Pkgsrc changes:
patch-ae, patch-cb and parts of patch-ca has been filed upstream by
people from the OpenBSD project.
Changelog (from NEWS):
* 3.13.2
--------
* Bug fixes:
o bug 2358, '"Disposition-Notification-To:" should default
to same value as "From:'
o bug 3557, 'Remotely exploitable bug.'
o bug 3584, 'After 3.13.1, characters in some Japanese codec
are never correctly converted to internal ones'
* 3.13.1
--------
* When attaching files with no suffix, e.g. Makefile, the correct
mime type is now found.
* Added support for a whole range of extra TLDs.
* '➜' is used instead of '-->' in the Message List when sender is
yourself. (Only visible if the hidden pref 'enable_swap_from' is
set to 0.)
* An external editor can now be embedded in the Compose window.
This depends upon the 'Text editor' option (/Configuration/
Preferences/Message View/External Programs) having a suitable
value, such as 'gvim -f --socketid %w %s'.
* Address Book: address books can now be searched.
* A hidden pref has been added, 'next_on_delete'. This controls the
message selection when a message is deleted. A setting of '0'
which cause the previous, older message to be selected, a setting
of '1' will cause the next, newer message to be selected.
* PDF Viewer plugin: Support for encrypted (password protected) PDFs.
* RSSyl plugin: The feed preferences window appearance has been
improved.
* The --enable-new-addrbook configure option has been renamed to
--enable-alternate-addressbook.
* Windows: Re-enabled regexps.
* updated man page.
* Updated translations: British English, Czech, Dutch, Finnish,
French, German, Hebrew, Hungarian, Italian, Lithuanian,
Norwegian Bokmål, Slovak, Swedish, Traditional Chinese.
* New translations: Russian.
* Removed translations: Bulgarian, Esperanto.
* Bug fixes:
o bug 1959, 'Selection selects too many under expanded view'
o bug 2490, 'Selecting mails through Shift-Home/End doesn't
work properly'
o bug 3151, 'loaded vCalendar plugin "disables" gnome-shells
calendar view entries'
o bug 3375, 'Crash (SEGV) at gtkcmctree.c:4514 after deleting
an unread message'
o bug 3557, 'Remotely exploitable bug.'
o bug 3454, (windows) 'Attachments containing certain special
characters in filename are not opened'
o bug 3480, 'No valid feed found when channel title is
missing'
o bug 3513, 'Can't delete multiple selected e-mails'
o bug 3541, 'Selecting a leaf folder with keyboard no longer
opens it'
o bug 3559, 'Opening preferences window causes out of bounds
read'
o bug 3561, 'HTML <a> tag with no href makes message display
incorrectly.'
o bug 3562, 'Hyperlink Errors URI XMPP, SIP, SIPS and Skype'
o bug 3563, 'URL parser will read out of bounds when closing
bracket is missing in get_url_part'
o bug 3566, 'Missing locales in Eastern name order'
o Debian bug 801375, 'Segfault when activating ... the plugin
with the Code from Google'
o better fix for crash after broken pgp keyring update, and
bogus EOF message on verifying sigs of missing keys
o building on OpenBSD
o libetpan version test
o folder renaming for IMAP on Windows.
* 3.5.0 (stable)
* A fix for ARM architecture was made.
* TLSv1.1 and TLSv1.2 will be enabled for STARTTLS when OpenSSL 1.0.1 or
above is used.
* Some bugfixes and stability improvements were made.
* Win32: more fix for the crash when linked with newer MSVCRT was made.
* Win32: irresponsibe text entries on the first display of the filter
edit dialog were fixed.
* Win32: libpng was updated to 1.4.19.
* Win32: OpenSSL was updated to v0.9.8zh.
* 3.5.0beta3 (development)
* A bug that reorder of filter runes by DnD was not saved was fixed.
* The original file names of attachments are kept when opening them,
and shorter suffixes are added in the case they conflict.
* The crash when displaying HTML messages was fixed (#215).
* The bug that column sizes of the address book were not properly set was
fixed.
* Win32: the bug that maximized state was unset on minimize was fixed.
* Win32: the crash when linked with newer MSVCRT was fixed.
* Win32: dependency on libtiff was removed (GDI+ is used).
* Win32: libjpeg was updated.
* Win32: libpng was updated to 1.4.16.
* Win32: OpenSSL was updated to v0.9.8zg.
* Win32: included SSL certificates were updated.
* 3.5.0beta2 (development)
* Windows / widgets are now adjusted to their optimal sizes by reference
to system DPI value.
* The option to specify startup online mode was added.
* The bug that wrote the first part of data if the message body in the
IMAP4 responses didn't end with CR+LF was fixed (#84).
* The bug that previously selected folder on the file selection dialog
was not remembered with GTK+ 2.24.x was fixed.
* Hebrew translation was added.
* Win32: The bug that 'Minimize to tray icon' didn't work with 3.5.0beta1
was fixed.
* Win32: 'Toggle window on trayicon click' now works.
* Win32: sylpheed.exe executable became DPI-Aware.
* Win32: OpenSSL was updated to 0.9.8zc.
* Win32: included SSL certificates were updated.
* 3.5.0beta1 (development)
* Mbox locking became NFS-safe (#202).
* Configure: silent rules are enabled by default.
* Configure.in was renamed to configure.ac.
* Fade effect was added to the notification window.
* Sylpheed.desktop file was updated.
* Win32: build fix for newer MinGW was made.
* Win32: 32-bit time_t is always used on win32 for backward compatibility.
* Win32: included third-party libraries were updated:
- GTK+ 2.24.23
- GLib 2.38.2
- GDK-Pixbuf 2.30.7
- Pango 1.36.3
- Cairo 1.10.2
- libpng 1.14.13
- GPGME 1.4.3
* Win32: the following issues were fixed because of GTK+ update:
- System Icon issue when ran on Windows 7 (#13, #85)
- Scroll jumping issue on text views when using Japanese IME
- Menus became more native-looking
- File dialogs were improved
- Add ${PERL5_LICENSE}
(upstream)
- Update 0.09 to 1.04
-------------------
1.04 Mon Dec 22 2014
- Removed the locked sub attributes because they seem to have no
gain(no object acces/modification is done)
- Enhanced the POD
- Enhanced the test so they skip if /usr/sbin/makemap is not
insTALLED(might be needed to bundle a .db again)
- In 2012: Enhanced the lookup function so it does correctly check all
variations of an email address
1.01 Tue Nov 10 2009
- Fixed a permissions issue where a test file didn't exist prior
to testing.
- make IMAP class only issue EXPUNGE command on mailbox close if we have
actually deleted any messages from the open mailbox. Makes use of read-
only IMAP folders possible. Thanks: Zoltan Padrah.
Exim version 4.86
-----------------
JH/01 Bug 1545: The smtp transport option "retry_include_ip_address" is now
expanded.
JH/02 The smtp transport option "multi_domain" is now expanded.
JH/03 The smtp transport now requests PRDR by default, if the server offers
it.
JH/04 Certificate name checking on server certificates, when exim is a client,
is now done by default. The transport option tls_verify_cert_hostnames
can be used to disable this per-host. The build option
EXPERIMENTAL_CERTNAMES is withdrawn.
JH/05 The value of the tls_verify_certificates smtp transport and main options
default to the word "system" to access the system default CA bundle.
For GnuTLS, only version 3.0.20 or later.
JH/06 Verification of the server certificate for a TLS connection is now tried
(but not required) by default. The verification status is now logged by
default, for both outbound TLS and client-certificate supplying inbound
TLS connections
JH/07 Changed the default rfc1413 lookup settings to disable calls. Few
sites use this now.
JH/08 The EXPERIMENTAL_DSN compile option is no longer needed; all Delivery
Status Notification (bounce) messages are now MIME format per RFC 3464.
Support for RFC 3461 DSN options NOTIFY,ENVID,RET,ORCPT can be advertised
under the control of the dsn_advertise_hosts option, and routers may
have a dsn_lasthop option.
JH/09 A timeout of 2 minutes is now applied to all malware scanner types by
default, modifiable by a malware= option. The list separator for
the options can now be changed in the usual way. Bug 68.
JH/10 The smtp_receive_timeout main option is now expanded before use.
JH/11 The incoming_interface log option now also enables logging of the
local interface on delivery outgoing connections.
JH/12 The cutthrough-routing facility now supports multi-recipient mails,
if the interface and destination host and port all match.
JH/13 Bug 344: The verify = reverse_host_lookup ACL condition now accepts a
/defer_ok option.
JH/14 Bug 1573: The spam= ACL condition now additionally supports Rspamd.
Patch from Andrew Lewis.
JH/15 Bug 670: The spamd_address main option (for the spam= ACL condition)
now supports optional time-restrictions, weighting, and priority
modifiers per server. Patch originally by <rommer@active.by>.
JH/16 The spamd_address main option now supports a mixed list of local
and remote servers. Remote servers can be IPv6 addresses, and
specify a port-range.
JH/17 Bug 68: The spamd_address main option now supports an optional
timeout value per server.
JH/18 Bug 1581: Router and transport options headers_add/remove can
now have the list separator specified.
JH/19 Bug 392: spamd_address, and clamd av_scanner, now support retry
option values.
JH/20 Bug 1571: Ensure that $tls_in_peerdn is set, when verification fails
under OpenSSL.
JH/21 Support for the A6 type of dns record is withdrawn.
JH/22 Bug 608: The result of a QUIT or not-QUIT toplevel ACL now matters
rather than the verbs used.
JH/23 Bug 1572: Increase limit on SMTP confirmation message copy size
from 255 to 1024 chars.
JH/24 Verification callouts now attempt to use TLS by default.
HS/01 DNSSEC options (dnssec_require_domains, dnssec_request_domains)
are generic router options now. The defaults didn't change.
JH/25 Bug 466: Add RFC2322 support for MIME attachment filenames.
Original patch from Alexander Shikoff, worked over by JH.
HS/02 Bug 1575: exigrep falls back to autodetection of compressed
files if ZCAT_COMMAND is not executable.
JH/26 Bug 1539: Add timout/retry options on dnsdb lookups.
JH/27 Bug 286: Support SOA lookup in dnsdb lookups.
JH/28 Bug 1588: Do not use the A lookup following an AAAA for setting the FQDN.
Normally benign, it bites when the pair was led to by a CNAME;
modern usage is to not canoicalize the domain to a CNAME target
(and we were inconsistent anyway for A-only vs AAAA+A).
JH/29 Bug 1632: Removed the word "rejected" from line logged for ACL discards.
JH/30 Check the forward DNS lookup for DNSSEC, in addition to the reverse,
when evaluating $sender_host_dnssec.
JH/31 Check the HELO verification lookup for DNSSEC, adding new
$sender_helo_dnssec variable.
JH/32 Bug 1397: Enable ECDHE on OpenSSL, just the NIST P-256 curve.
JH/33 Bug 1346: Note MAIL cmd seen in -bS batch, to avoid smtp_no_mail log.
JH/34 Bug 1648: Fix a memory leak seen with "mailq" and large queues.
JH/35 Bug 1642: Fix support of $spam_ variables at delivery time. Was
documented as working, but never had. Support all but $spam_report.
JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command
added for tls authenticator.
- doveadm mailbox list (and some others) were broken in v2.2.20
- director: Fixed making backend changes when running with only a
single director server.
- virtual plugin: Fixed crash when trying to open nonexistent
autocreated backend mailbox.
152 (2015/12/20)
* Fix unescaped left brace in regex is deprecated for Perl 5.22
* Update config.guess and config.sub with autotools-dev 20150820.1
* Add gitlog2imchanges to easily generate 00changes
* Fix a potential path traversal vulnerability.
* Adds some measures against brute-force attacks
RELEASE 1.1.4
-------------
- Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
- Fix duplicate messages in list and wrong count after delete (#1490572)
- Fix so Installer requires PHP5
- Make brute force attacks harder by re-generating security token on every failed login (#1490549)
- Slow down brute-force attacks by waiting for a second after failed login (#1490549)
- Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)
- Fix mail view scaling on iOS (#1490551)
- Fix so database_attachments::cleanup() does not remove attachments from other sessions (#1490542)
- Fix responses list update issue after response name change (#1490555)
- Fix bug where message preview was unintentionally reset on check-recent action (#1490563)
- Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539)
- Fix redundant blank lines when using HTML and top posting (#1490576)
- Fix redundant blank lines on start of text after html to text conversion (#1490577)
- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
- Fix invalid LDAP query in ACL user autocompletion (#1490591)
- Fix regression in displaying contents of message/rfc822 parts (#1490606)
- Fix handling of message/rfc822 attachments on replies and forwards (#1490607)
- Fix PDF support detection in Firefox > 19 (#1490610)
- Fix path traversal vulnerability (CWE-22) in setting a skin (#1490620)
- Fix so drag-n-drop of text (e.g. recipient addresses) on compose page actually works (#1490619)
Changelog:
38.5.0:
Not available
38.4.0:
Fixed Various security fixes
Fixed Fixed issue where messages moves of multiple messages from a maildir folder to an mbox folder failed.
Fixed in Thunderbird 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
== 3.0 / 2015-11-21
* 2 governance changes
* This project and the related mime-types-data project are now exclusively
MIT licensed. Resolves
{#95}[https://github.com/mime-types/ruby-mime-types/issues/95].
* All projects under the mime-types organization now have a standard code of
conduct adapted from the {Contributor
Covenant}[http://contributor-covenant.org]. This text can be found in the
{Code-of-Conduct.rdoc}[Code-of-Conduct_rdoc.html] file.
* 3 major changes
* All methods deprecated in mime-types 2.x have been removed.
* mime-types now requires Ruby 2.0 compatibility or later. Resolves
{#97}[https://github.com/mime-types/ruby-mime-types/issues/97].
* The registry data has been removed from mime-types and put into
mime-types-data, maintained and released separately. It can be found at
{mime-types-data}[https://github.com/mime-types/mime-types-data].
* 17 minor changes:
* MIME::Type changes:
* Changed the way that simplified types representations are creatd to
reflect the fact that +x-+ prefixes are no longer considered special
according to IANA. A simplified MIME type is case-folded to lowercase. A
new keyword parameter, +remove_x_prefix+, can be provided to remove +x-+
prefixes.
* Improved initialization with an Array works so that extensions do not
need to be wrapped in another array. This means that <tt>%w(text/yaml
yaml yml)</tt> works in the same way that <tt>['text/yaml', %w(yaml
yml)]</tt> did (and still does).
* Changed +priority_compare+ to conform with attributes that no longer
exist.
* Changed the internal implementation of extensions to use a frozen Set.
* When extensions are set or modified with +add_extensions+, the primary
registry will be informed of a need to reindex extensions. Resolves
{#84}[https://github.com/mime-types/ruby-mime-types/issues/84].
* The preferred extension can be set explicitly. If not set, it will be the
first extension. If the preferred extension is not in the extension list,
it will be added.
* Improved how xref URLs are generated.
* Converted +obsolete+, +registered+ and +signature+ to attr_accessors.
