- Notifications
You must be signed in to change notification settings - Fork296
Releases: dovecot/core
Dovecot v2.4.1
Compare
Installation
You can install pre-built binaries fromhttps://repo.dovecot.org
Docker images can be found athttps://hub.docker.com/r/dovecot/dovecot
Please reviewhttps://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html andhttps://doc.dovecot.org/2.4.1/installation/installation.html.
Important
We have changed the signing key for 2.4 going forward, releases are signed withEF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found athttps://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key.
The old key has been renamed tohttps://repo.dovecot.org/DOVECOT-REPO-GPG-2.3.
Warning
New 2.4 packagesare not compatible with old 2.3 configuration, please carefully reviewhttps://doc.dovecot.org/2.4.1/installation/upgrade/2.3-to-2.4.html before installing the new packages.
We are happy to provide experimental arm64 support in the form of a Docker image. There are now three kinds of images, latest, latest-dev and latest-root.
The latest docker image is now ran rootless, with UID 1000 as vmail. Please take this into consideration when upgrading. The latest-root image still runs as root. Latest 2.3 image can be used with tag 2.3-latest still.
Changes
- auth: Change unix_listener/auth-userdb/group = $SET:default_internal_group
This change needs dovecot_config_version=2.4.1. - auth: lua - Remove support for single string result.
- imap: Unconditionally advertise SPECIAL-USE capability.
- lib-dcrypt: Install dcrypt_openssl.so into dovecot modules directory.
- lib-master: For glibc, default MALLOC_MMAP_THRESHOLD_=131072.
- lib-storage: Change default mail_cache_fields to:
hdr.date hdr.subject hdr.from hdr.sender hdr.reply-to hdr.to
hdr.cc hdr.bcc hdr.in-reply-to hdr.message-id
date.received size.virtual imap.bodystructure mime.parts hdr.references
hdr.importance hdr.x-priority hdr.x-open-xchange-share-url
pop3.uidl pop3.order. This change needs dovecot_config_version=2.4.1. - lib-var-expand: Use moduledir instead of pkglibdir for crypt.
- lmtp: Change the default lmtp_user_concurrency_limit to 10.
This change needs dovecot_config_version=2.4.1. - lmtp: Change the default service_restart_request_count to 1.
This change needs dovecot_config_version=2.4.1.
New features and additions
- auth: Allow configuring passdb/userdb sql to use auth-workers.
- config: Add default group @mailbox_defaults = english.
- config: Improve "Unknown setting" error with more details and
suggestions. - doveconf: Add -U parameter to ignore unknown settings in config file.
- fts-flatcurve: Support lock files in VOLATILEDIR.
- imap-acl: Add support for the IMAP LIST-MYRIGHTS capability (RFC 8440).
- imap-client: Support ANONYMOUS authentication.
- imap: Implement support for the REPLACE capability.
Bug fixes
- auth: ldap - Passdb fields were ignored with
passdb_ldap_bind_userdn=yes. - auth: lua - Fix error result handling in lua passdb/userdb.
- auth: oauth2 - When building oauth2 failure reply, memory would leak.
- config: local_name handling would work wrong with multiple names and
wildcards. - fts-flatcurve: A potential crash could occur when searching virtual
mailboxes.
Fixes: Panic: file fts-search.c: line 87 (level_scores_add_vuids):
assertion failed: (array_count(&vuids_arr) == array_count(&br->scores)) - fts-flatcurve: Maybe queries were done wrong.
- fts-flatcurve: Non-selectable mailboxes were not ignored when doing
optimize/rescan. - fts-flatcurve: Signal 11 crash could happen with fts rescan.
- fts: Fix crash caused by event object lifecycle mishandling.
- imap-hibernate: Client counters would get reset on unhibernation,
affecting imap_logout_format variables. - imap: Crash would occur with Maildir when trying to send INPROGRESS
during mailbox syncing. - ldap: Dovecot could not be compiled without LDAP.
- lib-dcrypt: Output stream encryption can cause assert crash if
attempting to encrypt over 64 GiB of data with GCM. This is still not
supported with GCM, but it fails better. - lib-http: HTTP client context memory usage was increasing.
- lib-http: Pipeline corruption could happen after 100 Continue response.
- lib-settings: Variable expansion initialization could crash with
Panic: file settings.c: line 1560 (settings_var_expand_init_add):
assertion failed: (I_MAX(num_tables, num_provs) == num_ctx) - lib-smtp: Pipelining initial SASL response after AUTH was broken.
- lib-var-expand: If filter failed, memory leak would occur.
- lib-var-expand: Older bison versions did not have error symbol for
handling causing unexpected behaviour on the parser on error conditions. - quota: Quota calculations had minor bugs causing small errors.
Assets4
Dovecot v2.4.0
Compare
Installation
You can install pre-built binaries fromhttps://repo.dovecot.org
Docker images can be found athttps://hub.docker.com/r/dovecot/dovecot
Please reviewhttps://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html andhttps://doc.dovecot.org/2.4.0/installation/installation.html.
