[dgit import tarball dovecot 1:2.4.1+dfsg1-6 dovecot_2.4.1+dfsg1-6.debian.tar.xz]
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+autoreconf -f -i -v -Wall
+(cd pigeonhole && autoreconf -f -i -v -Wall)
--- /dev/null
+dovecot (1:2.4.1+dfsg1-6) unstable; urgency=medium
+
+ * [8c6ba88] Fix LDAP SASL auth support (Closes: #1106784)
+ * [fac9131] Avoid -fstack-clash-protection on hppa architecture
+ (Closes: #1107609)
+ * [071beb5] d/control: update Uploaders to reflect the current reality
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 18 Jun 2025 10:01:58 -0400
+
+dovecot (1:2.4.1+dfsg1-5) unstable; urgency=medium
+
+ * [e6e5ef7] Fix typo in conf.d/auth-passwdfile.conf.ext (Closes: #1106072)
+ * [2a34ed0] Import upstream fix for dovecot-lda data loss (Closes: #1106485)
+ * [6c287ea] Fix typo in doveadm-fetch(1) (Closes: #1106533)
+ * [11f8b62] Fix invalid metadata in debian/patches/skip-rfc-subdir.patch
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 28 May 2025 15:45:52 -0400
+
+dovecot (1:2.4.1+dfsg1-4) unstable; urgency=medium
+
+ * [235de56] managesieved: lintian: suppress library-not-linked-against-libc
+ * [74e7dcd] Ensure we use a 32-bit time_t on i386
+ * [461bc68] dovecot-core: postinst: fix purge of obsolete ucf conf files
+ (Closes: #1105003)
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 12 May 2025 20:36:26 -0400
+
+dovecot (1:2.4.1+dfsg1-3) unstable; urgency=medium
+
+ * [bdf895a] upstream fix for GSSAPI authentication regression
+ (Closes: #1104549)
+ * [8f15017] d/copyright: Correct canonical reference to GNU licenses
+ * [ad8f661] dovecot-flatcurve: correct missing dependency on ucf
+ * [131567a] Fix miscellaneous groff errors in upstream manpages
+ * [a4a1404] Correct lintian warning debian-news-entry-has-unknown-version
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 02 May 2025 11:20:05 -0400
+
+dovecot (1:2.4.1+dfsg1-2) unstable; urgency=medium
+
+ * [7c1b5b9] dovecot-ldap: postinst: correct conffile list (Closes: #1104047)
+ * [73a254a] config: set mail_home and add mbox deprecation note
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 28 Apr 2025 15:53:54 -0400
+
+dovecot (1:2.4.1+dfsg1-1) unstable; urgency=medium
+
+ * Release 1:2.4.1+dfsg1-1 to unstable
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 24 Apr 2025 13:06:17 -0400
+
+dovecot (1:2.4.1+dfsg1-1~exp2) experimental; urgency=medium
+
+ * [e30a611] flatcurve: Set breaks+replaces relationship on dovecot-fts-flatcurve
+ (Closes: #1102937)
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 18 Apr 2025 15:34:42 -0400
+
+dovecot (1:2.4.1+dfsg1-1~exp1) experimental; urgency=medium
+
+ * [18c4170] d/watch: handle suffixes in upstream release filenames
+ * [340250d] New upstream version 2.4.1+dfsg1
+ * [2fcd382] Ensure we don't try to download files from the internet during build
+ * [4497016] refresh patches
+ * [af108c1] Remove obsolete patches
+ * [0ed2624] Fix 32-bit integer rollover in tests
+ * [528f075] d/rules: remove autogenerated sources on clean
+
+ -- Noah Meyerhans <noahm@debian.org> Sun, 30 Mar 2025 11:48:57 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp6) experimental; urgency=medium
+
+ * [827f8b7] fix and re-enable 32-bit builds
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 24 Mar 2025 15:16:57 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp5) experimental; urgency=medium
+
+ * [cea2f60] d/rules: remove additional files on clean
+ * [24e625b] ci: extend the timeout for the test-build-twice job
+ * [1df7d66] Fix ABI identification and add safety checking for it
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 17 Mar 2025 09:56:33 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp4) experimental; urgency=medium
+
+ * [0806d3b] Move 90-sieve-extprograms back to dovecot-sieve where it belongs
+ (Closes: #1100146)
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 13 Mar 2025 17:41:17 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp3) experimental; urgency=medium
