Hi all, after a very long wait we are finally happy to release Dovecot v2.4.0! Some IMPORTANT things to notice: - We have changed the signing key for 2.4 going forward, releases are signed with EF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found at https://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key. The old key has been renamed to https://repo.dovecot.org/DOVECOT-REPO-GPG-2.3. - New 2.4 packages **are not** compatible with old 2.3 configuration, please carefully review https://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html before installing the new packages. - We are happy to provide experimental arm64 support in the form of a Docker image. - Docker images are now ran rootless, with UID 1000 as vmail using built sources. Please take this into consideration when upgrading. Latest 2.3 image can be used with tag 2.3-latest, if you are not ready for this change. We won't be sending separate mail about Pigeonhole anymore as we will release one anyways when we release Dovecot, and Pigeonhole versioning has been changed to match Dovecot versioning. Source codes available at - https://www.dovecot.org/releases/2.4/dovecot-2.4.0.tar.gz - https://www.dovecot.org/releases/2.4/dovecot-2.4.0.tar.gz.sig - https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.0.tar.gz - https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-2.4.0.tar.gz.... Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot Kind regards, Aki Tuomi Open-Xchange oy --- Dovecot Core NEWS ----------------- * config: dovecot_config_version must be the first non-comment line in configuration file. * config: dovecot_storage_version must be in the configuration file. * config: Many configuration options have changed so old configuration files do not work without rewrite. See https://doc.dovecot.org/main/installation/upgrade/2.3-to-2.4.html * config: New variable expansion syntax has been introduced, see https://doc.dovecot.org/main/core/settings/variables.html * config: Some default settings have changed. * config: plugin {} section has been removed. * *-login: With ssl=required, connections from login_trusted_networks are now also required to be SSL/TLS encrypted. * acl: Use ACL settings instead of Global ACL Directories. * auth-worker: auth_worker_max_count is replaced with service auth-worker { process_limit }. * auth: Weak password schemes are disabled by default, use auth_allow_weak_schemes to enable them. * auth_debug, mail_debug: Use log_debug filter instead. * config: All sections require a name, for example passdb/userdb: passdb static { password=secret } * db2: Remove Berkeley DB support. * dict-memcached: This is removed, use Redis instead. * director: Feature has been removed. See potential replacement at https://github.com/dovecot/tools/blob/main/director.lua * doveadm: USER environment variable is only supported with --no-userdb-lookup. One of -u, -F or -A must be used otherwise. * doveconf: Option -n is now default when running doveconf. * dsync: Use doveadm sync instead, legacy symlink has been removed. * fs-sis: Feature is now deprecated and has been made read-only. It will be removed in future release. * fts-lucene, fts-squat: These have been removed, use fts-flatcurve or fts-solr instead. * imap-login: IMAP compression is now handled in proxies. * imap_quota: SETQUOTA / quota_set has been removed. * imap_zlib: This plugin is no longer needed, it's always enabled. * imapc: All features are enabled by default, imapc_features can be used to explicitly disable features that are not wanted. * lib-storage: mbox driver is now frozen. * mail_compress: XZ and LZMA algorithm support has been removed. * mailbox-alias: Plugin has been removed. * old_stats, auth_stats: These have been removed. * openssl: Minimum supported version of OpenSSL is now 1.1.1. * openssl: Add support for OpenSSL 3.x * quota-dict, quota-dirsize: These have been removed, use quota-count instead. You can use quota_clone to copy quota usage to some database. * replicator: Feature has been removed. Use NFS or some other shared filesystem instead, or run doveadm sync in crontab. * stats: The bytes_in and bytes_out field in several events have been renamed as net_in_bytes and net_out_bytes. * zlib: Renamed to mail_compress plugin. + Experimental SMTPUTF8 and IMAP UTF8=ACCEPT support has been added. Needs --enable-experimental-mail-utf8 configure option and mail_utf8_extensions=yes setting. + Long running mail commands can be aborted with Ctrl-C / doveadm kick. + auth: LDAP driver now supports multi-value attributes. + auth: Add support for SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS. + auth: Add support for TLS channel binding. + auth: Support sending JA3 hash to policy server. + configure: Detect latest Lua version. + *-login: Support for TLS Server Name has been improved to allow pre-login settings. For example capabilities to be changed based on TLS Server Name. + *-login: Support for TLS ALPN has been added, connections with mismatching application are now refused. Missing ALPN is accepted. + fts-flatcurve: New Xapian based FTS plugin has been added. + imap: Support for INPROGRESS untagged messages as per RFC 9585. + lib-lua: Expose Dovecot DNS client. + lib-lua: Expose Dovecot HTTP client. + lib-sasl: Support SCRAM-SHA mechanisms. + lmtp: SNI support has been added which allows settings to be applied based on TLS Server Name. + sqlite: Support WAL mode. + stats: Submetric name size has been increased. + submission: Add submission_add_received_header setting to protect sender identity by suppressing the Received: header. - Many bugs have been fixed. Pigeonhole NEWS --------------- * Change configuration syntax to match new Dovecot configuration syntax. * vacation: Reduce default days to 60 from infinity * vacation: vacation_max_period=0 is now an error. * Version has been changed to match Dovecot version. + Added i;unicode-casecmp comparator. - Lots of bugs have been fixed.