Changes from previous:
----------------------
version 2.102: Wed Jan 4 09:31:51 CET 2012
Fixes:
- regex which matched attributes dumped core on hugh attributes.
rt.cpan.org#69414 [Yanyan Yang]
- document generation fixes.
Improvements:
- correct synopsis of ::Thread::Manager
- ::Thread::Node::threadToString uses study() on subject
version 2.101: Thu Aug 25 10:16:03 CEST 2011
Fixes:
- multipart's-part content-type could remove some attributes
rt.cpan.org#69516 [Yanyan Yang]
- filenames in content-disposition fields are sometimes charset
encoded (not supported by the RFCs) Decode them.
[Thomas Karcher]
- example how to use $msg->moveTo() was wrong. [Flash]
Improvements:
- use the Net::Domain::hostfqdn() for the creation of unique
message-ids if libnet is installed.
rt.cpan.org#69803 [Christoph 'Mehdorn' Weber]
version 2.099: Thu Jul 7 16:02:38 CEST 2011
Fixes:
- body() of structured studied fields failed.
Improvements:
- add overloading of comparison to Mail::Message::Field::Address
objects. Triggered by [Andrew Beverley]
- implement study on date fields.
version 2.098: Thu Mar 17 09:01:36 CET 2011
Fixes:
- accept mbox message separators from the 60's, because mozilla
uses 1-1-1965 as default separator when importing mail.
rt.cpan.org#65572 [Willi Mann]
- accept mbox message separators from the upcoming 20's
- Mail::Transport::POP3 has use_ssl setting too late [Mark Delany]
- Mail::Transport::IMAP4 folder create produced "use of
undefined". rt.cpan.org#66001 [Willi Mann]
- Error message when stringifying a studied empty field.
rt.cpan.org#66381 [Florian]
- do not split headers for encoded components which contain
blanks (which is illegal) reported by [Florian]
Improvements:
- maildir: do not remove :2, from the filename if there are
no flags. [Mikolaj Kucharski]
version 2.097: Wed Jan 26 16:11:41 CET 2011
Fixes:
- override Mail::Transport::Sendmail destinations included
original destinations.
rt.cpan.org#64266 [Andrew Beverley]
Improvements:
- added examples/strip-spam-markup.pl by [Gary Funck]
- do not hardcode perl version in test.pl, hopefully resolving many
cpantesters complaints.
- randomize boundary string to avoid (undemonstrated) security risks
with boundary guessing.
- manual pages produced with new version of OODoc, producing more
condensed output.
version 2.096: Tue Nov 9 10:04:25 CET 2010
Fixes:
- allow dot in username for pop/imap (probably used by someone)
[Jim Cromie]
Improvements:
- spelling fixes
rt.cpan.org#59061 [Salvatore Bonaccorso]
- implement Mail::Box::POP3s [Jim Cromie]
- do not run test-scripts with -T, because modern TAP::Harness
uses PERL5LIB which is disabled by the flag.
version 2.095: Fri Jul 2 11:17:35 CEST 2010
Fixes:
- permit additional colons in maildir filenames.
rt.cpan.org #58534 [Stefan Kangas]
- maildir messages in the 'new' queue will not get ":2,", as in
mutt. rt.cpan.org#58550 [Stefan Kangas]
- fix handling of messages with empty bodys. Had mild consequences
to multipart preamble and prelude processing.
rt.cpan.org#58544 [Stefan Kangas]
Improvements:
- spelling fixes
rt.cpan.org#56678 [Salvatore Bonaccorso]
version 2.094: Tue Apr 6 11:17:15 CEST 2010
Fixes:
- parse address phrase with line fold in ::Full:Addresses
rt.cpan.org#55309 [Diomidis Spinellis]
- handle empty preambles and postludes in multiparts even
very strict, because the may be signed.
rt.cpan.org#54529 [John Gardiner Myers]
Improvements:
- fix documentation on use of Mail::Message::Head::build()
and a few more minor documentation errors. [Kiss Gabor]
- $msg->reply fallback to From address, not only Reply-To
- add example/unpack.pl
- added install configuration choice "none". Also control
via environment variables.
