Cyrus IMAP 2.1.x Release Notes¶
Changes to the Cyrus IMAP Server since 2.1.14
Correct a potential DOS attack in the fud daemon.
Arbitron now works again
Telemetry logging for mupdate
Duplicate Suppression logging for redirect sieve actions
A number of bugs in reconstruct have been fixed. also added the -p and -x options
Better stubbing out of user_deleteacl
No longer log any shutdown() failures
Improved IPv6 support (for systems with two getnameinfo implementations)
Misc Documentation Improvements
Changes to the Cyrus IMAP Server since 2.1.13
Be more forgiving in the parsing of MIME boundary headers, specifically those generated by Eudora where the outer boundaries are substrings of the inner boundaries. This feature can be disabled by enabling the rfc2046_strict option.
Allow cyradm to handle aggregate mailbox sets for ACL and DELETE operations.
Add a lmtp_downcase_rcpt option to force the lowercasing of recipient addresses (Henrique de Moraes Holschuh <firstname.lastname@example.org>).
Include more MIME headers in sieve rejection notices
Add an mbexamine command for debugging purposes
LMTP will now fatal error if we cannot initialize the duplicate delivery database.
Continued audit by Security Appraisers and Bynari
Correctly terminate the processes by calling service_abort even on successful exit (helps to fix a db3 lockers problem)
Fix some murder+altnamespace/unixhiersep issues
Fix imclient's handling of literals.
Add support for the windows-1256 character set
Don't log 'could not shut down filedescriptor' messages when the socket is already not connected
Now include a script to convert sieve script names to the altnamespace format
Added a --with-extraident configure option to make it easier to set the extra version information that is compiled into the binary.
Minor build fixes.
Minor other bug fixes.
Changes to the Cyrus IMAP Server since 2.1.12
Add maxfds= option in cyrus.conf
Now report both built-with and running-with OpenSSL versions
Misc other small bugfixes
Security Appraisers and Bynari review of the majority of the modules in imap/
Changes to the Cyrus IMAP Server since 2.1.11
Master now will forcibly exit if a service is not executable
Master now has a daemon mode and pidfile support (-d and -p options)
Berkeley DB Configuration methods have changed. Hopefully they're more generic now. You can still use --with-dbdir, or you can use --with-bdb-libdir and --with-bdb-incdir
timsieved now handles usernames with dots (when unixhierarchysep is active)
tugowar has been removed from the distribution.
Squatter now has an option to skip unmodified mailboxes.
Properly hash username to remove a user's sieve scripts when their INBOX is removed.
Reset output buffer when prot_flush returns EOF.
Minor Makefile improvements with use of $(srcdir)
Remotepurge improvement for empty mailboxes
Fix for AFS overwriting the canonicalized username in ptloader
Security audit of imapd.c performed by SecurityAppraisers and Bynari
Changes to the Cyrus IMAP Server since 2.1.10
Fixed some potential buffer overflows in the sieve code, as well as a pre-login buffer overflow in the IMAP parsing code.
ipurge can now skip flagged messages
Fix a problem with the flat backend and tracking new files
Fix a problem with the memory pool routines on 64-bit machines
Changes to the Cyrus IMAP Server since 2.1.9
support Berkley DB 4.1
more portable use of errno throughout
timsieved now does telemetry logging
libcyrus.a no longer supplies fs_get() and fs_give()
Changes to the Cyrus IMAP Server since 2.1.8
Fix a strlcpy() off-by-one error.
Better handling of errors in connecting to LMTP servers for deliver and lmtpproxyd.
Fix bug in pop3proxyd's pop3s handling.
Fix Exim install documentation.
Changes to the Cyrus IMAP Server since 2.1.7
Fix a severe locking problem during failed CREATEs
Change default locking method to fcntl from flock
Don't cleanup the original mailbox during a RENAME while holding the mailbox list lock
Quoting fixes in cyradm
Small pathname fix in rehash script
Changes to the Cyrus IMAP Server since 2.1.6
Correct some minor version number errors.
Changes to the Cyrus IMAP Server since 2.1.5
Better locking of the mailbox list during mupdate operations for CREATE and RENAME
Permissions fixes for annotations.
pop3proxyd now does telemetry logging
Cleanup a number of leaks in the murder code
Correct semantics of our provided strlcpy(). Fix places where strlcpy() was being used incorrectly.
Correct a significant memory leak in the memory pool routines
OpenSSL is now handled correctly for the perl modules
Small documentation cleanups
The normal assortment of small bugfixes
Changes to the Cyrus IMAP Server since 2.1.4
Sieve is no longer dependent on duplicate delivery suppression (it still uses the duplicate delivery database however).
