1v0.5.17 2021-10-28 Aki Tuomi <aki.tuomi@open-xchange.com> 2 3 - duplicate: The Sieve duplicate test is prone to false negatives when 4 the user receives many e-mails concurrently, meaning that duplicate 5 deliveries can still occur. 6 - fileinto: v2.3.16 regression: Sieve delivery crashes if mail is 7 delivered to non-existing and existing folder. 8 - imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve 9 execution are too easily exceeded in IMAP context (the IMAPSieve and 10 FILTER=SIEVE capabilities). Changed the default to unlimited CPU time 11 for IMAP context, since similar excessive resource usage can be caused 12 by other means as well. The CPU limits on Sieve scripts executed at 13 LDA/LMTP delivery are still enforced by default. 14 - redirect: The Sieve redirect action has protections against users 15 triggering mail loops. Unfortunately, the detection of a redirect mail 16 loop sometimes causes the message to get lost if no other Sieve action 17 is applied that delivers the message somewhere else. 18 - redirect: v2.3.16 regression: With certain Sieve scripts if redirect 19 fails due to temporary failure, the lmtp process may crash after the 20 delivery. Fixes: 21 Panic: file mail-user.c: line 229 (mail_user_deinit): 22 assertion failed: ((*user)->refcount == 1). 23 24v0.5.16 2021-08-06 Timo Sirainen <timo.sirainen@open-xchange.com> 25 26 * .dovecot.sieve.log file now includes year in the header. 27 * Change Sieve script result execution to delay definitive action 28 execution to the end of a successful Sieve script execution session. 29 This is part of an effort to solve problems with the Sieve duplicate 30 test. As a side-effect, some rare temporary-error cases yield 31 different results, in which partial failure is more likely. 32 33v0.5.15 2021-06-21 Aki Tuomi <aki.tuomi@open-xchange.com> 34 35 * CVE-2020-28200: Sieve interpreter is not protected against abusive 36 scripts that claim excessive resource usage. Fixed by limiting the 37 user CPU time per single script execution and cumulatively over 38 several script runs within a configurable timeout period. Sufficiently 39 large CPU time usage is summed in the Sieve script binary and execution 40 is blocked when the sum exceeds the limit within that time. The block 41 is lifted when the script is updated after the resource usage times out. 42 * Disconnection log messages are now more standardized across services. 43 They also always now start with "Disconnected" prefix. 44 - managesieve: Commands pipelined together with and just after the 45 authenticate command cause these commands to be executed twice. 46 47v0.5.14 2021-03-04 Aki Tuomi <aki.tuomi@open-xchange.com> 48 49 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as 50 script name argument. 51 52v0.5.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com> 53 54 - duplicate: The test was handled badly in a multiscript (sieve_before, 55 sieve_after) scenario in which an earlier script in the sequence with 56 a duplicate test succeeded, while a later script caused a runtime 57 failure. In that case, the message is recorded for duplicate tracking, 58 while the message may not actually have been delivered in the end. 59 - editheader: Sieve interpreter entered infinite loop at startup when 60 the "editheader" configuration listed an invalid header name. This 61 problem can only be triggered by the administrator. 62 - relational: The Sieve relational extension can cause a segfault at 63 compile time. This is triggered by invalid script syntax. The segfault 64 happens when this match type is the last argument of the test command. 65 This situation is not possible in a valid script; positional arguments 66 are normally present after that, which would prevent the segfault. 67 - sieve: For some Sieve commands the provided mailbox name is not 68 properly checked for UTF-8 validity, which can cause assert crashes at 69 runtime when an invalid mailbox name is encountered. This can be 70 caused by the user by writing a bad Sieve script involving the 71 affected commands ("mailboxexists", "specialuse_exists"). 72 This can be triggered by the remote sender only when the user has 73 written a Sieve script that passes message content to one of the 74 affected commands. 75 - sieve: Large sequences of 8-bit octets passed to certain Sieve 76 commands that create or modify message headers that allow UTF-8 text 77 (vacation, notify and addheader) can cause the delivery or IMAP 78 process (when IMAPSieve is used) to enter a memory-consuming 79 semi-infinite loop that ends when the process exceeds its memory 80 limits. Logged in users can cause these hangs only for their own 81 processes. 82 83v0.5.11 2020-08-12 Aki Tuomi <aki.tuomi@open-xchange.com> 84 85 * managesieve: managesieve_max_line_length setting is now a "size" type 86 instead of just number of bytes. This allows using e.g. "64k" as the 87 value. 88 - lib-sieve: When folding white space is used in the Message-ID header, 89 it is not stripped away correctly before the message ID value is used, 90 causing e.g. garbled log lines at delivery. 91 92v0.5.10 2020-03-06 Aki Tuomi <aki.tuomi@open-xchange.com> 93 94 * imap_sieve_filter: Change result action logging to include IMAP UID 95 - vacation: Addresses were compared case-sensitively. 96 97v0.5.9 2019-12-04 Aki Tuomi <aki.tuomi@open-xchange.com> 98 99 + Added events for Sieve and ManageSieve, see 100 https://doc.dovecot.org/admin_manual/list_of_events/#pigeonhole 101 + Pigeonhole: Implement the Sieve "special-use" extension described in 102 RFC 8579. 103 - duplicate: Test only compared the handles which would cause 104 different values to be cached as the same duplicate test. Fix to also 105 compare the actual hashes. 106 - imap_sieve_filter: IMAP FILTER Command had various bugs in error 107 handling. Errors may have been duplicated for each email, errors 108 may have been missing entirely, command tag and ERRORS/WARNINGS 109 parameters were swapped. 110 111v0.5.8 2019-10-08 Aki Tuomi <aki.tuomi@open-xchange.com> 112 113 - Sieve may leak resources in rare cases when a redirect, vacation or 114 report action fails to send the message. This mainly applies when 115 Sieve is executed in IMAP context; i.e., for the IMAPSIEVE or 116 FILTER=SIEVE capabilities. 117 118v0.5.7.1 2019-07-23 Timo Sirainen <timo.sirainen@open-xchange.com> 119 120 - dsync: Sieve script syncing failed if mailbox attributes weren't 121 enabled. 122 123v0.5.7 2019-07-12 Aki Tuomi <aki.tuomi@open-xchange.com> 124 125 + vacation: Made the subject for the automatic response message produced 126 by the Sieve vacation action configurable. Both the default subject 127 (if the script defines none) and the subject template (e.g. used to 128 add a subject prefix) can be configured. 129 - dsync: dsync-replication does not synchronize Sieve scripts. 130 - imap_sieve_filter: Reduce FILTER=SIEVE verbosity over IMAP connection. 131 - testsuite: Pigeonhole testsuite segfaulted if it was compiled with 132 GCC 9 133 134v0.5.6 2019-04-30 Aki Tuomi <aki.tuomi@open-xchange.com> 135 136 + sieve: Redirect loop prevention is sometimes ineffective. Improve 137 existing loop detection by also recognizing the 138 X-Sieve-Redirected-From header in incoming messages and dropping 139 redirect actions when it points to the sending account. This header 140 is already added by the redirect action, so this improvement only 141 adds an additional use of this header. 142 - sieve: Prevent execution of implicit keep upon temporary failure 143 occurring at runtime. 144 145v0.5.5 2019-03-05 Stephan Bosch <stephan@rename-it.nl> 146 147 + IMAPSieve: Add new plugin/imapsieve_expunge_discarded setting which 148 causes messages discarded by an IMAPSieve script to be expunged 149 immediately, rather than only being marked as "\Deleted" (which is 150 still the default behavior). 151 - IMAPSieve: Fix panic crash occurring when a COPY command copies 152 messages from a virtual mailbox where the source messages originate 153 from more than a single real mailbox. 154 - imap4flags extension: Fix deleting all keywords. When the action 155 resulted in all keywords being removed, no changes were actually 156 applied. 157 - variables extension: Fix truncation of UTF-8 variable content. The 158 maximum size of Sieve variables was enforced by truncating the 159 variable string content bluntly at the limit, but this does not 160 consider UTF-8 code point boundaries. This resulted in broken UTF-8 161 strings. This problem also surfaced for variable modifiers, such as 162 the ":encodeurl" modifier provided by the Sieve "enotify" extension. 163 In that case, the resulting URI escaping could also be truncated 164 inappropriately. 165 - IMAPSieve, IMAP FILTER=SIEVE: Fix replacing a modified message. Sieve 166 scripts running in IMAPSIEVE or IMAP FILTER=SIEVE context that 167 modify the message, stored the message a second time, rather than 168 replacing the originally stored unmodified message. 169 - Fix segmentation fault occurring when both the sieve_extprograms 170 plugin (for the Sieve interpreter) and the imap_filter_sieve plugin 171 (for IMAP) are loaded at the same time. A symbol was defined by both 172 plugins, causing a clash when both were loaded. 173 174v0.5.4 2018-11-23 Stephan Bosch <stephan@rename-it.nl> 175 176 * Adjustments to several changes in Dovecot v2.3.4 make this Pigeonhole 177 release dependent on that Dovecot release; it will not compile against 178 older Dovecot versions. And, conversely, you need to upgrade 179 Pigeonhole when upgrading Dovecot to v2.3.4. 180 * The changes regarding the default postmaster_address in Dovecot v2.3.4 181 mainly apply to Pigeonhole. The new default should work for all 182 existing installations, thereby fixing several reported v2.3/v0.5 183 migration problems. 184 - IMAP FILTER=SIEVE capability: Fix assert crash occurring when running 185 UID FILTER on a Sieve script with errors. 186 187v0.5.3 2018-10-01 Stephan Bosch <stephan@rename-it.nl> 188 189 - Fix assertion panic occurring when managesieve service fails to open 190 INBOX while saving a Sieve script. This was caused by a lack of 191 cleanup after failure. 192 - Fix specific messages causing an assert panic with actions that 193 compose a reply (e.g. vacation). With some rather weird input from the 194 original message, the header folding algorithm (as used for composing 195 the References header for the reply) got confused, causing the panic. 196 - IMAP FILTER=SIEVE capability: Fix FILTER SIEVE SCRIPT command parsing. 197 After finishing reading the Sieve script, the command parsing 198 sometimes didn't continue with the search arguments. This is a time- 199 critical bug that likely only occurs when the Sieve script is sent in 200 the next TCP frame. 201 202v0.5.2 2018-06-29 Stephan Bosch <stephan@rename-it.nl> 203 204 + Implement plugin for the a vendor-defined IMAP capability called 205 "FILTER=SIEVE". It adds the ability to manually invoke Sieve filtering 206 in IMAP. More information can be found in 207 doc/plugins/imap_filter_sieve.txt. 208 - The Sieve addess test caused an assertion panic for invalid addresses 209 with UTF-8 codepoints in the localpart. Fixed by properly detecting 210 invalid addresses with UTF-8 codepoints in the localpart and skipping 211 these like other invalid addresses while iterating addresses for the 212 address test. 213 - Make the length of the subject header for the vacation response 214 configurable and enforce the limit in UTF-8 codepoints rather than 215 bytes. The subject header for a vacation response was statically 216 truncated to 256 bytes, which is too limited for multi-byte UTF-8 217 characters. 218 - Sieve editheader extension: Fix assertion panic occurring when it is 219 used to manipulate a message header with a very large header field. 220 - Properly abort execution of the sieve_discard script upon error. 221 Before, the LDA Sieve plugin attempted to execute the sieve_discard 222 script when an error occurs. This can lead to the message being lost. 223 - Fix the interaction between quota and the sieve_discard script. When 224 quota was used together with a sieve_discard script, the message 225 delivery did not bounce when the quota was exceeded. 226 227v0.5.1 28-03-2018 Stephan Bosch <stephan@rename-it.nl> 228 229 - Explicitly disallow UTF-8 in localpart in addresses parsed from Sieve 230 script. 231 - editheader extension: Corrected the stream position calculations 232 performed while making the modified message available as a stream. 233 Pigeonhole Sieve crashed in LMTP with an assertion panic when the 234 Sieve editheader extension was used before the message was redirected. 235 Experiments indicate that the problem occurred only with LMTP and that 236 LDA is not affected. 