Upstream changes:
3.008 2014-12-27 18:36:19-05:00 America/New_York
- make results of get_body be the same on Email::{Simple,MIME}
- ...but this method is a mess, so maybe avoid using Abstract for body
work
3.007 2013-12-31 10:39:14 America/New_York
fix skip count when MIME::Entity is not present
version 3.11.1.
Changlog:
3.11.1:
~~~~~~~~~~~~~~~~~~~~
* Use 'gnutls_priority' hidden account preference for POP3 and
STARTTLS connections, in addition to SMTP.
* RSSyl plugin: Enable use of .netrc to store network credentials.
* Remove dependency on intltool.
* Remove appdata.
* Updated translations: Norwegian Bokmål.
* Bug fixes:
o bug 3306, 'HTML tag is not always rendered in error
dialog'
o bug 3308, 'build ignores --localedir'
3.11.0:
~~~~~~~~~~~~~~~~~~~~
* SSLv3 server connections are now disabled by default, in response
to the POODLE vulnerability, see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566.
* Several PGP/Core plugin improvements
Indicate when a key has been revoked or has expired when displaying
signature status. For example,
"Good signature from %s, but the key has expired."
"Good signature from %s, but the key has been revoked."
When displaying the full information, show the Validity, and the
Owner Trust level. Also indicate expired and revoked keys, and
revoked UIDs.
The "Content-Disposition: attachment" flag in PGP/MIME signed
messages has been removed. It was confusing for cetain MUAs.
* A new version of the RSSyl plugin, completely redesigned and
rewritten. Migration from the previous version is automatic,
it has a new storage format in ~/.claws-mail/RSSyl/ (hierarchical
directories instead of flat file format). It uses the expat
library instead of libxml2 for parsing feed data.
* The results of TAB address completion in the Compose window have
improved ordering.
Order of results:
1. Match beginning of name
2. Match beginning of additional names
3. Match complete email address before @
4. Match beginning of email address
5. Compare relative position of match
6. Compare name alphabetically
7. Compare address alphabetically.
* Due to popular demand, use of the Up key in the message body in the
Compose window stops at the top of the message body and does not
continue up to the header fields. This reverts the behaviour
introduced in version 3.10.0.
* In the Compose window, when navigating with the arrow keys,
selecting, and thus modifying, the Account selector is now
prevented.
* In the Compose window, a mnemonic (s) has been added to the Subject
line.
* The Queue folder is highlighted if there are messages in its sub-
folders and the tree is collapsed.
* When sorting messages by 'thread date', clicking the 'Date' column
header will now toggle between ascending/descending and will not
switch to 'date' sorting.
* A new QuickSearch filter has been added that searches a header's
content only.
H S : messages which contain S in the value of any header.
* A Reply-To field has been added to the main Template configuration.
* The menubar can now be hidden, default hotkey: F12.
* Fancy plugin: A user-controlled stylesheet can now be used.
* Python plugin: Add flag attributes to MessageInfo object.
* Python plugin: Make 'account' property of ComposeWindow read/write.
* Libravatar plugin: a network timeout option has been added.
* appdata has been added for package managers, it must be
specifically enabled, using ./configure --enable-appdata
See http://people.freedesktop.org/~hughsient/appdata/ for further
information.
* The tbird2claws.py script, for converting a Thunderbird mailbox to
a Claws Mail mailbox, now handles sub-directory recursion.
* Updated translations: Brazilian Portuguese, Bulgarian, Dutch,
Esperanto, Finnish, German, Hebrew, Lithuanian, Slovak, Spanish,
and Swedish
* Bug fixes:
o bug 3173, 'quick search ignores trailing blank'
o bug 3211, 'Fails to build in Debian hurd-i386 architecture'
o bug 3212, 'When msgnum matches a sub-folder name, fetch
fails'
o bug 3221, 'IMAP: Claws Mail has issues with Yahoo IMAP
server/folders'
o bug 3235, 'Extraneous double quotes inside base64-encoded
From header confuse 'Reply' action'
o bug 3236, 'sc_html_parse_tag() does not recognize '
'
as line break'
o bug 3246, 'attachment open: "remember this" ignored if
~/.mailcap does not exist'
o bug 3265, 'procmime.c: unbalanced flockfile() /
funlockfile()'
o bug 3300, 'Cannot send/receive mail when SSL 3.0 is not
supported on the server'
o Debian bug 755022, '[claws-mail-spam-report] likely useless
to report to Debian because of the use of http
instead of https'
o Disable SSL3.0 entirely as a Poodle fix.
o fix msg display when utf8_instead_of_locale_for_broken_mail
is turned off and you use a UTF-8 locale
o fix building without gnuTLS support
o Don't differentiate the protocols used when using direct
SSL/TLS versus STARTTLS
o disallow editing any account (even current account) when at
least one compose window is open
o Actually display "(No From)" in messageview's From column
when appropriate.
o When changing focus in folderview, make sure the newly
focused folder is visible first.
o various fixes to flaws reported by Coverity scan
o PGP/Core plugin: Don't automatically re-check signatures
o PGP/Core plugin: fix erroneous 'untrusted' msg based on
validity not trust
o Make INBOX case-insensitive (as RFC states)
o Python plugin: Fix ComposeWindow.get_account_selection
3.10.1:
* Add an account preference to allow automatically accepting
unknown and changed SSL certificates, if they're valid (that is,
if the root CA is trusted by the distro).
* RFE 3196, 'When changing quicksearch Search Type, set focus to
search input box'
* PGP/Core plugin: Generate 2048 bit RSA keys.
* Major code cleanup.
* Extended claws-mail.desktop with Compose and Receive actions.
* Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto,
Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian,
Slovak, Spanish, and Swedish translations.
* Bug fixes:
o bug 2728, 'erroneous switching from one to three column
view'
o bug 2981, 'claws-mail-3.9.3 compilation warnings'
o bug 3170, 'QuickSearch fights with View/Hide read threads
menu option'
o bug 3179, 'Win32: Please add 'gtk-auto-mnemonics = 1' to
GTK+ setting'
o bug 3201, 'Fix memory corruption in sc_html_read_line()'
o Debian bug 730050, 'vcalendar plugin crash'
o Fix GCond use with newer Glib
o Fix the race fix, now preventing the compose window to be
closed.
o Fix "File (null) doesn't exist" error dialog, when
attaching a non-existing file via --attach
o Fix spacing in Folderview if the font is far from the
system font
o RSSyl: When parsing RSS 2.0, ignore <link> tags with a
namespace prefix.
o RSSyl: Check for existence of xmlNode namespace, to prevent
NULL pointer crashes.
3.10.0:
* Complete SSL certificate chains are now saved, and if built with
Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made
available. Both of these allow correct certificate verification
instead of a bogus 'No certificate issuer found' status.
* Auto-configuration of account email servers, based on SRV records,
is now possible. (GLib >= 2.22 is required.)
* Added a preference to avoid automatically drafting emails that are
to be sent encrypted, (Configuration/Preferences/Compose/Writing).
* Messages saved as Drafts are now saved as New, highlighting the
Drafts folder, in order to draw the attention to unfinished mails
there.
* It is now possible to add a 'Replace signature' button to the
Compose window toolbar.
* Quotation wrapping and undo/redo in the Compose window has been
improved.
* 'Reply to all' now excludes your own address.
* The 'Generate X-Mailer header' option has been renamed 'Add user
agent header' and applies to both X-Mailer and X-Newsreader
headers.
* Added hidden preferences, 'address_search_wildcard' and
'folder_search_wildcard', to choose between matching from start of
the folder name/address or any part of the name. (Activating these
options restores the previous behaviour.)
* Added hidden preference 'enable_avatars' to control the internal
capture/render process, and which allows disabling it by external
plugins for example.
* 'Check for new folders' now only updates the folder list, not
updating the contents of folders. If needed, it can be followed by
'Check for new messages'
* When using Redirect, the redirecting account's address is used in
the SMTP MAIL FROM instead of the original sender's address.
