significantly improved.
new SOAP features allow remote list creation, ADD and DEL of list members
Automatic list creation when a message is sent for the list.
each operations that changes the status of messages/subscriptions/list config
is now logged in a structured DB entry.
Generalization of UTF-8
and more ... See http://www.sympa.org/ for complete list.
MIME::EncWords is aimed to be another implimentation of MIME::Words so that
it will achive more exact conformance with RFC 2047 (former RFC 1522)
specifications. Additionally, it contains some improvements.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
* The feature to confirm missing attachments was added.
* The feature to confirm recipients before sending was added.
* To: header is also searched by quick search in Sent/Draft/Queue folders.
* 'Edit/Quick search' menu was added.
* Spaces in address and server entries on account preferences dialog
are now automatically removed when applied.
* The address completion was fixed.
* The compilation failure with GTK+ <= 2.8 was fixed.
* Win32: --attach option was fixed.
Evolution Exchange 2.22.1 2008-04-07
------------------------------------
Bug fixes:
#268259: (Novell Bugzilla) Don't require restart of Evolution to create appointment on switching from offline to online mode (Suman Manjunath)
#303067: Random crash looking up addresses in new email (Milan Crha)
Evolution Exchange 2.22.0 2008-03-10
-------------------------------------
Bug fixes:
#432885: Rescan the hierarchy (Veerapuram Varadhan)
#518569: Properly format name and address with "<>" characters (Milan Crha)
Evolution Exchange 2.21.92 2008-02-25
-------------------------------------
Bug fixes:
#432885: Fix to subscribe to other user's folders (Bharath)
#514836: Fix importing contact lists into a attendee lists for a meeting (Milan Crha)
#515744: Free our message info members properly (Milan Crha)
#516248: Hierarchy wont be available if we are offline (Srinivasa Ragavan)
#516250: Allow it to reauth if we are connecting after a offline (Srinivasa Ragavan)
#516252: Determine that we are in offline if we cant get info from the server (Srinivasa Ragavan)
#516408: Free memory returned by libical (Chenthill)
Evolution Exchange 2.21.91 2008-02-11
-------------------------------------
Bug fixes:
#420503 - Crash while filtering (Milan Crha)
#436628 - Fix alarms for Exchange calendar
#501295 - Crash while caching in addressbook.
Other Contributors:
Patch for crash in process_flags (Srinivasa Ragavan and Bharath Acharya)
Fix two junk folder (Sankar P)
Evolution Exchange 2.21.90 2008-01-28
-------------------------------------
Other Contributors:
libsoup updates (Dan Winship)
Evolution Exchange 2.21.5 2008-01-14
------------------------------------
Bug Fixes:
#404002: Set the default priority of tasks as 'Normal' for Outlook/OWA compatibility. (Suman Manjunath)
#501567: If unsupported queries, don't crash (Srinivasa Ragavan)
#503356: String change: "Ximian Connector" -> "Evolution Connector for Microsoft Exchange" (Martin Meyer)
Evolution Exchange 2.21.4 2007-12-17
------------------------------------
Bug Fixes:
#336074: Check for mail only in active folders (Milan Crha)
Evolution Exchange 2.21.3 2007-12-03
------------------------------------
Bug Fixes:
#444503: Check and store the folder filter and junk filter flags before performing the check for folder summary being available (Bharath Acharya)
Other Contributors:
Removing redundancy in code, demangle meeting related messages in subscribed inboxes (Suman Manjunath)
Evolution Exchange 2.21.2 2007-11-12
------------------------------------
Bug Fixes:
#478680: Remove dead files from source control (Matthew Barnes)
Evolution Exchange 2.21.1 2007-10-29
------------------------------------
Bug Fixes:
#474000: Use GLib's Base64 API instead of Camel's (Matthew Barnes)
version 3.06: Mon Apr 14 23:44:03 CEST 2008
Fixes:
- expunge without argument must use selected folder. [John W]
- expunge with folder does not select it. [John W]
- the documentation still spoke about "autogenerated methods",
but they were removed with 2.99 [John W]
- append_string needs LF -> CRLF translations, for some
servers. rt.cpan.org #35031 [Jonathan Kamens]
- append_string needs LF -> CRLF translations, for some
servers. rt.cpan.org #35032 [Jonathan Kamens]
Improvements:
- added ::setquota(), thanks to [Jappe Reuling]
version 3.05: Wed Feb 20 08:59:37 CET 2008
Fixes:
- match ENVELOPE and BODYSTRUCTURE more strict in the
grammar, to avoid confusion. [Zach Levow]
- get_envelope and get_bodystructure failed for servers which
did not return the whole answer in one piece. [Zach Levow]
- do not produce parser errors when get_envelope does not
return an envelope. [Zach Levow]
- PLAIN login response possibly solely a '+' [Zach] and [Nick]
version 3.04: Fri Jan 25 09:25:51 CET 2008
Fixes:
- read_header fix for UID on Windows Server 2003.
rt.cpan.org#32398 [Michiel Stelman]
Improvements:
- doc update on authentication, by [Thomas Jarosch]
version 3.03: Wed Jan 9 22:11:36 CET 2008
Fixes:
- LIST (f.i. used by folders()) did not return anything when the
passed argument had a trailing separator. [Gunther Heintze]
- Rfc2060_datetime() must include a zone.
rt.cpan.org#31971 [David Golden]
- folders() uses LIST, and then calls a STATUS on each of the
names found. This is superfluous, and will cause problems when
the STATUS fails... for instance because of ACL limitations
on the sub-folder.
rt.cpan.org#31962 [Thomas Jarosch]
- fixed a zillion of problems in the BodyStructure parser. The
original author did not understand parsing, nor Perl.
- part numbering wrong when nested messages contained multiparts
Improvements:
- implementation of DIGEST-MD5 authentication [Thomas Jarosch]
- removed call for status() in Massage(), which hopefully speeds-up
things without destroying anything. It removed a possible deep
recursion, which no-one reported (so should be ok to remove it)
- simplified folders() algorithm.
- merged folder commands, like subscribe into one.
- added unsubscribe()
rt.cpan.org#31268 [G Miller]
- lazy-load Digest::HMAC_MD5
version 3.02: Wed Dec 5 21:33:17 CET 2007
Fixes:
- Another attempt to get get FETCH UID right. Patch by [David Golden]
version 3.01: Wed Dec 5 09:55:43 CET 2007
Changes:
- removed version number from ::BodyStructure
Fixes:
- quote password at login.
rt.cpan.org#31035 [Andy Harriston]
- empty return of flags command should be empty list, not undef.
rt.cpan.org#31195 [David Golden]
- UID command does not work with folder management commands
rt.cpan.org#31182 [Robbert Norris]
- _read_line simplifications avoids timeouts.
rt.cpan.org#31221 [Robbert Norris]
- FETCH did not detect the UID of a message anymore.
[David Golden]
Improvements:
- proxyauth for SUN/iPlanet/NetScape IMAP servers.
patch by rt.cpan.org#31152 [Robbert Norris]
- use grep in stead of map in one occasion in MessageSet.pm
[Yves Orton]
version 3.00: Wed Nov 28 09:56:54 CET 2007
Fixes:
- "${peek}[]" should be "$peek\[]" for perl 5.6.1
rt.cpan.org#30900 [Gerald Richter]
version 2.99_07: Wed Nov 14 09:54:46 CET 2007
Fixes:
- forgot to update the translate grammar.
version 2.99_06: Mon Nov 12 23:21:58 CET 2007
Fixes:
- body structure can have any number of optional parameters.
Patch by [Gerald Richter].
- get_bodystructure did not take the output correctly [Gerald Richter]
- parser of body-structure did not handle optional body parameters
Patch by [Gerald Richter], rt.cpan.org#4479 [Geoffrey D. Bennet]
version 2.99_05: Mon Nov 12 00:17:42 CET 2007
Fixes:
- pod error in MessageSet.pm
- folders() without argument failed. [Gerald Richter]
Improvements:
- better use of format syntax in date formatting.
- Rfc2060_datetime also contains the time.
- append_file() now has options to pass flags and time of file
in one go. [Thomas Jarosch]
version 2.99_04: Sat Nov 10 20:55:18 CET 2007
Changes:
- Simplified initiation of IMAP object with own Socket with a new
option: RawSocket [Flavio Poletti]
Fixes:
- fixed read_line [Flavio Poletti]
- fixed test-run in t/basic.t [Flavio Poletti]
version 2.99_03: Thu Nov 1 12:36:44 CET 2007
Fixes:
- Remove note about optional Parse::RecDescent by Makefile.PL;
it is not optional anymore
Improvements:
- When syswrite() returns 0, that might be caused by an error
as well. Take the timeout/maxtemperrors track.
rt.cpan.org#4701 [C Meyer]
- add NTLM support for logging-in, cleanly intergrated. Requires
the user to install Authen::NTLM.
version 2.99_02: Fri Oct 26 11:47:35 CEST 2007
The whole Mail::IMAPClient was rewritten, hopefully without
breaking the interface. Nearly no line was untouched.
The following things happened:
- use warnings, use strict everywhere
- removed many lines which were commented out, over the years
- $self->_debug if $self->Debug checked debug flag twice
- $self->LogError calls where quite inconsequent wrt $@ and carp
- consequent layout, changed sporadic tabs in blanks
- consequent calling convensions
- \0x0d\0x0a is always \r\n
- zillions of minor syntactical improvements
- a few major algorithmic rewrites to simplify the code, still
many oppotunities for improvements.
- expanded "smart" accessor methods, search abbreviations,
and autoloaded methods into separate subs. In total much
shorter, and certainly better understandable!
- fixed many potential bugs.
- labeled some weird things with #????
Over 1000 lines (30%!) and 25kB smaller in size
Needs to be tested!!!! Volunteers?