+
+ * [4989934] Install a config file for flatcurve
+ * [baeb072] Add default lmtpd configuration
+ * [1d1d874] d/rules: drop some obsolete configure options
+ * [6bc7f0b] pigeonhole: enable ldap pluggin support
+ * [1998623] Enable experimental support for SMTPUTF8 and UTF8=ACCEPT
+ * [22abd27] enable cdb support
+ * [369d4a4] ci: disable i386 builds
+ * [e6ff65b] update autopkgtests
+ * [56dd0d6] debian/dovecot-core.NEWS: Document configuration changes
+ * [3d12c1e] d/rules: Update ABI detection
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 11 Mar 2025 11:31:12 -0400
+
+dovecot (1:2.4.0+dfsg1-1~exp2) experimental; urgency=medium
+
+ * [ab636e4] Correct ucf handling of /etc/dovecot/dovecot.conf
+ * [ea5102c] Stop building for 32-bit architectures
+ * [88fecb4] fix shell error in dovecot-managesieved.postinst
+ * [68875fa] Fix some groff issues in manpages
+ * [b406a2f] drop stale lintian overrides
+ * [34e4a3b] lintian: ignore circular dependency between -core and -sieve
+ * [ee13475] d/copyright: Update or remove some attributions
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 12 Feb 2025 16:39:17 -0500
+
+dovecot (1:2.4.0+dfsg1-1~exp1) experimental; urgency=medium
+
+ [ Michael Tokarev ]
+ * Update to 2.4.0
+
+ [ Noah Meyerhans ]
+ * Update default configuration from upstream example config bundle at
+ https://github.com/dovecot/tools/blob/main/dovecot-2.4.0-example-config.tar.gz
+ * Remove obsolete config files on upgrade if unmodified
+ * Update /usr/share/dovecot/protocols.d/* for 2.4
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 11 Feb 2025 12:03:31 -0500
+
+dovecot (1:2.3.21.1+dfsg1-1) unstable; urgency=medium
+
+ [ Noah Meyerhans ]
+ * [452a10b] Move systemd unit files to /usr (Closes: #1071915)
+
+ [ Niels Thykier ]
+ * [a9caf51] Avoid unnecessary implicit requirement for `(fake)root`
+
+ [ Christian Göttsche ]
+ * [8c253d1] salsa-ci: enable build_twice job
+ * [47122cd] Bump to standards version 4.7.0 (no further changes)
+ * [4062094] Replace obsolete build-dependency pkg-config with pkgconf
+ * [f1221b8] Split overlong line in changelog
+ * [dd876aa] Annotate Debian patches
+ * [590287e] Fix typos in changelog
+
+ [ Noah Meyerhans ]
+ * [a212eb8] New upstream version 2.3.21.1+dfsg1
+ - Fix CVE-2024-23184 (Closes: #1078876)
+ - Fix CVE-2024-23185 (Closes: #1078877)
+
+ -- Noah Meyerhans <noahm@debian.org> Sat, 17 Aug 2024 13:26:24 -0400
+
+dovecot (1:2.3.21+dfsg1-3) unstable; urgency=medium
+
+ * [883dc1a] Add libtirpc-dev to build-depends (Closes: #1065213)
+
+ -- Noah Meyerhans <noahm@debian.org> Sat, 09 Mar 2024 22:31:22 -0800
+
+dovecot (1:2.3.21+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [a2fbc2f] split-protocols.patch: patch all-settings.c to successfully build
+ twice (Closes: #1044797)
+
+ [ Noah Meyerhans ]
+ * [70e4426] Drop arm64 from libunwind builddep arch list
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 30 Oct 2023 13:40:35 -0700
+
+dovecot (1:2.3.21+dfsg1-1) unstable; urgency=medium
+
+ [ Noah Meyerhans ]
+ * [753b4fe] Don't build the unmaintained lucene fts plugin (Closes: #1040884)
+ * [5597486] New upstream version 2.3.21+dfsg1
+
+ [ Christian Göttsche ]
+ * [b8017f1] Cleanup temporary build files
+ * [35e1afe] Silence prototype conflicts
+ * [8dda8b9] Update Lintian overrides
+ * [6bae82f] Bump to standards version 4.6.2 (no further changes)
+ * [1f973d2] Mark hurd patch forwarded
+
+ -- Noah Meyerhans <noahm@debian.org> Sat, 14 Oct 2023 08:52:10 -0700
+
+dovecot (1:2.3.20+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [fb2a5b7] d/rules: enable stack clash protection
+ * [2666970] d/patches: bump _FORTIFY_SOURCE to level 3
+
+ [ Noah Meyerhans ]
+ * [eab5171] New upstream version 2.3.20+dfsg1
+ * [d6135a4] Drop dependency on obsolete lsb-base package
+
+ -- Noah Meyerhans <noahm@debian.org> Sun, 25 Jun 2023 16:17:56 -0700
+
+dovecot (1:2.3.19.1+dfsg1-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * [b02ebc9] Don't use deprecated crypt module.
