<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!-- $Id: changes.html,v 1.5 2005/03/05 00:36:17 dasenbro Exp $ --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="generator" content="HTML Tidy, see www.w3.org" /> <title>Changes to the Cyrus IMAP Server</title> </head> <body> <h1>Changes to the Cyrus IMAP Server since 2.2.10</h1> <ul> <li>Fix possible single byte overflow in mailbox handling code.</li> <li>Fix possible single byte overflows in the imapd annotate extension.</li> <li>Fix stack buffer overflows in fetchnews (exploitable by peer news server), backend (exploitable by admin), and in imapd (exploitable by users though only on platforms where a filename may be larger than a mailbox name).</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.9</h1> <ul> <li>Fix 0 termination in mysasl_canon_user.</li> <li>Check for imap magic plus buffer overflow in proxyd also (CAN-2004-1015).</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.8</h1> <ul> <li>Change ACLs correctly when renaming a user</li> <li>Do not abandon std{in,out,err} file descriptors; syslog assumes it can use stderr if syslogd isn't running.</li> <li>Clean up imap magic plus to avoid buffer overrun (CAN-2004-1011)</li> <li>Fix lack of bounds checking in PARTIAL and FETCH (CAN-2004-1012, CAN-2004-1013)</li> <li>Do not attempt to reuse a freed connection in lmtpproxyd.</li> <li>Allow login without authentication with -N switch in proxyd.</li> <li>Fix use of xrealloc and fold pointers in lmtpengine.</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.7</h1> <ul> <li>Fix a double-free bug in the notify code</li> <li>Fix a problem with idled and an empty mailbox list</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.6</h1> <ul> <li>Fix handling of PARTIAL command and partial body fetches</li> <li>A large number of portability fixes supplied by Albert Chin <china@thewrittenword.com></li> <li>Added <tt>client_timeout</tt> option to control connect() timeouts for proxy code</li> <li>Added <tt>popuseacl</tt> option</li> <li>Fix a number of issues with the <tt>quota -f</tt> tool</li> <li>Fix thread safety issue in saslserver()</li> <li>Fix possible stage file leak in append code</li> <li>Fix bugs in handling of MULTIAPPEND introduced in 2.2.3</li> <li>Fixed regression bug in Sieve vacation</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.5</h1> <ul> <li>Fix a bug in the proxy code where a backend connection might get closed twice</li> <li>Improved consistancy checking in <tt>chk_cyrus</tt></li> <li>Fix segfault in APPEND code</li> <li>Fix a bug with an interaction between sieve and unixhierarchysep</li> <li>Fix a file descriptor leak in the quotadb code</li> <li>Fix a triggered assertation in service-thread services</li> <li>Add a number of internal consistancy checks to the skiplist code</li> <li>Allow <tt>mbpath</tt> to handle virtual domains</li> <li>Fix various MANAGESIEVE client authentication issues</li> <li>Other minor fixes</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.4</h1> <ul> <li>Bug fixed in hash table code that could sometimes cause crashes with the quotalegacy database</li> <li>Net-SNMP compatibility</li> <li>Significantly improved com_err detection</li> <li>Assorted minor NNTP improvements</li> <li>Assorted other minor bugfixes</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.3</h1> <ul> <li>Quota now uses the cyrusdb interface (<tt>quotalegacy</tt> by default).</li> <li>All incoming messages are now staged to disk before locking the destination mailbox (locks are no longer held during a network read).</li> <li>Fixed off-by-one error in <tt>fetchnews</tt> (articles are no longer skipped).</li> <li><tt>nntpd</tt> now uses the Followup-To: header (if exists) instead of the Newsgroups: header when constructing post address(es) and adds them to the Reply-To: header instead of the To: header.</li> <li>Added <tt>berkeley_locks_max</tt>, <tt>berkeley_txns_max</tt> and <tt>berkeley_cachesize</tt> options.</li> <li>Added <tt>imapmagicplus</tt> option.</li> <li>Substantial work on afspts/ptloader canonicalization code</li> <li>Much improved LDAP ptloader code (no more internal OpenLDAP dependencies)</li> <li>Fixed a number of IPv6 related bugs</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.2</h1> <ul> <li>Berkeley DB 4.2 Support - note that the Cyrus Berkeley enviroment needs to be reset (db_recover) before a Berkeley DB version upgrade or you need to remove all berkeley dbs. Special care needs to be taken when berkley db is used for mboxlist.</li> <li>Runtime configuration of the Cyrus databases. The cyrudb backend used for each database can be specified with an <tt>imapd.conf</tt> option. <b>NOTE:</b> You MUST convert the database using <tt>cvt_cyrusdb</tt> BEFORE changing the backend in <tt>imapd.conf</tt>. <li>Sendmail socket map support (<tt>smmapd</tt>) for verifying that mailboxes exist and are deliverable before accepting the message and sending it to Cyrus.</li> <li>New <tt>userid</tt> mode for virtual domains, which does NOT do reverse lookups of the IP address.</li> <li><tt>nntpd</tt> now supports the Xref header.</li> <li><tt>nntpd</tt> can now use the POST command to feed articles to upstream servers.</li> <li><tt>fetchnews</tt> can now be used with NNTP servers which don't support the NEWNEWS command.</li> <li><tt>lmtpd</tt> now initializes <tt>duplicate.db</tt> only when it is necessary (when using Sieve or <tt>duplicatesuppression</tt>).</li> <li>Sieve now verifies that text strings are valid UTF-8.</li> <li>Sieve now verifies that address tests and envelope tests are done on headers which contain addresses (can be disabled with <tt>rfc3028_strict: no</tt>).</li> <li>Services will now notice that a new binary has been installed and will restart using the new binary once the existing connection is closed.</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.1</h1> <ul> <li>Major bugfixes in murder altnamespace/unixhierarchysep/virtdomain support (Thanks in large part to work by Christian Schulte <cs@schulte.it>)</li> <li>Improved master process accounting (Henrique de Moraes Holschuh <hmh@debian.org>)</li> <li>Significantly improved message header caching (based in large part on code supplied by David Carter <David.Carter@ucs.cam.ac.uk> from the University of Cambridge) <li>The sieve bytecode format has been updated once more, to correctly handle short-circuiting of the allof and anyof operators</li> <li>Support for warning quota based on absolute mailbox size</li> <li>Correct handling of annotations during XFER operations</li> <li>Simple support for IMAP BINARY extension</li> <li>Support for Automake 1.7 and Autoconf 2.57</li> <li>Support for IMAP initial SASL response (the SASL-IR extension)</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.2.0</h1> <ul> <li>The improved directory hashing (fulldirhash) is now a runtime configuration option.</li> <li>The netnews.db has been integrated into deliver.db.</li> <li>Full r/w ANNOTATEMORE support, including more annotations that allow the control of operations such as message expiration. ANNOTATEMORE is also always enabled now.</li> <li><tt>expirenews</tt> has been replaced by <tt>cyr_expire</tt> which uses annotations for fine-grained mailbox expiration.</li> <li><tt>squatter</tt> can now use annotations for fine-grained mailbox indexing.</li> <li>Many nntpd enhancements including: reader-only and feeder-only modes, support for LIST NEWSGROUPS (via mailbox annotations) and gatewaying news to mail (via mailbox annotations).</li> <li><tt>fetchnews</tt> can now authenticate to the remote server.</li> <li>Removed deprecated LAST command from pop3d.</li> <li>Sieve Bytecode is now stored in network byte order, meaning that bytecode files can be freely moved between different platforms</li> <li>Sieve relational extension now working again.</li> <li>Sieve vacation now uses the correct subject.</li> <li>A large number of bugs involving virtual domain support have been fixed, including issues with the Murder, and with Sieve.</li> </ul> <h1>Changes to the Cyrus IMAP Server since 2.1.x</h1> <ul> <li>There have been extensive performance and consistancy changes to the configuration subsystem. This will both ensure greater consistancy between the documentation and the code, as well as a more standard format for specifing service-specific configuration options in imapd.conf. Important changes are detailed here: <ul> <li> The tls_[service]_* configuration options have been removed. Now use [servicename]_tls_*, where servicename is the service identifier from cyrus.conf for that particular process.