Fixes:
- Exchange 2007 only works with new parameter: IgnoreSizeErrors
rt.cpan.org#28933 [Dregan], #5297 [Kevin P. Fleming]
- Passed socket did not get selected.
debian bug #401144, rt.cpan.org# [Alexander Zanger],
#8480 [Karl Gaissmaier], #8481 [Karl Gaissmaier],
#7298 [Herbert Engelmann]
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401144
- Seperator not correctly extracted from list command.
rt.cpan.org#9236 [Eugene Koontz], #4662 [Rasjid]
- migrate() Massage'd foldername twice
rt.cpan.org#20703 [Peter J. Holzer]
- migrate() could loop because error in regexp.
rt.cpan.org#20703 [Peter J. Holzer]
- migrate() append_string result not tested.
rt.cpan.org#8577 [guest]
- Failing fetch() returned undef, not empty list.
rt.cpan.org#18361 [Robert Terzi]
- Fix "use of uninitialised" warning when expunge is called
rt.cpan.org#15002 [Matt Jackson]
- Fix count subfolders in is_parent, regexp did not take care
of regex special characters in foldername and seperator.
rt.cpan.org#12883 [Mike Porter]
- In fetch_hash(), the capturing of UID was too complicated
(and simply wrong)
rt.cpan.org#9341 [Gilles Lamiral]
- overload in MessageSet treated the 3rd arg (reverse) as
message-set.
- do not send the password on a different line as the username
in LOGIN. Suggested by many people, amongst them
rt.cpan.org#4449 [Lars Uffmann]
- select() with $timeout==0 (no timeout) returns immediately.
Should be 'undef' as 4th select parameter.
rt.cpan.org#5962 [Colin Robertson] and [Jules Agee]
- examine() remembers Massage()d folder name, not the unescaped
version. rt.cpan.org#7859 [guest]
Improvements:
- PREAUTH support by rt.cpan.org#17693 [Danny Siu]
- Option "SupportedFlags", useful when the source supports
different flags than the peer in migrate().
Requested by rt.cpan.org#12961 [Don Christensen]
- Fast_io did not clear $@ on unimportant errors.
rt.cpan.org#9835 [guest] and #11220 [Brian Helterline]
- Digest::HMAC_MD5 and MIME::Base64 are now prerequisits.
rt.cpan.org#6391 [David Greaves]
- PLAIN (SASL) authentication added, option Proxy
rt.cpan.org#5706 [Carl Provencher]
- removed Bodystructure.grammar and IMAPClient.cleanup from dist.
- reworked Bodystructure and MessageSet as well.
- EnableServerResponseInLiteral now autodetect (hence ignored)
version 2.99_01:
After 4 years of silence, Mark Overmeer took maintenance. David
Kernen could not be reached. Please let him contact the new
maintainer.
A considerable clean-up took place, fixing bug and adapting the
distribution to current best practices.
- use "prompt" in Makefile.PL, to please CPAN-testers
- removed old Parse::RecDescent grammars
- include Artistic and Copying (GPL) into COPYRIGHT file
- remove INSTALL_perl5.80
- removed all the seperate Makefile.PLs and test directories
- removed the hard-copy of all involved RFCs: there are better
sources for those.
- converted tests to use "Test::More"
- Authmechanism eq 'LOGIN' understood.
- test for CRAM-MD5 removed, because conflicts with test params
from Makefile.PL
- test for fast-io removed, it is Perl core functionality
- require IO::Socket::INET 1.26 to avoid Port number work-around.
- Parse::RecDescent is required, and the grammars are pre-parsed
in the distribution. This makes the whole installation process
a lot easier.
- Update Todo, and many other texts.
- added pod tester in t/pod.t
- cleaned-up the rt.cpan.org bug-list from spam. The next
release will contain fixes for the real reports.
version 2.03: Mon Apr 14 11:13:31 CEST 2008
Fixes:
- Netware needs to use smtp as well [Günter Knauf]
- Mail::Field::extract() fixed. Reported by [Andrea Venturol]
that duse the c-client library do not have their callback function symbols
stripped at install time. Fixes the following:
PR pkg/34031
and indicates that this need not be reopened:
PR pkg/35592
also bump PKGREVISION and BUILDLINK_ABI_DEPENDS
- Add dkim-stats option to install dkim-stats(8) FFR
- Only install dkim-stats(8) man page if dkim-stats option has been specified
2.5.4 2008/04/17
* Skip signatures with errors in dkimf_authorsigok().
* Avoid a NULL dereference in dkimf_config_reload() when starting
without a configuration file.
* Fix an alignment problem in dkimf_checkip(). Problem reported
by Jeff A. Earickson.
* LIBDKIM: Fix bug #SF1942387: Per RFC4871, disallow "l=" values
that exceed the size of the canonicalized message body.
2.5.3 2008/04/14
* Add "AllowSHA1Only" configuration option which permits operation
of verifiers that only know about SHA1. Without this, a
filter compiled with only SHA1 support will refuse to start
in verifier mode.
* Add "LogWhy" configuration parameter and "-W" command line flag
to request detailed logging about why a message was not
signed by the filter. Intended for debugging; not intended
for normal operation.
* Another tweak to parameters passed to db->open(). Based on patches
from Jukka Salmi and S. Moonesamy.
* Fixes in ares_parse() to match the current syntax. In particular,
deal with the fact that some of our tokens can legally appear
in e-mail addresses. Problem noted by S. Moonesamy of
Eland Systems.
* LIBDKIM: Evaluate key granularity against the "i=" value rather than
the value of the From: header per RFC4871. Problem noted by
Jason Long.
* LIBDKIM: Remove the chartable stuff from dkim-tables.c as it is
not used anywhere.
* LIBDKIM: Fix bug #SF1940302: Perform stronger validation of the value
of the "h=" tag.
2008-03-13 Jeffrey Stedfast
* gmime/gmime-parser.c (parser_construct_message): Changed
content_length to an unsigned long rather than unsigned int, fixes
bug #521872. Thanks to Pawel Salek for this fix.
2008-03-10 Jeffrey Stedfast
* gmime/gmime-parser.c (parser_scan_mime_part_content): Don't let
size go negative.
2008-02-09 Jeffrey Stedfast
* gmime/gmime-filter-basic.c (filter_filter): Use the new macros
defined below.
* gmime/gmime-utils.c (rfc2047_encode_word): Use the new macros.
* gmime/gmime-utils.h: Added more accurate encoding-length macros
for base64, quoted-printable, and uuencode which are try to
minimize over-calculating the amount of output data that we
need. Also namespaced them.
2008-02-08 Jeffrey Stedfast
* src/uudecode.c (uudecode): Use g_strchomp() on the filename
parsed from the 'begin' line.
2008-02-07 Jeffrey Stedfast
* util/url-scanner.c (url_web_end): Handle IP address literals
within []'s. Fixes bug #515088.
2008-02-06 Jeffrey Stedfast
* gmime/gmime-utils.c (g_mime_utils_uuencode_step): Optimized.
2008-02-03 Jeffrey Stedfast
* gmime/gmime-stream-cat.c (stream_read): Removed an extra seek.
2008-02-02 Jeffrey Stedfast
Fix for https://bugzilla.novell.com/show_bug.cgi?id=333292 and
some other bugs I discovered while fixing it.
* gmime/gmime-parser.c (header_parse): Made an actual function
rather than a macro. Don't turn invalid headers into
X-Invalid-Headers, just ignore them. Instead of using
g_strstrip(), do our own lwsp trimming so we can do it before
malloc'ing - this helps reduce memory usage and memmove()
processing in g_strstrip().
(parser_step_headers): Validate the header field names as we go so
that we can stop when we come to an invalid header in some
cases. May now return with 3 states rather than only 1:
HEADERS_END (as before), CONTENT (suggesting we've reached body
content w/o a blank line to separate it from the headers), and
COMPLETE (which suggests that we've reached the next message's
From-line).
(parser_skip_line): Rearranged a bit: don't fill unless/until we
need to.
(parser_step): For HEADERS_END state, skip a line and increment
state to CONTENT. No-op for CONTENT and COMPLETE states.
(parser_scan_message_part): parser_step() can return more than
just HEADERS_END on 'success' when starting with HEADERS state, so
check for error rather than HEADERS_END.
(parser_construct_leaf_part): No need to parser_step() thru header
parsing, they should already be parsed by the time we get
here. Also, don't call parser_skip_line() directly to skip the
blank line between headers and content, use parser_step() to do
that for us.
(parser_construct_multipart): Same as parser_construct_leaf_part()
(found_immediate_boundary): Now takes an 'end' argument so callers
can request a check against an end-boundary vs a part boundary.
(parser_scan_multipart_subparts): Check for errors with
parser_skip_line(). Set HEADERS state and use parser_step() to
parse headers rather than calling parser_step_headers()
directly. If, after parsing the headers, we are at the next
message (aka COMPLETE state) and we have no header list, then
break out of our loop and pretend we've found an
end-boundary. After parsing the content of each MIME part, check
that the boundary we found is our own and not a parent's (if it
belongs to a parent, break out).
(parser_construct_part): Loop parser_step() until we're at any
state past the header block (>= HEADERS_END).
(parser_construct_message): Same idea. Also, do error checking for
decoded content_length value.
2008-02-02 Jeffrey Stedfast
* gmime/gmime-iconv-utils.c (iconv_utils_init): Don't break if the
user's locale is unset (e.g. US-ASCII).
2008-01-31 Jeffrey Stedfast
* gmime/gmime-parser.c: Removed the need for 'unstep' state
information.
2008-01-27 Jeffrey Stedfast
* gmime/gmime-stream-buffer.c (stream_write): Don't modify the
passed-in arguments so that it makes debugging easier if there's
ever a bug.
2008-01-27 Jeffrey Stedfast
* gmime/gmime-stream-buffer.c (stream_read): Optimized the
BLOCK_READ code-path.
(stream_write): Optimized the BLOCK_WRITE code-path.
(stream_seek): Optimized the BLOCK_READ code-path.