237 - fileinto extension: Fix assert panic occurring when fileinto is used 238 without being listed in the require line, while the copy extension is 239 listed there. This is a very old bug. 240 - imapsieve plugin: Do not assert crash or log an error for messages 241 that disappear concurrently while applying Sieve scripts. This event 242 is now logged as a debug message. 243 - Sieve extprograms plugin: Large output from "execute" command crashed 244 delivery. Fixed buffering issue in code that handles output from the 245 external program. 246 247v0.5.0.1 05-01-2018 Stephan Bosch <stephan@rename-it.nl> 248 249 - imap4flags extension: Fix binary corruption occurring when 250 setflag/addflag/removeflag flag-list is a variable. 251 - sieve-extprograms plugin: Fix segfault occurring when used in 252 IMAPSieve context. 253 254v0.5.0 24-12-2017 Stephan Bosch <stephan@rename-it.nl> 255 256 * editheader extension: The implementation of header modifications is 257 heavily updated. Although the functionality has not changed, the 258 underlying code was updated to address several static analysis 259 warnings, runtime integer arithmetic warnings (Clang), and to match 260 updates in the Dovecot stream API. 261 + variables extension: Made the maximum scope and variable size 262 configurable. 263 + subaddress: Support multiple recipient_delimiters. 264 - enotify extension: mailto method: Fixed parsing of mailto URI with 265 only a header part. 266 - enotify plugin: mailto method: Make sure the "From:" header is set to 267 a usable address and not "(null)". 268 - Fixed writing address headers to outgoing messages. Sometimes headers 269 were MIME-encoded twice, yielding invalid results. 270 271v0.4.23 20-03-2018 Stephan Bosch <stephan@rename-it.nl> 272 273 - editheader extension: Corrected the stream position calculations 274 performed while making the modified message available as a stream. 275 Pigeonhole Sieve crashed in LMTP with an assertion panic when the 276 Sieve editheader extension was used before the message was redirected. 277 Experiments indicate that the problem occurred only with LMTP and that 278 LDA is not affected. 279 - fileinto extension: Fix assert panic occurring when fileinto is used 280 without being listed in the require line, while the copy extension is 281 listed there. This is a very old bug. 282 - imapsieve plugin: Do not log an error for messages that disappear 283 concurrently while applying Sieve scripts. This is a further 284 improvement on the imapsieve fix in the previous release (which fixed 285 a panic). This event is now logged as a debug message. 286 287v0.4.22 01-03-2018 Stephan Bosch <stephan@rename-it.nl> 288 289 - Fixed filesystem path handling problem: sieve plugin could have 290 assert-crashed with specific path lengths with: "Panic: file 291 realpath.c: line 86 (path_normalize): assertion failed: (npath_pos + 292 1 < npath + asize)". 293 - Sieve extprograms plugin: Large output from "execute" command crashed 294 delivery. Fixed buffering issue in code that handles output from the 295 external program. 296 - editheader extension: Extensively reworked the low-level 297 implementation of adding and removing headers. This solves a few 298 integer arithmetic problems reported by Clang runtime checks, but also 299 improves code structure and reliability in general. 300 - imapsieve: Fix assert crash occurring when selected messages are 301 expunged concurrently by the time Sieve filter is to be applied. 302 - imap4flags extension: Fix binary byte-code corruption occurring when 303 the setflag, addflag, or removeflag command's flag-list is a variable. 304 - enotify extension: mailto method: Fixed parsing of mailto URI with 305 only a header part. 306 - enotify extension: mailto method: Make sure "From:" header is set to a 307 usable address and not "(null)". 308 - Fixed writing address headers to outgoing messages. It sometimes 309 erroneously applied another layer of MIME header encoding. 310 311v0.4.21 12-10-2017 Stephan Bosch <stephan@rename-it.nl> 312 313 * redirect action: Always set the X-Sieve-Redirected-From header to 314 sieve_user_email if configured. Before, it would use the envelope recipient 315 instead if available, which makes no sense if the primary e-mail address is 316 available. 317 + vacation extension: Allow ignoring the envelope sender while composing the 318 "To:" header for the reply. Normally, the "To:" header is composed from 319 the address found in the "Sender", "Resent-From" or "From" headers that is 320 equal to the envelope sender. If none is then found, the bare envelope 321 sender is used. This change adds a new setting 322 "sieve_vacation_to_header_ignore_envelope". With this setting enabled, the 323 "To:" header is always composed from those headers in the source message. 324 The new setting thus allows ignoring the envelope, which is useful e.g. 325 when SRS is used. 326 + vacation extension: Compose the "To:" header from the full sender address 327 found in the first "Sender:", "From:" or "Resent-From:" header. Before, it 328 would create a "To:" header without a phrase part. The new behavior is 329 nicer, since the reply will be addressed to the sender by name if possible. 330 - LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A 331 missing LDAP-based script could cause the script sequence to exit earlier. 332 - sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name 333 conversion. This caused problems with mailbox names containing UTF-8 334 characters. The Dovecot API was changed years ago, but apparently 335 sieve-filter was never updated. 336 337v0.4.20 27-08-2017 Stephan Bosch <stephan@rename-it.nl> 338 339 + Made the retention period for redirect duplicate identifiers configurable. 340 For accounts that perform many redirects, the lda-dupes database could grow 341 to impractical sizes. Changed the default retention period from 24 to 12 342 hours. 343 - sieve-filter: Fixed memory leak: forgot to clean up script binary at end of 344 execution. Normally, this would merely be an inconsequential memory leak. 345 However, when the script comes from an LDAP storage, this would cause io 346 leak warnings. 347 - managesieve-login: Fixed handling of AUTHENTICATE command. A second 348 authenticate command would be parsed wrong. This problem was caused by 349 changes in the previous release. 350 - LDA Sieve plugin: Fixed minor memory leak caused by not cleaning up the 351 sieve_discard script. 352 353v0.4.19 26-06-2017 Stephan Bosch <stephan@rename-it.nl> 354 355 * This release adjusts Pigeonhole to several changes in the Dovecot API, 356 making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole will 357 produce compile warnings with the recent Dovecot releases (but still work 358 ok). 359 - Fixed bug in handling of implicit keep in some cases. Implicit side-effects, 360 such as assigned flags, were not always applied correctly. This is in 361 essence a very old bug, but it was exposed by recent changes. 362 - include extension: Fixed segfault that (sometimes) occurred when the global 363 script location was left unconfigured. 364 365v0.4.18 12-04-2017 Stephan Bosch <stephan@rename-it.nl> 366 367 + imapsieve plugin: Implemented the copy_source_after rule action. When this 368 is enabled for a mailbox rule, the specified Sieve script is executed for 369 the message in the source mailbox during a "COPY" event. This happens only 370 after the Sieve script that is executed for the corresponding message in the 371 destination mailbox finishes running successfully. 372 + imapsieve plugin: Added non-standard Sieve environment items for the source 373 and destination mailbox. 374 - multiscript: The execution of the discard script had an implicit "keep", 375 rather than an implicit "discard". 376 377v0.4.17 26-02-2017 Stephan Bosch <stephan@rename-it.nl> 378 379 - LDA Sieve plugin: Fixed handling of an early explicit keep during 380 multiscript execution. Action side-effects and the message snapshot would be 381 lost at the final stage where the implicit keep is evaluated. This could 382 result in the IMAP flags assigned to the message to be forgotten or that 383 headers modified by the "editheader" extension would revert to their 384 original state. 385 - file script storage: Amended the up-to-date time stamp comparison for 386 on-disk binaries to include nanoseconds. This will fix problems occurring 387 when both binary and script are saved within the same second. This fix is 388 ineffective on older systems that have no support for nanoseconds in stat() 389 timestamps, which should be pretty rare nowadays. 390 - file script storage: Improve saving and listing permission error to include 391 more details. 392 - imapsieve plugin: Make sure "INBOX" is upper case in static mailbox rules. 393 Otherwise, the mailbox name would never match, since matching is performed 394 case-sensitively and Dovecot only returns the upper-cased "INBOX". 395 - imapsieve plugin: Fixed assert failure occurring when used with virtual 396 mailboxes. 397 - doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's 398 string value. 399 400v0.4.16 30-10-2016 Stephan Bosch <stephan@rename-it.nl> 401 402 * Part of the Sieve extprograms implementation was moved to Dovecot, which 403 means that this release depends on Dovecot v2.2.26+. 404 * ManageSieve: The PUTSCRIPT command now allows uploading empty Sieve scripts. 405 There was really no good reason to disallow doing that. 406 + Sieve vnd.dovecot.report extension: 407 + Added a Dovecot-Reporting-User field to the report body, which contains 408 the e-mail address of the user sending the report. 409 + Added support for configuring the "From:" address used in the report. 410 + LDA sieve plugin: Implemented support for a "discard script" that is run 411 when the message is going to be discarded. This allows doing something other 412 than throwing the message away for good. 413 + Sieve vnd.dovecot.environment extension: Added vnd.dovecot.config.* 414 environment items. These environment items map to sieve_env_* settings from 415 the plugin {} section in the configuration. Such values can of course also 416 be returned from userdb. 417 + Sieve vacation extension: Use the Microsoft X-Auto-Response-Suppress header 418 to prevent unwanted responses from and to (older) Microsoft products. 419 + ManageSieve: Added rawlog_dir setting to store ManageSieve traffic logs. 420 This replaces at least partially the rawlog plugin (mimics similar IMAP/POP3 421 change). 422 - doveadm sieve plugin: synchronization: Prevent setting file timestamps to 423 unix epoch time. This occurred when Dovecot passed the timestamp as 424 'unknown' during synchronization. 425 - Sieve exprograms plugin: Fixed spurious '+' sometimes returned at the end 426 of socket-based program output. 427 - imapsieve plugin: Fixed crash occurring in specific situations. 428 - Performed various fixes based on static analysis and Clang warnings. 429 430v0.4.15 07-07-2016 Stephan Bosch <stephan@rename-it.nl> 431 432 * vacation extension: The sieve_user_email setting is now used in the check 433 for implicit delivery. 434 - imapsieve plugin: For any mail transaction, the mailbox was opened a second 435 time, even if no mailbox rule matched. This was unintentional, useless and 436 caused problems when the imapsieve plugin was used with other plugins like 437 acl. 438 - extprograms plugin: Significantly improved error handling. No stream errors 439 were logged. 440 - extprograms plugin: Fixed bug in handling of result code from remote program 441 (script service). 442 - extprograms plugin: Connection to remote program service was not retried. 443 - Several small fixes based on static analysis. 444 - Fixed handling of quoted string localparts in email addresses. 445 446v0.4.14 26-04-2016 Stephan Bosch <stephan@rename-it.nl> 447 448 * The address test now allows specifying the X-Original-To header. 449 + Implemented the Sieve imapsieve extension and its IMAP counterpart 450 (RFC 6785) as a set of plugins. This allows running Sieve scripts at IMAP 451 activity, rather than at delivery. There are also facilities for the 452 familiar sieve_before/sieve_after administrator scripts. A user script is 453 defined for a mailbox using an IMAP METADATA entry, whereas administrator 454 scripts are configured using mailbox matching rules defined in the plugin 455 settings. 456 + Adjusted the Sieve ihave extension to allow capability tests to be performed 457 at runtime. This way, scripts can be written that work both at delivery and 458 from IMAP. 459 + Implemented support for runtime trace debugging. This means that detailed 460 information about which commands, actions and tests are performed is written 461 to a file. That file is created in the configured directory, but only if 462 that directory exists. This way, a particular user can be easily singled out 463 for debugging. This works much like the Dovecot rawlog facility. The trace 464 output is identical to what is produced using sieve-test with its "-t" 465 command line option. 