</li> <li> Administrative groups (e.g. admins and lmtp_admins) no longer union, service groups completely override the generic group. </li> <li> lmtp_allowplaintext is no longer a defined parameter and must be specified using the service name of your lmtp process if you require a specific value</li> </ul></li> <li> libcyrus has been split into libcyrus_min and libcyrus, so as to allow sensative applications (such as master) include the least amount of code necessary for operation </li> <li> Virtual domain support. See the <a href="install-virtdomains.html">virtual domains</a> document for details.</li> <li> Users can now be renamed (even across domains). Note that this is not atomic and weirdness may occur if the user is logged in during the rename. See the <tt>allowusermoves</tt> option in <tt>imapd.conf(5)</tt> for details.</li> <li> The <tt>db3</tt> and <tt>db3-nosync</tt> database backends have been renamed to <tt>berkeley</tt> and <tt>berkeley-nosync</tt> respectively (to avoid confusion over whether or not db4 is supported).</li> <li> The default mailbox list and seen state database formats have changed to skiplist from Berkeley and Flat, respectively. </li> <li> ptloader is now a regular cyrus service. This has several implications, see <a href=install-upgrade.html>install-upgrade.html</a> for more details.</li> <li> NNTP support. Usenet news can now be fed to and read from Cyrus directly via NNTP, without the need for a local news server. See <a href="install-netnews.html">netnews</a> document for details.</li> <li>IPv6 support, provided by Hajimu UMEMOTO <ume@mahoroba.org></li> <li> Sieve scripts are now compiled to bytecode to allow for faster execution (and lmtpd no longer needs lex or yacc). See <a href=install-upgrade.html>install-upgrade.html</a> for more details.</li> <li> The functionality of pop3proxyd has been merged into pop3d. Be sure to update <tt>cyrus.conf</tt> on your frontend machines accordingly.</li> <li> The functionality of <tt>ctl_deliver -E</tt> has been moved to <tt>cyr_expire -E</tt>. Be sure to update <tt>cyrus.conf</tt> on your machines accordingly.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.14</h2> <ul> <li>Correct a potential DOS attack in the fud daemon.</li> <li>Arbitron now works again</li> <li>Telemetry logging for mupdate</li> <li>Duplicate Suppression logging for redirect sieve actions</li> <li>A number of bugs in reconstruct have been fixed. also added the -p and -x options</li> <li>Better stubbing out of user_deleteacl</li> <li>No longer log any shutdown() failures</li> <li>Improved IPv6 support (for systems with two getnameinfo implementations)</li> <li>Misc Documentation Improvements</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.13</h2> <ul> <li>Be more forgiving in the parsing of MIME boundary headers, specifically those generated by Eudora where the outer boundaries are substrings of the inner boundaries. This feature can be disabled by enabling the <tt>rfc2046_strict</tt> option.</li> <li>Allow cyradm to handle aggregate mailbox sets for ACL and DELETE operations.</li> <li>Add a lmtp_downcase_rcpt option to force the lowercasing of recipient addresses (Henrique de Moraes Holschuh <hmh@debian.org>).</li> <li>Include more MIME headers in sieve rejection notices</li> <li>Add an mbexamine command for debugging purposes</li> <li>LMTP will now fatal error if we cannot initialize the duplicate delivery database.</li> <li>Continued audit by Security Appraisers and Bynari</li> <li>Correctly terminate the processes by calling service_abort even on successful exit (helps to fix a db3 lockers problem)</li> <li>Fix some murder+altnamespace/unixhiersep issues</li> <li>Fix imclient's handling of literals.</li> <li>Add support for the windows-1256 character set</li> <li>Don't log 'could not shut down filedescriptor' messages when the socket is already not connected</li> <li>Now include a script to convert sieve script names to the altnamespace format</li> <li>Added a <tt>--with-extraident</tt> configure option to make it easier to set the extra version information that is compiled into the binary.</li> <li>Minor build fixes.</li> <li>Minor other bug fixes.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.12</h2> <ul> <li>Add maxfds= option in cyrus.conf</li> <li>"The shutdown() Patch" by Henrique de Moraes Holschuh <hmh@debian.org> and Jeremy Howard <jhoward@fastmail.fm></li> <li>Now report both built-with and running-with OpenSSL versions</li> <li>Misc other small bugfixes</li> <li>Security Appraisers and Bynari review of the majority of the modules in <tt>imap/</tt></li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.11</h2> <ul> <li>Master now will forcibly exit if a service is not executable</li> <li>Master now has a daemon mode and pidfile support (-d and -p options)</li> <li>Berkeley DB Configuration methods have changed. Hopefully they're more generic now. You can still use --with-dbdir, or you can use --with-bdb-libdir and --with-bdb-incdir</li> <li>timsieved now handles usernames with dots (when unixhierarchysep is active)</li> <li>tugowar has been removed from the distribution.</li> <li>Squatter now has an option to skip unmodified mailboxes.</li> <li>Properly hash username to remove a user's sieve scripts when their INBOX is removed.</li> <li>Reset output buffer when prot_flush returns EOF.</li> <li>Minor Makefile improvements with use of $(srcdir)</li> <li>Remotepurge improvement for empty mailboxes</li> <li>Fix for AFS overwriting the canonicalized username in ptloader</li> <li>Security audit of imapd.c performed by SecurityAppraisers and Bynari</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.10</h2> <ul> <li>Fixed some potential buffer overflows in the sieve code, as well as a pre-login buffer overflow in the IMAP parsing code.</li> <li>ipurge can now skip flagged messages</li> <li>Fix a problem with the flat backend and tracking new files</li> <li>Fix a problem with the memory pool routines on 64-bit machines</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.9</h2> <ul> <li>support Berkley DB 4.1 <li>more portable use of errno throughout <li>timsieved now does telemetry logging <li>libcyrus.a no longer supplies fs_get() and fs_give() </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.8</h2> <ul> <li>Fix a strlcpy() off-by-one error. <li>Better handling of errors in connecting to LMTP servers for deliver and lmtpproxyd. <li>Fix bug in pop3proxyd's pop3s handling. <li>Fix Exim install documentation. </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.7</h2> <ul> <li>Fix a severe locking problem during failed CREATEs</li> <li>Change default locking method to fcntl from flock</li> <li>Don't cleanup the original mailbox during a RENAME while holding the mailbox list lock</li> <li>Quoting fixes in cyradm</li> <li>Small pathname fix in rehash script</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.6</h2> <ul> <li>Correct some minor version number errors.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.5</h2> <ul> <li>Better locking of the mailbox list during mupdate operations for CREATE and RENAME</li> <li>Permissions fixes for annotations.</li> <li>pop3proxyd now does telemetry logging</li> <li>Cleanup a number of leaks in the murder code</li> <li>Correct semantics of our provided strlcpy(). Fix places where strlcpy() was being used incorrectly.</li> <li>Correct a significant memory leak in the memory pool routines</li> <li>OpenSSL is now handled correctly for the perl modules</li> <li>Small documentation cleanups</li> <li>The normal assortment of small bugfixes</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.4</h2> <ul> <li> Sieve is no longer dependent on duplicate delivery suppression (it still uses the duplicate delivery database however). </li> <li> Sieve now supports <tt>draft-segmuller-sieve-relation-02.txt</tt></li> <li> <tt>imtest</tt> now includes all the functionality previously kept in pop3test, lmtptest, smtptest, and mupdatetest. imtest will notice if it is invoked with one of these names and do the right thing. The -P flag can be used to force a particular protocol. As part of this, the default install location for mupdatetest has changed to be the same as the other test utilities. <tt>imtest</tt> also includes new MANAGESIEVE functionality (sivtest) as well as the ability to reconnect to the same server multiple times (useful for testing SSL/TLS session caching and DIGEST-MD5 fast reauth).</li> <li>snmpgen generates stubbed out code so we don't waste resources on something that just doesn't work. At some point in time, we'll make it work again as it would be useful to gather aggregate statistics on what commands are being used so we can better tune the server. This change closes bug #1191. New bug 1267 opened to re-enable the feature.