dovecot-2.0: Released v2.0.alpha1.
dovecot at dovecot.org
dovecot at dovecot.org
Tue Oct 13 01:45:41 EEST 2009
details: http://hg.dovecot.org/dovecot-2.0/rev/7dc28f9b899d
changeset: 10052:7dc28f9b899d
user: Timo Sirainen <tss at iki.fi>
date: Mon Oct 12 18:40:28 2009 -0400
description:
Released v2.0.alpha1.
diffstat:
3 files changed, 252 insertions(+), 12 deletions(-)
NEWS | 233 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
TODO | 29 ++++---
configure.in | 2
diffs (truncated from 319 to 300 lines):
diff -r 794604d4dd1a -r 7dc28f9b899d NEWS
--- a/NEWS Mon Oct 12 18:31:01 2009 -0400
+++ b/NEWS Mon Oct 12 18:40:28 2009 -0400
@@ -1,4 +1,139 @@ v1.2.rc1 Timo Sirainen <tss at iki.fi>
-v1.2.rc1 Timo Sirainen <tss at iki.fi>
+v2.0.alpha1 2009-10-12 Timo Sirainen <tss at iki.fi>
+
+ * Global ACLs are now looked up using namespace prefixes. For example
+ if you previously had INBOX. namespace prefix and a global ACL for
+ "INBOX.Sent", it's now looked up from "INBOX.Sent" file instead of
+ "Sent" as before.
+
+ + Redesigned master process. It's now more modular and there is less
+ code running as root.
+ + Configuration supports now per-local/remote ip/network settings.
+ + dsync utility does a two-way mailbox synchronization.
+ + LMTP server and proxying.
+ + Added mdbox (multi-dbox) mail storage backend.
+ + doveadm utility can be used to do all kinds of administration
+ functions. Old dovecotpw and *view utilities now exist in its
+ subcommands.
+
+v1.2.6 2009-10-05 Timo Sirainen <tss at iki.fi>
+
+ * Upgraded to Unicode 5.2.0
+
+ + Added authtest utility for doing passdb and userdb lookups.
+ + login: ssl_security string now also shows the used compression.
+ - quota: Don't crash with non-Maildir++ quota backend.
+ - imap proxy: Fixed crashing with some specific password characters.
+ - dovecot --exec-mail was broken.
+ - Avoid assert-crashing when two processes try to create index at the
+ same time.
+
+v1.2.5 2009-09-13 Timo Sirainen <tss at iki.fi>
+
+ * Authentication: DIGEST-MD5 and RPA mechanisms no longer require
+ user's login realm to be listed in auth_realms. It only made
+ configuration more difficult without really providing extra security.
+ * zlib plugin: Don't allow clients to save compressed data directly.
+ This prevents users from exploiting (most of the) potential security
+ holes in zlib/bzlib.
+
+ + Added pop3_save_uidl setting.
+ + dict quota: When updating quota and user isn't already in dict,
+ recalculate and save the quota.
+ - file_set_size() was broken with OSes that didn't support
+ posix_fallocate() (almost everyone except Linux), causing all kinds
+ of index file errors.
+ - v1.2.4 index file handling could have caused an assert-crash
+ - IMAP: Fixes to QRESYNC extension.
+ - virtual plugin: Crashfix
+ - deliver: Don't send rejects to any messages that have Auto-Submitted
+ header. This avoids emails loops.
+ - Maildir: Performance fixes, especially with maildir_very_dirty_syncs.
+ - Maildir++ quota: Limits weren't read early enough from maildirsize
+ file (when quota limits not enforced by Dovecot)
+ - Message decoding fixes (mainly for IMAP SEARCH, Sieve).
+
+v1.2.4 2009-08-17 Timo Sirainen <tss at iki.fi>
+
+ * acl: When looking up ACL defaults, use global/local default files
+ if they exist. So it's now possible to set default ACLs by creating
+ dovecot-acl file to the mail root directory.
+
+ + imap/pop3 proxy: If proxy destination is known to be down,
+ fail connections to it immediately.
+ + imap/pop3 proxy: Added proxy_timeout passdb extra field to specify
+ proxy's connect timeout.
+ - Fixed a crash in index file handling.
+ - Fixed a crash in saving messages where message contained a CR
+ character that wasn't followed by LF (and the CR happened to be the
+ last character in an internal buffer).
+ - v1.2.3 crashed when listing shared namespace prefix.
+ - listescape plugin: Several fixes.
+ - autocreate plugin: Fixed autosubscribing to mailboxes in
+ subscriptions=no namespaces.
+
+v1.2.3 2009-08-07 Timo Sirainen <tss at iki.fi>
+
+ * Mailbox names with control characters can't be created anymore.
+ Existing mailboxes can still be accessed though.
+
+ + Allow namespace prefix to be opened as mailbox, if a mailbox
+ already exists in the root dir.
+ - Maildir: dovecot-uidlist was being recreated every time a mailbox
+ was accessed, even if nothing changed.
+ - listescape plugin was somewhat broken
+ - Compiling fixes for non-Linux/BSDs
+ - imap: tb-extra-mailbox-sep workaround was broken.
