* Session ID is now included by default in auth and login process log lines. It
can be added to mail processes also by adding %{session} to mail_log_prefix.
+ Added ssl_require_crl setting, which specifies if CRL check must be successful
when verifying client certificates.
+ Added mail_shared_explicit_inbox setting to specify if a shared INBOX should
be accessible as "shared/$user" or "shared/$user/INBOX".
- v2.1.5: Using "~/" as mail_location or elsewhere failed to actually expand it
to home directory.
- dbox: Fixed potential assert-crash when reading dbox files.
- trash plugin: Fixed behavior when quota is already over limit.
- mail_log plugin: Logging "copy" event didn't work.
- Proxying to backend server with SSL: Verifying server certificate name always
failed, because it was compared to an IP address.
* libXp was used by Xaw8, but it had been obsolated, and in pkgsrc,
x11/libXaw/buildlink3.mk had been switched to pick up Xaw7 by default.
* With x11/xorg-cf-files, libXp was offered with XawClientLibs,
but updated to 1.0.4, it was removed.
* And pkgsrc had been switched to use always xorg-cf-files and imake from pkgsrc,
so all platforms should not require libXp from libXaw with Imake.
Bump PKGREVISION.
Patches from Bernd Ernesti on pkgsrc-users.
Changelog:
The following problems are fixed.
* Security fixes
* Using MAPI send with Thunderbird in offline mode will now work correctly
* Language packs will now work for all releases of an ESR branch
* Remove unused option.
* Update enigmail to 1.4.1
Changelog:
* Global Search results now include message extracts in the results
* Various security fixes
* Various improvements to RSS feed subscription and general feed handling
* Thunderbird now supports add-ons that provide different types of
local mail storage
Major changes with Postfix 2.8.10
---------------------------------
This release adds support to turn off the TLSv1.1 and TLSv1.2
protocols. Introduced with OpenSSL version 1.0.1, these are known
to cause inter-operability problems with for example hotmail.
The radical workaround is to temporarily turn off problematic
protocols globally:
/etc/postfix/main.cf:
smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtpd_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
However, it may be better to temporarily turn off problematic
protocols for broken sites only:
/etc/postfix/main.cf:
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
/etc/postfix/tls_policy:
example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
Important:
- Note the use of ":" instead of comma or space. Also, note that
there is NO space around the "=" in "protocols=".
- The smtp_tls_policy_maps lookup key must match the "next-hop"
destination that is given to the Postfix SMTP client. If you
override the next-hop destination with transport_maps, relayhost,
sender_dependent_relayhost_maps, or otherwise, you need to specify
the same destination for the smtp_tls_policy_maps lookup key.
* IMAP: When neither the session nor the mailbox has modseq tracking enabled,
return the mailbox as having NOMODSEQ in SELECT/EXAMINE reply. Old versions
in this situation always simply returned HIGHESTMODSEQ as 1, which could have
broken some clients.
+ dict file: Added optional fcntl/flock locking (default is dotlock)
+ fts-solr: doveadm fts rescan now resets indexes, which allows reindexing
mails. (This isn't a full rescan implementation like fts-lucene has.)
+ doveadm expunge: Added -d parameter to delete mailbox if it's empty after
expunging.
- IMAP: Several fixes related to mailbox listing in some configs
- director: A lot of fixes and performance improvements
- v2.1.4 didn't work without a mail home directory set
- mbox: Deleting a mailbox didn't delete its index files.
- pop3c: TOP command was sent incorrectly
- trash plugin didn't work properly
- LMTP: Don't add a duplicate Return-Path: header when proxying.
- listescape: Don't unescape namespace prefixes.
version 2.09: Sat Feb 25 14:47:39 CET 2012
Improvements:
- remove dependency to Test::Pod by moving 99pod.t from t/
to xt/ as result of rt.cpan.org#69918 [Martin Mokrejs]
Changes to the Cyrus IMAP Server since 2.4.15
* Bug #3651 - 64 bit dirhash breaks existing systems. NOTE this
includes a fix to the re-written rehash tool released with 2.4.15
Changes to the Cyrus IMAP Server since 2.4.14
* Bug #3664, #3665 - Sieve filters don't work if mailbox contains
dots
* Bug #3651 - 64 bit dirhash breaks existing systems. NOTE - this
includes a complete rewrite of tools/rehash, making it much simpler
and more reliable. Check the usage statement
* Bug #1228 - mailbox dumps need to dump quotaroots
* Bug #3613 - CATENATE command returns BADURL
* Bug #3627 - enabling improved_mboxlist_sort documentation mention
subscription files
* Bug #3661 - Memory leaks in sync_server, nntpd, popd
* Bug #3621 - quota bug involving nested quota roots
* Bug #3667 - FLAGS.SILENT needs to return new MODSEQ if QRESYNC
enabled
- switch to using BODY.PEEK in IMAP retrieval; I no longer see
problems with this feature in my testing. If users experience
incompatibility with any IMAP servers where 4.25.0 worked, please
let me know.
+ Added mail_temp_scan_interval setting and changed its default value
from 8 hours to 1 week.
+ Added pop3-migration plugin for easily doing a transparent IMAP+POP3
migration to Dovecot: http://wiki2.dovecot.org/Migration/Dsync
+ doveadm user: Added -m parameter to show some of the mail settings.
- Proxying SSL connections crashed in v2.1.[23]
- fts-solr: Indexing mail bodies was broken.
- director: Several changes to significantly improve error handling
- doveadm import didn't import messages' flags
- mail_full_filesystem_access=yes was broken
- Make sure IMAP clients can't create directories when accessing
nonexistent users' mailboxes via shared namespace.
- Dovecot auth clients authenticating via TCP socket could have failed
with bogus "PID already in use" errors.
the IMAP server:
Panic: file mail-storage.c: line 628 (mailbox_alloc): assertion failed:
(uni_utf8_str_is_valid(vname))
Problem reported and fix tested by Thorsten Frueauf.
Set LICENSE while here.
imap-2007f fixes a couple bugs.
Fix for RFC 4959 Initial Client Response auth failures noted first by
MacOSX Lion Mail users.
Adjust tcp_open.c:tcp_socket_open to make it a little more useful by adding
a write file descriptor test to the select in the case that the open
timeout is set.
In osdep/unix/env_unix.c:create_path there was a printf that should have
been an sprintf. Doesn't matter on modern systems.
4.1
* IPv6 support
* Significantly improved performance
* Cygwin compatibility (for use under Windows)
* Ability to execute arbitrary programs when users log in
* And lots more
== MIME::Types 1.18 / 2012-03-20
* New MIME Types:
* Types reported in Issue #6
(https://github.com/halostatue/mime-types/issues/6):
* CoffeeScript (text/x-coffeescript; .coffee; 8bit).
* AIR
(application/vnd.adobe.air-applicationinstaller-package+zip, .air;
base64).
* WOFF (application/font-woff; .woff; base64).
* TrueType (application/x-font-truetype; .ttf; base64).
* OpenType (application/x-font-opentype; .otf; base64).
* WebM (audio/webm, video/webm; .webm). Issue #11
(https://github.com/halostatue/mime-types/issues/11).
* New extensions:
* f4v/f4p (video/mp4, used by Adobe); f4a/fb4 (audio/mp4, used by Adobe).
* Bug Fixes:
* It was pointed out that Licence.txt was incorrectly named. Fixed by
renaming to Licence.rdoc (from Issue/Pull Request #8,
https://github.com/halostatue/mime-types/issues/8).
* It was pointed out that a plan to have the test output generated
automatically never went through. Issue #10
(https://github.com/halostatue/mime-types/issues/10)
pam.buildlink3.mk. This is wrong and a hack, but it gets the package
building again in my test environment. Someone please revert this and
do it right.
Currently there seems to be logic for enabling PAM in the build or not
on various platforms depending on whether native PAM appears to exist.
This is higly bogus; the package should be cleaned up so it either
depends on PAM or doesn't, regardless of platform, or preferably makes
it a build option.
XXX.
* A new -G option causes files created by mimedefang to
be group-readable and sockets to be group readable/writable.
* The multiplexor snoops in on communications and saves the
Sendmail queue-ID for logging purposes. It logs the queue ID when
logging a slave's STDERR.
* MIMEDefang passes along the client port number, server IP address
and server port number to all filter functions. This feature was
sponsored by Scayl.
Exact changes aren't available but they are similar as ruby-mail 2.4.3 and
2.4.4 for these security fixes.
* Fix security vulnerability allowing command line exploit when using
file delivery method
* Fix security vulnerability allowing command line exploit when using
exim or sendmail from the command line
== Version 2.4.4 - Wed Mar 14 22:44:00 +1100 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Fix security vulnerability allowing command line exploit when using file delivery method
== Version 2.4.3 - Tue Mar 6 19:38:00 UTC 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Fix security vulnerability allowing command line exploit when using exim or sendmail from the command line
* Change Mail#deliver! to also inform the interceptors
* Encodings.value_decode(str): Treat lines with mixed encoding correctly when the line ends with a plain text part.