466 + Added a "sieve_user_email" setting that configures the user's primary email 467 address. This is mainly useful to have a user email address available in 468 IMAP, where envelope data is unavailable. 469 + Implemented the dovecot-specific "vnd.dovecot.report" extension. This allows 470 sending report messages in the Message Abuse Reporting Format (RFC 5965). 471 - extprograms plugin: Fixed epoll() panic caused by closing the output FD 472 before the output stream. 473 - Made sure that the local part of a mail address is encoded properly using 474 quoted string syntax when it is not a dot-atom. 475 476v0.4.13 18-03-2016 Stephan Bosch <stephan@rename-it.nl> 477 478 * redirect action: Added the list-id header to the duplicate ID for mail loop 479 prevention. This means that the message sent directly to the user and the 480 message coming through the mailing list itself are treated as different 481 messages by the loop detection of the redirect command, even though their 482 Message-ID may be identical. 483 * Changed the Sieve number type to uint64_t, which means that Sieve numbers 484 can now technically range up to 2^64. Some other Sieve implementation 485 allowed this, making this change necessary for successful migration. 486 + Implemented the sieve_implicit_extensions setting. The extensions listed in 487 this setting do not need to be enabled explicitly using the Sieve "require" 488 command. This behavior directly violates the standard, but can be necessary 489 for compatibility with some existing implementations of Sieve. Do not use 490 this setting unless you really need to! 491 - redirect action: Made mail loop detection more robust by forcibly adding a 492 Message-ID header if it is missing. 493 - Prevent logging a useless "script not found" error message for LDAP scripts 494 for which the entry exists but no attribute containing a script. This is not 495 necessarily an error. 496 - extprograms plugin: Changed the communication channel between parent and 497 child process for a directly forked program from a socketpair to a double 498 pipe. Linux does not support /dev/stdin, /dev/stdout and friends for 499 sockets. For some shell program authors this may be confusing, so that is 500 why it is changed. When using the script service, these device nodes are 501 still not usable though. 502 503v0.4.12 06-02-2016 Stephan Bosch <stephan@rename-it.nl> 504 505 + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It is now 506 possible to extract body text from a message into a variable. 507 * Increased ABI version due to changes in the Sieve interpreter's object 508 definitions. 509 - multiscript: Fixed bug in handling of (implicit) keep; final keep action was 510 always executed as though there was a failure. This caused the keep action 511 to revert back to the initial message, causing editheader actions to be 512 ignored. 513 - managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN. 514 Before, the proxy would fail if the server did not support the PLAIN 515 mechanism. 516 - ldap storage: Prevent segfault occurring when assigning certain (global) 517 configuration options. 518 519v0.4.11 08-01-2016 Stephan Bosch <stephan@rename-it.nl> 520 521 - Sieve mime extension: Fixed the header :mime :anychild test to work properly 522 outside a foreverypart loop. 523 - Several fixes in message body part handling: 524 - Fixed assert failure occurring when text extraction is attempted on a 525 empty or broken text part. 526 - Fixed assert failure in handling of body parts that are converted to text. 527 - Fixed header unfolding for (mime) headers parsed from any mime part. 528 - Fixed trimming for (mime) headers parsed from any mime part. 529 - Fixed erroneous changes to the message part tree structure performed when 530 re-parsing the message. 531 - LDA Sieve plugin: Fixed logging of actions; sometimes the configured log 532 format was not followed. 533 - LDA Sieve plugin: Fixed bug in error handling of script storage 534 initialization. 535 - Sieve Extprograms plugin: Ignored ENOTCONN error in shutdown(fd, SHUT_WR) 536 call. 537 - Fixed duplication of discard actions in the script result. Each discard was 538 counted as a separate action, which means that action limit would be crossed 539 too early. 540 - Made sure that quota errors never get logged as errors in syslog. 541 - Fixed handling of implicit keep for a partially executed transaction that 542 yielded a temporary failure. 543 - Fixed handling of global errors. If master and user error handler were 544 identical, in some cases the log message could be lost. 545 - Fixed AIX compile issue in message body parser. 546 547v0.4.10 13-12-2015 Stephan Bosch <stephan@rename-it.nl> 548 549 + Implemented the Sieve mime and foreverypart extensions (RFC 5703). These 550 are fully implemented. The interaction with the editheader extension needs 551 some work, but this should not influence most uses; i.e., changes by the 552 editheader extension are not always visible using foreverypart/mime. 553 + Sieve body extension: Properly implemented the `:text' body transform. It 554 now extracts text for HTML message parts. 555 + Sieve enotify extension: mailto method: Implemented the 556 sieve_notify_mailto_envelope_from setting. This allows configuring the 557 source of the notification sender address for e-mail notifications. This is 558 similar to what already can be configured for redirect. 559 + Added a sieve_enabled (defaults to 'yes') setting that allows explicitly 560 disabling Sieve processing for particular users. This used to be possible by 561 setting `sieve=', but ever since the sieve_before, sieve_after and 562 sieve_default settings were added, this method was not reliable anymore. 563 - variables extension: Fixed handling of empty string by the `:length' set 564 modifier. An empty string yielded an empty string rather than "0". 565 - Fixed memory leak in the Sieve script byte code dumping facility. Extension 566 contexts were never actually freed. 567 - Fixed handling of implicit keep when the last Sieve script is a global one. 568 In that case the implicit keep action was executed in global context, which 569 could mean that trivial (quota) errors ended up in the system log file, 570 rather than the user log file. 571 - doveadm sieve plugin: Fixed crashes caused by incorrect context allocation 572 in the sieve command implementations. 573 574v0.4.9 04-10-2015 Stephan Bosch <stephan@rename-it.nl> 575 576 * Properly implemented checking of ABI version for Sieve interpreter plugins, 577 much like Dovecot itself does for plugins. This will prevent plugin ABI 578 mismatches. 579 + Implemented a vnd.dovecot.environment extension. This builds upon the 580 standard environment extension and adds a few more environment items, such 581 as username and default mailbox. It also creates a variables namespace so 582 that environment items can be accessed directly. I am still thinking about 583 more environment items that can be added. 584 + Sieve extprograms plugin: Made line endings of the input passed to the 585 external programs configurable. This can be configured separately for each 586 of the three extensions. 587 + ManageSieve: Implemented proxy XCLIENT support. This allows the proxy to 588 pass client information to the back-end. 589 - ManageSieve: Fixed an assert failure occurring when a client disconnects 590 during the GETSCRIPT command. 591 - doveadm sieve plugin: Fixed incorrect initialization of mail user. This 592 caused a few memory leaks. 593 - sieve-filter command line tool: Fixed handling of failure-related implicit 594 keep when there is an explicit default destination folder. This caused 595 message duplication. 596 - lib-sieve: Fixed bug in RFC5322 header folding. Words longer than the 597 optimal line length caused empty lines in the output, which would break the 598 resulting message header. This surfaced in References: headers with very 599 long message IDs. 600 601v0.4.8 15-05-2015 Stephan Bosch <stephan@rename-it.nl> 602 603 * LDA Sieve plugin: Dovecot changed the deliver_log_format setting to include 604 %{delivery_time}. This prompted changes in Pigeonhole that make this release 605 dependent on Dovecot v2.2.17. 606 + Implemented magic to make sieve_default script visible from ManageSieve 607 under a configurable name. This way, users can see the default rules, edit 608 them and store a private adjusted version. This could also be achieved by 609 copying the default script into the user's script storage, but updates to 610 the global sieve_default script would be ignored that way. 611 + ManageSieve: Implemented support for reporting command statistics at 612 disconnect. Statistics include the number of bytes and scripts uploaded/ 613 downloaded/checked and the number of scripts deleted/renamed. 614 - Fixed problem in address test: erroneously decoded mime-encoded words in 615 address headers. 616 - extprograms plugin: Fixed failure occurring when connecting to script 617 service without the need to read back the output from the external program. 618 - Fixed bug in script storage path normalization occurring with relative 619 symbolic links below root. 620 - Fixed and updated various parts of the documentation 621 - ManageSieve: Used "managesieve" rather than "sieve" as login service name, 622 which means that all managesieve-specific settings where ignored. 623 - Managesieve: Storage quota was not always enforced properly for scripts 624 uploaded as quoted string. Nobody uses that, but it is allowed in the 625 specification and we support it, so it should work properly. 626 627v0.4.7 19-03-2015 Stephan Bosch <stephan@rename-it.nl> 628 629 * editheader extension: Made protection against addition and deletion of 630 headers configurable separately. Also, the `Received' and `Auto-Submitted' 631 headers are no longer protected against addition by default. 632 * Turned message envelope address parse errors into warnings. 633 * The interpreter now accepts non-standard domain names, e.g. containing '_'. 634 + Implemented the Sieve index extension (RFC 5260). 635 + Implemented support for the mboxmetadata and servermetadata extensions 636 (RFC 5490). 637 + Implemented new sieve commands for the doveadm command line utility. These 638 commands are currently limited to ManageSieve operations, but the other 639 current sieve tools will be migrated to doveadm in the near future as well. 640 + Added more debug output about binary up-to-date checking. 641 + Added script metadata to binary dump output. 642 - Fixed Sieve script binary up-to-date checking by normalizing the script 643 location. 644 - The Sieve interpreter now flushes the duplicate database during start phase 645 of result execution rather than commit phase. This makes sure locks on the 646 duplicate database are released as soon as possible, preventing contention. 647 - Performed a few optimizations in the lexical scanner of the language. 648 - Fixed bug in `:matches' match-type that made a pattern without 649 wildcards match as if there were a '*' at the beginning. 650 - Fixed crash in validation of the string parameter of the comparator tag. 651 - extprograms extension: Made sure supplemental group privileges are also 652 dropped. This was a problem reported by Debian lintian. 653 - Fixed bug in handling of binary errors for action side-effects and message 654 overrides. 655 - file script storage: Restructured storage initialization to address 656 backwards compatibility issues. 657 - dict script storage: Fixed small memory allocation bug. 658 659v0.4.6 02-11-2014 Stephan Bosch <stephan@rename-it.nl> 660 661 - After make distclean the distributed tarball would fail to recompile. 662 This causes problems for some distribution builds. 663 664v0.4.5 30-10-2014 Stephan Bosch <stephan@rename-it.nl> 665 666 + Added a Pigeonhole version banner to doveconf output. This way, future 667 bug reports will also include Pigeonhole version information. 668 - Fixed handling of implicit keep. Last version erroneously reported that 669 implicit keep succeeded after an earlier failure, while it in fact had 670 failed. Particularly occurred for mailbox quota errors. 671 - Fixed segfault occurring on SunOS systems when there is no active script. 672 673v0.4.4 28-10-2014 Stephan Bosch <stephan@rename-it.nl> 674 675 * Added support for Japanese mail addresses with dots at non-standard places 676 in localpart. 