+ - ldap: Fixed hang when >128 requests were sent at once.
+ - fts_squat: Fixed crashing when searching virtual mailbox.
+ - imap: Fixed THREAD .. INTHREAD crashing.
+
+v1.2.2 2009-07-27 Timo Sirainen <tss at iki.fi>
+
+ * GSSAPI: More changes to authentication. Hopefully good now.
+ * lazy_expunge plugin: Drop \Deleted flag when moving message.
+
+ + dovecot -n/-a now outputs also lda settings.
+ + dovecot.conf !include now supports globs (e.g.
+ !include /etc/dovecot/*.conf). Based on patch by Thomas Guthmann.
+ + acl: Support spaces in user/group identifiers.
+ + shared mailboxes: If only %%n is specified in prefix, default to
+ current user's domain.
+ - Dovecot master process could hang if it received signals too rapidly.
+ - Fixed "corrupted index cache file" errors (and perhaps others) caused
+ by e.g. IMAP's FETCH BODY[] command.
+ - IMAP: When QRESYNC is enabled, don't crash when a new mail is
+ received while IDLEing.
+ - IMAP: FETCH X-* parameters weren't working.
+ - Maildir++ quota: Quota was sometimes updated wrong when it was
+ being recalculated.
+ - Searching quoted-printable message body internally converted "_"
+ characters to spaces and didn't match search keys with "_".
+ - Messages in year's first/last day may have had broken timezones
+ with OSes not having struct tm->tm_gmtoff (e.g. Solaris).
+ - virtual plugin: If another session adds a new mailbox to index,
+ don't crash.
+
+v1.2.1 2009-07-09 Timo Sirainen <tss at iki.fi>
+
+ * GSSAPI: Changed logging levels and improved the messages.
+ Changed the way cross-realm authentication handling is done,
+ hopefully it's working now for everyone.
+ * imap/pop3 logins now fail if home directory path is relative.
+ v1.2.0 deliver was already failing with these and they could have
+ caused problems even with v1.1.
+ * IMAP: Custom authentication failure messages are now prefixed with
+ [ALERT] to get more clients to actually show them.
+
+ + Improved some error messages.
+ - pop3: AUTH PLAIN was broken when SASL initial response wasn't given.
+ - mbox: New mailboxes were created with UIDVALIDITY 1.
+ - quota-fs was defaulting to group quota instead of user quota.
+ - Fixed ACLs to work with mbox.
+ - Fixed fchmod(-1, -1) errors with BSDs
+ - convert plugin / convert-tool: Fixed changing hierarchy separators
+ in mailbox names when alt_hierarchy_char isn't set.
+
+v1.2.0 2009-07-01 Timo Sirainen <tss at iki.fi>
* When creating files or directories to mailboxes, Dovecot now uses
the mailbox directory's permissions and GID for them. Previous
@@ -26,6 +161,102 @@ v1.2.rc1 Timo Sirainen <tss at iki.fi>
+ Virtual mailboxes: http://wiki.dovecot.org/Plugins/Virtual
+ Autocreate plugin: http://wiki.dovecot.org/Plugins/Autocreate
+ Listescape plugin: http://wiki.dovecot.org/Plugins/Listescape
+
+v1.2.rc8 2009-06-30 Timo Sirainen <tss at iki.fi>
+
+ - Fixed building LDAP as plugin
+ - Fixed starting up in OS X
+
+v1.2.rc7 2009-06-27 Timo Sirainen <tss at iki.fi>
+
+ * Removed configure --with-deliver, --with-pop3d and --disable-ipv6
+ parameters.
+
+ + Improved permission related error messages.
+ - mbox: Don't write garbage to mbox if message doesn't have a body.
+ - virtual: Fixed saving messages with keywords.
+ - virtual: Fixed infinite looping bug.
+ - zlib: Fixed error handling.
+
+v1.2.rc6 2009-06-22 Timo Sirainen <tss at iki.fi>
+
+ * imap proxy: Pass through to client unexpected untagged replies
+ from remote server (e.g. alerts).
+ * Solr: Don't use "any" copyfield, it doubles the index size.
+ * mail_location: Allow using ":" characters in dir names by escaping
+ it as "::".
+
+ - mbox: Don't crash with invalid From_-lines.
+ - IMAP: Don't crash if IDLE command is pipelined after a long-running
+ UID FETCH or UID SEARCH.
+ - ACL / shared mailbox fixes
+ - Some metadata files were incorrectly getting 0666 permissions.
+
+v1.2.rc5 2009-06-04 Timo Sirainen <tss at iki.fi>
+
+ * auth_cache_negative_ttl is now used also for password mismatches
+ (currently only with plaintext authentication mechanisms).
+
+ + Added support for EXTERNAL SASL mechanism.
+ + FETCH X-SAVEDATE can now be used to get messages' save timestamps
+ + deliver_log_format: %s is now in UTF8
+ - If message body started with a space, some operations could have
+ assert-crashed.
+ - Fixed using LDAP support as a plugin
+ - Fixes to virtual mailboxes.