+ (closes: #1028513)
+
+ -- Bas Couwenberg <sebastic@debian.org> Fri, 20 Jan 2023 07:01:26 +0100
+
+dovecot (1:2.3.19.1+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [281fb2c] d/patches: cherry-pick fix for CVE-2022-30550 (Closes: #1016351)
+ * [9c58e71] d/patches: fix uninitialized read in doveadm-oldstats
+ * [a76a24d] d/control: bump to standards version 4.6.1 (no further changes)
+ * [4aaaa8b] Update Lintian overrides
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 29 Jul 2022 19:58:28 -0700
+
+dovecot (1:2.3.19.1+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [e40f93f] d/patches: avoid usage of PATH_MAX not available on hurd
+ * [19e00cd] d/rules: enable backtrace generation
+ * [5bf1c43] d/patches: debug flaky unit test
+
+ [ Noah Meyerhans ]
+ * [b73422f] New upstream version 2.3.19.1+dfsg1
+ * [c88bfc0] Update changelog for 1:2.3.19.1+dfsg1-1 release
+ * [ca59548] Update lintian overrides
+ * [d6406c2] d/copyright: update declarations for current maintainers
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 22 Jun 2022 09:27:01 -0700
+
+dovecot (1:2.3.19+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [0d29e45] d/rules: enable LTO via DEB_BUILD_MAINT_OPTIONS instead of custom flags
+ * [560cceb] d/source/lintian-overrides: update very-long-line-length-in-source-file overrides
+ * [b99d09e] d/copyright: update years
+ * [9ee8271] d/dovecot-core.prerm: drop as superseded by debhelper
+ * [907f85c] d/maintscripts: update
+ * [2b38240] d/dovecot-core.postinst: drop support for version skips
+ * [dcb76d1] d/dovecot-core.postinst: only link certs if existent (Closes: #1009872)
+ * [d223bbd] d/patches: add patch to support openssl 3.0 (Closes: #996273)
+
+ [ Noah Meyerhans ]
+ * [9f3175e] New upstream version 2.3.19+dfsg1
+
+ -- Noah Meyerhans <noahm@debian.org> Sun, 05 Jun 2022 18:29:18 +0000
+
+dovecot (1:2.3.18+dfsg1-1) unstable; urgency=medium
+
+ [ Noah Meyerhans ]
+ * [36966c8] New upstream version 2.3.18+dfsg1
+ * [042bda4] Refresh patches for 1:2.3.18+dfsg1-1
+
+ -- "Noah Meyerhans" <noahm@debian.org> Thu, 10 Feb 2022 20:05:50 +0000
+
+dovecot (1:2.3.17.1+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [40b0010] New upstream version 2.3.17+dfsg1
+ * [3c377e0] New upstream version 2.3.17.1+dfsg1
+ * [e2f1ce2] d/patches: rebase and drop upstream applied ones
+ * [533b7ad] d/control: bump to standards version 4.6.0 (no further changes)
+ * [02ed6cf] debian: reduce Lintian issues
+ * [bb3ae48] d/salsa-ci.yml: skip cross build and do not fail on Lintian
+ warnings
+ * [bcda7e4] d/control: build against Lua 5.4
+ * [9eed0dd] d/control: enable libunwind support on available archs
+ * [1990699] d/patches: cherry-pick memory leak commit
+ * [426df46] d/patches: cherry-pick imapsieve fix
+ * [e3d0747] d/patches: add patch for LTO by avoiding unaligned access
+ (Closes: #997513)
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 14 Dec 2021 09:24:23 -0800
+
+dovecot (1:2.3.16+dfsg1-3) unstable; urgency=medium
+
+ * [7b858b6] Fix FTBFS on mips(64)el. Stacktrace generation on these
+ architectures requires -funwind-tables, as with 32-bit arm.