* MIME::Types changes:
* Modified MIME::Types.new to track instances of MIME::Types so that they
can be told to reindex the extensions as necessary.
* Removed +data_version+ attribute.
* Changed #[] so that the +complete+ and +registered+ flags are keywords
instead of a generic options parameter.
* Extracted the class methods to a separate file.
* Changed the container implementation to use a Set instead of an Array to
prevent data duplication. Resolves
{#79}[https://github.com/mime-types/ruby-mime-types/issues/79].
* MIME::Types::Cache changes:
* Caching is now based on the data gem version instead of the mime-types
version.
* Caching is compatible with columnar registry stores.
* MIME::Types::Loader changes:
* MIME::Types::Loader::PATH has been removed and replaced with
MIME::Types::Data::PATH from the mime-types-data gem. The environment
variable RUBY_MIME_TYPES_DATA is still used.
* Support for the long-deprecated mime-types v1 format has been removed.
* The registry is default loaded from the columnar store by default. The
internal format of the columnar store has changed; many of the boolean
flags are now loaded from a single file. Resolves
{#85}[https://github.com/mime-types/ruby-mime-types/85].
pkgsrc changes:
- Remove patches/patch-src_Makefile.in that seems no more needed
Changes:
Version 1.6.3:
- A bug in SOCKS support was fixed.
- Handling non-fatal errors in TLS handshakes was fixed.
The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
Notmuch 0.21 (2015-10-29)
=========================
General
-------
Notmuch now requires gmime >= 2.6.7. The gmime 2.4 series is no longer
supported.
Database revision tracking: `lastmod:` queries
Each message now has a metadata revision number that increases with
every tagging operation. See the discussion of `lastmod:` in
`notmuch-search-terms(7)` for more information.
Date queries now support `date:<expr>..!` shorthand for
`date:<expr>..<expr>`
You can use, for example, `date:yesterday..!` to match from the
beginning of yesterday to the end of yesterday. For further details,
please refer to the `notmuch-search-terms` manual page.
Notmuch database upgrade to support `lastmod:` queries
The above mentioned `lastmod:` prefix. This will be done
automatically, without prompting on the next time `notmuch new` is
run after the upgrade. The upgrade is not reversible, and the
upgraded database will not be readable by older versions of
Notmuch. As a safeguard, a database dump will be created in the
`.notmuch` directory before upgrading.
Build System
------------
The ruby bindings are now built as part of the main notmuch build
process. This can be disabled with the `--without-ruby` option to
configure.
Building the documentation can be disabled with the `--without-docs`
option to configure.
Skipped individual tests are no longer considered as failures.
Command Line Interface
----------------------
Database revision tracking
Two new options were added to support revision tracking. A global
option "--uuid" (`notmuch(1)`) was added for to detect counter
rollover and reinitialization, and `notmuch-count(1)` gained a
`--lastmod` option to query database revision tracking data.
The `notmuch address` command supports new deduplication schemes
`notmuch address` has gained a new `--deduplicate` option to specify
how the results should be deduplicated, if at all. The alternatives
are `no` (do not deduplicate, useful for processing the results with
external tools), `mailbox` (deduplicate based on the full, case
sensitive name and email address), and `address` (deduplicate based
on the case insensitive address part). See the `notmuch-address`
manual page for further information.
Emacs Interface
---------------
`notmuch-emacs-version` is used in `User-Agent` header
The value of recently introduced variable `notmuch-emacs-version` is
now used as a part of `User-Agent` header when sending emails.
Removed `notmuch-version` function by renaming it to `notmuch-cli-version`
With existing variable `notmuch-emacs-version` the accompanied
function which retrieves the version of `notmuch-command` is
better named as `notmuch-cli-version`.
Query input now supports completion for "is:<tag>"
New message composition mode: `notmuch-compose-mode`
This is mainly to fix fcc handling, but may be useful for user
customization as well.
Allow filtering of search results in `notmuch-show`
Add function to rerun current tree-view search in search mode
Bug fix for replying to encrypted messages in `notmuch-tree` mode
Allow saved searched to specify tree view rather than search view
Applies to saved searches run from `notmuch-hello`, or by a keyboard
shortcut (`notmuch-jump`). Can be set in the customize interface, or
by adding :search-type tree to the appropriate saved search plist in
`notmuch-saved-searches`.
Increase maximum size of rendered text parts
The variable `notmuch-show-max-text-part-size` controls the maximum
size (in bytes) which is automatically rendered. This may make
rendering large threads slower. To get the previous behaviour set
this variable to 10000.
Library
-------
The use of absolute paths is now enforced when calling
`notmuch_database_{open, create}`
New function `notmuch_directory_delete` to delete directory documents
Previously there was no way to delete directory documents from the
database, leading to confusing results when the "ghost" directory
document of a renamed or deleted filesystem directory was
encountered every time the parent directory was being scanned by
`notmuch new`. The mtime of the old directory document was also used
if a directory by the same name was added again in the filesystem,
potentially bypassing the scan for the directory. The issues are
fixed by providing a library call to delete directory documents, and
deleting the old documents in `notmuch new` on filesystem directory
removal or rename.
Database revision tracking
Revision tracking is supported via a new prefix "lastmod:" in the
query parser and the new function
`notmuch_database_get_revision`. For the latter, see `notmuch(3)`.
New status code returning API for n_query_count_{messages,threads}
Deprecated functions
`notmuch_query_search_threads`, `notmuch_query_search_messages`,
`notmuch_query_count_messages`, and `notmuch_query_count_threads`
are all deprecated as of this release. Clients are encouraged to
transition to the `_st` variants supporting better error reporting.
nmbug-status
------------
`nmbug-status` now supports specifying the sort order for each view.
Upstream changes:
1.936 2015-09-10 22:46:29-04:00 America/New_York
- no changes since 1.935, but a stable release
1.935 2015-08-31 16:47:46-04:00 America/New_York (TRIAL RELEASE)
- do not remove too many newlines at the end (bug introduced in 1.926)
Changes from NEWS:
* 3.13.0
--------
* Preferences are now saved to disk immediately on pressing OK or
Apply.
* New preferences have been added for default sorting of the message
lists. They are found in the 'Message list' frame of the Display/
Summaries page of the general preferences. These options only apply
to newly created folders.
* The menu item 'Delete thread' has been moved to the Message menu.
Previously clicking it would not delete the thread, but just move
it to the Trash folder. Now it will delete the thread.
An additional menu item has been added, 'Move thread to trash',
which implements the original behaviour.
* Compose window: By default it is no longer possible to add user-
defined headers, with only those pre-defined in the drop down menus
being possible. To restore the old behaviour, a new hidden
preference has been added: 'type_any_header', setting this to 1
restores the old behaviour.
* Automatic account selection is now also applied when you reply to
one of your own messages, e.g. from the Sent folder.
* Folder list: The Left and Right cursor keys now collapse or expand
the currently selected folder tree item. The Left cursor key also
moves the selection to parent folder, if current folder is within
a collapsed tree.
* Folder list: The Home and End keys now move the selection to the
first folder and last folder in the tree.
* Account Auto-configuration: when errors occur, a more detailed
error message is shown.
* GnuPG plugins: An option has been added to specify the location of
the GnuPG executable.
* GnuPG plugins: A new hidden preference has been added which limits
the number of results returned when using your keyring for address
auto-completion: 'autocompletion_limit'. The default value is 0,
which means there is no limit, any other number will limit the
results to that number.
* Python plugin: Folder has been added to MessageInfo objects.
* The GeoLocation plugin is no longer included.
* The user manual has been updated.
* The man page has been updated.
* Updated translations: Brazilian Portuguese, British English, Czech,
Dutch, Finnish, German, Hebrew, Hungarian, Norwegian Bokmål,
Slovak, Spanish, Swedish.
* New translations: Italian, Traditional Chinese.
* Removed translations: Indonesian, Polish.
* Bug fixes:
o bug 2115, 'Drag n' Drop of files with special characters
crashes CM'
o bug 3209, 'autoconfig does not use full email address as
username'
o bug 3253, 'all addresses of getaddrinfo() result should be
tried'
o bug 3263, 'Wrong timezone while using date_fmt function'
o bug 3296, 'Crash on double notification popup'
o bug 3352, 'found_in_addressbook matches entries from GPG
keyring'
o bug 3454, 'Attachments containing certain special
characters in filename are not opened'
o bug 3473, 'base64 regression with old glib2 (before
2.26.0)'
o bug 3475, 'Attachment dragged to email must be dropped to
attachment tab only - reggresion'
o bug 3483, 'When replying to a *de*crypted message, it is
contained *encrypted* in reply'
o bug 3507, 'build fails w/o GnuTLS'
o bug 3516, 'vCard icon misplaced'
o bug 3524, 'vCard does not decode all quoted-printable
values'
o bug 3531, 'a/z hotkeys crash Claws immediately after
startup'
o make 'date' (not thread date) the default sort when
clicking column header to switch to date sort.
o Several memory leaks in RSSyl.
o IPv6 now works on Windows, for connections not handled by
libetpan.
o GPG preferences initialization.
o Possible crash when gpg is upgraded to gpg-v21
o Save temporary file in mime temporary directory when using
right-click/Open image instead of saving in current working
directory.
o Crash in address completion when matching group name.
o Correct handling of RFC3339 timestamp format with second
fraction.
o Building on GLib older than 2.25.
* 3.12.0
--------
* New plugin: ManageSieve. Manage sieve filters on a server using
the ManageSieve protocol.
* Filtering/Processing: increase range for age matcher condition.
* Filtering/Processing: 'mark_as_spam' now only marks as spam, it
does not do an additional move.
* Compose window: From line gets its own label with mnemonic.
* Compose window: more intuitive right-click behaviour in attachments
list.
* QuickSearch: 'Cc' added to the mixed search: From/To/Cc/Subject/Tag.
* Folder list: Added 'Mark all read recursively' to context menu.
* Support for Mac-cyrillic encoding.
* IMAP: Support for SCRAM-SHA-1 authentication mechanism.
* PGP plugins: Display validity of signatures
* Bogofilter plugin: 3rd spam handling option, 'Only mark as spam'.
* RSSyl plugin: Per-feed support for HTTP basic auth.
* GData plugin: minimum requirement: libgdata 0.17.1
* Several layout improvements to preferences pages.
* Updated user manual.
* Updated man page.
* Updated translations: Brazilian Portuguese, Catalan, Czech, Dutch,
French, German, Hebrew, Hungarian, Norwegian Bokmål, Slovak,
Spanish, Swedish.
...and so much more!
* Bug fixes:
o bug 1769, 'vCalendar timezone glitches'
o bug 1901, 'More descriptive error msgs when attempting to
delete a folder'
o bug 2435, 'Infinite loop+crash when refreshing folders from
dovecot mbox based mailbox'
o bug 2577, 'improve focus rectangle removal in summaryview'
o bug 2601, '"if item changes... never mark as unread" marks
new items as read'
o bug 2965, 'Encrypted mails are stored unencrypted in
'Queue' while sending via IMAP'
o bug 2981, 'claws-mail-3.9.3 compilation warnings'
o bug 3211, 'Fails to build in Debian hurd-i386'
o bug 3321, 'revert "Remove unreachable code"'
o bug 3345, 'Ability to choose other From values via keyboard
has been lost'
o bug 3349, 'Unable to insert a file into a message during
compose.'
o bug 3351, 'Two problems when re-sending a file with an
attachment'
o bug 3354, 'Event cancellation uses incorrect method
parameter for Content-Type header'
o bug 3364, 'segfault in src/prefs_account.c'
o bug 3365, 'segfault in src/wizard.c'
o bug 3380, 'Initialize widget before callback handler for
'clicked''
o bug 3389, 'document 'F12' shortcut'
o bug 3407, 'Pressing the "Date" column header to "sort by
date" causes all columns to have a sort arrow.'
o bug 3419, 'Saving/appending messages to an mbox file
violates RFC#4155'
o bug 3421, 'Recipients list doesn't scroll when moving with
arrow keys.'
o bug 3432, 'Google ClientLogin has been deprecated, should
be migrated to OAuth 2.0'
o bug 3438, 'Filter to add address to Addressbook duplicates
address in Name field'
o bug 3466, 'address auto-complete does not work on plasma5'
o Debian bug 771360, CVE 2010-5109
o Debian bug 771737, 'Segfaults when trying to open folder'
o Debian bug 779824, 'claws-mail depends on plugins
libraries'
o Fix LDAP access using TLS protocol
o claws-mail.desktop installation
o Compose window Subject mnemonic
o Archiver plguin: compatibility with libarchive 2.8.x
o Remove draft when cancelling a message written with an
external editor
o Remove superfluous dynamic link against libarchive
o Fix labels referring to 'SSL' instead of 'TLS'
o Allow single-click to select mailboxes in the mailbox order
dialog.
o tbird2claws.py: set encoding to UTF-8.
ok taca@
Since Makefile 1.59, the iconv option had no effect - reinstate iconv as
being optional.
This update to 1.1.3 makes multibyte and openssl a requirement (and drops
mcrypt support).
RELEASE 1.1.3
-------------
- Fix closing of nested menus (#1490443)
- Fix so E_DEPRECATED errors from PEAR libs are ignored by error_reporting change (#1490281)
- Fix compatibility with PHP 5.3 in rcube_ldap class (#1490424)
- Get rid of Mail_mimeDecode package dependency (#1490416)
- Fix "Importing..." message does not hide on error (#1490422)
- Fix Compose action in addressbook for results from multiple addressbooks (#1490413)
- Fix bug where some messages in multi-folder search couldn't be viewed/printed/downloaded (#1490426)
- Fix unintentional messages list page change on page switch in compose addressbook (#1490427)
- Fix race-condition in saving user preferences and loading plugin config (#1490431)
- Fix so plain text signature field uses monospace font (#1490435)
- Fix so links with href == content aren't added to links list on html to text conversion (#1490434)
- Fix handling of non-break spaces in html to text conversion (#1490436)
- Fix self-reply detection issues (#1490439)
- Fix multi-folder search result sorting by arrival date (#1490450)
- Fix so *-request@ addresses in Sender: header are also ignored on reply-all (#1490452)
- Update to TinyMCE 4.1.10 (#1490405)
- Fix draft removal after a message is sent and storing sent message is disabled (#1490467)
- Fix so imap folder attribute comparisons are case-insensitive (#1490466)
- Fix bug where new messages weren't added to the list in search mode
- Fix wrong positioning of message list header on page scroll in Webkit browsers (#1490035)
- Fix some javascript errors in rare situations (#1490441)
- Fix error when using back button after sending an email (#1490009)
- Fix removing signature when switching to identity with an empty sig in HTML mode (#1490470)
- Disable links list generation on html-to-text conversion of identities or composed message (#1490437)
- Fix "washing" of style elements wrapped into many lines
- Fix so input field (e.g. search box) does not loose focus on list load (#1490455)
- Fix so css of one html part does not apply to other text parts on message display (#1490505)
- Fix XSS issue in drag-n-drop file uploads (#1490530)
- Fix handling of plus character in mailto: links (#1490510)
- Fix so adding CC/BCC recipients from the sidebar unhides compose form fields in Classic skin (#1490472)
- Fix so gc.sh script removes also expired sessions from sql database (#1490512)
- Fix support for Mozilla-based browsers, e.g. Pale Moon (#1490517)
- Fix various issues with Turkish (and similar) locales (#1490519)
- Fix so In-Reply-To header is set also for MDN receipts (#1490523)
- Fix missing HTTP_X_FORWARDED_FOR address in generated Received header
- Fix issue where Content-Length of some attachments could be set to wrong value causing browser errors (#1490482)
Upstream changes:
version 2.118: Thu Feb 26 12:52:42 CET 2015
Fixes:
- imap: reconstruction of foldername from url should be kept
in folderdir.
rt.cpan.org#82983 [Rotkraut]
- ::Body::Scalar::file() did not construct ::FastScalar correctly
[Andrew Beverley]
- fix attribute continuations
rt.cpan.org#90342 [Claus Jeppesen]
Improvements:
- accept blanks in some Content-* fields
rt.cpan.org#99183 [Randy Diffenderfer]
Upstream changes:
1.300021 2015-10-15 13:53:52-04:00 America/New_York
- when SMTP connection fails, include host and port in error
1.300020 2015-09-03 14:00:04-04:00 America/New_York
- no changes since 1.300019
1.300019 2015-08-10 15:48:02-04:00 America/New_York (TRIAL RELEASE)
- only work around Net::SMTP on broken (pre-3.07) versions
- avoid uninitialized warning when delivering to Maildir
* Properly implemented checking of ABI version for Sieve interpreter
plugins, much like Dovecot itself does for plugins. This will prevent
plugin ABI mismatches.