* NEW: Libravatar plugin, which displays avatars from
https://www.libravatar.org/
* Added support for an arbitrary number and sources of 'avatars' and
images for email senders, and migrated Face and X-Face headers.
* Avatars are now included when printing mails.
* The GPG keyring can now be used as the source for address auto-
completion.
* The vCalendar and RSSyl plugins now have an option to disable SSL
certificate verification (and check them by default).
* The ClamAV plugin now pops up an error message only once instead of
repeatedly
* Updated the man page and the manual.
* Updated Brazilian Portuguese, British English, Czech, Dutch,
Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak,
Spanish, and Swedish translations.
* Added Esperanto translation.
* Bug fixes:
o bug 1644, 'race condition between message move and mark as
read after timeout'
o bug 2119, 'Check for new folders on remote mailboxes is
very slow'
o bug 2145, 'Claws becomes unresponsive and gets Killed while
moving messages between imap folders'
o bug 2179, 'Improve quotation wrapping support'
0 bug 2238, 'Incorrect undo/redo operations after paste with
replace from context menu'
o bug 2389, 'GnuPG: invalid/revoked user IDs accepted'
o bug 2398, 'Race when closing compose during drafting'
o bug 2447, 'Compose window crashes if moving a folder that
is being replied to'
o bug 2643, 'claws crash when accessing imap folder'
o bug 2875, 'SMTP session disconnects before recieving'
o bug 2991, 'POP3 sessions duplicated" on race conditions'
o bug 3020, 'Use theme doesn't change some icons until
restart'
o bug 3055, 'Claws segfaults when cancelling a sticky search
after changing folder'
o bug 3038, 'Select a folder incorrectly matches on number in
parentheses'
o bug 3039, 'displaying one specific html email lead in 100%
CPU usage'
o bug 3040, 'Handle revoked GPG private keys'
o bug 3050, 'Claws segfaults when attempting to delete a tag'
o bug 3094, 'OK or Yes to create new directory ?'
o bug 3100, 'Automatic account selection on reply fails if
name is quoted and contains a comma'
o bug 3105, 'vCal plugin via https does not check SSL peer
certificates or host'
o bug 3106, 'rssyl plugin does not verify SSL peer at all'
o bug 3107, 'Height of row in message list does not reflect
font size - three columns, small screen layout'
o bug 3116, 'invalid DTSTART in ics subscription makes claws
crash'
o bug 3117, 'full-day event shown from 01:00 to 01:00 next
day'
o bug 3120, '"Error - File is empty" when redirecting mail
with empty parts'
o bug 3131, 'Crash on reccurent events with no DTSTART'
o bug 3138, 'PGP/Inline crashes on signature check if gpgme
failed to init'
o bug 3139, 'Mainwindow unresponsive due to a busy loop'
o bug 3145, 'Memory corruption in imap_disconnect_all'
o bug 3146, 'Memory corruption when deleting a message from
folder'
o bug 3147, 'verify_folderlist_xml() leaks memory'
o bug 3148, 'Logic error in claws_get_socket_name()'
o bug 3150, 'etpan_certificate_check() leaks memory'
o bug 3155, 'Memory leaks found by Valgrind in
a9065aec26499a0e1294c73b6d9e6f039976521e'
o bug 3169, 'threaded message list performance issue'
o bug 3964, 'headers in wrong order -- file src/common/ssl.c'
o Fix lots of memory leaks
o Fix interference from liboverlay-scrollbar
o Fix some typos
o Fix some layout issues when user has large GTK font
o Fix message search starting from end
o Fix disappearing MIME icon highlight in mails with PGP
signatures
o When autoselecting account for a new message, quoted
recipient names are handled better.
o Python plugin: Also check for _PyGtk_API being a PyCapsule
o MailMBOX plugin: Fix parsing UTC dates
o vCalendar plugin: recognition of quoted parameter values,
which are legal.
o ClamAV plugin: Fix a format string error.
Update homepage.
changelog:
1.6:
Improved RFC822 and MIME parser
Implemented SEARCH using LITERAL+ for Gmail
Fixed SSL connections (don't force SSLv3)
1.5:
Gmail search features: X-GM-MSGID, X-GM-THRID, X-GM-RAW
Added POP stat
Various fixes for Windows
Fixed OpenSSL / GnuTLS implementation of retrieval of certificates
Fixed IMAP IDLE in case of COMPRESS-ed streams
Fixed base64 encoding
1.4:
Gmail search features: X-GM-MSGID, X-GM-THRID, X-GM-RAW
Added POP stat
Various fixes for Windows
Fixed OpenSSL / GnuTLS implementation of retrieval of certificates
Fixed IMAP IDLE in case of COMPRESS-ed streams
Fixed base64 encoding
needed to dovecot2-pigeonhole compatible with Dovecot 2.2.16.
v0.4.7 19-03-2015 Stephan Bosch <stephan@rename-it.nl>
* editheader extension: Made protection against addition and deletion of
headers configurable separately. Also, the `Received' and `Auto-Submitted'
headers are no longer protected against addition by default.
* Turned message envelope address parse errors into warnings.
* The interpreter now accepts non-standard domain names, e.g. containing '_'.
+ Implemented the Sieve index extension (RFC 5260).
+ Implemented support for the mboxmetadata and servermetadata extensions
(RFC 5490).
+ Implemented new sieve commands for the doveadm command line utility. These
commands are currently limited to ManageSieve operations, but the other
current sieve tools will be migrated to doveadm in the near future as well.
+ Added more debug output about binary up-to-date checking.
+ Added script metadata to binary dump output.
- Fixed Sieve script binary up-to-date checking by normalizing the script
location.
- The Sieve interpreter now flushes the duplicate database during start phase
of result execution rather than commit phase. This makes sure locks on the
duplicate database are released as soon as possible, preventing contention.
- Performed a few optimizations in the lexical scanner of the language.
- Fixed bug in `:matches' match-type that made a pattern without
wildcards match as if there were a '*' at the beginning.
- Fixed crash in validation of the string parameter of the comparator tag.
- extprograms extension: Made sure supplemental group privileges are also
dropped. This was a problem reported by Debian lintian.
- Fixed bug in handling of binary errors for action side-effects and message
overrides.
- file script storage: Restructured storage initialization to address
backwards compatibility issues.
- dict script storage: Fixed small memory allocation bug.
RELEASE 1.1.1
-------------
- ACL: Allow other plugins to adjust the list of permissions and groups to edit
- Add possibility to print contact information (of a single contact)
- Add possibility to configure max_allowed_packet value for all database engines (#1490283)
- Improved handling of storage errors after message is sent
- Update to TinyMCE 4.1.9
- Unified request* event arguments handling, added support for _unlock and _action parameters
- Security: Generate random hash for the per-user local storage prefix (#1490279)
- Fix refreshing of drafts list when sending a message which was saved in meantime (#1490238)
- Fix saving/sending emoticon images when assets_dir is set
- Fix PHP fatal error when visiting Vacation interface and there's no sieve script yet (#1490292)
- Fix setting max packet size for DB caches and check packet size also in shared cache
- Fix needless security warning on BMP attachments display (#1490282)
- Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] (#1490284)
- Fix performance of rcube_db_mysql::get_variable()
- Fix missing or not up-to-date CATEGORIES entry in vCard export (#1490277)
- Fix fatal errors on systems without mbstring extension or mb_regex_encoding() function (#1490280)
- Fix cursor position on reply below the quote in HTML mode (#1490263)
- Fix so "over quota" errors are displayed also in message compose page
- Fix duplicate entries supression in autocomplete result (#1490290)
- Fix "Non-static method PEAR::isError() should not be called statically" errors (#1490281)
- Fix parsing invalid HTML messages with BOM after <!DOCTYPE> (#1490291)
- Fix duplicate entry on timezones list in rcube_config::timezone_name_from_abbr() (#1490293)
- Fix so localized folder name is displayed in multi-folder search result (#1490243)
- Fix javascript error after creating a folder which is a subfolder of another one (#1490297)
- Fix bug where subject of sent/saved message was removed if mbstring wasn't installed (#1490295)
- Fix missing vcard_attachment icon on messages list (#1490303)
- Fix storing signatures with big images in MySQL database (#1490306)
- Fix Opera browser detection in javascript (#1490307)
- Fix so search filter, scope and fields are reset on folder change
- Fix rows count when messages search fails (#1490266)
- Fix bug where spellchecking in HTML editor do not work after switching editor type more than once (#1490311)
- Fix bug where TinyMCE area height was too small on slow network connection (#1490310)
- Fix backtick character handling in sql queries (#1490312)
- Fix redirct URL for attachments loaded in an iframe when behind proxy (#1490191)
- Fix menu container references to point to the actual <ul> element (#1490313)
- Fix javascripts errors in IE8 - lack of Event.which, focusing a hidden element (#1490318)
Make DB_SIGNINGTABLE symbol available in Lua scripts.
