Adding debian version 1:2.3.19.1+dfsg1-2.1.debian/1%2.3.19.1+dfsg1-2.1debian

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

118 files changed, 6783 insertions, 0 deletions

diff --git a/debian/autogen.sh b/debian/autogen.sh
new file mode 100755
index 0000000..ba3a3cb
--- /dev/null
+++ b/debian/autogen.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+set -eu
+
+autoreconf -f -i -v -Wall
+(cd pigeonhole && autoreconf -f -i -v -Wall)
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..22c9a9c
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,2822 @@
+dovecot (1:2.3.19.1+dfsg1-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * [b02ebc9] Don't use deprecated crypt module.
+    (closes: #1028513)
+
+ -- Bas Couwenberg <sebastic@debian.org>  Fri, 20 Jan 2023 07:01:26 +0100
+
+dovecot (1:2.3.19.1+dfsg1-2) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [281fb2c] d/patches: cherry-pick fix for CVE-2022-30550 (Closes: #1016351)
+  * [9c58e71] d/patches: fix uninitialized read in doveadm-oldstats
+  * [a76a24d] d/control: bump to standards version 4.6.1 (no further changes)
+  * [4aaaa8b] Update Lintian overrides
+
+ -- Noah Meyerhans <noahm@debian.org>  Fri, 29 Jul 2022 19:58:28 -0700
+
+dovecot (1:2.3.19.1+dfsg1-1) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [e40f93f] d/patches: avoid usage of PATH_MAX not available on hurd
+  * [19e00cd] d/rules: enable backtrace generation
+  * [5bf1c43] d/patches: debug flaky unit test
+
+  [ Noah Meyerhans ]
+  * [b73422f] New upstream version 2.3.19.1+dfsg1
+  * [c88bfc0] Update changelog for 1:2.3.19.1+dfsg1-1 release
+  * [ca59548] Update lintian overrides
+  * [d6406c2] d/copyright: update declarations for current maintainers
+
+ -- Noah Meyerhans <noahm@debian.org>  Wed, 22 Jun 2022 09:27:01 -0700
+
+dovecot (1:2.3.19+dfsg1-1) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [0d29e45] d/rules: enable LTO via DEB_BUILD_MAINT_OPTIONS instead of custom flags
+  * [560cceb] d/source/lintian-overrides: update very-long-line-length-in-source-file overrides
+  * [b99d09e] d/copyright: update years
+  * [9ee8271] d/dovecot-core.prerm: drop as superseded by debhelper
+  * [907f85c] d/maintscripts: update
+  * [2b38240] d/dovecot-core.postinst: drop support for version skips
+  * [dcb76d1] d/dovecot-core.postinst: only link certs if existent (Closes: #1009872)
+  * [d223bbd] d/patches: add patch to support openssl 3.0 (Closes: #996273)
+
+  [ Noah Meyerhans ]
+  * [9f3175e] New upstream version 2.3.19+dfsg1
+
+ -- Noah Meyerhans <noahm@debian.org>  Sun, 05 Jun 2022 18:29:18 +0000
+
+dovecot (1:2.3.18+dfsg1-1) unstable; urgency=medium
+
+  [ Noah Meyerhans ]
+  * [36966c8] New upstream version 2.3.18+dfsg1
+  * [042bda4] Refresh patches for 1:2.3.18+dfsg1-1
+
+ -- "Noah Meyerhans" <noahm@debian.org>  Thu, 10 Feb 2022 20:05:50 +0000
+
+dovecot (1:2.3.17.1+dfsg1-1) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [40b0010] New upstream version 2.3.17+dfsg1
+  * [3c377e0] New upstream version 2.3.17.1+dfsg1
+  * [e2f1ce2] d/patches: rebase and drop upstream applied ones
+  * [533b7ad] d/control: bump to standards version 4.6.0 (no further changes)
+  * [02ed6cf] debian: reduce Lintian issues
+  * [bb3ae48] d/salsa-ci.yml: skip cross build and do not fail on Lintian
+    warnings
+  * [bcda7e4] d/control: build against Lua 5.4
+  * [9eed0dd] d/control: enable libunwind support on available archs
+  * [1990699] d/patches: cherry-pick memory leak commit
+  * [426df46] d/patches: cherry-pick imapsieve fix
+  * [e3d0747] d/patches: add patch for LTO by avoiding unaligned access
+    (Closes: #997513)
+
+ -- Noah Meyerhans <noahm@debian.org>  Tue, 14 Dec 2021 09:24:23 -0800
+
+dovecot (1:2.3.16+dfsg1-3) unstable; urgency=medium
+
+  * [7b858b6] Fix FTBFS on mips(64)el.  Stacktrace generation on these
+    architectures requires -funwind-tables, as with 32-bit arm.
+
+ -- Noah Meyerhans <noahm@debian.org>  Thu, 16 Sep 2021 08:41:27 -0700
+
+dovecot (1:2.3.16+dfsg1-2) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [e1e9ece] d/patches: rework backtrace test patch
+  * [be404bf] d/patches: add big-endian patch
+
+ -- Noah Meyerhans <noahm@debian.org>  Fri, 10 Sep 2021 16:10:50 -0700
+
+dovecot (1:2.3.16+dfsg1-1) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [ff4a227] New upstream version 2.3.14+dfsg1
+  * [963fa3b] New upstream version 2.3.15+dfsg1 (Closes: #991323, #983510)
+  * [5e0c898] d/watch: adjust dversionmangle for dfsg suffix
+  * [9ffb0f5] d/patches: update
+  * [850e1d6] New upstream version 2.3.16+dfsg1
+  * [7140b87] d/patches: rebase patches
+  * [fb1b77e] d/rules: enable LTO
+  * [ce7055d] d/control: add libsystemd-dev dependency
+  * [db93263] d/copyright: drop unused section
+  * [aeec1e8] d/rules: update how to set systemdsystemunitdir
+  * [ebe9709] d/patches: resolve compiler warnings
+  * [19b2bb0] d/changelog: bump to 1:2.3.16+dfsg1-1
+  * [58a4078] d/patches: update 32bit warnings patch
+
+  [ Noah Meyerhans ]
+  * [f217c2e] Fix indexer crash
+  * [b075317] Import upstream patch for indexer crash on client disconnect
+  * [36e8740] drop debian/dovecot-core.maintscript
+
+ -- Noah Meyerhans <noahm@debian.org>  Thu, 02 Sep 2021 13:22:16 -0700
+
+dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
+
+  * Import upstream fixes for security issues (Closes: #990566):
+    - CVE-2021-29157: Path traversal issue allowing an attacker with
+      access to the local filesystem can trick OAuth2 authentication into
+      using an HS256 validation key from an attacker-controlled location
+    - CVE-2021-33515: Sensitive information could be redirected to an
+      attacker-controlled address because of a STARTTLS command injection
+      bug in the submission service
+
+ -- Noah Meyerhans <noahm@debian.org>  Tue, 20 Jul 2021 08:05:19 -0700
+
+dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [6829237] New upstream version 2.3.13 (Closes: #979363)
+    - CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
+    - CVE-2020-25275: MIME parsing crashes with particular messages
+
+  * [6d25736] Add libzstd-dev to build-dependencies (Closes: #969165)
+  * [5956798] Rebase patches
+  * [2cb63c3] Bump to standards version 4.5.1 (no further changes)
+  * [548bac5] Drop unmatched copyright src/lib-ntlm/* wildcard
+  * [6f33f3f] Ignore package-contains-documentation-outside-usr-share-doc
+    false-positives
+  * [dde9c94] Handle removed configuration file in postinst
+
+  [ Pino Toscano ]
+  * [04a60e3] d/{control,rules}: disable apparmor support on !linux archs
+    (Closes: #951869)
+
+  [ Helmut Grohne ]
+  * [e5f9fcb] d/patches: improve cross-compile support (Closes: #979370)
+
+ -- Noah Meyerhans <noahm@debian.org>  Mon, 25 Jan 2021 15:38:17 -0800
+
+dovecot (1:2.3.11.3+dfsg1-2) unstable; urgency=medium
+
+  [ Christian Göttsche ]
+  * [44770f6] Add patch for 32bit compiler warnings
+  * [053865a] Lintian: remove unused override
+  * [4ece2e1] Lintian: add forwarded header to Debian specific patches
+  * [67872b7] Lintian: ignore Debian only man page
+  * [d30bd7e] Lintian: tag manpage-without-executable got renamed to
+    spare-manual-page
+  * [3bdf952] Limit libcap-dev build-dependency to linux-any
+  * [28f6425] Drop acute accent in man page
+  * [8c15850] Add patch allowing GSSAPI containing NULL
+
+ -- Noah Meyerhans <noahm@debian.org>  Wed, 19 Aug 2020 12:06:07 -0700
+
+dovecot (1:2.3.11.3+dfsg1-1) unstable; urgency=high
+
+  * New upstream release fixes security issues (Closes: #968302)
+    - CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
+      resource exhaustion as Dovecot attempts to parse it.
+    - CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
+      message buffer size, which leads to reading past allocation which can
+      lead to crash.
+    - CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts
+      zero-length message, which leads to assert-crash later on.
+  * Add libcap-dev to build-dependencies to support dropping linux
+    capabilities.
+
+ -- Noah Meyerhans <noahm@debian.org>  Thu, 13 Aug 2020 16:21:24 -0700
+
+dovecot (1:2.3.10.1+dfsg1-2) unstable; urgency=medium
+
+  * Support sd_notify with systemd (Closes: #951722)
+  * Add necessary CFLAGS and LDFLAGS settings to ensure functional backtrace
+    generation.  (Closes: #962630)
+  * Suppress additional library-not-linked-against-libc lintian warnings some
+    plugins as false-positives, observed on armel systems
+
+  [ Andreas Hasenack ]
+  * d/t/control, d/t/testmails: cherry-pick updated autopkgtests from
+    Ubuntu's 1:2.2.35-2ubuntu1:
+    - d/t/testmails: dropped the hardcoded "Ubuntu" name from the banner
+      text and made it distribution agnostic
+    - d/t/control: added lsb-release to test dependencies, used to get the
+      distribution name
+
+ -- Noah Meyerhans <noahm@debian.org>  Tue, 16 Jun 2020 08:29:02 -0700
+
+dovecot (1:2.3.10.1+dfsg1-1) unstable; urgency=medium
+
+  * New upstream release addresses multiple security issues
+    - CVE-2020-10957
+    - CVE-2020-10958
+    - CVE-2020-10967
+    (Closes: #960963, #930919, #928492)
+  * Refresh patches
+  * Strip non-DFSG-compliant docs from .orig archives
+  * Incorporate a number of improvements to debian/ metadata contributed by
+    Christian Göttsche <cgzones@googlemail.com>
+  * Move pid file to /run (Closes: #925443)
+  * Add noahm@debian.org to Uploaders
+  * Work around flakiness in autopkgtest suite
+  * Suppress library-not-linked-against-libc lintian warnings some plugins as
+    false-positives
+
+ -- Noah Meyerhans <noahm@debian.org>  Wed, 10 Jun 2020 10:41:37 -0700
+
+dovecot (1:2.3.7.2-1) unstable; urgency=medium
+
+  * [dcaf24e] New upstream version 2.3.7.2
+    - Fixes CVE-2019-11500 for dovecot-core
+  * [111beef] Update pigeonhole to 0.5.7.2
+    - Fixes CVE-2019-11500 for pigeonhole/managesieve
+  * [a422c4c] Bump Standards-Version to 4.4.0; no changes needed
+  * [56e37ed] Bump dh compat to 12; no changes needed.
+    - Drop d/compat in favor debhelper-compat B-D.
+  * [476edbd] Refresh dovecot_name.patch and ssl-cert-location.patch
+  * [9dc7904] Drop patches included in 2.3.7.2.
+     - CVE-2019-10691
+     - CVE-2019-11494
+     - CVE-2019-11499
+     - CVE-2019-7524
+     - avoid-double-closing-mysql.patch
+     - lib-master-test-event-stats-Use-PRIu64-format.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 29 Aug 2019 11:55:51 +0300
+
+dovecot (1:2.3.4.1-5) unstable; urgency=medium
+
+  * [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235)
+     - submission-login: fix null pointer dereference when client
+       disconnects during authentication (CVE-2019-11494)
+     - submission-login: fix assert-crash when receiving an invalid
+       authentication message over TLS (CVE-2019-11499)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Mon, 29 Apr 2019 23:35:05 +0300
+
+dovecot (1:2.3.4.1-4) unstable; urgency=high
+
+  * [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 18 Apr 2019 10:21:19 +0300
+
+dovecot (1:2.3.4.1-3) unstable; urgency=high
+
+  * [07c9212] Fix two buffer overflows when reading oversized FTS headers
+    and/or oversized POP3-UIDL headers (CVE-2019-7524).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Mon, 25 Mar 2019 23:06:01 +0200
+
+dovecot (1:2.3.4.1-2) unstable; urgency=medium
+
+  [ Laurent Bigonville ]
+  * [ac99918] Fix double-free crash in mysql driver
+    Fix double closing of the connection in the mysql driver, this should
+    fix the crash in the dovecot auth process, taken from upstream.
+    (Closes: #918339)
+
+  [ Apollon Oikonomopoulos ]
+  * [8a30446] Bump Standards-Version to 4.3.0; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 14 Mar 2019 11:02:39 +0200
+
+dovecot (1:2.3.4.1-1) unstable; urgency=high
+
+  * [bebf0b4] New upstream version 2.3.4.1
+    + Fixes CVE-2019-3814: TLS client auth username handling
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 05 Feb 2019 16:19:12 +0200
+
+dovecot (1:2.3.4-2) unstable; urgency=medium
+
+  * [51d1317] Fix FTBFS on 32-bit platforms.
+    Cherry-pick upstream commit de42b54, fixing the event-stats test on
+    32-bit platforms.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Sat, 24 Nov 2018 02:02:17 +0200
+
+dovecot (1:2.3.4-1) unstable; urgency=medium
+
+  * [14c247f] New upstream version 2.3.4
+  * [7fed004] Update pigeonhole to 0.5.4
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Fri, 23 Nov 2018 22:00:06 +0200
+
+dovecot (1:2.3.3-1) unstable; urgency=medium
+
+  [ Jelmer Vernooij ]
+  * Trim trailing whitespace.
+
+  [ Apollon Oikonomopoulos ]
+  * [6591a99] New upstream version 2.3.3
+  * [3d718ec] Bump Standards-Version to 4.2.1; no changes needed
+  * [123bd32] Update pigeonhole to 0.5.3
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 04 Oct 2018 17:29:40 +0300
+
+dovecot (1:2.3.2.1-1) unstable; urgency=medium
+
+  * [40ba9f0] New upstream bugfix release 2.3.2.1
+  * [87045ac] Drop fix-ftbfs-on-32bit.patch; merged upstream
+  * [5bb22a4] Bump Standards-Version to 4.1.5; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 10 Jul 2018 17:51:43 +0300
+
+dovecot (1:2.3.2-2) unstable; urgency=medium
+
+  * [48067de] Fix FTBFS on 32-bit platforms by cherry-picking upstream commit
+    1e23986f.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Wed, 04 Jul 2018 12:43:14 +0300
+
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+  * [bb03669] New upstream version 2.3.2
+    + Upload to unstable
+  * [d29da3a] Merge 2.3 package changes from experimental. Important changes:
+    + [b3d1e17] Enable AppArmor support, see
+      https://wiki2.dovecot.org/Plugins/Apparmor
+      • B-D on libapparmor-dev
+    + [c0c55bd] Enable Lua scripting support for authdb/passdb.
+      • B-D on liblua5.3-dev
+      • New binary package, dovecot-auth-lua
+    + [4f6792e] Build with sodium support, enabling the ARGON2I and ARGON2ID
+      password schemes.
+      • B-D on libsodium-dev
+    + [54347e7] Build with ICU support enabling FTS unicode normalization
+      • B-D on libicu-dev
+    + New dovecot-submissiond binary package for the dovecot submission agent;
+      see https://wiki2.dovecot.org/Submission.
+  * [4db4813] Change maintainer address to dovecot@packages.d.o
+  * [5118354] Update pigeonhole to 0.5.2
+  * [52a7af4] Drop murmur3-big-endian.patch; merged upstream
+  * [22a6eee] Refresh dovecot_name.patch
+  * [3af7568] dovecot_name.patch: apply to submissiond as well
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Wed, 04 Jul 2018 08:57:45 +0300
+
+dovecot (1:2.2.36-1) unstable; urgency=medium
+
+  * [19f2274] d/gbp.conf: set merge-mode to "merge" to preserve pigeonhole/
+    when importing new dovecot sources
+  * [6b9bf0d] New upstream version 2.2.36
+  * [be12f22] Bump pigeonhole version to 0.4.24
+    + Remove new file under doc/rfc
+    + Ship the new imap_filter_sieve module in dovecot-sieve
+  * [b77be59] Bump Standards-Version to 4.1.4; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Wed, 06 Jun 2018 09:31:49 +0300
+
+dovecot (1:2.2.35-2) unstable; urgency=medium
+
+  * [7665652] Use git-subtree to generate pigeonhole patch from git; add
+    single-debian-patch to d/source/local-options
+  * [bfa0f10] d/rules: specify libdir manually; previous upload moved modules
+    under /usr/lib/<triplet>, which was bound to break existing setups
+  * [982e826] d/copyright: adjust pigeonhole path and bump years
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 22 Mar 2018 16:56:40 +0200
+
+dovecot (1:2.2.35-1) unstable; urgency=medium
+
+  * [8108cba] New upstream version 2.2.35
+  * [6cbbaa1] Update pigeonhole to 0.4.23 (Closes: #892137)
+  * [9ace5f2] Switch Vcs-* URLs to salsa.d.o
+  * [ef40625] d/rules: call configure via dh_auto_configure.
+    Thanks to Helmut Grohne (Closes: #885854)
+  * [a459455] Drop B-D on libcurl4-gnutls-dev; removed upstream since 2.2
+  * [235af9d] Update upstream signing key
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 20 Mar 2018 11:15:42 +0200
+
+dovecot (1:2.2.34-2) unstable; urgency=high
+
+  * [868dc65] Update pigeonhole to 0.4.22
+  * Set urgency to high due to the security fixes in 2.2.34-1
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Fri, 02 Mar 2018 18:36:23 +0200
+
+dovecot (1:2.2.34-1) unstable; urgency=medium
+
+  * [f53dc9a] New upstream version 2.2.34 (Closes: #921529)
+    Fixes the following security issues:
+     + CVE-2017-15130: TLS SNI config lookups may lead to excessive memory
+       usage (Closes: #891820)
+     + CVE-2017-14461: rfc822_parse_domain information leak vulnerability
+       (Closes: #891819)
+     + CVE-2017-15132: auth client leaks memory if SASL authentication is
+       aborted (Closes: #888432)
+  * [0dc98c6] Do not patch all-settings.c; regenerate it at build time
+    instead. Thanks to Aki Tuomi!
+  * [e678e3b] Bump dh compat to 11
+     + B-D on debhelper (>= 11~)
+     + Use dh_installsystemd instead of dh_systemd_enable
+  * [271b290] Bump Standards-Version to 4.1.3; no changes needed
+  * [3cd6715] d/copyright: bump upstream and debian years
+  * [380d1ac] Drop the ENABLED flag from /etc/default/dovecot (but let the
+    initscript handle it if it exists)
+  * [97d6fae] d/watch: switch upstream URL to https://
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 01 Mar 2018 10:55:49 +0200
+
+dovecot (1:2.2.33.2-1) unstable; urgency=medium
+
+  * [8216f38] New upstream version 2.2.33.2
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Sat, 11 Nov 2017 20:59:43 +0200
+
+dovecot (1:2.2.33.1-1) unstable; urgency=medium
+
+  * [dbd1132] New upstream version 2.2.33.1
+    + [b3d1f2d] Refresh split-protocols.patch
+    + [e0de123] Update pigeonhole to 0.4.21
+  * [ef6a1eb] Set mail_privileged_group to 'mail' by default (Closes: #711856)
+  * [aeb6cf3] d/copyright: convert to Format 1.0
+  * [5961f9d] Use dh-autoreconf for both, dovecot and pigeonhole.
+  * [85f1f0f] Bump Standards to 4.1.1; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Fri, 13 Oct 2017 16:28:14 +0300
+
+dovecot (1:2.2.32-2) unstable; urgency=medium
+
+  * [fa71c69] dovecot-core.postinst: remove dovecot-common's postrm
+    (Closes: #696382)
+  * [e835c67] Ship decode2text.sh as an example (Closes: #767313)
+  * [63fb486] Deprecate dovecot-dbg in favor of auto dbgsyms
+  * [36b44b9] Handle unsupported SSLv2/SSLv3 in the ssl_protocols setting
+    gracefully (Closes: #866752)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 19 Sep 2017 16:59:38 +0300
+
+dovecot (1:2.2.32-1) unstable; urgency=medium
+
+  * [6652d9c] New upstream version 2.2.32.
+  * [c9cb096] Update pigeonhole to 0.4.20.
+  * [b499950] dovecot-core: remove SSL key/cert symlinks on purge
+    (Closes: #867157)
+  * [dbdcc66] dovecot-core.postinst: ignore adduser errors (Closes: #867849)
+  * [476c950] Bump Standards to 4.1.0; no changes needed.
+  * [2914efa] Drop B-D on autotools-dev, it is depended on by debhelper 10.
+  * [305d022] Remove Fabio, Joel and Marco from Uploaders. Thanks for your work!
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 12 Sep 2017 16:15:52 +0300
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+  * [9b058f3] New upstream version 2.2.31
+    + [2b577c1] Bump pigeonhole version to 0.4.19
+  * Enable TLS by default:
+    + [7ca4b1c] Update SSL cert location patch; cert/key should reside under
+      /etc/dovecot/private by default.
+    + [05d3d0f] Use ssl-cert-snakeoil certificates to setup SSL by default
+      (Closes: #376146, #786570)
+    + [862901f] dovecot-core.postinst: manage 10-ssl.conf using ucf
+      (Closes: #850538)
+    + [418df05] README.Debian: document the new TLS setup
+    + [47bade9] dovecot-core.NEWS: document TLS support
+  * [8356bc0] Handle /etc/dovecot/private mode using dpkg-statoverride
+  * dovecot-core.postinst: cleanup
+    + [afbd33f] dovecot-core.postinst: always call adduser
+    + [ee22dc5] dovecot-core.postinst: remove obsolete conffile handling
+    + [7bb298b] dovecot-core.postinst: do not remove the imapd user/group
+  * [815a2d1] README.Debian: cleanup
+  * [91115a3] Use noawait dpkg triggers (lintian warning)
+  * [e845cec] Add basic usage DEP-8 test, doing end-to-end tests involving
+    LDA, IMAP and POP3.
+  * [71c73ef] systemd: convert service to Type=simple and start after
+    network-online.target (Closes: #865546, #825562)
+  * [1534fac] dovecot.service: enable ProtectSystem=full
+  * [d276c69] B-D only on default-libmysqlclient-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 27 Jun 2017 18:18:12 +0300
+
+dovecot (1:2.2.30.2-1) unstable; urgency=medium
+
+  * [401e83d] New upstream version 2.2.30.2
+  * [1ea8321] Bump pigeonhole version to 0.4.18
+  * [97bf8ec] Drop CVE-2017-2669 patch
+  * [9c1bbe2] Drop fix-sha3-on-big-endian.patch
+  * [d3c607b] Refresh dovecot_name.patch
+  * [5c64268] Bump Standards to 4.0.0; no changes needed
+  * [0b884fc] Bump compat to 10
+    + B-D on debhelper (>= 10)
+    + Drop B-D on dh-systemd, now provided by debhelper
+    + Run dh --without=autoreconf, since we use autotools-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 22 Jun 2017 22:22:59 +0300
+
+dovecot (1:2.2.27-3) unstable; urgency=high
+
+  * [117285a] Remove /etc/dovecot/README (Closes: #849290)
+  * [04e8ce3] auth: Do not double-expand key in passdb dict when
+    authenticating (CVE-2017-2669) (Closes: #860049)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 11 Apr 2017 00:46:54 +0300
+
+dovecot (1:2.2.27-2) unstable; urgency=medium
+
+  * [30586e3] Fix SHA3 on big-endian architectures.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 15 Dec 2016 22:24:56 +0200
+
+dovecot (1:2.2.27-1) unstable; urgency=medium
+
+  [ Jaldhar H. Vyas ]
+  * [b1e4693] Imported Upstream version 2.2.27
+    + Includes fix for CVE-2016-8652 (Closes: #846605)
+
+  [ Apollon Oikonomopoulos ]
+  * [b25993a] Drop patches merged upstream:
+    + call_openssl_cleanup_at_deinit.patch
+    + disable_sslv23.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Wed, 14 Dec 2016 21:48:46 +0200
+
+dovecot (1:2.2.26.0-4) unstable; urgency=medium
+
+  * [3015f35] Drop references to SSLv2 in the default SSL protocols (Closes: #844271)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Mon, 14 Nov 2016 17:55:26 +0200
+
+dovecot (1:2.2.26.0-3) unstable; urgency=medium
+
+  * [b03027b] Call OPENSSL_cleanup() on dcrypt_openssl unload. Fixes FTBFS
+    with OpenSSL 1.1.0c.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Sun, 13 Nov 2016 10:56:30 +0200
+
+dovecot (1:2.2.26.0-2) unstable; urgency=medium
+
+  * [9db7d1b] Fix upgrades from 2.2.25 (Closes: #843028)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 08 Nov 2016 15:06:16 +0200
+
+dovecot (1:2.2.26.0-1) unstable; urgency=medium
+
+  [ Apollon Oikonomopoulos ]
+  * [18fc181] New upstream version 2.2.26.0 (Closes: #828286, #834837)
+  * [3ecfd3c] Update pigeonhole to 0.4.16
+  * [61ff825] Move libdovecot-ldap and libdict_ldap to dovecot-ldap (Closes:
+    #830135).
+  * [b3a1650] Ubuntu: disable -Bsymbolic-functions ld flag.
+    Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+    (Closes: #842151) (LP: #1636781)
+  * [5828ab1] B-D on default-libmysqlclient-dev (but keep plain
+    libmysqlclient-dev as an alternative to ease backports).
+  * [0086110] Drop DRAC plugin.
+    Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+    (Closes: #842153)
+
+  [ Jaldhar H. Vyas ]
+  * [60808eb] Move aclocal *.m4 files into -dev package.
+  * [52fd869] Move lib95_imap_sieve_plugin.so into dovecot-sieve (Closes:
+    #832046).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 07 Jul 2016 10:17:58 +0200
+
+dovecot (1:2.2.25-1) unstable; urgency=medium
+
+  * [cc29a81] Imported Upstream version 2.2.25
+  * [d19bcca] Updated pigeonhole patch to 0.4.14
+  * [16db179] Merged in some features of the Ubuntu dovecot package.
+    + dovecot-core: added lsb-base dependency.
+    + dovecot-core: Added apport hook.
+    + dovecot-imapd,dovecot-pop3d: Added ufw profiles.
+    Thanks to Christian Erhardt <christian.ehrhardt@canonical.com>
+    (Closes: #828864)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 01 Jul 2016 17:07:03 -0400
+
+dovecot (1:2.2.24-1) unstable; urgency=medium
+
+  * [26020b6] Imported Upstream version 2.2.24 (Closes: #818652)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Mon, 09 May 2016 10:42:08 +0300
+
+dovecot (1:2.2.23-1) unstable; urgency=medium
+
+  [ Jaldhar H. Vyas ]
+  * Drop missing-expunges.patch, merged upstream
+
+  [ Apollon Oikonomopoulos ]
+  * [8a01915] Imported Upstream version 2.2.23
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 12 Apr 2016 17:30:03 +0300
+
+dovecot (1:2.2.22-1) unstable; urgency=medium
+
+  [ Jaldhar H. Vyas ]
+  * [2321581] Imported Upstream version 2.2.22
+  * [3fa8a62] Updated pigeonhole patch to 0.4.13
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 18 Mar 2016 19:18:34 -0400
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+  [ Jaldhar H. Vyas ]
+  * [d9c0630] Imported Upstream version 2.2.21 (Closes: #809666, #708539,
+    #801346, 803223)
+  * [5360548] Updated pigeonhole patch to 0.4.12
+  * [5e6783f] Fixed typo in dovecot-core.README.Debian.
+    Thanks to Ingo Wichmann <iw-debian@linuxhotel.de> (Closes: #809717)
+  * [d00d0c7] Create /var/lib/dovecot in the package. (Closes: #801752)
+  * [6510373] Upstream patch for sync problem which could cause expunged
+    messages to keep reappearing. (Closes: #684499)
+  * [040f7fa] dovecot-core: dovecot.socket not enabled on installation
+    (Closes: #814999)
+  * [fc29003] /etc/dovecot/10-ssl.conf no longer managed by ucf or modified by
+    postinst. Thanks to Santiago Vila <sanvila@unex.es> (Closes: #773237)
+  * [0d16e16] Fixed some lintian warnings.
+  * [801ba7e] Added Apollon to uploaders
+
+  [ Apollon Oikonomopoulos ]
+  * [99ef3d8] Build with lz4 support (Closes: #784321)
+  * [92f68aa] Fix nss userdb (Closes: #712764)
+  * [41b9bde] Disable dovecot.socket in existing installations.
+  * [49c5b97] d/rules: specify systemd unit dir manually (Closes: #720854)
+  * [a377ccb] Convert to dh sequencer
+  * [48af954] B-D on debhelper >= 9
+  * [591c315] Bump standards to 3.9.7; no changes needed
+  * [ceb629e] Use dh_installinit --name
+  * [ef8d8ac] d/rules: refactor file installation
+  * [a899bcc] dovecot-core: use dh_installman
+  * [6159e00] d/rules: build in parallel if requested
+  * [51014e6] d/control: use HTTPS Vcs-* URLs
+  * [b385cf5] dovecot-sieve: replace Conflicts with Breaks
+  * [b4a9e68] Add basic DEP-8 tests
+  * [7452649] Add DEP-8 tests for systemd support
+  * [e5101aa] Re-enable PIE and bindnow
+  * [5717808] Fix invoke-rc.d calls and never call init.d directly
+  * [3504241] Drop debconf remains
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 01 Mar 2016 19:31:42 -0500
+
+dovecot (1:2.2.20-1) UNRELEASED; urgency=medium
+
+  * [68d5038] Imported Upstream version 2.2.20
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 13 Dec 2015 10:21:21 -0500
+
+dovecot (1:2.2.19-1) UNRELEASED; urgency=medium
+
+  * [146ef57] Imported Upstream version 2.2.19
+  * [3af7cad] Updated pigeonhole patch to 0.4.9
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 13 Dec 2015 09:41:56 -0500
+
+dovecot (1:2.2.18-2) unstable; urgency=high
+
+  * [3f3bf71] Updated pigeonhole patch to 0.4.8 (Closes: #792669)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 23 Aug 2015 23:16:28 -0400
+
+dovecot (1:2.2.18-1) unstable; urgency=medium
+
+  * [cce20a5] Imported Upstream version 2.2.18. Closes: #786760
+  * [36d2ec1] Refresh patch dovecot_name.patch.
+  * [109e6f8] Drop patch cve-2015-3420.patch: applied upstream.
+  * [6c59f09] Depend on krb5-multidev rather than libkrb5-dev.
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sun, 24 May 2015 15:01:19 +0000
+
+dovecot (1:2.2.16-1) unstable; urgency=medium
+
+  * [e9d9193] Imported Upstream version 2.2.16
+  * [976c256] Remove gbp- prefix from section names in debian/gbp.conf.
+  * [762b9a6] Add Dutch translation. Thanks, Frans Spiesschaert. Closes: #766203
+  * [dea3dd6] Drop bye_logout_not_sent.patch: already included upstream.
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Mon, 04 May 2015 12:23:05 +0000
+
+dovecot (1:2.2.13-12) unstable; urgency=high
+
+  * [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
+    leading to a crash of the login process with newer versions of OpenSSL.
+    Closes: #783649 (CVE-2015-3420)
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Mon, 04 May 2015 11:38:30 +0000
+
+dovecot (1:2.2.13-11) unstable; urgency=high
+
+  * [ebc0377] Don't allow install of dovecot-sieve without a new enough
+    dovecot-core. (Closes: #772885)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 14 Dec 2014 12:27:50 -0500
+
+dovecot (1:2.2.13-10) unstable; urgency=high
+
+  [ Jelmer Vernooij ]
+  * [93db7f0] Fix path to 90-sieve-extprograms.conf in dovecot-sieve.postinst.
+    Closes: #772703, #772711
+
+  [ Jaldhar H. Vyas ]
+  * [8c627a4] Add another db_stop this time for triggers.  Die #770695 die!
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 10 Dec 2014 19:56:20 -0500
+
+dovecot (1:2.2.13-9) unstable; urgency=high
+
+  * [5b689f6] Made some overlooked configuration files into conffiles;
+    deleted excess files from /usr/share/doc/dovecot-core.
+  * [83f2fc4] Explicitly stop debconf in dovecot-core postinst which hopefully
+    fixes the last of the install hangs.
+    Thanks to Chris Gilbert <zeke.gilbert@gmail.com> (Closes: #770695)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 09 Dec 2014 06:17:23 -0500
+
+dovecot (1:2.2.13-8) unstable; urgency=medium
+
+  * [b2f652f] Turn off SSL by default and leave SSL cert locations commented
+    out. Hopefully this will be a satisfactory lowest common denominator for
+    new installs without messing with upgrades.