</li> <li>Added the chk_cyrus program to help point out missing message files and/or mailboxes</li> <li>ANNOTATEMORE improvements. Server annotation support has been added. We are also now using the /vendor/cmu/cyrus-imapd hierarchy. The "info" command in cyradm now returns annotations for the given mailbox (provided that ANNOTATEMORE support is compiled into the server)</li> <li>The RENAME command has been almost entirely rewritten. Now we rely on mailbox-level locking instead of locking the entire mailboxes file for the duration of the rename. <tt>ctl_cyrusdb -r</tt> now also cleans up "reserved" mailboxes that may appear in the event of a crash.</li> <li><tt>ctl_mboxlist</tt> can now dump only a particular partition</li> <li>The configuration subsystem now uses a hash table to speed up lookups of options. Additionally, the hash table implementation has been updated to possibly take advantage of memory pools.</li> <li>Many bugfixes related to the Cyrus Murder. Includes improvments to subscription handling as well as correct merging of seen state on mailbox moves.</li> <li>Can now configure an external debugger (<tt>debug_command</tt> option in imapd.conf.</li> <li>Misc. autoconf-related fixes (most notably those related to sasl_checkapop and O_DSYNC).</li> <li>Misc. locking-related fixes.</li> <li>Security fixes related to handling large literals in getxstring(), as well as correct usage of layers in timsieved.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.3</h2> <ul> <li> All "MAIL" and "SIEVE" notifications are now handled by <tt>notifyd</tt> which is a daemon that supports multiple notification methods. The <tt>mailnotifier</tt> and <tt>sievenotifier</tt> options have been added to <tt>/etc/imapd.conf</tt> to configure notifications. (Ken Murchison) </li> <li> Many feature enhancements and bugfixes for the Cyrus Murder. The code now supports live (but not transparent) moving of mailboxes from one server to another. </li> <li> Some warning fixes. </li> <li> <tt>fdatasync()</tt> is no longer required. </li> <li> Fixed a bug in <tt>imap/append.c</tt> that would show itself if a message was being delivered to five or more different partitions. </li> <li> Deliveries now don't create a redudant temporary file using <tt>tmpfile()</tt>; the staging directory is used instead. (Ken Murchison) </li> <li> Fix a possible crashing bug in <tt>squatter</tt>. (Ken Murchison) </li> <li> Deleting a user now also removes their Sieve scripts. </li> <li> <tt>cyrusdb_skiplist</tt>: release locks during iteration. Should prevent denial of service attacks and possibly increase performance. </li> <li> <tt>cyrusdb_skiplist</tt>: introduce a new mode using <tt>O_DSYNC</tt> writes which is possibly faster on Solaris. Currently off (it seems to hurt performance on Linux). </li> <li> <tt>master</tt> has preliminary code to avoid forking storms. </li> <li> <tt>sieveshell</tt> should now loop through all available SASL mechanisms before conceding defeat. </li> <li> <tt>sieveshell</tt> can now upload a file to a different name. </li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.2</h2> <ul> <li> fud now runs from the Cyrus master process; more generally, the Cyrus master process can deal with UDP services. (Amos Gouaux, <tt>amos@utdallas.edu</tt>)</li> <li> Sieve has been updated to be compliant with RFC 3028 and draft-martin-sieve-notify-01. All <tt>notify</tt> actions and any <tt>fileinto</tt> and/or <tt>redirect</tt> actions using stringlists will have to be updated/changed. </li> <li> added <tt>cvt_cyrusdb</tt> for quick conversions between different cyrusdb backends. </li> <li> fixed a bug in the Sieve header cache, where legal header names were being rejected. </li> <li> many Murder-related fixes </li> <li> suppress a bogus TLS session reuse DBERROR message </li> <li> make the list of acceptable TLS ciphers configurable in <tt>/etc/imapd.conf</tt> </li> <li> <tt>cyrusdb_skiplist</tt> fixes; it's now suitable for using in production environments though there are still performance problems outstanding </li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.1</h2> <ul> <li> now compatible with Berkeley DB4 (Larry M. Rosenbaum, <tt>lmr@ornl.gov</tt>) </li> <li> timsieved now supports proxying via <tt>loginuseacl</tt> (Amos Gouaux, <tt>amos@utdallas.edu</tt>) </li> <li> Sieve <tt>vacation</tt> now does a case-insensitive comparison of <tt>:addresses</tt> </li> <li> Warning-related bug fixes from Henrique de Moras Holschuh <tt>hmh@debian.org</tt></li> <li> automatic archival of db3 files so that filesystem backups are always consistent (Ken Murchison, <tt>ken@oceana.com</tt>)</li> <li> added a skiplist database backend, still needs more testing </li> <li> further work on the Cyrus Murder </li> <li> fixed bug in <tt>remotepurge</tt> dealing with mailboxes with characters that need to be escaped inside quoted-strings </li> <li> Cyrus::IMAP::Admin now supports referrals </li> <li> <tt>cyradm</tt>, via Cyrus::IMAP::Shell, now can remove quotaroots </li> <li> <tt>timsieved</tt>, <tt>sieveshell</tt>, and the MANAGESIEVE protocol extended with referrals </li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.1.0</h2> <ul> <li> now compatible with Cyrus SASL 2.1.0 </li> <li> fixed a problem with LMTP AUTH and unix domain sockets </li> <li> make deleting users faster </li> <li> add a "-n" switch to <tt>remotepurge</tt></li> <li> cyradm now does implicit SASL authorization </li> <li> fix for Sieve <tt>:matches</tt> comparator </li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.16</h2> <ul> <li>migrated to SASLv2 (Rob Siemborski)</li> <li>altnamespace: it is now possible to display user mailboxes as siblings to the INBOX at the top-level (Ken Murchison)</li> <li>unixhierarchysep: it is now possible possible to use slash as the hierarchy seperator, instead of a period. (Ken Murchison, inspired by David Fuchs, <tt>dfuchs@uniserve.com</tt>)</li> <li>SSL/TLS session caching (Ken Murchison)</li> <li>support for IMAP CHILDREN & LISTEXT extensions (Ken Murchison, work in progress)</li> <li>check recipient quota & ACL at time of RCPT TO: in <tt>lmtpd</tt> (Ken Murchison)</li> <li>support for LMTP STARTTLS & SIZE extensions (Ken Murchison)</li> <li>unified deliver.db, using cyrusdb interface, hopefully improving concurrency and performance (Ken Murchison)</li> <li>fixed STORE FLAGS () bug (Ken Murchison)</li> <li>fixed SEARCH SUBJECT vs. SEARCH HEADER SUBJECT bug (Ken Murchison)</li> <li>users without an INBOX can have subscriptions (Ken Murchison; noticing a trend here?)</li> <li>added cyrusdb_db3_nosync backend, used for duplicatedb and session cache, to postpone non-critical writes. (Ken Murchison)</li> <li>support for STARTTLS and AUTH=ANONYMOUS for timsieved (Ken Murchison)</li> <li>do setgid and initgroups in master (as urged by several people)</li> <li>added more config info to IMAP ID (in a vain attempt to improve debugging)</li> <li>configure now checks for DB3.3</li> <li>SQUAT (Rob O'Callahan, <tt>roc@cs.cmu.edu</tt>)</li> <li>change SEARCH HEADER <i>x</i> to SEARCH <i>x</i> utilizing internal cache where possible (Rob O'Callahan, <tt>roc@cs.cmu.edu</tt>)</li> <li>an improved directory hashing option (Gary Mills, <tt>mills@cc.UManitoba.CA</tt>)</li> <li>use of EGD for SSL/TLS (Amos Gouaux, <tt>amos@utdallas.edu</tt>)</li> <li>separate certs/keys for services (Henning P. Schmiedehausen, <tt>hps@intermeta.de</tt>)</li> <li>ability to force ipurge to traverse personal folders (Carsten Hoeger, <tt>choeger@suse.de</tt>)</li> <li>fixed zero quota bugs in cyradm (Leena Heino, <tt>liinu@uta.fi</tt>)</li> <li>ignore trailing whitespace in imapd.conf</li> <li>Received: header (with TLS and AUTH info)</li> <li>added '-i' switch to sendmail command line for SIEVE reject, redirect and vacation</li> <li>small fixes to notify_unix</li> <li>added "<tt>duplicatesuppression</tt>" switch to imapd.conf for enabling/disabling duplicate delivery suppression (Birger Toedtmann, <tt>birger@takatukaland.de</tt>)</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.15</h2> <ul> <li>fixed a longstanding bug in <tt>quota</tt> that would affect people with unusual top-level hierarchy, fix by John Darrow, <tt>John.P.Darrow@wheaton.edu</tt>.</li> <li>some important fixes to db3 interface code, by Walter Wong <tt>wcw@cmu.edu</tt>, prompted by complaints from Scott Adkins <tt>adkinss@ohio.edu</tt>.</li> <li>fixed some memory leaks in imclient and in the Perl IMAP module, prompted by Toni Andjelkovic <tt>toni@soth.at</tt>.</li> <li>fixed a longstanding authentication error in the Perl IMAP module, should remove pesky extra Password: prompt.</li> <li>fixed some allocation bugs in the managesieve perl module.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.14</h2> <ul> <li>fixed memory management bugs in <tt>imapd</tt>, <tt>lmtpd</tt> that were being hit due to the connection reuse code and causing subtle and annoying problems.