- Dovecot-news - dovecot.org

v1.0.14 released
by Timo Sirainen 02 Jun '08

02 Jun '08

http://dovecot.org/releases/1.0/dovecot-1.0.14.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.14.tar.gz.sig Since v1.1.0 release is getting near, this could well be the last v1.0 release. I'll still fix important bugs, but if the bugfix is large or affects only few people it'll probably get fixed only in v1.1 releases. * mbox: Enable mail_privileged_group while creating INBOX. - IMAP: Fixed a rare crash in FETCH BODY/BODYSTRUCTURE - IMAP: If mailbox is selected with EXAMINE, ignore flag changes - proxy: Login success reply was sent in two IP packets, which confused some IMAP/POP3 clients - ACL plugin leaked memory a bit - dovecot-auth: allow_nets setting with network masks didn't work correctly with big endian machines.

1 0

v1.1.rc7 released
by Timo Sirainen 30 May '08

30 May '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc7.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc7.tar.gz.sig One extra RC release, just to fix compiling problems with non-Linux OSes. Nothing else changed since rc6.

1 0

Re: [Dovecot-news] [Dovecot] v1.1.rc6 released - not working
by Timo Sirainen 30 May '08

30 May '08

On May 30, 2008, at 5:15 AM, Marc Perkel wrote: > I had just tested rc5 today and it didn't work for me. So I just > downloaded rc6 and same problem. Here's what I'm seeing in the log. > > dovecot: May 29 19:10:10 Error: IMAP(support(a)junkemailfilter.com): > mail_location: maildir: Unknown setting: > dovecot: May 29 19:10:10 Fatal: IMAP(support(a)junkemailfilter.com): > Namespace initialization failed > dovecot: May 29 19:10:10 Error: IMAP(marc(a)perkel.com): > mail_location: maildir: Unknown setting: > dovecot: May 29 19:10:10 Fatal: IMAP(marc(a)perkel.com): Namespace > initialization failed > dovecot: May 29 19:10:10 Info: imap-login: Login: user=<marc(a)perkel.com > >, method=PLAIN, rip=24.143.247.50, lip=65.49.42.45, TLS > dovecot: May 29 19:10:10 Error: IMAP(support(a)junkemailfilter.com): > mail_location: maildir: Unknown setting: > dovecot: May 29 19:10:10 Fatal: IMAP(support(a)junkemailfilter.com): > Namespace initialization failed > > mail_location = maildir:/vhome/%d/home/%n::INDEX=/nobackup/imap- > cache/%d-%n You've :: in the middle, which is most likely causing it. I can't think of anything I've done since rc5 that would have touched that part of the code though.

1 0

v1.1.rc6 released
by Timo Sirainen 30 May '08

30 May '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc6.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc6.tar.gz.sig This is it. The first v1.1 release that actually deserves the "release candidate" name. It contains everything I require from v1.1.0 release. There are two bugs left that I'd like to get fixed, but they won't block v1.1.0 release: * index_mailbox_set_recent_uid() assert (reported by Diego Liziero) * Maildir not always finding new messages and returning them as empty (reported by Anders). The major change in v1.1.rc6 release is the SORT indexing half-rewrite. I hadn't much stress tested that code before, and once I started I just kept finding more and more weird bugs and it became extremely difficult to figure out how to fix them, so I finally decided to just redesign how it's supposed to work and then implemented that. The resulting sort code is a lot cleaner and it should also perform better (although it could still be improved a bit: the basic binary searching could be replaced with one that first binary searches between already-looked-up sort-strings and only after that binary searches the resulting space which requires slower sort-string lookups). Hopefully there are also no stupid bugs left like returning messages in wrong sort order. :) I've been wasting time this past week getting new stuff for my new apartment, but that's nearly done now. I think (hope) I'm going to be more productive in here, there are less neighbours behind walls/floors (just 1), so less potential for annoying noises. :) Thinking also seems to work better when there's more space to walk around. And finally, the changes since v1.1.rc5: * Index file format changed a bit. If an older Dovecot v1.1 reads index files updated by rc6+, they may give "Invalid header record size" or "ext reset: invalid record size" warnings. v1.0 won't give these errors. * IMAP: LIST .. RETURN (X-STATUS) command return now LIST entries before STATUS entries. * zlib plugin: Uncompress if the message begins with zlib header instead of looking at the 'Z' flag. This fixes copying with hard links. Based on a patch by Richard Platel. + IMAP: SORT index handling code was half-rewritten to fix several bugs when multiple sessions were sorting at the same time. The new code is hopefully also faster. + Maildir: If POP3 UIDL extra field is found from dovecot-uidlist, it's used instead of the default UIDL format (or X-UIDL: header). This allows easily preserving UIDLs when migrating from other POP3 servers. Patch by Nicholas Von Hollen @ Mailtrust. + Maildir: ,W=<vsize> is now always added to maildir filenames + deliver: Avoid reading dovecot-uidlist's contents if possible. + Added %T modifier = Trim whitespace from end of string - IMAP: Fixed some bugs in LIST-EXTENDED implementation. - IMAP: If client tries to change the selected mailbox state while another command is still running, wait until the command is finished. This fixes some crashes and other unwanted behavior. - allow_nets userdb setting was broken with big endian CPUs

1 0

Sieve plugins 1.0.3 and 1.1.5 released
by Timo Sirainen 16 May '08

16 May '08

http://dovecot.org/releases/sieve/dovecot-sieve-1.0.3.tar.gz http://dovecot.org/releases/sieve/dovecot-sieve-1.0.3.tar.gz.sig http://dovecot.org/releases/sieve/dovecot-sieve-1.1.5.tar.gz http://dovecot.org/releases/sieve/dovecot-sieve-1.1.5.tar.gz.sig I've usually released new Sieve plugins at the same time as new Dovecot versions, but since I wasn't planning on releasing v1.0.14 anytime soon and it looks like v1.0.2 release was quite a while ago, I decided to release these today. Changes: - Improved vacation reply checks, log discarded vacation replies (in v1.0.3, these were already in v1.1.0) - Expand ~ to home directory in sieve path - If compiled script has the exact same mtime as the source script, assume the script hasn't changed (changed "<" check to "<="). - Unfold multiline headers before comparing them. - Improved error logging.

1 0

v1.1.rc5 released
by Timo Sirainen 05 May '08

05 May '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc5.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc5.tar.gz.sig I've finally gone through all my unread mails and fixed most of the reported bugs. There are only a couple ones left that I can't reproduce. Please report if you still have any problems with rc5, even if you already have reported the same bug before. v1.1.rc6 will hopefully be the last RC before v1.1.0. + Support cross-realm Kerberos 5 authentication. Based on patch by Zachary Kotlarek. + Added dict_db_config setting to point to a Berkeley DB config file. + If mail_chroot ends with "/.", remove chroot prefix from home directory. - Fixed several bugs and memory leaks in ACL plugin. LIST and LSUB may have listed mailboxes where user had no 'l' access. STORE could have been used to update any flags without appropriate access. - mbox: Valid-looking From_-lines in message bodies caused the message to be split to two messages (broken since v1.0). - Plugin initialization hooks were called in wrong order, possibly causing problems when multiple plugins were used at the same time. - Expire plugin was broken - LIST-EXTENDED options were ignored. - LDAP: Static attribute names weren't working correctly - deliver: mail_uid and mail_gid settings weren't used. - pop3 + maildir++ quota: maildirsize file wasn't created if it didn't exist already. - dnotify: Waiting for dotlock to be deleted used 100% CPU

1 0

v1.1.rc4 released
by Timo Sirainen 01 Apr '08

01 Apr '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc4.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc4.tar.gz.sig I didn't have time/energy to fix everything I wanted, so it'll probably be a few more RCs left until v1.1.0. This is anyway an important release, because it fixes two buffer overflows in search code which have been in all v1.1 releases (but not v1.0). Really stupid mistakes, I must have been tired or something when writing the code.. Anyway I now added code to notice these kind of buffer overflows when they happen (if --enable-debug is used), so hopefully these will be the last ones. * Fixed two buffer overflows in str_find_init(). It was used by SEARCH code when searching for headers or message body. Added code to catch these kind of overflows when compiling with --enable-debug. Found by Diego Liziero. + LDAP: Added debug_level and ldaprc_path settings (OpenLDAP-only) + Squat: Added fts_squat = partial=n full=m settings. See the wiki. - dbox metadata updating fixes. - quota: backend=n didn't work - SEARCH RECENT may have returned non-recent messages if index files were created by v1.0. - If mailbox was opened as read-only with EXAMINE, STOREs were permanently saved. - LDAP: Templates were somewhat broken (by richs at whidbey.net)

1 0

v1.0.13 and v1.1.rc3 released
by Timo Sirainen 09 Mar '08

09 Mar '08

http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.13.tar.gz.sig http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc3.tar.gz.sig Note that the changes for the security hole fix were quite large. I tested with several auth configurations myself and they seemed to work, but it's possible I left a bug somewhere in there breaking someone's configuration. So make sure to test that it works after upgrading. Of course it would be really nice if Dovecot had a proper test suite where testing all configurations could be automated and run before each release. I've already started this with my imaptest tool (http://imapwiki.org/ImapTest) but it only does IMAP tests and a lot of things are still missing. Some help would be nice here. * Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd and shadow if blocking=yes) where user could specify extra fields in the password. The main problem here is when specifying "skip_password_check" introduced in v1.0.11 for fixing master user logins, allowing the user to log in as anyone without a valid password. - mail_privileged_group was broken in some systems (OS X, Solaris?) - IMAP THREAD: Fixed some correctness problems

1 0

Security hole #6: Some passdbs allowed users to log in without a valid password
by Timo Sirainen 09 Mar '08

09 Mar '08

This affects only blocking passdbs: - MySQL - PAM, passwd and shadow if blocking=yes The underlying bug exists in all v1.0.x versions, but I couldn't figure out a way to exploit it except with v1.0.11, v1.0.12 and v1.1.rc2. Probably a good idea to upgrade in any case. The main problem is that Dovecot's internal protocols use TAB character as a delimiter, but passwords were sent unescaped through them. So passwords containing TAB characters allowed to add new internal fields. The main problem here is a new "skip_password_check" field added in v1.0.11 to fix problems with master user logins. Specifying this field allowed the user to skip the password check, as the name implies. This has been fixed thoroughly in v1.0.13 and v1.1.rc3 to make sure there are no more escaping problems with any fields, but it can be also fixed with a less intrusive patch for v1.0: http://hg.dovecot.org/dovecot-1.0/raw-rev/da2a9372e26e