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 16 Sep 2021 08:41:27 -0700
+
+dovecot (1:2.3.16+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [e1e9ece] d/patches: rework backtrace test patch
+ * [be404bf] d/patches: add big-endian patch
+
+ -- Noah Meyerhans <noahm@debian.org> Fri, 10 Sep 2021 16:10:50 -0700
+
+dovecot (1:2.3.16+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [ff4a227] New upstream version 2.3.14+dfsg1
+ * [963fa3b] New upstream version 2.3.15+dfsg1 (Closes: #991323, #983510)
+ * [5e0c898] d/watch: adjust dversionmangle for dfsg suffix
+ * [9ffb0f5] d/patches: update
+ * [850e1d6] New upstream version 2.3.16+dfsg1
+ * [7140b87] d/patches: rebase patches
+ * [fb1b77e] d/rules: enable LTO
+ * [ce7055d] d/control: add libsystemd-dev dependency
+ * [db93263] d/copyright: drop unused section
+ * [aeec1e8] d/rules: update how to set systemdsystemunitdir
+ * [ebe9709] d/patches: resolve compiler warnings
+ * [19b2bb0] d/changelog: bump to 1:2.3.16+dfsg1-1
+ * [58a4078] d/patches: update 32bit warnings patch
+
+ [ Noah Meyerhans ]
+ * [f217c2e] Fix indexer crash
+ * [b075317] Import upstream patch for indexer crash on client disconnect
+ * [36e8740] drop debian/dovecot-core.maintscript
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 02 Sep 2021 13:22:16 -0700
+
+dovecot (1:2.3.13+dfsg1-2) unstable; urgency=high
+
+ * Import upstream fixes for security issues (Closes: #990566):
+ - CVE-2021-29157: Path traversal issue allowing an attacker with
+ access to the local filesystem can trick OAuth2 authentication into
+ using an HS256 validation key from an attacker-controlled location
+ - CVE-2021-33515: Sensitive information could be redirected to an
+ attacker-controlled address because of a STARTTLS command injection
+ bug in the submission service
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 20 Jul 2021 08:05:19 -0700
+
+dovecot (1:2.3.13+dfsg1-1) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [6829237] New upstream version 2.3.13 (Closes: #979363)
+ - CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
+ - CVE-2020-25275: MIME parsing crashes with particular messages
+
+ * [6d25736] Add libzstd-dev to build-dependencies (Closes: #969165)
+ * [5956798] Rebase patches
+ * [2cb63c3] Bump to standards version 4.5.1 (no further changes)
+ * [548bac5] Drop unmatched copyright src/lib-ntlm/* wildcard
+ * [6f33f3f] Ignore package-contains-documentation-outside-usr-share-doc
+ false-positives
+ * [dde9c94] Handle removed configuration file in postinst
+
+ [ Pino Toscano ]
+ * [04a60e3] d/{control,rules}: disable apparmor support on !linux archs
+ (Closes: #951869)
+
+ [ Helmut Grohne ]
+ * [e5f9fcb] d/patches: improve cross-compile support (Closes: #979370)
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 25 Jan 2021 15:38:17 -0800
+
+dovecot (1:2.3.11.3+dfsg1-2) unstable; urgency=medium
+
+ [ Christian Göttsche ]
+ * [44770f6] Add patch for 32bit compiler warnings
+ * [053865a] Lintian: remove unused override
+ * [4ece2e1] Lintian: add forwarded header to Debian specific patches
+ * [67872b7] Lintian: ignore Debian only man page
+ * [d30bd7e] Lintian: tag manpage-without-executable got renamed to
+ spare-manual-page
+ * [3bdf952] Limit libcap-dev build-dependency to linux-any
+ * [28f6425] Drop acute accent in man page
+ * [8c15850] Add patch allowing GSSAPI containing NULL
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 19 Aug 2020 12:06:07 -0700
+
+dovecot (1:2.3.11.3+dfsg1-1) unstable; urgency=high
+
+ * New upstream release fixes security issues (Closes: #968302)
+ - CVE-2020-12100 - Receiving mail with deeply nested MIME parts leads to
+ resource exhaustion as Dovecot attempts to parse it.
