summaryrefslogtreecommitdiffstats
path: root/NEWS
blob: 272ff18ead10eef8c07344bb257f2292ebc4d2ea (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
5462
5463
5464
5465
5466
5467
5468
5469
5470
5471
5472
5473
5474
5475
5476
5477
5478
5479
5480
5481
5482
5483
5484
5485
5486
5487
5488
5489
5490
5491
5492
5493
5494
5495
5496
5497
5498
5499
5500
5501
5502
5503
5504
5505
5506
5507
5508
5509
5510
5511
5512
5513
5514
5515
5516
5517
5518
5519
5520
5521
5522
5523
5524
5525
5526
5527
5528
5529
5530
5531
5532
5533
5534
5535
5536
5537
5538
5539
5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
5566
5567
5568
5569
5570
5571
5572
5573
5574
5575
5576
5577
5578
5579
5580
5581
5582
5583
5584
5585
5586
5587
5588
5589
5590
5591
5592
5593
5594
5595
5596
5597
5598
5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
5633
5634
5635
5636
5637
5638
5639
5640
5641
5642
5643
5644
5645
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
5657
5658
5659
5660
5661
5662
5663
5664
5665
5666
5667
5668
5669
5670
5671
5672
5673
5674
5675
5676
5677
5678
5679
5680
5681
5682
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692
5693
5694
5695
5696
5697
5698
5699
5700
5701
5702
5703
5704
5705
5706
5707
5708
5709
5710
5711
5712
5713
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
5734
5735
5736
5737
5738
5739
5740
5741
5742
5743
5744
5745
5746
5747
5748
5749
5750
5751
5752
5753
5754
5755
5756
5757
5758
5759
5760
5761
5762
5763
5764
5765
5766
5767
5768
v2.3.21 2023-09-15  Aki Tuomi <aki.tuomi@open-xchange.com>

	* lib-oauth2: Allow JWT tokens to be validated with missing typ field.
	  The typ field is left out by some key issuers to conserve space,
	  notably kubernetes. Now missing typ is tolerated, but if present, it
	  still must be "jwt".
	+ auth: Auth passdb and userdb reply can contain "event_<name>=value"
	  which will be added to login event and mail user event respectively.
	+ lib-master: Set process title during various initialization stages to
	  clearly describe what the process is waiting on.
	+ lib-storage: The mail_temp_scan_interval is now fuzzed incrementing it
	  by 0..30% based on username's hash to reduce the chance of load spikes.
	+ lib-storage: The temp file scan has been moved from the open of the
	  mailbox to the close, to reduce the latency perceived by users.
	+ stats: If metric has fields specified, all these fields are
	  exported as counters to prometheus exposition.
	  See https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
	- *-login: Processes might have crashed when a SSL connection disconnects
	  uncleanly.
	- acl: When plugin was loaded \HasChildren and \HasNoChildren flags
	  were calculated incorrectly for mailboxes containing '*' and '%'
	  in their names.
	- auth: Crash occured if a connection to PostgreSQL database server
	  failed during startup.
	- auth: Logins with invalid passwords (e.g. unknown scheme) in passdb
	  were failing with "password mismatch" instead of "internal error".
	- auth: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol
	  specific error message on all errors. This especially broke OIDC
	  discovery.
	- dbox: When last_temp_file_scan header wasn't set (especially after
	  dsync migration), the next mailbox open always triggers the temp file
	  scan. This could have caused a load spike after migrations. Fixed by
	  using the mailbox directory's atime when the header isn't set, which
	  usually moves the scan time into the future.
	- dict-redis: A crash would occur on transaction rollback.
	- dsync: Infinite loop causing out of memory would occur when handling
	  mailbox deletion from remote end and hierarchy separators would differ.
	- dsync: Incremental dsync failed for folder names ending with '%',
	  unless BROKENCHAR was set. Also folder names with '%' elsewhere in
	  them caused each incremental dsync to unnecessarily rename the folder
	  to a temporary name and back. v2.3.19 regression.
	- imap-hibernate: If an IMAP client unhibernation timed out with
	  "(version received)", the unhibernation could still have successfully
	  finished later on and continued working normally. This was rather
	  confusing, because imap-hibernate already logged that the client got
	  disconnected. Avoid this by forcing the connection to shutdown on
	  unhibernation timeout.
	- imapc: Crashed when a folder mapped through the virtual plugin
	  disappears from the storage.
	- imapc: EXPUNGE, EXISTS or FETCH replies from a server for a previously
	  selected mailbox could have been processed as if they belonged to the
	  new mailbox currently being selected. This could have caused warnings.
	- lib-http: Dovecot HTTP server (doveadm, stats/openmetrics) may have
	  disconnected HTTP clients before the response is fully sent. This
	  happened only on busy servers where kernel's socket buffers were
	  rather full.
	- lib-http: Fixed a potential crash on http-server if a client
	  disconnected early. v2.3.18 regression.
	- lib-index: Index file corruption could have caused a crash. Fixes:
	  Panic: file mail-transaction-log-view.c: line 165 (mail_transaction_log_view_set):
	  assertion failed: (min_file_seq <= max_file_seq).
	- lib-index: Purging an existing >1GB cache file can crash. Now cache
	  files still above 1GB after purging are removed. Fixes:
	  Panic: file mail-index-util.c: line 10 (mail_index_uint32_to_offset):
	  assertion failed: (offset < 0x40000000)
	- lib-lua: A HTTP client could not resolve DNS names in mail processes,
	  because it expected "the dns-client" socket to exist in the current
	  directory.
	- lib-oauth2: Dovecot would send client_id and client_secret as POST
	  parameters to the introspection server. These need to be optionally in
	  Basic auth instead.
	- lib-oauth2: JWT aud validation was not performed if aud was missing
	  from a token, but was configured on Dovecot.
	- lib-oauth2: JWT key type check was too strict.
	- lib-oauth2: JWT token audience was not validated against client_id as
	  required by the specification.
	- lib-ssl-iostream: Using the ssl_require_crl=yes setting may have caused
	  CRL check failures for outgoing SSL/TLS connections, although it was
	  supposed to affect checking CRLs only for client-side SSL
	  certificates. v2.3.17 regression.
	- lib-sql: MySQL driver leaked memory when connection failed.
	- lib-storage: Various fixes when running into out of disk space.
	- master: Service idle_kill setting didn't work properly on busy
	  servers. It was very unlikely that any process was idling long enough
	  to become killed. Also the idle_kill handling code was using quite a
	  lot of CPU on the master process when there were a lot of processes
	  (e.g. imap). The new behavior is to track the lowest number of idling
	  processes every idle_kill time interval and then kill that many idling
	  processes.
	- mdbox: Temp file scan was done for always empty directories.
	- mdbox: The fdatasync() call was done in wrong parent directory when
	  writing mails. Also on a failure it crashed instead of logging an error.
	- notify_status: The plugin crashes if any user initialization fails.
	- pop3: Sending command with the ':' character caused an assert-crash.
	  v2.3.18 regression. Fixes: Panic: event_reason_code_prefix(): name has ':'
	- stats: Fix panic when a nonexistent event exporter was referenced while
	  adding a new metric dynamically via doveadm stats add. This produces
	  a proper error now.
	- stats: If process exported a lot of events and then exited, some of
	  the last events may have become lost.
	- stats: Invalid Prometheus label names were created with specific
	  histogram group_by configurations. Prometheus rejected these labels.
	- welcome: The plugin didn't execute in some situations that created
	  INBOX but didn't open it, e.g. if GETMETADATA was used before the
	  INBOX was opened.

v2.3.20 2022-12-22  Aki Tuomi <aki.tuomi@open-xchange.com>

	+ Add dsync_features=no-header-hashes. When this setting is enabled and
	  one dsync side doesn't support mail GUIDs (i.e. imapc), there is no
	  fallback to using header hashes. Instead, dsync assumes that all mails
	  with identical IMAP UIDs contains the same mail contents. This can
	  significantly improve dsync performance with some IMAP servers that
	  don't support caching Date/Message-ID headers.
	+ lua: HTTP client has more settings now, see
	  https://doc.dovecot.org/admin_manual/lua/#dovecot.http.client
	+ replicator: "doveadm replicator status" command now outputs when the
	  next sync is expected for the user.
	- LAYOUT=index: duplicate GUIDs were not cleaned out. Also the list
	  recovery was not optimal.
	- auth: Assert crash would occur when iterating multiple userdb
	  backends.
	- director: Logging into director using master user with
	  auth_master_user_separator character redirected user to a wrong
	  backend, unless master_user_separator setting was also set to the same
	  value. Merged these into auth_master_user_separator.
	- dsync: Couldn't always fix folder GUID conflicts automatically with
	  Maildir format. This resulted in replication repeatedly failing
	  with "Remote lost mailbox GUID".
	- dsync: Failed to migrate INBOX when using namespace prefix=INBOX/,
	  resulting in "Remote lost mailbox GUID" errors.
	- dsync: INBOX was created too early with namespace prefix=INBOX/,
	  resulting a GUID conflict. This may have been resolved automatically,
	  but not always.
	- dsync: v2.3.18 regression: Wrong imapc password with dsync caused
	  Panic: file lib-event.c: line 506 (event_pop_global):
	  assertion failed: (event == current_global_event)
	- imapc: Requesting STATUS for a mailbox with imapc and INDEXPVT
	  configured did not return correct (private) unseen counts.
	- lib-dict: Process would crash when committing data to redis without
	  dict proxy.
	- lib-mail: Corrupted cached BODYSTRUCTURE caused panic during FETCH.
	  Fixes: Panic: file message-part-data.c: line 579 (message_part_is_attachment):
	  assertion failed: (data != NULL). v2.3.13 regression.
	- lib-storage: mail_attribute_dict with dict-sql failed when it tried to
	  lookup empty dict keys.
	- lib: ioloop-kqueue was missing include breaking some BSD builds.
	- lua-http: Dovecot Lua HTTP client could not resolve DNS names in mail
	  processes, because it expected "dns-client" socket to exist in the
	  current directory.
	- oauth2: Using %{oauth2:name} variables could cause useless
	  introspections.
	- pop3: Sending POP3 command with ':' character caused an assert-crash.
	  v2.3.18 regression.
	- replicator: Replication queue had various issues, potentially causing
	  replication requests to become stuck.
	- stats: Invalid Prometheus label names were created with specific
	  histogram group_by configurations. Prometheus rejected these labels.

v2.3.19.1 2022-06-14  Aki Tuomi <aki.tuomi@open-xchange.com>

	- doveadm deduplicate: Non-duplicate mails were deleted.
	  v2.3.19 regression.
	- auth: Crash would occur when iterating multiple backends.
	  Fixes: Panic: file userdb-blocking.c:
	  line 125 (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL)

v2.3.19 2022-05-10  Aki Tuomi <aki.tuomi@open-xchange.com>

	+ Added mail_user_session_finished event, which is emitted when the mail
	  user session is finished (e.g. imap, pop3, lmtp). It also includes
	  fields with some process statistics information.
	  See https://doc.dovecot.org/admin_manual/list_of_events/ for more
	  information.
	+ Added process_shutdown_filter setting. When an event matches the filter,
	  the process will be shutdown after the current connection(s) have
	  finished. This is intended to reduce memory usage of long-running imap
	  processes that keep a lot of memory allocated instead of freeing it to
	  the OS.
	+ auth: Add cache hit indicator to auth passdb/userdb finished events.
	  See https://doc.dovecot.org/admin_manual/list_of_events/ for more
	  information.
	+ doveadm deduplicate: Performance is improved significantly.
	+ imapc: COPY commands were sent one mail at a time to the remote IMAP
	  server. Now the copying is buffered, so multiple mails can be copied
	  with a single COPY command.
	+ lib-lua: Add a Lua interface to Dovecot's HTTP client library. See
	  https://doc.dovecot.org/admin_manual/lua/ for more information.
	- auth: Cache lookup would use incorrect cache key after username change.
	- auth: Improve handling unexpected LDAP connection errors/hangs.
	  Try to fix up these cases by reconnecting to the LDAP server and
	  aborting LDAP requests earlier.
	- auth: Process crashed if userdb iteration was attempted while auth-workers
	  were already full handling auth requests.
	- auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary
	  introspection requests.
	- dict: Timeouts may have been leaked at deinit.
	- director: Ring may have become unstable if a backend's tag was changed.
	  It could also have caused director process to crash.
	- doveadm kick: Numeric parameter was treated as IP address.
	- doveadm: Proxying can panic when flushing print output. Fixes
	  Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed:
	  (ioloop == current_ioloop).
	- doveadm sync: BROKENCHAR was wrongly changed to '_' character when
	  migrating mailboxes. This was set by default to %, so any mailbox
	  names containing % characters were modified to "_25".
	- imapc: Copying or moving mails with doveadm to an imapc mailbox could
	  have produced "Error: Syncing mailbox '[...]' failed" Errors. The
	  operation itself succeeded but attempting to sync the destination
	  mailbox failed.
	- imapc: Prevent index log synchronization errors when two or more imapc
	  sessions are adding messages to the same mailbox index files, i.e.
	  INDEX=MEMORY is not used.
	- indexer: Process was slowly leaking memory for each indexing request.
	- lib-fts: fts header filters caused binary content to be sent to the
	  indexer with non-default configuration.
	- doveadm-server: Process could hang in some situations when printing
	  output to TCP client, e.g. when printing doveadm sync state.
	- lib-index: dovecot.index.log files were often read and parsed entirely,
	  rather than only the parts that were actually necessary. This mainly
	  increased CPU usage.
	- lmtp-proxy: Session ID forwarding would cause same session IDs being
	  used when delivering same mail to multiple backends.
	- log: Log prefix update may have been lost if log process was busy.
	  This could have caused log prefixes to be empty or in some cases
	  reused between sessions, i.e. log lines could have been logged for the
	  wrong user/session.
	- mail_crypt: Plugin crashes if it's loaded only for some users. Fixes
	  Panic: Module context mail_crypt_user_module missing.
	- mail_crypt: When LMTP was delivering mails to both recipients with mail
	  encryption enabled and not enabled, the non-encrypted recipients may
	  have gotten mails encrypted anyway. This happened when the first
	  recipient was encrypted (mail_crypt_save_version=2) and the 2nd
	  recipient was not encrypted (mail_crypt_save_version=0).
	- pop3: Session would crash if empty line was sent.
	- stats: HTTP server leaked memory.
	- submission-login: Long credentials, such as OAUTH2 tokens, were refused
	  during SASL interactive due to submission server applying line length
	  limits.
	- submission-login: When proxying to remote host, authentication was not
	  using interactive SASL when logging in using long credentials such as
	  OAUTH2 tokens. This caused authentication to fail due to line length
	  constraints in SMTP protocol.
	- submission: Terminating the client connection with QUIT command after
	  mail transaction is started with MAIL command and before it is
	  finished with DATA/BDAT can cause a segfault crash.
	- virtual: doveadm search queries with mailbox-guid as the only parameter
	  crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records):
	  assertion failed: (result != 0)

v2.3.18 2022-02-03  Aki Tuomi <aki.tuomi@open-xchange.com>

	* Removed mail_cache_lookup_finished event. This event wasn't especially
	  useful, but it increased CPU usage significantly.
	* fts: Don't index inline base64 encoded content in FTS indexes using
	  the generic tokenizer. This reduces the FTS index sizes by removing
	  input that is very unlikely to be searched for. See
	  https://doc.dovecot.org/configuration_manual/fts/tokenization for
	  details on how base64 is detected. Only applies when using libfts.
	* lmtp: Session IDs are now preserved through proxied connections, so
	  LMTP sessions can be tracked. This slightly changes the LMTP session
	  ID format by appending ":Tn" (transaction), ":Pn" (proxy connection)
	  and ":Rn" (recipient) counters after the session ID prefix.
	+ Events now have "reason_code" field, which can provide a list of
	  reasons why the event is happening. See
	  https://doc.dovecot.org/admin_manual/event_reasons/
	+ New events are added. See https://doc.dovecot.org/admin_manual/list_of_events/
	+ fts: Added fts_header_excludes and fts_header_includes settings to
	  specify which headers to index. See
	  https://doc.dovecot.org/settings/plugin/fts-plugin#plugin-fts-setting-fts-header-excludes
	  for configuration details.
	+ fts: Initialize the textcat language detection library only once per
	  process. This can reduce CPU usage if fts_languages setting has multiple
	  languages listed and service indexer-worker { service_count } isn't 1.
	  Only applies when using libfts.
	+ lib-storage: Reduced CPU usage significantly for some operations that
	  accessed lots of emails (e.g. fetching all flags in a folder, SORT, ...)
	+ lib: DOVECOT_PREREQ() - Add micro version which enables compiling
	  external plugins against different versions of Dovecot.
	+ lmtp: Added new lmtp_verbose_replies setting that makes errors sent to
	  the LMTP client much more verbose with details about why exactly
	  backend proxy connections or commands are failing.
	+ submission: Support implicit SASL EXTERNAL with
	  submission_client_workarounds=implicit-auth-external. This allows
	  automatically logging in when SSL client certificate is present.
	- *-login: Statistics were disabled if stats process connection was lost.
	- auth: Authentication master user login fails with SCRAM-* SASL mechanisms.
	- auth: With auth_cache_verify_password_with_worker=yes, passdb extra
	  fields in the auth cache got lost.
	- doveadm: Fixed crash if zlib_save_level setting was specified,
	  but zlib_save was unset. v2.3.15 regression.
	- doveadm: Proxying can panic when flushing print output. v2.3.17
	  regression. Fixes:
	  Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed:
	  (ioloop == current_ioloop)
	- doveadm: stats add --group-by parameter didn't work.
	- fts: Using email-address fts tokenizer could result in excessive memory
	  usage with garbage email input. This could cause the indexer-worker
	  processes to fail due to reaching the VSZ memory size limit.
	  Only applies when using libfts.
	- imap: A SEARCH command timing out while fts returns indexes may timeout
	  returning "NO [SERVERBUG]", while it should return "NO [INUSE]" instead.
	- imap: LIST-EXTENDED doesn't return STATUS for all folders. Sending
	  LIST .. RETURN (SUBSCRIBED STATUS (...)) did not return STATUS for
	  folders that are not subscribed when they have a child folder that is
	  subscribed as mandated by IMAP RFCs.
	- imapc: Mailbox vsize calculation crashed with
	  Panic: file index-mailbox-size.c: line 344 (index_mailbox_vsize_hdr_add_missing):
	  assertion failed: (mails_left > 0)
	- indexer: If indexer-worker crashes, the request it was processing gets
	  stuck in the indexer process. This stops indexing for the folder until
	  indexer process is restarted. v2.3.14 regression.
	- indexer: Process was slowly leaking memory for each indexing request.
	- lib-event: Unnamed events were wrongly filtered out for event/metric
	  filters like "event=abc OR something_independent_of_event_name".
	- lib-index: 64-bit big endian CPUs handle last_used field in
	  dovecot.index.cache wrong.
	- lib-ssl-iostream: Fix buggy OpenSSL error handling without assert-crashing.
	  If there is no error available, log it as an error instead of crashing.
	  The previous fix for this in v2.3.11 was incomplete. Fixes
	  Panic: file istream-openssl.c: line 51 (i_stream_ssl_read_real):
	  assertion failed: (errno != 0)
	- lmtp: Out-of-memory issues can happen when proxying large messages to
	  LMTP backend servers that accept the message data too slow.
	- master: HAProxy header parsing has read buffer overflow if provided
	  header size is invalid. This happens only if inet_listener
	  { haproxy=yes } is configured and only if the remote IP address is in
	  haproxy_trusted_networks.
	- old_stats: Plugin kept increasing memory usage, which became
	  noticeable with long-running imap sessions.
	- stats: Dynamically adding same metric multiple times causes multiple stats.
	- submission-login: Authentication does not accept OAUTH2 token (or
	  other very long credentials) because it considers the line to be too long.
	- submission-login: Process can crash if HELO is pipelined with an
	  invalid domain.
	- submission-proxy: Don't use SASL-IR if it would make the AUTH command
	  line longer than 512 bytes.
	- submission: Service would crash if relay server authentication failed.
	- virtual: FTS search in a virtual folder could crash if there are
	  duplicate mailbox GUIDs. This mainly happened when user had both INBOX
	  and INBOX/INBOX folders and the namespace prefix was INBOX/. Fixes
	  Panic: file hash.c: line 252 (hash_table_insert_node):
	  assertion failed: (opcode == HASH_TABLE_OP_UPDATE)
	- virtual: If mailbox opening fails, the backend mailbox is leaked and
	  process crashes when client disconnects. Fixes
	  Panic: file mail-user.c: line 232 (mail_user_deinit):
	  assertion failed: ((*user)->refcount == 1)
	- virtual: Searching headers in virtual folders didn't always use
	  full-text search indexes, if fts_enforced=no or body.

v2.3.17.1 2021-12-07  Aki Tuomi <aki.tuomi@open-xchange.com>

	- dsync: Add back accidentically removed parameters.
	- lib-ssl-iostream: Fix assert-crash when OpenSSL returned syscall error
	  without errno.
	- master: Dovecot failed to start if ssl_ca was too large.

v2.3.17 2021-10-28  Aki Tuomi <aki.tuomi@open-xchange.com>

	* Dovecot now logs a warning if time seems to jump forward at least
	  100 milliseconds.
	* dict: Lines logged by the dict process now contain the dict name as
	  the prefix.
	* lib-index: mail_cache_fields, mail_always_cache_fields and
	  mail_never_cache_fields now verifies that the listed header names are
	  valid. Especially the UTF8 "–" character has sometimes been wrongly
	  used instead of the ASCII "-".
	+ *-login: Added login_proxy_rawlog_dir setting to capture
	  rawlogs between proxy and backend.
	+ dict: The server process now keeps the last 10 idle dict backends
	  cached for maximum of 30 seconds. Practically this acts as a
	  connection pool for dict-redis and dict-ldap. Note that this doesn't
	  affect dict-sql, because it already had its own internal cache.
	+ doveadm: New stats add/remove commands added to support changing the
	  metrics configuration on runtime.
	+ lazy_expunge: Added lazy_expunge_exclude settings to disable
	  lazy_expunge for specific folders. \Special-use flags can be used as
	  folder names.
	+ lib-lua: Added a new helper function dovecot.restrict_global_variables()
	  to disable or enable defining new global variables.
	- LAYOUT=index List index rebuild was missing.
	- LAYOUT=index: Duplicate GUIDs were not detected.
	- acl: When using acl_ignore_namespace Dovecot attempted to access or
	  create dovecot-acl-list even when the namespace should have been
	  ignored. For virtual namespaces this could have yielded errors about
	  "Read-only file system" or "Permission denied".
	- auth: Setting the "master" passdb field to empty value would
	  cause proxying to fail with an authentication error.
	  Now an empty "master" field is ignored.
	- doveadm-server: Duplicate error lines were sent for failed commands.
	  This didn't normally cause visible problems, except when using
	  wildcards in usernames or -A parameter to go through multiple users.
	- doveadm-server: Logs written by doveadm-server were often missing log
	  prefixes, especially mail_log_prefix for mail commands. Logs sent to
	  doveadm TCP client were also missing log prefixes.
	- doveadm: v2.3 regression: batch command always crashes.
	- doveadm: v2.3.11 regression: Commands failed if ssl_cert or
	  ssl_key files weren't readable by the user running doveadm, even
	  though doveadm didn't actually use these settings
	- imap-hibernate: Process may crash at deinit:
	  Panic: file ioloop.c: line 928 (io_loop_destroy): assertion failed:
	  (ioloop->cur_ctx == NULL).
	- imap: Using imap_fetch_failure=no-after can cause assert-crash
	  with some IMAP commands if reading the mail fails (e.g. wrong cached
	  mail size). Fixes:
	  Panic: file index-mail-headers.c: line 198 (index_mail_parse_header_init):
	  assertion failed: (!mail->data.header_parser_initialized)
	- imap: v2.3.10 regression: When using INDEXPVT to enable private
	  \Seen flags (for shared or public namespaces) the STORE command did
	  not send untagged replies for the \Seen flag changes.
	- imap: v2.3.15 regression: If PREVIEW/SNIPPET is not the final FETCH
	  option in the command, the IMAP FETCH response is broken.
	- imap: v2.3.15 regression: MOVE command leaks mailbox if it can't be
	  opened and crashes at deinit:
	  Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed:
	  ((*user)->refcount == 1).
	- imapc: Copying nonexistent mail via imapc could have crashed. Fixes:
	  Panic: file mail-storage.c: line 2385 (mailbox_transaction_commit_get_changes):
	  assertion failed: (ret < 0 || seq_range_count(&changes_r->saved_uids) == save_count ||
	  array_count(&changes_r->saved_uids) == 0).
	- indexer: v2.3.15 regression: Process crashes if indexer-client
	  disconnects while it's waiting for command reply. This happened for
	  example if IMAP SEARCH triggered long fts indexing and the IMAP
	  client disconnected while waiting for the reply.
	- indexer: v2.3.15 regression: Process may have crashed in some situations.
	- indexer: v2.3.15 regression: indexer-worker processes may not have
	  reached the process_limit in some situations, possibly even using just
	  one indexer-worker process even though there were many indexing
	  requests queued.
	- lib-compression: Reading lz4 compressed mdbox mails may crash. Fixes:
	  Panic: file istream.c: line 345 (i_stream_read_memarea):
	  assertion failed: (!stream->blocking).
	- lib-compression: bench-compress crashes due to xz being read-only.
	- lib-lua: Fix linking libdict_lua for non-GNU linkers when Lua support
	  is disabled.
	- lib-mail: There was no limit on how large an email header name could be.
	  Processable header names are now limited to 1000 bytes.
	- lib-oauth2: Dovecot disallowed JWT tokens if their validity time was
	  older than token creation time (nbf < iat).
	- lib-storage: Reduce memory footprint of certain storage operations.
	- lib-storage: When listing mailboxes with storage name escape
	  characters (^ or .) as part of the mailbox name, the listing could
	  show corrupted mailbox names. Due to an issue in handling escaped
	  parent folders, the listing of other mailbox names would become
	  corrupted by prepending parts of the previously listed mailboxes
	  parent folder as prefix to the actual mailbox names. The corruption
	  can occur when using LAYOUT=INDEX and maildir or obox, or when using
	  the listescape plugin.
	- mail-crypt: Fix "-O" argument for "doveadm mailbox cryptokey password"
	  command to be a boolean, and not expect a string.
	- submission-login: Add support for not authenticating to next hop in
	  submission proxying.
	- submission-login: EHLO was not sent again after XCLIENT when doing
	  submission proxying.
	- virtual: Mailboxes do not correctly detect underlying mailboxes
	  getting re-created even though they have a different UIDVALIDITY or
	  GUID.

v2.3.16 2021-08-06  Timo Sirainen <timo.sirainen@open-xchange.com>

	* Any unexpected exit() will now result in a core dump. This can
	  especially help notice problems when a Lua script causes exit(0).
	* auth-worker process is now restarted when the number of auth
	  requests reaches service auth-worker { service_count }. The default
	  is still unlimited.

	+ Event improvements: Added data_stack_grow event and http-client
	  category. See https://doc.dovecot.org/admin_manual/list_of_events/
	+ oauth2: Support RFC 7628 openid-configuration element. This allows
	  clients to support OAUTH2 for any server, not just a few hardcoded
	  servers like they do now. See openid_configuration_url setting in
	  dovecot-oauth2.conf.ext.
	+ mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
	+ dovecot-sysreport --core supports multiple core files now and does
	  not require specifying the binary path.
	+ imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
	  IMAP ACL commands are proxied to the remote server. See
	  https://doc.dovecot.org/configuration_manual/mail_location/imapc/
	+ dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
	+ imap: If IMAP client disconnects during a COPY command, the copying
	  is aborted, and changes are reverted. This may help to avoid many
	  email duplicates if client disconnects during COPY and retries it
	  after reconnecting.
	- master process was using 100% CPU if service attempted to create more
	  processes due to process_min_avail, but process_limit was already
	  reached. v2.3.15 regression.
	- Using attachment detection flags wrongly logged unnecessary "Failed
	  to add attachment keywords" errors. v2.3.13 regression.
	- IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
	  response, which could have confused IMAP clients. v2.3.13 regression.
	- imap: STORE didn't send untagged replies for \Seen changes for
	  (shared) mailboxes using INDEXPVT. v2.3.10 regression.
	- rawlog_dir setting would not log input that was pipelined after
	  authentication command.
	- Fixed potential infinite looping with autoexpunging.
	- Log event exporter: Truncate long fields to 1000 bytes
	- LAYOUT=index: ACL inheritance didn't work when creating mailboxes
	- Event filters: Unquoted '?' wildcard caused a crash at startup
	- fs-metawrap: Fix to handling zero sized files
	- imap-hibernate: Fixed potential crash at deinit.
	- acl: dovecot-acl-list files were written for acl_ignore_namespaces
	- program-client (used by Sieve extprograms, director_flush_socket)
	  may have missed status response from UNIX and network sockets,
	  resulting in unexpected failures.

v2.3.15 2021-06-21  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
	  JWT tokens. This may be used to supply attacker controlled keys to
	  validate tokens, if attacker has local access.
	* CVE-2021-33515: On-path attacker could have injected plaintext commands
	  before STARTTLS negotiation that would be executed after STARTTLS
	  finished with the client.
	* Disconnection log messages are now more standardized across services.
	  They also always now start with "Disconnected" prefix.
	* Dovecot now depends on libsystemd for systemd integration.
	* Removed support for Lua 5.2. Use version 5.1 or 5.3 instead.
	* config: Some settings are now marked as "hidden". It's discouraged to
	  change these settings. They will no longer be visible in doveconf
	  output, except if they have been changed or if doveconf -s parameter
	  is used. See https://doc.dovecot.org/settings/advanced/ for details.
	* imap-compress: Compression level is now algorithm specific.
	  See https://doc.dovecot.org/settings/plugin/compress-plugin/
	* indexer-worker: Convert "Indexed" info logs to an event named
	  "indexer_worker_indexing_finished". See
	  https://doc.dovecot.org/admin_manual/list_of_events/#indexer-worker-indexing-finished
	+ Add TSLv1.3 support to min_protocols.
	+ Allow configuring ssl_cipher_suites. (for TLSv1.3+)
	+ acl: Add acl_ignore_namespace setting which allows to entirely ignore
	  ACLs for the listed namespaces.
	+ imap: Support official RFC8970 preview/snippet syntax. Old methods of
	  retrieving preview information via IMAP commands ("SNIPPET and PREVIEW
	  with explicit algorithm selection") have been deprecated.
	+ imapc: Support INDEXPVT for imapc storage to enable private
	  message flags for cluster wide shared mailboxes.
	+ lib-storage: Add new events: mail_opened, mail_expunge_requested,
	  mail_expunged, mail_cache_lookup_finished. See
	  https://doc.dovecot.org/admin_manual/list_of_events/#mail
	+ zlib, imap-compression, fs-compress: Support compression levels that
	  the algorithm supports. Before, we would allow hardcoded value between
	  1 to 9 and would default to 6. Now we allow using per-algorithm value
	  range and default to whatever default the algorithm specifies.
	- *-login: Commands pipelined together with and just after the authenticate
	  command cause these commands to be executed twice. This applies to all
	  protocols that involve user login, which currently comprises of imap,
	  pop3, submisision and managesieve.
	- *-login: Processes are supposed to disconnect the oldest non-logged in
	  connection when process_limit was reached. This didn't actually happen
	  with the default "high-security mode" (with service_count=1) where each
	  connection is handled by a separate process.
	- *-login: When login process reaches client/process limits, oldest
	  client connections are disconnected. If one of these was still doing
	  anvil lookup, this caused a crash. This could happen only if the login
	  process limits were very low or if the server was overloaded.
	- Fixed building with link time optimizations (-flto).
	- auth: Userdb iteration with passwd driver does not always return all
	  users with some nss drivers.
	- dsync: Shared INBOX not synced when "mail_shared_explicit_inbox" was
	  disabled. If a user has a shared mailbox which is another user's INBOX,
	  dsync didn't include the mailbox in syncing unless explicit naming is
	  enabled with "mail_shared_explicit_inbox" set to "yes".
	- dsync: Shared namespaces were not synced with "-n" flag.
	- dsync: Syncing shared INBOX failed if mail_attribute_dict was not set.
	  If a user has a shared mailbox that is another user's INBOX, dsync
	  failed to export the mailbox if mail attributes are disabled.
	- fts-solr, fts-tika: Using both Solr FTS and Tika may have caused HTTP
	  requests to assert-crash: Panic: file http-client-request.c: line 1232
	  (http_client_request_send_more): assertion failed: (req->payload_input != NULL)
	- fts-tika: 5xx errors returned by Tika server as indexing failures.
	  However, Tika can return 5xx for some attachments every time.
	  So the 5xx error should be retried once, but treated as success if it
	  happens on the retry as well. v2.3 regression.
	- fts-tika: v2.3.11 regression: Indexing messages with fts-tika may have
	  resulted in Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts):
	  assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
	- imap: SETMETADATA could not be used to unset metadata values.
	  Instead NIL was handled as a "NIL" string. v2.3.14 regression.
	- imap: IMAP BINARY FETCH crashes at least on empty base64 body:
	  Panic: file index-mail-binary.c: line 358 (blocks_count_lines):
	  assertion failed: (block_count == 0 || block_idx+1 == block_count)
	- imap: If IMAP client using the NOTIFY command was disconnected while
	  sending FETCH notifications to the client, imap could crash with
	  Panic: Trying to close mailbox INBOX with open transactions.
	- imap: Using IMAP COMPRESS extension can cause IMAP connection to hang
	  when IMAP commands are >8 kB long.
	- imapc: If remote server sent BYE but didn't immediately disconnect, it
	  could cause infinite busy-loop.
	- lib-index: Corrupted cache record size in dovecot.index.cache file
	  could have caused a crash (segfault) when accessing it.
	- lib-oauth2: JWT token time validation now works correctly with
	  32-bit systems.
	- lib-ssl-iostream: Checking hostnames against an SSL certificate was
	  case-sensitive.
	- lib-storage: Corrupted mime.parts in dovecot.index.cache may have
	  resulted in Panic: file imap-bodystructure.c: line 206 (part_write_body):
	  assertion failed: (text == ((part->flags & MESSAGE_PART_FLAG_TEXT) != 0))
	- lib-storage: Index rebuilding (e.g. via doveadm force-resync) didn't
	  preserve the "hdr-pop3-uidl" header. Because of this, the next pop3
	  session could have accessed all of the emails' metadata to read their
	  POP3 UIDL (opening dbox files).
	- listescape: When using the listescape plugin and a shared namespace
	  the plugin didn't work properly anymore resulting in errors like:
	  "Invalid mailbox name: Name must not have '/' character."
	- lmtp: Connection crashes if connection gets disconnected due to
	  multiple bad commands and the last bad command is BDAT.
	- lmtp: The Dovecot-specific LMTP parameter XRCPTFORWARD was blindly
	  forwarded by LMTP proxy without checking that the backend has support.
	  This caused a command parameter error from the backend if it was
	  running an older Dovecot release. This could only occur in more complex
	  setups where the message was proxied twice; when the proxy generated
	  the XRCPTFORWARD parameter itself the problem did not occur, so this
	  only happened when it was forwarded.
	- lmtp: The LMTP proxy crashes with a panic when the remote server
	  replies with an error while the mail is still being forwarded through
	  a DATA/BDAT command.
	- lmtp: Username may have been missing from lmtp log line prefixes when
	  it was performing autoexpunging.
	- master: Dovecot would incorrectly fail with haproxy 2.0.14 service
	  checks.
	- master: Systemd service: Dovecot announces readiness for accepting
	  connections earlier than it should. The following environment variables
	  are now imported automatically and can be omitted from
	  import_environment setting: NOTIFY_SOCKET LISTEN_FDS LISTEN_PID.
	- master: service { process_min_avail } was launching processes too
	  slowly when master was forking a lot of processes.
	- util: Make the health-check.sh example script POSIX shell compatible.

v2.3.14.1 2021-06-21  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
	  JWT tokens. This may be used to supply attacker controlled keys to
	  validate tokens, if attacker has local access.
	* CVE-2021-33515: On-path attacker could have injected plaintext commands
	  before STARTTLS negotiation that would be executed after STARTTLS
	  finished with the client.
	- lib-index: Corrupted mime.parts in dovecot.index.cache may have
	  resulted in Panic: file imap-bodystructure.c: line 206 (part_write_body):
	  assertion failed: (text == ((part->flags & MESSAGE_PART_FLAG_TEXT) != 0))
	- imap: SETMETADATA could not be used to unset metadata values.
	  Instead NIL was handled as a "NIL" string. v2.3.14 regression.

