Hello Dovecot users,
Now that Dovecot v2.2.13 is released, I can release a new Pigeonhole.
Due to changes in Dovecot, this Pigeonhole release will not compile
cleanly against older Dovecot releases.
This release is mainly about bugfixes. One notable addition is that I
have updated the "vnd.dovecot.duplicate" extension to the new IETF draft
"duplicate" extension.
Changelog v0.4.3:
* Editheader extension: Made control characters allowed for editheader,
except NUL. Before, this would cause a runtime error.
+ Upgraded Dovecot-specific Sieve "vnd.dovecot.duplicate" extension to
match the new draft "duplicate" extension.
- Fixed sieve_result_global_log_error to log only as i_info in
administrator log (syslog) if executed from multiscript context.
- Sieve redirect extension: Adjusted loop detection to show leniency to
resent messages.
- Sieve include extension: Fixed problem with handling of duplicate
includes with different parameters :once or :optional.
- Sieve spamtest/virustest extensions: Tests were erroneously performed
against the original message. When used together with extprograms
filter to add the spam headers, the changes were not being used by
the spamtest and virustest extensions.
- Deprecated Sieve notify extension: Fixed segfault problems in message
string substitution.
- ManageSieve: Fixed active link verification to handle redundant path
slashes correctly.
- Sieve vacation extension:
- Fixed interaction of sieve_vacation_dont_check_recipient with
sieve_vacation_send_from_recipient setting.
- Fixed log message for discarded response.
- Sieve extprograms plugin:
- Forgot to disable the alarm() timeouts set for script execution.
- Fixed fd leak and handling of output shutdown.
- Fixed 'Bad filedescriptor' error occurring when disconnecting
script client.
- Made sure that programs are never forked with root privileges.
The release is available as follows:
http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.3.tar…http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.3.tar…
Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this new release and don't hesitate
to notify me when there are any problems.
Regards,
--
Stephan Bosch
stephan(a)rename-it.nl
http://dovecot.org/releases/2.2/dovecot-2.2.13.tar.gzhttp://dovecot.org/releases/2.2/dovecot-2.2.13.tar.gz.sig
A few minor changes since v2.2.13.rc1, mainly making the Pigeonhole tests pass.
* Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS
handshake was started but wasn't finished, the login process
attempted to eventually forcibly disconnect the client, but failed
to do it correctly. This could have left the connections hanging
arond for a long time. (Affected Dovecot v1.1+)
+ mdbox: Added mdbox_purge_preserve_alt setting to keep the file
within alt storage during purge. (Should become enforced in v2.3.0?)
+ fts: Added support for parsing attachments via Apache Tika. Enable
with: plugin { fts_tika = http://tikahost:9998/tika/ }
+ virtual plugin: Delay opening backend mailboxes until it's necessary.
This requires mailbox_list_index=yes to work. (Currently IMAP IDLE
command still causes all backend mailboxes to be opened.)
+ mail_never_cache_fields=* means now to disable all caching. This may
be a useful optimization as doveadm/dsync parameter for some admin
tasks which shouldn't really update the cache file.
+ IMAP: Return SPECIAL-USE flags always for LSUB command.
- pop3 server was still crashing in v2.2.12 with some settings
- maildir: Various fixes and improvements to handling compressed mails,
especially when they have broken/missing S=sizes in filenames.
- fts-lucene, fts-solr: Fixed crash on search when the index contained
duplicate entries.
- Many fixes and performance improvements to dsync and replication
- director was somewhat broken when there were exactly two directors
in the ring. It caused errors about "weak users" getting stuck.
- mail_attachment_dir: Attachments with the last base64-encoded line
longer than the rest wasn't handled correctly.
- IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
- acl: Global ACL file handling was broken when multiple entries
matched the mailbox name. (Only the first entry was used.)
http://dovecot.org/releases/2.2/rc/dovecot-2.2.13.rc1.tar.gzhttp://dovecot.org/releases/2.2/rc/dovecot-2.2.13.rc1.tar.gz.sig
There have been a ton of smaller and some larger changes since v2.2.12, so I thought I'd first make a RC release and the final v2.2.13 tomorrow. Please try it out!
BTW. I've read most of the mails again in Dovecot mailing list, but there are still a few reported bugs I decided to leave until later. Anyway feel free to re-send any bug reports for things that haven't been fixed in v2.2.13 yet.
* Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS
handshake was started but wasn't finished, the login process
attempted to eventually forcibly disconnect the client, but failed
to do it correctly. This could have left the connections hanging
arond for a long time. (Affected Dovecot v1.1+)
+ mdbox: Added mdbox_purge_preserve_alt setting to keep the file
within alt storage during purge. (Should become enforced in v2.3.0?)
+ fts: Added support for parsing attachments via Apache Tika. Enable
with: plugin { fts_tika = http://tikahost:9998/tika/ }
+ virtual plugin: Delay opening backend mailboxes until it's necessary.
This requires mailbox_list_index=yes to work. (Currently IMAP IDLE
command still causes all backend mailboxes to be opened.)
+ mail_never_cache_fields=* means now to disable all caching. This may
be a useful optimization as doveadm/dsync parameter for some admin
tasks which shouldn't really update the cache file.
+ IMAP: Return SPECIAL-USE flags always for LSUB command.
- pop3 server was still crashing in v2.2.12 with some settings
- maildir: Various fixes and improvements to handling compressed mails,
especially when they have broken/missing S=sizes in filenames.
- fts-lucene, fts-solr: Fixed crash on search when the index contained
duplicate entries.
- Many fixes and performance improvements to dsync and replication
- director was somewhat broken when there were exactly two directors
in the ring. It caused errors about "weak users" getting stuck.
- mail_attachment_dir: Attachments with the last base64-encoded line
longer than the rest wasn't handled correctly.
- IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
- acl: Global ACL file handling was broken when multiple entries
matched the mailbox name. (Only the first entry was used.)
There's an upper limit to how many IMAP/POP3 connections can exist that haven't logged in (and separate limits for post-login). Normally when this limit is reached, the oldest connection gets disconnected. There is of course some potential to try to DoS Dovecot by doing a lot of IMAP/POP3 connections, but because the oldest connection always gets destroyed this requires quite a lot of activity from the attacker.
This "destroy oldest connection" however hasn't been working in v1.1+ releases for connections that have started SSL/TLS handshake, but haven't finished it. So an attacker could just do a bunch of TCP connections to port 993 and leave them hanging around and Dovecot would pretty quickly reach the upper limit without being able to disconnect any of the oldest connections.
Here are patches to fix this:
http://hg.dovecot.org/dovecot-2.2/rev/41622541a7a3http://hg.dovecot.org/dovecot-2.1/rev/b7ac23b4d339http://hg.dovecot.org/dovecot-2.0/rev/48f90e7e92dchttp://hg.dovecot.org/dovecot-1.2/rev/8ba4253adc9bhttp://hg.dovecot.org/dovecot-1.1/rev/fe0e6550585c
The fix will be in v2.2.13. Maybe also in v2.1.18 if I decide to release it. For older releases you need to patch it yourself.
For people who are using dovecot-ee releases the fix is also in v2.2.12.12 and v2.1.7.7 releases.