22:29 adamw 

Update dovecot2 to 2.2.31, and bump PORTREVISION on the modules.

* LMTP: Removed "(Dovecot)" from added Received headers. Some
  installations want to hide it, and there's not really any good reason
  for anyone to have it.

+ Add ssl_alt_cert and ssl_alt_key settings to add support for
  having both RSA and ECDSA certificates.
+ dsync/imapc, pop3-migration plugin: Strip trailing whitespace from
  headers when matching mails. This helps with migrations from Zimbra.
+ acl: Add acl_globals_only setting to disable looking up
  per-mailbox dovecot-acl files.
+ Parse invalid message addresses better. This mainly affects the
  generated IMAP ENVELOPE replies.
- v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly.
  It could have deleted wrong mail's cache or assert-crashed.
- v2.2.30 mail-crypt-acl plugin was assert-crashing
- v2.2.30 welcome plugin wasn't working
- Various fixes to handling mailbox listing. Especially related to
  handling nonexistent autocreated/autosubscribed mailboxes and ACLs.
- Global ACL file was parsed as if it was local ACL file. This caused
  some of the ACL rule interactions to not work exactly as intended.
- auth: forward_* fields didn't work properly: Only the first forward
  field was working, and only if the first passdb lookup succeeded.
- Using mail_sort_max_read_count sometimes caused "Broken sort-*
  indexes, resetting" errors.
- Using mail_sort_max_read_count may have caused very high CPU usage.
- Message address parsing could have crashed on invalid input.
- imapc_features=fetch-headers wasn't always working correctly and
  caused the full header to be fetched.
- imapc: Various bugfixes related to connection failure handling.
- quota=imapc sent unnecessary FETCH RFC822.SIZE to server when
  expunging mails.
- quota=count: quota_warning = -storage=.. was never executed
- quota=count: Add support for "ns" parameter
- dsync: Fix incremental syncing for mails that don't have Date or
  Message-ID headers.
- imap: Fix hang when client sends pipelined SEARCH +
  EXPUNGE/CLOSE/LOGOUT.
- oauth2: Token validation didn't accept empty server responses.
- imap: NOTIFY command has been almost completely broken since the
  beginning. I guess nobody has been trying to use it.

 

15:37 ler 

mail/dovecot2:
    - auth: Multiple failed authentications within short time caused
          crashes
        - push-notification: OX driver crashed at deinit

Bump PORTREVISION for plugins.

 

14:16 adamw 

Update dovecot to 2.2.30.1, and bump PORTREVISION on plugins.

  Due to some release process changes I didn't notice that one
  important bugfix wasn't included in the v2.2.30 release branch
  before I made the release. So fixing it here with v2.2.30.1.
  Also included another less important fix.

    - quota_warning scripts weren't working in v2.2.30
    - vpopmail still wasn't compiling

  Also I guess should mention that in v2.2.30+ the "script"
  service's protocol changed to a new version. If anyone had
  written their own script services (not using the included
  "script" binary) they would need some changes. I haven't
  heard of anyone having done that though.

 

20:13 adamw 

Update dovecot to 2.2.30, and bump PORTREVISION in consumers.

* auth: Use timing safe comparisons for everything related to
  passwords. It's unlikely that these could have been used for
  practical attacks, especially because Dovecot delays and flushes all
  failed authentications in 2 second intervals. Also it could have
  worked only when passwords were stored in plaintext in the passdb.
* master process sends SIGQUIT to all running children at shutdown,
  which instructs them to close all the socket listeners immediately.
  This way restarting Dovecot should no longer fail due to some
  processes keeping the listeners open for a long time.

+ auth: Add passdb { mechanisms=none } to match separate passdb lookup
+ auth: Add passdb { username_filter } to use passdb only if user
  matches the filter. See https://wiki2.dovecot.org/PasswordDatabase
+ dsync: Add dsync_commit_msgs_interval setting. It attempts to commit
  the transaction after saving this many new messages. Because of the
  way dsync works, it may not always be possible if mails are copied
  or UIDs need to change.
+ imapc: Support imapc_features=search without ESEARCH extension.
+ imapc: Add imapc_features=fetch-bodystructure to pass through remote
  server's FETCH BODY and BODYSTRUCTURE.
+ imapc: Add quota=imapc backend to use GETQUOTA/GETQUOTAROOT on the
  remote server.
+ passdb imap: Add allow_invalid_cert and ssl_ca_file parameters.
+ If dovecot.index.cache corruption is detected, reset only the one
  corrupted mail instead of the whole file.
+ doveadm mailbox status: Add "firstsaved" field.
+ director_flush_socket: Add old host's up/down and vhost count as parameters
- More fixes to automatically fix corruption in dovecot.list.index
- dsync-server: Fix support for dsync_features=empty-header-workaround
- imapc: Various bugfixes, including infinite loops on some errors
- IMAP NOTIFY wasn't working for non-INBOX if IMAP client hadn't
  enabled modseq tracking via CONDSTORE/QRESYNC.
- fts-lucene: Fix it to work again with mbox format
- Some internal error messages may have contained garbage in v2.2.29
- mail-crypt: Re-encrypt when copying/moving mails and per-mailbox keys
  are used. Otherwise the copied mails can't be opened.
- vpopmail: Fix compiling

 

15:37 adamw 

Mark antispam-plugin as deprecated, and schedule for expiration on 31 July.
The plugin has been deprecated upstream, and they recommend that a dovecot
pigeonhole (sieve) script be used instead. Instructions for this are
available at

  https://wiki2.dovecot.org/HowTo/AntispamWithSieve

Approved by:	olgeni (maintainer)

 

00:23 adamw 

Update dovecot to 2.2.29, and bump PORTREVISION for the plugins. Add a
warning to the pkg-message that security.bsd.see_other_uids/gids should
not be enabled if dovecot is storing mail for multiple users concurrently
(PR 218392, submitted by topical).