677 * Changed handling of ENOSPACE into a normal temporary failure and added 678 handling of ENOQUOTA as a user error. 679 * Restructured result execution, so that all actions which involve mail 680 storage are always committed before all others. 681 + Implemented support for generic Sieve storages. Using alternative storages 682 now also possible for sieve_before/sieve_after. 683 + Implemented storage driver for retrieving Sieve scripts from LDAP. This 684 currently cannot be used with ManageSieve. 685 + Implemented sieve_redirect_envelope_from setting, which allows configuring 686 the envelope sender of redirected messages. 687 - Fixed handling of mail storage errors occurring while evaluating the input 688 message. 689 - managesieve-login: 690 - Removed bogus ALERT response code returned for AUTHENTICATE command. 691 - Fixed handling of invalid initial response argument to AUTHENTICATE 692 command. 693 - Fixed handling of stream errors in lexical scanner. 694 - Fixed handling of SMTP errors. Permanent and temporary errors were mixed up. 695 - Fixed several problems reported by CLang 3.4. 696 - duplicate extension: Fixed erroneous compile error about conflicting tags 697 when `:handle' argument was used last. 698 - relational extension: Fixed error handling of `:value' match. 699 - editheader extension: Fixed header unfolding and header iteration. 700 - mailbox extension: Fixed the `:create' tag, which erroneously subscribed an 701 existing folder. 702 - extprograms plugin: Fixed handling of error codes. 703 - doveadm-sieve plugin: Fixed several bugs. Synchronization of symbolic link 704 in the file storage should now also work properly. 705 706v0.4.3 12-05-2014 Stephan Bosch <stephan@rename-it.nl> 707 708 * Editheader extension: Made control characters allowed for editheader, except 709 NUL. Before, this would cause a runtime error. 710 + Upgraded Dovecot-specific Sieve "vnd.dovecot.duplicate" extension to match 711 the new draft "duplicate" extension. 712 - Fixed sieve_result_global_log_error to log only as i_info in administrator 713 log (syslog) if executed from multiscript context. 714 - Sieve redirect extension: Adjusted loop detection to show leniency to resent 715 messages. 716 - Sieve include extension: Fixed problem with handling of duplicate includes 717 with different parameters :once or :optional. 718 - Sieve spamtest/virustest extensions: Tests were erroneously performed 719 against the original message. When used together with extprograms filter to 720 add the spam headers, the changes were not being used by the spamtest and 721 virustest extensions. 722 - Deprecated Sieve notify extension: Fixed segfault problems in message string 723 substitution. 724 - ManageSieve: Fixed active link verification to handle redundant path slashes 725 correctly. 726 - Sieve vacation extension: 727 - Fixed interaction of sieve_vacation_dont_check_recipient with 728 sieve_vacation_send_from_recipient setting. 729 - Fixed log message for discarded response. 730 - Sieve extprograms plugin: 731 - Forgot to disable the alarm() timeouts set for script execution. 732 - Fixed fd leak and handling of output shutdown. 733 - Fixed 'Bad filedescriptor' error occurring when disconnecting script 734 client. 735 - Made sure that programs are never forked with root privileges. 736 737v0.4.2 26-09-2013 Stephan Bosch <stephan@rename-it.nl> 738 739 * Incompatible change in Sieve doveadm plugin: the root attribute for 740 Sieve scripts is changed. Make sure that you update both sides of a dsync 741 setup simultaneously when Sieve is involved, otherwise synchronization will 742 likely fail. 743 + Added support for sending Sieve vacation replies with an actual sender, 744 rather than the default <> sender. Check the updated 745 doc/extensions/vacation.txt for more information. 746 - Fixed a binary code read problem in the `set' command of the Sieve variables 747 extension. Using the set command with a modifier and an empty string value 748 would cause code corruption problems while running the script. 749 - Various fixes for doveadm-sieve plugin, mostly crashes. These include a fix 750 for the `Invalid value for default sieve attribute' problem. 751 - Various fixes for compiler and static analyzer warnings, e.g. as reported 752 by CLang and on 32 bit systems. 753 - Fixed the implementation of the new :options flag for the Sieve include 754 extension. 755 - Fixed potential segfault bug at deinitialization of the lda-sieve plugin. 756 - Fixed messed up hex output for sieve-dump tool. 757 758v0.4.1 03-06-2013 Stephan Bosch <stephan@rename-it.nl> 759 760 + Added support for handling temporary failures. These are passed back to 761 LDA/LTMP to produce an appropriate response towards the MTA. 762 - Sieve storage: Removed PATH_MAX limitation for active symlink. This caused 763 problems for GNU/Hurd. 764 - Fixed line endings in X-Sieve headers added by redirect command. 765 - ManageSieve: Fixed '[' ']' stupidity for response codes (only happened 766 before login). 767 - Fixed setting name in example-config/conf.d/20-managesieve.conf. 768 - Sieve extprograms plugin: Fixed interaction between pipe command and remote 769 script service. The output from the script service was never read, causing a 770 broken pipe error at the script service. Apparently, this was broken since 771 the I/O handling for extprograms was last revised. 772 - Fixed assertion failure due to datastack problem in message header 773 composition. 774 775v0.4.0 09-05-2013 Stephan Bosch <stephan@rename-it.nl> 776 777 + Added doveadm-sieve plugin that provides the possibility to synch Sieve 778 scripts using doveadm sync along with the user's mailboxes. 779 + Added the Sieve extprograms plugin to the main Pigeonhole package. It is 780 still a plugin, but it is now included so that a separate compile is no 781 longer necessary and distributors are likely to include it. The extprograms 782 plugin provides Sieve language extensions that allows executing 783 (administrator-controlled) external programs for message delivery, 784 message filtering and string manipulation. Refer to 785 doc/plugins/sieve_extprograms.txt for more information. 786 + Added debug message showing Pigeonhole version at initialization. Makes it 787 very clear that the plugin is properly loaded. 788 + Finished implementation of the Sieve include extension. It should now 789 fully conform to RFC 6609. The main addition is the new :optional tag which 790 makes the include command ignore missing included scripts without an error. 791 + Finished implementation of the Sieve environment extension as much as 792 possible. Environment items "location", "phase" and "domain" now also 793 return a usable value. 794 795v0.3.6 26-09-2013 Stephan Bosch <stephan@rename-it.nl> 796 797 - Fixed a binary code read problem in the `set' command of the Sieve variables 798 extension. Using the set command with a modifier and an empty string value 799 would cause code corruption problems while running the script. 800 - Various fixes for compiler and static analyzer warnings, as reported 801 by CLang. 802 - ManageSieve: Fixed '[' ']' stupidity for response codes (only happened 803 before login). 804 - Fixed setting name in example-config/conf.d/20-managesieve.conf. 805 - Fixed messed up hex output for sieve-dump tool. 806 807v0.3.5 09-05-2013 Stephan Bosch <stephan@rename-it.nl> 808 809 - Sieve editheader extension: fixed interaction with the Sieve body extension. 810 If used together, the deleteheader action could fail after a body test was 811 performed. 812 - Test suite: fixed a time zone dependency in the Sieve date extension tests. 813 814v0.3.4 06-04-2013 Stephan Bosch <stephan@rename-it.nl> 815 816 * Changed error handling to be less of a nuisance for administrators. Strictly 817 user-caused errors are only reported in user log. Some errors are logged as 818 info instead. 819 * Sieve: Changed behavior of redirect in case of a duplicate message delivery 820 or a mail loop. If a duplicate is detected the implicit keep is canceled, 821 as though the redirect was successful. This prevents getting local 822 deliveries. The original SMTP recipient is used when it is available to 823 augment the entry in the LDA duplicate database. This way, duplicates are 824 only detected when (initially) addressed to the same recipient. 825 + Sieve vnd.dovecot.duplicate extension: added new features to the duplicate 826 test, making it possible to manually compose the key value for duplicate 827 checking. This extension is in the process of being standardized 828 (https://tools.ietf.org/html/draft-bosch-sieve-duplicate-01). 829 + Sieve date extension: generate warning when invalid date part is specified. 830 - Sieve editheader extension: fixed crash occurring when addheader :last was 831 used. 832 - Sieve include extension: fixed missing error cleanup that caused a resource 833 leak. 834 - Sieve vacation extension: fixed determination of From: address for when 835 sieve_vacation_dont_check_recipient is active. 836 - Sieve tools: the -D option wasn't enabled and documented for all tools. 837 - Siev dict script storage: fixed potential segfault occurring when dict 838 initialization fails. 839 - ManageSieve: fixed bug in skipping of CRLF at end of AUTHENTICATE command. 840 - ManageSieve: fixed handling of unkown commands pre-login. 841 - Fixed compile on Mageia Linux. 842 843v0.3.3 18-09-2012 Stephan Bosch <stephan@rename-it.nl> 844 845 - Fixed compile against installed Dovecot headers. This was broken by the 846 ld.gold fix in the previous release. 847 848v0.3.2 18-09-2012 Stephan Bosch <stephan@rename-it.nl> 849 850 + sieve-refilter tool: improved man page documentation by explicitly 851 specifying the syntax used for mailbox arguments. 852 + Sieve: spamtest and virustest extensions: improved trace debugging of score 853 calculation. 854 + Sieve: made error messages about exceeding the maximum number of actions 855 more verbose. 856 - Sieve tools: fixed problems with running as root: sievec and sieve-dump now 857 ignore mail_uid and mail_gid settings when run as root. 858 - Sieve: fixed bug in action accounting (for limit checking): increase action 859 instance count only when an action is actually created. 860 - Sieve: include extension: fixed namespace separation of :global and 861 :personal scripts. 862 - ManageSieve: fixed segfault bug triggered by CHECKSCRIPT command. 863 - Fixed linking with ld.gold. 864 - Fixed several Clang compile warnings and a few potential bugs. 865 866v0.3.1 25-05-2012 Stephan Bosch <stephan@rename-it.nl> 867 868 * Added support for retrieving Sieve scripts from dict lookup. This means that 869 Sieve scripts can now be downloaded from a database. Compiled script 870 binaries are still put on disk somewhere if used. The INSTALL documentation 871 is updated with information on this new feature and the 872 (backwards-compatible) changes to the configuration. Note that his feature 873 is currently not supported for sieve_before/sieve_after or script management 874 through ManageSieve. 875 + Incorporated the sieve_duplicate plugin into main Pigeonhole tree as a 876 normal extension (vnd.dovecot.duplicate). This Dovecot-specific extension 877 adds the ability to check for duplicate deliveries based on message ID. 878 Specification can be found in: doc/rfc/spec-bosch-sieve-duplicate.txt 879 + Added support for specifying multiple sieve_before and sieve_after paths. 880 This adds much more flexibility to the multiscript configuration. One 881 application is to have user-specific Sieve scripts outside the user's 882 normal control through ManageSieve. 883 + Added a "session ID" string for managesieve connections, available in 884 %{session} variable (analogous to Dovecot change). 885 - Fixed several small issues, including a few potential segfault bugs, based 886 on static source code analysis. 887 - ManageSieve: changed use of EPROTO error to EIO in ManageSieve string stream 888 implementation because it is apparently not known in BSD. 889 - Gave stamp.h.in (needed for autotools) some content to prevent it from 890 disappearing in patch files. 891 - Fixed bug that caused a SunStudio CC compile failure (reported by Piotr 892 Tarnowski). 893 894v0.3.0 16-02-2012 Stephan Bosch <stephan@rename-it.nl> 895 896 * Renamed sieve_global_path setting to sieve_default for clarity. Old name is 897 still recognized for backwards compatibility. Support for the ancient (pre 898 v1.1) name for this setting "global_script_path" is now dropped. 