</li> <li>we now clean up better when deleting a user</li> <li>fixed an endian bug in <tt>ipurge</tt></li> <li><tt>pop3d</tt> now can also reuse processes.</li> <li>fix a bug in <tt>imclient</tt> that would strike when <tt>cyradm</tt> specifies a mechanism on the command-line. (SASL mechanism names aren't case sensitive.)</li> <li>fix some bugs in handling SIGHUP in <tt>master</tt></li> <li>fix a couple of goofs in <tt>Admin.pm</tt></li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.13</h2> <ul> <li>fixed a silly bug with reusing SSL connections</li> <li><tt>lmtpd</tt> can now service multiple clients in sequence, hopefully improving performance</li> <li>changed how Berkeley db databases are opened, hopefully lessening the chance of deadlock and improving performance</li> <li>fixed a couple of memory leaks</li> <li>lessened the chance of a race condition during <tt>index_check()</tt></li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.12</h2> <ul> <li>refactored code so less duplication</li> <li>added alternate config file for partial virtual domain support</li> <li><tt>pop3d</tt> can now disable USER/PASS commands.</li> <li>STARTTLS now accepts a SSLv23 hello but doesn't allow SSLv23 to be negotiated.</li> <li><tt>imtest</tt> no longer buffers to aid use as an automated layer.</li> <li><tt>master</tt> now supports maximum number of service processes via the "maxchild" modifier.</li> <li>fixed a bug in the Sieve string lexer.</li> <li>one <tt>imapd</tt> process can now service multiple clients in sequence, eliminating a large number of forks.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.11</h2> <ul> <li>portability fixes involving <tt>setrlimit()</tt></li> <li>fixed compiler warnings</li> <li>the STARTTLS command will only accept TLSv1 now, not SSLv2/v3. The <tt>imaps</tt> port is unaffected by this change.</li> <li><tt>timsieved</tt> no longer returns garbage strings.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.9</h2> <ul> <li>some small memory savings</li> <li>the "fud" daemon once again works correctly</li> <li>the IDLE extension now uses signals correctly</li> <li>problems with libwrap have been resolved</li> <li><tt>imapd</tt> and <tt>pop3d</tt> now log connections protected via TLS.</li> <li>efficiency improvements when searching for a particular message-id</li> <li>fixed an envelope-parsing bug affecting SORT and THREAD</li> <li>made RENAME keep the same mailbox uniqueid, preserving seen state across renames</li> <li>STOREing flags to multiple messages in one command is now more efficient</li> <li>RENAME now preserves the ACL</li> <li>LIST is now as efficient as Cyrus v1.6, modulo Berkeley DB issues.</li> <li>Sieve zephyr notifications are now correct.</li> <li>crash in <tt>reconstruct</tt> now fixed.</li> <li>man pages added for <tt>cyrus.conf</tt>, <tt>master</tt>, <tt>lmtpd</tt>, <tt>idled</tt>, <tt>ctl_mboxlist</tt>, and <tt>ctl_deliver</tt>.</li> <li><tt>master</tt> can now listen on specific interfaces</li> <li><tt>master</tt> can now reread <tt>/etc/cyrus.conf</tt> on SIGHUP.</li> <li><tt>timsieved</tt> now uses symlinks instead of hard links.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.8</h2> <ul> <li>remembered to update this file</li> <li>bug in <tt>Cyrus::IMAP</tt> perl module affecting cyradm's setquota fixed</li> <li>portability fix with <tt>socklen_t</tt></li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.7</h2> <ul> <li>preliminary implementation of the IDLE extension (Ken Murchison, <tt>ken@oceana.com</tt>).</li> <li>THREAD=REFERENCES now part of the normal build.</li> <li>tweaks to the installation documentation and suggested Sendmail configuration</li> <li>portability fixes and other small bugfixes</li> <li>added "<tt>-a</tt>" flag to <tt>lmtpd</tt></li> <li>master process can now export statistics about running processes via UCD SNMP AgentX</li> <li>many fixes to Cyrus Murder-related code</li> <li>fixes to perl code, especially the Sieve interface. added an IMSP interface to the perl code, but it still needs work.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.6</h2> <ul> <li>some number of random static variables eliminated, to save on memory footprint</li> <li>recursive RENAME was a little to eager; fixed. RENAME will also give the client a hint that a sub-RENAME failed. (mostly probably useful for cyradm, but cyradm doesn't take advantage of it yet.)</li> <li>THREAD=X-JWZ has turned into THREAD=REFERENCES (Ken Murchison)</li> <li>DELETE wasn't failing cleanly in database code; fixed.</li> <li>off-by-one bug in seen_db fixed.</li> <li>starting/committing/aborting transactions now logged more correctly in cyrsudb_db3</li> <li>master will now accept port numbers instead of just service names in cyrus.conf. also logs even more verbosely (see bug #115.)</li> <li>libwrap_init() is now inside the loop, since i don't quite understand the semantics of libwrap calls.</li> <li>setquota in cyradm now behaves more sanely (and gives correct usage message).</li> <li>bugfixes to the managesieve client perl api. (still needs work.)</li> <li>small fixes in timsieved.</li> <li>added a "make dist" target so i won't dread releases as much.</li> </ul> <h2>Changes to the Cyrus IMAP Server since 2.0.5</h2> <ul> <li>APPEND now honors the \Seen flag.</li> <li>mailboxes file can once again be a flat text file. (compile-time choice)</li> <li>subscriptions file can be flat text or berkeley db. likewise for seen state.</li> <li>unfortunately, the format of the mailboxes file has changed.</li> <li>implementation of "JWZ" threading, a first pass on the forthcoming THREAD=REFERENCES.</li> <li>bugfixes in libacap.</li> <li>bugfixes in other Murder related functionality.</li> <li>removal of dead code.</li> <li>will now look in CYRUS_PREFIX/etc/imapd.conf if there's no /etc/imapd.conf.</li> <li>more paranoid implementation of ID.</li> <li>more descriptive lmtp errors.</li> <li>finished implementation of LMTP 8BITMIME.</li> <li>fixed minor bugs in pop3d.</li> <li>small test suite for cyrusdb backends added in <tt>lib/test/</tt>.</li> <li>added <tt>-DPERL_POLLUTE</tt> to the perl compilation to deal with Perl 5.6.</li> <li>small additions to the Sieve library.</li> <li>As usual, owe lots of thanks to Ken Murchison for his hard work and awesome implementations.</li> </ul> <h2>Changes to the Cyrus IMAP Server SINCE 2.0.4</h2> <ul> <li>Now should work with Berkeley DB 3.1, but does <b>not</b> auto-upgrade 3.0 databases (and, in fact, I haven't written any upgrade software yet).</li> <li>SORT and THREAD should now function correctly.</li> <li>Some configure fixes.</li> <li>Some fixes for possible race conditions in initializing services and database structures.</li> <li>Some non-gcc compile fixes with structure initialization.</li> <li>Some non gcc compile fixes with structure initialization.</li> </ul> <h2>Changes to the Cyrus IMAP Server SINCE 2.0.3</h2> <ul> <li>fixed <tt>mbpath</tt> and <tt>ipurge</tt>. Thanks to Alain Turbide for the bug report.</li> <li>configure: removed <tt>mmap_private.c</tt>; it was buggy, and not worth supporting.</li> <li>configure: improvements in detecting libwrap, typos fixed in detecting libsasl.</li> <li>Merged the acapsieve library into libacap.</li> <li>improvements to the ACAP API.</li> <li>invariant checks added to the skiplist code.</li> <li>bugfix in TCL cyradm.</li> <li>acapmbox.c: bugfixes in handling acap connections.</li> <li>fix the size given for a unix socket address (changes throughout the code), patch thanks to Vladimir Kravchenko, <tt>jimson@null.ru</tt>.</li> <li>rewrote <tt>deliver</tt> to use the generic LMTP API in lmtpengine.c. Likewise, implemented the client-side API in lmtpengine.c. (Still need to implement AUTH.)</li> <li>added SORT and THREAD support (Ken Murchison, <tt>ken@oceana.com</tt>.)</li> <li>In checking an APPEND command, we were rejecting valid system flags and accepting invalid ones.</li> <li>minor bug fixes to <tt>proxyd</tt>.</li> <li>large amount of debugging code added to <tt>target-acap</tt>.</li> <li>build fixes to Perl programs.</li> <li>allow plaintext authentication to <tt>timsieved</tt>.</li> </ul> <h2>Changes to the Cyrus IMAP Server in 2.0</h2> <ul> <li>The mailboxes file is now a transaction-protected Berkeley database.</li> <li>The core delivery process has been moved to <tt>lmtpd</tt>. <tt>deliver</tt> is now a simple wrapper to create an LMTP transaction.</li> <li>master process, responsible for spawning services (<tt>imapd</tt>, <tt>lmtpd</tt>, etc.) and for routine housekeeping. Optionally, it can use <tt>libwrap</tt> to allow or deny connections.</li> <li>ACAP (Application Configuration Access Protocol) support for Cyrus Murder: IMAP Aggregator.</li> <li>Sieve enhancements: regular expressions, notifications, automatically setting IMAP flags.