 * passdb/userdb dict: Don't double-expand %variables in keys. If dict
   was used as the authentication passdb, using specially crafted
   %variables in the username could be used to cause DoS (CVE-2017-2669)
 * When Dovecot encounters an internal error, it logs the real error and
   usually logs another line saying what function failed. Previously the
   second log line's error message was a rather uninformative "Internal
   error occurred. Refer to server log for more information." Now the
   real error message is duplicated in this second log line.
 * lmtp: If a delivery has multiple recipients, run autoexpunging only
   for the last recipient. This avoids a problem where a long
   autoexpunge run causes LMTP client to timeout between the DATA
   replies, resulting in duplicate mail deliveries.
 * config: Don't stop the process due to idling. Otherwise the
   configuration is reloaded when the process restarts.
 * mail_log plugin: Differentiate autoexpunges from regular expunges
 * imapc: Use LOGOUT to cleanly disconnect from server.
 * lib-http: Internal status codes (>9000) are no longer visible in logs
 * director: Log vhost count changes and HOST-UP/DOWN

 + quota: Add plugin { quota_max_mail_size } setting to limit the
   maximum individual mail size that can be saved.
 + imapc: Add imapc_features=delay-login. If set, connecting to the
   remote IMAP server isn't done until it's necessary.
 + imapc: Add imapc_connection_retry_count and
   imapc_connection_retry_interval settings.
 + imap, pop3, indexer-worker: Add (deinit) to process title before
   autoexpunging runs.
 + Added %{encrypt} and %{decrypt} variables
 + imap/pop3 proxy: Log proxy state in errors as human-readable string.
 + imap/pop3-login: All forward_* extra fields returned by passdb are
   sent to the next hop when proxying using ID/XCLIENT commands. On the
   receiving side these fields are imported and sent to auth process
   where they're accessible via %{passdb:forward_*}. This is done only
   if the sending IP address matches login_trusted_networks.
 + imap-login: If imap_id_retain=yes, send the IMAP ID string to
   auth process. %{client_id} expands to it in auth process. The ID
   string is also sent to the next hop when proxying.
 + passdb imap: Use ssl_client_ca_* settings for CA validation.
 - fts-tika: Fixed crash when parsing attachment without
   Content-Disposition header. Broken by 2.2.28. (fixed in FreeBSD ports)
 - trash plugin was broken in 2.2.28 (fixed in FreeBSD ports)
 - auth: When passdb/userdb lookups were done via auth-workers, too much
   data was added to auth cache. This could have resulted in wrong
   replies when using multiple passdbs/userdbs.
 - auth: passdb { skip & mechanisms } were ignored for the first passdb
 - oauth2: Various fixes, including fixes to crashes
 - dsync: Large Sieve scripts (or other large metadata) weren't always
   synced.
 - Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
 - imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
 - doveadm: Exit codes weren't preserved when proxying commands via
   doveadm-server. Almost all errors used exit code 75 (tempfail).
 - ACLs weren't applied to not-yet-existing autocreated mailboxes.
 - Fixed a potential crash when parsing a broken message header.
 - cassandra: Fallback consistency settings weren't working correctly.
 - doveadm director status <user>: "Initial config" was always empty
 - imapc: Various reconnection fixes.

 

15:24 adamw 

Update dovecot2 to 2.2.28, and bump PORTREVISION on the plugins.

  * director: "doveadm director move" to same host now refreshes user's
    timeout. This allows keeping user constantly in the same backend by
    just periodically moving the user there.
  * When new mailbox is created, use initially INBOX's
    dovecot.index.cache caching decisions.
  * Expunging mails writes GUID to dovecot.index.log now only if the
    GUID is quickly available from index/cache.
  * pop3c: Increase timeout for PASS command to 5 minutes.
  * Mail access errors are no longer ignored when searching or sorting.
    With IMAP the untagged SEARCH/SORT reply is still sent the same as
    before, but NO reply is returned instead of OK.

  + Make dovecot.list.index's filename configurable. This is needed when
    there are multiple namespaces pointing to the same mail root
    (e.g. lazy_expunge namespace for mdbox).
  + Add size.virtual to dovecot.index when folder vsizes are accessed
    (e.g. quota=count). This is mainly a workaround to avoid slow quota
    recalculation performance when message sizes get lost from
    dovecot.index.cache due to corruption or some other reason.
  + auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
    in lib-dsasl for client side.
  + auth: Support filtering by SASL mechanism: passdb { mechanisms }
  + Shrink the mail processes' memory usage by not storing settings
    duplicated unnecessarily many times.
  + imap: Add imap_fetch_failure setting to control what happens when
    FETCH fails for some mails (see example-config).
  + imap: Include info about last command in disconnection log line.
  + imap: Created new SEARCH=X-MIMEPART extension. It's currently not
    advertised by default, since it's not fully implemented.
  + fts-solr: Add support for basic authentication.
  + Cassandra: Support automatically retrying failed queries if
    execution_retry_interval and execution_retry_times are set.
  + doveadm: Added "mailbox path" command.
  + mail_log plugin: If plugin { mail_log_cached_only=yes }, log the
    wanted fields only if it doesn't require opening the email.
  + mail_vsize_bg_after_count setting added (see example-config).
  + mail_sort_max_read_count setting added (see example-config).
  + pop3c: Added pop3c_features=no-pipelining setting to prevent using
    PIPELINING extension even though it's advertised.