- spelling fixes.
rt.cpan.org#53127 [Salvatore Bonaccorso]
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
version 2.093: Thu Dec 24 17:02:06 CET 2009
Fixes:
- rewrite of Mail::Message::Full:decode(), because original
trick for blank removal kept on biting me. Now implemented
without trick.
rt.cpan.org#52600 [Dmitry Bigunyak]
- make text/plain default when a body is created, as promised
by the documentation.
rt.cpan.org#52278 [Dmitry Bigunyak]
- add toplevel() to ::Body::Multipart and ::Body::Nested to
support reply() called on message parts.
- fix tests-script to make MIME::Entity cleanup the msg-* files
in the tests/ directory.
Improvements:
- rewrite of SYNOPSIS for Mail::Message::Field::Addresses
rt.cpan.org#43703 [Dmitry Bigunyak]
- added Mail::Box::Locker::FcntlLock, contributed by Jim In Aus
rt.cpan.org#48568 [Jim in Aus]
- support additional headers to a reply message.
- added explanation of character-set "PERL" for a ::Body
(suggested by [Dmitry Bigunyak])
version 2.092: Fri Nov 20 16:13:46 CET 2009
Fixes:
- do not set all signal handlers to "exit(0)"
rt.cpan.org#50433 [Slaven Rezic]
- do not enforce the use of /usr/bin/perl in the test-scripts,
but use the perl which is selected via the path.
version 2.091: Sun Sep 6 23:54:17 CEST 2009
Fixes:
- Another fix to thread detection start where first message
is not found. rt.cpan.org#40347 [Florian]
- translate '_' to blank when charset not known.
rt.cpan.org#41661 [Florian]
- no "undef" for field Content-Length with empty message bodies.
[Daniel Richard G.]
- Mail::Message::Body::eol() with parameter sometimes did not
return a body but a character.
rt.cpan.org#49334 [Brian McCauley]
- Mail::Message::Body::eol() should add \n to last texts line
if it is missing.
rt.cpan.org#49362 [Brian McCauley]
Improvements:
- better "From " message separator line generated when converting
messages for Mbox storage. Written by [Daniel Richard G.]
version 2.090: Tue Jun 2 11:56:28 CEST 2009
Fixes:
- second attempt to use Encode to do base64/qp encoding in
Mail::Message::Field::Full, This time with test script.
[Alexander Averyanov]
- Mail::Box::Locker::POSIX lock did always succeed.
rt.cpan.org#46003 [Rainer Schöpf] via Debian#528364
- Maildir accept lower-case flags
rt.cpan.org#42182 [Hardaker]
- Message parser needlessly required read access to folders.
rt.cpan.org #46388 [Mike Ekberg]
version 2.089: Mon Apr 20 21:00:34 CEST 2009
Fixes:
- do not restart parser after folder write, which could end-up in
empy folders if mode=='w' [Reinier Post]
- fix takemail script for Mbox.
rt.cpan.org#44439 [Reinier Post]
- alternative option names for 'file' in various lockers, needed
to be able to use them in the multi-locker. Needed by [Mark Hedges]
- use Encode to do base64/qp encoding in Mail::Message::Field::Full,
which handles multibyte characters correctly. Patch by
[Alexander Averyanov]
version 2.088: Thu Mar 19 08:54:31 CET 2009
Fixes:
- ::Parser::Perl should call binmode() as method on the file-
handle to work. [Ashwini Singh]
- pre-created locker object cannot be passed to Mail::Box::open()
because its creation requires a Mail::Box object. [Mark Hedges]
- recover from illegal phrases in email addresses, for studied
fields in Mail::Message::Field::Addresses [Robert Bruccole]
- require Date::Format, introduced in 2.082 [cpantesters]
Improvements:
- specify encoding type of character-set (q or b) with
Mail::Message::Field::Address objects.