Fix bug #214: Handle arbitrarily large From: fields.
LIBOPENDKIM: Fix bug #213: Remove "dkim_default_senderhdrs" from
dkim.h.
LIBOPENDKIM: Fix bug #219: Unresolved CNAMEs are not failures,
according to the DNS (see RFC6604), so report them as
NXDOMAIN or similar.
2.10.0 2014/12/27
Feature request #182: Remove "AddAllSignatureResults". All signature
results will now be added via Authentication-Results header
fields.
Feature request #180: Rename "LDAPSoftStart" to "SoftStart" and apply
it to SQL connections as well.
Feature request #179: Add "IgnoreMalformedMail" option.
Fix bug #183: Discontinue support for ADSP. This removes the
following configuration file items:
AddAllSignatureResults LocalADSP
ADSPAction NoDiscardableMailTo
ADSPNoSuchDomain On-PolicyError
BogusPolicy SendADSPReports
DisableADSP SenderHeaders
LDAPSoftStart UnprotectedPolicy
Make "rrvs" and "smime" recognized Authentication-Results methods.
LIBOPENDKIM: Feature request #157: Add dkim_mail_parse_multi().
LIBOPENDKIM: Feature request #185: Add dkim_set_dnssec().
LIBOPENDKIM: Fix bug #183: Discontinue support for ADSP. This
means all of the following:
- the dkim_policy_t type has been removed
- the DKIM_POLICY_* constants have been removed
- the DKIM_PRESULT_* constants have been removed
- passing DKIM_OPTS_SENDERHDRS to dkim_options() now
results in an error
- the DKIM_PSTATE structure has been removed
- all of the following functions have been removed:
dkim_policy(), dkim_policy_dnssec(),
dkim_policy_getqueries(), dkim_policy_getreportinfo(),
dkim_policy_state_free(), dkim_policy_state_new(),
dkim_policy_syntax(), dkim_getpolicystr(),
dkim_getpresult(), dkim_getpresultstr(),
dkim_set_policy_lookup(), dkim_test_adsp()
LIBOPENDKIM: DKIM_LIBFLAGS_STRICTHDRS now also confirms syntactical
validity of the From field before proceeding with a signing or
verifying operation.
CONTRIB: Fix bug #207: Clean up the "stats" directory.
CONTRIB: Add "repute" directory which could eventually replace the
PHP implementation.
CONTRIB: Patches to systemd and init/redhat.
Fix bug #97: Add ability to change envelope sender, client IP
address, client hostname, and HELO value used in test
mode, via environment variables. This can be turned
into something more formal in a later release.
Fix bug #102: Don't lose SPF results and output the "-1" default.
Fix bug #103: Fix IgnoreAuthenticatedClients by requesting the
right macro value from the MTA.
Fix bug #113: Remove "TemporaryDirectory" (unused).
LIBOPENDMARC: Fix bug #104: Include <sys/param.h> and <resolv.h>
in <opendmarc/dmarc.h> so that MAXPATHLEN and MAXNS get
defined consistently.
LIBOPENDMARC: Fix bug #105: Get the h_errno definition from
<netdb.h> rather than declaring it.
LIBOPENDMARC: Fix bug #106: Clean up issues with the types passed
to opendmarc_policy_library_dns_hook().
DOCS: Fix bug #99: Update list of constraints on
opendmarc_policy_fetch_alignment().
REPORTS: Fix bug #108: Handle malformed mailto URIs in DMARC
records (e.g., just "mailto:").
REPORTS: Fix bug #110: Support SQL backend selection in
opendmarc-expire.
------------------
DK-MILTER RELEASE NOTES
This listing shows the versions of the dk-milter package, the date of
release, and a summary of the changes in that release.
Bug and feature request (RFE) numbers that start with "SF" were logged
via Sourceforge (http://www.sourceforge.net) trackers. Those not so labelled
were logged internally at Sendmail, Inc.
1.0.2 2009/02/04
LIBDK: Fix bug in error message generation which could cause
crashes with very large error messages. Code copied
from dkim-milter.
1.0.1 2008/09/04
Set up required callbacks for OpenSSL thread-safety. Code copied
from dkim-milter.
LIBDK: Fix bug in relaxed canonicalization mode when dealing with
very large input lines with cached blank lines.
Problem reported by Mark Martinec.
1.0.0 2008/03/13
Use the current Authentication-Results: format (the -13 draft).
Patch from S. Moonesamy of Eland Systems.
Add improved mlfi_negotiate() function code, copied from dkim-milter,
which does things like symbol requesting and more intelligent
option negotiation. Patch from S. Moonesamy of Eland Systems.
Add hash buffering, copied from libdkim. Patch from S. Moonesamy
of Eland Systems.
Fix bug #SF1736559: in_addr_t is not universal. Problem reported
by Terry White.
Fix bug #SF1763715: Fix string management in mlfi_eoh() with respect
to mctx_domain, which could be left pointing to garbage when
using domain wildcarding. Problem noted by Ronald Huizer.
Activate _FFR_MULTIPLE_KEYS.
LIBDK: Copy the library options structure from libdkim.
LIBDK: Add dk_close().
LIBDK: Feature request #SF1872270: Rename parameters called "new"
in dk.h so that C++ compilers don't complain. Requested
by Paul Macintosh.
LIBAR: Eliminate a possible race condition in ar_dispatcher().
LIBAR: Timeouts passed to select() can't be bigger than 10^8.
Problem noted by S. Moonesamy of Eland Systems.
LIBAR: Fix bug #SF1852618: Handle default case of no "nameserver"
lines in /etc/resolv.conf. Problem noted by Mike Markley
of Bank of America.
LIBAR: Plug descriptor and memory leaks in ar_shutdown().
BUILD: Copy the unit test structure from libdkim and add a few basic
unit tests.
0.6.0 2007/05/31
Fix bug #SF1728696: Repair message corruption occurring when a
message body spams multiple milter writes. Reported
by Eric Singer.
Patch #SF1705006: Fix X-header malformation.
LIBAR: Fix bug #SF1537457: Add proper support for IPv6 nameservers.
Reported by Mark Martinec.
BUILD: Copy the consolidated build system from the dkim-milter
package.
Activate the following FFRs:
_FFR_LOG_SSL_ERRORS
_FFR_QUARANTINE
_FFR_REPORTINFO
0.5.0 2007/04/10
Copy several enhancements from the latest dkim-milter update:
o Support for 8.14 (milter v2) and the leading space patch from
dkim-milter.
o Fixes/enhancements under POPAUTH.
o Pass the correct length variable to RSA_sign() so that
the value returned is sane on 64-bit platforms.
o _FFR_ANTICIPATE_SENDMAIL_MUNGE
o Feature request #SF1497801: _FFR_QUARANTINE
Fix bug #SF1541450: Correct header selection in dk_hdrsigned().
Reported by Mark Martinec.