+ Implemented a vnd.dovecot.environment extension. This builds upon the
standard environment extension and adds a few more environment items,
such as username and default mailbox. It also creates a variables
namespace so that environment items can be accessed directly. I am
still thinking about more environment items that can be added.
+ Sieve extprograms plugin: Made line endings of the input passed to the
external programs configurable. This can be configured separately for
each of the three extensions.
+ ManageSieve: Implemented proxy XCLIENT support. This allows the proxy
to pass client information to the back-end.
- ManageSieve: Fixed an assert failure occurring when a client
disconnects during the GETSCRIPT command.
- doveadm sieve plugin: Fixed incorrect initialization of mail user.
This caused a few memory leaks.
- sieve-filter command line tool: Fixed handling of failure-related
implicit keep when there is an explicit default destination folder.
This caused message duplication.
- lib-sieve: Fixed bug in RFC5322 header folding. Words longer than the
optimal line length caused empty lines in the output, which would
break the resulting message header. This surfaced in References:
headers with very long message IDs.
* pop3_deleted_flag has been broken since v2.2.10. Using it would
cause buffer overflows, which could be exploitable. However, this
bug would have become visible quite soon after users had deleted
some POP3 mails, because the pop3 processes would have started
crashing all the time even in normal use.
* "doveadm director flush" command has a changed meaning now:
It safely moves users to their wanted backends, instead of simply
forgetting the mapping entirely and leaving the existing connections
untouched. Use -F parameter to get the original unsafe behavior.
+ Added imap-hibernate processes (see imap_hibernate_timeout setting).
IDLEing IMAP connections can be hibernated, which saves memory.
+ Optimized tracking mailboxes' vsizes (= sum of all messages' sizes).
If mailbox_list_index=yes, it's also stored in there. This makes it
very efficient to look up vsizes for all mailboxes.
+ Added a quota "count" backend, which uses the mailbox vsizes to get
the current quota usage. It requires using the new quota_vsizes=yes
setting, which tracks the messages' "virtual sizes" rather than
"physical sizes". Their distiction is minor and mostly irrelevant
nowadays (if mail sizes should be counted with LF or CRLF newlines).
+ "doveadm director up/down" commands added. The monitoring script
should be using these commands instead of changing the vhost count.
This allows admin to manually disable a server by changing the vhost
count to 0 without the monitoring script changing it back.
+ Added support for HAProxy protocol: http://wiki2.dovecot.org/HAProxy
+ Added push-notification plugin framework, which can be used to
easily implement push notifications to various backends. Implemented
"ox" backend for notifying Open-Xchange via HTTP/json.
+ imap_logout_format supports more variables now, e.g. number of
deleted messages.
+ pop3: Added pop3_delete_type setting (related to pop3_deleted_flag).
+ plugin { fts_enforced=yes } setting now fails body searches unless
it can be done via the full text search engine.
+ Added %{passdb:*} and %{userdb:*} variables to various places
+ auth: Added ":protected" suffix for passdb and userdb fields. If
used, the field doesn't overwrite an existing field.
+ IMAP/POP3 proxy: If a backend server dies, avoid client reconnection
spikes by slowly disconnecting clients over time. This is enabled by
setting login_proxy_max_disconnect_delay=secs passdb extra field.
+ imap: Added new read-only METADATA entries: /private/specialuse,
/shared/comment, /shared/admin
+ imap: If client disconnects in the middle of a command, log how long
the command had been running.
- mdbox: Rebuilding could have caused message's reference count to
overflow the 16bit number in some situations, causing problems when
trying to expunge the duplicates.
- Various search fixes (fts, solr, tika, lib-charset, indexer)
- Various virtual plugin fixes
- Various fixes and optimizations to dsync, imapc and pop3-migration
- imap: Various RFC compliancy and crash fixes to NOTIFY
* 1.4.12 [31 August 2014]
** Fixing bug in distribution tarball.
*** https://github.com/verdammelt/tnef/issues/9
** Fixing autoconf warnings
*** https://github.com/verdammelt/tnef/issues/4
*** https://github.com/verdammelt/tnef/pull/10
** Fixing compilation warning on Fedora
*** https://github.com/verdammelt/tnef/pull/8
* 1.4.11 [12 July 2014]
** Fixing bug when parsing files with multiple value MAPI attributes
*** https://github.com/verdammelt/tnef/issues/3
** Fixing compilation warnings
*** https://github.com/verdammelt/tnef/issues/5
* 1.4.10 [4 November 2013]
** Incorporating documentation patch from bentley (github)
** Fixing small problems from new versions of automake/gcc
* 1.4.9 [29 February 2012]
** Incorporating patches from Engelke Eschner <tekai@gmx.li>
*** (from github: https://github.com/verdammelt/tnef/pull/1)
*** Fixing some memory leaks
*** printing out MIME types
* 1.4.8 [18 April 2011]
** Switched to Git
** Applied patch for man page from Jari Aalto [patch #3104753]
* 1.4.7 [31 January 2010]
** Reverting to older UTF decoding method. The public domain UTF converter
I replaced my buggy/wrong version with was itself buggy and wrong it seems
(didn't work on some platforms).
** Updating main copyright date notice.
* 1.4.6 [25 August 2009]
** Including patch from Randy Diffenderfer for a variety of fixes & tweaks.
** Replacing my buggy/wrong UTF converter code with public domain UTF converter code.
* 1.4.5 [28 Sept 2008]
** Fixing bug when reading from stdin [Bug #2126695]
* 1.4.4 [29 May 2008]
** Small updates after long absense
** Adding --ignore-checksum feature.
Changelog:
New Saved files tab now implements Search field and Clear button.
Fixed (Right-)Clicking on a newsgroup now allows directly composing a message again
Fixed Importing to the address book from CSV now works with international characters
Fixed Thunderbird no longer crashes when executing filter rules when using maildir
Fixed When using the maildir storage format, the INBOX folder is no longer deleted
Fixed Emails with long References headers are now decoded correctly
Fixed Checking for new messages correctly works after hibernation again
Fixed Chat entries are no longer sometimes lost in global database at shutdown.
Release date: 2015-09-13 13:48 UTC
Release state: stable
Changelog:
* Add possibility to add externally created Mail_mimePart objects as
attachments [alec]
* Add possibility to set preamble text for multipart messages [alec]
== 2.6.2 / 2015-09-13
* Bugs:
* Emilio Losada (@losadaem) fixed an error where +each_with_object+'s block
parameters are the inverse of those used by +inject+. Resolves
{#107}[https://github.com/mime-types/ruby-mime-types/issues/107] with pull
request {#108}[https://github.com/mime-types/ruby-mime-types/pull/108].
* Matt Beedle (@mattbeedle) fixed a typo in MIME::Type::Columnar negatively
affecting people who use the +use_instead+ functionality. Resolved in
{#109}[https://github.com/mime-types/ruby-mime-types/pull/109].
* Documentation:
* Juanito Fatas (@JuanitoFatas) fixed a documentation issue with the README
not properly linking internally on the generated rdoc source. Resolved with
{#105}[https://github.com/mime-types/ruby-mime-types/pull/105].
* Development:
* Fixed a minor issue in the IANA registry parser that would generate empty
+text+ xrefs if the +text+ section was empty.
It might still be possible that pkgsrc needs adjustments for gmp loading
if/when we adopt some gmp packages, but until then they serve no purpose
and in fact appear to be harmful. Fixes Firefox startup error message:
addons.manager ERROR Exception calling provider GMPProvider.startup
http://www.sympa.org/distribution/latest-stable/NEWS
for complete list.
Main changes are:
Tracking feature
The tracking feature is a way to request DSN or DSN + MDN when sending
a message to each subscribers. In that case, Sympa (bounced.pl) collect both
DSN and MDN and store them in a new table "notification_table".
Then, for each message, the list owner can display which subscribers has
displayed, received or not received the message. This can be used for some
important lists where list owner need to collect the proof of reception or
display of each message. This page is accessible via archive
Spools back to filesystem
Because of stability and scalability issues, spool for bulk sending no
longer depend on database tables: It is based on filesystem.
Stats
Now Sympa stores data whenever one of the following event occurs:
a message is sent to a list;
a user subscribed to a list;
a user unsubscribed from a list;
a user is added to a list by another user;
a user is removed from a list by another user;
a user is removed from a list by the automatic bounce management;
a file is uploaded to the shared directory;
a file is deleted from the shared;
a message to a list is rejected in moderation;
a user logs in to the web interface;
a user logs out;
a list is created;
a list is deleted;
a list is restored;
a human user (not a harvester) hits a page.
These data are regularly aggregated by the task_manager.
The aggregated data are available to users, owners and listmaster in
their respective interfaces.
Web interface
The most visible is probably the new web interface skin.
It is nicer, simpler, responsive and retains all the customization
capabilities that make Sympa adaptable to your needs.
Exclusion table was just a display of the users excluded. This page is now
a form, similar to the review page, which allows to restore users subscriptions.
Added "Add subscriber" button to modindex page if the sender is not subscribed.
It may be useful because users need not know about SUB command and sympa
command address. The buttons appear only when Web user is the list owner.
The "Customizing" link was moved from main list admin to list config sub
section as list related text files are in a way list configuration parameters
as well.
Better password validation. When the user requests change of password via
WWSympa or SympaSOAP, new password may be checked its strength.
New parameter password_validation may be used to customize policy of password
validation. See help text of the parameter for more details.
Web services
Full VOOT 2.0 protocol support. VOOT is an opensocial subset to manage group
membership. full details on this IETF draft here: http://openvoot.org.
This feature enables Sympa to be both group provider and consumer in the VOOT
protocol.
The soap server now exposes full review with owners, editors and gecos to list masters and list owners.
Plug, plug, plug...
We added or improved several ways to plug new functionnalities in Sympa.
Template plugins
This feature allows to package code to be used in templates. It enables
foreign data integration in Sympa's UI and emails, user specific
UI enhancement and much more! Integrating user targeted data retreived through
a call to a webservice becomes possible in a simple way, automatically adding
info from a database to outgoing emails as well !
Further details here : https://www.sympa.org/manual/templates_plugins
Enhanced custom actions functionality
Custom actions are used to run specific code and/or display user defined
templates. They can be executed in list or global context (it is up to you
to decide what to do in both cases). Previously, a custom action was a
simple TT2 template added to the web interface. It could only display data,
not process them. They were improved to allow greater expressiveness.
You can now develop a perl module to process the data passed to your
custom action.
Warning: AFTER UPGRADING TO 6.2, ANY PRE-EXISTING CUSTOM ACTION MUST BE
MOVED TO THE RELEVANT CUSTOM_ACTION DIRECTORY TO KEEP WORKING.
Mail hooks
Sympa::Message::Plugin provides hook mechanism to intervene in processing by
Sympa. Each hook may modify messages or may break ordinary processing.
This functionnality is quite new and still experimental. Please read the
perldoc of Sympa::Message::Plugin for more details about how to create and enable hooks in message handling.
Custom attributes provisionning
Custom attributes can now be provisionned using external data sources,
the same way as email addresses. For now, only SQL or LDAP datasources are
supported. To use this feature, you need first to define the custom attributes
as previously. This attribute must have the same name as the fields used in
your queries.
Synchronization disabling
In several organizations, nightly maintenances make the datasources
unavailable during some period of times. a new sub-parameter in data sources
definition allow to prevent Sympa from trying to synchronize list members
with these sources during a defined time range.
A recurrent question regarding list inclusion was to be able to extract not the whole list, but only a subset. It is now possible.
include_list parameter value can now look like this:
<listname> filter <filter_condition>
ODBC is now supported for email data sources.
sql, ldap and ldap2 user inclusions now handles gecos. It uses 2nd returned
column for sql and 2nd given attribute for ldap (comma separated).
Now "host" parameter of the LDAP datasource in list config may include URLs
(ldap, ldaps and ldapi) along with hostnames. So "port" and "use_ssl"
parameters
Scenarios
Now CustomCondition can set the action to take (do_it, reject ...) by
setting $_, this allows for complex, single-module CustomConditions.
"[msg_header#field][index]" returns the value of particular field.
Index may be negative. - "[msg_header#field]" still returns list of field
values, additionally, ordering will be preserved. Fixes:
Conditions is_listmaster, is_owner, is_editor and is_subscriber can
handle multiple values.
They also parse arguments as header field values to get address parts.
New parameters
New list parameter: 'member_include'. This parameters allows to defined
.incl files to include list members, the same way it is done for list admins.
This grants extended flexibility in datasources, allowing list owners to tweak
their own data sources without accessing to the actual details of the query
made to gather email addresses.
New sympa.conf config parameter "sender_headers" to specify header fields by
which message sender is detected. This is a enhancement to
S. Shipway's improvement.
RFC: What is the reasonable default for this parameter?
Behavior of one time ticket lock-out is configurable.
Two new robot parameters were introduced:
one_time_ticket_lockout:
"one_time" won't allow access again. This is previous behavior.
"remote_addr" will lock the ticket on remote address accessed at first time.
"open" will never lock-out tickets.
one_time_ticket_lifetime: Duration before ticket expires. Default is "2d", previous hardcoded value.