1 0

v1.1.rc2 released
by Timo Sirainen 08 Mar '08

08 Mar '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc2.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc2.tar.gz.sig Changes since rc1: * mail_extra_groups setting was commonly used insecurely. This setting is now deprecated. Most users should switch to using mail_privileged_group setting, but if you really need the old functionality use mail_access_groups instead. + Expire plugin now supports wildcards in mailbox names. + dbox: Expire plugin supports moving old mails to alternative dbox directory + Maildir++ quota: quota_rule=?:<rule> specifies a default rule which is used only if the maildirsize file doesn't exist. + If SSL/TLS connection isn't closed cleanly, log the last error in the disconnection line. + EXPUNGE: If new \Deleted messages were found while expunging, do it again and expunge them as well (Outlook workaround) - IMAP: SEARCH, LIST and THREAD command correctness fixes - Maildir++ quota: Quota rules and warnings with % rules didn't work if the default limits were taken from maildirsize file. - Maildir++ quota: If both byte and message limits weren't specified, maildirsize file was recalculated all the time - mbox: Flag and keyword updates may have gotten lost in some situations (happens with v1.0 too) - ldap: Don't crash if userdb lookup fails - Squat fixes and performance improvements Things left to do for v1.1.0: - dbox has a metadata corruption bug, find and fix it - Squat has some locking issues that causes errors when stress testing with multiple connections - Squat doesn't do NFS cache flushing and has some other NFS problems.

1 0

v1.0.12 released
by Timo Sirainen 05 Mar '08

05 Mar '08

http://dovecot.org/releases/1.0/dovecot-1.0.12.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.12.tar.gz.sig - Using mail_privileged_group with dotlock_use_excl=no worked, but it logged "access denied" errors.

1 0

v1.0.11 released
by Timo Sirainen 04 Mar '08

04 Mar '08

http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.11.tar.gz.sig * mail_extra_groups setting was commonly used insecurely. This setting is now deprecated. Most users should switch to using mail_privileged_group setting, but if you really need the old functionality use mail_access_groups instead. - mbox: Dropped some of the physical size fetch optimizations added in v1.0.8. This makes some commands slower, but should fix the rest of the problems. - IMAP: SEARCH BEFORE/ON/SINCE didn't handle timezones correctly. - ldap: auth_bind was doing lookups using subtree scope instead of the scope specified in config file. - zlib plugin crashfixes by Richard Platel - master passdbs: pass=yes setting was broken with blocking passdbs (e.g. MySQL)

1 0

Security issue #5: mail_extra_groups setting is often used insecurely
by Timo Sirainen 04 Mar '08

04 Mar '08

mail_extra_groups=mail setting is often used insecurely to give Dovecot access to create dotlocks to /var/mail directory. If you don't use mboxes in /var/mail, make sure this setting is cleared. If you do use /var/mail mboxes and Dovecot gives permission errors without it, do one of the following (in the preferred order): a) Upgrade to v1.0.11 and use the new mail_privileged_group setting instead of mail_extra_groups. b) Make /var/mail sticky and world-writable (chmod 01777 /var/mail) and clear mail_extra_groups setting. c) Make /var/mail sticky (chmod +t /var/mail) and keep mail_extra_groups setting. This fixes the main problem but some may be left. The mail_privileged_group setting is also available as a patch: http://dovecot.org/patches/1.0/dovecot-1.0.10.mail_priv_groups.diff mail_extra_groups setting has existed since Dovecot v0.99.10.6. It's never been enabled by default in the distributed dovecot-example.conf, but some distributions enable it by default (at least Debian). A longer explanation: The main problem is that if users have filesystem access to the mail server, they can create symlinks. Dovecot doesn't try to prevent following symlinks (and I don't think it should) and normally it isn't a problem. But when mail_extra_groups=mail is set: 1a) Maildir: Any files readable by mail group can be read by the user by symlinking the file to their ~/Maildir/cur/. 1b) Any mbox files readable by mail group can be read by the user by symlinking the mbox file to their ~/mail/ directory. These are pretty obvious problems and I didn't think they were all that important. Why would anyone have secret files that are mail group-readable? But apparently those do exist in some systems (maybe accidentally). 2a) mbox: Any files/directories under mail group-writable directories can be created/deleted/renamed by symlinking the directory under ~/mail/. For example ln -s /var/mail ~/mail/var, DELETE var/root will happily delete root's mailbox. This I hadn't thought about before. 2b) Maildir: Pretty much the same thing can be done with maildir but with a little less control. mail_privileged_group setting works by keeping the group in process's saved GID while it's not in use and temporarily switching it to effective GID while dotlocks are created. Currently this is done only when: 1. It's only done for INBOX mbox which doesn't exist under the same location as other mailboxes (so typically under /var/mail). 2. It's used only after initial dotlock creation try failed with EACCES error.

1 0

v1.1.rc1 released
by Timo Sirainen 21 Feb '08

21 Feb '08

http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc1.tar.gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc1.tar.gz.sig Finally the first v1.1 release candidate. Please test so we can have a fully stable v1.1.0 release. v1.1.betas are already running in a few large installations, so I don't expect there to be many bugs left. There are no release critical bugs left and no known crash bugs. There are a few issues I'd like to fix before v1.1.0, but I don't expect to have more than 3-5 release candidates this time (certainly much less than 31 anyway..) Changes since beta16: - ioloop defaults now to best one availablable instead of poll - IMAP SEARCH correctness fixes - Fixed proxy_maybe handling with caching and with mysql - IMAP: ENVELOPE's subject field now always has TABs changed to spaces - Some crashfixes

1 0

v1.0.10 released
by Timo Sirainen 29 Dec '07

29 Dec '07

http://dovecot.org/releases/1.0/dovecot-1.0.10.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.10.tar.gz.sig v1.0.8 and v1.0.9 were a bit bad releases. Hopefully one day I've managed to have written a proper test suite which can be run before doing any releases.. * Security hole with LDAP+auth cache: If base setting contained %variables they weren't included in auth cache key, which broke caching. This could have caused different users with same passwords to log in as each other. - LDAP: Fixed potential infinite looping when connection to LDAP server was lost and there were queued requests. - mbox: More changes to fix problems caused by v1.0.8 and v1.0.9. - Maildir: Fixed a UIDLIST_IS_LOCKED() assert-crash in some conditions (caused by changes in v1.0.9) - If protocols=none, don't require imap executables to exist

1 0

Security hole #4: Specific LDAP + auth cache configuration may mix up user logins
by Timo Sirainen 21 Dec '07

21 Dec '07

Somehow I doubt there are any Dovecot setups left that unknowingly have this problem, but it still counts as a security hole. The possibility to cause this problem exists in Dovecot v1.0.rc11 and later. If you use: 1. passdb ldap with settings: - auth_bind = yes - auth_bind_userdn = no - base containing %variables required for unique user identification, e.g. base = dc=%d,dc=org - pass_filter not containing all %variables required for unique user identification - pass_attrs returning user-specific settings, such as user's home directory 2. userdb prefetch 3. auth_cache_size non-zero (0 is default) If two users with the same password and same pass_filter variables log in within auth_cache_ttl seconds (1h by default), the second user may get logged in with the first user's cached pass_attrs. For example if pass_attrs contained the user's home/mail directory, this would mean that the second user will be accessing the first user's mails. You most likely would have noticed this already by wondering why logins keep failing, unless pass_filter used also some %variables that most of the time uniquely identifies the user. For example %r (remote IP address) or %n (username without domain). You can fix this by upgrading to v1.0.10 (to be released soon), or using this patch: http://hg.dovecot.org/dovecot-1.0/raw-rev/2cedab21cd6d

1 0

v1.0.9 released
by Timo Sirainen 11 Dec '07

11 Dec '07

http://dovecot.org/releases/1.0/dovecot-1.0.9.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.9.tar.gz.sig + Maildir: Don't wait on dovecot-uidlist.lock when we just want to find out a new filename for the message. - mbox: v1.0.8 changes sometimes caused FETCH to fail with "got too little data", disconnecting the client. - Fixed a memory leak when FETCHing message header/body multiple times within a command (e.g. BODY[1] BODY[2]) - IMAP: Partial body fetching was still slow with mboxes

1 0

v1.0.8 released
by Timo Sirainen 28 Nov '07

28 Nov '07

http://dovecot.org/releases/1.0/dovecot-1.0.8.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.8.tar.gz.sig + Authentication: Added "password_noscheme" field that can be used instead of "password". "password" treats "{prefix}" as a password scheme while "password_noscheme" treats it as part of the password itself. So "password_noscheme" should be used if you're storing passwords as plaintext. Non-plaintext passwords never begin with "{", so this isn't a problem with them. - IMAP: Partial body fetching was sometimes non-optimal, causing the entire message to be read for every FETCH command. - deliver failed to save the message when envelope sender address contained spaces. - Maildir++ quota: We could have randomly recalculated quota when it wasn't necessary. - Login process could have crashed after logging in if client sent data before "OK Logged in" reply was sent (i.e. before master had replied that login succeeded). - Don't assert-crash when reading dovecot.index.logs generated by Dovecot v1.1. - Authentication: Don't assert-crash if password beings with "{" but doesn't contain "}". - Authentication cache didn't work when using settings that changed the username (e.g. auth_username_format).

1 0

v1.0.7 released
by Timo Sirainen 29 Oct '07

29 Oct '07

http://dovecot.org/releases/1.0/dovecot-1.0.7.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.7.tar.gz.sig Almost missed this one. I had already fixed it in v1.1 tree, but forgot to fix in v1.0 tree. - deliver: v1.0.6's "From " line ignoring could have written to a bad location in stack, possibly causing problems.