899 * Added means to prohibit use of redirect action. Setting sieve_max_redirects 900 to 0 now means that redirect is disallowed instead of unlimited. Default 901 value remains four. 902 * Fixed interaction of Sieve include extension with ManageSieve. It is updated 903 to match new requirements in the draft include specification. Missing 904 included scripts are no longer an error at upload time. 905 * Updated RFC2822 header field body verification to exclude non-printing 906 characters (RFC5322). Only Sieve actions that can create unstructured header 907 values (currently enotify/mailto and editheader) are affected by this 908 change. 909 + Completed sieve-filter tool to a useful state. The sieve-filter tool 910 provides a means to (re)filter messages in a mailbox through a Sieve script. 911 + Implemented the Sieve editheader extension. It is now possible to add and 912 remove message headers from within Sieve. 913 + ManageSieve: added support for reading quoted and literal strings as a 914 stream. Fixes support for handing large SASL responses (analogous to similar 915 changes in Dovecot). It is now also allowed to use a quoted string for the 916 PUTSCRIPT script argument. 917 + Added code to cleanup tmp directory in Sieve storage directory (sieve_dir) 918 every once in a while. 919 + Added support for substituting the entire message during Sieve processing. 920 This is used for the filter action provided by the new sieve_extprograms 921 plugin (provided separately for now). The filter action allows passing the 922 message through an external program. 923 + Added support for restricting certain Sieve language extensions to 924 (admin-controled) global scripts. Restricted extensions can be configured 925 using the new sieve_global_extensions setting. This is particularly useful 926 for some of the Dovecot-specific (plugin-based) Sieve extensions, that can 927 be somewhat hazardous when under direct control of users (e.g. 928 sieve_extprograms). 929 930v0.2.6 13-02-2012 Stephan Bosch <stephan@rename-it.nl> 931 932 * This release fixes unintentional behavior of the include extension. Included 933 scriptnames with a name like "name.sieve" would implicitly map to a script 934 file called "name.sieve" and not "name.sieve.sieve". Keep in mind that the 935 .sieve file extension has no meaning from within the Sieve language. A Sieve 936 script is always stored with an appended .sieve file extension, also when 937 the name already ends with a .sieve suffix. 938 IMPORTANT: Some installations have relied on this unintentional feature, so 939 check your script includes for issues before upgrading. 940 * Matched changes regarding auth_verbose setting in Dovecot. This means that 941 this release will only compile against Dovecot v2.0.18. 942 - Fixed problem in ManageSieve that caused it to omit a WARNINGS response code 943 when the uploaded script compiled with warnings. 944 - Made sure that locations of Sieve error never report `line 0'. 945 - Fixed potential segfault occurring when interpreter initialization fails. 946 947v0.2.5 19-11-2011 Stephan Bosch <stephan@rename-it.nl> 948 949 + Sieve vacation extension: made discard message for implicit delivery more 950 verbose 951 - The sieve-test tool: mixed up original and final envelope recipient in 952 implementation of command line arguments. 953 - Sieve vacation extension: resolved FIXME regarding the use of variables in 954 the :handle argument. Variables are now handled correctly. 955 - Sieve body extension: fixed handling of :content "message/rfc822". This now 956 yields the headers of the embedded message as required by the specification. 957 Handling of :content "multipart" remains to be fixed. 958 - LDA Sieve plugin: fixed problem with recipient_delimiter configuration. Now 959 falls back to global recipient_delimiter setting if 960 plugin/recipient_delimiter is not set. 961 962v0.2.4 13-09-2011 Stephan Bosch <stephan@rename-it.nl> 963 964 + Vacation extension: finally added support for using the original recipient 965 in vacation address check. It is also possible to disable the recipient 966 address check entirely. Check doc/vacation.txt for configuration 967 information. 968 + Include extension: made limits on the include depth and the total number of 969 included scripts configurable. Check doc/include.txt for configuration 970 information. 971 + Implemented ihave extension. This allows checking for the availability 972 of Sieve language extensions at 'runtime'. Actually, this is checked 973 at compile time. At runtime the interpreter checks whether extensions 974 that were not previously available are still unavailable. If the situation 975 changed, the script is re-compiled and the ihave tests are evaluated again. 976 + Sieve: optimized compilation of tests that yield constant results (i.e. 977 known at compile tme), such as 'true' and 'false'. No code is produced 978 anymore for script sections that are never executed. Also, semantics 979 are not verified anymore in uncompiled script sections. 980 + Made vnd.dovecot.debug extension available to the LDA plugin instead of 981 only the command line tools. 982 + Sieve: redirect action now adds X-Sieve-Redirected-From header (mainly for 983 people using SPF/SRS). 984 - Sieve: fixed bug in handling flags and keywords; in case of error an 985 assertion was triggered. 986 - Script storage: improved handling of unconfigured user home directory. 987 Originally this would produce an unhelpful error message. 988 - Imap4flags extension: prevent forcibly enabling imap4flags when imapflags 989 is enabled. 990 - Fixed various -Wunused-but-set-variable compiler warnings. 991 - Include extension: forgot to check variable identifier syntax for 'global' 992 command. 993 - Sieve: fixed debug mode; no messages were logged in some situations. 994 - sievec tool: forgot to enable -D (debug) parameter. 995 996v0.2.3 14-04-2011 Stephan Bosch <stephan@rename-it.nl> 997 998 * Sieve filter tool: finished implementing basic functionality. It is not 999 quite ready yet, but it is available for those willing to experiment 1000 with it (needs --with-unfinished-features config to compile). Also 1001 includes man page. 1002 + Vacation extension now inhibits replies to messages from sender listed 1003 in :addresses, thus preventing replies to one of the user's other known 1004 addresses. 1005 + Vacation extension: implemented the (draft) vacation-seconds extension. 1006 This also adds min/max period configuration settings. Refer to 1007 doc/vacation.txt for configuration information. 1008 - ManageSieve: fixed bug in UTF-8 checking of string values. This is done 1009 by discarding the original implementation and migrating to the Dovecot 1010 API's UTF-8 functionality. 1011 - Sieve command line tools now avoid initializing the mail store unless 1012 necessary. This prevents sievec and sieve-dump from failing when 1013 executed by root for example. 1014 - Enotify extension: fixed inappropriate return type in mailto URI parse 1015 function, also fixing ARM compiler warning. 1016 - Vacation extension: fixed handling of sendmail errors. It produced an 1017 additional confusing success message in case of error. 1018 - Removed header MIME-decoding to fix erroneous address parsing. Applies to 1019 address test and vacation command. 1020 - Fixed segfault bug in extension configuration, triggered when unknown 1021 extension is mentioned in sieve_extensions setting. 1022 1023v0.2.2 06-12-2010 Stephan Bosch <stephan@rename-it.nl> 1024 1025 * LDA Sieve plugin: started using Dovecot LDA reject API for the reject 1026 extension. This means that the LDA reject_reason and reject_subject 1027 settings now also work for Pigeonhole's LDA Sieve plugin. 1028 * Did some work on the new sieve-filter tool. It is mostly functional, but 1029 it is not finished yet. 1030 * Dovecot change: services' default vsz_limits weren't being enforced 1031 correctly in earlier v2.0 releases. Now that they are enforced, you might 1032 notice that the default limits are too low and you need to increase them. 1033 This problem will show up in logs as "out of memory" errors. See 1034 default_vsz_limit and service { vsz_limit } settings. 1035 - Imap4flags: fixed segfault bug occurring in multiscript context. 1036 - Added version checking to the ManageSieve settings plugin. This plugin was 1037 forgotten when the LDA plugin was updated with this change in the previous 1038 release. 1039 - LDA Sieve plugin: fixed memory leak at deinitialization. 1040 1041v0.2.1 27-09-2010 Stephan Bosch <stephan@rename-it.nl> 1042 1043 + Incorporated distinction between original and final envelope recipient in 1044 Sieve interpreter, as recently introduced in Dovecot. 1045 + Regex extension: added support for regex keys composed from variables. 1046 - LDA Sieve plugin: added _version symbol to enable Dovecot's plugin version 1047 check. Without this check, people can forget to recompile the plugin, which 1048 can lead to unexpected effects. 1049 - LDA Sieve plugin: turned debug message about an unconfigured home directory 1050 into a proper error and added script path information. 1051 - Fixed unnecessary reporting of dummy extensions in ManageSieve SIEVE 1052 capability; the comparator-i;octet and comparator-i;ascii-numeric 1053 'extensions' were reported explicitly. 1054 1055v0.2.0 10-09-2010 Stephan Bosch <stephan@rename-it.nl> 1056 1057 * Merged Sieve and ManageSieve packages into a single Pigeonhole package. 1058 There is also no need to patch Dovecot anymore to gain ManageSieve support. 1059 Version numbering of previous Sieve releases is continued as v0.2.0. The 1060 sources originally branched off from Sieve v0.1.5 and ManageSieve v0.11.4, 1061 but the NEWS history of much more recent releases for Dovecot v1.2 is 1062 included since these changes are all included in this release as well. 1063 * The ManageSieve service now binds to TCP port 4190 by default due to the 1064 IANA port assignment for the ManageSieve service. When upgrading from v1.2, 1065 this should be taken into account. The service can be configured manually to 1066 listen on both 2000 and 4190. 1067 * The Dovecot configuration now calls the ManageSieve protocol 'sieve' in 1068 stead of 'managesieve' because it is registered as such with IANA. The 1069 binaries and the services are still called managesieve and 1070 managesieve-login. 1071 * The binary representation of a compiled Sieve script is updated to include 1072 source code locations of all commands and arguments. This is implemented in 1073 a similar manner as such debug information is included in some system 1074 executables and libraries (DWARF-like). Run-time errors can now always refer 1075 to the proper line number in the Sieve source script. 1076 * The Sieve plugin is adapted to work properly with the new LMTP service 1077 introduced with Dovecot v2.0. The same plugin is used for both LDA and LMTP. 1078 * The 'sieve_subaddress_sep' setting for the Sieve subaddress extension is now 1079 known as 'recipient_delimiter'. Although the deprecated sieve_subaddress_sep 1080 setting is still recognized for backwards compatibility, it is recommended 1081 to update the setting to the new name, since the new LMTP service also uses 1082 the recipient_delimiter setting. 1083 * ManageSieve: changed default IMPLEMENTATION capability to from 'Dovecot' to 1084 'Dovecot Pigeonhole'. 1085 * Renamed the sieved tool to sieve-dump. The original name was somewhat 1086 confusing. 1087 * Updated man pages to match style and structure of new Dovecot man pages. 1088 * Made testsuite commands more uniform and cleaned up many of the testsuite 1089 scripts. Some minor new tests were added in the process. 1090 + Simplified string matching API to use abstract string lists as data sources. 1091 This will also make implementing the index extension easier in the future. 1092 + Significantly improved trace debugging with the sieve-test tool. The full 1093 execution of the script can be examined, including the matched values and 1094 keys of the respective Sieve test commands. The executed statements are 1095 listed with their line number (and code address when requested). The level 1096 of detail is configurable from the command line. 1097 + The SIEVE and NOTIFY capabilities reported by the ManageSieve protocol can 1098 now be configured manually. If left unconfigured, the capabilities are 1099 determined from the default Sieve and ManageSieve configuration. 1100 User-specific capabilities aren't reported until after authentication. 1101 + Significantly improved file error handling. This means that administrators 1102 get a more useful and informative log message when file operations fail. The 1103 most notable example is that when the LDA Sieve plugin is trying to store a 1104 binary for a global script, the resulting failure message also points the 1105 administrator towards pre-compiling the script with sievec. 1106 + Added runtime argument value checking for several commands (redirect, date 1107 vacation). When variables are used, these checks cannot be performed at 1108 compiletime. A proper runtime error now is produced when invalid data is 1109 encountered. 