  - Index files: day_first_uid wasn't updated correctly since v2.2.26.
    This caused dovecot.index.cache to be non-optimal.
  - imap: SEARCH/SORT may have assert-crashed in
    client_check_command_hangs
  - imap: FETCH X-MAILBOX may have assert-crashed in virtual mailboxes.
  - imap: Running time in tagged command reply was often wrongly 0.
  - search: Using NOT n:* or NOT UID n:* wasn't handled correctly
  - director: doveadm director kick was broken
  - director: Fix crash when using director_flush_socket
  - director: Fix some bugs when moving users between backends
  - imapc: Various error handling fixes and improvements
  - master: doveadm process status output had a lot of duplicates.
  - autoexpunge: If mailbox's rename timestamp is newer than mail's
    save-timestamp, use it instead. This is useful when autoexpunging
    e.g. Trash/* and an entire mailbox is deleted by renaming it under
    Trash to prevent it from being autoexpunged too early.
  - autoexpunge: Multiple processes may have been trying to expunge the
    same mails simultaneously. This was problematic especially with
    lazy_expunge plugin.
  - auth: %{passdb:*} was empty in auth-worker processes
  - auth-policy: hashed_password was always sent empty.
  - dict-sql: Merge multiple UPDATEs to a single statement if possible.
  - fts-solr: Escape {} chars when sending queries
  - fts: fts_autoindex_exclude = \Special-use caused crashes
  - doveadm-server: Fix leaks and other problems when process is reused
    for multiple requests (service_count != 1)
  - sdbox: Fix assert-crash on mailbox create race
  - lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
    was used. especially %{storage_id} was broken.
  - lmtp_user_concurrency_limit didn't work if userdb changed username

 

18:31 adamw 

Update dovecot2 to 2.2.27, and bump PORTREVISION on pigeonhole and
antispam-plugin. Also, while here, switch the MASTER_SITE to https,
because https.

The big thing in this release is the ability to read and write
encrypted messages. I'm very interested in hearing FreeBSD users'
experiences with it.

Really, Larry Rosenman did almost all the actual work here.


 * dovecot.list.index.log rotation sizes/times were changed so that
   the .log file stays smaller and .log.2 is deleted sooner.

 + Added mail_crypt plugin that allows encryption of stored emails.
   See http://wiki2.dovecot.org/Plugins/MailCrypt
 + stats: Global stats can be sent to Carbon server by setting
   stats_carbon_server=ip:port
 + imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send
   ID/XCLIENT
 + Added generic hash modifier for %variables:
   %{<hash algorithm>;rounds=<n>,truncate=<bits>,salt=s>:field}
   Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256.
   Also "pkcs5" is supported using SHA256. For example: %{sha256:user}
   or %{md5;truncate=32:user}.
 + Added support for SHA3-256 and SHA3-512 hashes.
 + config: Support DNS wildcards in local_name, e.g.
   local_name *.example.com { .. } matches anything.example.com, but
   not multiple.anything.example.com.
 + config: Support multiple names in local_name, e.g.
   local_name "1.example.com 2.example.com" { .. }
 - Fixed crash in auth process when auth-policy was configured and
   authentication was aborted/failed without a username set.
 - director: If two users had different tags but the same hash,
   the users may have been redirected to the wrong tag's hosts.
 - Index files may have been thought incorrectly lost, causing
   "Missing middle file seq=.." to be logged and index rebuild.
   This happened more easily with IMAP hibernation enabled.
 - Various fixes to restoring state correctly in un-hibernation.
 - dovecot.index files were commonly 4 bytes per email too large. This
   is because 3 bytes per email were being wasted that could have been
   used for IMAP keywords.
 - Various fixes to handle dovecot.list.index corruption better.
 - lib-fts: Fixed assert-crash in address tokenizer with specific input.
 - Fixed assert-crash in HTML to text parsing with specific input
   (e.g. for FTS indexing or snippet generation)
 - doveadm sync -1: Fixed handling mailbox GUID conflicts.
 - sdbox, mdbox: Perform full index rebuild if corruption is detected
   inside lib-index, which runs index fsck.
 - quota: Don't skip quota checks when moving mails between different
   quota roots.
 - search: Multiple sequence sets or UID sets in search parameters
   weren't handled correctly. They were incorrectly merged together

 

23:15 adamw 

Update dovecot2 to 2.2.26, and bump PORTREVISION on pigeonhole and
antispam-plugin.

Changes for 2.2.26:
Mainly there are quite a lot of director fixes and improvements.

Here's the full list of changes:

 * master: Removed hardcoded 511 backlog limit for listen(). The kernel
   should limit this as needed.
 * doveadm import: Source user is now initialized the same as target
   user. Added -U parameter to override the source user.
 * Mailbox names are no longer limited to 16 hierarchy levels. We'll
   check another way to make sure mailbox names can't grow larger than
   4096 bytes.

 + Added a concept of "alternative usernames" by returning user_* extra
   field(s) in passdb. doveadm proxy list shows these alt usernames in
   "doveadm proxy list" output. "doveadm director&proxy kick" adds
   -f <passdb field> parameter. The alt usernames don't have to be
   unique, so this allows creation of user groups and kicking them in
   one command.
 + auth: passdb/userdb dict allows now %variables in key settings.
 + auth: If passdb returns noauthenticate=yes extra field, assume that
   it only set extra fields and authentication wasn't actually performed.
 + auth: passdb static now supports password={scheme} prefix.
 + auth, login_log_format_elements: Added %{local_name} variable, which
   expands to TLS SNI hostname if given.
 + imapc: Added imapc_max_line_length to limit maximum memory usage.
 + imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs.
   This replaces at least partially the rawlog plugin.
 + dsync: Added dsync_features=empty-header-workaround setting. This
   makes incremental dsyncs work better for servers that randomly return
   empty headers for mails. When an empty header is seen for an existing
   mail, dsync assumes that it matches the local mail.
 + doveadm sync/backup: Added -I <max size> parameter to skip too
   large mails.
 + doveadm sync/backup: Fixed -t parameter and added -e for "end date".
 + doveadm mailbox metadata: Added -s parameter to allow accessing
   server metadata by using empty mailbox name.
 + Added "doveadm service status" and "doveadm process status" commands.
 + director: Added director_flush_socket. See
   http://wiki2.dovecot.org/Director#Flush_socket
 + doveadm director flush: Users are now moved only max 100 at a time to
   avoid load spikes. --max-parallel parameter overrides this.
 + Added FILE_LOCK_SLOW_WARNING_MSECS environment, which logs a warning
   if any lock is waited on or kept for this many milliseconds.