LIBDK: Fix bug #SF1537918: Add dk_geterror() to retrieve additional
diagnostic data from the API when a function call returns
DK_STAT_INTERNAL or something else whose cause isn't
readily apparent. Copied from libdkim.
LIBAR: Block signals that should be caught and handled elsewhere,
such as in libmilter.
0.4.2 2007/03/13
Fix bug #SF1509093, SF1611082: Set group ID as well as user ID when
"-u" is used on the command line. Patch from Vincent
Rivellino.
Fix bug #SF1514447: Re-query for the job ID in mlfi_eom() to
accomodate postfix's milter implementation. Copied from
dkim-filter; requested by Jakob Schlyter.
Fix bug #SF1541439: Fix mis-canonicalization of skipped headers
in "nofws" mode. Reported by Mark Martinec.
Fix bug #SF1541789: Stop spurious syntax errors on unsigned messages.
Problem reported by S. Moonesamy of Eland Systems.
0.4.1 2006/06/14
LIBDK: Properly handle key and policy records that don't have
whitespace after semicolons.
LIBDK: In dk_eom(), return DK_STAT_SYNTAX if dk_skipbody is set.
Failing to do so means a message with a signature header
below which there is no sender header will report a bogus
success status. Problem noted by Lennert Buytenhek.
0.4.0 2006/05/19
Remove spurious CRLFs injected into canonicalization when multiple
body chunks arrive from the MTA. Patch from Suzuki Takahiko
of Internet Initiative Japan, Inc.
If _FFR_REPORTINFO is enabled, don't call dkf_report() if no DomainKeys
context was ever created for a message.
Simplify dk_sterilize() a little, and handle failures from it.
Problem reported by Fredrik Pettai.
RFC2822 doesn't require any recipient headers, so remove those checks
inside _FFR_REQUIRED_HEADERS.
Fix bug #SF1485119: Canonicalize in the correct order when not using
"-H" on the command line. Problem noted by S. Moonesamy of
Eland Systems.
Activate _FFR_MACRO_LIST and _FFR_EXTERNAL_IGNORE_LIST.
LIBDK: New flag DK_OPTS_HDRLIST for dk_options().
0.3.4 2006/05/02
If _FFR_REPORTINFO is enabled, send reports on all failures, not just
those which aren't in test mode.
Ignore unknown tags in keys and policies, rather than returning an
error.
LIBDK: Return an error if the signing function returned success but
also reported a zero-length signature. Reported by
S. Moonesamy of Eland Systems.
LIBAR: Add a timeout to the I/O wait so that retransmissions
actually get done while waiting for activity.
0.3.3 2006/03/13
Fix test mode check at the end of mlfi_eom(), which was overriding
any configuration settings from the command line.
Reported by Arkadi Poliakevitch of Invidi Technologies.
Copy the value of -C before parsing it so the output of "ps" doesn't
get munged. Reported by Arkadi Poliakevitch of Invidi
Technologies.
Fix "-o", which wasn't actually working at all. Reported by Ben
Lentz.
Add _FFR_LOG_SSL_ERRORS which sends to syslog errors reported by
the OpenSSL libraries.
0.3.2 2005/12/12
Patch a small but definite memory leak. Reported by Ray Krebs
of eBay.
0.3.1 2005/12/02
Tolerate "b=" in signature headers at places other than the end
of the signature (and, in fact, other things at the end
of the signature). Reported by Jason Long. (Bug SF1234164)
Don't reject or report about messages which fail verification
when the sending domain advertises that it's in test mode.
Patch from Adrian Havill.
Fixes to POPAUTH compilation from S. Moonesamy of Eland Systems.
Allow "-d" to specify a list from which domains should be read,
and allow wildcarding in domain names. Requested by
Ray Krebs of eBay. (Feature request SF1312453)
Add "-o" command line option to allow certain headers to be omitted
from signing operations. Suggested by Ben Lentz.
(Feature request SF1314350)
LIBAR: Fix a build issue introduced in the last release.
- patch-aa was used to edit Makefile. Now it edits Makefile.in instead
- patch-a[cefh] are removed, equivalent fix applied
- patch-dns.c is added to silent prototype warning
(upstream)
- Update 1.20 to 1.23
-------------------
1.23: Feb.17,2015:
dns.c, smtp.c:
typo fixed: INET6 should be AF_INET6
1.22: Jun.9,2012:
smtp.c:
logging whole message in multi-lined SMTP response.
1.21: Jun.7,2012:
smtp.c, common.h, main.c:
'-2' option added to avoid piggybacking among domains.
(to support spec change on GoogleApps service)
dns.c:
definitions of functions with "static" are moved outside
to avoid "invalid strage class" errors.
*.c, extern.h:
log() is renamed to logg() to avoid conflict.
* dbox: Resyncing (e.g. doveadm force-resync) no longer deletes
dovecot.index.cache file. The cache file was rarely the problem
so this just caused unnecessary slowness.
* Mailbox name limits changed during mailbox creation: Each part of
a hierarchical name (e.g. "x" or "y" in "x/y") can now be up to 255
chars long (instead of 200). This also reduces the max number of
hierarchical levels to 16 (instead of 20) to keep the maximum name
length 4096 (a common PATH_MAX limit). The 255 char limit is
hopefully large enough for migrations from all existing systems.
It's also the limit on many filesystems.
+ director: Added director_consistent_hashing setting to enable
consistent hashing (instead of the mostly-random MD5 hashing).
This causes fewer user moves between backends when backend counts
are changed, which may improve performance (mainly due to caching).
+ director: Added support for "tags", which allows one director ring
to serve multiple backend clusters with different sets of users.
+ LMTP server: Added lmtp_user_concurrency_limit setting to limit how
many LMTP deliveries can be done concurrently for a single user.
+ LMTP server: Added support for STARTTLS command.
+ If logging data is generated faster than it can be written, log a
warning about it and show information about it in log process's
process title in ps output. Also don't allow a single service to
flood too long at the cost of delaying other services' logging.
+ stats: Added support for getting global statistics.
+ stats: Use the same session IDs as the rest of Dovecot.
+ stats: Plugins can now create their own statistics fields
+ doveadm server: Non-mail related commands can now also be used
via doveadm server (TCP socket).
+ doveadm proxying: passdb lookup can now override doveadm_port and
change the username.
+ doveadm: Search query supports now "oldestonly" parameter to stop
immediately on the first non-match. This can be used to optimize:
doveadm expunge mailbox Trash savedbefore 30d oldestonly
+ doveadm: Added "save" command to directly save mails to specified
mailbox (bypassing Sieve).
+ doveadm fetch: Added body.snippet field, which returns the first
100 chars of a message without whitespace or HTML tags. The result
is stored into dovecot.index.cache, so it can be fetched efficiently.
+ dsync: Added -t <timestamp> parameter to sync only mails newer than
the given received-timestamp.
+ dsync: Added -F [-]<flag> parameter to sync only mails with[out] the
given flag/keyword.
+ dsync: Added -a <mailbox> parameter to specify the virtual mailbox
containing user's all mails. If this mailbox is already found to
contain the wanted mail (by its GUID), the message is copied from
there instead of being re-saved. (This isn't efficient enough yet
for incremental replication.)
+ dsync: -m parameter can now specify \Special-use names for mailboxes.
+ imapc: Added imapc_features=gmail-migration to help migrations from
GMail. See http://wiki2.dovecot.org/Migration/Gmail
+ imapc: Added imapc_features=search to support IMAP SEARCH command.
(Currently requires ESEARCH support from remote server.)
+ expire plugin: Added expire_cache=yes setting to cache most of the
database lookups in dovecot index files.
+ quota: If overquota-flag in userdb doesn't match the current quota
usage, execute a configured script.
+ redis dict: Added support for expiring keys (:expire_secs=n) and
specifying the database number (:db=n)
- auth: Don't crash if master user login is attempted without
any configured master=yes passdbs
- Parsing UTF-8 text for mails could have caused broken results
sometimes if buffering was split in the middle of a UTF-8 character.