V2.3.14 2021-03-04  Aki Tuomi <aki.tuomi@open-xchange.com>

	* Added new aliases for some variables. Usage of the old ones is possible,
	  but discouraged. (These were partially added already to v2.3.13.)
	  See https://doc.dovecot.org/configuration_manual/config_file/config_variables/
	  for more information.
	* Optimize imap/pop3/submission/managesieve proxies to use less CPU at
	  the cost of extra memory usage.
	* Remove autocreate, expire, snarf and mail-filter plugins.
	* Remove cydir storage driver.
	* Remove XZ/LZMA write support. Read support will be removed in future release.
	* doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP
	  environment variable is not set. Timestamp format is taken from
	  log_timestamp setting.
	* If BROKENCHAR or listescape plugin is used, the escaped folder names
	  may be slightly different from before in some situations. This is
	  unlikely to cause issues, although caching clients may redownload the
	  folders.
	* imapc: It now enables BROKENCHAR=~ by default to escape remote folder
	  names if necessary. This also means that if there are any '~'
	  characters in the remote folder names, they will be visible as "~7e".
	* imapc: When using local index files folder names were escaped on
	  filesystem a bit differently. This affects only if there are folder
	  names that actually require escaping, which isn't so common. The old
	  style folders will be automatically deleted from filesystem.
	* stats: Update exported metrics to be compliant with OpenMetrics standard.
	+ doveadm: Add an optional '-p' parameter to metadata list command. If
	  enabled, "/private", and "/shared" metadata prefixes will be prepended
	  to the keys in the list output.
	+ doveconf: Support environment variables in config files. See
	  https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables
	  for more details.
	+ indexer-worker: Change indexer to disconnect from indexer-worker
	  after each request. This allows service indexer-worker's service_count &
	  idle_kill settings to work. These can be used to restart indexer-worker
	  processes once in a while to reduce their memory usage.
	- auth: "nodelay" with various authentication mechanisms such as apop
	  and digest-md5 crashed AUTH process if authentication failed.
	- auth: Auth lua script generating an error triggered an assertion
	  failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify):
	  assertion failed: (lua_gettop(script->L) == 0).
	- configure: Fix libunwind detection to work on other than x86_64 systems.
	- doveadm-server: Process could crash if logging was done outside command
	  handling. For example http-client could have done debug logging
	  afterwards, resulting in either segfault or Panic:
	  file http-client.c: line 642 (http_client_context_close):
	  assertion failed: (cctx->clients_list == NULL).
	- dsync: Folder name escaping with BROKENCHAR didn't work completely
	  correctly. This especially caused problems with dsync-migrations using
	  imapc where some of the remote folder names may not have been accessible.
	- dsync: doveadm sync + imapc doesn't always sync all mails when doing
	  an incremental sync (-1), which could lead to mail loss when it's used
	  for migration. This happens only when GUIDs aren't used (i.e.
	  imapc without imapc_features=guid-forced).
	- fts-tika: When tika server returns error, some mails cause Panic:
	  file message-parser.c: line 802 (message_parser_deinit_from_parts):
	  assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
	- lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have
	  resulted in crashes. This exposed that Dovecot was wrongly accepting
	  atoms in "nstring" handling. Changed the IMAP parsing to be more
	  strict about this now.
	- lib-index: If dovecot.index.cache has corrupted message size, fetching
	  BODY/BODYSTRUCTURE may cause assert-crash:
	  Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish):
	  assertion failed: (mail->data.parts != NULL).
	- lib-index: Minor error handling and race condition fixes related to
	  rotating dovecot.index.log. These didn't usually cause problems,
	  unless the log files were rotated rapidly.
	- lib-lua: Lua scripts using coroutines or lua libraries using coroutines
	  (e.g., cqueues) panicked.
	- Message PREVIEW handled whitespace wrong so first space would get
	  eaten from between words.
	- FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively.
	- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
	  was written in a way that may have caused confusion for IMAP clients
	  and also Dovecot itself when parsing it. The truncated part is now
	  written out using application/octet-stream MIME type.
	- lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to
	  use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed:
	  (meth->context_size <= MAC_MAX_CONTEXT_SIZE).
	- event filters: NOT keyword did not have the correct associativity.
	  NOT a AND b were getting parsed as NOT (a AND b) instead of
	  (NOT a) AND b.
	- Ignore ECONNRESET when closing socket. This avoids logging useless
	  errors on systems like FreeBSD.
	- event filters: event filter syntax error may lead to Panic:
	  file event-filter.c: line 137 (event_filter_parse): assertion failed:
	  (state.output == NULL)
	- lib: timeval_cmp_margin() was broken on 32-bit systems. This could
	  potentially have caused HTTP timeouts to be handled incorrectly.
	- log: instance_name wasn't used as syslog ident by the log process.
	- master: After a service reached process_limit and client_limit, it
	  could have taken up to 1 second to realize that more client connections
	  became available. During this time client connections could have been
	  unnecessarily rejected and a warning logged:
	  Warning: service(...): process_limit (...) reached, client connections are being dropped
	- stats: Crash would occur when generating openmetrics data for metrics
	  using aggregating functions.
	- stats: Event filters comparing against empty strings crash the stats
	  process.

v2.3.13 2021-01-04	Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
	  allow logged in user to access other people's emails and filesystem
	  information.
	* Metric filter and global event filter variable syntax changed to a
	  SQL-like format. See https://doc.dovecot.org/configuration_manual/event_filter/
	* auth: Added new aliases for %{variables}. Usage of the old ones is
	  possible, but discouraged.
	* auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
	  mechanism and related password schemes.
	* auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
	* auth: Removed postfix postmap socket
	+ auth: Added new fields for auth server events. These fields are now
	  also available for all auth events. See
	  https://doc.dovecot.org/admin_manual/list_of_events/#authentication-server
	  for details.
	+ imap-hibernate: Added imap_client_hibernated, imap_client_unhibernated
	  and imap_client_unhibernate_retried events. See
	  https://doc.dovecot.org/admin_manual/list_of_events/ for details.
	+ lib-index: Added new mail_index_recreated event. See
	  https://doc.dovecot.org/admin_manual/list_of_events/#mail-index-recreated
	+ lib-sql: Support TLS options for cassandra driver. This requires
	  cpp-driver v2.15 (or later) to work reliably.
	+ lib-storage: Missing $HasAttachment / $HasNoAttachment flags are now
	  added to existing mails if mail_attachment_detection_option=add-flags
	  and it can be done inexpensively.
	+ login proxy: Added login_proxy_max_reconnects setting (default 3) to
	  control how many reconnections are attempted.
	+ login proxy: imap/pop3/submission/managesieve proxying now supports
	  reconnection retrying on more than just connect() failure. Any error
	  except a non-temporary authentication failure will result in reconnect
	  attempts.
	- auth: Lua passdb/userdb leaks stack elements per call, eventually
	  causing the stack to become too deep and crashing the auth or
	  auth-worker process.
	- auth: SASL authentication PLAIN mechanism could be used to trigger
	  read buffer overflow. However, this doesn't seem to be exploitable in
	  any way.
	- auth: v2.3.11 regression: GSSAPI authentication fails because dovecot
	  disallows NUL bytes for it.
	- dict: Process used too much CPU when iterating keys, because each key
	  used a separate write() syscall.
	- doveadm-server: Crash could occur if logging was done outside command
	  handling. For example http-client could have done debug logging
	  afterwards, resulting in either segfault or
	  Panic: file http-client.c: line 642 (http_client_context_close):
	  assertion failed: (cctx->clients_list == NULL).
	- doveadm-server: v2.3.11 regression: Trying to connect to doveadm server
	  process via starttls assert-crashed if there were no ssl=yes listeners:
	  Panic: file master-service-ssl.c: line 22 (master_service_ssl_init):
	  assertion failed: (service->ssl_ctx_initialized).
	- fts-solr: HTTP requests may have assert-crashed:
	  Panic: file http-client-request.c: line 1232 (http_client_request_send_more):
	  assertion failed: (req->payload_input != NULL)
	- imap: IMAP NOTIFY could crash with a segmentation fault due to a bad
	  configuration that causes errors. Sending the error responses to the
	  client can cause the segmentation fault. This can for example happen
	  when several namespaces use the same mail storage location.
	- imap: IMAP NOTIFY used on a shared namespace that doesn't actually
	  exist (e.g. public namespace for a nonexistent user) can crash with a panic:
	  Panic: Leaked view for index /tmp/home/asdf/mdbox/dovecot.list.index: Opened in (null):0
	- imap: IMAP session can crash with QRESYNC extension if many changes
	  are done before asking for expunged mails since last sync.
	- imap: Process might hang indefinitely if client disconnects after
	  sending some long-running commands pipelined, for example FETCH+LOGOUT.
	- lib-compress: Mitigate crashes when configuring a not compiled in
	  compression. Errors with compression configuration now distinguish
	  between not supported and unknown.
	- lib-compression: Using xz/lzma compression in v2.3.11 could have
	  written truncated output in some situations. This would result in
	  "Broken pipe" read errors when trying to read it back.
	- lib-compression: zstd compression could have crashed in some situations:
	  Panic: file ostream.c: line 287 (o_stream_sendv_int): assertion failed: (!stream->blocking)
	- lib-dict: dict client could have crashed in some rare situations when
	  iterating keys.
	- lib-http: Fix several assert-crashes in HTTP client.
	- lib-index: v2.3.11 regression: When mails were expunged at the same
	  time as lots of new content was being saved to the cache (e.g. cache
	  file was lost and is being re-filled) a deadlock could occur with
	  dovecot.index.cache / dovecot.index.log.
	- lib-index: v2.3.11 regression: dovecot.index.cache file was being
	  purged (rewritten) too often when it had a field that hadn't been
	  accessed for over 1 month, but less than 2 months. Every cache file
	  change caused a purging in this situation.
	- lib-mail: MIME parts were not returned correctly by Dovecot MIME parser.
	  Regression caused by fixing CVE-2020-12100.
	- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
	  was written in a way that may have caused confusion for both IMAP
	  clients and Dovecot itself when parsing it. The truncated part is now
	  written out using application/octet-stream MIME type.
	- lib-mail: v2.3.11 regression: Mail delivery / parsing crashed when the
	  10000th MIME part was message/rfc822 (or if parent was multipart/digest):
	  Panic: file message-parser.c: line 167 (message_part_append):
	  assertion failed: (ctx->total_parts_count <= ctx->max_total_mime_parts).
	- lib-oauth2: Dovecot incorrectly required oauth2 server introspection
	  reply to contain username with invalid token.
	- lib-ssl-iostream, lib-dcrypt: Fix building with OpenSSL that has
	  deprecated APIs disabled.
	- lib-storage: When mail's size is different from the cached one (in
	  dovecot.index.cache or Maildir S=size in the filename), this is
	  handled by logging "Cached message size smaller/larger than expected"
	  error. However, in some situations this also ended up crashing with:
	  Panic: file istream.c: line 315 (i_stream_read_memarea):
	  assertion failed: (old_size <= _stream->pos - _stream->skip).
	- lib-storage: v2.3 regression: Copying/moving mails was taking much more
	  memory than before. This was mainly visible when copying/moving
	  thousands of mails in a single transaction.
	- lib-storage: v2.3.11 regression: Searching messages assert-crashed
	  (without FTS): Panic: file message-parser.c: line 174 (message_part_finish):
	  assertion failed: (ctx->nested_parts_count > 0).
	- lib: Dovecot v2.3 moved signal handlers around in ioloops,
	  causing more CPU usage than in v2.2.
	- lib: Fixed JSON parsing: '\' escape sequence may have wrongly resulted
	  in error if it happened to be at read boundary. Any NUL characters and
	  '\u0000' will now result in parsing error instead of silently
	  truncating the data.
	- lmtp, submission: Server may hang if SSL client connection disconnects
	  during the delivery. If this happened repeated, it could have ended
	  up reaching process_limit and preventing any further lmtp/submission
	  deliveries.
	- lmtp: Proxy does not always properly log TLS connection problems as
	  errors; in some cases, only a debug message is logged if enabled.
	- lmtp: The LMTP service can hang when commands are pipelined. This can
	  particularly occur when one command in the middle of the pipeline fails.
	  One example of this occurs for proxied LMTP transactions in which the
	  final DATA or BDAT command is pipelined after a failing RCPT command.
	- login-proxy: The login_source_ips setting has no effect, and therefore
	  the proxy source IPs are not cycled through as they should be.
	- master: Process was using 100% CPU in some situations when a broken
	  service was being throttled.
	- pop3-login: POP3 login would fail with "Input buffer full" if the
	  initial response for SASL was too long.
	- stats: Crash would occur when generating openmetrics data for metrics
	  using aggregating functions.

v2.3.11.3 2020-07-29	Aki Tuomi <aki.tuomi@open-xchange.com>

	- pop3-login: Login didn't handle commands in multiple IP packets properly.
	  This mainly affected large XCLIENT commands or a large SASL initial
	  response parameter in the AUTH command.
	- pop3: pop3_deleted_flag setting was broken, causing:
	  Panic: file seq-range-array.c: line 472 (seq_range_array_invert):
	  assertion failed: (range[count-1].seq2 <= max_seq)

v2.3.11.2 2020-07-13	Aki Tuomi <aki.tuomi@open-xchange.com>

	- auth: Lua passdb/userdb leaks stack elements per call, eventually
	  causing the stack to become too deep and crashing the auth or
	  auth-worker process.
	- lib-mail: v2.3.11 regression: MIME parts not returned correctly by
	  Dovecot MIME parser.
	- pop3-login: Login would fail with "Input buffer full" if the initial
	  response for SASL was too long.

v2.3.11 2020-06-17  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2020-12100: Parsing mails with a large number of MIME parts could
	  have resulted in excessive CPU usage or a crash due to running out of
	  stack memory.
	* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
	  message buffer size, which leads to reading past allocation which can
	  lead to crash.
	* CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
	  address that has the empty quoted string as local-part causes the lmtp
	  service to crash.
	* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
	  zero-length message, which leads to assert-crash later on.
	* Events: Fix inconsistency in events. See event documentation in
	  https://doc.dovecot.org.
	* imap_command_finished event's cmd_name field now contains "unknown"
	  for unknown commands. A new "cmd_input_name" field contains the
	  command name exactly as it was sent.
	* lib-index: Renamed mail_cache_compress_* settings to mail_cache_purge_*.
	  Note that these settings are mainly intended for testing and usually
	  shouldn't be changed.
	* events: Renamed "index" event category to "mail-index".
	* events: service:<name> category is now using the name from
	  configuration file.
	* dns-client: service dns_client was renamed to dns-client.
	* log: Prefixes generally use the service name from configuration file.
	  For example dict-async service will now use
	  "dict-async(pid): " log prefix instead of "dict(pid): "
	* *-login: Changed logging done by proxying to use a consistent prefix
	  containing the IP address and port.
	* *-login: Changed disconnection log messages to be slightly clearer.
	+ dict: Add events for dictionaries.
	+ lib-index: Finish logging with events.
	+ oauth2: Support local validation of JWT tokens.
	+ stats: Add support for dynamic histograms and grouping. See
	  https://doc.dovecot.org/configuration_manual/stats/.
	+ imap: Implement RFC 8514: IMAP SAVEDATE
	+ lib-index: If a long-running transaction (e.g. SORT/FETCH on a huge
	  folder) adds a lot of data to dovecot.index.cache file, commit those
	  changes periodically to make them visible to other concurrent sessions
	  as well.
	+ stats: Add OpenMetrics exporter for statistics. See
	  https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
	+ stats: Support disabling stats-writer socket by setting
	  stats_writer_socket_path="".
	- auth-worker: Process keeps slowly increasing its memory usage and
	  eventually dies with "out of memory" due to reaching vsz_limit.
	- auth: Prevent potential timing attacks in authentication secret
	  comparisons: OAUTH2 JWT-token HMAC, imap-urlauth token, crypt() result.
	- auth: Several auth-mechanisms allowed input to be truncated by NUL
	  which can potentially lead to unintentional issues or even successful
	  logins which should have failed.
	- auth: When auth policy returned a delay, auth_request_finished event
	  had policy_result=ok field instead of policy_result=delayed.
	- auth: auth process crash when auth_policy_server_url is set to an
	  invalid URL.
	- dict-ldap: Crash occurs if var_expand template expansion fails.
	- dict: If dict client disconnected while iteration was still running,
	  dict process could have started using 100% CPU, although it was still
	  handling clients.
	- doveadm: Running doveadm commands via proxying may hang, especially
	  when doveadm is printing a lot of output.
	- imap: "MOVE * destfolder" goes to a loop copying the last mail to the
	  destination until the imap process dies due to running out of memory.
	- imap: Running "UID MOVE 1:* Trash" on an empty folder goes to infinite
	  loop.
	- imap: SEARCH doesn't support $.
	- lib-compress: Buffer over-read in zlib stream read.
	- lib-dns: If DNS lookup times out, lib-dns can cause crash in calling
	  process.
	- lib-index: Fixed several bugs in dovecot.index.cache handling that
	  could have caused cached data to be lost.
	- lib-index: Writing to >=1 GB dovecot.index.cache files may cause
	  assert-crashes:
	  Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset):
	  assertion failed: (offset < 0x40000000)
	- lib-ssl-iostream: Fix buggy OpenSSL error handling without
	  assert-crashing. If there is no error available, log it as an error
	  instead of crashing:
	  Panic: file iostream-openssl.c: line 599 (openssl_iostream_handle_error):
	  assertion failed: (errno != 0)
	- lib-ssl-iostream: ssl_key_password setting did not work.
	- submission: A segfault crash may occur when the client or server
	  disconnects while a non-transaction command like NOOP or VRFY is still
	  being processed.
	- virtual: Copying/moving mails with IMAP into a virtual folder assert-crashes:
	  Panic: file cmd-copy.c: line 152 (fetch_and_copy): assertion failed:
	  (copy_ctx->copy_count == seq_range_count(&copy_ctx->saved_uids))

v2.3.10  2020-03-06  Aki Tuomi <aki.tuomi@open-xchange.com>

	* Disable retpoline migitations by default. These can cause severe
	  performance regressions, so they should be only enabled when
	  applicable.
	* IMAP MOVE now commits transactions in batches of 1000 mails. This
	  helps especially with lazy_expunge when moving a lot of mails. It
	  mainly avoids situations where multiple IMAP sessions are running the
	  same MOVE command and duplicating the mails in the lazy_expunge folder.
	  With this change there can still be some duplication, but the MOVE
	  always progresses forward. Also if the MOVE fails at some point, the
	  changes up to the last 1000 mails are still committed instead of
	  rolled back. Note that the COPY command behavior hasn't changed,
	  because it is required by IMAP standard to be an atomic operation.
	* IMAP EXPUNGE and CLOSE now expunges mails in batches of 1000 mails.
	  This helps especially with lazy_expunge when expunging a lot of mails
	  (e.g. millions) to make sure that the progress always moves forward
	  even if the process is killed.
	* Autoexpunging now expunges mails in batches of 1000 mails. This helps
	  especially with lazy_expunge when expunging a lot of mails
	  (e.g. millions) to make sure that the progress always moves forward
	  even if the process is killed.
	+ Add tool for generating sysreport called dovecot-sysreport.
	  This generates a bundle of information usually needed for support
	  requests.
	+ Add support for the new IMAP \Important SPECIAL-USE flag (RFC 8457).
	+ Add metric { group_by } setting. This allows automatically creating
	  new metrics based on the fields you want to group statistics by.
	  NOTE: This feature is considered experimental and syntax is subject
	  to change in future release.
	+ auth: Support SCRAM-SHA-256 authentication mechanism.
	+ imap: Support the new IMAP STATUS=SIZE extension.
	+ Use TCP_QUICKACK to reduce latency for some TCP connections.
	+ quota-status: Made the service more robust against erroneous use with
	  Postfix ACL policies other than smtpd_recipient_restrictions.
	+ Add "revision" field support to imap_id_send setting. Using
	  "revision *" will send in IMAP ID command response the short commit
	  hash of the Dovecot git source tree HEAD (same as in dovecot --version).
	+ IMAP ENVELOPE includes now all addresses when there are multiple
	  headers (From, To, Cc, etc.) The standard way of having multiple
	  addresses is to just list them all in a single header. It's
	  non-standard to have multiple headers. However, since MTAs allow these
	  mails to pass through and different software may handle them in
	  different ways, it's better from security point of view to show all
	  the addresses.
	+ Event filters now support using "field_name=" to match a field that
	  doesn't exist or has an empty value. For example use "error=" to match
	  only events that didn't fail.
	- acl: INBOX ACLs shouldn't apply for IMAP GETMETADATA/SETMETADATA
	  commands.
	- cassandra: CASS_ERROR_SERVER_WRITE_FAILURE error should also be
	  treated as "uncertain write failure".
	- dict-redis: Using quota_clone configured with dict-redis could have
	  crashed when Redis responded slowly.
	- imap-hibernate: Communication trouble with imap-master leads to
	  segfault.
	- imap-hibernate: Unhibernation retrying wasn't working.
	- imap: Fixed auth lookup privilege problem when imap process was reused
	  and user was being un-hibernated.
	- Fix potential crash when copying/moving mails within the same folder.
	  This happened only when there were a lot of fields in dovecot.index.cache.
	- lib-index: Recreating dovecot.index.cache file could have crashed when
	  merging bitmask fields.
	- lib-index: Using public/shared folders with INDEXPVT configured to use
	  private \Seen flags, trying to search seen/unseen in an empty folder
	  crashes with segfault.
	- lib-mail: Large base64-encoded mails weren't decoded properly.
	  This could have affected searching/indexing mails and message snippet
	  generation.
	- lib-mail: Message with only quoted text could have caused message
	  snippet to ignore its 200 character limit and return the entire
	  message. This was added also to dovecot.index.cache file, which
	  increased disk space and memory usage unnecessarily.
	  v2.3.9.2 regression (previous versions cached the quoted snippet as
	  empty). In a large mail quoted text could have become wrongly added
	  to the snippet, possibly mixed together with non-quoted text.
	- lib-smtp: client could have assert-crashed if STARTTLS handshake
	  finished earlier than usually.
	- lib-ssl-iostream: remove -static flag for lib-ssl-iostream linking to
	  prevent a compile issue.
	- lib-storage: Mailbox synchronization may have assert-crashed in some
	  rare situations.
	- lib-storage: mdbox didn't preserve date.saved with dsync.
	- lib: Don't require EAI_{ADDRFAMILY,NODATA}, breaks FreeBSD
	- master: Some services could respawn unthrottled if they crash during
	  startup.
	- push-notification: Do not send push_notification_finished event if
	  nothing was done. This happens when mail transaction is started and
	  ended with no changes.
	- quota-status: Addresses with special characters in the local part caused
	  problems in the interaction between Postfix and Dovecot. Postfix sent
	  its own internal representation in the recipient field, while Dovecot
	  expected a valid RFC5321 mailbox address.
	- submission-login: SESSION was not correctly encoded field for the
	  XCLIENT command. Particularly, a '+' character introduced by the
	  session ID's Base64 encoding causes problems.
	- submission: Fix submission_max_mail_size to work correctly on 32-bit
	  systems.
	- submission: Trusted connections crashed in second connection's EHLO
	  if submission-login { service_count } is something else than 1 (which
	  is the default).
	- submission: XCLIENT command was never used in the protocol exchange
	  with the relay MTA when submission_backend_capabilities is configured,
	  even when the relay MTA was properly configured to accept the XCLIENT
	  command.

v2.3.9.3 2020-02-12  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2020-7046: Truncated UTF-8 can be used to DoS
	  submission-login and lmtp processes.
	* CVE-2020-7957: Specially crafted mail can crash snippet generation.

v2.3.9.2 2019-12-13  Aki Tuomi <aki.tuomi@open-xchange.com>

	- Mails with empty From/To headers can also cause crash
	  in push notification drivers.

v2.3.9.1 2019-12-13  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2019-19722: Mails with group addresses in From or To fields
	  caused crash in push notification drivers.

v2.3.9 2019-12-04  Aki Tuomi <aki.tuomi@open-xchange.com>

	* Changed several event field names for consistency and to avoid
	  conflicts in parent-child event relationships:
	   * SMTP server command events: Renamed "name" to "cmd_name"
	   * Events inheriting from a mailbox: Renamed "name" to "mailbox"
	   * Server connection events have only "remote_ip", "remote_port",
	     "local_ip" and "local_port".
	   * Removed duplicate "client_ip", "ip" and "port".
	   * Mail storage events: Removed "service" field.
	     Use "service:<name>" category instead.
	   * HTTP client connection events: Renamed "host" to "dest_host" and
	     "port" to "dest_port"
	* auth: Drop Postfix socketmap support. It hasn't been working
	  with recent Postfix versions for a while now.
	* push-notification-lua: The "subject" field is now decoded to UTF8
	  instead of kept as MIME-encoded.
	+ push-notification-lua: Added new "from_address", "from_display_name",
	  "to_address" and "to_display_name" fields. The display names are
	  decoded to UTF8.
	+ Added various new fields to existing events.
	  See http://doc.dovecot.net/admin_manual/list_of_events.html
	+ Add lmtp_add_received_header setting. It can be used to prevent LMTP
	  from adding "Received:" headers.
	+ doveadm: Support SSL/STARTTLS for proxied doveadm connections based on
	  doveadm_ssl setting and proxy ssl/tls settings.
	+ Log filters support now "service:<name>", which matches all events for
	  the given service. It can also be used as a category.
	+ lib: Use libunwind to get abort backtraces with function names
	  where available.
	+ lmtp: When the LMTP proxy changes the username (from passdb lookup)
	  add an appropriate ORCPT parameter.
	- lmtp: Add lmtp_client_workarounds setting to implement workarounds for
	  clients that send MAIL and RCPT commands with additional spaces before
	  the path and for clients that omit <> brackets around the path.
	  See example-config/conf.d/20-lmtp.conf.
	- lda/lmtp: Invalid MAIL FROM addresses were rejcted too aggressively.
	  Now mails from addresses with unicode characters are delivered, but
	  their Return-Path header will be <> instead of the given MAIL FROM
	  address.
	- lmtp: The lmtp_hdr_delivery_address setting is ignored.
	- imap: imap_command_finished event's "args" and "human_args" parameters
	  were always empty.
	- mbox: Seeking in zlib and bzip2 compressed input streams didn't work
	  correctly.
	- imap-hibernate: Process crashed when client got destroyed while it was
	  attempted to be unhibernated, and the unhibernation fails.
	- *-login: Proxying may have crashed if SSL handshake to the backend
	  failed immediately. This was unlikely to happen in normal operation.
	- *-login: If TLS handshake to upstream server failed during proxying,
	  login process could crash due to invalid memory access.
	- *-login: v2.3 regression: Using SASL authentication without initial
	  response may have caused SSL connections to hang. This happened often
	  at least with PHP's IMAP library.
	- *-login: When login processes are flooded with authentication attempts
	  it starts logging errors about "Authentication server sent unknown id".
	  This is still expected. However, it also caused the login process to
	  disconnect from auth server and potentially log some user's password
	  in the error message.
	- dict-sql: SQL prepared statements were not shared between sessions.
	  This resulted in creating a lot of prepared statements, which was
	  especially inefficient when using Cassandra backend with a lot of
	  Cassandra nodes.
	- auth: auth_request_finished event didn't have success=yes parameter
	  set for successful authentications.
	- auth: userdb dict - Trying to list users crashed.
	- submission: Service could be configured to allow anonymous
	  authentication mechanism and anonymous user access.
	- LAYOUT=index: Corrupted dovecot.list.index caused folder creation to
	  panic.
	- doveadm: HTTP server crashes if request target starts with double "/".
	- dsync: Remote dsync started hanging if the initial doveadm
	  "dsync-server" command was sent in the same TCP packet as the
	  following dsync handshake. v2.3.8 regression.
	- lib: Several "input streams" had a bug that in some rare situations
	  might cause it to access freed memory. This could lead to crashes or
	  corruption.
	  The only currently known effect of this is that using zlib plugin with
	  external mail attachments (mail_attachment_dir) could cause fetching
	  the mail to return a few bytes of garbage data at the beginning of the
	  header. Note that the mail wasn't saved corrupted, but fetching it
	  caused corrupted mail to be sent to the client.
	- lib-storage: If a mail only has quoted content, use the quoted text
	  for generating message snippet (IMAP PREVIEW) instead of returning
	  empty snippet.
	- lib-storage: When vsize header was rebuilt, newly calculated message
	  sizes were added to dovecot.index.cache instead of being directly
	  saved into vsize records in dovecot.index.
	- lib: JSON generator was escaping UTF-8 characters unnecessarily.

v2.3.8 2019-10-08  Aki Tuomi <aki.tuomi@open-xchange.com>

	+ Added mail_delivery_started and mail_delivery_finished events, see
	  https://doc.dovecot.org/admin_manual/list_of_events/ for details.
	+ dsync-replication: Don't replicate users who have "noreplicate" extra
	  field in userdb.
	+ doveadm service status: Show total number of processes created.
	+ When logging to syslog, use instance_name setting's value for the
	  ident. This commonly is added as a log prefix.
	+ Base64 encoding/decoding code was rewritten with additional features.
	  It shouldn't cause any user visible changes.
	- v2.3.7 regression: If a folder only receives new mails without any
	  other mail access, dovecot.index.log keeps growing forever and
	  dovecot.index keeps being rewritten for every mail delivery.
	- dsync-replication may lose keywords after syncing mails restored from
	  another replica. This only happened if the mail only had keywords and
	  no system flags.
	- event filters: Non-textual event fields could not be filtered using
	  wildcards.
	- auth: Scope parameter was missing from OAuth password grant
	  request.
	- doveadm client-server communication may hang in some situations.
	  It is also using unnecessarily small TCP/IP packet sizes.
	- doveadm who and kick did not flush protocol output correctly.
	- imap: SETMETADATA with literal value would delete the metadata value
	  instead of updating it.
	- imap: When client issues FETCH PREVIEW (LAZY=FUZZY) command, the
	  caching decisions should be updated so that newly saved mails will
	  have the preview cached.
	- With mail_nfs_index=yes and/or mail_nfs_storage=yes setuid/setgid
	  permission bits in some files may have become dropped with some NFS
	  servers. Changed NFS flushing to now use chmod() instead of chown().
	- quota: warnings did not work if quota root was noenforcing
	- acl: Global ACL file ignored the last line if it didn't end with LF.
	- doveadm stats dump: With JSON formatter output numbers using the
	  number type instead of as strings
	- lmtp_proxy: Ensure that real_* variables are correctly set when using
	  lmtp_proxy.
	- event exporter: http-post driver had hardcoded timeout and did not
	  support DNS lookups or TLS connections.
	- auth: Fix user iteration to work with userdb passwd with glibc v2.28.
	- auth: auth service can crash if auth-policy JSON response is invalid
	  or returned too fast.
	- In some rare situations "ps" output could have shown a lot of "?"
	  characters after Dovecot process titles.
	- When dovecot.index.pvt is empty, an unnecessary error is logged:
	  Error: .../dovecot.index.pvt reset, view is now inconsistent
	- SMTP address encoder duplicated initial double quote character when
	  the localpart of an address ended in '..'. For example
	  "user+..@example.com" became ""user+.."@example.com in a
	  sieve redirect.

v2.3.7.1 2019-07-23  Timo Sirainen <timo.sirainen@open-xchange.com>

	- Fix TCP_NODELAY errors being logged on non-Linux OSes
	- lmtp proxy: Fix assert-crash when client uses BODY=8BITMIME
	- Remove wrongly added checks in namespace prefix checking

v2.3.7 2019-07-12  Aki Tuomi <aki.tuomi@open-xchange.com>

	* fts-solr: Removed break-imap-search parameter
	+ Added more events for the new statistics, see
	  https://doc.dovecot.org/admin_manual/list_of_events/
	+ mail-lua: Add IMAP metadata accessors, see
	  https://doc.dovecot.org/admin_manual/lua/
	+ Add event exporters that allow exporting raw events to log files and
	  external systems, see
	  https://doc.dovecot.org/configuration_manual/event_export/
	+ SNIPPET is now PREVIEW and size has been increased to 200 characters.
	+ Add body option to fts_enforced. This triggers building FTS index only
	  on body search, and an error using FTS index fails the search rather
	  than reads through all the mails.
	- Submission/LMTP: Fixed crash when domain argument is invalid in a
	  second EHLO/LHLO command.
	- Copying/moving mails using Maildir format loses IMAP keywords in the
	  destination if the mail also has no system flags.
	- mail_attachment_detection_options=add-flags-on-save caused email body
	  to be unnecessarily opened when FETCHing mail headers that were
	  already cached.
	- mail attachment detection keywords not saved with maildir.
	- dovecot.index.cache may have grown excessively large in some
	  situations. This happened especially when using autoexpunging with
	  lazy_expunge folders. Also with mdbox format in general the cache file
	  wasn't recreated as often as it should have.
	- Autoexpunged mails weren't immediately deleted from the disk. Instead,
	  the deletion from disk happened the next time the folder was opened.
	  This could have caused unnecessary delays if the opening was done by
	  an interactive IMAP session.
	- Dovecot's TCP connections sometimes add extra 40ms latency due to not
	  enabling TCP_NODELAY. HTTP and SMTP/LMTP connections weren't
	  affected, but everything else was. This delay wasn't always visible -
	  only in some situations with some message/packet sizes.
	- imapc: Fix various crash conditions
	- Dovecot builds were not always reproducible.
	- login-proxy: With shutdown_clients=no after config reload the
	  existing connections could no longer be listed or kicked with doveadm.
	- "doveadm proxy kick" with -f parameter caused a crash in some
	  situations.
	- Auth policy can cause segmentation fault crash during auth process
	  shutdown if all auth requests have not been finished.
	- Fix various minor bugs leading into incorrect behaviour in mailbox
	  list index handling. These rarely caused noticeable problems.
	- LDAP auth: Iteration accesses freed memory, possibly crashing
	  auth-worker
	- local_name { .. } filter in dovecot.conf does not correctly support
	  multiple names and wildcards were matched incorrectly.
	- replicator: dsync assert-crashes if it can't connect to remote TCP
	  server.
	- config: Memory leak in config process when ssl_dh setting wasn't
	  set and there was no ssl-parameters.dat file.
	  This caused config process to die once in a while
	  with "out of memory".

v2.3.6 2019-04-30  Aki Tuomi <aki.tuomi@open-xchange.com>

	* CVE-2019-11494: Submission-login crashed with signal 11 due to null
	  pointer access when authentication was aborted by disconnecting.
	* CVE-2019-11499: Submission-login crashed when authentication was
	  started over TLS secured channel and invalid authentication message
	  was sent.
	* auth: Support password grant with passdb oauth2.
	+ Use system default CAs for outbound TLS connections.
	+ Simplify array handling with new helper macros.
	+ fts_solr: Enable configuring batch_size and soft_commit features.
	- lmtp/submission: Fixed various bugs in XCLIENT handling, including a
	  hang when XCLIENT commands were sent infinitely to the remote server.
	- lmtp/submission: Forwarded multi-line replies were erroneously sent
	  as two replies to the client.
	- lib-smtp: client: Message was not guaranteed to contain CRLF
	  consistently when CHUNKING was used.
	- fts_solr: Plugin was no longer compatible with Solr 7.
	- Make it possible to disable certificate checking without
	  setting ssl_client_ca_* settings.
	- pop3c: SSL support was broken.
	- mysql: Closing connection twice lead to crash on some systems.
	- auth: Multiple oauth2 passdbs crashed auth process on deinit.
	- HTTP client connection errors infrequently triggered a segmentation
	  fault when the connection was idle and not used for a particular
	  client instance.

v2.3.5.2 2019-04-18  Timo Sirainen <tss@iki.fi>

	* CVE-2019-10691: Trying to login with 8bit username containing
	  invalid UTF8 input causes auth process to crash if auth policy is
	  enabled. This could be used rather easily to cause a DoS. Similar
	  crash also happens during mail delivery when using invalid UTF8 in
	  From or Subject header when OX push notification driver is used.

v2.3.5.1 2019-03-28  Timo Sirainen <tss@iki.fi>

	* CVE-2019-7524: Missing input buffer size validation leads into
	  arbitrary buffer overflow when reading fts or pop3 uidl header
	  from Dovecot index. Exploiting this requires direct write access to
	  the index files.

v2.3.5 2019-03-05  Timo Sirainen <tss@iki.fi>

	+ Lua push notification driver: mail keywords and flags are provided
	  in MessageNew and MessageAppend events.
	+ submission: Implement support for plugins.
	+ auth: When auth_policy_log_only=yes, only log what the policy server
	  response would do without actually doing it.
	+ auth: Always log policy server decisions with auth_verbose=yes
	- v2.3.[34]: doveadm log errors: Output was missing user/session
	- lda: Debug log lines could have shown slightly corrupted
	- login proxy: Login processes may have crashed in various ways when
	  login_proxy_max_disconnect_delay was set.
	- imap: Fix crash with Maildir+zlib if client disconnects during APPEND
	- lmtp proxy: Fix potential assert-crash
	- lmtp/submission: Fix crash when SMTP client transaction times out
	- submission: Split large XCLIENT commands to 512 bytes per command,
	  so Postfix accepts them.
	- submission: Fix crash when client sends invalid BURL command
	- submission: relay backend: VRFY command: Avoid forwarding 500 and
	  502 replies back to client.
	- lib-http: Fix potential assert-crash when DNS lookup fails
	- lib-fts: Fix search query generation when one language ignores a
	  token (e.g. via stopwords).

v2.3.4 2018-11-23  Timo Sirainen <tss@iki.fi>

	* The default postmaster_address is now "postmaster@<user domain or
	  server hostname>". If username contains the @domain part, that's
	  used. If not, then the server's hostname is used.
	* "doveadm stats dump" now returns two decimals for the "avg" field.