+    (Closes: #771334, #771407)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 02 Dec 2014 00:21:30 -0500
+
+dovecot (1:2.2.13-7) unstable; urgency=high
+
+  * [daea09a] Commented out cert locations so install doesn't bomb if the
+    certs haven't been created yet.
+    (Closes: #706216, #732263, #767154, #768253, #769461, #770697)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 28 Nov 2014 00:27:03 -0500
+
+dovecot (1:2.2.13-6) unstable; urgency=medium
+
+  * [f7205c0] dovecot-dev: removed dependency on dovecot-core
+  * [e393868] Removed SSL certificate generation from postinst.  From now on
+    you have to do this yourself.  See dovecot-core's README.debian for
+    instructions. (Closes: #730828)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 25 Oct 2014 23:31:42 -0400
+
+dovecot (1:2.2.13-5) unstable; urgency=medium
+
+  * Fix name of organizationName field in SSL configuration for self-
+    signed certs. Closes: #760653
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sat, 06 Sep 2014 23:19:51 +0200
+
+dovecot (1:2.2.13-4) unstable; urgency=medium
+
+  * Add Provides with dovecot ABI version, for plugins to depend on.
+    Closes: #456021
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sun, 20 Jul 2014 19:31:09 +0200
+
+dovecot (1:2.2.13-3) unstable; urgency=medium
+
+  * Build-depend on clucene 2.3 or later, which upstream lists as the
+    minimum version. Closes: #754141
+  * Use configuration file for openssl certificate configuration.
+  * Use canonical address for Vcs-Browser header.
+  * Remove unnecessary asterisk from NEWS entry; fixes lintian warning.
+  * Remove unused lintian override for usr/lib/dovecot/imap.
+  * dovecot-core: Ignore lintian warnings for empty directories.
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Tue, 08 Jul 2014 01:48:08 +0200
+
+dovecot (1:2.2.13-2) unstable; urgency=medium
+
+  * [bd5e34b] Patches from upstreams' hg repo to fix BYE and LOGOUT not being
+    sent. (Closes: #751682)
+  * [452e336] Czech translation for debconf.
+    Thanks to Michal Šimůnek (Closes: #751389)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 25 Jun 2014 01:38:59 -0400
+
+dovecot (1:2.2.13-1) unstable; urgency=medium
+
+  * [0680040] Imported Upstream version 2.2.13
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sun, 25 May 2014 18:45:38 +0200
+
+dovecot (1:2.2.13~rc1-1) unstable; urgency=medium
+
+  * [7751508] Imported Upstream version 2.2.13~rc1
+    + Fixes denial of service vulnerability (CVE-2014-3430). Closes: #747549
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sat, 10 May 2014 14:34:14 +0200
+
+dovecot (1:2.2.12-3) unstable; urgency=medium
+
+  * [0383db0] Break long line.
+  * [c961b6a] Fix installation of sieve plugins. Closes: #742770, #684271
+  * [388d2bf] Strip body.rfc5173.txt from the pigeonhole patch, as it is
+    non-free. Closes: #745398
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Wed, 23 Apr 2014 02:56:56 +0200
+
+dovecot (1:2.2.12-2) unstable; urgency=medium
+
+  * [c882a38] Add build dependencies libstemmer-dev and libexttextcat-dev,
+    used by dovecot-lucene.
+  * [67762d4] Use autotools-dev to update config.guess and config.sub.
+  * [33e79b7] Update Japenese po file. Thanks, victory. Closes: #730171
+  * [cbf213b] Add non-standard-dir-perm override for /etc/dovecot/private.
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Sun, 23 Mar 2014 17:57:04 +0000
+
+dovecot (1:2.2.12-1) experimental; urgency=medium
+
+  * [52b67de] Update watch file for 2.2 series.
+  * [c4eac1f] Verify upstream tarball signature in watch file.
+  * [3a81ff9] Imported Upstream version 2.2.12
+  * [8950a86] Bump standards version to 3.9.5 (no changes).
+  * [cd82417] Add myself to uploaders.
+
+ -- Jelmer Vernooij <jelmer@debian.org>  Thu, 06 Mar 2014 22:45:19 +0000
+
+dovecot (1:2.2.10-1) unstable; urgency=low
+
+  * [0496c52] Imported Upstream version 2.2.10
+  * [515dd61] Added new package for Lucene full text search support.
+    Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+    (Closes: #685979)
+  * [718a68e] Fix old private key location in README.Debian.
+    Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+    (Closes: #702385)
+  * [42da568] dovecot-solr: Make sure solr-schema.xml gets installed.
+    (In /usr/share/dovecot)
+    (Closes: #695185)
+  * [77acbf7] Added /usr/share/dovecot/dovecot-abi file in dovecot-dev to
+    document -- you guessed it! -- the dovecot ABI version.
+  * [feb597a] Added support for xz compression.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 06 Mar 2014 02:51:34 -0500
+
+dovecot (1:2.2.9-1) unstable; urgency=low
+
+  [ Jaldhar H. Vyas ]
+  * [77468cf] Imported Upstream version 2.2.9
+  * [43e08f3] Place dovenull user in its own group. (Closes: #725164)
+  * [e1a3e9c] Handled the fact that dovecot-db.conf.ext is no longer used.
+    (Closes: #728107, #730403)
+
+  [Debconf translation updates]
+  * Russian (Yuri Kozlov).  (Closes: #729106)
+  * German (Chris Leick).  (Closes: #729358)
+  * Danish (Joe Hansen).  (Closes: #729425)
+  * French (Julien Patriarca).  (Closes: #729966)
+  * Portuguese (Américo Monteiro).  (Closes: #730006)
+  * Polish (Michał Kułach).  (Closes: #730061)
+  * Italian (Beatrice Torracca).  (Closes: #730136)
+  * Japanese (victory).  (Closes: #73017)
+  * Swedish (Martin Bagge / brother).  (Closes: #730188)
+  * Spanish; (Camaleón).  (Closes: #730354)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 16 Jan 2014 15:42:13 -0500
+
+dovecot (1:2.2.8-1) UNRELEASED; urgency=low
+
+  * [6157a2b] New upstream version 2.2.8
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 21 Nov 2013 16:54:46 -0500
+
+dovecot (1:2.2.5-1) experimental; urgency=low
+  [ Micah Anderson ]
+  * [a0035bf] New upstream version 2.2.5
+  * [a053c49] Update pigeonhole patch to 0.4.1
+  * [689cd67] refreshed patches
+
+  [ Jaldhar H. Vyas ]
+  * Caused bugs and then fixed them again.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 09 Sep 2013 00:57:32 -0400
+
+dovecot (1:2.1.17-2) unstable; urgency=low
+
+  * [e8286e0] New version of drac patch taken from Ubuntu which works better
+    with 2.x (Closes: #716764)
+  * [23acb40] Add a patch from Ubuntu to report the distro name in the login
+    banner why not.
+  * [f8d566e] Don't need dovecot-common package anymore; get rid of it.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 07 Sep 2013 14:58:05 -0400
+
+dovecot (1:2.1.17-1) experimental; urgency=low
+
+  [ Jaldhar H. Vyas ]
+  * [fa0d6aa] Re-enable mbox write locking patch to comply with policy 11.6
+    (Closes: #720502)
+  * [38691fb] New upstream version (Closes: #719021)
+  * [1361144] prompts in dovecot-core postinst debconfiscated.
+  * IN MEMORIAM: Goldy the Goldfish (2000-2013)  You were a prince (or
+    perhaps princess?) among fish and we shall all miss you dearly.
+    May your karmas merit much punya in future lives.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 23 Aug 2013 01:46:20 -0400
+
+dovecot (1:2.1.16-1) experimental; urgency=low
+
+  * [9741bd8] New Upstream version
+  * [3476489] Updated pigeonhole patch to 0.3.5
+  * [d4f236f] Removed some patches which are no longer required.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 14 Jun 2013 16:25:19 -0400
+
+dovecot (1:2.1.7-8) experimental; urgency=low
+
+  * This version is not actually intended for upload.  It merely undoes
+    some changes made for the the wheezy release.  Namely, the following
+    features are back:
+    - TCP Wrappers support
+    - Hurd compatibility support
+    - Triggers.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 13 Jun 2013 16:14:21 -0400
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+  * If you are upgrading from stable or earlier versions of this package
+    from testing/unstable please carefully read
+    /usr/share/doc/dovecot-core/README.Debian.gz for important information
+    about changes.
+  * [0d74b31] Move Breaks/Replaces mailavenger from dovecot-common to
+    dovecot-core (Closes: #694376)
+  * [a8030a1] Revamped dovecot-cores README.Debian by adding any info I could
+    think of in order to ease upgrade problems. (Closes: #696820)
+  * [04798d3] Don't touch 10-ssl.conf at all.  Eventually I will DTRT with
+    regards to the default generated ssl certificates but in the mean time
+    this will do the least mischief.  (Closes: #696817)
+  * [fde17d1] Patch to make /etc/dovecot/readme point to the right place for
+    the example configuration.  (Closes: #698941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.1.7-6) unstable; urgency=high
+
+  * WARNING: in order to get this package into wheezy some functionality
+    from the previous release had to be removed.  Namely:
+    - TCP Wrappers support
+    - Hurd compatibility support
+    - Triggers
+    All this will be coming back in the next version but for now, if you need
+    any of it, stick with -5.
+  * [1f869e0] NEWS.Debian was not getting added to the package (Closes: #693621)
+  * [564c5e2] Add breaks and replaces mailavenger for debian-common
+    (Closes: #694376)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 14 Dec 2012 17:01:33 -0500
+
+dovecot (1:2.1.7-5) unstable; urgency=high
+
+  * [132bc3b] Remove call to ntp-wait in init script.  Dovecot handles a
+    skewed clock much better now.  (Closes: #693225)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 14 Nov 2012 14:45:29 -0500
+
+dovecot (1:2.1.7-4) unstable; urgency=high
+
+  * [68ef7ad] piuparts complained /etc/dovecot/private was left unowned on
+    purge which is against policy (Closes: #692944)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 11 Nov 2012 23:45:07 -0500
+
+dovecot (1:2.1.7-3) unstable; urgency=high
+
+  [ Jaldhar H. Vyas ]
+  * [03d5499] Do not generate new dovecot cert if key or cert is already
+    present (Closes: #685896,#631257) Thanks to Alexander Ufimtsev
+    <alexu@ucd.ie> and Jörg-Volker Peetz <jvpeetz@web.de> for patches.
+  * [5be6c2a] You should be able to upgrade and remove dovecot-managesieved
+    without errors (Closes: #665487)
+  * [1a9ad5c] Fixes instances where UTF-8 was misused instead of mUTF-7
+    (Closes: #680035)
+  * [c0ac3ba] Backport of fix for failure to autocreate mailboxes
+    (Closes: #623440) This also requires setting the default mail_location.
+  * [ba1d3f5] Fix FTBS on Hurd (Closes: #686931) via upstream patch backported
+    from mercurial.
+  * [cfa92b5] Upgrade pigeonhole page to 0.3.1 (Closes: #688407)
+  * [58f01c2] Generated certificates will now be created in /etc/dovecot
+    (Closes: #608719)
+  * [8e40ea5] Patch to build with PIE and bindnow
+    by intrigeri@debian.org (Closes: #679017)
+  * [87d982b] Use libwrap (Closes: #685850)
+  * [ebb5421] Start after nslcd (Closes: #692632)
+  * [2db5c1a] Add support for dpkg triggers.  This means dovecot will not be
+    repeatedly restarted when installing or removing lots of plugins
+    (Closes: #601744)
+  * [bc66629] Patch to document -k in dsync.1
+    by Luca Capello <luca@pca.it> (Closes: #680992)
+  * [ba67766] Add lintian overrides.
+
+  [ Marco Nenciarini ]
+  * [ffba408] Updated watch file
+  * [9777434] Install missing default configuration files from upstream
+  * [9496828] Backport fix for segfault in managesieve triggered by
+    CHECKSCRIPT command. (Closes: #688197)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 10 Nov 2012 03:50:30 -0500
+
+dovecot (1:2.1.7-2) unstable; urgency=low
+
+  * [e23a136] Just a quick upload to make dovecot buildable on non-linux
+    platforms again. (Closes: #676817) I did it by removing the systemd
+    build-dep altogether.  sd-daemon.[ch] is included in the source so if
+    systemd is installed on a system, it should be detected and socket
+    activation should happen.  That is, assuming I've got everything right
+    (and documented) which is something I'll be looking into for the next
+    version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 21 Jun 2012 23:54:47 -0400
+
+dovecot (1:2.1.7-1) unstable; urgency=low
+
+  * [7668742] Imported upstream 2.1.7 (Closes: #663243)
+              + doveadm.1 documents the move command. (Closes: #641750)
+  * [4db927a] Patch to enable systemd support.  (Closes: #672266)
+              Thanks Riku Voipio.
+  * [e17ac86] Previous attempt at setting hardening flags did not include the
+              drac plugin.  Simon Ruderich provided an extra patch.
+              (Closes: #653530)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 30 May 2012 16:27:21 -0400
+
+dovecot (1:2.1.4-1) experimental; urgency=low
+
+  * [6cc1e7d] Imported upstream 2.1.4
+
+ -- Micah Anderson <micah@debian.org>  Tue, 10 Apr 2012 11:33:05 -0400
+
+dovecot (1:2.1.3-1) experimental; urgency=low
+
+  * [49ecc33] Imported upstream 2.1.3
+
+ -- Micah Anderson <micah@debian.org>  Fri, 16 Mar 2012 22:04:46 -0400
+
+dovecot (1:2.1.2-1) experimental; urgency=low
+
+  * [70c3f6e] Imported upstream 2.1.2
+  * Add missing dependency on dpkg-dev 1.16.1
+
+ -- Micah Anderson <micah@debian.org>  Thu, 15 Mar 2012 20:26:35 -0400
+
+dovecot (1:2.1.1-1) experimental; urgency=low
+
+  * [e113636] Imported upstream 2.1.1
+  * Updated pigeonhole patch to 0.3.0, supporting 2.1
+
+ -- Micah Anderson <micah@debian.org>  Tue, 13 Mar 2012 23:08:06 -0400
+
+dovecot (1:2.0.18-1) unstable; urgency=low
+
+  * [85ae320] Imported Upstream version 2.0.18
+  * [9cfd1da] Upped standards version to 3.9.3
+  * [afb4164] Patch to dovecot-core/postinst so that permissions of symlinked
+    certificates aren't modified. (Closes: #646508)
+    Thanks Michael Kuhn.
+  * [bf642ee] Patch to enable hardened build flags.  (Closes: #653530)
+    Thanks Moritz Muehlenhoff.
+  * [00b0d0c] Updated pigeonhole to 0.2.6
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 09 Mar 2012 00:55:13 -0500
+
+dovecot (1:2.0.15-1) unstable; urgency=low
+
+  * [a22575a] New upstream version 2.0.15: (Closes: #642045)
+      + doveadm altmove: Added -r parameter to move mails back to primary
+        storage.
+      - v2.0.14: Index reading could have eaten a lot of memory in some
+        situations
+      - doveadm index no longer affects future caching decisions
+      - mbox: Fixed crash during mail delivery when mailbox didn't yet have
+        GUID assigned to it.
+      - zlib+mbox: Fetching last message from compressed mailboxes crashed.
+      - lib-sql: Fixed load balancing and error
+  * [8ce5abc] Update pigeonhole to release 0.2.4
+  * [87658d2] Add dovecot-solr to dovecot-core's Suggests line.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 19 Sep 2011 19:26:48 +0200
+
+dovecot (1:2.0.14-3) unstable; urgency=low
+
+  * [f37a9ec] Enable solr full text search plugin. (LP: #620959)
+  * [cdd8b84] Build dovecot-common as architecture-all package.
+  * [af90444] Fix mail_plugin_dir default value in conf.d/10-mail.conf
+    (Closes: #624294)
+  * [61347cb] Bump debhelper build-depends to (>= 7.2.3~) because we use
+    dh_bugfiles.
+  * [4b757b6] Fix wrong configuration files path in sieve manpages.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Fri, 16 Sep 2011 02:26:21 +0200
+
+dovecot (1:2.0.14-2) unstable; urgency=low
+
+  [ Marco Nenciarini ]
+  * [a6896d6] Rename dovecot-common to dovecot-core. (Closes: #624835)
+  * [c36ca96] Manage protocols during package configuration and
+    deconfiguration phases.
+  * [599b55b] Update pigeonhole to release 0.2.3.
+  * [c654db0] Add a bug-script which will append doveconf -n output to bug
+    reports.
+  * [5270323] Add notes about upgrading from 1.2 to README.Debian.
+    (Closes: #635351)
+  * [5cd77a3] Add build-arch and build-indep target to debian/rules as
+    required by lintian.
+  * [be05d2a] Avoid ucf question when upgrading from squeeze and the only
+    difference in dovecot.conf is at the "protocols" line.
+  * [3c73782] Remove ucf backups during purge.
+  * [3ccf508] Make /etc/dovecot/*.ext readable by dovecot group members.
+    (Closes: #639005)
+  * [665bcc5] Use -c ${CONF} when calling doveconf to determine PIDBASE.
+    Thanks to Jonathan Hall (Closes: #627794)
+  * [325042c] Purge obsolete unmodified config files from /etc.
+    (Closes: #629397)
+  * [a9b9afb] Modified init script to report failures. (Closes: #629654)
+  * [d4622fd] Make dovecot-core suggesting all other packages containing
+    additional features.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Thu, 15 Sep 2011 19:43:55 +0200
+
+dovecot (1:2.0.14-1) unstable; urgency=low
+
+  * [50a947e] New upstream version 2.0.14: (Closes: #640143)
+      + doveadm: Added support for running mail commands by proxying to
+        another doveadm server.
+      + Added "doveadm proxy list" and "doveadm proxy kick" commands to
+        list/kick proxy connections (via a new "ipc" service).
+      + Added "doveadm director move" to assign user from one server to
+        another, killing any existing connections.
+      + Added "doveadm director ring status" command.
+      + userdb extra fields can now return name+=value to append to an
+        existing name, e.g. "mail_plugins+= quota".
+      - script-login attempted an unnecessary config lookup, which usually
+        failed with "Permission denied".
+      - lmtp: Fixed parsing quoted strings with spaces as local-part for
+        MAIL FROM and RCPT TO.
+      - imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
+        returned all data sometimes.
+      - ldap: Fixed random assert-crashing with with sasl_bind=yes.
+      - Fixes to handling mail chroots
+      - Fixed renaming mailboxes under different parent with FS layout when
+        using separate ALT, INDEX or CONTROL paths.
+      - zlib: Fixed reading concatenated .gz files.
+  * [0297425] Use xz compression for dbg packages.
+  * [4464ccf] Support parallel builds in debian/rules
+  * [19667f0] Acknowledge NMU 1:2.0.13-1.1.
+    Thanks to Luk Claes
+
+ -- Marco Nenciarini <mnencia@debian.org>  Tue, 06 Sep 2011 23:18:46 +0200
+
+dovecot (1:2.0.13-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Don't ship .la files (Closes: #621297).
+
+ -- Luk Claes <luk@debian.org>  Sat, 18 Jun 2011 12:31:28 +0200
+
+dovecot (1:2.0.13-1) unstable; urgency=high
+
+  [ Marco Nenciarini ]
+  * [8af9e4d] New upstream version 2.0.13:
+      + Added "doveadm index" command to add unindexed messages into
+        index/cache. If full text search is enabled, it also adds unindexed
+        messages to the fts database.
+      + added "doveadm director dump" command.
+      + pop3: Added support for showing messages in "POP3 order", which can
+        be different from IMAP message order. This can be useful for
+        migrations from other servers. Implemented it for Maildir as 'O'
+        field in dovecot-uidlist.
+      - doveconf: Fixed a wrong "subsection has ssl=yes" warning.
+      - mdbox purge: Fixed wrong warning about corrupted extrefs.
+      - sdbox: INBOX GUID changed when INBOX was autocreated, leading to
+        trouble with dsync.
+      - script-login binary wasn't actually dropping privileges to the
+        user/group/chroot specified by its service settings.
+      - Fixed potential crashes and other problems when parsing header names
+        that contained NUL characters. (CVE-2011-1929)
+    (Closes: #627443)
+
+ -- Marco Nenciarini <mnencia@debian.org>  Sat, 21 May 2011 23:58:06 +0200
+
+dovecot (1:2.0.12-1) unstable; urgency=low
+
+  [ Jaldhar H. Vyas ]
+  * [66cbb94] New upstream major release.  Imported Upstream version 2.0.12
+  * [a48c7fd] Updated standards version
+
+  [ Marco Nenciarini ]
+  * [5c6b334] Updated watch file
+  * [0ba683e] Updated init script to new configuration scheme. (Closes: #593527)
+  * [8370be4] Fix upgrading from rename-it.nl packages
+  * [ae804e3] Update changelog
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 25 Apr 2011 17:03:26 -0400
+
+dovecot (1:2.0.11-1) experimental; urgency=low
+
+  * [a4764a4] New upstream major release (Closes: #573889, #580929,
+    #597476, #603951, #606089, #606646, #606649, #608075, #612369, #610919)
+  * [461f667] Updated copyright and package descriptions. Thanks Stephan
+    Bosch.
+  * [7fbd92a] Drop all patches but drac support. Update pigeonhole to
+    release 0.2.1
+  * [05a5a1e] Update debian/rules to work with dovecot 2.0. Thanks
+    Stephan Bosch.
+  * [a36193e] Update debian/dovecot-common.{postinst,postrm} to handle
+    the new config file layout. Thanks Stephan Bosch.
+  * [3589afd] Remove debian/dovecot.1 manpage because is provided by
+    upstream.
+  * [f1703e1] Remove debian/dovecotpw.1 manpage as there is no dovecotpw
+    executable in dovecot 2.0. Same feature is provided through 'doveadm
+    pw' command.
+  * [e30283d] Remove expire-tool.sh wrapper as there is no expire-tool
+    in dovecot 2.0. Same feature is provided through 'doveadm expunge'
+    command.
+  * [3385061] Remove daily cron script and the related configuration
+    from the default file.
+  * [bec19a0] Update debian/dovecot-common.NEWS.Debian with upgrading
+    instructions
+  * [1e56f1c] Call dh_makeshlibs with --no-script option to avoid
+    {postinst,postrm}-has-useless-call-to-ldconfig lintian errors.
+  * [325f055] Disable numbers in patches (requires git-buildpackage >=0.5.13)
+  * [74d6ebe] Added debian/source/local-options with "unapply-patches".
+  * [0edef17] Set default protocols value as empty and enable each
+    protocol in its own configuration file in
+    /usr/share/dovecot/protocols.d (LP: #661453)
+  * [e88860c] Removed code about upgrading from pre-etch packages.
+  * [95c5d47] Removed obsolete Build-Conflict (Closes: #614053)
+  * [41dddf4] Move configurations for imapd and pop3d to the appropriate
+    packages. (Closes: #606648)
+  * [b8b66dc] Removed obsolete README.Debian and NEWS.Debian from
+    dovecot-pop3d and dovecot-imapd packages
+  * [0bda8ac] Added packages dovecot-lmtpd and dovecot-managesieved.
+  * [9a954f1] Build databases, ldap and gssapi support as plugins
+  * [1a3f323] Deregister obsolete configuration files from ucf in
+    dovecot-common postinst on upgrades.
+  * [fae4b76] Added packages dovecot-pgsql, dovecot-mysql, dovecot-sqlite,
+    dovecot-ldap, dovecot-gssapi and dovecot-sieve (Closes: #251433)
+  * [aa8983d] Imported Upstream version 2.0.11
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 07 Mar 2011 18:23:59 +0100
+
+dovecot (1:1.2.15-3) unstable; urgency=low
+
+  * [096c373] Fix file overwrite error when upgrading from lenny
+    (Closes: #601980)
+  * [37b3220] Add --no-create-home to adduser invocation in dovecot-
+    common.postinst script (Closes: #601767)
+  * [b00b527] Fall back to `hostname` if `hostname -f` invocation fails
+    (Closes: #562780)
+  * [9102fec] Make self-generated certificates key length 2048 bits.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Tue, 02 Nov 2010 11:12:53 +0100
+
+dovecot (1:1.2.15-2) unstable; urgency=low
+
+  * [a0744a5] Switch vcs fields to git
+  * [d8a1bd4] Add debian/gbp.conf to make easy the usage of git-
+    buildpackage
+  * [c0dc21f] Warn that the generated SSL certificate will expire in 10
+    years instead of 365 days, as it's the lifetime of of self-generated
+    certificates since 1:1.2.13-1
+  * [6472d63] Switch to gbp-pq patch management.
+  * [bf2fc17] Upgraded sieve plugin to version 0.1.18
+  * [6b9809d] Upgraded managesieve plugin to version 0.11.12
+  * [d67cd17] Upgraded dovecot-managesieve.patch to version 0.11.12
+
+ -- Marco Nenciarini <mnencia@debian.org>  Thu, 28 Oct 2010 22:50:19 +0200
+
+dovecot (1:1.2.15-1) unstable; urgency=high
+
+  [ Marco Nenciarini ]
+  * New upstream release (Closes: #587036,#597529)
+  * Updated policy version to 3.9.1.0 (no changes needed)
+
+  [ Jaldhar H. Vyas ]
+  * [SECURITY] Fixes two bugs with acls which could have allowed a user to
+    gain improper access or admin rights to shared mailboxes.
+    (Closes: #599521)
+  * Warn that the generated SSL certificate will expire in 365 days.  Thanks
+    Phillip Weis.  (Closes: #576455)
+  * Wherever the path to sendmail is given as /usr/lib/sendmail, change to
+    /usr/sbin/sendmail.  (Closes: #570814,#595671)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 08 Oct 2010 17:34:19 -0400
+
+dovecot (1:1.2.13-1) unstable; urgency=low
+
+  [ Jaldhar H. Vyas ]
+  * dovecot-common: Upped expiration date of self-generated certificates to
+    10 years from 1 year.  (Closes: #587371)
+
+  [ Marco Nenciarini ]
+  * New upstream release:
+    - Fixed iconv() crash when it was processing several kilobytes of
+      broken continuous input. This mainly could have caused a problem
+      with IMAP SEARCH. Possibly also with some Sieve checks.
+    - If MIME encoded-words contained line feeds, Dovecot logged
+      cache corruption errors.
+    - mbox: Renaming mailbox under newly created dir didn't move index
+      directory.
+    - mbox: When generating envelope to From_-line, don't append a second
+      @owndomain if username already has one.
+  * Updated policy version to 3.9.0.0 (no changes needed)
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 26 Jul 2010 17:03:38 +0200
+
+dovecot (1:1.2.12-1) unstable; urgency=low
+
+  * New upstream release
+  * Upgraded sieve plugin to version 0.1.17
+  * Refreshed dovecot-managesieve.patch
+  * debian/patches/sieve-fix-imapflags.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Sat, 26 Jun 2010 18:14:15 +0200
+
+dovecot (1:1.2.11-1) unstable; urgency=high
+
+  * New upstream release
+  * urgency set to high, because under particular circumstances you could
+    cause a DoS by sending a message with a huge header.
+  * sieve: Fix addflags command in deprecated imapflags extension
+    (Closes: #570058)
+  * Include a daily expire script with a setting in /etc/default/dovecot
+    to enable it. The new script is disabled by default as it requires
+    some configurations by the system administrator. Thanks to Hans Spaans
+  * Mark expire-tool.sh as a bash script
+  * Bump Standards-Version to 3.8.4, no changes needed
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 08 Mar 2010 22:25:46 +0100
+
+dovecot (1:1.2.10-1) unstable; urgency=low
+
+  * New upstream release (Closes: #566796)
+  * Upgraded sieve plugin to version 0.1.15
+  * Upgraded managesieve plugin to version 0.11.11
+  * Upgraded dovecot-managesieve.patch to version 0.11.11
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 25 Jan 2010 17:21:09 +0100
+
+dovecot (1:1.2.9-2) unstable; urgency=low
+
+  * Upgraded sieve plugin to version 0.1.14
+  * Upgraded managesieve plugin to version 0.11.10
+  * Upgraded dovecot-managesieve.patch to version 0.11.10
+  * debian/patches/dovecot-example.patch: Refreshed.
+  * Added expire-tool wrapper script (Closes: #565538)
+  * Added ${misc:Depends} to the dependencies of each binary package,
+    to make lintian happy (debhelper-but-no-misc-depends)
+
+ -- Marco Nenciarini <mnencia@debian.org>  Sun, 17 Jan 2010 09:39:42 +0100
+
+dovecot (1:1.2.9-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/patches/gold-fix.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Thu, 17 Dec 2009 10:52:53 +0100
+
+dovecot (1:1.2.8-2) unstable; urgency=low
+
+  * Moved libexec to lib corrections in dovecot-managesieve.patch and
+    dovecot-managesieve-dist.patch to dovecot-example.patch
+  * debian/patches/dovecot-mboxlocking.patch: Regenerated to avoid FTBFS
+    when quilt isn't installed.
+  * debian/patches/quota-mountpoint.patch: Removed. Not needed anymore.
+  * debian/patches/dovecot-quota.patch: Removed. Quotas aren't properly
+    enabled unless mail_plugins = quota imap_quota.
+  * debian/patches/gold-fix.patch: Fixed configure script to build even
+    with binutils-gold or --no-add-needed linker flag (Closes: #554306)
+  * debian/dovecot-common.init: fixed LSB headers. Thanks to Pascal Volk.
+    (Closes: #558040)
+  * debian/changelog: added CVE references to previous changelog entry.
+  * debian/rules: checked up the build system. It's not fragile anymore.
+    (Closes: 493803)
+  * debian/dovecot-common.postinst: Now invoking dpkg-reconfigure
+    on dovecot-common is enough to generate new certificates
+    if the previous ones were removed. (Closes: #545582)
+  * debian/rules: No longer install convert-tool in /usr/bin.
+    It isn't an user utility and it should stay in /usr/lib/dovecot
+    like all other similar tool.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Tue, 08 Dec 2009 12:24:04 +0100
+
+dovecot (1:1.2.8-1) unstable; urgency=high
+
+  [ Marco Nenciarini ]
+  * New upstream release. (Closes: #557601)
+  * [SECURITY] Fixes local information disclosure and denial of service.
+    (see: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
+    and CVE-2009-3897)
+  * Added myself to uploaders.
+  * Switched to the new source format "3.0 (quilt)":
+    - removed dpatch from build-depends
+    - removed debian/README.source because now we use only standard
+      dpkg features
+    - regenerated all patches
+  * Prepared to switch to multi-origin source:
+    - recreated dovecot-libsieve.patch and dovecot-managesieve-dist.patch
+      starting from the upstream tarball
+    - removed all autotools related build-depends and build-conflict
+    - renamed dovecot-libsieve and dovecot-managesieve directories
+      to libsieve and managesieve.
+  * debian/rules: Moved the configuration of libsieve and managesieve from
+    the build phase to the configuration phase
+
+  [ Jaldhar H. Vyas ]
+  * Added dovecot-dbg package  with debugging symbols.  Thanks Stephan Bosch.
+    (Closes: #554710)
+  * Fixed some stray libexec'isms in the default configuration.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 23 Nov 2009 17:04:14 -0500
+
+dovecot (1:1.2.7-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/dovecot-common.init:
+    - use $CONF when starting the daemon. (Closes: #549944)
+    - always output start/stop messages. (Closes: #523810)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 14 Nov 2009 11:28:33 +0100
+
+dovecot (1:1.2.6-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/patches/v1.2.5-exec-mail_fix.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 12 Oct 2009 06:56:55 +0000
+
+dovecot (1:1.2.5-2) unstable; urgency=low
+
+  * debian/dpatches/v1.2.5-exec-mail_fix.dpatch: added.
+    (Closes: #546694, #546695)
+  * debian/dovecot-common.dirs: removed /etc, /etc/ssl/{private,certs}, they
+    are handled by openssl; this should fix the piuparts test.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 27 Sep 2009 20:53:52 +0200
+
+dovecot (1:1.2.5-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 14 Sep 2009 14:34:06 +0200
+
+dovecot (1:1.2.4-2) unstable; urgency=low
+
+  * debian/patches/dovecot-libsieve.dpatch: updated to 0.1.12.
+    (Closes: #539527)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 02 Sep 2009 07:28:23 +0200
+
+dovecot (1:1.2.4-1) unstable; urgency=low
+
+  * New upstream release. (Closes: #537186, #540058)
+  * Bumped Standards-Version to 3.8.3, no changes needed.
+  * debian/control: only suggests ntp. (Closes: #542152)
+  * debian/patches/dovecot-managesieve-dist.dpatch: updated to the 0.11.9
+    release. (Closes: #539527)
+  * debian/rules: dovecot should be started with sequence number 20.
+    (Closes: #543473)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 29 Aug 2009 17:27:59 +0200
+
+dovecot (1:1.2.2-2) unstable; urgency=high
+
+  * Er that should be fcntl not fnctl.  (Closes: #539474, #539486)
+  * For the sake of completeness, fixed some errors in the example config file.
+    (They are in the !include statements which are commented out by default
+    so it is unlikely that most users will actually be affected.)
+    (Closes: #539391)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 01 Aug 2009 11:38:03 -0400
+
+dovecot (1:1.2.2-1) unstable; urgency=low
+
+  [Joel Johnson]
+  * New upstream version, updated ManageSieve patch
+     - fixes index corruption condition (Closes: #537388)
+  * Set default for mbox_write_locks to "fnctl dotlock" according to
+    Debian Policy (Closes: #537326)
+  * Set MySQL build dependency to use version-agnostic -dev package
+  * Drop postgres-configure patch, functionality included upstream
+  * Updated dovecot-libsieve to version 0.1.9
+     - fixes subaddress matching (Closes: #537386)
+     - check additional address-list headers (Closes: #537379)
+
+  [Jaldhar H. Vyas]
+  * Remove unneeded build-dependencies on byacc and flex now that we no longer
+    use cmusieve.