This affected at least searching messages.
- String sanitization for some logged output wasn't done properly:
UTF-8 text could have been truncated wrongly or the truncation may
not have happened at all.
- fts-lucene: Lookups from virtual mailbox consisting of over 32
physical mailboxes could have caused crashes.
Changelog:
Fixed in Firefox/Thunderbird ESR 31.5
2015-24 Reading of local files through manipulation of form autocomplete
2015-19 Out-of-bounds read and write while rendering SVG content
2015-16 Use-after-free in IndexedDB
2015-12 Invoking Mozilla updater will load locally stored DLL files
2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
- try to work around pathological breakage in one random POP server
implementation. Thanks: Michael Thomas Kockmeyer.
- remove dead marc.theaimsgroup.com list archive from docs. Thanks:
Miroslav Rovis.
- bugfix: if you combined IMAP IDLE mode with delete_after, getmail would,
after remaining connected to the server for the number of days
configured, begin deleting messages immediately after retrieval
instead of after the configured delay. Now fixed. Thanks:
Johannes Weißl.
Allow searching across multiple folders
Improved support for screen readers and assistive technology using WCAG 2.0 and WAI ARIA standards
Update to TinyMCE 4.1 to support images in HTML signatures (copy & paste)
Added namespace filter and folder searching in folder manager
New config option to disable UI elements/actions
Stronger password encryption using OpenSSL
Support for the IMAP SPECIAL-USE extension
Support for Oracle as database backend
Manage 3rd party libs with Composer
-----------------
TL/01 When running the test suite, the README says that variables such as
no_msglog_check are global and can be placed anywhere in a specific
test's script, however it was observed that placement needed to be near
the beginning for it to behave that way. Changed the runtest perl
script to read through the entire script once to detect and set these
variables, reset to the beginning of the script, and then run through
the script parsing/test process like normal.
TL/02 The BSD's have an arc4random API. One of the functions to induce
adding randomness was arc4random_stir(), but it has been removed in
OpenBSD 5.5. Detect this OpenBSD version and skip calling this
function when detected.
JH/01 Expand the EXPERIMENTAL_TPDA feature. Several different events now
cause callback expansion.
TL/03 Bugzilla 1518: Clarify "condition" processing in routers; that
syntax errors in an expansion can be treated as a string instead of
logging or causing an error, due to the internal use of bool_lax
instead of bool when processing it.
JH/02 Add EXPERIMENTAL_DANE, allowing for using the DNS as trust-anchor for
server certificates when making smtp deliveries.
JH/03 Support secondary-separator specifier for MX, SRV, TLSA lookups.
JH/04 Add ${sort {list}{condition}{extractor}} expansion item.
TL/04 Bugzilla 1216: Add -M (related messages) option to exigrep.
TL/05 GitHub Issue 18: Adjust logic testing for true/false in redis lookups.
Merged patch from Sebastian Wiedenroth.
JH/05 Fix results-pipe from transport process. Several recipients, combined
with certificate use, exposed issues where response data items split
over buffer boundaries were not parsed properly. This eventually
resulted in duplicates being sent. This issue only became common enough
to notice due to the introduction of conection certificate information,
the item size being so much larger. Found and fixed by Wolfgang Breyha.
JH/06 Bug 1533: Fix truncation of items in headers_remove lists. A fixed
size buffer was used, resulting in syntax errors when an expansion
exceeded it.
JH/07 Add support for directories of certificates when compiled with a GnuTLS
version 3.3.6 or later.
JH/08 Rename the TPDA expermimental facility to Event Actions. The #ifdef
is EXPERIMENTAL_EVENT, the main-configuration and transport options
both become "event_action", the variables become $event_name, $event_data
and $event_defer_errno. There is a new variable $verify_mode, usable in
routers, transports and related events. The tls:cert event is now also
raised for inbound connections, if the main configuration event_action
option is defined.
TL/06 In test suite, disable OCSP for old versions of openssl which contained
early OCSP support, but no stapling (appears to be less than 1.0.0).
JH/09 When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on
server certificate names available under the smtp transport option
"tls_verify_cert_hostname" now do not permit multi-component wildcard
matches.
JH/10 Time-related extraction expansions from certificates now use the main
option "timezone" setting for output formatting, and are consistent
between OpenSSL and GnuTLS compilations. Bug 1541.
JH/11 Fix a crash in mime ACL when meeting a zero-length, quoted or RFC2047-
encoded parameter in the incoming message. Bug 1558.
JH/12 Bug 1527: Autogrow buffer used in reading spool files. Since they now
include certificate info, eximon was claiming there were spoolfile
syntax errors.
JH/13 Bug 1521: Fix ldap lookup for single-attr request, multiple-attr return.
JH/14 Log delivery-related information more consistently, using the sequence
"H=<name> [<ip>]" wherever possible.
TL/07 Bug 1547: Omit RFCs from release. Draft and RFCs have licenses which
are problematic for Debian distribution, omit them from the release
tarball.
JH/15 Updates and fixes to the EXPERIMENTAL_DSN feature.
JH/16 Fix string representation of time values on 64bit time_t anchitectures.
Bug 1561.
JH/17 Fix a null-indirection in certextract expansions when a nondefault
output list separator was used.
Changelog:
Fixed The previous issues with jp mac builds have now been fixed, and Thunderbird will no longer need to be run in 32-bit mode.
Fixed Security fixes can be found here
Fixed Installing extensions within Thunderbird no longer requires download and installing as a file (Bug 1081190)
Fixed Autocomplete suggestion sort order was adjusted to prioritize entries where the search string matches the beginning of a word (Bug 970456)
Fixed in Thunderbird 31.4
2015-04 Cookie injection through Proxy Authenticate responses
2015-03 sendBeacon requests lack an Origin header
2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Postfix 2.11.4 only:
* Fix a core dump when smtp_policy_maps specifies an invalid TLS
level.
* Fix a missing " in \%s\", in postconf(1) fatal error messages,
which violated the C language spec. Reported by Iain Hibbert.
All supported releases:
* Stop excessive recursion in the cleanup server while recovering
from a virtual alias expansion loop. Problem found at Two Sigma.
* Stop exponential memory allocation with virtual alias expansion
loops. This came to light after fixing the previous problem.