1110 + UTF8 validity of fileinto command argument is now checked either at compile 1111 time or at runtime. Previously, it was not checked until the store action 1112 was executed. 1113 + Validity of IMAP flags for the imap4flags extension is now checked also 1114 at runtime. Previously, it was not checked until the store action was 1115 executed. 1116 + Simplified and restructured error handling. Also made sure that user-caused 1117 errors are no longer written to the Dovecot master/LDA log. 1118 - Multiscript: fixed duplicate implicit keep caused by erroneous execution 1119 state update. 1120 - Prevented assertion failure due to currupt binary string representation. 1121 If the string was missing a final \0 character an assertion was produced in 1122 stead of a binary corruption error. 1123 - Imap4flags: fixed bug in setflag command; when parameter was a stringlist, 1124 only the last item was actually set. 1125 - Variables extension: fixed :length set modifier to recognize utf8 characters 1126 instead of octets. 1127 - Testsuite: prevented innocent warning messages, i.e. those that are part of 1128 the test, from showing up by default. 1129 - ManageSieve/Sieve storage: fixed error handling of PUTSCRIPT commmand; save 1130 commit errors would not make the command fail. 1131 - ManageSieve: enforced protocol syntax better with some of the commands; some 1132 commands allowed spurious extra arguments. 1133 - Fixed Sieve script name checking to properly handle length limit and added 1134 0x00ff as invalid character. 1135 - Removed spurious old stdio.h (top) includes; these caused compile issues on 1136 specific systems. 1137 - Fixed default Sieve capability (as reported by ManageSieve): extra 1138 extensions spamtest, spamtestplus and virustest were enabled by default. 1139 These should, however, only be enabled when properly configured and there 1140 is no default configuration. 1141 1142(Fused Dovecot Sieve and ManageSieve packages into a single Pigeonhole release) 1143 1144Dovecot Sieve NEWS history: 1145--------------------------- 1146 1147Dovecot 1.2: 1148 1149v0.1.17 19-06-2010 Stephan Bosch <stephan@rename-it.nl> 1150 1151 - Made sure source code positions for compiler messages are recorded at start 1152 of tokens. 1153 - Fixed a few potential memory leaks in the Sieve compiler and the 1154 spam/virustest extensions. 1155 - Made command line tools return proper exit status upon failure. 1156 1157v0.1.16 30-04-2010 Stephan Bosch <stephan@rename-it.nl> 1158 1159 * Finished implementation of spamtest, spamtestplus and virustest extensions. 1160 These are not enabled by default and need to be activated with the 1161 sieve_extensions setting. Documentation available in 1162 doc/spamtest-virustest.txt 1163 + Vacation extension: the from address of the generated reply is now by 1164 default equal to whatever known recipient alias matched the headers of the 1165 message. If it is one of the aliases specified with :addresses, it is used 1166 instead of the envelope recipient address that was used before. 1167 + Restructured and optimized the lexical scanner. 1168 + Added --with-docs configure option to allow disabling installation of 1169 documentation. 1170 - Accidentally omitted 'extern' in two declarations of global variables in 1171 header files, causing compile failures on certain systems. 1172 - Deprecated imapflags extension: fixed implicit assignment of flags. Turns 1173 out this never really worked, but the effect of this bug was obscured by the 1174 removeflag bug fixed in the previous release. 1175 - Fixed various memset argument mixups in enotify extension. This caused 1176 warnings on certain systems, but luckily no adverse effects at runtime. 1177 1178v0.1.15 25-01-2010 Stephan Bosch <stephan@rename-it.nl> 1179 1180 * Enotify extension: 1181 - Adjusted notify method API for addition of new notification methods. 1182 - Set default importance level to 'normal' (was 'high'). 1183 * Include extension: updated implementation towards most recent specification 1184 (all should be backwards compatible): 1185 - Implemented global variables namespace. 1186 - Global command may now appear anywhere in a script. 1187 - Implemented script name checking using the requirements specified in the 1188 ManageSieve draft. 1189 - One issue remains: ManageSieve currently requires included scripts to be 1190 uploaded first, which is not according to specification. 1191 * Changed envelope path parser to allow to and from envelope addresses that 1192 have no domain part. 1193 + Added preliminary support for Sieve plugins and added support for installing 1194 Sieve development headers. 1195 + Started work on the implementation of the spamtest, spamtestplus and 1196 virustest extensions (unfinished). 1197 + Deprecated notify extension: implemented denotify command. 1198 + Variables extension: added support for variable namespaces. 1199 + Added configurable script size limit. Compiler will refuse to compile files 1200 larger than sieve_max_script_size. 1201 + Testsuite changes: 1202 - Added support for changing and testing an extension's configuration. 1203 - Added a command line parameter for copying errors to stderr. 1204 - Fixed a bug in the i;ascii-numeric comparator. If one of the strings started 1205 with a non-digit character, the comparator would always yield less-than. 1206 - Imap4flags extension: fixed bug in removeflag: removing a single flag failed 1207 due to off-by-one error (bug report by Julian Cowley). 1208 - Improved EACCES error messages for stat() and lstat() syscalls and slightly 1209 improved error messages that may uccur when saving a binary. 1210 - Vacation extension: fixed typo in runtime log message (patch by Julian 1211 Cowley). 1212 - Fixed use of minus '-' in man pages; it is now properly escaped. 1213 - Fixed parser recovery. In particular cases it would trigger spurious errors 1214 after an initial valid error and sometimes additional errors were 1215 inappropriately ignored. 1216 1217v0.1.14 19-12-2009 Stephan Bosch <stephan@rename-it.nl> 1218 1219 * Made the imposed limits on the number of redirects and the number of 1220 actions configurable. The settings are called sieve_max_actions and 1221 sieve_max_redirects. 1222 * Did a major rework of extension handling, making sure that no global state 1223 is maintained. This change was triggered by problems that global state info 1224 would cause for Dovecot v2.0, but it is also important for v1.2 as it 1225 significantly cleans up the library implementation. 1226 + Made LDA Sieve plugin recognize the deliver_log_format setting. 1227 + Message headers produced from user-supplied data are now RFC2047-encoded if 1228 necessary for outgoing messages. This is for example important for the 1229 :subject argument of the vacation action. 1230 + Added support for the $text$ substitution in the deprecated notify 1231 extension. 1232 + The subaddress extension now also accepts recipient_delimiter setting as an 1233 alias for sieve_subaddress_sep setting. This anticipates the 1234 recipient_delimiter setting in v2.0. 1235 - Fixed logging of mailbox names. It logged the converted mUTF7 version in 1236 stead of the original UTF8 version supplied by the user. 1237 - Fixed a minor memory leak in the multiscript support. 1238 - Fixed a bug in the recompilation of Sieve scripts. Made sure that scripts 1239 are only recompiled when the script file - or the symlink pointing to it - 1240 is strictly newer. 1241 1242v0.1.13 18-10-2009 Stephan Bosch <stephan@rename-it.nl> 1243 1244 + Body extension: implemented proper handling of the :raw transform and added 1245 various new tests to the test suite. However, :content "multipart" and 1246 :content "message/rfc822" are still not working. 1247 + Fixed race condition occurring when multiple instances are saving the same 1248 binary (patch by Timo Sirainen). 1249 + Test suite: added support for testing multiscript execution. 1250 - Made compiler more lenient towars missing CRLF at the end of the script in a 1251 hash comment. 1252 - Body extension: don't give SKIP_BODY_BLOCK flag to message parser, we want 1253 the body! (patch by Timo Sirainen). 1254 - Fixed handling of implicit side effects for multiscript execution. 1255 - Fixed bugs in multiscript support; subsequent keep actions were not always 1256 merged correctly and implicit side effects were not always handled 1257 correctly. 1258 - Fixed a segfault bug in the sieve-test tool occurring when compile fails. 1259 - Fixed segfault bug in action procesing. It was triggered while merging side 1260 effects in duplicate actions. 1261 - Fixed bug in the Sieve plugin that caused it to try to stat() a NULL path, 1262 yielding a 'Bad address' error. 1263 1264v0.1.12 21-08-2009 Stephan Bosch <stephan@rename-it.nl> 1265 1266 + Testsuite: added support for testing binaries stored on disk. 1267 + Implemented the new date extension. This allows matching against date values 1268 in header fields and the current date at the time of script evaluation. 1269 1270v0.1.11 08-08-2009 Stephan Bosch <stephan@rename-it.nl> 1271 1272 + Built skeleton implementation for the date extension (RFC 5260). It 1273 compiles, but it does not do anything useful yet. Therefore, it is not part 1274 of the default compilation. 1275 - Fixed ARM portability issues caused by char type not being signed on that 1276 platform. Reading optional operands from a binary would fail for action side 1277 effects. Also, an accidental mixup of an int return type with bool caused 1278 the interpreter to continue on ARM even though an error occured. 1279 - Removed direct stdint.h includes to prevent portability issues. 1280 - Fixed segfault bug in the handling of script open failures. 1281 - Include: improved user error messages and system log messages. 1282 - Fixed copy-paste mixup between sieve_after and sieve_before settings in the 1283 LDA Sieve plugin. If only a sieve_after script was active, nothing would 1284 have been executed. Patch by Mike Abbott. 1285 - Include: fixed a bug in HOME substitution in the sieve_dir path. Surfaced in 1286 ManageSieve. 1287 1288v0.1.10 03-08-2009 Stephan Bosch <stephan@rename-it.nl> 1289 1290 * Changed action execution of fileinto and keep. These changes depend on API 1291 additions in Dovecot, making this release depend on Dovecot v1.2.2 or newer. 1292 * Further developed the sieve-filter command line tool. This required a few 1293 changes to the action execution of the Sieve engine. The tool was 1294 successfully tested on folders with a few 100k spam messages. However, the 1295 commandline options are still incomplete, a man page is missing and it needs 1296 much more testing before I can recommend anyone to use this tool. 1297 + Added support for the mailbox extension. This allows checking whether a 1298 mailbox exists using the mailboxexists command and it adds the :create 1299 argument to the fileinto command to create the mailbox when it is missing. 1300 The :create feature is useless unless the Deliver LDA is run with the -n 1301 option. 1302 + Improved the testsuite with tests for message delivery. Messages stored 1303 using keep and fileinto can be fed back into the Sieve engine for 1304 verification. This includes testing of applied IMAP flags. 1305 + Updated the man pages with the new method of specifying the supported 1306 extensions using + and - (for the -x parameter of the sieve tools) 1307 + Further developed the deprecated notify extension. A dummy for the denotify 1308 command exists, meaning that its use does not cause an error anymore. 1309 - Fixed a bug in the derivation of the binary path from the script path. A 1310 bare filename would yield a path relative to root. 1311 - Fixed a bug in the value matching code. The context data now uses a proper 1312 pool instead of the data stack. Bug reported by Jan Sechser. 1313 - Fixed assertion fail in the include extension caused by missing 1314 initialization upon binary load. This bug surfaces only for stored 1315 binaries. Bug reported by Tom Hendrikx. 1316 - Fixed include error message for failed :global include. It mentioned the 1317 wrong config parameter. 1318 - Fixed broken wiki reference in an error message of the plugin about the 1319 'sieve' setting. 1320 - Fixed behavior of fileinto when delivering into a namespace prefix. 1321 Previous fix used the wrong storage. 1322 1323v0.1.9 22-07-2009 Stephan Bosch <stephan@rename-it.nl> 1324 1325 * Removed the unfinished sieve-filter tool from the default build. It is now 1326 only built when the --with-unfinished-features switch is supplied during 1327 configure. 