any longer to 2.x.
NOTE: kerberos support is dropped, kerberos guru please re-do it...
from ftp://ftp.qualcomm.com/eudora/servers/unix/popper/Release.Notes
Release Notes:
3.1
Can now set server mode and kerberos service name using
run-time options.
Can now specify plain-text password handling when APOP is
available using '-p 0|1|2|3' run-time option. 0 is default;
1 means clear text passwords are never permitted for any user;
2 means they are always permitted (even if an APOP entry exists),
which allows them to be used as a fallback when clients don't
support APOP); 3 means they are permitted on the local interface
(127.*.*.*) only.
Added '-D drac-host' run-time option to specify the drac host.
Only valid if compiled with --enable-drac. The default is
localhost.
Added '-f config-file' run-time option. Additional run-time
options are read from the specified file. All current run-time
options can now be set this way. See INSTALL file for option
names and syntax.
Added '-u' run-time option to read '.qpopper-options' file in
user's home directory.
Added Kerberos V support.
BULLDB access now uses usleep(3C) if available, resulting in
many more access attempts with a shorter maximum delay.
Added run-time options 'bulldb-nonfatal' (-B) and
'bulldb-max-retries' to allow fine control over BULLDB access
behavior. 'bulldb-nonfatal' allows a session to continue if
the bulletin database can't be locked. 'bulldb-max-retries'
sets the maximum number of attempts to lock the database. This
value should only be changed if you know if your system has
usleep(3C) or not. On systems with usleep(3C), this can be a
large value (the default is 75). On systems without usleep(3C),
this should remain small (the default is 10).
Added new ./configure flags (see INSTALL for more details):
--enable-timing to write log records with elapsed time for
authentication, initialization, and cleanup.
--enable-old-uidl to generates UIDs using old (pre-3.x)
style encoding. This is only useful if you also set
NO_STATUS and have existing users with old (pre-3.x)
spool files and you want to keep the UIDs the same.
--disable-status to prevent Qpopper from writing 'Status'
or 'X-UIDL' headers (sets NO_STATUS). This forces
UIDs for each message to be recalculated in each
session.
--enable-keep-temp-drop to prevents Qpopper from deleting
the temp drop files.
--disable-check-pw-max to prevent Qpopper from checking
for expired passwords.
--disable-old-spool-loc to not check for old .user.pop
files in old locations when HASH_SPOOL or HOMEDIRMAIL
used.
--disable-check-hash-dir to not check for or create hash
spool directories. Use this if you pre-create the
directories.
--enable-server-mode-group-include=group to set server
mode for users in the specified group.
--enable-server-mode-group-exclude=group to set server
mode OFF for users in the specified group.
--enable-secure-nis-plus for use with secure NIS+.
--disable-optimizations to turn off compiler optimizations.
--with-kerberos5 for Kerberos V support (using patch from
Ken Hornstein).
--enable-any-kerberos-principal to accept any principal in
the client request.
--enable-kuserok to use kuserok() to vet users.
--enable-ksockinst to use getsockinst() for Kerberos
instance.
--enable-standalone to create standalone POP daemon instead
of being run out of inetd. Can specify IP address
and/or port number to bind to as parameter 1, e.g.,
'popper 199.46.50.7:8110 -S' or 'popper 8110 -S -T600'.
If not specified, IP address defaults to all available.
The default port is 110 except when _DEBUG (not simply
DEBUG) is defined, then it is 8765.
--enable-auth-file=path to permit access only to users listed
in the specified file. Format is one user per line.
--enable-nonauth-file=path to deny access to users listed in
the specified file. Format is one user per line.
--disable-update-abort to avoid the default behavior of going
into update mode if the session aborts (the default
behavior violates of RFC 1939, but was found to be
needed when noisy dialup lines otherwise prevented users
from ever deleting messages).
([RCG])
3.0
Both dot-locking and flock() now used on all platforms. (On some
systems we emulate flock() using fcntl).
Added POP3 extensions(CAPA). The extensions added so far are
X-MANGLE, LOGIN-DELAY and EXPIRE.
X-MANGLE condenses Mime messages into a single part for ease of
use by lightweight clients. The transformations supported through
X-MANGLE are to and from text/plain, format=flowed, and text/html.
As a way to enable MIME-mangling with clients that do not
support XMANGLE, add "-no-mime" to the user name. For example,
if the userid is"mary", enter it in the client as "mary-no-mime".
The optional LOGIN-DELAY and EXPIRE values are only announced
through the CAPA command. The values to announce are passed as
command line switches. Actual enforcement of minimum login delay
and message expiration is up to the site by some other means.
(For example, a simple script run from crontab could be used for
message expiration.) Qpopper does support automatic deletion of
downloaded messages through the --enable-auto-delete configure
flag. This can be used to effect EXPIRE 0 (no retention).
Added new run-time options: -R to disable reverse-lookups on client
IP addresses; -c to downcase user name.
A failure at some point in a transaction now releases all locks
explicitly. Certain paths do not release locks where SysV .lock files
are created.
Fixed bugs with Bulletin Services and Server mode.
DEBUGn macros for debug and trace messages.
Added new ./configure flags (see INSTALL for more details):
--with-warnings for extra compiler warnings.
--enable-shy to hide qpopper's version number in the
banner and CAPA IMPLEMENTATION tag.
--enable-auto-delete to automatically mark for deletion
all messages downloaded with RETR.
--enable-hash-spool=1|2 to use hashed spool directories.
--enable-home-dir-mail=file to use a spool file in the
user's home directory.
--enable-bulldb=path to enable bulletins and set the path
for the bulletin directory.
--with-new-bulls=number to specify the maximum number
of bulletins for new users (default is 10).
--enable-popbulldir=path to specify an alternate location
for users' popbull files.
--enable-log-login to log successful user logins. This
can be used, for example, to validate subsequent
SMTP sessions from the same IP address within a
short time period, in the absence of SMTP AUTH
support by client and server. (Suggested by Andy
Harper et al).
--with-pam=service-name to authenticate using PAM (based
on patch contributed by German Poo).
--with-log-facility=name to specify the log facility.
Default is LOG_LOCAL1 or LOG_MAIL, depending on the
OS.
--enable-uw-kludge to check for and hide a UW IMAP status
message.
--enable-group-bulls to show bulletins by groups (group
name is second element in bulletin name). Based on
patch by Mikolaj Rydzewski.
--enable-timing to report timing information in the log.
--enable-drac to use DRAC. Based on patches by Mike
McHenry, Forrest Aldrich, Steven Champeon, and others.
Added file popper/banner.h -- modify this file to add a custom
banner and CAPA IMPLEMENTATION tag suffix. Note that if you modify
qpopper you should indicate this using banner.h.
Improved error messages and warnings: warning "Unable to get
canonical name of client" now includes IP address of client; logging
added for I/O errors and discarded input (line too long); added errno
to POP EOF -ERR message; "Possible probe of account" warning now logged
as WARNING, not CRITICAL.
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).
Specifically,
- - All packages which set USE_SSL just lose their RESTRICTED
variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
no longer available. On this, we're no worse off than before.
[We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
a user to utilize strong encryption (working definition: ability
to encode a message that requires a secret key plus big number
arithmetic to decode).
- New, optional Makefile variable HOMEPAGE, specifies a URL for
the home page of the software if it has one.
- The value of HOMEPAGE is used to add a link from the
README.html files.
- pkglint updated to know about it. The "correct" location for
HOMEPAGE in the Makefile is after MAINTAINER, in that same
section.