== Version 2.6.3 - Mon Nov 3 23:53 +1100 2014 Mikel Lindsaar <mikel@reinteractive.net>
* #796 support uu encoding (grosser)
== Version 2.6.2 (Unreleased) - Wed Oct 22 13:42 -0500 2014 Benjamin Fleischer <github@benjaminfleischer.com>
Performance:
* #681 - fewer hotspot object allocations (srawlins)
* #815 - autoload parsers for load-time speed and memory usage (grosser)
Bugs:
* #736 - Mail.new copes with non-UTF8 messages marked as UTF8 (jeremy)
== Version 2.6.1 - Sun Jun 8 15:34 +1100 2014 Mikel Lindsaar <mikel@reinteractive.net>
Features:
* Silence warnings on loading ragel-generated parsers (bf4)
== Version 2.6.0 - Mon Jun 2 22:49 +1100 2014 Mikel Lindsaar <mikel@reinteractive.net>
Features:
* Allow interceptors and observers to be unregistered (zuhao)
* Added feature to find the mail in uid (taketin)
* Save settings passed to TestMailer#new (svanderbleek)
* Allow the setting of envelope from directly (jeremy)
* Accept other IETF/IANA-registered Content-Types and Content-Transfer-Encodings (jeremy)
* Alias shift-jis charset to Shift_JIS Ruby encoding (jeremy)
* Add support for ks_c_5601-1987 charset, aliased to CP949 Ruby encoding (jeremy)
* Don't allow colons in header names (jeremy)
* Can assign arrays of Message-IDs to References and In-Reply-To (jeremy)
* Setting the html_ or text_part sets a default text/html or text/plain content type (jeremy)
* Setting the html_ or text_part to nil removes it (jeremy)
* Addresses without a parsable email or display name still format as their raw text (jeremy)
* Close pull request 504 - Alias GB2312 charset to GB18030 Ruby encoding (bpot)
* Close pull request 399 - Accept :ca_path and :ca_file options for SMTP delivery (ndbroadbent)
* Close pull request 389 - Don't add superfluous message headers to MIME parts (djmaze, jeremy)
Performance:
* Migrate to RAGEL based parser, awesome work by (bpot)
* Performance improvements for people parsing email headers (ConradIrwin)
* Close pull request 488 - Speed up field construction & comparison (bpot)
Bugs:
* Fix for when content looks like field name (kjg)
* Don't change original when you change a copy (TylerRick)
* Don't include separating semicolon in paramter value when sanitizing (bpot)
* Fix fencepost encoding problem with binhex strings and only one token (drasch)
* Fix sendmail delivery to addresses with a leading hyphen (lifo, jeremy)
* Correctly format mbox From headers per RFC4155 (bpot, jeremy)
* Fix bogus '=' at the end of some quoted-printable messages (jeremy)
* Shouldn't be fooled into encoding strings on 1.8 by unrelated Encoding constant (emiellohr, jeremy)
* Header encoding should be US-ASCII, not the default external encoding (jeremy)
* Address elements should return decoded display names by default (jeremy)
* Fix up tests that depend on utf-8 external encoding; read fixtures as binary (jeremy)
* Capture stderr from Sendmail and Exim deliveries (jeremy)
* RFC2822 quoted_string content may be empty (jeremy)
* Calling #to_s on a field with a nil value returns an empty string instead of nil (jeremy)
* The Received header may contain zero name/value pairs, qmail-style (jeremy)
* Fix that setting an attachment with a :mime_type and :encoding would override the :encoding (jeremy)
* Fix that declaring an html_part but no text_part would use multipart/alternative anyway (jeremy)
* Close pull request 508 - Don't add an extra CRLF to MIME parts; split MIME parts on correct CRLF boundaries (Aalanar)
* Close pull request 506 - Escape backslashes in quoted strings (ConradIrwin)
* Close pull request 496 - Correctly handle quoted-printable line breaks (jeremy)
* Close pull request 493 - Repair misencoded quoted-printable line breaks (jeremy)
* Close pull request 487 - Extract comments from group email addresses (bpot)
* Close pull request 481 - Correctly quote filename attributes (bpot)
* Close pull request 480 - Support mixed encodings in a single header body (adamvaughan)
* Close pull request 471 - Fix Ruby 1.8 build when UTF16/32 default to little-endian (kennyj)
Coping with third-party bugs:
* Parse multipart boundary from Content-Type headers containing extra semicolons (jeremy)
* Close pull request 389 - Only add Content-ID to inline attachments to appease Outlook (djmaze, jeremy)
Housekeeping:
* Add development gem dependency on rdoc (jeremy)
* Refresh Bundler dependencies & setup (jeremy)
* Remove i18n dependency and last vestiges of activesupport dependency in specs (jeremy)
* Clarify that Sender is a single address, not an address list (jeremy)
* Add an MIT-LICENSE file to make licensing clear & obvious; update to 2013 (jeremy)
* Close pull request 501 - Tighten up header/body whitespace splitting (ConradIrwin)
* Close pull request 499 - Clean up some dead code (ConradIrwin)
* Close pull request 489, 495 - Docs typos (JackDanger, francois)
* Close pull request 485 - Be explicit about unsupported address parsing (bpot)
* Close pull request 484 - Remove #tree specs in preparation for deprecation removal (bpot)
* Close pull request 482 - Update address field specs to reflect to #initialize API (bpot)
* Close pull request 475 - Shush warning on Object#blank? redefinition (amatsuda)
* Close pull request 472 - Clean up UTF8/UTF-8 internals (kennyj)
RELEASE 1.0.5
-------------
- Fix bug where some valid text in a message was handled as uuencoded attachment
- Fix wrong icon for download button in classic skin
- Fix bug where sent message was saved in Sent folder even if disabled by user (#1490208)
- Fix checks based on window.ActiveXObject in IE > 10
- Fix XSS issue in style attribute handling (#1490227)
- Fix bug where Drafts list wasn't updated on draft-save action in new window (#1490225)
- Fix so "set as default" option is hidden if identities_level > 1 (#1490226)
- Fix bug where search was reset after returning from compose visited for reply
- Fix javascript error in "IE 8.0/Tablet PC" browser (#1490210)
- Fix bug where empty fieldmap config entries caused empty results of ldap search (#1490229)
Remove patches that have been integrated upstream.
0.8.1:
* Add sqlite and perl as dependencies for RPM/Debian packages (by @fatalbanana)
* Remove whitelist.lua from RPM file list (by @fatalbanana)
* Make Exim pass hostnames to rspamd (by @fatalbanana)
* Fix building on Fedora (by @fatalbanana)
* Add toggle for disabling installation of systemd units on Linux (by @fatalbanana)
* Fix double format rounding that caused output corruption (reported by @fatalbanana)
* Revert broken change for destructors ordering that led to memory corruption
* Do not reset symbols case of settings if parsed from lua (reported by @andrejzverev)
* Fix build on SunOS (by @wiedi)
* Fix multiple crashes on broken DKIM DNS records
* Fix critical issue with composites weights removing
* Fix memory corruption in composites processing code
* Ignore non-SPF TXT records when parsing SPF includes
- wwsympa/wwsympa.fcgi.in: Preventing faulty newsletter sending (security fix)
- src/sympa.pl.in: [Submitted by B. Marchal, univ. Lorraine] the
loop_prevention_regex parameter was never taken into account.
- New scenarios to check DKIM signature
- When the user requests change of password via WWSympa or SympaSOAP, new
password may be checked its strength.
- src/lib/Scenario.pm: Now CustomCondition can set the action to
take (do_it, reject ...) by setting $_, this allows for complex,
single-module CustomConditions.
and various bug fixes
0.8.0:
* New fuzzy check logic:
- use shingles algorithm for fuzzy matching
- use blake2 instead of md5 for larger output space
- combine fuzzy and strict matching
- allow to organize private storages by means of keys
- preserve compatibility with previous versions
* New fuzzy storage:
- use sqlite instead of own memory based hash tables
- rework commands interface
- add conversion from the old format
- add fuzzy match by shignles
- support old rspamd versions
* Add lemmatizing for words used in fuzzy hashes that allows to improve match
quality by using of the first forms of all words
* Rework language detection
* Fix several critical bugs, memory leaks and deadlocks:
- memory leak in HTML nodes parsing
- deadlock in logger code
- deadlock in signals processing
- crashes in fuzzy_storage
- crashes in tokenizers if the input was empty
* Import new libucl with several bugfixes and improvements
* Support listening on ipv6 addresses only
* Fix macro expansion in SPF module
* Several bugfixes in DKIM module
* Add load headers support for mime parts to the lua API
* Add documentation for:
- workers in general
- fuzzy_storage worker
- fuzzy_check plugin
- mimepart and textpart lua API modules
0.7.6:
* Apply boundary fix for dkim simple canonization
* Fix ping command
* Return nil if header was not found in lua_task
* Fix hang in upstreams revive logic
* Decode entitles when normalizing HTML parts
* Fix logic of finding URLs in HTML parts
* Do not include \0 into length of text when performing conversion to utf8
* Fix raw vs parsed reperesentations
Raw parts are now:
- decoded b64/qp, but *NOT* converted to utf-8
Processed parts are now:
- converted to UTF-8
- normalized if needed (e.g. HTML tags are stripped)
* Rework DKIM canonization to line based
* Fix fuzzy hashes addding
* Use more specific hash function for fuzzy
* Fix leaking of iconv descriptors
* Fix PTR resolving in lua resolver
* Rework spf module.