Important
We have changed the signing key for 2.4 going forward, releases are signed withEF0882079FD4ED32BF8B23B2A1B09EF84EDC5219, which can be found athttps://repo.dovecot.org/DOVECOT-REPO-GPG-2.4 and is signed with the previous key.
The old key has been renamed tohttps://repo.dovecot.org/DOVECOT-REPO-GPG-2.3.
Warning
New 2.4 packagesare not compatible with old 2.3 configuration, please carefully reviewhttps://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html before installing the new packages.
We are happy to provide experimental arm64 support in the form of a Docker image.
Docker images are now run rootless, with UID 1000 as vmail. Please take this into consideration when upgrading. Latest 2.3 image can be used with tag 2.3-latest still.
Changes
- config:
dovecot_config_versionmust be the first non-comment
line in configuration file. - config:
dovecot_storage_versionmust be in the configuration
file. - config: Many configuration options have changed so old configuration
files do not work without rewrite. See
https://doc.dovecot.org/latest/installation/upgrade/2.3-to-2.4.html - config: New variable expansion syntax has been introduced, see
https://doc.dovecot.org/latest/core/settings/variables.html - config: Some default settings have changed.
- config:
plugin {}section has been removed. - *-login: With
ssl=required, connections from login_trusted_networks
are now also required to be SSL/TLS encrypted. - acl: Use ACL settings instead of Global ACL Directories.
- auth-worker:
auth_worker_max_countis replaced withservice auth-worker { process_limit }. - auth: Weak password schemes are disabled by default, use
auth_allow_weak_schemesto enable them. - auth_debug, mail_debug: Use
log_debugfilter instead. - config: All sections require a name, for example passdb/userdb:
passdb static { password=secret} - db2: Remove Berkeley DB support.
- dict-memcached: This is removed, use Redis instead.
- director: Feature has been removed. Unsupported small-scale replacement:
https://github.com/dovecot/tools/blob/main/director.lua - doveadm: USER environment variable is only supported with
--no-userdb-lookup. One of -u, -F or -A must be used
otherwise. - doveconf: Option -n is now default when running doveconf.
- dsync: Use doveadm sync instead, legacy symlink has been removed.
- fs-sis: Feature is now deprecated and has been made read-only.
It will be removed in future release. - fts-lucene, fts-squat: These have been removed, use fts-flatcurve or
fts-solr instead. - imap-login: IMAP compression is now handled in proxies.
- imap_quota: SETQUOTA / quota_set has been removed.
- imap_zlib: This plugin is no longer needed, it's always enabled.
- imapc: All features are enabled by default, imapc_features can be used
to explicitly disable features that are not wanted. - lib-storage: mbox driver is now frozen.
- mail_compress: XZ and LZMA algorithm support has been removed.
- mailbox-alias: Plugin has been removed.
- old_stats, auth_stats: These have been removed.
- openssl: Minimum supported version of OpenSSL is now 1.1.1.
- openssl: Add support for OpenSSL 3.x
- quota-dict, quota-dirsize: These have been removed, use quota-count
instead. You can use quota-clone to copy quota usage to some database. - replicator: Feature has been removed. Use NFS or some other shared
filesystem instead, or run doveadm sync in crontab. - stats: The
bytes_inandbytes_outfield in several events have been
renamed asnet_in_bytesandnet_out_bytes. - zlib: Renamed to mail_compress plugin.
New features and additions
- Experimental SMTPUTF8 and IMAP UTF8=ACCEPT support has been added.
Needs --enable-experimental-mail-utf8 configure option andmail_utf8_extensions=yessetting. - Long running mail commands can be aborted with Ctrl-C / doveadm kick.
- auth: LDAP driver now supports multi-value attributes.
- auth: Add support for SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS.
- auth: Add support for TLS channel binding.
- auth: Support sending JA3 hash to policy server.
- configure: Detect latest Lua version.
- *-login: Support for TLS Server Name has been improved to allow pre-login
settings. For example capabilities to be changed based on TLS Server Name. - *-login: Support for TLS ALPN has been added, connections with mismatching
application are now refused. Missing ALPN is accepted. - fts-flatcurve: New Xapian based FTS plugin has been added.
- imap: Support for INPROGRESS untagged messages as per RFC 9585.
- lib-lua: Expose Dovecot DNS client.
- lib-lua: Expose Dovecot HTTP client.
- lib-sasl: Support SCRAM-SHA mechanisms.
- lmtp: SNI support has been added which allows settings to be applied
based on TLS Server Name. - sqlite: Support WAL mode.
- stats: Submetric name size has been increased.
- submission: Add
submission_add_received_headersetting to protect
sender identity by suppressing the Received: header.
Bug fixes
- Many bugs have been fixed.