Requested by [Alexander Averyanov]
- default mail box locker object should use the same logging
settings as the mail box itself. Spotted by [Mark Hedges]
- the existence of Mail/Makefile.PL was an accident.
version 2.087: Tue Feb 3 12:41:10 CET 2009
Fixes:
- more character-decoding errors in field study.
rt.cpan.org#41661 [Florian]
- username in folder URL must get decoded as well, to allow
'@' signs and colons in the usernames.
rt.cpan.org#41976 [Matt S Trout]
- accept unknown flags for Maildir.
rt.cpan.org#42182 [Wes Hardaker]
Improvements:
- add DIGEST-MD5 and LOGIN to the AUTO search list of IMAP4.
Triggered by rt.cpan.org#42136 [Alexander Thoukydides]
- add warnings on two spots that message labels may get lost
when moving them to an other folder type.
- use external file for body after 100kB, not 10kB. Should
improve on performance.
2012-01-31 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.2.0
* [DKIM] fix mis-canonicalization of empty message body in "relax" mode
2011-12-05 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.1.992
* support platforms which doesn't have EAI_NODATA any more
* adjust configure.ac not to link with librt when ldns is chosen as a resolver
2011-11-28 SUZUKI Takahiko <takahiko@iij.ad.jp>
* 1.1.991
* switch default resolver from libbind to ldns
* [SPF/SIDF] fix memory allocation error at expanding "p" macro when <ip> has no validated domain names
* [SPF/SIDF] fix misevaluation on domain names longer than 63 characters (thanks to KODAMA Daisuke, NEC BIGLOBE)
* [DKIM] catch up the updates from RFC4871, RFC5672 to RFC6376
* [DKIM] change result from "none" to "permerror" of message without any Author header
* [DKIM] fix mis-canonicalization of header field name includes WSP in "relax" mode
* [DKIM] fix memory allocation error on message with syntax errors in sig-i-tag value
ChangeLog:
1.895 2012-01-15
allow non-ASCII *only in phrase*
1.894 2012-01-14
note that the use of the regex vars is not a great idea
1.893 2012-01-02
reject any non-ascii content in strings
Notable changes in archivemail 0.9.0:
* IMAP: support for international mailbox names containing non-ASCII
characters.
Notable changes in archivemail 0.8.0:
* Removed the feature to setuid to the mailbox owners when run as root.
This was a bad idea; it's really hard to do safely, if at all possible.
Obsoletes: patch #2783134.
* New option --archive-name, or short -a, to hard-code an archive filename.
Like the --suffix and --prefix options, it is expanded with strftime().
This option conflicts with archiving multiple mailboxes. Closes: feature
request #1306538.
* New option --prefix, or short -p, to specify an archive name prefix. Like
a suffix specified with the --suffix option, the prefix is expanded with
strftime(). Specifying this option disables the default archive name
suffix. Obsoletes: feature request #604281. (Thanks Serafeim Zanikolas
for an initial patch)
* New option --all to archive all messages in a mailbox. Closes: #1764846.
* archivemail now expands wildcards in IMAP mailbox names. For example, the
url imaps://user@server/foo/* will expand to all subfolders of foo.
Closes: feature request #1978540. Obsoletes: patch #1918937.
* To determine the delivery date of a message, archivemail now looks for the
timestamp of the latest 'Received' header before resorting to
'Resent-Date' or 'Date'. This should give much better results when there
is no 'Delivery-date' header, which is still checked first.
(Thanks Andrew Ferrier & Christian Brabandt)
Closes: #1481316, #1764855, Debian bug #272666.
* We now omit the dotlock if we don't have sufficient permissions to create
it in the mbox directory. (The file is still locked with lockf.)
Together with more changes under the hood (see below) this means
archivemail can now operate on mbox files in the system mail spool.
Closes: #855269.