- Copy data to memory pool as cached record might be destroyed causing
freed memory being passed to the protocol output (use after free)
- Allow SPF_NEUTRAL policy to be handled separately
- Add R_SPF_NEUTRAL to the default config
* Rework `register_symbols` function
* Allow to disable components of hfilter
0.7.5:
* Fix owner when creating folder /run/rspamd (by @sfirmery)
* Fix IP validity checks
* Decode URLs obtained from HTML tags
* Fix crash with unweighted upstreams
* Stop processing headers in parts
* Set sockaddr.sa_family properly when connectig to upstreams
* Fix reload issues in surbl and fuzzy_check (reported by @citrin)
* Fix timeouts in redirector
* Improve lua errors reporting
* Fix lua closures processing in libucl
* Rework calling of lua functions from regexp module
* Choose raw regexp for raw headers
* Rework conversion to utf since glib one is broken
* Ignore SGML style tags in html
* Fix old bug with non-capturing https urls
* Fix memory corruption on fuzzy reload (reported by @citrin)
* Fix percents display in rspamc
* Fix buffer update for DKIM
* Do not validate utf for raw headers
0.7.4:
* Fix build under *BSD
* Detect HAN unicode script
* Implement language detection heuristic for text parts
* Fix time output in history
* Improve piechart coloring
* Fix \r\n conversion in DKIM module (reported by @citrin)
* Try to detect systems with no IPv6 support
* Fix multiple/single values in use settings (reported by @citrin)
* Rework IP addresses in upstreams:
- Select ipv4/unix addresses if they exist and use ipv6 for ipv6 only
upstreams (since the support of ipv6 is poor in many OSes and
environments)
- Free IP list on upstream destruction
- Add test cases for addresses selection
- Allow adding of free form IP addresses to upstreams
* Fix endiannes in lua_radix search (reported by @citrin)
* Soft shutdown should also set wanna_die flag (reported by @citrin)
* Stop use-after-free in event loop termination
* Fix processing of very short messages in DKIM (reported by @citrin)
* Detect systems without shared mutexes
* Fix issues with PTR and MX elements in SPF parser (reported by @citrin)
0.7.3:
* New upstreams code:
- simplify upstreams API;
- unify strings parsing in upstreams definition;
- add configuration options for the upstreams;
- for failed upstreams re-resolve their addresses;
- use all resolved addresses for an upstream (round-robin);
- implement stable hashing and use it by default for upstreams;
- add unit test for upstreams module.
* Rework signals processing in all rspamd workers:
- signals are now processed in the event loop;
- implement the most common signal handlers for all workers;
- add callbacks for workers specific signal handlers
* Fix critical issue with fuzzy storage:
Fuzzy stroage could not save any hashes on termination due to bugged
signals handling
* Fix roll history IP storage
* Rework ipv4/ipv6 handling in parsing addresses:
- turn off support of IPV6_V6ONLY socket option;
- create ipv6 socket prior to ipv4 one to handle systems with v6/v4
sockets enabled (Linux)
* Remove CBL as it's wholly included in Spamhaus XBL (by @fatalbanana)
* Remove nszones.com fake RBL (by @citrin)
* Fix upstreams interaction for fuzzy_check
* Verify spf PTR records (reported by @citrin)
* Fix spf MX records parsing
* Add compatibility for old libevent (by @yellowman)
* Sync bugfixes from libucl
0.7.2:
* Convert all maps to the compressed radix trie
* Allow IPv6 addresses in IP maps
* Remove dynamic items support from symbols cache
* Allow hex encoded output of strings
* Fix bug with control connections count
* Process fuzzy weight correctly (reported by @fatalbanana)
* Remove extra reference retain of http connection on error
* Remove deprecated options from the default config
* Add `one_shot` attr to metric's symbols
* Doc: add documentation for metrics
* Add Upstart job to debian packaging (by @CameronNemo)
* Config: improve SURBL symbols descriptions (by @citrin)
* Config: reflect SURBL changes (by @citrin):
- Outblaze removed, malware moved to separate list:
http://www.surbl.org/news/internal/MW-malware-sublist-added-to-multi
* Fix C modules initialization on restart
* Treat single IP as a single IP in radix lists (reported by @citrin)
* Do not touch file and core limits if not asked explicitly (reported by @citrin)
* Improve logging for fuzzy errors
* Block SIGPIPE for HTTP writing
* Doc: update manual pages
* Fix HTTP connection termination
* Reduce default number of parallel requests to 8
* Sync with libucl include features
0.7.1:
* Fix typo in stat output.
* Fix issues with includes crossing with the system includes
* Restore testing framework
* Add radix trie test suite
* Implement new path-compressed radix trie.
- The performance benefit over the old algorithm is about 1.5 times.
- Memory usage is significantly lower as well.
- Now radix trie can accept any IPv4/IPv6 values
* Various improvements to the memory pools code
* Fix writing reply to a client when no filters are defined
* Write base32 encoded fuzzy
* Fix 'soft reject' action
* Fix rspamd reload and modules reconfiguration
* Fix subject rewriting for the default subject
* Fix states for processing task and pre-filters
* Fix issues with connection closing
* Fix crashes in rdns
* Fix ratelimit pre-filter
* Update exim patch.
- Update to the recent exim version
- Strip extra leading src/ from the patch
- Remove sendfile since it was broken
- Fix rspamd spam report for exim
* Improve documentation
0.7.0:
* Use HTTP protocol for all operatiosn
* Webui worker is now removed and controller works as webui
* Allow to serve static files via controller by option `static_dir`
* Rspamd interface is now a part of rspamd
* Rspamc client has been rewritten to use HTTP and non-blocking mode
allowing to start multiple operations simultaneously (see `-n` option)
* Lua API was completely reworked to satisfy modern standards of LUA:
* Module `lua-message` was removed
* Reduced number of superglobals registered by rspamd
* Many functions has been redesigned
* Symbols registration is now more convenient
* Users settings has been rewritten as lua plugin
* Reworked headers system as gmime's based one misses many headers and is
very slow to get headers values
* Reorganized code and removed embedded jannsson by using UCL for all json
parsing
* Migrated to `librdns` for DNS resolving that improves concurrency for
DNS requests significantly
* Fixed tonns of bugs in MIME processing
* Improved metrcis and default symbol's weights
* Added new RBL's
* Fixed a number of issues in the modules
* Removed several memory leaks found
* Fix unicode processing
* Fix fuzzy checking for unicode parts
* Significantly improve documentation and especially LUA API docs
* See migration notes at https://rspamd.com/doc/migration.html
revision 1.607 locked by: gilles;
date: 2014/11/14 16:25:06; author: gilles; state: Exp; lines: +46 -40
Added several checks if IsUnconnected. Goal avoid imap commands while disconnected.
----------------------------
revision 1.606
date: 2014/11/14 14:49:13; author: gilles; state: Exp; lines: +16 -13
Added total size transferred after each message copied.
Added number of total to be synced as a denominator dddd after each message copied, nnn/dddd, where nnn is the number of messages copied.
----------------------------
revision 1.605
date: 2014/11/11 00:00:37; author: gilles; state: Exp; lines: +40 -10
Bugfix. On Windows file path with brackets [] are special. [a] must be written [[]a[]]
----------------------------
revision 1.604
date: 2014/11/08 00:29:26; author: gilles; state: Exp; lines: +36 -9
Added --skipemptyfolders to skip empty host1 folders. They are not created on host2.
----------------------------
revision 1.603
date: 2014/11/07 22:06:33; author: gilles; state: Exp; lines: +26 -26
Typo from previous save with gedit and ¤
----------------------------
revision 1.602
date: 2014/11/07 21:57:57; author: gilles; state: Exp; lines: +82 -19
Added utf8 output for folder names that use special characters in utf7imap
----------------------------
revision 1.601
date: 2014/10/28 10:48:07; author: gilles; state: Exp; lines: +22 -22
Moved foldersizes call after folders lists print.
----------------------------
revision 1.600
date: 2014/10/27 10:41:52; author: gilles; state: Exp; lines: +8 -8
Remove /x from regex applied with --include and --exclude. Blanks no longer have to be explicit with \ or [ ].