 - master process's listener socket was leaked to all child processes.
   This might have allowed untrusted processes to capture and prevent
   "doveadm service stop" comands from working.
 - login proxy: Fixed crash when outgoing SSL connections were hanging.
 - auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
   from previous userdbs didn't work there.
 - auth: Each userdb lookup from cache reset its TTL.
 - auth: Fixed auth_bind=yes + sasl_bind=yes to work together
 - auth: Blocking userdb lookups reset extra fields set by previous
   userdbs.
 - auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
 - auth-policy: Fixed crash due to using already-freed memory if policy
   lookup takes longer than auth request exists.
 - lib-auth: Unescape passdb/userdb extra fields. Mainly affected
   returning extra fields with LFs or TABs.
 - lmtp_user_concurrency_limit>0 setting was logging unnecessary
   anvil errors.
 - lmtp_user_concurrency_limit is now checked before quota check with
   lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
 - lmtp: %{userdb:*} variables didn't work in mail_log_prefix
 - autoexpunge settings for mailboxes with wildcards didn't work when
   namespace prefix was non-empty.
 - Fixed writing >2GB to iostream-temp files (used by fs-compress,
   fs-metawrap, doveadm-http)
 - director: Ignore duplicates in director_servers setting.
 - director: Many fixes related to connection handshaking, user moving
   and error handling.
 - director: Don't break with shutdown_clients=no
 - zlib, IMAP BINARY: Fixed internal caching when accessing multiple
   newly created mails. They all had UID=0 and the next mail could have
   wrongly used the previously cached mail.
 - doveadm stats reset wasn't reseting all the stats.
 - auth_stats=yes: Don't update num_logins, since it doubles them when
   using with mail stats.
 - quota count: Fixed deadlocks when updating vsize header.
 - dict-quota: Fixed crashes happening due to memory corruption.
 - dict proxy: Fixed various timeout-related bugs.
 - doveadm proxying: Fixed -A and -u wildcard handling.
 - doveadm proxying: Fixed hangs and bugs related to printing.
 - imap: Fixed wrongly triggering assert-crash in
   client_check_command_hangs.
 - imap proxy: Don't send ID command pipelined with nopipelining=yes
 - imap-hibernate: Don't execute quota_over_script or last_login after
   un-hibernation.
 - imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one
   IP packet.
 - imap-hibernate: Fixed various failures when un-hibernating.
 - fts: fts_autoindex=yes was broken in 2.2.25 unless
   fts_autoindex_exclude settings existed.
 - fts-solr: Fixed searching multiple mailboxes (patch by x16a0)
 - doveadm fetch body.snippet wasn't working in 2.2.25. Also fixed a
   crash with certain emails.
 - pop3-migration + dbox: Various fixes related to POP3 UIDL
   optimization in 2.2.25.
 - pop3-migration: Fixed "truncated email header" workaround.

 

11:06 tijl 

- Update devel/icu to 57.1.
- Clean up the Makefile.
- Follow some upstream recommendations (--with-data-packaging=archive,
  --disable-renaming, -DICU_NO_USER_DATA_OVERRIDE).
- Patch makefiles to install static libraries with INSTALL_DATA so they
  aren't stripped.
- Patch config/mh-bsd-gcc to sync with config/mh-linux-gcc.
- Fix endianness detection in ICU.  The code wanted to use BYTE_ORDER
  defined in machine/endian.h, but this isn't visible because ICU is
  compiled with _XOPEN_SOURCE.  Patch the code to use _BYTE_ORDER instead.
- Compile ICU with C++11 compiler to enable move constructors.
- Patch ICU to fix a problem with atomics in the case of a C++11 compiler
  without C++11 header <atomic> (like Clang on FreeBSD 9).
- Bump all ports that depend on it due to library version change.
- Add USES=compiler:c++0x to some ports that pick up -std=c++0x from ICU
  pkgconfig files.
- Add USES=compiler:c++11-lib to graphics/libcdr01 because it also needs
  a C++11 runtime library now.  Add this to all ports that depend on it
  so their executables load the right libstdc++.so on FreeBSD 9.

PR:		205120
Exp-run by:	antoine
Approved by:	portmgr (antoine)

 

16:46 ohauer 

- bump PORTREVISION

PR:		212788

 

17:06 adamw 

Update dovecot2 to 2.2.25 again, this time with a patch from upstream to
fix the kqueue crash. Bump PORTREVISION on pigeonhole and antispam-plugin
again.

Extra thanks to Larry Rosenman for being on top of the fix.

Obtained
from:	https://github.com/dovecot/core/commit/ffd8dc932516bc55bf01d91355540daab365e5e9

 

15:55 adamw 

Update dovecot2 to 2.2.25, and bump PORTREVISION on pigeonhole and
antispam-plugin.