(g_mime_stream_buffer_gets): Updated for the changes made to the
way bufptr is used in the BLOCK_READ case.
2008-01-14 Jeffrey Stedfast
* gmime/gmime-charset.c (g_mime_set_user_charsets): Deep copy the
string array. Fixes bug #509434.
2008-01-02 Jeffrey Stedfast
* gmime/gmime-message.c (message_write_to_stream): Reworked the
logic to be easier to understand what is going on.
* gmime/gmime-multipart.c (multipart_write_to_stream): In the case
where multipart->boundary is NULL /and/ we have a raw
header (suggesting a parsed message), do not set a boundary as it
will break the output because it will clobber the saved raw header
and GMimeMessage's write_to_stream() method will have skipped
writing its own headers if its toplevel part (us) have a raw
header set. In this case, also skip writing the end boundary.
2008-01-01 Jeffrey Stedfast
* gmime/gmime-utils.c (g_mime_utils_generate_message_id): Fixed a
Free Memory Read access (FMR) by not freeing 'name' before using
it's value. Also reworked to take advantage of uname(2) or
getdomainname() to get the domain name if available to avoid
having to do a DNS lookup.
2008-01-01 Jeffrey Stedfast
Fixes bug #506701
* gmime/gmime-utils.c (rfc2047_encode_get_rfc822_words): Don't
reset the word-type variable as it needs to be preserved when
breaking long words.
(rfc2047_encode): Switch on word->encoding - if 0, rfc2047 encode
as us-ascii.
2007-12-27 Jeffrey Stedfast
* gmime/gmime-utils.c (decode_8bit): Now takes a default_charset
argument which we use in place of the locale charet if
non-NULL. We also now always include this charset in our list of
charsets to check for a best-match (obviously this charset is
unlikely to be an exact fit if this function is getting called, so
we place it at the end of the list).
(rfc2047_decode_word): If given a valid charset in the
encoded-word token, always use that for charset conversion to UTF-8
even if it doesn't convert fully. We don't want to fall back to
the user's supplied charset list because it may contain iso-8859-1
which will likely always be a 'best-match' charset.
2007-12-26 Jeffrey Stedfast
* gmime/gmime-utils.c (g_mime_utils_decode_8bit): Made public.
* gmime/internet-address.c (decode_mailbox): Instead of doing our
own thing to convert raw 8bit/multibyte text sequences into UTF-8,
use the same function we use in gmime-utils.c's header decoder.
2007-12-25 Jeffrey Stedfast
* gmime/charset-map.c: New source file to generate the charset
map (moved out of gmime-charset.c)
* gmime/gmime-charset.c (main): Removed.
2007-12-25 Jeffrey Stedfast
* gmime/gmime-charset.c (main): Cleaned up the logic and made it
so that we can alias a block to a previous block if the blocks are
identical rather than just aliasing when all values in the block
are identical. Happens to make no difference in the output, but
the logic is now there if that ever changes.
2007-12-24 Jeffrey Stedfast
* gmime/gmime-charset-map-private.h: Regenerated.
* gmime/gmime-charset.c (known_iconv_charsets): Map all of the
gb2312 aliases to GBK as GBK is a superset of gb2312 (apparently
some clients are tagging GBK as gb2312 which is missing some
glyphs contained within GBK).
(main): Added iso-8859-6 to the table for Arabic support.
2007-12-16 Jeffrey Stedfast
* gmime/gmime-utils.c (decode_8bit): When reallocing our output
buffer, we need to update outleft as well.
2007-12-08 Jeffrey Stedfast
* gmime/gmime-utils.c (rfc2047_encode_merge_rfc822_words):
Completely rewritten with new logic which will hopefully group
words more logically.
2007-12-08 Jeffrey Stedfast
Fixes bug #498720
* gmime/internet-address.c (internet_address_list_writer): Renamed
from the temporary internet_address_list_fold() name.
(_internet_address_to_string): New internal function that writes
an InternetAddress to a GString, doing proper folding and rfc2047
encoding if requested.
(internet_address_to_string): Use the new internal function.
* tests/test-mime.c: Added another addrspec test and fixed up some
exception strings to be a little more helpful.
2007-12-05 Jeffrey Stedfast
* configure.in: Fixed a bug where explicitly disabling largefile
support would add -D_FILE_OFFSET_BITS=no to the compiler
CFLAGS. Also added a blaring WARNING when -enable-largefile is
passed.
2007-11-23 Jeffrey Stedfast
Attempt at solving bug #498720 for address fields, altho it should
probably be made to handle folding single addresses in the case
where they are too long to fit within a single line.
* gmime/internet-address.c (internet_address_list_fold): New
function.
* gmime/gmime-message.c (write_structured): Renamed from
write_addrspec().
(write_addrspec): New header writer that writes
InternetAddressLists in a nicely folded manner.
2007-11-12 Jeffrey Stedfast
* gmime/internet-address.c (internet_address_destroy): No need to
check if ia != NULL, we know this is true already.
5.426 2008-03-07 Dave O'Neill <dmo@roaringpenguin.com>
* VERSION 5.426 RELEASED
* (bugfix) require File::Temp 0.18 or newer, as we need seek()
(RT#31032)
* (bugfix) Don't hang forever in t/Smtpsend.t (RT#31082)
* (bugfix) require Perl 5.8.0 or newer in Makefile.PL (RT#30927)
* (bugfix) encode_mimewords() no longer removes spaces between two
encoded words (RT#5462)
http://secunia.com/secunia_research/2008-11/advisory/http://www.frsirt.com/english/advisories/2008/1218
Changes since 0.92.1
This release introduces many new features and engine enhancements, please
see the notes below for the list of major changes. The most visible one
is the new logic in scan limits which affects some command line and config
options of clamscan and clamd. Please see clamscan(1) and clamd.conf(5)
and the example config file for more information on the new options.
Most important changes include:
* libclamav:
- New logic in scan limits: provides much more efficient protection against
DoS attacks but also results in different command line and config options
to clamscan and clamd (see below)
- New/improved modules: unzip, SIS, cabinet, CHM, SZDD, text normalisator,
entity converter
- Improved filetype detection; filetype definitions can be remotely updated
- Support for .cld containers (which replace .inc directories)
- Improved pattern matcher and signature formats
- More efficient scanning of HTML files
- Many other improvements
* clamd:
- NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion, MaxFiles
- ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion,
ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles,
ArchiveMaxCompressionRatio, ArchiveBlockMax
* clamscan:
- NEW CMDLINE OPTIONS: --max-filesize, --max-scansize
- REMOVED OPTIONS: --block-max, --max-space, --max-ratio
* freshclam:
- NEW CONFIG OPTION CompressLocalDatabase
- NEW CMDLINE SWITCH --no-warnings
- main.inc and daily.inc directories are no longer used by ClamAV; please
remove them manually from your database directory
* Handle a potential DOS vulnerability on any host using TMail to
handle incomming email; a crafted email with carefully positioned
whitespace can cause the TMail library to go into an endless loop
causing denial of service attack on email services.
This version fixes a bug in the white/blacklist file processor that
was incorrectly matching domains when wildcards were used. Thanks
to Tom for reporting this one.
Update for draft-kucherawy-sender-auth-header-14.
Add "subject" to "should_signhdrs" per RFC4871 section 5.5.
Fix bug #SF1911328: Restore proper behaviour of SignHeaders and
OmitHeaders, broken in the prior release's configuration
overhaul. Problem reported by Jason Molzen.
Fix bug #SF1912332: Fix parameters passed to db->open(). Problem
reported by Tony Earnshaw.
Fix bug #SF1912569: Initialize mutexes before entering test mode.
Patch from Kaspar Brand.
LIBDKIM: More boundary checking fixes in dkim_canon_selecthdrs().
Problem noted by Warren Horvath.
LIBDKIM: Fix bug #SF1820084: Return DKIM_STAT_MULTIDNSREPLY
if a DNS query returns multiple records.
2.5.2 2008/03/28
Preserve the sender's domain name outside of mlfi_eoh() as it's
now needed in mlfi_eom(). Problem noted by Andy Fiddaman.
Fix bug #SF1921873: Pass "-K" command line switch into the new
configuration handling code. Problem noted by Al Smith.
TOOLS: Fix flags portion of the TXT record output by dkim-genkey.
Problem noted by Michael Carland.
BUILD: Fix bug #SF1922422: Fix linker problems when POPAUTH is
defined.
* The vertical 3-paned view mode was added.
* The feature to save SSL peer certificate was added.
* The option 'Treat HTML only message as attachment' was added.
* The bug that caused busy loop when initial connection was
immediately refused was fixed.
* The bug that the quote description dialog never appeared again
after closing it with the close button was fixed.
* The new/unread status display on quick search filtered mode was fixed.
* The windres command will not be enabled on non-win32 platforms now.
+ Install as a Ruby gem.
* A _LOT_ more documentation...!
* Make ready for Ruby 1.9
* Fixed UNIXMbox code - readonly was not working and raising an exception.
* Multiple froms not being parsed correctly, added a test case to cover
this and show the correct handling
This library allows for the identification of a file's likely MIME
content type. The identification of MIME content type is based on a
file's filename extensions.
(Approved by agc for update during the freeze)
Changes from Alpine 1.00 to 1.10
New in Alpine 1.10
Version 1.10 addresses bugs found in previous releases and has
a few additions as well.
Additions include:
* Add the possibility of setting a default role (see Roles
Screen) which may be convenient if your work flow involves
acting in one role for a while then switching to another role
and staying in the new role for another period of time
* When Saving and the IMAP server problem "Message to save
shrank!" is encountered, ask the user if he or she wants to
continue with the risky Save anyway instead of aborting. This
may be helpful if your IMAP server is broken in this way but
be aware that it is possible there was a real error instead of
just a broken server implementation.