</li> <li>SNMP (Simple Network Management Protocol) support for monitoring usage (e.g. number of users logged in) as well as for instrumenting protocol usage (e.g. number of times CREATE has been called).</li> <li>Perl version of <tt>cyradm</tt> contributed by Brandon Allbery (<tt>allbery@ece.cmu.edu</tt>). Eventually we expect to transition to the Perl version away from the TCL version.</li> <li>Bugfix in modified UTF-7 processing (for mailbox names). Bugfix in <tt>index_searchcacheheader()</tt>.</li> <li>Implemented the extension MULTIAPPEND.</li> <li>RENAME is now hierarchical.</li> <li>The right that controls whether a mailbox may be deleted is now "c". (It used to be "d".)</li> <li>An additional backend for seen state has been created, <tt>seen_db</tt>. It stores seen state in a per-user database.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.20</h2> <ul> <li>Some fixes to the TLS support to gracefully degrade service.</li> <li>Sieve now correctly re-sieves messages that are received with identical message-ids, but different envelopes. It also obeys plus-addressing on keep actions. (Fixes by Ken Murchison, <tt>ken@oceana.com</tt>.)</li> <li>The server wasn't correctly calculating the percentage of quota used when deciding whether or not to issue a warning.</li> <li>Implemented single-instance store: deliver, when using LMTP, will only store one copy of a message per partition, and hard link it among multiple users. Sites with a large number of partitions could see a performance decrease.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.19</h2> <ul> <li>Added STARTTLS support; requires OpenSSL.</li> <li>Sieve now uses MDNs to reject messages instead of DSNs, conforming to the latest Sieve specification. (Ken Murchison)</li> <li>The duplicate delivery database expiration (deliver -E) was deleting all entries; fixed.</li> <li>imtest is now a little smarter about parsing the protocol to avoid synchronization errors prior to authentication.</li> <li>timsieved's parser is now written in C; should be no noticeable changes, but should make compiling it much easier.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.16</h2> <ul> <li>Fix to enclosed message parsing (thanks to John Myers).</li> <li>When trying to skip over non-synchronizing literals during error recovery, the IMAP server never stopped eating. Fixed.</li> <li>Added <tt>with-sasldir</tt> as a configure option.</li> <li>Fixed a bug in cyradm when it got the CAPABILITY list.</li> <li>Fixed bugs relating to the incomplete SASLfication of deliver.</li> <li>Fixed bugs in deliver relating to duplicate delivery suppression and Sieve vacation functionality.</li> <li>Fixed a memory leak in deliver.</li> <li>When looking for SASL options, imapd wasn't defaulting to the option without the plugin name requesting it. This caused PLAIN authentications to incorrectly fail.</li> <li>Changed the expiration time of pts entries to 3 hours; only affects sites using krb_pts as the authorization method.</li> <li>Fixed some bugs in imclient; mostly affects cyradm.</li> <li>Fixed a bug in the Sieve lexer and improved the usefulness of the Sieve test program.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.13</h2> <ul> <li>An annoying memory management bug in imclient was fixed and it's efficiency was improved somewhat.</li> <li>Added the sieve client (<tt>installsieve</tt>) and server (<tt>timsieved</tt>) for getting sieve scripts onto the server and managing them once they are there.</li> <li>The default Sieve script layout has changed to sievedir/u/user/default; this supports multiple Sieve scripts per user with the ability to switch between them.</li> <li>Fixed the kerberos-to-local-host bug (patch by Greg Hudson, <tt>ghudson@mit.edu</tt>).</li> <li>Started changes to deliver to support LMTP AUTH.</li> <li>Improved the error messages logged when authentication fails.</li> <li>Fixed a bug dealing with argument processing in the arbitron program.</li> <li>pop3d now correctly supports SASL AUTH.</li> <li>imtest will no longer prompt for authentication or authorization names; instead, it defaults to the current Unix user. Override on the command line.</li> <li>Likewise, cyradm will no longer prompt. It now accepts "-m" to specify what SASL mechanism to use, and the pwcommand option to authenticate should once again work when used non-interactively.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.10</h2> <ul> <li>Changed the sieve option in the configure script to <tt>--disable-sieve</tt>.</li> <li>Updated reconstruct and quota to check for hashed imap spool directories correctly.</li> <li>deliver now will not use Sieve if duplicate delivery suppression is disabled. There was also a bug that caused the duplicate delivery database to be checked even if dupelim was disabled.</li> <li>deliver now uses tm_gmtoff if available to check for the local timezone.</li> <li>The default format for reading information from INN has changed. If you use INN to feed imapd news, you must change your "<tt>newsfeeds</tt>" file to contain <pre> collectnews!:*:Tf,WO:collectnews </pre> </li> <li>The dohash script now takes a "<tt>-i</tt>" option to run interactively and the "<tt>-f</tt>" option to issue warnings instead of fatal errors.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.1-BETA</h2> <ul> <li>cyradm should now work with all mechanisms (it now handles empty challenges and responses).</li> <li>Fixed deliver to deal with arbitrarily long headers</li> <li>COPY for non-existent sequence numbers returns NO; this contrasts to UID COPY, which always returns OK.</li> <li>FETCH for non-existent sequence numbers returns NO; this contrasts to UID FETCH, which always returns OK.</li> <li>Fixed a misleading BAD responses to commands that take sequences.</li> <li>Added UIDNEXT untagged response to a SELECT (from <tt>draft-crispin-imapv-07.txt</tt>).</li> <li>pop3d now correctly passes SASL configuration options to libsasl.</li> <li>imtest now correctly flushes the server's output to the screen.</li> <li>Added more hashing using a simple but stupid algorithm. Now whenever there is a mailbox access, quota access, or subscription access, it goes through a hash function. this is done to help reduce the number of files/directories in any given directory.</li> <li>Added the binary <tt>mbpath</tt>. Given a mailbox name, this binary will print the filesystem path to that mailbox. This way if you have multiple partitions and hashing turned out, you don't have to spend as many mental cycles figuring out where the actual directory is.</li> <li>deliver now checks <tt>sieveusehomedir</tt> and <tt>sievedir</tt> in the config file to determine where to look for sieve scripts.</li> <li>ptloader now has a workaround for afs 3.5.</li> <li>clarified an error message in message.c when an unexpected end of file is encountered.</li> <li>fixed some random memory leaks in deliver.</li> <li>fixed a fairly major bug in prot_fill. it was performing incorrectly when reading only a single character.</li> <li>fixed a bug in how imtest looked for OK or NO.</li> <li>fixed a memory leak in imapd.</li> <li>imapd now allows any user (or member of a group) listed in "proxyservers" to proxy.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.6.0-BETA</h2> <ul> <li>fixed stupid bug in imapd</li> <li>fixed sasl/config.c interaction</li> <li>fixed use of stat in imtest</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.24</h2> <ul> <li>ANSI C is now required.</li> <li>imtest's interface has changed, to allow for SASL authentication. Sorry, but it had to happen. It now also includes a timing test (-z) which we use to test the SASL layers.</li> <li>imtest no longer uses a non-synchronizing literal with LOGIN, so it should work against all IMAP servers.</li> <li>The prot layer now uses SASL for encryption and authentication. This changed a large amount of code, and some build procedures.</li> <li>As a side effect of SASL, --enable-static-libraries now doesn't do anything. We are considering compiling cyrus with libtool to change this.</li> <li>Error codes returned by programs have changed, and programs return EX_TEMPFAIL far more than they used to. This is because Sendmail considers most not-EX_TEMPFAIL errors permanent; now, if it may not be permanent, EX_TEMPFAIL is returned. (See lib/exitcodes.h.)</li> <li>Two bugs fixed: UID FETCH's with no messages in range now return OK, not BAD. And an obscure bug in LIST case sensitivity is fixed.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.19</h2> <ul> <li>Most of the charset.c code (and mkchartable.c code) has been replaced thanks to John Myers).</li> <li>Bug fix in message.c to look up headers in the cache when they're in the cache correctly; thanks to Chris Newman for the fix.