+
+ -- Joel Johnson <mrjoel@lixil.net>  Tue, 28 Jul 2009 20:35:57 -0600
+
+dovecot (1:1.2.1-2) unstable; urgency=low
+
+  * Update to use default automake (Closes: #536880) now that current upstream
+    successfully builds with 1.10 (was previously a problem in bug 473754.
+  * Updated Standards-Verson to 3.8.2 (no action required)
+  * Remove ./var/run directories to fix lintian warnings.
+  * Updated dovecot-libsieve patch to version 0.1.8, removed autogen.sh,
+    tests, and doc/rfc
+  * Updated dovecot-managesieve patch to version 0.11.7
+  * Updated dovecot-managesieve-dist patch to Mercurial revision 12b9733ee8b0
+      (0.11.7+), removed lib-cmusieve, doc/rfs, autogen.sh
+  * Add additional upgrading note to README.Debian to clarify the ManageSieve
+    configuration changes needed - existing configurations break if not
+    updated! (Closes: #537158)
+  * Include the ChangeLog and README for sieve and ManageSieve
+
+ -- Joel Johnson <mrjoel@lixil.net>  Wed, 15 Jul 2009 20:29:33 -0600
+
+dovecot (1:1.2.1-1) unstable; urgency=low
+
+  [ Joel Johnson ]
+  * New upstream release
+  * Update packaging for 1.2 release
+    - update SIEVE patch to use Dovecot rewrite (version 0.1.7,
+        removed RFCs and tests for a DFSG patch)
+    - update ManageSieve patch and software to hg revision 2c9b4b4ab6a8
+        (0.11.6+) for 1.2.1 support
+        + removed lib-cmusieve since building against newer sieve
+        + removed doc/rfc for DFSG compliance
+        + removed autogen.sh since we run autotools during the build
+    - updated other misc patches
+
+ -- Joel Johnson <mrjoel@lixil.net>  Sun, 12 Jul 2009 11:15:01 -0600
+
+dovecot (1:1.1.16-1) unstable; urgency=low
+
+  * New upstream release. (Closes: #531599)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 04 Jun 2009 12:38:59 +0200
+
+dovecot (1:1.1.15-1) unstable; urgency=low
+
+  * New upstream release; sorry, no time to include extra upstream patches
+    which are not released, feel free to submit them as dpatch files and I will
+    add them to the package. (Closes: #529923)
+  * debian/control: updated Standards-Version, no changes needed.
+  * debian/dovecot-common.init: patched to support ENABLED=0 in
+    /etc/default/dovecot, useful if dovecot is used as local-only IMAP server
+    through PREAUTH interface. (Closes: #524302)
+  * debian/dovecot-common.README.Debian: simplyfied, we only point the user to
+    wiki.dovecot.org; added a note about how to regenerate the SSL certificate.
+    (Closes: #528934)
+  * debian/dovecot-common.postrm: do not break if /etc/ssl/certs does not
+    exist. (Closes: #524865)
+  * debian/patches/dovecot-managesieve-dist: updated to 0.10.6.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 31 May 2009 20:13:26 +0200
+
+dovecot (1:1.1.13-2) unstable; urgency=high
+
+  * New upload, urgency set to high: the package in testing is broken.
+  * debian/dovecot-common.init: fixed a typo.
+  * debian/patches/dovecot-example.dpatch: fixed a few paths.
+    (Closes: #521544)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 29 Mar 2009 21:16:02 +0200
+
+dovecot (1:1.1.13-1) unstable; urgency=low
+
+  * New upstream release.
+  * This version fixes problems accessing mailboxes in some setups.
+    (Closes: #520310)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 19 Mar 2009 17:31:56 +0100
+
+dovecot (1:1.1.12-1) unstable; urgency=low
+
+  * New upstream release, it fixes some wrong defaults in the configuration
+    file. (Closes: #518631)
+  * debian/rules: add support for libdb. (Closes: #518630)
+  * debian/dovecot-common.postinst: create the dovecot certificate only at
+    install time. (Closes: #518738, #518598)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 16 Mar 2009 14:26:32 +0100
+
+dovecot (1:1.1.11-4) unstable; urgency=low
+
+  * debian/dovecot-common.init: fixed a typo from the last upload.
+    (Closes: #518504)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 06 Mar 2009 18:39:09 +0100
+
+dovecot (1:1.1.11-3) unstable; urgency=low
+
+  * debian/dovecot-common.init: applied patch from Håkon Stordahl to call
+    ntp-wait if available. (Closes: #517808)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 04 Mar 2009 17:38:59 +0100
+
+dovecot (1:1.1.11-2) unstable; urgency=low
+
+  * debian/dovecot-common.init: fixed a bug in the init script, adding a
+    missing slash in the PIDFILE path. (Closes: #516845)
+  * debian/dovecot-common.init: fixed a bug in the init script, sending the HUP
+    signal for reloading the configuration. (Closes: #512197)
+  * debian/dovecot-common.init: check if /etc/inetd.conf exists.
+    (Closes: #509259, #497148)
+  * debian/control: dovecot-common suggests ntp and ntpdate. (Closes: #511060)
+  * debian/dovecot-common.postinst: migration hook for default_mail_env =>
+    mail_location. (Closes: #517073)
+  * debian/dovecot.1: fixed the path of the configuration file.
+    (Closes: #501493)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 27 Feb 2009 17:24:09 +0100
+
+dovecot (1:1.1.11-1) unstable; urgency=low
+
+  * New upstream release, upload to unstable. (Closes: #507122)
+  * debian/patches/dovecot-quota.dpatch: fixed a bug in the imap quota plugin.
+    (Closes: #484677)
+  * debian/dovecot-common.init: added the status action, thanks Fladischer
+    Michael for the patch. (Closes: #509694)
+  * debian/dovecotpw.1: added manpage for dovecotpw, thanks Xavier Luthi for
+    the patch. (Closes: #504712)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 20 Feb 2009 20:39:38 +0100
+
+dovecot (1:1.1.9-1) experimental; urgency=low
+
+  [ Fabio Tranchitella ]
+  * debian/control: dovecot-common suggests ntp.
+
+  [ Joel Johnson ]
+  * New upstream release
+  * updated managesieve patch to apply against new version
+
+ -- Joel Johnson <mrjoel@lixil.net>  Sat, 24 Jan 2009 04:12:42 +0000
+
+dovecot (1:1.1.8-1) experimental; urgency=low
+
+  * New upstream release.
+  * debian/control: added LDA to the description of dovecot-common.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 07 Jan 2009 23:14:29 +0100
+
+dovecot (1:1.1.7-1) experimental; urgency=low
+
+  * New upstream release
+  * Updated dovecot-ssh.patch for new release
+  * Updated MANAGESIEVE to 0.10.4
+  * Fix package to support double compilation
+    - Properly clean dovecot-managesieve as pointed out by Stephan Bosch
+    - Add --copy directive to automake invocation
+
+ -- Joel Johnson <mrjoel@lixil.net>  Thu, 04 Dec 2008 20:52:11 -0700
+
+dovecot (1:1.1.2-3) experimental; urgency=low
+
+  * debian/control: added libbz2-dev to the Build-Depends to enable the bzip2
+    support. (Closes: #495129)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 14 Aug 2008 20:45:41 +0200
+
+dovecot (1:1.1.2-2) experimental; urgency=low
+
+  * Merged changes in the unstable package.
+  * debian/control: added replaces for the imap and pop modules from the
+    -common to the the -imap and -pop packages. (Closes: #493798)
+  * debian/rules: applied some of the suggestions from Matthias Kloses,
+    thanks! (Refs: #493803)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 05 Aug 2008 21:20:33 +0200
+
+dovecot (1:1.1.2-1) experimental; urgency=low
+
+  * New upstream release
+  * Trivial update to autocreate patch
+
+ -- Joel Johnson <mrjoel@lixil.net>  Sat, 26 Jul 2008 08:18:39 -0600
+
+dovecot (1:1.1.1-1) experimental; urgency=low
+
+  [ Joel Johnson ]
+  * New upstream release (Closes: #487989)
+  * Updated policy version to 3.8.0.1 (no changes needed)
+  * Updated watch file to watch new release directory
+  * Actually install dovecot.8 since we have it
+  * Removed quota_v2 patch (was unreachable code): upstream now defaults
+    to quota v1 if _LINUX_QUOTA_VERSION is not defined
+  * Removed pam-error-information patch: included upstream
+  * Removed mbox_snarf patch: included upstream
+  * Removed full MANAGESIEVE patch (replaced with new 1.1 approach)
+  * Merged protocols_none_by_default patch into dovecot-example patch
+  * Updated drac patch to build against 1.1
+  * Updated autocreate patch with 1.1 version
+  * Updated dovecot-sieve to 1.1.5
+  * Added dovecot-managesieve patch against dovecot tree
+  * Added dovecot-managesieve source for building module
+
+  [ Fabio Tranchitella ]
+  * Added Joel Johnson to the uploaders; thanks for your work!
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 20 Jul 2008 19:09:23 +0200
+
+dovecot (1:1.0.15-2) unstable; urgency=low
+
+  * debian/dovecot.1: added "This includes doing a syntax check" to the -a
+    option.
+  * debian/rules: now the package builds two times in a row without problems.
+    (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 27 Jul 2008 19:56:18 +0200
+
+dovecot (1:1.0.15-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/rules: clean the package before unpatching. (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 22 Jun 2008 09:06:01 +0200
+
+dovecot (1:1.0.14-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/patches/inbox_creation.dpatch: removed, merged upstream.
+  * debian/patches/allow_nets.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 03 Jun 2008 10:07:13 +0200
+
+dovecot (1:1.0.13-6) unstable; urgency=low
+
+  * debian/patches/inbox_creation.dpatch: added, use mail_privileged_group's
+    group when creating inboxes if the unprivileged user fails; upstream:
+    http://hg.dovecot.org/dovecot-1.0/rev/932768a879c6 (Closes: #471716)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 28 May 2008 12:58:17 +0200
+
+dovecot (1:1.0.13-5) unstable; urgency=low
+
+  * debian/patches/allow_nets.dpatch: added, allow_nets didn't work correctly
+    with big endian machines; patch from upstream, thanks Timo:
+    http://hg.dovecot.org/dovecot-1.0/rev/71c02fdf1b59
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 15 May 2008 14:48:14 +0200
+
+dovecot (1:1.0.13-4) unstable; urgency=low
+
+  * debian/patches/dovecot-MANAGESIEVE-9.3.dpatch: updated managesieve to
+    version 9.3.
+  * debian/dovecot-common.README.Debian: added a note about how to configure
+    dovecot to log to file instead of using syslog.
+  * debian/dovecot.1: added a SIGNALS section. (Closes: #479059)
+  * dovecot-sieve: updated to the last hg release (5c3ba11994cb).
+    (Closes: #479104)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 05 May 2008 17:28:21 +0200
+
+dovecot (1:1.0.13-3) unstable; urgency=low
+
+  * debian/rules: do not install anymore the ldap and sql example
+    configuration files under /etc. (Closes: #472674)
+  * debian/dovecot-common.postinst: really chmod
+    /etc/dovecot/dovecot-{ldap,sql}.conf files to 0600.
+  * debian/devecot-common.init: do not start the service if dovecot.conf
+    doesn't exist. (Closes: #475888)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 27 Apr 2008 22:42:37 +0200
+
+dovecot (1:1.0.13-2) unstable; urgency=low
+
+  * debian/rules: use aclocal-1.9 instead of aclocal. (Closes: #473754)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 01 Apr 2008 15:30:32 +0200
+
+dovecot (1:1.0.13-1) unstable; urgency=high
+
+  * New upstream release, fixes a security issue:
+    http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 09 Mar 2008 19:22:20 +0100
+
+dovecot (1:1.0.12-1) unstable; urgency=high
+
+  * New upstream release. (Closes: #469457)
+  * debian/patches/dovecot-MANAGESIEVE-9.2.dpatch: updated, thanks to Marco
+    Nenciarini for the patch.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 06 Mar 2008 15:53:07 +0100
+
+dovecot (1:1.0.10-4) unstable; urgency=low
+
+  * debian/patches/autocreate.dpatch: added, thanks to Walter Reiner.
+  * debian/rules: use --with-ioloop=best instead of --with-ioloop=epoll, as
+    suggested by Timo. (Closes: #466296)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 18 Feb 2008 09:29:39 +0100
+
+dovecot (1:1.0.10-3) unstable; urgency=low
+
+  * debian/patches/dovecot-MANAGESIEVE-9.1.dpatch: added, thanks to Aleksey
+    Midenkov for providing a patch. (Closes: #416166)
+  * debian/dovecot-common.init: added $time to Should-Start. (Closes: #461543)
+  * debian/dovecot-common.postinst: do not add the dovecot user to the mail
+    group, it is not required by upstream. (Closes: #457123)
+  * debian/control: updated Standards-Version to 3.7.3, no changes required.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 10 Feb 2008 18:37:55 +0100
+
+dovecot (1:1.0.10-2) unstable; urgency=low
+
+  * debian/patches/mbox_snarf.dpatch: added, thanks to Bernd Kuhls.
+    (Closes: #462319)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 24 Jan 2008 10:12:02 +0100
+
+dovecot (1:1.0.10-1) unstable; urgency=high
+
+  * New upstream release, fixes a security bug.
+  * debian/patches/exec_check_for_none.dpatch: updated.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 30 Dec 2007 10:29:26 +0100
+
+dovecot (1:1.0.9-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/control: added the Vcs-Svn and Vcs-Browser fields.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 12 Dec 2007 08:10:11 +0100
+
+dovecot (1:1.0.8-2) unstable; urgency=low
+
+  * Provides a dovecot-dev package, thanks to Josh Triplett for providing a
+    patch. (Closes: #444812)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 04 Dec 2007 09:22:59 +0100
+
+dovecot (1:1.0.8-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/patches/unsupported-sasl-mech.dpatch: merged with upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 29 Nov 2007 13:36:39 +0100
+
+dovecot (1:1.0.7-3) unstable; urgency=low
+
+  * debian/patches/dovecot-ssl.dpatch: provide mechanism to discover if ssl
+    client certificate is verified, patch from Stephen Gran. (Closes: #446555)
+  * debian/patches/pam-error-information.dpatch: fill auth information in pam
+    error, patch backported from upstream RCS. (Closes: #439246)
+  * debian/patches/unsupported-sasl-mech.dpatch: should use NO (not BAD) for
+    unsupported SASL mech, patch backported from upstream RCS. (Closes: #449324)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 14 Nov 2007 21:33:55 +0100
+
+dovecot (1:1.0.7-2) unstable; urgency=low
+
+  * debian/dovecot-common.postinst:
+    + don't fail if dovecot-ldap.conf or dovecot-sql.conf are removed; thanks
+      to Mathias Gug. (Closes: #448401)
+    + fix permissions of /var/run/dovecot and /var/run/dovecot/login.
+      (Closes: #446051)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 04 Nov 2007 10:06:06 +0100
+
+dovecot (1:1.0.7-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/rules: remove drac.so in the clean target. (Closes: #442548)
+  * debian/dovecot-common.init: implemented the reload action.
+    (Closes: #441032)
+  * Update protocoles option in configuration when installing/removing
+    -imapd/-pop3d packages. Thanks to Soren Hansen and Mathias Gug from
+    Ubuntu for providing a patch. (Closes: #447201)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 02 Nov 2007 23:06:17 +0100
+
+dovecot (1:1.0.5-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 10 Sep 2007 09:25:59 +0200
+
+dovecot (1:1.0.3-3) unstable; urgency=low
+
+  * debian/dovecot-common.init: don't use the init script name to locate the
+    configuration file because it is not reliable. If you really want to start
+    multiple servers, just copy the init script and use the optional default
+    file to override the variables. (Closes: #437228)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 16 Aug 2007 09:17:01 +0200
+
+dovecot (1:1.0.3-2) unstable; urgency=low
+
+  * debian/rules: removed the --with-notify=inotify switch, it should be
+    detected automatically.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 09 Aug 2007 09:39:50 +0200
+
+dovecot (1:1.0.3-1) unstable; urgency=low
+
+  * New upstream release. (Closes: #434038, #432601)
+  * This release doesn't build dbox support out-of-the-box. (Closes: #431615)
+  * dovecot-sieve: updated to the last hg's tip. (Closes: #434079)
+  * debian/dovecot-*.README.Debian: don't call /etc/init.d scripts directly.
+    (Closes: #431991)
+  * debian/dovecot-common.init: updated with patches from Tom Metro, thanks!
+    (Closes: #426480, #422674)
+  * debian/dovecot-common.postinst: fixed a missing variable DOMAINNAME.
+    (Closes: #425917)
+  * debian/rules: moved the init script to the level 24, after the ntpdate
+    one. (Closes: #432723)
+  * debian/patches/00list: added dovecot-drac, again. (Closes: #353039)
+  * debian/rules: build with inotify and epoll support. (Closes: #419281)
+  * debian/dovecot.1: added a simple manpage for dovecot. (Closes: #426702)
+  * debian/copyright: added copyright exceptions as suggested by Timo.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 04 Aug 2007 20:11:36 +0200
+
+dovecot (1:1.0.0-1) unstable; urgency=low
+
+  * New upstream release, the final 1.0.0. Bumped epoch, because we used the
+    wrong version scheming in the past and I think it is worth to do so now
+    that 1.0.0 has been released.
+  * debian/watch: updated.
+  * Rebuilt with a new glibc in unstable, now we have inotify support.
+    (Closes: #395306)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 16 Apr 2007 08:42:32 +0200
+
+dovecot (1.0.rc31-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 09 Apr 2007 11:55:45 +0200
+
+dovecot (1.0.rc30-2) unstable; urgency=low
+
+  * debian/dovecot-common.init: check if /etc/inetd.conf exists before
+    calling sed on it. (Closes: #417299)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 08 Apr 2007 16:58:30 +0200
+
+dovecot (1.0.rc30-1) unstable; urgency=low
+
+  * New upstream release.
+  *
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 07 Apr 2007 11:17:45 +0200
+
+dovecot (1.0.rc29-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/rules: ship convert-tool in dovecot-common. (Closes: #416909)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 31 Mar 2007 14:15:39 +0200
+
+dovecot (1.0.rc28-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 25 Mar 2007 14:02:28 +0200
+
+dovecot (1.0.rc27-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 14 Mar 2007 14:39:04 +0100
+
+dovecot (1.0.rc26-4) unstable; urgency=low
+
+  * debian/dovecot-common.postinst: fixed a typo. (Closes: #414672)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 13 Mar 2007 08:45:47 +0100
+
+dovecot (1.0.rc26-3) unstable; urgency=low
+
+  * debian/control: depends on ucf (>= 2.0020). (Closes: #414032)
+  * debian/dovecot-common.postinst: handles better chmod/chown on package
+    upgrade. (Closes: #414257)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 12 Mar 2007 10:03:34 +0100
+
+dovecot (1.0.rc26-2) unstable; urgency=low
+
+  * debian/control:
+    + dovecot-{imapd,pop3d}: depends on the same-source dovecot-common.
+      (Closes: #414032)
+  * debian/rules: fixed permission for dovecot.conf. (Closes: #413995)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri,  9 Mar 2007 12:57:50 +0100
+
+dovecot (1.0.rc26-1) unstable; urgency=low
+
+  * New upstream release.
+  * Add support for ucf, thanks to Vincent Danjean for providing a full patch.
+    (Closes: #413081)
+  * debian/dovecot-common.init: create /var/run directories at start-up time.
+    (Closes: #376143)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed,  7 Mar 2007 11:26:56 +0100
+
+dovecot (1.0.rc25-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri,  2 Mar 2007 13:44:44 +0100
+
+dovecot (1.0.rc24-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 23 Feb 2007 15:47:30 +0100
+
+dovecot (1.0.rc23-1) unstable; urgency=low
+
+  * New upstream release.
+  * debian/patches/documentation.dpatch, debian/patches/xfs_quotas.dpatch:
+    removed, applied upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 21 Feb 2007 09:34:44 +0100
+
+dovecot (1.0.rc22-2) UNRELEASED; urgency=low
+
+  * debian/watch: added.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri,  9 Feb 2007 12:15:34 +0100
+
+dovecot (1.0.rc22-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed,  7 Feb 2007 09:38:34 +0100
+
+dovecot (1.0.rc21-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon,  5 Feb 2007 16:23:33 +0100
+
+dovecot (1.0.rc19-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 24 Jan 2007 00:03:38 +0100
+
+dovecot (1.0.rc18-2) unstable; urgency=low
+
+  * dovecot-sieve: updated to cvs version 1.0.1.
+  * debian/README.Debian: updated for the new setting mail_location, which
+    substitutes the old default_mail_env. (Closes: #408025)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 23 Jan 2007 10:15:36 +0100
+
+dovecot (1.0.rc18-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 22 Jan 2007 18:15:02 +0100
+
+dovecot (1.0.rc17-1) unstable; urgency=low
+
+  * New upstream release.
+  * Updated dovecot-sieve from CVS.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 12 Jan 2007 09:42:47 +0100
+
+dovecot (1.0.rc15-2) unstable; urgency=medium
+
+  * debian/dovecot-common.README.Debian: updated details about raw logging;
+    thanks Chris Moore for providing a patch. (Closes: #400689)
+  * debian/patches/dovecot-example.dpatch: added a missing slash for an
+    absolute path. (Closes: #400830)
+  * debian/patches/dovecotpw.dpatch: applied patched to fix argument parsing
+    on some architectures. (Closes: #402075)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 18 Dec 2006 18:34:31 +0100
+
+dovecot (1.0.rc15-1) unstable; urgency=medium
+
+  * New upstream release.
+  * Fixes a security bug: Off-by-one buffer overflow with mmap_disable=yes.
+    (See: http://www.dovecot.org/list/dovecot-news/2006-November/000023.html)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 20 Nov 2006 12:47:39 +0100
+
+dovecot (1.0.rc14-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 16 Nov 2006 09:37:38 +0100
+
+dovecot (1.0.rc13-1) unstable; urgency=medium
+
+  * New upstream release.
+  * debian/rules:
+    + preserve upstream config.guess and config.sub. (Closes: #397404)
+    + really clean dovecot-sieve/src on clean target. (Closes: #397407)
+  * debian/control: added build-conflict with automake1.4. (Closes: #397409)
+  * dovecot-sieve/src/Makefile.am: move sieve plug-ins under
+    usr/lib/dovecot/lda/modules; thanks to Chris Vanden Berghe for pointing
+    this out.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue,  7 Nov 2006 09:26:56 +0100
+
+dovecot (1.0.rc12-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun,  5 Nov 2006 16:52:52 +0100
+
+dovecot (1.0.rc10-3) unstable; urgency=medium
+
+  * debian/rules: fixed two typos in the configure call. (Closes: #395016)
+  * Included dovecot-sieve plug-in from CVS. (Closes: #394885)
+  * Urgency medium: we are near the freeze, and this release must be part
+    of etch.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 31 Oct 2006 06:30:45 +0000
+
+dovecot (1.0.rc10-2) unstable; urgency=low
+
+  * debian/patches/dovecot-example.dpatch: commented out a close brace.
+    (Closes: #394785)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Mon, 23 Oct 2006 08:17:13 +0000
+
+dovecot (1.0.rc10-1) unstable; urgency=low
+
+  * New upstream release. (Closes: #393004)
+  * debian/patches/dovecot-example.dpatch:
+    + added specific comments to the mail_extra_groups option.
+      (Closes: #383453)
+    + removed duplicated LDA section. (Closes: #391632)
+  * debian/dovecot.8: fixed a layout error. (Closes: #393080)
+  * debian/dovecot-common.init: added LSB headers.
+  * Switched to the upstream dovecot deliver (LDA).
+  * debian/patches/quota_v2.dpatch: added, thanks to Jonas Smedegaard.
+    (Closes: #377563)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 22 Oct 2006 08:55:16 +0000
+
+dovecot (1.0.rc7-1) unstable; urgency=low
+
+  * New upstream release. (Closes: #377840, #385101)
+  * debian/patches/dovecot-example.dpatch: set a default value for
+    pop3_uidl_format. (Closes: #383883)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 29 Aug 2006 10:38:17 +0200
+
+dovecot (1.0.rc6-1) unstable; urgency=low
+
+  * New upstream release:
+    + Fixed imap segfaults on small mbox files (2 bytes). (Closes: #377840)
+    + Fixed a known bug in dovecot's IDLE handler. (Closes: #351828)
+    + Added support for quota2. (Closes: #377563)
+  * debian/control: converted build-depends on linux-kernel-headers to
+    build-conflicts to help the GNU/kFreeBSD port. (Closes: #377479)
+  * debian/control: changed maintainer to "Dovecot Maintainers"; no changes
+    to the email addresses.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Tue, 15 Aug 2006 10:58:57 +0200
+
+dovecot (1.0.rc2-2) unstable; urgency=low
+
+  * patched the quota plugin to fix a missing symbol (Closes: #377018)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri,  7 Jul 2006 10:50:04 -0400
+
+dovecot (1.0.rc2-1) unstable; urgency=high
+
+  * New upstream release
+  * Update dovecot-lda to the latest version (05132006)
+  * IPv6 with SSL/TLS should work now.  (Closes: #374783)
+  * go back to using poll instead of epoll.  (Closes: #376222)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu,  6 Jul 2006 00:47:56 -0400
+
+dovecot (1.0.rc1-1) unstable; urgency=low
+
+  * New upstream release.
+  * Add a build-dependency on linux-kernel-headers for the xfs quotas
+    stuff.  Make it higher than the version in sarge because sarges xfs
+    includes are too old.  If any knowledgeable person would like to
+    give me a patch for this, please do.  (Closes: #374793)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 28 Jun 2006 11:42:07 -0400
+
+dovecot (1.0.beta9-1) unstable; urgency=low
+
+  * New upstream release
+  * Added XFS quota support.  Thanks  Pawel Jarosz <pj@rsi.pl>
+    (Closes: #373936)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 19 Jun 2006 16:55:20 -0400
+
+dovecot (1.0.beta8-4) unstable; urgency=high
+
+  * Unfortunately, the patch in the last version broke the mysql module.
+    Fixed thanks to Martin Pitt.  (Closes: #369359, #373227)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 11 Jun 2006 16:27:43 -0400
+
+dovecot (1.0.beta8-3) unstable; urgency=high
+
+  * [SECURITY] SQL injection could occur in the postgresql module with
+    certain client character encodings. (See CVE-2006-2314)
+    Used the patch from upstream and Martin Pitt <martin.pitt@ubuntu.com>.
+    Thanks Martin.  (Closes: #369359)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 11 Jun 2006 15:33:55 -0400
+
+dovecot (1.0.beta8-2) unstable; urgency=high
+
+  * Don't chown/chmod ssl certificate unless we created it.
+    (Closes: #364766)
+  * Upstream fixed the crash if passwd-file had entries without passwords.
+    (Closes: #361536)
+  * fixed up the last versions changelog to better describe the security
+    problem which was fixed there.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 21 May 2006 13:16:17 -0400
+
+dovecot (1.0.beta8-1) unstable; urgency=high
+
+  * New upstream release.
+  * [SECURITY] Fixes a directory traversal vulnerability.
+    (see: http://www.dovecot.org/list/dovecot-news/2006-May/000006.html
+    and CVE-2006-2414)
+  * Set urgency to high: this version fixes a security bug
+  * Standards-Version: 3.7.2, no changes needed.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sat, 13 May 2006 22:46:16 +0200
+
+dovecot (1.0.beta7-1) unstable; urgency=low
+
+  * New upstream version.
+  * Added sqlite support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 12 Apr 2006 23:25:41 -0400
+
+dovecot (1.0.beta5-1) unstable; urgency=low
+
+  * New upstream version.  Also updated dovecot-lda from CVS.
+  * debian/control.  Added build-depends on flex to prevent FTBS.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu,  6 Apr 2006 16:22:46 -0400
+
+dovecot (1.0.beta3-3) unstable; urgency=low
+
+  * Compile against the newer mysql library. (Closes: #356729)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 22 Mar 2006 13:43:04 +0000
+
+dovecot (1.0.beta3-2) unstable; urgency=low
+
+  [Fabio Tranchitella]
+  * debian/control: added build-depends on byacc.
+  * debian/rules: removed --with-vpopmail option, because libvpopmail-dev
+    is in contrib and we don't wanto to have dovecot build-depends on it.
+  * debian/patches/dovecot-example.dpatch: added two small commented
+    block of configuration for dovecot-lda.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Sun, 26 Feb 2006 20:59:06 +0000
+
+dovecot (1.0.beta3-1) unstable; urgency=high
+
+  [Fabio Tranchitella]
+  * New upstream release, which fixes two security related bugs.
+    CVE-2006-0730 (Closes: #353341)
+  * Included dovecot-lda (ver. 20060209). (Closes: #353307, #347348, #333962)
+
+  [ Jaldhar H. Vyas ]
+  * Removed the code for upgrading impad.pem.  This might bite if you if
+    you try and upgrade a woody version of dovecot to this one.  So
+    don't do that.  (Closes: #337715)
+  * dovecot-imapd,dovecot-pop3d: depend on dovecot-common >= 1.0beta3-1
+    as the way SSL parameters are generated has changed.  (Closes: #353404)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 17 Feb 2006 22:06:21 -0500
+
+dovecot (1.0.beta2-1) unstable; urgency=low
+
+  [Fabio Tranchitella]
+  * New upstream release.
+  * debian/rules: compile with vpopmail support. (Closes: #347838)
+  * debian/patches: removed zlib patch (merged with upstream).
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu,  2 Feb 2006 21:38:32 +0000
+
+dovecot (1.0.alpha5-1) unstable; urgency=low
+
+  [Fabio Tranchitella]
+  * New upstream release.
+  * Compile dovecot with Kerberos support. (Closes: #338384)
+  * Fixed a small typo in mbox specification. (Closes: #339789)
+  * Added man page for maildirmake.dovecot, thanks to Henry Precheur.
+    (Closes: #340498)
+  * Use /usr/lib/dovecot/modules as basedir for dynamic modules.
+    Upstream suggests /usr/lib/dovecot, but we already use it as
+    libexec directory.
+
+ -- Fabio Tranchitella <kobold@debian.org>  Wed, 21 Dec 2005 13:44:38 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+  [Jaldhar H. Vyas]
+  * New upstream version.
+  * Made sure the default dovecot.conf includes mail_extra_groups=mail
+    (Closes: #336476) somehow this edit got lost at some point.
+  * use ISO8601 date format as default value for log_timestamp in
+    /etc/dovecot/dovecot.conf  (Closes: #333059)
+  * stop shipping {arch} directories in source (Closes: #334646)
+  * Include plugin for compressed mboxen (Closes: #332384)
+  * updated NEWS.Debian to warn users that the dovecot.conf syntax has
+    changed (Closes: #334209)
+  * Remember, remember, the 5th of November.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  5 Nov 2005 23:19:19 -0500
+
+dovecot (1.0.alpha3-2) unstable; urgency=low
+
+  [Jaldhar H. Vyas]
+  * dovecot-common: When creating the dovecot user in the postinst,
+    the --ingroup option to adduser to add dovecot to group
+    mail isn't used anymore.
+    (Closes: #330960, #331106)
+  * commented out userdb passdb from default configuration.  Most
+    people won't need that. (Closes: #330978)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu,  6 Oct 2005 14:25:33 -0400
+
+dovecot (1.0.alpha3-1) unstable; urgency=low
+
+  [ Fabio Tranchitella ]
+  * New upstream release (dovecot-1.0.alpha.3)
+  * debian/patches/ipv6_v6only.dpatch: removed, upstream accepted it.
+  * debian/dovecot-common.postinst: removed bashisms.
+  * debian/dovecot-common.postinst: add dovecot user to group mail.
+    (Closes: #323921)
+  * debian/control: removed conflicts with imap-server and pop3-server,
+    added replaces instead. (Closes: #324480)
+  [ Jaldhar H. Vyas ]
+  * No longer crashes when using LDAP as userdb/passdb (Closes: #320388)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 26 Sep 2005 01:42:09 -0400
+
+dovecot (0.99.20050712-2) unstable; urgency=low
+
+  * Fabio Tranchitella <kobold@debian.org>
+    + debian/control: dovecot-common has to depend on adduser.
+    + debian/patches/documentation.dpatch: some cosmetic fixes about mysql
+      backend.
+  * Jaldhar H. Vyas <jaldhar@debian.org>
+    + debian/control: tighten dovecot-imapd and dovecot-pop3d's dependency on
+      dovecot-common (Closes: #319465)
+    + debian/patches/dovecot-example.dpatch: some more fixes to default
+      configuration.  (Closes: #319413, #319941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 29 Jul 2005 15:37:52 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+  * Fabio Tranchitella <kobold@debian.org>
+    + New upstream version (dovecot-stable, last update 20050712).
+      (Closes: #312893)
+    + debian/control: Standards-Version: 3.6.2 (no changes needed).
+    + debian/patches/dovecot-sql.dpatch: use the right path for mysql socket.
+      (Closes: #298874)
+  * Jaldhar H. Vyas <jaldhar@debian.org>
+    + Removed dovecot package as it was just a woody->sarge transitional
+      pseudo-package.
+    + Apply patch to debian/dovecot-common.init to help when manually
+      starting dovecot.  Thanks Roland Stigge.  (Closes: #309679)
+    + Apply patch to src/lib/network.c to support IPV6_V6ONLY.  Thanks
+      Marco D'Itri. (Closes: #308652)
+    + depend on the latest postgresql library.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.14-1) unstable; urgency=low
+
+  * New upstream version.