1 0

v1.0.6 released
by Timo Sirainen 28 Oct '07

28 Oct '07

http://dovecot.org/releases/1.0/dovecot-1.0.6.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.6.tar.gz.sig * IDLE: Interval between mailbox change notifies is now 1 second, because some clients keep a long-running IDLE connection and use other connections to actually read the mails. * SORT: If Date: header is missing or broken, fallback to using INTERNALDATE (as the SORT draft nowadays specifies). + deliver: If message begins with a "From " line, ignore it. + zlib plugin: If maildir file has a "Z" flag, open it with zlib. - CREATE: Don't assert-crash if trying to create namespace prefix. - SEARCH: Fixes to handling NOT operator with sequence ranges. - LDAP reconnection fixes - Maildir: Don't break when renaming mailboxes with '*' or '%' characters and children. - mbox: Fixed "file size unexpectedly shrinked" error in some conditions. - quota+mbox: Don't fail if trying to delete a directory. - Fixes to running from inetd

1 0

v1.1.beta1 released
by Timo Sirainen 23 Sep '07

23 Sep '07

http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta1.tar.gz http://dovecot.org/releases/1.1/beta/dovecot-1.1.beta1.tar.gz.sig Alpha6 seemed to finally work quite well, so I think it's time for a feature freeze (except for dbox changes). I started a new wiki page to list incompatibilities between v1.0 and v1.1: http://wiki.dovecot.org/Upgrading/1.1 Fixes since alpha6: - deliver + maildir caused "UID 0 in transaction log" errors - deliver + maildir no longer blocks if dovecot-uidlist.lock file exists. The mail is simply delivered without updating uidlist or indexes. - Quota handling fixes, especially dict quota - etc.

1 0

v1.0.5 released
by Timo Sirainen 09 Sep '07

09 Sep '07

http://dovecot.org/releases/1.0/dovecot-1.0.5.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.5.tar.gz.sig v1.0.4 was a bit bad release. - deliver: v1.0.4 broke home directory handling - maildir: Creating mailboxes didn't use dovecot-shared's group for cur/new/tmp directories.

1 0

v1.0.4 released
by Timo Sirainen 08 Sep '07

08 Sep '07

http://dovecot.org/releases/1.0/dovecot-1.0.4.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.4.tar.gz.sig * Assume a MIME message if Content-Type: header exists, even if Mime-Version: header doesn't. - IMAP: CREATE ns_prefix/box/ didn't work right when namespace prefix existed. - deliver: plugin {} settings were overriding settings from userdb. - mbox: Expunging the first message might not have worked always - PostgreSQL: If we can't connect to server, timeout queries after a while instead of trying forever. - Solaris: sendfile() support was broken and could have caused 100% CPU usage and the connection hanging. And one more thing I forgot from NEWS file: - IMAP: Fixed infinite loop in some situations

1 0

v1.0.3 released
by Timo Sirainen 01 Aug '07

01 Aug '07

http://dovecot.org/releases/1.0/dovecot-1.0.3.tar.gz http://dovecot.org/releases/1.0/dovecot-1.0.3.tar.gz.sig - deliver: v1.0.2's bounce fix caused message to be always saved to INBOX even if Sieve script had discard, reject or redirect commands. - LDAP: auth_bind=yes and empty auth_bind_userdn leaked memory - ACL plugin: If user was given i (insert) right for a mailbox, but not all s/t/w (seen, deleted, other flags) rights, COPY and APPEND commands weren't supposed to allow saving those flags. This is technically a security fix, but it's unlikely this caused problems for anyone. - ACL plugin: i (insert) right didn't work unless user was also given l (lookup) right. - Solaris: Fixed filesystem quota for autofs mounts.

1 0

v1.1.alpha1 released
by Timo Sirainen 19 Jul '07

19 Jul '07

http://dovecot.org/releases/1.1/alpha/dovecot-1.1.alpha1.tar.gz http://dovecot.org/releases/1.1/alpha/dovecot-1.1.alpha1.tar.gz.sig This is the first alpha release of Dovecot v1.1. I hope that it stabilizes into final release within a few months. There are a lot of new features since v1.0. The most important ones are listed at the end of this post. This is the only v1.1.alpha announcement I send to dovecot-news list (or to www.dovecot.org news). The next one probably will be v1.1.rc1. I've been stress testing the code a lot and I've also been using it myself for almost a year, so I think this release should actually be quite stable and usable. But since I haven't tested everything, there might be some crashes and misbehaving commands. So this release should now have all the major features that I intend to add to v1.1 (except for dbox rewrite, see below). Some smaller features will still be added. The rest of the major features in my previous v1.1 list will go to v1.2. While v1.1 is getting stabilized I'm beginning to rewrite dbox code. Its code is isolated from the rest of Dovecot, so it can't destabilize anything else. Hopefully it will be ready before v1.1 release, although maybe still marked as experimental. Some of the features might not be considered quite ready yet: - Mailbox list indexes improve STATUS performance a lot (maybe 7x) when mailboxes haven't changed. Handling updates however is a lot slower than I'd want (2x with one client, more with multiple), so you may want to disable them with mailbox_list_index_disable=yes until the update performance gets better. - THREAD code is completely rewritten with support for incremental updates and index files. I tested it last year and it seemed OK, but I didn't dare try it now so I wouldn't have to delay this alpha if it was broken :) I'll do some more testing soon, but for now be careful with using v1.1 with webmails. - SORT code also uses indexes now, but it's a lot simpler so it probably works. - Squat indexes work and I'm using them myself, but they'll be rewritten for v1.2 with a new faster format. - Although Dovecot now flushes NFS attribute/data caches when needed, I'm not sure if it's done in all the necessary places. - I don't remember if I've tested expire plugin at all. So, the largest changes I've added to NEWS file (which BTW won't contain changes between alphas/betas/rcs, those will be only in my mailing list posts): * After Dovecot v1.1 has modified index or dovecot-uidlist files, they can't be opened anymore with Dovecot versions earlier than v1.0.2. * Empty passwords in passdb doesn't allow user to log in with any password anymore. To do that you'll also need to set nopassword extra field. + IMAP: Added support for UIDPLUS and LIST-EXTENDED extensions. + IMAP SORT: Sort keys are indexed, which makes SORT commands faster. + IMAP THREAD: Threads are indexed into a dovecot.index.thread file. It can usually be updated incrementally, so this makes THREAD fast. + Added Dovecot-specific X-REFERENCES2 threading algorithm. It's similar to REFERENCES, but it doesn't do base subject merging and it sorts the threads by their newest message. + When saving messages, update cache file immediately with the data that we expect client to fetch later. Maildir-only currently. + NFS attribute and data caches are are flushed whenever needed. See mail_nfs_storage and mail_nfs_index settings. + Mailbox list indexes. Mailbox metadata is stored there, so STATUS commands can return synchronized mailboxes' metadata simply by reading a single mailbox list index file. Currently works only with Maildir++ layout. + Out of order command execution (SEARCH, FETCH, LIST), nonstandard command cancellation (X-CANCEL <tag>) + Expire plugin can be used to keep track of oldest messages in specific mailboxes. A nightly run can then quickly expunge old messages from the mailboxes that have them. The tracking is done using lib-dict, so you can use either Berkeley DB or SQL database. + Namespaces are supported everywhere now. + Full text search indexing support with Lucene and Squat backends. + OTP and S/KEY authentication mechanisms (by Andrey Panin). + mbox and Maildir works with both Maildir++ and FS layouts. You can change these by appending :LAYOUT=maildir++ or :LAYOUT=fs to mail_location. + LDAP: Support templates in pass_attrs and user_attrs + Support for listening in multiple IPs/ports. + Quota plugin rewrite: Support for multiple quota roots, warnings, allow giving storage size in bytes or kilo/mega/giga/terabytes, per-mailbox quota rules.

1 0

v1.0.2 released
by Timo Sirainen 15 Jul '07

15 Jul '07

http://dovecot.org/releases/dovecot-1.0.2.tar.gz http://dovecot.org/releases/dovecot-1.0.2.tar.gz.sig Fixes several bugs. This release also adds compatibility with upcoming Dovecot v1.1 so it'll be possible to upgrade to v1.1 and back to v1.0.2 without anything breaking. * dbox isn't built anymore by default. It will be redesigned so it shouldn't be used. + Maildir: Support reading dovecot-uidlist (v3) files created by Dovecot v1.1. - Maildir: "UIDVALIDITY changed" errors could happen with newly created mailboxes - If "INBOX." namespace was used, LIST returned it with \HasNoChildren which caused some clients not to show any other mailboxes. - Maildir++ quota: If multiple processes were updating maildirsize at the same time, we failed with "Unknown error". - IMAP: IDLE didn't actually disconnect client after 30 minutes of inactivity. - LDAP passdb/userdb was leaking memory - deliver: %variables in plugin {} weren't expanded - deliver: Don't bounce the mail if Sieve plugin returns failure

1 0

v1.0.1 released
by Timo Sirainen 15 Jun '07

15 Jun '07

http://dovecot.org/releases/dovecot-1.0.1.tar.gz http://dovecot.org/releases/dovecot-1.0.1.tar.gz.sig Lots of small fixes. * deliver: If Return-Path doesn't contain user and domain, don't try to bounce the mail (this is how it was supposed to work earlier too) * deliver: %variables in mail setting coming from userdb aren't expanded anymore (again how it should have worked). The expansion could have caused problems if paths contained any '%' characters. + Print Dovecot version number with dovecot -n and -a + deliver: Added -e parameter to write rejection error to stderr and exit with EX_NOPERM instead of sending the rejection by executing sendmail. + dovecot --log-error logs now a warning, an error and a fatal - Trying to start Dovecot while it's already running doesn't anymore wipe out login_dir and break the running Dovecot. - maildir: Fixed "UID larger than next_uid" errors which happened sometimes when dovecot-uidlist file didn't exist but index files did (usually because mailbox didn't have any messages when it was selected for the first time) - maildir: We violated maildir spec a bit by not having keyword characters sorted in the filename. - maildir: If we don't have write access to cur/ directory, treat the mailbox as read-only. This fixes some internal error problems with trying to use read-only maildirs. - maildir: Deleting a symlinked maildir failed with internal error. - mbox: pop3_uidl_format=%m wasn't working right - mbox: If non-filesystem quota was enabled, we could have failed with "Unexpectedly lost From-line" errors while saving new messages - mysql auth: %c didn't work. Patch by Andrey Panin - APPEND / SEARCH: If internaldate was outside valid value for time_t, we returned BAD error for APPEND and SEARCH never matched. With 64bit systems this shouldn't have happened. With 32bit systems the valid range is usually for years 1902..2037. - COPY: We sent "Hang in there.." too early sometimes and checked it too often (didn't break anything, but was slower than needed). - deliver: Postfix's sendmail binary wasn't working with mail_debug=yes - Don't corrupt ssl-parameters.dat files when running multiple Dovecot instances. - Cache compression caused dovecot.index.cache to be completely deleted with big endian CPUs if 64bit file offsets were used (default) - Fixed "(index_mail_parse_header): assertion failed" crash