Changes of list config parameters on archiving. New parameter
"process_archive" controls archiving. The default is "off":
To enable archiving, it must be set to "on" explicitly. OTOH even if
archiving is disabled by setting it "off", past archives will be kept
and accessible according to access settings.
Config files
wwsympa.conf will no longer be used: it would be migrated to sympa.conf.
Alias management uniformization
Now alias maintenance utilities other than newaliases may be used without
special configure options nor patch to alias_manager.pl. Changes:
aliaswrapper and virtualwrapper were deprecated and replaced with sympa_newaliases-wrapper.
New alias management program sympa_newaliases.pl which will typically be
called by alias_manager.pl via sympa_newaliases-wrapper.
New site configuration parameters aliases_db_type and aliases_program will
control behaviour of alias database maintenance.
openssl dependency dropped
openssl(1) utility is no longer required. Instead, a few CPAN modules are required to use S/MIME or SSL features:
Crypt::SMIME
Crypt::OpenSSL::X509
The parameter "openssl" in sympa.conf was obsoleted. Note that p12topem.pl still needs openssl: To make it work, PATH environment variable should be set appropriately.
Internationalization
i18n titles in configuration.
List families scenari
Now you can define a "scenari" directory in the lists family directory.
These scenarii will be available for lists instantiated from this family.
List families addistional files
Until now, only the config.tt2 file was parsed when the family was
instantiated, thus producing the lists' config file. As a lot of other files
can be used to configure a list (footer, header, etc.), we added the
possibility to instantiate these files as well. The list of files parsed
(in addition to config.tt2) when instantiating a family are defined in
a new (sympa.conf and robot.conf) parameter called 'parsed_family_files'.
This parameter must contain a comma-separated list of file names.
If these files exist, with the '.tt2' extension added to their name,
in a family, they will be parsed and added to the list directory.
The default value of the parameter is: 'message.footer,message.header,message.footer.mime,message.header.mime,info'.
These files are updated in existing lists when a family is instantiated.
note that it will overwrite any other customization.
On the web automatic lists
Administration
Widely extended logs when the log_module parameter is activated with the
value 'scenario': all scenario results are evaluated. Remember that extended
logs can be limited by the IP or the email of the user, using the
'log_condition' parameter. log_module and log_condition are now declared in
sympa.conf instead of wwsympa.conf. Remember these parameters syntax:
log_module: can take the value "scenario" - only.
log condition: takes a character string as value. The form is
"ip=<an.ip>,email=<an_email>". You can put ip alone, email alone or both,
with the comma-separated form.
Listmaster notifications can now be grouped. If, for a specific robot,
several notifications are issued within a short period of time with the
same operation code only the first ones are sent, the next ones are stacked.
The stacking ends when no notifications are issued anymore, or when the first
one is too old. All the stacked notifications are then sent as attachments of
a single message. Internal settings : Stack if more than 3 notifications with
the same operation code are issued for the same robot - Send stacked
notifications if no new one satisfying the condition above was received for
more than 30 seconds - Send stacked notifications if the oldest one was issued
more than 60 seconds ago
sympa.pl -health_check checks config files, database connection and structure,
and data structure version.
Daemons such as sympa.pl no longer check database structure nor data version.
File extension of lock files are changed from ".lock" to ".LOCK", because lowercase name can conflict with domain part in the future.
pkgsrc changes:
o Update MASTER_SITES and HOMEPAGE to current reality.
o Convert the package in order to use GNU_CONFIGURE and add aclocal,
auto{conf,make} to USE_TOOLS (the configure is not provided by upstream
and need to be generated).
o Avoid mremap(2) usage. The NetBSD's mremap(2) isn't compatible (and probably
also other systems does not have it) so use mmap(2) instead.
Changes:
o Add support for STARTTLS on IMAP and POP3, from Markus Bachmann.
o Add "lock-wait" option to make fdm wait the global lock (lock-file option)
rather than exiting with an error immediately. Also add "lock-time" option
for the lock file timeout rather than a fixed 10 seconds. Requested by
Todd C. Miller.
o Add "ignore-errors" flag to instruct fdm to ignore delivery errors and
continue to the next mail, requested by Todd C. Miller.
o Delete Courier support.
o Delete regress/*
o Convert fdm to use autoconf and automake
o Various misc bug fixes
certain asserts based on ICE never trigger. Clang makes the choice
earlier to declare the size as unknown, so it would fail the assert.
The check in question is clearly bogus as an array parameter is really
just a fancy way to write a pointer -- no size information is preserved.
The change is from upstream with minor tweaks: use SSLv23_client_method()
that negociate highest possible protocol instead of TLSv1_client_method()
that can only do TLSv1.0. Insecure SSLv2 and SSLv3 are disabled through
SSL_CTX_set_options().
Approved by Thomas Klausner <wiz@NetBSD.org> on behalf of pksrc-pmc
This adds USE_TOOLS of lex and yacc. The build also uses objcopy, but
that's not a tool -- perhaps it should be, but that's a discussion for
after the branch. For now a comment is left about objcopy.
(leaf package)
Database access is now fully abstracted through databases/libzdb and
dbmail itself is agnostic about which backend support is present.
Bump PKGREVSION.
- improved automation to help combat spammers that are abusing
new top level domains;
- tweaks to the SPF support to block more spoofed emails;
- increased character set normalization to make rules easier to
develop and stop spammers from using alternate character sets
to bypass tests;
- continued refinement to the native IPv6 support; and
- improved Bayesian classification with better debugging and
attachment hashing.
An abridged upstream changelog follows...
---------------------------------------------------------------------------
October 25, 2014
amavisd-new-2.10.1 release notes
BUG FIXES
- fixed a missing import of mail_addr_idn_to_ascii() and idn_to_utf8()
when SQL is in use, resulting in:
Undefined subroutine &Amavis::Out::SQL::Log::mail_addr_idn_to_ascii
Undefined subroutine &Amavis::Out::SQL::Log::idn_to_utf8
OTHER
- avoid warnings issued by perl 5.21.5:
Negative repeat count does nothing at ./amavisd line 17218
Missing argument in sprintf at ./amavisd line 3678
- updated documentation in 2.10.0 release notes (new macros);
---------------------------------------------------------------------------
October 22, 2014
amavisd-new-2.10.0 release notes
COMPATIBILITY
- New requirement: perl module Net::LibIDN needs to be installed.
- Uses a perl module File::LibMagic if installed, instead of spawning
a file(1) utility.
- Default log templates and notification templates have changed
in details
- International domain names (IDN) encoded in ASCII-compatible encoding
found in e-mail addresses and in Message-ID header field will be decoded
to Unicode for presentation purposes (syslog, JSON structured log,
notifications). This decoding does not affect a mail message itself.
- Logging via syslog expects that syslogd (or equivalent) will not
clobber UTF-8 octets.
- Third party log parsers may need updating to accept logs with Unicode
characters in UTF-8 encoding.
- A SMTP response to an EHLO command will now announce SMTPUTF8 capability
by default.
BUG FIXES
- releasing a message from an SQL quarantine was broken in version 2.9.1
due to introduction of parent_mail_id()
and Gionatan Danti;
- if checking of a message was aborted prematurely (like due to a timeout
or some fatal error), JSON log could receive a copy of a previous
log entry;
- prevent non-ASCII non-UTF-8 octets from reaching a JSON log/report
(which produced an invalid JSON object and Elasticsearch complaining);
- allow SMTP commands MAIL FROM and RCPT TO to accept options without
values, as allowed by the RFC 5321 syntax;
- in delivery status notification (DSN) the field Received-From-MTA
specified 'smtp' as mta-name-type, instead of a 'dns' as prescribed
in RFC 3464;
- releasing from a quarantine left envelope sender address as '<>'
instead of using the address found in a Return-Path header field
of a quarantined message
- avoid failure in os_fingerprint or in smtp forwarding in certain cases
where the $os_fingerprint_method or $forward_method or $notify_method
uses an asterisk in place of a host IP address or port number.
- files LDAP.ldif and LDAP.schema: added a missing attribute
amavisDisclaimerOptions to objectClass
NEW FEATURES
- added support for Internationalized Email:
- added support for Internationalized Domain Names (IDN) according
to IDNA (RFC 5890, RFC 5891; RFC 3490);
- delivery notifications and admin notifications now show the following
information encoded as UTF-8 (which is a default $bdy_encoding) in the
plain text part of the message: IDN domain names in sender and recipient
mail addresses and Message-ID are first decoded to Unicode, Subject and
author display names are MIME-decoded;
- 'amavisd showkeys' and 'amavisd testkeys' can now deal with IDN
(international domain names): domain names in DNS zone comments
end up as UTF-8, DNS labels are in ASCII (A-labels); domain names in
calls to dkim_key() may be specified either as UTF-8 or in ASCII (ACE);
- new macro 'mail_addr_decode' takes an e-mail address as a string of
octets, where a local part may be encoded as UTF-8, and the domain part
may be an international domain name (IDN) consisting either of U-labels
or A-labels or NR-LDH labels.
- new macro 'mail_addr_decode_octets' is like 'mail_addr_decode', except
that the result is a string of octets, only valid as UTF-8 if the
provided address was a valid UTF-8 (garbage-in/garbage-out);
- new macro 'header_field_octets' is like 'header_field', except that
a result is a string of octets in UTF-8 encoding, suitable for a log
template;
- new macro 'ip_proto_trace_all' expands into a list of information
items from a Received header trace;
- new macro 'ip_proto_trace_public' is like ip_proto_trace_all, except
that entries with non-public IP address are excluded from the list;
- new macro 'protocol' evaluates to a protocol name by which a message
was received by amavisd, according to RFC 3848 ("Transmission Types
Registration") and "Mail Transmission Types" / "WITH protocol types"
IANA registration
- new macro 'client_protocol' expands into a protocol name by which
a message was received from a client by MTA; the information is passed
from MTA to amavisd through XFORWARD PROTO SMTP protocol extension or
through AM.PDP (milter); typical values are 'ESMTP' or 'SMTP';
- use a perl module File::LibMagic when available, instead of spawning
a file(1) utility for classifying contents of mail parts.
OTHER
- RFC 6533: recognize a MIME type 'message/global' as similar
to 'message/rfc822', and 'message/global-headers' as similar
to 'text/rfc822-headers' where appropriate (e.g. in bounce killer);
- header validity check now distinguishes 'non-ASCII and invalid UTF-8'
from 'non-ASCII but valid UTF-8' characters in a mail header section.
- ORCPT attribute in SMTP 'RCPT TO' command now accepts the original
recipient mail address in any of these encodings: utf-8-address,
utf-8-addr-unitext, utf-8-addr-xtext, or as a legacy xtext,
as required by RFC 6533;
- updated do_cabextract (extraction of Microsoft cabinet .cab archives)
to recognize a slightly changed output of cabextract version 1.2;
- adjusted some timeouts to leave more reserve for later stages of
mail processing and forwarding;
- prefer sanitizing/protecting control characters as hex code (like \x7F)
instead of octal (like \177) (e.g. in logging and DSN);
---------------------------------------------------------------------------
June 27, 2014
amavisd-new-2.9.1 release notes
BUG FIXES
- when a $final_bad_header_destiny is set to D_BOUNCE and a mail
message was a DSN or coming from a mailing list, spam checks were
inappropriately skipped (logged as: "bypassing of spam checks,
message will be blocked anyway", which was not true as the blocking
was overruled at a later stage);
- perl 5.20.0 may occasionally report:
"Malformed UTF-8 character (unexpected end of string)"
due to a bug in perl [perl #122148]. Treat this error as non-fatal
and only log a warning in two such cases: when SpamAssassin is called
as a spawned subprocess ($sa_spawned=1) and is returning a result
to a parent process, or when constructing a structured report.
OTHER
- updated decoding of RAR archives to recognize a changed format in output
of 'unrar' utility version 5;
- avoid tempfailing a message if a redis server is down, just log the
error and carry on;
- some minor logging changes to facilitate troubleshooting;
---------------------------------------------------------------------------
May 9, 2014
amavisd-new-2.9.0 release notes
COMPATIBILITY
This version drops dependency on a Perl module Redis, and makes
dependencies on modules Convert::TNEF and Convert::UUlib truly optional.
The following change may affect third-party log parsers:
To facilitate forensic log analysis and troubleshooting, log entries
'FWD from' and 'SEND from' at level 1 now carry one additional
prefixed information field which is the unique internal mail_id of
the message, possibly followed by a parent_mail_id in parenthesis,
e.g.:
(00525-02) XE9xnQYjrWyd FWD from <...> -> <...>, ...
(00495-02) v1pyIOMQkUYD(CIcqao-vCDO9) SEND from <...> -> <...>, ...
NEW FEATURES SUMMARY
- structured log/reporting to a Redis server in JSON format;
- IP address reputation (uses a Redis server);
- added two minor content categories to the major ccat CC_UNCHECKED
(encrypted (=1) and over-limits/mail-bomb (=2) );
- introduced a by-recipient setting %final_destiny_maps_by_ccat.
BUG FIXES
- fixed "Insecure dependency in sprintf" in Sophos SAVI av-scanner,
- fixed the interface code to virus scanners Sophie, Trophie and fpscand,
where a time-out on a long-running virus scan would leave a connection
to the virus scanner open and a late response from a scanner to a
previous request could be interpreted as a result of the current scan;
- fixed a bug in transforming an IPv6 alternative form IP address into
a preferred form. One effect of this bug was declaring an IPv4-mapped
IPv6 address as syntactically incorrect;
- if SQL logging was disabled a pen pals feature was non-functional even
when a Redis storage back-end was available and collecting data; now
pen pals is fully functional with a Redis database back-end and no SQL;
- provided our own Redis client code, avoiding Redis CPAN module bugs,
its slowness and non-support for IPv6.
- fixed a regexp in parsing wildcarded signing domain in a DKIM key
declaration and in a wildcarded sender pattern of signing options.
- dropped hard-coded dependency on modules Convert::TNEF and Convert::UUlib.
The Convert::TNEF was made optional in amavisd-new-2.8.0, but the
program still failed if the module could not be loaded at startup.
- import a missing do_log_safe() in Amavis::LDAP::Connection to avoid
a warning: _WARN: \t(in cleanup)
Undefined subroutine &Amavis::LDAP::Connection::do_log_safe
called at (eval 101) line 76 during global destruction;
- at startup amavis may try to find a decoder for 7z and zip extensions
twice;
- fixed the amavisd-new-courier.patch which resulted in two instances
of sub post_bind_hook(). Only tested for syntax.
NEW FEATURES
- Structured logging/reporting in JSON format is now available through
a redis server.
- IP address reputation
- Added support for decompressing LZ4 streams in mail attachments when
an external utility lz4c is available and the 'file' utility recognizes
such streams (probably since version file-5.17). Default settings
of @decoders and $map_full_type_to_short_type_re now recognize LZ4;
if these settings are replaced by a configuration file, the config
file needs to be updated to include the new entry.
- Added two minor content categories to the major ccat CC_UNCHECKED
to allow distinguishing between reasons of decoders failure.