  * lmtp: Start tracking lmtp_user_concurrency_limit and reject already
    at RCPT TO stage. This avoids MTA unnecessarily completing DATA only
    to get an error.
  * doveadm: Previously only mail settings were read from protocol
    doveadm { .. } section. Now all settings are.

  + quota: Added quota_over_flag_lazy_check setting. It avoids checking
    quota_over_flag always at startup. Instead it's checked only when
    quota is being read for some other purpose.
  + auth: Added a new auth policy service:
    http://wiki2.dovecot.org/Authentication/Policy
  + auth: Added PBKDF2 password scheme
  + auth: Added %{auth_user}, %{auth_username} and %{auth_domain}
  + auth: Added ":remove" suffix to extra field names to remove them.
  + auth: Added "delay_until=<timestamp>[+<max random secs>]" passdb
    extra field. The auth will wait until <timestamp> and optionally some
    randomness and then return success.
  + dict proxy: Added idle_msecs=<n> parameter. Support async operations.
  + Performance improvements for handling large mailboxes.
  + Added lib-dcrypt API for providing cryptographic functions.
  + Added "doveadm mailbox update" command
  + imap commands' output now includes timing spent on the "syncing"
    stage if it's larger than 0.
  + cassandra: Added metrics=<path> to connect setting to output internal
    statistics in JSON format every second to <path>.
  + doveadm mailbox delete: Added -e parameter to delete only empty
    mailboxes. Added --unsafe option to quickly delete a mailbox,
    bypassing lazy_expunge and quota plugins.
  + doveadm user & auth cache flush are now available via doveadm-server.
  + doveadm service stop <services> will stop specified services while
    leaving the rest of Dovecot running.
  + quota optimization: Avoid reading mail sizes for backends which
    don't need them (count, fs, dirsize)
  + Added mailbox { autoexpunge_max_mails=<n> } setting.
  + Added welcome plugin: http://wiki2.dovecot.org/Plugins/Welcome
  + fts: Added fts_autoindex_exclude setting.
  - v2.2.24's MIME parser was assert-crashing on mails having truncated
    MIME headers.
  - auth: With multiple userdbs the final success/failure result wasn't
    always correct. The last userdb's result was always used.
  - doveadm backup was sometimes deleting entire mailboxes unnecessarily.
  - doveadm: Command -parameters weren't being sent to doveadm-server.
  - If dovecot.index read failed e.g. because mmap() reached VSZ limit,
    an empty index could have been opened instead, corrupting the
    mailbox state.
  - imapc: Fixed EXPUNGE handling when imapc_features didn't have modseq.
  - lazy-expunge: Fixed a crash when copying failed. Various other fixes.
  - fts-lucene: Fixed crash on index rescan.
  - auth_stats=yes produced broken output
  - dict-ldap: Various fixes
  - dict-sql: NULL values crashed. Now they're treated as "not found".

 

16:03 adamw 

Update dovecot2 to 2.2.24, and bump PORTREVISION on antispam-plugin and
pigeonhole.

* doveconf now warns if it sees a global setting being changed when
  the same setting was already set inside some filters. (A common
  mistake has been adding more plugins to a global mail_plugins
  setting after it was already set inside protocol { .. }, which
  caused the global setting to be ignored for that protocol.)
* LMTP proxy: Increased default timeout 30s -> 125s. This makes it
  less likely to reach the timeout and cause duplicate deliveries.
* LMTP and indexer now append ":suffix" to session IDs to make it
  unique for the specific user's delivery. (Fixes duplicate session
  ID warnings in stats process.)

+ Added dict-ldap for performing read-only LDAP dict lookups.
+ lazy-expunge: All mails can be saved to a single specified mailbox.
+ mailbox { autoexpunge } supports now wildcards in mailbox names.
+ doveadm HTTP API: Added support for proxy commands
+ imapc: Reconnect when getting disconnected in non-selected state.
+ imapc: Added imapc_features=modseq to access MODSEQs/HIGHESTMODSEQ.
  This is especially useful for incremental dsync.
+ doveadm auth/user: Auth lookup performs debug logging if
  -o auth_debug=yes is given to doveadm.
+ Added passdb/userdb { auth_verbose=yes|no } setting.
+ Cassandra: Added user, password, num_threads, connect_timeout and
  request_timeout settings.
+ doveadm user -e <value>: Print <value> with %variables expanded.
- Huge header lines could have caused Dovecot to use too much memory
  (depending on config and used IMAP commands). (Typically this would
  result in only the single user's process dying with out of memory
  due to reaching service { vsz_limit } - not a global DoS).
- dsync: Detect and handle invalid/stale -s state string better.
- dsync: Fixed crash caused by specific mailbox renames
- auth: Auth cache is now disabled passwd-file. It was unnecessary and
  it broke %variables in extra fields.
- fts-tika: Don't crash if it returns 500 error
- dict-redis: Fixed timeout handling
- SEARCH INTHREAD was crashing
- stats: Only a single fifo_listeners was supported, making it
  impossible to use both auth_stats=yes and mail stats plugin.
- SSL errors were logged in separate "Stacked error" log lines
  instead of as part of the disconnection reason.
- MIME body parser didn't handle properly when a child MIME part's
  --boundary had the same prefix as the parent.

 

16:59 adamw 

Update dovecot2 to 2.2.23, and bump PORTREVISION on dovecot2-pigeonhole
and dovecot2-antispam-plugin.

From the 2.2.23 release notes:

This is a bugfix-only release with various important fixes on top of v2.2.22.

 - Various fixes to doveadm. Especially running commands via
   doveadm-server was broken.
 - director: Fixed user weakness getting stuck in some situations
 - director: Fixed a situation where directors keep re-sending
   different states to each others and never becoming synced.
 - director: Fixed assert-crash related to a slow "user killed" reply
 - Fixed assert-crash related to istream-concat, which could have
   been triggered at least by a Sieve script.