1328 + Started building support for the ereject version of the reject action, 1329 which has a preference to use an SMTP/LMTP protocol error instead of a 1330 bounce message. This is to be used to make the Sieve plugin honour Deliver's 1331 -e parameter. This is not yet finished and not built by default. 1332 + Improved 'Permission denied' error messages just like Dovecot does, 1333 precisely specifying what permission is missing to access or create a file. 1334 + Added additional headers to the list of allowed headers for the address 1335 test. The restrictive nature of the address test is not always appropriate. 1336 Still thinking of a better, less restrictive implementation. 1337 + Made the deprecated notify extension compatible with the old CMUSieve 1338 plugin. However, the denotify command and the $text$ substitution are not 1339 yet supported. 1340 + Made the discard action log a message to avoid confusion about disappearing 1341 messages. 1342 - Fixed behavior of fileinto when delivering into a namespace prefix. It now 1343 uses silent delivery into INBOX as fallback. 1344 - Fixed logging of folder namespace prefix upon delivery into a prefixed 1345 namespace. Formerly it only logged the bare folder name. 1346 - Fixed a potential segfault in the argument validation. It didn't surface 1347 because no command could have a :tag followed by an associated parameter as 1348 last argument. 1349 - Fixed segfault bug occurring in envelope test when performed on null (<>) 1350 envelope path. The fix involves a rather large restructuring of the code to 1351 make sure envelope addresses are properly handled everywhere (bug reported 1352 by Nikita Koshikov) 1353 - Envelope: fixed bug in application of address parts; failure to obtain 1354 the part would cause inappropriate match success (bug reported by Ron Lee) 1355 - Fixed extension conflict checks during validation. It could sometimes 1356 produce useless errormessages. This is currently only used by the 1357 deprecated extensions. 1358 - Forgot to remove old explicit storage library dependency (patch by 1359 Arkadiusz Miskiewicz). 1360 - Fixed compiler warnings on certain platforms regarding the use fwrite for 1361 outgoing message construction 1362 1363v0.1.8 12-07-2009 Stephan Bosch <stephan@rename-it.nl> 1364 1365 - Fixed AIX compile problem. For portability, the typeof operator is 1366 not used anymore. 1367 + Added partial support for the deprecated notify extension. However, it 1368 turns out that the implementation provided by cmusieve is even older (2001), 1369 meaning that this is currently not backwards compatible with cmusieve. 1370 1371v0.1.7 05-07-2009 Stephan Bosch <stephan@rename-it.nl> 1372 1373 + Added support for CRLF line breaks in strbuf error handler to fix a 1374 ManageSieve problem. 1375 + Improved consistency of sieve tool documentation and fixed missing 1376 parameters in internal tool help output. 1377 + Enhanced extensions configuration, allowing to specify the enabled 1378 extensions relatively to the default (patch by Steffen Kaiser). 1379 - Forgot to initialize script execution status in Sieve plugin, causing 1380 segfaults on compile errors in specific conditions. 1381 - Fixed logging in Sieve plugin for execution of default main script (went 1382 to STDERR). 1383 1384v0.1.6 18-06-2009 Stephan Bosch <stephan@rename-it.nl> 1385 1386 * Adjusted to changes in Dovecot to make it compile against v1.2.rc5 1387 * Made default of sieve_dir setting match the ManageSieve implementation. 1388 - Fixed a few problems in de body extension that caused assert failures in 1389 specific situations. 1390 1391v0.1.5 18-04-2009 Stephan Bosch <stephan@rename-it.nl> 1392 1393 * Ported the implementation of the Sieve include extension to the latest 1394 draft. This means that the import and export commands are replaced by a new 1395 command called global. The import and export commands are now DEPRICATED and 1396 are mere aliases for the global command. The new specification also adds the 1397 :once modifier to the include command. The also newly specified global.* 1398 variable namespace is not implemented yet as support for variable namespaces 1399 is currently missing. 1400 * Did a major rework of the multiscript support for better error handling and 1401 made sure that persistent global scripts (sieve_before/sieve_after) are 1402 always executed, even when the user does not have a script of his own and 1403 a global default is missing. 1404 + Provided basic support for the environment extension. Currenly, the name, 1405 version and host items are useful. Others are pending. 1406 + Improved error message that is presented when an unknown Sieve extension is 1407 provided as argument to the require command. It now notifies the user that 1408 Sieve core commands do not need to be specified in require. 1409 - Fixed bug in includes at levels deeper than one. 1410 - Fixed bug in address matching that was caused by the failure to handle group 1411 specifications. In dovecot, these are marked by address items with NULL 1412 elements, which causes a segfault if not considered. The group 'undisclosed- 1413 recipients:;' in particular triggered this bug. Bug reported by Bernhard 1414 Schmidt. 1415 1416v0.1.4 21-03-2009 Stephan Bosch <stephan@rename-it.nl> 1417 1418 * Started work on the sieve-filter tool. With this command line tool it will 1419 be possible to (re-)apply Sieve filters on a mail folder. It is currently 1420 undocumented and far from functional. 1421 + Added a custom debug extension that provides the possibility to print debug 1422 messages from scripts executed by the Sieve tools. 1423 - Fixed issue with opening relative paths as a mail file. Bug reported by Ian 1424 P. Christian. 1425 - Fixed MAC OSX compile problem. Turns out the extern modifier was missing at 1426 multiple places. Bug reported by Edgar Fuss. 1427 - Fixed Solaris compile problem: removed unecessary and unportable linker 1428 flags that caused compile to fail. Bug reported by Andrés Yacopino. 1429 1430v0.1.3 12-02-2009 Stephan Bosch <stephan@rename-it.nl> 1431 1432 * Adapted to changes in Dovecot, making this release dependent on Dovecot 1433 >= 1.2.beta1 1434 * Made mail address comparison fully case-insensitive. This is particularly 1435 noticeable for the :addresses argument of the vacation command. 1436 + Finished enotify extension. Currently, only the mailto notification method 1437 is implemented. All still needs to be tested thoroughly. 1438 + Implemented multiscript support. It is now possible to execute multiple 1439 Sieve scripts sequentially. Administrator-controlled scripts can be 1440 executed before and after the user's script. Still needs to be tested 1441 thoroughly. 1442 + Implemented support for configuring the available Sieve extensions. 1443 + Made the subaddress extension (partially) configurable using the 1444 sieve_subaddress_sep setting, which allows specifying a (multi-charater) 1445 separator other than '+'. 1446 + Compiler now warns about invalid header field names used for the header and 1447 address tests. 1448 + Vacation extension now properly generates a References header for the 1449 response message. 1450 + Added testing of basic result execution to the test suite. Also added 1451 supportfor testing the outgoing messages produced by the Sieve interpreter. 1452 + Included execution of the actual result in the sieve-test command line tool. 1453 The undocumented sieve-exec tool that existed for this is now removed as 1454 planned. 1455 + Added support for the now obsolete 'imapflags' extension for backwards 1456 compatibility with CMUSieve. This also implements the mark/unmark commands. 1457 - Fixed bugs in the regex extension: 1) if an optional match value did not in 1458 fact match, subsequent match values would get unexpected indexes. 2) fixed 1459 segfault bug occurring when regex is freed. 1460 - Fixed bug in the use of the :from agrument for the vacation command. If this 1461 address included a phrase part, the response would not be a valid RFC822 1462 message. 1463 - Plugged a theoretical security hole occurring when a directory is opened as a 1464 Sieve binary. 1465 - Cleaned up and fixed various log messages. 1466 - Fixed bug in the outgoing address verification. Addresses ending in ',' were 1467 erroneously accepted. 1468 1469v0.1.2 26-11-2008 Stephan Bosch <stephan@rename-it.nl> 1470 1471 - Fixed important bug in the redirect action (and probably other actions like 1472 reject and vacation that only send messages). This was a bug in the handling 1473 of context information during the execution of actions. It caused the sieve 1474 interpreter to crash with a segfault when redirect was executed. 1475 1476v0.1.1 24-11-2008 Stephan Bosch <stephan@rename-it.nl> 1477 1478 * Re-enabled support for compiling against dovecot headers. Much like 1479 cmusieve, command line tools like sievec and sieved are not compiled in this 1480 case. 1481 * Started implementation of enotify extension. Not anywhere near finished 1482 though. 1483 * Adapted to changes in Dovecot on various occasions, making this release 1484 dependent on Dovecot >= v1.2.alpa4. 1485 + Improved logging of errors at specific occasions and added debug messages to 1486 find script execution problems quicker. 1487 + Removed code duplication between command line tools and the test suite. 1488 Also restructured the sources of the tools. 1489 + Added UTF-8 to UTF-7 folder name conversion for compatibility with IMAP. 1490 + Created man pages for the command line tools. These are automatically 1491 installed upon 'make install' 1492 + Incorporated Valgrind support into the testsuite and fixed a few memory 1493 leaks in the process. 1494 - Fixed compile error surfacing for gcc3.4. Forgot mask argument for the 1495 open() system call when the O_CREAT flag is specified. Bug found by 1496 Sergey Ivanov. 1497 - Fixed bug in the sievec tool. -d output was always written to stdout. 1498 - Fixed important bug in the imap4flags extension. When no :flags argument is 1499 specified, the previous version would always use the final value of the 1500 internal variable to set the flags. This means that modifications to the 1501 internal variable also affected the bare fileinto/keep actions executed 1502 earlier. This does not comply to the RFC. 1503 - Fixed bug in the include extension's import/export commands. Duplicate 1504 import/exports caused problems. 1505 - Fixed bug in the handling of non-existent scripts. Errors were sometimes 1506 ignored. 1507 - Dovecot omitted unfolding multi-line headers. This was added to the cmusieve 1508 plugin after the code was incorporated into the new implementation. This is 1509 now mplicitly fixed by concurrent change in Dovecot. 1510 1511v0.1.0 23-10-2008 Stephan Bosch <stephan@rename-it.nl> 1512 1513 * Initial release 1514 1515Dovecot ManageSieve NEWS history: 1516--------------------------------- 1517 1518Dovecot 1.2: 1519 1520v0.11.11: 1521 * This release contains adjustments to match changes in the Sieve API. This 1522 means that this release will only compile against Pigeonhole Sieve 1523 v0.1.15. 1524 + Implemented ManageSieve QUOTA enforcement. 1525 + Added MAXREDIRECTS capability after login. 1526 + Implemented new script name rules specified in most recent ManageSieve 1527 draft. 1528 - Fixed assertion failure occurring with challenge-response SASL mechanisms. 1529 - Made configure complain about trying to compile against installed Dovecot 1530 headers alone. 1531 - Fixed compile warning for compilation against CMUSieve. 1532 1533v0.11.10: 1534 * This release contains adjustments to match changes in the Sieve API. This 1535 means that this release will only compile against Pigeonhole Sieve 1536 v0.1.14. 1537 - Fixed compilation of ManageSieve against CMUSieve. 1538 1539v0.11.9: 1540 * Adjusted to changes in the Dovecot login proxy API. This release 1541 therefore depends on Dovecot v1.2.4. 1542 + Reintroduced ability to abort SASL with "*" response. Latest ManageSieve 1543 specification includes it. 1544 1545v0.11.8: 1546 - Fixed TLS support for proxying ManageSieve. The protocol state machine 1547 was incorrect. Also added a check that disables ssl when 'starttls' is 1548 not enabled for the user. This produces a proper warning in the log file. 1549 There is no such thing as a managesieveS protocol which has SSL from the 1550 start. 1551 1552v0.11.7: 1553 * Adjusted to changes in the Dovecot login API. This release now depends on 1554 Dovecot v1.2.1 or newer. 1555 * Incorporated various small changes in IMAP into ManageSieve. This includes 1556 properly enabling the generation of core dumps. 1557 - The previous release implicitly resolved the FreeBSD script truncation 1558 error. This release adds a small correction to the code that detects the 1559 truncation. 