	+ Added push notification driver that uses a Lua script
	+ Added new SQL, DNS and connection events.
	  See https://wiki2.dovecot.org/Events
	+ Added "doveadm mailbox cache purge" command.
	+ Added events API support for Lua scripts
	+ doveadm force-resync -f parameter performs "index fsck" while opening
	  the index. This may be useful to fix some types of broken index files.
	  This may become the default behavior in a later version.
	- director: Kicking a user crashes if login process is very slow
	- pop3_no_flag_updates=no: Don't expunge DELEted and RETRed messages
	  unless QUIT is sent.
	- auth: Fix crypt() segfault with glibc-2.28+
	- imap: Running UID FILTER script with errors assert-crashes
	- dsync, pop3-migration: POP3 UIDLs weren't added to
	  dovecot.index.cache while mails were saved.
	- dict clients may have been using 100% CPU while waiting for dict
	  server to finish commands.
	- doveadm user: Fixed user listing via HTTP API
	- All levels of Cassandra log messages were logged as Dovecot errors.
	- http/smtp client may have crashed after SSL handshake
	- Lua auth converted strings that looked like numbers into numbers.


v2.3.3 2018-10-01  Timo Sirainen <tss@iki.fi>

	* doveconf hides more secrets now in the default output.
	* ssl_dh setting is no longer enforced at startup. If it's not set and
	  non-ECC DH key exchange happens, error is logged and client is
	  disconnected.

	+ Added log_debug=<filter> setting.
	+ Added log_core_filter=<log filter> setting.
	+ quota-clone: Write to dict asynchronously
	+ --enable-hardening attempts to use retpoline Spectre 2 mitigations
	+ lmtp proxy: Support source_ip passdb extra field.
	+ doveadm stats dump: Support more fields and output stddev by default.
	+ push-notification: Add SSL support for OX backend.
	- NUL bytes in mail headers can cause truncated replies when fetched.
	- director: Conflicting host up/down state changes may in some rare
	  situations ended up in a loop of two directors constantly overwriting
	  each others' changes.
	- director: Fix hang/crash when multiple doveadm commands are being
	  handled concurrently.
	- director: Fix assert-crash if doveadm disconnects too early
	- virtual plugin: Some searches used 100% CPU for many seconds
	- dsync assert-crashed with acl plugin in some situations.
	- mail_attachment_detection_options=add-flags-on-save assert-crashed
	  with some specific Sieve scripts.
	- Mail snippet generation crashed with mails containing invalid
	  Content-Type:multipart header.
	- Log prefix ordering was different for some log lines.
	- quota: With noenforcing option current quota usage wasn't updated.
	- auth: Kerberos authentication against Samba assert-crashed.
	- stats clients were unnecessarily chatty with the stats server.
	- imapc: Fixed various assert-crashes when reconnecting to server.
	- lmtp, submission: Fix potential crash if client disconnects while
	  handling a command.
	- quota: Fixed compiling with glibc-2.26 / support libtirpc.
	- fts-solr: Empty search values resulted in 400 Bad Request errors
	- fts-solr: default_ns parameter couldn't be used
	- submission server crashed if relay server returned over 7 lines in
	  a reply (e.g. to EHLO)

v2.3.2.1 2018-07-09  Timo Sirainen <tss@iki.fi>

	- SSL/TLS servers may have crashed during client disconnection
	- lmtp: With lmtp_rcpt_check_quota=yes mail deliveries may have
	  sometimes assert-crashed.
	- v2.3.2: "make check" may have crashed with 32bit systems

v2.3.2 2018-06-29  Timo Sirainen <tss@iki.fi>

	* old-stats plugin: Don't temporarily enable PR_SET_DUMPABLE while
	  opening /proc/self/io. This may still cause security problems if the
	  process is ptrace()d at the same time. Instead, open it while still
	  running as root.
	+ doveadm: Added mailbox cache decision&remove commands. See
	  doveadm-mailbox(1) man page for details.
	+ doveadm: Added rebuild attachments command for rebuilding
	  $HasAttachment or $HasNoAttachment flags for matching mails. See
	  doveadm-rebuild(1) man page for details.
	+ cassandra: Use fallback_consistency on more types of errors
	+ lmtp proxy: Support outgoing SSL/TLS connections
	+ lmtp: Add lmtp_rawlog_dir and lmtp_proxy_rawlog_dir settings.
	+ submission: Add support for rawlog_dir
	+ submission: Add submission_client_workarounds setting.
	+ lua auth: Add password_verify() function and additional fields in
	  auth request.
	- doveadm-server: TCP connections are hanging when there is a lot of
	  network output. This especially caused hangs in dsync-replication.
	- Using multiple type=shared mdbox namespaces crashed
	- mail_fsync setting was ignored. It was always set to "optimized".
	- lua auth: Fix potential crash at deinit
	- SSL/TLS servers may have crashed if client disconnected during
	  handshake.
	- SSL/TLS servers: Don't send extraneous certificates to client when
	  alt certs are used.
	- lda, lmtp: Return-Path header without '<' may have assert-crashed.
	- lda, lmtp: Unencoded UTF-8 in email address headers may assert-crash
	- lda: -f parameter didn't allow empty/null/domainless address
	- lmtp, submission: Message size limit was hardcoded to 40 MB.
	  Exceeding it caused the connection to get dropped during transfer.
	- lmtp: Fix potential crash when delivery fails at DATA stage
	- lmtp: login_greeting setting was ignored
	- Fix to work with OpenSSL v1.0.2f
	- systemd unit restrictions were too strict by default
	- Fix potential crashes when a lot of log output was produced
	- SMTP client may have assert-crashed when sending mail
	- IMAP COMPRESS: Send "end of compression" marker when disconnecting.
	- cassandra: Fix consistency=quorum to work
	- dsync: Lock file generation failed if home directory didn't exist
	- Snippet generation for HTML mails didn't ignore &entities inside
	  blockquotes, producing strange looking snippets.
	- imapc: Fix assert-crash if getting disconnected and after
	  reconnection all mails in the selected mailbox are gone.
	- pop3c: Handle unexpected server disconnections without assert-crash
	- fts: Fixes to indexing mails via virtual mailboxes.
	- fts: If mails contained NUL characters, the text around it wasn't
	  indexed.
	- Obsolete dovecot.index.cache offsets were sometimes used. Trying to
	  fetch a field that was just added to cache file may not have always
	  found it.

v2.3.1 2018-02-29  Aki Tuomi <aki.tuomi@dovecot.fi>

	* Submission server support improvements and bug fixes
	  - Lots of bug fixes to submission server
	* API CHANGE: array_idx_modifiable will no longer allocate space
	  - Particularly affects how you should check MODULE_CONTEXT result, or
	    use REQUIRE_MODULE_CONTEXT.

	+ mail_attachment_detection_options setting controls when
	  $HasAttachment and $HasNoAttachment keywords are set for mails.
	+ imap: Support fetching body snippets using FETCH (SNIPPET) or
	  (SNIPPET (LAZY=FUZZY))
	+ fs-compress: Automatically detect whether input is compressed or not.
	  Prefix the compression algorithm with "maybe-" to enable the
	  detection, for example: "compress:maybe-gz:6:..."
	+ Added settings to change dovecot.index* files' optimization behavior.
	  See https://wiki2.dovecot.org/IndexFiles#Settings
	+ Auth cache can now utilize auth workers to do password hash
	  verification by setting auth_cache_verify_password_with_worker=yes.
	+ Added charset_alias plugin. See
	  https://wiki2.dovecot.org/Plugins/CharsetAlias
	+ imap_logout_format and pop3_logout_format settings now support all of
	  the generic variables (e.g. %{rip}, %{session}, etc.)
	+ Added auth_policy_check_before_auth, auth_policy_check_after_auth
	  and auth_policy_report_after_auth settings.
	+ master: Support HAProxy PP2_TYPE_SSL command and set "secured"
	  variable appropriately
	- Invalid UCS4 escape in HTML can cause crashes
	- imap: IMAP COMPRESS -enabled clietn crashes on disconnect
	- lmtp: Fix crash when user is over quota
	- lib-lda: Parsing Return-Path header address fails when it contains
	  CFWS
	- auth: SASL with Exim fails for AUTH commands without an initial
	  response
	- imap: SPECIAL-USE capability isn't automatically added
	- auth: LDAP subqueries do not support standard auth variables in
	  var-expand
	- auth: SHA256-CRYPT and SHA512-CRYPT schemes do not work
	- lib-index: mail_always/never_cache_fields are not used for existing
	  cache files
	- imap: Fetching headers leaks memory if search doesn't find any mails
	- lmtp: ORCPT support in RCPT TO
	- imap-login: Process sometimes ends up in infinite loop
	- sdbox: Rolled back save/copy transaction doesn't delete temp files
	- mail: lock_method=dotlock causes crashes

v2.3.0.1 2018-02-28  Timo Sirainen <tss@iki.fi>

	* CVE-2017-15130: TLS SNI config lookups may lead to excessive
	  memory usage, causing imap-login/pop3-login VSZ limit to be reached
	  and the process restarted. This happens only if Dovecot config has
	  local_name { } or local { } configuration blocks and attacker uses
	  randomly generated SNI servernames.
	* CVE-2017-14461: Parsing invalid email addresses may cause a crash or
	  leak memory contents to attacker. For example, these memory contents
	  might contain parts of an email from another user if the same imap
	  process is reused for multiple users. First discovered by Aleksandar
	  Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
	  via HackerOne.
	* CVE-2017-15132: Aborted SASL authentication leaks memory in login
	  process.
	* Linux: Core dumping is no longer enabled by default via
	  PR_SET_DUMPABLE, because this may allow attackers to bypass
	  chroot/group restrictions. Found by cPanel Security Team. Nowadays
	  core dumps can be safely enabled by using "sysctl -w
	  fs.suid_dumpable=2". If the old behaviour is wanted, it can still be
	  enabled by setting:
	  import_environment=$import_environment PR_SET_DUMPABLE=1
	- imap-login with SSL/TLS connections may end up in infinite loop

v2.3.0 2017-12-22  Timo Sirainen <tss@iki.fi>

	* Various setting changes, see https://wiki2.dovecot.org/Upgrading/2.3
	* Logging rewrite started: Logging is now based on hierarchical events.
	  This makes it possible to do various things, like: 1) giving
	  consistent log prefixes, 2) enabling debug logging with finer
	  granularity, 3) provide logs in more machine readable formats
	  (e.g. json). Everything isn't finished yet, especially a lot of the
	  old logging code still needs to be translated to the new way.
	* Statistics rewrite started: Stats are now based on (log) events.
	  It's possible to gather statistics about any event that is logged.
	  See http://wiki2.dovecot.org/Statistics for details
	* ssl_dh setting replaces the old generated ssl-parameters.dat
	* IMAP: When BINARY FETCH finds a broken mails, send [PARSE] error
	  instead of [UNKNOWNCTE]
	* Linux: core dumping via PR_SET_DUMPABLE is no longer enabled by
	  default due to potential security reasons (found by cPanel Security
	  Team).

	+ Added support for SMTP submission proxy server, which includes
	  support for BURL and CHUNKING extension.
	+ LMTP rewrite. Supports now CHUNKING extension and mixing of
	  local/proxy recipients.
	+ auth: Support libsodium to add support for ARGON2I and ARGON2ID
	  password schemes.
	+ auth: Support BLF-CRYPT password scheme in all platforms
	+ auth: Added LUA scripting support for passdb/userdb.
	  See https://wiki2.dovecot.org/AuthDatabase/Lua
	- Input streams are more reliable now when there are errors or when
	  the maximum buffer size is reached. Previously in some situations
	  this could have caused Dovecot to try to read already freed memory.
	- Output streams weren't previously handling failures when writing a
	  trailer at the end of the stream. This mainly affected encrypt and
	  zlib compress ostreams, which could have silently written truncated
	  files if the last write happened to fail (which shouldn't normally
	  have ever happened).
	- virtual plugin: Fixed panic when fetching mails from virtual
	  mailboxes with IMAP BINARY extension.
	- doveadm-server: Fix potential hangs with SSL connections
	- doveadm proxy: Reading commands' output from v2.2.33+ servers could
	  have caused the output to be corrupted or caused a crash.
	- Many other smaller fixes

v2.2.36.3 2019-03-28  Timo Sirainen <tss@iki.fi>

	* CVE-2019-7524: Missing input buffer size validation leads into
	  arbitrary buffer overflow when reading fts or pop3 uidl header
	  from Dovecot index. Exploiting this requires direct write access to
	  the index files.

v2.2.36.1 2019-02-05  Timo Sirainen <tss@iki.fi>

	* CVE-2019-3814: If imap/pop3/managesieve/submission client has
	  trusted certificate with missing username field
	  (ssl_cert_username_field), under some configurations Dovecot
	  mistakenly trusts the username provided via authentication instead
	  of failing.
	* ssl_cert_username_field setting was ignored with external SMTP AUTH,
	  because none of the MTAs (Postfix, Exim) currently send the
	  cert_username field. This may have allowed users with trusted
	  certificate to specify any username in the authentication. This bug
	  didn't affect Dovecot's Submission service.

	- pop3_no_flag_updates=no: Don't expunge RETRed messages without QUIT
	- director: Kicking a user assert-crashes if login process is very slow
	- lda/lmtp: Fix assert-crash with some Sieve scripts when
	  mail_attachment_detection_options=add-flags-on-save
	- fs-compress: Using maybe-gz assert-crashed when reading 0 sized file
	- Snippet generation crashed with invalid Content-Type:multipart

v2.2.36 2018-05-23  Timo Sirainen <tss@iki.fi>

	* login-proxy: If ssl_require_crl=no, allow revoked certificates.
	  Also don't do CRL checks for incoming client certificates.
	* stats plugin: Don't temporarily enable PR_SET_DUMPABLE while opening
	  /proc/self/io. This may still cause security problems if the process
	  is ptrace()d at the same time. Instead, open it while still running
	  as root.

	+ doveadm: Added mailbox cache decision&remove commands. See
	  doveadm-mailbox(1) man page for details.
	+ doveadm: Added rebuild attachments command for rebuilding
	  $HasAttachment or $HasNoAttachment flags for matching mails. See
	  doveadm-rebuild(1) man page for details.
	+ cassandra: Use fallback_consistency on more types of errors
	- cassandra: Fix consistency=quorum to work
	- dsync: Lock file generation failed if home directory didn't exist
	- In some configs if namespace root directory didn't yet exist, Dovecot
	  failed to create mailboxes.lock when trying to create mailboxes
	- Snippet generation for HTML mails didn't ignore &entities inside
	  blockquotes, producing strange looking snippets.
	- imapc: Fix assert-crash if getting disconnected and after
	  reconnection all mails in the selected mailbox are gone.
	- pop3c: Handle unexpected server disconnections without assert-crash
	- fts: Fixes to indexing mails via virtual mailboxes.
	- fts: If mails contained NUL characters, the text around it wasn't
	  indexed.
	- Obsolete dovecot.index.cache offsets were sometimes used. Trying to
	  fetch a field that was just added to cache file may not have always
	  found it.
	- dict-sql: Fix crash when reading NULL value from database

v2.2.35 2018-03-19  Aki Tuomi <aki.tuomi@dovecot.fi>

	- charset_alias: compile fails with Solaris Studio, reported by
	  John Woods.
	- Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
	- imapc: Don't try to add mails to index if they already exist there.
	- imapc: If email is modified in istream_opened hook, mail size isn't
	  updated.
	- lib-dcrypt: When reading encrypted data, more data would not be
	  read if buffer was not consumed causing panic or hang.
	- notify: When notify plugin is used and transaction commit fails in
	  dsync, crash occurs.
	- sdbox: When delivering to a mailbox that is over quota, temp files
	  are not cleaned up when saving or copying fails.

v2.2.34 2018-02-28  Timo Sirainen <tss@iki.fi>

	* CVE-2017-15130: TLS SNI config lookups may lead to excessive
	  memory usage, causing imap-login/pop3-login VSZ limit to be reached
	  and the process restarted. This happens only if Dovecot config has
	  local_name { } or local { } configuration blocks and attacker uses
	  randomly generated SNI servernames.
	* CVE-2017-14461: Parsing invalid email addresses may cause a crash or
	  leak memory contents to attacker. For example, these memory contents
	  might contain parts of an email from another user if the same imap
	  process is reused for multiple users. First discovered by Aleksandar
	  Nikolic of Cisco Talos. Independently also discovered by "flxflndy"
	  via HackerOne.
	* CVE-2017-15132: Aborted SASL authentication leaks memory in login
	  process.
	* Linux: Core dumping is no longer enabled by default via
	  PR_SET_DUMPABLE, because this may allow attackers to bypass
	  chroot/group restrictions. Found by cPanel Security Team. Nowadays
	  core dumps can be safely enabled by using "sysctl -w
	  fs.suid_dumpable=2". If the old behaviour is wanted, it can still be
	  enabled by setting:
	  import_environment=$import_environment PR_SET_DUMPABLE=1
	* doveconf output now includes the hostname.

	+ mail_attachment_detection_options setting controls when
	  $HasAttachment and $HasNoAttachment keywords are set for mails.
	+ imap: Support fetching body snippets using FETCH (SNIPPET) or
	  (SNIPPET (LAZY=FUZZY))
	+ fs-compress: Automatically detect whether input is compressed or not.
	  Prefix the compression algorithm with "maybe-" to enable the
	  detection, for example: "compress:maybe-gz:6:..."
	+ Added settings to change dovecot.index* files' optimization behavior.
	  See https://wiki2.dovecot.org/IndexFiles#Settings
	+ Auth cache can now utilize auth workers to do password hash
	  verification by setting auth_cache_verify_password_with_worker=yes.
	+ Added charset_alias plugin. See
	  https://wiki2.dovecot.org/Plugins/CharsetAlias
	+ imap_logout_format and pop3_logout_format settings now support all of
	  the generic variables (e.g. %{rip}, %{session}, etc.)
	+ Added auth_policy_check_before_auth, auth_policy_check_after_auth
	  and auth_policy_report_after_auth settings.
	- v2.2.33: doveadm-server: Various fixes related to log handling.
	- v2.2.33: doveadm failed when trying to access UNIX socket that didn't
	  require authentication.
	- v2.2.33: doveadm log reopen stopped working
	- v2.2.30+: IMAP stopped advertising SPECIAL-USE capability
	- v2.2.30+: IMAP stopped sending untagged OK/NO storage notifications
	- replication: dsync sends unnecessary replication notification for
	  changes it does internally. NOTE: Folder creates, renames, deletes
	  and subscribes still trigger unnecessary replication notifications,
	  but these should be rather rare.
	- mail_always/never_cache_fields setting changes weren't applied for
	  existing dovecot.index.cache files.
	- Fix compiling and other problems with OpenSSL v1.1
	- auth policy: With master user logins, lookup using login username.
	- FTS reindexed all mails unnecessarily after loss of
	  dovecot.index.cache file
	- mdbox rebuild repeatedly fails with "missing map extension"
	- SSL connections may have been hanging with imapc or doveadm client.
	- cassandra: Using protocol v3 (Cassandra v2.1) caused memory leaks and
	  also timestamps weren't set to queries.
	- fs-crypt silently ignored public/private keys specified in
	  configuration (mail_crypt_global_public/private_key) and just
	  emitted plaintext output.
	- lock_method=dotlock caused crashes
	- imapc: Reconnection may cause crashes and other errors

v2.2.33.2 2017-10-20  Timo Sirainen <tss@iki.fi>

	- doveadm: Fix crash in proxying (or dsync replication) if remote is
	  running older than v2.2.33
	- auth: Fix memory leak in %{ldap_dn}
	- dict-sql: Fix data types to work correctly with Cassandra

v2.2.33.1 2017-10-10  Timo Sirainen <tss@iki.fi>

	- dovecot-lda was logging to stderr instead of to the log file.

v2.2.33 2017-10-10  Timo Sirainen <tss@iki.fi>

	* doveadm director commands wait for the changes to be visible in the
	  whole ring before they return. This is especially useful in testing.
	* Environments listed in import_environment setting are now set or
	  preserved when executing standalone commands (e.g. doveadm)

	+ doveadm proxy: Support proxying logs. Previously the logs were
	  visible only in the backend's logs.
	+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
	+ Added a new notify_status plugin, which can be used to update dict
	  with current status of a mailbox when it changes. See
	  https://wiki2.dovecot.org/Plugins/NotifyStatus
	+ Mailbox list index can be disabled for a namespace by appending
	  ":LISTINDEX=" to location setting.
	+ dsync/imapc: Added dsync_hashed_headers setting to specify which
	  headers are used to match emails.
	+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
	  mails that are visible in POP3 but not IMAP. This could happen if
	  new mails were delivered during the migration run.
	+ pop3-migration: Further improvements to help with Zimbra
	+ pop3-migration: Cache POP3 UIDLs in imapc's dovecot.index.cache
	  if indexes are enabled. These are used to optimize incremental syncs.
	+ cassandra, dict-sql: Use prepared statements if protocol version>3.
	+ auth: Added %{ldap_dn} variable for passdb/userdb ldap
	- acl: The "create" (k) permission in global acl-file was sometimes
	  ignored, allowing users to create mailboxes when they shouldn't have.
	- sdbox: Mails were always opened when expunging, unless
	  mail_attachment_fs was explicitly set to empty.
	- lmtp/doveadm proxy: hostip passdb field was ignored, which caused
	  unnecessary DNS lookups if host field wasn't an IP
	- lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
	- quota_clone: Update also when quota is unlimited (broken in v2.2.31)
	- mbox, zlib: Fix assert-crash when accessing compressed mbox
	- doveadm director kick -f parameter didn't work
	- doveadm director flush <host> resulted flushing all hosts, if <host>
	  wasn't an IP address.
	- director: Various fixes to handling backend/director changes at
	  abnormal times, especially while ring was unsynced. These could have
	  resulted in crashes, non-optimal behavior or ignoring some of the
	  changes.
	- director: Use less CPU in imap-login processes when moving/kicking
	  many users.
	- lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
	  when lmtp_rcpt_check_quota=yes
	- doveadm sync -1 fails when local mailboxes exist that do not exist
	  remotely. This commonly happened when lazy_expunge mailbox was
	  autocreated when incremental sync expunged mails.
	- pop3: rawlog_dir setting didn't work


v2.2.32 2017-08-24  Timo Sirainen <tss@iki.fi>

	* imapc: Info-level line is logged every time when successfully
	  connected to the remote server. This includes local/remote IP/port,
	  which can be useful for matching against external logs.
	* config: Log a warning if plugin { key=no } is used explicitly.
	  v2.3 will support "no" properly in plugin settings, but for now
	  any value at all for a boolean plugin setting is treated as "yes",
	  even if it's written as explicit "no". This change will now warn
	  that it most likely won't work as intended.

	+ Various optimizations to avoid accessing files/directories when it's
	  not necessary. Especially avoid accessing mail root directories when
	  INDEX directories point to a different filesystem.
	+ mail_location can now include ITERINDEX parameter. This tells Dovecot
	  to perform mailbox listing from the INDEX path instead of from the
	  mail root path. It's mainly useful when the INDEX storage is on a
	  faster storage.
	+ mail_location can now include VOLATILEDIR=<path> parameter. This
	  is used for creating lock files and in future potentially other
	  files that don't need to exist permanently. The path could point to
	  tmpfs for example. This is especially useful to avoid creating lock
	  files to NFS or other remote filesystems. For example:
	  mail_location=sdbox:~/sdbox:VOLATILEDIR=/tmp/volatile/%2.256Nu/%u
	+ mail_location's LISTINDEX=<path> can now contain a full path.
	  This allows storing mailbox list index to a different storage
	  than the rest of the indexes, for example to tmpfs.
	+ mail_location can now include NO-NOSELECT parameter. This
	  automatically deletes any \NoSelect mailboxes that have no children.
	  These mailboxes are sometimes confusing to users.
	+ mail_location can now include BROKENCHAR=<char> parameter. This can
	  be useful with imapc to access mailbox names that aren't valid mUTF-7
	  charset from remote servers.
	+ If mailbox_list_index_very_dirty_syncs=yes, the list index is no
	  longer refreshed against filesystem when listing mailboxes. This
	  allows the mailbox listing to be done entirely by only reading the
	  mailbox list index.
	+ Added mailbox_list_index_include_inbox setting to control whether
	  INBOX's STATUS information should be cached in the mailbox list
	  index. The default is "no", but it may be useful to change it to
	  "yes", especially if LISTINDEX points to tmpfs.
	+ userdb can return chdir=<path>, which override mail_home for the
	  chdir location. This can be useful to avoid accessing home directory
	  on login.
	+ userdb can return postlogin=<socket> to specify per-user imap/pop3
	  postlogin socket path.
	+ cassandra: Add support for result paging by adding page_size=<n>
	  parameter to the connect setting.
	+ dsync/imapc, pop3-migration plugin: Strip also trailing tabs from
	  headers when matching mails. This helps with migrations from Zimbra.
	+ imap_logout_format supports now %{appended} and %{autoexpunged}
	+ virtual plugin: Optimize IDLE to use mailbox list index for finding
	  out when something has changed.
	+ Added apparmor plugin. See https://wiki2.dovecot.org/Plugins/Apparmor
	- virtual plugin: A lot of fixes. In many cases it was also working
	  very inefficiently or even incorrectly.
	- imap: NOTIFY parameter parsing was incorrectly "fixed" in v2.2.31.
	  It was actually (mostly) working in previous versions, but broken
	  in v2.2.31.
	- Modseq tracking didn't always work correctly. This could have caused
	  imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to
	  not work perfectly.
	- mdbox: "Inconsistency in map index" wasn't fixed automatically
	- dict-ldap: %variable values used in the LDAP filter weren't escaped.
	- quota=count: quota_warning = -storage=.. was never executed (try #2).
	  v2.2.31 fixed it for -messages, but not for -storage.
	- imapc: >= 32 kB mail bodies were supposed to be cached for subsequent
	  FETCHes, but weren't.
	- quota-status service didn't support recipient_delimiter
	- acl: Don't access dovecot-acl-list files with acl_globals_only=yes
	- mail_location: If INDEX dir is set, mailbox deletion deletes its
	  childrens' indexes. For example if "box" is deleted, "box/child"
	  index directory was deleted as well (but mails were preserved).
	- director: v2.2.31 caused rapid reconnection loops to directors
	  that were down.

v2.2.31 2017-06-26  Timo Sirainen <tss@iki.fi>

	* LMTP: Removed "(Dovecot)" from added Received headers. Some
	  installations want to hide it, and there's not really any good reason
	  for anyone to have it.

	+ Add ssl_alt_cert and ssl_alt_key settings to add support for
	  having both RSA and ECDSA certificates.
	+ dsync/imapc, pop3-migration plugin: Strip trailing whitespace from
	  headers when matching mails. This helps with migrations from Zimbra.
	+ acl: Add acl_globals_only setting to disable looking up
	  per-mailbox dovecot-acl files.
	+ Parse invalid message addresses better. This mainly affects the
	  generated IMAP ENVELOPE replies.
	- v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly.
	  It could have deleted wrong mail's cache or assert-crashed.
	- v2.2.30 mail-crypt-acl plugin was assert-crashing
	- v2.2.30 welcome plugin wasn't working
	- Various fixes to handling mailbox listing. Especially related to
	  handling nonexistent autocreated/autosubscribed mailboxes and ACLs.
	- Global ACL file was parsed as if it was local ACL file. This caused
	  some of the ACL rule interactions to not work exactly as intended.
	- auth: forward_* fields didn't work properly: Only the first forward
	  field was working, and only if the first passdb lookup succeeded.
	- Using mail_sort_max_read_count sometimes caused "Broken sort-*
	  indexes, resetting" errors.
	- Using mail_sort_max_read_count may have caused very high CPU usage.
	- Message address parsing could have crashed on invalid input.
	- imapc_features=fetch-headers wasn't always working correctly and
	  caused the full header to be fetched.
	- imapc: Various bugfixes related to connection failure handling.
	- quota=imapc sent unnecessary FETCH RFC822.SIZE to server when
	  expunging mails.
	- quota=count: quota_warning = -storage=.. was never executed
	- quota=count: Add support for "ns" parameter
	- dsync: Fix incremental syncing for mails that don't have Date or
	  Message-ID headers.
	- imap: Fix hang when client sends pipelined SEARCH +
	  EXPUNGE/CLOSE/LOGOUT.
	- oauth2: Token validation didn't accept empty server responses.
	- imap: NOTIFY command has been almost completely broken since the
	  beginning. I guess nobody has been trying to use it.


v2.2.30.2 2017-06-06  Timo Sirainen <tss@iki.fi>

	- auth: Multiple failed authentications within short time caused
	  crashes
	- push-notification: OX driver crashed at deinit

v2.2.30.1 2017-05-31  Timo Sirainen <tss@iki.fi>

	- quota_warning scripts weren't working in v2.2.30
	- vpopmail still wasn't compiling

v2.2.30 2017-05-30  Timo Sirainen <tss@iki.fi>

	* auth: Use timing safe comparisons for everything related to
	  passwords. It's unlikely that these could have been used for
	  practical attacks, especially because Dovecot delays and flushes all
	  failed authentications in 2 second intervals. Also it could have
	  worked only when passwords were stored in plaintext in the passdb.
	* master process sends SIGQUIT to all running children at shutdown,
	  which instructs them to close all the socket listeners immediately.
	  This way restarting Dovecot should no longer fail due to some
	  processes keeping the listeners open for a long time.

	+ auth: Add passdb { mechanisms=none } to match separate passdb lookup
	+ auth: Add passdb { username_filter } to use passdb only if user
	  matches the filter. See https://wiki2.dovecot.org/PasswordDatabase
	+ dsync: Add dsync_commit_msgs_interval setting. It attempts to commit
	  the transaction after saving this many new messages. Because of the
	  way dsync works, it may not always be possible if mails are copied
	  or UIDs need to change.
	+ imapc: Support imapc_features=search without ESEARCH extension.
	+ imapc: Add imapc_features=fetch-bodystructure to pass through remote
	  server's FETCH BODY and BODYSTRUCTURE.
	+ imapc: Add quota=imapc backend to use GETQUOTA/GETQUOTAROOT on the
	  remote server.
	+ passdb imap: Add allow_invalid_cert and ssl_ca_file parameters.
	+ If dovecot.index.cache corruption is detected, reset only the one
	  corrupted mail instead of the whole file.
	+ doveadm mailbox status: Add "firstsaved" field.
	+ director_flush_socket: Add old host's up/down and vhost count as parameters
	- More fixes to automatically fix corruption in dovecot.list.index
	- dsync-server: Fix support for dsync_features=empty-header-workaround
	- imapc: Various bugfixes, including infinite loops on some errors
	- IMAP NOTIFY wasn't working for non-INBOX if IMAP client hadn't
	  enabled modseq tracking via CONDSTORE/QRESYNC.
	- fts-lucene: Fix it to work again with mbox format
	- Some internal error messages may have contained garbage in v2.2.29
	- mail-crypt: Re-encrypt when copying/moving mails and per-mailbox keys
	  are used. Otherwise the copied mails can't be opened.
	- vpopmail: Fix compiling

v2.2.29.1 2017-04-12  Timo Sirainen <tss@iki.fi>

	- imapc reconnection fix was forgotten from 2.2.29 release, which also
	  made "make check" fail in a unit test
	- dict-sql: Merging multiple UPDATEs to a single statement wasn't
	  actually working.
	- Fixed building with vpopmail

v2.2.29 2017-04-10  Timo Sirainen <tss@iki.fi>

	* passdb/userdb dict: Don't double-expand %variables in keys. If dict
	  was used as the authentication passdb, using specially crafted
	  %variables in the username could be used to cause DoS (CVE-2017-2669)
	* When Dovecot encounters an internal error, it logs the real error and
	  usually logs another line saying what function failed. Previously the
	  second log line's error message was a rather uninformative "Internal
	  error occurred. Refer to server log for more information." Now the
	  real error message is duplicated in this second log line.
	* lmtp: If a delivery has multiple recipients, run autoexpunging only
	  for the last recipient. This avoids a problem where a long
	  autoexpunge run causes LMTP client to timeout between the DATA
	  replies, resulting in duplicate mail deliveries.
	* config: Don't stop the process due to idling. Otherwise the
	  configuration is reloaded when the process restarts.
	* mail_log plugin: Differentiate autoexpunges from regular expunges
	* imapc: Use LOGOUT to cleanly disconnect from server.
	* lib-http: Internal status codes (>9000) are no longer visible in logs
	* director: Log vhost count changes and HOST-UP/DOWN

	+ quota: Add plugin { quota_max_mail_size } setting to limit the
	  maximum individual mail size that can be saved.
	+ imapc: Add imapc_features=delay-login. If set, connecting to the
	  remote IMAP server isn't done until it's necessary.
	+ imapc: Add imapc_connection_retry_count and
	  imapc_connection_retry_interval settings.
	+ imap, pop3, indexer-worker: Add (deinit) to process title before
	  autoexpunging runs.
	+ Added %{encrypt} and %{decrypt} variables
	+ imap/pop3 proxy: Log proxy state in errors as human-readable string.
	+ imap/pop3-login: All forward_* extra fields returned by passdb are
	  sent to the next hop when proxying using ID/XCLIENT commands. On the
	  receiving side these fields are imported and sent to auth process
	  where they're accessible via %{passdb:forward_*}. This is done only
	  if the sending IP address matches login_trusted_networks.
	+ imap-login: If imap_id_retain=yes, send the IMAP ID string to
	  auth process. %{client_id} expands to it in auth process. The ID
	  string is also sent to the next hop when proxying.
	+ passdb imap: Use ssl_client_ca_* settings for CA validation.
	- fts-tika: Fixed crash when parsing attachment without
	  Content-Disposition header. Broken by 2.2.28.
	- trash plugin was broken in 2.2.28
	- auth: When passdb/userdb lookups were done via auth-workers, too much
	  data was added to auth cache. This could have resulted in wrong
	  replies when using multiple passdbs/userdbs.
	- auth: passdb { skip & mechanisms } were ignored for the first passdb
	- oauth2: Various fixes, including fixes to crashes
	- dsync: Large Sieve scripts (or other large metadata) weren't always
	  synced.
	- Index rebuild (e.g. doveadm force-resync) set all mails as \Recent
	- imap-hibernate: %{userdb:*} wasn't expanded in mail_log_prefix
	- doveadm: Exit codes weren't preserved when proxying commands via
	  doveadm-server. Almost all errors used exit code 75 (tempfail).
	- ACLs weren't applied to not-yet-existing autocreated mailboxes.
	- Fixed a potential crash when parsing a broken message header.
	- cassandra: Fallback consistency settings weren't working correctly.
	- doveadm director status <user>: "Initial config" was always empty
	- imapc: Various reconnection fixes.

v2.2.28 2017-02-24  Timo Sirainen <tss@iki.fi>

	* director: "doveadm director move" to same host now refreshes user's
	  timeout. This allows keeping user constantly in the same backend by
	  just periodically moving the user there.
	* When new mailbox is created, use initially INBOX's
	  dovecot.index.cache caching decisions.
	* Expunging mails writes GUID to dovecot.index.log now only if the
	  GUID is quickly available from index/cache.
	* pop3c: Increase timeout for PASS command to 5 minutes.
	* Mail access errors are no longer ignored when searching or sorting.
	  With IMAP the untagged SEARCH/SORT reply is still sent the same as
	  before, but NO reply is returned instead of OK.