- introduced a setting %final_destiny_maps_by_ccat, which makes it
possible to specify by-recipient final destiny for each contents
category, e.g. use D_REJECT on spam to some users, and D_BOUNCE or
D_DISCARD or D_PASS for others. Introduced mostly for completeness.
- added a setting $outbound_disclaimers_only. When set to true and
disclaimers are enabled, it will only allow adding disclaimers
to non-local recipients. For backward compatibility the default
value is false (undef)
- the $recipient_delimiter setting can now hold a multi-character string,
specifying all characters that can delimit an address extension from
a base e-mail address. Previously this setting was restricted to a
single character (typically a '+' or a '-').
- added macros report_json and rot13 (to be used in a log template):
* the macro 'report_json' expands to a JSON representation of a
structured log event;
* the macro 'rot13' replaces a string in its argument with an obfuscated
string where letters are shifted by 13 positions of an English
alphabet (a popular variant of a Caesar cipher to conceal spoilers);
this may serve to (poorly) hide strings such as mail Subject or
an e-mail address from casual browsing of a log;
OTHER
- dropped dependency on a CPAN module Redis, implementing our own
client-side redis protocol implementation (Amavis::TinyRedis).
It is faster and smaller, and supports opening sessions with a
redis server over IPv6 (or over IPv4 or over a Unix socket).
- store only essential information for pen pals operation to a Redis
storage back-end to save memory on a database server; information on
inbound messages is no longer stored there, i.e. only information on
originating messages is kept;
- more informative logging of pen pals query results when using a Redis
storage back-end. The redis support code (Lua and protocol handling)
was largely rewritten for efficiency since amavisd-new 2.8.1.
- added LDAP attribute amavisDisclaimerOptions 1.3.6.1.4.1.15312.2.2.1.47
to LDAP.schema;
- reduced EDNS payload size from 1240 bytes to a conservative default
of 1220 bytes when calling Mail::DKIM verifier;
- optimization: filter for public IP addresses from a Received trace
only once;
- added one digit of precision in the TIMING log report to reported small
elapsed times (below 5 ms);
- in a milter setup (AM.PDP) the log-id wasn't unique; adding a request
sequence number to it;
- avoid writing a notification to stdout about a warm reload for the benefit
of a cron job;
- reduced log level on some of the less useful log messages in a milter
setup;
- documentation README.sql-mysql: added "CREATE INDEX msgs_idx_mail_id..."
with a note on an InnoDB requirement for a foreign key;
---------------------------------------------------------------------------
June 28, 2013
amavisd-new-2.8.1 release notes
COMPATIBILITY
- when 0MQ (a.k.a. ZeroMQ) is used between Amavis components as an
internal messaging protocol, make sure to replace all 0MQ-enabled
Amavis components on upgrading amavisd, as the internal protocol
has changed slightly, taking advantage of 0MQ multi-part messages
for better performance. Affected programs are: amavis-services,
amavisd-status, amavisd-snmp-subagent-zmq, and amavisd.
- amavisd is compatible with perl 5.18.0 and with SpamAssassin 3.4.0
BUG FIXES
- fixed a bug in the SMTP client code, where the final SMTP status did
not reflect a failure status of a DATA command from a back-end MTA.
This caused a reception of a mail message to be confirmed but a message
was then lost, as it could not be passed to a back-end MTA. The bug
went unnoticed for years, as the commonly used MTAs normally reject
either at the MAIL FROM, at RCPT TO, or at the data-dot stage, but not
at the DATA command.
- fixed calling an external spam scanner DSPAM or Bogofilter, which
failed with a message:
auto-learning with spam scanner ... failed: error running program
- if a configuration file path as given through a command line option -c
or as an argument to include_config_files() was not an absolute path,
and that file contained an error, the do() would search the @INC list
for alternative files of the same name, and reported an unrelated error
(typically: No such file or directory) instead of reporting the true
reason for a failure;
- fixed a regular expression in amavisd.conf for an 'Avast!' AV entry
to properly extract a virus name;
- added LDAP errors LOCAL_ERROR and OPERATIONS_ERROR to the set of
expected error conditions which lets amavisd retry the failed
operation;
NEW FEATURES SUMMARY
- new Redis storage for the "pen pals" feature;
- improved IPv6 support;
- support for p0f v3;
- new macros ip_trace_all and ip_trace_public;
- amavisd-status now shows a bar graph display
of the number of active processes;
- the timing report log entry can show CPU usage
at log level 2 if a module Unix::Getrusage is available;
- improved IPv6 support: p0f-analyzer.pl can now communicate with amavisd
processes over an INET6 socket (or over an INET or UNIX socket as before).
- rewritten p0f-analyzer.pl to support a newer p0f v3 output format,
while still recognizing an older p0f v2 output format;
- improved IPv6 support: program amavisd-snmp-subagent-zmq can now
attach as an AgentX to a Net-SNMP daemon snmpd over an INET6 socket;
- improved IPv6 support: program amavisd-submit can now submit a mail
message to amavisd over an INET6 socket;
- a macro W can now produce a list of all virus scanners invoked,
along with a list of virus names each scanner detected;
- new macros ip_trace_all and ip_trace_public;
- templates for administrator notifications, recipient notifications,
and sender notifications now use macro 'ip_trace_all' instead of macros
'e' and 't' in order to report the full 'received' trace, not just the
first hop;
- macro supplementary_info recognizes new arguments: VERSION, SUBVERSION,
and RULESVERSION, providing additional information from SpamAssassin
correspond to equivalent SpamAssassin tags;
- a new command line option -X allows controlling some exotic features,
useful for example in debugging or automatic testing.
- a configuration setting $sa_debug may now specify a comma-separated
list of SpamAssassin debug facilities, complementing a similar method
of specifying these facilities through a command line option -d.
- pass the size of an original mail body as a 'supplementary attribute'
to SpamAssassin for the benefit of a 'check_body_length' eval rule
(new with SpamAssassin 3.4.0).
- to the output of amavisd-status add a simple bar graph display (with
an exponential-decay peak indicator) of the number of active processes;
- if a module Unix::Getrusage is available, the timing report log entry
(at log level 2) is enhanced: in addition to total elapsed time
(wall clock) spent in processing a message, it also shows a sum of
CPU user and system times spent by amavisd process and its spawned
processes.
OTHER
- the 'amavisd genrsa' command will now warn if the requested DKIM
signing key size is below 1024 bits, as required by RFC 6376;
- on amavisd startup a check on available private DKIM signing keys
(as declared by dkim_key) will now warn if a key size is below
1024 bits as required by RFC 6376, and log an information message
if a key size is below a configured $dkim_minimum_key_bits size
(defaults to 1024, currently 768 would still be a sensible value);
- for purposes of DKIM-based whitelisting (@author_to_policy_bank_maps)
and @signer_reputation_maps spam scores, valid signatures with
public keys shorter than $dkim_minimum_key_bits bits (default 1024,
equivalent to a lower limit as presently used by Google) are now
ignored, with an informational message logged at level 1.
- consider Unique local addresses (ULA) fc00::/7 non-public (RFC 4193),
dropped site-local addresses fec0::/10 (deprecated by RFC 3879),
adjusting the default setting of @mynetworks accordingly;
- consider the "Shared Address Space" 100.64.0.0/10 non-public (RFC 6598);
- adjust parsing the <zone_id> syntax of a scoped IPv6 address
as per RFC 6874;
- updated an AV entry for a Sophos Anti Virus: the scanning program
used to be named 'sweep', now it is 'savscan';
- updated a default value of @virus_name_to_spam_score_maps: updated
entry for Doppelstern and added entries for Bofhland and PORCUPINE;
- increase an arbitrary sanity limit on %smtp_reason_by_ccat strings
from 100 to 450 characters (RFC 5321 allows 512 character reply lines);
- relax testing file type of a configuration file, now a configuration
may also be passed to amavisd through a named pipe (fifo), possibly
facilitating testing or unusual deployments;
- relax a requirement that a $QUARANTINEDIR directory needs to be
writable: if $*_quarantine_method template settings include a
subdirectory (e.g.: $spam_quarantine_method='local:W%P/spam/%m.gz'),
such subdirectories must already exist and should be writable,
but the top-level $QUARANTINEDIR directory need not be writable;
- convert an IPv4-mapped IPv6 address into a plain IPv4 dot-quad form
when found in Received header fields, in socket local or peer address,
in ADDR field of an XFORWARD smtp extension command, or in an AM.PDP
attribute client_address. See draft-cmetz-v6ops-v4mapped-api-harmful
and draft-itojun-v6ops-v4mapped-harmful for potential caveats;
- drop a support for direct queries to p0f v2, as it never worked well
due to bugs in p0f v2. The p0f v3 changed the query protocol, but
a query does not include port numbers (see RFC 6302), so using the
p0f-analyzer.pl interface is still the only reliable approach;
- use sysread() instead of read() when reading from /dev/urandom
to avoid leaving entropy data in I/O buffers; also changed interface
name to sub read_random_bytes(), which now reads directly into a
scalar buffer, provided by an argument;
- fix uniform random distribution when generating a random PIN for an
attachment password (when releasing and $release_format is 'attach')
(not a security issue);
- added keepalive options to a call to Net::LDAP->new, recognized since
Net::LDAP 0.53;
- removed option inet6 from a default LDAP setup ( $ldap_sys_default ),
as Net::LDAP changed semantics in an incompatible way;
presumably the Net::LDAP now does the right thing by default;
- use a low-level 0MQ interface instead of ZeroMQ / ZMQ abstractions;
(i.e. ZeroMQ raw interface or ZMQ::LibZMQ3 or ZMQ::LibZMQ2);
- taking advantage of 0MQ multi-part messages the number of IP packets
transmitted is now radically decreased in favour of sending larger
but fewer packets;
- when generating 'Abuse Reporting Format (ARF) Reports' add a field
Source-IP and use UTC timestamps in the Arrival-Date field, in accordance
with RFC 6692;
- drop (opportunistic) loading of a module Devel::SawAmpersand and testing
the Devel::SawAmpersand::sawampersand(), variables $&, $` and $' are
no longer slow since Perl 5.17.7, the PL_sawampersand became a constant,
there is no longer any need of report it;
- documentation update: remove vestiges of a field 'spam_modifies_subj'
in README.sql, README.sql-mysql, this field was obsoleted in 2.7.0;
---------------------------------------------------------------------------
June 30, 2012
amavisd-new-2.8.0 release notes
COMPATIBILITY
- removed an old compatibility measure: default value of @banned_admin_maps
was changed from:
@banned_admin_maps = (\$banned_admin, \%virus_admin, \$virus_admin);
to a more consistent:
@banned_admin_maps = (\$banned_admin);
- quarantining to an mbox format file used to include a local time in an
mbox separator line, which differs from RFC 4155 and common practices
of using an UTC timestamp; a time zone of a timestamp in separator lines
is now changed to UTC;
BUG FIXES
- fixed initial evaluation of dynamic (i.e. per policy bank) values of
$enable_dkim_verification, $enable_dkim_signing and $bypass_decode_parts
across all declared policy banks; these policy bank entries may be scalars
of references to such;
- finely adjust a message size for de-stuffed dots according to a size
definition in RFC 1870; avoids occasional message size mismatch when
using an antispam interface module SpamdClient (implementing client-side
of a spamc/spamd protocol);
- updated LDAP.ldif to match LDAP.schema; provided by Quanah Gibson-Mount;
- updated AMAVIS-MIB.txt and amavisd-snmp-subagent: changed type of
SNMP variables *MsgsSize* in the group amavisStats 7 from Counter32
to Counter64 for consistency with other *MsgsSize* variables in groups
amavisStats 3 and amavisStats 9;
NEW FEATURES SUMMARY
- For monitoring and statistics gathering purposes a new set of utilities
and service processes is available based on a message passing paradigm,
using a 0MQ (a.k.a. ZMQ, ZeroMQ, or Crossroads I/O) library. This
replaces a functionally similar set of utilities based on a shared
BerkeleyDB database, with a benefit of avoiding lock contention
altogether. This can bring sigificant speedups, most pronounced on
a host with many busy amavisd child processes.
- Applied numerous fine-grained optimizations based on a NYTProf profiler
results. Optimizations include a reduction in a number of generated
Perl opcodes and similar micro-optimizations. This accounts for a large
amount of small changes in the code.
- Our current statistics (Q4 2011) shows that 80 % of messages are below
30.000 bytes, and 90 % of mail messages are below 100.000 bytes in
size. As an optimization, messages below 100 KiB in size are now kept
and processed in memory, including passing them more optimally to
SpamAssassin 3.4.0. Some file activity is still there, but is much
reduced. If $TEMPBASE also resides on an SSD disk (or a RAM disk),
observed speedup between 2.7.2 and 2.8.0 was 3 to 8 percent on a
busy host (with monitoring disabled, so as not to skew a measurement).
- Use a module IO::Socket::IP if available, instead of dealing directly
with low-level modules IO::Socket::INET and IO::Socket::INET6.
The IO::Socket::IP is a Perl core module since Perl version 5.19.8;
- choose more appropriate defaults if running on an IPv6-only host
(like connecting to ::1 instead of 127.0.0.1 which may not exist);
- amavisd-release now also supports connecting to amavisd over IPv6;
- as a debugging aid it is now possible that a late event triggers full
logging of earlier events that occurred during processing of a current
mail message;
- $enable_ldap setting is now dynamic, i.e. can be changed by a policy
bank, which makes it possible to selectively disable LDAP lookups
per policy bank;
- optionally avoid persistent connections to SQL and LDAP servers;
- it is now possible to disable calling an external file(1) utility
but still have MIME parts decoding enabled;
- added support in Amavis::SpamControl::ExtProg for an external spam scanner
Bogofilter;
- added locking options to @spam_scanners entries, to be used with external
scanners which need but do not implement locking of their resources
by themselves;
- added a global configuration setting $sa_userprefs_file, which is passed
on to SpamAssassin as a 'userprefs_filename' parameter at initialization;
- added a subroutine iso8601_weekday(), potentially useful with partitioning;
- added several new macros available to logging and notification templates;
NEW FEATURES - OTHER
- if a module IO::Socket::IP is available, amavisd will use this module
to create its client-side inet or inet6 sockets, instead of using the
low-level modules IO::Socket::INET and IO::Socket::INET6. This delegates
some of the dirty details handling to IO::Socket::IP, such as using the
getaddrinfo(3) system service to resolve host names, and dealing with
dual-stack multihomed host names. If IO::Socket::IP is not available,
the IO::Socket::INET or IO::Socket::INET6 are used directly instead,
to preserve compatibility. Please use a fairly recent version of
IO::Socket::IP, testing was done with versions 0.08 and 0.16.
- added a subroutine read_cidr() which can read a Postfix style CIDR file,
with a syntax interpreted according a Postfix cidr_table(5) man page.
The subroutine returns a ref to an array by default (but can also
produce a hash, and is able to add data to an existing array or hash).
- as a debugging aid it is now possible that a late event triggers full
logging of earlier events that occurred during processing of a current
mail message.