+  * dovecot-common: another postinst regexp fix for SSL cert/key files.
+    (Closes: #294989)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 12 Feb 2005 21:34:33 -0500
+
+dovecot (0.99.13-6) unstable; urgency=high
+
+  * dovecot-common: *sigh* another init script fix.  Hopefully we now
+    fully deal with dovecot being run from inetd.  Thanks again to Magnus
+    Holmgren.  (Closes: #293348)
+  * High again so -5 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon,  7 Feb 2005 02:58:30 -0500
+
+dovecot (0.99.13-5) unstable; urgency=high
+
+  * dovecot-common: typo in postinst resulted in incorrect generation of
+    keys for first-time installers.  Hence urgency high.
+  * dovecot-common: In init script, make extra check to make sure an
+    IMAP or POP3 server called from inetd is dovecot and not some other
+    random inferior product.  (Closes: #293348)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  5 Feb 2005 13:56:31 -0500
+
+dovecot (0.99.13-4) unstable; urgency=low
+
+  * build depend on libmysqlclient12
+  * dovecot-common: Allow STARTTLS to work when dovecot is run from inetd
+    Thanks Magnus Holmgren (Closes: #290985)
+  * dovecot-common: let init script exit if dovecot is being run from inetd
+    Thanks Magnus Holmgren (Closes: #292195)
+  * dovecot-common: fix a number of problems in postinst
+    + fails if /etc/ssl/certs or /etc/ssl/private doesn't exist
+    + certs cannot be generated and upgrade fails if openssl is not
+      configured.  Fail more gracefully if this is the case.
+    + read the name and path for the cert from dovecot.conf instead of
+      hardcoding it.
+      Thanks Frederic Pauget (Closes: #292344)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 30 Jan 2005 15:20:03 -0500
+
+dovecot (0.99.13-3) unstable; urgency=high
+
+  * Oops -2 had to be urgency=high so -1 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  8 Jan 2005 12:11:38 -0500
+
+dovecot (0.99.13-2) unstable; urgency=low
+
+  * dovecot-imapd, dovecot-pop3d:  It occurred to me that the effects of
+    fixing #288391 will cause confusion in the minds of new installers so I
+    should add a warning in README.Debian and NEWS.Debian in a vain
+    effort to stave off swarms of bug reports.  (Vain, because no one
+    actually reads documentation anyway.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  8 Jan 2005 11:29:59 -0500
+
+dovecot (0.99.13-1) unstable; urgency=high
+
+  * New upstream version.
+  * dovecot-imapd, dovecot-pop3d: No longer mess with dovecot.conf in postinst
+    (Closes: #288391)
+  * urgency high due to #288391 being a release-critical bug.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri,  7 Jan 2005 17:37:08 -0500
+
+dovecot (0.99.12-1) unstable; urgency=low
+
+  * New upstream version.  (Yes I know 0.99.13 is just around the corner.)
+  * SASL is re-enabled so this bug ("Dovecot seems not to require SASL")
+    is no longer valid (Closes: #272093)
+  * Configuration files moved to /etc/dovecot (Closes: #276183)
+  * Permissions on /var/run/dovecot and /var/run/dovecot/login no longer
+    give warnings. (Closes: #283996)
+  * SSL certificate is world readable (Closes: #277114).
+  * Thanks to Jan Buren, much extra documentation has been added to
+    /usr/share/doc/dovecot-common/README.Debian
+  * Lintian overrides added.
+  * Happy new year to all you Gregorians
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 31 Dec 2004 15:55:07 -0500
+
+dovecot (0.99.11-3) unstable; urgency=medium
+
+  * applied dovecot-large-header-fix patch to prevent 100% CPU
+    utilization when dealing with really large headers.
+    (Closes: #271458)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 13 Sep 2004 20:20:23 -0400
+
+dovecot (0.99.11-2) unstable; urgency=low
+
+  * Eliminated duplicate stanza in dovecot.conf (Closes: #270181)
+  * Reapplied CRAM-MD5 patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon,  6 Sep 2004 01:24:53 -0400
+
+dovecot (0.99.11-1) unstable; urgency=low
+
+  * New upstream release.
+  * patch to give bug reporting address in configure.ac.
+    Thanks Matthias Andree.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  4 Sep 2004 14:24:57 -0400
+
+dovecot (0.99.10.9-2) unstable; urgency=low
+
+  * screw mipsel.
+  * Added PAM_RHOST patch.  Thanks Dean Gaudet.  (Closes: #264712)
+  * Added CRAM-MD5 patch.  Thanks Joshua Goodall.
+  * Added unexpected EOF patch from Timo.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 17 Aug 2004 01:13:20 -0400
+
+dovecot (0.99.10.9-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon,  2 Aug 2004 18:56:02 -0400
+
+dovecot (0.99.10.8-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 30 Jul 2004 08:17:51 -0400
+
+dovecot (0.99.10.7-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 14 Jul 2004 07:29:49 -0400
+
+dovecot (0.99.10.6-3) unstable; urgency=low
+
+  * Patched so dovecot follows symlinks to directories again.
+    (Closes: #256061)
+  * Changed the priority of init script so it is run after postgresql
+    (Closes: #256068)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 24 Jun 2004 23:57:50 -0400
+
+dovecot (0.99.10.6-2) unstable; urgency=high
+
+  * I needed to enable one more parameter in the configuration in order
+    to get dot-locking working.  Hence this should still be high urgency.
+    (Really Closes: #185335)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 21 Jun 2004 20:02:29 -0400
+
+dovecot (0.99.10.6-1) unstable; urgency=high
+
+  * New upstream version.
+    + finally fixes dot-locking so I think it deserves high priority for
+      sarge.  (Closes: #185335)
+  * dovecot: fixed a typo in description (Closes: #254415)
+  * dovecot-common: man page for dovecot added.  Thanks Kai Hendry.
+    (Closes: #253482)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat, 19 Jun 2004 23:18:39 -0400
+
+dovecot (0.99.10.5-4) unstable; urgency=high
+
+  * Crap, typo in dovecot-common.postinst sorry.  This should only
+    affect new installs though.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 11 Jun 2004 22:30:41 -0400
+
+dovecot (0.99.10.5-3) unstable; urgency=high
+
+  * SECURITY:  set permissions on config files to 0600 to prevent
+    disclosure of sensitive information to local users. (Closes: #253760)
+  * SECURITY: Tightened permissions on generated SSL certificate.
+    (Closes: #253833)
+  * Made a note that dovecot-openssl.conf is not needed on Debian
+    because we generate a certificate in dovecot-commons' postinst.
+    (Closes: #253774)
+  * Added maildir-autocreate patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 11 Jun 2004 09:12:07 -0400
+
+dovecot (0.99.10.5-2) unstable; urgency=low
+
+  * Added maildir-stat patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 10 Jun 2004 14:39:28 -0400
+
+dovecot (0.99.10.5-1) unstable; urgency=low
+
+  * New upstream version.
+  * Enabled mysql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 27 May 2004 13:21:42 -0400
+
+dovecot (0.99.10.4-5) unstable; urgency=high
+
+  * Switched to using openssl as dovecot segfaults with gnutls7 and is
+    not compatible with gnutls10 (Closes: #244570)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 19 Apr 2004 22:45:21 -0400
+
+dovecot (0.99.10.4-4) unstable; urgency=low
+
+  * Added a patch to src/auth/db-pgsql.c from Zsolt VARGA.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 30 Mar 2004 12:49:31 -0500
+
+dovecot (0.99.10.4-3) unstable; urgency=high
+
+  * dovecot-common: Fix postinst to no longer delete /etc/pam.d/imap
+    (Closes: #232832)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 15 Mar 2004 10:27:52 -0500
+
+dovecot (0.99.10.4-2) unstable; urgency=low
+
+  * dovecot-common: now replaces: dovecot for smoother upgrades.
+    (Closes: #223666)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 11 Dec 2003 09:18:12 -0500
+
+dovecot (0.99.10.4-1) unstable; urgency=low
+
+  * New upstream version
+    + This fixes the corruption of .subscriptions files with folders in
+      maildir format. (Closes: #222272)
+  * Some extra information included in dovecot-common.README.Debian.
+    (Closes: #221106)  There should probably be more so if you have ideas
+    let me know.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon,  1 Dec 2003 23:41:00 -0500
+
+dovecot (0.99.10.2-1) unstable; urgency=low
+
+  * New upstream version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 11 Nov 2003 17:21:45 -0500
+
+dovecot (0.99.10-11) unstable; urgency=low
+
+  * Build depend on gnutls 7 instead of 5 (Closes: #219523)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu,  6 Nov 2003 22:25:00 -0500
+
+dovecot (0.99.10-10) unstable; urgency=low
+
+  * maildirmake.dovecot will now let you create maildirs whose names
+   have spaces in them and chown them to a specified user.  Thanks Paul
+   Slootman (Closes: #219168)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue,  4 Nov 2003 20:00:25 +0000
+
+dovecot (0.99.10-9) unstable; urgency=low
+
+  * Don't use SASL2 as upstream says the support is broken.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 23 Sep 2003 16:27:11 +0000
+
+dovecot (0.99.10-8) unstable; urgency=low
+
+  * Patched so suid works on 2.6 kernels.  Thanks Peter Gervai.
+    (Closes: #211420)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 17 Sep 2003 17:59:10 +0000
+
+dovecot (0.99.10-7) unstable; urgency=low
+
+  * Yet another init script fix.  It should be ok now.  Thanks once again
+    to Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 27 Aug 2003 10:56:04 -0400
+
+dovecot (0.99.10-6) unstable; urgency=low
+
+  * fix some errors in init script (closes: #207464)
+    Thanks to Adam Lackorzynski and Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 27 Aug 2003 09:02:23 -0400
+
+dovecot (0.99.10-5) unstable; urgency=high
+
+  * dovecot-pop3d, dovecot-imapd: make sure init script doesn't
+    attempt to start the daemons if unconfigured thus preventing
+    segfault on startup.  (Closes: #206992, #207140)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 25 Aug 2003 16:40:53 -0400
+
+dovecot (0.99.10-4) unstable; urgency=low
+
+  * Updated PAM configuration to the new scheme and added appropriate
+    dependency.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 22 Aug 2003 12:54:54 -0400
+
+dovecot (0.99.10-3) unstable; urgency=low
+
+  * dovecot-pop3d: Patch for proper PAM service name.
+  * dovecot-imapd, dovecot-pop3d: Make sure there is an appropriate
+    entry in the protocol = line in /etc/dovecot.conf so the service
+    will start up without errors. (Closes: #204213)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 21 Aug 2003 13:47:00 -0400
+
+dovecot (0.99.10-2.1) unstable; urgency=low
+
+  * Non-maintainer upload at request of maintainer.
+  * Fix segfault on alpha caused by time_t size. Closes: #203892.
+  * Fix segfault when user's home directory is left empty.
+
+ -- Scott James Remnant <scott@netsplit.com>  Wed,  6 Aug 2003 01:47:16 +0100
+
+dovecot (0.99.10-2) unstable; urgency=low
+
+  * corrected paths to example and configuration files in sample config
+    (Closes: #199740)
+  * Added postgresql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu,  3 Jul 2003 16:45:49 -0400
+
+dovecot (0.99.10-1) unstable; urgency=low
+
+  * New upstream release.
+  * PAM service name has changed to dovecot (for IMAP and POP3.)  I've included
+    code to move /etc/pam.d/imap to /etc/pam.d/dovecot but if things suddenly
+    stop working, this is the first thing to check.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Thu, 26 Jun 2003 22:31:07 -0400
+
+dovecot (0.99.10-0.rc2) unstable; urgency=low
+
+  * New upstream release.  Fixes broken imaps support.
+  * Typo in configure options that broke LDAP support on woody corrected.
+  * Only start /usr/sbin/dovecot if either the IMAP or POP3 servers are
+    installed. (Closes: #192066)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 23 Jun 2003 23:26:04 -0400
+
+dovecot (0.99.9.1-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun,  4 May 2003 21:49:55 -0400
+
+dovecot (0.99.9-1) unstable; urgency=low
+
+  * New upstream release.
+  * The IMAP and POP3 servers have been split into separate package so you
+    don't have to install both.  There is also a dovecot-common package
+    for the parts they share.  The dovecot package is now a dummy just for
+    transitioning to this new scheme.  (Closes: #187826)
+  * Allow chmod in maildirmake.dovecot to fail gracefully (Closes: #191244)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 30 Apr 2003 08:53:46 -0400
+
+dovecot (0.99.8.1-4) unstable; urgency=low
+
+  * Added a build-depends on libsasl-dev (Closes: #187516)
+  * Enabled pop3 service.  However it is still turned off in the config file by
+    default so as to not surprise anyone who thought they only had an IMAP
+    server.
+  * Consequently, changed "IMAP server" in descriptions etc. to "mail server".
+  * only skip key generation if both /etc/ssl/certs/dovecot.pem and
+    /etc/ssl/private/dovecot.pem exist.  (Closes: #187638)
+  * post-0.99.8.1 patch: Fix renaming subfolders with maildir.
+  * post-0.99.8.1 patch: Fix other maildir subfolder problems.
+  * post-0.99.8.1 patch: Fix partial body fetches.
+  * post-0.99.8.1 patch: Fix using LITERAL+APPEND.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sat,  5 Apr 2003 14:13:52 -0500
+
+dovecot (0.99.8.1-3) unstable; urgency=low
+
+  * Fixed bashism and perlism(!) in maildirmake.dovecot.  Thanks Clint
+    Adams. (Closes: #185768)
+  * Enabled LDAP support.  The configuration is in /etc/dovecot-ldap.conf
+    but is commented out.
+  * Happy new year to all Debian users still on the Julian calendar.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Tue, 25 Mar 2003 09:25:37 -0500
+
+dovecot (0.99.8.1-2) unstable; urgency=low
+
+  * Make a separate check for /etc/ssl/private/imapd.pem in case we don't
+    have it. (Closes: #185334)
+  * Move check for dovecot user and creation code to postinsts' configure
+    phase. (Closes: #185333)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 19 Mar 2003 01:50:10 -0500
+
+dovecot (0.99.8.1-1) unstable; urgency=low
+
+  * new upstream release.  (Closes: #184131)  Does not include the POP3
+    server or LDAP and SASL support for now so we can get into the archive
+    quickly.  Fixes segfaults in imap-master (Closes: #184231)  Fixes
+    faulty mail autodetection presets (Closes: #179625)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Sun, 16 Mar 2003 15:47:54 -0500
+
+dovecot (0.99.7-4) unstable; urgency=low
+
+  * Fixed location of handlers. (Closes: #179273)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 31 Jan 2003 18:37:23 -0500
+
+dovecot (0.99.7-3) unstable; urgency=low
+
+  * doh pam file should be called imap not dovecot (Closes: #179180)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 31 Jan 2003 14:12:29 -0500
+
+dovecot (0.99.7-2) unstable; urgency=low
+
+  * Added two upstream patches to fix broken plain authentication and
+    building with vpopmail support (which is not enabled in the Debian
+    package yet.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri, 17 Jan 2003 14:24:22 -0500
+
+dovecot (0.99.7-1) unstable; urgency=low
+
+  * New upstream release.
+  * Syslog no longer fills up with entries when dovecot is misconfigured.
+    (Closes: #175507)
+  * startup is logged now. shutdowns were already logged. (Closes: #175509)
+  * dovecot will not remove your SSL certificates now.  (Closes: #175282)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 15 Jan 2003 00:58:23 -0500
+
+dovecot (0.99.6rc2-1) unstable; urgency=low
+
+  * New upstream release.
+  * Includes patch which stops dovecot from dying on alpha (Closes: #175577)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed,  8 Jan 2003 14:22:09 -0500
+
+dovecot (0.99.5-1) unstable; urgency=low
+
+  * New upstream release with many fixes and improvements.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Fri,  3 Jan 2003 00:53:26 -0500
+
+dovecot (0.99.4-1) unstable; urgency=low
+
+  * Initial Release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 18 Dec 2002 09:44:39 -0500
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..47c8d63
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,300 @@
+Source: dovecot
+Section: mail
+Priority: optional
+Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
+Uploaders: Jaldhar H. Vyas <jaldhar@debian.org>,
+           Jelmer Vernooij <jelmer@debian.org>,
+           Apollon Oikonomopoulos <apoikos@debian.org>,
+           Noah Meyerhans <noahm@debian.org>
+Build-Depends: debhelper-compat (= 13),
+               default-libmysqlclient-dev,
+               krb5-multidev,
+               libapparmor-dev [linux-any],
+               libbz2-dev,
+               libcap-dev [linux-any],
+               libclucene-dev,
+               libdb-dev,
+               libexpat-dev,
+               libexttextcat-dev,
+               libicu-dev,
+               libldap2-dev,
+               liblua5.4-dev,
+               liblz4-dev,
+               liblzma-dev,
+               libpam0g-dev,
+               libpq-dev,
+               libsasl2-dev,
+               libsodium-dev,
+               libsqlite3-dev,
+               libssl-dev,
+               libstemmer-dev,
+               libsystemd-dev [linux-any],
+               libunwind-dev [amd64 arm64 armel armhf hppa i386 ia64 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el sh4],
+               libwrap0-dev,
+               libzstd-dev,
+               lsb-release,
+               pkg-config,
+               zlib1g-dev
+Standards-Version: 4.6.1
+Rules-Requires-Root: binary-targets
+Homepage: https://dovecot.org/
+Vcs-Git: https://salsa.debian.org/debian/dovecot.git
+Vcs-Browser: https://salsa.debian.org/debian/dovecot
+
+Package: dovecot-core
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends: adduser,
+         libpam-runtime,
+         lsb-base,
+         openssl,
+         ssl-cert,
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Suggests: dovecot-gssapi,
+          dovecot-imapd,
+          dovecot-ldap,
+          dovecot-lmtpd,
+          dovecot-lucene,
+          dovecot-managesieved,
+          dovecot-mysql,
+          dovecot-pgsql,
+          dovecot-pop3d,
+          dovecot-sieve,
+          dovecot-solr,
+          dovecot-sqlite,
+          dovecot-submissiond,
+          ntp
+Provides: dovecot-abi-${dovecot:ABI-Version}, dovecot-common
+Replaces: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Breaks: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Description: secure POP3/IMAP server - core files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot main server and its command line utility.
+
+Package: dovecot-dev
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - header files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains header files needed to compile plugins for the Dovecot
+ mail server.
+
+Package: dovecot-imapd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Suggests: ufw
+Provides: imap-server
+Description: secure POP3/IMAP server - IMAP daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot IMAP server.
+
+Package: dovecot-pop3d
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Suggests: ufw
+Provides: pop3-server
+Description: secure POP3/IMAP server - POP3 daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot POP3 server.
+
+Package: dovecot-lmtpd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - LMTP server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot LMTP server.
+
+Package: dovecot-managesieved
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         dovecot-sieve (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - ManageSieve server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot ManageSieve server.
+
+Package: dovecot-pgsql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - PostgreSQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides PostgreSQL support for Dovecot.
+
+Package: dovecot-mysql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - MySQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides MySQL support for Dovecot.
+
+Package: dovecot-sqlite
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - SQLite support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides SQLite support for Dovecot.
+
+Package: dovecot-ldap
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Replaces: dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - LDAP support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides LDAP support for Dovecot.
+
+Package: dovecot-gssapi
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - GSSAPI support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides GSSAPI authentication support for Dovecot.
+
+Package: dovecot-sieve
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Breaks: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Replaces: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - Sieve filters support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Sieve filters support for Dovecot.
+
+Package: dovecot-solr
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Solr support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Solr full text search support for Dovecot.
+
+Package: dovecot-lucene
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Lucene support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Lucene full text search support for Dovecot.
+
+Package: dovecot-submissiond
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+         ucf,
+         ${misc:Depends},
+         ${shlibs:Depends}
+Breaks: dovecot-submission (<< 1:2.3.1-2~)
+Replaces: dovecot-submission (<< 1:2.3.1-2~)
+Description: secure POP3/IMAP server - mail submission agent
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot Mail Submission Agent which implements a
+ basic SMTP submission service with BURL support.
+
+Package: dovecot-auth-lua
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Lua authentication plugin
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains an authentication plugin allowing password and user
+ databases to be implemented in Lua.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..69676a8
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,271 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: dovecot
+Upstream-Contact: Timo Sirainen <tss@iki.fi>
+                  Dovecot Mailing List <dovecot@dovecot.org>
+Comment: This package was debianized by Jaldhar H. Vyas <jaldhar@debian.org> on
+         Tue,  3 Dec 2002 01:10:07 -0500.
+Source: https://github.com/dovecot/core
+Files-Excluded-pigeonhole: doc/rfc
+
+Files: *
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: LGPL-2.1
+
+Files: src/lib/*
+       src/lib-sql/*
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: MIT
+
+Files: src/auth/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+           (c) 2005 Jelmer Vernooij <jelmer@samba.org>
+           (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+           (c) 2007 Dmitry Butskoy <dmitry@butskoy.name>
+           (C) 2006 Simon L Jackson
+           (c) 2015-2017 Dovecot Oy
+License: MIT
+
+Files: src/auth/password-scheme-md5crypt.c
+Copyright: Poul-Henning Kamp <phk@login.dknet.dk>
+License: Beerware
+ "THE BEER-WARE LICENSE" (Revision 42):
+ <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
+ can do whatever you want with this stuff. If we meet some day, and you think
+ this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
+
+Files: src/lib-otp/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+           (c) Copyright 1997-2005 Simon Tatham
+License: MIT
+
+Files: src/lib/md5.c
+Copyright: N/A
+License: public-domain-solardiz
+ Written by Solar Designer <solar@openwall.com> in 2001, and placed in the
+ public domain. There's absolutely no warrant.
+
+Files: src/lib/sha1.*
+Copyright:  Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+License: BSD-3-Clause
+
+Files: src/lib/sha2.* src/lib/sha3.*
+Copyright: Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
+License: BSD-3-Clause
+
+Files: src/lib/byteorder.h src/lib/test-byteorder.c
+Copyright: (c) 2016-2017 Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
+License: MIT
+
+Files: src/lib/hmac.*
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+           (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+License: MIT
+
+Files: src/lib/hmac-cram-md5.c
+Copyright: (c) 2003 Joshua Goodall <joshua@roughtrade.net>
+License: MIT
+
+Files: src/lib/ioloop-iolist.c
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+License: MIT
+
+Files: src/lib/ioloop-kqueue.c src/lib/ioloop-notify-kqueue.c
+Copyright: (c) 2005 Vaclav Haisman <v.haisman@sh.cvut.cz>
+License: MIT
+
+Files: src/lib/UnicodeData.txt
+Copyright: Copyright (C) 1991-2007 Unicode, Inc.
+License: Unicode-DFS-2015
+
+Files: src/lib-fts/stopwords/*
+Copyright: Copyright (c) 2001, Dr Martin Porter
+           Copyright (c) 2002, Richard Boulton.
+Comment: License obtained from http://snowball.tartarus.org/license.html
+License: BSD-3-Clause
+
+Files: src/lib-fts/stopwords/stopwords_en.txt
+Copyright: Apache Software Foundation
+License: Apache-2.0
+
+Files: src/lib-fts/stopwords/stopwords_ro.txt
+Copyright: (c) 2005, Jacques Savoy.
+License: BSD-2-Clause
+
+Files: src/plugins/fts-lucene/Snowball*
+Copyright: (C) 2003-2006 Ben van Klinken and the CLucene Team
+License: Apache-2.0 or LGPL-2.1
+
+Files: debian/*
+Copyright: (c) 2006-2016 Jaldhar H. Vyas <jaldhar@debian.org>
+           (c) 2006-2009 Fabio Tranchitella <kobold@debian.org>
+           (c) 2008-2009 Joel Johnson <mrjoel@lixil.net>
+           (c) 2009-2012 Marco Nenciarini <mnencia@debian.org>
+           (c) 2011-2013 Micah Anderson <micah@debian.org>
+           (c) 2014-2015 Jelmer Vernooij <jelmer@debian.org>
+           (c) 2016-2018 Apollon Oikonomopoulos <apoikos@debian.org>
+	   (c) 2020-2022 Noah Meyerhans <noahm@debian.org>
+	   (c) 2020-2022 Christian Göttsche <cgzones@googlemail.com>
+License: GPL-2+
+
+Files: pigeonhole/*
+Copyright: (c) 2002-2021 Stephan Bosch <stephan@rename-it.nl>
+           (c) 2002-2021 Dovecot authors
+Comment: Source obtained from https://pigeonhole.dovecot.org/
+License: LGPL-2.1
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the "Software"),
+ to deal in the Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ and/or sell copies of the Software, and to permit persons to whom the
+ Software is furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ DEALINGS IN THE SOFTWARE.
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+ .
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ .
+ On Debian systems, the full text of the GNU Lesser General Public License can
+ be found at /usr/share/common-licenses/LGPL-2.1.
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+     http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the full text of the Apache License, Version 2.0 can be
+ found at /usr/share/common-licenses/Apache-2.0.
+
+License: BSD-3-Clause
+ All rights reserved.
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its contributors
+    may be used to endorse or promote products derived from this software
+    without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: BSD-2-Clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ .
+ 1. Redistributions of source code must retain the above copyright notice, this
+    list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+    this list of conditions and the following disclaimer in the documentation
+    and/or other materials provided with the distribution.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ .
+ On Debian systems, the full text of the GNU General Public License version 2
+ can be found at /usr/share/common-licenses/GPL-2.
+
+License: Unicode-DFS-2015
+ Copyright © 1991-2015 Unicode, Inc. All rights reserved. Distributed under the
+ Terms of Use in http://www.unicode.org/copyright.html.
+ .
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of the Unicode data files and any associated documentation (the "Data Files")
+ or Unicode software and any associated documentation (the "Software") to deal
+ in the Data Files or Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, and/or sell copies
+ of the Data Files or Software, and to permit persons to whom the Data Files or
+ Software are furnished to do so, provided that
+ .
+ (a) this copyright and permission notice appear with all copies of the Data
+     Files or Software,
+ (b) this copyright and permission notice appear in associated documentation,
+     and
+ (c) there is clear notice in each modified Data File or in the Software as
+     well as in the documentation associated with the Data File(s) or Software
+     that the data or software has been modified.
+ .
+ THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
+ KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD
+ PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN
+ THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
+ DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+ WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE DATA FILES OR
+ SOFTWARE.
+ .
+ Except as contained in this notice, the name of a copyright holder shall not
+ be used in advertising or otherwise to promote the sale, use or other dealings
+ in these Data Files or Software without prior written authorization of the
+ copyright holder.
diff --git a/debian/dh.pem b/debian/dh.pem
new file mode 100644
index 0000000..a734b90
--- /dev/null
+++ b/debian/dh.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
+-----END DH PARAMETERS-----
diff --git a/debian/dovecot-core.NEWS b/debian/dovecot-core.NEWS
new file mode 100644
index 0000000..625a1bf
--- /dev/null
+++ b/debian/dovecot-core.NEWS
@@ -0,0 +1,181 @@
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+  Upgrading to the 2.3 series may require manual configuration changes.
+  Some settings have been removed, while others have had their defaults
+  changed. Please see
+
+    /usr/share/doc/dovecot-core/wiki/Upgrading.2.3.txt.gz
+
+  or the online version at
+
+    https://wiki2.dovecot.org/Upgrading/2.3
+
+  for more information and review your configuration accordingly.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Sat, 24 Mar 2018 00:34:07 +0200
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+  TLS is now enabled by default, using the ssl-cert-snakeoil certificate
+  provided by the ssl-cert package. Upgrades from older versions will be
+  prompted to accept the new configuration and enable TLS. If you have already
+  configured TLS yourself, you'll most probably want to keep your settings
+  intact.
+ 
+  See /usr/share/doc/dovecot-core/README.Debian for more information on the
+  certificate's default location and how to install your own certificates.
+ 
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Sun, 25 Jun 2017 01:09:28 +0300
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+  This release disables the dovecot.socket systemd unit by default. The unit is
+  disabled only if the dovecot.service unit is already enabled, making sure
+  that dovecot will start on system boot. If you are upgrading dovecot and
+  previously relied on dovecot.socket and dovecot.service being both enabled,
+  please re-enable dovecot.socket manually using
+
+     systemctl enable dovecot.socket
+
+  Future package updates will not disable the socket unit again. For details
+  regarding this decision, please see Debian bugs #803915 and #814999.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org>  Fri, 19 Feb 2016 16:54:27 +0200
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+  If you are upgrading from stable or the earlier 2.1.7 packages in testing,
+  you are advised to  backup your configuration files before continuing.
+  Carefully read /usr/share/doc/dovecot-core/README.Debian.gz for important
+  information about problems that might affect your upgrade.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.0.5-1) experimental; urgency=low
+
+  * A lot of settings have changed. Dovecot v2.0 can still use most of
+    the v1.x configuration files, but it logs a lot of warnings at
+    startup. A quick and easy way to convert your old config file to
+    v2.0 format is:
+
+    doveconf -n -c dovecot-1.conf > dovecot-2.conf
+
+    This command logs a warning about each obsolete setting it
+    converts to the new format. You can either go through the warnings
+    to figure out what changes exactly were done, or you can simply
+    trust doveconf and replace your old config with the newly
+    generated one.
+
+  * Dovecot uses two system users for internal purposes now by
+    default: "dovenull" and "dovecot". "dovenull" user is used by
+    completely untrustworthy processes, while "dovecot" user is used
+    for slightly more trusted processes.
+
+  * In conf.d/10-mail.conf, the default mail_location is set to
+    mbox:~/mail:INBOX=/var/mail/%u
+    This has to be set because Dovecots auto-detection of mailboxes fails
+    when a user has no mail.  I tried to provide a reasonable default
+    but advanced users will certainly want to change this.
+
+    Related to this, you might see an error in the logs about dovecot not
+    being able to chgrp certain files.  This is because the default user
+    mailboxes in Debian belong to group mail which dovecot is not part of
+    (nor should be.)  The Debian package has been patched so that the error
+    will not be fatal but for a more permanent solution, see here:
+    http://wiki2.dovecot.org/Errors/ChgrpNoPerm  for some discussion.  Or
+    you can set mail_location (and the equivalent settings in your MDA) so
+    that mailboxes are in the users home directory.
+
+  * No more convert plugin, use dsync instead
+
+  * No more expire-tool, use doveadm expunge instead. Also expire
+    configuration is different.
+
+  * Post-login scripts are configured differently and need to be modified
+
+  * Quota warnings are configured differently and the script may need
+    to be modified (most environment settings like $USER are gone)
+
+  * Global ACL filenames now require namespace prefix (e.g. if you use
+    "INBOX." prefix, /etc/acls/foo needs to be renamed to
+    /etc/acls/INBOX.foo
+
+  * Maildir: Permissions for newly created mail files are no longer
+    copied from dovecot-shared file, but instead from the mail
+    directory (e.g. for "foo" mailbox, they're taken from
+    ~/Maildir/.foo directory)
+
+  * dbox: v2.0 format is slightly different, but backwards
+    compatible. The main problem is that v2.0 no longer supports
+    maildir-dbox hybrid resulting from "fast Maildir migration". If
+    you have any Maildir files in your dbox, you need to convert them
+    somehow (some examples). You might also consider using dsync to
+    get rid of the old unused metadata in your dbox files.
+
+
+  * Pre-login and post-login CAPABILITY reply is now
+    different. Dovecot expects clients to recognize new automatically
+    sent capabilities. This should work with all commonly used
+    clients, but some rarely used clients might have problems. Either
+    get the client fixed, or set imap_capability manually.
+
+  * ManageSieve protocol was assigned an official port by IANA:
+    4190. This is used by Pigeonhole by default now. If you want to
+    listen also on the old 2000 port, see the example in
+    /usr/share/doc/dovecot-common/wiki/ManageSieve.Configuration.txt.gz
+
+  * deliver binary was renamed to dovecot-lda (but a symlink still
+    exists for now)
+
+  * deliver -n parameter was replaced by lda_mailbox_autocreate
+    setting. The default also changed to "no".
+
+  * deliver -s parameter was replaced by lda_mailbox_autosubscribe
+    setting. The default is "no", as before.
+
+ -- Marco Nenciarini <mnencia@debian.org>  Mon, 18 Oct 2010 12:59:14 +0200
+
+dovecot (1:1.0.12-1) unstable; urgency=low
+
+  * mail_extra_groups=mail setting is often used insecurely to give Dovecot
+    access to create dotlocks to /var/mail directory. The setting has been
+    replaced by mail_privileged_group and mail_access_groups.
+    Read also: http://dovecot.org/list/dovecot/2008-March/029196.html
+
+ -- Fabio Tranchitella <kobold@debian.org>  Thu, 06 Mar 2008 15:46:03 +0100
+
+dovecot (1.0.beta3-1) unstable; urgency=low
+
+  * Starting from this release, dovecot-lda is included in dovecot-common.
+    The previous executable deliver has been removed from the upstream 
+    source package.
+  * Other new features recently added include
+    + vpopmail support
+    + quota support
+    + GSSAPI support
+  * All these new features mean there are some configuration file changes 
+    please review the default /etc/dovecot/dovecot.conf and merge in any
+    new bits.  (If you don't use any new features, your configuration should
+    remain compatible.)
+
+ -- Fabio Tranchitella <kobold@debian.org>  Fri, 17 Feb 2006 17:05:37 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+  * This is the 1.0alpha branch.  Once again there have been incompatible 
+    changes to the syntax of /etc/dovecot/dovecot.conf. 