	+ Make dovecot.list.index's filename configurable. This is needed when
	  there are multiple namespaces pointing to the same mail root
	  (e.g. lazy_expunge namespace for mdbox).
	+ Add size.virtual to dovecot.index when folder vsizes are accessed
	  (e.g. quota=count). This is mainly a workaround to avoid slow quota
	  recalculation performance when message sizes get lost from
	  dovecot.index.cache due to corruption or some other reason.
	+ auth: Support OAUTHBEARER and XOAUTH2 mechanisms. Also support them
	  in lib-dsasl for client side.
	+ auth: Support filtering by SASL mechanism: passdb { mechanisms }
	+ Shrink the mail processes' memory usage by not storing settings
	  duplicated unnecessarily many times.
	+ imap: Add imap_fetch_failure setting to control what happens when
	  FETCH fails for some mails (see example-config).
	+ imap: Include info about last command in disconnection log line.
	+ imap: Created new SEARCH=X-MIMEPART extension. It's currently not
	  advertised by default, since it's not fully implemented.
	+ fts-solr: Add support for basic authentication.
	+ Cassandra: Support automatically retrying failed queries if
	  execution_retry_interval and execution_retry_times are set.
	+ doveadm: Added "mailbox path" command.
	+ mail_log plugin: If plugin { mail_log_cached_only=yes }, log the
	  wanted fields only if it doesn't require opening the email.
	+ mail_vsize_bg_after_count setting added (see example-config).
	+ mail_sort_max_read_count setting added (see example-config).
	+ pop3c: Added pop3c_features=no-pipelining setting to prevent using
	  PIPELINING extension even though it's advertised.

	- Index files: day_first_uid wasn't updated correctly since v2.2.26.
	  This caused dovecot.index.cache to be non-optimal.
	- imap: SEARCH/SORT may have assert-crashed in
	  client_check_command_hangs
	- imap: FETCH X-MAILBOX may have assert-crashed in virtual mailboxes.
	- imap: Running time in tagged command reply was often wrongly 0.
	- search: Using NOT n:* or NOT UID n:* wasn't handled correctly
	- director: doveadm director kick was broken
	- director: Fix crash when using director_flush_socket
	- director: Fix some bugs when moving users between backends
	- imapc: Various error handling fixes and improvements
	- master: doveadm process status output had a lot of duplicates.
	- autoexpunge: If mailbox's rename timestamp is newer than mail's
	  save-timestamp, use it instead. This is useful when autoexpunging
	  e.g. Trash/* and an entire mailbox is deleted by renaming it under
	  Trash to prevent it from being autoexpunged too early.
	- autoexpunge: Multiple processes may have been trying to expunge the
	  same mails simultaneously. This was problematic especially with
	  lazy_expunge plugin.
	- auth: %{passdb:*} was empty in auth-worker processes
	- auth-policy: hashed_password was always sent empty.
	- dict-sql: Merge multiple UPDATEs to a single statement if possible.
	- fts-solr: Escape {} chars when sending queries
	- fts: fts_autoindex_exclude = \Special-use caused crashes
	- doveadm-server: Fix leaks and other problems when process is reused
	  for multiple requests (service_count != 1)
	- sdbox: Fix assert-crash on mailbox create race
	- lda/lmtp: deliver_log_format values weren't entirely correct if Sieve
	  was used. especially %{storage_id} was broken.
	- lmtp_user_concurrency_limit didn't work if userdb changed username

v2.2.27 2016-12-03  Timo Sirainen <tss@iki.fi>

	* dovecot.list.index.log rotation sizes/times were changed so that
	  the .log file stays smaller and .log.2 is deleted sooner.

	+ Added mail_crypt plugin that allows encryption of stored emails.
	  See http://wiki2.dovecot.org/Plugins/MailCrypt
	+ stats: Global stats can be sent to Carbon server by setting
	  stats_carbon_server=ip:port
	+ imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send
	  ID/XCLIENT
	+ Added generic hash modifier for %variables:
	  %{<hash algorithm>;rounds=<n>,truncate=<bits>,salt=s>:field}
	  Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256.
	  Also "pkcs5" is supported using SHA256. For example: %{sha256:user}
	  or %{md5;truncate=32:user}.
	+ Added support for SHA3-256 and SHA3-512 hashes.
	+ config: Support DNS wildcards in local_name, e.g.
	  local_name *.example.com { .. } matches anything.example.com, but
	  not multiple.anything.example.com.
	+ config: Support multiple names in local_name, e.g.
	  local_name "1.example.com 2.example.com" { .. }
	- Fixed crash in auth process when auth-policy was configured and
	  authentication was aborted/failed without a username set.
	- director: If two users had different tags but the same hash,
	  the users may have been redirected to the wrong tag's hosts.
	- Index files may have been thought incorrectly lost, causing
	  "Missing middle file seq=.." to be logged and index rebuild.
	  This happened more easily with IMAP hibernation enabled.
	- Various fixes to restoring state correctly in un-hibernation.
	- dovecot.index files were commonly 4 bytes per email too large. This
	  is because 3 bytes per email were being wasted that could have been
	  used for IMAP keywords.
	- Various fixes to handle dovecot.list.index corruption better.
	- lib-fts: Fixed assert-crash in address tokenizer with specific input.
	- Fixed assert-crash in HTML to text parsing with specific input
	  (e.g. for FTS indexing or snippet generation)
	- doveadm sync -1: Fixed handling mailbox GUID conflicts.
	- sdbox, mdbox: Perform full index rebuild if corruption is detected
	  inside lib-index, which runs index fsck.
	- quota: Don't skip quota checks when moving mails between different
	  quota roots.
	- search: Multiple sequence sets or UID sets in search parameters
	  weren't handled correctly. They were incorrectly merged together.

v2.2.26.0 2016-10-28  Timo Sirainen <tss@iki.fi>

	- Fixed some compiling issues.
	- auth: Fixed assert-crash when using NTLM or SKEY mechanisms and
	  multiple passdbs.
	- auth: Fixed crash when exporting to auth-worker passdb extra fields
	  that had empty values.
	- dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit

v2.2.26 2016-10-27  Timo Sirainen <tss@iki.fi>

	* master: Removed hardcoded 511 backlog limit for listen(). The kernel
	  should limit this as needed.
	* doveadm import: Source user is now initialized the same as target
	  user. Added -U parameter to override the source user.
	* Mailbox names are no longer limited to 16 hierarchy levels. We'll
	  check another way to make sure mailbox names can't grow larger than
	  4096 bytes.

	+ Added a concept of "alternative usernames" by returning user_* extra
	  field(s) in passdb. doveadm proxy list shows these alt usernames in
	  "doveadm proxy list" output. "doveadm director&proxy kick" adds
	  -f <passdb field> parameter. The alt usernames don't have to be
	  unique, so this allows creation of user groups and kicking them in
	  one command.
	+ auth: passdb/userdb dict allows now %variables in key settings.
	+ auth: If passdb returns noauthenticate=yes extra field, assume that
	  it only set extra fields and authentication wasn't actually performed.
	+ auth: passdb static now supports password={scheme} prefix.
	+ auth, login_log_format_elements: Added %{local_name} variable, which
	  expands to TLS SNI hostname if given.
	+ imapc: Added imapc_max_line_length to limit maximum memory usage.
	+ imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs.
	  This replaces at least partially the rawlog plugin.
	+ dsync: Added dsync_features=empty-header-workaround setting. This
	  makes incremental dsyncs work better for servers that randomly return
	  empty headers for mails. When an empty header is seen for an existing
	  mail, dsync assumes that it matches the local mail.
	+ doveadm sync/backup: Added -I <max size> parameter to skip too
	  large mails.
	+ doveadm sync/backup: Fixed -t parameter and added -e for "end date".
	+ doveadm mailbox metadata: Added -s parameter to allow accessing
	  server metadata by using empty mailbox name.
	+ Added "doveadm service status" and "doveadm process status" commands.
	+ director: Added director_flush_socket. See
	  http://wiki2.dovecot.org/Director#Flush_socket
	+ doveadm director flush: Users are now moved only max 100 at a time to
	  avoid load spikes. --max-parallel parameter overrides this.
	+ Added FILE_LOCK_SLOW_WARNING_MSECS environment, which logs a warning
	  if any lock is waited on or kept for this many milliseconds.

	- master process's listener socket was leaked to all child processes.
	  This might have allowed untrusted processes to capture and prevent
	  "doveadm service stop" comands from working.
	- login proxy: Fixed crash when outgoing SSL connections were hanging.
	- auth: userdb fields weren't passed to auth-workers, so %{userdb:*}
	  from previous userdbs didn't work there.
	- auth: Each userdb lookup from cache reset its TTL.
	- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
	- auth: Blocking userdb lookups reset extra fields set by previous
	  userdbs.
	- auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
	- auth-policy: Fixed crash due to using already-freed memory if policy
	  lookup takes longer than auth request exists.
	- lib-auth: Unescape passdb/userdb extra fields. Mainly affected
	  returning extra fields with LFs or TABs.
	- lmtp_user_concurrency_limit>0 setting was logging unnecessary
	  anvil errors.
	- lmtp_user_concurrency_limit is now checked before quota check with
	  lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
	- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
	- autoexpunge settings for mailboxes with wildcards didn't work when
	  namespace prefix was non-empty.
	- Fixed writing >2GB to iostream-temp files (used by fs-compress,
	  fs-metawrap, doveadm-http)
	- director: Ignore duplicates in director_servers setting.
	- director: Many fixes related to connection handshaking, user moving
	  and error handling.
	- director: Don't break with shutdown_clients=no
	- zlib, IMAP BINARY: Fixed internal caching when accessing multiple
	  newly created mails. They all had UID=0 and the next mail could have
	  wrongly used the previously cached mail.
	- doveadm stats reset wasn't reseting all the stats.
	- auth_stats=yes: Don't update num_logins, since it doubles them when
	  using with mail stats.
	- quota count: Fixed deadlocks when updating vsize header.
	- dict-quota: Fixed crashes happening due to memory corruption.
	- dict proxy: Fixed various timeout-related bugs.
	- doveadm proxying: Fixed -A and -u wildcard handling.
	- doveadm proxying: Fixed hangs and bugs related to printing.
	- imap: Fixed wrongly triggering assert-crash in
	  client_check_command_hangs.
	- imap proxy: Don't send ID command pipelined with nopipelining=yes
	- imap-hibernate: Don't execute quota_over_script or last_login after
	  un-hibernation.
	- imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one
	  IP packet.
	- imap-hibernate: Fixed various failures when un-hibernating.
	- fts: fts_autoindex=yes was broken in 2.2.25 unless
	  fts_autoindex_exclude settings existed.
	- fts-solr: Fixed searching multiple mailboxes (patch by x16a0)
	- doveadm fetch body.snippet wasn't working in 2.2.25. Also fixed a
	  crash with certain emails.
	- pop3-migration + dbox: Various fixes related to POP3 UIDL
	  optimization in 2.2.25.
	- pop3-migration: Fixed "truncated email header" workaround.

v2.2.25 2016-07-01  Timo Sirainen <tss@iki.fi>

	* lmtp: Start tracking lmtp_user_concurrency_limit and reject already
	  at RCPT TO stage. This avoids MTA unnecessarily completing DATA only
	  to get an error.
	* doveadm: Previously only mail settings were read from protocol
	  doveadm { .. } section. Now all settings are.

	+ quota: Added quota_over_flag_lazy_check setting. It avoids checking
	  quota_over_flag always at startup. Instead it's checked only when
	  quota is being read for some other purpose.
	+ auth: Added a new auth policy service:
	  http://wiki2.dovecot.org/Authentication/Policy
	+ auth: Added PBKDF2 password scheme
	+ auth: Added %{auth_user}, %{auth_username} and %{auth_domain}
	+ auth: Added ":remove" suffix to extra field names to remove them.
	+ auth: Added "delay_until=<timestamp>[+<max random secs>]" passdb
	  extra field. The auth will wait until <timestamp> and optionally some
	  randomness and then return success.
	+ dict proxy: Added idle_msecs=<n> parameter. Support async operations.
	+ Performance improvements for handling large mailboxes.
	+ Added lib-dcrypt API for providing cryptographic functions.
	+ Added "doveadm mailbox update" command
	+ imap commands' output now includes timing spent on the "syncing"
	  stage if it's larger than 0.
	+ cassandra: Added metrics=<path> to connect setting to output internal
	  statistics in JSON format every second to <path>.
	+ doveadm mailbox delete: Added -e parameter to delete only empty
	  mailboxes. Added --unsafe option to quickly delete a mailbox,
	  bypassing lazy_expunge and quota plugins.
	+ doveadm user & auth cache flush are now available via doveadm-server.
	+ doveadm service stop <services> will stop specified services while
	  leaving the rest of Dovecot running.
	+ quota optimization: Avoid reading mail sizes for backends which
	  don't need them (count, fs, dirsize)
	+ Added mailbox { autoexpunge_max_mails=<n> } setting.
	+ Added welcome plugin: http://wiki2.dovecot.org/Plugins/Welcome
	+ fts: Added fts_autoindex_exclude setting.
	- v2.2.24's MIME parser was assert-crashing on mails having truncated
	  MIME headers.
	- auth: With multiple userdbs the final success/failure result wasn't
	  always correct. The last userdb's result was always used.
	- doveadm backup was sometimes deleting entire mailboxes unnecessarily.
	- doveadm: Command -parameters weren't being sent to doveadm-server.
	- If dovecot.index read failed e.g. because mmap() reached VSZ limit,
	  an empty index could have been opened instead, corrupting the
	  mailbox state.
	- imapc: Fixed EXPUNGE handling when imapc_features didn't have modseq.
	- lazy-expunge: Fixed a crash when copying failed. Various other fixes.
	- fts-lucene: Fixed crash on index rescan.
	- auth_stats=yes produced broken output
	- dict-ldap: Various fixes
	- dict-sql: NULL values crashed. Now they're treated as "not found".

v2.2.24 2016-04-26  Timo Sirainen <tss@iki.fi>

	* doveconf now warns if it sees a global setting being changed when
	  the same setting was already set inside some filters. (A common
	  mistake has been adding more plugins to a global mail_plugins
	  setting after it was already set inside protocol { .. }, which
	  caused the global setting to be ignored for that protocol.)
	* LMTP proxy: Increased default timeout 30s -> 125s. This makes it
	  less likely to reach the timeout and cause duplicate deliveries.
	* LMTP and indexer now append ":suffix" to session IDs to make it
	  unique for the specific user's delivery. (Fixes duplicate session
	  ID warnings in stats process.)

	+ Added dict-ldap for performing read-only LDAP dict lookups.
	+ lazy-expunge: All mails can be saved to a single specified mailbox.
	+ mailbox { autoexpunge } supports now wildcards in mailbox names.
	+ doveadm HTTP API: Added support for proxy commands
	+ imapc: Reconnect when getting disconnected in non-selected state.
	+ imapc: Added imapc_features=modseq to access MODSEQs/HIGHESTMODSEQ.
	  This is especially useful for incremental dsync.
	+ doveadm auth/user: Auth lookup performs debug logging if
	  -o auth_debug=yes is given to doveadm.
	+ Added passdb/userdb { auth_verbose=yes|no } setting.
	+ Cassandra: Added user, password, num_threads, connect_timeout and
	  request_timeout settings.
	+ doveadm user -e <value>: Print <value> with %variables expanded.
	- Huge header lines could have caused Dovecot to use too much memory
	  (depending on config and used IMAP commands). (Typically this would
	  result in only the single user's process dying with out of memory
	  due to reaching service { vsz_limit } - not a global DoS).
	- dsync: Detect and handle invalid/stale -s state string better.
	- dsync: Fixed crash caused by specific mailbox renames
	- auth: Auth cache is now disabled passwd-file. It was unnecessary and
	  it broke %variables in extra fields.
	- fts-tika: Don't crash if it returns 500 error
	- dict-redis: Fixed timeout handling
	- SEARCH INTHREAD was crashing
	- stats: Only a single fifo_listeners was supported, making it
	  impossible to use both auth_stats=yes and mail stats plugin.
	- SSL errors were logged in separate "Stacked error" log lines
	  instead of as part of the disconnection reason.
	- MIME body parser didn't handle properly when a child MIME part's
	  --boundary had the same prefix as the parent.

v2.2.23 2016-03-30  Timo Sirainen <tss@iki.fi>

	- Various fixes to doveadm. Especially running commands via
	  doveadm-server was broken.
	- director: Fixed user weakness getting stuck in some situations
	- director: Fixed a situation where directors keep re-sending
	  different states to each others and never becoming synced.
	- director: Fixed assert-crash related to a slow "user killed" reply
	- Fixed assert-crash related to istream-concat, which could have
	  been triggered at least by a Sieve script.

v2.2.22 2016-03-16  Timo Sirainen <tss@iki.fi>

	+ Added doveadm HTTP API: See
	  http://wiki2.dovecot.org/Design/DoveadmProtocol/HTTP
	+ virtual plugin: Mailbox filtering can now be done based on the
	  mailbox metadata. See http://wiki2.dovecot.org/Plugins/Virtual
	+ stats: Added doveadm stats reset to reset global stats.
	+ stats: Added authentication statistics if auth_stats=yes.
	+ dsync, imapc, pop3c & pop3-migration: Many optimizations,
	  improvements and error handling fixes.
	+ doveadm: Most commands now stop soon after SIGINT/SIGTERM.
	- auth: Auth caching was done too aggressively when %variables were
	  used in default_fields, override_fields or LDAP pass/user_attrs.
	  userdb result_* were also ignored when user was found from cache.
	- imap: Fixed various assert-crashes caused v2.2.20+. Some of them
	  caught actual hangs or otherwise unwanted behavior towards IMAP
	  clients.
	- Expunges were forgotten in some situations, for example when
	  pipelining multiple IMAP MOVE commands.
	- quota: Per-namespaces quota were broken for dict and count backends
	  in v2.2.20+
	- fts-solr: Search queries were using OR instead of AND as the
	  separator for multi-token search queries in v2.2.20+.
	- Single instance storage support wasn't really working in v2.2.16+
	- dbox: POP3 message ordering wasn't working correctly.
	- virtual plugin: Fixed crashes related to backend mailbox deletions.

v2.2.21 2015-12-11  Timo Sirainen <tss@iki.fi>

	- doveadm mailbox list (and some others) were broken in v2.2.20
	- director: Fixed making backend changes when running with only a
	  single director server.
	- virtual plugin: Fixed crash when trying to open nonexistent
	  autocreated backend mailbox.

v2.2.20 2015-12-07  Timo Sirainen <tss@iki.fi>

	+ Added mailbox { autoexpunge=<time> } setting. See
	  http://wiki2.dovecot.org/MailboxSettings for details.
	+ ssl_options: Added support for no_ticket
	+ imap/pop3/managesieve-login: Added postlogin_socket=path passdb extra
	  field. This allows replacing the default service
	  imap/pop3/managesieve {} settings for specific users (e.g. running
	  their imap process via valgrind or strace).
	+ doveadm fetch: Added date.sent/received/saved.unixtime
	+ fs-posix: Added mode=auto parameter to set the created files' and
	  directories' mode based on the parent dir if it has setgid-bit.
	+ director: Support backends having hostnames, which makes it possible
	  to verify their SSL certificates.
	- director: Directors' state became desynchronized if doveadm director
	  commands were used to modify the same backend in multiple directors
	  at the same time with conflicting changes. This fix includes some
	  extra checks, which makes sure that if such a conflict still happens
	  it's automatically fixed. In some situations such an automatic fix
	  may now be unnecessarily triggered and an error logged.
	- director: Backend tags weren't working correctly.
	- ldap: tls_* settings weren't used for ldaps URIs.
	- ldap, mysql: Fixed setting connect timeout.
	- auth: userdb lookups via auth-worker couldn't change username
	- dsync: Fixed handling deleted directories. Make sure we don't go to
	  infinite mailbox renaming loop.
	- imap: Fixed crash in NOTIFY when there were watched namespaces that
	  didn't support NOTIFY.
	- imap: After SETMETADATA was used, various commands (especially FETCH)
	  could have started hanging when their output was large.
	- stats: Idle sessions weren't refreshed often enough, causing stats
	  process to forget them and log errors about unknown sessions when
	  they were updated later.
	- stats: Fixed "Duplicate session ID" errors when LMTP delivered to
	  multiple recipients and fts_autoindex=yes.
	- zlib plugin: Fixed copying causing cache corruption when zlib_save
	  wasn't set, but the source message was compressed.
	- fts-solr: Fixed escaping Solr query parameters.
	- lmtp: quota_full_tempfail=yes was ignored with
	  lmtp_rcpt_check_quota=yes

v2.2.19 2015-10-02  Timo Sirainen <tss@iki.fi>

	* pop3_deleted_flag has been broken since v2.2.10. Using it would
	  cause buffer overflows, which could be exploitable. However, this
	  bug would have become visible quite soon after users had deleted
	  some POP3 mails, because the pop3 processes would have started
	  crashing all the time even in normal use.
	* "doveadm director flush" command has a changed meaning now:
	  It safely moves users to their wanted backends, instead of simply
	  forgetting the mapping entirely and leaving the existing connections
	  untouched. Use -F parameter to get the original unsafe behavior.

	+ Added imap-hibernate processes (see imap_hibernate_timeout setting).
	  IDLEing IMAP connections can be hibernated, which saves memory.
	+ Optimized tracking mailboxes' vsizes (= sum of all messages' sizes).
	  If mailbox_list_index=yes, it's also stored in there. This makes it
	  very efficient to look up vsizes for all mailboxes.
	+ Added a quota "count" backend, which uses the mailbox vsizes to get
	  the current quota usage. It requires using the new quota_vsizes=yes
	  setting, which tracks the messages' "virtual sizes" rather than
	  "physical sizes". Their distiction is minor and mostly irrelevant
	  nowadays (if mail sizes should be counted with LF or CRLF newlines).
	+ "doveadm director up/down" commands added. The monitoring script
	  should be using these commands instead of changing the vhost count.
	  This allows admin to manually disable a server by changing the vhost 
	  count to 0 without the monitoring script changing it back.
	+ Added support for HAProxy protocol: http://wiki2.dovecot.org/HAProxy
	+ Added push-notification plugin framework, which can be used to
	  easily implement push notifications to various backends. Implemented
	  "ox" backend for notifying Open-Xchange via HTTP/json.
	+ imap_logout_format supports more variables now, e.g. number of
	  deleted messages.
	+ pop3: Added pop3_delete_type setting (related to pop3_deleted_flag).
	+ plugin { fts_enforced=yes } setting now fails body searches unless
	  it can be done via the full text search engine.
	+ Added %{passdb:*} and %{userdb:*} variables to various places
	+ auth: Added ":protected" suffix for passdb and userdb fields. If
	  used, the field doesn't overwrite an existing field.
	+ IMAP/POP3 proxy: If a backend server dies, avoid client reconnection
	  spikes by slowly disconnecting clients over time. This is enabled by
	  setting login_proxy_max_disconnect_delay=secs passdb extra field.
	+ imap: Added new read-only METADATA entries: /private/specialuse,
	  /shared/comment, /shared/admin
	+ imap: If client disconnects in the middle of a command, log how long
	  the command had been running.
	- mdbox: Rebuilding could have caused message's reference count to
	  overflow the 16bit number in some situations, causing problems when
	  trying to expunge the duplicates.
	- Various search fixes (fts, solr, tika, lib-charset, indexer)
	- Various virtual plugin fixes
	- Various fixes and optimizations to dsync, imapc and pop3-migration
	- imap: Various RFC compliancy and crash fixes to NOTIFY

v2.2.18 2015-05-15  Timo Sirainen <tss@iki.fi>

	- director: Login UNIX sockets were normally detected as doveadm or
	  director ring sockets, causing it to break in existing installations.
	- sdbox: When copying a mail in alt storage, place the destination to
	  alt storage as well.

v2.2.17 2015-05-13  Timo Sirainen <tss@iki.fi>

	* Dovecot no longer checks or warns if a mountpoint is removed. This
	  was causing more trouble than it was worth. Make sure that all the
	  mountpoints that Dovecot accesses aren't writable by mail processes
	  when they're unmounted.
	* dict server wasn't properly escaping/unescaping data. Fixing this
	  broke backwards compatibility with data that contains line feeds.
	  This hopefully affects only very few installations. If you're using
	  dict to save multiline data (Sieve scripts to SQL), you may be
	  affected.
	* imap: SPECIAL-USE capability is no longer advertised if there are
	  no special_use flags specified for any mailboxes.

	+ lmtp: Added lmtp_hdr_delivery_address setting to specify whether
	  to include email address in Delivered-To: and Received: headers.
	+ Added initial version of full text search library, which includes
	  language-specific text normalization and filtering. This is still
	  in development, but it's already possible to use for testing with
	  fts-lucene and fts-solr.
	+ lda, lmtp: deliver_log_format can now include %{delivery_time},
	  which expands to how many milliseconds it took to deliver the mail.
	  With LMTP %{session_time} also expands to how many milliseconds the
	  LMTP session took, not including the delivery time.
	+ lmtp proxy: Mail delivery logging includes timing information.
	+ imap: Most IMAP commands now include in the tagged reply how many
	  milliseconds it took to run the command (not counting the time spent
	  on waiting for the IMAP client to read/write data).
	+ director: Implemented director_proxy_maybe passdb extra field to
	  be able to run director and backend in the same Dovecot instance.
	  (LMTP doesn't support mixed proxy/non-proxy destinations currently.)
	+ doveadm: Added -F <file> parameter to read a list of users from the
	  given file and run the command for all the users. This is similar to
	  -A parameter reading the list of users from userdb lookup.
	+ Implemented initial Cassandra CQL support as lib-sql backend. It's
	  only usable as dict backend currently.
	+ Added quota-clone plugin to copy current quota usage to a dict.
	- auth: If auth_master_user_separator was set, auth process could be
	  crashed by trying to log in with empty master username.
	- imap-login, pop3-login: Fixed crash on handshake failures with new
	  OpenSSL versions (v1.0.2) when SSLv3 was disabled.
	- auth: If one passdb fails allow_nets check, it shouldn't have failed
	  all the other passdb checks later on.
	- imap: Server METADATA couldn't be accessed
	- imapc: Fixed \Muted label handling in gmail-migration.
	- imapc: Various bugfixes and improvements.
	- Trash plugin fixes by Alexei Gradinari
	- mbox: Fixed crash/corruption in some situations

v2.2.16 2015-03-12  Timo Sirainen <tss@iki.fi>

	* dbox: Resyncing (e.g. doveadm force-resync) no longer deletes
	  dovecot.index.cache file. The cache file was rarely the problem
	  so this just caused unnecessary slowness.
	* Mailbox name limits changed during mailbox creation: Each part of
	  a hierarchical name (e.g. "x" or "y" in "x/y") can now be up to 255
	  chars long (instead of 200). This also reduces the max number of
	  hierarchical levels to 16 (instead of 20) to keep the maximum name
	  length 4096 (a common PATH_MAX limit). The 255 char limit is
	  hopefully large enough for migrations from all existing systems.
	  It's also the limit on many filesystems.

	+ director: Added director_consistent_hashing setting to enable
	  consistent hashing (instead of the mostly-random MD5 hashing).
	  This causes fewer user moves between backends when backend counts
	  are changed, which may improve performance (mainly due to caching).
	+ director: Added support for "tags", which allows one director ring
	  to serve multiple backend clusters with different sets of users.
	+ LMTP server: Added lmtp_user_concurrency_limit setting to limit how
	  many LMTP deliveries can be done concurrently for a single user.
	+ LMTP server: Added support for STARTTLS command.
	+ If logging data is generated faster than it can be written, log a
	  warning about it and show information about it in log process's
	  process title in ps output. Also don't allow a single service to
	  flood too long at the cost of delaying other services' logging.
	+ stats: Added support for getting global statistics.
	+ stats: Use the same session IDs as the rest of Dovecot.
	+ stats: Plugins can now create their own statistics fields
	+ doveadm server: Non-mail related commands can now also be used
	  via doveadm server (TCP socket).
	+ doveadm proxying: passdb lookup can now override doveadm_port and
	  change the username.
	+ doveadm: Search query supports now "oldestonly" parameter to stop
	  immediately on the first non-match. This can be used to optimize:
	  doveadm expunge mailbox Trash savedbefore 30d oldestonly
	+ doveadm: Added "save" command to directly save mails to specified
	  mailbox (bypassing Sieve).
	+ doveadm fetch: Added body.snippet field, which returns the first
	  100 chars of a message without whitespace or HTML tags. The result
	  is stored into dovecot.index.cache, so it can be fetched efficiently.
	+ dsync: Added -t <timestamp> parameter to sync only mails newer than
	  the given received-timestamp.
	+ dsync: Added -F [-]<flag> parameter to sync only mails with[out] the
	  given flag/keyword.
	+ dsync: Added -a <mailbox> parameter to specify the virtual mailbox
	  containing user's all mails. If this mailbox is already found to
	  contain the wanted mail (by its GUID), the message is copied from
	  there instead of being re-saved. (This isn't efficient enough yet
	  for incremental replication.)
	+ dsync: -m parameter can now specify \Special-use names for mailboxes.
	+ imapc: Added imapc_features=gmail-migration to help migrations from
	  GMail. See http://wiki2.dovecot.org/Migration/Gmail
	+ imapc: Added imapc_features=search to support IMAP SEARCH command.
	  (Currently requires ESEARCH support from remote server.)
	+ expire plugin: Added expire_cache=yes setting to cache most of the
	  database lookups in dovecot index files.
	+ quota: If overquota-flag in userdb doesn't match the current quota
	  usage, execute a configured script.
	+ redis dict: Added support for expiring keys (:expire_secs=n) and
	  specifying the database number (:db=n)
	- auth: Don't crash if master user login is attempted without
	  any configured master=yes passdbs
	- Parsing UTF-8 text for mails could have caused broken results
	  sometimes if buffering was split in the middle of a UTF-8 character.
	  This affected at least searching messages.
	- String sanitization for some logged output wasn't done properly:
	  UTF-8 text could have been truncated wrongly or the truncation may
	  not have happened at all.
	- fts-lucene: Lookups from virtual mailbox consisting of over 32
	  physical mailboxes could have caused crashes.

v2.2.15 2014-10-24  Timo Sirainen <tss@iki.fi>

	* Plugins can now print a banner comment in doveconf output
	  (typically the plugin version)
	* Replication plugin now triggers low (instead of high) priority for
	  mail copying operations.
	* IMAP/POP3/ManageSieve proxy: If destination server can't be
	  connected to, retry connecting once per second up to the value of
	  proxy_timeout. This allows quick restarts/upgrades on the backend
	  server without returning login failures.
	* Internal passdb lookups (e.g. done by lmtp/doveadm proxy) wasn't
	  returning failure in some situations where it should have (e.g.
	  allow_nets mismatch)
	* LMTP uses mail_log_prefix now for logging mail deliveries instead of
	  a hardcoded prefix. The non-delivery log prefix is still hardcoded
	  though.

	+ passdb allow_nets=local matches lookups that don't contain an IP
	  address (internally done by Dovecot services)
	+ Various debug logging and error logging improvements
	- Various race condition fixes to LAYOUT=index
	- v2.2.14 virtual plugin crashed in some situations

v2.2.14 2014-10-14  Timo Sirainen <tss@iki.fi>

	* lmtp: Delivered-To: header no longer contains <> around the email
	  address. Other MDAs don't have it either.
	* "Out of disk space" errors are now treated as temporary errors
	  (not the same as "Out of disk quota").
	* replication plugin: Use replication only for users who have a
	  non-empty mail_replica setting.