* Some configure adjustments for Kerberos detection and for SCO
OpenServer 5 support
* Hide INBOX in a collection if it also appears as an Incoming
Folder
* Show asterisks for feedback when the user is typing a password
* Performance improvement for threading of large folders
* Previously, the search used to find Pattern matches containing
To patterns searched for both To and Resent-To headers. The
relatively complicated search this produces causes problems
when using some deficient IMAP servers. Now the default is to
look only for To headers and ignore the presence of
Resent-To. The previous behavior may be restored with the Use
Resent-To in Rules feature.
* Add an Unknown Character Set to help with reading malformed
unlabeled messages
* Suppress User Agent When Sending option added
* Map some Shift-LeftArrow escape sequences to LeftArrow
* Add feature Warn if Blank Fcc
Bugs that have been addressed in this release include:
* Crash when encountering certain errors from an SMTP server
* Crash in composer caused by overflow in replace_pat()
* Hang when authenticating to an SMTP server that fails with a
"connection disconnected" error
* Bug in handling of trailing tab character in flowed text
* Security enhancement for mailcap parameter substitution
* Strip From Sigdashes on Reply did not work if the message being
replied to was not flowed text and Do Not Send Flowed Text was
not turned on
* Don't allow printer to be changed through hidden config screen
if system administrator didn't want it to be allowed
* Attempts are sometimes made to set the Forwarded flag when
alpine should know that it won't work, causing error messages
to appear
* A Reply Indent String of double-quote double-quote didn't work
right
* Quoting wasn't being done to protect special characters from
the MacOS X shell when URL-Viewers was not defined
* On MacOS X message attachments should be shown internally
instead of being shown using the Mail application
* When replying to a message with a charset of X-UNKNOWN Alpine
would sometimes set the outgoing charset to X-UNKNOWN, making
the result unreadable
* When the sending of a message failed lines with leading spaces
had one additional space inserted in each of those lines when
the user was returned to the composer
* The WhereIs command missed some index lines that contained
non-ascii characters because it was truncating the line being
searched so that it was shorter than what was visible on the
screen
* When composing, an attachment with a long name that causes
wrapping in just the wrong place would generate an error and
cause the send of the attachment to fail
* After calling the file browser to attach a file in the
composer, a resize of the window when back in the composer
would redraw the last screen that had been shown in the
browser instead of the current composer screen
* Possible crash in index screen when encountering unparseable
addresses or when using one of the PRIORITY tokens or the
HEADER token in the Index Format
* Problems with Header Color editing if the configuration option
Viewer Header Colors was inadvertently changed to the Empty
Value in the hidden config screen
* When resuming the final postponed message from an Exchange
server the user could get a certificate validation failure
because alpine was trying to validate the canonical name of
the folder instead of the name the user used
* Windows line endings in a mimetypes file on a Unix system cause
a failure to find a match
* Make matching of extension names case independent in mimetypes
files
* Windows dialog boxes for entering text were not working correctly
* Replying to or Forwarding multipart/alternative messages which
had a single text/html part did not work well
* Printing the print confirmation page caused a crash
* A To line with a long, quoted personal name could display
incorrectly if it was close to the same width as the screen
* When Enable Incoming Folders Checking and Incoming Checking
Includes Total are turned on hide (0/0) when the folder is
empty
* Folder completion while Saving didn't work if the collection
being saved to was the local home directory
While here, fix a minor DESTDIR botch.
0.1.14 beta-17
- (security) Using File::Spec->canonpath for normalization (trailing slashes)
Check ownership of real directories to avoid race attacks
for symlinks. Thanks to Robert Buchholz.
0.1.14 beta-16 (not released)
- (security) The check for symlinked directories was half complete.
perl ignores -l if the argument has a trailung slash.
Thanks to Andrej Kacian.
0.1.14 beta-15
- (security) $LOCKPATH and its contents weren't checked for being
a symlink which. Thanks to Chris Howells and Andrej Kacian.
- (fix) "dedicated" added to the exclusion list for dialup
checks. A better approach would be to let the user
configure dialup and exclude patterns.
0.1.14 beta-14
- (change) rbls.org link changed to robtext.com
- (change) results with 'rc:' as action are not cached
- (fix) regexp check for dynamic helo/client did hit also some
clients with "static"
- (fix) helo numeric check was too fuzzy.
- (fix) master didn't read config after policyd-weight reload
- (fix) HELO_SEEMS_DIALUP may have scored even if the IP is listed
for the sender domain.
- (fix) An interrupt of policyd-weight -s may cause a SIGPIPE
which killed the cache
- (change) Implemented $NS list. Useful for users with split
horizon DNS
- (fix) don't cache rejections which were deferred (4xx and friends)
- (fix) helo_numeric_score didn't catch [n.n.n.n] helos
- (fix) Header was not included if $dnsbl_checks_only = 1; and
$ADD_X_HEADER = 1; - Thanks to J. Genannt
- (fix) Corrected handling of [n.n.n.n] HELOs and address-literals
as sender (long standing issue)
- (change) Introduced @dnsbl_checks_only_regexps in order to skip
DNS checks for certain client hostnames
- (change) Added -D (Don't detach) switch for daemon-tools/runit users
- (change) Added signals handlers for most of signals so that they are
at least logged, also, provide a perl backtrace.
- (change) prerequisite steps for providing coredumps (build coredump
directories, chdir) - coredumps are non-trivial:
we start as root, change uid. At this moment coredumps
are denied by kernel in order to protect root-data. The only
workaround would be, to start cache and master via system()
after changing uid
- (change) In daemon mode wrongly crafted policy requests don't lead
to a child-exit anymore, only the connection is closed
- (change) log-facilities other than 'info' are now mentioned in log-lines
- (change) SMTP information such as client, helo, sender and to are now
logged in each log-message. If $DEBUG is set this also logs
the instance variable.
- (fix) rbl_lookup used sometimes 65536 as packet id which appeared
to cause problems
- (fix) Check for syslog absence. If syslog is not available then
log temporarily to $LOCKPATH/polw-emergency.log
- (tmpfix) Introduced $TRY_BALANCE which closes connections to smtpds after
they got their response in order to avoid too many established
smtpd->policyd-weight (child) connections.
instead of consisting of a pristine qmail tarball and netqmail
patch, 1.06 has the patch already applied. No user-visible changes
to pkgsrc, either; this just simplifies a weird build and will make
future upgrades (don't laugh!) easier.
jlam@ "looks fine"
Notes:
First "stable" release ever. Introduces an install script, some new features and many bug fixes.
Changes:
- Added interactive installer script
- Allow to send mail with BCC recipients only
- Remember decision to display images for a certain message during session
- Remember search results
- Add Received header on outgoing mail
- Implement Message-Disposition-Notification (Receipts)
- Don't create default folders by default
- Fixed some potential security risks (audited by Andris)
- Filter linked/imported CSS files
- Improve message compose screen
and many bug fixes. See http://trac.roundcube.net/wiki/Changelog for details.
Add "AutoRestartCount" and "AutoRestartRate" configuration
parameters to limit runaway restart loops.
Feature request #SF1735573: Add "AlwaysAddARHeader" option, which
will add an Authentication-Results of "none" for unsigned
messages from domains without a "strict" policy.
Feature request #SF1807748: Reload the configuration file on
receipt of SIGUSR1. Requested by Florian Sager.
Feature request #SF1811969: Add _FFR_BODYLENGTH_DB which adds a
"BodyLengthDBFile" feature, allowing a per-recipient decision
on whether or not to use an "l=" tag when signing. Patch
contributed by Daniel Black.
Feature request #SF1841955: Add an "Include" facility to the
configuration file.
Feature request #SF1876941: Make the syslog facility selectable.
Based on a patch from Jose-Marcio Martins da Cruz of Ecole
des Mines de Paris.
Feature request #SF1876943: Add _FFR_AUTHSERV_JOBID allowing the
job ID to be included as part of the "authserv-id" in
Authentication-Results: headers. Based on a patch from
Jose-Marcio Martins da Cruz of Ecole des Mines de Paris.
Feature request #SF1890581: Attempt to clean up a UNIX domain
socket in the non-AutoRestart case as well. Requested
by Daniel Black.
Add "MilterDebug" configuration file option for requesting debugging
output from the filter.
Add "FixCRLF" configuration file option which activates the
DKIM_LIBFLAGS_FIXCRLF flag (see below).
Update to draft-ietf-dkim-ssp-03. In doing so, rename the
"UseSSPDeny" configuration option to "UseASPDiscard".
Handle an error from dkim_getsighdr() properly in mlfi_eom().
When VERIFY_DOMAINKEYS is active, don't short-circuit mlfi_eoh()
between dk_verify() and dk_eoh() or a segmentation fault below
dk_body() could result.
LIBDKIM: Feature request #SF1823059: Export key, signature and
policy syntax checking capability via the API. Based on
a patch from Chris Behrens of Concentric Network Corporation.
LIBDKIM: Assert defaults for "c" and "q" tags when parsing
signature headers. Patch from Chris Behrens of Concentric
Network Corporation.
LIBDKIM: Better handling of truncated DNS replies; instead of
just giving up if the "tc" (truncated) bit is set in the
reply, see if there was enough of a reply returned to be able
to complete the request.
LIBDKIM: Fix recycling bug in header canonicalizations which was
causing signatures other than the first one to fail in most
cases.
LIBDKIM: Add new dkim_chunk() interface.
LIBDKIM: Enforce DKIM_OPTS_QUERYMETHOD library option even if there
were no valid signatures.
LIBDKIM: New DKIM_LIBFLAGS_FIXCRLF which requests that "naked"
CRs and LFs be converted to CRLFs during canonicalization
when signing.
LIBDKIM: Fix bounds checking in dkim_canon_selecthdrs().
LIBAR: Eliminate a possible race condition in ar_dispatcher().
LIBAR: Timeouts passed to select() can't be bigger than 10^8.
Problem noted by S. Moonesamy of Eland Systems.
BUILD: Feature request #SF1876242: Install the filter in EBINDIR
and everything else in UBINDIR.
