1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
|
v0.5.19 2022-05-10 Aki Tuomi <aki.tuomi@open-xchange.com>
* No changes - release done to keep version numbers synced.
v0.5.18 2022-02-03 Aki Tuomi <aki.tuomi@open-xchange.com>
- duplicate: Users without a home directory can crash with Sieve when
using duplicate database. v2.3.17 regression.
- imapsieve: When mail was expunged when processing imapsieve events, a
crash could occur. Fixes Panic: file mail-index-map.c:
line 558 (mail_index_map_lookup_seq_range): assertion failed: (first_uid > 0)
- managesieve-login: Proxy didn't support forwarding the forward_* passdb fields.
- redirect: Sieve would crash if redirect after keep-equivalent action failed.
- sieve: Interpreter crashes when the Sieve index extension is used with
index zero.
- vnd.dovecot.filter: Envelope sender string may become corrupted when
Sieve scripts are using vnd.dovecot.filter. This could end up
corrupting mbox's From line and return wrong envelope sender string in
Sieve tests.
v0.5.17.1 2021-12-07 Aki Tuomi <aki.tuomi@open-xchange.com>
- managesieve: Dovecot failed to start if ssl_ca was too large.
- lib-sieve-tool: Binaries failed to run if ssl_ca was too large.
v0.5.17 2021-10-28 Aki Tuomi <aki.tuomi@open-xchange.com>
- duplicate: The Sieve duplicate test is prone to false negatives when
the user receives many e-mails concurrently, meaning that duplicate
deliveries can still occur.
- fileinto: v2.3.16 regression: Sieve delivery crashes if mail is
delivered to non-existing and existing folder.
- imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve
execution are too easily exceeded in IMAP context (the IMAPSieve and
FILTER=SIEVE capabilities). Changed the default to unlimited CPU time
for IMAP context, since similar excessive resource usage can be caused
by other means as well. The CPU limits on Sieve scripts executed at
LDA/LMTP delivery are still enforced by default.
- redirect: The Sieve redirect action has protections against users
triggering mail loops. Unfortunately, the detection of a redirect mail
loop sometimes causes the message to get lost if no other Sieve action
is applied that delivers the message somewhere else.
- redirect: v2.3.16 regression: With certain Sieve scripts if redirect
fails due to temporary failure, the lmtp process may crash after the
delivery. Fixes:
Panic: file mail-user.c: line 229 (mail_user_deinit):
assertion failed: ((*user)->refcount == 1).
v0.5.16 2021-08-06 Timo Sirainen <timo.sirainen@open-xchange.com>
* .dovecot.sieve.log file now includes year in the header.
* Change Sieve script result execution to delay definitive action
execution to the end of a successful Sieve script execution session.
This is part of an effort to solve problems with the Sieve duplicate
test. As a side-effect, some rare temporary-error cases yield
different results, in which partial failure is more likely.
v0.5.15 2021-06-21 Aki Tuomi <aki.tuomi@open-xchange.com>
* CVE-2020-28200: Sieve interpreter is not protected against abusive
scripts that claim excessive resource usage. Fixed by limiting the
user CPU time per single script execution and cumulatively over
several script runs within a configurable timeout period. Sufficiently
large CPU time usage is summed in the Sieve script binary and execution
is blocked when the sum exceeds the limit within that time. The block
is lifted when the script is updated after the resource usage times out.
* Disconnection log messages are now more standardized across services.
They also always now start with "Disconnected" prefix.
- managesieve: Commands pipelined together with and just after the
authenticate command cause these commands to be executed twice.
v0.5.14 2021-03-04 Aki Tuomi <aki.tuomi@open-xchange.com>
* IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as
script name argument.
v0.5.13 2021-01-04 Aki Tuomi <aki.tuomi@open-xchange.com>
- duplicate: The test was handled badly in a multiscript (sieve_before,
sieve_after) scenario in which an earlier script in the sequence with
a duplicate test succeeded, while a later script caused a runtime
failure. In that case, the message is recorded for duplicate tracking,
while the message may not actually have been delivered in the end.
- editheader: Sieve interpreter entered infinite loop at startup when
the "editheader" configuration listed an invalid header name. This
problem can only be triggered by the administrator.
- relational: The Sieve relational extension can cause a segfault at
compile time. This is triggered by invalid script syntax. The segfault
happens when this match type is the last argument of the test command.
This situation is not possible in a valid script; positional arguments
are normally present after that, which would prevent the segfault.
- sieve: For some Sieve commands the provided mailbox name is not
properly checked for UTF-8 validity, which can cause assert crashes at
runtime when an invalid mailbox name is encountered. This can be
caused by the user by writing a bad Sieve script involving the
affected commands ("mailboxexists", "specialuse_exists").
This can be triggered by the remote sender only when the user has
written a Sieve script that passes message content to one of the
affected commands.
- sieve: Large sequences of 8-bit octets passed to certain Sieve
commands that create or modify message headers that allow UTF-8 text
(vacation, notify and addheader) can cause the delivery or IMAP
process (when IMAPSieve is used) to enter a memory-consuming
semi-infinite loop that ends when the process exceeds its memory
limits. Logged in users can cause these hangs only for their own
processes.
v0.5.11 2020-08-12 Aki Tuomi <aki.tuomi@open-xchange.com>
* managesieve: managesieve_max_line_length setting is now a "size" type
instead of just number of bytes. This allows using e.g. "64k" as the
value.
- lib-sieve: When folding white space is used in the Message-ID header,
it is not stripped away correctly before the message ID value is used,
causing e.g. garbled log lines at delivery.
v0.5.10 2020-03-06 Aki Tuomi <aki.tuomi@open-xchange.com>
* imap_sieve_filter: Change result action logging to include IMAP UID
- vacation: Addresses were compared case-sensitively.
v0.5.9 2019-12-04 Aki Tuomi <aki.tuomi@open-xchange.com>
+ Added events for Sieve and ManageSieve, see
https://doc.dovecot.org/admin_manual/list_of_events/#pigeonhole
+ Pigeonhole: Implement the Sieve "special-use" extension described in
RFC 8579.
- duplicate: Test only compared the handles which would cause
different values to be cached as the same duplicate test. Fix to also
compare the actual hashes.
- imap_sieve_filter: IMAP FILTER Command had various bugs in error
handling. Errors may have been duplicated for each email, errors
may have been missing entirely, command tag and ERRORS/WARNINGS
parameters were swapped.
v0.5.8 2019-10-08 Aki Tuomi <aki.tuomi@open-xchange.com>
- Sieve may leak resources in rare cases when a redirect, vacation or
report action fails to send the message. This mainly applies when
Sieve is executed in IMAP context; i.e., for the IMAPSIEVE or
FILTER=SIEVE capabilities.
v0.5.7.1 2019-07-23 Timo Sirainen <timo.sirainen@open-xchange.com>
- dsync: Sieve script syncing failed if mailbox attributes weren't
enabled.
v0.5.7 2019-07-12 Aki Tuomi <aki.tuomi@open-xchange.com>
+ vacation: Made the subject for the automatic response message produced
by the Sieve vacation action configurable. Both the default subject
(if the script defines none) and the subject template (e.g. used to
add a subject prefix) can be configured.
- dsync: dsync-replication does not synchronize Sieve scripts.
- imap_sieve_filter: Reduce FILTER=SIEVE verbosity over IMAP connection.
- testsuite: Pigeonhole testsuite segfaulted if it was compiled with
GCC 9
v0.5.6 2019-04-30 Aki Tuomi <aki.tuomi@open-xchange.com>
+ sieve: Redirect loop prevention is sometimes ineffective. Improve
existing loop detection by also recognizing the
X-Sieve-Redirected-From header in incoming messages and dropping
redirect actions when it points to the sending account. This header
is already added by the redirect action, so this improvement only
adds an additional use of this header.
- sieve: Prevent execution of implicit keep upon temporary failure
occurring at runtime.
v0.5.5 2019-03-05 Stephan Bosch <stephan@rename-it.nl>
+ IMAPSieve: Add new plugin/imapsieve_expunge_discarded setting which
causes messages discarded by an IMAPSieve script to be expunged
immediately, rather than only being marked as "\Deleted" (which is
still the default behavior).
- IMAPSieve: Fix panic crash occurring when a COPY command copies
messages from a virtual mailbox where the source messages originate
from more than a single real mailbox.
- imap4flags extension: Fix deleting all keywords. When the action
resulted in all keywords being removed, no changes were actually
applied.
- variables extension: Fix truncation of UTF-8 variable content. The
maximum size of Sieve variables was enforced by truncating the
variable string content bluntly at the limit, but this does not
consider UTF-8 code point boundaries. This resulted in broken UTF-8
strings. This problem also surfaced for variable modifiers, such as
the ":encodeurl" modifier provided by the Sieve "enotify" extension.
In that case, the resulting URI escaping could also be truncated
inappropriately.
- IMAPSieve, IMAP FILTER=SIEVE: Fix replacing a modified message. Sieve
scripts running in IMAPSIEVE or IMAP FILTER=SIEVE context that
modify the message, stored the message a second time, rather than
replacing the originally stored unmodified message.
- Fix segmentation fault occurring when both the sieve_extprograms
plugin (for the Sieve interpreter) and the imap_filter_sieve plugin
(for IMAP) are loaded at the same time. A symbol was defined by both
plugins, causing a clash when both were loaded.
v0.5.4 2018-11-23 Stephan Bosch <stephan@rename-it.nl>
* Adjustments to several changes in Dovecot v2.3.4 make this Pigeonhole
release dependent on that Dovecot release; it will not compile against
older Dovecot versions. And, conversely, you need to upgrade
Pigeonhole when upgrading Dovecot to v2.3.4.
* The changes regarding the default postmaster_address in Dovecot v2.3.4
mainly apply to Pigeonhole. The new default should work for all
existing installations, thereby fixing several reported v2.3/v0.5
migration problems.
- IMAP FILTER=SIEVE capability: Fix assert crash occurring when running
UID FILTER on a Sieve script with errors.
v0.5.3 2018-10-01 Stephan Bosch <stephan@rename-it.nl>
- Fix assertion panic occurring when managesieve service fails to open
INBOX while saving a Sieve script. This was caused by a lack of
cleanup after failure.
- Fix specific messages causing an assert panic with actions that
compose a reply (e.g. vacation). With some rather weird input from the
original message, the header folding algorithm (as used for composing
the References header for the reply) got confused, causing the panic.
- IMAP FILTER=SIEVE capability: Fix FILTER SIEVE SCRIPT command parsing.