1 0

CVS to Mercurial switch
by Timo Sirainen 19 May '07

19 May '07

I've been meaning to switch away from CVS for a few years now, but I was never sure what I wanted to switch to, so I kept delaying it. I finally decided yesterday that Mercurial is pretty nice. The Mercurial repository is available from http://hg.dovecot.org/ (has a nice web interface). I wrote a small Mercurial mini-howto below. I'm not a Mercurial expert yet, so if you know better ways to do some things please let me know. The CVS repositories will still exist for a while, but they won't be updated anymore. If you notice the CVS being referenced somewhere (wiki, docs, etc.) please let me know (or fix yourself in wiki). 1. Fetch the initial repository: - ex. CVS HEAD: hg clone http://hg.dovecot.org/dovecot/ - ex. branch_1_0: hg clone http://hg.dovecot.org/dovecot-1.0/ - sieve plugin: hg clone http://hg.dovecot.org/dovecot-sieve-1.0/ The Sieve plugin currently works only with v1.0. I'll make a new "dovecot-sieve" repository for CVS HEAD later. 2. Update the repository: hg pull hg merge # only needed if you had done any changes hg update # to actually see the pulled changes All of this can be done with fetch extension. You can enable it by adding to ~/.hgrc: [extensions] hgext.fetch = After that you can use "hg fetch" which does all the above 3 commands (as far as I know, haven't really tried yet). 3. If you want to modify the sources, add your name to ~/.hgrc so it goes nicely into changelogs: [ui] username = Timo Sirainen <tss(a)iki.fi> You're able to "hg commit" your own changes into your repository. If you want to publish them, use "hg log" to see the changeset ID, and then use "hg export changesetid" to get patch ("hg export tip" might work too if you just want the last change(?)). You can then email the patch to Dovecot mailing list to get it merged. With CVS the ChangeLog file was updated every 15 minutes. Now the ChangeLog file doesn't exist in the repository at all. Instead it's generated with "hg log --style=changelog" when running "make dist".

1 0

v1.0.0 released
by Timo Sirainen 13 Apr '07

13 Apr '07

http://dovecot.org/releases/dovecot-1.0.0.tar.gz http://dovecot.org/releases/dovecot-1.0.0.tar.gz.sig It took almost 5 years, but it's finally ready. I'm not expecting to release v1.0.1 anytime soon, unless someone's been sitting on a major bug just waiting for v1.0 to be released. :) People wanting new features should start testing the upcoming v1.1. http://dovecot.org/nightly/ contains now snapshots from CVS HEAD. It already has tons of new features. I've been using it myself for half a year, so it should be mostly stable too. I'll write a separate mail about this later.

1 0

1.0.rc32 released
by Timo Sirainen 12 Apr '07

12 Apr '07

http://dovecot.org/releases/dovecot-1.0.rc32.tar.gz http://dovecot.org/releases/dovecot-1.0.rc32.tar.gz.sig Pretty late for changes if v1.0 is supposed to come out tomorrow, but I can't really leave these LDAP bugs unfixed. They shouldn't anyway break anything, so here's one more day for you people to find out about any bugs. One thing that I'm a bit concerned about is the addition of #define LDAP_DEPRECATED. I know it fixes crashes with OpenLDAP 2.3 + 64bit systems, but I hope it doesn't break compiling with some old versions or non-OpenLDAP libraries.. - LDAP, auth_bind=no: Don't crash if doing non-plaintext ldap passdb lookup for unknown user. This also broke deliver when userdb static was used. - LDAP, auth_bind=yes and userdb ldap: We didn't wait until bind was finished before sending the userdb request, which could have caused problems. - LDAP: Don't break when compiling with OpenLDAP v2.3 library - Convert plugin: Don't create "maildirfolder" file to Maildir root.

1 0

Released 1.0.rc31
by Timo Sirainen 08 Apr '07

08 Apr '07

http://dovecot.org/releases/dovecot-1.0.rc31.tar.gz http://dovecot.org/releases/dovecot-1.0.rc31.tar.gz.sig mbox + NFS combination shouldn't break anymore. v1.0 still planned to be released next friday. - mbox: Give "mbox file was modified while we were syncing" error only if we detect some problems in the mbox file. The check can't be trusted with NFS. - Convert plugin: If directory for destination storage doesn't exist, create it. - Convert plugin: Mailbox names weren't converted in subscription list.

1 0

1.0.rc30 released
by Timo Sirainen 06 Apr '07

06 Apr '07

http://dovecot.org/releases/dovecot-1.0.rc30.tar.gz http://dovecot.org/releases/dovecot-1.0.rc30.tar.gz.sig So, this is it. Unless you can find a new and important bug within a week, this release is the same as v1.0. I'll only update the version number and NEWS file. Changes since rc29: * PAM: Lowercase the PAM service name when calling with "args = *". Linux PAM did this internally already, but at least BSD didn't. If your PAM file used to be in /etc/pam.d/IMAP or POP3 file you'll need to lowercase it now. + Send list of CA names to client when using ssl_verify_client_cert=yes. - IMAP: If message body started with line feed, it wasn't counted in BODY and BODYSTRUCTURE replies' line count field. - deliver didn't load plugins before chrooting

1 0

1.0.rc29 released
by Timo Sirainen 30 Mar '07

30 Mar '07

http://dovecot.org/releases/dovecot-1.0.rc29.tar.gz http://dovecot.org/releases/dovecot-1.0.rc29.tar.gz.sig Probably one more RC after this. * Security fix: If zlib plugin was loaded, it was possible to open gzipped mbox files outside the user's mail directory. + Added auth_gssapi_hostname setting. - IMAP: LIST "" "" didn't return anything if there didn't exist a namespace with empty prefix. This broke some clients. - If Dovecot is tried to be started when it's already running, don't delete existing auth sockets and break the running Dovecot - If deliver failed too early it still returned exit code 89 instead of EX_TEMPFAIL. - deliver: INBOX fallbacking with -n parameter wasn't working. - passdb passwd and shadow couldn't be used as master or deny databases - IDLE: inotify didn't notice changes in mbox file - If index file directory couldn't be created, disable indexes instead of failing to open the mailbox. - Several other minor fixes

1 0

Security hole #3: zlib plugin allows opening any gziped mboxes
by Timo Sirainen 30 Mar '07

30 Mar '07

zlib plugin allows opening gzipped mboxes as read-only mailboxes. However when using it, the mailbox name checks are bypassed so it's possible to open for example "../otheruser/somefile.gz". Only valid gzipped mbox files can be opened, and only if their name ends with ".gz". You can fix this by upgrading to v1.0.rc29 (available soon) or with this patch: http://dovecot.org/list/dovecot-cvs/2007-March/008488.html I don't think this matters much though. zlib plugin is rarely used, and those who do use it are probably using Dovecot with systems users (per-user UIDs), so the imap process wouldn't have access to other users' mbox files anyway. I found this problem when I was cleaning up the code in CVS HEAD.

1 0

1.0.rc28 released
by Timo Sirainen 23 Mar '07

23 Mar '07

http://dovecot.org/releases/dovecot-1.0.rc28.tar.gz http://dovecot.org/releases/dovecot-1.0.rc28.tar.gz.sig Still a bit more fixes. My coding TODO list is again empty. Unless something special happens in the next few weeks, I'll still make rc29 with the documentation included and v1.0 will be released April 13. * deliver + userdb static: Verify the user's existence from passdb, unless allow_all_users=yes * dovecot --exec-mail: Log to configured log files instead of stderr * Added "-example" part to doc/dovecot-sql-example.conf and doc/dovecot-ldap-example.conf. They are now also installed to $sysconfdir with "make install". + When copying/syncing a lot of mails, send "* OK Hang in there" replies to client every 15 seconds so it doesn't just timeout the connection. + Added idxview and logview utilities to examine Dovecot's index files + passdb passwd and shadow support blocking=yes setting now also + mbox: If mbox file changes unexpectedly while we're writing to it, log an error. + deliver: Ignore -m "" parameter to make calling it easier. + deliver: Added new -n parameter to disable autocreating mailboxes. It affects both -m parameter and Sieve plugin's fileinto action - mbox: Using ~/ in the mail root directory caused a ~ directory to be created (instead of expanding it to home directory) - auth cache: If unknown user was found from cache, we didn't properly return "unknown user" status, which could have caused problems in deliver. - mbox: Fixed "UID inserted in the middle of mailbox" in some conditions with broken X-UID headers - Index view syncing fixes - rc27 didn't compile with some non-GCC compilers - vpopmail support didn't compile in rc27 - NFS check with chrooting broke home direcotry for the first login - deliver: If user lookup returned "unknown user", it logged "BUG: Unexpected input" - convert plugin didn't convert INBOX

1 0

1.0.rc27 released
by Timo Sirainen 13 Mar '07

13 Mar '07

http://dovecot.org/releases/dovecot-1.0.rc27.tar.gz http://dovecot.org/releases/dovecot-1.0.rc27.tar.gz.sig A few new small features and lots of index/mbox fixes. I've been heavily stress testing this release, so I think it should be about perfect. :) I think the only thing still missing from v1.0 is documentation. There are some unwritten pages in the wiki, and I still haven't bothered to write the wiki -> doc/*.txt conversion script. The script will probably be pretty easy, but writing the docs can take a while. + mbox and index file code handles silently out of quota/disk space errors (maildir still has problems). They will give the user a "Not enough disk space" error instead of flooding the log file. + Added fsync_disable setting. + mail-log plugin: Log the mailbox name, except if it's INBOX + dovecot-auth: Added a lot more debug logging to passdbs and userdbs + dovecot-auth: Added %c variable which expands to "secured" with SSL/TLS/localhost. + dovecot-auth: Added %m variable which expands to auth mechanism name - maildir++ quota: With ignore=box setting the quota was still updated for the mailbox even though it was allowed to go over quota (but quota recalculation ignored the box). - Index file handling fixes - mbox syncing fixes - Wrong endianess index files still weren't silently rebuilt - IMAP quota plugin: GETQUOTAROOT returned the mailbox name wrong the namespace had a prefix or if its separator was non-default - IMAP: If client was appending multiple messages with MULTIAPPEND and LITERAL+ extensions and one of the appends failed, Dovecot treated the rest of the mail data as IMAP commands. - If mail was sent to client with sendfile() call, we could have hanged the connection. This could happen only if mails were saved with CR+LF linefeeds.