== Thu Jan 19 13:49:34 UTC 2012 Mikel Lindsaar <mikel@reinteractive.net>
* Fix non ascii character folding problems
* Handle multipart mail in Mail::Message#to_yaml / #from_yaml
* More warning fixes
* Normalize the Parse Error class and messages
* Fix for Mail::Encodings.unquote_and_convert not handling unquoted characters mixed in between quoted strings
* Updated treetop to latest version, specs now run approximately 25-30% faster!
* Version bump to 2.4.1 and gem release
== Sun Jan 15 18:15:56 UTC 2011 Mikel Lindsaar <mikel@reinteractive.net>
* Speed up reading of messages by about 12x
* Added Message#without_attachments! that removes all message's attachments
* Added shoulda-style RSpec matchers
* Added support for @ in display name
* Added support for the :tls and :ssl options
* Added UTF-16 and UTF-32 support
* Added Exim as it's own delivery manager
* Added Ruby 1.9.3 compatibility
* Fix for Sendmail return-path escaping
* Fix for alias for SJIS was changed from shift_jis to windows-31J in Ruby 1.9.3
* Fix for undefined method 'constantize' error when no ActiveSupport loaded
* Fix Mail::Field#== comparison
* Fixed Regexp warning: character class has duplicated range
* Fixed encoding non-latin names in addresses
* Fixed issue with non-7bit attachment filenames
* Now define String#blank? only if not defined yet
* Decoding text parts using charset from Content-Type field
* Per RFC 5322, do not accept emails with consecutive dots
* Bunch of bug fixes from contributed pull requests
* Travis CI setup and passing on 6 rubies
* Upgrade RSpec to 2.8.0
* Lots of warnings fixed
* Version bump to 2.4.0 and gem release
There are a ton of proxying related improvements in this release. You
should now be able to do pretty much anything you want with Dovecot
proxy/director.
This release also includes the initial version of dsync-based replication.
I'm already successfully using it for @dovecot.fi mails, but it still has
some problems. See http://dovecot.org/list/dovecot/2012-March/064243.html
for some details how to configure it.
+ Initial implementation of dsync-based replication. For now this
should be used only on non-critical systems.
+ Proxying: POP3 now supports sending remote IP+port from proxy to
backend server via Dovecot-specific XCLIENT extension.
+ Proxying: proxy_maybe=yes with host=<hostname> (instead of IP)
works now properly.
+ Proxying: Added auth_proxy_self setting
+ Proxying: Added proxy_always extra field (see wiki docs)
+ Added director_username_hash setting to specify what part of the
username is hashed. This can be used to implement per-domain
backends (which allows safely accessing shared mailboxes within
domain).
+ Added a "session ID" string for imap/pop3 connections, available
in %{session} variable. The session ID passes through Dovecot
IMAP/POP3 proxying to backend server. The same session ID is can be
reused after a long time (currently a bit under 9 years).
+ passdb checkpassword: Support "credentials lookups" (for
non-plaintext auth and for lmtp_proxy lookups)
+ fts: Added fts_index_timeout setting to abort search if indexing
hasn't finished by then (default is to wait forever).
- doveadm sync: If mailbox was expunged empty, messages may have
become back instead of also being expunged in the other side.
- director: If user logged into two directors while near user
expiration, the directors might have redirected the user to two
different backends.
- imap_id_* settings were ignored before login.
- Several fixes to mailbox_list_index=yes
- Previous v2.1.x didn't log all messages at shutdown.
- mbox: Fixed accessing Dovecot v1.x mbox index files without errors.
* Update Lightning to 1.3 from 1.3b1
Changelog:
* Support for Apple iCloud and Chandler servers improved
* Support for high contrast themes (needs to be enabled in the preferences)
* New toolbar to adapt to Thunderbird's Tabs-on-Top
- Fix handling of % character in IMAP protocol (#1488382)
- Fix duplicate names handling in addressbook searches (#1488375)
- Fix displaying of HTML messages from Disqus (#1488372)
- Disable E_STRICT warnings on PHP 5.4
- Prevent from folder selection on virtual folder collapsing (#1488346)
- Fix automatic unsubscribe of non-existent folders
- Fix double-quotes handling in recipient names
- User configurable setting how to display contact names in list
- Make contacts list sorting configurable for the admin/user
- Fix parse errors in DDL files for MS SQL Server
- Revert SORT=DISPLAY support, removed by mistake (#1488327)
- Add lost translation label in de_DE (#1488315)
- Fix drafts update issues when edited from preview pane (#1488314)
- Fix wrong variable name in rcube_ldap.php (#1488302)
- Make mime type detection based on filename extension to be case-insensitive
- Fix failure on MySQL database upgrade from 0.7 - text column can't have default value (#1488300)
Release date: 2012-03-12 10:04 UTC
Release state: stable
Changelog:
* Request #19009: Remove error_reporting from tests [alec]
* Fixed Bug #19094: Email addresses do not have to contain a space
between the name and address part [alec]
* Fixed Bug #19328: Wrong encoding of filenames with comma [alec]
Bugs resolved in 2.4.14
* Bug #2685 folder delete and annotations
* Bug #3381 tools/rehash script is not 64bit safe
* Bug #3405 tls support for ctl_mboxlist
* Bug #3452 sieve uses mailbox name in internal format in autoreply
* Bug #3485 cyr_expire tries to delete parent directories that are not empty
* Bug #3582 Extra LF+SP characters been inserted in the middle of the XML
attachments
* Bug #3598 lmtp auditlog for murder proxy mode
* Bug #3623 OpenBSD (and other platforms without working mmap) multiple bugs
* Bug #3636 Renaming a mailbox doesn't remove old folder
* Bug #3628 folders with spaces and subfolders with same prefix as parent folder
don't show up
* Bug #3634 RENAME INBOX no longer works
* Bug #3635 cmd_rename() fails to check error codes
* Bug #3636 unexpunge locks mailbox until all output is emitted
* Bug #3637 imapd and ipop3d in 2.4 no longer log expunge events to syslog
* Bug #3640 LMTP accepts NULL bytes in headers, resulting in incorrect header/
mail size in meta-data
* Bug #3642 iPhone 5 expects SPECIAL-USE in LIST output
* Bug #3645 Ability to delete folder "shared"
* Bug #3649 unable to remove mailbox
* Bug #3650 ENVELOPE contains unexpected CRLF
Postfix stable release 2.8.9 is available. This contains fixes that
are already part of Postfix 2.9 and 2.10.
* The "change header" milter request could replace the wrong
header. A long header name could match a shorter one, because
a length check was done on the wrong string. Reported by
Vladimir Vassiliev.
* Core dump when postlog emitted the "usage" message, caused
by an extraneous null assignment. Reported by Kant (fnord.hammer).
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
Fix bug #SF3400670: Send ADSP failure reports when rejecting
a message.
Fix bug #SF3419149: Add MaximumSignedBytes to opendkim-config.h.
Fix bug #SF3441240: Appy ReportBccAddress when generating ADSP
reports.
Fix bug #SF3447199: Fix logic preventing the application of the
BodyLengthDB.
Fix Authentication-Results generation with "AddAllSignatureResults"
enabled.
Fix a crash bug when trying to handle certain malformed header fields
in verify-only mode.
Improve error checking in the callback provided to libunbound to
avoid crashes.
Cope with versions of Sleepycat DB that crash when asking for a file
descriptor for in-memory databases.
Don't override "On-NoSignature" when "Quarantine" is set.
Ignore header field names that contain semi-colons, as they produce
syntactically invalid signatures.
LIBOPENDKIM: Fix bug #SF3465400: Don't use "new" as a parameter name
in dkim.h since that's an error for C++.
LIBOPENDKIM: NOERROR is the same as NXDOMAIN for the purposes of
the ADSP existence check. Problem noted by Todd Nagengast.
LIBOPENDKIM: Return DKIM_STAT_SYNTAX from dkim_header() if the header
field name contained a semi-colon.
LIBAR: After computing a timeout, if the fractional seconds portion
adds to exactly a second, convert that amount to seconds.
Previous versions only converted when the fractional portion
exceeded a second. This led to threads that spin
indefinitely. Problem noted by Todd Lyons and Gary Mills;
forensic evidence revealing the problem at long last provided
by Todd Lyons.
STATS: Fix a crash bug in opendkim-importstats due to improper handling
of NULL returns from SQL.
2.4.2
Don't apply BodyLengthDB when not signing.
LIBOPENDKIM: Update for draft-kucherawy-dkim-atps-06.
LIBOPENDKIM: Terminate the strings returned by dkim_sig_getsubstring()
and dkim_sig_getidentity() whenever possible.
CONTRIB: Change "chkconfig" instruction in RHEL init script,
and a minor tweak to the RPM spec file.
2.4.1 2011/06/28
Fix bug #SF3312691: Add "-e" command line switch to extract a value
from configuration.
Fix bug #SF3324488: Accommodate postfix's job ID generation by moving
the BodyLengthDB check down to EOH.