* Replaced some simple minded file operation security checks with more
decent ones. This means we can safely operate in /tmp, for example. The
price is that we no longer accept symlinked files. Obsoletes: patch
#1874868.
* The archive now also gets locked while archivemail updates it.
* mbox locking got completely rewritten. Switched from flock to lockf
locking, which is NFS-safe and portable, and we now lock with lockf first,
then with a dotlock, instead of the other way around. (This is makes
archivemail compatible with Debian systems. ;)
while here,
* LICENSE=gnu-gpl-v2
* register egg-info.
== Version 0.1.11 ==
libgmail.py
* Fixed bug that broke attachment support (SF bug #2034927)
* added .author_fullname field for messages
* Don't crash on threads with google chat log (Debian bug #502458)
== Version 0.1.10 ==
libgmail.py
* Use mechanize instead of ClientCookie [Patch #2014779]
* Very basic Unicode support [Patch #1926861]
gmail_transport.py
* New version that uses mechanize
(owing again to Jose Rodriguez)
NOTE: libgmail now depends on mechanize, which
can be downloaded from:
http://wwwsearch.sourceforge.net/mechanize/#download
(in Debian/Ubuntu as python-mechanize, and an easy_install
installer is also available)
== Version 0.1.9 ==
libgmail.py
* Fixed login that was broken for a bunch of new
gmail accounts, thanks to a patch by rhauer
NOTE: libgmail now depends on ClientCookie, which
can be downloaded from:
http://wwwsearch.sourceforge.net/ClientCookie/#download
== Version 0.1.8 ==
libgmail.py
* Added 'search' method to contactLists that returns
an array of contacts who match a given search term
(at some point, the contacts API is long overdue
for a revamp, but for now, hey, why not)
This is a patch by Alex Chiang --WD--
* libgmail now asks for the old Gmail interface,
so that it isn't broken by the new Gmail updates.
(Thanks to Aaron and Stu for work on this)
(Fixes SF bug #1822662)
== Version 0.1.7 ==
libgmail.py
gmail_transport.py
* Applied patch that adds proxy support, both
for passwordless and password-ful proxies
(is that a word?), by Jose Rodriguez --WD+SZ--
== Version 0.1.6.2 ==
libgmail.py
* Bugfix for attachment problems --WD--
(SF Bug #1793026, Patch #1799605 by 'stephster')
archive.py
* Protect messages with a "from" line in them --WD--
(SF Patch #1790809 by 'scop')
== Version 0.1.6.1 ==
libgmail.py
* Bugfix for login problems --WD--
== Version 0.1.6 ==
libgmail.py
* Added support for "Gmail Apps" aka "Gmail For Your Domain" --WD--
This version fixes a couple of processing bugs in the new header
blacklist filter and an access violation that can lead to crashes.
The header blacklist should is [sic] safe to enable now.
This version adds the ability to filter messages based on the content
of their headers. Please note that enabling this feature should
be accompanied by disabling the use of the "softlimit" program. In
addition to fixing some small bugs and a compiling error on Debian
7, it also fixes a series of major bugs that could lead to buffer
overflows. Depending on spamdyke's configuration, these could cause
remotely exploitable security holes. Please upgrade immediately!
Looks like there's a bug in the header blacklist filter. Don't
enable that filter yet.
Fixed config-test message for a graylist domain folder when the domain is not
in the list of local domains from ERROR to INFO. Thanks to Eric Shubert
for reporting this one.
Fixed a bunch of copy-and-paste errors in the option_list array in
prepare_settings() where options were designated
CONFIG_TYPE_STRING_SINGLETON instead of CONFIG_TYPE_OPTION_SINGLETON or
CONFIG_TYPE_STRING_ARRAY instead of CONFIG_TYPE_OPTION_ARRAY.
Fixed configure script errors and compilation warnings on Debian 7, which
enables the new GCC flags -Waddress and -Wunused-but-set-variable by
default. Thanks to Steve Cole for reporting this one.
Added some explanitory comments to spamdyke.h and spamdyke.c.