1 0

1.0.rc26 released
by Timo Sirainen 07 Mar '07

07 Mar '07

http://dovecot.org/releases/dovecot-1.0.rc26.tar.gz http://dovecot.org/releases/dovecot-1.0.rc26.tar.gz.sig Most importantly this should fix mbox problems in recent RCs. * Changed --with-headers to --enable-header-install * If time moves backwards only max. 5 seconds, sleep until we're back in the original present instead of killing ourself. An error is still logged. - IMAP: With namespace prefixes LSUB prefix.* listed INBOX.INBOX. - deliver: Ignore mbox metadata headers from the message input. X-IMAP header crashed deliver. - deliver: If mail_debug=yes, drop out DEBUG environment before calling sendmail binary. Postfix's sendmail didn't really like it. - mbox: X-UID brokeness fixes broke rc25 even with valid X-UID headers. Now the code should finally work right. - Maildir: When syncing a huge maildir, touch dovecot-uidlist.lock file once in a while to make sure it doesn't get overwritten by another process. - Maildir++ quota: We didn't handle NUL bytes in maildirsize files very well. Now the file is rebuilt when they're seen (NFS problem). - Index/view handling fix should fix some crashes/errors - If index files were moved to a different endianess machine, Dovecot logged all sorts of errors instead of silently rebuilding them. - Convert plugin didn't change hierarchy separators in mailbox names. - PostgreSQL authentication could have lost requests once in a while with a heavily loaded server. - Login processes could have crashed in some situations - auth cache crashed with non-plaintext mechanisms

1 0

1.0.rc25 released
by Timo Sirainen 01 Mar '07

01 Mar '07

http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz http://dovecot.org/releases/dovecot-1.0.rc25.tar.gz.sig Instead of having "Should v1.0 be released already" discussion, how about having "What's still missing from wiki.dovecot.org and how could it be improved" discussion? And what should the wiki exported to doc/ directory in the tarball look like? * If time moves backwards, Dovecot kills itself instead of giving random problems. + Added --with-headers configure option to install .h files. Binary package builders could use this to create some dovecot-dev package to make compiling plugins easier. - PLAIN authentication: Don't crash dovecot-auth with invalid input. - IMAP APPEND: Don't crash if saving fails - IMAP LIST: If prefix.INBOX has children and we're listing under prefix.%, don't drop the prefix. - mbox: Broken X-UID headers still weren't handled correctly. - mail-log plugin: Fixed deleted/undeleted logging.

1 0

1.0.rc24 released
by Timo Sirainen 22 Feb '07

22 Feb '07

And more fixes. * Dovecot now fails to load plugins that were compiled for different Dovecot version, unless version_ignore=yes is set. This needs to be explicitly set in plugins, so out-of-tree plugins won't have this check by default. - pop3_lock_session=yes could cause deadlocks, and with maildir the uidlist lock could have been overridden after 2 minutes causing problems - PAM wasted CPU by calling a timeout function 1000x too often - Trash plugin was more or less broken with multiple namespaces and with multiple trash mailboxes

1 0

1.0.rc23 released
by Timo Sirainen 20 Feb '07

20 Feb '07

http://dovecot.org/releases/dovecot-1.0.rc23.tar.gz http://dovecot.org/releases/dovecot-1.0.rc23.tar.gz.sig Documentation is probably the only important thing left before v1.0. * deliver doesn't ever exit with Dovecot's internal exit codes anymore. All its internal exit codes are changed to EX_TEMPFAIL. * mbox: X-Delivery-ID header is now dropped when saving mails. * mbox: If pop3_uidl_format=%m, we generate a unique X-Delivery-ID header when saving mails to make sure the UIDL is unique. + PAM: blocking=yes in args uses an alternative way to do PAM checks. Try it if you're having problems with PAM. + userdb passwd: blocking=yes in args makes the userdb lookups be done in auth worker processes. Set it if you're doing remote NSS lookups (eg. nss_ldap problems are fixed by this). + If PAM child process hasn't responded in two minutes, send KILL signal to it (only with blocking=no) - IMAP: APPEND ate all CPU while waiting for more data from the client (broken in rc22) - mbox: Broken X-UID headers assert-crashed sometimes - mbox: When saving a message to an empty mbox file it got an UID which immediately got incremented. - mbox: Fixed some wrong "uid-last unexpectedly lost" errors. - auth cache: In some situations we crashed if passdb had extra_fields. - auth cache: Special extra_fields weren't saved to auth cache. For example allow_nets restrictions were ignored for cached entries. - A lot of initial login processes could cause auth socket errors in log file at startup, if dovecot-auth started slowly. Now the login processes are started only after dovecot-auth has finished initializing itself. - imap/pop3 proxy: Don't crash if the remote server disconnects before we're logged in. - deliver: Don't bother trying to save the mail twice into the default mailbox (eg. if it's over quota). - mmap_disable=yes + non-Linux was really slow with large dovecot.index.cache files - MySQL couldn't be used as a masterdb - Trash plugin was more or less broken - imap/pop3 couldn't load plugins if they chrooted - imap/pop3-login process could crash in some conditions - checkpassword-reply crashed if USER/HOME wasn't set

1 0

1.0.rc22 released
by Timo Sirainen 06 Feb '07

06 Feb '07

http://dovecot.org/releases/dovecot-1.0.rc22.tar.gz http://dovecot.org/releases/dovecot-1.0.rc22.tar.gz.sig Found another bad bug in rc19 changes. Wonder why my imaptest catched the bug only in CVS HEAD but not in branch_1_0 even though both had it. Anyway, now the imaptest runs nicely for both, and I'm again optimistic that the bug count is low enough for v1.0 to be released soon :) BTW. My previous benchmarks which showed how mmap_disable=yes and fsync_disable=yes give huge performance benefits are pretty XFS-specific. I did some quick tests with ext3 and the differences were quite small with it. I'll probably do another proper run of tests later. + pop3: Commit the transaction even if client didn't QUIT so cached data gets saved. - Fixed another indexing bug in rc19 and later which caused transactions to be skipped in some situations, causing all kinds of problems. - mail_log_max_lines_per_sec was a bit broken and caused crashes with dovecot -a - BSD filesystem quota was counted wrong. Patch by Manuel Bouyer - LIST: If namespace has a prefix and inbox=no, don't list prefix.inbox if it happens to exist when listing for %.

1 0

1.0.rc21 released
by Timo Sirainen 02 Feb '07

02 Feb '07

http://dovecot.org/releases/dovecot-1.0.rc21.tar.gz http://dovecot.org/releases/dovecot-1.0.rc21.tar.gz.sig Just one fix. Maybe the one big thing in Dovecot v2.0.* will be a test suite, which is run before any release. :) - Cache file handling could have crashed rc20

1 0

1.0.rc20 released
by Timo Sirainen 02 Feb '07

02 Feb '07

http://dovecot.org/releases/dovecot-1.0.rc20.tar.gz http://dovecot.org/releases/dovecot-1.0.rc20.tar.gz.sig So, rc19 was somewhat broken. How about this version? + dovecot: Added --log-error command line option to log an error, so the error log is easily found. + Added mail_log_max_lines_per_sec setting. Change it to avoid log throttling with mail_log plugin. - Changing message flags was more or less broken in rc19 - ACL plugin still didn't work without separate control directory - Some mbox handling fixes, including fixing an infinite loop - Some index file handling fixes - maildir quota: Fixed a file descriptor leak - If auth_cache was enabled and userdb returned "user unknown" (typically only deliver can do that), dovecot-auth crashed. - mail_log plugin didn't work with pop3

1 0

1.0.rc19 released
by Timo Sirainen 23 Jan '07

23 Jan '07

http://dovecot.org/releases/dovecot-1.0.rc19.tar.gz http://dovecot.org/releases/dovecot-1.0.rc19.tar.gz.sig Just did a few more fixes to index files. Do they help with anyone's problems? - ACL plugin didn't work unless control dir was separate from maildir - More index file handling fixes

1 0

1.0.rc18 released
by Timo Sirainen 22 Jan '07

22 Jan '07

http://dovecot.org/releases/dovecot-1.0.rc18.tar.gz http://dovecot.org/releases/dovecot-1.0.rc18.tar.gz.sig I think we're quite near v1.0 now. * ACL plugin + Maildir: Moved dovecot-acl file from control directory to maildir. To prevent accidents caused by this change, Dovecot kills itself if it finds dovecot-acl file from the control directory. * When opening a maildir, check if tmp/'s atime is over 8h old. If it is, delete files in it with ctime older than 36h. However if atime - ctime > 36h, it means that there's nothing to be deleted and the scanning isn't done. We update atime ourself if filesystem is mounted with noatime. * base_dir doesn't need to be group-readable, don't force it. * mail_read_mmaped setting is deprecated and possibly broken. It's now removed from dovecot-example.conf, but it still works for now. * Removed also umask setting from dovecot-example.conf since currently it doesn't do what it's supposed to. + Authentication cache caches now also userdb data. + Added mail_log plugin to log various mail operations. Currently it logs mail copies, deletions, expunges and mailbox deletions. - dict quota: messages=n parameter actually changed storage limit. - A lot of fixes to handling index files. This should fix almost all of the problems ever reported. - LDAP: auth_bind=yes was more or less broken. - Saved mails and dovecot-keywords file didn't set the group from dovecot-shared file. - Fixed potential assert-crash while searching messages - Fixed some crashes with invalid X-UID headers in mboxes - If you didn't have a namespace with empty prefix, giving STATUS command for a non-existing namespace caused the connection to give "NO Unknown namespace" errors for all the future commands.