Fix bug #SF3327106: Fix mode-based short-circuit logic.
Patch #SF3321766: Remove "-d" from usage message (not implemented).
Print database error strings instead of just return codes in
query test mode, and clean up error strings when extracting
them from the layers below.
Minor fixes related to use of OpenDBX.
LIBOPENDKIM: Fix bug #SF3328330: Correct generation of "z=" tags.
LIBOPENDKIM: Patch #SF3313534: Improve thread-safe use of OpenSSL
in dkim_init() and dkim_free().
LIBOPENDKIM: Patch #SF3314269: Change all uses of off_t to ssize_t,
as the former is reserved for use with filesystem APIs.
LIBOPENDKIM: Make the user context pointer (void) rather than
(const void) since the caller is allowed to change it.
LIBOPENDKIM: Proper handling of DKIM_CBSTAT_ERROR from the prescreen
and final callbacks.
LIBOPENDKIM: Fix up initialization under _FFR_OVERSIGN.
BUILD: Adjust gprof code to accomodate systems that put profiling
output in <binary>.gmon rather than gmon.out.
2.4.0 2011/06/06
Feature request #SF3060140: Extension of odkim.sign() to include
maximum signed byte count.
Feature request #SF3171865: Add _FFR_LUA_GLOBALS, enabling a
mechanism to maintain state between Lua scripts.
Feature request #SF3241982: Optionally add an Authentication-Results
field for all signatures present, not just the first good one.
Feature request #SF3256630: Add _FFR_RATE_LIMIT, enabling hooks for
post-verification rate controls.
Feature request #SF3290461: Add optional support for querying a
memcache daemon via libmemcached.
Feature request #SF3299041: Be tougher on use of the "l=" tag by
removing "BodyLengths", renaming "BodyLengthDBFile" to
"BodyLengthDB", and allowing pattern matches. This
effectively activates _FFR_BODYLENGTH_DB as well.
Feature request #SF3303911: Add "DisableADSP" setting.
In the stats recording code, only check for a domain match for
signatures that don't have errors (i.e., short circuit if
sigerror is not zero).
LIBOPENDKIM: Feature request #SF2969516: Teach dkim_chunk() about
DKIM_LIBFLAGS_FIXCRLF.
LIBOPENDKIM: Feature request #SF3123731: Extend FixCRLF to cover
header fields.
LIBOPENDKIM: Feature request #SF3151534: Extract DKIM reputation
support to its own library.
LIBOPENDKIM: Feature request #SF3279589: Add _FFR_XTAGS, adding
support for generic extension tags in signatures.
LIBOPENDKIM: Feature request #SF3300738: Add dkim_sig_getqueries()
and dkim_policy_getqueries() to assist API consumers that
have their own DNS mechanisms not directly adaptable to ours.
LIBOPENDKIM: Return an error from dkim_getsighdr() or
dkim_getsighdr_d() if called after a key load failure.
LIBAR: Check that the descriptor's write socket is writable before
calling ar_sendquery() when trying to identify open requests
that need retransmission.
STATS: Feature request #SF3066106: Add "opendkim-anonstats" tool.
CONTRIB: Paths in init/redhat/opendkim are now auto-generated.
Activate _FFR_MAXVERIFY.
(while here, set LICENSE=apache-1.1.)
------
v2.3.6
------
[mjr] Fix issue that caused erroneous file listings for objects in sources
without a __uid value.
[jan] Allow to export photo/logo fields to vCard without MIME type.
[jan] Support X-EPOCSECONDNAME fields of Nokia phones.
[jan] Add upgrade scripts for next-generation SQL share driver.
[jan] Fix splitting up names when exporting to N properties of vCards.
[jan] Only set the encoding parameter for binary data in vCards, if data is not
empty (Bug #9413).
[jan] Fix searching for fields matching an email address if using 'emails'
attribute instead of 'email' (Bug #9472).
[jan] Use personal address books first if determining the default one (Valentin
Vidic, Request #9367).
[jan] Use name format preference not only for paging, but for sorting too
(Request #8806).
[jan] Fix photo corruption when exporting to vCard 3.0 (Bug #9100).
------
v2.3.5
------
[jan] Correctly export FN vCard property if 'alternative_name' is set, but not
'name' (Bug #9207).
[jan] Fix import of addresses from LDIF (Axel Jurak, Bug #9215).
[jan] Speed up browsing of long address books.
------
v2.3.4
------
[jan] Remove deleted contacts from distribution lists in the same address book.
[mjr] Allow creation of default, personal address book when other read-only
sources are present.
[mjr] Log in history when deleting all of a user's contacts (Bug #8755).
[jan] Only export non-empty fields if exporting manually.
[jan] Add export to vCard 3.0.
[jan] Only synchronize those fields that are supported by the client
(Request #6658, requires Horde 3.3.7).
------
v2.3.3
------
[jan] Fix syntax of MSSQL scripts (Bug #8664).
[jan] Add preference for the name format to use for sorting (Request #6721).
[jan] Condense whitespace in composite fields (Request #8654).
[jan] Add and fix Oracle-specific SQL scripts.
[jan] Add Croatian translation (Matej Vela <matej.vela@carnet.hr>,
Iva Rumora <iva.rumora@zg.t-com.hr>).
[mjr] Fix permission checking for virtual address books.
[jan] Update deleted attributes during synchronization (lst_hoe02@kwsoft.de,
Request #6658).
[jan] Support X-ANNIVERSARY, X-CHILDREN, and X-SPOUSE vCard fields
(Request #8074).
[jan] Fix copying and moving of image fields (Ryu <ryu@ryux.org>, Bug #8523).
[jan] Don't return an error on empty LDAP search results (Bug #8595).
[jan] Replace PHP5-only code from the LDIF exporter (Bug #8586).
------
v2.3.2
------
[mms] Upgrade prototype.js to v1.6.1.
[jan] Fix synchronization with output compression enabled (Bug #7769).
[mjr] Fix contacts being deleted during synchronization when moved from one
address book to another (ryu@ryux.org, Bug #8487).
[mjr] Add new API method for retrieving the default share for a source.
[jan] Don't overwrite the compositing fields, when importing composite fields.
[cjh] Fix searches for multiple strict fields and at least one non-strict field
(tinu@humbapa.ch, Bug #7876).
[mjr] Specific timeobject categories are now only advertised when they are
present in a configured source.
(while here, set LICENSE=gnu-gpl-v2.)
-------
v4.3.11
-------
[mms] SECURITY: Fix XSS vulnerabilities on the compose page, the contacts popup
window, and with certain IMAP mailbox names.
-------
v4.3.10
-------
[jan] Don't submit the action form when reloading messages with iTip
attachments (Bug #9502).
* Renamed sieve_global_path setting to sieve_default for clarity. Old name is
still recognized for backwards compatibility. Support for the ancient (pre
v1.1) name for this setting "global_script_path" is now dropped.
* Added means to prohibit use of redirect action. Setting sieve_max_redirects
to 0 now means that redirect is disallowed in stead of unlimited. Default
value remains four.
* Fixed interaction of Sieve include extension with ManageSieve. It is updated
to match new requirements in the draft include specification. Missing
included scripts are no longer an error at upload time.
* Updated RFC2822 header field body verification to exclude non-printing
characters (RFC5322). Only Sieve actions that can create unstructured header
values (currently enotify/mailto and editheader) are affected by this change.
+ Completed sieve-filter tool to a useful state. The sieve-filter tool provides
a means to (re)filter messages in a mailbox through a Sieve script.
+ Implemented the Sieve editheader extension. It is now possible to add and
remove message headers from within Sieve.
+ ManageSieve: added support for reading quoted and literal strings as a
stream. Fixes support for handing large SASL responses (analogous to similar
changes in Dovecot). It is now also allowed to use a quoted string for the
PUTSCRIPT script argument.
+ Added code to cleanup tmp directory in Sieve storage directory (sieve_dir)
every once in a while.
+ Added support for substituting the entire message during Sieve processing.
This is used for the filter action provided by the new sieve_extprograms
plugin (provided separately for now). The filter action allows passing the
message through an external program.
+ Added support for restricting certain Sieve language extensions to
(admin-controled) global scripts. Restricted extensions can be configured
using the new sieve_global_extensions setting. This is particularly useful
for some of the Dovecot-specific (plugin-based) Sieve extensions, that can
be somewhat hazardous when under direct control of users (e.g.
sieve_extprograms).
* Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate,
expire, trash, virtual
* auth_username_format default changed to %Lu. If you really want case
sensitive usernames, set it back to empty.
* Solr full text search backend changed to use mailbox GUIDs instead of mailbox
names, requiring reindexing everything. solr_old backend can be used with old
indexes to avoid reindexing, but it doesn't support some newer features.
* Expire plugin: Only go through users listed by userdb iteration. Delete dict
rows for nonexistent users, unless expire_keep_nonexistent_users=yes.