After finishing reading the Sieve script, the command parsing
sometimes didn't continue with the search arguments. This is a time-
critical bug that likely only occurs when the Sieve script is sent in
the next TCP frame.
v0.5.2 2018-06-29 Stephan Bosch <stephan@rename-it.nl>
+ Implement plugin for the a vendor-defined IMAP capability called
"FILTER=SIEVE". It adds the ability to manually invoke Sieve filtering
in IMAP. More information can be found in
doc/plugins/imap_filter_sieve.txt.
- The Sieve addess test caused an assertion panic for invalid addresses
with UTF-8 codepoints in the localpart. Fixed by properly detecting
invalid addresses with UTF-8 codepoints in the localpart and skipping
these like other invalid addresses while iterating addresses for the
address test.
- Make the length of the subject header for the vacation response
configurable and enforce the limit in UTF-8 codepoints rather than
bytes. The subject header for a vacation response was statically
truncated to 256 bytes, which is too limited for multi-byte UTF-8
characters.
- Sieve editheader extension: Fix assertion panic occurring when it is
used to manipulate a message header with a very large header field.
- Properly abort execution of the sieve_discard script upon error.
Before, the LDA Sieve plugin attempted to execute the sieve_discard
script when an error occurs. This can lead to the message being lost.
- Fix the interaction between quota and the sieve_discard script. When
quota was used together with a sieve_discard script, the message
delivery did not bounce when the quota was exceeded.
v0.5.1 28-03-2018 Stephan Bosch <stephan@rename-it.nl>
- Explicitly disallow UTF-8 in localpart in addresses parsed from Sieve
script.
- editheader extension: Corrected the stream position calculations
performed while making the modified message available as a stream.
Pigeonhole Sieve crashed in LMTP with an assertion panic when the
Sieve editheader extension was used before the message was redirected.
Experiments indicate that the problem occurred only with LMTP and that
LDA is not affected.
- fileinto extension: Fix assert panic occurring when fileinto is used
without being listed in the require line, while the copy extension is
listed there. This is a very old bug.
- imapsieve plugin: Do not assert crash or log an error for messages
that disappear concurrently while applying Sieve scripts. This event
is now logged as a debug message.
- Sieve extprograms plugin: Large output from "execute" command crashed
delivery. Fixed buffering issue in code that handles output from the
external program.
v0.5.0.1 05-01-2018 Stephan Bosch <stephan@rename-it.nl>
- imap4flags extension: Fix binary corruption occurring when
setflag/addflag/removeflag flag-list is a variable.
- sieve-extprograms plugin: Fix segfault occurring when used in
IMAPSieve context.
v0.5.0 24-12-2017 Stephan Bosch <stephan@rename-it.nl>
* editheader extension: The implementation of header modifications is
heavily updated. Although the functionality has not changed, the
underlying code was updated to address several static analysis
warnings, runtime integer arithmetic warnings (Clang), and to match
updates in the Dovecot stream API.
+ variables extension: Made the maximum scope and variable size
configurable.
+ subaddress: Support multiple recipient_delimiters.
- enotify extension: mailto method: Fixed parsing of mailto URI with
only a header part.
- enotify plugin: mailto method: Make sure the "From:" header is set to
a usable address and not "(null)".
- Fixed writing address headers to outgoing messages. Sometimes headers
were MIME-encoded twice, yielding invalid results.
v0.4.23 20-03-2018 Stephan Bosch <stephan@rename-it.nl>
- editheader extension: Corrected the stream position calculations
performed while making the modified message available as a stream.
Pigeonhole Sieve crashed in LMTP with an assertion panic when the
Sieve editheader extension was used before the message was redirected.
Experiments indicate that the problem occurred only with LMTP and that
LDA is not affected.
- fileinto extension: Fix assert panic occurring when fileinto is used
without being listed in the require line, while the copy extension is
listed there. This is a very old bug.
- imapsieve plugin: Do not log an error for messages that disappear
concurrently while applying Sieve scripts. This is a further
improvement on the imapsieve fix in the previous release (which fixed
a panic). This event is now logged as a debug message.
v0.4.22 01-03-2018 Stephan Bosch <stephan@rename-it.nl>
- Fixed filesystem path handling problem: sieve plugin could have
assert-crashed with specific path lengths with: "Panic: file
realpath.c: line 86 (path_normalize): assertion failed: (npath_pos +
1 < npath + asize)".
- Sieve extprograms plugin: Large output from "execute" command crashed
delivery. Fixed buffering issue in code that handles output from the
external program.
- editheader extension: Extensively reworked the low-level
implementation of adding and removing headers. This solves a few
integer arithmetic problems reported by Clang runtime checks, but also
improves code structure and reliability in general.
- imapsieve: Fix assert crash occurring when selected messages are
expunged concurrently by the time Sieve filter is to be applied.
- imap4flags extension: Fix binary byte-code corruption occurring when
the setflag, addflag, or removeflag command's flag-list is a variable.
- enotify extension: mailto method: Fixed parsing of mailto URI with
only a header part.
- enotify extension: mailto method: Make sure "From:" header is set to a
usable address and not "(null)".
- Fixed writing address headers to outgoing messages. It sometimes
erroneously applied another layer of MIME header encoding.
v0.4.21 12-10-2017 Stephan Bosch <stephan@rename-it.nl>
* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope recipient
instead if available, which makes no sense if the primary e-mail address is
available.
+ vacation extension: Allow ignoring the envelope sender while composing the
"To:" header for the reply. Normally, the "To:" header is composed from
the address found in the "Sender", "Resent-From" or "From" headers that is
equal to the envelope sender. If none is then found, the bare envelope
sender is used. This change adds a new setting
"sieve_vacation_to_header_ignore_envelope". With this setting enabled, the
"To:" header is always composed from those headers in the source message.
The new setting thus allows ignoring the envelope, which is useful e.g.
when SRS is used.
+ vacation extension: Compose the "To:" header from the full sender address
found in the first "Sender:", "From:" or "Resent-From:" header. Before, it
would create a "To:" header without a phrase part. The new behavior is
nicer, since the reply will be addressed to the sender by name if possible.
- LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit earlier.
- sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.
v0.4.20 27-08-2017 Stephan Bosch <stephan@rename-it.nl>
+ Made the retention period for redirect duplicate identifiers configurable.
For accounts that perform many redirects, the lda-dupes database could grow
to impractical sizes. Changed the default retention period from 24 to 12
hours.
- sieve-filter: Fixed memory leak: forgot to clean up script binary at end of
execution. Normally, this would merely be an inconsequential memory leak.
However, when the script comes from an LDAP storage, this would cause io
leak warnings.
- managesieve-login: Fixed handling of AUTHENTICATE command. A second
authenticate command would be parsed wrong. This problem was caused by
changes in the previous release.
- LDA Sieve plugin: Fixed minor memory leak caused by not cleaning up the
sieve_discard script.
v0.4.19 26-06-2017 Stephan Bosch <stephan@rename-it.nl>
* This release adjusts Pigeonhole to several changes in the Dovecot API,
making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole will
produce compile warnings with the recent Dovecot releases (but still work
ok).
- Fixed bug in handling of implicit keep in some cases. Implicit side-effects,
such as assigned flags, were not always applied correctly. This is in
essence a very old bug, but it was exposed by recent changes.
- include extension: Fixed segfault that (sometimes) occurred when the global
script location was left unconfigured.
v0.4.18 12-04-2017 Stephan Bosch <stephan@rename-it.nl>
+ imapsieve plugin: Implemented the copy_source_after rule action. When this
is enabled for a mailbox rule, the specified Sieve script is executed for
the message in the source mailbox during a "COPY" event. This happens only
after the Sieve script that is executed for the corresponding message in the
destination mailbox finishes running successfully.
+ imapsieve plugin: Added non-standard Sieve environment items for the source
and destination mailbox.
- multiscript: The execution of the discard script had an implicit "keep",
rather than an implicit "discard".
v0.4.17 26-02-2017 Stephan Bosch <stephan@rename-it.nl>
- LDA Sieve plugin: Fixed handling of an early explicit keep during
multiscript execution. Action side-effects and the message snapshot would be
lost at the final stage where the implicit keep is evaluated. This could
result in the IMAP flags assigned to the message to be forgotten or that
headers modified by the "editheader" extension would revert to their
original state.
- file script storage: Amended the up-to-date time stamp comparison for
on-disk binaries to include nanoseconds. This will fix problems occurring
when both binary and script are saved within the same second. This fix is
ineffective on older systems that have no support for nanoseconds in stat()
timestamps, which should be pretty rare nowadays.
- file script storage: Improve saving and listing permission error to include
more details.
- imapsieve plugin: Make sure "INBOX" is upper case in static mailbox rules.
Otherwise, the mailbox name would never match, since matching is performed
case-sensitively and Dovecot only returns the upper-cased "INBOX".
- imapsieve plugin: Fixed assert failure occurring when used with virtual
mailboxes.
- doveadm sieve plugin: Fixed crash when setting Sieve script via attribute's
string value.
v0.4.16 30-10-2016 Stephan Bosch <stephan@rename-it.nl>
* Part of the Sieve extprograms implementation was moved to Dovecot, which
means that this release depends on Dovecot v2.2.26+.
* ManageSieve: The PUTSCRIPT command now allows uploading empty Sieve scripts.
There was really no good reason to disallow doing that.
+ Sieve vnd.dovecot.report extension:
+ Added a Dovecot-Reporting-User field to the report body, which contains
the e-mail address of the user sending the report.
+ Added support for configuring the "From:" address used in the report.
+ LDA sieve plugin: Implemented support for a "discard script" that is run
when the message is going to be discarded. This allows doing something other
than throwing the message away for good.
+ Sieve vnd.dovecot.environment extension: Added vnd.dovecot.config.*
environment items. These environment items map to sieve_env_* settings from
the plugin {} section in the configuration. Such values can of course also
be returned from userdb.
+ Sieve vacation extension: Use the Microsoft X-Auto-Response-Suppress header
to prevent unwanted responses from and to (older) Microsoft products.
+ ManageSieve: Added rawlog_dir setting to store ManageSieve traffic logs.
This replaces at least partially the rawlog plugin (mimics similar IMAP/POP3
change).
- doveadm sieve plugin: synchronization: Prevent setting file timestamps to
unix epoch time. This occurred when Dovecot passed the timestamp as
'unknown' during synchronization.
- Sieve exprograms plugin: Fixed spurious '+' sometimes returned at the end
of socket-based program output.
- imapsieve plugin: Fixed crash occurring in specific situations.