Note that the changes for the security hole fix were quite large. I tested with
several auth configurations myself and they seemed to work, but it's possible I
left a bug somewhere in there breaking someone's configuration. So make sure to
test that it works after upgrading.
Of course it would be really nice if Dovecot had a proper test suite where
testing all configurations could be automated and run before each release. I've
already started this with my imaptest tool (http://imapwiki.org/ImapTest), but
it only does IMAP tests and a lot of things are still missing. Some help would
be nice here.
* Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd
and shadow if blocking=yes) where user could specify extra fields
in the password. The main problem here is when specifying
"skip_password_check" introduced in v1.0.11 for fixing master user
logins, allowing the user to log in as anyone without a valid
password.
- mail_privileged_group was broken in some systems (OS X, Solaris?)
- IMAP THREAD: Fixed some correctness problems
long. Patch appended to PHP bug 42862, so the fix may be incorporated in
later PHP releases and thus this patch can be reverted.
http://bugs.php.net/bug.php?id=42862
Bump PKGREVISION of php-imap
* mail_extra_groups setting was commonly used insecurely. This setting
is now deprecated. Most users should switch to using
mail_privileged_group setting, but if you really need the old
functionality use mail_access_groups instead.
- mbox: Dropped some of the physical size fetch optimizations added
in v1.0.8. This makes some commands slower, but should fix the rest
of the problems.
- IMAP: SEARCH BEFORE/ON/SINCE didn't handle timezones correctly.
- ldap: auth_bind was doing lookups using subtree scope instead of
the scope specified in config file.
- zlib plugin crashfixes by Richard Platel
- master passdbs: pass=yes setting was broken with blocking passdbs
(e.g. MySQL)
Security fixes in this version:
MFSA 2008-12 Heap buffer overflow in external MIME bodies
MFSA 2008-07 Possible information disclosure in BMP decoder
MFSA 2008-05 Directory traversal via chrome: URI
MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.12/releasenotes/
of some log entries have changed since 2.6.3; see UPGRADING.txt.
Also, pkgsrc no longer installs the random extra utilities that are
explicitly marked as unnecessary for spamdyke operation. From the
changelog:
VERSION 3.1.6 -- 2/11/2008
Fixed a serious bug in middleman() -- when the remote server sent its message
data and QUIT command in a burst and disconnected before spamdyke read() all
of the data, the last data returned from read() was printed twice. This
could cause message corruption, especially in the case of attachments.
Fixed a serious bug in middleman() -- when the remote server sent its data
in bursts of 4096 bytes AND there were two lines of text in the data
AND the 4096th character was not a newline AND there was a delay between the
data bursts, memmove()ing the buffered data was causing corruption because
the moved data was not being properly re-terminated. While processing the
remaining buffered data (and waiting for another burst from the remote
server), strchr() would seek past the end of the data to an old newline
character and middleman() would erroneously conclude the next line of data
was complete, ready for processing. Many thanks to Andreas Galatis and
Dragomir Denev for reporting and helping me reproduce this one.
Added a -W flag to sendrecv to introduce a delay between message data bursts.
Added a -o flag to smtpdummy to save the message data to a file.
VERSION 3.1.5 -- 1/22/2008
Fixed sendrecv to correctly process corrupted TLS negotiations instead of
covering up bugs in spamdyke.
Fixed spamdyke to not add garbage output at the beginning of TLS passthrough
negotiations. This was causing SSL handshakes to fail. Thanks to Ronnie
Tartar for reporting this one.
VERSION 3.1.4 -- 1/21/2008
Fixed all of the Makefiles to remove a symbols directory Leopard's gcc seems
to create when compiling in debug mode.
Fixed middleman() to log the timeout message only once.
Fixed middleman() to not expect input from the child process when the child
process' input is being ignored or after the child process has exited.
Fixed middleman() to correctly handle a rare situation -- when the child
process was too slow responding that spamdyke's idle timeout was passed
AND spamdyke was processing TLS data AND there was still data in the SSL
buffer, spamdyke would loop infinitely, consuming 100% CPU. This was a
very tricky bug to find and fix. Thanks to Pablo Gonzalez and Paolo for
reporting this one and helping me debug it.
Fixed middleman() to send message data to the child process line-by-line,
even when the buffer is full.
Added a new test program: smtpdummy. This one simulates an SMTP server and
can add delays after specific commands.
Changed sendrecv to use a 64K buffer for input and output data.
Changed sendrecv to kill the its child process after its timeout expires.
Changed sendrecv to optionally continue sending data in bursts after the end
for the message data. Some mail servers do this.
Changed sendrecv to deliberately send corrupt data while TLS is active.
Changed test regression_009 to build its message payload at runtime instead
of including a 0.75M file. This file was unnecesarily increasing the size
of the spamdyke tarball.
Fixed compiling on Solaris. Again. Thanks to Davide Bozzelli for reporting
this. Again. Sigh.
VERSION 3.1.3 -- 1/3/2008
Fixed the format string LOG_INFO_DNS_TXT to assign the parameters correctly
and prevent bus errors when the DNS response text is long. Thanks to
Stephan Rosenke for reporting this one.
VERSION 3.1.2 -- 12/11/2007
Fixed smtp_filter() to set a flag after some SMTP commands to force
middleman() to wait for input from the child process before proceeding.
Some (nonspammer) mail servers send their data in bursts without waiting for
responses. This was causing spamdyke to skip logging (but not filtering)
if the DATA command was sent in a burst with RCPT TO. Thanks to Sebastien
Guilbaud and Bucky Carr for reporting this one.
Added a "-b" flag to sendrecv to simulate servers that send their message data
(but not their SMTP commands) in bursts.
VERSION 3.1.1 -- 11/12/2007
Added excessive logging to search_domain_directory() to log the directory
search pattern.
Changed all calls to spamdyke_log() to use the macros SPAMDYKE_LOG_NONE(),
SPAMDYKE_LOG_ERROR(), SPAMDYKE_LOG_INFO(), SPAMDYKE_LOG_DEBUG() and
SPAMDYKE_LOG_EXCESSIVE() instead. The macro tests the current log level
without forcing a function call and also paves the way toward eliminating
some logging code at compile-time.
Fixed process_access() to correctly search for the RELAYCLIENT variable in
spamdyke's environment. Thanks to Steve Cole for reporting this one.
VERSION 3.1.0 -- 11/5/2007
Changed the "graylist-dir" and "no-graylist-dir" options to take multiple
directories for servers that are hosting so many domains that they can't
create enough domain folders in one place (wow).
Added minimum and maximum values to all integer options and changed
set_config_value() to generate error messages when values are out of range.
Change usage() to print minimum and maximum integer values.
Alphabetized the option list by long option name and changed
process_config_file() to use a binary search algorithm when identifying
directives, a theoretical improvement from O(n/2) to O(log n).
Changed prepare_settings() to create an array of options indexed by the short
option code. This introduces some constant-time work (O(1)) and greater
memory usage.
Changed process_command_line() to use the indexed array of options,
theoretically reducing command line parsing work from O(n/2) to O(1).
This is a win if the command line has many parameters or if it has
parameters that are near the end of the unindexed option array.
Testing confirms a small performance gain.
Added command line options "config-test-smtpauth-username" and
"config-test-smtpauth-password".
Changed config_test_smtpauth() to run the authentication command(s) if a
username and password are provided. This incorporates the functionality of
checkpassword into spamdyke.
Added the command line option "config-test-user" to change user and group IDs
before running the configuration tests. This makes it easier to simulate
running as the mail server.
Changed process_config_file() and process_command_line() to print errors and
stop when they encounter an option that is not legal in that location. At
the moment, "help", "version", "config-test",
"config-test-smtpauth-username", "config-test-smtpauth-password" and
"config-test-user" are not valid in files; all options are valid on the
command line.
Changed config_test_dir_read() and config_test_graylist() to never examine the
"." or ".." folders, even if readdir() and/or stat() report they are not
folders. Thanks to Paulo Henrique for reporting this one.
Changed set_config_value() to remove trailing slashes from directory paths.
Added test_spamdyke_binary() to check if the spamdyke binary is setuid root
(it should not be).
Renamed test_settings() to config_test().
Moved all of the configuration test functions to config_test.[ch] -- they were
cluttering up configuration.c.
Made a few small updates to the help message text.
Added additional vchkpw exit codes to exec_checkpassword() to explain why
vchkpw exited, since it doesn't follow DJB's published checkpassword API.
Moved md5.[ch] from the "utils" folder to the "spamdyke" folder and updated
Makefile to compile them into spamdyke.
Removed passwordcheck from the "utils" folder since spamdyke now contains its
functionality.
Added a README file to the "utils" folder to answer the biggest FAQ about
those utilities.
Fixed exec_command() to connect the output pipe to the child process's stdin
instead of file descriptor 3. The bug was due to copying
exec_checkpassword() and forgetting to change the value.
Renamed exec_checkpassword() to exec_checkpassword_argv() and changed its
arguments to expect a filename and an argument array.
Added exec_checkpassword() to parse a command string into an argument array
and call exec_checkpassword_argv().
Renamed exec_command() to exec_command_argv() and changed its
arguments to expect a filename and an argument array.
Added exec_command() to parse a command string into an argument array
and call exec_command_argv().
Fixed numerous bugs in exec_command_argv() that were preventing it from
actually gathering any input from the child process.
Changed exec_command_argv() and exec_checkpassword_argv() to always log their
child process errors to syslog, regardless of the user's preferences.
Otherwise, the errors will be lost.
Added the function find_path() to search the PATH for the given command
without executing it.
Changed exec_command_argv() and exec_checkpassword_argv() to use find_path()
to locate the executable before fork()ing to catch typos. The child
processes then use execve() to execute the command instead of exec_path().
Otherwise, the parent has a hard time determining that the child process
quit because the command path was invalid.