</li> <li>Code cleanup here and there (thanks to Bruce Balden).</li> <li>Annoying (and confusing) lines in syslog every time a message was delivered if deliver was compiled using dbm saying that deliver was "unable to fetch entry" have been removed.</li> <li>Content-Disposition lines were being parsed improperly. If they had no optional arguments, they were being ignored as if they were syntactically incorrect. This is fixed, but imapd will continue to serve wrong information unless cyrus.caches are rebuilt (with reconstruct) for any message that was added to the mailbox before this bug was fixed.</li> <li>The arbitron program now takes a mailbox pattern argument for the mailbox to run on. The manpage always said it did anyway.</li> <li>Uninitialized variable fixed in imapd.c with the shutdown file code.</li> <li>Minor tweaks to purify build config.</li> <li>Fix minor memory leak in proc.c where procfname wasn't being free'd.</li> <li>Fix brain fart in auth_krb_pts.c where a CLOSE() was done to a DB handle BEFORE we access the data read from the DB database. This means we were copying free'd memory into the groups list. Note this only affects people using DB, AFS and ptloader.</li> <li>Committed minor syslog log level changes in ptloader and deliver.</li> <li>make distclean now does what it's supposed to.</li> <li>Possibly misnamed experimental --enable-static-libraries switch that tries to do a good job of building binaries with whatever static libraries are availible. If you use this, you do so at your own risk, and if it fails, we will disavow all knowledge of you and your team. Good luck, Jim.</li> <li>Add optional third argument to imtest for it to take input from a file. This is a gross hack.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.14</h2> <ul> <li>LIST now honors the reference argument. <p>This behavior can be turned off by a configuration option imapd.conf--which may be desirable because of certain clients that ask for a "mail directory" setting for IMAP which will now cause problems when it was ignored before. (The default is for the reference argument to be honored.)</p> </li> <li>The <tt>arbitron</tt> program now takes a mailbox pattern argument for the mailbox to run on. The manpage always said it did anyway.</li> <li>Added --disable-server switch to optionally prevent compilation of server to help sites that just want client libraries (so cyradm and libcyrus can be compiled on remote systems without installing stuff into /usr/cyrus/bin, etc.) For now, the server is still configured in this case, and a Makefile is generated. This could change in future versions.</li> <li>Fixed a mmap leak in index.c in index_search_evaluate that caused problems on complex searches. Thanks to Jeff Schiller for pointing this out. Fixed a potential leak in mboxlist.c that happened if a rename went awry. Thanks to Chris Newman for pointing this out.</li> <li>Fixed a bug in LIST and LSUB code so that user.* mailboxes will be printed on every LIST instead of just the first one.</li> <li>Implemented the <i>POP3 Extension Mechanism</i>, RFC 2449, in order to advertise the capabilities already supported.</li> <li>Fixed a bug in mailbox.c that disallowed MUTF-7 representations of ASCII characters when it shouldn't have. (Thanks to John Myers for providing a fix and to Per Steinar Iversen for telling me that I didn't do it before.)</li> <li>More cleanup the ptloader/auth_krb_pts code. If you use Kerberos and IMSP, you *MUST* pick up cyrus-imspd-v1.5a6 (or newer).</li> <li>A few configure tweaks.</li> <li>Duplicate delivery changes: <ul> <li>Split out duplicate delivery elimination to multiple files. This should help reduce the lock contention that normally occurs with this file. To not clutter <i>config_dir</i>, the files will be located in a subdirectory named <tt>deliverdb</tt>, for example <tt>/var/imap/deliverdb</tt>. If you don't make this directory, nothing bad will happen (other than duplicate delivery elimination will not work).</li> <li>The time value is now stored as an integer in native byte order as opposed to converting it to a string before it is stored in the database.</li> <li>checkdelivered() now obtains a read lock instead of a write lock when trying to check for duplicates. Only markdelivered() grabs a write lock.</li> </ul> </li> <li>Added logic to cause cyradm to abort more cleanly if not given command line arguments in an interactive session. This gets rid of the dreaded <tt>application-specific intialization failed</tt> messages.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.11</h2> <ul> <li>The CREATE command now ignores a trailing hierarchy delimiter instead of ignoring the CREATE command.</li> <li>UIDPLUS is now always advertised in CAPABILITY and is always availible. The UIDPLUS extension is a set of optimizations using UID values instead of sequence numbers and is described in RFC 2359.</li> <li>Cyrus no longer rejects messages with 8-bit characters in the headers. Rather than reject the message, characters with the 8th bit set are changed to 'X'. Internationalization in headers is supported by the mechanism specified in RFC 2047 (and RFC 1342).</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.10</h2> <ul> <li>If ENABLE_EXPERIMENT is set, the server no longer claims to support OPTIMIZE-1; instead, it claims to support UIDPLUS. The Getuids command has been removed since it is not in the UIDPLUS document (draft-myers-imap-optimize-03.txt).</li> <li>The checks for Tcl in configure are much smarter. The configure script asks tclsh where its configuration lives, then consults the shell scripts that have that information. This should work with 7.5 or better, which is what the server requires anyway. (All the previous checks to look for Tcl libraries are gone; now, configure runs tclsh and asks it where the Tcl libraries are, then runs the shell scripts that are in that directory. Since the tclConfig.sh script may not be in that directory, it looks in .. as well.)</li> <li>The checks for com_err in configure are a little smarter and look to see if all the pieces are there before trying to use them.</li> <li>Added support for the NAMESPACE extension (if --enable-experiment is supplied).</li> <li>Added a "reject8bit" switch to imapd.conf. If set to "true", messages containing 8-bit-set characters in the headers are rejected (the previous behavior); if set to "false" or left to the default value, messages containing 8-bit-set characters have these characters changed to a constant character ('X').</li> <li>Added the "fud" program. This is an interm hack designed to allow allow finger information to be retrieved for cyrus users. This is experimental and it is not recommend that services be built arround this feature, since it is likely to be removed in a future release of the IMAP server.</li> <li>Bug fix: User defined flags now work properly.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5.2</h2> <ul> <li>Fixed a bug with word alignment on Solaris using Kerberos compiled with Sun's CC. (Several patches were submitted; thanks to everyone who did so.)</li> <li>Patches from John Myers, including more glob fixes.</li> <li>Use the default hash function from DB. Note that this means that the existing <tt>delivered.db</tt> and <tt>ptscache.db</tt> is <b>NOT</b> compatible with this release. These files should be removed.</li> <li>Provide two debugging programs that dump the databases: <tt>ptdump</tt> and <tt>dump_deliverdb</tt>.</li> <li>Multiple changes to ptloader. added a bunch of flags; let it reauthenticate on its own; added support perl wrapper; added bunch of debugging information/output; bunch of other cleanups</li> <li>The mailboxes file is now closed if it isn't likely to be referenced, hopefully preventing old mailboxes files from hanging around in memory as frequently.</li> <li>Added a patch from Eric Hagberg to work around a possible deadlock condition in mboxlist.c where rename isn't atomic.</li> <li>Patch from John Myers to get rid of cyrus.seen corruption in bsearch_mem.</li> <li>Patch from John Myers and to allow ISO-8859-1 characters in mailbox names.</li> <li>Makedepend still runs, and still generates warnings, but these are squirrled away in makedepend.log.</li> <li>On mailbox delete, the server will no longer try and unlink ".." and "." as we got a report that it seriously breaks one file system (even as non-root).</li> <li>Added some support for Netscape's very misleading "Administrate My Mail" menu option in Communicator. Allows for a URL to be set in imapd.conf for the page to refer users to; needs to be turned on with --enable-netscapehack at compile time to enable it.