	+ lmtp proxy: Log a line about each mail delivery.
	+ Added login_source_ips setting. This can be used to set the source IP
	  address round-robin from a pool of IPs (in case you run out of TCP
	  ports).
	+ Rawlog settings can use tcp:<host>:<port> as the path.
	+ virtual plugin: Don't keep more than virtual_max_open_mailboxes
	  (default 64) number of backend mailboxes open.
	+ SSL/TLS compression can be disabled with ssl_options=no_compression
	+ acl: Global ACL file now supports "quotes" around patterns.
	+ Added last-login plugin to set user's last-login timestamp on login.
	+ LDAP auth: Allow passdb credentials lookup also with auth_bind=yes	
	- IMAP: MODSEQ was sent in FETCH reply even if CONDSTORE/QRESYNC wasn't
	  enabled. This broke at least old Outlooks.
	- passdb static treated missing password field the same as an empty
	  password field.
	- mdbox: Fixed potential infinite looping when scanning a broken
	  mdbox file.
	- imap-login, pop3-login: Fixed potential crashes when client
	  disconnected unexpectedly.
	- imap proxy: The connection was hanging in some usage patterns. This
	  mainly affected older Outlooks.
	- lmtp proxy: The proxy sometimes delivered empty mails in error
	  situations or potentially delivered truncated mails.
	- fts-lucene: If whitespace_chars was set, we may have ended up
	  indexing some garbage words, growing the index size unnecessarily.
	- -c and -i parameters for dovecot/doveadm commands were ignored if
	  the config socket was readable.
	- quota: Quota recalculation didn't include INBOX in some setups.
	- Mail headers were sometimes added to dovecot.index.cache in wrong
	  order. The main problem this caused was with dsync+imapc incremental
	  syncing when the second sync thought the local mailbox had changed.
	- Fixed several race conditions with dovecot.index.cache handling that
	  may have caused unnecessary "cache is corrupted" errors.
	- doveadm backup didn't notice if emails were missing from the middle
	  of the destination mailbox. Now it deletes and resyncs the mailbox.
	- auth: If auth client listed userdb and disconnected before finishing,
	  the auth worker process got stuck (and eventually all workers could
	  get used up and requests would start failing).

v2.2.13 2014-05-11  Timo Sirainen <tss@iki.fi>

	* Fixed a DoS attack against imap/pop3-login processes. If SSL/TLS
	  handshake was started but wasn't finished, the login process
	  attempted to eventually forcibly disconnect the client, but failed
	  to do it correctly. This could have left the connections hanging
	  arond for a long time. (Affected Dovecot v1.1+)

	+ mdbox: Added mdbox_purge_preserve_alt setting to keep the file
	  within alt storage during purge. (Should become enforced in v2.3.0?)
	+ fts: Added support for parsing attachments via Apache Tika. Enable
	  with: plugin { fts_tika = http://tikahost:9998/tika/ }
	+ virtual plugin: Delay opening backend mailboxes until it's necessary.
	  This requires mailbox_list_index=yes to work. (Currently IMAP IDLE
	  command still causes all backend mailboxes to be opened.)
	+ mail_never_cache_fields=* means now to disable all caching. This may
	  be a useful optimization as doveadm/dsync parameter for some admin
	  tasks which shouldn't really update the cache file.
	+ IMAP: Return SPECIAL-USE flags always for LSUB command.
	- pop3 server was still crashing in v2.2.12 with some settings
	- maildir: Various fixes and improvements to handling compressed mails,
	  especially when they have broken/missing S=sizes in filenames.
	- fts-lucene, fts-solr: Fixed crash on search when the index contained
	  duplicate entries.
	- Many fixes and performance improvements to dsync and replication
	- director was somewhat broken when there were exactly two directors
	  in the ring. It caused errors about "weak users" getting stuck.
	- mail_attachment_dir: Attachments with the last base64-encoded line
	  longer than the rest wasn't handled correctly.
	- IMAP: SEARCH/SORT PARTIAL was handled completely wrong in v2.2.11+
	- acl: Global ACL file handling was broken when multiple entries
	  matched the mailbox name. (Only the first entry was used.)

v2.2.12 2014-02-14  Timo Sirainen <tss@iki.fi>

	- pop3 server was crashing in v2.2.11

v2.2.11 2014-02-12  Timo Sirainen <tss@iki.fi>

	+ acl plugin: Added an alternative global ACL file that can contain
	  mailbox patterns. See http://wiki2.dovecot.org/ACL for details.
	+ imap proxy: Added proxy_nopipelining passdb setting to work around
	  other IMAP servers' bugs (MS Exchange 2013 especially).
	+ Added %{auth_user}, %{auth_username} and %{auth_domain} variables.
	  See http://wiki2.dovecot.org/Variables for details.
	+ Added support for LZ4 compression.
	+ stats: Track also wall clock time for commands.
	+ pop3_migration plugin improvements to try harder to match the UIDLs
	  correctly.
	- imap: SEARCH/SORT PARTIAL responses may have been too large.
	- doveadm backup: Fixed assert-crash when syncing mailbox deletion.

v2.2.10 2013-11-25  Timo Sirainen <tss@iki.fi>

	+ auth: passdb/userdb dict rewrite to support much more complex
	  setups. See doc/example-config/dovecot-dict-auth.conf.ext.
	  The old settings will continue to work.
	+ auth: Added userdb result_success/failure/tempfail and skip
	  settings, similar to passdb's. See
	  http://wiki2.dovecot.org/UserDatabase
	+ imap: Implemented SETQUOTA command for admin user when quota_set is
	  configured. See http://master.wiki2.dovecot.org/Quota/Configuration
	+ quota: Support "*" and "?" wildcards in mailbox names in quota_rules
	+ mysql: Added ssl_verify_server_cert=no|yes parameter. This currently
	  defaults to "no" to make sure nothing breaks, but likely will become
	  "yes" in Dovecot v2.3.
	+ ldap: Added blocking=yes setting to use auth worker processes for
	  ldap lookups. This is a workaround for now to be able to use multiple
	  simultaneous LDAP connections.
	+ pop3c+dsync performance improvements
	- quota-status: quota_grace was ignored
	- ldap: Fixed memory leak with auth_bind=yes and without
	  auth_bind_userdn.
	- imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when
	  CONDSTORE/QRESYNC has never before been enabled for the mailbox.
	- imap: Fixes to handling mailboxes without permanent modseqs.
	  (When [NOMODSEQ] is returned by SELECT, mainly with in-memory
	  indexes.)
	- imap: Various fixes to METADATA support.
	- stats plugin: Processes that only temporarily dropped privileges
	  (e.g. indexer-worker) may have been logging errors about not being
	  able to open /proc/self/io.

v2.2.9 2013-11-25  Timo Sirainen <tss@iki.fi>

	+ Full text search indexing can now be done automatically after
	  saving/copying mails by setting plugin { fts_autoindex=yes }
	+ replicator: Added replication_dsync_parameters setting to pass
	  "doveadm sync" parameters (for controlling what to replicate).
	+ Added mail-filter plugin
	+ Added liblzma/xz support (zlib_save=xz)
	- v2.2.8's improved cache file handling exposed several old bugs
	  related to fetching mail headers.
	- v2.2.7's iostream handling changes were causing some connections
	  to be disconnected before flushing their output (e.g. POP3 logout
	  message wasn't being sent)

v2.2.8 2013-11-19  Timo Sirainen <tss@iki.fi>

	+ Mail cache lookups work for the mail being saved. This improves
	  performance by avoiding the need to parse the mail multiple times
	  when using some plugins (e.g. mail_log).
	+ Mail cache works for recently cached data also with in-memory
	  indexes.
	+ imapc: Many performance improvements, especially when working with
	  dsync. Also added imapc_feature=fetch-headers which allows using
	  FETCH BODY.PEEK[HEADER.FIELDS (..)] to avoid reading the entire
	  header.
	+ mail_location = ..:FULLDIRNAME=dbox-Mails is the same as
	  :DIRNAME=dbox-Mails, but it will also be used for
	  :INDEX and :CONTROL directories. (It should have worked this way
	  from the beginning, but can't be changed anymore without breaking
	  existing installations).
	- Fixed infinite loop in message parsing if message ends with
	  "--boundary" and CR (without LF). Messages saved via SMTP/LMTP can't
	  trigger this, because messages must end with an "LF.". A user could
	  trigger this for him/herself though.
	- lmtp: Client was sometimes disconnected before all the output was
	  sent to it.
	- imap_zlib plugin caused crashes during client disconnection in
	  v2.2.7
	- replicator: Database wasn't being exported to disk every 15 minutes
	  as it should have. Instead it was being imported, causing "doveadm
	  replicator remove" commands to not work very well.

v2.2.7 2013-11-03  Timo Sirainen <tss@iki.fi>

	* Some usage of passdb checkpassword could have been exploitable by
	  local users. You may need to modify your setup to keep it working.
	  See http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security

	+ auth: Added ability to truncate values logged by
	  auth_verbose_passwords (see 10-logging.conf comment)
	+ mdbox: Added "mdbox_deleted" storage, which can be used to access
	  messages with refcount=0. For example: doveadm import
	  mdbox_deleted:~/mdbox "" mailbox inbox subject oops
	+ ssl-params: Added ssl_dh_parameters_length setting.
	- master process was doing a hostname.domain lookup for each created
	  process, which may have caused a lot of unnecessary DNS lookups.
	- dsync: Syncing over 100 messages at once caused problems in some
	  situations, causing messages to get new UIDs.
	- fts-solr: Different Solr hosts for different users didn't work.

v2.2.6 2013-09-25  Timo Sirainen <tss@iki.fi>

	* acl: If public/shared namespace has a shared subscriptions file for
	  all users, don't list subscription entries that are not visible to
	  the user accessing it.

	+ doveadm: Added "auth lookup" command for doing passdb lookup.
	+ login_log_format_elements: Added %{orig_user}, %{orig_username}
	  and %{orig_domain} expanding to the username exactly as sent by
	  the client (before any changes auth process made).
	+ Added ssl_prefer_server_ciphers setting.
	+ auth_verbose_passwords: Log the password also for unknown users.
	+ Linux: Added optional support for SO_REUSEPORT with
	  inet_listener { reuse_port=yes }
	- director: v2.2.5 changes caused "SYNC lost" errors
	- dsync: Many fixes and error handling improvements
	- doveadm -A: Don't waste CPU by doing a separate config lookup
	  for each user
	- Long-running ssl-params process no longer prevents Dovecot restart
	- mbox: Fixed mailbox_list_index=yes to work correctly

v2.2.5 2013-08-05  Timo Sirainen <tss@iki.fi>

	+ SSL: Added support for ECDH/ECDHE cipher suites (by David Hicks)
	+ Added some missing man pages (by Pascal Volk)
	+ quota-status: Added quota_status_toolarge setting (by Ulrich Zehl)
	- director: Users near expiration could have been redirected to
	  different servers at the same time.
	- pop3: Avoid assert-crash if client disconnects during LIST. 
	- mdbox: Corrupted index header still wasn't automatically fixed.
	- dsync: Various fixes to work better with imapc and pop3c storages.
	- ldap: sasl_bind=yes caused crashes, because Dovecot's lib-sasl
	  symbols conflicted with Cyrus SASL library.
	- imap: Various error handling fixes to CATENATE. (Found using
	  Apple's stress test script.)

v2.2.4 2013-06-25  Timo Sirainen <tss@iki.fi>

	+ doveadm: Added "flags" command to modify message flags.
	+ doveadm: Added "deduplicate" command to expunge message duplicates.
	+ dsync: Show the state in process title with verbose_proctitle=yes.
	- imap/pop3 proxy: Master user logins were broken in v2.2.3
	- sdbox/mdbox: A corrupted index header with wrong size was never
	  automatically fixed in v2.2.3.
	- mbox: Fixed assert-crashes related to locking.

v2.2.3 2013-06-17  Timo Sirainen <tss@iki.fi>

	* LDA/LMTP: If new mail delivery first fails with "temporary
	  failure", tempfail the whole delivery instead of falling back to
	  delivering the mail to INBOX. (Requires new Pigeonhole as well.)
	* doc/solr-schema.xml was updated to Solr v4.x format. Also the
	  default analyzers were changed, hopefully for the better. Note that
	  the schema can't be changed for existing Solr indexes without
	  rebuilding everything.
	* Solr plugin does only soft commits from now on. You'll need a
	  cronjob to send a hard commit command to it every few minutes.

	+ Added %N modifier for variables as %H-like "new hash"
	+ sdbox, mdbox: Support POP3 message order field (for migrations)
	+ Added mailbox { driver } to specify a different mail storage
	  format for the mailbox than generally used within the namespace.
	+ Added initial lib-sasl library for client side SASL support.
	  Currently supports only PLAIN, LOGIN and plugins. Used currently
	  by IMAP and POP3 proxying when authenticating to the remote server.
	- IMAP: If subject contained only whitespace, Dovecot returned an
	  ENVELOPE reply with a huge literal value, effectively causing the
	  IMAP client to wait for more data forever.
	- IMAP: Various URLAUTH fixes.
	- imapc: Various bugfixes and improvements
	- pop3c: Various fixes to make it work in dsync (without imapc)
	- dsync: Fixes to syncing subscriptions. Fixes to syncing mailbox
	  renames.

v2.2.2 2013-05-20  Timo Sirainen <tss@iki.fi>

	+ zlib: Keep the last mail cached uncompressed in a temp file. This
	  fixes performance when doing small partial fetches from a large
	  mail.
	+ acl: If plugin { acl_defaults_from_inbox = yes } is set, get the
	  default ACLs for private and shared namespaces from the user's INBOX.
	  (This probably will become default in v2.3.)
	+ pop3: Added pop3_deleted_flag setting to switch POP3 deletions to
	  only hide the messages from POP3, but still be visible via IMAP.
	- ACL plugin: Mailbox creation wasn't actually checking any ACLs
	  and always succeeded (due to some v2.2 API changes). The created
	  mailbox couldn't have been accessed though, so this couldn't have
	  caused any data leak.
	- IMAP: Various URLAUTH fixes.
	- IMAP: Fixed a hang with invalid APPEND parameters.
	- IMAP LIST-EXTENDED: INBOX was never listed with \Subscribed flag.
	- mailbox_list_index=yes still caused crashes.
	- maildir: Fixed a crash after dovecot-keywords file was re-read.
	- maildir: If files had reappeared unexpectedly to a Maildir, they
	  were ignored until index files were deleted.
	- Maildir: Fixed handling over 26 keywords in a mailbox. 
	- Maildir++: Fixed mail_shared_explicit_inbox=no 
	- namespace { prefix="" list=no } was listing mailboxes.
	- imap/pop3-login proxying: Fixed a crash if TCP connection succeeded,
	  but the remote login timed out.
	- Case-insensitive search/sort didn't work correctly for all unicode
	  characters, as specified by i;unicode-casemap comparator. If full
	  text search indexes were used, they need to be rebuilt for old mails
	  to be handled correctly. (This bug has existed always in Dovecot.)

v2.2.1 2013-04-19  Timo Sirainen <tss@iki.fi>

	- mailbox_list_index=yes was broken.
	- LAYOUT=index didn't list subscriptions.
	- auth: Multiple master passdbs didn't work.
	- Message parsing (e.g. during search) crashed when multipart message
	  didn't actually contain any parts.

v2.2.0 2013-04-11  Timo Sirainen <tss@iki.fi>

	* When creating home directories, the permissions are copied from the
	  parent directory if it has setgid-bit set. For full details, see
	  http://wiki2.dovecot.org/SharedMailboxes/Permissions
	* "doveadm auth" command was renamed to "doveadm auth test"
	* IMAP: ID command now advertises server name as Dovecot by default.
	  It was already trivial to guess this from command replies.
	* dovecot.index.cache files can be safely accessed only by v2.1.11+.
	  Older versions may think they're corrupted and delete them.
	* LDA/LMTP: If saving a mail brings user from under quota to over 
	  quota, allow it based on quota_grace setting (default: 10%
	  above quota limit).
	* pop3_lock_session=yes now uses a POP3-only dovecot-pop3-session.lock
	  file instead of actually locking the mailbox (and causing
	  IMAP/LDA/LMTP to wait for the POP3 session to close).
	* mail_shared_explicit_inbox setting's default switched to "no".
	* ssl_client_ca_dir setting replaced imapc_ssl_ca_dir and
	  pop3c_ssl_ca_dir settings.

	+ Implemented IMAP MOVE and BINARY extensions
	+ Implemented IMAP CATENATE, URLAUTH and URLAUTH=BINARY extensions
	  (by Stephan Bosch).
	+ Implemented IMAP NOTIFY extension. Requires mailbox_list_index=yes
	  to be enabled.
	+ Redesigned and rewritten dsync. The new design makes the syncing
	  faster, more reliable and more featureful. The new dsync protocol
	  isn't backwards compatible with old dsync versions (but is designed
	  to be forwards compatible with future versions).
	+ All mailbox formats now support per-user message flags for shared
	  mailboxes by using a private index. It can be enabled by adding
	  :INDEXPVT=<path> to mail location. This should be used instead of
	  :INDEX also for Maildir/mbox to improve performance.
	+ Improved mailbox list indexes. They should be usable now, although
	  still disabled by default.
	+ Added LAYOUT=index. The mailbox directories are created using their
	  GUIDs in the filesystem, while the actual GUID <-> name mapping
	  exists only in the index.
	+ LMTP proxy: Implemented XCLIENT extension for passing remote IP
	  address through proxy.

v2.2.rc7 2013-04-10  Timo Sirainen <tss@iki.fi>

	* checkpasword: AUTH_PASSWORD environment is no longer set.
	* Running dsync no longer triggers quota warnings.

	+ dsync: Commit large transactions every 100 new messages, so if a
	  large sync crashes it doesn't have to be restarted from the
	  beginning.
	- replicator: doveadm commands and user list export may have skipped
	  some users.
	- Various fixes to mailbox_list_index=yes

v2.2.rc6 2013-04-08  Timo Sirainen <tss@iki.fi>

	* replicator: Don't create replicator-doveadm socket by default.
	  This way doveadm replicator commands don't accidentally start an
	  unconfigured replicator server.
	+ replicator: Have remote dsync notify the remote replicator that
	  a user was just synced. This way the replicators are kept roughly
	  in sync.
	+ Added ssl_client_ca_file to specify the CA certs as a file. This is
	  needed (instead of ssl_client_ca_dir) in RedHat-based systems.
	+ Added "doveadm fs" commands, mainly to debug lib-fs backends.
	- Mailbox list indexes weren't using proper file permissions based
	  on the root directory.

v2.2.rc5 2013-04-05  Timo Sirainen <tss@iki.fi>

	- A few small random fixes

v2.2.rc4 2013-04-05  Timo Sirainen <tss@iki.fi>

	+ Added "doveadm replicator" commands
	- Larger changes to lib-http and lib-ssl-iostream error handling.
	  The API caller can now get the exact error message as a string.
	- Various bugfixes to LDAP changes in rc3

v2.2.rc3 2013-03-20  Timo Sirainen <tss@iki.fi>

	+ dsync: Support syncing ACLs (and Sieve scripts with Pigeonhole)
	+ ldap: Support subqueries and value pointers, see
	  http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
	+ postmaster_address setting: Expand %d to recipient's domain
	- Fixed a crash when decoding quoted-printable content.
	- dsync: Various bugfixes

v2.2.rc2 2013-02-15  Timo Sirainen <tss@iki.fi>

	- rc1 wasn't actually usable in most configurations.

v2.2.rc1 2013-02-15  Timo Sirainen <tss@iki.fi>

	* See v2.2.0 notes

v2.1.13 2013-01-06  Timo Sirainen <tss@iki.fi>

	- Some fixes to cache file changes in v2.1.11.
	- fts-solr: Overlong UTF8 sequences in mails were rejected by Solr and
	  caused the mails to not be indexed.
	- virtual storage: Sorting mailbox by from/to/cc/bcc didn't work.

v2.1.12 2012-11-30  Timo Sirainen <tss@iki.fi>

	- dovecot-config in v2.1.11 caused build problems with Pigeonhole

v2.1.11 2012-11-29  Timo Sirainen <tss@iki.fi>

	* lmtp/lda: dovecot.index.cache file is no longer fully mapped to
	  memory, allowing mail deliveries to work even if the file is huge.
	* auth: userdb passwd lookups are now done by auth worker processes
	  instead of auth master process (as it was documented, but
	  accidentally didn't work that way).

	+ lmtp: lmtp_rcpt_check_quota=yes setting checks quota on RCPT TO.
	- lmtp: After successful proxying RCPT TO, the next one to a
	  nonexistent user gave tempfail error instead of "user not found".
	- lmtp proxy: Fixed hanging if remote server was down.
	- imap: Fixed crash when SEARCH contained multiple KEYWORD parameters.
	- doveadm: Various fixes to handling doveadm-server connections.
	- -i <instance name> parameter for Dovecot tools didn't work correctly.
	- director was somewhat broken in v2.1.10. This version also includes
	  various reliability enhancements.
	- auth: passdb imap was broken in v2.1.10.

v2.1.10 2012-09-18  Timo Sirainen <tss@iki.fi>

	+ imap: Implemented THREAD=ORDEREDSUBJECT extension.
	+ Added "doveadm exec" command to easily execute commands from
	  libexec_dir, e.g. "doveadm exec imap -u user@domain"
	+ Added "doveadm copy" command.
	+ doveadm copy/move: Added optional user parameter to specify the
	  source username. This allows easily copying mails between different
	  users.
	+ Added namespace { disabled } setting to quickly enable/disable
	  namespaces. This is especially useful when its value is returned by
	  userdb.
	+ Added mailbox_alias plugin. It allows creating mailbox aliases using
	  symlinks.
	+ imapc storage: Added imapc_max_idle_time setting to force activity
	  on connection.
	+ fts-solr: Expunging multiple messages is now faster.
	- director: In some conditions director may have disconnected from
	  another director (without logging about it), thinking it was sending
	  invalid data.
	- imap: Various fixes to listing mailboxes.
	- pop3-migration plugin: Avoid disconnection from POP3 server due
	  to idling.
	- login processes crashed if there were a lot of local {} or remote {}
	  settings blocks.

v2.1.9 2012-08-01  Timo Sirainen <tss@iki.fi>

	* mail-log plugin: Log mailbox names with UTF-8 everywhere 
	  (instead of mUTF-7 in some places and UTF-8 in other places)
	* director: Changed director_username_hash setting's default from %u
	  to %Lu (= lowercase usernames). This doesn't break any existing
	  installations, but might fix some of them.

	+ doveadm: Added "auth cache flush [<username>]" command.
	+ Implemented dict passdb/userdb
	+ Implemented Redis and memcached dict backends, which can be used as
	  auth backends. Redis can also be used as dict-quota backend.
	+ Added plugin { quota_ignore_save_errors=yes } setting to allow saving
	  a mail when quota lookup fails with temporary failure.
	- Full text search indexing might have failed for some messages,
	  always causing indexer-worker process to run out of memory.
	- fts-lucene: Fixed handling SEARCH HEADER FROM/TO/SUBJECT/CC/BCC when
	  the header wasn't lowercased.
	- fts-squat: Fixed crash when searching a virtual mailbox.
	- pop3: Fixed assert crash when doing UIDL on empty mailbox on some
	  setups. 
	- auth: GSSAPI RFC compliancy and error handling fixes.
	- Various fixes related to handling shared namespaces

v2.1.8 2012-07-03  Timo Sirainen <tss@iki.fi>

	+ pop3c: Added pop3c_master_user setting.
	- imap: Mailbox names were accidentally sent as UTF-8 instead of mUTF-7
	  in previous v2.1.x releases for STATUS, MYRIGHTS and GETQUOTAROOT
	  commands.
	- lmtp proxy: Don't timeout connections too early when mail has a lot
	  of RCPT TOs.
	- director: Don't crash if the director is working alone.
	- shared mailboxes: Avoid doing "@domain" userdb lookups.
	- doveadm: Fixed crash with proxying some commands.
	- fts-squat: Fixed handling multiple SEARCH parameters.
	- imapc: Fixed a crash when message had more than 8 keywords.
	- imapc: Don't crash on APPEND/COPY if server doesn't support UIDPLUS.

v2.1.7 2012-05-29  Timo Sirainen <tss@iki.fi>

	* LDAP: Compatibility fix for v2.0: ldap: If attributes contain
	  ldapAttr=key=template%$ and ldapAttr doesn't exist, skip the key
	  instead of using "template" value with empty %$ part for the key.

	+ pop3: Added pop3_uidl_duplicates setting for changing the behavior
	  for duplicate UIDLs.
	+ director: Added "doveadm director ring remove" command.
	- director: Don't crash with quickly disconnecting incoming director
	  connections.
	- mdbox: If mail was originally saved to non-INBOX, and namespace
	  prefix is non-empty, don't assert-crash when rebuilding indexes.
	- sdbox: Don't use more fds than necessary when copying mails.
	- auth: Fixed crash with DIGEST-MD5 when attempting to do master user
	  login without master passdbs. 
	- Several fixes to mail_shared_explicit_inbox=no
	- imapc: Use imapc_list_prefix also for listing subscriptions.

v2.1.6 2012-05-07  Timo Sirainen <tss@iki.fi>

	* Session ID is now included by default in auth and login process
	  log lines. It can be added to mail processes also by adding
	  %{session} to mail_log_prefix.

	+ Added ssl_require_crl setting, which specifies if CRL check must
	  be successful when verifying client certificates.
	+ Added mail_shared_explicit_inbox setting to specify if a shared INBOX
	  should be accessible as "shared/$user" or "shared/$user/INBOX".
	- v2.1.5: Using "~/" as mail_location or elsewhere failed to actually
	  expand it to home directory.
	- dbox: Fixed potential assert-crash when reading dbox files.
	- trash plugin: Fixed behavior when quota is already over limit.
	- mail_log plugin: Logging "copy" event didn't work.
	- Proxying to backend server with SSL: Verifying server certificate
	  name always failed, because it was compared to an IP address.

v2.1.5 2012-04-23  Timo Sirainen <tss@iki.fi>

	* IMAP: When neither the session nor the mailbox has modseq tracking
	  enabled, return the mailbox as having NOMODSEQ in SELECT/EXAMINE
	  reply. Old versions in this situation always simply returned
	  HIGHESTMODSEQ as 1, which could have broken some clients.

	+ dict file: Added optional fcntl/flock locking (default is dotlock)
	+ fts-solr: doveadm fts rescan now resets indexes, which allows
	  reindexing mails. (This isn't a full rescan implementation like
	  fts-lucene has.)
	+ doveadm expunge: Added -d parameter to delete mailbox if it's
	  empty after expunging.
	- IMAP: Several fixes related to mailbox listing in some configs
	- director: A lot of fixes and performance improvements
	- v2.1.4 didn't work without a mail home directory set
	- mbox: Deleting a mailbox didn't delete its index files.
	- pop3c: TOP command was sent incorrectly
	- trash plugin didn't work properly
	- LMTP: Don't add a duplicate Return-Path: header when proxying.
	- listescape: Don't unescape namespace prefixes.

v2.1.4 2012-04-09  Timo Sirainen <tss@iki.fi>

	+ Added mail_temp_scan_interval setting and changed its default value
	  from 8 hours to 1 week.
	+ Added pop3-migration plugin for easily doing a transparent IMAP+POP3
	  migration to Dovecot: http://wiki2.dovecot.org/Migration/Dsync
	+ doveadm user: Added -m parameter to show some of the mail settings.
	- Proxying SSL connections crashed in v2.1.[23]
	- fts-solr: Indexing mail bodies was broken.
	- director: Several changes to significantly improve error handling
	- doveadm import didn't import messages' flags
	- mail_full_filesystem_access=yes was broken
	- Make sure IMAP clients can't create directories when accessing
	  nonexistent users' mailboxes via shared namespace.
	- Dovecot auth clients authenticating via TCP socket could have failed
	  with bogus "PID already in use" errors.

v2.1.3 2012-03-16  Timo Sirainen <tss@iki.fi>

	- mdbox was broken in v2.1.2

v2.1.2 2012-03-15  Timo Sirainen <tss@iki.fi>

	+ Initial implementation of dsync-based replication. For now this
	  should be used only on non-critical systems.
	+ Proxying: POP3 now supports sending remote IP+port from proxy to
	  backend server via Dovecot-specific XCLIENT extension.
	+ Proxying: proxy_maybe=yes with host=<hostname> (instead of IP)
	  works now properly.
	+ Proxying: Added auth_proxy_self setting
	+ Proxying: Added proxy_always extra field (see wiki docs)
	+ Added director_username_hash setting to specify what part of the
	  username is hashed. This can be used to implement per-domain
	  backends (which allows safely accessing shared mailboxes within
	  domain).
	+ Added a "session ID" string for imap/pop3 connections, available
	  in %{session} variable. The session ID passes through Dovecot
	  IMAP/POP3 proxying to backend server. The same session ID is can be
	  reused after a long time (currently a bit under 9 years). 
	+ passdb checkpassword: Support "credentials lookups" (for
	  non-plaintext auth and for lmtp_proxy lookups)
	+ fts: Added fts_index_timeout setting to abort search if indexing
	  hasn't finished by then (default is to wait forever). 
	- doveadm sync: If mailbox was expunged empty, messages may have
	  become back instead of also being expunged in the other side.
	- director: If user logged into two directors while near user
	  expiration, the directors might have redirected the user to two
	  different backends.
	- imap_id_* settings were ignored before login.
	- Several fixes to mailbox_list_index=yes
	- Previous v2.1.x didn't log all messages at shutdown.
	- mbox: Fixed accessing Dovecot v1.x mbox index files without errors.

v2.1.1 2012-02-23  Timo Sirainen <tss@iki.fi>

	+ dsync: If message with same GUID is saved multiple times in session,
	  copy it instead of re-saving. 
	- acl plugin + autocreated mailboxes crashed when listing mailboxes
	- doveadm force-resync: Don't skip autocreated mailboxes (especially
	  INBOX). 
	- If process runs out of fds, stop listening for new connections only
	  temporarily, not permanently (avoids hangs with process_limit=1
	  services)
	- auth: passdb imap crashed for non-login authentication (e.g. smtp).

v2.1.0 2012-02-16  Timo Sirainen <tss@iki.fi>

	* Plugins now use UTF-8 mailbox names rather than mUTF-7:
	  acl, autocreate, expire, trash, virtual
	* auth_username_format default changed to %Lu. If you really want
	  case sensitive usernames, set it back to empty.
	* Solr full text search backend changed to use mailbox GUIDs instead of
	  mailbox names, requiring reindexing everything. solr_old backend can
	  be used with old indexes to avoid reindexing, but it doesn't support
	  some newer features.
	* Expire plugin: Only go through users listed by userdb iteration.
	  Delete dict rows for nonexistent users, unless
	  expire_keep_nonexistent_users=yes.
	* Temporary authentication failures sent to IMAP/POP3 clients
	  now includes the server's hostname and timestamp. This makes it
	  easier to find the error message from logs.
	* dsync was merged into doveadm. There is still "dsync" symlink
	  pointing to "doveadm", which you can use the old way for now.
	  The preferred ways to run dsync are "doveadm sync" (for old "dsync
	  mirror") and "doveadm backup".

	+ imapc (= IMAP client) storage allows using a remote IMAP server to
	  be used as storage. This allows using Dovecot as a smart (caching)
	  proxy or using dsync to do migration from remote IMAP server.
	+ Mailbox indexing via queuing indexer service (required for Lucene)
	+ Lucene full text search (FTS) backend rewritten with support for
	  different languages
	+ FTS finally supports "OR" search operation
	+ FTS supports indexing attachments via external programs
	+ IMAP FUZZY extension, supported by Lucene and Solr FTS backends
	+ IMAP SPECIAL-USE extension to describe mailboxes
	+ Mailbox list indexes
	+ Statistics tracking via stats service. Exported via doveadm stats.
	+ Autocreate plugin creates/subscribes mailboxes physically only when
	  the mailbox is opened for the first time. Mailbox listing shows the
	  autocreated mailboxes even if they don't physically exist.
	+ Password and user databases now support default_fields and
	  override_fields settings to specify template defaults/overrides.
	+ SCRAM-SHA-1 authentication mechanism by Florian Zeitz
	+ LDAP: Allow building passdb/userdb extra fields from multiple LDAP
	  attributes by using %{ldap:attributeName} variables in the template.
	+ Improved multi-instance support: Track automatically which instances
	  are started up and manage the list with doveadm instance commands.
	  All Dovecot commands now support -i <instance_name> parameter to
	  select the instance (instead of having to use -c <config path>).
	  See instance_name setting.
	+ auth: Implemented support for Postfix's "TCP map" sockets for
	  user existence lookups.
	- listescape plugin works perfectly now

v2.1.rc7 2012-02-15  Timo Sirainen <tss@iki.fi>

	+ Added ignore_on_failure setting for namespaces. If namespace
	  initialization fails with this enabled (e.g. permission denied),
	  the namespace is silently skipped for the user.

v2.1.rc6 2012-02-12  Timo Sirainen <tss@iki.fi>

	* Added automatic mountpoint tracking and doveadm mount commands to
	  manage the list. If a mountpoint is unmounted, error handling is
	  done by assuming that the files are only temporarily lost. This is
	  especially helpful if dbox alt storage becomes unmounted.
	* Expire plugin: Only go through users listed by userdb iteration.
	  Delete dict rows for nonexistent users, unless
	  expire_keep_nonexistent_users=yes.
	* LDA's out-of-quota and Sieve's reject mails now include DSN report
	  instead of MDN report.

	+ LDAP: Allow building passdb/userdb extra fields from multiple LDAP
	  attributes by using %{ldap:attributeName} variables in the template.
	+ doveadm log errors shows the last 1000 warnings and errors since
	  Dovecot was started.
	+ Improved multi-instance support: Track automatically which instances
	  are started up and manage the list with doveadm instance commands.
	  All Dovecot commands now support -i <instance_name> parameter to
	  select the instance (instead of having to use -c <config path>).
	  See instance_name setting.
	+ doveadm mailbox delete: Added -r parameter to delete recursively
	+ doveadm acl: Added "add" and "remove" commands.
	+ Updated to Unicode v6.1
	- mdbox: When saving to alt storage, Dovecot didn't append as much
	  data to m.* files as it could have.
	- dbox: Fixed error handling when saving failed or was aborted
	- IMAP: Using COMPRESS extension may have caused assert-crashes
	- IMAP: THREAD REFS sometimes returned invalid (0) nodes.
	- dsync: Fixed handling non-ASCII characters in mailbox names.

v2.1.rc5 2012-01-26  Timo Sirainen <tss@iki.fi>

	* Temporary authentication failures sent to IMAP/POP3 clients
	  now includes the server's hostname and timestamp. This makes it
	  easier to find the error message from logs.

	+ auth: Implemented support for Postfix's "TCP map" sockets for
	  user existence lookups.
	+ auth: Idling auth worker processes are now stopped. This reduces
	  error messages about MySQL disconnections.
	- director: With >2 directors ring syncing might have stalled during
	  director connect/disconnect, causing logins to fail.
	- LMTP client/proxy: Fixed potential hanging when sending (big) mails
	- Compressed mails with external attachments (dbox + SIS + zlib) failed
	  sometimes with bogus "cached message size wrong" errors.

v2.1.rc4 was never actually released, but was accidentally tagged in hg.

v2.1.rc3 2012-01-06  Timo Sirainen <tss@iki.fi>

	- Added missing file that prevented v2.1.rc2 from compiling..

v2.1.rc2 2012-01-06  Timo Sirainen <tss@iki.fi>

	* dsync was merged into doveadm. There is still "dsync" symlink
	  pointing to "doveadm", which you can use the old way for now.
	  The preferred ways to run dsync are "doveadm sync" (for old "dsync
	  mirror") and "doveadm backup".

	+ IMAP SPECIAL-USE extension to describe mailboxes
	+ Added mailbox {} sections, which deprecate autocreate plugin
	+ lib-fs: Added "mode" parameter to "posix" backend to specify mode
	  for created files/dirs (for mail_attachment_dir).
	+ inet_listener names are now used to figure out what type the socket
	  is when useful. For example naming service auth { inet_listener } to
	  auth-client vs. auth-userdb has different behavior.
	+ Added pop3c (= POP3 client) storage backend.
	- LMTP proxying code was simplified, hopefully fixing its problems.
	- dsync: Don't remove user's subscriptions for subscriptions=no
	  namespaces.

v2.1.rc1 2011-11-24  Timo Sirainen <tss@iki.fi>

	* Plugins now use UTF-8 mailbox names rather than mUTF-7:
	  acl, autocreate, expire, trash, virtual
	* auth_username_format default changed to %Lu. If you really want
	  case sensitive usernames, set it back to empty.
	* Solr full text search backend changed to use mailbox GUIDs instead of
	  mailbox names, requiring reindexing everything. solr_old backend can
	  be used with old indexes to avoid reindexing, but it doesn't support
	  some newer features.