Changed exec_command_argv() and exec_checkpassword_argv() not to wait
indefinitely for the child to exit after the timeout expires.
Changed dns_txt(), dns_ptr_lookup() and dns_mx() to limit the total number of
queries they will recursively perform. This is to prevent a DoS situation
where some domain has an unreasonable number of chained (non-circular) CNAME
records. The limit is (arbitrarily) set at 16.
Added the function config_test_child_capabilities() to test the qmail binary
for SMTP AUTH and TLS patches. Depending on what is found, recommendations
for spamdyke flags are made.
Changed check_rdns_keywords() to allow top-level domains (like .com) to be
used as keywords. This allows a way to reject connections from remote
servers with rDNS names that contain the IP address and a two-letter country
code. Unlike check_country_code(), specific country codes can now be
chosen.
Fixed do_spamdyke() not to wait indefinitely for all child processes to exit.
This behavior was causing problems with DJB's recordio because recordio
fork()s and uses its parent process to exec() spamdyke. This is very
unusual. Changing wait(NULL) to waitpid() fixes the problem. Thanks to
Bob Hutchinson for reporting this one.
Added dns_initialize() and dns_get() to perform DNS queries by sending UDP
packets instead of using the resolver library to do it. The resolver
functions are just too slow and they try to do too much unnecessary work.
dns_get() performs multiple requests for records (one for each kind of
desired record) and, if no responses are received, sends requests to the
secondary nameservers as well. Timeouts and retransmission times can now
be controlled. This has resulted in a significant speedup in DNS
resolutions; testing shows as much as a 10x performance increase in some
situations.
Changed dns_txt(), dns_ptr_lookup() and dns_mx() to search all of the answers
for the desired answer type before recursively querying CNAME answers. Some
nameservers always put the CNAME answers first, even if other answer types
are also given. This should allow spamdyke to find answers faster when
domain admins have used a lot of CNAMEs.
Added dns_a() to perform A record queries and changed all uses of
gethostbyname() to use dns_a() instead.
Changed dnsa, dnsmx, dnsns, dnsptr, dnssoa and dnstxt in the "utils" folder to
only perform their specific queries, not ask for CNAME records as well.
Changed dnsa, dnsmx, dnsns, dnsptr, dnssoa and dnstxt in the "utils" folder to
send their own UDP packets instead of using the resolver library.
Added dnscname to the "utils" folder to perform CNAME queries.
Added dnsany to the "utils" folder to perform ANY queries and perform
recursive CNAME lookups.
Added "log-target" option to allow logging to stderr instead of syslog. Some
people apparently like using the qmail-style "multilog" instead of syslog.
I can't understand why but I'm here to serve. Thanks to John Hallam for
suggesting this one.
Changed all of the error messages about unexpected file types to specify what
file type was found -- "non-regular file" was too vague to be useful.
Changed the header in the files created by full logging to include the
spamdyke version.
Changed tls_end_inner() to use SSL_get_shutdown() to see if a shutdown signal
has already been received. If SSL_shutdown() is used on a closed file
descriptor, spamdyke will crash with SIGPIPE.
Changed all instances of read(), write(), SSL_read() and SSL_write() to read
or write as many bytes as possible in each call. This should provide a
significant performance increase. The single-byte read()s and write()s
were only used because I had badly misunderstood the relationship between
select() and read()/write() -- blocking only occurs when select() indicates
a file descriptor is not ready. If it is ready, read() and write() will
handle as many bytes as they can without blocking. Thanks to Trog for
setting me straight on this one.
Rewrote most of sendrecv in the "tests" folder to use a multi-byte read().
Also took the opportunity to make sendrecv much faster and more polite, so
it doesn't consume 100% CPU while waiting for qmail output.
Fixed compiling errors on 64 bit Linux systems (Debian Etch x86_64 and Gentoo
AMD64). Thanks to Juha-Pekka Jarvenpaa and FireBall for reporting this.
Added config_test_file_type() to use stat() to find a file's type if readdir()
either doesn't report it (Solaris) or reports "unknown" for all files (XFS).
Thanks to Paulo Henrique for reporting this one.
Fixed compiling errors on Solaris. Thanks to Limperis Antonis for reporting
this.
Changed the logging severity of the "unable to write X bytes to file
descriptor" to debug instead of error. 99% of the time, the error occurs
because the remote client disconnected unexpectedly and there's nothing
the administrator can do about it anyway.
Changed do_spamdyke() to ignore SIGPIPE signals.
Changed do_spamdyke(), exec_command_argv() and exec_command_checkpassword()
to change the SIGPIPE signal handler back to default for child processes
after fork()ing but before exec()ing.
Added a new logging level: excessive (4). It's to be used for printing very
detailed debugging statements.
Changed process_access() to permit access when no matching lines are found in
the access file. Although DJB's tcprules documentation doesn't explicitly
say so, no matching lines should allow access. Thanks to Steve Cole for
reporting this one.
VERSION 3.0.1 -- 9/12/2007
Fixed "configure" to remove the "_beta1" tag from the version number. That
should never have been published.
Changed usage() to show that optional values to long commands must be
separated by an equals sign. getopt_long() is really becoming a hassle.
Thanks to Richard Kreider for reporting this one.
Fixed find_address() to accept addresses that aren't correctly delimited with
<> characters and/or have multiple (illegal) spaces after the colon. Thanks
to Davide Bozzelli for reporting this one.
Fixed prepare_settings() to set the idle timeout seconds to the correct
variable instead of setting the connection timeout variable. Thanks to
Carlo Blohm for reporting this one.
Fixed smtp_filter() to print the rejection message to HELO and EHLO, even if
those commands appear in an improper place in the protocol.
Fixed smtp_filter() to print the rejection message with an error code in
response to STARTTLS if the command is given in an improper place in the
protocol.
Added some regression tests to find these bugs in the future.
Fixed the usage statement in sendrecv to show the -w flag.
VERSION 3.0.0 -- 9/11/2007
Added command line options never-graylist-rdns-dir, always-graylist-rdns-dir
and rdns-whitelist-dir to search domain directory structures just like
rdns-blacklist-dir.
Added the command line option rdns-blacklist-file to search a file just like
rdns-whitelist-file.
Moved the command line option labels into configuration.c so they can be
shared with the config file parser.
Changed process_command_line() to build the list of short options from the
list of long options instead of hardcoding them. Less maintenance this way.
Modified check_rdns_keywords(), search_file() and search_tcprules_file() to
correctly track line numbers and return the matching line number instead of
just 1.
Changed logging to allow the amount of information to be turned up or down.
This should make spamdyke less chatty in the syslog for small errors.
Modified smtp_filter() and run_tests() to report the matching filename and
line number from check_rdns_keywords(), search_file() and
search_tcprules_file() in syslog if the logging level is high enough.
Fixed find_address() to locate the real email address and ignore BATV tags,
relay paths and bang paths. Thanks to Walter Russo for reporting this one
(again).
Changed middleman() to obey minimums and maximums for the amount of time to
select() for traffic. If spamdyke waits too long, the qmail process might
not get wait()ed for a while, leaving a lot of defunct/zombie processes
around. On a busy server, this could be a problem. Thanks to Jason M for
reporting this one.
Added process_config_file() to process configuration files instead of
requiring all configuration to be done on the command line. At the moment,
the file just uses the same (long option) directives as the command line.
Added test_settings() to run tests on every configuration option and
(hopefully) identify misconfigurations before someone makes them on a live
server.
Added the command line option "config-test" to run test_settings().
Renamed log_writeln() and log_write_rejection() to output_writeln() and
output_write_rejection(), respectively, to make it clearer what they're
doing.
Changed smtp_filter() to allow multiple authentication attempts. Some
clients retry authentication several times, presumably to deal with servers
that can't use the authentication method they prefer.
Changed middleman() to collect (and send) whole lines of input instead of
single characters. Single character write()s were causing problems with
Nagios and Windows clients.
Changed output_write_rejection() to create a single output line and send it
to output_writeln() all at once instead of sending a piece at a time. This
keeps packets together for stupid Windows clients that just can't handle
reassembling TCP packets correctly.
Changed main() to always run spamdyke (as opposed to starting qmail without
spamdyke listening) even if a whitelist is matched. This way, spamdyke
can report all traffic to syslog, not just traffic that _may_ be filtered.
Changed smtp_filter() and middleman() to catch the return codes from qmail
when the remote client gives the recipient address. Now, if spamdyke
doesn't block the recipient command but qmail does (e.g. for relaying),
spamdyke will log the correct message.
Incorporated GNU autoconf to create a "configure" script for spamdyke and the
"utils" folder. The days of "make no_tls" and "make bsd" are thankfully
over.
Renamed all of the test folders to group them by function so it's easier to
see what tests exist. Sequential numbers just weren't working.
Changed dns_mx() to lookup the MX record before returning success. This means
the sender MX filter now requires a mail exchanger record _and_ at least one
mail exchanger must have an IP address. Before, the MX record was enough,
even if there was no corresponding A record.
Changed usage() to read the options and help text from get_spamdyke_options()
in configuration.c so the help message won't ever be out of sync with the
available options again.
Added the command line option "tls-privatekey-password-file" to allow the SSL
private key password to be read from a file instead of the command line.
This way, the password isn't visible to everyone who can view a process
list.
Changed search_file(), search_tcprules_file() and check_rdns_keywords() so
they no longer build their fscanf() patterns into a stack variable but
instead use a literal search pattern assembled at compile time with
STRINGIFY().
Added the command line options "hostname-file" and "hostname-command" to
support reading the local hostname from a file or from a command (e.g.
"hostname -f") instead of forcing it to be specified on the command line.
Changed middleman() and smtp_filter() to always monitor and trust
authentication carried out by qmail, even if "smtp-auth-command" was not
given. This means spamdyke will always disable its filters for
authenticated users even if it can't check the authentication itself.
I'm not sure why I didn't design spamdyke this way in the first place.