Added FILTER_FLAG_RETAIN and modified middleman() to buffer any data as long
as it is given.
Added FILTER_FLAG_CHILD_RESPONSE_INTERCEPT and modified middleman() to discard
any input from qmail when it is given.
Added FILTER_FLAG_DATA_CAPTURE and modified middleman() to capture qmail's
response to the end of the message data when it is given.
Fixed output_writeln() to send the data in bursts if more than one line is
given and no CRs need to be inserted. Previously, all data was sent
line-by-line, even though middleman() was trying to send bursts of data when
possible.
Changed middleman() to buffer the names of the accepted recipients until after
the message data is sent, then check qmail's response to the message body
and print ALLOWED/DENIED for each recipient accordingly, along with the text
of qmail's response.
Added the options header-blacklist-entry and header-blacklist-file to block
messages based on the contents of their headers.
Added the option rejection-text-header-blacklist to control the message from
the header blacklist filter.
Added a flag to smtpdummy to force it to reject all message content with an
error.
Added a more complete usage message to smtpdummy.
Fixed a number of very serious errors in the usage of snprintf()/vsnprintf().
The return value was being used as the length of the string printed into
the buffer, but the return value really indicates the length of the string
that *could* be printed if the buffer were of infinite size. Because the
returned value could be larger than the buffer's size, this meant remotely
exploitable buffer overflows were possible, depending on spamdyke's
configuration.
Added options to smtpdummy to make it appear to process authentication (and
unconditionally succeed or fail).
Changed the ALLOWED log message to show the text given by qmail when the
message is accepted.
* Stop to treat NetBSD's sed as GNU sed, not full compatible.
* Then, no need to reset TOOLS_PLATFORM.gsed for NetBSD if USE_TOOLS+=gsed and
real GNU sed is required.
* In addition, convert simple USE_TOOLS+=gsed to conditionally, without NetBSD.
* convert {BUILD_,}DEPENDS+=gsed to USE_TOOLS, all tools from gsed are real gsed.
* Proxying now supports sending SSL client certificate to server with
ssl_client_cert/key settings.
* doveadm dump: Added support for dumping dbox headers/metadata.
* Fixed memory leaks in login processes with SSL connections
* vpopmail support was broken in v2.0.16
contains fixes for PR#45785.
Version 1.4.27:
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Fix a compiler warning with current OpenSSL versions.
This version extends the log messages to show why a blacklist is
matched. It also fixes a few minor bugs.
Added a filter to sendrecv so input containing "\r\n" will be
translated into CRLF without being interpreted as a line
terminator (so multiple commands can be sent in a single "packet")
and input containing "\0" will be translated into NULL bytes
so NULL characters don't have to be embedded in the test scripts.
Added support for the RSET command to smtpdummy.
Added a "priority" field to the input file for dnsdummy to force
some responses to be sent after others, no matter what order
they were received.
Fixed nihdns_mx() to query names for A records using the query
types configured for MX queries, not A queries. Thanks to Eric
Shubert for reporting this one.
Changed smtp_filter() and middleman() to discard any buffered
input after TLS is started. This prevents the injection of
commands into a secure session by sending extra input in the
same packet as the "STARTTLS" command. Not really a security
problem but good practice anyway. Thanks to Eric Shubert for
reporting this one.
Fixed a bug in examine_entry() that was cutting off 1-3 characters
from the end of target_entry every time it was called.
Changed check_ip_in_rdns_keyword() to return the line number of
the matching file as its return value and the name of the
matchine file in a reference variable.
Added reject_reason and strlen_reject_reason to struct rejection_data
to allow the triggered filter to return some text to indicate
why it triggered.
Changed set_rejection() to accept new parameters to set reason
text within the rejection structure if available.
Changed set_rejection() to accept a new parameter to append to
the rejection text if available.
Added reset_rejection() to change either the rejection text or
the reason text within an existing rejection_data structure
without erasing previously-set values.