	+ imapc (= IMAP client) storage allows using a remote IMAP server to
	  be used as storage. This allows using Dovecot as a smart (caching)
	  proxy or using dsync to do migration from remote IMAP server.
	+ Mailbox indexing via queuing indexer service (required for Lucene)
	+ Lucene full text search (FTS) backend rewritten with support for
	  different languages
	+ FTS finally supports "OR" search operation
	+ FTS supports indexing attachments via external programs
	+ IMAP FUZZY extension, supported by Lucene and Solr FTS backends
	+ IMAP SPECIAL-USE extension to describe mailboxes
	+ Mailbox list indexes
	+ Statistics tracking via stats service. Exported via doveadm stats.
	+ Autocreate plugin creates/subscribes mailboxes physically only when
	  the mailbox is opened for the first time. Mailbox listing shows the
	  autocreated mailboxes even if they don't physically exist.
	+ Password and user databases now support default_fields and
	  override_fields settings to specify template defaults/overrides.
	+ SCRAM-SHA-1 authentication mechanism by Florian Zeitz
	- listescape plugin works perfectly now

v2.0.15 2011-09-16  Timo Sirainen <tss@iki.fi>

	+ doveadm altmove: Added -r parameter to move mails back to primary
	  storage.
	- v2.0.14: Index reading could have eaten a lot of memory in some
	  situations
	- doveadm index no longer affects future caching decisions
	- mbox: Fixed crash during mail delivery when mailbox didn't yet have
	  GUID assigned to it.
	- zlib+mbox: Fetching last message from compressed mailboxes crashed.
	- lib-sql: Fixed load balancing and error handling when multiple hosts
	  are used.

v2.0.14 2011-08-29  Timo Sirainen <tss@iki.fi>

	+ doveadm: Added support for running mail commands by proxying to
	  another doveadm server.
	+ Added "doveadm proxy list" and "doveadm proxy kick" commands to
	  list/kick proxy connections (via a new "ipc" service).
	+ Added "doveadm director move" to assign user from one server to
	  another, killing any existing connections.
	+ Added "doveadm director ring status" command.
	+ userdb extra fields can now return name+=value to append to an
	  existing name, e.g. "mail_plugins+= quota".
	- script-login attempted an unnecessary config lookup, which usually
	  failed with "Permission denied".
	- lmtp: Fixed parsing quoted strings with spaces as local-part for
	  MAIL FROM and RCPT TO.
	- imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
	  returned all data sometimes.
	- ldap: Fixed random assert-crashing with with sasl_bind=yes.
	- Fixes to handling mail chroots
	- Fixed renaming mailboxes under different parent with FS layout when
	  using separate ALT, INDEX or CONTROL paths.
	- zlib: Fixed reading concatenated .gz files.

v2.0.13 2011-05-11  Timo Sirainen <tss@iki.fi>

	+ Added "doveadm index" command to add unindexed messages into
	  index/cache. If full text search is enabled, it also adds unindexed
	  messages to the fts database.
	+ added "doveadm director dump" command.
	+ pop3: Added support for showing messages in "POP3 order", which can 
	  be different from IMAP message order. This can be useful for
	  migrations from other servers. Implemented it for Maildir as 'O'
	  field in dovecot-uidlist.
	- doveconf: Fixed a wrong "subsection has ssl=yes" warning.
	- mdbox purge: Fixed wrong warning about corrupted extrefs.
	- sdbox: INBOX GUID changed when INBOX was autocreated, leading to
	  trouble with dsync.
	- script-login binary wasn't actually dropping privileges to the
	  user/group/chroot specified by its service settings.
	- Fixed potential crashes and other problems when parsing header names
	  that contained NUL characters.

v2.0.12 2011-04-12  Timo Sirainen <tss@iki.fi>

	+ doveadm: Added "move" command for moving mails between mailboxes.
	+ virtual: Added support for "+mailbox" entries that clear \Recent
	  flag from messages (default is to preserve them).
	- dbox: Fixes to handling external attachments
	- dsync: More fixes to avoid hanging with remote syncs
	- dsync: Many other syncing/correctness fixes
	- doveconf: v2.0.10 and v2.0.11 didn't output plugin {} section right

v2.0.11 2011-03-07  Timo Sirainen <tss@iki.fi>

	* dotlock_use_excl setting's default was accidentally "no" in all
	  v2.0.x releases, instead of "yes" as in v1.1 and v1.2. Changed it
	  back to "yes."

	- v2.0.10: LDAP support was broken
	- v2.0.10: dsyncing to remote often hanged (timed out in 15 mins)

v2.0.10 2011-03-04  Timo Sirainen <tss@iki.fi>

	* LMTP: For user+detail@domain deliveries, the +detail is again written
	  to Delivered-To: header.
	* Skip auth penalty checks from IPs in login_trusted_networks.

	+ Added import_environment setting.
	+ Added submission_host setting to send mails via SMTP instead of
	  via sendmail binary.
	+ Added doveadm acl get/set/delete commands for ACL manipulation,
	  similar to how IMAP ACL extension works.
	+ Added doveadm acl debug command to help debug and fix problems
	  with why shared mailboxes aren't working as expected.
	- IMAP: Fixed hangs with COMPRESS extension
	- IMAP: Fixed a hang when trying to COPY to a nonexistent mailbox. 
	- IMAP: Fixed hang/crash with SEARCHRES + pipelining $.
	- IMAP: Fixed assert-crash if IDLE+DONE is sent in same TCP packet. 
	- LMTP: Fixed sending multiple messages in a session.
	- doveadm: Fixed giving parameters to mail commands. 
	- doveadm import: Settings weren't correctly used for the
	  import storage.
	- dsync: Fixed somewhat random failures with saving messages to
	  remote dsync.
	- v2.0.9: Config reload didn't notify running processes with
	  shutdown_clients=no, so they could have kept serving new clients
	  with old settings.

v2.0.9 2011-01-13  Timo Sirainen <tss@iki.fi>

	- Linux: Fixed a high system CPU usage / high context switch count
	  performance problem
	- Maildir: Avoid unnecessarily reading dovecot-uidlist while opening
	  mailbox.
	- Maildir: Fixed renaming child mailboxes when namespace had a prefix.
	- mdbox: Don't leave partially written messages to mdbox files when
	  aborting saving.
	- Fixed master user logins when using userdb prefetch
	- lda: Fixed a crash when trying to send "out of quota" reply
	- lmtp: If delivering duplicate messages to same user's INBOX,
	  create different GUIDs for them. This helps to avoid duplicate
	  POP3 UIDLs when pop3_uidl_format=%g.
	- virtual storage: Fixed saving multiple mails in a transaction
	  (e.g. copy multiple messages).
	- dsync: Saved messages' save-date was set to 1970-01-01.

v2.0.8 2010-12-03  Timo Sirainen <tss@iki.fi>

	* Services' default vsz_limits weren't being enforced correctly in
	  earlier v2.0 releases. Now that they are enforced, you might notice
	  that the default limits are too low and you need to increase them.
	  This problem will show up in logs as "out of memory" errors.
	  See default_vsz_limit and service { vsz_limit } settings.
	* LMTP: In earlier versions if mail was delivered to user+detail@domain
	  address, LMTP server always attempted to deliver the mail to mailbox
	  named "detail". This was rather unintentional and shouldn't have been
	  the default. lmtp_save_to_detail_mailbox=yes setting now preserves
	  this behavior (default is no).

	+ Added systemd support (configure --with-systemdsystemunitdir).
	  Based on patch by Christophe Fergeau.
	+ Replaced broken mbox-snarf plugin with a new more generic snarf
	  plugin.
	- dbox: Fixes to handling external mail attachments
	- verbose_proctitle=yes didn't work for all processes in v2.0.7
	- imap, pop3: When service { client_count } was larger than 1, the
	  log messages didn't use the correct prefix. Last logged in user's
	  prefix was always used, regardless of what user's session actually
	  logged it. Now the proper log prefix is always used.
	- MySQL: Only the first specified host was ever used

v2.0.7 2010-11-08  Timo Sirainen <tss@iki.fi>

	* master: default_process_limit wasn't actually used anywhere,
	  rather the default was unlimited. Now that it is enforced, you might
	  notice that the default limit is too low and you need to increase it.
	  Dovecot logs a warning when this happens.
	* mail-log plugin: Log mailbox name as virtual name rather than
	  physical name (e.g. namespace prefix is included in the name)

	+ doveadm dump: Added imapzlib type to uncompress IMAP's
	  COMPRESS DEFLATE I/O traffic (e.g. from rawlog).
	- IMAP: Fixed LIST-STATUS when listing subscriptions with
	  subscriptions=no namespaces. 
	- IMAP: Fixed SELECT QRESYNC not to crash on mailbox close if a lot of
	  changes were being sent. 
	- quota: Don't count virtual mailboxes in quota
	- doveadm expunge didn't always actually do the physical expunging
	- Fixed some index reading optimizations introduced by v2.0.5.
	- LMTP proxying fixes

v2.0.6 2010-10-21  Timo Sirainen <tss@iki.fi>

	* Pre-login CAPABILITY includes IDLE again. Mainly to make Blackberry
	  servers happy.
	* auth: auth_cache_negative_ttl default was 0 in earlier v2.0.x, but it
	  was supposed to be 1 hour as in v1.x. Changed it back to 1h.
	  If you want it disabled, make sure doveconf shows it as 0.

	+ dbox: Added support for saving mail attachments to external files,
	  with also support for single instance storage. This feature hasn't
	  had much testing yet, so be careful with it.
	+ doveadm: Added import command for importing mails from other storages.
	+ Reduced NFS I/O operations for index file accesses
	+ dbox, Maildir: When copying messages, copy also already cached fields
	  from dovecot.index.cache
	+ mdbox: Added mdbox_preallocate_space setting (Linux+ext4/XFS only)
	- Maildir: LDA/LMTP assert-crashed sometimes when saving a mail.
	- Fixed leaking fds when writing to dovecot.mailbox.log.
	- Fixed rare dovecot.index.cache corruption
	- IMAP: SEARCH YOUNGER/OLDER wasn't working correctly

v2.0.5 2010-10-01  Timo Sirainen <tss@iki.fi>

	* acl: Fixed the logic of merging multiple ACL entries. Now it works as
	  documented, while previously it could have done slightly different
	  things depending on the order of the entries.
	* virtual: Allow opening virtual mailboxes that refer to non-existing
	  mailboxes. It seems that the benefits of this outweigh the lack of
	  error message when typoing a mailbox name.

	+ Added some disk I/O optimizations to Maildir and index code. They're
	  especially helpful with short-lived connections like POP3.
	+ pop3: Added pop3_fast_size_lookups setting.
	- doveconf sometimes failed with complaining about missing ssl_key
	  setting, causing e.g. dovecot-lda to fail.
	- lda: If there's an error in configuration, doveconf didn't exit with
	  EX_TEMPFAIL as it should have.
	- sdbox: Fixed memory leak when copying messages with hard links. 
	- zlib + sdbox combination didn't work
	- zlib: Fixed several crashes, which mainly showed up with mbox.
	- quota: Don't crash if user has quota disabled, but plugin loaded.
	- doveadm fetch uid was actually returning sequence, not uid.
	- v2.0.4's subscription listing ignored (and logged a warning about)
	  subscriptions=no namespaces' entries in some configurations.
	  (So listing shared mailboxes' subscriptions could have been broken.)
	- acl: Fixed crashing when sometimes listing shared mailboxes via
	  dict proxy.

v2.0.4 2010-09-26  Timo Sirainen <tss@iki.fi>

	* multi-dbox: If :INDEX=path is specified, keep
	  storage/dovecot.map.index* files also in the index path rather than
	  in the main storage directory.

	  WARNING: if you specified :INDEX= with earlier mdbox installation,
	  you must now manually move the storage indexes to the expected
	  directory! Otherwise Dovecot won't see them and will rebuild the
	  indexes, possibly unexpunging some mails.

	- Maildir: Copying messages with hard links sometimes caused the
	  source maildir's entire tmp/ directory to be renamed to destination
	  maildir as if it were a message.
	- Maildir: v2.0.3 broke expunging copied messages sometimes
	- Maildir: INBOX whose tmp/ directory was lost couldn't be opened
	- single-dbox: Messages weren't copied with hard links
	- vpopmail support is hopefully working again.
	- dsync: POP3 UIDLs weren't copied with Maildir
	- dict file: Fixed fd leak (showed up easily with LMTP + quota)

v2.0.3 2010-09-17  Timo Sirainen <tss@iki.fi>

	* dovecot-lda: Removed use of non-standard Envelope-To: header as a
	  default for -a. Set lda_original_recipient_header=Envelope-To to
	  returns the old behavior.

	+ Added support for reverse quota warnings (i.e. when quota goes back
	  under the limit). This is enabled by adding '-' to beginning of
	  quota_warning value. Based on patch by Jeroen Koekkoek.
	+ dovecot-lda: Added lda_original_recipient_header setting, which is
	  used for getting original recipient if -a isn't used.
	+ dovecot-lda: Added -r parameter to specify final recipient address.
	  (It may differ from original address for e.g. aliases.)
	+ Maildir: uidlist file can now override message's GUID, making it
	  possible for multiple messages in a mailbox to have the same GUID.
	  This also fixes dsync's message conflict resolution.
	- dovecot-lda: If destination user isn't found, exit with EX_NOUSER,
	  not EX_TEMPFAIL.
	- dsync: Fixed handling \Noselect mailboxes
	- Fixed an infinite loop introduced by v2.0.2's message parser changes.
	- Fixed a crash introduced by v2.0.2's istream-crlf changes.

v2.0.2 2010-09-08  Timo Sirainen <tss@iki.fi>

	* vpopmail support is disabled for now, since it's broken. You can use
	  it via checkpassword support or its sql/ldap database directly.

	- maildir: Fixed "duplicate uidlist entry" errors that happened at
	  least with LMTP when mail was delivered to multiple recipients
	- Deleting ACLs didn't cause entries to be removed from acl_shared_dict
	- mail_max_lock_timeout setting wasn't working with all locks
	- auth_cache_size setting's old-style value wasn't autoconverted
	  and it usually also caused a crash

v2.0.1 2010-08-24  Timo Sirainen <tss@iki.fi>

	* When dsync is started as root, remote dsync command is now also
	  executed as root instead of with dropped privileges.

	- IMAP: QRESYNC parameters for SELECT weren't handled correctly.
	- UTF-8 string validity checking wasn't done correctly (e.g.
	  mailbox names in Sieve fileinto)
	- dsync: Fixed a random assert-crash with remote dsyncing

v2.0.0 2010-08-16  Timo Sirainen <tss@iki.fi>

	* Dovecot uses two system users for internal purposes now by default:
	  dovenull and dovecot. You need to create the dovenull user or change
	  default_login_user setting.
	* Global ACLs are now looked up using namespace prefixes. For example
	  if you previously had INBOX. namespace prefix and a global ACL for
	  "INBOX.Sent", it's now looked up from "INBOX.Sent" file instead of
	  "Sent" as before.
	* Maildir: File permissions are no longer based on dovecot-shared file,
	  but the mailbox directory.

	+ Redesigned master process. It's now more modular and there is less
	  code running as root.
	+ Configuration supports now per-local/remote ip/network settings.
	+ dsync utility does a two-way mailbox synchronization.
	+ LMTP server and proxying.
	+ Added mdbox (multi-dbox) mail storage backend.
	+ doveadm utility can be used to do all kinds of administration
	  functions. Old dovecotpw and *view utilities now exist in its
	  subcommands.
	+ imap and pop3 processes can now handle multiple connections.
	+ IMAP: COMPRESS=DEFLATE is supported by imap_zlib plugin
	+ director service helps NFS installations to redirect users always
	  to same server to avoid corruption

v2.0.rc6 2010-08-13  Timo Sirainen <tss@iki.fi>

	- dict quota didn't always decrease quota when messages were expunged
	- Shared INBOX wasn't always listed with FS layout

v2.0.rc5 2010-08-09  Timo Sirainen <tss@iki.fi>

	- Using more than 2 plugins could have caused broken behavior
	  (more fixes for this)
	- Listescape plugin fixes
	- mbox: Fixed a couple of assert-crashes
	- mdbox: Fixed potential assert-crash when saving multiple messages
	  in one transaction.

v2.0.rc4 2010-08-04  Timo Sirainen <tss@iki.fi>

	+ director: Added director_doveadm_port for accepting doveadm
	  TCP connections. 
	+ doveadm: Added client/server architecture support for running mail
	  commands. Enable this by setting doveadm_worker_count to non-zero.
	+ mail-log: Added support for mailbox_create event.
	+ imap_capability = +XFOO BAR can be used to add capabilities instead
	  of replacing the whole capability string.
	+ virtual storage: Added support for IDLE notifications. 
	- doveadm mailbox status: Fixed listing non-ASCII mailbox names. 
	- doveadm fetch: Fixed output when fetching message header or body
	- doveadm director map/add/remove: Fixed handling IP address as
	  parameter. 
	- dsync: A few more fixes

v2.0.rc3 2010-07-20  Timo Sirainen <tss@iki.fi>

	* Single-dbox is now called "sdbox" instead of "dbox".
	  "dbox" will stay as an alias for it for now.

	+ Added mail_temp_dir setting, used by deliver and lmtp for creating
	  temporary mail files. Default is /tmp.
	+ doveadm: Added "director map" command to list user -> host mappings.
	- imap: Fixed checking if list=children namespace has children.
	- director: If all login processes died, director stopped reading
	  proxy-notify input and caused future login processes to hang
	- mail_log plugin configuration was broken
	- Using more than 2 plugins could have caused broken behavior
	- mdbox: Race condition fixes related to copying and purging
	- dsync: Lots of fixes

v2.0.rc2 2010-07-09  Timo Sirainen <tss@iki.fi>

	- Fixed a crash with empty mail_plugins
	- Fixed sharing INBOX to other users
	- mdbox: Rebuilding storage was broken in rc1
	- dsync was broken for remote syncs in rc1
	- director+LMTP proxy wasn't working correctly
	- v1.x config parser failed with some settings if pigeonhole wasn't
	  installed.
	- virtual: If non-matching messages weren't expunged within same
	  session, they never got expunged.

v2.0.rc1 2010-07-02  Timo Sirainen <tss@iki.fi>

	* See v2.0.0 notes

v1.2.6 2009-10-05  Timo Sirainen <tss@iki.fi>

	* Upgraded to Unicode 5.2.0

	+ Added authtest utility for doing passdb and userdb lookups.
	+ login: ssl_security string now also shows the used compression.
	- quota: Don't crash with non-Maildir++ quota backend.
	- imap proxy: Fixed crashing with some specific password characters.
	- dovecot --exec-mail was broken.
	- Avoid assert-crashing when two processes try to create index at the
	  same time.

v1.2.5 2009-09-13  Timo Sirainen <tss@iki.fi>

	* Authentication: DIGEST-MD5 and RPA mechanisms no longer require
	  user's login realm to be listed in auth_realms. It only made
	  configuration more difficult without really providing extra security.
	* zlib plugin: Don't allow clients to save compressed data directly.
	  This prevents users from exploiting (most of the) potential security
	  holes in zlib/bzlib.

	+ Added pop3_save_uidl setting.
	+ dict quota: When updating quota and user isn't already in dict,
	  recalculate and save the quota.
	- file_set_size() was broken with OSes that didn't support
	  posix_fallocate() (almost everyone except Linux), causing all kinds
	  of index file errors.
	- v1.2.4 index file handling could have caused an assert-crash
	- IMAP: Fixes to QRESYNC extension.
	- virtual plugin: Crashfix
	- deliver: Don't send rejects to any messages that have Auto-Submitted
	  header. This avoids emails loops.
	- Maildir: Performance fixes, especially with maildir_very_dirty_syncs.
	- Maildir++ quota: Limits weren't read early enough from maildirsize
	  file (when quota limits not enforced by Dovecot)
	- Message decoding fixes (mainly for IMAP SEARCH, Sieve).

v1.2.4 2009-08-17  Timo Sirainen <tss@iki.fi>

	* acl: When looking up ACL defaults, use global/local default files
	  if they exist. So it's now possible to set default ACLs by creating
	  dovecot-acl file to the mail root directory.

	+ imap/pop3 proxy: If proxy destination is known to be down,
	  fail connections to it immediately.
	+ imap/pop3 proxy: Added proxy_timeout passdb extra field to specify
	  proxy's connect timeout.
	- Fixed a crash in index file handling.
	- Fixed a crash in saving messages where message contained a CR
	  character that wasn't followed by LF (and the CR happened to be the
	  last character in an internal buffer).
	- v1.2.3 crashed when listing shared namespace prefix.
	- listescape plugin: Several fixes.
	- autocreate plugin: Fixed autosubscribing to mailboxes in
	  subscriptions=no namespaces.

v1.2.3 2009-08-07  Timo Sirainen <tss@iki.fi>

	* Mailbox names with control characters can't be created anymore.
	  Existing mailboxes can still be accessed though.

	+ Allow namespace prefix to be opened as mailbox, if a mailbox
	  already exists in the root dir.
	- Maildir: dovecot-uidlist was being recreated every time a mailbox
	  was accessed, even if nothing changed.
	- listescape plugin was somewhat broken
	- Compiling fixes for non-Linux/BSDs
	- imap: tb-extra-mailbox-sep workaround was broken.
	- ldap: Fixed hang when >128 requests were sent at once.
	- fts_squat: Fixed crashing when searching virtual mailbox.
	- imap: Fixed THREAD .. INTHREAD crashing.

v1.2.2 2009-07-27  Timo Sirainen <tss@iki.fi>

	* GSSAPI: More changes to authentication. Hopefully good now.
	* lazy_expunge plugin: Drop \Deleted flag when moving message.

	+ dovecot -n/-a now outputs also lda settings.
	+ dovecot.conf !include now supports globs (e.g.
	  !include /etc/dovecot/*.conf). Based on patch by Thomas Guthmann.
	+ acl: Support spaces in user/group identifiers.
	+ shared mailboxes: If only %%n is specified in prefix, default to
	  current user's domain.
	- Dovecot master process could hang if it received signals too rapidly.
	- Fixed "corrupted index cache file" errors (and perhaps others) caused
	  by e.g. IMAP's FETCH BODY[] command.
	- IMAP: When QRESYNC is enabled, don't crash when a new mail is
	  received while IDLEing.
	- IMAP: FETCH X-* parameters weren't working.
	- Maildir++ quota: Quota was sometimes updated wrong when it was
	  being recalculated.
	- Searching quoted-printable message body internally converted "_"
	  characters to spaces and didn't match search keys with "_".
	- Messages in year's first/last day may have had broken timezones
	  with OSes not having struct tm->tm_gmtoff (e.g. Solaris).
	- virtual plugin: If another session adds a new mailbox to index,
	  don't crash.

v1.2.1 2009-07-09 Timo Sirainen <tss@iki.fi>

	* GSSAPI: Changed logging levels and improved the messages.
	  Changed the way cross-realm authentication handling is done,
	  hopefully it's working now for everyone.
	* imap/pop3 logins now fail if home directory path is relative.
	  v1.2.0 deliver was already failing with these and they could have
	  caused problems even with v1.1.
	* IMAP: Custom authentication failure messages are now prefixed with
	  [ALERT] to get more clients to actually show them.

	+ Improved some error messages.
	- pop3: AUTH PLAIN was broken when SASL initial response wasn't given.
	- mbox: New mailboxes were created with UIDVALIDITY 1.
	- quota-fs was defaulting to group quota instead of user quota.
	- Fixed ACLs to work with mbox.
	- Fixed fchmod(-1, -1) errors with BSDs
	- convert plugin / convert-tool: Fixed changing hierarchy separators
	  in mailbox names when alt_hierarchy_char isn't set.

v1.2.0 2009-07-01 Timo Sirainen <tss@iki.fi>

	* When creating files or directories to mailboxes, Dovecot now uses
	  the mailbox directory's permissions and GID for them. Previous
	  versions simply used 0600 mode always. For backwards compatibility
	  dovecot-shared file's permissions still override these with Maildir.
	* SQL dictionary (quota) configuration file is different than in v1.1.
	  See doc/dovecot-dict-sql-example.conf for the new format.
	* deliver -m: Mailbox name is now assumed to be in UTF-8 format,
	  not modified-UTF7. Stephan Bosch's new Sieve implementation also
	  assumes UTF-8 format in fileinto parameters.

	+ Full support for shared mailboxes and IMAP ACL extension.
	  The code is mainly from Sascha Wilde and Bernhard Herzog.
	+ IMAP: Added support for extensions: CONDSTORE, QRESYNC, ESEARCH,
	  ESORT, SEARCHRES, WITHIN, ID and CONTEXT=SEARCH.
	+ SEARCH supports INTHREAD search key, but the rest of the INTHREAD
	  draft isn't implemented yet so it's not advertised in capability.
	+ THREAD REFS algorithm where threads are sorted by their latest
	  message instead of the thread root message. There is also no base
	  subject merging.
	+ IMAP: Implemented imap-response-codes draft.
	+ Thread indexes for optimizing IMAP THREAD command and INTHREAD
	  search key.
	+ Added userdb checkpassword (by Sascha Wilde)
	+ Virtual mailboxes: http://wiki.dovecot.org/Plugins/Virtual
	+ Autocreate plugin: http://wiki.dovecot.org/Plugins/Autocreate
	+ Listescape plugin: http://wiki.dovecot.org/Plugins/Listescape

v1.2.rc8 2009-06-30 Timo Sirainen <tss@iki.fi>

	- Fixed building LDAP as plugin
	- Fixed starting up in OS X

v1.2.rc7 2009-06-27 Timo Sirainen <tss@iki.fi>

	* Removed configure --with-deliver, --with-pop3d and --disable-ipv6
	  parameters.

	+ Improved permission related error messages.
	- mbox: Don't write garbage to mbox if message doesn't have a body.
	- virtual: Fixed saving messages with keywords.
	- virtual: Fixed infinite looping bug.
	- zlib: Fixed error handling.

v1.2.rc6 2009-06-22 Timo Sirainen <tss@iki.fi>

	* imap proxy: Pass through to client unexpected untagged replies
	  from remote server (e.g. alerts).
	* Solr: Don't use "any" copyfield, it doubles the index size.
	* mail_location: Allow using ":" characters in dir names by escaping
	  it as "::".

	- mbox: Don't crash with invalid From_-lines.
	- IMAP: Don't crash if IDLE command is pipelined after a long-running
	  UID FETCH or UID SEARCH.
	- ACL / shared mailbox fixes
	- Some metadata files were incorrectly getting 0666 permissions.

v1.2.rc5 2009-06-04 Timo Sirainen <tss@iki.fi>

	* auth_cache_negative_ttl is now used also for password mismatches
	  (currently only with plaintext authentication mechanisms).

	+ Added support for EXTERNAL SASL mechanism.
	+ FETCH X-SAVEDATE can now be used to get messages' save timestamps
	+ deliver_log_format: %s is now in UTF8
	- If message body started with a space, some operations could have
	  assert-crashed.
	- Fixed using LDAP support as a plugin
	- Fixes to virtual mailboxes.

v1.2.rc4 2009-05-17 Timo Sirainen <tss@iki.fi>

	* If /dev/arandom exists, use it instead of /dev/urandom (OpenBSD).
	* When logging to a file, the lines now start with a timestamp instead
	  of "dovecot: " prefix.

	+ IMAP: When multiple commands are pipelined, try harder to combine
	  their mailbox syncing together. For example with Maildir pipelining
	  STORE 1:* +FLAGS \Deleted and EXPUNGE commands the files won't
	  be unnecessarily rename()d before being unlink()ed.
	+ imap-proxy: Send backend's CAPABILITY if it's different from what
	  was sent to client before.
	+ IMAP: struct mail now keeps track of all kinds of statistics, such
	  as number of open()s, stat()s, bytes read, etc. These fields could
	  be exported by some kind of a statistics plugin (not included yet).
	+ IMAP: SEARCH command now dynamically figures out how to run about
	  0.20 .. 0.25 seconds before seeing if there's other work to do.
	  This makes the SEARCH performance much better.
	- Fixes to shared mailbox handling.
	- Fixes to virtual mailboxes.
	- THREAD command could have crashed.
	- Fixes to expire-tool.
	- mbox: Don't break if From_-line is preceded by CRLF (instead of LF).
	- dict process wasn't restarted after SIGHUP was sent to master.

v1.2.rc3 2009-04-16 Timo Sirainen <tss@iki.fi>

	* IMAP proxy no longer simply forwards tagged reply from
	  remote authentication command. It's now done only if the remote
	  server sent a [resp-code], otherwise all failure strings are
	  converted to Dovecot's "Authentication failed." to make sure that
	  if remote isn't using Dovecot it won't reveal user's existence.

	+ Quota roots can now specify which namespace's quota they're
	  tracking. This is probably the most useful for giving public
	  namespaces a quota.
	+ Added imap_idle_notify_interval setting.
	- Fixes to shared mailbox handling
	- Fixes to virtual mailboxes
	- Fixed compiling with some FreeBSD and NetBSD versions
	- THREAD REFS still might have returned one (0) at the beginning.
	- deliver wasn't using mail_access_groups setting.
	- Fixed some error handling in maildir and index code.

v1.2.rc2 2009-04-03  Timo Sirainen <tss@iki.fi>

	- rquota.x file was missing from rc1 distribution, causing compiling
	  to fail.

v1.2.rc1 2009-04-03  Timo Sirainen <tss@iki.fi>

	* See v1.2.0 notes

v1.1.5 2008-10-22  Timo Sirainen <tss@iki.fi>

	* Dovecot prints an informational message about authentication problems
	  at startup. The message goes away after the first successful
	  authentication. This hopefully reduces the number of "Why doesn't
	  my authentication work?" questions.

	+ Maildir/dbox: Try harder to assign unique UIDVALIDITY values to
	  mailboxes to avoid potential problems when recreating or renaming
	  mailboxes. The UIDVALIDITY is tracked using dovecot-uidvalidity*
	  files in the mail root directory.
	+ Many logging improvements
	- In some conditions Dovecot could have stopped using existing cache
	  file and never used it again until it was deleted.
	- pop3 + Maildir: Make sure virtual sizes are always written to
	  dovecot-uidlist. This way if the indexes are lost Dovecot will never
	  do a huge amount of work to recalculate them.
	- mbox: Fixed listing mailboxes in namespaces with prefix beginning
	  with '~' or '/' (i.e. UW-IMAP compatibility namespaces didn't work).
	- dict quota: Don't crash when recalculating quota (when quota warnings
	  enabled).
	- Fixes to handling "out of disk space/quota" failures.
	- Blocking passdbs/userdbs (e.g. PAM, MySQL) could have failed lookups
	  sometimes when auth_worker_max_request_count was non-zero.
	- Fixed compiling with OpenBSD

v1.1.4 2008-10-05  Timo Sirainen <tss@iki.fi>

	- SORT: Yet another assert-crashfix when renumbering index sort IDs.
	- ACL plugin fixes: Negative rights were actually treated as positive
	  rights. 'k' right didn't prevent creating parent/child/child mailbox.
	  ACL groups weren't working.
	- Maildir++ quota: Fixes to rebuilding when quota limit wasn't
	  specified in Dovecot (0 limit or limit read from maildirsize).
	- mbox: Several bugfixes causing errors and crashes.
	- Several fixes to expire plugin / expire-tool.
	- lock_method=dotlock could have deadlocked with itself.
	- Many error handling fixes and log message improvements.

v1.1.3 2008-09-02  Timo Sirainen <tss@iki.fi>

	* mail_max_userip_connections limit no longer applies to master user
	  logins.

	+ login_log_format_elements: Added %k to show SSL protocol/cipher
	  information. Not included by default.
	+ imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
	+ deliver: Added -s parameter to autosubscribe to autocreated mailboxes.
	- message parser fixes - hopefully fixes an infinite looping problem
	- SORT: One more assert-crashfix when renumbering index sort IDs.
	- mbox: Saving may have truncated the mail being saved
	- mbox: Several other bugfixes
	- mail_full_filesystem_access=yes was broken when listing mailboxes
	  (it still is with maildir++ layout).
	- maildirlock utility was somewhat broken
	- zlib plugin: bzip2 support was somewhat broken
	- NFS: Make sure writing to files via output streams don't
	  assert-crash when write() returns only partial success.

v1.1.2 2008-07-24  Timo Sirainen <tss@iki.fi>

	+ Added full text search indexing support for Apache Lucene Solr
	  server: http://wiki.dovecot.org/Plugins/FTS/Solr
	+ IMAP SORT: Added X-SCORE sort key for use with Solr searches.
	+ zlib plugin supports now bzip2 also.
	+ quota: All backends now take noenforcing parameter.
	+ Maildir: Add ,S=<size> to maildir filename whenever quota plugin
	  is loaded, even when not using Maildir++ quota.
	+ deliver: Allow lda section to override plugin settings.
	+ deliver: Giving a -m <namespace prefix> parameter now silently saves
	  the mail to INBOX. This is useful for e.g. -m INBOX/${extension}
	+ Added a new maildirlock utility for write-locking Dovecot Maildir.
	+ dict-sql: Support non-MySQL databases by assuming they implement the
	  "INSERT .. ON DUPLICATE KEY" using an INSERT trigger.
	- SORT: Fixed several crashes/errors with sort indexing.
	- IMAP: BODYSTRUCTURE is finally RFC 3501 compliant. Earlier versions
	  didn't include Content-Location support.
	- IMAP: Fixed bugs with listing INBOX.
	- Maildir: maildirfolder file wasn't created when dovecot-shared
	  file existed on the root directory
	- deliver didn't expand %variables in namespace location settings.
	- zlib: Copying non-compressed messages resulted in empty mails
	  (except when hardlink-copying between maildirs).
	- mbox-snarf plugin was somewhat broken
	- deliver + Maildir: If uidlist couldn't be locked while saving,
	  we might have assert-crashed
	- mbox: Fixed an assert-crash with \Recent flag handling

v1.1.1 2008-06-22  Timo Sirainen <tss@iki.fi>

	- Maildir: When migrating from v1.0 with old format dovecot-uidlist
	  files, Dovecot may have appended lines to it using the new format and
	  later broken with "UID larger than next_uid" error.

v1.1.0 2008-06-21  Timo Sirainen <tss@iki.fi>

No changes since v1.1.rc13. Below are the largest changes since v1.0:

	* After Dovecot v1.1 has modified index or dovecot-uidlist files,
	  they can't be opened anymore with Dovecot versions earlier than
	  v1.0.2.
	* See doc/wiki/Upgrading.1.1.txt (or for latest changes,
	  http://wiki.dovecot.org/Upgrading/1.1) for list of changes since
	  v1.0 that you should be aware of when upgrading.

	+ IMAP: Added support for UIDPLUS and LIST-EXTENDED extensions.
	+ IMAP SORT: Sort keys are indexed, which makes SORT commands faster.
	+ When saving messages, update cache file immediately with the data
	  that we expect client to fetch later.
	+ NFS caches are are flushed whenever needed. See mail_nfs_storage and
	  mail_nfs_index settings.
	+ Out of order command execution (SEARCH, FETCH, LIST), nonstandard
	  command cancellation (X-CANCEL <tag>)
	+ IMAP: STATUS-IN-LIST draft implementation
	+ Expire plugin can be used to keep track of oldest messages in
	  specific mailboxes. A nightly run can then quickly expunge old
	  messages from the mailboxes that have them. The tracking is done
	  using lib-dict, so you can use either Berkeley DB or SQL database.
	+ Namespaces are supported everywhere now.
	+ Namespaces have new list and subscriptions settings.
	+ Full text search indexing support with Lucene and Squat backends.
	+ OTP and S/KEY authentication mechanisms (by Andrey Panin).
	+ mbox and Maildir works with both Maildir++ and FS layouts. You can
	  change these by appending :LAYOUT=maildir++ or :LAYOUT=fs to
	  mail_location.
	+ LDAP: Support templates in pass_attrs and user_attrs
	+ Support for listening in multiple IPs/ports.
	+ Quota plugin rewrite: Support for multiple quota roots, warnings,
	  allow giving storage size in bytes or kilo/mega/giga/terabytes,
	  per-mailbox quota rules.
	+ Filesystem quota backend supports inode limits, group quota and
	  RPC quota for NFS.
	+ SEARCH and SORT finally compare non-ASCII characters
	  case-insensitively. We use i;unicode-casemap algorithm.
	+ Config files support splitting values to multiple lines with \

v1.1.rc13 2008-06-20  Timo Sirainen <tss@iki.fi>

	- mbox: Fixed a crash when adding a new X-IMAPbase: header with
	  keywords.
	- Message parser: Fixed assert-crash if cached MIME structure was
	  broken.
	- Squat: Potential crashfix with mmap_disable=yes.

v1.1.rc12 2008-06-19  Timo Sirainen <tss@iki.fi>

	- mbox: Don't give "Can't find next message offset" warnings when
	  plugin (e.g. quota) accesses the message being saved.
	- deliver: Settings inside protocol imap {} weren't ignored.

v1.1.rc11 2008-06-19  Timo Sirainen <tss@iki.fi>

	- dovecot-uidlist is now recreated if it results in file shrinking
	  over 25%.
	- Some other minor fixes

v1.1.rc10 2008-06-13  Timo Sirainen <tss@iki.fi>

	* LIST X-STATUS renamed to LIST STATUS and fixed its behavior with
	  LIST-EXTENDED options. It's now compatible with STATUS-IN-LIST
	  draft 00.

