We are pleased to release first release candidate for v2.3.14. We have done changes to packaging so please give us any feedback on how it works.
Binary packages in https://repo.dovecot.org/
Docker images are not available for this release candidate.
* Added new aliases for some variables. Usage of the old ones is possible,
but discouraged. (These were partially added already to v2.3.13.)
for more information.
* Optimize imap/pop3/submission/managesieve proxies to use less CPU at
the cost of extra memory usage.
* Remove autocreate, expire, snarf and mail-filter plugins.
* Remove cydir storage driver.
* doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP
environment variable is not set. Timestamp format is taken from
* If BROKENCHAR or listescape plugin is used, the escaped folder names
may be slightly different from before in some situations. This is
unlikely to cause issues, although caching clients may redownload the
* imapc: It now enables BROKENCHAR=~ by default to escape remote folder
names if necessary. This also means that if there are any '~'
characters in the remote folder names, they will be visible as "~7e".
* imapc: When using local index files folder names were escaped on
filesystem a bit differently. This affects only if there are folder
names that actually require escaping, which isn't so common. The old
style folders will be automatically deleted from filesystem.
* stats: Update exported metrics to be compliant with OpenMetrics standard.
+ doveadm: Add an optional '-p' parameter to metadata list command. If
enabled, "/private", and "/shared" metadata prefixes will be prepended
to the keys in the list output.
+ doveconf: Support environment variables in config files. See
for more details.
+ indexer-worker: Change indexer to disconnect from indexer-worker
after each request. This allows service indexer-worker's service_count &
idle_kill settings to work. These can be used to restart indexer-worker
processes once in a while to reduce their memory usage.
- auth: "nodelay" with various authentication mechanisms such as apop
and digest-md5 crashed AUTH process if authentication failed.
- auth: Auth lua script generating an error triggered an assertion
failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify):
assertion failed: (lua_gettop(script->L) == 0).
- configure: Fix libunwind detection to work on other than x86_64 systems.
- doveadm-server: Process could crash if logging was done outside command
handling. For example http-client could have done debug logging
afterwards, resulting in either segfault or Panic:
file http-client.c: line 642 (http_client_context_close):
assertion failed: (cctx->clients_list == NULL).
- dsync: Folder name escaping with BROKENCHAR didn't work completely
correctly. This especially caused problems with dsync-migrations using
imapc where some of the remote folder names may not have been accessible.
- dsync: doveadm sync + imapc doesn't always sync all mails when doing
an incremental sync (-1), which could lead to mail loss when it's used
for migration. This happens only when GUIDs aren't used (i.e.
imapc without imapc_features=guid-forced).
- lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have
resulted in crashes. This exposed that Dovecot was wrongly accepting
atoms in "nstring" handling. Changed the IMAP parsing to be more
strict about this now.
- lib-index: If dovecot.index.cache has corrupted message size, fetching
BODY/BODYSTRUCTURE may cause assert-crash:
Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish):
assertion failed: (mail->data.parts != NULL).
- lib-index: Minor error handling and race condition fixes related to
rotating dovecot.index.log. These didn't usually cause problems,
unless the log files were rotated rapidly.
- lib-lua: Lua scripts using coroutines or lua libraries using coroutines
(e.g., cqueues) panicked.
- Message PREVIEW handled whitespace wrong so first space would get
eaten from between words.
- FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively.
- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
was written in a way that may have caused confusion for IMAP clients
and also Dovecot itself when parsing it. The truncated part is now
written out using application/octet-stream MIME type.
- lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to
use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed:
(meth->context_size <= MAC_MAX_CONTEXT_SIZE).
- event filters: NOT keyword did not have the correct associativity.
NOT a AND b were getting parsed as NOT (a AND b) instead of
(NOT a) AND b.
- Ignore ECONNRESET when closing socket. This avoids logging useless
errors on systems like FreeBSD.
- event filters: event filter syntax error may lead to Panic:
file event-filter.c: line 137 (event_filter_parse): assertion failed:
(state.output == NULL)
- lib: timeval_cmp_margin() was broken on 32-bit systems. This could
potentially have caused HTTP timeouts to be handled incorrectly.
- log: instance_name wasn't used as syslog ident by the log process.
- master: After a service reached process_limit and client_limit, it
could have taken up to 1 second to realize that more client connections
became available. During this time client connections could have been
unnecessarily rejected and a warning logged:
Warning: service(...): process_limit (...) reached, client connections are being dropped
- stats: Crash would occur when generating openmetrics data for metrics
using aggregating functions.
- stats: Event filters comparing against empty strings crash the stats