</li> <li>Bug swap: imtest quotes password with a non-synchronizing literal in order to allow weird characters like ) in passwords. But it doesn't look to see if the server supports non-synchronizing literals.</li> <li>If the file "<tt>msg/motd</tt>" exists, the first line is now sent to clients upon login.</li> <li>Bug fix: to handle BODY[] properly when fetching news articles (truncation no longer occurs). (thanks to John Prevost)</li> <li>The makedepend supplied should now run on Solaris Intel. (thanks to Chris Newman)</li> <li>Added some hacks to pwcheck.c for Linux and Digital Unix where the default protections on the socket don't allow the cyrus user to read it. (thanks to Lyndon Nerenberg)</li> <li>Bug fix: Flags beginning with \ are system flags and users can only create the defined flags. The code to do this before was confused.</li> <li>The configure scripts and makefiles have some random fixes.</li> <li>Added a contrib directory for reasons of laziness in collecting patches, not all of which should be in the distribution.</li> <li>ptloader can now renew its AFS authentication by reading from a srvtab file.</li> <li>The configure script now looks for a libcom_err and can use an installed one if one exists.</li> <li>Other small bug fixes.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.5</h2> <ul> <li>Bug fix: RENAME corrupted mailboxes if they had been EXPUNGEd. (may have only happened with INBOX, which Pine tickles once a month.)</li> <li>Bug fix: auth_newstate now initializes its structures.</li> <li>Bug fix: pop3d.c, a printf was changed to prot_printf.</li> <li>Cyrus now sends X-NON-HIERARCHICAL-RENAME to alert clients that it is not handling RENAME in an IMAP4rev1 compliant manner. This will be fixed in a subsequent release.</li> <li>Bug fix: imclient_autenticate now does resolution on the hostname before authenticating to it. This caused problems when authenticating to an address that was a CNAME.</li> <li>Bug fix: LIST %.% (and other multiple hierarchy delimiter matches) works properly. Several other glob.c fixes are included as well.</li> <li>Bug fix: a fetch of exclusively BODY[HEADER.FIELDS...] should now work properly.</li> <li>Bug fix: reconstruct now considers a nonexistant INN news directory to be empty; this makes reconstruct fix the cyrus.* files in the imap news partition.</li> <li>Added a manpage for imclient.</li> <li>Fixed a few other minor bugs.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.4</h2> <ul> <li>Implemented the "<tt>IMAP4rev1</tt>" protocol commands. (The hierarchical behavior of RENAME, which was added late to the IMAP4rev1 specification, is not implemented.) Changes the minor version number of the cyrus mailbox database format to 1. <b>IMPORTANT:</b> it is necessary to run the command "<tt>reconstruct -r</tt>" as the cyrus user after upgrading the Cyrus IMAP software from version 1.4 or earlier.</li> <li>If the file "<tt>msg/shutdown</tt>" exits in the configuration directory, the IMAP server will issue the first line in the file in an untagged BYE message and shut down.</li> <li>Permit SPACE in mailbox names.</li> <li>Permit the "modified UTF-7" internationalized mailbox name convention.</li> <li>"User opened mailbox" messages are now logged at the DEBUG level instead of the INFO level.</li> <li>Added <tt>-q</tt> (ignore quota) switch to <tt>deliver</tt>.</li> <li>New "<tt>krbck</tt>" program for diagnosing common kerberos problems.</li> <li>auth_unix no longer requires users to be in the passwd file.</li> <li>AUTHENTICATE command now reports the protection mechanism in use in the text of the tagged OK response</li> <li>Make MAILBOX_BADFORMAT and MAILBOX_NOTSUPPORTED temporary errors.</li> <li>Use the header cache for SEARCH HEADER</li> <li>Use "unspecified-domain" instead of server's hostname to fill out RFC 822 addresses without the "@domain" part.</li> <li>Make "reconstruct -r" with no args reconstruct every mailbox.</li> <li>The configure script now defaults to using unix_pwcheck instead of unix if the file /etc/shadow exists.</li> <li>The location of the pwcheck socket directory now defaults to "<tt>/var/ptclient/</tt>". It is controlled by the "<tt>--with-statedir=DIR</tt>" option, which defaults to "<tt>/var</tt>".</li> <li>Bug fix: by using an certain address form, one could deliver to a user's mailbox bypassing the ACL's.</li> <li>Bug fix: un-fold header lines when parsing for the ENVELOPE.</li> <li>Delete quota roots when deleting the last mailbox that uses them. Doesn't catch all cases, but should get over 99% of them.</li> <li>Implement plaintextloginpause configuration option, imposes artificial delay on plaintext password logins.</li> <li>Implement popminpoll configuration option, limits frequency of POP3 logins.</li> <li>Implement AFS PT server group support.</li> <li>Remove persistence of POP3 LAST value and remove Status: hack</li> <li>Support the new ACL command set in the IMAP server.</li> <li>Bug fix: Have to initialize reply to 0 in pop3d. Was causing POP3 server to occasionally drop the connection during authentication.</li> <li>Bug fix: The COPY command wasn't issuing a [TRYCREATE] when appropriate for sub-mailboxes of INBOX.</li> <li>Bug fix: Renaming a mailbox wasn't correctly changing its UIDVALIDITY.</li> <li>Bug fix: Renaming a mailbox to itself, in order to move it to a different partition, was not working correctly.</li> <li>Update the AUTH support in pop3d to conform to the latest draft specification.</li> <li>Update cyradm to use Tcl 7.5 instead of Tcl 7.4</li> <li>Re-implement large sections of the netnews support. It no longer requires modifications to INN, as it now expunges the index entries for expired/canceled articles upon select of the newsgroup.</li> <li>Implement newsspool configuration option, for separating the directories for the news spool and the various cyrus.* IMAP server index files.</li> <li>Bug fix: permit empty flag list in APPEND command</li> <li>Bug fix: deal with truncated Date: header values.</li> <li>Bug fix: memory mapping code, deal better with 0-length maps, since mmap() appears to crap out on that boundary condition.</li> <li>Portability fix: if no strerror, have to define NEED_SYS_ERRLIST.</li> <li>Bug fix: used append instead of lappend in cyradmin, preventing use of any port other than IMAP.</li> <li>When the client is streaming its commands, the IMAP server attempts to stream its tagged responses.</li> <li>Modify zephyr support to compile without Kerberos support.</li> <li>Add a bunch of prototype declararations to the code.</li> <li>In deliver, change the MULT support to instead use the LMTP syntax.</li> <li>imclient: support tagged intermediate replies and a default callback.</li> <li>Implement some experimental protocol extensions for optimizing disconnected use resynchronization. Most extensions are disabled by default. Client authors should contact info-cyrus@andrew.cmu.edu if they wish to experiment with these.</li> <li>In Makefiles, change $(AR) to ar -- HPUX make is defective.</li> <li>In deliver, use HAVE_LIBDB to select use of db over dbm</li> <li>Add map_stupidshared mapping module for older versions of Digital Unix. It's not quite as bad as HPUX, but...</li> <li>Bug fix: in imclient.c, don't free NULL pointers and don't call htons() on the output of getservbyname(). Have to abort sending the command if you get a tagged response when sending a literal.</li> <li>The auth_xxx routines now create/take a state argument instead of maintaining internal static state.</li> <li>Solaris mktime() is buggy in some releases. Create and use mkgmtime() for parsing date strings.</li> <li>Message parsing routines now use memory mapping, though they still copy data around in line-sized buffers.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.3</h2> <ul> <li>Implemented the "<tt>reconstruct -m</tt>" command, for reconstructing the <tt>mailboxes</tt> file. <b>IMPORTANT:</b> it is necessary to run the command "<tt>reconstruct -m</tt>" as the cyrus user after upgrading the Cyrus IMAP software from version 1.3 or earlier. We recommend you make a backup copy of the <tt>mailboxes</tt> file in the configuration directory before performing the conversion.</li> <li>Mailbox names are now case sensitive, not case insensitive. "<tt>INBOX</tt>" is the exception, and is treated as being case-insensitive.</li> <li>Personal mailboxes now appear to their owners as being under the "<tt>INBOX.</tt>" hierarchy. For example, the mailbox "<tt>user.bovik.work</tt>" appears to the user "<tt>bovik</tt>" as "<tt>INBOX.work</tt>". The user may still refer to the mailbox with the name "<tt>user.bovik.work</tt>".</li> <li>Previously, the code used "<tt>anybody</tt>" as the name of the group that all users are in, but the documentation used the name "<tt>anyone</tt>". Changed the code to match the documentation. The name "<tt>anybody</tt>" will be canonicalized to the name "<tt>anyone</tt>".