 

14:16 mat 

Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight

 

17:29 adamw 

Update mail/dovecot2 to 2.2.22, and bump PORTREVISION on dovecot2-pigeonhole
and dovecot2-antispam-plugin.

Changes for 2.2.22:
 + Added doveadm HTTP API: See
   http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP
 + virtual plugin: Mailbox filtering can now be done based on the
   mailbox metadata. See http://wiki2.dovecot.org/Plugins/Virtual
 + stats: Added doveadm stats reset to reset global stats.
 + stats: Added authentication statistics if auth_stats=yes.
 + dsync, imapc, pop3c & pop3-migration: Many optimizations,
   improvements and error handling fixes.
 + doveadm: Most commands now stop soon after SIGINT/SIGTERM.
 - auth: Auth caching was done too aggressively when %variables were
   used in default_fields, override_fields or LDAP pass/user_attrs.
   userdb result_* were also ignored when user was found from cache.
 - imap: Fixed various assert-crashes caused v2.2.20+. Some of them
   caught actual hangs or otherwise unwanted behavior towards IMAP
   clients.
 - Expunges were forgotten in some situations, for example when
   pipelining multiple IMAP MOVE commands.
 - quota: Per-namespaces quota were broken for dict and count backends
   in v2.2.20+
 - fts-solr: Search queries were using OR instead of AND as the
   separator for multi-token search queries in v2.2.20+.
 - Single instance storage support wasn't really working in v2.2.16+
 - dbox: POP3 message ordering wasn't working correctly.
 - virtual plugin: Fixed crashes related to backend mailbox deletions.

 

16:47 adamw 

Update dovecot2 to 2.2.21, and bump PORTREVISION in consumers.

While here, fix up some paths in the decode2text plugin, and add a note
to pkg-message about how to make it work. [1]

Changes:
 - doveadm mailbox list (and some others) were broken in v2.2.20
 - director: Fixed making backend changes when running with only a
   single director server.
 - virtual plugin: Fixed crash when trying to open nonexistent
   autocreated backend mailbox.

PR:		205231 [1]
Submitted by:	andrej@ebert.su

 

15:39 adamw 

Update dovecot2 to 2.2.20, and bump PORTREVISION on antispam-plugin and
pigeonhole.

Also, remove the GC option from dovecot2. As reported in bug #205035,
reported by sebastian@wolfgarten.com, all it does it cause leaks and
spam the logs about it.

Changes:
 + Added mailbox { autoexpunge=<time> } setting. See
   http://wiki2.dovecot.org/MailboxSettings for details.
 + ssl_options: Added support for no_ticket
 + imap/pop3/managesieve-login: Added postlogin_socket=path passdb extra
   field. This allows replacing the default service
   imap/pop3/managesieve {} settings for specific users (e.g. running
   their imap process via valgrind or strace).
 + doveadm fetch: Added date.sent/received/saved.unixtime
 + fs-posix: Added mode=auto parameter to set the created files' and
   directories' mode based on the parent dir if it has setgid-bit.
 + director: Support backends having hostnames, which makes it possible
   to verify their SSL certificates.
 - director: Directors' state became desynchronized if doveadm director
   commands were used to modify the same backend in multiple directors
   at the same time with conflicting changes. This fix includes some
   extra checks, which makes sure that if such a conflict still happens
   it's automatically fixed. In some situations such an automatic fix
   may now be unnecessarily triggered and an error logged.
 - director: Backend tags weren't working correctly.
 - ldap: tls_* settings weren't used for ldaps URIs.
 - ldap, mysql: Fixed setting connect timeout.
 - auth: userdb lookups via auth-worker couldn't change username
 - dsync: Fixed handling deleted directories. Make sure we don't go to
   infinite mailbox renaming loop.
 - imap: Fixed crash in NOTIFY when there were watched namespaces that
   didn't support NOTIFY.
 - imap: After SETMETADATA was used, various commands (especially FETCH)
   could have started hanging when their output was large.
 - stats: Idle sessions weren't refreshed often enough, causing stats
   process to forget them and log errors about unknown sessions when
   they were updated later.
 - stats: Fixed "Duplicate session ID" errors when LMTP delivered to
   multiple recipients and fts_autoindex=yes.
 - zlib plugin: Fixed copying causing cache corruption when zlib_save
   wasn't set, but the source message was compressed.
 - fts-solr: Fixed escaping Solr query parameters.
 - lmtp: quota_full_tempfail=yes was ignored with
   lmtp_rcpt_check_quota=yes

 

22:44 adamw 

Update dovecot2 to 2.2.19, and bump PORTREVISION on antispam-plugin
and pigeonhole.

Changes:

* pop3_deleted_flag has been broken since v2.2.10. Using it would
  cause buffer overflows, which could be exploitable. However, this
  bug would have become visible quite soon after users had deleted
  some POP3 mails, because the pop3 processes would have started
  crashing all the time even in normal use.
* "doveadm director flush" command has a changed meaning now:
  It safely moves users to their wanted backends, instead of simply
  forgetting the mapping entirely and leaving the existing connections
  untouched. Use -F parameter to get the original unsafe behavior.