- Performed various fixes based on static analysis and Clang warnings.
v0.4.15 07-07-2016 Stephan Bosch <stephan@rename-it.nl>
* vacation extension: The sieve_user_email setting is now used in the check
for implicit delivery.
- imapsieve plugin: For any mail transaction, the mailbox was opened a second
time, even if no mailbox rule matched. This was unintentional, useless and
caused problems when the imapsieve plugin was used with other plugins like
acl.
- extprograms plugin: Significantly improved error handling. No stream errors
were logged.
- extprograms plugin: Fixed bug in handling of result code from remote program
(script service).
- extprograms plugin: Connection to remote program service was not retried.
- Several small fixes based on static analysis.
- Fixed handling of quoted string localparts in email addresses.
v0.4.14 26-04-2016 Stephan Bosch <stephan@rename-it.nl>
* The address test now allows specifying the X-Original-To header.
+ Implemented the Sieve imapsieve extension and its IMAP counterpart
(RFC 6785) as a set of plugins. This allows running Sieve scripts at IMAP
activity, rather than at delivery. There are also facilities for the
familiar sieve_before/sieve_after administrator scripts. A user script is
defined for a mailbox using an IMAP METADATA entry, whereas administrator
scripts are configured using mailbox matching rules defined in the plugin
settings.
+ Adjusted the Sieve ihave extension to allow capability tests to be performed
at runtime. This way, scripts can be written that work both at delivery and
from IMAP.
+ Implemented support for runtime trace debugging. This means that detailed
information about which commands, actions and tests are performed is written
to a file. That file is created in the configured directory, but only if
that directory exists. This way, a particular user can be easily singled out
for debugging. This works much like the Dovecot rawlog facility. The trace
output is identical to what is produced using sieve-test with its "-t"
command line option.
+ Added a "sieve_user_email" setting that configures the user's primary email
address. This is mainly useful to have a user email address available in
IMAP, where envelope data is unavailable.
+ Implemented the dovecot-specific "vnd.dovecot.report" extension. This allows
sending report messages in the Message Abuse Reporting Format (RFC 5965).
- extprograms plugin: Fixed epoll() panic caused by closing the output FD
before the output stream.
- Made sure that the local part of a mail address is encoded properly using
quoted string syntax when it is not a dot-atom.
v0.4.13 18-03-2016 Stephan Bosch <stephan@rename-it.nl>
* redirect action: Added the list-id header to the duplicate ID for mail loop
prevention. This means that the message sent directly to the user and the
message coming through the mailing list itself are treated as different
messages by the loop detection of the redirect command, even though their
Message-ID may be identical.
* Changed the Sieve number type to uint64_t, which means that Sieve numbers
can now technically range up to 2^64. Some other Sieve implementation
allowed this, making this change necessary for successful migration.
+ Implemented the sieve_implicit_extensions setting. The extensions listed in
this setting do not need to be enabled explicitly using the Sieve "require"
command. This behavior directly violates the standard, but can be necessary
for compatibility with some existing implementations of Sieve. Do not use
this setting unless you really need to!
- redirect action: Made mail loop detection more robust by forcibly adding a
Message-ID header if it is missing.
- Prevent logging a useless "script not found" error message for LDAP scripts
for which the entry exists but no attribute containing a script. This is not
necessarily an error.
- extprograms plugin: Changed the communication channel between parent and
child process for a directly forked program from a socketpair to a double
pipe. Linux does not support /dev/stdin, /dev/stdout and friends for
sockets. For some shell program authors this may be confusing, so that is
why it is changed. When using the script service, these device nodes are
still not usable though.
v0.4.12 06-02-2016 Stephan Bosch <stephan@rename-it.nl>
+ Implemented the Sieve extracttext extension (RFC 5703; Section 7). It is now
possible to extract body text from a message into a variable.
* Increased ABI version due to changes in the Sieve interpreter's object
definitions.
- multiscript: Fixed bug in handling of (implicit) keep; final keep action was
always executed as though there was a failure. This caused the keep action
to revert back to the initial message, causing editheader actions to be
ignored.
- managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN.
Before, the proxy would fail if the server did not support the PLAIN
mechanism.
- ldap storage: Prevent segfault occurring when assigning certain (global)
configuration options.
v0.4.11 08-01-2016 Stephan Bosch <stephan@rename-it.nl>
- Sieve mime extension: Fixed the header :mime :anychild test to work properly
outside a foreverypart loop.
- Several fixes in message body part handling:
- Fixed assert failure occurring when text extraction is attempted on a
empty or broken text part.
- Fixed assert failure in handling of body parts that are converted to text.
- Fixed header unfolding for (mime) headers parsed from any mime part.
- Fixed trimming for (mime) headers parsed from any mime part.
- Fixed erroneous changes to the message part tree structure performed when
re-parsing the message.
- LDA Sieve plugin: Fixed logging of actions; sometimes the configured log
format was not followed.
- LDA Sieve plugin: Fixed bug in error handling of script storage
initialization.
- Sieve Extprograms plugin: Ignored ENOTCONN error in shutdown(fd, SHUT_WR)
call.
- Fixed duplication of discard actions in the script result. Each discard was
counted as a separate action, which means that action limit would be crossed
too early.
- Made sure that quota errors never get logged as errors in syslog.
- Fixed handling of implicit keep for a partially executed transaction that
yielded a temporary failure.
- Fixed handling of global errors. If master and user error handler were
identical, in some cases the log message could be lost.
- Fixed AIX compile issue in message body parser.
v0.4.10 13-12-2015 Stephan Bosch <stephan@rename-it.nl>
+ Implemented the Sieve mime and foreverypart extensions (RFC 5703). These
are fully implemented. The interaction with the editheader extension needs
some work, but this should not influence most uses; i.e., changes by the
editheader extension are not always visible using foreverypart/mime.
+ Sieve body extension: Properly implemented the `:text' body transform. It
now extracts text for HTML message parts.
+ Sieve enotify extension: mailto method: Implemented the
sieve_notify_mailto_envelope_from setting. This allows configuring the
source of the notification sender address for e-mail notifications. This is
similar to what already can be configured for redirect.
+ Added a sieve_enabled (defaults to 'yes') setting that allows explicitly
disabling Sieve processing for particular users. This used to be possible by
setting `sieve=', but ever since the sieve_before, sieve_after and
sieve_default settings were added, this method was not reliable anymore.
- variables extension: Fixed handling of empty string by the `:length' set
modifier. An empty string yielded an empty string rather than "0".
- Fixed memory leak in the Sieve script byte code dumping facility. Extension
contexts were never actually freed.
- Fixed handling of implicit keep when the last Sieve script is a global one.
In that case the implicit keep action was executed in global context, which
could mean that trivial (quota) errors ended up in the system log file,
rather than the user log file.
- doveadm sieve plugin: Fixed crashes caused by incorrect context allocation
in the sieve command implementations.
v0.4.9 04-10-2015 Stephan Bosch <stephan@rename-it.nl>
* Properly implemented checking of ABI version for Sieve interpreter plugins,
much like Dovecot itself does for plugins. This will prevent plugin ABI
mismatches.
+ Implemented a vnd.dovecot.environment extension. This builds upon the
standard environment extension and adds a few more environment items, such
as username and default mailbox. It also creates a variables namespace so
that environment items can be accessed directly. I am still thinking about
more environment items that can be added.
+ Sieve extprograms plugin: Made line endings of the input passed to the
external programs configurable. This can be configured separately for each
of the three extensions.
+ ManageSieve: Implemented proxy XCLIENT support. This allows the proxy to
pass client information to the back-end.
- ManageSieve: Fixed an assert failure occurring when a client disconnects
during the GETSCRIPT command.
- doveadm sieve plugin: Fixed incorrect initialization of mail user. This
caused a few memory leaks.
- sieve-filter command line tool: Fixed handling of failure-related implicit
keep when there is an explicit default destination folder. This caused
message duplication.
- lib-sieve: Fixed bug in RFC5322 header folding. Words longer than the
optimal line length caused empty lines in the output, which would break the
resulting message header. This surfaced in References: headers with very
long message IDs.
v0.4.8 15-05-2015 Stephan Bosch <stephan@rename-it.nl>
* LDA Sieve plugin: Dovecot changed the deliver_log_format setting to include
%{delivery_time}. This prompted changes in Pigeonhole that make this release
dependent on Dovecot v2.2.17.
+ Implemented magic to make sieve_default script visible from ManageSieve
under a configurable name. This way, users can see the default rules, edit
them and store a private adjusted version. This could also be achieved by
copying the default script into the user's script storage, but updates to
the global sieve_default script would be ignored that way.
+ ManageSieve: Implemented support for reporting command statistics at
disconnect. Statistics include the number of bytes and scripts uploaded/
downloaded/checked and the number of scripts deleted/renamed.
- Fixed problem in address test: erroneously decoded mime-encoded words in
address headers.
- extprograms plugin: Fixed failure occurring when connecting to script
service without the need to read back the output from the external program.
- Fixed bug in script storage path normalization occurring with relative
symbolic links below root.
- Fixed and updated various parts of the documentation
- ManageSieve: Used "managesieve" rather than "sieve" as login service name,
which means that all managesieve-specific settings where ignored.
- Managesieve: Storage quota was not always enforced properly for scripts
uploaded as quoted string. Nobody uses that, but it is allowed in the
specification and we support it, so it should work properly.
v0.4.7 19-03-2015 Stephan Bosch <stephan@rename-it.nl>
* editheader extension: Made protection against addition and deletion of
headers configurable separately. Also, the `Received' and `Auto-Submitted'
headers are no longer protected against addition by default.
* Turned message envelope address parse errors into warnings.
* The interpreter now accepts non-standard domain names, e.g. containing '_'.
+ Implemented the Sieve index extension (RFC 5260).
+ Implemented support for the mboxmetadata and servermetadata extensions
(RFC 5490).
+ Implemented new sieve commands for the doveadm command line utility. These
commands are currently limited to ManageSieve operations, but the other
current sieve tools will be migrated to doveadm in the near future as well.
+ Added more debug output about binary up-to-date checking.
+ Added script metadata to binary dump output.
- Fixed Sieve script binary up-to-date checking by normalizing the script
location.
- The Sieve interpreter now flushes the duplicate database during start phase
of result execution rather than commit phase. This makes sure locks on the
duplicate database are released as soon as possible, preventing contention.
- Performed a few optimizations in the lexical scanner of the language.
- Fixed bug in `:matches' match-type that made a pattern without
wildcards match as if there were a '*' at the beginning.
- Fixed crash in validation of the string parameter of the comparator tag.
- extprograms extension: Made sure supplemental group privileges are also
dropped. This was a problem reported by Debian lintian.
