Cyrus IMAP 2.2.x Release Notes¶
Changes to the Cyrus IMAP Server since 2.2.13
ctl_mboxlist now dumps/undumps the mailbox type flags, making it useful for remote mailboxes.
Added sieve_allowreferrals option to control whether timsieved issues referrals or proxys traffic to backends.
Changes to the Cyrus IMAP Server since 2.2.12
Allow sieve scripts to be run on shared mailboxes (via sieve annotation).
Updated nntpd to be compliant with latest draft (soon to be RFC3977).
Updated IMAP UIDPLUS extension to be compliant with latest specification (RFC4315).
Performance improvements to quota utility.
Fixed possible race condition in IMAP IDLE.
Made ptloader runtime configurable.
Added more extensive output to arbitron.
Allow responses of any length from backend when proxing IMAP/POP3/NNTP traffic.
Added plaintextloginalert option.
Only allow mbpath to be run as Cyrus user.
Added berkeley_hash and berkeley_hash_nosync cyrusdb backends (seem to perform better under heavy loads).
Added lastpop mailbox annotation.
Added subscribe/unsubscribe support to cyradm.
Fixed miscellaneous bugs and build issues.
Changes to the Cyrus IMAP Server since 2.2.11
Revert index change which wasn’t supposed to make it into 2.2.11
Changes to the Cyrus IMAP Server since 2.2.10
Fix possible single byte overflow in mailbox handling code.
Fix possible single byte overflows in the imapd annotate extension.
Fix stack buffer overflows in fetchnews (exploitable by peer news server), backend (exploitable by admin), and in imapd (exploitable by users though only on platforms where a filename may be larger than a mailbox name).
Changes to the Cyrus IMAP Server since 2.2.9
Fix 0 termination in mysasl_canon_user.
Check for imap magic plus buffer overflow in proxyd also (CAN-2004-1015).
Only send an over quota ALERT on SELECT if the quotaroot is different from the last ALERT, or we haven’t sent an ALERT in over 10 min.
Changes to the Cyrus IMAP Server since 2.2.8
Change ACLs correctly when renaming a user
Do not abandon std{in,out,err} file descriptors; syslog assumes it can use stderr if syslogd isn’t running.
Clean up imap magic plus to avoid buffer overrun (CAN-2004-1011)
Fix lack of bounds checking in PARTIAL and FETCH (CAN-2004-1012, CAN-2004-1013)
Do not attempt to reuse a freed connection in lmtpproxyd.
Allow login without authentication with -N switch in proxyd.
Fix use of xrealloc and fold pointers in lmtpengine.
Changes to the Cyrus IMAP Server since 2.2.7
Fix a double-free bug in the notify code
Fix a problem with idled and an empty mailbox list
Changes to the Cyrus IMAP Server since 2.2.6
Fix handling of PARTIAL command and partial body fetches
A large number of portability fixes supplied by Albert Chin <china@thewrittenword.com>
Added client_timeout option to control connect() timeouts for proxy code
Added popuseacl option
Fix a number of issues with the quota -f tool
Fix thread safety issue in saslserver()
Fix possible stage file leak in append code
Fix bugs in handling of MULTIAPPEND introduced in 2.2.3
Fixed regression bug in Sieve vacation
Changes to the Cyrus IMAP Server since 2.2.5
Fix a bug in the proxy code where a backend connection might get closed twice
Improved consistancy checking in chk_cyrus
Fix segfault in APPEND code
Fix a bug with an interaction between sieve and unixhierarchysep
Fix a file descriptor leak in the quotadb code
Fix a triggered assertation in service-thread services
Add a number of internal consistancy checks to the skiplist code
Allow mbpath to handle virtual domains
Fix various MANAGESIEVE client authentication issues
Other minor fixes
Changes to the Cyrus IMAP Server since 2.2.4
Bug fixed in hash table code that could sometimes cause crashes with the quotalegacy database
Net-SNMP compatibility
Significantly improved com_err detection
Assorted minor NNTP improvements
Assorted other minor bugfixes
Changes to the Cyrus IMAP Server since 2.2.3
Quota now uses the cyrusdb interface (quotalegacy by default).
All incoming messages are now staged to disk before locking the destination mailbox (locks are no longer held during a network read).
Fixed off-by-one error in fetchnews (articles are no longer skipped).
nntpd now uses the Followup-To: header (if exists) instead of the Newsgroups: header when constructing post address(es) and adds them to the Reply-To: header instead of the To: header.
Added berkeley_locks_max, berkeley_txns_max and berkeley_cachesize options.
Added imapmagicplus option.
Substantial work on afspts/ptloader canonicalization code
Much improved LDAP ptloader code (no more internal OpenLDAP dependencies)
Fixed a number of IPv6 related bugs
Changes to the Cyrus IMAP Server since 2.2.2
Berkeley DB 4.2 Support - note that the Cyrus Berkeley enviroment needs to be reset (db_recover) before a Berkeley DB version upgrade or you need to remove all berkeley dbs. Special care needs to be taken when berkley db is used for mboxlist.