1 0

1.0.rc17 released
by Timo Sirainen 07 Jan '07

07 Jan '07

http://dovecot.org/releases/dovecot-1.0.rc17.tar.gz http://dovecot.org/releases/dovecot-1.0.rc17.tar.gz.sig - MySQL authentication caused username to show up as "OK" in rc16.

1 0

1.0.rc16 released
by Timo Sirainen 05 Jan '07

05 Jan '07

http://dovecot.org/releases/dovecot-1.0.rc16.tar.gz http://dovecot.org/releases/dovecot-1.0.rc16.tar.gz.sig If you've had problems with getting errors about index files sometimes being corrupted, please try if this release fixes it. If you've reported any bugs that this release hasn't fixed, please report them again so I know they still didn't get fixed and that I didn't forget them. * IMAP: When trying to fetch an already expunged message, Dovecot used to just disconnect client. Now it instead replies with dummy NIL data. * Priority numbers in plugin names have changed. If you're installing from source, you should delete the existing plugin files before installing the new ones, otherwise you'll get errors. * Maildir: We're using rename() to move files from tmp/ to new/ now. See http://wiki.dovecot.org/MailboxFormat/Maildir -> "Issues with the specification" for reasoning why this is safe. This makes saving mails faster, and also makes Dovecot usable with Mac OS X's HFS+ (after you also set dotlock_use_excl=yes, see below). + Added dotlock_use_excl setting. If enabled, dotlocks are created directly using O_EXCL flag, instead of by creating a temporary file which is hardlinked. O_EXCL is faster, but may not work with NFS. + If Dovecot crashes with Linux or Solaris, it'll log a "Raw backtrace". It's worse than gdb's backtrace, but better than nothing. + Added maildir_copy_preserve_filename=yes setting. + Added a lazy-expunge plugin to allow users to unexpunge their mails. + maildir quota: Added ignore setting to maildir quota, which allows ignoring quota in Trash mailbox. + dict quota: If dictionary doesn't yet contain the quota, calculate it by going through all the mails in all the mailboxes. + login_log_format_elements: Added %a=local port and %b=remote port + Added -i and -o options to rawlog to restrict logging only to input or output. - Doing a STATUS command for a selected mailbox (not a recommended IMAP client behavior) caused Dovecot to sync the mailbox silently. This could have lost eg. EXPUNGE events from clients, causing them to use wrong sequence numbers. - deliver was treating boolean settings set to "no" as if they were "yes" (they were supposed to be commented out for "no") - Running "dovecot" with -a or -n option while Dovecot was running deleted all authentication sockets, which caused all the future logins to fail. - maildir: RENAME and DELETE didn't touch control directory if it was different from maildir or index dir. - We treated internal userdb lookup errors as "user unknown" errors. In such situations this caused deliver to think the user didn't exist and the mail get bounced. - pam: Setting cache_key crashed - shared maildir: dovecot-keywords file's mode wasn't taken from dovecot-shared file. - dovecotpw wasn't working with PowerPC

1 0

1.0.rc15 released
by Timo Sirainen 19 Nov '06

19 Nov '06

http://dovecot.org/releases/dovecot-1.0.rc15.tar.gz http://dovecot.org/releases/dovecot-1.0.rc15.tar.gz.sig * Fixed an off-by-one buffer overflow in cache file handling. The code is executed only with mmap_disable=yes and only if index files are used (ie. INDEX=MEMORY is safe). * passdb checkpassword: Handle vpopmail's non-standard exit codes. - rc14 sometimes assert-crashed if .log.2 file existed in a mailbox (earlier versions leaked memory and file descriptors) - io_add() assert-crashfixes - Potential SSL hang fix at the beginning of the connection

1 0

Security hole #2: Off-by-one buffer overflow with mmap_disable=yes
by Timo Sirainen 19 Nov '06

19 Nov '06

Version: 1.0test53 .. 1.0.rc14 (ie. all 1.0alpha, 1.0beta and 1.0rc versions so far). 0.99.x versions are safe (they don't even have mmap_disable setting). Problem: When mmap_disable=yes setting is used, dovecot.index.cache file is read to memory using "file cache" code. It contains a "mapped pages" bitmask buffer. In some conditions when updating the buffer it allocates one byte too little. Exploitability: I think it's going to be pretty difficult to cause anything else than a crash, but I wouldn't say impossible. Only logged in IMAP/POP3 users can exploit this. In theory you might be able to exploit this for other users as well by sending them a lot of specially crafted emails, but this requires knowing what dovecot.index.cache file contains. Normally its contents can't be predicted, although perhaps with POP3 users it gets empty often enough that the exploit could be tried. Then again, the exploit requires having at least 4MB cache file, which won't happen with POP3 users before the mailbox has about 170k mails (if I counted right). With IMAP the cache file is used more, so it's easier to fill the 4MB with for example a lot of To-headers. Workaround: Use INDEX=MEMORY so the cache files aren't used at all. Fix: 1.0.rc15 fixes this. You can also use this patch: http://dovecot.org/patches/1.0/file-cache-buffer-overflow-fix.diff

1 0

1.0.rc14 released
by Timo Sirainen 12 Nov '06

12 Nov '06

http://dovecot.org/releases/dovecot-1.0.rc14.tar.gz http://dovecot.org/releases/dovecot-1.0.rc14.tar.gz.sig More fixes. "Duplicate header extension keywords" is the only known problem (or if I forgot something, remind me). I'll try to figure out a way to reproduce it easily and then get it fixed. * LDAP: Don't try to use ldap_bind() with empty passwords, since Windows 2003 AD skips password checking with them and just returns success. * verbose_ssl=yes: Don't bother logging "syscall failed: EOF" messages. No-one cares about them. + Dovecot sources should now compile without any warnings with gcc 3.2+ - rc13 crashed if client disconnected while IDLEing - LDAP: auth_bind=yes fixes - %variables: Fixed zero padding handling and documented it. %0.1n shouldn't enable it, and it really shouldn't stay for the next %variable. -sign also shouldn't stay for the next variable. - Don't leak opened .log.2 transaction logs. - Fixed a potential hang in IDLE command (probably really rare). - Fixed potential problems with client disconnecting while master was handling the login. - quota plugin didn't work in Mac OS X

1 0

1.0.rc13 released
by Timo Sirainen 08 Nov '06

08 Nov '06

http://dovecot.org/releases/dovecot-1.0.rc13.tar.gz http://dovecot.org/releases/dovecot-1.0.rc13.tar.gz.sig I'll just keep on making new releases now whenever something important is fixed. Hopefully there shouldn't be many left anymore. Most of the bugs fixed in this release were found by stress testing with my imaptest tool (http://dovecot.org/tools/imaptest.c) If you're interested in knowing how perfectly your Dovecot setup works (especially if you're using NFS), you could try the tool yourself also. I still see one crash with mmap_disable=yes, but it's pretty rare. Will see if I get it fixed before v1.0, but it's not that important. + deliver: If we're executing as a normal system user, get the HOME environment from passwd if it's not set. This makes it possible to run deliver from .forward. - Older compilers caused LDAP authentication to crash - Dying LDAP connections weren't handled exactly correctly in rc11, although it seemed to work usually - Fixed crashes and memory leaks with AUTHENTICATE command - Fixed crashes and leaks with IMAP/POP3 proxying - maildir: Changing a mailbox while another process was saving a message there at the same may have caused the changes to not be made into the maildir, which could have caused other problems later..

1 0

1.0.rc12 released
by Timo Sirainen 05 Nov '06

05 Nov '06

http://dovecot.org/releases/dovecot-1.0.rc12.tar.gz http://dovecot.org/releases/dovecot-1.0.rc12.tar.gz.sig Since rc11 has problems compiling with BSDs, here's a new release. Just two changes: - rc11 didn't compile with some compilers - default_mail_env fallbacking was broken with --exec-mail Here's also again the rc11 changes: * Renamed default_mail_env to mail_location. default_mail_env still works for backwards compatibility. * deliver: When sending rejects, don't include Content-Type in the rejected mail's headers. * LDAP changes: * If auth binds are used, bind back to the default dn before doing a search. Otherwise it could fail if a user gave an invalid password. * Initial binding at connect is now done asynchronously. * Use pass_attrs even with auth_bind=yes since it may contain useful non-password fields. + passdb checkpassword: Give TCPLOCALIP and TCPREMOTEIP and PROTO=TCP environments to the checkpassword binary so we're UCSPI (and vchkpw) compatible. - mbox handling was a bit broken in rc10 - Using Dovecot via inetd kept crashing dovecot master - deliver: Don't crash with -f "". Changed the default from envelope to be "MAILER-DAEMON". - INBOX wasn't shown with LSUB command if only prefixed namespaces were used. - passdb ldap: Reconnecting to LDAP server wasn't working with auth binds. - passdb sql: Non-plaintext authentication didn't work - MySQL passdb ignored all non-password checks, such as allow_nets - trash plugin was broken

1 0

1.0.rc11 released
by Timo Sirainen 04 Nov '06

04 Nov '06

http://dovecot.org/releases/dovecot-1.0.rc11.tar.gz http://dovecot.org/releases/dovecot-1.0.rc11.tar.gz.sig Hopefully the last RC release? As far as I know there are no major problems left now. If nothing big shows up, v1.0 should be out in a couple of weeks. * Renamed default_mail_env to mail_location. default_mail_env still works for backwards compatibility. * deliver: When sending rejects, don't include Content-Type in the rejected mail's headers. * LDAP changes: * If auth binds are used, bind back to the default dn before doing a search. Otherwise it could fail if a user gave an invalid password. * Initial binding at connect is now done asynchronously. * Use pass_attrs even with auth_bind=yes since it may contain useful non-password fields. + passdb checkpassword: Give TCPLOCALIP and TCPREMOTEIP and PROTO=TCP environments to the checkpassword binary so we're UCSPI (and vchkpw) compatible. - mbox handling was a bit broken in rc10 - Using Dovecot via inetd kept crashing dovecot master - deliver: Don't crash with -f "". Changed the default from envelope to be "MAILER-DAEMON". - INBOX wasn't shown with LSUB command if only prefixed namespaces were used. - passdb ldap: Reconnecting to LDAP server wasn't working with auth binds. - passdb sql: Non-plaintext authentication didn't work - MySQL passdb ignored all non-password checks, such as allow_nets - trash plugin was broken