* Temporary authentication failures sent to IMAP/POP3 clients now includes the
server's hostname and timestamp. This makes it easier to find the error
message from logs.
* dsync was merged into doveadm. There is still "dsync" symlink pointing to
"doveadm", which you can use the old way for now. The preferred ways to run
dsync are "doveadm sync" (for old "dsync mirror") and "doveadm backup".
+ imapc (= IMAP client) storage allows using a remote IMAP server to be used as
storage. This allows using Dovecot as a smart (caching) proxy or using dsync to
do migration from remote IMAP server.
+ Mailbox indexing via queuing indexer service (required for Lucene)
+ Lucene full text search (FTS) backend rewritten with support for different
languages
+ FTS finally supports "OR" search operation
+ FTS supports indexing attachments via external programs
+ IMAP FUZZY extension, supported by Lucene and Solr FTS backends
+ IMAP SPECIAL-USE extension to describe mailboxes
+ Mailbox list indexes
+ Statistics tracking via stats service. Exported via doveadm stats.
+ Autocreate plugin creates/subscribes mailboxes physically only when the
mailbox is opened for the first time. Mailbox listing shows the autocreated
mailboxes even if they don't physically exist.
+ Password and user databases now support default_fields and override_fields
settings to specify template defaults/overrides.
+ SCRAM-SHA-1 authentication mechanism by Florian Zeitz
+ LDAP: Allow building passdb/userdb extra fields from multiple LDAP attributes
by using %{ldap:attributeName} variables in the template.
+ Improved multi-instance support: Track automatically which instances are
started up and manage the list with doveadm instance commands. All Dovecot
commands now support -i <instance_name> parameter to select the instance
(instead of having to use -c <config path>). See instance_name setting.
+ auth: Implemented support for Postfix's "TCP map" sockets for user existence
lookups.
- listescape plugin works perfectly now
Changes since 2.1.0:
+ dsync: If message with same GUID is saved multiple times in session, copy it
instead of re-saving.
- acl plugin + autocreated mailboxes crashed when listing mailboxes
- doveadm force-resync: Don't skip autocreated mailboxes (especially INBOX).
- If process runs out of fds, stop listening for new connections only
temporarily, not permanently (avoids hangs with process_limit=1 services)
- auth: passdb imap crashed for non-login authentication (e.g. smtp).
- The Postfix sqlite client, introduced with Postfix 2.8, had an
embarassing bug in its quoting routine. As the result of a
last-minute code cleanup before release, this routine returned the
unquoted text instead of the quoted text. The opportunities for
mis-use are limited: Postfix sqlite database files are usually owned
by root, and Postfix daemons usually run with non-root privileges so
they can't corrupt the database. This problem was reported by Rob
McGee (rob0).
- The Postfix 2.8.4 fix for local delivery agent database lookup
errors was incomplete. The fix correctly added new code to detect
database lookup errors with mailbox_transport_maps,
mailbox_command_maps or fallback_transport_maps, but it failed to
log the problem, and to produce a defer logfile record which is
needed for "delayed mail" and "mail too old" delivery status
notifications.
- The trace(8) service, used for DSN SUCCESS notifications, did not
distinguish between notifications for a non-bounce or a bounce
message, causing it to "reply" to mail with the null sender
address. Problem reported by Sabahattin Gucukoglu.
- Support for Dovecot auth over TCP sockets, using code that already
existed for testing purposes. Patrick Koetter kindly provided an
update for the SASL_README file.
- Workaround in the LDAP client for changes in the under-documented
OpenLDAP API, by Victor Duchovni.
Changes from previous:
----------------------
version 2.102: Wed Jan 4 09:31:51 CET 2012
Fixes:
- regex which matched attributes dumped core on hugh attributes.
rt.cpan.org#69414 [Yanyan Yang]
- document generation fixes.
Improvements:
- correct synopsis of ::Thread::Manager
- ::Thread::Node::threadToString uses study() on subject
version 2.101: Thu Aug 25 10:16:03 CEST 2011
Fixes:
- multipart's-part content-type could remove some attributes
rt.cpan.org#69516 [Yanyan Yang]
- filenames in content-disposition fields are sometimes charset
encoded (not supported by the RFCs) Decode them.
[Thomas Karcher]
- example how to use $msg->moveTo() was wrong. [Flash]
Improvements:
- use the Net::Domain::hostfqdn() for the creation of unique
message-ids if libnet is installed.
rt.cpan.org#69803 [Christoph 'Mehdorn' Weber]
version 2.099: Thu Jul 7 16:02:38 CEST 2011
Fixes:
- body() of structured studied fields failed.
Improvements:
- add overloading of comparison to Mail::Message::Field::Address
objects. Triggered by [Andrew Beverley]
- implement study on date fields.
version 2.098: Thu Mar 17 09:01:36 CET 2011
Fixes:
- accept mbox message separators from the 60's, because mozilla
uses 1-1-1965 as default separator when importing mail.
rt.cpan.org#65572 [Willi Mann]
- accept mbox message separators from the upcoming 20's
- Mail::Transport::POP3 has use_ssl setting too late [Mark Delany]
- Mail::Transport::IMAP4 folder create produced "use of
undefined". rt.cpan.org#66001 [Willi Mann]
- Error message when stringifying a studied empty field.
rt.cpan.org#66381 [Florian]
- do not split headers for encoded components which contain
blanks (which is illegal) reported by [Florian]
Improvements:
- maildir: do not remove :2, from the filename if there are
no flags. [Mikolaj Kucharski]
version 2.097: Wed Jan 26 16:11:41 CET 2011
Fixes:
- override Mail::Transport::Sendmail destinations included
original destinations.
rt.cpan.org#64266 [Andrew Beverley]
Improvements:
- added examples/strip-spam-markup.pl by [Gary Funck]
- do not hardcode perl version in test.pl, hopefully resolving many
cpantesters complaints.
- randomize boundary string to avoid (undemonstrated) security risks
with boundary guessing.
- manual pages produced with new version of OODoc, producing more
condensed output.
version 2.096: Tue Nov 9 10:04:25 CET 2010
Fixes:
- allow dot in username for pop/imap (probably used by someone)
[Jim Cromie]
Improvements:
- spelling fixes
rt.cpan.org#59061 [Salvatore Bonaccorso]
- implement Mail::Box::POP3s [Jim Cromie]
- do not run test-scripts with -T, because modern TAP::Harness
uses PERL5LIB which is disabled by the flag.
version 2.095: Fri Jul 2 11:17:35 CEST 2010
Fixes:
- permit additional colons in maildir filenames.
rt.cpan.org #58534 [Stefan Kangas]
- maildir messages in the 'new' queue will not get ":2,", as in
mutt. rt.cpan.org#58550 [Stefan Kangas]
- fix handling of messages with empty bodys. Had mild consequences
to multipart preamble and prelude processing.
rt.cpan.org#58544 [Stefan Kangas]
Improvements:
- spelling fixes
rt.cpan.org#56678 [Salvatore Bonaccorso]
version 2.094: Tue Apr 6 11:17:15 CEST 2010
Fixes:
- parse address phrase with line fold in ::Full:Addresses
rt.cpan.org#55309 [Diomidis Spinellis]
- handle empty preambles and postludes in multiparts even
very strict, because the may be signed.
rt.cpan.org#54529 [John Gardiner Myers]
Improvements:
- fix documentation on use of Mail::Message::Head::build()
and a few more minor documentation errors. [Kiss Gabor]
- $msg->reply fallback to From address, not only Reply-To
- add example/unpack.pl
- added install configuration choice "none". Also control
via environment variables.
- spelling fixes.
rt.cpan.org#53127 [Salvatore Bonaccorso]
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
- rewrite of Mail::Message::Full:decode(), because original
trick for blank removal kept on biting me. Now implemented
without trick.
rt.cpan.org#52600 [Dmitry Bigunyak]
- make text/plain default when a body is created, as promised
by the documentation.
rt.cpan.org#52278 [Dmitry Bigunyak]
- add toplevel() to ::Body::Multipart and ::Body::Nested to
support reply() called on message parts.
- fix tests-script to make MIME::Entity cleanup the msg-* files
in the tests/ directory.
Improvements:
- rewrite of SYNOPSIS for Mail::Message::Field::Addresses
rt.cpan.org#43703 [Dmitry Bigunyak]
- added Mail::Box::Locker::FcntlLock, contributed by Jim In Aus
rt.cpan.org#48568 [Jim in Aus]
- support additional headers to a reply message.
- added explanation of character-set "PERL" for a ::Body
(suggested by [Dmitry Bigunyak])
version 2.092: Fri Nov 20 16:13:46 CET 2009
Fixes:
- do not set all signal handlers to "exit(0)"
rt.cpan.org#50433 [Slaven Rezic]
- do not enforce the use of /usr/bin/perl in the test-scripts,
but use the perl which is selected via the path.
version 2.091: Sun Sep 6 23:54:17 CEST 2009
Fixes:
- Another fix to thread detection start where first message
is not found. rt.cpan.org#40347 [Florian]
- translate '_' to blank when charset not known.
rt.cpan.org#41661 [Florian]
- no "undef" for field Content-Length with empty message bodies.