Sieve now supports draft-segmuller-sieve-relation-02.txt
imtest now includes all the functionality previously kept in pop3test, lmtptest, smtptest, and mupdatetest. imtest will notice if it is invoked with one of these names and do the right thing. The -P flag can be used to force a particular protocol. As part of this, the default install location for mupdatetest has changed to be the same as the other test utilities. imtest also includes new MANAGESIEVE functionality (sivtest) as well as the ability to reconnect to the same server multiple times (useful for testing SSL/TLS session caching and DIGEST-MD5 fast reauth).
snmpgen generates stubbed out code so we don't waste resources on something that just doesn't work. At some point in time, we'll make it work again as it would be useful to gather aggregate statistics on what commands are being used so we can better tune the server. This change closes bug #1191. New bug 1267 opened to re-enable the feature.
Added the chk_cyrus program to help point out missing message files and/or mailboxes
ANNOTATEMORE improvements. Server annotation support has been added. We are also now using the /vendor/cmu/cyrus-imapd hierarchy. The "info" command in cyradm now returns annotations for the given mailbox (provided that ANNOTATEMORE support is compiled into the server)
The RENAME command has been almost entirely rewritten. Now we rely on mailbox-level locking instead of locking the entire mailboxes file for the duration of the rename. ctl_cyrusdb -r now also cleans up "reserved" mailboxes that may appear in the event of a crash.
ctl_mboxlist can now dump only a particular partition
The configuration subsystem now uses a hash table to speed up lookups of options. Additionally, the hash table implementation has been updated to possibly take advantage of memory pools.
Many bugfixes related to the Cyrus Murder. Includes improvments to subscription handling as well as correct merging of seen state on mailbox moves.
Can now configure an external debugger (debug_command option in imapd.conf.
Misc. autoconf-related fixes (most notably those related to sasl_checkapop and O_DSYNC).
Misc. locking-related fixes.
Security fixes related to handling large literals in getxstring(), as well as correct usage of layers in timsieved.
Changes to the Cyrus IMAP Server since 2.1.3
All "MAIL" and "SIEVE" notifications are now handled by notifyd which is a daemon that supports multiple notification methods. The mailnotifier and sievenotifier options have been added to /etc/imapd.conf to configure notifications. (Ken Murchison)
Many feature enhancements and bugfixes for the Cyrus Murder. The code now supports live (but not transparent) moving of mailboxes from one server to another.
Some warning fixes.
fdatasync() is no longer required.
Fixed a bug in imap/append.c that would show itself if a message was being delivered to five or more different partitions.
Deliveries now don't create a redudant temporary file using tmpfile(); the staging directory is used instead. (Ken Murchison)
Fix a possible crashing bug in squatter. (Ken Murchison)
Deleting a user now also removes their Sieve scripts.
cyrusdb_skiplist: release locks during iteration. Should prevent denial of service attacks and possibly increase performance.
cyrusdb_skiplist: introduce a new mode using O_DSYNC writes which is possibly faster on Solaris. Currently off (it seems to hurt performance on Linux).
master has preliminary code to avoid forking storms.
sieveshell should now loop through all available SASL mechanisms before conceding defeat.
sieveshell can now upload a file to a different name.
Changes to the Cyrus IMAP Server since 2.1.2
fud now runs from the Cyrus master process; more generally, the Cyrus master process can deal with UDP services. (Amos Gouaux, email@example.com)
Sieve has been updated to be compliant with RFC 3028 and draft-martin-sieve-notify-01. All notify actions and any fileinto and/or redirect actions using stringlists will have to be updated/changed.
added cvt_cyrusdb for quick conversions between different cyrusdb backends.
fixed a bug in the Sieve header cache, where legal header names were being rejected.
many Murder-related fixes
suppress a bogus TLS session reuse DBERROR message
make the list of acceptable TLS ciphers configurable in /etc/imapd.conf
cyrusdb_skiplist fixes; it's now suitable for using in production environments though there are still performance problems outstanding
Changes to the Cyrus IMAP Server since 2.1.1
now compatible with Berkeley DB4 (Larry M. Rosenbaum, firstname.lastname@example.org)
timsieved now supports proxying via loginuseacl (Amos Gouaux, email@example.com)
Sieve vacation now does a case-insensitive comparison of :addresses
Warning-related bug fixes from Henrique de Moras Holschuh firstname.lastname@example.org
automatic archival of db3 files so that filesystem backups are always consistent (Ken Murchison, email@example.com)
added a skiplist database backend, still needs more testing
further work on the Cyrus Murder
fixed bug in remotepurge dealing with mailboxes with characters that need to be escaped inside quoted-strings
Cyrus::IMAP::Admin now supports referrals
cyradm, via Cyrus::IMAP::Shell, now can remove quotaroots
timsieved, sieveshell, and the MANAGESIEVE protocol extended with referrals
Changes to the Cyrus IMAP Server since 2.1.0
now compatible with Cyrus SASL 2.1.0
fixed a problem with LMTP AUTH and unix domain sockets
make deleting users faster
add a "-n" switch to remotepurge
cyradm now does implicit SASL authorization
fix for Sieve :matches comparator