- Fixed bug in handling of binary errors for action side-effects and message
overrides.
- file script storage: Restructured storage initialization to address
backwards compatibility issues.
- dict script storage: Fixed small memory allocation bug.
v0.4.6 02-11-2014 Stephan Bosch <stephan@rename-it.nl>
- After make distclean the distributed tarball would fail to recompile.
This causes problems for some distribution builds.
v0.4.5 30-10-2014 Stephan Bosch <stephan@rename-it.nl>
+ Added a Pigeonhole version banner to doveconf output. This way, future
bug reports will also include Pigeonhole version information.
- Fixed handling of implicit keep. Last version erroneously reported that
implicit keep succeeded after an earlier failure, while it in fact had
failed. Particularly occurred for mailbox quota errors.
- Fixed segfault occurring on SunOS systems when there is no active script.
v0.4.4 28-10-2014 Stephan Bosch <stephan@rename-it.nl>
* Added support for Japanese mail addresses with dots at non-standard places
in localpart.
* Changed handling of ENOSPACE into a normal temporary failure and added
handling of ENOQUOTA as a user error.
* Restructured result execution, so that all actions which involve mail
storage are always committed before all others.
+ Implemented support for generic Sieve storages. Using alternative storages
now also possible for sieve_before/sieve_after.
+ Implemented storage driver for retrieving Sieve scripts from LDAP. This
currently cannot be used with ManageSieve.
+ Implemented sieve_redirect_envelope_from setting, which allows configuring
the envelope sender of redirected messages.
- Fixed handling of mail storage errors occurring while evaluating the input
message.
- managesieve-login:
- Removed bogus ALERT response code returned for AUTHENTICATE command.
- Fixed handling of invalid initial response argument to AUTHENTICATE
command.
- Fixed handling of stream errors in lexical scanner.
- Fixed handling of SMTP errors. Permanent and temporary errors were mixed up.
- Fixed several problems reported by CLang 3.4.
- duplicate extension: Fixed erroneous compile error about conflicting tags
when `:handle' argument was used last.
- relational extension: Fixed error handling of `:value' match.
- editheader extension: Fixed header unfolding and header iteration.
- mailbox extension: Fixed the `:create' tag, which erroneously subscribed an
existing folder.
- extprograms plugin: Fixed handling of error codes.
- doveadm-sieve plugin: Fixed several bugs. Synchronization of symbolic link
in the file storage should now also work properly.
v0.4.3 12-05-2014 Stephan Bosch <stephan@rename-it.nl>
* Editheader extension: Made control characters allowed for editheader, except
NUL. Before, this would cause a runtime error.
+ Upgraded Dovecot-specific Sieve "vnd.dovecot.duplicate" extension to match
the new draft "duplicate" extension.
- Fixed sieve_result_global_log_error to log only as i_info in administrator
log (syslog) if executed from multiscript context.
- Sieve redirect extension: Adjusted loop detection to show leniency to resent
messages.
- Sieve include extension: Fixed problem with handling of duplicate includes
with different parameters :once or :optional.
- Sieve spamtest/virustest extensions: Tests were erroneously performed
against the original message. When used together with extprograms filter to
add the spam headers, the changes were not being used by the spamtest and
virustest extensions.
- Deprecated Sieve notify extension: Fixed segfault problems in message string
substitution.
- ManageSieve: Fixed active link verification to handle redundant path slashes
correctly.
- Sieve vacation extension:
- Fixed interaction of sieve_vacation_dont_check_recipient with
sieve_vacation_send_from_recipient setting.
- Fixed log message for discarded response.
- Sieve extprograms plugin:
- Forgot to disable the alarm() timeouts set for script execution.
- Fixed fd leak and handling of output shutdown.
- Fixed 'Bad filedescriptor' error occurring when disconnecting script
client.
- Made sure that programs are never forked with root privileges.
v0.4.2 26-09-2013 Stephan Bosch <stephan@rename-it.nl>
* Incompatible change in Sieve doveadm plugin: the root attribute for
Sieve scripts is changed. Make sure that you update both sides of a dsync
setup simultaneously when Sieve is involved, otherwise synchronization will
likely fail.
+ Added support for sending Sieve vacation replies with an actual sender,
rather than the default <> sender. Check the updated
doc/extensions/vacation.txt for more information.
- Fixed a binary code read problem in the `set' command of the Sieve variables
extension. Using the set command with a modifier and an empty string value
would cause code corruption problems while running the script.
- Various fixes for doveadm-sieve plugin, mostly crashes. These include a fix
for the `Invalid value for default sieve attribute' problem.
- Various fixes for compiler and static analyzer warnings, e.g. as reported
by CLang and on 32 bit systems.
- Fixed the implementation of the new :options flag for the Sieve include
extension.
- Fixed potential segfault bug at deinitialization of the lda-sieve plugin.
- Fixed messed up hex output for sieve-dump tool.
v0.4.1 03-06-2013 Stephan Bosch <stephan@rename-it.nl>
+ Added support for handling temporary failures. These are passed back to
LDA/LTMP to produce an appropriate response towards the MTA.
- Sieve storage: Removed PATH_MAX limitation for active symlink. This caused
problems for GNU/Hurd.
- Fixed line endings in X-Sieve headers added by redirect command.
- ManageSieve: Fixed '[' ']' stupidity for response codes (only happened
before login).
- Fixed setting name in example-config/conf.d/20-managesieve.conf.
- Sieve extprograms plugin: Fixed interaction between pipe command and remote
script service. The output from the script service was never read, causing a
broken pipe error at the script service. Apparently, this was broken since
the I/O handling for extprograms was last revised.
- Fixed assertion failure due to datastack problem in message header
composition.
v0.4.0 09-05-2013 Stephan Bosch <stephan@rename-it.nl>
+ Added doveadm-sieve plugin that provides the possibility to synch Sieve
scripts using doveadm sync along with the user's mailboxes.
+ Added the Sieve extprograms plugin to the main Pigeonhole package. It is
still a plugin, but it is now included so that a separate compile is no
longer necessary and distributors are likely to include it. The extprograms
plugin provides Sieve language extensions that allows executing
(administrator-controlled) external programs for message delivery,
message filtering and string manipulation. Refer to
doc/plugins/sieve_extprograms.txt for more information.
+ Added debug message showing Pigeonhole version at initialization. Makes it
very clear that the plugin is properly loaded.
+ Finished implementation of the Sieve include extension. It should now
fully conform to RFC 6609. The main addition is the new :optional tag which
makes the include command ignore missing included scripts without an error.
+ Finished implementation of the Sieve environment extension as much as
possible. Environment items "location", "phase" and "domain" now also
return a usable value.
v0.3.6 26-09-2013 Stephan Bosch <stephan@rename-it.nl>
- Fixed a binary code read problem in the `set' command of the Sieve variables
extension. Using the set command with a modifier and an empty string value
would cause code corruption problems while running the script.
- Various fixes for compiler and static analyzer warnings, as reported
by CLang.
- ManageSieve: Fixed '[' ']' stupidity for response codes (only happened
before login).
- Fixed setting name in example-config/conf.d/20-managesieve.conf.
- Fixed messed up hex output for sieve-dump tool.
v0.3.5 09-05-2013 Stephan Bosch <stephan@rename-it.nl>
- Sieve editheader extension: fixed interaction with the Sieve body extension.
If used together, the deleteheader action could fail after a body test was
performed.
- Test suite: fixed a time zone dependency in the Sieve date extension tests.
v0.3.4 06-04-2013 Stephan Bosch <stephan@rename-it.nl>
* Changed error handling to be less of a nuisance for administrators. Strictly
user-caused errors are only reported in user log. Some errors are logged as
info instead.
* Sieve: Changed behavior of redirect in case of a duplicate message delivery
or a mail loop. If a duplicate is detected the implicit keep is canceled,
as though the redirect was successful. This prevents getting local
deliveries. The original SMTP recipient is used when it is available to
augment the entry in the LDA duplicate database. This way, duplicates are
only detected when (initially) addressed to the same recipient.
+ Sieve vnd.dovecot.duplicate extension: added new features to the duplicate
test, making it possible to manually compose the key value for duplicate
checking. This extension is in the process of being standardized
(https://tools.ietf.org/html/draft-bosch-sieve-duplicate-01).
+ Sieve date extension: generate warning when invalid date part is specified.
- Sieve editheader extension: fixed crash occurring when addheader :last was
used.
- Sieve include extension: fixed missing error cleanup that caused a resource
leak.
- Sieve vacation extension: fixed determination of From: address for when
sieve_vacation_dont_check_recipient is active.
- Sieve tools: the -D option wasn't enabled and documented for all tools.
- Siev dict script storage: fixed potential segfault occurring when dict
initialization fails.
- ManageSieve: fixed bug in skipping of CRLF at end of AUTHENTICATE command.
- ManageSieve: fixed handling of unkown commands pre-login.
- Fixed compile on Mageia Linux.
v0.3.3 18-09-2012 Stephan Bosch <stephan@rename-it.nl>
- Fixed compile against installed Dovecot headers. This was broken by the
ld.gold fix in the previous release.
v0.3.2 18-09-2012 Stephan Bosch <stephan@rename-it.nl>
+ sieve-refilter tool: improved man page documentation by explicitly
specifying the syntax used for mailbox arguments.
+ Sieve: spamtest and virustest extensions: improved trace debugging of score
calculation.
+ Sieve: made error messages about exceeding the maximum number of actions
more verbose.
- Sieve tools: fixed problems with running as root: sievec and sieve-dump now
ignore mail_uid and mail_gid settings when run as root.
- Sieve: fixed bug in action accounting (for limit checking): increase action
instance count only when an action is actually created.
- Sieve: include extension: fixed namespace separation of :global and
:personal scripts.
- ManageSieve: fixed segfault bug triggered by CHECKSCRIPT command.
- Fixed linking with ld.gold.
- Fixed several Clang compile warnings and a few potential bugs.
v0.3.1 25-05-2012 Stephan Bosch <stephan@rename-it.nl>
* Added support for retrieving Sieve scripts from dict lookup. This means that
Sieve scripts can now be downloaded from a database. Compiled script
binaries are still put on disk somewhere if used. The INSTALL documentation
is updated with information on this new feature and the
(backwards-compatible) changes to the configuration. Note that his feature
is currently not supported for sieve_before/sieve_after or script management
through ManageSieve.
+ Incorporated the sieve_duplicate plugin into main Pigeonhole tree as a
normal extension (vnd.dovecot.duplicate). This Dovecot-specific extension
adds the ability to check for duplicate deliveries based on message ID.