----------------------------
revision 1.599
date: 2014/10/26 23:42:12; author: gilles; state: Exp; lines: +14 -10
Added help usage for --nomixfolders
----------------------------
revision 1.598
date: 2014/10/21 00:27:07; author: gilles; state: Exp; lines: +20 -7
Added tests to check --regextrans2 's,(.*),\L$1,'
Exchange issue with folders with same name and --delete2.
----------------------------
revision 1.597
date: 2014/10/06 10:48:26; author: gilles; state: Exp; lines: +12 -11
Changed --nomixdiffcasefolders to --nomixfolders.
Bugfix. --nomixdiffcasefolders was not parsed in command line so it did not work.
----------------------------
revision 1.596
date: 2014/09/04 17:17:36; author: gilles; state: Exp; lines: +11 -6
Added --logfile in help output.
Added --nolog in help output.
----------------------------
revision 1.595
date: 2014/09/01 19:39:16; author: gilles; state: Exp; lines: +7 -7
Changed output, no examine anymore, only select.
----------------------------
revision 1.594
date: 2014/08/16 22:40:02; author: gilles; state: Exp; lines: +14 -9
Fixed "imapsync doesn't see created folders in stats phase". Second time.
----------------------------
revision 1.593
date: 2014/07/08 11:19:43; author: gilles; state: Exp; lines: +18 -7
Added --nomixdiffcasefolders to avoid merging folders that are considered different on host1 but the same on destination host2 because of case sensitivities and insensitivities.
----------------------------
revision 1.592
date: 2014/05/22 10:03:17; author: gilles; state: Exp; lines: +23 -12
Bugfix. Make TLS works with last IO::Socket::SSL default value (SSL_verify_mode => 'SSL_VERIFY_NONE') in tls.
----------------------------
revision 1.591
date: 2014/05/22 01:32:52; author: gilles; state: Exp; lines: +30 -19
Bugfix. IO::Tee and Open3 in backstic() were incompatible.
FailedBugFix. Tried to fix Tls issue "ERROR: Unable to start TLS: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at c:/strawberry/perl/site/lib/Mail/IMAPClient.pm line 455." No success.
----------------------------
revision 1.590
date: 2014/05/20 23:07:14; author: gilles; state: Exp; lines: +12 -6
Added option --disarmreadreceipts to fix resending read receipts with Exchange as host2.
----------------------------
revision 1.589
date: 2014/05/20 21:35:16; author: gilles; state: Exp; lines: +93 -37
Added logging by default in subdirectory LOG_imapsync/.
Added option --log. --log is on by default. --nolog to disable logging.
Added option --logfile. Default is like LOG_imapsync/YYYY_MM_DD_HH_MM_SS_user2.txt
where YYYY_MM_DD_HH_MM_SS is the current date and time like 2014_05_20_23_45_10
Use IO::Tee Perl module for logging.
Fixed bug when creating folders on host2 with sep2 to \\ (Lotus Notes).
Updated the code to easily switch on --noreleasecheck by default.
----------------------------
revision 1.588
date: 2014/05/15 10:36:10; author: gilles; state: Exp; lines: +18 -11
Added FTGate support (no EXAMINE).
----------------------------
revision 1.587
date: 2014/05/09 17:03:27; author: gilles; state: Exp; lines: +14 -7
Typo when advising about prefix.
Easy way to switch releasecheck of by default.
----------------------------
revision 1.586
date: 2014/04/10 16:02:39; author: gilles; state: Exp; lines: +9 -7
Just a test for good_date and pop2imap
----------------------------
revision 1.585
date: 2014/02/17 15:24:34; author: gilles; state: Exp; lines: +39 -34
Warn syncing messges will not be simulated when --dry mode is on and folder on host2 does not exist yet.
Try to get folder size when a folder on host2 has the same name but with a different case like OLD_MAIL -> old_mail. Avoid "does not exist" output.
Update 1.7 to 1.8
(pkgsrc)
- Remove post-build: target in Makefile
(not necessary now)
(upstream)
- No immediate ChangeLog, Release note found other than
1.8 is released on 2014-12-03
Fix bug #177: Plug leaking "result" structures when OpenLDAP is in use.
Truncate configuration file lines at carriage return.
Replace overlapping strlcpy() with memmove() in dkim_get_key_file().
Patch #32: Re-arrange the execution logic to drop privileges in
proper order.
LIBOPENDKIM: dkim_header() is now a lot more strict about the input
it will accept (see RFC5322 Section 2.2).
LIBOPENDKIM: Tighten relaxed modes to break on only DKIM-defined
whitespace characters.
LIBOPENDKIM: Fix bug #208: If a signature fails to verify for either
reason (header hash mismatched or body hash mismatched), set
DKIM_SIGERROR_BADSIG so that Authentication-Results doesn't
report a failure with "no signature error".
TOOLS: Feature request #178: Add "-F" flag to opendkim-genzone so
records are created with the FQDN.
REPUTATION: Handle parameters safely in repute.php.
(1) Info from FreeBSD,
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=128322
says
| mail/libspf-alt has been superceded by mail/libspf2 a long time ago
(2) No objection was answered to my removing proposal at pkgsrc-users@
(2014/12/23 06:57)
(3) finddepends reports nothing (other than self buildlink3.mk)
Thank you,
Significant changes:
- MASTER_SITES now points at ${MASTER_SITE_DEBIAN:=pool/main/h/heirloom-mailx/}
- LICENSE filled out based on content of COPYING file in source
- addresses CVE-2004-2771 and CVE-2014-7844; address expansion disabled by
default
- remove SSL2 related code to match state of OpenSSL
RELEASE 1.0.4
-------------
- Disable TinyMCE contextmenu plugin as there are more cons than pros in using it (#1490118)
- Fix bug where show_real_foldernames setting wasn't honored on compose page (#1490153)
- Fix issue where Archive folder wasn't protected in Folder Manager (#1490154)
- Fix compatibility with PHP 5.2. in rcube_imap_generic (#1490115)
- Fix setting flags on servers with no PERMANENTFLAGS response (#1490087)
- Fix regression in SHAA password generation in ldap driver of password plugin (#1490094)
- Fix displaying of HTML messages with absolutely positioned elements in Larry skin (#1490103)
- Fix font style display issue in HTML messages with styled <span> elements (#1490101)
- Fix download of attachments that are part of TNEF message (#1490091)
- Fix handling of uuencoded messages if messages_cache is enabled (#1490108)
- Fix handling of base64-encoded attachments with extra spaces (#1490111)
- Fix handling of UNKNOWN-CTE response, try do decode content client-side (#1490046)
- Fix bug where creating subfolders in shared folders wasn't possible without ACL extension (#1490113)
- Fix reply scrolling issue with text mode and start message below the quote (#1490114)
- Fix possible issues in skin/skin_path config handling (#1490125)
- Fix lack of delimiter for recipient addresses in smtp_log (#1490150)
- Fix generation of Blowfish-based password hashes (#1490184)
- Fix bugs where CSRF attacks were still possible on some requests
Several patches are dropped because they were integrated upsteam.
(Approval during freeze by wiz@.)
Upstream changes since 0.3.1 from
https://savannah.nongnu.org/forum/forum.php?forum_id=8094
Item posted by Todd Kover <kovert> on Thu 11 Sep 2014 01:05:20 AM GMT.
I am pleased to announce the release of spamass-milt version 0.4.0.
This is the first of what I hope are a number of maintenance releases
with the goal to eliminate the outstanding bug/patch/feature requests:
The following changes are included in this release
- -C option to change the default reject code
- -S option to specify a path to sendmail (for the -x option)
- -R option to specify the rejection message
- -a option to skip messages that were authenticated
- IPv6 address support
- zombie process fix for the - option introduced in 0.3.2
This also includes the fix for CVE-2010-1132 that was in the unannounced but generated 0.3.2 release.