+ Added imap-hibernate processes (see imap_hibernate_timeout setting).
  IDLEing IMAP connections can be hibernated, which saves memory.
+ Optimized tracking mailboxes' vsizes (= sum of all messages' sizes).
  If mailbox_list_index=yes, it's also stored in there. This makes it
  very efficient to look up vsizes for all mailboxes.
+ Added a quota "count" backend, which uses the mailbox vsizes to get
  the current quota usage. It requires using the new quota_vsizes=yes
  setting, which tracks the messages' "virtual sizes" rather than
  "physical sizes". Their distiction is minor and mostly irrelevant
  nowadays (if mail sizes should be counted with LF or CRLF newlines).
+ "doveadm director up/down" commands added. The monitoring script
  should be using these commands instead of changing the vhost count.
  This allows admin to manually disable a server by changing the vhost
  count to 0 without the monitoring script changing it back.
+ Added support for HAProxy protocol: http://wiki2.dovecot.org/HAProxy
+ Added push-notification plugin framework, which can be used to
  easily implement push notifications to various backends. Implemented
  "ox" backend for notifying Open-Xchange via HTTP/json.
+ imap_logout_format supports more variables now, e.g. number of
  deleted messages.
+ pop3: Added pop3_delete_type setting (related to pop3_deleted_flag).
+ plugin { fts_enforced=yes } setting now fails body searches unless
  it can be done via the full text search engine.
+ Added %{passdb:*} and %{userdb:*} variables to various places
+ auth: Added ":protected" suffix for passdb and userdb fields. If
  used, the field doesn't overwrite an existing field.
+ IMAP/POP3 proxy: If a backend server dies, avoid client reconnection
  spikes by slowly disconnecting clients over time. This is enabled by
  setting login_proxy_max_disconnect_delay=secs passdb extra field.
+ imap: Added new read-only METADATA entries: /private/specialuse,
  /shared/comment, /shared/admin
+ imap: If client disconnects in the middle of a command, log how long
  the command had been running.
- mdbox: Rebuilding could have caused message's reference count to
  overflow the 16bit number in some situations, causing problems when
  trying to expunge the duplicates.
- Various search fixes (fts, solr, tika, lib-charset, indexer)
- Various virtual plugin fixes
- Various fixes and optimizations to dsync, imapc and pop3-migration
- imap: Various RFC compliancy and crash fixes to NOTIFY

 

15:02 adamw 

Update dovecot2 to 2.2.18. This is a bugfix release to address issues
identified in 2.2.17.

Changes:
- director: Login UNIX sockets were normally detected as doveadm or
  director ring sockets, causing it to break in existing installations.
- sdbox: When copying a mail in alt storage, place the destination to
  alt storage as well.

Bump PORTREVISION on antispam-plugin and pigeonhole, like I should have
done last time.

 

10:40 bapt 

Bump portrevision after dovecot2 update

 

14:59 adamw 

Bump PORTREVISION on pigeonhole and antispam-plugin, which should have
happened yesterday.

 

19:12 bapt 

cleanup plist

 

00:15 adamw 

Update dovecot2 to 2.2.15, and add an LZ4 option that uses liblz4.

ChangeLog:

Some small fixes and changes to v2.2.14. This release is mainly in the hope
that it could still make it into the next Debian stable instead of v2.2.14 -
mainly because of a couple of new assert crashes that started happening in
v2.2.14 and should be fixed now.

	* Plugins can now print a banner comment in doveconf output
	  (typically the plugin version)
	* Replication plugin now triggers low (instead of high) priority for
	  mail copying operations.
	* IMAP/POP3/ManageSieve proxy: If destination server can't be
	  connected to, retry connecting once per second up to the value of
	  proxy_timeout. This allows quick restarts/upgrades on the backend
	  server without returning login failures.
	* Internal passdb lookups (e.g. done by lmtp/doveadm proxy) wasn't
	  returning failure in some situations where it should have (e.g.
	  allow_nets mismatch)
	* LMTP uses mail_log_prefix now for logging mail deliveries instead of
	  a hardcoded prefix. The non-delivery log prefix is still hardcoded
	  though.

	+ passdb allow_nets=local matches lookups that don't contain an IP
	  address (internally done by Dovecot services)
	+ Various debug logging and error logging improvements
	- Various race condition fixes to LAYOUT=index
	- v2.2.14 virtual plugin crashed in some situations

 

17:35 adamw 

Update dovecot2 to 2.2.14. PORTREVISION bumps for dovecot2-pigeonhole and
dovecot2-antispam-plugin.

Changes in 2.2.14:

	* lmtp: Delivered-To: header no longer contains <> around the email
	  address. Other MDAs don't have it either.
	* "Out of disk space" errors are now treated as temporary errors
	  (not the same as "Out of disk quota").
	* replication plugin: Use replication only for users who have a
	  non-empty mail_replica setting.

	+ lmtp proxy: Log a line about each mail delivery.
	+ Added login_source_ips setting. This can be used to set the source IP
	  address round-robin from a pool of IPs (in case you run out of TCP
	  ports).
	+ Rawlog settings can use tcp:<host>:<port> as the path.
	+ virtual plugin: Don't keep more than virtual_max_open_mailboxes
	  (default 64) number of backend mailboxes open.
	+ SSL/TLS compression can be disabled with ssl_options=no_compression
	+ acl: Global ACL file now supports "quotes" around patterns.
	+ Added last-login plugin to set user's last-login timestamp on login.
	+ LDAP auth: Allow passdb credentials lookup also with auth_bind=yes
	- IMAP: MODSEQ was sent in FETCH reply even if CONDSTORE/QRESYNC wasn't
	  enabled. This broke at least old Outlooks.
	- passdb static treated missing password field the same as an empty
	  password field.
	- mdbox: Fixed potential infinite looping when scanning a broken
	  mdbox file.
	- imap-login, pop3-login: Fixed potential crashes when client
	  disconnected unexpectedly.
	- imap proxy: The connection was hanging in some usage patterns. This
	  mainly affected older Outlooks.
	- lmtp proxy: The proxy sometimes delivered empty mails in error
	  situations or potentially delivered truncated mails.
	- fts-lucene: If whitespace_chars was set, we may have ended up
	  indexing some garbage words, growing the index size unnecessarily.
	- -c and -i parameters for dovecot/doveadm commands were ignored if
	  the config socket was readable.
	- quota: Quota recalculation didn't include INBOX in some setups.
	- Mail headers were sometimes added to dovecot.index.cache in wrong
	  order. The main problem this caused was with dsync+imapc incremental
	  syncing when the second sync thought the local mailbox had changed.
	- doveadm backup didn't notice if emails were missing from the middle
	  of the destination mailbox. Now it deletes and resyncs the mailbox.