+  * The dovecot-common package now includes the zlib plugin for compressed
+    mboxen.  Make sure you have mail_use_modules=yes in imap and/or pop3 
+    section in /etc/dovecot/dovecot.conf if you want to use this.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+  * This is the 1.0stable development branch.  There have been major 
+    changes and new features have been added so check your configuration 
+    carefully.  In particular, /etc/dovecot/dovecot-mysql.conf and 
+    /etc/dovecot/dovecot-pgsql.conf have been replaced by
+    /etc/dovecot/dovecot-sql.conf .
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org>  Wed, 20 Jul 2005 06:30:37 -0400
diff --git a/debian/dovecot-core.README.Debian b/debian/dovecot-core.README.Debian
new file mode 100644
index 0000000..e4fc73c
--- /dev/null
+++ b/debian/dovecot-core.README.Debian
@@ -0,0 +1,35 @@
+Dovecot Debian package
+======================
+
+Please refer to http://wiki2.dovecot.org for the full documentation of this
+package and its configuration.
+
+Note that the default value for mbox_write_locks differs between Debian and
+upstream Dovecot:
+	Debian:  mbox_write_locks = "fnctl dotlock"
+	Dovecot: mbox_write_locks = "dotlock fnctl"
+
+TLS setup
+---------
+
+TLS is enabled by default on new installations. Dovecot will use the
+self-signed certificate provided by ssl-cert-snakeoil by default. The
+certificate and key are accessed via symbolic links in /etc/dovecot/private.
+
+If you wish to use your own certificates, feel free to replace the symbolic
+links in /etc/dovecot/private with the actual certificate/key of your
+preference, or place the certificate and key at the location of your preference
+and update /etc/dovecot/conf.d/10-ssl.conf accordingly.
+
+dovenull group
+--------------
+
+Upstream recommends that for security's sake, the dovenull user should belong
+to its own private group to which no one else belongs.  Prior to 2.2.9-1, the
+dovenull user was in the nogroup group which contains other users.  This has
+been rectified for new installs but upgraders should make the change
+themselves like this:
+
+# addgroup --system --group dovenull
+# usermod -g dovenull dovenull
+
diff --git a/debian/dovecot-core.bug-control b/debian/dovecot-core.bug-control
new file mode 100644
index 0000000..0002beb
--- /dev/null
+++ b/debian/dovecot-core.bug-control
@@ -0,0 +1 @@
+package-status: dovecot-common dovecot-core dovecot-dev dovecot-gssapi dovecot-imapd dovecot-ldap dovecot-lmtpd dovecot-managesieved dovecot-mysql dovecot-pgsql dovecot-pop3d dovecot-sieve dovecot-sqlite
diff --git a/debian/dovecot-core.bug-script b/debian/dovecot-core.bug-script
new file mode 100644
index 0000000..1bf1d19
--- /dev/null
+++ b/debian/dovecot-core.bug-script
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -e
+
+pecho() {
+    echo "$@"
+    echo "$@"|sed 's/./-/g'
+}
+
+
+if [ -x /usr/bin/doveconf ]
+then
+	echo
+	cat <<-EOF
+	You can append "doveconf -n" output to the bug report. It will help the
+	maintainers to better understand your configuration.
+	It normally doesn't contain any sensitive information, but you should 
+        review it before sending.
+	EOF
+	echo
+	yesno "Do you want to append \"doveconf -n\" output to your bug report? " yep
+	if [ "$REPLY" == yep ]
+	then
+		echo >&3
+		pecho "dovecot configuration" >&3
+		/usr/bin/doveconf -n >&3
+	fi
+fi
diff --git a/debian/dovecot-core.dirs b/debian/dovecot-core.dirs
new file mode 100644
index 0000000..b91716f
--- /dev/null
+++ b/debian/dovecot-core.dirs
@@ -0,0 +1,4 @@
+etc/dovecot/conf.d
+etc/dovecot/private
+usr/share/dovecot/protocols.d
+var/lib/dovecot
diff --git a/debian/dovecot-core.docs b/debian/dovecot-core.docs
new file mode 100644
index 0000000..5502ed8
--- /dev/null
+++ b/debian/dovecot-core.docs
@@ -0,0 +1,3 @@
+NEWS
+README
+TODO
diff --git a/debian/dovecot-core.dovecot.default b/debian/dovecot-core.dovecot.default
new file mode 100644
index 0000000..dee9239
--- /dev/null
+++ b/debian/dovecot-core.dovecot.default
@@ -0,0 +1,4 @@
+# /etc/default/dovecot
+
+# Set to '1' to allow Dovecot daemons to produce core dumps
+#ALLOW_COREDUMPS=1
diff --git a/debian/dovecot-core.dovecot.init b/debian/dovecot-core.dovecot.init
new file mode 100644
index 0000000..730c323
--- /dev/null
+++ b/debian/dovecot-core.dovecot.init
@@ -0,0 +1,185 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          dovecot
+# Required-Start:    $local_fs $remote_fs $network $syslog $time
+# Required-Stop:     $local_fs $remote_fs $network $syslog
+# Should-Start:      postgresql mysql slapd winbind nslcd
+# Should-Stop:       postgresql mysql slapd winbind nslcd
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Dovecot init script
+# Description:       Init script for dovecot services
+### END INIT INFO
+
+# Author: Miquel van Smoorenburg <miquels@cistron.nl>.
+#         Modified for Debian GNU/Linux
+#         by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="IMAP/POP3 mail server"
+NAME=dovecot
+DAEMON=/usr/sbin/dovecot
+DAEMON_ARGS=""
+SCRIPTNAME=/etc/init.d/$NAME
+CONF=/etc/dovecot/${NAME}.conf
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Exit if the configuration file doesn't exist
+[ -f "$CONF" ] || exit 0
+
+# Exit if explicitly told to
+[ "$ENABLED" != "0" ] || exit 0
+
+# Allow core dumps if requested
+[ "$ALLOW_COREDUMPS" != "1" ] || ulimit -c unlimited
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# conf file readable?
+if [ ! -r ${CONF} ]; then
+  log_daemon_msg "${CONF}: not readable" "$NAME" && log_end_msg 1;
+  exit 1;
+fi
+
+# dont check for inetd.conf if its not installed
+if [ -f /etc/inetd.conf ]; then
+  # The init script should do nothing if dovecot or another imap/pop3 server
+  # is being run from inetd, and dovecot is configured to run as an imap or
+  # pop3 service
+  for p in `sed -r "s/^ *(([^:]+|\[[^]]+]|\*):)?(pop3s?|imaps?)[ \t].*/\3/;t;d" \
+    /etc/inetd.conf`
+  do
+    for q in `doveconf -n -h protocols`
+    do
+      if [ $p = $q ]; then
+        log_daemon_msg "protocol ${p} configured both in inetd and in dovecot" "$NAME" && log_end_msg 1
+        exit 0
+      fi
+    done
+  done
+fi
+
+# determine the location of the PID file
+# override by setting base_dir in conf file or PIDBASE in /etc/defaults/$NAME
+PIDBASE=${PIDBASE:-`doveconf -n -c ${CONF} -h base_dir`}
+PIDFILE=${PIDBASE:-/var/run/dovecot}/master.pid
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+    # Return
+    #   0 if daemon has been started
+    #   1 if daemon was already running
+    #   2 if daemon could not be started
+    start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test -- -c ${CONF} > /dev/null \
+        || return 1
+    start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -c ${CONF} \
+        $DAEMON_ARGS \
+        || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+    # Return
+    #   0 if daemon has been stopped
+    #   1 if daemon was already stopped
+    #   2 if daemon could not be stopped
+    #   other if a failure occurred
+    start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+    RETVAL="$?"
+    [ "$RETVAL" = 2 ] && return 2
+    # Wait for children to finish too if this is a daemon that forks
+    # and if the daemon is only ever run from this initscript.
+    # If the above conditions are not satisfied then add some other code
+    # that waits for the process to drop all resources that could be
+    # needed by services started subsequently.  A last resort is to
+    # sleep for some time.
+    start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+    [ "$?" = 2 ] && return 2
+    # Many daemons don't delete their pidfiles when they exit.
+    rm -f $PIDFILE
+    return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+    #
+    # If the daemon can reload its configuration without
+    # restarting (for example, when it is sent a SIGHUP),
+    # then implement that here.
+    #
+    start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+    return 0
+}
+
+
+case "$1" in
+  start)
+    log_daemon_msg "Starting $DESC" "$NAME"
+    do_start
+    case "$?" in
+        0|1) log_end_msg 0 ;;
+        2) log_end_msg 1 ;;
+    esac
+    ;;
+  stop)
+    log_daemon_msg "Stopping $DESC" "$NAME"
+    do_stop
+    case "$?" in
+        0|1) log_end_msg 0 ;;
+        2) log_end_msg 1 ;;
+    esac
+    ;;
+  reload|force-reload)
+    log_daemon_msg "Reloading $DESC" "$NAME"
+    do_reload
+    log_end_msg $?
+    ;;
+  restart)
+    #
+    # If the "reload" option is implemented then remove the
+    # 'force-reload' alias
+    #
+    log_daemon_msg "Restarting $DESC" "$NAME"
+    do_stop
+    case "$?" in
+      0|1)
+        do_start
+        case "$?" in
+            0) log_end_msg 0 ;;
+            1) log_end_msg 1 ;; # Old process is still running
+            *) log_end_msg 1 ;; # Failed to start
+        esac
+        ;;
+      *)
+        # Failed to stop
+        log_end_msg 1
+        ;;
+    esac
+    ;;
+  status)
+    status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+    ;;
+  *)
+    echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
+    exit 3
+    ;;
+esac
diff --git a/debian/dovecot-core.dovecot.pam b/debian/dovecot-core.dovecot.pam
new file mode 100644
index 0000000..3443434
--- /dev/null
+++ b/debian/dovecot-core.dovecot.pam
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/debian/dovecot-core.examples b/debian/dovecot-core.examples
new file mode 100644
index 0000000..80af4bc
--- /dev/null
+++ b/debian/dovecot-core.examples
@@ -0,0 +1 @@
+src/plugins/fts/decode2text.sh
diff --git a/debian/dovecot-core.install b/debian/dovecot-core.install
new file mode 100644
index 0000000..d074ca8
--- /dev/null
+++ b/debian/dovecot-core.install
@@ -0,0 +1,5 @@
+debian/dh.pem				usr/share/dovecot
+debian/dovecot-openssl.cnf		usr/share/dovecot
+debian/maildirmake.dovecot		usr/bin
+doc/example-config/*.conf*		usr/share/dovecot
+doc/example-config/conf.d/*.conf*	usr/share/dovecot/conf.d
diff --git a/debian/dovecot-core.lintian-overrides b/debian/dovecot-core.lintian-overrides
new file mode 100644
index 0000000..ada3045
--- /dev/null
+++ b/debian/dovecot-core.lintian-overrides
@@ -0,0 +1,74 @@
+# hardening flags are set and blhc succeeds; might need some investigation
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/auth]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/config]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/director]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/gdbhelper]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/libdovecot-login.so.0.0.0]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/libdovecot-storage.so.0.0.0]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib10_quota_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib20_fts_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib20_replication_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib99_welcome_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/quota-status]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script-login]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/xml2text]
+dovecot-core: package-contains-empty-directory [usr/share/dovecot/protocols.d/]
+dovecot-core: package-contains-empty-directory [usr/lib/dovecot/modules/dict/]
+dovecot-core: spelling-error-in-readme-debian dovenull dovenull (duplicate word) dovenull [usr/share/doc/dovecot-core/README.Debian]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libold_stats_mail.so]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libstats_auth.so]
+dovecot-core [armel]: library-not-linked-against-libc usr/lib/dovecot/modules/lib20_listescape_plugin.so
+# ignore internal libraries without dependency information
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/lib20_listescape_plugin.so]
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libpigeonhole_settings.so]
+# ignore extra man pages
+dovecot-core: spare-manual-page [usr/share/man/man1/deliver.1.gz]
+# keep all man pages in section 1 for now
+dovecot-core: manual-page-for-system-command [usr/sbin/dovecot]
+# ignore executable-in-usr-lib, maybe move to libexec at some point
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/aggregator]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/anvil]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/auth]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/checkpassword-reply]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/config]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dict]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/director]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dns-client]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/doveadm-server]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dovecot-lda]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/gdbhelper]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/health-check.sh]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer-worker]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/ipc]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/log]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/maildirlock]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/old-stats]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/quota-status]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/rawlog]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/replicator]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script-login]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/stats]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/tcpwrap]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/xml2text]
+# ignore equal stub files
+dovecot-core: duplicate-files usr/share/doc/dovecot-core/wiki/Pigeonhole.ManageSieve.Install.txt usr/share/doc/dovecot-core/wiki/Plugins.Stats.txt
+# ignore stopwords txt files not in /usr/share/doc
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_da.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_de.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_en.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_es.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fi.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fr.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_it.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_nl.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_no.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_pt.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ro.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ru.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_sv.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_tr.txt]
+# ulimit -c might be specified but is supported by bash and dash
+dovecot-core: bash-term-in-posix-shell '| ulimit' [etc/init.d/dovecot:43]
diff --git a/debian/dovecot-core.manpages b/debian/dovecot-core.manpages
new file mode 100644
index 0000000..926f5cc
--- /dev/null
+++ b/debian/dovecot-core.manpages
@@ -0,0 +1 @@
+debian/maildirmake.dovecot.1
diff --git a/debian/dovecot-core.postinst b/debian/dovecot-core.postinst
new file mode 100644
index 0000000..cb90f03
--- /dev/null
+++ b/debian/dovecot-core.postinst
@@ -0,0 +1,87 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="dovecot.conf \
+    dovecot-dict-auth.conf.ext \
+    dovecot-dict-sql.conf.ext \
+    dovecot-sql.conf.ext \
+    conf.d/10-auth.conf \
+    conf.d/10-director.conf \
+    conf.d/10-logging.conf \
+    conf.d/10-mail.conf \
+    conf.d/10-master.conf \
+    conf.d/10-ssl.conf \
+    conf.d/10-tcpwrapper.conf \
+    conf.d/15-lda.conf \
+    conf.d/15-mailboxes.conf \
+    conf.d/90-acl.conf \
+    conf.d/90-plugin.conf \
+    conf.d/90-quota.conf \
+    conf.d/auth-checkpassword.conf.ext \
+    conf.d/auth-deny.conf.ext \
+    conf.d/auth-dict.conf.ext \
+    conf.d/auth-master.conf.ext \
+    conf.d/auth-passwdfile.conf.ext \
+    conf.d/auth-sql.conf.ext \
+    conf.d/auth-static.conf.ext \
+    conf.d/auth-system.conf.ext"
+
+  OLD_CONFFILES="conf.d/auth-vpopmail.conf.ext"
+
+  ## Users
+  #
+
+  adduser --system --group --home /usr/lib/dovecot --gecos "Dovecot mail server" \
+          --no-create-home --disabled-password --quiet dovecot || true
+
+  adduser --system --group --home /nonexistent --no-create-home --gecos "Dovecot login user" \
+          --disabled-password --quiet dovenull || true
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-core "/etc/dovecot/$conffile"
+    if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+		[ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+      chmod 0640 "/etc/dovecot/$conffile"
+      chgrp dovecot "/etc/dovecot/$conffile"
+    fi
+  done
+
+  for oldconffile in $OLD_CONFFILES ; do
+    if [ -e "/etc/dovecot/$oldconffile" ]; then
+      echo "Configuration file '/etc/dovecot/$oldconffile' is obsolete. Please remove."
+      ucf --purge "/etc/dovecot/$conffile"
+      ucfr --purge dovecot-core "/etc/dovecot/$conffile"
+    fi
+  done
+
+
+  if ! dpkg-statoverride --list /etc/dovecot/private >/dev/null; then
+    dpkg-statoverride --quiet --update --add root root 0700 /etc/dovecot/private
+  fi
+
+  # SSL configuration
+  # Use the ssl-cert-snakeoil certificate in the following cases:
+  # - On new installations
+  if [ -z "$2" ]; then
+    if [ ! -e /etc/dovecot/private/dovecot.key ] && \
+       [ ! -e /etc/dovecot/private/dovecot.pem ] && \
+       [ -e /etc/ssl/certs/ssl-cert-snakeoil.pem ] && \
+       [ -e /etc/ssl/private/ssl-cert-snakeoil.key ]; then
+      ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/dovecot/private/dovecot.pem
+      ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/dovecot/private/dovecot.key
+    fi
+  fi
+fi
+
+if [ "$1" = "triggered" ]; then
+    if [ -x "/etc/init.d/dovecot" ]; then
+        invoke-rc.d dovecot restart
+    fi
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-core.postrm b/debian/dovecot-core.postrm
new file mode 100644
index 0000000..87f6d12
--- /dev/null
+++ b/debian/dovecot-core.postrm
@@ -0,0 +1,48 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+    for conffile in $(ucfq --with-colons dovecot-core | cut -d: -f1); do
+        # we mimic dpkg as closely as possible, so we remove configuration
+        # files with dpkg backup extensions too:
+        ### Some of the following is from Tore Anderson:
+        for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+            rm -f "$conffile$ext"
+        done
+        # remove the configuration file itself
+        rm -f "$conffile"
+        # and finally clear it out from the ucf database
+        if which ucf >/dev/null; then
+            ucf --purge "$conffile"
+        fi
+        if which ucfr >/dev/null; then
+            ucfr --purge dovecot-core "$conffile"
+        fi
+    done
+
+    userdel dovecot || true;
+    userdel dovenull || true;
+
+    if [ -d /run/dovecot ]; then
+        rm -rf /run/dovecot
+    fi
+
+    # Remove dovecot.pem and dovecot.key only if they are symlinks; otherwise
+    # we might remove CA-issued certificates that are difficult and/or
+    # expensive to replace.
+    for file in /etc/dovecot/private/dovecot.pem /etc/dovecot/private/dovecot.key; do
+        if [ -h "$file" ]; then
+            rm -f "$file"
+        else
+            echo "${file} is not a symbolic link, skipping removal." >&2
+        fi
+    done
+fi
+
+if [ "$1" = "triggered" ]; then
+    if [ -x "/etc/init.d/dovecot" ]; then
+        invoke-rc.d dovecot start
+    fi
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-core.triggers b/debian/dovecot-core.triggers
new file mode 100644
index 0000000..9f8f2ff
--- /dev/null
+++ b/debian/dovecot-core.triggers
@@ -0,0 +1,2 @@
+interest-noawait register-dovecot-plugin
+interest-noawait /usr/lib/dovecot/modules
diff --git a/debian/dovecot-dev.README.Debian b/debian/dovecot-dev.README.Debian
new file mode 100644
index 0000000..cdcf38f
--- /dev/null
+++ b/debian/dovecot-dev.README.Debian
@@ -0,0 +1,10 @@
+/usr/share/dovecot/dovecot-abi contains that portion of DOVECOT_ABI_VERSION
+from configure.ac outside parentheses (i.e not including the package version.)
+It might look something like this:
+
+2.2.ABIv10
+
+...packages providing plugins for dovecot can use this information in their
+dependencies to avoid having to update every time there is a minor update to 
+the dovecot package.
+
diff --git a/debian/dovecot-dev.lintian-overrides b/debian/dovecot-dev.lintian-overrides
new file mode 100644
index 0000000..1d459c2
--- /dev/null
+++ b/debian/dovecot-dev.lintian-overrides
@@ -0,0 +1,2 @@
+# plugins probably need the package name
+dovecot-dev: package-name-defined-in-config-h usr/include/dovecot/config.h
diff --git a/debian/dovecot-gssapi.links b/debian/dovecot-gssapi.links
new file mode 100644
index 0000000..dde94f9
--- /dev/null
+++ b/debian/dovecot-gssapi.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-gssapi
diff --git a/debian/dovecot-imapd.links b/debian/dovecot-imapd.links
new file mode 100644
index 0000000..d0fb029
--- /dev/null
+++ b/debian/dovecot-imapd.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-imapd
diff --git a/debian/dovecot-imapd.postinst b/debian/dovecot-imapd.postinst
new file mode 100644
index 0000000..d85113f
--- /dev/null
+++ b/debian/dovecot-imapd.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/20-imap.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-imapd "/etc/dovecot/$conffile"
+  done
+
+  echo 'protocols = $protocols imap' > /usr/share/dovecot/protocols.d/imapd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.postrm b/debian/dovecot-imapd.postrm
new file mode 100644
index 0000000..dcaaeaf
--- /dev/null
+++ b/debian/dovecot-imapd.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-imapd | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-imapd "$conffile"
+		fi
+	done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+	rm -f /usr/share/dovecot/protocols.d/imapd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.prerm b/debian/dovecot-imapd.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-imapd.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+	invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-imapd.triggers b/debian/dovecot-imapd.triggers
new file mode 100644
index 0000000..a71d0af
--- /dev/null
+++ b/debian/dovecot-imapd.triggers
@@ -0,0 +1 @@
+activate-noawait register-dovecot-plugin
diff --git a/debian/dovecot-imapd.ufw.profile b/debian/dovecot-imapd.ufw.profile
new file mode 100644
index 0000000..17db05c
--- /dev/null
+++ b/debian/dovecot-imapd.ufw.profile
@@ -0,0 +1,11 @@
+[Dovecot IMAP]
+title=Secure mail server (IMAP)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=143/tcp
+
+[Dovecot Secure IMAP]
+title=Secure mail server (IMAPS)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=993/tcp
diff --git a/debian/dovecot-ldap.links b/debian/dovecot-ldap.links
new file mode 100644
index 0000000..0f3fcdb
--- /dev/null
+++ b/debian/dovecot-ldap.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-ldap
diff --git a/debian/dovecot-ldap.postinst b/debian/dovecot-ldap.postinst
new file mode 100644
index 0000000..d259966
--- /dev/null
+++ b/debian/dovecot-ldap.postinst
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="dovecot-ldap.conf.ext
+	conf.d/auth-ldap.conf.ext"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-ldap "/etc/dovecot/$conffile"
+    if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+		[ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+      chmod 0600 "/etc/dovecot/$conffile"
+    fi
+  done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-ldap.postrm b/debian/dovecot-ldap.postrm
new file mode 100644
index 0000000..d0405ad
--- /dev/null
+++ b/debian/dovecot-ldap.postrm
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	CONFFILES="/etc/dovecot/dovecot-ldap.conf.ext \
+		/etc/dovecot/conf.d/auth-ldap.conf.ext"
+
+	for conffile in $CONFFILES; do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-ldap "$conffile"
+		fi
+	done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-ldap.triggers b/debian/dovecot-ldap.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-ldap.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-lmtpd.links b/debian/dovecot-lmtpd.links
new file mode 100644
index 0000000..bc95bf0
--- /dev/null
+++ b/debian/dovecot-lmtpd.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-lmtpd
diff --git a/debian/dovecot-lmtpd.postinst b/debian/dovecot-lmtpd.postinst
new file mode 100644
index 0000000..b46d47f
--- /dev/null
+++ b/debian/dovecot-lmtpd.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/20-lmtp.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-lmtpd "/etc/dovecot/$conffile"
+  done
+
+  echo 'protocols = $protocols lmtp' > /usr/share/dovecot/protocols.d/lmtpd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.postrm b/debian/dovecot-lmtpd.postrm
new file mode 100644
index 0000000..f0b9920
--- /dev/null
+++ b/debian/dovecot-lmtpd.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-lmtpd | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-lmtpd "$conffile"
+		fi
+	done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+	rm -f /usr/share/dovecot/protocols.d/lmtpd.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.prerm b/debian/dovecot-lmtpd.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-lmtpd.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+	invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-lmtpd.triggers b/debian/dovecot-lmtpd.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-lmtpd.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-lucene.links b/debian/dovecot-lucene.links
new file mode 100644
index 0000000..6ffcbeb
--- /dev/null
+++ b/debian/dovecot-lucene.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-lucene
diff --git a/debian/dovecot-lucene.triggers b/debian/dovecot-lucene.triggers
new file mode 100644
index 0000000..a71d0af
--- /dev/null
+++ b/debian/dovecot-lucene.triggers
@@ -0,0 +1 @@
+activate-noawait register-dovecot-plugin
diff --git a/debian/dovecot-managesieved.README.Debian b/debian/dovecot-managesieved.README.Debian
new file mode 100644
index 0000000..6c6aa4a
--- /dev/null
+++ b/debian/dovecot-managesieved.README.Debian
@@ -0,0 +1,17 @@
+Removing dovecot-managesieved
+-----------------------------
+
+If you remove (i.e. with dpkg -r or aptitude remove) this package you will
+get an error something like this:
+
+doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: 
+service(managesieve-login): executable is empty
+
+To avoid it, make sure 
+/etc/dovecot/conf.d/etc/dovecot/conf.d/20-managesieve.conf has been deleted, 
+moved or completely commented out first.  Alternatively, purge the package 
+instead of removing it.
+
+If you do not do this, dovecot-core will be left in an unconfigured state 
+because the error will cause a trigger to fail.  To fix this simply reinstall 
+dovecot-core.
diff --git a/debian/dovecot-managesieved.install b/debian/dovecot-managesieved.install
new file mode 100644
index 0000000..14e7229
--- /dev/null
+++ b/debian/dovecot-managesieved.install
@@ -0,0 +1 @@
+pigeonhole/doc/example-config/conf.d/??-managesieve*	usr/share/dovecot/conf.d
diff --git a/debian/dovecot-managesieved.links b/debian/dovecot-managesieved.links
new file mode 100644
index 0000000..9f3ea79
--- /dev/null
+++ b/debian/dovecot-managesieved.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-managesieved
diff --git a/debian/dovecot-managesieved.lintian-overrides b/debian/dovecot-managesieved.lintian-overrides
new file mode 100644
index 0000000..1bee443
--- /dev/null
+++ b/debian/dovecot-managesieved.lintian-overrides
@@ -0,0 +1 @@
+dovecot-managesieved: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libmanagesieve_settings.so]
diff --git a/debian/dovecot-managesieved.postinst b/debian/dovecot-managesieved.postinst
new file mode 100644
index 0000000..cd43369
--- /dev/null
+++ b/debian/dovecot-managesieved.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/20-managesieve.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-managesieved "/etc/dovecot/$conffile"
+  done
+
+  echo 'protocols = $protocols sieve' > /usr/share/dovecot/protocols.d/managesieved.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.postrm b/debian/dovecot-managesieved.postrm
new file mode 100644
index 0000000..f464ccf
--- /dev/null
+++ b/debian/dovecot-managesieved.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-managesieved | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-managesieved "$conffile"
+		fi
+	done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+	rm -f /usr/share/dovecot/protocols.d/managesieved.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.prerm b/debian/dovecot-managesieved.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-managesieved.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+	invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-managesieved.triggers b/debian/dovecot-managesieved.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-managesieved.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-mysql.links b/debian/dovecot-mysql.links
new file mode 100644
index 0000000..321547d
--- /dev/null
+++ b/debian/dovecot-mysql.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-mysql
diff --git a/debian/dovecot-mysql.triggers b/debian/dovecot-mysql.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-mysql.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-openssl.cnf b/debian/dovecot-openssl.cnf
new file mode 100644
index 0000000..90bf50c
--- /dev/null
+++ b/debian/dovecot-openssl.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay configuration file for Dovecot.
+#
+
+RANDFILE                = /dev/urandom
+
+[ req ]
+default_bits            = 2048
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+prompt                  = no
+policy			= policy_anything
+req_extensions          = v3_req
+x509_extensions         = v3_req
+
+[ req_distinguished_name ]
+organizationName = Dovecot mail server
+organizationalUnitName = @commonName@
+commonName = @commonName@
+emailAddress = @emailAddress@
+
+[ v3_req ]
+basicConstraints        = CA:FALSE
diff --git a/debian/dovecot-pgsql.links b/debian/dovecot-pgsql.links
new file mode 100644
index 0000000..9b4831f
--- /dev/null
+++ b/debian/dovecot-pgsql.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pgsql
diff --git a/debian/dovecot-pgsql.triggers b/debian/dovecot-pgsql.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-pgsql.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-pop3d.links b/debian/dovecot-pop3d.links
new file mode 100644
index 0000000..24ce7f6
--- /dev/null
+++ b/debian/dovecot-pop3d.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pop3d
diff --git a/debian/dovecot-pop3d.postinst b/debian/dovecot-pop3d.postinst
new file mode 100644
index 0000000..dd11a14
--- /dev/null
+++ b/debian/dovecot-pop3d.postinst
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/20-pop3.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-pop3d "/etc/dovecot/$conffile"
+  done
+
+  echo 'protocols = $protocols pop3' > /usr/share/dovecot/protocols.d/pop3d.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.postrm b/debian/dovecot-pop3d.postrm
new file mode 100644
index 0000000..0c858f1
--- /dev/null
+++ b/debian/dovecot-pop3d.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-pop3d | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-pop3d "$conffile"
+		fi
+	done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+	rm -f /usr/share/dovecot/protocols.d/pop3d.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.prerm b/debian/dovecot-pop3d.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-pop3d.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+	invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-pop3d.triggers b/debian/dovecot-pop3d.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-pop3d.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-pop3d.ufw.profile b/debian/dovecot-pop3d.ufw.profile
new file mode 100644
index 0000000..a46df40
--- /dev/null
+++ b/debian/dovecot-pop3d.ufw.profile
@@ -0,0 +1,11 @@
+[Dovecot POP3]
+title=Secure mail server (POP3)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=110/tcp
+
+[Dovecot Secure POP3]
+title=Secure mail server (POP3S)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=995/tcp
diff --git a/debian/dovecot-sieve.install b/debian/dovecot-sieve.install
new file mode 100644
index 0000000..48ff1e0
--- /dev/null
+++ b/debian/dovecot-sieve.install
@@ -0,0 +1,2 @@
+pigeonhole/doc/example-config/conf.d/*-sieve-extprograms.conf usr/share/dovecot/conf.d
+pigeonhole/doc/example-config/conf.d/*-sieve.conf usr/share/dovecot/conf.d
diff --git a/debian/dovecot-sieve.links b/debian/dovecot-sieve.links
new file mode 100644
index 0000000..971b50a
--- /dev/null
+++ b/debian/dovecot-sieve.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sieve
diff --git a/debian/dovecot-sieve.lintian-overrides b/debian/dovecot-sieve.lintian-overrides
new file mode 100644
index 0000000..840cfef
--- /dev/null
+++ b/debian/dovecot-sieve.lintian-overrides
@@ -0,0 +1,4 @@
+# ignore internal library without dependency information
+dovecot-sieve: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/sieve/lib90_sieve_imapsieve_plugin.so]
+# alias for sieve-dump
+dovecot-sieve: spare-manual-page [usr/share/man/man1/sieved.1.gz]
diff --git a/debian/dovecot-sieve.postinst b/debian/dovecot-sieve.postinst
new file mode 100644
index 0000000..6fb5244
--- /dev/null
+++ b/debian/dovecot-sieve.postinst
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/90-sieve.conf \
+  conf.d/90-sieve-extprograms.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    ucfr dovecot-sieve "/etc/dovecot/$conffile"
+  done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-sieve.postrm b/debian/dovecot-sieve.postrm
new file mode 100644
index 0000000..db48cfc
--- /dev/null
+++ b/debian/dovecot-sieve.postrm
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-sieve | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-sieve "$conffile"
+		fi
+	done
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-sieve.triggers b/debian/dovecot-sieve.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-sieve.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-solr.README.Debian b/debian/dovecot-solr.README.Debian
new file mode 100644
index 0000000..deaf3e3
--- /dev/null
+++ b/debian/dovecot-solr.README.Debian
@@ -0,0 +1,2 @@
+After installing this package, the solr XML schema can be found in 
+/usr/share/dovecot/solr-schema.xml
diff --git a/debian/dovecot-solr.install b/debian/dovecot-solr.install
new file mode 100644
index 0000000..bb8b6e8
--- /dev/null
+++ b/debian/dovecot-solr.install
@@ -0,0 +1 @@
+doc/solr-schema.xml	usr/share/dovecot
diff --git a/debian/dovecot-solr.links b/debian/dovecot-solr.links
new file mode 100644
index 0000000..7536822
--- /dev/null
+++ b/debian/dovecot-solr.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-solr
diff --git a/debian/dovecot-solr.triggers b/debian/dovecot-solr.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-solr.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-sqlite.links b/debian/dovecot-sqlite.links
new file mode 100644
index 0000000..2204ea7
--- /dev/null
+++ b/debian/dovecot-sqlite.links
@@ -0,0 +1 @@
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sqlite
diff --git a/debian/dovecot-sqlite.triggers b/debian/dovecot-sqlite.triggers
new file mode 100644
index 0000000..903b9e7
--- /dev/null
+++ b/debian/dovecot-sqlite.triggers
@@ -0,0 +1,2 @@
+activate-noawait register-dovecot-plugin
+
diff --git a/debian/dovecot-submissiond.postinst b/debian/dovecot-submissiond.postinst
new file mode 100644
index 0000000..6fbf1ef
--- /dev/null
+++ b/debian/dovecot-submissiond.postinst
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+  CONFFILES="conf.d/20-submission.conf"
+
+  for conffile in $CONFFILES ; do
+    # Tell ucf that the file in /usr/share/dovecot is the latest
+    # maintainer version, and let it handle how to manage the real
+    # configuration file in /etc/dovecot.