Runtime configuration of the Cyrus databases. The cyrudb backend used for each database can be specified with an imapd.conf option. NOTE: You MUST convert the database using cvt_cyrusdb BEFORE changing the backend in imapd.conf.
Sendmail socket map support (smmapd) for verifying that mailboxes exist and are deliverable before accepting the message and sending it to Cyrus.
New userid mode for virtual domains, which does NOT do reverse lookups of the IP address.
nntpd now supports the Xref header.
nntpd can now use the POST command to feed articles to upstream servers.
fetchnews can now be used with NNTP servers which don’t support the NEWNEWS command.
lmtpd now initializes duplicate.db only when it is necessary (when using Sieve or duplicatesuppression).
Sieve now verifies that text strings are valid UTF-8.
Sieve now verifies that address tests and envelope tests are done on headers which contain addresses (can be disabled with rfc3028_strict: no).
Services will now notice that a new binary has been installed and will restart using the new binary once the existing connection is closed.
Changes to the Cyrus IMAP Server since 2.2.1
Major bugfixes in murder altnamespace/unixhierarchysep/virtdomain support (Thanks in large part to work by Christian Schulte <cs@schulte.it>)
Improved master process accounting (Henrique de Moraes Holschuh <hmh@debian.org>)
Significantly improved message header caching (based in large part on code supplied by David Carter <David.Carter@ucs.cam.ac.uk> from the University of Cambridge)
The sieve bytecode format has been updated once more, to correctly handle short-circuiting of the allof and anyof operators
Support for warning quota based on absolute mailbox size
Correct handling of annotations during XFER operations
Simple support for IMAP BINARY extension
Support for Automake 1.7 and Autoconf 2.57
Support for IMAP initial SASL response (the SASL-IR extension)
Changes to the Cyrus IMAP Server since 2.2.0
The improved directory hashing (fulldirhash) is now a runtime configuration option.
The netnews.db has been integrated into deliver.db.
Full r/w ANNOTATEMORE support, including more annotations that allow the control of operations such as message expiration. ANNOTATEMORE is also always enabled now.
expirenews has been replaced by cyr_expire which uses annotations for fine-grained mailbox expiration.
squatter can now use annotations for fine-grained mailbox indexing.
Many nntpd enhancements including: reader-only and feeder-only modes, support for LIST NEWSGROUPS (via mailbox annotations) and gatewaying news to mail (via mailbox annotations).
fetchnews can now authenticate to the remote server.
Removed deprecated LAST command from pop3d.
Sieve Bytecode is now stored in network byte order, meaning that bytecode files can be freely moved between different platforms
Sieve relational extension now working again.
Sieve vacation now uses the correct subject.
A large number of bugs involving virtual domain support have been fixed, including issues with the Murder, and with Sieve.
Changes to the Cyrus IMAP Server since 2.1.x
There have been extensive performance and consistancy changes to the configuration subsystem. This will both ensure greater consistancy between the documentation and the code, as well as a more standard format for specifing service-specific configuration options in imapd.conf. Important changes are detailed here:
The tls_[service]_* configuration options have been removed. Now use [servicename]_tls_*, where servicename is the service identifier from cyrus.conf for that particular process.
Administrative groups (e.g. admins and lmtp_admins) no longer union, service groups completely override the generic group.
lmtp_allowplaintext is no longer a defined parameter and must be specified using the service name of your lmtp process if you require a specific value
libcyrus has been split into libcyrus_min and libcyrus, so as to allow sensative applications (such as master) include the least amount of code necessary for operation
Virtual domain support. See the virtual domains document for details.
Users can now be renamed (even across domains). Note that this is not atomic and weirdness may occur if the user is logged in during the rename. See the allowusermoves option in imapd.conf(5) for details.
The db3 and db3-nosync database backends have been renamed to berkeley and berkeley-nosync respectively (to avoid confusion over whether or not db4 is supported).
The default mailbox list and seen state database formats have changed to skiplist from Berkeley and Flat, respectively.
ptloader is now a regular cyrus service. This has several implications, see install-upgrade.html for more details.
NNTP support. Usenet news can now be fed to and read from Cyrus directly via NNTP, without the need for a local news server. See netnews document for details.
IPv6 support, provided by Hajimu UMEMOTO <ume@mahoroba.org>
Sieve scripts are now compiled to bytecode to allow for faster execution (and lmtpd no longer needs lex or yacc). See install-upgrade.html for more details.
The functionality of pop3proxyd has been merged into pop3d. Be sure to update cyrus.conf on your frontend machines accordingly.
The functionality of ctl_deliver -E has been moved to cyr_expire -E. Be sure to update cyrus.conf on your machines accordingly.