Specification can be found in: doc/rfc/spec-bosch-sieve-duplicate.txt
+ Added support for specifying multiple sieve_before and sieve_after paths.
This adds much more flexibility to the multiscript configuration. One
application is to have user-specific Sieve scripts outside the user's
normal control through ManageSieve.
+ Added a "session ID" string for managesieve connections, available in
%{session} variable (analogous to Dovecot change).
- Fixed several small issues, including a few potential segfault bugs, based
on static source code analysis.
- ManageSieve: changed use of EPROTO error to EIO in ManageSieve string stream
implementation because it is apparently not known in BSD.
- Gave stamp.h.in (needed for autotools) some content to prevent it from
disappearing in patch files.
- Fixed bug that caused a SunStudio CC compile failure (reported by Piotr
Tarnowski).
v0.3.0 16-02-2012 Stephan Bosch <stephan@rename-it.nl>
* Renamed sieve_global_path setting to sieve_default for clarity. Old name is
still recognized for backwards compatibility. Support for the ancient (pre
v1.1) name for this setting "global_script_path" is now dropped.
* Added means to prohibit use of redirect action. Setting sieve_max_redirects
to 0 now means that redirect is disallowed instead of unlimited. Default
value remains four.
* Fixed interaction of Sieve include extension with ManageSieve. It is updated
to match new requirements in the draft include specification. Missing
included scripts are no longer an error at upload time.
* Updated RFC2822 header field body verification to exclude non-printing
characters (RFC5322). Only Sieve actions that can create unstructured header
values (currently enotify/mailto and editheader) are affected by this
change.
+ Completed sieve-filter tool to a useful state. The sieve-filter tool
provides a means to (re)filter messages in a mailbox through a Sieve script.
+ Implemented the Sieve editheader extension. It is now possible to add and
remove message headers from within Sieve.
+ ManageSieve: added support for reading quoted and literal strings as a
stream. Fixes support for handing large SASL responses (analogous to similar
changes in Dovecot). It is now also allowed to use a quoted string for the
PUTSCRIPT script argument.
+ Added code to cleanup tmp directory in Sieve storage directory (sieve_dir)
every once in a while.
+ Added support for substituting the entire message during Sieve processing.
This is used for the filter action provided by the new sieve_extprograms
plugin (provided separately for now). The filter action allows passing the
message through an external program.
+ Added support for restricting certain Sieve language extensions to
(admin-controled) global scripts. Restricted extensions can be configured
using the new sieve_global_extensions setting. This is particularly useful
for some of the Dovecot-specific (plugin-based) Sieve extensions, that can
be somewhat hazardous when under direct control of users (e.g.
sieve_extprograms).
v0.2.6 13-02-2012 Stephan Bosch <stephan@rename-it.nl>
* This release fixes unintentional behavior of the include extension. Included
scriptnames with a name like "name.sieve" would implicitly map to a script
file called "name.sieve" and not "name.sieve.sieve". Keep in mind that the
.sieve file extension has no meaning from within the Sieve language. A Sieve
script is always stored with an appended .sieve file extension, also when
the name already ends with a .sieve suffix.
IMPORTANT: Some installations have relied on this unintentional feature, so
check your script includes for issues before upgrading.
* Matched changes regarding auth_verbose setting in Dovecot. This means that
this release will only compile against Dovecot v2.0.18.
- Fixed problem in ManageSieve that caused it to omit a WARNINGS response code
when the uploaded script compiled with warnings.
- Made sure that locations of Sieve error never report `line 0'.
- Fixed potential segfault occurring when interpreter initialization fails.
v0.2.5 19-11-2011 Stephan Bosch <stephan@rename-it.nl>
+ Sieve vacation extension: made discard message for implicit delivery more
verbose
- The sieve-test tool: mixed up original and final envelope recipient in
implementation of command line arguments.
- Sieve vacation extension: resolved FIXME regarding the use of variables in
the :handle argument. Variables are now handled correctly.
- Sieve body extension: fixed handling of :content "message/rfc822". This now
yields the headers of the embedded message as required by the specification.
Handling of :content "multipart" remains to be fixed.
- LDA Sieve plugin: fixed problem with recipient_delimiter configuration. Now
falls back to global recipient_delimiter setting if
plugin/recipient_delimiter is not set.
v0.2.4 13-09-2011 Stephan Bosch <stephan@rename-it.nl>
+ Vacation extension: finally added support for using the original recipient
in vacation address check. It is also possible to disable the recipient
address check entirely. Check doc/vacation.txt for configuration
information.
+ Include extension: made limits on the include depth and the total number of
included scripts configurable. Check doc/include.txt for configuration
information.
+ Implemented ihave extension. This allows checking for the availability
of Sieve language extensions at 'runtime'. Actually, this is checked
at compile time. At runtime the interpreter checks whether extensions
that were not previously available are still unavailable. If the situation
changed, the script is re-compiled and the ihave tests are evaluated again.
+ Sieve: optimized compilation of tests that yield constant results (i.e.
known at compile tme), such as 'true' and 'false'. No code is produced
anymore for script sections that are never executed. Also, semantics
are not verified anymore in uncompiled script sections.
+ Made vnd.dovecot.debug extension available to the LDA plugin instead of
only the command line tools.
+ Sieve: redirect action now adds X-Sieve-Redirected-From header (mainly for
people using SPF/SRS).
- Sieve: fixed bug in handling flags and keywords; in case of error an
assertion was triggered.
- Script storage: improved handling of unconfigured user home directory.
Originally this would produce an unhelpful error message.
- Imap4flags extension: prevent forcibly enabling imap4flags when imapflags
is enabled.
- Fixed various -Wunused-but-set-variable compiler warnings.
- Include extension: forgot to check variable identifier syntax for 'global'
command.
- Sieve: fixed debug mode; no messages were logged in some situations.
- sievec tool: forgot to enable -D (debug) parameter.
v0.2.3 14-04-2011 Stephan Bosch <stephan@rename-it.nl>
* Sieve filter tool: finished implementing basic functionality. It is not
quite ready yet, but it is available for those willing to experiment
with it (needs --with-unfinished-features config to compile). Also
includes man page.
+ Vacation extension now inhibits replies to messages from sender listed
in :addresses, thus preventing replies to one of the user's other known
addresses.
+ Vacation extension: implemented the (draft) vacation-seconds extension.
This also adds min/max period configuration settings. Refer to
doc/vacation.txt for configuration information.
- ManageSieve: fixed bug in UTF-8 checking of string values. This is done
by discarding the original implementation and migrating to the Dovecot
API's UTF-8 functionality.
- Sieve command line tools now avoid initializing the mail store unless
necessary. This prevents sievec and sieve-dump from failing when
executed by root for example.
- Enotify extension: fixed inappropriate return type in mailto URI parse
function, also fixing ARM compiler warning.
- Vacation extension: fixed handling of sendmail errors. It produced an
additional confusing success message in case of error.
- Removed header MIME-decoding to fix erroneous address parsing. Applies to
address test and vacation command.
- Fixed segfault bug in extension configuration, triggered when unknown
extension is mentioned in sieve_extensions setting.
v0.2.2 06-12-2010 Stephan Bosch <stephan@rename-it.nl>
* LDA Sieve plugin: started using Dovecot LDA reject API for the reject
extension. This means that the LDA reject_reason and reject_subject
settings now also work for Pigeonhole's LDA Sieve plugin.
* Did some work on the new sieve-filter tool. It is mostly functional, but
it is not finished yet.
* Dovecot change: services' default vsz_limits weren't being enforced
correctly in earlier v2.0 releases. Now that they are enforced, you might
notice that the default limits are too low and you need to increase them.
This problem will show up in logs as "out of memory" errors. See
default_vsz_limit and service { vsz_limit } settings.
- Imap4flags: fixed segfault bug occurring in multiscript context.
- Added version checking to the ManageSieve settings plugin. This plugin was
forgotten when the LDA plugin was updated with this change in the previous
release.
- LDA Sieve plugin: fixed memory leak at deinitialization.
v0.2.1 27-09-2010 Stephan Bosch <stephan@rename-it.nl>
+ Incorporated distinction between original and final envelope recipient in
Sieve interpreter, as recently introduced in Dovecot.
+ Regex extension: added support for regex keys composed from variables.
- LDA Sieve plugin: added _version symbol to enable Dovecot's plugin version
check. Without this check, people can forget to recompile the plugin, which
can lead to unexpected effects.
- LDA Sieve plugin: turned debug message about an unconfigured home directory
into a proper error and added script path information.
- Fixed unnecessary reporting of dummy extensions in ManageSieve SIEVE
capability; the comparator-i;octet and comparator-i;ascii-numeric
'extensions' were reported explicitly.
v0.2.0 10-09-2010 Stephan Bosch <stephan@rename-it.nl>
* Merged Sieve and ManageSieve packages into a single Pigeonhole package.
There is also no need to patch Dovecot anymore to gain ManageSieve support.
Version numbering of previous Sieve releases is continued as v0.2.0. The
sources originally branched off from Sieve v0.1.5 and ManageSieve v0.11.4,
but the NEWS history of much more recent releases for Dovecot v1.2 is
included since these changes are all included in this release as well.
* The ManageSieve service now binds to TCP port 4190 by default due to the
IANA port assignment for the ManageSieve service. When upgrading from v1.2,
this should be taken into account. The service can be configured manually to
listen on both 2000 and 4190.
* The Dovecot configuration now calls the ManageSieve protocol 'sieve' in
stead of 'managesieve' because it is registered as such with IANA. The
binaries and the services are still called managesieve and
managesieve-login.
* The binary representation of a compiled Sieve script is updated to include
source code locations of all commands and arguments. This is implemented in
a similar manner as such debug information is included in some system
executables and libraries (DWARF-like). Run-time errors can now always refer
to the proper line number in the Sieve source script.
* The Sieve plugin is adapted to work properly with the new LMTP service
introduced with Dovecot v2.0. The same plugin is used for both LDA and LMTP.
* The 'sieve_subaddress_sep' setting for the Sieve subaddress extension is now
known as 'recipient_delimiter'. Although the deprecated sieve_subaddress_sep
setting is still recognized for backwards compatibility, it is recommended
to update the setting to the new name, since the new LMTP service also uses
the recipient_delimiter setting.
* ManageSieve: changed default IMPLEMENTATION capability to from 'Dovecot' to
'Dovecot Pigeonhole'.
* Renamed the sieved tool to sieve-dump. The original name was somewhat
confusing.
* Updated man pages to match style and structure of new Dovecot man pages.
* Made testsuite commands more uniform and cleaned up many of the testsuite
scripts. Some minor new tests were added in the process.