+    ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+    # Use --force to allow hijacking the file from dovecot-submission
+    ucfr --force dovecot-submissiond "/etc/dovecot/$conffile"
+  done
+
+  if [ -f /usr/share/dovecot/protocols.d/submission.protocol ]; then
+    rm -f /usr/share/dovecot/protocols.d/submission.protocol
+  fi
+  echo 'protocols = $protocols submission' > /usr/share/dovecot/protocols.d/submissiond.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.postrm b/debian/dovecot-submissiond.postrm
new file mode 100644
index 0000000..eaea028
--- /dev/null
+++ b/debian/dovecot-submissiond.postrm
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+	for conffile in $(ucfq --with-colons dovecot-submissiond | cut -d: -f1); do
+		# we mimic dpkg as closely as possible, so we remove configuration
+		# files with dpkg backup extensions too:
+		### Some of the following is from Tore Anderson:
+		for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist;  do
+			rm -f "$conffile$ext"
+		done
+		# remove the configuration file itself
+		rm -f "$conffile"
+		# and finally clear it out from the ucf database
+		if which ucf >/dev/null; then
+			ucf --purge "$conffile"
+		fi
+		if which ucfr >/dev/null; then
+			ucfr --purge dovecot-submissiond "$conffile"
+		fi
+	done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+	rm -f /usr/share/dovecot/protocols.d/submissiond.protocol
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.prerm b/debian/dovecot-submissiond.prerm
new file mode 100644
index 0000000..2ad0a1f
--- /dev/null
+++ b/debian/dovecot-submissiond.prerm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+	invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
diff --git a/debian/dovecot-submissiond.triggers b/debian/dovecot-submissiond.triggers
new file mode 100644
index 0000000..a71d0af
--- /dev/null
+++ b/debian/dovecot-submissiond.triggers
@@ -0,0 +1 @@
+activate-noawait register-dovecot-plugin
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..d2026bc
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,14 @@
+[DEFAULT]
+pristine-tar = True
+sign-tags = True
+component=pigeonhole
+
+[buildpackage]
+export-dir = ../build-area/
+
+[dch]
+meta = True
+id-length = 7
+
+[pq]
+patch-numbers = False
diff --git a/debian/maildirmake.dovecot b/debian/maildirmake.dovecot
new file mode 100644
index 0000000..5313d13
--- /dev/null
+++ b/debian/maildirmake.dovecot
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# maildirmake.dovecot -- create maildirs
+# Copyright (c) 2003, Jaldhar H. Vyas
+# "Do what thou wilt" shall be the whole of the license.
+#
+dir="$1"
+owner="$2"
+if [ -z "$dir" ]; then
+  echo "Must supply a directory path"
+  exit 1
+fi 
+
+if [ "$dir" = "-h" ]; then
+  echo "usage: $0 directory [user]"
+  exit 0
+fi 
+
+umask 077
+mkdir -p "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+chmod 0700 "$dir" "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+
+if [ -n "$owner" ]; then 
+  chown -R "$owner" "$dir" || exit 1
+fi
+
+exit 0
+
diff --git a/debian/maildirmake.dovecot.1 b/debian/maildirmake.dovecot.1
new file mode 100644
index 0000000..a814c81
--- /dev/null
+++ b/debian/maildirmake.dovecot.1
@@ -0,0 +1,46 @@
+.\"                                      Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH "MAILDIRMAKE.DOVECOT" "1" "23 November 2005"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh        disable hyphenation
+.\" .hy        enable hyphenation
+.\" .ad l      left justify
+.\" .ad b      justify to both left and right margins
+.\" .nf        disable filling
+.\" .fi        enable filling
+.\" .br        insert line break
+.\" .sp <n>    insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+maildirmake.dovecot \- creates maildirs and maildir subfolders
+.SH SYNOPSIS
+.B maildirmake.dovecot
+\fBdirectory\fR [ \fRowner\fR ] \fR
+.br
+.SH DESCRIPTION
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics, 
+.\" respectively.
+\fBmaildirmake.dovecot\fP creates a maildir and its maildir subfolders (cur, new, tmp).
+\fBdirectory\fP is the name of the new maildir. If \fBdirectory\fP exists cur, new, tmp directories are created inside it.
+.TP
+You can specify \fBowner\fP to change directories ownership if you have ownership modification permission.
+.TP
+\fBmaildirmake.dovecot\fP is very basic. It is strongly recommended to use \fBmaildirmake\fP if you want to do serious maildir management.
+.SH OPTIONS
+.TP
+\fB-h\fP
+Show options summary and exits immediately.
+.SH SEE ALSO
+.BR maildirmake (1).
+.BR maildir (5).
+.SH AUTHOR
+.TP
+dovecot was written by Timo Sirainen <tss@iki.fi>. maildirmake.dovecot script was written by Jaldhar H. Vyas
+.PP
+This manual page was written by Henry Precheur <henry@precheur.org>,
+for the Debian project (but may be used by others).
diff --git a/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch b/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
new file mode 100644
index 0000000..fdab706
--- /dev/null
+++ b/debian/patches/Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
@@ -0,0 +1,21 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 6 Jun 2022 15:29:38 +0200
+Subject: Avoid usage of PATH_MAX not available on hurd
+
+---
+ src/lib/test-net.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lib/test-net.c b/src/lib/test-net.c
+index fb19d5b..28398fe 100644
+--- a/src/lib/test-net.c
++++ b/src/lib/test-net.c
+@@ -145,7 +145,7 @@ static void test_net_unix_long_paths(void)
+ 
+ 	test_begin("net_*_unix() - long paths");
+ 
+-	char path[PATH_MAX];
++	char path[4096];
+ 	memset(path, 'x', sizeof(path)-1);
+ 	path[sizeof(path)-1] = '\0';
+ 
diff --git a/debian/patches/Correct-misspellings.patch b/debian/patches/Correct-misspellings.patch
new file mode 100644
index 0000000..5a01652
--- /dev/null
+++ b/debian/patches/Correct-misspellings.patch
@@ -0,0 +1,138 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sun, 31 May 2020 00:55:07 +0200
+Subject: Correct misspellings
+
+Found by Lintian
+---
+ ChangeLog                                     | 6 +++---
+ NEWS                                          | 2 +-
+ pigeonhole/src/lib-sieve/sieve-address.c      | 2 +-
+ src/director/director-connection.c            | 2 +-
+ src/lib-index/mail-index-transaction-finish.c | 2 +-
+ src/lib-index/mail-index.h                    | 2 +-
+ src/lib-index/mail-transaction-log-file.c     | 2 +-
+ src/lib-storage/index/index-sync-pvt.c        | 2 +-
+ 8 files changed, 10 insertions(+), 10 deletions(-)
+
+Index: dovecot/ChangeLog
+===================================================================
+--- dovecot.orig/ChangeLog
++++ dovecot/ChangeLog
+@@ -70625,7 +70625,7 @@ M	src/lib-storage/index/index-mail.c
+     lib-index: Add mail_cache_close_mail() to smartly drop cached data with
+     INDEX=MEMORY
+ 
+-    Instead of reseting the entire transaction buffer when 256 kB is reached, 
++    Instead of resetting the entire transaction buffer when 256 kB is reached, 
+     just drop mails have have been marked closed with mail_cache_close_mail(). 
+     If that's not enough, continue deleting forcibly until the buffer is below 
+     256 kB.
+@@ -90525,7 +90525,7 @@ M	src/lib-storage/index/dbox-single/sdbo
+ 
+ 2016-09-21 20:50:24 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (2e5e2047af)
+ 
+-    login-proxy: Fixed "Host is down" never reseting itself.
++    login-proxy: Fixed "Host is down" never resetting itself.
+ 
+     Broken by c8eb8314a, which moved adding num_waiting_connections earlier. 
+     After that it was never 0 at the check time.
+@@ -107467,7 +107467,7 @@ M	src/login-common/ssl-proxy-openssl.c
+ 
+ 2015-12-07 11:29:29 +0200 Timo Sirainen <tss@iki.fi> (975c2cdc1b)
+ 
+-    doveadm: Fixed reseting getopt() with glibc when processing multiple
++    doveadm: Fixed resetting getopt() with glibc when processing multiple
+     commands in a single process. This means commands run with doveadm batch or
+     multiple commands in a single doveadm-server connection.
+ 
+Index: dovecot/NEWS
+===================================================================
+--- dovecot.orig/NEWS
++++ dovecot/NEWS
+@@ -2010,7 +2010,7 @@ v2.2.26 2016-10-27  Timo Sirainen <tss@i
+ 	- zlib, IMAP BINARY: Fixed internal caching when accessing multiple
+ 	  newly created mails. They all had UID=0 and the next mail could have
+ 	  wrongly used the previously cached mail.
+-	- doveadm stats reset wasn't reseting all the stats.
++	- doveadm stats reset wasn't resetting all the stats.
+ 	- auth_stats=yes: Don't update num_logins, since it doubles them when
+ 	  using with mail stats.
+ 	- quota count: Fixed deadlocks when updating vsize header.
+Index: dovecot/pigeonhole/src/lib-sieve/sieve-address.c
+===================================================================
+--- dovecot.orig/pigeonhole/src/lib-sieve/sieve-address.c
++++ dovecot/pigeonhole/src/lib-sieve/sieve-address.c
+@@ -449,7 +449,7 @@ parse_mailbox_address(struct sieve_messa
+ 	if (ctx->parser.data != ctx->parser.end) {
+ 		if (*ctx->parser.data == ',') {
+ 			sieve_address_error(
+-				ctx, "not a single addres (found ',')");
++				ctx, "not a single address (found ',')");
+ 		} else {
+ 			sieve_address_error(
+ 				ctx, "address ends in invalid characters");
+Index: dovecot/src/director/director-connection.c
+===================================================================
+--- dovecot.orig/src/director/director-connection.c
++++ dovecot/src/director/director-connection.c
+@@ -896,7 +896,7 @@ static bool director_cmd_director(struct
+ 
+ 		/* already have this. just reset its last_network_failure
+ 		   timestamp, since it might be up now, but only if this
+-		   isn't part of the handshake. (if it was, reseting the
++		   isn't part of the handshake. (if it was, resetting the
+ 		   timestamp could cause us to rapidly keep trying to connect
+ 		   to it) */
+ 		if (conn->handshake_received)
+Index: dovecot/src/lib-index/mail-index-transaction-finish.c
+===================================================================
+--- dovecot.orig/src/lib-index/mail-index-transaction-finish.c
++++ dovecot/src/lib-index/mail-index-transaction-finish.c
+@@ -53,7 +53,7 @@ ext_reset_update_atomic(struct mail_inde
+ 
+ 	array_idx_set(&t->ext_reset_ids, ext_id, &reset_id);
+ 
+-	/* reseting existing data is optional */
++	/* resetting existing data is optional */
+ 	if (array_is_created(&t->ext_resets)) {
+ 		reset = array_idx_modifiable(&t->ext_resets, ext_id);
+ 		if (reset->new_reset_id == (uint32_t)-1)
+Index: dovecot/src/lib-index/mail-index.h
+===================================================================
+--- dovecot.orig/src/lib-index/mail-index.h
++++ dovecot/src/lib-index/mail-index.h
+@@ -384,7 +384,7 @@ void mail_index_set_lock_method(struct m
+    use the default. */
+ void mail_index_set_optimization_settings(struct mail_index *index,
+ 	const struct mail_index_optimization_settings *set);
+-/* When creating a new index file or reseting an existing one, add the given
++/* When creating a new index file or resetting an existing one, add the given
+    extension header data immediately to it. */
+ void mail_index_set_ext_init_data(struct mail_index *index, uint32_t ext_id,
+ 				  const void *data, size_t size);
+Index: dovecot/src/lib-index/mail-transaction-log-file.c
+===================================================================
+--- dovecot.orig/src/lib-index/mail-transaction-log-file.c
++++ dovecot/src/lib-index/mail-transaction-log-file.c
+@@ -760,7 +760,7 @@ mail_transaction_log_file_create2(struct
+ 		return -1;
+ 
+ 	if (reset) {
+-		/* don't reset modseqs. if we're reseting due to rebuilding
++		/* don't reset modseqs. if we're resetting due to rebuilding
+ 		   indexes we'll probably want to keep uidvalidity and in such
+ 		   cases we really don't want to shrink modseqs. */
+ 		file->hdr.prev_file_seq = 0;
+Index: dovecot/src/lib-storage/index/index-sync-pvt.c
+===================================================================
+--- dovecot.orig/src/lib-storage/index/index-sync-pvt.c
++++ dovecot/src/lib-storage/index/index-sync-pvt.c
+@@ -185,7 +185,7 @@ index_mailbox_sync_pvt_index(struct inde
+ 	} else {
+ 		/* mailbox created/recreated */
+ 		reset = TRUE;
+-		i_info("Mailbox %s UIDVALIDITY changed (%u -> %u), reseting private index",
++		i_info("Mailbox %s UIDVALIDITY changed (%u -> %u), resetting private index",
+ 		       ctx->box->vname, hdr_pvt->uid_validity,
+ 		       hdr_shared->uid_validity);
+ 	}
diff --git a/debian/patches/Debug-flaky-unit-test.patch b/debian/patches/Debug-flaky-unit-test.patch
new file mode 100644
index 0000000..a30e596
--- /dev/null
+++ b/debian/patches/Debug-flaky-unit-test.patch
@@ -0,0 +1,65 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 6 Jun 2022 17:24:19 +0200
+Subject: Debug flaky unit test
+
+See #1007744
+---
+ src/lib-smtp/test-smtp-server-errors.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/lib-smtp/test-smtp-server-errors.c b/src/lib-smtp/test-smtp-server-errors.c
+index d3e528c..5240d30 100644
+--- a/src/lib-smtp/test-smtp-server-errors.c
++++ b/src/lib-smtp/test-smtp-server-errors.c
+@@ -3712,13 +3712,14 @@ static void server_connection_accept(void *context ATTR_UNUSED)
+ 
+ static void test_server_timeout(void *context ATTR_UNUSED)
+ {
+-	i_fatal("Server timed out");
++	i_fatal("Server timed out [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ }
+ 
+ static void test_server_run(const struct smtp_server_settings *smtp_set)
+ {
+ 	struct timeout *to;
+ 
++	i_debug("Adding timeout to server [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 	to = timeout_add(SERVER_MAX_TIMEOUT_MSECS,
+ 			 test_server_timeout, NULL);
+ 
+@@ -3729,8 +3730,7 @@ static void test_server_run(const struct smtp_server_settings *smtp_set)
+ 
+ 	io_loop_run(ioloop);
+ 
+-	if (debug)
+-		i_debug("Server finished");
++	i_debug("Server finished [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 
+ 	/* close server socket */
+ 	io_remove(&io_listen);
+@@ -3770,9 +3770,12 @@ static int test_run_client(struct test_client_data *data)
+ 	/* wait a little for server setup */
+ 	i_sleep_msecs(100);
+ 
++	i_debug("test_run_client: pre create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 	ioloop = io_loop_create();
++	i_debug("test_run_client: post create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 	data->client_test(data->index);
+ 	io_loop_destroy(&ioloop);
++	i_debug("test_run_client: post destroy [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 
+ 	if (debug)
+ 		i_debug("Terminated");
+@@ -3794,9 +3797,12 @@ test_run_server(const struct smtp_server_settings *server_set,
+ 	i_zero(&server_callbacks);
+ 
+ 	server_pending = client_tests_count;
++	i_debug("test_run_server: pre create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 	ioloop = io_loop_create();
++	i_debug("test_run_server: post create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 	server_test(server_set);
+ 	io_loop_destroy(&ioloop);
++	i_debug("test_run_server: post destroy create [current_ioloop=%p ioloop=%p]", current_ioloop, ioloop);
+ 
+ 	if (debug)
+ 		i_debug("Terminated");
diff --git a/debian/patches/Fix-32bit-sign-comparisons.patch b/debian/patches/Fix-32bit-sign-comparisons.patch
new file mode 100644
index 0000000..4cf271e
--- /dev/null
+++ b/debian/patches/Fix-32bit-sign-comparisons.patch
@@ -0,0 +1,25 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 4 Jan 2021 16:06:43 +0100
+Subject: Fix 32bit sign comparisons
+
+sieve-binary.c: In function 'sieve_binary_get_resource_usage':
+sieve-binary.c:199:54: warning: comparison of integer expressions of different signedness: 'time_t' {aka 'long int'} and 'unsigned int' [-Wsign-compare]
+  199 |  if (update_time != 0 && (ioloop_time - update_time) > timeout)
+      |                                                      ^
+---
+ pigeonhole/src/lib-sieve/sieve-binary.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pigeonhole/src/lib-sieve/sieve-binary.c b/pigeonhole/src/lib-sieve/sieve-binary.c
+index 06cf598..c971921 100644
+--- a/pigeonhole/src/lib-sieve/sieve-binary.c
++++ b/pigeonhole/src/lib-sieve/sieve-binary.c
+@@ -196,7 +196,7 @@ void sieve_binary_get_resource_usage(struct sieve_binary *sbin,
+ 	time_t update_time = header->resource_usage.update_time;
+ 	unsigned int timeout = sbin->svinst->resource_usage_timeout_secs;
+ 
+-	if (update_time != 0 && (ioloop_time - update_time) > timeout)
++	if (update_time != 0 && (ioloop_time - update_time) > (time_t)timeout)
+ 		i_zero(&header->resource_usage);
+ 
+ 	sieve_resource_usage_init(rusage_r);
diff --git a/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch b/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch
new file mode 100644
index 0000000..ff85b51
--- /dev/null
+++ b/debian/patches/Fix-uninitialized-read-in-doveadm-oldstats.patch
@@ -0,0 +1,33 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 23 Jul 2022 16:38:23 +0200
+Subject: Fix uninitialized read in doveadm-oldstats
+
+The third argument to doveadm_cmd_param_bool() is only set on a return
+value of TRUE.
+Since disk_input_field and disk_output_field should be set if the value
+of show-disk-io is specified and specified to true, fix the condition.
+
+    doveadm-oldstats.c: In function 'cmd_stats_top':
+    doveadm-oldstats.c:551:63: warning: 'b' may be used uninitialized [-Wmaybe-uninitialized]
+      551 |         if (!doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
+          |                                                               ^
+    doveadm-oldstats.c:545:14: note: 'b' was declared here
+      545 |         bool b;
+          |              ^
+---
+ src/doveadm/doveadm-oldstats.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/doveadm/doveadm-oldstats.c b/src/doveadm/doveadm-oldstats.c
+index 4be575e..ff6dcf5 100644
+--- a/src/doveadm/doveadm-oldstats.c
++++ b/src/doveadm/doveadm-oldstats.c
+@@ -548,7 +548,7 @@ static void cmd_stats_top(struct doveadm_cmd_context *cctx)
+ 		path = t_strconcat(doveadm_settings->base_dir,
+ 				   "/old-stats", NULL);
+ 	}
+-	if (!doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
++	if (doveadm_cmd_param_bool(cctx, "show-disk-io", &b) && b) {
+ 		disk_input_field = "read_bytes";
+ 		disk_output_field = "write_bytes";
+ 	}
diff --git a/debian/patches/Improve-cross-compile-support.patch b/debian/patches/Improve-cross-compile-support.patch
new file mode 100644
index 0000000..708336f
--- /dev/null
+++ b/debian/patches/Improve-cross-compile-support.patch
@@ -0,0 +1,116 @@
+From: Helmut Grohne <helmut@subdivi.de>
+Date: Tue, 5 Jan 2021 22:25:00 +0100
+Subject: Improve cross-compile support
+
+The check for the signedness of size_t really doesn't have to be run as
+that is a compile time property.
+
+Beyond that, dovecot uses mysql_config. I've looked into that and
+mysql_config is unfixably broken during cross builds. It will not be
+fixed. Instead, please use pkg-config. My patch implements that with a
+fallback to mysql_config to avoid breaking other users.
+
+Last but not least, src/lib-lua/Makefile.am adds $(LUA_LIBS) to
+libdovecot_lua_la_DEPENDENCIES. As it happens, LUA_LIBS contains a -L
+flag and when that flag shows up in a dependency, make gives up. I have
+no clue why one would add LUA_LIBS to DEPENDENCIES as it already is
+being correctly added to LIBADD. My patch suggests to quite simply drop
+that.
+---
+ m4/want_mysql.m4        | 54 ++++++++++++++++++++++++-------------------------
+ src/lib-lua/Makefile.am |  4 +---
+ 2 files changed, 27 insertions(+), 31 deletions(-)
+
+diff --git a/m4/want_mysql.m4 b/m4/want_mysql.m4
+index 98e6f93..425bcdd 100644
+--- a/m4/want_mysql.m4
++++ b/m4/want_mysql.m4
+@@ -1,26 +1,28 @@
+ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+   have_mysql=no
+-  if test $want_mysql != no; then
+-    AC_CHECK_PROG(MYSQL_CONFIG, mysql_config, mysql_config, NO)
+-    if test $MYSQL_CONFIG = NO; then
+-  	# based on code from PHP
+-  	MYSQL_LIBS="-lmysqlclient -lz -lm"
+-  	for i in /usr /usr/local /usr/local/mysql; do
+-  		for j in include include/mysql ""; do
+-  			if test -r "$i/$j/mysql.h"; then
+-  				MYSQL_INCLUDE="-I$i/$j"
+-  			fi
+-  		done
+-  		for j in lib lib/mysql lib64 lib64/mysql ""; do
+-  			if test -f "$i/$j/libmysqlclient.so" || test -f "$i/$j/libmysqlclient.a"; then
+-  				MYSQL_LIBS="-L$i/$j -lmysqlclient -lz -lm"
+-  			fi
+-  		done
+-  	done
+-    else
+-      MYSQL_INCLUDE="`$MYSQL_CONFIG --include`"
+-      MYSQL_LIBS="`$MYSQL_CONFIG --libs`"
+-    fi
++    AS_IF([test $want_mysql != no],[
++    PKG_CHECK_MODULES([MYSQL],[mysqlclient],,[
++      AC_CHECK_PROG(MYSQL_CONFIG, mysql_config, mysql_config, NO)
++      if test $MYSQL_CONFIG = NO; then
++    	# based on code from PHP
++    	MYSQL_LIBS="-lmysqlclient -lz -lm"
++    	for i in /usr /usr/local /usr/local/mysql; do
++    		for j in include include/mysql ""; do
++    			if test -r "$i/$j/mysql.h"; then
++    				MYSQL_CFLAGS="-I$i/$j"
++    			fi
++    		done
++    		for j in lib lib/mysql lib64 lib64/mysql ""; do
++    			if test -f "$i/$j/libmysqlclient.so" || test -f "$i/$j/libmysqlclient.a"; then
++    				MYSQL_LIBS="-L$i/$j -lmysqlclient -lz -lm"
++    			fi
++    		done
++    	done
++      else
++        MYSQL_CFLAGS="`$MYSQL_CONFIG --include`"
++        MYSQL_LIBS="`$MYSQL_CONFIG --libs`"
++      fi
++    ])
+   
+     old_LIBS=$LIBS
+     if test "$MYSQL_LIBS" != ""; then
+@@ -31,14 +33,10 @@ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+     LIBS="$LIBS -lz -lm"
+     AC_CHECK_LIB(mysqlclient, mysql_init, [
+   		old_CPPFLAGS=$CPPFLAGS
+-  		if test "$MYSQL_INCLUDE" != ""; then
+-  			CPPFLAGS="$CPPFLAGS $MYSQL_INCLUDE"
++  		if test "$MYSQL_CFLAGS" != ""; then
++  			CPPFLAGS="$CPPFLAGS $MYSQL_CFLAGS"
+   		fi
+   		AC_CHECK_HEADER(mysql.h, [
+-  			if test "$MYSQL_INCLUDE" != ""; then
+-  				MYSQL_CFLAGS="$MYSQL_CFLAGS $MYSQL_INCLUDE"
+-  			fi
+-  
+   			AC_CHECK_LIB(mysqlclient, mysql_ssl_set, [
+   				AC_DEFINE(HAVE_MYSQL_SSL,, [Define if your MySQL library has SSL functions])
+   				if test "x$have_openssl" = "yes"; then
+@@ -85,5 +83,5 @@ AC_DEFUN([DOVECOT_WANT_MYSQL], [
+       MYSQL_CFLAGS=
+     fi
+     LIBS=$old_LIBS
+-  fi
++  ])
+ ])
+diff --git a/src/lib-lua/Makefile.am b/src/lib-lua/Makefile.am
+index 20ce311..7d44e89 100644
+--- a/src/lib-lua/Makefile.am
++++ b/src/lib-lua/Makefile.am
+@@ -24,9 +24,7 @@ test_programs += test-dict-lua
+ endif
+ 
+ # Note: the only things this lib should depend on are libdovecot and lua.
+-libdovecot_lua_la_DEPENDENCIES = \
+-	../lib-dovecot/libdovecot.la \
+-	$(LIBDICT_LUA)
++libdovecot_lua_la_DEPENDENCIES = ../lib-dovecot/libdovecot.la
+ libdovecot_lua_la_LIBADD = \
+ 	../lib-dovecot/libdovecot.la \
+ 	$(LIBDICT_LUA) \
diff --git a/debian/patches/Silence-LTO-related-compiler-warning.patch b/debian/patches/Silence-LTO-related-compiler-warning.patch
new file mode 100644
index 0000000..c674492
--- /dev/null
+++ b/debian/patches/Silence-LTO-related-compiler-warning.patch
@@ -0,0 +1,28 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Mon, 21 Jun 2021 15:59:02 +0200
+Subject: Silence LTO related compiler warning
+
+master-service-settings-cache.c: In function 'master_service_settings_cache_init_filter':
+master-service-settings-cache.c:94:3: warning: 'error' may be used uninitialized in this function [-Wmaybe-uninitialized]
+   94 |   i_error("master-service: cannot get filters: %s", error);
+      |   ^
+master-service-settings-cache.c:89:14: note: 'error' was declared here
+   89 |  const char *error;
+      |              ^
+---
+ src/lib-master/master-service-settings-cache.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lib-master/master-service-settings-cache.c b/src/lib-master/master-service-settings-cache.c
+index 11dd66b..d60f392 100644
+--- a/src/lib-master/master-service-settings-cache.c
++++ b/src/lib-master/master-service-settings-cache.c
+@@ -86,7 +86,7 @@ master_service_settings_cache_init(struct master_service *service,
+ int master_service_settings_cache_init_filter(struct master_service_settings_cache *cache)
+ {
+ 	const char *const *filters;
+-	const char *error;
++	const char *error = NULL;
+ 
+ 	if (cache->filters != NULL)
+ 		return 0;
diff --git a/debian/patches/Support-openssl-3.0.patch b/debian/patches/Support-openssl-3.0.patch
new file mode 100644
index 0000000..8f39a7d
--- /dev/null
+++ b/debian/patches/Support-openssl-3.0.patch
@@ -0,0 +1,45 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Wed, 11 May 2022 20:27:53 +0200
+Author: Michal Hlavinka
+Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1962035
+Subject: Support openssl 3.0
+
+---
+ src/lib-dcrypt/dcrypt-openssl.c | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c
+index 1cbe352..5570d62 100644
+--- a/src/lib-dcrypt/dcrypt-openssl.c
++++ b/src/lib-dcrypt/dcrypt-openssl.c
+@@ -73,10 +73,30 @@
+   2<tab>key algo oid<tab>1<tab>symmetric algo name<tab>salt<tab>hash algo<tab>rounds<tab>E(RSA = i2d_PrivateKey, EC=Private Point)<tab>key id
+ **/
+ 
++#if OPENSSL_VERSION_MAJOR == 3
++static EC_KEY *EVP_PKEY_get0_EC_KEYv3(EVP_PKEY *key)
++{
++  EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++  EVP_PKEY_set1_EC_KEY(key, eck);
++  EC_KEY_free(eck);
++  return eck;
++}
++
++static EC_KEY *EVP_PKEY_get1_EC_KEYv3(EVP_PKEY *key)
++{
++  EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++  EVP_PKEY_set1_EC_KEY(key, eck);
++  return eck;
++}
++
++#define EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_EC_KEYv3 
++#define EVP_PKEY_get1_EC_KEY EVP_PKEY_get1_EC_KEYv3
++#else
+ #ifndef HAVE_EVP_PKEY_get0
+ #define EVP_PKEY_get0_EC_KEY(x) x->pkey.ec
+ #define EVP_PKEY_get0_RSA(x) x->pkey.rsa
+ #endif
++#endif
+ 
+ #ifndef HAVE_OBJ_LENGTH
+ #define OBJ_length(o) ((o)->length)
diff --git a/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch b/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch
new file mode 100644
index 0000000..70a405f
--- /dev/null
+++ b/debian/patches/auth-Add-a-comment-about-updating-userdb_find.patch
@@ -0,0 +1,22 @@
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 16 May 2022 14:58:45 +0200
+Subject: auth: Add a comment about updating userdb_find()
+
+---
+ src/auth/userdb.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/auth/userdb.c b/src/auth/userdb.c
+index 21751f9..c71a479 100644
+--- a/src/auth/userdb.c
++++ b/src/auth/userdb.c
+@@ -158,7 +158,8 @@ userdb_preinit(pool_t pool, const struct auth_userdb_settings *set)
+ 	userdb->id = ++auth_userdb_id;
+ 	userdb->iface = iface;
+ 	userdb->args = p_strdup(pool, set->args);
+-
++	/* NOTE: if anything else than driver & args are added here,
++	   userdb_find() also needs to be updated. */
+ 	array_push_back(&userdb_modules, &userdb);
+ 	return userdb;
+ }
diff --git a/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch b/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
new file mode 100644
index 0000000..7f0dd36
--- /dev/null
+++ b/debian/patches/auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
@@ -0,0 +1,130 @@
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 9 May 2022 15:23:33 +0300
+Subject: auth: Fix handling passdbs with identical driver/args but different
+ mechanisms/username_filter
+
+The passdb was wrongly deduplicated in this situation, causing wrong
+mechanisms or username_filter setting to be used. This would be a rather
+unlikely configuration though.
+
+Fixed by moving mechanisms and username_filter from struct passdb_module
+to struct auth_passdb, which is where they should have been in the first
+place.
+---
+ src/auth/auth-request.c |  6 +++---
+ src/auth/auth.c         | 18 ++++++++++++++++++
+ src/auth/auth.h         |  5 +++++
+ src/auth/passdb.c       | 15 ++-------------
+ src/auth/passdb.h       |  4 ----
+ 5 files changed, 28 insertions(+), 20 deletions(-)
+
+diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
+index ee89e75..cd44cd4 100644
+--- a/src/auth/auth-request.c
++++ b/src/auth/auth-request.c
+@@ -553,8 +553,8 @@ auth_request_want_skip_passdb(struct auth_request *request,
+ 			      struct auth_passdb *passdb)
+ {
+ 	/* if mechanism is not supported, skip */
+-	const char *const *mechs = passdb->passdb->mechanisms;
+-	const char *const *username_filter = passdb->passdb->username_filter;
++	const char *const *mechs = passdb->mechanisms;
++	const char *const *username_filter = passdb->username_filter;
+ 	const char *username;
+ 
+ 	username = request->fields.user;
+@@ -567,7 +567,7 @@ auth_request_want_skip_passdb(struct auth_request *request,
+ 		return TRUE;
+ 	}
+ 
+-	if (passdb->passdb->username_filter != NULL &&
++	if (passdb->username_filter != NULL &&
+ 	    !auth_request_username_accepted(username_filter, username)) {
+ 		auth_request_log_debug(request,
+ 				       request->mech != NULL ? AUTH_SUBSYS_MECH
+diff --git a/src/auth/auth.c b/src/auth/auth.c
+index 845c43c..a5a4c81 100644
+--- a/src/auth/auth.c
++++ b/src/auth/auth.c
+@@ -93,6 +93,24 @@ auth_passdb_preinit(struct auth *auth, const struct auth_passdb_settings *set,
+ 	auth_passdb->override_fields_tmpl =
+ 		passdb_template_build(auth->pool, set->override_fields);
+ 
++	if (*set->mechanisms == '\0') {
++		auth_passdb->mechanisms = NULL;
++	} else if (strcasecmp(set->mechanisms, "none") == 0) {
++		auth_passdb->mechanisms = (const char *const[]){ NULL };
++	} else {
++		auth_passdb->mechanisms =
++			(const char *const *)p_strsplit_spaces(auth->pool,
++				set->mechanisms, " ,");
++	}
++
++	if (*set->username_filter == '\0') {
++		auth_passdb->username_filter = NULL;
++	} else {
++		auth_passdb->username_filter =
++			(const char *const *)p_strsplit_spaces(auth->pool,
++				set->username_filter, " ,");
++	}
++
+ 	/* for backwards compatibility: */
+ 	if (set->pass)
+ 		auth_passdb->result_success = AUTH_DB_RULE_CONTINUE;
+diff --git a/src/auth/auth.h b/src/auth/auth.h
+index 3ca5a9b..6208e4d 100644
+--- a/src/auth/auth.h
++++ b/src/auth/auth.h
+@@ -41,6 +41,11 @@ struct auth_passdb {
+ 	struct passdb_template *default_fields_tmpl;
+ 	struct passdb_template *override_fields_tmpl;
+ 
++	/* Supported authentication mechanisms, NULL is all, {NULL} is none */
++	const char *const *mechanisms;
++	/* Username filter, NULL is no filter */
++	const char *const *username_filter;
++
+ 	enum auth_passdb_skip skip;
+ 	enum auth_db_rule result_success;
+ 	enum auth_db_rule result_failure;
+diff --git a/src/auth/passdb.c b/src/auth/passdb.c
+index 9bc2b87..d3c61cc 100644
+--- a/src/auth/passdb.c
++++ b/src/auth/passdb.c
+@@ -224,19 +224,8 @@ passdb_preinit(pool_t pool, const struct auth_passdb_settings *set)
+ 	passdb->id = ++auth_passdb_id;
+ 	passdb->iface = *iface;
+ 	passdb->args = p_strdup(pool, set->args);
+-	if (*set->mechanisms == '\0') {
+-		passdb->mechanisms = NULL;
+-	} else if (strcasecmp(set->mechanisms, "none") == 0) {
+-		passdb->mechanisms = (const char *const[]){NULL};
+-	} else {
+-		passdb->mechanisms = (const char* const*)p_strsplit_spaces(pool, set->mechanisms, " ,");
+-	}
+-
+-	if (*set->username_filter == '\0') {
+-		passdb->username_filter = NULL;
+-	} else {
+-		passdb->username_filter = (const char* const*)p_strsplit_spaces(pool, set->username_filter, " ,");
+-	}
++	/* NOTE: if anything else than driver & args are added here,
++	   passdb_find() also needs to be updated. */
+ 	array_push_back(&passdb_modules, &passdb);
+ 	return passdb;
+ }
+diff --git a/src/auth/passdb.h b/src/auth/passdb.h
+index b405aa7..8f50050 100644
+--- a/src/auth/passdb.h
++++ b/src/auth/passdb.h
+@@ -63,10 +63,6 @@ struct passdb_module {
+ 	/* Default password scheme for this module.