	- Message parsing could have sometimes produced incorrect results,
	  corrupting BODY/BODYSTRUCTURE replies and perhaps others.
	- SORT: Fixed several bugs
	- FreeBSD 7.0: Environment clearing wasn't working correctly.
	  This caused "environment corrupted" problems at least with deliver
	  trying to call sendmail and running Dovecot from inetd.
	- HP-UX: Several fixes to get it to work (by Christian Corti)
	- Fixes to using expire plugin with SQL dictionary.
	- dbox fixes

v1.1.rc9 2008-06-09  Timo Sirainen <tss@iki.fi>

	+ Maildir: When hardlink-copying a file, copy the W=<vsize> in the
	  filename if it exists in the original filename.
	- mbox: With rc8 empty lines were inserted in the middle of saved
	  mails' headers.
	- maildir: Fixed problems with opening newly saved messages which we
	  saw in index file but couldn't see in dovecot-uidlist. Happened only
	  when messages weren't saved via Dovecot (deliver or IMAP).
	- Several bugfixes to handling sort indexes
	- deliver: Boolean settings that were supposed to default to "yes" were
	  set to "no" unless explicitly defined in dovecot.conf:
	  dotlock_use_excl, maildir_copy_with_hardlinks, mbox_dirty_syncs,
	  mbox_lazy_writes.

v1.1.rc8 2008-06-03  Timo Sirainen <tss@iki.fi>

	+ deliver: Added -p parameter to provide path to delivered mail.
	  This allows maildir to save identical mails to multiple recipients
	  using hard links.
	- rc6/rc7 broke POP3 with non-Maildir formats
	- mbox: Saving a message without a body or the end-of-headers line
	  could have caused an assert-crash later.
	- Several dbox fixes

v1.1.rc7 2008-05-30  Timo Sirainen <tss@iki.fi>

	- Fixed compiling problems with non-Linux OSes

v1.1.rc6 2008-05-30  Timo Sirainen <tss@iki.fi>

	* Index file format changed a bit. If an older Dovecot v1.1 reads
	  index files updated by rc6+, they may give "Invalid header record
	  size" or "ext reset: invalid record size" warnings. v1.0 won't give
	  these errors.
	* IMAP: LIST .. RETURN (X-STATUS) command return now LIST entries
	  before STATUS entries.
	* zlib plugin: Uncompress if the message begins with zlib header
	  instead of looking at the 'Z' flag. This fixes copying with hard
	  links. Based on a patch by Richard Platel.

	+ IMAP: SORT index handling code was half-rewritten to fix several bugs
	  when multiple sessions were sorting at the same time. The new code is
	  hopefully also faster.
	+ Maildir: If POP3 UIDL extra field is found from dovecot-uidlist,
	  it's used instead of the default UIDL format (or X-UIDL: header).
	  This allows easily preserving UIDLs when migrating from other POP3
	  servers. Patch by Nicholas Von Hollen @ Mailtrust.
	+ Maildir: ,W=<vsize> is now always added to maildir filenames
	+ deliver: Avoid reading dovecot-uidlist's contents if possible.
	+ Added %T modifier = Trim whitespace from end of string
	- IMAP: Fixed some bugs in LIST-EXTENDED implementation.
	- IMAP: If client tries to change the selected mailbox state while
	  another command is still running, wait until the command is finished.
	  This fixes some crashes and other unwanted behavior.
	- allow_nets userdb setting was broken with big endian CPUs

v1.1.rc5 2008-05-05  Timo Sirainen <tss@iki.fi>

	+ Support cross-realm Kerberos 5 authentication. Based on patch by
	  Zachary Kotlarek.
	+ Added dict_db_config setting to point to a Berkeley DB config file.
	+ If mail_chroot ends with "/.", remove chroot prefix from home
	  directory.
	- Fixed several bugs and memory leaks in ACL plugin. LIST and LSUB
	  may have listed mailboxes where user had no 'l' access. STORE could
	  have been used to update any flags without appropriate access.
	- mbox: Valid-looking From_-lines in message bodies caused the message
	  to be split to two messages (broken since v1.0).
	- Plugin initialization hooks were called in wrong order, possibly
	  causing problems when multiple plugins were used at the same time.
	- Expire plugin was broken
	- LIST-EXTENDED options were ignored.
	- LDAP: Static attribute names weren't working correctly
	- deliver: mail_uid and mail_gid settings weren't used.
	- pop3 + maildir++ quota: maildirsize file wasn't created if it 
	  didn't exist already.
	- dnotify: Waiting for dotlock to be deleted used 100% CPU

v1.1.rc4 2008-04-01  Timo Sirainen <tss@iki.fi>

	* Fixed two buffer overflows in str_find_init(). It was used by
	  SEARCH code when searching for headers or message body. Added code
	  to catch these kind of overflows when compiling with --enable-debug.
	  Found by Diego Liziero.

	+ LDAP: Added debug_level and ldaprc_path settings (OpenLDAP-only)
	+ Squat: Added fts_squat = partial=n full=m settings. See the wiki.
	- dbox metadata updating fixes.
	- quota: backend=n didn't work
	- SEARCH RECENT may have returned non-recent messages if index files
	  were created by v1.0.
	- If mailbox was opened as read-only with EXAMINE, STOREs were
	  permanently saved.
	- LDAP: Templates were somewhat broken (by richs at whidbey.net)

v1.1.rc3 2008-03-09  Timo Sirainen <tss@iki.fi>

	* Fixed a security hole in blocking passdbs (MySQL always. PAM, passwd
	  and shadow if blocking=yes) where user could specify extra fields
	  in the password. The main problem here is when specifying
	  "skip_password_check" introduced in v1.0.11 for fixing master user
	  logins, allowing the user to log in as anyone without a valid
	  password.

	- mail_privileged_group was broken in some systems (OS X, Solaris?)

v1.1.rc2 2008-03-08  Timo Sirainen <tss@iki.fi>

	* mail_extra_groups setting was commonly used insecurely. This setting
	  is now deprecated. Most users should switch to using
	  mail_privileged_group setting, but if you really need the old
	  functionality use mail_access_groups instead.

	+ Expire plugin now supports wildcards in mailbox names.
	+ dbox: Expire plugin supports moving old mails to alternative
	  dbox directory
	+ Maildir++ quota: quota_rule=?:<rule> specifies a default rule
	  which is used only if the maildirsize file doesn't exist.
	+ If SSL/TLS connection isn't closed cleanly, log the last error
	  in the disconnection line.
	+ EXPUNGE: If new \Deleted messages were found while expunging,
	  do it again and expunge them as well (Outlook workaround)
	- IMAP: SEARCH, LIST and THREAD command correctness fixes
	- Maildir++ quota: Quota rules and warnings with % rules didn't work
	  if the default limits were taken from maildirsize file.
	- Maildir++ quota: If both byte and message limits weren't specified,
	  maildirsize file was recalculated all the time
	- mbox: Flag and keyword updates may have gotten lost in some
	  situations (happens with v1.0 too)
	- ldap: Don't crash if userdb lookup fails
	- Squat fixes and performance improvements

v1.1.rc1 2008-02-21  Timo Sirainen <tss@iki.fi>

	* See v1.1.0 notes

v1.0.10 2007-12-29  Timo Sirainen <tss@iki.fi>

	* Security hole with LDAP+auth cache: If base setting contained
	  %variables they weren't included in auth cache key, which broke
	  caching. This could have caused different users with same passwords
	  to log in as each other.

	- LDAP: Fixed potential infinite looping when connection to LDAP
	  server was lost and there were queued requests.
	- mbox: More changes to fix problems caused by v1.0.8 and v1.0.9.
	- Maildir: Fixed a UIDLIST_IS_LOCKED() assert-crash in some conditions
	  (caused by changes in v1.0.9)
	- If protocols=none, don't require imap executables to exist

v1.0.9 2007-12-11  Timo Sirainen <tss@iki.fi>

	+ Maildir: Don't wait on dovecot-uidlist.lock when we just want to
	  find out a new filename for the message.
	- mbox: v1.0.8 changes sometimes caused FETCH to fail with
	  "got too little data", disconnecting the client.
	- Fixed a memory leak when FETCHing message header/body multiple
	  times within a command (e.g. BODY[1] BODY[2])
	- IMAP: Partial body fetching was still slow with mboxes

v1.0.8 2007-11-28  Timo Sirainen <tss@iki.fi>

	+ Authentication: Added "password_noscheme" field that can be used
	  instead of "password". "password" treats "{prefix}" as a password
	  scheme while "password_noscheme" treats it as part of the password
	  itself. So "password_noscheme" should be used if you're storing
	  passwords as plaintext. Non-plaintext passwords never begin
	  with "{", so this isn't a problem with them.
	- IMAP: Partial body fetching was sometimes non-optimal, causing
	  the entire message to be read for every FETCH command.
	- deliver failed to save the message when envelope sender address
	  contained spaces.
	- Maildir++ quota: We could have randomly recalculated quota when
	  it wasn't necessary.
	- Login process could have crashed after logging in if client sent
	  data before "OK Logged in" reply was sent (i.e. before master had
	  replied that login succeeded).
	- Don't assert-crash when reading dovecot.index.logs generated by
	  Dovecot v1.1.
	- Authentication: Don't assert-crash if password beings with "{" but
	  doesn't contain "}".
	- Authentication cache didn't work when using settings that changed
	  the username (e.g. auth_username_format).

v1.0.7 2007-10-29  Timo Sirainen <tss@iki.fi>

	- deliver: v1.0.6's "From " line ignoring could have written to a
	  bad location in stack, possibly causing problems.

v1.0.6 2007-10-28  Timo Sirainen <tss@iki.fi>

	* IDLE: Interval between mailbox change notifies is now 1 second,
	  because some clients keep a long-running IDLE connection and use
	  other connections to actually read the mails.
	* SORT: If Date: header is missing or broken, fallback to using
	  INTERNALDATE (as the SORT draft nowadays specifies).

	+ deliver: If message begins with a "From " line, ignore it.
	+ zlib plugin: If maildir file has a "Z" flag, open it with zlib.
	- CREATE: Don't assert-crash if trying to create namespace prefix.
	- SEARCH: Fixes to handling NOT operator with sequence ranges.
	- LDAP reconnection fixes
	- Maildir: Don't break when renaming mailboxes with '*' or '%'
	  characters and children.
	- mbox: Fixed "file size unexpectedly shrinked" error in some
	  conditions.
	- quota+mbox: Don't fail if trying to delete a directory.
	- Fixes to running from inetd

v1.0.5 2007-09-09  Timo Sirainen <tss@iki.fi>

	- deliver: v1.0.4 broke home directory handling
	- maildir: Creating mailboxes didn't use dovecot-shared's group for
	  cur/new/tmp directories.

v1.0.4 2007-09-08  Timo Sirainen <tss@iki.fi>

	* Assume a MIME message if Content-Type: header exists, even if
	  Mime-Version: header doesn't.

	- IMAP: CREATE ns_prefix/box/ didn't work right when namespace prefix
	  existed.
	- deliver: plugin {} settings were overriding settings from userdb.
	- mbox: Expunging the first message might not have worked always
	- PostgreSQL: If we can't connect to server, timeout queries after
	  a while instead of trying forever.
	- Solaris: sendfile() support was broken and could have caused
	  100% CPU usage and the connection hanging.

v1.0.3 2007-08-01  Timo Sirainen <tss@iki.fi>

	- deliver: v1.0.2's bounce fix caused message to be always saved to
	  INBOX even if Sieve script had discard, reject or redirect commands.
	- LDAP: auth_bind=yes and empty auth_bind_userdn leaked memory
	- ACL plugin: If user was given i (insert) right for a mailbox, but
	  not all s/t/w (seen, deleted, other flags) rights, COPY and APPEND
	  commands weren't supposed to allow saving those flags. This is
	  technically a security fix, but it's unlikely this caused problems
	  for anyone.
	- ACL plugin: i (insert) right didn't work unless user was also given
	  l (lookup) right.
	- Solaris: Fixed filesystem quota for autofs mounts.

v1.0.2 2007-07-15  Timo Sirainen <tss@iki.fi>

	* dbox isn't built anymore by default. It will be redesigned so it
	  shouldn't be used.

	+ Maildir: Support reading dovecot-uidlist (v3) files created by
	  Dovecot v1.1.
	- Maildir: "UIDVALIDITY changed" errors could happen with newly
	  created mailboxes
	- If "INBOX." namespace was used, LIST returned it with \HasNoChildren
	  which caused some clients not to show any other mailboxes.
	- Maildir++ quota: If multiple processes were updating maildirsize
	  at the same time, we failed with "Unknown error".
	- IMAP: IDLE didn't actually disconnect client after 30 minutes of
	  inactivity.
	- LDAP passdb/userdb was leaking memory
	- deliver: %variables in plugin {} weren't expanded
	- deliver: Don't bounce the mail if Sieve plugin returns failure

v1.0.1 2007-06-15  Timo Sirainen <tss@iki.fi>

	* deliver: If Return-Path doesn't contain user and domain, don't try
	  to bounce the mail (this is how it was supposed to work earlier too)
	* deliver: %variables in mail setting coming from userdb aren't
	  expanded anymore (again how it should have worked). The expansion
	  could have caused problems if paths contained any '%' characters.

	+ Print Dovecot version number with dovecot -n and -a
	+ deliver: Added -e parameter to write rejection error to stderr and
	  exit with EX_NOPERM instead of sending the rejection by executing
	  sendmail. 
	+ dovecot --log-error logs now a warning, an error and a fatal
	- Trying to start Dovecot while it's already running doesn't anymore
	  wipe out login_dir and break the running Dovecot.
	- maildir: Fixed "UID larger than next_uid" errors which happened
	  sometimes when dovecot-uidlist file didn't exist but index files did
	  (usually because mailbox didn't have any messages when it was
	  selected for the first time)
	- maildir: We violated maildir spec a bit by not having keyword
	  characters sorted in the filename.
	- maildir: If we don't have write access to cur/ directory, treat the
	  mailbox as read-only. This fixes some internal error problems with
	  trying to use read-only maildirs.
	- maildir: Deleting a symlinked maildir failed with internal error.
	- mbox: pop3_uidl_format=%m wasn't working right
	- mbox: If non-filesystem quota was enabled, we could have failed
	  with "Unexpectedly lost From-line" errors while saving new messages
	- mysql auth: %c didn't work. Patch by Andrey Panin
	- APPEND / SEARCH: If internaldate was outside valid value for time_t,
	  we returned BAD error for APPEND and SEARCH never matched. With 64bit
	  systems this shouldn't have happened. With 32bit systems the valid
	  range is usually for years 1902..2037.
	- COPY: We sent "Hang in there.." too early sometimes and checked it
	  too often (didn't break anything, but was slower than needed).
	- deliver: Postfix's sendmail binary wasn't working with mail_debug=yes
	- Don't corrupt ssl-parameters.dat files when running multiple Dovecot
	  instances.
	- Cache compression caused dovecot.index.cache to be completely deleted
	  with big endian CPUs if 64bit file offsets were used (default)
	- Fixed "(index_mail_parse_header): assertion failed" crash

v1.0.0 2007-04-13  Timo Sirainen <tss@iki.fi>

	+ Documentation updated.

v1.0.rc32 2007-04-12  Timo Sirainen <tss@iki.fi>

	- LDAP, auth_bind=no: Don't crash if doing non-plaintext ldap passdb
	  lookup for unknown user. This also broke deliver when userdb static
	  was used.
	- LDAP, auth_bind=yes and userdb ldap: We didn't wait until bind was
	  finished before sending the userdb request, which could have caused
	  problems.
	- LDAP: Don't break when compiling with OpenLDAP v2.3 library
	- Convert plugin: Don't create "maildirfolder" file to Maildir root.

v1.0.rc31 2007-04-08  Timo Sirainen <tss@iki.fi>

	- mbox: Give "mbox file was modified while we were syncing" error only
	  if we detect some problems in the mbox file. The check can't be
	  trusted with NFS.
	- Convert plugin: If directory for destination storage doesn't exist,
	  create it.
	- Convert plugin: Mailbox names weren't converted in subscription list.

v1.0.rc30 2007-04-06  Timo Sirainen <tss@iki.fi>

	* PAM: Lowercase the PAM service name when calling with "args = *".
	  Linux PAM did this internally already, but at least BSD didn't.
	  If your PAM file used to be in /etc/pam.d/IMAP or POP3 file you'll
	  need to lowercase it now.

	+ Send list of CA names to client when using
	  ssl_verify_client_cert=yes.
	- IMAP: If message body started with line feed, it wasn't counted
	  in BODY and BODYSTRUCTURE replies' line count field.
	- deliver didn't load plugins before chrooting

v1.0.rc29 2007-03-28  Timo Sirainen <tss@iki.fi>

	* Security fix: If zlib plugin was loaded, it was possible to open
	  gzipped mbox files outside the user's mail directory.

	+ Added auth_gssapi_hostname setting.
	- IMAP: LIST "" "" didn't return anything if there didn't exist a
	  namespace with empty prefix. This broke some clients.
	- If Dovecot is tried to be started when it's already running, don't
	  delete existing auth sockets and break the running Dovecot
	- If deliver failed too early it still returned exit code 89 instead
	  of EX_TEMPFAIL.
	- deliver: INBOX fallbacking with -n parameter wasn't working.
	- passdb passwd and shadow couldn't be used as master or deny databases
	- IDLE: inotify didn't notice changes in mbox file
	- If index file directory couldn't be created, disable indexes instead
	  of failing to open the mailbox.
	- rawlog wasn't working with chrooting
	- Several other minor fixes

v1.0.rc28 2007-03-23  Timo Sirainen <tss@iki.fi>

	* deliver + userdb static: Verify the user's existence from passdb,
	  unless allow_all_users=yes
	* dovecot --exec-mail: Log to configured log files instead of stderr
	* Added "-example" part to doc/dovecot-sql-example.conf and
	  doc/dovecot-ldap-example.conf. They are now also installed to
	  $sysconfdir with "make install".

	+ When copying/syncing a lot of mails, send "* OK Hang in there"
	  replies to client every 15 seconds so it doesn't just timeout the
	  connection.
	+ Added idxview and logview utilities to examine Dovecot's index files
	+ passdb passwd and shadow support blocking=yes setting now also
	+ mbox: If mbox file changes unexpectedly while we're writing to it,
	  log an error.
	+ deliver: Ignore -m "" parameter to make calling it easier.
	+ deliver: Added new -n parameter to disable autocreating mailboxes.
	  It affects both -m parameter and Sieve plugin's fileinto action
	- mbox: Using ~/ in the mail root directory caused a ~ directory to be
	  created (instead of expanding it to home directory)
	- auth cache: If unknown user was found from cache, we didn't properly
	  return "unknown user" status, which could have caused problems in
	  deliver.
	- mbox: Fixed "UID inserted in the middle of mailbox" in some
	  conditions with broken X-UID headers
	- Index view syncing fixes
	- rc27 didn't compile with some non-GCC compilers
	- vpopmail support didn't compile in rc27
	- NFS check with chrooting broke home direcotry for the first login
	- deliver: If user lookup returned "unknown user", it logged
	  "BUG: Unexpected input"
	- convert plugin didn't convert INBOX

v1.0.rc27 2007-03-13  Timo Sirainen <tss@iki.fi>

	+ mbox and index file code handles silently out of quota/disk
	  space errors (maildir still has problems). They will give the user
	  a "Not enough disk space" error instead of flooding the log file.
	+ Added fsync_disable setting.
	+ mail-log plugin: Log the mailbox name, except if it's INBOX
	+ dovecot-auth: Added a lot more debug logging to passdbs and userdbs
	+ dovecot-auth: Added %c variable which expands to "secured" with
	  SSL/TLS/localhost.
	+ dovecot-auth: Added %m variable which expands to auth mechanism name
	- maildir++ quota: With ignore=box setting the quota was still updated
	  for the mailbox even though it was allowed to go over quota (but
	  quota recalculation ignored the box).
	- Index file handling fixes
	- mbox syncing fixes
	- Wrong endianness index files still weren't silently rebuilt
	- IMAP quota plugin: GETQUOTAROOT returned the mailbox name wrong the
	  namespace had a prefix or if its separator was non-default
	- IMAP: If client was appending multiple messages with MULTIAPPEND
	  and LITERAL+ extensions and one of the appends failed, Dovecot
	  treated the rest of the mail data as IMAP commands.
	- If mail was sent to client with sendfile() call, we could have
	  hanged the connection. This could happen only if mails were saved
	  with CR+LF linefeeds.

v1.0.rc26 2007-03-07  Timo Sirainen <tss@iki.fi>

	* Changed --with-headers to --enable-header-install
	* If time moves backwards only max. 5 seconds, sleep until we're back
	  in the original present instead of killing ourself. An error is
	  still logged.

	- IMAP: With namespace prefixes LSUB prefix.* listed INBOX.INBOX.
	- deliver: Ignore mbox metadata headers from the message input.
	  X-IMAP header crashed deliver.
	- deliver: If mail_debug=yes, drop out DEBUG environment before
	  calling sendmail binary. Postfix's sendmail didn't really like it.
	- mbox: X-UID brokenness fixes broke rc25 even with valid X-UID headers.
	  Now the code should finally work right.
	- Maildir: When syncing a huge maildir, touch dovecot-uidlist.lock file
	  once in a while to make sure it doesn't get overwritten by another
	  process.
	- Maildir++ quota: We didn't handle NUL bytes in maildirsize files very
	  well. Now the file is rebuilt when they're seen (NFS problem).
	- Index/view handling fix should fix some crashes/errors
	- If index files were moved to a different endianness machine, Dovecot
	  logged all sorts of errors instead of silently rebuilding them.
	- Convert plugin didn't change hierarchy separators in mailbox names.
	- PostgreSQL authentication could have lost requests once in a while
	  with a heavily loaded server.
	- Login processes could have crashed in some situations
	- auth cache crashed with non-plaintext mechanisms

v1.0.rc25 2007-03-01  Timo Sirainen <tss@iki.fi>

	* If time moves backwards, Dovecot kills itself instead of giving
	  random problems.

	+ Added --with-headers configure option to install .h files.
	  Binary package builders could use this to create some dovecot-dev
	  package to make compiling plugins easier.
	- PLAIN authentication: Don't crash dovecot-auth with invalid input.
	- IMAP APPEND: Don't crash if saving fails
	- IMAP LIST: If prefix.INBOX has children and we're listing under
	  prefix.%, don't drop the prefix.
	- mbox: Broken X-UID headers still weren't handled correctly.
	- mail-log plugin: Fixed deleted/undeleted logging.

v1.0.rc24 2007-02-22  Timo Sirainen <tss@iki.fi>

	* Dovecot now fails to load plugins that were compiled for different
	  Dovecot version, unless version_ignore=yes is set. This needs to be
	  explicitly set in plugins, so out-of-tree plugins won't have this
	  check by default.

	- pop3_lock_session=yes could cause deadlocks, and with maildir the
	  uidlist lock could have been overridden after 2 minutes causing
	  problems
	- PAM wasted CPU by calling a timeout function 1000x too often
	- Trash plugin was more or less broken with multiple namespaces and
	  with multiple trash mailboxes

v1.0.rc23 2007-02-20  Timo Sirainen <tss@iki.fi>

	* deliver doesn't ever exit with Dovecot's internal exit codes anymore.
	  All its internal exit codes are changed to EX_TEMPFAIL.
	* mbox: X-Delivery-ID header is now dropped when saving mails.
	* mbox: If pop3_uidl_format=%m, we generate a unique X-Delivery-ID
	  header when saving mails to make sure the UIDL is unique.

	+ PAM: blocking=yes in args uses an alternative way to do PAM checks.
	  Try it if you're having problems with PAM.
	+ userdb passwd: blocking=yes in args makes the userdb lookups be done
	  in auth worker processes. Set it if you're doing remote NSS lookups
	  (eg. nss_ldap problems are fixed by this).
	+ If PAM child process hasn't responded in two minutes, send KILL
	  signal to it (only with blocking=no)
	- IMAP: APPEND ate all CPU while waiting for more data from the client
	  (broken in rc22)
	- mbox: Broken X-UID headers assert-crashed sometimes
	- mbox: When saving a message to an empty mbox file it got an UID
	  which immediately got incremented.
	- mbox: Fixed some wrong "uid-last unexpectedly lost" errors.
	- auth cache: In some situations we crashed if passdb had extra_fields.
	- auth cache: Special extra_fields weren't saved to auth cache.
	  For example allow_nets restrictions were ignored for cached entries.
	- A lot of initial login processes could cause auth socket errors
	  in log file at startup, if dovecot-auth started slowly. Now the
	  login processes are started only after dovecot-auth has finished
	  initializing itself.
	- imap/pop3 proxy: Don't crash if the remote server disconnects before
	  we're logged in.
	- deliver: Don't bother trying to save the mail twice into the default
	  mailbox (eg. if it's over quota).
	- mmap_disable=yes + non-Linux was really slow with large
	  dovecot.index.cache files
	- MySQL couldn't be used as a masterdb
	- Trash plugin was more or less broken
	- imap/pop3 couldn't load plugins if they chrooted
	- imap/pop3-login process could crash in some conditions
	- checkpassword-reply crashed if USER/HOME wasn't set

v1.0.rc22 2007-02-06  Timo Sirainen <tss@iki.fi>

	+ pop3: Commit the transaction even if client didn't QUIT so cached
	  data gets saved.
	- Fixed another indexing bug in rc19 and later which caused
	  transactions to be skipped in some situations, causing all kinds of
	  problems.
	- mail_log_max_lines_per_sec was a bit broken and caused crashes with
	  dovecot -a
	- BSD filesystem quota was counted wrong. Patch by Manuel Bouyer
	- LIST: If namespace has a prefix and inbox=no, don't list
	  prefix.inbox if it happens to exist when listing for %.

v1.0.rc21 2007-02-02  Timo Sirainen <tss@iki.fi>

	- Cache file handling could have crashed rc20

v1.0.rc20 2007-02-02  Timo Sirainen <tss@iki.fi>

	+ dovecot: Added --log-error command line option to log an error, so
	  the error log is easily found.
	+ Added mail_log_max_lines_per_sec setting. Change it to avoid log
	  throttling with mail_log plugin.
	- Changing message flags was more or less broken in rc19
	- ACL plugin still didn't work without separate control directory
	- Some mbox handling fixes, including fixing an infinite loop
	- Some index file handling fixes
	- maildir quota: Fixed a file descriptor leak
	- If auth_cache was enabled and userdb returned "user unknown"
	  (typically only deliver can do that), dovecot-auth crashed.
	- mail_log plugin didn't work with pop3

v1.0.rc19 2007-01-23  Timo Sirainen <tss@iki.fi>

	- ACL plugin didn't work unless control dir was separate from maildir
	- More index file handling fixes

v1.0.rc18 2007-01-22  Timo Sirainen <tss@iki.fi>

	* ACL plugin + Maildir: Moved dovecot-acl file from control directory
	  to maildir. To prevent accidents caused by this change, Dovecot
	  kills itself if it finds dovecot-acl file from the control directory.
	* When opening a maildir, check if tmp/'s atime is over 8h old. If it
	  is, delete files in it with ctime older than 36h. However if
	  atime - ctime > 36h, it means that there's nothing to be deleted and
	  the scanning isn't done. We update atime ourself if filesystem is
	  mounted with noatime.
	* base_dir doesn't need to be group-readable, don't force it.
	* mail_read_mmaped setting is deprecated and possibly broken. It's now
	  removed from dovecot-example.conf, but it still works for now.
	* Removed also umask setting from dovecot-example.conf since currently
	  it doesn't do what it's supposed to.

	+ Authentication cache caches now also userdb data.
	+ Added mail_log plugin to log various mail operations. Currently it
	  logs mail copies, deletions, expunges and mailbox deletions.
	- dict quota: messages=n parameter actually changed storage limit.
	- A lot of fixes to handling index files. This should fix almost all
	  of the problems ever reported.
	- LDAP: auth_bind=yes was more or less broken.
	- Saved mails and dovecot-keywords file didn't set the group from
	  dovecot-shared file.
	- Fixed potential assert-crash while searching messages
	- Fixed some crashes with invalid X-UID headers in mboxes
	- If you didn't have a namespace with empty prefix, giving STATUS
	  command for a non-existing namespace caused the connection to give
	  "NO Unknown namespace" errors for all the future commands.

v1.0.rc17 2007-01-07  Timo Sirainen <tss@iki.fi>

	- MySQL authentication caused username to show up as "OK" in rc16.

v1.0.rc16 2007-01-05  Timo Sirainen <tss@iki.fi>

	* IMAP: When trying to fetch an already expunged message, Dovecot used
	  to just disconnect client. Now it instead replies with dummy NIL
	  data.
	* Priority numbers in plugin names have changed. If you're installing
	  from source, you should delete the existing plugin files before
	  installing the new ones, otherwise you'll get errors.
	* Maildir: We're using rename() to move files from tmp/ to new/ now.
	  See http://wiki.dovecot.org/MailboxFormat/Maildir -> "Issues with
	  the specification" for reasoning why this is safe. This makes saving
	  mails faster, and also makes Dovecot usable with Mac OS X's HFS+
	  (after you also set dotlock_use_excl=yes, see below).

	+ Added dotlock_use_excl setting. If enabled, dotlocks are created
	  directly using O_EXCL flag, instead of by creating a temporary file
	  which is hardlinked. O_EXCL is faster, but may not work with NFS.
	+ If Dovecot crashes with Linux or Solaris, it'll log a
	  "Raw backtrace". It's worse than gdb's backtrace, but better than
	  nothing.
	+ Added maildir_copy_preserve_filename=yes setting.
	+ Added a lazy-expunge plugin to allow users to unexpunge their mails.
	+ maildir quota: Added ignore setting to maildir quota, which allows
	  ignoring quota in Trash mailbox.
	+ dict quota: If dictionary doesn't yet contain the quota, calculate
	  it by going through all the mails in all the mailboxes.
	+ login_log_format_elements: Added %a=local port and %b=remote port
	+ Added -i and -o options to rawlog to restrict logging only to
	  input or output.
	- Doing a STATUS command for a selected mailbox (not a recommended
	  IMAP client behavior) caused Dovecot to sync the mailbox silently.
	  This could have lost eg. EXPUNGE events from clients, causing them
	  to use wrong sequence numbers.
	- deliver was treating boolean settings set to "no" as if they were
	  "yes" (they were supposed to be commented out for "no")
	- Running "dovecot" with -a or -n option while Dovecot was running
	  deleted all authentication sockets, which caused all the future
	  logins to fail.
	- maildir: RENAME and DELETE didn't touch control directory if it was
	  different from maildir or index dir.
	- We treated internal userdb lookup errors as "user unknown" errors.
	  In such situations this caused deliver to think the user didn't
	  exist and the mail get bounced.
	- pam: Setting cache_key crashed
	- shared maildir: dovecot-keywords file's mode wasn't taken from
	  dovecot-shared file.
	- dovecotpw wasn't working with PowerPC

v1.0.rc15 2006-11-19  Timo Sirainen <tss@iki.fi>

	* Fixed an off-by-one buffer overflow in cache file handling. The
	  code is executed only with mmap_disable=yes and only if index files
	  are used (ie. INDEX=MEMORY is safe).
	* passdb checkpassword: Handle vpopmail's non-standard exit codes.

	- rc14 sometimes assert-crashed if .log.2 file existed in a mailbox
	  (earlier versions leaked memory and file descriptors)
	- io_add() assert-crashfixes
	- Potential SSL hang fix at the beginning of the connection

v1.0.rc14 2006-11-12  Timo Sirainen <tss@iki.fi>

	* LDAP: Don't try to use ldap_bind() with empty passwords, since
	  Windows 2003 AD skips password checking with them and just returns
	  success.
	* verbose_ssl=yes: Don't bother logging "syscall failed: EOF"
	  messages. No-one cares about them.

	+ Dovecot sources should now compile without any warnings with gcc 3.2+
	- rc13 crashed if client disconnected while IDLEing
	- LDAP: auth_bind=yes fixes
        - %variables: Fixed zero padding handling and documented it. %0.1n
	  shouldn't enable it, and it really shouldn't stay for the next
	  %variable. -sign also shouldn't stay for the next variable.
	- Don't leak opened .log.2 transaction logs.
	- Fixed a potential hang in IDLE command (probably really rare).
	- Fixed potential problems with client disconnecting while master was
	  handling the login.
	- quota plugin didn't work in Mac OS X

v1.0.rc13 2006-11-08  Timo Sirainen <tss@iki.fi>

	+ deliver: If we're executing as a normal system user, get the HOME
	  environment from passwd if it's not set. This makes it possible to
	  run deliver from .forward.
	- Older compilers caused LDAP authentication to crash
	- Dying LDAP connections weren't handled exactly correctly in rc11,
	  although it seemed to work usually
	- Fixed crashes and memory leaks with AUTHENTICATE command
	- Fixed crashes and leaks with IMAP/POP3 proxying
	- maildir: Changing a mailbox while another process was saving a
	  message there at the same may have caused the changes to not be made
	  into the maildir, which could have caused other problems later..

v1.0.rc12 2006-11-05  Timo Sirainen <tss@iki.fi>

	- rc11 didn't compile with some compilers
	- default_mail_env fallbacking was broken with --exec-mail

v1.0.rc11 2006-11-05  Timo Sirainen <tss@iki.fi>

	* Renamed default_mail_env to mail_location. default_mail_env still
	  works for backwards compatibility.
	* deliver: When sending rejects, don't include Content-Type in the
	  rejected mail's headers.
	* LDAP changes:
            * If auth binds are used, bind back to the default dn before doing
	      a search. Otherwise it could fail if a user gave an invalid
	      password.
	    * Initial binding at connect is now done asynchronously.
	    * Use pass_attrs even with auth_bind=yes since it may contain
	      useful non-password fields.

	+ passdb checkpassword: Give TCPLOCALIP and TCPREMOTEIP and PROTO=TCP
	  environments to the checkpassword binary so we're UCSPI (and vchkpw)
	  compatible.
	- mbox handling was a bit broken in rc10
	- Using Dovecot via inetd kept crashing dovecot master
	- deliver: Don't crash with -f "". Changed the default from envelope
	  to be "MAILER-DAEMON".
	- INBOX wasn't shown with LSUB command if only prefixed namespaces
	  were used.
	- passdb ldap: Reconnecting to LDAP server wasn't working with
	  auth binds.
	- passdb sql: Non-plaintext authentication didn't work
	- MySQL passdb ignored all non-password checks, such as allow_nets
	- trash plugin was broken

v1.0.rc10 2006-10-16  Timo Sirainen <tss@iki.fi>

	* When matching allowed_nets IPs, convert IPv6-mapped-IPv4 addresses
	  to actual IPv4 addresses first.

	+ IMAP: Try to avoid sending duplicate/useless message flag updates
	+ Added support for non-plaintext authentication for vpopmail if it
	  returns plaintext passwords. Based on patch by Remi Gacogne.
	+ Added %D modified to return "sub.domain.org" as
	  "sub,dc=domain,dc=org" (for LDAP queries). Patch by Andrey Panin.
	- rc9 broke cache files in 64bit systems
	- deliver works now with mail_chroot
	- auth cache didn't work properly with multiple passdbs
	- Fixes to handling CRLF linefeeds in mboxes.

v1.0.rc9 2006-10-14  Timo Sirainen <tss@iki.fi>

	* 64bit systems: dovecot.index.cache file will be rebuilt because
	  some time fields have been changed from 64bit fields to 32bit
	  fields. Now the same cache file can be used in both 32bit and
	  64bit systems without it being rebuilt.
	* Added libmysqlclient workaround to conflicting sha1_result symbol,
	  which caused Dovecot to fail logging into MySQL.