[Daniel Richard G.]
- Mail::Message::Body::eol() with parameter sometimes did not
return a body but a character.
rt.cpan.org#49334 [Brian McCauley]
- Mail::Message::Body::eol() should add \n to last texts line
if it is missing.
rt.cpan.org#49362 [Brian McCauley]
Improvements:
- better "From " message separator line generated when converting
messages for Mbox storage. Written by [Daniel Richard G.]
version 2.090: Tue Jun 2 11:56:28 CEST 2009
Fixes:
- second attempt to use Encode to do base64/qp encoding in
Mail::Message::Field::Full, This time with test script.
[Alexander Averyanov]
- Mail::Box::Locker::POSIX lock did always succeed.
rt.cpan.org#46003 [Rainer Schöpf] via Debian#528364
- Maildir accept lower-case flags
rt.cpan.org#42182 [Hardaker]
- Message parser needlessly required read access to folders.
rt.cpan.org #46388 [Mike Ekberg]
version 2.089: Mon Apr 20 21:00:34 CEST 2009
Fixes:
- do not restart parser after folder write, which could end-up in
empy folders if mode=='w' [Reinier Post]
- fix takemail script for Mbox.
rt.cpan.org#44439 [Reinier Post]
- alternative option names for 'file' in various lockers, needed
to be able to use them in the multi-locker. Needed by [Mark Hedges]
- use Encode to do base64/qp encoding in Mail::Message::Field::Full,
which handles multibyte characters correctly. Patch by
[Alexander Averyanov]
version 2.088: Thu Mar 19 08:54:31 CET 2009
Fixes:
- ::Parser::Perl should call binmode() as method on the file-
handle to work. [Ashwini Singh]
- pre-created locker object cannot be passed to Mail::Box::open()
because its creation requires a Mail::Box object. [Mark Hedges]
- recover from illegal phrases in email addresses, for studied
fields in Mail::Message::Field::Addresses [Robert Bruccole]
- require Date::Format, introduced in 2.082 [cpantesters]
Improvements:
- specify encoding type of character-set (q or b) with
Mail::Message::Field::Address objects.
Requested by [Alexander Averyanov]
- default mail box locker object should use the same logging
settings as the mail box itself. Spotted by [Mark Hedges]
- the existence of Mail/Makefile.PL was an accident.
version 2.087: Tue Feb 3 12:41:10 CET 2009
Fixes:
- more character-decoding errors in field study.
rt.cpan.org#41661 [Florian]
- username in folder URL must get decoded as well, to allow
'@' signs and colons in the usernames.
rt.cpan.org#41976 [Matt S Trout]
- accept unknown flags for Maildir.
rt.cpan.org#42182 [Wes Hardaker]
Improvements:
- add DIGEST-MD5 and LOGIN to the AUTO search list of IMAP4.
Triggered by rt.cpan.org#42136 [Alexander Thoukydides]
- add warnings on two spots that message labels may get lost
when moving them to an other folder type.
- use external file for body after 100kB, not 10kB. Should
improve on performance.
2012-01-31 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.2.0
* [DKIM] fix mis-canonicalization of empty message body in "relax" mode
2011-12-05 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.1.992
* support platforms which doesn't have EAI_NODATA any more
* adjust configure.ac not to link with librt when ldns is chosen as a resolver
2011-11-28 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.1.991
* switch default resolver from libbind to ldns
* [SPF/SIDF] fix memory allocation error at expanding "p" macro when <ip> has no validated domain names
* [SPF/SIDF] fix misevaluation on domain names longer than 63 characters (thanks to KODAMA Daisuke, NEC BIGLOBE)
* [DKIM] catch up the updates from RFC4871, RFC5672 to RFC6376
* [DKIM] change result from "none" to "permerror" of message without any Author header
* [DKIM] fix mis-canonicalization of header field name includes WSP in "relax" mode
* [DKIM] fix memory allocation error on message with syntax errors in sig-i-tag value
ChangeLog:
1.895 2012-01-15
allow non-ASCII *only in phrase*
1.894 2012-01-14
note that the use of the regex vars is not a great idea
1.893 2012-01-02
reject any non-ascii content in strings
Notable changes in archivemail 0.9.0:
* IMAP: support for international mailbox names containing non-ASCII
characters.
Notable changes in archivemail 0.8.0:
* Removed the feature to setuid to the mailbox owners when run as root.
This was a bad idea; it's really hard to do safely, if at all possible.
Obsoletes: patch #2783134.
* New option --archive-name, or short -a, to hard-code an archive filename.
Like the --suffix and --prefix options, it is expanded with strftime().
This option conflicts with archiving multiple mailboxes. Closes: feature
request #1306538.
* New option --prefix, or short -p, to specify an archive name prefix. Like
a suffix specified with the --suffix option, the prefix is expanded with
strftime(). Specifying this option disables the default archive name
suffix. Obsoletes: feature request #604281. (Thanks Serafeim Zanikolas
for an initial patch)
* New option --all to archive all messages in a mailbox. Closes: #1764846.
* archivemail now expands wildcards in IMAP mailbox names. For example, the
url imaps://user@server/foo/* will expand to all subfolders of foo.
Closes: feature request #1978540. Obsoletes: patch #1918937.
* To determine the delivery date of a message, archivemail now looks for the
timestamp of the latest 'Received' header before resorting to
'Resent-Date' or 'Date'. This should give much better results when there
is no 'Delivery-date' header, which is still checked first.
(Thanks Andrew Ferrier & Christian Brabandt)
Closes: #1481316, #1764855, Debian bug #272666.
* We now omit the dotlock if we don't have sufficient permissions to create
it in the mbox directory. (The file is still locked with lockf.)
Together with more changes under the hood (see below) this means
archivemail can now operate on mbox files in the system mail spool.
Closes: #855269.
* Replaced some simple minded file operation security checks with more
decent ones. This means we can safely operate in /tmp, for example. The
price is that we no longer accept symlinked files. Obsoletes: patch
#1874868.
* The archive now also gets locked while archivemail updates it.
* mbox locking got completely rewritten. Switched from flock to lockf
locking, which is NFS-safe and portable, and we now lock with lockf first,
then with a dotlock, instead of the other way around. (This is makes
archivemail compatible with Debian systems. ;)
while here,
* LICENSE=gnu-gpl-v2
* register egg-info.
== Version 0.1.11 ==
libgmail.py
* Fixed bug that broke attachment support (SF bug #2034927)
* added .author_fullname field for messages
* Don't crash on threads with google chat log (Debian bug #502458)
== Version 0.1.10 ==
libgmail.py
* Use mechanize instead of ClientCookie [Patch #2014779]
* Very basic Unicode support [Patch #1926861]
gmail_transport.py
* New version that uses mechanize
(owing again to Jose Rodriguez)
NOTE: libgmail now depends on mechanize, which
can be downloaded from:
http://wwwsearch.sourceforge.net/mechanize/#download
(in Debian/Ubuntu as python-mechanize, and an easy_install
installer is also available)
== Version 0.1.9 ==
libgmail.py
* Fixed login that was broken for a bunch of new
gmail accounts, thanks to a patch by rhauer
NOTE: libgmail now depends on ClientCookie, which
can be downloaded from:
http://wwwsearch.sourceforge.net/ClientCookie/#download
== Version 0.1.8 ==
libgmail.py
* Added 'search' method to contactLists that returns
an array of contacts who match a given search term
(at some point, the contacts API is long overdue
for a revamp, but for now, hey, why not)
This is a patch by Alex Chiang --WD--
* libgmail now asks for the old Gmail interface,
so that it isn't broken by the new Gmail updates.
(Thanks to Aaron and Stu for work on this)
(Fixes SF bug #1822662)
== Version 0.1.7 ==
libgmail.py
gmail_transport.py
* Applied patch that adds proxy support, both
for passwordless and password-ful proxies
(is that a word?), by Jose Rodriguez --WD+SZ--
== Version 0.1.6.2 ==
libgmail.py
* Bugfix for attachment problems --WD--
(SF Bug #1793026, Patch #1799605 by 'stephster')
archive.py
* Protect messages with a "from" line in them --WD--
(SF Patch #1790809 by 'scop')
== Version 0.1.6.1 ==
libgmail.py
* Bugfix for login problems --WD--
== Version 0.1.6 ==
libgmail.py
* Added support for "Gmail Apps" aka "Gmail For Your Domain" --WD--
This version fixes a couple of processing bugs in the new header
blacklist filter and an access violation that can lead to crashes.
The header blacklist should is [sic] safe to enable now.
This version adds the ability to filter messages based on the content
of their headers. Please note that enabling this feature should
be accompanied by disabling the use of the "softlimit" program. In
addition to fixing some small bugs and a compiling error on Debian
7, it also fixes a series of major bugs that could lead to buffer
overflows. Depending on spamdyke's configuration, these could cause
remotely exploitable security holes. Please upgrade immediately!