+ Simplified string matching API to use abstract string lists as data sources.
This will also make implementing the index extension easier in the future.
+ Significantly improved trace debugging with the sieve-test tool. The full
execution of the script can be examined, including the matched values and
keys of the respective Sieve test commands. The executed statements are
listed with their line number (and code address when requested). The level
of detail is configurable from the command line.
+ The SIEVE and NOTIFY capabilities reported by the ManageSieve protocol can
now be configured manually. If left unconfigured, the capabilities are
determined from the default Sieve and ManageSieve configuration.
User-specific capabilities aren't reported until after authentication.
+ Significantly improved file error handling. This means that administrators
get a more useful and informative log message when file operations fail. The
most notable example is that when the LDA Sieve plugin is trying to store a
binary for a global script, the resulting failure message also points the
administrator towards pre-compiling the script with sievec.
+ Added runtime argument value checking for several commands (redirect, date
vacation). When variables are used, these checks cannot be performed at
compiletime. A proper runtime error now is produced when invalid data is
encountered.
+ UTF8 validity of fileinto command argument is now checked either at compile
time or at runtime. Previously, it was not checked until the store action
was executed.
+ Validity of IMAP flags for the imap4flags extension is now checked also
at runtime. Previously, it was not checked until the store action was
executed.
+ Simplified and restructured error handling. Also made sure that user-caused
errors are no longer written to the Dovecot master/LDA log.
- Multiscript: fixed duplicate implicit keep caused by erroneous execution
state update.
- Prevented assertion failure due to currupt binary string representation.
If the string was missing a final \0 character an assertion was produced in
stead of a binary corruption error.
- Imap4flags: fixed bug in setflag command; when parameter was a stringlist,
only the last item was actually set.
- Variables extension: fixed :length set modifier to recognize utf8 characters
instead of octets.
- Testsuite: prevented innocent warning messages, i.e. those that are part of
the test, from showing up by default.
- ManageSieve/Sieve storage: fixed error handling of PUTSCRIPT commmand; save
commit errors would not make the command fail.
- ManageSieve: enforced protocol syntax better with some of the commands; some
commands allowed spurious extra arguments.
- Fixed Sieve script name checking to properly handle length limit and added
0x00ff as invalid character.
- Removed spurious old stdio.h (top) includes; these caused compile issues on
specific systems.
- Fixed default Sieve capability (as reported by ManageSieve): extra
extensions spamtest, spamtestplus and virustest were enabled by default.
These should, however, only be enabled when properly configured and there
is no default configuration.
(Fused Dovecot Sieve and ManageSieve packages into a single Pigeonhole release)
Dovecot Sieve NEWS history:
---------------------------
Dovecot 1.2:
v0.1.17 19-06-2010 Stephan Bosch <stephan@rename-it.nl>
- Made sure source code positions for compiler messages are recorded at start
of tokens.
- Fixed a few potential memory leaks in the Sieve compiler and the
spam/virustest extensions.
- Made command line tools return proper exit status upon failure.
v0.1.16 30-04-2010 Stephan Bosch <stephan@rename-it.nl>
* Finished implementation of spamtest, spamtestplus and virustest extensions.
These are not enabled by default and need to be activated with the
sieve_extensions setting. Documentation available in
doc/spamtest-virustest.txt
+ Vacation extension: the from address of the generated reply is now by
default equal to whatever known recipient alias matched the headers of the
message. If it is one of the aliases specified with :addresses, it is used
instead of the envelope recipient address that was used before.
+ Restructured and optimized the lexical scanner.
+ Added --with-docs configure option to allow disabling installation of
documentation.
- Accidentally omitted 'extern' in two declarations of global variables in
header files, causing compile failures on certain systems.
- Deprecated imapflags extension: fixed implicit assignment of flags. Turns
out this never really worked, but the effect of this bug was obscured by the
removeflag bug fixed in the previous release.
- Fixed various memset argument mixups in enotify extension. This caused
warnings on certain systems, but luckily no adverse effects at runtime.
v0.1.15 25-01-2010 Stephan Bosch <stephan@rename-it.nl>
* Enotify extension:
- Adjusted notify method API for addition of new notification methods.
- Set default importance level to 'normal' (was 'high').
* Include extension: updated implementation towards most recent specification
(all should be backwards compatible):
- Implemented global variables namespace.
- Global command may now appear anywhere in a script.
- Implemented script name checking using the requirements specified in the
ManageSieve draft.
- One issue remains: ManageSieve currently requires included scripts to be
uploaded first, which is not according to specification.
* Changed envelope path parser to allow to and from envelope addresses that
have no domain part.
+ Added preliminary support for Sieve plugins and added support for installing
Sieve development headers.
+ Started work on the implementation of the spamtest, spamtestplus and
virustest extensions (unfinished).
+ Deprecated notify extension: implemented denotify command.
+ Variables extension: added support for variable namespaces.
+ Added configurable script size limit. Compiler will refuse to compile files
larger than sieve_max_script_size.
+ Testsuite changes:
- Added support for changing and testing an extension's configuration.
- Added a command line parameter for copying errors to stderr.
- Fixed a bug in the i;ascii-numeric comparator. If one of the strings started
with a non-digit character, the comparator would always yield less-than.
- Imap4flags extension: fixed bug in removeflag: removing a single flag failed
due to off-by-one error (bug report by Julian Cowley).
- Improved EACCES error messages for stat() and lstat() syscalls and slightly
improved error messages that may uccur when saving a binary.
- Vacation extension: fixed typo in runtime log message (patch by Julian
Cowley).
- Fixed use of minus '-' in man pages; it is now properly escaped.
- Fixed parser recovery. In particular cases it would trigger spurious errors
after an initial valid error and sometimes additional errors were
inappropriately ignored.
v0.1.14 19-12-2009 Stephan Bosch <stephan@rename-it.nl>
* Made the imposed limits on the number of redirects and the number of
actions configurable. The settings are called sieve_max_actions and
sieve_max_redirects.
* Did a major rework of extension handling, making sure that no global state
is maintained. This change was triggered by problems that global state info
would cause for Dovecot v2.0, but it is also important for v1.2 as it
significantly cleans up the library implementation.
+ Made LDA Sieve plugin recognize the deliver_log_format setting.
+ Message headers produced from user-supplied data are now RFC2047-encoded if
necessary for outgoing messages. This is for example important for the
:subject argument of the vacation action.
+ Added support for the $text$ substitution in the deprecated notify
extension.
+ The subaddress extension now also accepts recipient_delimiter setting as an
alias for sieve_subaddress_sep setting. This anticipates the
recipient_delimiter setting in v2.0.
- Fixed logging of mailbox names. It logged the converted mUTF7 version in
stead of the original UTF8 version supplied by the user.
- Fixed a minor memory leak in the multiscript support.
- Fixed a bug in the recompilation of Sieve scripts. Made sure that scripts
are only recompiled when the script file - or the symlink pointing to it -
is strictly newer.
v0.1.13 18-10-2009 Stephan Bosch <stephan@rename-it.nl>
+ Body extension: implemented proper handling of the :raw transform and added
various new tests to the test suite. However, :content "multipart" and
:content "message/rfc822" are still not working.
+ Fixed race condition occurring when multiple instances are saving the same
binary (patch by Timo Sirainen).
+ Test suite: added support for testing multiscript execution.
- Made compiler more lenient towars missing CRLF at the end of the script in a
hash comment.
- Body extension: don't give SKIP_BODY_BLOCK flag to message parser, we want
the body! (patch by Timo Sirainen).
- Fixed handling of implicit side effects for multiscript execution.
- Fixed bugs in multiscript support; subsequent keep actions were not always
merged correctly and implicit side effects were not always handled
correctly.
- Fixed a segfault bug in the sieve-test tool occurring when compile fails.
- Fixed segfault bug in action procesing. It was triggered while merging side
effects in duplicate actions.
- Fixed bug in the Sieve plugin that caused it to try to stat() a NULL path,
yielding a 'Bad address' error.
v0.1.12 21-08-2009 Stephan Bosch <stephan@rename-it.nl>
+ Testsuite: added support for testing binaries stored on disk.
+ Implemented the new date extension. This allows matching against date values
in header fields and the current date at the time of script evaluation.
v0.1.11 08-08-2009 Stephan Bosch <stephan@rename-it.nl>
+ Built skeleton implementation for the date extension (RFC 5260). It
compiles, but it does not do anything useful yet. Therefore, it is not part
of the default compilation.
- Fixed ARM portability issues caused by char type not being signed on that
platform. Reading optional operands from a binary would fail for action side
effects. Also, an accidental mixup of an int return type with bool caused
the interpreter to continue on ARM even though an error occured.
- Removed direct stdint.h includes to prevent portability issues.
- Fixed segfault bug in the handling of script open failures.
- Include: improved user error messages and system log messages.
- Fixed copy-paste mixup between sieve_after and sieve_before settings in the
LDA Sieve plugin. If only a sieve_after script was active, nothing would
have been executed. Patch by Mike Abbott.
- Include: fixed a bug in HOME substitution in the sieve_dir path. Surfaced in
ManageSieve.
v0.1.10 03-08-2009 Stephan Bosch <stephan@rename-it.nl>
* Changed action execution of fileinto and keep. These changes depend on API
additions in Dovecot, making this release depend on Dovecot v1.2.2 or newer.
* Further developed the sieve-filter command line tool. This required a few
changes to the action execution of the Sieve engine. The tool was
successfully tested on folders with a few 100k spam messages. However, the
commandline options are still incomplete, a man page is missing and it needs
much more testing before I can recommend anyone to use this tool.
+ Added support for the mailbox extension. This allows checking whether a
mailbox exists using the mailboxexists command and it adds the :create
argument to the fileinto command to create the mailbox when it is missing.
The :create feature is useless unless the Deliver LDA is run with the -n
option.
+ Improved the testsuite with tests for message delivery. Messages stored
using keep and fileinto can be fed back into the Sieve engine for
verification. This includes testing of applied IMAP flags.
+ Updated the man pages with the new method of specifying the supported
extensions using + and - (for the -x parameter of the sieve tools)
+ Further developed the deprecated notify extension. A dummy for the denotify
command exists, meaning that its use does not cause an error anymore.
- Fixed a bug in the derivation of the binary path from the script path. A
bare filename would yield a path relative to root.
- Fixed a bug in the value matching code. The context data now uses a proper
pool instead of the data stack. Bug reported by Jan Sechser.
- Fixed assertion fail in the include extension caused by missing
initialization upon binary load. This bug surfaces only for stored
binaries. Bug reported by Tom Hendrikx.