+ 	   If default_cache_key is set, must not be NULL. */
+ 	const char *default_pass_scheme;
+-	/* Supported authentication mechanisms, NULL is all, [NULL] is none*/
+-	const char *const *mechanisms;
+-	/* Username filter, NULL is no filter */
+-	const char *const *username_filter;
+ 
+ 	/* If blocking is set to TRUE, use child processes to access
+ 	   this passdb. */
diff --git a/debian/patches/default-mail_location.patch b/debian/patches/default-mail_location.patch
new file mode 100644
index 0000000..eb10c53
--- /dev/null
+++ b/debian/patches/default-mail_location.patch
@@ -0,0 +1,35 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Fri, 16 Sep 2011 00:55:02 +0200
+Subject: default location for user mailboxes
+
+Bug: #623440
+Last-Update: 2017-09-20
+
+Set a default for the case where a user has no mail so auto-
+detection of mailboxes doesn't work.
+---
+ doc/example-config/conf.d/10-mail.conf | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index 24daa04..a69224f 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -27,7 +27,7 @@
+ #
+ # <doc/wiki/MailLocation.txt>
+ #
+-#mail_location = 
++mail_location = mbox:~/mail:INBOX=/var/mail/%u
+ 
+ # If you need to set multiple mailbox locations or want to change default
+ # namespace settings, you can do it by defining namespace sections.
+@@ -111,7 +111,7 @@ namespace inbox {
+ # Group to enable temporarily for privileged operations. Currently this is
+ # used only with INBOX when either its initial creation or dotlocking fails.
+ # Typically this is set to "mail" to give access to /var/mail.
+-#mail_privileged_group =
++mail_privileged_group = mail
+ 
+ # Grant access to these supplementary groups for mail processes. Typically
+ # these are used to set up access to shared mailboxes. Note that it may be
diff --git a/debian/patches/doveadm-director.1-drop-acute-accent.patch b/debian/patches/doveadm-director.1-drop-acute-accent.patch
new file mode 100644
index 0000000..36ff84f
--- /dev/null
+++ b/debian/patches/doveadm-director.1-drop-acute-accent.patch
@@ -0,0 +1,46 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 14 Aug 2020 12:50:51 +0200
+Subject: doveadm-director.1: drop acute accent
+
+Found by Lintian:
+
+    This manual page uses the \' groff sequence. Usually, the intent to
+    generate an apostrophe, but that sequence actually renders as a an acute
+    accent.
+
+    For an apostrophe or a single closing quote, use plain '. For single
+    opening quote, i.e. a straight downward line ' like the one used in
+    shell commands, use &#92;(aq.
+---
+ doc/man/doveadm-director.1.in | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/doc/man/doveadm-director.1.in b/doc/man/doveadm-director.1.in
+index 2a2c688..4b1855f 100644
+--- a/doc/man/doveadm-director.1.in
++++ b/doc/man/doveadm-director.1.in
+@@ -108,7 +108,7 @@ hosts. All the existing connections will be kicked. If
+ is specified, a flush script is also automatically executed.
+ .PP
+ Because the kicking and moving of users to new backends creates a temporary
+-load spike, all the users aren\'t moved at once. The
++load spike, all the users aren't moved at once. The
+ .B \-\-max\-parallel
+ parameter specifies how many users can be moved concurrently.
+ The default is 100.
+@@ -116,7 +116,7 @@ The default is 100.
+ If the
+ .B \-F
+ parameter is used, the user associations are simply dropped. Existing
+-connections won\'t be kicked and flush scripts aren\'t run.
++connections won't be kicked and flush scripts aren't run.
+ .\"-------------------------------------
+ .SS director kick
+ .B doveadm director kick
+@@ -280,4 +280,4 @@ user would be redirected to 192.168.10.3.
+ @INCLUDE:reporting-bugs@
+ .\"------------------------------------------------------------------------
+ .SH SEE ALSO
+-.BR doveadm (1)
+\ No newline at end of file
++.BR doveadm (1)
diff --git a/debian/patches/dovecot_name.patch b/debian/patches/dovecot_name.patch
new file mode 100644
index 0000000..d9d6ebf
--- /dev/null
+++ b/debian/patches/dovecot_name.patch
@@ -0,0 +1,121 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Sat, 7 Sep 2013 01:16:14 -0400
+Subject: Update Dovecot name to include Distribution in login greeting
+ message
+
+This patch was found at: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates
+and originally provided by Ubuntu for their 2.1.7 package.  The original
+author is  Yolanda Robla <yolanda.robla@canonical.com>.  I updated it
+for Debian's 2.2.5 package.
+
+Last-Update: 2020-05-23
+---
+ configure.ac                         | 7 ++++++-
+ src/config/all-settings.c            | 6 +++---
+ src/lib-smtp/smtp-server.c           | 2 +-
+ src/lmtp/lmtp-settings.c             | 2 +-
+ src/login-common/login-settings.c    | 2 +-
+ src/submission/submission-settings.c | 2 +-
+ 6 files changed, 13 insertions(+), 8 deletions(-)
+
+Index: dovecot/configure.ac
+===================================================================
+--- dovecot.orig/configure.ac
++++ dovecot/configure.ac
+@@ -287,7 +287,12 @@ AM_ICONV
+ # SIZE_MAX is missing without this
+ CXXFLAGS="$CXXFLAGS -D__STDC_LIMIT_MACROS"
+ 
+-AC_DEFINE_UNQUOTED(DOVECOT_NAME, "$PACKAGE_NAME", [Dovecot name])
++if test -x /usr/bin/lsb_release && lsb_release -si; then
++    DOVECOT_DISTRIBUTION=" ($(lsb_release -si))"
++else
++    DOVECOT_DISTRIBUTION=""
++fi
++AC_DEFINE_UNQUOTED(DOVECOT_NAME, "$PACKAGE_NAME$DOVECOT_DISTRIBUTION", [Dovecot name])
+ AC_DEFINE_UNQUOTED(DOVECOT_STRING, "$PACKAGE_STRING", [Dovecot string])
+ AC_DEFINE_UNQUOTED(DOVECOT_VERSION, "$PACKAGE_VERSION", [Dovecot version])
+ 
+Index: dovecot/src/config/all-settings.c
+===================================================================
+--- dovecot.orig/src/config/all-settings.c
++++ dovecot/src/config/all-settings.c
+@@ -2320,7 +2320,7 @@ static const struct submission_settings
+ 
+ 	.hostname = "",
+ 
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_trusted_networks = "",
+ 
+ 	.recipient_delimiter = "+",
+@@ -4182,7 +4182,7 @@ static const struct setting_define login
+ static const struct login_settings login_default_settings = {
+ 	.login_trusted_networks = "",
+ 	.login_source_ips = "",
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>",
+ 	.login_log_format = "%$: %s",
+ 	.login_access_sockets = "",
+@@ -4396,7 +4396,7 @@ static const struct lmtp_settings lmtp_d
+ 
+ 	.lmtp_client_workarounds = "",
+ 
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_trusted_networks = "",
+ 
+ 	.mail_plugins = "",
+Index: dovecot/src/lib-smtp/smtp-server.c
+===================================================================
+--- dovecot.orig/src/lib-smtp/smtp-server.c
++++ dovecot/src/lib-smtp/smtp-server.c
+@@ -49,7 +49,7 @@ struct smtp_server *smtp_server_init(con
+ 	if (set->login_greeting != NULL && *set->login_greeting != '\0')
+ 		server->set.login_greeting = p_strdup(pool, set->login_greeting);
+ 	else
+-		server->set.login_greeting = PACKAGE_NAME" ready.";
++		server->set.login_greeting = DOVECOT_NAME" ready.";
+ 	if (set->capabilities == 0) {
+ 		server->set.capabilities = SMTP_SERVER_DEFAULT_CAPABILITIES;
+ 	} else  {
+Index: dovecot/src/lmtp/lmtp-settings.c
+===================================================================
+--- dovecot.orig/src/lmtp/lmtp-settings.c
++++ dovecot/src/lmtp/lmtp-settings.c
+@@ -93,7 +93,7 @@ static const struct lmtp_settings lmtp_d
+ 
+ 	.lmtp_client_workarounds = "",
+ 
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_trusted_networks = "",
+ 
+ 	.mail_plugins = "",
+Index: dovecot/src/login-common/login-settings.c
+===================================================================
+--- dovecot.orig/src/login-common/login-settings.c
++++ dovecot/src/login-common/login-settings.c
+@@ -51,7 +51,7 @@ static const struct setting_define login
+ static const struct login_settings login_default_settings = {
+ 	.login_trusted_networks = "",
+ 	.login_source_ips = "",
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>",
+ 	.login_log_format = "%$: %s",
+ 	.login_access_sockets = "",
+Index: dovecot/src/submission/submission-settings.c
+===================================================================
+--- dovecot.orig/src/submission/submission-settings.c
++++ dovecot/src/submission/submission-settings.c
+@@ -103,7 +103,7 @@ static const struct submission_settings
+ 
+ 	.hostname = "",
+ 
+-	.login_greeting = PACKAGE_NAME" ready.",
++	.login_greeting = DOVECOT_NAME" ready.",
+ 	.login_trusted_networks = "",
+ 
+ 	.recipient_delimiter = "+",
diff --git a/debian/patches/fix-mail_plugin_dir-default.patch b/debian/patches/fix-mail_plugin_dir-default.patch
new file mode 100644
index 0000000..19c3d8d
--- /dev/null
+++ b/debian/patches/fix-mail_plugin_dir-default.patch
@@ -0,0 +1,24 @@
+From: Marco Nenciarini <mnencia@debian.org>
+Date: Fri, 16 Sep 2011 00:55:02 +0200
+Subject: fix mail_plugin_dir default
+
+Bug: #624294
+
+Fix mail_plugin_dir default value in conf.d/10-mail.conf
+---
+ doc/example-config/conf.d/10-mail.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index de48f92..24daa04 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -211,7 +211,7 @@ namespace inbox {
+ #auth_socket_path = /var/run/dovecot/auth-userdb
+ 
+ # Directory where to look up mail plugins.
+-#mail_plugin_dir = /usr/lib/dovecot
++#mail_plugin_dir = /usr/lib/dovecot/modules
+ 
+ # Space separated list of plugins to load for all services. Plugins specific to
+ # IMAP, LDA, etc. are added to this list in their own .conf files.
diff --git a/debian/patches/mboxlocking.patch b/debian/patches/mboxlocking.patch
new file mode 100644
index 0000000..8920a3a
--- /dev/null
+++ b/debian/patches/mboxlocking.patch
@@ -0,0 +1,60 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Thu, 22 Aug 2013 22:44:48 -0400
+Subject: policy 22.6 compliant mbox write locking
+
+For NFS safety, prefer fcntl to dotlocks.
+Dovecots default is the other way around.
+
+Bug: #720502
+---
+ doc/example-config/conf.d/10-mail.conf     | 8 +++++++-
+ src/config/all-settings.c                  | 2 +-
+ src/lib-storage/index/mbox/mbox-settings.c | 2 +-
+ 3 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-mail.conf b/doc/example-config/conf.d/10-mail.conf
+index a69224f..b47235f 100644
+--- a/doc/example-config/conf.d/10-mail.conf
++++ b/doc/example-config/conf.d/10-mail.conf
+@@ -320,8 +320,14 @@ protocol !indexer-worker {
+ # in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+ # locking methods as well. Some operating systems don't allow using some of
+ # them simultaneously.
++#
++# The Debian value for mbox_write_locks differs from upstream Dovecot. It is
++# changed to be compliant with Debian Policy (section 11.6) for NFS safety.
++#       Dovecot: mbox_write_locks = dotlock fcntl
++#       Debian:  mbox_write_locks = fcntl dotlock
++#
+ #mbox_read_locks = fcntl
+-#mbox_write_locks = dotlock fcntl
++#mbox_write_locks = fcntl dotlock
+ 
+ # Maximum time to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 5 mins
+diff --git a/src/config/all-settings.c b/src/config/all-settings.c
+index 391da6d..231100f 100644
+--- a/src/config/all-settings.c
++++ b/src/config/all-settings.c
+@@ -1239,7 +1239,7 @@ static const struct setting_define mbox_setting_defines[] = {
+ };
+ static const struct mbox_settings mbox_default_settings = {
+ 	.mbox_read_locks = "fcntl",
+-	.mbox_write_locks = "dotlock fcntl",
++	.mbox_write_locks = "fcntl dotlock",
+ 	.mbox_lock_timeout = 5*60,
+ 	.mbox_dotlock_change_timeout = 2*60,
+ 	.mbox_min_index_size = 0,
+diff --git a/src/lib-storage/index/mbox/mbox-settings.c b/src/lib-storage/index/mbox/mbox-settings.c
+index 1df2452..b4eb520 100644
+--- a/src/lib-storage/index/mbox/mbox-settings.c
++++ b/src/lib-storage/index/mbox/mbox-settings.c
+@@ -27,7 +27,7 @@ static const struct setting_define mbox_setting_defines[] = {
+ 
+ static const struct mbox_settings mbox_default_settings = {
+ 	.mbox_read_locks = "fcntl",
+-	.mbox_write_locks = "dotlock fcntl",
++	.mbox_write_locks = "fcntl dotlock",
+ 	.mbox_lock_timeout = 5*60,
+ 	.mbox_dotlock_change_timeout = 2*60,
+ 	.mbox_min_index_size = 0,
diff --git a/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch b/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch
new file mode 100644
index 0000000..1582b9e
--- /dev/null
+++ b/debian/patches/md4-md5-disable-optimization-causing-unaligned-access.patch
@@ -0,0 +1,51 @@
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Tue, 7 Dec 2021 13:01:10 +0100
+Subject: md4/md5: disable optimization causing unaligned access
+
+This restores unit tests with GCC 11 and LTO.
+
+    md5.c:92:23: warning: cast from 'const unsigned char *' to 'const uint32_t *' (aka 'const unsigned int *') increases required alignment from 1 to 4 [-Wcast-align]
+                    STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
+                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
+    md5.c:51:4: note: expanded from macro 'SET'
+            (*(const uint32_t *)&ptr[(n) * 4])
+              ^
+    md5.c:37:29: note: expanded from macro 'STEP'
+            (a) += f((b), (c), (d)) + (x) + (t); \
+                                       ^
+
+    md5.c:92:3: runtime error: load of misaligned address 0x61900000008b for type 'const uint32_t' (aka 'const unsigned int'), which requires 4 byte alignment
+    0x61900000008b: note: pointer points here
+     41  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41
+                  ^
+---
+ src/lib/md4.c | 2 +-
+ src/lib/md5.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/md4.c b/src/lib/md4.c
+index 06e3231..798292a 100644
+--- a/src/lib/md4.c
++++ b/src/lib/md4.c
+@@ -42,7 +42,7 @@
+  * memory accesses is just an optimization.  Nothing will break if it
+  * doesn't work.
+  */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
++#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+ /* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
+  * beyond the end of the buffer. So only read precisely 32 bits
+  */
+diff --git a/src/lib/md5.c b/src/lib/md5.c
+index 6b5da6c..c605639 100644
+--- a/src/lib/md5.c
++++ b/src/lib/md5.c
+@@ -46,7 +46,7 @@
+  * memory accesses is just an optimization.  Nothing will break if it
+  * doesn't work.
+  */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
++#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+ #define SET(n) \
+ 	(*(const uint32_t *)&ptr[(n) * 4])
+ #define GET(n) \
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..eb764ae
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,22 @@
+split-protocols.patch
+fix-mail_plugin_dir-default.patch
+ssl-cert-location.patch
+tcpwrapper.patch
+default-mail_location.patch
+mboxlocking.patch
+dovecot_name.patch
+ssl-dh-params-location.patch
+skip-rfc-subdir.patch
+Correct-misspellings.patch
+test-backtrace.patch
+doveadm-director.1-drop-acute-accent.patch
+Fix-32bit-sign-comparisons.patch
+Improve-cross-compile-support.patch
+Silence-LTO-related-compiler-warning.patch
+md4-md5-disable-optimization-causing-unaligned-access.patch
+Support-openssl-3.0.patch
+Debug-flaky-unit-test.patch
+Avoid-usage-of-PATH_MAX-not-available-on-hurd.patch
+auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
+auth-Add-a-comment-about-updating-userdb_find.patch
+Fix-uninitialized-read-in-doveadm-oldstats.patch
diff --git a/debian/patches/skip-rfc-subdir.patch b/debian/patches/skip-rfc-subdir.patch
new file mode 100644
index 0000000..34dfc68
--- /dev/null
+++ b/debian/patches/skip-rfc-subdir.patch
@@ -0,0 +1,47 @@
+From: Noah Meyerhans <noahm@debian.org>
+Date: Thu, 21 May 2020 21:48:59 -0700
+Subject: Don't try to build doc/rfc subdir components
+
+Forwarded: no (Debian-specific)
+---
+ pigeonhole/configure.ac    | 1 -
+ pigeonhole/doc/Makefile.am | 1 -
+ pigeonhole/doc/Makefile.in | 1 -
+ 3 files changed, 3 deletions(-)
+
+diff --git a/pigeonhole/configure.ac b/pigeonhole/configure.ac
+index 227746a..38671ed 100644
+--- a/pigeonhole/configure.ac
++++ b/pigeonhole/configure.ac
+@@ -176,7 +176,6 @@ doc/Makefile
+ doc/man/Makefile
+ doc/example-config/Makefile
+ doc/example-config/conf.d/Makefile
+-doc/rfc/Makefile
+ doc/extensions/Makefile
+ doc/locations/Makefile
+ doc/plugins/Makefile
+diff --git a/pigeonhole/doc/Makefile.am b/pigeonhole/doc/Makefile.am
+index 5131ece..258c135 100644
+--- a/pigeonhole/doc/Makefile.am
++++ b/pigeonhole/doc/Makefile.am
+@@ -1,7 +1,6 @@
+ SUBDIRS = \
+ 	man \
+ 	example-config \
+-	rfc \
+ 	extensions \
+ 	locations \
+ 	plugins
+diff --git a/pigeonhole/doc/Makefile.in b/pigeonhole/doc/Makefile.in
+index bf2b89c..a849848 100644
+--- a/pigeonhole/doc/Makefile.in
++++ b/pigeonhole/doc/Makefile.in
+@@ -404,7 +404,6 @@ top_srcdir = @top_srcdir@
+ SUBDIRS = \
+ 	man \
+ 	example-config \
+-	rfc \
+ 	extensions \
+ 	locations \
+ 	plugins
diff --git a/debian/patches/split-protocols.patch b/debian/patches/split-protocols.patch
new file mode 100644
index 0000000..86dcb36
--- /dev/null
+++ b/debian/patches/split-protocols.patch
@@ -0,0 +1,42 @@
+From: Marco Nenciarini <mnencia@debian.org>
+Date: Sat, 5 Mar 2011 11:19:07 +0100
+Subject: split-protocols
+
+Updated: Mon, 25 Nov 2013 20:11:59 -0500
+Forwarded: no (Debian-specific)
+
+Set default protocols value as empty and enable each
+protocol in its own configuration file
+---
+ doc/example-config/dovecot.conf | 4 ++--
+ src/master/master-settings.c    | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/doc/example-config/dovecot.conf b/doc/example-config/dovecot.conf
+index b67e9eb..7e9953f 100644
+--- a/doc/example-config/dovecot.conf
++++ b/doc/example-config/dovecot.conf
+@@ -20,8 +20,8 @@
+ # options. The paths listed here are for configure --prefix=/usr
+ # --sysconfdir=/etc --localstatedir=/var
+ 
+-# Protocols we want to be serving.
+-#protocols = imap pop3 lmtp submission
++# Enable installed protocols
++!include_try /usr/share/dovecot/protocols.d/*.protocol
+ 
+ # A comma separated list of IPs or hosts where to listen in for connections. 
+ # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
+diff --git a/src/master/master-settings.c b/src/master/master-settings.c
+index 7cfaa35..48a9121 100644
+--- a/src/master/master-settings.c
++++ b/src/master/master-settings.c
+@@ -207,7 +207,7 @@ static const struct master_settings master_default_settings = {
+ 	.state_dir = PKG_STATEDIR,
+ 	.libexec_dir = PKG_LIBEXECDIR,
+ 	.instance_name = PACKAGE,
+-	.protocols = "imap pop3 lmtp",
++	.protocols = "",
+ 	.listen = "*, ::",
+ 	.ssl = "yes:no:required",
+ 	.default_internal_user = "dovecot",
diff --git a/debian/patches/ssl-cert-location.patch b/debian/patches/ssl-cert-location.patch
new file mode 100644
index 0000000..446dd87
--- /dev/null
+++ b/debian/patches/ssl-cert-location.patch
@@ -0,0 +1,73 @@
+From: "Jaldhar H. Vyas" <jaldhar@debian.org>
+Date: Tue, 25 Sep 2012 01:12:07 -0400
+Subject: SSL cert location
+
+Last-Update: Sun, 30 Nov 2014 23:59:07 -0500
+Bug: #608719
+
+Move dovecots generated X.509 certificate out of /etc/ssl where
+it doesn't belong.
+---
+ doc/example-config/conf.d/10-ssl.conf |  7 ++++---
+ doc/mkcert.sh                         | 10 +++++-----
+ 2 files changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf
+index ad84766..4867a07 100644
+--- a/doc/example-config/conf.d/10-ssl.conf
++++ b/doc/example-config/conf.d/10-ssl.conf
+@@ -3,14 +3,14 @@
+ ##
+ 
+ # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
+-#ssl = yes
++ssl = yes
+ 
+ # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-ssl_cert = </etc/ssl/certs/dovecot.pem
+-ssl_key = </etc/ssl/private/dovecot.pem
++ssl_cert = </etc/dovecot/private/dovecot.pem
++ssl_key = </etc/dovecot/private/dovecot.key
+ 
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter. Since this file is often
+@@ -33,6 +33,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ # RedHat-based systems. Note that ssl_client_ca_file isn't recommended with
+ # large CA bundles, because it leads to excessive memory usage.
+ #ssl_client_ca_dir =
++ssl_client_ca_dir = /etc/ssl/certs
+ #ssl_client_ca_file =
+ 
+ # Require valid cert when connecting to a remote server
+diff --git a/doc/mkcert.sh b/doc/mkcert.sh
+index f7e484c..efcf85e 100644
+--- a/doc/mkcert.sh
++++ b/doc/mkcert.sh
+@@ -8,19 +8,19 @@ OPENSSL=${OPENSSL-openssl}
+ SSLDIR=${SSLDIR-/etc/ssl}
+ OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+ 
+-CERTDIR=$SSLDIR/certs
+-KEYDIR=$SSLDIR/private
++CERTDIR=/etc/dovecot/ssl
++KEYDIR=/etc/dovecot/ssl
+ 
+ CERTFILE=$CERTDIR/dovecot.pem
+-KEYFILE=$KEYDIR/dovecot.pem
++KEYFILE=$KEYDIR/dovecot.key
+ 
+ if [ ! -d $CERTDIR ]; then
+-  echo "$SSLDIR/certs directory doesn't exist"
++  echo "$CERTDIR directory doesn't exist"
+   exit 1
+ fi
+ 
+ if [ ! -d $KEYDIR ]; then
+-  echo "$SSLDIR/private directory doesn't exist"
++  echo "$KEYDIR directory doesn't exist"
+   exit 1
+ fi
+ 
diff --git a/debian/patches/ssl-dh-params-location.patch b/debian/patches/ssl-dh-params-location.patch
new file mode 100644
index 0000000..10589ea
--- /dev/null
+++ b/debian/patches/ssl-dh-params-location.patch
@@ -0,0 +1,24 @@
+From: Apollon Oikonomopoulos <apoikos@debian.org>
+Date: Sat, 24 Mar 2018 00:24:55 +0200
+Subject: Set DH params location
+
+Forwarded: not-needed
+
+This is mandatory for SSL support in 2.3
+---
+ doc/example-config/conf.d/10-ssl.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/example-config/conf.d/10-ssl.conf b/doc/example-config/conf.d/10-ssl.conf
+index 4867a07..c4502fc 100644
+--- a/doc/example-config/conf.d/10-ssl.conf
++++ b/doc/example-config/conf.d/10-ssl.conf
+@@ -52,7 +52,7 @@ ssl_client_ca_dir = /etc/ssl/certs
+ # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
+ # Or migrate from old ssl-parameters.dat file with the command dovecot
+ # gives on startup when ssl_dh is unset.
+-#ssl_dh = </etc/dovecot/dh.pem
++ssl_dh = </usr/share/dovecot/dh.pem
+ 
+ # Minimum SSL protocol version to use. Potentially recognized values are SSLv3,
+ # TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3, depending on the OpenSSL version used.
diff --git a/debian/patches/tcpwrapper.patch b/debian/patches/tcpwrapper.patch
new file mode 100644
index 0000000..f58a282
--- /dev/null
+++ b/debian/patches/tcpwrapper.patch
@@ -0,0 +1,45 @@
+From: Joerg Dorchain <joerg@dorchain.net>
+Date: Sun, 26 Aug 2012 10:10:28 +0200
+Subject: Add TCP wrapper support
+
+Bug: #685850
+
+Configuration file for TCP wrapper support.
+---
+ doc/example-config/conf.d/10-tcpwrapper.conf | 14 ++++++++++++++
+ doc/example-config/conf.d/Makefile.am        |  1 +
+ 2 files changed, 15 insertions(+)
+ create mode 100644 doc/example-config/conf.d/10-tcpwrapper.conf
+
+diff --git a/doc/example-config/conf.d/10-tcpwrapper.conf b/doc/example-config/conf.d/10-tcpwrapper.conf
+new file mode 100644
+index 0000000..b237d96
+--- /dev/null
++++ b/doc/example-config/conf.d/10-tcpwrapper.conf
+@@ -0,0 +1,14 @@
++# 10-tcpwrapper.conf
++#
++# service name for hosts.{allow|deny} are those defined as
++# inet_listener in master.conf
++#
++#login_access_sockets = tcpwrap
++#
++#service tcpwrap {
++#  unix_listener login/tcpwrap {
++#    group = $default_login_user
++#    mode = 0600
++#    user = $default_login_user
++#  }
++#}
+diff --git a/doc/example-config/conf.d/Makefile.am b/doc/example-config/conf.d/Makefile.am
+index 1950fd5..b78c21a 100644
+--- a/doc/example-config/conf.d/Makefile.am
++++ b/doc/example-config/conf.d/Makefile.am
+@@ -18,6 +18,7 @@ example_DATA = \
+ 	10-master.conf \
+ 	10-metrics.conf \
+ 	10-ssl.conf \
++	10-tcpwrapper.conf \
+ 	15-lda.conf \
+ 	15-mailboxes.conf \
+ 	20-imap.conf \
diff --git a/debian/patches/test-backtrace.patch b/debian/patches/test-backtrace.patch
new file mode 100644
index 0000000..29a03c4
--- /dev/null
+++ b/debian/patches/test-backtrace.patch
@@ -0,0 +1,36 @@
+From: Noah Meyerhans <noahm@debian.org>
+Date: Fri, 12 Jun 2020 16:51:06 -0700
+Subject: Updates the symbol to check for in the backtrace unit tests
+
+Updates the symbol to check for in the backtrace unit tests to
+something that appears in all the traces on the platforms we support.
+---
+ src/lib/test-backtrace.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/test-backtrace.c b/src/lib/test-backtrace.c
+index fdebe0f..640dc5b 100644
+--- a/src/lib/test-backtrace.c
++++ b/src/lib/test-backtrace.c
+@@ -17,8 +17,8 @@ static void test_backtrace_append(void)
+ #elif (defined(HAVE_BACKTRACE_SYMBOLS) && defined(HAVE_EXECINFO_H)) || \
+       (defined(HAVE_WALKCONTEXT) && defined(HAVE_UCONTEXT_H))
+ 	test_assert(backtrace_append(bt) == 0);
+-	/* it should have some kind of main in it */
+-	test_assert(strstr(str_c(bt), "main") != NULL);
++	i_debug("backtrace: '%s'", str_c(bt));
++	test_assert(strstr(str_c(bt), "test_backtrace_append") != NULL || strstr(str_c(bt), "main") != NULL);
+ #else
+ 	/* should not work in this context */
+ 	test_assert(backtrace_append(bt) == -1);
+@@ -41,8 +41,8 @@ static void test_backtrace_get(void)
+ #elif (defined(HAVE_BACKTRACE_SYMBOLS) && defined(HAVE_EXECINFO_H)) || \
+       (defined(HAVE_WALKCONTEXT) && defined(HAVE_UCONTEXT_H))
+ 	test_assert(backtrace_get(&bt) == 0);
+-	/* it should have some kind of main in it */
+-	test_assert(strstr(bt, "main") != NULL);
++	i_debug("backtrace: '%s'", bt);
++	test_assert(strstr(bt, "test_backtrace_get") != NULL || strstr(bt, "main") != NULL);
+ #else
+ 	/* should not work in this context */
+ 	test_assert(backtrace_get(&bt) == -1);
diff --git a/debian/po/nl.po b/debian/po/nl.po
new file mode 100644
index 0000000..e5c0446
--- /dev/null
+++ b/debian/po/nl.po
@@ -0,0 +1,102 @@
+# Dutch translation of dovecot debconf templates.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the dovecot package.
+# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dovecot\n"
+"Report-Msgid-Bugs-To: dovecot@packages.debian.org\n"
+"POT-Creation-Date: 2013-11-07 07:06+0100\n"
+"PO-Revision-Date: 2014-10-04 22:25+0200\n"
+"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
+"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Wrong location for SSL certificates"
+msgstr "De SSL-certificaten staan op een verkeerde plaats"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid ""
+"This machine uses SSL certificates for Dovecot. These certificates should be "
+"moved from /etc/ssl to /etc/dovecot and Dovecot's configuration file (/etc/"
+"dovecot/conf.d/10-ssl.conf) should be updated accordingly."
+msgstr ""
+"Deze computer gebruikt SSL-certificaten voor Dovecot. Deze certificaten "
+"moeten verplaatst worden van /etc/ssl naar /etc/dovecot en het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) moet in "
+"die zin aangepast worden."
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Please read /usr/share/doc/dovecot-core/README.Debian.gz for details."
+msgstr ""
+"Raadpleeg /usr/share/doc/dovecot-core/README.Debian.gz voor de details."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid "Create a self-signed SSL certificate?"
+msgstr "Een door uzelf ondertekend SSL-certificaat aanmaken?"
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"An SSL certificate is needed in order to use IMAP or POP3 over SSL/TLS. No "
+"such certificate was found."
+msgstr ""
+"U heeft een SSL-certificaat nodig om IMAP of POP3 over SSL/TLS te kunnen "
+"gebruiken. Een dergelijk certificaat werd niet gevonden."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"Please choose whether you want to create one now. This will then be a self-"
+"signed certificate."
+msgstr ""
+"Geef aan of u nu een dergelijk certificaat wilt aanmaken. In dat geval zal "
+"het een door uzelf ondertekend certificaat zijn."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"If you choose not to create a certificate, please adapt Dovecot's "
+"configuration file (/etc/dovecot/conf.d/10-ssl.conf)."
+msgstr ""
+"Indien u ervoor kiest om geen certificaat aan te maken, dan moet u het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) wijzigen."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Host name:"
+msgstr "Computernaam"
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Please enter the host name to use in the SSL certificate."
+msgstr ""
+"Geef aan welke computernaam gebruikt moet worden in het SSL-certificaat."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid ""
+"It will become the \"commonName\" field of the generated SSL certificate."
+msgstr ""
+"Die komt terecht in het veld \"commonName\" van het SSL-certificaat dat "
+"aangemaakt wordt."
