http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz
http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig
v2.2.20 probably will be released tomorrow or maybe during weekend.
+ Added mailbox { autoexpunge=<time> } setting. See
http://wiki2.dovecot.org/MailboxSettings for details.
+ ssl_options: Added support for no_ticket
+ imap/pop3/managesieve-login: Added postlogin_socket=path passdb extra
field. This allows replacing the default service
imap/pop3/managesieve {} settings for specific users (e.g. running
their imap process via valgrind or strace).
+ doveadm fetch: Added date.sent/received/saved.unixtime
+ fs-posix: Added mode=auto parameter to set the created files' and
directories' mode based on the parent dir if it has setgid-bit.
+ director: Support backends having hostnames, which makes it possible
to verify their SSL certificates.
- director: Directors' state became desynchronized if doveadm director
commands were used to modify the same backend in multiple directors
at the same time with conflicting changes. This fix includes some
extra checks, which makes sure that if such a conflict still happens
it's automatically fixed. In some situations such an automatic fix
may now be unnecessarily triggered and an error logged.
- director: Backend tags weren't working correctly.
- ldap: tls_* settings weren't used for ldaps URIs.
- ldap, mysql: Fixed setting connect timeout.
- auth: userdb lookups via auth-worker couldn't change username
- dsync: Fixed handling deleted directories. Make sure we don't go to
infinite mailbox renaming loop.
- imap: Fixed crash in NOTIFY when there were watched namespaces that
didn't support NOTIFY.
- imap: After SETMETADATA was used, various commands (especially FETCH)
could have started hanging when their output was large.
- stats: Idle sessions weren't refreshed often enough, causing stats
process to forget them and log errors about unknown sessions when
they were updated later.
- stats: Fixed "Duplicate session ID" errors when LMTP delivered to
multiple recipients and fts_autoindex=yes.
- zlib plugin: Fixed copying causing cache corruption when zlib_save
wasn't set, but the source message was compressed.
- fts-solr: Fixed escaping Solr query parameters.
* Timo Sirainen <tss at iki.fi> 2015.12.03 14:51:> + Added mailbox { autoexpunge=<time> } setting. See > http://wiki2.dovecot.org/MailboxSettings for details.namespace inbox { mailbox Trash { autoexpunge = 5 days special_use = \Trash } } I'm using autoexpunge on the Trash mailbox. Looking at the wiki text I'm unclear on how to limit it to a specific service:>So it may be better to explicitly enable this only inside protocol imap, pop3 and maybe lmtp.Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20151203/76431f95/attachment.sig>
> On 03 Dec 2015, at 16:09, Thomas Leuxner <tlx at leuxner.net> wrote: > > * Timo Sirainen <tss at iki.fi> 2015.12.03 14:51: > >> + Added mailbox { autoexpunge=<time> } setting. See >> http://wiki2.dovecot.org/MailboxSettings for details. > > namespace inbox { > mailbox Trash { > autoexpunge = 5 days > special_use = \Trash > } > } > > I'm using autoexpunge on the Trash mailbox. Looking at the wiki text I'm unclear on how to limit it to a specific service: > >> So it may be better to explicitly enable this only inside protocol imap, pop3 and maybe lmtp.namespace inbox { mailbox Trash { special_use = \Trash } } protocol imap { namespace inbox { mailbox Trash { autoexpunge = 5 days } } } If you want it for other protocols, you'll unfortunately have to just copy&paste the entire block.
On 03/12/2015 13:51, Timo Sirainen wrote:> http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gzI see a clash with the pigeonhole 0.4.9 preventing compilation of pigeonhole. "sieve-settings.c", line 14: identifier redeclared: t_str_trim current : static function(pointer to const char) returning pointer to const char previous: function(pointer to const char, pointer to const char) returning pointer to const char : "/.../dovecot/strfuncs.h", line 60 pigeonhole src/lib-sieve/sieve-settings.c line 13 says: // FIXME: add to dovecot Looks like it's added to dovecot but not removed from pigeonhole. Otherwise it is working for me, I am using 2.2.20.rc1 on a lightly loaded Solaris 10 system.
> On 04 Dec 2015, at 11:41, James <lista at xdrv.co.uk> wrote: > > pigeonhole src/lib-sieve/sieve-settings.c line 13 says: > // FIXME: add to dovecot > > Looks like it's added to dovecot but not removed from pigeonhole. >Stephan will soon release pigeonhole 0.4.10rc for dovecot 2.2.20 that will fix this issue. Sami
> On 04 Dec 2015, at 11:41, James <lista at xdrv.co.uk> wrote: > > pigeonhole src/lib-sieve/sieve-settings.c line 13 says: > // FIXME: add to dovecot > > Looks like it's added to dovecot but not removed from pigeonhole. >Stephan will soon release pigeonhole 0.4.10rc for dovecot 2.2.20 that will fix this issue. Sami
On 03.12.2015 14:51, Timo Sirainen wrote:> http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz > http://dovecot.org/releases/2.2/rc/dovecot-2.2.20.rc1.tar.gz.sig > > v2.2.20 probably will be released tomorrow or maybe during weekend. > > + ssl_options: Added support for no_ticket >Hello TImo, great to see that inseucre session tickets (violating PFS) can be disabled. Is it possible to configure the secure session caching mechanism? e.g. like in nginx: https://bjornjohansen.no/optimizing-https-nginx Thnx. Ciao, Gerhard
On 12/05/2015 04:32 AM, Gerhard Wiesinger wrote:> like in nginxAnd OCSP Stapling would be nice too :-)
On 05 Dec 2015, at 11:32, Gerhard Wiesinger <lists at wiesinger.com> wrote:> > Is it possible to configure the secure session caching mechanism? > e.g. like in nginx: https://bjornjohansen.no/optimizing-https-nginxI remember hearing about various security vulnerabilities in that earlier.. I guess they're fixed now then, unless people find more ways to exploit it. Anyway I'm not sure how useful it would actually even be for most IMAP/POP3 servers, because most clients don't connect all that often. Or I guess it might help some clients that create multiple connections immediately. Then again, we are planning on adding some HTTP(S)-based services to Dovecot and there it would likely be more useful. So I guess it gets implemented at some point.