Changed nihdns_rbl(), check_dnsrbl() and check_rhsbl() not to
accept a format string or build part of the rejection message.
That job belongs to the caller(s).
Changed filter_rdns_blacklist(), filter_rdns_blacklist_file(),
filter_rdns_blacklist_dir(), filter_ip_blacklist(),
filter_ip_in_rdns_blacklist(), filter_dns_rbl(), filter_dns_rhsbl(),
filter_sender_blacklist(), filter_sender_rhsbl() and
filter_recipient_blacklist() to save the reason for their
rejection in the reject_reason variable in rejection_data.
Changed the log messages showing ALLOWED/DENIED to always output
the "reason:" field and fill it with the text returned by the
triggered filter so the sysadmin can figure out what happened
or "(empty)" if no text was saved. Thanks to Eric Shubert for
suggesting this one.
Changed the way DNS timeout values are read from the configuration
file, the command line, /etc/resolv.conf and the environment
so that values given in the config file or on the command line
are not overridden by values in /etc/resolv.conf or the
environment. Thanks to Teodor Milkov for reporting this one.
Changed the reject-empty-rdns filter, the IP-related black/whitelist
filters and the IP-related RBL filters to skip their tests if
the incoming IP address is 0.0.0.0. This is for connections
from IPv6 hosts -- those filters can be skipped until full IPv6
support can be added. Thanks to Daniel Anliker for suggesting
this.
Changed the way the flag FILTER_DECISION_TRANSIENT_DO_NOT_FILTER
is handled by smtp_filter() and middleman() so a transient
non-rejection (e.g a recipient whitelist) isn't held over to
later recipients. The interaction between the recipient whitelist
and the graylist filter was fixed in version 4.0.0 but an issue
still remained between recipient whitelists and other non-transient
rejections like the missing rDNS filter. Thanks to bischowski
for reporting this one.
Changed smtpdummy to use memchr() instead of strchr() so testing
input with NULL bytes will work correctly.
While here, remove paches for ancient Darwin.
Changes to the Cyrus IMAP Server since 2.4.12
* Bug #3565 - fix gcc compiler warnings - thanks Dilyan Palauzov
<dilyan.palauzov@aegee.org>
* Bug #2685 - rename annots in delayed folder delete. Avoids
annotations "reappearing" when a folder is recreated
* Bug #3566 - actually fix in a backward compatible way. 2.4.12 broke
older versions of bison
* Lots of small cleanups from CMU as they prepared to build RSS into
their 2.4 build. Thanks Ken
* Bug #3591/#3609 - fix crash in mupdate on partition move
* Bug #3610 - fix replication of partition move
* Bug #3564 - document the way prefork interacts with multiple
network protocols
* Bug #3586 - allow rename of "\Noselect" if subfolders exist
* A handful of small cleanups (#3593, #3594, #3595) from David Carter
<dpc22@cam.ac.uk>. Very much appreciated
* Disabled duplicate_check DEBUG level log messages by default.
Thanks Philip Prindeville <philipp@redfish-solutions.com>
* Bug #3608 - log mailbox name in more sync failure cases
* Bug #3615 - fix proxyd_disable_mailbox_referrals. Thanks Andrew
Morgan <morgan@orst.edu>
* Bug #3611 - fix crash in sync_mailbox_full if expunge fails
* Backported some nice fixes from master, including safer thread/sort
(there were some crashes on bad messages before)
* Fixed infinite loop on suppress_capabilities with substrings of
other capabilities. Ouch.
* Fixed LIST and LSUB again - this time to make LIST "" "*%" work
without breaking other things
* Bug #3588 - make XFER not break if the wrong server name was used.
The start of making murder safer
* Bug #3603 - tidied up usage of kick_mupdate so it never gets called
on standard murder backends
* Bug #3604 - always suppress the DELETED.* mailbox names, even if
delete_mode is immediate. It means a config change or different
frontend won't show undeletable mailboxes
* Bug #3602 - allow UpperCase in service names to work