- the @decoders list is made a bit more flexible: the first entry in
each tuple (a short type name) may be a scalar string as before,
or may be a reference to a list of such names, in which case the
tuple applies to all listed short types.
- support an external decompressor lrzip for a .lrz format.
- $enable_ldap setting is now dynamic, i.e. can be changed by a policy
bank, which makes it possible to selectively disable LDAP lookups
per policy bank.
- optionally avoid persistent connections to SQL and LDAP servers - at
the expense of about 3 to 7 ms elapsed time for a reconnect.
- it is now possible to disable calling an external file(1) utility
but still have MIME parts decoding enabled: $file = undef;
- added Amavis::SpamControl::ExtProg support for an external spam scanner
Bogofilter.
- added Amavis::SpamControl::ExtProg support for auto-learning on external
spam scanners; experimental: works, but may change in future versions;
- added locking options to @spam_scanners entries, to be used with
external scanners which do not implement database locking by themselves.
- added a global configuration setting $sa_userprefs_file (undef by
default), which is passed on to SpamAssassin as a 'userprefs_filename'
parameter during its initialization.
- added a subroutine iso8601_weekday() which takes a Unix time as an
argument (seconds since 1970-01-01T00:00Z), and returns a weekday number
based on local time: a number from 1 through 7, beginning with Monday and
ending with Sunday, as specified in ISO 8601 (EN 28601).
- added a macro 'weekday', which expands to a weekday number
of the current message reception time, as provided by a call
to iso8601_weekday($msginfo->rx_time);
- added a macro 'secret_id', which expands to a secret counterpart to
mail_id, such that: b64_encode(md5(b64_decode(secret_id))) == mail_id.
It is encoded in base64url (RFC 4648), e.g. laL-rCJ6MBTm
(with a counterpart mail_id: XlZbJeFhn4OE).
- added a macro 'mail_id' as a synonym to a macro 'i', which is a
long-term unique mail_id on this system, possibly used in log and in
quarantine names, encoded in base64url (RFC 4648), e.g. XlZbJeFhn4OE
(with a counterpart secret_id: laL-rCJ6MBTm);
- added a macro 'log_id' as a synonym to a macro 'n', which is an
internal log id (also called task id, am_id) as shown in the log
and by amavisd-nanny, e.g. 58725-05-2;
- added a macro 'hexenc', which encodes its string arguments as
hex digits, high nybble first;
- added macros 'b64enc' and 'b64urlenc', which encode their arguments
as base64 strings, removing the final null padding '=' characters.
The 'b64enc' encodes into a character set [A-Za-z0-9+/], while the
'b64urlenc' encodes into a character set [A-Za-z0-9-_] in accordance
with RFC 4648;
- added a macro 'body_digest', which expands to a digest (a hash) of a
body of a mail message as computed by the algorithm chosen by a setting
$mail_digest_algorithm (defaults to 'MD5', can be 'SHA-1' or 'SHA-256').
- added a configuration setting $mail_digest_algorithm which chooses an
algorithm name for generating a mail header digest and a mail body digest.
OTHER
- quarantining to a mbox format file was using mboxo rule for protecting
a "From " line in a mail body, which made an original ">From " line
indistinguishable from a protected From; now a mboxrd format rule is
used, see http://en.wikipedia.org/wiki/Mbox
- make MIME::Parser use $TEMPBASE as a temporary directory for scratch
files instead of its default (which was /tmp, or failing over to a
current directory, disregarding a TMPDIR environment variable).
- distinguish an absence of an SMTP response from a negative SMTP response
in an SMTP/LMTP client code for improved logging/debugging purposes;
report delay time in case of a failure;
- a default value for $inet_socket_bind now reflects the availability
of socket protocol families INET (IPv4) and INET6 (IPv6).
- $forward_method, $notify_method and $requeue_method now default to an IPv6
address of a loopback interface ::1 instead of 127.0.0.1 when INET6 support
is available and INET is unavailable (IPv6-only host);
- remove an existing Authentication-Results header field only if we are
capable of generating our own: keep it if $enable_dkim_verification
is false or if $allowed_added_header_fields{'authentication-results'}
is false;
- add a field "Source-Port:" to "Abuse report format" (ARF) messages
as per draft-kucherawy-marf-source-ports;
- Avira SAVAPI av scanner: only log a warning instead of aborting
when a QUIT command at the end of a session fails;
- load all (both) applicable policy banks when %interface_policy contain
both a "SOCK" entry and a Unix socket path name; and similarly when it
contains both the "IPaddress:port" and a "port" entries.
- make use of a new SpamAssassin 3.4.0 option "skip_prng_reseeding".
- no longer pre-load a module Mail::SpamAssassin::Plugin::SpamCop
to avoid unnecessarily dragging-in modules Net::SMTP and Net::Cmd;
- a spamd client code in Amavis::SpamControl::SpamdClient now obeys an
option 'mail_body_size_limit' in a @spam_scanners entry and truncates
a message passed to spamd (like other spam scanner interfaces do),
instead of skipping a call to spamd.
- modules Convert::TNEF is now made optional, instead of being required;
do not load it if @decoders list is empty;
- avoid a warning issued when encountering an empty ehlo-keyword in a
response to an EHLO command (like on testing with a smtp-sink utility);
- some fine-grained reduction in a number of generated opcodes and
similar tiny optimizations; this accounts for numerous small changes
in the code;
- avoid some warnings issued by Test::Perl::Critic;
- just in case: make sure that our SMTP responses at the incoming session
are truly flushed to the socket and not stuck in a perlio I/O buffer;
- updated 2.7.0 release notes, documenting that a policy bank may also be
loaded based on a path name of a Unix socket receiving a connection;
- updated and clarified schema and instructions in README.sql-pg
- fixed spelling mistakes in comments;
- internal incompatible change: changed arguments and a result of a
subroutine write_header; also, now it rewinds a message file by itself;
---------------------------------------------------------------------------
August xx, 2012
amavisd-new-2.7.3 release notes
BUG FIXES
- fixed a bug in the SMTP client code, where the final SMTP status did
not reflect a failure status of a DATA command from a back-end MTA.
- if a configuration file path as given through a command line option -c
or as an argument to include_config_files() was not an absolute path,
and that file contained an error, the do() would search the @INC list
for alternative files of the same name, and report an unrelated error
(typically: No such file or directory) instead of reporting the true
reason for a failure;
- fixed a regular expression in amavisd.conf for an 'Avast!' AV entry
to properly extract a virus name;
OTHER
- updated an AV entry for a Sophos Anti Virus: the scanning program
used to be named 'sweep', now it is 'savscan';
- documentation update: remove vestiges of a field 'spam_modifies_subj'
in README.sql, README.sql-mysql, this field was obsoleted in 2.7.0;
---------------------------------------------------------------------------
June 30, 2012
amavisd-new-2.7.2 release notes
BUG FIXES
- a generated Received header field was missing the 'IPv6:' prefix
in the TCP-info component of a 'by' subfield (as required by RFC 5321,
section 4.1.3) when amavisd received a message over an IPv6 protocol;
- changed data type of an SNMP variable LogRetries from C32 to C64
for consistency with the MIB;
- updated AV entry 'AVG Anti-Virus' to consider status 403 continuation
lines when searching for a virus name;
OTHER
- reduce a log level to 5 on a log message:
Amavis::IO::RW: Error flushing on close: ...
to avoid an innocent but sinister-looking warning when a pipe
to a virus scanner is broken and needs to be re-established;
- updated an AV entry for 'F-Secure Linux Security' to version 9.14;
- fix a Unix socket compatibility issue with Net::Server versions 2.000,
2.001 and 2.002, where a method NS_unix_path no longer exists.
---------------------------------------------------------------------------
April 29, 2012
amavisd-new-2.7.1 release notes
BUG FIXES
- prevent rmdir() from failing with 'Invalid argument' on Solaris 10 when
deleting a temporary directory: current working directory must not be
within a directory which is about to be deleted;
- forwarding or quarantining through a 'pipe:' method failed with
"Insecure dependency in exec while running with -T switch" when a
sendmail command-line option -N was needed;
- when multiple sockets are specified (e.g. in $forward_method) as a
redundancy/failover mechanism, and SMTP session caching is enabled,
a failed forwarding session does not clear a cached session, so all
further attempts are stuck with the failed server, instead of picking
a different server from the list;
- on establishing a SMTP session when multiple sockets are specified
(e.g. in $forward_method) as a redundancy/failover mechanism, the
random choice never picked the last socket in a list;
- fix defanging by mimedefang, it was failing with perl 5.10 or later
due to an unhandled "Insecure dependency in sprintf" while logging the
result if the $log_level was 2 or higher, or when debugging was enabled;
- fix defanging by Anomy::Sanitizer, it was failing with an error message:
"mangling by anomy failed: replacement size 0, mail will pass unmodified";
- fix the 'xz' entry in a default @decoders list (in files amavisd.conf,
amavisd.conf-default and amavisd); the first two variants ('xzdec' and
'xz') were glued together, so the xz decoder was only available if found
under names 'unxz' or 'xzcat';
- provide a workaround for a bug [rt.cpan.org #64642] in a perl module
Encode, which gratuitously untaints a string when encoding or decoding it.
- avoid the use of Encode::is_utf8 due to a bug in a perl module Encode
as bundled with versions of Perl 5.8.0 to 5.8.8 (fixed in March 2007):
Perl bug tracking: #32687:
Encode::is_utf8 on tainted UTF8 string returns false
https://rt.perl.org/rt3/Public/Bug/Display.html?id=32687
also referenced by #37170:
https://rt.perl.org/rt3/Public/Bug/Display.html?id=37170
- fix a warning: _WARN: Invalid conversion in sprintf: "%a"
- write informational messages during a stop/start/restart to stdout,
instead of to stderr, avoiding unnecessary cron job messages;
- fix a syntactically incorrect 'Avira SAVAPI' av entry (missing
closing bracket) in a sample configuration file amavisd.conf;
- minor: get_body_digest incorrectly logged 8-bit body as 8-bit header;
- no longer insist on a minimal version 2.22 of a module Digest::MD5,
the 'clone' method is no longer needed since amavisd-new-2.7.0;
- do not call $parser->max_parts($MAXFILES) with some old versions
of MIME::Parser which did not yet provide this method;
- pre-load a module File::Glob even with perl 5.8.0, otherwise
autowhitelisting in SpamAssasssin may fail with "Insecure dependency";
- documentation: (files README.sql-mysql and README.sql-pg):
fixed a field name "policy.unchecked_lover", previously incorrectly
specified as "policy.unchecked_lovers_maps";
- documentation: fixed the two SELECT examples in files README.sql-pg and
README.sql-mysql, the field 'select' needs to be qualified with a table
name: 'msgrcpt.content' to avoid ambiguity;
- documentation bug in amavisd.conf-default: 'ESMTP' is not a valid
setting for $protocol, just use 'SMTP' instead;
COMPATIBILITY
- commented out the LHA entry in the default @decoders list and in
do_executable(). The program seems to be unmaintained, was seen crashing
and as such it may pose a security risk;
- due to popular demand, bring the 'spam-tag:' log line back to log level 2
(version 2.7.0 dropped it to log level 3) to retain compatibility with
some log analyzers. Caveat: 'spam-tag' string is now entirely in lowercase.
OTHER
- if a message is quarantined to more than one location using different
quarantine methods, the SQL field msgs.quar_type indicates only the
type of the last one.
- SMTP session caching now no longer re-uses old sessions which are
in use for more than a minute since their establishment;
- having the archive quarantine enabled should not be a sufficient reason
to store information to SQL when $sql_store_info_for_all_msgs is off;
- ClamAV-clamd and ClamAV-clamd-stream av scanners: changed socket name
in a sample configuration file amavisd.conf to /var/run/clamav/clamd.sock
(previously the socket name was /var/run/clamav/clamd);
- documentation updates;
Database and regexp map functionality is now split into separate packages:
- postfix-cdb
- postfix-ldap
- postfix-lmdb
- postfix-mysql
- postfix-pcre
- postfix-pgsql
- postfix-sqlite
Upstream changelog follows.
Postfix 3.0.2
-------------
No delta against 2.11.6.
Postfix 3.0.1
-------------
- Build error when compiling the Postfix SMTP server with SASL support
but no TLS support.
- The DNS "resource record to text" converter, used for xxx_dns_reply_filter
pattern matching, appended a '.' to TXT record resource values.
- The postscreen(8) manpage specified an incorrect Postfix version number
for the postscreen_dnsbl_timeout parameter.
- The postfix-install script expanded macros in parameter values when
trying to detect parameter overrides, causing unnecessary main.cf updates
during "postfix start" etc.
- Some low-level cleanup of UTF-8 string handling with no visible change
in behavior (besides better performance).
Postfix 3.0.0
-------------
- SMTPUTF8 support for internationalized domain names and address
localparts as defined in RFC 6530 and related documents.
- Support for Postfix dynamically-linked libraries and database plugins.
- An OPT-IN safety net for the selective adoption of new Postfix default
settings. If you do nothing, the old Postfix default settings *should*
remain in effect (complain to your downstream maintainer if that is not
the case).
- Support for operations on multiple lookup tables. The
pipemap:{map1,map2...} database type implements a pipeline of lookup
tables where the result from one lookup table becomes a query for
the next table; the unionmap:{map1,map2,...} database type sends the
Should be fix PR pkg/50197.
Here is changes from previous pkgsrc's snapshot.
Version 1.4.23 - SVN
--------------------
...
- Added Solarized Light and Solarized Dark themes, by Pavneet Arora.
- Added associative edit list option widget, with optional folder
list selector for values
- Added option to use blank spacer instead of security image ("This
image has been removed for security reasons.") for replacing
unsafe images.
- Full date and time is used as "title" (mouseover) text for dates
shown on the message list screen
- Custom Stylesheets are now sorted on the Display Preferences page
- $xtra in the displayHtmlHeader function is now available in the
global scope so that plugins can modify it during the generic_header
hook
- Added some generic client-side (JavaScript) libraries (including
an asynchronous server request mechansim). See the new /scripts
directory (plugin authors can refer to the plugin documentation
for how to use them)
- Added optional JavaScript folder list refresh ("check mail")
mechanisms that try to avoid refreshing if server is not responding -
see the $check_mail_mechanism setting in config/config.php or the
"4. General Options ==> "21. Auto check mail mechanism" setting in
the configuration tool. (If you do not update your configuration,
you will get messages in your logs: "PHP Notice: Undefined variable:
check_mail_mechanism in /path/to/squirrelmail/src/left_main.php on
line 322...")
- Added advanced control over the SSL context used when connecting
to the SMTP and IMAP servers over SSL/TLS (thanks to Emmanuel
Dreyfus). You can take a look at $imap_stream_options and
$smtp_stream_options in config_local.example.php in SquirrelMail
version 1.5.2 for more information. These configuration settings
should work the same under 1.4.23:
http://sourceforge.net/p/squirrelmail/code/HEAD/tree/trunk/squirrelmail/config/config_local.example.php
- Added ability to show login error from the IMAP server instead of
traditional "Unknown user or password incorrect" (thanks to Alain
Williams). See $display_imap_login_error in the configuration
file or "4. General Options ==> 22. Display login error from IMAP"
in the configuration tool.