Looks like there's a bug in the header blacklist filter. Don't
enable that filter yet.
Fixed config-test message for a graylist domain folder when the domain is not
in the list of local domains from ERROR to INFO. Thanks to Eric Shubert
for reporting this one.
Fixed a bunch of copy-and-paste errors in the option_list array in
prepare_settings() where options were designated
CONFIG_TYPE_STRING_SINGLETON instead of CONFIG_TYPE_OPTION_SINGLETON or
CONFIG_TYPE_STRING_ARRAY instead of CONFIG_TYPE_OPTION_ARRAY.
Fixed configure script errors and compilation warnings on Debian 7, which
enables the new GCC flags -Waddress and -Wunused-but-set-variable by
default. Thanks to Steve Cole for reporting this one.
Added some explanitory comments to spamdyke.h and spamdyke.c.
Added FILTER_FLAG_RETAIN and modified middleman() to buffer any data as long
as it is given.
Added FILTER_FLAG_CHILD_RESPONSE_INTERCEPT and modified middleman() to discard
any input from qmail when it is given.
Added FILTER_FLAG_DATA_CAPTURE and modified middleman() to capture qmail's
response to the end of the message data when it is given.
Fixed output_writeln() to send the data in bursts if more than one line is
given and no CRs need to be inserted. Previously, all data was sent
line-by-line, even though middleman() was trying to send bursts of data when
possible.
Changed middleman() to buffer the names of the accepted recipients until after
the message data is sent, then check qmail's response to the message body
and print ALLOWED/DENIED for each recipient accordingly, along with the text
of qmail's response.
Added the options header-blacklist-entry and header-blacklist-file to block
messages based on the contents of their headers.
Added the option rejection-text-header-blacklist to control the message from
the header blacklist filter.
Added a flag to smtpdummy to force it to reject all message content with an
error.
Added a more complete usage message to smtpdummy.
Fixed a number of very serious errors in the usage of snprintf()/vsnprintf().
The return value was being used as the length of the string printed into
the buffer, but the return value really indicates the length of the string
that *could* be printed if the buffer were of infinite size. Because the
returned value could be larger than the buffer's size, this meant remotely
exploitable buffer overflows were possible, depending on spamdyke's
configuration.
Added options to smtpdummy to make it appear to process authentication (and
unconditionally succeed or fail).
Changed the ALLOWED log message to show the text given by qmail when the
message is accepted.
* Stop to treat NetBSD's sed as GNU sed, not full compatible.
* Then, no need to reset TOOLS_PLATFORM.gsed for NetBSD if USE_TOOLS+=gsed and
real GNU sed is required.
* In addition, convert simple USE_TOOLS+=gsed to conditionally, without NetBSD.
* convert {BUILD_,}DEPENDS+=gsed to USE_TOOLS, all tools from gsed are real gsed.
* Proxying now supports sending SSL client certificate to server with
ssl_client_cert/key settings.
* doveadm dump: Added support for dumping dbox headers/metadata.
* Fixed memory leaks in login processes with SSL connections
* vpopmail support was broken in v2.0.16
contains fixes for PR#45785.
Version 1.4.27:
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Fix a compiler warning with current OpenSSL versions.
This version extends the log messages to show why a blacklist is
matched. It also fixes a few minor bugs.
Added a filter to sendrecv so input containing "\r\n" will be
translated into CRLF without being interpreted as a line
terminator (so multiple commands can be sent in a single "packet")
and input containing "\0" will be translated into NULL bytes
so NULL characters don't have to be embedded in the test scripts.
Added support for the RSET command to smtpdummy.
Added a "priority" field to the input file for dnsdummy to force
some responses to be sent after others, no matter what order
they were received.
Fixed nihdns_mx() to query names for A records using the query
types configured for MX queries, not A queries. Thanks to Eric
Shubert for reporting this one.
Changed smtp_filter() and middleman() to discard any buffered
input after TLS is started. This prevents the injection of
commands into a secure session by sending extra input in the
same packet as the "STARTTLS" command. Not really a security
problem but good practice anyway. Thanks to Eric Shubert for
reporting this one.
Fixed a bug in examine_entry() that was cutting off 1-3 characters
from the end of target_entry every time it was called.
Changed check_ip_in_rdns_keyword() to return the line number of
the matching file as its return value and the name of the
matchine file in a reference variable.
Added reject_reason and strlen_reject_reason to struct rejection_data
to allow the triggered filter to return some text to indicate
why it triggered.
Changed set_rejection() to accept new parameters to set reason
text within the rejection structure if available.
Changed set_rejection() to accept a new parameter to append to
the rejection text if available.
Added reset_rejection() to change either the rejection text or
the reason text within an existing rejection_data structure
without erasing previously-set values.
Changed nihdns_rbl(), check_dnsrbl() and check_rhsbl() not to
accept a format string or build part of the rejection message.
That job belongs to the caller(s).
Changed filter_rdns_blacklist(), filter_rdns_blacklist_file(),
filter_rdns_blacklist_dir(), filter_ip_blacklist(),
filter_ip_in_rdns_blacklist(), filter_dns_rbl(), filter_dns_rhsbl(),
filter_sender_blacklist(), filter_sender_rhsbl() and
filter_recipient_blacklist() to save the reason for their
rejection in the reject_reason variable in rejection_data.
Changed the log messages showing ALLOWED/DENIED to always output
the "reason:" field and fill it with the text returned by the
triggered filter so the sysadmin can figure out what happened
or "(empty)" if no text was saved. Thanks to Eric Shubert for
suggesting this one.
Changed the way DNS timeout values are read from the configuration
file, the command line, /etc/resolv.conf and the environment
so that values given in the config file or on the command line
are not overridden by values in /etc/resolv.conf or the
environment. Thanks to Teodor Milkov for reporting this one.
Changed the reject-empty-rdns filter, the IP-related black/whitelist
filters and the IP-related RBL filters to skip their tests if
the incoming IP address is 0.0.0.0. This is for connections
from IPv6 hosts -- those filters can be skipped until full IPv6
support can be added. Thanks to Daniel Anliker for suggesting
this.
Changed the way the flag FILTER_DECISION_TRANSIENT_DO_NOT_FILTER
is handled by smtp_filter() and middleman() so a transient
non-rejection (e.g a recipient whitelist) isn't held over to
later recipients. The interaction between the recipient whitelist
and the graylist filter was fixed in version 4.0.0 but an issue
still remained between recipient whitelists and other non-transient
rejections like the missing rDNS filter. Thanks to bischowski
for reporting this one.
Changed smtpdummy to use memchr() instead of strchr() so testing
input with NULL bytes will work correctly.
While here, remove paches for ancient Darwin.
Changes to the Cyrus IMAP Server since 2.4.12
* Bug #3565 - fix gcc compiler warnings - thanks Dilyan Palauzov
<dilyan.palauzov@aegee.org>
* Bug #2685 - rename annots in delayed folder delete. Avoids
annotations "reappearing" when a folder is recreated
* Bug #3566 - actually fix in a backward compatible way. 2.4.12 broke
older versions of bison
* Lots of small cleanups from CMU as they prepared to build RSS into
their 2.4 build. Thanks Ken
* Bug #3591/#3609 - fix crash in mupdate on partition move
* Bug #3610 - fix replication of partition move
* Bug #3564 - document the way prefork interacts with multiple
network protocols
* Bug #3586 - allow rename of "\Noselect" if subfolders exist
* A handful of small cleanups (#3593, #3594, #3595) from David Carter
<dpc22@cam.ac.uk>. Very much appreciated
* Disabled duplicate_check DEBUG level log messages by default.
Thanks Philip Prindeville <philipp@redfish-solutions.com>
* Bug #3608 - log mailbox name in more sync failure cases
* Bug #3615 - fix proxyd_disable_mailbox_referrals. Thanks Andrew
Morgan <morgan@orst.edu>
* Bug #3611 - fix crash in sync_mailbox_full if expunge fails
* Backported some nice fixes from master, including safer thread/sort
(there were some crashes on bad messages before)
* Fixed infinite loop on suppress_capabilities with substrings of
other capabilities. Ouch.
* Fixed LIST and LSUB again - this time to make LIST "" "*%" work
without breaking other things
* Bug #3588 - make XFER not break if the wrong server name was used.
The start of making murder safer
* Bug #3603 - tidied up usage of kick_mupdate so it never gets called
on standard murder backends
* Bug #3604 - always suppress the DELETED.* mailbox names, even if
delete_mode is immediate. It means a config change or different
frontend won't show undeletable mailboxes
* Bug #3602 - allow UpperCase in service names to work
Pantomine defines a structure named "timezone" which clashes with the
system definition. It was renamed to "timezonePantomine". While
technically it may result in change in the pkg binary, no PKGREVISION
bump is necessary because it's functionally the same as the previous
version, assuming it actually built on the platform in question.
