Hi, One interesting thing in this release is the support for configuring OAUTH2 openid-configuration element. It would be nice if IMAP clients started supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail and a few others. This would allow all kinds of new authentication methods for IMAP and improve the authentication security in general. https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot https://hub.docker.com/r/dovecot/dovecot * Any unexpected exit() will now result in a core dump. This can especially help notice problems when a Lua script causes exit(0). * auth-worker process is now restarted when the number of auth requests reaches service auth-worker { service_count }. The default is still unlimited. + Event improvements: Added data_stack_grow event and http-client category. See https://doc.dovecot.org/admin_manual/list_of_events/ + oauth2: Support RFC 7628 openid-configuration element. This allows clients to support OAUTH2 for any server, not just a few hardcoded servers like they do now. See openid_configuration_url setting in dovecot-oauth2.conf.ext. + mysql: Single statements are no longer enclosed with BEGIN/COMMIT. + dovecot-sysreport --core supports multiple core files now and does not require specifying the binary path. + imapc: When imap_acl plugin is loaded and imapc_features=acl is used, IMAP ACL commands are proxied to the remote server. See https://doc.dovecot.org/configuration_manual/mail_location/imapc/ + dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL. + imap: If IMAP client disconnects during a COPY command, the copying is aborted, and changes are reverted. This may help to avoid many email duplicates if client disconnects during COPY and retries it after reconnecting. - master process was using 100% CPU if service attempted to create more processes due to process_min_avail, but process_limit was already reached. v2.3.15 regression. - Using attachment detection flags wrongly logged unnecessary "Failed to add attachment keywords" errors. v2.3.13 regression. - IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED response, which could have confused IMAP clients. v2.3.13 regression. - imap: STORE didn't send untagged replies for \Seen changes for (shared) mailboxes using INDEXPVT. v2.3.10 regression. - rawlog_dir setting would not log input that was pipelined after authentication command. - Fixed potential infinite looping with autoexpunging. - Log event exporter: Truncate long fields to 1000 bytes - LAYOUT=index: ACL inheritance didn't work when creating mailboxes - Event filters: Unquoted '?' wildcard caused a crash at startup - fs-metawrap: Fix to handling zero sized files - imap-hibernate: Fixed potential crash at deinit. - acl: dovecot-acl-list files were written for acl_ignore_namespaces - program-client (used by Sieve extprograms, director_flush_socket) may have missed status response from UNIX and network sockets, resulting in unexpected failures.