- Configuration tool now shows the SquirrelMail version
- Added new attachments_top hook to src/read_body.php
- When resuming a draft, correct (from) identity is now pre-selected
- Removed overly-restrictive character limitations on address book
nicknames
- Prevent session lock-up caused by filters plugin trying to move
messages in an account that is over quota
- Added MD5 alternative to directory hash calculation
- Added ability for administrator to control whether or not users
can edit their reply-to address ($edit_reply_to in config.php)
- Added new "login_before_page_header" (boolean) hook; allows
plugins to have more explicit control over login page header
Update compressed patch to follow suit.
Remove x-label option since patch hasn't been updated since 1.5.17 (2007).
Comment out sidebar option since patch hasn't been updated yet.
Changes:
1.5.24 contains several new features in addition to bug fixes, perhaps
hinting it's past time to release 1.6.0. At the very least, the Mutt
team would like to encourage everyone to consider this release as
"very close to stable" and suggest anyone still using the 1.4 series
please upgrade.
A few changes were made to the suggested GPG and S/MIME configuration
settings. Please take the time to review the UPDATING file, as well
as the sample gpg.rc and smime.rc files under the contrib
subdirectory.
We'd like to thank everyone who contributed patches, bug reports,
translation, feedback, documentation updates, and testing. We're
grateful for all of your help in making this release happen.
Removed PKG_DESTDIR_SUPPORT=destdir, no longer needed since 2011.
2.1.20 (31-Mar-2015)
- A path traversal vulnerability has been discovered and fixed (CVE-2015-2775)
- There is a new Address Change sub-section in the web admin
Membership Management section
- The Russian translation has been updated by Danil Smirnov.
- The Polish translation has been updated by Stefan Plewako.
- A LookupError in SpamDetect on a message with RFC 2047 encoded headers
in an unknown character set is fixed.
- Fixed a bug in CommandRunner that could process the second word of a
body line as a command word and a case sensitivity in commands in
Subject: with an Re: prefix.
- Fixed a bug in CommandRunner that threw an uncaught KeyError if
the input to the list-request address contained a command word
terminated by a period.
- Changed the response to an invalid confirmation to be more generic.
Not all confirmations are subscription requests.
- Changed the default nonmember_rejection_notice to be more user friendly.
- Added "If you are a list member" qualification to some messages from the
options login page.
- Changed the 'Approve' wording in the admindbdetails.html template to
'Accept/Approve' for better agreement with the button labels.
- Added '(by thread)' to the previous and next message links in the
archive to emphasize that even if you got to the message from a
subject, date or author index, previous and next are still by thread.
2.1.19 (28-Feb-2015)
- The subscribe_auto_approval feature backported from the 2.2 branch and
described above has been enhanced to accept entries of the form
@listname to auto approve members of another list.
- There is a new list attribute dmarc_wrapped_message_text and a
DEFAULT_DMARC_WRAPPED_MESSAGE_TEXT setting to set the default for new
lists. This text is added to a message which is wrapped because of
dmarc_moderation_action in a separate text/plain part that precedes the
message/rfc822 part containing the original message. It can be used to
provide an explanation of why the message was wrapped or similar info.
- There is a new list attribute equivalent_domains and a
DEFAULT_EQUIVALENT_DOMAINS setting to set the default for new lists which
in turn defaults to the empty string. This provides a way to specify one
or more groups of domains, e.g., mac.com, me.com, icloud.com, which are
considered equivalent for validating list membership for posting and
moderation purposes.
- There is a new WEB_HEAD_ADD setting to specify text to be added to the
<HEAD> section of Mailman's internally generated web pages. This doesn't
apply to pages built from templates, but in those cases, custom templates
can be created.
- There is a new DEFAULT_SUBSCRIBE_OR_INVITE setting. Set this to Yes
to make the default selection on the admin Mass Subscriptions page
Invite rather than Subscribe.
- There is a new list attribute in the Bounce processing section.
bounce_notify_owner_on_bounce_increment if set to Yes will cause
Mailman to notify the list owner on every bounce that increments a
list member's score but doesn't result in a probe or disable. There
is a new configuration setting setting
DEFAULT_BOUNCE_NOTIFY_OWNER_ON_BOUNCE_INCREMENT to set the default
for new lists. This in turn defaults to No.
- Mailman's log files, request.pck files and heldmsg-* files are no
longer created world readable to protect against access by untrusted
local users. Note that permissions on existing log files won't be
changed so if you are concerned about this and don't rotate logs or
have a logrotate process that creates new log files instead of letting
Mailman create them, you will need to address that.
- The Python Powered logo image has been replaced in the misc/ directory
in the source distribution. Depending on how you've installed these
images, you may need to copy PythonPowered.png from the misc/ directory
in the source or from the $prefix/icons/ installed directory to another
location for your web server.
- The Polish translation has been updated by Stefan Plewako.
- The Interlingua translation has been updated by Martijn Dekker.
- The Japanese message catalog has been updated by SATOH Fumiyasu.
- Mailman's character set for Romanian has been changed from iso-8859-2
to utf-8 and the templates and messages recoded. This change will
require running 'bin/arch --wipe' on any existing Romanian language
lists in order to recode the list's archives, and will require recoding
any edited templates in lists/LISTNAME/ro/*, templates/DOMAIN/ro/* and
templates/site/ro/*. It may also require recoding any existing
iso-8859-2 text in list attributes.
- Mailman's character set for Russian has been changed from koi8-r to
utf-8 and the templates and messages recoded. This change will
require running 'bin/arch --wipe' on any existing Russian language
lists in order to recode the list's archives, and will require recoding
any edited templates in lists/LISTNAME/ru/*, templates/DOMAIN/ru/* and
templates/site/ru/*. It may also require recoding any existing koi8-r
text in list attributes.
- Mailman's versions.py has been augmented to help with the above two
character set changes. The first time a list with preferred_language
of Romanian or Russian is accessed or upon upgrade to this release,
any list attributes which have string values such as description, info,
welcome_msg, etc. that appear to be in the old character set will be
converted to utf-8. This is done recursively for the values (but not
the keys) of dictionary attributes and the elements of list and tuple
attributes.
- The Russian message catalog and templates have been further updated by
Danil Smirnov.
- The Romanian message catalog has been updated.
- The Russian templates have been updated by Danil Smirnov.
- The Japanese translation has been updated by SATOH Fumiyasu.
- A minor change in the French translation of a listinfo subscribe form
message has been made.
- Because of privacy concerns with the 2.2 backport adding real name to
list rosters, this is controlled by a new ROSTER_DISPLAY_REALNAME
setting that defaults to No. You may wish to set this to Yes in
mm_cfg.py.
- Organization: headers are now unconditionally removed from posts to
anonymous lists. Regexps in ANONYMOUS_LIST_KEEP_HEADERS weren't kept
if the regexp included the trailing ':'. This is fixed too.
- The admindb interface has been fixed so the the detail message body
display doesn't lose part of a multi-byte character, and characters which
are invalid in the message's charset are replaced rather than the whole
body not being converted to the display charset.
- Fixed a bug in bin/rmlist that would throw an exception or just fail to
remove held message files for a list with regexp special characters in
its name.
- When applying DMARC mitigations, CookHeaders now adds the original From:
to Cc: rather than Reply-To: in some cases to make MUA 'reply' and
'reply all' more consistent with the non-DMARC cases.
- The Subject: of the list welcome message wasn't always in the user's
preferred language. Fixed.
- Accept email command in Subject: prefixed with Re: or similar with no
intervening space.
- Fixed a UnicodeDecodeError that could occur in the web admin interface
if 'text' valued attributes have unicode values.
- We now catch the NotAMemberError exception thrown if an authenticated
unsubscribe is submitted from the user options page for a nonmember.
- Fixed an archiving bug that would cause messages with 'Subject: Re:'
only to be indexed in the archives without a link to the message.
- The vette log entry for a message discarded by a handler now includes
the list name and the name of the handler.
- The options CGI now rejects all but HTTP GET and POST requests.
- A list's poster password will now be accepted on an Urgent: header.
- Fixed a bug which caused a setting of 2 for REMOVE_DKIM_HEADERS to be
ignored.
- Renamed messages/sr/readme.sr to README.sr.
- Moved the dmarc_moderation_action checks from the Moderate handler to
the SpamDetect handler so that the Reject and Discard actions will be
done before the message might be held by header_filter_rules, and the
Wrap Message and Munge From actions will be done on messages held by
header_filter_rules if the message is approved.
- <label> tags have been added around most check boxes and radio buttons
and their text labels in the admin and admindb web GUI so they can be
(de)selected by clicking the text.
- If checking DNS for dmarc_moderation_action and DNS lookup is not
available, log it.
- Handle missing From: header addresses for DMARC mitigation actions.
0.9.10:
* Do not dereference null pointer on learning.
* Fix some extreme cases in BAYES.
* Add a workaround to avoid bad HTML messages breaking.
* Build with -O2 flags by default.
* Add constraints to limit DNS requests count per task.
* Add workaround for SURBL DNS flood.
* Set error if rspamd cannot learn anything.
0.9.9:
* Don't use RWL_SPAMHAUS_WL (unknown result) for whitelisting (by @fatalbanana)
* Import updated public suffix list (by @fatalbanana)
* Remove debug message
* Fix settings (by @fatalbanana)
* Remove duplicated symbol registration
* Use WAL for fuzzy storage
* RBL fixes (by @fatalbanana):
- silence errors;
- yield unknown results from RBLs;
- fix scoring for DNSWL;
- fix use of RBL name as symbol;
- ignore RBL names that would not be yielded;
* Support captures in regular expressions
* Add captures support to lua_regexp
* Support dist on FreeBSD and Darwin
* Add RCVD_IN_DNSWL_NONE as whitelisting exclusion (by @fatalbanana)
* Multiple fixes to URL detection:
- support port definition;
- fix query and path recognition;
- fix parsing of multiple slashes in URL;
- fix parsing query just after port;
- fix path field in `url:to_table` method;
- improve support of IP based URLs.
* Set ignore_whitelists = true for RECEIVED_SPAMHAUS_XBL (by @fatalbanana)
* Add GTUBE support
* Ignore User header in SA mode
0.9.8:
* Fix critical bug in bayes classifier (#305)
* Fix critical bug in RBL module (by @fatalbanana)
* Fix and rework settings plugin.
* Fix get_all_opts for a case of non-iterable options.
* Use tld for redirector's matching.
0.9.7:
* Add whitelist_exception setting to RBL module (by @fatalbanana)
* Don't use RWL_MAILSPIKE_POSSIBLE or DNSWL_BLOCKED for whitelisting (by
@fatalbanana)
* Fix extreme cases in bayes classifier.
* Fix parsing of urls with '?' at the end of hostname.
* Update interface.
* Fix number of issues with webui interaction.
* Fix saving maps.
* Allow user@ and @domain matches in multimap.
* Fix issues with bounces From processing.
* Fix abs/fabs misuse.
* Fix builds on suse and arch linux distributions.
0.9.6:
* Fix memory leak if mime cannot be parsed.
* Fix dkim cache expiration.
* Fix issues with redirector HTTP response.
* Fix abnormal connection closing with certains messages with a high score
(issue #296)
* Fix redirector installation.
* Use specific POE loop for some systems.
* Fix number of issues in URL redirector.
* Fix selecting URLs for sending to redirector.
Changelog:
Changed Hardware acceleration is now disabled by default to avoid crashing Thunderbird
Fixed A few bugs have been fixed to avoid crashing Thunderbird
Fixed in Thunderbird 38.2
2015-90 Vulnerabilities found through code inspection
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Notmuch 0.20.2 (2015-06-27)
===========================
Emacs Interface
---------------
Bug fix for marking messages read in `notmuch-tree` mode.
Notmuch 0.20.1 (2015-06-01)
===========================
Test Suite
----------
Work around apparent gdb bug on arm64
Notmuch 0.20 (2015-05-31)
=========================
Command-Line Interface
----------------------
There is a new `mimetype:` search prefix
The new `mimetype:` search prefix allows searching for the
content-type of attachments, which is now indexed. See the
`notmuch-search-terms` manual page for details.
Path to gpg is now configurable
On systems with multiple versions of gpg, you can tell
notmuch which one to use by setting `crypto.gpg_path`
Emacs
-----
Avoid rendering large text attachements.
Improved rendering of CID references in HTML.
Vim
---
Vim client now respects excluded tags.
Notmuch-Mutt
------------
Support messages without Message-IDs.
Library
-------
Undeprecate single message mboxes
It seems more trouble to remove this feature than expected, so
`notmuch new` will no longer nag about mboxes with a single message.
New error logging facility
Clients should call `notmuch_database_status_string` to retrieve
output formerly printed to stderr.
Several bug fixes related to stale iterators
New status code returning API for n_query_search_{messages,thread}
Fix for library `install_name` on Mac OS X
Fix for rounding of seconds
Documentation
-------------
Sphinx is now mandatory to build docs
Support for using rst2man in place of sphinx to build the
docmumentation has been removed.
Improved notmuch-search-terms.7
The man page `notmuch-search-terms(7)` has been extended, merging
some material from the relicensed wiki.
Contrib
-------
`notmuch-deliver` is removed. As far as we know, all functionality
previously provided by `notmuch-deliver` should now be provided by
`notmuch insert`, provided by the main notmuch binary.
nmbug-status
------------
`nmbug-status` now only matches local branches when reading
`status-config.json` from the `config` branch of the `NMBGIT`
repository. To help new users running `nmbug-status`, `nmbug clone`
now creates a local `config` branch tracking `origin/config`. Folks
who use `nmbug-status` with an in-Git config (i.e. you don't use the
`--config` option) who already have `NMBGIT` set up are encouraged to
run:
git checkout config origin/config
in their `NMBGIT` repository (usually `~/.nmbug`).
limitations like NetBSD.
o Explicity disable readline support that - at least - on some Darwin
systems was automatically detected.
o Bump PKGREVISION (the readline change can affect also platforms where readline
was automagically recognised and used)
Thanks to sevan@ for testing the patches.
Upstream changes:
1.012 2015-03-28 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* CPAN RT #100839: Malformed JSON in META.json.
1.011.3 2014-12-10 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Use "eval 'require ...'" to import optional encoding modules.
Overridden $SIG{__DIE__} can pass "eval 'use ...'".
* Replace META.yml with META.json.
1.011.2 2014-11-27 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Added module CPAN to configure_require for inc::Test::AutoInstall.
* Added POD2::Base to recommended feature.
* Fix: wrong prototype for _resolve_S().
* Move repository to github.
1.011.1 2013-10-07 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Fix: "shift_jis-2004" did not depend on Encode::JISX0213 but
Encode::ShiftJIS2004.
* Chg: Added gb18030 to extended mapping of GB2312.