+ - CVE-2020-12673 - Dovecot's NTLM implementation does not correctly check
+ message buffer size, which leads to reading past allocation which can
+ lead to crash.
+ - CVE-2020-12674 - Dovecot's RPA mechanism implementation accepts
+ zero-length message, which leads to assert-crash later on.
+ * Add libcap-dev to build-dependencies to support dropping linux
+ capabilities.
+
+ -- Noah Meyerhans <noahm@debian.org> Thu, 13 Aug 2020 16:21:24 -0700
+
+dovecot (1:2.3.10.1+dfsg1-2) unstable; urgency=medium
+
+ * Support sd_notify with systemd (Closes: #951722)
+ * Add necessary CFLAGS and LDFLAGS settings to ensure functional backtrace
+ generation. (Closes: #962630)
+ * Suppress additional library-not-linked-against-libc lintian warnings some
+ plugins as false-positives, observed on armel systems
+
+ [ Andreas Hasenack ]
+ * d/t/control, d/t/testmails: cherry-pick updated autopkgtests from
+ Ubuntu's 1:2.2.35-2ubuntu1:
+ - d/t/testmails: dropped the hardcoded "Ubuntu" name from the banner
+ text and made it distribution agnostic
+ - d/t/control: added lsb-release to test dependencies, used to get the
+ distribution name
+
+ -- Noah Meyerhans <noahm@debian.org> Tue, 16 Jun 2020 08:29:02 -0700
+
+dovecot (1:2.3.10.1+dfsg1-1) unstable; urgency=medium
+
+ * New upstream release addresses multiple security issues
+ - CVE-2020-10957
+ - CVE-2020-10958
+ - CVE-2020-10967
+ (Closes: #960963, #930919, #928492)
+ * Refresh patches
+ * Strip non-DFSG-compliant docs from .orig archives
+ * Incorporate a number of improvements to debian/ metadata contributed by
+ Christian Göttsche <cgzones@googlemail.com>
+ * Move pid file to /run (Closes: #925443)
+ * Add noahm@debian.org to Uploaders
+ * Work around flakiness in autopkgtest suite
+ * Suppress library-not-linked-against-libc lintian warnings some plugins as
+ false-positives
+
+ -- Noah Meyerhans <noahm@debian.org> Wed, 10 Jun 2020 10:41:37 -0700
+
+dovecot (1:2.3.7.2-1) unstable; urgency=medium
+
+ * [dcaf24e] New upstream version 2.3.7.2
+ - Fixes CVE-2019-11500 for dovecot-core
+ * [111beef] Update pigeonhole to 0.5.7.2
+ - Fixes CVE-2019-11500 for pigeonhole/managesieve
+ * [a422c4c] Bump Standards-Version to 4.4.0; no changes needed
+ * [56e37ed] Bump dh compat to 12; no changes needed.
+ - Drop d/compat in favor debhelper-compat B-D.
+ * [476edbd] Refresh dovecot_name.patch and ssl-cert-location.patch
+ * [9dc7904] Drop patches included in 2.3.7.2.
+ - CVE-2019-10691
+ - CVE-2019-11494
+ - CVE-2019-11499
+ - CVE-2019-7524
+ - avoid-double-closing-mysql.patch
+ - lib-master-test-event-stats-Use-PRIu64-format.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 29 Aug 2019 11:55:51 +0300
+
+dovecot (1:2.3.4.1-5) unstable; urgency=medium
+
+ * [bd00402] Fix CVE-2019-11494 and CVE-2019-11499 (Closes: #928235)
+ - submission-login: fix null pointer dereference when client
+ disconnects during authentication (CVE-2019-11494)
+ - submission-login: fix assert-crash when receiving an invalid
+ authentication message over TLS (CVE-2019-11499)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 29 Apr 2019 23:35:05 +0300
+
+dovecot (1:2.3.4.1-4) unstable; urgency=high
+
+ * [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 18 Apr 2019 10:21:19 +0300
+
+dovecot (1:2.3.4.1-3) unstable; urgency=high
+
+ * [07c9212] Fix two buffer overflows when reading oversized FTS headers
+ and/or oversized POP3-UIDL headers (CVE-2019-7524).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 25 Mar 2019 23:06:01 +0200
+
+dovecot (1:2.3.4.1-2) unstable; urgency=medium
+
+ [ Laurent Bigonville ]
+ * [ac99918] Fix double-free crash in mysql driver
+ Fix double closing of the connection in the mysql driver, this should
+ fix the crash in the dovecot auth process, taken from upstream.