1 0

1.0.rc10 released
by Timo Sirainen 16 Oct '06

16 Oct '06

http://dovecot.org/releases/dovecot-1.0.rc10.tar.gz http://dovecot.org/releases/dovecot-1.0.rc10.tar.gz.sig I've finally read all the mails in the mailing list and in my INBOX. If I haven't replied to some of your mail, please resend it. Remember that since 1.0.rc9 release dovecot.index.cache files will get rebuilt in 64bit systems, and it's probably better to delete them manually so you don't get errors in log files. There are only a couple of issues left in my v1.0-TODO list: - Master process appears to be leaking log fds with kqueue. Could someone again give me access to a system where this happens? - Login process problems. How well does it work now? Hopefully well enough that v1.0 could be released. - LDAP authentication is leaking memory? Can anyone confirm this? Even better, can someone figure out what exactly is leaking? :) Not a v1.0 blocker though. I think v1.0 will be released once no-one has reported any major problems for a Dovecot release in 2-4 weeks. I think login process handling is the only potentially major problem left. There are a few patches from people that I haven't forgotten, but I've decided not to put them into v1.0 anymore: - Filesystem quota group. I don't think it's that important feature, and it might break something. - HFS+ hardlink avoiding - Managesieve - vmailmgr support And finally the changes in this release: * When matching allowed_nets IPs, convert IPv6-mapped-IPv4 addresses to actual IPv4 addresses first. + IMAP: Try to avoid sending duplicate/useless message flag updates + Added support for non-plaintext authentication for vpopmail if it returns plaintext passwords. Based on patch by Remi Gacogne. + Added %D modified to return "sub.domain.org" as "sub,dc=domain,dc=org" (for LDAP queries). Patch by Andrey Panin. - rc9 broke cache files in 64bit systems - deliver works now with mail_chroot - auth cache didn't work properly with multiple passdbs - Fixes to handling CRLF linefeeds in mboxes.

1 0

1.0.rc9 released
by Timo Sirainen 14 Oct '06

14 Oct '06

http://dovecot.org/releases/dovecot-1.0.rc9.tar.gz http://dovecot.org/releases/dovecot-1.0.rc9.tar.gz.sig Most importantly this should fix the login process problems that people have been reporting. There were also some bugs in the proxying feature. Also note the 64bit change in dovecot.index.cache files. Unless you delete dovecot.index.cache files manually, you'll these kind of error messages into your logs: Error: Corrupted index cache file ...dovecot.index.cache: registered field date.sent size changed They'll get fixed automatically of course, but it might be a bit annoying to see them. * 64bit systems: dovecot.index.cache file will be rebuilt because some time fields have been changed from 64bit fields to 32bit fields. Now the same cache file can be used in both 32bit and 64bit systems without it being rebuilt. * Added libmysqlclient workaround to conflicting sha1_result symbol, which caused Dovecot to fail logging into MySQL. + dovecot.index.cache file opening is delayed until it's actually needed. This reduces disk accesses a bit with eg. STATUS commands. + auth_cache: Try to handle changing passwords automatically: If password verification fails, but the last one had succeeded, don't use the cache. This works only with plaintext auth. - dovecot.index.cache: We didn't properly detect if some fields were different length than we expected, which caused assert crashes - Lots of fixes to login/master process handling - mbox: Fixed a bug causing "X-IMAPbase uid-last unexpectedly lost in mbox file" errors, and possibly others.

1 0

1.0.rc8 released
by Timo Sirainen 09 Oct '06

09 Oct '06

I've still over 200 mails unread in the mailing list, and important things left in TODO. This release is an improvement over rc7 anyway, hopefully I'll have time to fix the rest soon. http://dovecot.org/releases/dovecot-1.0.rc8.tar.gz http://dovecot.org/releases/dovecot-1.0.rc8.tar.gz.sig * GSSAPI: Changed POP3 service name to "pop", which is what the standard says * "mbox:/var/mail/%u" no longer works as the mail location. You'll have to specify the mail root explicitly, just like the examples always have: "mbox:~/mail:INBOX=/var/mail/%u" + SHA1, LDAP-MD5, PLAIN-MD5, PLAIN-MD4: The password can be now either hex or base64 encoded. The encoding is detected automatically based on the password string length. + Allow running only Dovecot master and dovecot-auth processes with protocols=none setting + deliver: -f <envelope sender> parameter can be used to set mbox From_-line's sender address + deliver: Log all mail saves and failures + Tru64 SIA passdb support. Patch by Simon L Jackson. - INBOX was listed twice in mailbox list if namespace prefix was used - INBOX-prefixed namespaces were a bit broken - kqueue: Fix 100% CPU usage - deliver: Duplicate storage was a bit broken - dictionary code was broken (ie. dict quota) - SIGHUP caused crashes sometimes

1 0

1.0 RC7 released
by Timo Sirainen 18 Aug '06

18 Aug '06

http://dovecot.org/releases/dovecot-1.0.rc7.tar.gz http://dovecot.org/releases/dovecot-1.0.rc7.tar.gz.sig Can everyone now agree that there are no more hangs? :) * Require that Dovecot master process's version number matches the child process's, unless version_ignore=yes. Usually it's an accidental installation problem if the version numbers don't match. * Maildir: Create maildirfolder file when creating new maildirs. + ldap+prefetch: Use global uid/gid settings if LDAP query doesn't return them + %variables: Negative offsets count from the end of the string. Patch by Johannes Berg. - kqueue ioloop code rewrite - notify=kqueue might have caused connection hangs sometimes - deliver: If message body contained a valid mbox From_ line, it and the rest of the message was skipped. - mbox: We got into infinite loops if trying to open a 2 byte sized file as mbox. - Don't crash with ssl_disable=yes - quota plugin caused compiling problems with some OSes - mbox: After saving a mail to a synced mbox, we lost the sync which caused worse performance I think my v1.0 TODO list is: - avoid duplicate flag change notifications, or in case the message is also expunged don't bother notifying its flag changes at all (shouldn't be hard) - HFS+ avoid-hardlinks patch? - 32bit -> 64bit upgrade still doesn't work without assert-crashing: mail-cache-transaction.c: line 709 (mail_cache_add): assertion failed: (fixed_size == (unsigned int)-1 || fixed_size == data_size) - Courier-compatible INBOX. namespace gives "invalid namespace" errors I'm still not sure about the last one though. Could someone give me specific commands that clients send that causes it? As for the 32bit -> 64bit upgrade fix, could someone give me access to a x86-64 machine for a while to test it out?

1 0

1.0 RC6 released
by Timo Sirainen 07 Aug '06

07 Aug '06

http://dovecot.org/releases/dovecot-1.0.rc6.tar.gz http://dovecot.org/releases/dovecot-1.0.rc6.tar.gz.sig Back to rc1's SSL proxying code with some improvements, which hopefully now makes everyone happy. I'm seeing all kinds of problems with namespace prefixes and LIST code. I guess it would be important to fix it before v1.0 since it makes upgrades from other servers easier.. I also tried looking into the "Unknown namespace" problems that happens if you try to create only one namespace with "INBOX." prefix. I couldn't really figure out what causes those errors. Could someone show me what commands the client tries to use which causes it? * Removed login_max_logging_users setting since it was somewhat weird in how it worked. Added login_max_connections to replace it with login_process_per_connection=no, and with =yes its functionality is now within login_max_processes_count. + Added --with-linux-quota configure option to specify which Linux quota version to use, in case it's not correct in sys/quota.h. Usually used as --with-linux-quota=2 + acl plugins: If .DEFAULT file exists in global ACL root directory, use it as the default ACLs for all mailboxes. - Fixes to login process handling, especially with login_process_per_connection=no. - Back to the original SSL proxy code but with one small fix, which hopefully fixes the occational hangs with it - Several fixes to handling LIST command more correctly.

1 0

1.0 RC5 released
by Timo Sirainen 03 Aug '06

03 Aug '06

http://dovecot.org/releases/dovecot-1.0.rc5.tar.gz http://dovecot.org/releases/dovecot-1.0.rc5.tar.gz.sig Hopefully this is the final mbox bugfix.. Nothing else changed since rc4.