Added command line options recipient-whitelist-file and sender-whitelist-file
so specific sender and recipient addresses can bypass the filters. Sender
addresses are very easy to fake and recipient addresses are, of course,
known to spammers, so both of these options are ill-advised. I've only
added them due to popular demand.
Added command line option check-rhsbl to check righthand-side blacklists.
Both the server's rDNS domain name and the sender's email domain name are
checked.
Added command line options check-dns-whitelist and check-rhs-whitelist to
allow DNS RBLs and RHSBLs to act as whitelists instead of blacklists.
Anyone using DNS-based blacklists _and_ whitelists had better have some
seriously fast DNS servers.
Changed dns_txt(), dns_mx() and dns_ptr_lookup() to pass a stack of previous
queries whenever they recursively lookup CNAME records, to prevent a cylical
CNAME structure from leading to infinite recursion.
NOT BACKWARDS COMPATIBLE: Changed the syslog entry format: renamed "origin" to
"origin_ip", added "origin_rdns:" before the rDNS name, added "auth:"
before the authenticated username and added "reason:" before the rejection
reason when a timeout occurs.
Changed process_command_line() to assume the remote IP address is 0.0.0.0 if
the environment variable TCPREMOTEIP is not set.
Added a ton more test scripts for all of the new options and for testing
config files.
Added dnsa, dnsns and dnssoa to the "utils" folder for performing DNS queries
of A, NS and SOA records, respectively. Wouldn't it be AMAZING if the
libc maintainers added standard functions to do these queries?!
NOT BACKWARDS COMPATIBLE: Changed the "flag" options to take optional
arguments instead of simply assuming "true" when the option was given.
Unfortunately, getopt_long() is too stupid to handle them properly, which
means clustered options (e.g. -rRc) can no longer be used. They must be
separated (e.g. -r -R -c). Also, arguments given with the short version
must not be separated by a space (e.g. -l3).
NOT BACKWARDS COMPATIBLE: Renamed the long command line option "use-syslog"
to "log-level".
Fixed middleman() to completely bypass all processing when TLS passthrough is
active. The additional processing was buffering TLS traffic until the data
contained a newline character (purely by coincidence). This buffering was
preventing the passthrough from functioning properly. Thanks to Dominik
Dausch for reporting this one.
mailwrapper sendmail is invoked, rather than finding pkgsrc postfix's
/usr/pkg/sbin/sendmail. Systems not known to use mailwrapper remain
as they were, although they probably have residual similar problems.
(Perhaps mailwrapper support needs to be part of pkgsrc with a
mk/mailwrapper.mk to force inclusion and also set a sendmail
variable.) Discussed with tron@
"courier-gnutls" option/toggle that allows using GNU TLS instead of
defaulting to OpenSSL.
Bump the PKGREVISION of couriertcpd, courier-imap, and courier-mta to 1.
* A "consider new mail as read" action has been added.
* An optional message count has been added over the icon.
* A "Play a sound when new mail arrives" option has been added.
* Passwords are now stored using GNOME Keyring.
* Gmail label support has been added.
* Yahoo! Mail support has been added.
* Windows Live Hotmail support has been added.
* A number of minor issues have been fixed.
* And more, see the NEWS file.
+ Add full DESTDIR support.
+ New "gnutls" option to select between using GNU TLS and OpenSSL.
Default to "ssl".
+ New "wide-curses" option to select between curses and wide-curses
displays. Default to "curses".
* Add/fix GNU TLS support in cone.
The Turba Contact Manager versions H3 (2.2-RC3) and H3 (2.1.7) have been
released. These are security releases that fix unchecked access to contacts
in the same SQL table, if the unique key of another user's contact can be
guessed. All users are encouraged to upgrade to this version.
+ Update courier-maildir and maildrop dependencies to latest (0.58.0 and
2.0.4nb3).
+ Create necessary directories in the rc.d script in a start_precmd.
Bump the PKGREVISION to 2.
include:
+ Add full DESTDIR support.
+ Don't create empty, unused directories under
${PREFIX}/share/examples/courier.
+ Teach mkesmtpdcert generate certificates and keys using the either
GNUTLS or OpenSSL tools.
* Fix a memory stomp in local delivery agent.
* Get rid of the hard 30 minute timeout in sendmail(8).
* Rewrite input processing for submit(8) process to use non-blocking
I/O to read standard input. When the message source is local (or
dsn), get rid of the hard 30 minute timeout, and poll stdin with a
5 minute poll() timeout, at which point the timestamps on all open
control and data files are pinged, to keep courierd from purging
them based on their old timestamp. Continue to use a hard timeout
for all non-local mail.
from courier-0.58.0. Changes from version 4.2.1 include:
+ Teach mkimapdcert and mkpop3dcert to generate certificaties and keys
using either GNUTLS or OpenSSL tools.
* Remove \Draft flag from messages moved to the trash folder upon expunge
from the original folder.
* Make clock-skew check more reliable.
from <URL:http://cr.yp.to/distributors.html>:
What are the distribution terms for daemontools?
2007.12.28: I hereby place the daemontools package (in particular,
daemontools-0.76.tar.gz, with MD5 checksum
1871af2453d6e464034968a0fbcb2bfc) into the public domain. The
package is no longer copyrighted.
What are the distribution terms for djbdns?
2007.12.28: I hereby place the djbdns package (in particular,
djbdns-1.05.tar.gz, with MD5 checksum 3147c5cd56832aa3b41955c7a51cbeb2)
into the public domain. The package is no longer copyrighted.
What are the distribution terms for ucspi-tcp?
2007.12.28: I hereby place the ucspi-tcp package (in particular,
ucspi-tcp-0.88.tar.gz, with MD5 checksum
39b619147db54687c4a583a7a94c9163) into the public domain. The
package is no longer copyrighted.
Am I free to modify uncopyrighted packages and distribute modified
versions?
Yes. But this does not mean that modifications are _encouraged_!
And from <URL:http://cr.yp.to/qmail/dist.html>:
I hereby place the qmail package (in particular, qmail-1.03.tar.gz,
with MD5 checksum 622f65f982e380dbe86e6574f3abcb7c) into the
public domain. You are free to modify the package, distribute
modified versions, etc.
This does not mean that modifications are encouraged!
pkgsrc will strive, as it has, to keep modifications to a tasteful
minimum. This addresses PR pkg/37964 by Aleksej Saushev.
* LIBDKIM: Fix bug #SF1867839: 64-bit portability in rfc2822.c.
Patch from Geoff Adams.
* Update for latest Authentication-Results: header draft.
* Take advantage of some more features that were introduced with
milter v2 in sendmail 8.14.0:
* Report "hardfail" instead of "fail" on authentication failures,
in compliance with the Authentication-Results: draft.
* Fix use of "UseSSPDeny" to include handling of unsigned messages.
* Replace "gentxt.csh" with more robust "dkim-genkey" utility.
And *lots* more (the package in pkgsrc was 2 years+ old)
See RELEASE_NOTES for all the details
* explicitly close current IMAP mailbox when selecting a new one,
so all servers expunge deleted mail. Thanks: Josh Triplett.
* include experimental spec file for creating RPM with rpmbuild.
Thanks: Dag Wieers, Rob Loos, Dries Verachtert.
* convert changelog to utf-8 encoding.
* update email addresses, etc. Domain for mailing lists has changed
to lists.pyropus.ca.
* add FAQ about memory errors on OS X. Thanks: Andres Gasson.
* drop log message level for stderr output of destination if
ignore_stderr is set, just like for filter. Thanks: Jeremy
Chadwick.
* Local feeds (/home/user/file.xml) should work
* Now really compatible with SunOS
* Don't wrap long subject headers
* New parameter CHARSET_LIST to override or supplement the order
in which charsets are tried against an entry
* Don't use blank content to generate id
* Using GMail as mail server should work
- TLS (SSL) support was streamlined further, and provides a new security level
based on certificate fingerprints instead of CA signatures. See TLS_README
for details.
- Milter support was updated from the Sendmail 8.13 feature set and now
includes most of the features that were introduced with Sendmail 8.14. See
MILTER_README for details.
- Stress-adaptive configuration was introduced. This allows the Postfix SMTP
server to temporarily adjust its rules under conditions of overload, such as
a malware attack or backscatter flood. See STRESS_README for details.
[pkgsrc: this obsoletes the "postfix-stress" option which provided the same
functionality via a distribution patch]
- The queue manager scheduler was refined. It now provides per-transport
scheduling controls and allows for adjustment of the sensitivity to mail
delivery (non-)errors. See SCHEDULER_README.
- Security was improved by introducing a Postfix-owned data_directory for
storage of randomness, caches and other non-queue data. This change avoids
future security loopholes due to untrusted data sitting in root-owned files
or in root-owned directories. Writes to legacy files in root-owned
directories are automatically redirected to files in the new data_directory.
No functionality has been removed, but it is a good idea to review the
RELEASE_NOTES file for the usual minor incompatibilities or limitations.
protocol pair. libspf2 is a library which allows email systems such as
Sendmail, Postfix, Exim, Zmailer and MS Exchange to check SPF records
and make sure that the email is authorized by the domain name that it
is coming from. This prevents email forgery, commonly used by spammers,
scammers and email viruses/worms.
pkgsrc change:
* Use INSTALLATION_DIRS
* Update HOMEPAGE.
Since changes are too many to write here, please refer pages linked from News
in http://tmail.rubyforge.org/.
Requested by minskim@ via private mail.
no IPv6 connectivity from the client to that site. Prior to this fix,
the fallback to IPv4 wasn't working properly. (The fix should be in
the next release of libetpan.)
* 2007-09-06: version 1.31
- support CIDR-style addresses in the client whitelist (Claudio Strizzolo)
- improve logging of unresolveable hosts (Adrian von Bidder, Heiko
Schlichting)
- updated whitelist
- fix unix socket permission issues (Martin F Krafft, Adrian von Bidder,
Leos Bitto, Debian bug #376910)
- fix regexps for matching hosts in whitelists (Antonello Nocchi)
- do maintenance after the current request and not before (Clifton Royston)
next stable release (expected by the end of January). Experimental releases
are now labeled 2.6-* but we'll track the 2.5.0 release candidates for now and
switch to 2.6 snapshots later.