According to the commit on 2009-12-15, the previous version of mail/cue
(20090209) was patched to support OpenSSL 1.0. However, mail/cue still
uses MD2 which is not built by default by OpenSSL 1.0. The update to
version 20100426 on 2011-11-27 did not improve the situation.
Until mail/cue is fixed upstream or patched here to avoid using MD2, it is
being marked NOT-FOR-DRAGONFLY.
Builtin librarys like com_err should only be used if there is are proper
buildlink3.mk and builtin.mk files for the library, otherwise part of the
point of having the buildlink/builtin system is lost.
There no point in having a buildlink/builtin files for com_err as
currently only three packages use it by itself (mail/cyrus-imapd*) and
using the package suppled library only adds 72K to the package size.
== Tue Apr 26 09:59:56 UTC 2011 Mikel Lindsaar <mikel@rubyx.com>
* Remove ActiveSupport from the dependencies, load Active Support if present, or use internals if not
* Created v2.2 branch for all 2.2 related commits
* Update activesupport require to use inflector - closes#217
* Version bump to 2.3 and gem release
- add an explicit expunge when closing an IMAP mailbox, for servers that
incorrectly do not do this when the mailbox is closed. Thanks: Nicolas
Pomarède.
- fix incorrect section reference for `mailboxes` parameter in documentation.
Thanks: Ross Boylan.
- fix getmail_fetch broken in 4.21.0. Thanks: Chris Donoghue.
Module Name: pkgsrc
Committed By: sbd
Date: Wed Dec 7 20:39:19 UTC 2011
Modified Files:
pkgsrc/mail/cyrus-imapd: Makefile
pkgsrc/mail/cyrus-imapd23: Makefile
pkgsrc/mail/cyrus-imapd24: Makefile
Log Message:
If a package Makefile is going to try and detect a builtin libraray it
should honor the PREFER* variables.
Changes from previous:
version 3.30: Fri Nov 11 09:37:00 EST 2011
- rt.cpan.org#72347: Starttls array ref argument dereferenced twice
[Jonathan Buhacoff]
- during connect(): Port now defaults 143 or 993 if $self->Ssl
[Kodi Arfer]
- stop reconnect deep recursion if server disconnects on login
[Luca Ferrario]
- reconnect() now returns 1 on success; on error undef or 0=recursive
- handle EBADF from syswrite in _send_bytes
- rt.cpan.org#67263: add RFC4978 IMAP COMPRESS Extension support
[SDIZ]
+ new method: compress()
+ new attributes: Compress Readmoremethod
- general code cleanup:
+ new() now always returns $self or undef (never $sock any more)
+ Socket() now always return a socket or undef
+ login() now always return $self or undef
+ _read_more() will now use Readmoremethod if set
- missing second arg '' for encode_base64 causing AUTHENTICATE
PLAIN to fail on lines longer than 76 characters
[Yoshiho Yoshida]
version 3.29: Tue Aug 9 00:33:52 EDT 2011
- rt.cpan.org#69876: ENVELOPE as part of fetch_hash convenience method
[Chris Huttman]
+ added Mail::IMAPClient::BodyStructure::Envelope->parse_string($str)
convenience method for handling ENVELOPE data from fetch_hash
- rt.cpan.org#68310: folders() should not call exists()/STATUS
[Gilles Lamiral]
- affects folders() and subscribed() methods
+ use selectable() instead of exists() in call
- consider removing extra call to folders()/subscribed()
+ ensure separator is set properly in folders()
+ selectable now properly checks for \Noselect flag
+ update folders() POD to match implementation behavior
- rt.cpan.org#68648: [patch]: CAPABILITY after authenticate
[Stef Simoens]
+ delete cache after State set to Authenticate
- State() is no longer an auto-generated method
- rt.cpan.org#68755: provided socket loses blocking in 3.19-3.28
[Martin Schmitt]
version 3.28: Fri Mar 4 00:17:38 EST 2011
- rt.cpan.org#66004: internaldate() return undef if no internaldate in reply
[Jason Long]
- rt.cpan.org#66367: fetch_hash uses Escaped_results() in 3.26/3.27
(redo) rt.cpan.org#63524: fetch_hash() parse errors
[Mathias Reitinger]
+ fetch_hash: only Escape() data in parenthesized list
+ update fetch_hash test and add a new test
- do not touch CRLF in Escape()/Unescape()
- added Escape() method
- rt.cpan.org#66287: flags results truncated due to Maxcommandlength
[Erik Colson]
- rt.cpan.org#65694: SASL PLAIN: bad order of login data
[Willi Mann]
version 3.27: Sun Feb 13 14:37:27 EST 2011
- rt.cpan.org#65694: migrate fails
[Erik Colson]
- rt.cpan.org#65470: uninitialized warning in message_to_file
[Gilles Lamiral, Mark Hedges]
- rt.cpan.org#61835: (DOC) in LIST context undef may be returned
[Stefan Völkel]
+ warn/highlight behavior in docs Errors section
- updated documentation
+ migrate() documentation fixed
+ moved Custom Authentication Mechanisms toward end
+ recommended use of scalar context due to historical API behavior
version 3.26: Mon Jan 31 22:15:04 EST 2011
- *require Perl 5.8.1 as constant use is invalid on 5.6
- rt.cpan.org#63524: fetch_hash() parse errors
[Brian Kroth]
+ fixed handling of LITERAL values in response
+ fixed handling of field names with a dash (e.g. X-SAVEDATE)
+ fetch_hash now uses Escaped_results() method
- *fixed Escaped_results() to properly join LITERAL data with
the data that comes before and after it
- *rt.cpan.org#60945: append_file() does not interpret $date as expected
[Jason Long]
$date should now be 1 (to use the file mtime) or a valid RFC3501 date
- *rt.cpan.org#61292: memory consumption with message_string()/append()
rt.cpan.org#61806: Major problem with one function in IMAPClient
[Gilles Lamiral, Casey Duquette]
+ use @_ / $_[<num>] in critical places to avoid pass by
value memory overhead
+ use in memory files in a few critical places as that code
path in Mail::IMAPClient is significantly more efficient
with internal memory usage
+ *new (undocumented/do-not-use-without-good-reason)
attribute Maxappendstringlength used by append() and
append_string() holds the size (in bytes, default 1 MiB)
that triggers when message SCALAR(s) passed to these
methods will be treated as an in memory file. This
attribute will likely be removed in a future version.
+ *append() and append_string() now call append_file() and
use an im memory file when length($message) is greater
than Maxappendstringlength; other minor code cleanup
+ *message_string() now calls message_to_file() and uses an
in memory file
+ refactor message_to_file() to use internal _imap_uid_command()
+ update _read_line() to be more efficient w/CPU in critical
section by pulling isa() checks out of main loop also
conserve memory by not storing an extra copy of LITERAL
data if the data was put into a filehandle from the caller
+ Memory/working set (KB) comparison (Perl 5.10 cygwin Win7):
- test: message_string on 6.1M msg and then append 6.1M msg
version | start | after message_string | after append
--------+-------+----------------------+-------------
2.2.9 | 7624 | 74404 | 131896
3.25 | 7716 | 74408 | 156532
3.26 | 7684 | 33372 | 42608
- minor arg cleanup of noop() and tag_and_run()
- rt.cpan.org#63444: relax get_envelope(), allow empty reply-to
[Nikolay Kravchenko]
- rt.cpan.org#61068: append_string can invalidate a good $date
- rt.cpan.org#60045: Logout error if delay between BYE and tagged OK
[Armin Wolfermann]
no longer set an error when this happens
- rt.cpan.org#61062: migrate() errors
[Johan Ekenberg]
+ rewrote migrate() to be functional and simple
- Update README and cleanup several old or out of date files
version 3.25: Fri May 28 00:07:40 EDT 2010
- fix body_string parsing bug and added tests in t/body_string.t
[Heiko Schlittermann]
- rt.cpan.org#57661: uninitialized value warning in IMAPClient::thread
[Max Bowsher]
- rt.cpan.org#57337: Correctly handle multiparts in BodyStructure.pm
[Robert Norris]
fixes in Mail::IMAPClient::BodyStructure::bodystructure for
bugs still in release 3.24
- rt.cpan.org#57659: install fails when using cPanel GUI
[Ken Parisi]
hack Makefile.PL to use alarm() and timeout prompt() gracefully
- relax t/basic.t logout() error check (allow 'BYE' instead of 'OK')
- left examples/idle.pl out of MANIFEST for 3.24
version 3.24: Fri May 7 17:02:35 EDT 2010
- rt.cpan.org#48912: wrong part numbers in multipart messages
[Dmitry Bigunyak, Gabor Leszlauer]
- fix Mail::IMAPClient::BodyStructure::bodystructure to
properly assign parts for messages using multipart and also
include .TEXT parts as well (still not including top level
HEADER and TEXT though - bug?)