- Fixed include error message for failed :global include. It mentioned the
wrong config parameter.
- Fixed broken wiki reference in an error message of the plugin about the
'sieve' setting.
- Fixed behavior of fileinto when delivering into a namespace prefix.
Previous fix used the wrong storage.
v0.1.9 22-07-2009 Stephan Bosch <stephan@rename-it.nl>
* Removed the unfinished sieve-filter tool from the default build. It is now
only built when the --with-unfinished-features switch is supplied during
configure.
+ Started building support for the ereject version of the reject action,
which has a preference to use an SMTP/LMTP protocol error instead of a
bounce message. This is to be used to make the Sieve plugin honour Deliver's
-e parameter. This is not yet finished and not built by default.
+ Improved 'Permission denied' error messages just like Dovecot does,
precisely specifying what permission is missing to access or create a file.
+ Added additional headers to the list of allowed headers for the address
test. The restrictive nature of the address test is not always appropriate.
Still thinking of a better, less restrictive implementation.
+ Made the deprecated notify extension compatible with the old CMUSieve
plugin. However, the denotify command and the $text$ substitution are not
yet supported.
+ Made the discard action log a message to avoid confusion about disappearing
messages.
- Fixed behavior of fileinto when delivering into a namespace prefix. It now
uses silent delivery into INBOX as fallback.
- Fixed logging of folder namespace prefix upon delivery into a prefixed
namespace. Formerly it only logged the bare folder name.
- Fixed a potential segfault in the argument validation. It didn't surface
because no command could have a :tag followed by an associated parameter as
last argument.
- Fixed segfault bug occurring in envelope test when performed on null (<>)
envelope path. The fix involves a rather large restructuring of the code to
make sure envelope addresses are properly handled everywhere (bug reported
by Nikita Koshikov)
- Envelope: fixed bug in application of address parts; failure to obtain
the part would cause inappropriate match success (bug reported by Ron Lee)
- Fixed extension conflict checks during validation. It could sometimes
produce useless errormessages. This is currently only used by the
deprecated extensions.
- Forgot to remove old explicit storage library dependency (patch by
Arkadiusz Miskiewicz).
- Fixed compiler warnings on certain platforms regarding the use fwrite for
outgoing message construction
v0.1.8 12-07-2009 Stephan Bosch <stephan@rename-it.nl>
- Fixed AIX compile problem. For portability, the typeof operator is
not used anymore.
+ Added partial support for the deprecated notify extension. However, it
turns out that the implementation provided by cmusieve is even older (2001),
meaning that this is currently not backwards compatible with cmusieve.
v0.1.7 05-07-2009 Stephan Bosch <stephan@rename-it.nl>
+ Added support for CRLF line breaks in strbuf error handler to fix a
ManageSieve problem.
+ Improved consistency of sieve tool documentation and fixed missing
parameters in internal tool help output.
+ Enhanced extensions configuration, allowing to specify the enabled
extensions relatively to the default (patch by Steffen Kaiser).
- Forgot to initialize script execution status in Sieve plugin, causing
segfaults on compile errors in specific conditions.
- Fixed logging in Sieve plugin for execution of default main script (went
to STDERR).
v0.1.6 18-06-2009 Stephan Bosch <stephan@rename-it.nl>
* Adjusted to changes in Dovecot to make it compile against v1.2.rc5
* Made default of sieve_dir setting match the ManageSieve implementation.
- Fixed a few problems in de body extension that caused assert failures in
specific situations.
v0.1.5 18-04-2009 Stephan Bosch <stephan@rename-it.nl>
* Ported the implementation of the Sieve include extension to the latest
draft. This means that the import and export commands are replaced by a new
command called global. The import and export commands are now DEPRICATED and
are mere aliases for the global command. The new specification also adds the
:once modifier to the include command. The also newly specified global.*
variable namespace is not implemented yet as support for variable namespaces
is currently missing.
* Did a major rework of the multiscript support for better error handling and
made sure that persistent global scripts (sieve_before/sieve_after) are
always executed, even when the user does not have a script of his own and
a global default is missing.
+ Provided basic support for the environment extension. Currenly, the name,
version and host items are useful. Others are pending.
+ Improved error message that is presented when an unknown Sieve extension is
provided as argument to the require command. It now notifies the user that
Sieve core commands do not need to be specified in require.
- Fixed bug in includes at levels deeper than one.
- Fixed bug in address matching that was caused by the failure to handle group
specifications. In dovecot, these are marked by address items with NULL
elements, which causes a segfault if not considered. The group 'undisclosed-
recipients:;' in particular triggered this bug. Bug reported by Bernhard
Schmidt.
v0.1.4 21-03-2009 Stephan Bosch <stephan@rename-it.nl>
* Started work on the sieve-filter tool. With this command line tool it will
be possible to (re-)apply Sieve filters on a mail folder. It is currently
undocumented and far from functional.
+ Added a custom debug extension that provides the possibility to print debug
messages from scripts executed by the Sieve tools.
- Fixed issue with opening relative paths as a mail file. Bug reported by Ian
P. Christian.
- Fixed MAC OSX compile problem. Turns out the extern modifier was missing at
multiple places. Bug reported by Edgar Fuss.
- Fixed Solaris compile problem: removed unecessary and unportable linker
flags that caused compile to fail. Bug reported by Andrés Yacopino.
v0.1.3 12-02-2009 Stephan Bosch <stephan@rename-it.nl>
* Adapted to changes in Dovecot, making this release dependent on Dovecot
>= 1.2.beta1
* Made mail address comparison fully case-insensitive. This is particularly
noticeable for the :addresses argument of the vacation command.
+ Finished enotify extension. Currently, only the mailto notification method
is implemented. All still needs to be tested thoroughly.
+ Implemented multiscript support. It is now possible to execute multiple
Sieve scripts sequentially. Administrator-controlled scripts can be
executed before and after the user's script. Still needs to be tested
thoroughly.
+ Implemented support for configuring the available Sieve extensions.
+ Made the subaddress extension (partially) configurable using the
sieve_subaddress_sep setting, which allows specifying a (multi-charater)
separator other than '+'.
+ Compiler now warns about invalid header field names used for the header and
address tests.
+ Vacation extension now properly generates a References header for the
response message.
+ Added testing of basic result execution to the test suite. Also added
supportfor testing the outgoing messages produced by the Sieve interpreter.
+ Included execution of the actual result in the sieve-test command line tool.
The undocumented sieve-exec tool that existed for this is now removed as
planned.
+ Added support for the now obsolete 'imapflags' extension for backwards
compatibility with CMUSieve. This also implements the mark/unmark commands.
- Fixed bugs in the regex extension: 1) if an optional match value did not in
fact match, subsequent match values would get unexpected indexes. 2) fixed
segfault bug occurring when regex is freed.
- Fixed bug in the use of the :from agrument for the vacation command. If this
address included a phrase part, the response would not be a valid RFC822
message.
- Plugged a theoretical security hole occurring when a directory is opened as a
Sieve binary.
- Cleaned up and fixed various log messages.
- Fixed bug in the outgoing address verification. Addresses ending in ',' were
erroneously accepted.
v0.1.2 26-11-2008 Stephan Bosch <stephan@rename-it.nl>
- Fixed important bug in the redirect action (and probably other actions like
reject and vacation that only send messages). This was a bug in the handling
of context information during the execution of actions. It caused the sieve
interpreter to crash with a segfault when redirect was executed.
v0.1.1 24-11-2008 Stephan Bosch <stephan@rename-it.nl>
* Re-enabled support for compiling against dovecot headers. Much like
cmusieve, command line tools like sievec and sieved are not compiled in this
case.
* Started implementation of enotify extension. Not anywhere near finished
though.
* Adapted to changes in Dovecot on various occasions, making this release
dependent on Dovecot >= v1.2.alpa4.
+ Improved logging of errors at specific occasions and added debug messages to
find script execution problems quicker.
+ Removed code duplication between command line tools and the test suite.
Also restructured the sources of the tools.
+ Added UTF-8 to UTF-7 folder name conversion for compatibility with IMAP.
+ Created man pages for the command line tools. These are automatically
installed upon 'make install'
+ Incorporated Valgrind support into the testsuite and fixed a few memory
leaks in the process.
- Fixed compile error surfacing for gcc3.4. Forgot mask argument for the
open() system call when the O_CREAT flag is specified. Bug found by
Sergey Ivanov.
- Fixed bug in the sievec tool. -d output was always written to stdout.
- Fixed important bug in the imap4flags extension. When no :flags argument is
specified, the previous version would always use the final value of the
internal variable to set the flags. This means that modifications to the
internal variable also affected the bare fileinto/keep actions executed
earlier. This does not comply to the RFC.
- Fixed bug in the include extension's import/export commands. Duplicate
import/exports caused problems.
- Fixed bug in the handling of non-existent scripts. Errors were sometimes
ignored.
- Dovecot omitted unfolding multi-line headers. This was added to the cmusieve
plugin after the code was incorporated into the new implementation. This is
now mplicitly fixed by concurrent change in Dovecot.
v0.1.0 23-10-2008 Stephan Bosch <stephan@rename-it.nl>
* Initial release
Dovecot ManageSieve NEWS history:
---------------------------------
Dovecot 1.2:
v0.11.11:
* This release contains adjustments to match changes in the Sieve API. This
means that this release will only compile against Pigeonhole Sieve
v0.1.15.
+ Implemented ManageSieve QUOTA enforcement.
+ Added MAXREDIRECTS capability after login.
+ Implemented new script name rules specified in most recent ManageSieve
draft.
- Fixed assertion failure occurring with challenge-response SASL mechanisms.
- Made configure complain about trying to compile against installed Dovecot
headers alone.
- Fixed compile warning for compilation against CMUSieve.
v0.11.10:
* This release contains adjustments to match changes in the Sieve API. This
means that this release will only compile against Pigeonhole Sieve
v0.1.14.
- Fixed compilation of ManageSieve against CMUSieve.
v0.11.9:
* Adjusted to changes in the Dovecot login proxy API. This release
therefore depends on Dovecot v1.2.4.
+ Reintroduced ability to abort SASL with "*" response. Latest ManageSieve
specification includes it.
v0.11.8:
- Fixed TLS support for proxying ManageSieve. The protocol state machine
was incorrect. Also added a check that disables ssl when 'starttls' is
not enabled for the user. This produces a proper warning in the log file.
There is no such thing as a managesieveS protocol which has SSL from the
start.
v0.11.7:
* Adjusted to changes in the Dovecot login API. This release now depends on
Dovecot v1.2.1 or newer.