Lots of changes, see HISTORY/RELEASES_NOTES for details.
Ok with martti.
default (this doesn't actually depend on Dovecot for building, the code is
shipped with Postfix).
Set the default value for smtpd_sasl_type to "dovecot" unless cyrus SASL is
enabled, too. This ensures backwards compatibility for most cases.
Ok with martti, joerg.
* Add preliminary DKIM support.
* Bugzilla 592: --help option is handled incorrectly if exim is invoked
as mailq or other aliases. Changed the --help handling significantly
to do whats expected. exim_usage() emits usage/help information.
* Added the -bylocaldomain option to eximstats.
* Bugzilla 619: Defended against bad data coming back from gethostbyaddr
* Bugzilla 613: Documentation fix for acl_not_smtp
* Bugzilla 628: PCRE update to 7.4 (work done by John Hall)
(disabled by default). This functionality will be included in Postfix 2.5 but
has been proven very succesful on the mailing lists so Wietse provided a patch
for Postfix 2.3 and 2.4.
See http://www.postfix.org/STRESS_README.html#adapt for configuration details.
Pkgsrc changes:
- none
Changes since version 0.29:
===========================
Version 0.30 - released 2008-01-10
* includes speed-up optimizations by Mark Martinec
* DomainKeys, implement proper identity matching...
a DomainKey-Signature's domain should match the From/Sender address
* several more test cases
* API improvements:
* accept additional arguments when creating Signer/Signature
* bugfixes:
* DomainKey-Signature headers were not "prettified"
* granularity ending with '*' was not checked correctly
* DomainKey-Signature granularity was checked against the wrong value
Pkgsrc changes:
- Due to "user-destdir" mode not working yet switched to "destdir" mode
for the time being.
- Explicitly listed licence information.
- Listed submitted bug identifiers for patch-ba and patch-bc.
Changes since version 3.2.3:
============================
3.2.4 is a major bug-fix release, with a few minor new features. Summary of
changes:
- bug 5599: allow load distribution of SA nameserver queries across all
nameservers listed in resolv.conf, using 'dns_options rotate'. thanks
to Pawel Sasin <hannibal /at/ wp-sa.pl>
- bug 5673: 'ALL' header was including spurious extra spaces between header
names and values. fix
- bug 5594: several major sa-compile fixes. major increase in overall speed;
cache results between runs to further increase speed; and fix a danger of
massive memory usage
- bug 5556: fix a variety of sa-compile portability issues, and support for
5.6.x perls
- bug 5514: make 'score set for a non-existent rule' a debug message, instead
of a lint warning, since it's a very frequent FAQ
- bug 5493: sa-compile fails to correctly deal with escaped backslashes. fix
- bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against
securitysage.com) due to unreliability
- bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add
a rule for their strictly-confirmed-opt-in-required zone
- bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're
obsolete, given the current capabilities of AOL mail user agents
- bug 5632: remove all completewhois.com DNSBL lookups, site seems to have
disappeared without warning
- bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS,
for redundancy
- bug 5662: DKIM changes: recognize author signature and multiple signatures
for whitelisting (with Mail::DKIM 0.29); disable useless
"check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and
"check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new
tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification
speedup with Mail::DKIM 0.30 (or its pre-releases)
- bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints,
to avoid corruption of patterns containing UTF-8
- bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex,
resulting in incorrect permissions on that file; fix by Mihaly Barasz
- bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files
named '__db.{filename}' are present; work around. thanks to J. Nick
Koston for the report and fix
- bug 5606: too-early init_learner() call causes root's user prefs file to
be read when spamd is started; this is inappropriate. fix
- bug 4179: if allow_user_rules is 1, user rules are not unique to each
user; one user's user rules can appear in later scans for other users
that are run using the same spamd process. fix
- bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives
the message from an untrusted X-Originating-IP: header. fix
- bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP,
SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are removed
- bug 5557: some temporary files are left not cleaned up on Windows; fix
- bug 5661: speed up Bayes SQL queries by allowing the use of indexes when
expiring
- bug 5611: support 'spamd --nouser-config -u username', which setuids to
'username' but does not read user_prefs files from anywhere
- bug 5665: spamd may fail to notice that a child has completed exiting,
and keeps in the child list in state 'K', eventually filling up the
child list with 'ghost' children. fix
- bug 5735: spamc should allow retry_sleep 0
- bug 5728: spamd: require -u with --sql-config or --ldap-config
- bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false
positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB
due to no hits
- bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and
'X-SenderIP' headers, too, thanks to Martin Blapp
- Bug 5589: Refined async events handling and DNS lookup completions
- bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname
in the Received header, like Communigate Pro. add an exception for this
- bug 5748: fix locale problem with use of external sort in sa-compile
# Several GUI improvements
The colour preferences have been split into tabs.
Improve the way 'Find in current message' search results are
shown by vertically centering the selected text in the
Message View.
Improvements to the 'List URIs' dialogue.
Filtering/Processing Match Type dialogue has been reworked.
Several other layout improvements.
# Several address book improvements
Added Custom Attributes, which can be edited from
'/Tools/Edit custom attributes...' and are used from the
'Name' drop down list on the 'Edit Person Details' dialogue.
Always add a new contact if any value is set, instead of
silently rejecting it when an email address is not set.
Better guessing of contact name from incomplete name
information.
Better display of contacts that have no name set, in contact
lists, group contents, find duplicate results.
Error messages don't show in the status bar anymore, alert
panels are used instead.
Several other GUI improvements.
# Added optional Tooltips to the Message List. This is enabled by the
'Show tooltips' option on the '/Display/Summaries' Preferences page
and is only possible with GTK+ >= 2.12
# Much improved handling of Return Receipts, both outgoing and
incoming.
# Added the option to use the system defaults for External Programs
preferences on the '/Message View/External Programs' page.
# Added "select first email in list" to the list of possible
selections in the 'Set default selection on entering a folder'
options on the '/Display/Summaries' preferences page.
# IMAP: Added IMAP tags support. (Note: 'Bandwidth-efficient' mode
prevents fetching of tags.)
# IMAP: Optimised flag handling and message copying.
# Improved printed page layout for built-in GTK+ printing
Bold fonts are now used where appropriate and a demarcation
between header and body has been added.
# Optimised filtering on flags/tags changes.
# MAEMO: Added LED flashing for new mail alerts
# MAEMO: Made all of the left of column in the Folder List a hotspot
for expanding/collapsing the tree.
# Updated translations: Brazilian Portuguese, French, German,
Hungarian, Italian, and Spanish
Pkgsrc changes:
- none
Relevant changes since version 0.28:
====================================
Version 0.29 - released 2007-11-08
* verifiers can now access all parsed signatures and their results,
not just signatures that were fully tested
* signer policies can now specify what private key file to use
* some other minor API improvements
* bugfixes:
* for DomainKeys signatures, fixed a compatibility issue handling
the h= tag
* for DKIM, signature expirations had been ignored
* for DKIM, signature identities did not have to match the domain
* for DKIM, public key granularity field had been ignored
Based on packaged by URA Hiroshi in pkgsrc-wip
and Tetsuya Isaki via private mail.
IM provides a series of user interface commands (imput, imget, imls, ...)
and backend Perl5 modules to integrate E-mail and NetNews user interface.
They are designed to be used both from Mew version 1.x and on command line.
* The encoding method of MIME headers is now determined by outgoing
encoding rather than the value of MB_CUR_MAX.
* The memory leaks and warnings in LDAP search were fixed.
* The beep on folders with one message when using GTK+ 2.12 was removed.
* Win32: The crash that occurred when trying to display some TIFF files was fixed.
* Win32: Settings are now automatically saved on the shutdown of system.
v1.0.8 and v1.0.9 were a bit bad releases. Hopefully one day I've managed to
have written a proper test suite which can be run before doing any releases..
* Security hole with LDAP+auth cache: If base setting contained
%variables they weren't included in auth cache key, which broke
caching. This could have caused different users with same passwords
to log in as each other. [pkgsrc: this was fixed in dovecot-1.0.9nb1]
- LDAP: Fixed potential infinite looping when connection to LDAP
server was lost and there were queued requests.
- mbox: More changes to fix problems caused by v1.0.8 and v1.0.9.
- Maildir: Fixed a UIDLIST_IS_LOCKED() assert-crash in some conditions
(caused by changes in v1.0.9)
- If protocols=none, don't require imap executables to exist
There are three types Mozilla mirrors.
(http://www.mozilla.org/mirroring.html)
* mozilla-current
contains only the current version of Firefox and Thunderbird
* mozilla-release
contains Firefox, Thunderbird, and Sunbird releases
* mozilla-all
complete archive
Define following variables for mozilla master sites:
MASTER_SITE_MOZILLA_ALL = mozilla-all
MASTER_SITE_MOZILLA = mozilla-release
and change some packages to use appropriate variable.
Update contents of MASTER_SITE_MOZILLA with master and primary mirrors
taken from http://www.mozilla.org/mirrors.html and add some sample definitions.
This release provides various bugfixes, optimisations and improvements
to the scanning engine. The new features include support for ARJ and
SFX-ARJ archives, AutoIt, basic SPF parser in clamav-milter (to reduce
phishing false-positives), faster scanning and others (see ChangeLog).
To get a consistent behaviour of the anti-phishing module on all platforms,
libclamav now includes the regex library from OpenBSD.
This package is DESTDIR ready.
libSieve 2.2.6
--------------
- Fix for bracketed comments (thanks to Daniel Shahaf).
- More graceful handling of malformed addresses (thanks to Paul Stevens).
- Return header and address errors separately from script parse errors.