1560 - Fixed panic occurring when many errors are produced by the Sieve compiler 1561 (bug found by Pascal Volk). 1562 - Fixed memory leak in the PUTSCRIPT command. 1563 1564v0.11.6: 1565 * Adjusted to changes in Dovecot regarding client idle timeout vs 1566 authentication timeout. This release now depends on Dovecot v1.2.rc6 or 1567 newer. 1568 - Fixed CRLF line breaks in compile errors (bug reported by Pascal Volk). 1569 - Corrected directory/file creation behavior with respect to mode bits 1570 and gid (bug reported by Pascal Volk). 1571 - Improved handling of script truncation bugs: connection is now closed and 1572 an error is logged. bug itself not fixed yet). 1573 - Prevented temp script name from showing up in error output. 1574 1575v0.11.5: 1576 * Incorporated various changes from imap-login into managesieve-login. This 1577 includes changes in the proxy support. 1578 1579v0.11.4: 1580 * Adjusted to changes in the Dovecot signal handler API. 1581 1582v0.11.3: 1583 * Changed the SASL service name from "managesieve" into "sieve" as required 1584 in the protocol specification. Don't forget to adjust your configuration 1585 if your authentication mechanism depends on this service name. 1586 * Adapted to changes in Dovecot, making this release dependent on Dovecot 1587 >= v1.2.beta1. 1588 * Adapted to changes in the new Sieve implementation, making this release 1589 dependent on Dovecot Sieve >= v0.1.3 if used. The old cmusieve plugin is 1590 still supported. 1591 + Implemented making the SIEVE and NOTIFY capability fully dynamic, meaning 1592 that the sieve_extensions setting that was introduced for the new Sieve 1593 plugin properly affects the ManageSieve daemon as well. 1594 + Added support for the CHECKSCRIPT command. In terms of the supported 1595 commands, the ManageSieve daemon now complies with protocol VERSION 1.0 as 1596 listed in the CAPABILITY response. 1597 - Fixed maximum permissions for uploaded scripts; was 0777. This 1598 was shielded however by the default umask (not documented to be 1599 configurable), so the actual permissions would never have been 0777. 1600 - Fixed a segfault bug in the authentication time-out. Bug report and trace 1601 provided by Wolfgang Friebel. 1602 - Fixed handling of ~/ in use of mail-data for script location. 1603 - Fixed small problems in the login proxy support. 1604 1605v0.11.2: 1606 * Adapted to changes in Dovecot, making this release dependent on Dovecot 1607 >= v1.2.alpa4. 1608 1609v0.11.1: 1610 - Fixed security issue that gives virtual users the ability to read and 1611 modify each other's scripts if the directory structure of the sieve 1612 storage is known. 1613 * Updated NOOP command to match new protocol specification 1614 + Improved error handling and implemented the new response codes: 1615 ACTIVE, NONEXISTENT, ALREADYEXISTS and WARNINGS 1616 1617v0.11.0: 1618 * Upgraded to Dovecot v1.2 1619 * Added support for new ManageSieve extensions RENAME and NOOP 1620 * Moved sieve settings to plugin {} section of config file. Now the settings 1621 `sieve` and `sieve_dir` in the plugin section are used for the Sieve plugin 1622 and the ManageSieve service, avoiding the posibility of accidental 1623 differences in configuration. 1624 1625Dovecot 1.1: 1626 1627v0.10.3 1628 * Removed erroneous inline declarations that caused compiler warnings. GCC 4.3 1629 turns out to fail entirely as reported by Joel Johnson. 1630 * Fixed auto-dectection of Sieve implementation during ./configure. It now 1631 produces a proper error when the directory is invalid. 1632 1633v0.10.2 1634 * Fixed bug that caused SASL mechanisms that require more than a single client 1635 response to fail. Reported by Steffen Kaiser and occured when he tried using 1636 the (obsolete) LOGIN mechanism. 1637 * Updated installation and configuration documentation to match the 1638 information provided in the wiki 1639 1640v0.10.1 1641 * Fixed bug introduced in v0.10.0: compiled scripts were also written to disk 1642 in the sieve/tmp directory and left there. This accumulates much .sievec 1643 junk in that directory over time. 1644 * Fixed bug in tmp file generation for sieve-storage: errors other than EEXIST 1645 would cause the daemon to sleep() loop indefinitely. 1646 1647 + Improved log lines to be more recognizable as being generated from 1648 managesieve. 1649 + Added short proxy configuration explanation to the README file 1650 + Added 'Known Issues' section to the README file 1651 - Fixed assert bug in sieve-storage occurring when save is canceled. 1652 1653v0.10.0 1654 * Upgraded to Dovecot 1.1: 1655 - The actual managesieve implementation is now a separate package. 1656 The dovecot tree still needs to be patched though to make dovecot 1657 recognize the new managesieve service. 1658 - Incorporated changes to imap/imap-login into the equivalent 1659 managesieve processes. 1660 - Removed cmusieve implementation from managesieve sources. It is 1661 now linked externally from the dovecot-sieve-1.1 package. 1662 - Restructured README.managesieve file into separate README, NEWS, 1663 TODO, DESIGN and INSTALL files. 1664 * Added support for new libsieve implementation (to be released). This 1665 package can be compiled with either the new or the old Sieve 1666 implementation (autodetected). If the new Sieve becomes stable, this 1667 package will be merged with it to make a single package for Dovecot 1668 Sieve support. 1669 1670Dovecot 1.0: 1671 1672v9 1673 1674+ Definitively fixed the segfault mentioned in V8. It proved to be 1675 very time-constrained and thus hard to reproduce. The error turned out 1676 to be related to the input handling of the login daemon during 1677 authentication. 1678+ Checked for changes in the imap daemon that weren't propagated to the 1679 managesieve implementation due to code duplication. 1680+ Fixed a bug in the autodetection of the sieve storage location. 1681+ Fixed bug in the sieve storage that failed to refresh the symlink if 1682 the storage was moved. 1683+ Improved error handing in the sieve-storage implementation in various 1684 places. 1685+ Fixed the situation in which the active script link is located in the 1686 sieve storage. 1687+ Added managesieve configuration to dovecot-example.conf and made the example 1688 in this file more concise. 1689 1690v8 1691 1692+ Fixed a few incompatibilities with 1.0.7 version. For instance, the "Logged 1693 in" message is now sent by the -login process and not by the managesieve 1694 daemon anymore. This caused a segfault every once in a while. 1695+ Probably fixed the settings problem reported by Steffen Kaiser regarding 1696 login_dir. 'dovecot -n' now reports correct results, but testing will show 1697 whether the whole problem is solved. 1698+ The managesieve daemon now accepts the sieve_storage and sieve configuration 1699 settings, so it is now possible to explicitly configure the location of the 1700 sieve storage and the active script respectively. The daemon still falls back 1701 to using the mail_location (MAIL) settings if nothing else is specified. 1702+ The cyrus timsieved does not use the + character in string literals and many 1703 clients have adopted to this behaviour. The latest managesieve (08) advises to 1704 accept a missing + from clients. The server should not send any + characters 1705 as well. This behavior is now implemented on the server. 1706+ Cleaned up sieve-storage.c: split up the sieve_storage_create function in 1707 various sub-functions for obtaining the various paths and directories. 1708+ Forced manual intervention if rescueing a non-symlink file at the active script 1709 path fails somehow. Previously, this presented the admin with a log message 1710 that it had just eaten the script, which is not very nice. 1711+ Restructured the README.managesieve file and added some more explanation with 1712 regard to the configuration of the daemon. 1713 1714v7 1715 1716- Robin Breathe indicated that the regex capability was missing in the server's 1717 SIEVE listing. It turns out I forgot to make arrangements for setting 1718 ENABLE_REGEX in the cmu libsieve sources, so the regex extension was not 1719 compiled in. I copied the configure.in section regarding ENABLE_REGEX from 1720 dovecot-sieve-1.0.2 and that fixed the problem. 1721 1722v6 1723 1724- Corked the client output stream while producing the capability greeting and on 1725 other some other occasions as well. Some naive client implementations expect to 1726 receive this as a single tcp frame and it is a good practice to do so anyway. 1727 Using this change the Thunderbird sieve extension (v0.1.1) seemed to work. However, 1728 scripts larger than a tcp frame still caused failures. All these issues are fixed 1729 in the latest version of the sieve add-on (currently v0.1.4). 1730- Cleaned up the new proxy source. My editor made the indentation a complete mess 1731 in terms of TABs vs spaces. 1732- Added TRYLATER response codes to BYE and NO messages where appropriate. 1733- Recopied the libsieve library into this patch to incorporate any changes that were 1734 made (only sieve-cmu.c still needs to be compared to the old cmu-sieve.c). This 1735 also solves the __attribute__((unused)) GCC dependencies. These were fixed long 1736 ago by Timo.... the code duplication beast strikes again. 1737- Removed spurious return value from void function in 1738 src/lib-sieve/sieve-implementation.c as reported by Robin Breathe. GCC fails to 1739 report these issues. The function involved is currently not used and serves only 1740 as an example on how dovecot could support multiple sieve backends... 1741 1742v5 1743 1744- Applied patch by Uldis Pakuls to fix master_dump_settings bug 1745- Added some compilation/installation info to this README 1746- Moved README to source tree root as README.managesieve 1747- Fixed minor error handling bug in sieve_storage.c with respect to a missing 1748 root directory. 1749- Now sieve capabilities are reported as they are specified by the implementing 1750 library and not in forced upper case. The sieve RFC now explicitly states 1751 that sieve capability identifiers are case-sensitive. This broke compatibility 1752 with SquirrelMail/Avelsieve. 1753- Disabled ANONYMOUS login entirely until proper support is implemented. V4 1754 claimed to do so as well, but in fact it only stopped announcing it. 1755- Implemented managesieve-proxy. It is not so much a clean copy of imap-proxy, 1756 since the managesieve greeting is much more complex and requires parsing. 1757 Configuration is identical to imap-proxy. This seems to be a little under- 1758 documented however (http://wiki.dovecot.org/PasswordDatabase/ExtraFields). 1759 1760v4 1761 1762- Added managesieve_implementation_string setting to the managesieve 1763 configuration. This can be used to customize the default "IMPLEMENTATION" 1764 capability response. 1765- Denied ANONYMOUS login until proper support is implemented 1766- Fixed problem with authenticate command regarding continued responses. In 1767 V3 only initial response would work. Problem was caused by rc2 -> rc28 1768 upgrade. One of the clear reasons why code duplication is a very bad idea. 1769- Fixed readlink bug as indicated by Timo: return value of readlink can also 1770 be -1. 1771- Fixed bug in the regular file rescue code, as introduced in the previous 1772 version. Used stat instead of lstat. This caused the symlink to be rescued 1773 subsequently in the next activation, thus still overwriting the initially 1774 rescued script. 1775 1776v3 1777 1778- Updated source to compile with dovecot 1.0.rc27 1779- Daemon now uses the same location for .dovecot.sieve as dovecot-lda 1780 This is typically ~/.dovecot.sieve 1781- If .dovecot.sieve is a regular file, it is now moved into the script storage as 1782 dovecot.orig.sieve, preventing deletion of (important) active scripts 1783 upon upgrade. 1784- Changed error handling to yield a BYE message when the managesieve 1785 daemon exits unexpectedly (upon login) before any commands are entered. 1786 Horde-ingo would wait indefinitely for a response. 1787 1788v2 1789 1790- Fixed the bug (missing CRLF) in the authenticate command 1791- Modified the sieve storage library making the interface much less crude. 1792- The scripts put on the server using the putscript command are now 1793 checked before they are accepted. 1794- The reported SIEVE capability is now directly read from the sieve 1795 implementation (in this case cmu), listing much more than "FILEINTO 1796 VACATION". 1797- Imported instance of libsieve source into this patch for implementation 1798 of script checking and capability listing. THIS NEEDS TO BE CHANGED! 1799- Fixed some minor bugs in the putscript command 1800