* Incorporated various small changes in IMAP into ManageSieve. This includes
properly enabling the generation of core dumps.
- The previous release implicitly resolved the FreeBSD script truncation
error. This release adds a small correction to the code that detects the
truncation.
- Fixed panic occurring when many errors are produced by the Sieve compiler
(bug found by Pascal Volk).
- Fixed memory leak in the PUTSCRIPT command.
v0.11.6:
* Adjusted to changes in Dovecot regarding client idle timeout vs
authentication timeout. This release now depends on Dovecot v1.2.rc6 or
newer.
- Fixed CRLF line breaks in compile errors (bug reported by Pascal Volk).
- Corrected directory/file creation behavior with respect to mode bits
and gid (bug reported by Pascal Volk).
- Improved handling of script truncation bugs: connection is now closed and
an error is logged. bug itself not fixed yet).
- Prevented temp script name from showing up in error output.
v0.11.5:
* Incorporated various changes from imap-login into managesieve-login. This
includes changes in the proxy support.
v0.11.4:
* Adjusted to changes in the Dovecot signal handler API.
v0.11.3:
* Changed the SASL service name from "managesieve" into "sieve" as required
in the protocol specification. Don't forget to adjust your configuration
if your authentication mechanism depends on this service name.
* Adapted to changes in Dovecot, making this release dependent on Dovecot
>= v1.2.beta1.
* Adapted to changes in the new Sieve implementation, making this release
dependent on Dovecot Sieve >= v0.1.3 if used. The old cmusieve plugin is
still supported.
+ Implemented making the SIEVE and NOTIFY capability fully dynamic, meaning
that the sieve_extensions setting that was introduced for the new Sieve
plugin properly affects the ManageSieve daemon as well.
+ Added support for the CHECKSCRIPT command. In terms of the supported
commands, the ManageSieve daemon now complies with protocol VERSION 1.0 as
listed in the CAPABILITY response.
- Fixed maximum permissions for uploaded scripts; was 0777. This
was shielded however by the default umask (not documented to be
configurable), so the actual permissions would never have been 0777.
- Fixed a segfault bug in the authentication time-out. Bug report and trace
provided by Wolfgang Friebel.
- Fixed handling of ~/ in use of mail-data for script location.
- Fixed small problems in the login proxy support.
v0.11.2:
* Adapted to changes in Dovecot, making this release dependent on Dovecot
>= v1.2.alpa4.
v0.11.1:
- Fixed security issue that gives virtual users the ability to read and
modify each other's scripts if the directory structure of the sieve
storage is known.
* Updated NOOP command to match new protocol specification
+ Improved error handling and implemented the new response codes:
ACTIVE, NONEXISTENT, ALREADYEXISTS and WARNINGS
v0.11.0:
* Upgraded to Dovecot v1.2
* Added support for new ManageSieve extensions RENAME and NOOP
* Moved sieve settings to plugin {} section of config file. Now the settings
`sieve` and `sieve_dir` in the plugin section are used for the Sieve plugin
and the ManageSieve service, avoiding the posibility of accidental
differences in configuration.
Dovecot 1.1:
v0.10.3
* Removed erroneous inline declarations that caused compiler warnings. GCC 4.3
turns out to fail entirely as reported by Joel Johnson.
* Fixed auto-dectection of Sieve implementation during ./configure. It now
produces a proper error when the directory is invalid.
v0.10.2
* Fixed bug that caused SASL mechanisms that require more than a single client
response to fail. Reported by Steffen Kaiser and occured when he tried using
the (obsolete) LOGIN mechanism.
* Updated installation and configuration documentation to match the
information provided in the wiki
v0.10.1
* Fixed bug introduced in v0.10.0: compiled scripts were also written to disk
in the sieve/tmp directory and left there. This accumulates much .sievec
junk in that directory over time.
* Fixed bug in tmp file generation for sieve-storage: errors other than EEXIST
would cause the daemon to sleep() loop indefinitely.
+ Improved log lines to be more recognizable as being generated from
managesieve.
+ Added short proxy configuration explanation to the README file
+ Added 'Known Issues' section to the README file
- Fixed assert bug in sieve-storage occurring when save is canceled.
v0.10.0
* Upgraded to Dovecot 1.1:
- The actual managesieve implementation is now a separate package.
The dovecot tree still needs to be patched though to make dovecot
recognize the new managesieve service.
- Incorporated changes to imap/imap-login into the equivalent
managesieve processes.
- Removed cmusieve implementation from managesieve sources. It is
now linked externally from the dovecot-sieve-1.1 package.
- Restructured README.managesieve file into separate README, NEWS,
TODO, DESIGN and INSTALL files.
* Added support for new libsieve implementation (to be released). This
package can be compiled with either the new or the old Sieve
implementation (autodetected). If the new Sieve becomes stable, this
package will be merged with it to make a single package for Dovecot
Sieve support.
Dovecot 1.0:
v9
+ Definitively fixed the segfault mentioned in V8. It proved to be
very time-constrained and thus hard to reproduce. The error turned out
to be related to the input handling of the login daemon during
authentication.
+ Checked for changes in the imap daemon that weren't propagated to the
managesieve implementation due to code duplication.
+ Fixed a bug in the autodetection of the sieve storage location.
+ Fixed bug in the sieve storage that failed to refresh the symlink if
the storage was moved.
+ Improved error handing in the sieve-storage implementation in various
places.
+ Fixed the situation in which the active script link is located in the
sieve storage.
+ Added managesieve configuration to dovecot-example.conf and made the example
in this file more concise.
v8
+ Fixed a few incompatibilities with 1.0.7 version. For instance, the "Logged
in" message is now sent by the -login process and not by the managesieve
daemon anymore. This caused a segfault every once in a while.
+ Probably fixed the settings problem reported by Steffen Kaiser regarding
login_dir. 'dovecot -n' now reports correct results, but testing will show
whether the whole problem is solved.
+ The managesieve daemon now accepts the sieve_storage and sieve configuration
settings, so it is now possible to explicitly configure the location of the
sieve storage and the active script respectively. The daemon still falls back
to using the mail_location (MAIL) settings if nothing else is specified.
+ The cyrus timsieved does not use the + character in string literals and many
clients have adopted to this behaviour. The latest managesieve (08) advises to
accept a missing + from clients. The server should not send any + characters
as well. This behavior is now implemented on the server.
+ Cleaned up sieve-storage.c: split up the sieve_storage_create function in
various sub-functions for obtaining the various paths and directories.
+ Forced manual intervention if rescueing a non-symlink file at the active script
path fails somehow. Previously, this presented the admin with a log message
that it had just eaten the script, which is not very nice.
+ Restructured the README.managesieve file and added some more explanation with
regard to the configuration of the daemon.
v7
- Robin Breathe indicated that the regex capability was missing in the server's
SIEVE listing. It turns out I forgot to make arrangements for setting
ENABLE_REGEX in the cmu libsieve sources, so the regex extension was not
compiled in. I copied the configure.in section regarding ENABLE_REGEX from
dovecot-sieve-1.0.2 and that fixed the problem.
v6
- Corked the client output stream while producing the capability greeting and on
other some other occasions as well. Some naive client implementations expect to
receive this as a single tcp frame and it is a good practice to do so anyway.
Using this change the Thunderbird sieve extension (v0.1.1) seemed to work. However,
scripts larger than a tcp frame still caused failures. All these issues are fixed
in the latest version of the sieve add-on (currently v0.1.4).
- Cleaned up the new proxy source. My editor made the indentation a complete mess
in terms of TABs vs spaces.
- Added TRYLATER response codes to BYE and NO messages where appropriate.
- Recopied the libsieve library into this patch to incorporate any changes that were
made (only sieve-cmu.c still needs to be compared to the old cmu-sieve.c). This
also solves the __attribute__((unused)) GCC dependencies. These were fixed long
ago by Timo.... the code duplication beast strikes again.
- Removed spurious return value from void function in
src/lib-sieve/sieve-implementation.c as reported by Robin Breathe. GCC fails to
report these issues. The function involved is currently not used and serves only
as an example on how dovecot could support multiple sieve backends...
v5
- Applied patch by Uldis Pakuls to fix master_dump_settings bug
- Added some compilation/installation info to this README
- Moved README to source tree root as README.managesieve
- Fixed minor error handling bug in sieve_storage.c with respect to a missing
root directory.
- Now sieve capabilities are reported as they are specified by the implementing
library and not in forced upper case. The sieve RFC now explicitly states
that sieve capability identifiers are case-sensitive. This broke compatibility
with SquirrelMail/Avelsieve.
- Disabled ANONYMOUS login entirely until proper support is implemented. V4
claimed to do so as well, but in fact it only stopped announcing it.
- Implemented managesieve-proxy. It is not so much a clean copy of imap-proxy,
since the managesieve greeting is much more complex and requires parsing.
Configuration is identical to imap-proxy. This seems to be a little under-
documented however (http://wiki.dovecot.org/PasswordDatabase/ExtraFields).
v4
- Added managesieve_implementation_string setting to the managesieve
configuration. This can be used to customize the default "IMPLEMENTATION"
capability response.
- Denied ANONYMOUS login until proper support is implemented
- Fixed problem with authenticate command regarding continued responses. In
V3 only initial response would work. Problem was caused by rc2 -> rc28
upgrade. One of the clear reasons why code duplication is a very bad idea.
- Fixed readlink bug as indicated by Timo: return value of readlink can also
be -1.
- Fixed bug in the regular file rescue code, as introduced in the previous
version. Used stat instead of lstat. This caused the symlink to be rescued
subsequently in the next activation, thus still overwriting the initially
rescued script.
v3
- Updated source to compile with dovecot 1.0.rc27
- Daemon now uses the same location for .dovecot.sieve as dovecot-lda
This is typically ~/.dovecot.sieve
- If .dovecot.sieve is a regular file, it is now moved into the script storage as
dovecot.orig.sieve, preventing deletion of (important) active scripts
upon upgrade.
- Changed error handling to yield a BYE message when the managesieve
daemon exits unexpectedly (upon login) before any commands are entered.
Horde-ingo would wait indefinitely for a response.
v2
- Fixed the bug (missing CRLF) in the authenticate command
- Modified the sieve storage library making the interface much less crude.
- The scripts put on the server using the putscript command are now
checked before they are accepted.
- The reported SIEVE capability is now directly read from the sieve
implementation (in this case cmu), listing much more than "FILEINTO
VACATION".
- Imported instance of libsieve source into this patch for implementation
of script checking and capability listing. THIS NEEDS TO BE CHANGED!
- Fixed some minor bugs in the putscript command
|