</li> <li>The install document now gives different recommended locations for the server databases. The recommended location of the configuration directory changed from "<tt>/usr/cyrus</tt>" to "<tt>/var/imap</tt>" and the recommended location of the default partition directory changed from "<tt>/usr/spool/cyrus</tt>" to "<tt>/var/spool/imap</tt>". It is <b>NOT</b> necessary to change the locations of these directories when upgrading from version 1.3 or earlier of the Cyrus IMAP server software. If you do wish to change the locations of these directories to match the new recommendations, simply rename the directories and change the appropriate values in your <tt>/etc/imapd.conf</tt> file.</li> <li>Created a "<tt>make install</tt>" rule. See the <a href="install.html">installation</a> document for all the new corresponding <tt>configure</tt> options. Note the recommended location of the "<tt>imapd</tt>", "<tt>pop3d</tt>", and "<tt>deliver</tt>" programs has changed, this change needs to be reflected in the "<tt>inetd.conf</tt>" and "<tt>sendmail.cf</tt>" files.</li> <li>New "<tt>login_unix_pwcheck</tt>" module and "<tt>pwcheck</tt>" daemon, for improved shadow password support. See the "<tt>pwcheck/README.pwcheck</tt>" file in the distribution for details.</li> <li>Renamed the "<tt>login_unix_shadow</tt>" module to "<tt>login_unix_getspnam</tt>".</li> <li>Added a mail notification mechanism, using Zephyr.</li> <li>Added a feature to automatically create user IMAP accounts. Controlled by the "<tt>autocreatequota</tt>" config option.</li> <li>Added the "<tt>logtimestamps</tt>" config option, for putting timestamp information into protocol telemetry logs.</li> <li>Beefed up the Kerberos checks in Configure to ensure the DES library routines exist.</li> <li>On some systems, the "<tt>echo</tt>" command with no arguments emits a newline. Changed the installation document to instead use the "<tt>true</tt>" command to create the "<tt>mailboxes</tt>" file.</li> <li>Store a redundant copy of a mailbox's ACL in the <tt>cyrus.header</tt> file, so "<tt>reconstruct -m</tt>" may later use it as a backup.</li> <li>Had to remove the declaration of <tt>tcl_RcFileName</tt> for the latest version of Tcl.</li> <li>Make much more extensive use of memory mapping. Replace the binary search module with one that searches a memory mapped area.</li> <li>Replaced the yacc-based RFC822 address parser with a hand-coded one.</li> <li>Replaced the et (error table) libary with a version that doesn't require lex or yacc. Remove the lex/yacc checking from Configure.</li> <li>Safety feature: most programs now refuse to run as root.</li> <li>Bug fix: Issue [TRYCREATE] tag on COPY command when appropriate.</li> <li>Bug fix: The quoted-printable decoder wasn't ignoring trailing whitespace, as required by MIME.</li> <li>Bug fix: Don't spew cascade errors if the server gets an EOF during/after reading an APPEND literal.</li> <li>Bug fix: gmtmoff_gmtime.c was returning results with the wrong sign.</li> <li>Bug fix: imclient_send was appending spaces to %d and %u and the response parser was not handling responses that did not contain a space after the keyword.</li> <li>Bug fix: rmnews wasn't removing some (un-indexed) article files correctly.</li> <li>Completely disabled the dropoff code for now. It will be completely replaced when IMSP integration is implemented</li> <li>Added workaround for the Linux mkdir() problem.</li> <li>In Configure, use a more direct test for a working shared-memory mmap</li> <li>In collectnews, avoid O(n**2) behavior when processing articles that have already expired.</li> <li>Bug fix: append_addseen() would screw up if no messages were previously seen.</li> <li>Added the CMU-specific amssync and cmulocal directories.</li> <li>Use memmove instead of bcopy.</li> <li>Implemented the first pass of SMTP/MULT support in deliver.</li> <li>Added cacheid parameter to auth_setid(), for AFS PT server support.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.2</h2> <ul> <li>Fixed bug in character set code that broke text searches. Sites which care about searching headers need to reconstruct their existing mailboxes.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.1-Beta</h2> <ul> <li>Add support for <tt>UIDVALIDITY</tt> special information token.</li> <li>Add <tt>syncnews</tt> and <tt>arbitron</tt> programs.</li> <li>Redo duplicate delivery elimination in <tt>deliver</tt>.</li> <li>Bug fixed: Must re-read files after acquiring a lock. Cannot trust the mtime of a file to increment when writing the file--file could be written to multiple times in the same second.</li> <li>Bug fixed: <tt>EXAMINE</tt> command should not affect <tt>\Recent</tt> status.</li> <li>Update the user's <tt>\Recent</tt> high-water-mark when we report new messages.</li> <li>Portability changes</li> <li>Upgrade to autoconf 2.1</li> <li>Allow privacy to be turned off at compile-time with <tt>--disable-privacy</tt> configure switch.</li> <li>Fix typo in <tt>cyradm</tt> preventing "<tt>all</tt>" from being recognized.</li> <li>Include <tt>map_private.c</tt> memory mapping module for systems like HPUX which have half-working <tt>mmap()</tt> implementations.</li> <li>Switch to using UTF-8 for internal search format. Sites which care about internationalized searching of headers need to reconstruct all their existing mailboxes.</li> <li>Fix some errors in the iso-8859-* tables.</li> <li>Add and correct a bunch of case-independence mappings in the character tables.</li> <li>First pass at implementing the <tt>STATUS</tt> extension; disabled for release.</li> <li>First pass at implementing IMAP/IMSP server integration. Not ready for general use.</li> <li>Add <tt>new_cred</tt> and <tt>free_cred</tt> mechanisms to authentication modules.</li> <li>Don't complain when doing "<tt>reconstruct -r foo</tt>" and <tt>foo</tt> isn't a mailbox.</li> <li>Add <tt>IMAP_QUOTAROOT_NONEXISTENT</tt> error code.</li> <li>Bug fix: Avoid divide by zero when quota is zero</li> <li>Bug fix: In an error case of the ACL handling code, we have to restore tab before breaking out of loop.</li> <li>Fix file descriptor leak in quota system.</li> <li>Change a bunch of int variables to unsigned.</li> <li>Better error reporting on reads that end up short.</li> </ul> <h2>Changes to the Cyrus IMAP Server Since Version 1.0-Beta</h2> <ul> <li>Improved <a href="install.html">installation</a> document.</li> <li>New "<a href="cyradm.1.html"><tt>cyradm</tt></a>" administrative client.</li> <li>Changed the syslog facility from "<a href="install.html#syslog"><tt>local4</tt></a>" to "<tt>local6</tt>".</li> <li>Removed the <tt>renounce setuid</tt> check in "<a href="install.html#deliver"><tt>deliver</tt>"</a>. The "<tt>deliver</tt>" program must now be <b>non</b>-executable by <tt>other</tt>.</li> <li>Fixed a typo in the parsing of <tt>SEARCH DELETED</tt>. (This bug constantly got tripped by newer C-clients.)</li> <li>Redesigned the implementation of <tt>SEARCH CHARSET</tt>.<br /> Sites that wish to search for non-ASCII characters in the headers of existing mailboxes must run <tt>reconstruct</tt> on all their mailboxes after upgrading to this version.</li> <li>Added AUTH and KPOP support to the POP3 server.</li> <li>Added search support for the ISO-2022-JP character set.</li> <li>Replaced the search engine with a partial Boyer-Moore algorithm.</li> <li>Special-case optimized searching US-ASCII text.</li> <li>Fixed a bug which caused the message parser to spin-loop on a particular degenerate invalid-MIME case.</li> <li>Fixed a performance bug in the message parser.</li> <li>Tracked last-minute changes to the IMAP4 protocol.</li> <li>Fixed a bug in <tt>UNSUBSCRIBE</tt> which caused too many subscriptions to be removed.</li> <li>Added a bunch more "<a href="install.html#configure"><tt>configure</tt></a>" options.</li> <li>Ported to HPUX.</li> <li>Fixed a bug in the <tt>LIST/LSUB \Noselect</tt> code.</li> <li>Fixed bug in the globbing code which caused the "<tt>*%</tt>" pattern to work incorrectly.</li> <li>Client-side Kerberos support is now conditionalized on <tt>HAVE_ACTE_KRB</tt>, which is set by configure.</li> <li>Fixed some invalid buffer-alignment assumptions in the Kerberos code.</li> <li>Made the lexers compatible with flex. Configure now looks for and prefers to use <tt>flex</tt> and <tt>bison</tt>/<tt>byacc</tt>.</li> <li>Made the IMAP server check for the existence of the mailboxes file upon startup, in order to give a more informative error message for this common configuration error.</li> <li>Fixed other minor bugs.</li> </ul> <hr /> last modified: $Date: 2005/03/05 00:36:17 $ <br /> <a href="index.html">Return</a> to the Cyrus IMAP Server Home Page </body> </html>