- allow _load_module() to set $@ and LastError if module load fails
- rt.cpan.org#55527: [no] disconnect during DESTROY
[Stefan Seifert]
- updated logout documentation to correctly state that DESTROY
is not used to force an automatic logout on DESTROY despite
documentation that indicated otherwise
- update append* documentation to match current implementation
- rt.cpan.org#55898: append_file can send too many bytes
[Jeremy Robst]
- avoid append_file corner cases operating on lines instead of buffers
- use binmode on filehandle in append_file
- add tests to t/basic.t for append_file
- rt.cpan.org#57048: _quote_search() using $_ in loop instead of $v
[Matthaus Kiem]
- added examples/idle.pl program showing use of idle and idle_data
- idle_data() should not read/block after server returns data
[Marc Thielemann]
- idle_data() _get_response regexp updated to not match errors
- idle_data() now uses a timeout of 0 by default as documented
- _get_response() now checks for defined($code) to allow $code==0
thing happens from time to time with python27 as with python26.
Whatever's going on apparently strikes randomly, so changing something
and rebuilding successfully doesn't prove that you've fixed it.
* Introduce scripts option to install optional scripts.
Changelog:
Version 1.4.26:
- A new version of the msmtpq script fixes serious bugs. To update to the new
version of the script, you need to remove the old msmtpQ symlink, change
msmtpQ to msmtpq in your MUA config, and use msmtp-queue for queue management.
Changes from previous:
2011-10-26 Hatuka*nezumi - IKEDA Soji <hatuka@nezumi.nu>
* Release 1.012.4.
* Chg: encode_mimewords(): 'B' was advantageous over 'Q' by 4/3 byte
on average...
* Updated address of FSF.
2011-06-05 Hatuka*nezumi - IKEDA Soji <hatuka@nezumi.nu>
* Release 1.012.3.
* Fix: encode_mimewords(): inproper handling of Encoding => 'S'.
* Imp: decode_mimewords(): Broken "Q" encoding also warned: "=" not
leading two hexdigits (raw " " and "\t" are allowed).
* Imp: encode_mimewords(): negative MaxLineLen allows unlimited length
of line.
* Encode::MIME::EncWords: Rewritten. 0.03.
- Any newlines not forming folding white space are preserved.
cf. CPAN RT #68582 for standard encodings.
- Error handling.
* Doc: typos etc.
2011-06-01 Hatuka*nezumi - IKEDA Soji <hatuka@nezumi.nu>
* Release 1.012.2.
* Chg: encode_mimewords(): By 'A' or 'S' encodings, 'Q' will be used
more often: When number of bytes to be encoded exceeds 6th of
entire bytes, words may be encoded by 'B'. In other words,
``S encoding'' is to choose shorter one of 'B' or 'Q' according to
length of maximally-encoded result.
* Fix: encode_mimewords(): Pure ASCII words containing unsafe sequence
ignored Encoding option; encoded by header_encoding() of its charset.
* Updated Encode::MIME::EncWords.
* Added test #03 & #04. Added UTF-8 cases to #02.
2011-05-29 Hatuka*nezumi - IKEDA Soji <hatuka@nezumi.nu>
* Release 1.012.1.
* Unicode/multibyte support on Perl 5.7.3 (experimental).
* New: Encode::MIME::EncWords [alpha release] - Encode module for
"MIME-EncWords", "MIME-EncWords-B", "MIME-EncWords-Q" and
"MIME-EncWords-ISO_2022_JP".
* Requires MIME::Charset >= 1.008.2.
+ Sieve vacation extension: made discard message for implicit
delivery more verbose
- The sieve-test tool: mixed up original and final envelope recipient
in implementation of command line arguments.
- Sieve vacation extension: resolved FIXME regarding the use of
variables in the :handle argument. Variables are now handled
correctly.
- Sieve body extension: fixed handling of :content "message/rfc822".
This now yields the headers of the embedded message as required by
the specification. Handling of :content "multipart" remains to be
fixed.
- LDA Sieve plugin: fixed problem with recipient_delimiter
configuration. Now it falls back to global recipient_delimiter
setting if plugin/recipient_delimiter is not set.
Changes from previous:
0.185 2011-08-11
do not die in t/valid.t when testing for working DNS
(address RT #70157, thanks, Alexey Tourbin)
avoid a pointless warning (mentioned in RT #68312)
check TLD validity before MX records
(address RT #32237, thanks, meyerdigital)
reject addresses with non-ASCII characters
(address RT #50230, thanks, ferreira)
* VSZ limits weren't being enforced for any processes. On server with
large mailboxes you may now see errors about it if the limits aren't
high enough. To fix them, either increase individual service {
vsz_limit } values or simply increase the default_vsz_limit setting.
* Proxying: If using ssl=yes or starttls=yes with a hostname (not IP)
as proxy destination, require that the certificate matches the given
hostname.
* LMTP: Changed default client_limit to 1. This should improve LMTP
throughput with default settings.
* dsync: Quota is no longer enforced (i.e. dsync can't fail because
user is over quota).
+ Added "auto" mail storage driver, which can be used to autodetect
mailbox location and format. This behavior is already the default
for empty mail_location setting, so this change is mainly useful for
shared namespace's location setting.
+ checkpassword: Export all auth %variables to AUTH_* environment.
A bug fix release of 1.8.0.
Now, manager.event_loop_backend and manager.n_workers aren't
experimental!
=== milter manager
==== Improvements
* [applicable-condition][sendmail] clear DNS cache for each 100 IP
addresses.
==== Fixes
* detach IO for launcher on daemon mode.
use milter_client_is_run_as_daemon() to get whether daemonize or
not. [Reported by OBATA Akio]
* add a workaround for Ruby cleanup.
If environment variable
MILTER_MANAGER_RUBY_STOP_TIMER_THREAD_BEFORE_CLEANUP=yes,
skip timer thread before cleanup.
* use rb_fork() as fork implementation.
This will fix --daemon doesn't work on *BSD.
[Reported by OBATA Akio]
* use INCLUDES to use configured libev include path rather than
CPPFLAGS. [Reported by moto kawasaki]
=== milter-core
==== Fixes
* fix missing null FD close by inverted condition.
[Reported by OBATA Akio]
=== milter-client
==== Improvements
* use higher priority for accepting connection.
==== Fixes
* fix a bug that workers don't shutdown on master shutdown. It's
GLib evnet loop backend specific problem.
=== milter-server
==== Improvements
* add more information to error message.
* [server] unify unknown name logging.
==== Fixes
* fix a bug that all milters can't find on 2nd RCPT in the same
session.
=== Ruby milter
==== Improvements
* add Milter::Client::Configuration::MilterConfiguration#name.
==== Fixes
* fix event_loop_created hook can't get event loop.
* do not raise error if process raw shift_jis mail file. Ruby 1.9.
* udpate bundled test-unit file list. [Reported by Hirohisa Yamaguchi]
* [ruby][glib2] fix a SEGV bug on Solaris10.
=== milter-test-server
==== Fixes
* fix quoted charset detection. [Reported by nobu]
* fix multiline header parsing.
* --mail-file keeps new line type of the original mail.
=== Document
==== Improvements
* add log list to HTML.
* fix typos. [Pull requested by Norio Suzuki]
=== Admin
==== Improvements
* use locale "en" if Accept-Language is not "ja".
[Reported by Larry G. Wapnitsky]
8.0 changes:
Thunderbird is based on the new Mozilla Gecko 8 engine
Add-ons installed by third party programs are now disabled by default
New Search and Find Shortcuts
Improved accessibility of the attachment list
Folder switching pane widget has been removed, can be added back with the
Folder Pane View Switcher Add-on
Numerous platform fixes to stability
Fixed several security issues
7.0 changes:
Thunderbird is based on the new Mozilla Gecko 7 engine
Several user interface fixes and improvements
Several fixes to attachment handling
Ability to print a summary of selected email messages
Platform improvements to Address Book
Fixed several security issues
Numerous platform fixes that improve speed, performance and stability
Changes from previous:
0.110001 2011-04-03 16:32:15 America/New_York
prevent Test::MinimumVersion test from causing a requirement on T::MV
and, thus, PPI! Thanks for the report, Matt S. Trout!
0.110000 2011-03-17 21:40:36 America/New_York
provide a much clearer and more fatal error when SASL authentication
has failed because Authen::SASL or MIME::Base64 is not available
Change from previous:
3.004 2011-02-18
If present, MIME::Entity must be v5.501; v5.500 had a regression (or
a bug fix, depending how you look at it) that broke header-reading.
While technically older versions that are not 5.500 would work, it is
much simpler to just require the newest version, rather than to
support a version range with a hole in it.
Postfix stable release 2.8.7 is available. This contains a workaround
for a problem that is fixed in Postfix 2.9.
* The postscreen daemon, which is not enabled by default, sent
non-compliant SMTP responses (220- followed by 421) when it
could not give a connection to a real smtpd process. These
responses caused some remote SMTP clients to return mail as
undeliverable.
The workaround is to hang up after sending 220- without sending
the 421 "sorry" reply; this is harmless.
The complete fix involves too much change for a stable release:
send the 220 greeting, wait for the EHLO command, then send
the 421 "sorry" reply and hang up.