1 0

1.0 RC4 released
by Timo Sirainen 02 Aug '06

02 Aug '06

http://dovecot.org/releases/dovecot-1.0.rc4.tar.gz http://dovecot.org/releases/dovecot-1.0.rc4.tar.gz.sig Just one fix since RC3: - Saving to mboxes caused assert-crashes

1 0

1.0 RC3 released
by Timo Sirainen 02 Aug '06

02 Aug '06

http://dovecot.org/releases/dovecot-1.0.rc3.tar.gz http://dovecot.org/releases/dovecot-1.0.rc3.tar.gz.sig Does this fix the hangs people have been reporting? - SSL connections hanged sometimes, especially when saving messages. - mbox: Mail bodies were saved with CR+LF linefeeds - Mail forwarding was broken with deliver/Sieve - dbox fixes. Might actually be usable now. - Index file handling fixes with keywords - Cache file was incorrectly used in some situations, which probably caused problems sometimes. - Maildir++ quota: Don't count "." and ".." directory sizes to quota. After rewriting maildirsize file keep its fd open so that we can later update it. Patch by Alexander Zagrebin

1 0

1.0.rc2 released
by Timo Sirainen 04 Jul '06

04 Jul '06

Final 1.0 release is looking to get closer. There's nothing left in my TODO list for it, so please report any old and new bugs you see. This release also makes upgrades from 0.99 more transparent with automatic renaming of .subscriptions and .customflags files with maildir. http://dovecot.org/releases/dovecot-1.0.rc2.tar.gz http://dovecot.org/releases/dovecot-1.0.rc2.tar.gz.sig * disable_plaintext_auth=yes: Removed hardcoded 127.* and ::1 IP checks. Now we just assume that the connection is secure if the local IP matches the remote IP address. * SSL code rewrite which hopefully makes it work better than before. Seems to work correctly, but if you suddently have trouble with SSL connections this is likely the reason. + verbose_ssl=yes: Log also SSL alerts and BIO errors - If namespace's location field wasn't set, the default location was supposed to be used but it wasn't. - When copying ssl-parameters.dat file from /var/lib to /var/run its permissions went wrong if it couldn't be copied with hard linking. - Fixed filesystem quota plugin to work with BSDs. - Maildir: Saving mails didn't work if quota plugin was enabled (again) - Maildir: Messages' received time wasn't saved properly when saving/copying multiple messages at a time. Also if using quota plugin the S= size was only set for the first saved file, and even that was wrong. - passdb passwd-file: Don't require valid uid/gid fields if file isn't also being used as a userdb. - PostgreSQL: Handle failures better so that there won't be "invalid fd" errors in logs. - Don't try to expunge messages if the mailbox is read-only. It'll just cause our index files to go out of sync with the real mailbox and cause errors. - ANONYMOUS authentication mechanism couldn't work because anonymous_username setting wasn't passed from master process.

1 0

1.0.rc1 released
by Timo Sirainen 28 Jun '06

28 Jun '06

I think the code is now stable enough to be called the first release candidate. Please report any bugs, new and old. The filesystem quota numbers should be correct now? http://dovecot.org/releases/dovecot-1.0.rc1.tar.gz http://dovecot.org/releases/dovecot-1.0.rc1.tar.gz.sig * PAM: If user's password is expired, give "Password expired" error message to the user. Now actually working thanks to Vaidas Pilkauskas * Relicensed dovecot-auth, lib-sql and lib-ntlm to MIT license. See COPYING file for more information. * Abuse prevention: When creating a mailbox, limit the number of hierarchies (up to 20) and the length of the mailbox name within a hierarchy (up to 200 characters). * mbox: If saved mail doesn't end with LF, add it ourself so that the mails always have one empty line before the next From-line. + Added --with-statedir configure option which defaults to $localstatedir/lib/dovecot. ssl-parameters.dat is permanently stored in that directory and is copied to login_dirs from there. + IMAP: Support SASL-IR extension (SASL initial response) + Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson + Added PLAIN-MD4 password scheme. Patch by Andrey Panin. + Added support for XFS disk quotas. Patch by Pawel Jarosz + If another process deletes the opened mailbox, try to handle it without writing errors to log file. Handles the most common cases. + Added TLS support for LDAP if the library supports it. - SEARCH command was more or less broken with OR and NOT conditions - Dovecot corrupted mbox files which had CR+LF linefeeds in headers - MySQL code could have crashed while escaping strings - MD4 code with NTLM authentication was broken with 64bit systems. Patch by Andrey Panin - Plugin loading was broken in some OSes (eg. FreeBSD) - Several fixes to handling empty values in configuration file - Several fixes to dictionary quota backend and dict server. Also changed how they're configured. - deliver: Fixed plugin handling settings - mbox_min_index_size handling was somewhat broken - passdb passwd-file: extra_args field wasn't read unless the file was also used as userdb.

1 0

1.0.beta9 released
by Timo Sirainen 13 Jun '06

13 Jun '06

Fixes a lot of bugs. The next release will be the first "release candidate" instead of a beta. * PAM: Don't call pam_setcred() unless setcred=yes PAM passdb argument was given. * Moved around settings in dovecot-example.conf to be in more logical groups. + Local delivery agent (deliver binary) works again. + LDAP: Added support for SASL binding. Patch by Geert Jansen + ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log invalid sent certificates. If verbose_ssl=yes, log even the valid certificates. When using the username from the certificate, use CommonName. Based on patch by HenkJan Wolthuis + PAM: Set PAM_TTY which is needed by some PAM plugins + dovecot --exec-mail ext <binary path> can now be used to start binaries which want dovecot.conf to be read, for example the convert-tool. - Expunging needed to be done twice if client used STORE +FLAGS.SILENT command to set the \Deleted flags - Added sql_escape_string() to lib-sql API and use it instead of normal \-escaping. - ACL plugin fixes - DIGEST-MD5: Trying to use subsequent authentication crashed dovecot-auth. - Fetching BODY when BODYSTRUCTURE was already cached caused the reply to be broken in some cases - Lots of fixes for index file handling - dbox fixes and changes - mbox syncing broke if some extraneous/broken headers were removed (eg. extra X-IMAPbase headers in mails) - Running Dovecot from inetd work now properly with POP3 - Quota plugin fixes for calculating the quota correctly

1 0

1.0.beta8 released
by Timo Sirainen 12 May '06

12 May '06

Next release will probably be called 1.0.rc1. People just don't seem to like the beta name in the version number. :) Also I think we're nearing the final v1.0. * Fixed a security hole with mbox: "1 LIST .. *" command could list all directories and files under the mbox root directory, so if your mails were stored in eg. /var/mail/%u/ directory, the command would list everything under /var/mail. + Unless nfs_check=no or mmap_disable=yes, check for the first login if the user's index directory exists in NFS mount. If so, refuse to run. This is done only on first login to avoid constant extra overhead. + If we have plugins set and imap_capability unset, figure out the IMAP capabilities automatically by running imap binary at startup. The generated capability list isn't updated until Dovecot is restarted completely, so if you add or remove IMAP plugins you should restart. If you have problems related to this, set imap_capabilities setting manually to work around it. + Added auth_username_format setting - pop3_lock_session setting wasn't really working - Lots of fixes related to quota handling. It's still not working perfectly though. - Lots of index handling fixes, especially with mmap_disable=yes - Maildir: saving mails could have sometimes caused "Append with UID n, but next_uid = m" errors - flock() locking never timeouted because ignoring SIGALRM caused the system call just to be restarted when SIGALRM occurred (probably not with all OSes though?) - kqueue: Fixed "Unrecognized event". Patch by Vaclav Haisman

1 0

Security hole with mboxes
by Timo Sirainen 12 May '06

12 May '06

Unfortunately we have our first problem that could really be counted as security hole. Giving "1 LIST .. *" IMAP command allows the user to see all files and directories under the mbox root's parent directory, so potentially you could see other users' mailbox names. Nothing can be done with them though, so it's not possible to read or modify them. There are also some other less than wanted behaviors that can be done with "." and ".." directories, such as "DELETE .." command can give errors. Also with maildir if you store indexes in different directory than mails this command can be used to delete the index files. Anyway I don't see any of these as security issues. Hopefully most people have their mail directory under user's home directory, so this would only list the home directory's contents. But if you do have users' mails stored in eg. under /var/mail/%u/ directory, giving that command would list everything under /var/mail, assuming that the process has permissions to do that (that's why you should be using different UIDs for users if possible). This affects 1.0 beta and 1.0 stable releases, but not 0.99.x. Fix is in http://dovecot.org/list/dovecot-cvs/2006-May/005563.html I'll also release 1.0 beta8 now. Thanks for Bill Boebel for noticing "DELETE .." doing weird things with maildir.

1 0

CVS forked into development/stable branches
by Timo Sirainen 08 May '06

08 May '06

New branch created to CVS: branch_1_0 It's going to stabilize into v1.0 Dovecot, hopefully somewhat soon. I'll start adding new larger features into HEAD, so you might want to switch to branch_1_0 if you're currently using Dovecot from CVS. You can do this with: cvs up -r branch_1_0 The nightly snapshots are from branch_1_0, at least for now.

1 0

1.0.beta7
by Timo Sirainen 12 Apr '06

12 Apr '06

Sorry, the authentication problem still wasn't actually fixed in beta6. Now, this time I tested every possible authentication case that it really works. I'll soon create a CVS branch which is going to stabilize into the 1.0 release. I won't add new features there so it shouldn't really get broken anymore, at least because of new features.. So, two changes in this release: + Added shutdown_clients setting to control if existing imap/pop3 processes should be killed when master is. - Master login fixes, PLAIN authentication was still broken..

1 0

1.0.beta6 released
by Timo Sirainen 12 Apr '06

12 Apr '06

Fixes, mostly: * The login and master usernames were reversed when using master_user_separator (now the order is UW-IMAP compatible). * Killing dovecot master process now kills all IMAP and POP3 processes also. + -a parameter to dovecot prints now all settings that Dovecot uses. -n prints all settings that are different from defaults. + Added pop3_lock_session setting + %M modifier returns string's MD5 sum. Patch by Ben Winslow - PLAIN SASL authentication wasn't working properly, causing failed logins with some clients (broken in beta4) - Fixes to Maildir++ quota, should actually work now - Don't crash if passwd-file has entries without passwords (eg. deny=yes databases) - Fixed prefetch userdb to work nicely with other userdbs - If master process runs out of file descriptors, don't go to infinite loop (unlikely to have happened unless the OS's default fd limit was too low) - Fixed non-plaintext password lookups from LDAP. Patch by Lior Okman - %U modifier was actually lowercasing the string. Patch by Ben Winslow

1 0

1.0.beta5 released
by Timo Sirainen 04 Apr '06

04 Apr '06

Just two changes: - Beta4's SSL proxying rewrite worked worse than I thought. Reverted it back to original code. - Filesystem quota plugin now looks up the mount path correctly.

1 0

Dovecot-news mailing list created
by Timo Sirainen 02 Apr '06

02 Apr '06

New low-traffic list created for people who only wish to see new release announcements and possibly some other rare important announcements. Also from now on no-one can send mails to either of these lists with From-field containing "tss(a)iki.fi" or "Timo Sirainen", unless it also contains a valid PGP signature from me. If someone wants to see the script (and please check if there are any bugs in it, thanks :), it's here: http://iki.fi/tss/gpgcheck.pl

1 0

Test mail
by Timo Sirainen 02 Apr '06

02 Apr '06

List created, forgot to do this before sending beta4 announcement mail.

1 0