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..724068f
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,215 @@
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+SHELL=/bin/bash -O extglob
+PIGEONHOLE_DIR=$(CURDIR)/pigeonhole
+
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all optimize=+lto
+
+# LP: 1636781 - strip incompatible default linker option
+ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes)
+  export DEB_LDFLAGS_MAINT_STRIP = -Wl,-Bsymbolic-functions
+endif
+
+DOV_DEB_CFLAGS=
+DOV_DEB_CXXFLAGS=
+DOV_DEB_LDFLAGS=
+
+# Ensure that stacktrace generation works:
+DOV_DEB_LDFLAGS += -rdynamic
+include /usr/share/dpkg/architecture.mk
+ifneq ($(filter armel armhf hppa mips64el mipsel riscv64 sparc64, $(DEB_HOST_ARCH)),)
+  DOV_DEB_CFLAGS += -funwind-tables
+  DOV_DEB_CXXFLAGS += -funwind-tables
+endif
+
+export DEB_CFLAGS_MAINT_APPEND = $(DOV_DEB_CFLAGS)
+export DEB_CXXFLAGS_MAINT_APPEND = $(DOV_DEB_CXXFLAGS)
+export DEB_LDFLAGS_MAINT_APPEND = $(DOV_DEB_LDFLAGS)
+
+
+ifeq ($(DEB_HOST_ARCH_OS),linux)
+  CONFIGURE_APPARMOR = --with-apparmor
+endif
+
+# Macros to help move files to the module packages
+CORE_DIR=$(CURDIR)/debian/dovecot-core
+PKG_DIR=$(CURDIR)/debian/dovecot-PKG
+MOVE=install -d $(PKG_DIR:PKG=$(2))/$(dir $(1)); mv $(CORE_DIR)/$(1) $(PKG_DIR:PKG=$(2))/$(dir $(1));
+
+# Files to move from dovecot-core to the individual packages. Files added to
+# <addon>_files will be automatically moved from dovecot's tree to the
+# respective package.
+auth-lua_files = usr/lib/dovecot/modules/auth/libauthdb_lua.so
+
+imapd_files = usr/lib/dovecot/imap* \
+	      usr/lib/dovecot/modules/lib??_imap_!(*sieve*) \
+	      usr/share/dovecot/conf.d/??-imap*
+
+pop3d_files = usr/lib/dovecot/pop3* \
+	      usr/share/dovecot/conf.d/??-pop3*
+
+lmtpd_files = usr/lib/dovecot/lmtp* \
+	      usr/share/dovecot/conf.d/??-lmtp*
+
+managesieved_files = usr/lib/dovecot/managesieve* \
+		     usr/lib/dovecot/modules/settings/libmanagesieve*
+
+submissiond_files = usr/lib/dovecot/submission* \
+	           usr/share/dovecot/conf.d/??-submission.conf
+
+pgsql_files = usr/lib/dovecot/modules/auth/libdriver_pgsql* \
+	      usr/lib/dovecot/modules/dict/libdriver_pgsql* \
+	      usr/lib/dovecot/modules/libdriver_pgsql*
+
+mysql_files = usr/lib/dovecot/modules/auth/libdriver_mysql* \
+	      usr/lib/dovecot/modules/dict/libdriver_mysql* \
+	      usr/lib/dovecot/modules/libdriver_mysql*
+
+sqlite_files = usr/lib/dovecot/modules/auth/libdriver_sqlite* \
+	       usr/lib/dovecot/modules/dict/libdriver_sqlite* \
+	       usr/lib/dovecot/modules/libdriver_sqlite*
+
+gssapi_files = usr/lib/dovecot/modules/auth/libmech_gssapi*
+
+ldap_files = usr/lib/dovecot/modules/auth/libauthdb_ldap* \
+	     usr/lib/dovecot/modules/dict/libdict_ldap* \
+	     usr/lib/dovecot/libdovecot-ldap* \
+	     usr/share/dovecot/*-ldap.conf.ext \
+	     usr/share/dovecot/conf.d/*-ldap.conf.ext
+
+sieve_files = usr/bin/sieve* \
+	      usr/lib/dovecot/modules/lib??_sieve* \
+	      usr/lib/dovecot/modules/lib??_imap_*sieve* \
+	      usr/lib/dovecot/modules/doveadm/lib??_doveadm_sieve* \
+	      usr/lib/dovecot/modules/sieve \
+	      usr/lib/dovecot/libdovecot-sieve* \
+	      usr/share/man/man1/sieve*
+
+solr_files = usr/lib/dovecot/modules/lib??_fts_solr_*
+
+lucene_files = usr/lib/dovecot/modules/lib??_fts_lucene_*
+
+dev_files = usr/include/* \
+	    usr/lib/dovecot/dovecot-config \
+	    usr/share/aclocal/*.m4
+
+%:
+	dh $@
+
+override_dh_autoreconf:
+	dh_autoreconf debian/autogen.sh
+
+override_dh_auto_configure:
+	KRB5CONFIG=krb5-config.mit systemdsystemunitdir=/lib/systemd/system dh_auto_configure -- \
+	            --with-ldap=plugin \
+	            --with-ssl=openssl \
+	            --with-sql=plugin \
+	            --with-pgsql \
+	            --with-mysql \
+	            --with-sqlite \
+	            --with-gssapi=plugin \
+	            --with-solr \
+	            --with-ioloop=best \
+		    --with-icu \
+	            --with-libwrap \
+	            --with-lucene \
+		    $(CONFIGURE_APPARMOR) \
+		    --with-lz4 \
+		    --with-lua=plugin \
+		    --with-sodium \
+		    --libdir=\$${prefix}/lib \
+	            --libexecdir=\$${prefix}/lib \
+		    --docdir=\$${prefix}/share/doc/dovecot-core \
+	            --with-moduledir=\$${prefix}/lib/dovecot/modules \
+		    --with-rundir=/run/dovecot \
+	            --disable-rpath \
+	            --disable-static
+	
+	$(MAKE) dovecot-config
+	# remove unreproducible '-ffile-prefix-map=/build/1st/dovecot-2.3.10.1+dfsg1=.'
+	#                       '-fdebug-prefix-map=/build/dovecot-O55xqn/dovecot-2.3.10.1+dfsg1=.'
+	sed -i 's/\s\+-ffile-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+	sed -i 's/\s\+-fdebug-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+	
+	# Pigeonhole
+	touch $(PIGEONHOLE_DIR)/stamp.h.in
+	dh_auto_configure -D $(PIGEONHOLE_DIR) -- \
+	        --with-dovecot=../ \
+	        --libdir=\$${prefix}/lib \
+		--libexecdir=\$${prefix}/lib \
+		--disable-static
+
+override_dh_auto_build:
+	# Remove all-settings.c and let it be re-generated from the (patched)
+	# component settings files.
+	rm -f src/config/all-settings.c
+	dh_auto_build
+	dh_auto_build -D $(PIGEONHOLE_DIR)
+
+override_dh_auto_clean:
+	dh_auto_clean
+	dh_auto_clean -D $(PIGEONHOLE_DIR)
+
+override_dh_auto_install:
+	# Install everything under dovecot-core
+	$(MAKE) install DESTDIR=$(CORE_DIR)
+	$(MAKE) -C $(PIGEONHOLE_DIR) install DESTDIR=$(CORE_DIR)
+	rm `find $(CURDIR)/debian -name '*.la'`
+	rm $(CORE_DIR)/etc/dovecot/README
+	rm $(CORE_DIR)/usr/lib/dovecot/decode2text.sh
+
+override_dh_install:
+	# dh_auto_install has installed everything in the dovecot-core package.
+	# Run dh_install to install additional files from the source directory
+	# or debian/ to the individual packages. NOTE: there is nothing in
+	# debian/tmp!
+	dh_install
+	install -D -o root -g root -m 0755 $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh \
+		$(CORE_DIR)/usr/share/dovecot/mkcert.sh
+	rm $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh
+	rm $(CORE_DIR)/usr/share/doc/dovecot-core/dovecot-openssl.cnf
+	rm $(CORE_DIR)/usr/share/doc/dovecot-core/solr-schema.xml
+	rm -rf $(CORE_DIR)/usr/share/doc/dovecot-core/example-config
+	
+	$(foreach package,$(patsubst dovecot-%,%,$(shell dh_listpackages)),\
+		$(foreach file,$($(package)_files),\
+			$(call MOVE,$(file),$(package))))
+	
+	rmdir $(CORE_DIR)/usr/include
+	rmdir $(CORE_DIR)/usr/share/aclocal
+	install -d $(PKG_DIR:PKG=dev)/usr/share/dovecot
+	grep ABI_VERSION config.h \
+		| perl -ne '/"(.+)\(.+\)"/ && print $$1' \
+		| tr '[A-Z]' '[a-z]' > $(PKG_DIR:PKG=dev)/usr/share/dovecot/dovecot-abi
+	
+	# Install apport hook
+	install -D -m 644 debian/source_dovecot.py $(CURDIR)/debian/dovecot-core/usr/share/apport/package-hooks/dovecot-core.py
+
+	install -D -m644 debian/dovecot-imapd.ufw.profile debian/dovecot-imapd/etc/ufw/applications.d/dovecot-imapd
+	install -D -m644 debian/dovecot-pop3d.ufw.profile debian/dovecot-pop3d/etc/ufw/applications.d/dovecot-pop3d
+
+override_dh_installpam:
+	dh_installpam -pdovecot-core --name=dovecot
+
+override_dh_installinit:
+	dh_installinit -pdovecot-core --name=dovecot -u"defaults 20"
+
+override_dh_installsystemd:
+	dh_installsystemd -pdovecot-core dovecot.service
+	dh_installsystemd -pdovecot-core --no-enable dovecot.socket
+
+override_dh_gencontrol:
+	dh_gencontrol -- -Vdovecot:ABI-Version=$(shell cat $(CURDIR)/debian/dovecot-dev/usr/share/dovecot/dovecot-abi)
+
+override_dh_makeshlibs:
+	# Do not add an ldconfig trigger; none of the dovecot shared libraries
+	# are public.
+	dh_makeshlibs -n
+
+override_dh_installdocs:
+	dh_installdocs
+	cp pigeonhole/README	$(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.README
+	cp pigeonhole/NEWS	$(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.NEWS
diff --git a/debian/salsa-ci.yml b/debian/salsa-ci.yml
new file mode 100644
index 0000000..00fbe36
--- /dev/null
+++ b/debian/salsa-ci.yml
@@ -0,0 +1,8 @@
+---
+include:
+  - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+# The test suite does not pass reprotest
+variables:
+  SALSA_CI_DISABLE_REPROTEST: 1
+  SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
new file mode 100644
index 0000000..72ed909
--- /dev/null
+++ b/debian/source/lintian-overrides
@@ -0,0 +1,10 @@
+# ignore long source lines
+dovecot source: very-long-line-length-in-source-file 2059 > 512 [pigeonhole/configure:13685]
+dovecot source: very-long-line-length-in-source-file 2367 > 512 [src/lib-fts/stopwords/stopwords_malformed.txt:105]
+dovecot source: very-long-line-length-in-source-file 3400 > 512 [pigeonhole/tests/execute/errors/cpu-limit.sieve:4]
+dovecot source: very-long-line-length-in-source-file 513 > 512 [src/plugins/mail-crypt/test-mail-global-key.c:24]
+dovecot source: very-long-line-length-in-source-file 541 > 512 [dovecot-config.in.in:31]
+dovecot source: very-long-line-length-in-source-file 621 > 512 [src/lib-fts/udhr_fra.txt:17]
+dovecot source: very-long-line-length-in-source-file 623 > 512 [src/lib/test-hmac.c:*]
+dovecot source: very-long-line-length-in-source-file 739 > 512 [pigeonhole/m4/libtool.m4:6621]
+dovecot source: very-long-line-length-in-source-file 842 > 512 [src/lib-imap/test-imap-bodystructure.c:225]
diff --git a/debian/source_dovecot.py b/debian/source_dovecot.py
new file mode 100644
index 0000000..84fb839
--- /dev/null
+++ b/debian/source_dovecot.py
@@ -0,0 +1,38 @@
+#!/usr/bin/python3
+
+'''Dovecot Apport interface
+
+Copyright (C) 2010 Canonical Ltd/
+Author: Chuck Short <chuck.short@canonical.com>
+
+This program is free software; you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the
+Free Software Foundation; either version 2 of the License, or (at your
+option) any later version.  See http://www.gnu.org/copyleft/gpl.html for
+the full text of the license.
+'''
+
+from apport.hookutils import *
+
+def add_info(report, ui):
+    response = ui.yesno("The output of dovecot -n may help developers diagnose your bug more quickly, however, it may contain sensitive information. Do you want to include it in your bug report?")
+
+    if response is None: #user canceled
+        raise StopIteration
+
+    elif response:
+        report['DovecotConf'] = root_command_output(['/usr/sbin/dovecot', '-n'])
+
+
+    elif not response:
+        ui.information("The contents of dovecot -n will NOT be includeded in the bug report")
+
+    packages = ['dovecot-common', 'dovecot-core', 'dovecot-dev', 'dovecot-pop3d', 'dovecot-imapd', 'mail-stack-delivery', 'dovecot-postfix']
+    versions = ''
+    for package in packages:
+        try:
+            version = package.get_version(package)
+        except:
+            version = 'N/A'
+        versions += '%s %s\n' %(package, version)
+    report['DovecotInstalledVersions'] = versions
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..496cfcc
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,14 @@
+Tests: doveadm
+Depends: dovecot-core
+Restrictions: needs-root
+
+Tests: systemd
+Depends: dovecot-core, systemd-sysv
+
+Test-Command: run-parts --report --exit-on-error debian/tests/usage
+Depends: dovecot-imapd, dovecot-pop3d, python3
+Restrictions: needs-root, breaks-testbed, allow-stderr
+
+Tests: testmails
+Restrictions: needs-root, breaks-testbed
+Depends: dovecot-imapd, dovecot-pop3d, lsb-release, python3, python3-passlib
diff --git a/debian/tests/doveadm b/debian/tests/doveadm
new file mode 100755
index 0000000..9e2bd04
--- /dev/null
+++ b/debian/tests/doveadm
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+echo "Checking if dovecot is running"
+doveadm -f flow instance list | grep -q 'running=yes'
+echo "OK"
diff --git a/debian/tests/systemd b/debian/tests/systemd
new file mode 100755
index 0000000..48afbf5
--- /dev/null
+++ b/debian/tests/systemd
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+echo "Checking whether dovecot.service is enabled"
+systemctl is-enabled dovecot.service
+
+echo "Checking whether dovecot.service is a native unit"
+source=$(systemctl show -pSourcePath dovecot.service | cut -d = -f 2)
+if [ -n "$source" ]; then
+	echo $source
+	exit 1
+else
+	echo "OK (no SourcePath found)"
+fi
+
+echo "Checking whether dovecot.socket is inactive"
+status=$(systemctl show -pActiveState dovecot.socket | cut -d = -f 2)
+echo $status
+if [ "$status" != inactive ]; then
+	exit 1
+fi
diff --git a/debian/tests/testmails b/debian/tests/testmails
new file mode 100755
index 0000000..3329809
--- /dev/null
+++ b/debian/tests/testmails
@@ -0,0 +1,256 @@
+#!/usr/bin/python3
+
+import grp
+import imaplib
+import os
+import os.path
+import poplib
+import pwd
+import random
+import string
+import subprocess
+import sys
+import unittest
+
+from passlib.hash import des_crypt
+
+
+def random_string(length):
+    '''Return a random string, consisting of ASCII letters, with given
+    length.'''
+
+    s = ''
+    maxind = len(string.ascii_letters)-1
+    for _ in range(length):
+        s += string.ascii_letters[random.randint(0, maxind)]
+    return s.lower()
+
+
+def login_exists(login):
+    '''Checks whether the given login exists on the system.'''
+
+    try:
+        pwd.getpwnam(login)
+        return True
+    except KeyError:
+        return False
+
+
+def get_distribution():
+    '''Return the name of the Linux Distribution we are running.'''
+    cmd = ['lsb_release', '-si']
+    output = subprocess.check_output(cmd)
+    return output.strip()
+
+
+class TestUser:
+    '''Create a temporary test user and remove it again on close.'''
+
+    def __init__(self):
+        '''Create a new user account with a random password.'''
+
+        self.login = None
+
+        while True:
+            login = random_string(8)
+            if not login_exists(login):
+                break
+
+        self.salt = random_string(2)
+        self.password = random_string(8)
+        self.crypted = des_crypt.using(salt=self.salt).hash(self.password)
+
+        subprocess.check_call(['useradd', '-p', self.crypted, '-m', login])
+
+        self.login = login
+        p = pwd.getpwnam(self.login)
+        self.uid = p[2]
+        self.gid = p[3]
+
+    def __del__(self):
+        '''Remove the created user account.'''
+
+        if self.login:
+            self.close()
+
+    def close(self):
+        '''Remove the created user account.'''
+
+        subprocess.check_call(['userdel', '-f', '-r', self.login])
+        self.login = None
+
+
+class DovecotBasics(unittest.TestCase):
+    '''Base operational tests for Dovecot server.'''
+
+    def setUp(self):
+        '''Create test scenario.
+
+        We want to test the default setup, but pre-setup an mbox on a tmp user
+        '''
+
+        self.distribution = get_distribution()
+        self.user = TestUser()
+
+        # create fresh test mailbox with one new and one old mail
+        self.mailbox = '/var/mail/' + self.user.login
+        self.orig_mbox = '''From test1@test1.com Fri Nov 17 02:21:08 2006
+Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+Status: N
+
+Some really important news.
+
+From test2@test1.com Tue Nov 28 11:29:34 2006
+Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+Status: R
+
+More news.
+
+Get cracking!
+'''
+        with open(self.mailbox, 'w') as f:
+            f.write(self.orig_mbox)
+        os.chown(self.mailbox, self.user.uid, grp.getgrnam('mail')[2])
+        os.chmod(self.mailbox, 0o660)
+
+    def tearDown(self):
+        self.user.close()
+
+    def _test_pop3_proto(self, pop):
+        '''Internal factorization of POP3 protocol checks with an established
+        connection.'''
+
+        # check empty password
+        self.assertEqual(pop.user(self.user.login), b'+OK')
+        self.assertRaises(poplib.error_proto, pop.pass_, '')
+
+        # check wrong password
+        self.assertEqual(pop.user(self.user.login), b'+OK')
+        self.assertRaises(poplib.error_proto, pop.pass_, '123')
+
+        # check correct password
+        self.assertEqual(pop.user(self.user.login), b'+OK')
+        self.assertEqual(pop.pass_(self.user.password), b'+OK Logged in.')
+
+        # check messages
+        self.assertEqual(pop.stat()[0], 2, b'2 available messages')
+        self.assertEqual(pop.list()[1], [b'1 163', b'2 161'])
+        self.assertEqual('\n'.join(l.decode() for l in pop.retr(1)[1]), '''Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+
+Some really important news.''')
+        self.assertEqual('\n'.join(l.decode() for l in pop.retr(2)[1]), '''Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+
+More news.
+
+Get cracking!''')
+
+        self.assertEqual(pop.quit(), b'+OK Logging out.')
+
+    def test_pop3(self):
+        '''Test POP3 protocol.'''
+
+        pop = poplib.POP3('localhost')
+        self.assertEqual(pop.getwelcome(),
+                         b'+OK Dovecot (%s) ready.' % self.distribution)
+
+        self._test_pop3_proto(pop)
+
+    def test_pop3s(self):
+        '''Test POP3S protocol.'''
+
+        pop = poplib.POP3_SSL('localhost')
+        self.assertEqual(pop.getwelcome(),
+                         b'+OK Dovecot (%s) ready.' % self.distribution)
+
+        self._test_pop3_proto(pop)
+
+    def _test_imap_proto(self, imap):
+        '''Internal factorization of IMAP4 protocol checks with an established
+        connection.'''
+
+        # invalid passwords
+        self.assertRaises(imaplib.IMAP4.error, imap.login,
+                          self.user.login, '')
+        self.assertRaises(imaplib.IMAP4.error, imap.login,
+                          self.user.login, '123')
+
+        # correct password
+        imap.login(self.user.login, self.user.password)
+
+        # list mailboxes
+        status, imlist = imap.list()
+        self.assertEqual(status, 'OK')
+        self.assertTrue(imlist[0].decode().endswith('INBOX'))
+
+        # check mails
+        imap.select()
+        self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1 2']))
+        self.assertEqual(imap.fetch('1', '(FLAGS)'),
+                         ('OK', [b'1 (FLAGS (\\Recent))']))
+        self.assertEqual(imap.fetch('2', '(FLAGS)'),
+                         ('OK', [b'2 (FLAGS (\\Seen \\Recent))']))
+        self.assertEqual(imap.fetch('1', '(BODY[TEXT])')[1][0][1],
+                         b'Some really important news.\r\n')
+        self.assertEqual(imap.fetch('2', '(BODY[TEXT])')[1][0][1],
+                         b'More news.\r\n\r\nGet cracking!')
+
+        self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+                         [(b'1 (RFC822 {163}',
+                           b'''Date: Thu, 16 Nov 2006 17:12:23 -0800\r
+From: Test User 1 <test1@test1.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 1\r
+\r
+Some really important news.\r
+'''), b')'])
+
+        # delete mail 1
+        self.assertEqual(imap.store('1', '+FLAGS', '\\Deleted')[0], 'OK')
+        self.assertEqual(imap.expunge()[0], 'OK')
+        self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1']))
+
+        # old mail 2 is mail 1 now
+        self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+                         [(b'1 (RFC822 {161}',
+                           b'''Date: Tue, 28 Nov 2006 11:29:34 +0100\r
+From: Test User 2 <test2@test2.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 2\r
+\r
+More news.\r
+\r
+Get cracking!'''), b')'])
+        imap.close()
+        imap.logout()
+
+    def test_imap(self):
+        '''Test IMAP4 protocol.'''
+
+        imap = imaplib.IMAP4('localhost')
+        self._test_imap_proto(imap)
+
+    def test_imaps(self):
+        '''Test IMAP4S protocol.'''
+
+        imap = imaplib.IMAP4_SSL('localhost')
+        self._test_imap_proto(imap)
+
+
+if __name__ == '__main__':
+    os.dup2(1, 2)
+    suite = unittest.TestSuite()
+    suite.addTest(unittest.TestLoader().loadTestsFromTestCase(DovecotBasics))
+    result = unittest.TextTestRunner(verbosity=2).run(suite)
+    sys.exit(not result.wasSuccessful())
diff --git a/debian/tests/usage/00_setup b/debian/tests/usage/00_setup
new file mode 100755
index 0000000..2eeeb2f
--- /dev/null
+++ b/debian/tests/usage/00_setup
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+echo "Setting up dovecot for the test"
+# Move aside 10-auth.conf to disable passwd-based auth
+if [ -f /etc/dovecot/conf.d/10-auth.conf ]; then
+	mv /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.bak
+fi
+
+cat >/etc/dovecot/local.conf <<-EOF
+	auth_mechanisms = plain
+	mail_location = maildir:~/Maildir
+	
+	passdb {
+	  driver = static
+	  args = password=test
+	}
+	
+	userdb {
+	  driver = static
+	  args = uid=nobody gid=nogroup home=/srv/dovecot-dep8/%u
+	}
+EOF
+
+mkdir -p /srv/dovecot-dep8
+chown nobody:nogroup /srv/dovecot-dep8
+
+echo "Restarting the service"
+systemctl restart dovecot
+
+echo "Sending a test message via the LDA"
+/usr/lib/dovecot/dovecot-lda -f "test@example.com" -d dep8 <<EOF
+Return-Path: <test@example.com>
+Message-Id: <dep8-test-1@debian.org>
+From: Test User <test@example.com>
+To: dep8 <dep8@example.com>
+Subject: DEP-8 test
+
+This is just a test
+EOF
+
+echo "Verifying that the email was correctly delivered"
+if [ -z "$(doveadm search -u dep8 header message-id dep8-test-1@debian.org)" ]; then
+	echo "Message not found"
+	exit 1
+fi
+
+echo "Done"
+echo
diff --git a/debian/tests/usage/imap b/debian/tests/usage/imap
new file mode 100755
index 0000000..5bdede7
--- /dev/null
+++ b/debian/tests/usage/imap
@@ -0,0 +1,38 @@
+#!/usr/bin/python3
+import imaplib
+
+imaplib.Debug = 4
+
+print("Testing IMAP")
+print("Connecting")
+client = imaplib.IMAP4('localhost')
+
+print("Checking for STARTTLS capability")
+assert 'STARTTLS' in client.capabilities
+
+client.starttls()
+
+print("Logging in")
+client.login('dep8', 'test')
+
+print("Selecting INBOX")
+client.select()
+
+print("Looking for the test message")
+res, uids = client.search(None, 'HEADER', 'MESSAGE-ID', '"<dep8-test-1@debian.org>"')
+
+assert res == 'OK'
+assert len(uids[0]) > 0
+
+uid = uids[0].split()[0]
+
+print("Fetching and verifying test message")
+res, data = client.fetch(uid, '(RFC822)')
+
+assert res == 'OK'
+
+lines = data[0][1].splitlines()
+
+assert b'Subject: DEP-8 test' in lines
+
+print("Done")
diff --git a/debian/tests/usage/pop3 b/debian/tests/usage/pop3
new file mode 100755
index 0000000..00b1657
--- /dev/null
+++ b/debian/tests/usage/pop3
@@ -0,0 +1,31 @@
+#!/usr/bin/python3
+import poplib
+
+print("Testing POP3")
+print("Connecting")
+client = poplib.POP3('localhost')
+client.set_debuglevel(2)
+
+print("Checking for STARTTLS capability")
+assert 'STLS' in client.capa()
+
+client.stls()
+
+print("Logging in")
+client.user('dep8')
+client.pass_('test')
+
+print("Listing INBOX")
+res, data, _ = client.list()
+assert res.startswith(b'+OK')
+
+print("Fetching and verifying test message")
+for entry in data:
+    _id, _ = entry.split(maxsplit=1)
+    res, body, _ = client.retr(int(_id))
+    if b'Subject: DEP-8 test' in body:
+        break
+else:
+    raise AssertionError("Test message not found")
+
+print("Done")
diff --git a/debian/upstream/metadata b/debian/upstream/metadata
new file mode 100644
index 0000000..02236b7
--- /dev/null
+++ b/debian/upstream/metadata
@@ -0,0 +1,5 @@
+Name: dovecot
+Repository: https://github.com/dovecot/core
+Repository-Browse: https://github.com/dovecot/core
+Contact: Dovecot Mailing List <dovecot at dovecot.org>
+Bug-Submit: Dovecot Mailing List <dovecot at dovecot.org>
diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
new file mode 100644
index 0000000..c490707
--- /dev/null
+++ b/debian/upstream/signing-key.asc
@@ -0,0 +1,51 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFoyisIBEADXxIfb89+FkI5DKPaI9M33vV7f9PkXkCWvXszAH2R9iJEafzUQ
+JaRzb0ZhZP6XKT+2P6quRTdBseFvEiH2qT5EpXYGGRNlCHB3+4Wjv1t4EZZe0fUK
+eHHpND4b4HGn7G6FrcZKtA1NebcmNlhO7ZNBaOOJSv93+TbNdk2vrRvmj57eX8TB
+1FJure5F/wZpD64DO5apNllxXO4zsype5+zYMoFQfExn3k7HUqmI0+PAAQ2yy/Wm
+WPMSACmeyhz/gCdtpgpnW+GFn4MsNFJF+ytF64FXvBOXxC61A5UBntKN0pAqSb/N
+JzIajRnrN8i7KR50AH0e0xGz9rq+4+5K9cckoLwiIC1Z6ymjDGt9yzgZssMWMfY8
+EFfl3DhQbG2dzDChj7t2jZ7o3fGpgPor+PnKKtLosgFFlf8eU8gBgb6nKEwTBV2S
+eJvU/j6KkRk/qDZEknVIK8D4XBdiNCSaB4AATE2/V2SdTThu9bqiVJ0+Dcn4oHBa
+W/6Da34NG0wfvJlOsxDMVBCgt7XKKemeDa4zxdbEG0yleaLLdv5UgN9GqtV7a8mP
+mKzyE36hjZRhAfJNwpQwYbzT4/22aSD8jd8fBkkHY4OSE+DA3UQrTKvEIp+wfQ4v
+KgvRjYEdEH/0A3U/TxybFPjHFux26pEBwNW6D7g19fXsEmSB125ozmkUGwARAQAB
+tDJEb3ZlY290IENvbW11bml0eSBFZGl0aW9uIDxkb3ZlY290LWNlQGRvdmVjb3Qu
+b3JnPokCOAQTAQIAIgUCWjKKwgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
+CgkQGKNIru1AnaG2IxAAihlcooJxXAtOMq9qzb9S6QR49jzlgO6fSJZcwa6mHsxS
+u2aaT4eDXiJOVp2I2JA9G2nEoXpnzAOcDbqsP0Bdvyz8Kse0M07xboza31li0oW8
+JGyJmuCR1f8EwjUuTK8oFPYMfJbcFlhMCFU9JFpNFLTsHTkcWVfcJhVwR7IR5Qnf
+ekf1UKukf/J245f0/ut1/BRJYKNfgOOAwC5eHEL0WY3yTPdiUoiJbxWNaGGvgW2N
+zkTyCuL52TY0J+b6us7Umilck58C9+LjtDVLfgXZssLCeErwbE/XIUmlgVqcvexq
+/eVEoE/PBkSWsMAxUuTqUYDv2JcJJJTolmYVGN9S8EVZ3FfoMvqBsWPAyE6MAayT
+G3l5gci8Hm4QFf3gKW94daUPAUMxR5fjTWhyu3Fw/t7pe6I73FPEkllGBy75gJqg
+lyvQi7TSv3P7HRWUP7YzWQXTTt9/e9OYIRM3wSn/75u3tF/3nmmaAeX1ThipCLYU
+jz+x2xixXXieRvXVPZFmBy9R2QByKK7UbuC0QvZlbJM+KjQq9TeCwpLH9TOe04jy
+I1dU5GJAqbhPs4eVD61ZAft8/fhAmXeDOEFo/bhW62R4DR50C+eBMlHkPps/eg8i
++vLzQ4SeMMnr0YBGHyPM8Tr5laYdLNX2t8MoGT/Su/htmDR43DeFt9QUddFHb4G5
+Ag0EWjKKwgEQAL3QJYywB4fLxg6MqWkCj9CK2ZOA87UvtZW4KCXYy9uZtavSKOlL
+CkS24N8bCXtZwZmRXrgjPY1auvxHofSZVgla0BBWl+zC3NsyTtLHaLBZU5FYub4w
+q81U8tkCJZYc7EogGx1IPcC9jFRN8vEbZmqSMRbPZBTIr6qVLJyqEqQY/VrkKBDx
+sZ2oY+I/uc4zY47g53SVMRWjELmYCrtuLWCRhK1haxRp0Jr7W5jj8iKoI8z5kpMz
+LKzIKoEa4VnLAdQvQI6gRKQEYZ3lKjaaWkd+2A+vP7lMURvJdn2OfnV3j5esbfLj
+vzjTkMw1Jbtq1tg/vlCEGKPmOZGN+OlpKu9pD/6/IXrt7bfaFviCrmAFNjlEDk0+
+NqtuHyxrS+gNDIu5SaFniUxDNJCoor3Hpy+qRq2x8FneR6fsh4JXXR+lNsYPF6E4
+zWhkgChxBlH9ijosieCwUADbacHznQ4kjZTbEBbFEb0Mpj34FuNbGqYNaUyQta82
+tPw82dOcM5uRXuKdJ8r9ObXRDbci8AgQrn2atOo4aTzgK5UoMehVO1/NMy2zkGmQ
+dS/KqPfOnW8TIMozgkEzTE2i/VPUZklfSKTcTcGDaEy1OLpPru7wzVhnCeO9L2z4
+JsN1AOZ4snayQ7JdgMdMqOXufYFtbonJLnKlGI3WMWRlyG1lrIHS2hTnABEBAAGJ
+Ah8EGAECAAkFAloyisICGwwACgkQGKNIru1AnaFOlg/+KQpWeTg8AqwVqGQwJ64i
+I7dutIQQIjBy8fKc0j6eiNujukBbWeQv6KSyGLxhbRo9as2iVDeSD1oqBjhT1BHz
+JZjqUL6IdkYefVpg3hjikzRr3DLFj4TVA5fGxB187bhoRchPh5uuVZ1QqZBiwnKb
+PIhwK7Imi9OEbdjmarytNZKxnsq2e095EDB+cXiiJ9IrVLLcuXDJQCLY6VVWPHTc
+pp6adN7Ve65itOPc4jIoe8SAeMl55eI6reBMt8CgMuGSJNsM3pia1CC6PwcRgWL9
+pcEr1XQO63gFLnRFkjVdcuLs9K3MLS7+aGe7ZOORCUv0E1gzmEggCXTFpk2V6uH8
+9CP0LzBGKwUVkpFhNw1Wk79tvQIpKLz5wUQEXFYhcFODqEUH407b6VO+SvDsVT8l
+YgUGUOI8Nw3GGyaw6ZOlKLu2z72mtcBF2KBrSGs3brD8Keo7GmViasniYQyVCOiP
+5LSQbgBVrNt2yLvOVNSNF6k2fmYIoOe3GPPhsQBFx6Qi9Ci8LLDadDiR5qTTxff2
+3SnkJQL1M2gwh55d7PzJdVCa3mBE5p8hr4AyoNQM9wS+NkSwfyKRuOUpotVVx9Uk
+bT1WdQKTu7HYEJ9eev5Ch0yfQV8nFkKdMfTtYl0gjsWkpKFxJvhAvd8gNYk22GDK
+BWoyZxpdESCzsL3JU8wy7TQ=
+=Z5jJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..002a368
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,8 @@
+# watch control file for uscan
+version=4
+# core
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, oversionmangle=s/(.*)/$1+dfsg1/" \
+	https://dovecot.org/releases/2.3/dovecot-([\.0-9]+)\.tar\.gz debian
+# pigeonhole
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, oversionmangle=s/(.*)/$1+dfsg1/, component=pigeonhole" \
+	https://pigeonhole.dovecot.org/releases/2.3/dovecot-[\.0-9]+-pigeonhole-([\.0-9]+)\.tar\.gz ignore uupdate