* Updated inc::Module::Install to version 1.01.
1.011.0 2013-09-26 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Use Encode::JISX0213 instead of Encode::JIS2K which was not
fully implemented.
* Added support for iso-2022-jp-2 and JIS X 0213 encodings.
* Reformat Changes file to suit to CPAN::Changes::Spec.
1.010.1 2013-08-25 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* No new features.
* CPAN RT #86917: Invalid META.
* Move Japanese documentation under POD2::JA.
1.010 2013-04-09 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Fix: UTF-16 & UTF-32 encoders are died by the texts without BOM.
* Added a test #6 and some cases to test #4.
* Changed layout of distribution.
1.009.3 2012-12-30 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* No new features.
* CPAN RT #77715: Spelling mistake in documentation.
* Bug on CPAN site: cannot render PODs including "=item" with
non-ASCII.
1.009.2 2012-06-02 Hatuka*nezumi - IKEDA Soji <hatuka(at)nezumi.nu>
* Fix: detect_7bit_charset(): if charset was unknown, returns undef
instead of "US-ASCII".
* COPYING: Updated the address of FSF.
Upstream changes:
1.907 2015-02-03 17:48:10-05:00 America/New_York
- restore 5.8.x compatibility
1.906 2015-02-03 16:48:11-05:00 America/New_York
- the test suite tests parses more directly, which eliminates a number
of misleading (and possibly wrong) test cases
- escaped characters in a quoted string are now properly unescaped
for the ->phrase method, which means things should round trip better
from their decomposed form
Add LICENSE
Upstream changes:
Version 0.8.21
- fixed the case in the header names (Content-type -> Content-Type)
- fixed the encoding of non-ascii stuff in headers (RFC 2047)
- fixed using the ctype even for body with MailFile
Version 0.8.23
- fixed problems with long subjects containing accentuated characters
- fixed problems with IO::Socket::SSL
- trims addresses passed in an array (per request)
- changed licence per request from Fedora
- fix to allow very long passwords
- fix error in TestServer()
Update DEPENDS
Comment out CONFLICTS and SUPERSEDES lines since p5-Email-MIME-Creator and p5-Email-MIME-Modifier had been removed from pkgsrc 5 years ago.
Upstream changes:
1.934 2015-08-01 20:33:57-04:00 America/New_York
- fix debug_structure for multipart mail with only one subpart
1.933 2015-07-25 09:30:56-04:00 America/New_York
- correct Email::Simple prereq
- skip omitting content-type attributes with undef value
1.932 2015-07-24 22:24:06-04:00 America/New_York
- stable release of previous trial releases
- see v1.930 and v1.931, below
1.931 2015-07-12 17:31:01-04:00 America/New_York (TRIAL RELEASE)
- When doing parts_set to become single-part, do not lose the charset
and set the mail to us-ascii.
This is almost certainly a half measure, and this whole hunk of code
should be improved.
1.930 2015-03-25 22:58:42-04:00 America/New_York (TRIAL RELEASE)
- rely on the new header_raw methods in new Email::Simple
1.929 2015-02-17 09:31:35-05:00 America/New_York
- try not to lose unrecognized content-type parameters
- avoid copying the body content when not needed during construction
1.928 2014-12-15 21:47:49-05:00 America/New_York
- when converting from single part to multipart, drop
Content-Transfer-Encoding and Content-Type's charset property
- update subparts in walk_parts if stringification changes
1.927 2014-12-04 10:19:58-05:00 America/New_York
- add header_str_pairs; like header_pairs, but decoded
- remove Email:MIME::Creator from synopsis
1.926 2014-01-28 23:28:41-05:00 America/New_York
- improve EOL processing with quoted-printable (thanks, Tomohiro
Hosaka!)
- avoid uninitialized warnings [rt.cpan.org #91707]
1.925 2013-11-08 07:01:03 America/New_York
- improve reliability of mail reconstruction during walk_parts (thanks,
Tomohiro Hosaka!)
Upstream changes:
2.208 2015-07-20 20:34:04-04:00 America/New_York
- same as v2.207
- ...but bump perl required to v5.8
2.207 2015-07-04 14:23:36-04:00 America/New_York (TRIAL RELEASE)
- fold headers passed to header arg in create method
https://github.com/rjbs/Email-Simple/issues/7
2.206 2015-03-26 23:30:51-04:00 America/New_York
- the changes from 2.204 are back (and re-listed here), but now with
the added benefit of not breaking Email::MIME; see the git repository
for the sordid details
- provide header_raw and header_raw_set for consistent behavior between
Email::Simple and Email::MIME; also, header_raw_pairs
2.205 2015-03-26 14:54:45-04:00 America/New_York
- undo changes from 2.204 until safe Email::MIME upgrade path is
available
2.204 2015-03-25 22:50:49-04:00 America/New_York
- provide header_raw and header_raw_set for consistent behavior between
Email::Simple and Email::MIME; also, header_raw_pairs
IMAPFilter 2.6.2 - 30 Jun 2015
- Bug fix; drop connection on local certificate mismatch.
IMAPFilter 2.6.1 - 29 Jun 2015
- Support for loading the system's CA certificates from a file.
- Bug fix; flusing of standard output/error in a some cases.
IMAPFilter 2.6 - 16 Jun 2015
- Optimizations that vastly improve performance of the meta-searching
functionality, by making subsequent search requests limit their scope based
on the results already returned by previous requests (previously this was
the case only for the match_*() methods).
- Lua 5.3 compatibility (the codebase can still be compiled with versions 5.2
and 5.1).
- A new "limit" option can be used as a work-around for problems that some
servers have with long requests.
- The documentation now clarifies how to make the client block indefinitely.
- Bug fix; the check_status() method now returns 4 numbers on error as
described in the documentation (just negative values in this case).
- Bug fix; flushing of default output on password prompt.
- Bug fix; program fault when very long requests were to be sent.
IMAPFilter 2.5.7 - 16 Nov 2014
- Support for automatic validation of SSL connections, using the operating
system's installed trusted CA certificates (usually from authorities that
are shipped with web browsers).
- A new "wakeonany" option makes it possible to end IDLE mode on any event,
not just on new messages.
- A new "reenter" option controls whether IDLE mode should be re-entered,
after the recovery of the session, which makes it possible to continue with
the execution of the next line in the configuration file.
- The documentation now mentions that the contain_*() methods do
case-insensitive searching (an IMAP limitation).
- The documentation now has a better explanation of the arrived_*() and
sent_*() methods.
- Bug fix; the value returned by the copy method was incorrect in some cases.
With all supported Postfix releases, the default settings have been
updated so that they no longer enable export-grade ciphers, and no
longer enable the SSLv2 and SSLv3 protocols. These ciphers and
protocols have little if any legitimate use today, and have instead
become a vehicle for downgrade attacks. There are no other code
changes.
Postfix documentation has been updated to reflect the new default
settings and their rationale; the RELEASE_NOTES give suggestions
for how to enable the old ciphers and protocols if your infrastructure
requires them.
Finally, abandoning deprecated ciphers and protocols does not really
improve TLS security without measures to better authenticate remote
servers. Secure DNS and TLSA are steps in that direction.
* Fix mozilla-common.mk inclusion.
Changelog:
What's New
Fixed Copy/Paste into plain text editor deletes newlines from quoted text (bug 1143570)
Fixed Cross-posts won't send because Newsgroups: groups are separated with comma+space, not just comma (bug 1151448)
Fixed Cannot send email through exchange server (NTLM) (bug 1174159)
Fixed Doesn't display GB2312 encoded texts correctly for Chinese Characters (bug 1174580)
Fixed OAuth2 authentication for GMail does not work when specified server is imap.gmail.com or smtp.gmail.com. (bug 1176773)
Known Issues
unresolved Import from Outlook and Eudora disabled, code currently not working (bug 1175055)
Mozilla Thunderbird is a redesign of the Mozilla mail component. The
goal is to produce a cross platform stand alone mail application using
the XUL user interface language. This version tracks 31 ESR.
{perl>=5.16.6,p5-ExtUtils-ParseXS>=3.15}:../../devel/p5-ExtUtils-ParseXS
since pkgsrc enforces the newest perl version anyway, so they
should always pick perl, but sometimes (pkg_add) don't due to the
design of the {,} syntax.
No effective change for the above reason.
Ok joerg
* 3.4.3 (stable)
* The bug that wrote the first part of data if the message body in the
IMAP4 responses didn't end with CR+LF was fixed (#84).
* The crash when displaying HTML messages was fixed (#215).
* Win32: the crash when linked with newer MSVCRT was fixed.
* Win32: libjpeg was updated.
* Win32: libtiff was updated.
* Win32: libpng was updated to 1.2.53.
* Win32: OpenSSL was updated to v0.9.8zg.
* Win32: included SSL certificates were updated.
pkgsrc change: default to enable TLS
- this has been requested a couple of times and most systems are going
to have a recent enough version of openssl so in most cases there
won't be additional dependencies
8.15.2/8.15.2 2015/07/03
If FEATURE(`nopercenthack') is used then some bogus input triggered
a recursion which was caught and logged as
SYSERR: rewrite: excessive recursion (max 50) ...
Fix based on patch from Ondrej Holas.
DHParameters now by default uses an included 2048 bit prime.
The value 'none' previously caused a log entry claiming
there was an error "cannot read or set DH parameters".
Also note that this option applies to the server side only.
The U= mailer field didn't accept group names containing hyphens,
underbars, or periods. Based on patch from David Gwynne
of the University of Queensland.
CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again.
Patch from Lars-Johan Liman of Netnod Internet Exchange.
CONFIG: New option UseCompressedIPv6Addresses to select between
compressed and uncompressed IPv6 addresses. The default
value depends on the compile-time option IPV6_FULL:
For 1 the default is False, for 0 it is True, thus
preserving the current behaviour. Based on patch from
John Beck of Oracle.
CONFIG: Account for IPv6 localhost addresses in
FEATURE(`block_bad_helo'). Suggested by Andrey Chernov
from FreeBSD and Robert Scheck from the Fedora Project.
CONFIG: Account for IPv6 localhost addresses in check_mail ruleset.
LIBMILTER: Deal with more invalid protocol data to avoid potential
crashes. Problem noted by Dimitri Kirchner.
LIBMILTER: Allow a milter to specify an empty macro list ("", not
NULL) in smfi_setsymlist() so no macro is sent for the
selected stage.
MAKEMAP: A change to check TrustedUser in fewer cases which was
made in 2013 caused a potential regression when makemap
was run as root (which should not be done anyway).
Note: sendmail often contains options "For Future Releases"
(prefix _FFR_) which might be enabled in a subsequent
version or might simply be removed as they turned out not
to be really useful. These features are usually not
documented but if they are, then the required (FFR)
options are listed in
- doc/op/op.* for rulesets and macros,
- cf/README for mc/cf options.
Changelog:
What's New
New GMail supports OAuth2 authentication, removing the need to manually select "allow less secure applications" in Google options for the account. (bug 849540)
New Ship Lightning calendar addon with Thunderbird and enable with an opt-out dialog (bug 1113183)
New Filter sent messages (bug 11039)
New Filter messages when archived (bug 479823)
New Enable search in multiple/all address books (bug 170270)
New Add support for Yahoo Messenger in Chat (bug 955574)
New Support Internationalized domain name URLs for RSS feeds (Bug 1018589)
New Show expanded columns in folder pane (bug 464973)
New Allow file-per-message (maildir) local message storage (bug 845952)
New Add a Learn more link to the support page in feeds subscribe dialog (bug 1053782)
New Add reading position marker line to conversations (bug 760762)
New The editor for twitter should show inputtable character count (bug 736002)
Changed Thunderbird will no longer use SHA-1 to sign messages (bug 1018259)
Changed Removed rarely used character sets: T.61-8bit, non-encoding Mac encoders, VISCII, x-viet-tcvn5712, x-viet-vps x-johab, ARMSCII8 , map us-ascii to windows-1252, ISO-8859-6-I and -E and ISO-8859-8-E, (bug 1068505 and others.)
Changed Disable CONDSTORE support for IMAP to prevent discrepancies in IMAP message status (deleted, unread) on some servers (bug 912216)
Changed Make OpenSearch queries open in the user's default browser (bug 1120777)
Changed Default to using SSL for XMPP and IRC. This might cause issues for self-signed certificates (bug 1122567, bug 1122666)
Fixed Replied/forwarded icons disappear after folder repair, detach/delete (bug 840418)
Fixed Attachment "Save As" files are displayed in Tools/Saved Files (bug 914517)
Fixed Adding unknown email addresses to Mailing list, then deleting ghost duplicate entries from contacts pane, caused dataloss in mailing list (bug 628035)
Fixed Web site from RSS feed was not rendered correctly (bug 662907)
Fixed Email address with leading/trailing whitespace displayed wrongly with added quotes when composing ["foo"@bar.com] (bug 286760)
Fixed Force display of Sender header if S/MIME sender is the signer (bug 332639)
Fixed Addressing autocomplete widget: Typed text in red despite results/matches found if suggestions change by last input (bug 1042561)
Fixed Status bar not accessible (bug 934875)
Fixed Wrong folder may be deleted when requesting junk delete (bug 1018960)
Fixed Severe UI stutter or freezes getting new mail for very large folders (bug 870556)
Fixed Automatically rejoin multi-user conversations on reconnect for XMPP (bug 1014472)
Fixed Various improvements when using IRC on moznet (bug 1083768 and others)
Fixed Significantly improve XMPP support (bug 1085022 and others)
Fixed Fixes for connecting to non-standard IRC networks (bug 870556 and others)
Fixed Automatically reclaim IRC nicks during a reconnect (bug 1087566)
Fixed Changing location in editor doesn't preserve the font when returning to end of text/line (bug 756984)
Fixed Inline spell checker loses red underlines after a backspace is used (bug 1100966)
Known Issues
unresolved Automatic addon compatibility update checks were not completed, so existing addon compatibilities may not be accurate.
unresolved Copy/Paste into plain text editor deletes newlines from quoted text (bug 1143570)
unresolved Importing data from Outlook or Eudora crashes (bug 917961)
Security:
Fixed in Thunderbird 38.0.1
2015-58 Mozilla Windows updater can be run outside of application directory
2015-57 Privilege escalation through IPC channel messages
2015-54 Buffer overflow when parsing compressed XML
2015-51 Use-after-free during text processing with vertical text enabled
2015-48 Buffer overflow with SVG content and CSS
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Enigmail is a security extension to Mozilla Thunderbird and Seamonkey.
It integrates the renowned OpenPGP standard provided by GnuPG.
Sending and receiving encrypted and digitally signed email gets just
simple using Enigmail.
This is packaged in pkgsrc-wip by Kamil Rytarowski.
Enigmail is a security extension to Mozilla Thunderbird and Seamonkey.
It integrates the renowned OpenPGP standard provided by GnuPG.
Sending and receiving encrypted and digitally signed email gets just
simple using Enigmail.
This is packaged in pkgsrc-wip by Kamil Rytarowski.