 

17:13 olgeni 

Bump PORTREVISION after mail/dovecot2 upgrade.

PR:		190181
Submitted by:	Larry Rosenman

 

20:55 olgeni 

Cleanup:

- Add LICENSE (GPLv2)
- Replace DISTFILES with DISTNAME
- Use tar:bzip2
- Use ${STRIP_CMD}

 

13:30 ohauer 

- bump PORTREVISION as reqested in the dovcot2 Makefile
- strip

 

15:07 pawel 

- Update mail/dovecot2 to version 2.2.10
- Bump affected plugin ports

PR:		ports/185904
Submitted by:	maintainer

 

11:44 olgeni 

Chase dovecot2 rename in RUN_ and BUILD_DEPENDS.

 

19:03 danilo 

- Update from 2.2.6 to 2.2.9
- And, following the instructions in Makefile, bump PORTREVISION of
mail/dovecot2-antispam-plugin and mail/dovecot-pigeonhole

PR:		ports/184273
Submitted by:	Attila Nagy <bra@fsn.hu> (maintainer)

 

15:03 olgeni 

- Switch to USES=gmake.
- Add staging support.

 

23:23 wg 

mail/dovecot2: update to 2.2.6

- Update to 2.2.6 [1]
- Convert lib depends to new format
- Allow staging
- Bump antispam plugin (pigenhole update comming next)

PR:		ports/182543 [1]
Submitted by:	Attila Nagy <bra fsn.hu> (maintainer) [1]

 

19:59 bapt 

Add NO_STAGE all over the place in preparation for the staging support (cat:
mail)

 

11:56 wg 

mail/dovecot2: update to 2.2.5

- Update to 2.2.5 [1]
- Bump antispam plugin (pigeonhole update comming soon)
- Fix SSL pkg-plist
- Fix MAN1 list

Changes: http://www.dovecot.org/doc/NEWS-2.2

PR:		ports/181081 [1]
Submitted by:	Attila Nagy <bra fsn.hu> (maintainer)

 

12:36 wg 

mail/dovecot2: update to 2.2.4

- Update to 2.2.4 [1]
- Bump plugins PORTREVISION
- Add LICENSE (LGPL21 MIT)

PR:		ports/179953
Submitted by:	Attila Nagy <bra@fsn.hu> [1] (maintainer)

 

09:39 olgeni 

- Take maintainership from ports@
- Upgrade to snapshot of 2013-04-29 (5ebc6aae4d7c)
- Unbreak after dovecot upgrade to 2.2

 

17:39 delphij 

Update mail/dovecot2 to 2.1.16 and mail/dovecot2-pigeonhole to 0.34.

PR:		ports/178428
Approved by:	maintainer

 

07:46 miwi 

- Update to 2.1.15
- Bump Portrevision for dovecot plugins
PR:		176102
Submitted by:	maintainer

 

17:39 rm 

- chase dovecot2 update [1]
- remove indefinite article from COMMENT
- move pkg-plist contents into Makefile
- whitespace fixes in pkg-descr

Reported by:	jase [1]
Feature safe:	yes

 

22:52 jase 

- Bump PORTREVISION to chase mail/dovecot2 update

Approved by:	flo, culot (mentors, implicit)

 

17:17 tabthorpe 

- Reassign to the heap at maintainer's request

 

08:56 jase 

- Remove typo USE_CONFIGURE. [1] (HAS_CONFIGURE is implied by the use of
  USE_AUTOTOOLS, by way of GNU_CONFIGURE.)

Spotted by:	Alex Kozlov (via email) [1]
Approved by:	Denis Shaposhnikov (maintainer), flo (mentor)

12:08 jase 

- Bump PORTREVISION after mail/dovecot2 update to 2.1.8

Requested by:   Andrzej Tobola (via email)
Approved by:    flo (mentor)

17:25 miwi 

- Bump PORTREVISION to make sure it will work after mail/dovecot2 update

Requested by:   bapt via irc
Feature safe:   yes

18:31 scheidell 

- Patched txt2man because of an overly,unnessessary agressive test
- without patch build would hang

PR:             161951
Submitted by:   janm@transactionware.com
Approved by:    maintainer (timeout), gabor (mentor)
Feature safe:   yes

05:52 miwi 

The dovecot antispam plugin is aimed to help in spam systems training.
Consider the following scenario. Your mailbox is flooded with tons of
mail.  They are delivered to the configured folders based on the
arbitrary spam system judgement. This judgement is not always correct
or not always what you would like it to be, however. This is where
this plugin comes into play.

All you have to do is move the mail into the correct folder. All the
rest in order to let the spam system know it made an error will be
done automatically by this plugin.

It watches for when you move the mail to some folder and acts
accordingly.  The advantage of this approach is that the mail ends up
in the right target folder directly and needs not be touched twice.

WWW: http://hg.dovecot.org/dovecot-antispam-plugin/

PR:             ports/154063
Submitted by:   Denis Shaposhnikov <dsh at bamus.cz>