	+ dovecot.index.cache file opening is delayed until it's actually
	  needed. This reduces disk accesses a bit with eg. STATUS commands.
	+ auth_cache: Try to handle changing passwords automatically: If
	  password verification fails, but the last one had succeeded, don't
	  use the cache. This works only with plaintext auth.
	- dovecot.index.cache: We didn't properly detect if some fields were
	  different length than we expected, which caused assert crashes
	- Lots of fixes to login/master process handling
	- mbox: Fixed a bug causing "X-IMAPbase uid-last unexpectedly lost
	  in mbox file" errors, and possibly others.

v1.0.rc8 2006-10-09  Timo Sirainen <tss@iki.fi>

	* GSSAPI: Changed POP3 service name to "pop", which is what the
	  standard says
	* "mbox:/var/mail/%u" no longer works as the mail location. You'll
	  have to specify the mail root explicitly, just like the examples
	  always have: "mbox:~/mail:INBOX=/var/mail/%u"

	+ SHA1, LDAP-MD5, PLAIN-MD5, PLAIN-MD4: The password can be now either
	  hex or base64 encoded. The encoding is detected automatically based
	  on the password string length.	  
	+ Allow running only Dovecot master and dovecot-auth processes with
	  protocols=none setting
	+ deliver: -f <envelope sender> parameter can be used to set mbox
	  From_-line's sender address
	+ deliver: Log all mail saves and failures
	+ Tru64 SIA passdb support. Patch by Simon L Jackson.
	- INBOX was listed twice in mailbox list if namespace prefix was used
	- INBOX-prefixed namespaces were a bit broken
	- kqueue: Fix 100% CPU usage
	- deliver: Duplicate storage was a bit broken
	- dictionary code was broken (ie. dict quota)
	- SIGHUP caused crashes sometimes

v1.0.rc7 2006-08-18  Timo Sirainen <tss@iki.fi>

	* Require that Dovecot master process's version number matches the
	  child process's, unless version_ignore=yes. Usually it's an
	  accidental installation problem if the version numbers don't match.
	* Maildir: Create maildirfolder file when creating new maildirs.

	+ ldap+prefetch: Use global uid/gid settings if LDAP query doesn't
	  return them
	+ %variables: Negative offsets count from the end of the string.
	  Patch by Johannes Berg.
	- kqueue ioloop code rewrite
	- notify=kqueue might have caused connection hangs sometimes
	- deliver: If message body contained a valid mbox From_ line, it
	  and the rest of the message was skipped.
	- mbox: We got into infinite loops if trying to open a 2 byte sized
	  file as mbox.
	- Don't crash with ssl_disable=yes
	- quota plugin caused compiling problems with some OSes
	- mbox: After saving a mail to a synced mbox, we lost the sync which
	  caused worse performance

v1.0.rc6 2006-08-07  Timo Sirainen <tss@iki.fi>

	* Removed login_max_logging_users setting since it was somewhat weird
	  in how it worked. Added login_max_connections to replace it with
	  login_process_per_connection=no, and with =yes its functionality
	  is now within login_max_processes_count.

	+ Added --with-linux-quota configure option to specify which Linux
	  quota version to use, in case it's not correct in sys/quota.h.
	  Usually used as --with-linux-quota=2
	+ acl plugins: If .DEFAULT file exists in global ACL root directory,
	  use it as the default ACLs for all mailboxes.
	- Fixes to login process handling, especially with
	  login_process_per_connection=no. 
	- Back to the original SSL proxy code but with one small fix, which
	  hopefully fixes the occational hangs with it
	- Several fixes to handling LIST command more correctly.

v1.0.rc5 2006-08-02  Timo Sirainen <tss@iki.fi>

	- Saving to mboxes still caused assert-crashes

v1.0.rc4 2006-08-02  Timo Sirainen <tss@iki.fi>

	- Saving to mboxes caused assert-crashes

v1.0.rc3 2006-08-02  Timo Sirainen <tss@iki.fi>

	- SSL connections hanged sometimes, especially when saving messages.
	- mbox: Mail bodies were saved with CR+LF linefeeds
	- Mail forwarding was broken with deliver/Sieve
	- dbox fixes. Might actually be usable now.
	- Index file handling fixes with keywords
	- Cache file was incorrectly used in some situations, which probably
	  caused problems sometimes.
	- Maildir++ quota: Don't count "." and ".." directory sizes to quota.
	  After rewriting maildirsize file keep its fd open so that we can
	  later update it. Patch by Alexander Zagrebin

v1.0.rc2 2006-07-04  Timo Sirainen <tss@iki.fi>

	* disable_plaintext_auth=yes: Removed hardcoded 127.* and ::1 IP
	  checks. Now we just assume that the connection is secure if the
	  local IP matches the remote IP address.
	* SSL code rewrite which hopefully makes it work better than before.
	  Seems to work correctly, but if you suddently have trouble with SSL
	  connections this is likely the reason.

	+ verbose_ssl=yes: Log also SSL alerts and BIO errors
	- If namespace's location field wasn't set, the default location
	  was supposed to be used but it wasn't.
	- When copying ssl-parameters.dat file from /var/lib to /var/run its
	  permissions went wrong if it couldn't be copied with hard linking.
	- Fixed filesystem quota plugin to work with BSDs.
	- Maildir: Saving mails didn't work if quota plugin was enabled (again)
	- Maildir: Messages' received time wasn't saved properly when
	  saving/copying multiple messages at a time. Also if using quota
	  plugin the S= size was only set for the first saved file, and even
	  that was wrong.
	- passdb passwd-file: Don't require valid uid/gid fields if file
	  isn't also being used as a userdb.
	- PostgreSQL: Handle failures better so that there won't be
	  "invalid fd" errors in logs.
	- Don't try to expunge messages if the mailbox is read-only. It'll
	  just cause our index files to go out of sync with the real
	  mailbox and cause errors.
	- ANONYMOUS authentication mechanism couldn't work because
	  anonymous_username setting wasn't passed from master process.

v1.0.rc1 2006-06-28  Timo Sirainen <tss@iki.fi>

	* PAM: If user's password is expired, give "Password expired" error
	  message to the user. Now actually working thanks to Vaidas Pilkauskas
	* Relicensed dovecot-auth, lib-sql and lib-ntlm to MIT license. See
	  COPYING file for more information.
	* Abuse prevention: When creating a mailbox, limit the number of
	  hierarchies (up to 20) and the length of the mailbox name within
	  a hierarchy (up to 200 characters).
	* mbox: If saved mail doesn't end with LF, add it ourself so that the
	  mails always have one empty line before the next From-line.

	+ Added --with-statedir configure option which defaults to
	  $localstatedir/lib/dovecot. ssl-parameters.dat is permanently
	  stored in that directory and is copied to login_dirs from there.
	+ IMAP: Support SASL-IR extension (SASL initial response)
	+ Support initial SASL response with LOGIN mechanism. Patch by Anders
	  Karlsson
	+ Added PLAIN-MD4 password scheme. Patch by Andrey Panin.
	+ Added support for XFS disk quotas. Patch by Pawel Jarosz
	+ If another process deletes the opened mailbox, try to handle it
	  without writing errors to log file. Handles the most common cases.
	+ Added TLS support for LDAP if the library supports it.
	- SEARCH command was more or less broken with OR and NOT conditions
	- Dovecot corrupted mbox files which had CR+LF linefeeds in headers
	- MySQL code could have crashed while escaping strings
	- MD4 code with NTLM authentication was broken with 64bit systems.
	  Patch by Andrey Panin
	- Plugin loading was broken in some OSes (eg. FreeBSD)
	- Several fixes to handling empty values in configuration file
	- Several fixes to dictionary quota backend and dict server.
	  Also changed how they're configured.
	- deliver: Fixed plugin handling settings
	- mbox_min_index_size handling was somewhat broken
	- passdb passwd-file: extra_args field wasn't read unless the file
	  was also used as userdb.

v1.0.beta9 2006-06-13  Timo Sirainen <tss@iki.fi>

	* PAM: Don't call pam_setcred() unless setcred=yes PAM passdb
	  argument was given.
	* Moved around settings in dovecot-example.conf to be in more logical
	  groups.

	+ Local delivery agent (deliver binary) works again.
	+ LDAP: Added support for SASL binding. Patch by Geert Jansen
	+ ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log
	  invalid sent certificates. If verbose_ssl=yes, log even the valid
	  certificates. When using the username from the certificate, use
	  CommonName. Based on patch by HenkJan Wolthuis
	+ PAM: Set PAM_TTY which is needed by some PAM plugins
	+ dovecot --exec-mail ext <binary path> can now be used to start
	  binaries which want dovecot.conf to be read, for example the
	  convert-tool.
	- Expunging needed to be done twice if client used STORE +FLAGS.SILENT
	  command to set the \Deleted flags
	- Added sql_escape_string() to lib-sql API and use it instead of
	  normal \-escaping.
	- ACL plugin fixes
	- DIGEST-MD5: Trying to use subsequent authentication crashed
	  dovecot-auth.
	- Fetching BODY when BODYSTRUCTURE was already cached caused the
	  reply to be broken in some cases
	- Lots of fixes for index file handling
	- dbox fixes and changes
	- mbox syncing broke if some extraneous/broken headers were removed
	  (eg. extra X-IMAPbase headers in mails)
	- Running Dovecot from inetd work now properly with POP3
	- Quota plugin fixes for calculating the quota correctly

v1.0.beta8 2006-05-12  Timo Sirainen <tss@iki.fi>

	* Fixed a security hole with mbox: "1 LIST .. *" command could
	  list all directories and files under the mbox root directory, so
	  if your mails were stored in eg. /var/mail/%u/ directory, the
	  command would list everything under /var/mail.

	+ Unless nfs_check=no or mmap_disable=yes, check for the first login
	  if the user's index directory exists in NFS mount. If so, refuse to
	  run. This is done only on first login to avoid constant extra
	  overhead.
	+ If we have plugins set and imap_capability unset, figure out the
	  IMAP capabilities automatically by running imap binary at startup.
	  The generated capability list isn't updated until Dovecot is
	  restarted completely, so if you add or remove IMAP plugins you
	  should restart. If you have problems related to this, set
	  imap_capabilities setting manually to work around it.
	+ Added auth_username_format setting
	- pop3_lock_session setting wasn't really working
	- Lots of fixes related to quota handling. It's still not working
	  perfectly though.
	- Lots of index handling fixes, especially with mmap_disable=yes
	- Maildir: saving mails could have sometimes caused "Append with UID
	  n, but next_uid = m" errors
	- flock() locking never timeouted because ignoring SIGALRM caused the
	  system call just to be restarted when SIGALRM occurred (probably not
	  with all OSes though?)
	- kqueue: Fixed "Unrecognized event". Patch by Vaclav Haisman

v1.0.beta7 2006-04-12  Timo Sirainen <tss@iki.fi>

	+ Added shutdown_clients setting to control if existing imap/pop3 
	  processes should be killed when master is.
	- Master login fixes, PLAIN authentication was still broken..

v1.0.beta6 2006-04-12  Timo Sirainen <tss@iki.fi>

	* The login and master usernames were reversed when using
	  master_user_separator (now the order is UW-IMAP compatible).
	* Killing dovecot master process now kills all IMAP and POP3
	  processes also.

	+ -a parameter to dovecot prints now all settings that Dovecot uses.
	  -n prints all settings that are different from defaults.
	+ Added pop3_lock_session setting
	+ %M modifier returns string's MD5 sum. Patch by Ben Winslow
	- PLAIN SASL authentication wasn't working properly, causing failed
	  logins with some clients (broken in beta4)
	- Fixes to Maildir++ quota, should actually work now
	- Don't crash if passwd-file has entries without passwords
	  (eg. deny=yes databases)
	- Fixed prefetch userdb to work nicely with other userdbs
	- If master process runs out of file descriptors, don't go to
	  infinite loop (unlikely to have happened unless the OS's default
	  fd limit was too low)
	- Fixed non-plaintext password lookups from LDAP. Patch by Lior Okman
	- %U modifier was actually lowercasing the string. Patch by Ben Winslow

v1.0.beta5 2006-04-04  Timo Sirainen <tss@iki.fi>

	- Beta4's SSL proxying rewrite worked worse than I thought.
	  Reverted it back to original code.

v1.0.beta4 2006-04-02  Timo Sirainen <tss@iki.fi>

	* Changed the default lock_method back to fcntl. Apparently flock
	  gives problems with some systems.
	* mbox: mailboxes beginning with '.' are now also listed
	* Replaced mail_use_modules and mail_modules settings with mail_plugins
	  and mail_plugin_dir. Now instead of loading all plugins from the
	  directory, you'll have to give a list of plugins to load. If the
	  plugin couldn't be loaded, the process exits instead of just
	  ignoring the problem (this is important with ACL plugin).

	+ Added support for "master users" who can log in as other people.
	  The master username can be given either in authorization ID
	  string with SASL PLAIN mechanism or by setting
	  auth_master_user_separator and giving it within the normal username
	  string.
	+ Added ACL plugin with ACL file backend. This however doesn't mean
	  that there yet exists a proper shared folder support. If master user
	  logged in as someone else, the ACLs are checked as the master user.
	+ Added some Dovecot extensions to checkpassword passdb, see ChangeLog
	+ Updated passwd-file format to allow specifying any key=value fields
	+ Maildir++ quota support and several quota fixes
	+ passdb supporting extra fields: Added "allow_nets" option which takes
	  a comma separated list of IPs/networks where to allow user to log in.
	+ NFS: Handle ESTALE errors the best way we can
	+ IMAP now writes to log when client disconnects
	+ In shared mailboxes (if dovecot-shared file exists) \Seen flags are
	  now kept only in index files, so as long as each user has a separate
	  index file they have separate \Seen flags.
	- Fixes to DIGEST-MD5 realm handling so it works with more clients
	- BODYSTRUCTURE -> BODY conversion from cache file was broken with
	  mails containing message/rfc822 parts.
	- Fixed several memory leaks
	- We could have sent client FETCH notifications about messages before
	  telling about them with EXISTS
	- Compiling fixes for Solaris and some other OSes
	- Fixed problem with internal timeout handling code, which caused eg.
	  outlook-idle workaround to break.
	- If /dev/urandom didn't exist, we didn't seed OpenSSL's random number
	  generator properly. Patch by Vilmos Nebehaj.
	- Maildir: Recent flags weren't always immediately removed from mails
	  when mailbox was opened.
	- Several changes to SSL proxying code, hopefully making it work
	  better.

v1.0.beta3 2006-02-08  Timo Sirainen <tss@iki.fi>

	* Dotlock code changed to timeout faster in some situations when
	  the lock file is old.
	+ Added support for loading SQL drivers dynamically (see INSTALL file
	  for how to build them)
	+ Keywords are stored to dboxes, and other dbox improvements.
	+ dict-sql could actually work now, making quota-in-sql-database
	  possibly working now (not fully tested)
	+ Added mail storage conversion plugin to convert automatically from
	  one mailbox format to another while user logs in. Doesn't preserve
	  UIDVALIDITY/UIDs though.
	+ Added plugin { .. } section to dovecot.conf for passing parameters
	  to plugins (see dovecot-example.conf).
	+ Added ssl-build-param binary which is used to generate
	  ssl-parameters.dat. Main dovecot binary doesn't anymore link to
	  SSL libraries, and this also makes the process title be clearer
	  about why the process is eating all the CPU.
	- Fix building without OpenSSL
	- Fixed memory leak in MySQL driver
	- Fixes to checkpassword
	- Broken Content-Length header could have broken mbox opening
	- Fixed potential hangs after APPEND command
	- Fixed potential crashes in dovecot-auth and imap/pop3-login
	- zlib plugin now links with -lz so it could actually work
	- kqueue fixes by Vaclav Haisman

v1.0.beta2 2006-01-22  Timo Sirainen <tss@iki.fi>

	+ Added SQLite support. Patch by Jakob Hirsch.
	+ Added auth_debug_passwords setting. If it's not enabled, hide all
	  password strings from logs.
	+ Added mail_cache_min_mail_count and mbox_min_index_size settings
	  which can be used to make Dovecot do less disk writes in small
	  mailboxes where they don't benefit that much.
	+ Added --build-ssl-parameters parameter to dovecot binary
	- SSL parameters were being regenerated every 10 minutes, although
	  not with all systems.
	- Fixed dovecot-auth crashing at startup. Happened only with some
	  specific compilers.
	- base_dir was supposed to be set world-readable, not world-writable

v1.0.beta1 2006-01-16  Timo Sirainen <tss@iki.fi>

	* Almost a complete rewrite since 0.99.x, but some of the major
	  changes are:

	+ Index file code rewritten to do less disk I/O, wait locks less and
	  in generate be smarter. They also support being in clustered
	  filesystems and NFS support is mostly working also.
	+ Mail caching is smarter. Only the data that client requests is
	  cached. Before Dovecot opened and cached all mails when mailbox was
	  opened the first time, which was slow.
	+ Mbox handling code rewritten to be much faster, safer and correct
	+ New authentication mechanisms: APOP, GSSAPI, LOGIN, NTLM and RPA.
	+ LDAP supports authentication binds
	+ Authentication server can cache password database lookups
	+ Support for multiple authentication databases
	+ Namespace configuration
	+ Dovecot works with shared 

v0.99.10 2003-06-26  Timo Sirainen <tss@iki.fi>

	* Default PAM service name changed to "dovecot". This means that
	  if you're using PAM, you most likely have to do
	    mv /etc/pam.d/imap /etc/pam.d/dovecot
	  If you wish to keep using imap, see doc/auth.txt.

	* ~/rawlog directory changed to ~/dovecot.rawlog

	+ Faster and better maildir synchronization. We support read-only
	  maildirs and out-of-quota conditions are handled a lot better.
	  dovecot-uidlist file still isn't out-of-quota-safe though, but you
	  can keep it in another location where quota isn't checked. For
	  example:
	    default_mail_env = Maildir:~/Maildir:
	      INDEX=/noquota/%u:CONTROL=/noquota/%u
	+ Read-only mboxes are supported now.
	+ Only NOOP and CHECK now always do a mailbox sync checking. Other
	  commands sync max. once in 5 seconds, plus always from indexes.
	  This should reduce I/O a bit.
	+ All NUL characters are translated to ascii #128 before sending to
	  client. RFC prohibits sending NULs and this is how UW-IMAP handles
	  it as well.
	+ Make ENVELOPE, BODY and BODYSTRUCTURE replies more compact by
	  removing multiple LWSPs and translating TABs to spaces. RFC doesn't
	  specifically require this, but this seems to be the wanted
	  behaviour..
	+ Added ANONYMOUS SASL mechanism.
	+ More flexible user chrooting configuration in home directories:
	  "<chroot>/./<homedir>"
	+ Added support for dynamically loadable IMAP/POP3 modules. See
	  INSTALL file for more information.
	- Partial fetches were broken if mails had CR+LF linefeeds
	- SEARCH DELETED didn't return anything if all messages were deleted
	- OpenSSL support was broken in many installations because we were
	  chrooted and it couldn't open /dev/urandom.
	- PAM: Giving wrong password blocked the whole process for two
	  seconds. Now we create a new process for each check.
	- Lots of other smaller bugfixes and better error handling

v0.99.9.1 2003-05-03  Timo Sirainen <tss@iki.fi>

	- Messages having lines longer than 8192 bytes caused problems.
	- There was some problems when opening a mbox first time that had been
	  empty for a while.
	- Didn't compile with OpenBSD.
	- POP3 server crashed sometimes instead of printing error message.
	- If cached IMAP envelope contained literals, SEARCHing in it wrote
	  errors to log file. For example if subject contained highascii, '"'
	  or '\' characters this happened.

v0.99.9 2003-04-28  Timo Sirainen <tss@iki.fi>

	* WARNING: mbox rewriting works now faster, but it's less likely to
	  notice external message flag changes (it wasn't perfect before
	  either). This also means that if you're not using index files,
	  Dovecot may not notice changes made by another Dovecot process.
	  This will be fixed later.

	+ Message UIDs are now permanently stored outside index files.
	  Deleting indexes is now possible without any kind of data loss and
	  in-memory indexes are now usable.
	+ mbox rewriting leaves extra space into X-Keywords header. It's
	  shrinked or grown when updating message flag headers to avoid
	  rewriting the rest of the file.
	+ imap-login and pop3-login can now be started from inetd. Privilege
	  separation is still used, so it executes dovecot and dovecot-auth
	  processes which are left on the background.
	+ PostgreSQL authentication support, patch by Alex Howansky
	- Large multiline headers (over 8kB) broke Dovecot before. Now they're
	  parsed one line at a time and we try to avoid reading them fully into
	  memory.
	- SEARCH OR was broken
	- Partial BODY[] fetches were broken
	- Timezones were still set wrong when parsing dates
	- Using non-synchronized literals (LITERAL+) broke APPEND
	- Renaming maildir subfolders inserted extra "." in the middle.
	- Subfolders were a bit broken with maildir
	- Invalid PLAIN auth request crashed auth process.

v0.99.8 2003-02-25  Timo Sirainen <tss@iki.fi>

	* NOTE: Configuration file has changed a bit: auth_userinfo was
	  replaced by userdb and passdb. *_port were merged into *_listen.
	  Disabling listening in imaps port is now done by changing protocols
	  setting.

	* Maildir: .customflags location has changed for INBOX. If you have
	  set any custom flags, move Maildir/.INBOX/.customflags into
	  Maildir/.customflags or they will be lost.

	* mbox: Autodetect /var/mail/%u and /var/spool/mail/%u as INBOXes
	  if they're found and mail_default_env isn't set.

	* passwd-file: File format changed a bit. If you used realm or mail
	  fields, you'll have to fix the file. See doc/auth.txt for description
	  of the format.

	+ Fully featured POP3 server included. Disabled by default.
	+ Support for LITERAL+, MULTIAPPEND, UNSELECT, IDLE, CHILDREN and
	  LISTEXT extensions.
	+ LDAP authentication support.
	+ Internal API cleanups made Dovecot faster and take less memory
	+ auth_verbose logs now all authentication failures
	+ Support for Solaris 9 sendfilev()
	+ New setting: mail_full_filesystem_access allows clients to access the
	  whole filesystem by simply giving the path before the mailbox name
	  (eg. SELECT ~user/mail/box, LIST "" /tmp/%). While this allows users
	  to share mailboxes, it's not recommended since Dovecot's index files
	  can't be safely shared.
	+ New setting: client_workarounds.
	+ Dynamically loadable authentication modules. Binary package builders
	  should consider using it for at least LDAP.
	+ mbox: Content-Length is saved now to each saved message, so it's
	  now safe to have lines beginning with "From ".
	+ mbox: mail_read_mmaped = no works with it now
	+ Indexes can be kept in memory by adding :INDEX=MEMORY to MAIL
	  environment. There's not much point to do this now though, since the
	  UIDs won't be saved.
	- COPY now behaves as RFC2060 says: "If the COPY command is
	  unsuccessful for any reason, server implementations MUST restore the
	  destination mailbox to its state before the COPY attempt."
	- LIST and LSUB rewrite, should fix several bugs in them
	- maildir_copy_with_hardlinks = yes was broken.
	- mboxes in subfolders weren't selectable.
	- STORE didn't accept multiple flags without () around them
	- PLAIN SASL-authentication was a bit broken.
	- IMAP dates were parsed a few hours wrong
	- STATUS command removed \Recent flags from messages
	- Several bugfixes to SEARCH command, especially related to multiple
	  search conditions
	- If auth/login process died unexpectedly at startup, the exit status
	  or killing signal wasn't logged.
	- mbox parsing might have crashed sometimes
	- mbox: when saving mails, internal headers were allowed in input,
	  sometimes causing problems (eg. duplicate headers) when appending
	  and copying messages
	- mbox: X-Keywords headers were duplicated
	- Some small fixes to how messages are saved to Maildir
	- Next command after STARTTLS was ignored which left the connection
	  stuck sometimes
	- Dovecot was pretty much broken with FreeBSD

v0.99.7 2003-01-14  Timo Sirainen <tss@iki.fi>

	+ Rewrote doc/index.txt, small updates to doc/design.txt and
	  doc/multiaccess.txt
	- New hash table code was broken with removing, which broke several
	  things. Fixed, but it's still a bit ugly code though..

v0.99.6 2003-01-13  Timo Sirainen <tss@iki.fi>

	+ THREAD=REFERENCES extension support. ORDEREDSUBJECT would be easy to
	  add, but I think it's pretty useless.
	+ SORT is much faster now.
	+ mbox: If ~/mail directory isn't found, create it.
	+ Log login usernames
	* Some coding style changes (less typedefs)
	- Mails with nested MIME parts might have caused incorrect BODY and
	  BODYSTRUCTURE fetches and sometimes might have crashed dovecot
	  (assert at imap-bodystructure.c). If client had already successfully
	  done the BODY fetching a couple of times, the bug couldn't happen
	  anymore since Dovecot then began caching the BODY data. So, this
	  mostly happened with new users.
	- non-UID SEARCH might gave wrong replies in certain conditions.
	- SORT replied always with UIDs instead of sequences.
	- If authentication was aborted by client ("*" reply to AUTHENTICATE),
	  the login process crashed later.
	- STATUS command gave invalid reply for mailboxes with spaces in name
	- Timezones were parsed wrong with message dates
	- Digest-MD5: We used "qop-options" instead of "qop", which was
	  incompatible with at least Cyrus SASL.
	- Realms in passwd-file were buggy
	- Literals didn't work when logging in
	- Crashed if it had to wait for mbox lock
	- With invalid configuration auth and login processes were just dying
	  and master filling log files infinitely.
	- We didn't work with some 64bit systems

v0.99.5 2003-01-02  Timo Sirainen <tss@iki.fi>

	* This release includes a lot of code cleanups, especially related to
	  security. Direct buffer modifying was replaced in several places
	  with a new buffer API, which provides a safe way to do it. Code that
	  looks unsafe contains @UNSAFE tag to make auditing easier.

	+ Support for SORT extension. Originally I thought about not
	  implementing any extensions before 1.0, but too many people want
	  webmails which want SORT. THREAD is another extension which they
	  want, but we don't support it yet.
	+ imap_listen and imaps_listen settings now accept "*" and "::" to
	  specify if we want to listen in IPv4 or IPv6 addresses. "::" may
	  also listen in all IPv4 addresses depending on the OS (Linux does,
	  BSD doesn't)
	+ New setting: default_mail_env can be used to specify where to find
	  users mailbox. Default is still to use autodetection.
	+ New setting: imap_log_path to log logins etc. informational messages
	  to different file.
	+ We support now separate mbox file for INBOX folder, no need for
	  symlink kludging anymore.
	+ Support for keeping index files in different location than actual
	  mailboxes.
	? Disabled mailbox_check_interval setting by default, it breaks
	  Evolution.
	- SEARCH was still somewhat buggy, especially with laggy networks.
	  Also body/header searches might have crashed or at least used
	  memory too much
	- Deleting messages in the middle of mbox caused dovecot to reindex
	  the following messages as new messages (ie. change UIDs and set
	  \Recent flag).
	- Digest-MD5 auth: Initial server challenge packet was missing a comma,
	  which might have made it incompatible with some implementations.
	- Some more fixes to unnecessarily high memory usage
	- SELECT and EXAMINE often printed UNSEEN reply or maybe complained
	  about corrupted indexes. Happened usually only with mbox.
	- FETCH BODYSTRUCTURE gave incorrect reply, breaking pine
	- LIST was pretty buggy with mbox subfolders
	- CHECK command returned just "missing parameters" error
	- DELETE didn't work with mbox folders
	- CREATE mailbox<hierarchy separator> failed always.
	- CREATE and RENAME didn't create required hierarchies with mbox
	- RFC822 date parser didn't handle single digit days correctly.
	- login_process_per_connection = yes didn't work with imaps port
	  connections which is exactly where it was mostly wanted.
	- ssl_disabled = yes didn't disable listening in imaps port
	- process limiting code didn't compile everywhere (eg. FreeBSD).
	- Linux sendfile() was never detected
	- We didn't work at all with gcc/PowerPC

v0.99.4 2002-12-01  Timo Sirainen <tss@iki.fi>

	- Command parser had several bugs when it didn't have enough data to
	  parse the full command in one call, ie. network lags etc. triggered
	  those bugs sometimes. This was the last "weird bug" I know of.
	- Mbox indexes got broken when updating cached fields
	- Fixed a few memory leaks and unneededly high memory usage while
	  caching envelopes
	- Fixes to searching from message body and header
	- --with-ssldir didn't do anything and the default was empty

v0.99.3 2002-11-26  Timo Sirainen <tss@iki.fi>

	- mail_read_mmaped = no (default) caused mbox corruption with EXPUNGE.
	  mmap()ing is forced for now.

v0.99.2 2002-11-26  Timo Sirainen <tss@iki.fi>

	+ If we have to wait for a lock longer, the client is now notified
	  about it every 30 seconds.
	- Default settings still pointed to lib directory instead of the
	  libexec directory where the binaries were actually installed
	- vpopmail support had to be kludged to fix a bug in vpopmail library
	  which sometimes left extra character after the user name.
	- Login process crashed if master process didn't let some user login.
	  Normally this couldn't happen without error in configuration.
	- select() based I/O loop wasn't working so Dovecot didn't work in
	  eg. OSX. Also PAM authentication wasn't detected with OSX.
	- Didn't compile with NetBSD-current

v0.99.1 2002-11-25  Timo Sirainen <tss@iki.fi>

	+ Added doc/mkcert.sh script to easily generate yourself a self-signed
	  certificate. Modify doc/dovecot-openssl.cnf before running it.
	+ --with-ssldir configure option to specify default path for /etc/ssl
	+ Added ssl_disable setting to config file
	- OpenSSL wasn't checked properly by configure
	- vpopmail authentication module didn't compile
	- We should install the binaries into libexec dir, not lib
	- doc/configuration.txt and doc/mail-storages.txt were missing

v0.99.0 2002-11-24  Timo Sirainen <tss@iki.fi>

	+ Replaced hash file with binary tree file which makes Dovecot stay
	  fast with large mailboxes after expunging multiple mails.
	+ Several speed improvements with SEARCH
	+ SEARCH CHARSET support using iconv(), although case-insensitive
	  searching is currently supported only for ASCII characters.
	+ OpenSSL support.
	+ Support for regenerating Diffie Hellman and RSA parameters with
	  specified intervals. NOTE: currently doesn't work with OpenSSL.
	+ Support for each login connection being handled in it's own process.
	  This is the default as it's more safe especially with SSL.
	+ mbox locking is now safe, other processes can't modify the mbox file
	  while we're reading it.
	+ Notify clients with "EXISTS" almost immediately after new mail is
	  received.
	+ Rawlog: Support for saving user connections into files - useful for
	  debugging.
	+ Content-Language is finally parsed correctly
	+ Lots of smaller speed optimizations
	- Partial BODY[] fetches weren't working properly
	- BODY[section] was buggy with message/rfc822 MIME parts
	- STARTTLS wasn't working
	- \* flag was missing from PERMANENTFLAGS.
	- Comments inside <> mail addresses crashed.
	- imap-login printed UTC timestamps to logfiles
	- passwd-file wasn't reread the the file changed
	- PAM authentication was implemented wrong, which caused it to break
	  with some PAM plugins.
	- Lots of smaller fixes, mostly to do with reliability

v0.98.4 2002-10-06  Timo Sirainen <tss@iki.fi>

	* Just a final release before replacing hash file with a binary tree.

	- When fetching messages larger than 256k, sometimes Dovecot missed
	  to send CR causing corrupted data at end of message and possibly
	  complete failure depending on IMAP client.
	- Fetching BODY or BODYSTRUCTURE for message having content-type of
	  message/rfc822 didn't correctly add () around the envelope data.
	- Several fixes to make it compile with HP/UX ANSI C compiler.
	  Also fixed several warnings it showed up.

v0.98.3 2002-10-01  Timo Sirainen <tss@iki.fi>

	* Sorry, just noticed a very stupid bug which caused evolution 1.2
	  beta to crash. I always thought it was just evolution's fault :)
	- Several fields in BODY / BODYSTRUCTURE replies weren't quoted

v0.98.2 2002-09-30  Timo Sirainen <tss@iki.fi>

	+ --with-file-offset-size=32 can now be used to select 32bit file
	  offsets. Using them should be a bit faster and take a bit less
	  disk and memory (also needed to compile Dovecot successfully with
	  TinyCC).
	+ maildir_copy_with_hardlinks option works now
	+ Check new mail and notify about it to client also after
	  commands which don't allow full syncing (FETCH, STORE, SEARCH).
	  Also always send RECENT after EXISTS notify.
	+ If we're out of disk space while opening mailbox, notify about it
	  with ALERT.
	- STORE and SEARCH didn't handle properly message sequence numbers
	  when some in the middle were externally deleted
	- SEARCH: Only first search condition was checked.
	- mbox: Message flags given to APPEND were ignored.
	- mbox: index was corrupted when changing flags for multipart MIME
	  messages
	- Out of disk space-handling wasn't working properly with .customflags
	  file
	- if auth processes were killed, login processes weren't reconnecting
	  to them

v0.98.1 2002-09-24  Timo Sirainen <tss@iki.fi>

	+ Faster and safer mbox rewriting when flags are updated
	- Didn't save messages larger then 8192 bytes
	- Several mbox breakages

v0.98 2002-09-23  Timo Sirainen <tss@iki.fi>

	+ mbox support is finally working. There's still some reliability
	  fixes left but overall it should be quite usable.
	+ vpopmail authentication support
	+ We should be able to deal with "out of diskspace/quota" conditions
	  properly, by keeping the indexes in memory and allowing user to
	  delete mails to get more space.
	+ Several speed enhancements
	+ New configuration file option: overwrite_incompatible_index to force
	  using ".imap.index" file, overwriting it if it isn't compatible
	- Handle invalid message headers reliably
	- Tons of bugfixes and code cleanups everywhere

v0.97 2002-08-29  Timo Sirainen <tss@iki.fi>

	+ Large mails are handled in 256kB blocks, so mail size no longer
	  has hardly any effect on memory usage
	+ 64bit file offsets are used if supported by system. This means
	  Dovecot is fully capable of handling >2G mails in those systems.
	  With 32bit offsets >2G mails may not behave too well, but should
	  not crash either.
	+ I fixed lots of potential integer overflows. This should make us
	  fully crash-free no matter what happens (index file corruption
	  mostly). I didn't verify everything too carefully yet, so more
	  auditing is still needed before we fully reach that goal.
	+ Implemented several missing tasks / optimizations to index handling.
	  It should now stay fast after longer usage periods.
	+ New configuration file options: log_path, log_timestamp, imaps_listen
	+ "Critical errors" are now hidden from users, ie. any error message
	  that is not a direct reply to user error is written into log file
	  and user gets only "Internal error [timestamp]".
	+ Nonblocking SSL handshaking
	+ Lots of code cleanups
	- Lots of mbox fixes, it seems to be somewhat reliable now
	- Year in Date-field was parsed wrong
	- Appending mail to mbox didn't work right
	- Always verify that mailbox names are valid (especially they shouldn't
	  contain "../")

v0.96 2002-08-08  Timo Sirainen <tss@iki.fi>

	* Changed to LGPL v2.1 license

	+ STARTTLS support and optional disabling of plaintext authentication
	  (LOGINDISABLED capability)
	+ Support for custom message flags, each folder can have 26 different.
	+ New configuration file options: imap_listen, max_logging_users,
	  max_imap_processes
	+ You can specify config file location to imap-master with -c <path>
	+ All IMAP processes can now write to specified log file instead of
	  syslog. Either do this by setting IMAP_LOGFILE environment, or
	  give -l <path> parameter to imap-master.
	+ Some cleanups to remove warnings with BSDs
	+ Changed all %s .. strerror(errno) -> %m
	+ Rewritten memory pool code
	- imap-master didn't close all the fds for executed processes
	- iobuffer code was buggy and caused the connection to terminate
	  sometimes
	- make install overwrote the existing dovecot.conf file, so it's now
	  named as dovecot-example.conf

v0.95 2002-07-31  Timo Sirainen <tss@iki.fi>

	+ Initial SSL support using GNU TLS, tested with v0.5.1.
	  TLS support is still missing.
	+ Digest-MD5 authentication method
	+ passwd-file authentication backend
	+ Code cleanups
	- Found several bugs from mempool and ioloop code, now we should
	  be stable? :)
	- A few corrections for long header field handling

v0.94 2002-07-29  Timo Sirainen <tss@iki.fi>

	* Supports running completely non-root now. imap-auth however is a
	  bit problematic as we don't support passwd-file yet.
	- Memory alignment fixes mostly
	- Other misc. bugfixes