+
+v1.2.rc4 2009-05-17 Timo Sirainen <tss at iki.fi>
+
+ * If /dev/arandom exists, use it instead of /dev/urandom (OpenBSD).
+ * When logging to a file, the lines now start with a timestamp instead
+ of "dovecot: " prefix.
+
+ + IMAP: When multiple commands are pipelined, try harder to combine
+ their mailbox syncing together. For example with Maildir pipelining
+ STORE 1:* +FLAGS \Deleted and EXPUNGE commands the files won't
+ be unnecessarily rename()d before being unlink()ed.
+ + imap-proxy: Send backend's CAPABILITY if it's different from what
+ was sent to client before.
+ + IMAP: struct mail now keeps track of all kinds of statistics, such
+ as number of open()s, stat()s, bytes read, etc. These fields could
+ be exported by some kind of a statistics plugin (not included yet).
+ + IMAP: SEARCH command now dynamically figures out how to run about
+ 0.20 .. 0.25 seconds before seeing if there's other work to do.
+ This makes the SEARCH performance much better.
+ - Fixes to shared mailbox handling.
+ - Fixes to virtual mailboxes.
+ - THREAD command could have crashed.
+ - Fixes to expire-tool.
+ - mbox: Don't break if From_-line is preceded by CRLF (instead of LF).
+ - dict process wasn't restarted after SIGHUP was sent to master.
+
+v1.2.rc3 2009-04-16 Timo Sirainen <tss at iki.fi>
+
+ * IMAP proxy no longer simply forwards tagged reply from
+ remote authentication command. It's now done only if the remote
+ server sent a [resp-code], otherwise all failure strings are
+ converted to Dovecot's "Authentication failed." to make sure that
+ if remote isn't using Dovecot it won't reveal user's existence.
+
+ + Quota roots can now specify which namespace's quota they're
+ tracking. This is probably the most useful for giving public
+ namespaces a quota.
+ + Added imap_idle_notify_interval setting.
+ - Fixes to shared mailbox handling
+ - Fixes to virtual mailboxes
+ - Fixed compiling with some FreeBSD and NetBSD versions
+ - THREAD REFS still might have returned one (0) at the beginning.
+ - deliver wasn't using mail_access_groups setting.
+ - Fixed some error handling in maildir and index code.
+
+v1.2.rc2 2009-04-03 Timo Sirainen <tss at iki.fi>
+
+ - rquota.x file was missing from rc1 distribution, causing compiling
+ to fail.
+
+v1.2.rc1 2009-04-03 Timo Sirainen <tss at iki.fi>
+
+ * See v1.2.0 notes
v1.1.5 2008-10-22 Timo Sirainen <tss at iki.fi>
diff -r 794604d4dd1a -r 7dc28f9b899d TODO
--- a/TODO Mon Oct 12 18:31:01 2009 -0400
+++ b/TODO Mon Oct 12 18:40:28 2009 -0400
@@ -1,15 +1,16 @@
+ - mail_uid, mail_gid, mail_chroot not works!
+ - Allow %variables in mail_chroot setting
+ - what the hell does --with-sql-drivers do?
+ - --with-sql=plugin --with-mysql, --with-sql --with-mysql=plugin, .. ???
+
+ - config process is handling requests too slowly. maybe add some caching.
+ - delete convert plugin, replace with dsync
- running from inetd
- - settings: ssl_parameters_regenerate
- - lib-auth: connect only to "auth" socket
- - create ssl-params service listening on login/ssl-params socket
-
- - config protocol should tell after lookups if there's something more specific
- also available so login process wouldn't have to do config lookup for
- each connection if there's no per-IP config.
- dsync:
- handle INBOX GUID conflicts.
- mailbox GUID conflicts: if one mailbox is empty, drop it.
- subscriptions
+ - invalid mailbox names give all kinds of failures
- cache
- use transaction_commit_get_changes(), retry sync if uids are not what we
wanted.
@@ -17,6 +18,17 @@
- other side crashes -> worker server disconnected unexpectedly -> hang
- add some timeout
- sieve scripts
+ - single-dbox is still buggy?
+
+ - perhaps home dir shouldn't be chdir()ed to until privileges are actually
+ dropped? it doesn't work if it requires extra group privileges..
+ - allow overriding mail_access_groups from userdb.
+ - ldap also kind of supports multiple gids, but not really.
+ - PERMANENTFLAGS returns () with readonly mailboxes, even when private flag
+ changes are allowed (because index is stored elsewhere)
+ - config protocol should tell after lookups if there's something more specific
+ also available so login process wouldn't have to do config lookup for
+ each connection if there's no per-IP config.
- lib-lda/duplicate.c uses home_expand()
- dbox: we get back to dbox_sync_file() over and over again when expunging..
especially with a broken guid expunge, it doesn't go away.
@@ -170,8 +182,6 @@
- UID renumbering doesn't really work after all?
- still problems with CRLF mboxes..
- - proxy: If remote server disconnects on login:
- login: tried to change state 2 -> 2
- logging consistency:
http://www.dovecot.org/list/dovecot/2007-April/021532.html
More information about the dovecot-cvs
mailing list