+ (Closes: #918339)
+
+ [ Apollon Oikonomopoulos ]
+ * [8a30446] Bump Standards-Version to 4.3.0; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 14 Mar 2019 11:02:39 +0200
+
+dovecot (1:2.3.4.1-1) unstable; urgency=high
+
+ * [bebf0b4] New upstream version 2.3.4.1
+ + Fixes CVE-2019-3814: TLS client auth username handling
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 05 Feb 2019 16:19:12 +0200
+
+dovecot (1:2.3.4-2) unstable; urgency=medium
+
+ * [51d1317] Fix FTBFS on 32-bit platforms.
+ Cherry-pick upstream commit de42b54, fixing the event-stats test on
+ 32-bit platforms.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 24 Nov 2018 02:02:17 +0200
+
+dovecot (1:2.3.4-1) unstable; urgency=medium
+
+ * [14c247f] New upstream version 2.3.4
+ * [7fed004] Update pigeonhole to 0.5.4
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 23 Nov 2018 22:00:06 +0200
+
+dovecot (1:2.3.3-1) unstable; urgency=medium
+
+ [ Jelmer Vernooij ]
+ * Trim trailing whitespace.
+
+ [ Apollon Oikonomopoulos ]
+ * [6591a99] New upstream version 2.3.3
+ * [3d718ec] Bump Standards-Version to 4.2.1; no changes needed
+ * [123bd32] Update pigeonhole to 0.5.3
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 04 Oct 2018 17:29:40 +0300
+
+dovecot (1:2.3.2.1-1) unstable; urgency=medium
+
+ * [40ba9f0] New upstream bugfix release 2.3.2.1
+ * [87045ac] Drop fix-ftbfs-on-32bit.patch; merged upstream
+ * [5bb22a4] Bump Standards-Version to 4.1.5; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 10 Jul 2018 17:51:43 +0300
+
+dovecot (1:2.3.2-2) unstable; urgency=medium
+
+ * [48067de] Fix FTBFS on 32-bit platforms by cherry-picking upstream commit
+ 1e23986f.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 04 Jul 2018 12:43:14 +0300
+
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+ * [bb03669] New upstream version 2.3.2
+ + Upload to unstable
+ * [d29da3a] Merge 2.3 package changes from experimental. Important changes:
+ + [b3d1e17] Enable AppArmor support, see
+ https://wiki2.dovecot.org/Plugins/Apparmor
+ • B-D on libapparmor-dev
+ + [c0c55bd] Enable Lua scripting support for authdb/passdb.
+ • B-D on liblua5.3-dev
+ • New binary package, dovecot-auth-lua
+ + [4f6792e] Build with sodium support, enabling the ARGON2I and ARGON2ID
+ password schemes.
+ • B-D on libsodium-dev
+ + [54347e7] Build with ICU support enabling FTS unicode normalization
+ • B-D on libicu-dev
+ + New dovecot-submissiond binary package for the dovecot submission agent;
+ see https://wiki2.dovecot.org/Submission.
+ * [4db4813] Change maintainer address to dovecot@packages.d.o
+ * [5118354] Update pigeonhole to 0.5.2
+ * [52a7af4] Drop murmur3-big-endian.patch; merged upstream
+ * [22a6eee] Refresh dovecot_name.patch
+ * [3af7568] dovecot_name.patch: apply to submissiond as well
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 04 Jul 2018 08:57:45 +0300
+
+dovecot (1:2.2.36-1) unstable; urgency=medium
+
+ * [19f2274] d/gbp.conf: set merge-mode to "merge" to preserve pigeonhole/
+ when importing new dovecot sources
+ * [6b9bf0d] New upstream version 2.2.36
+ * [be12f22] Bump pigeonhole version to 0.4.24
+ + Remove new file under doc/rfc
+ + Ship the new imap_filter_sieve module in dovecot-sieve
+ * [b77be59] Bump Standards-Version to 4.1.4; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 06 Jun 2018 09:31:49 +0300
+
+dovecot (1:2.2.35-2) unstable; urgency=medium
+
+ * [7665652] Use git-subtree to generate pigeonhole patch from git; add
+ single-debian-patch to d/source/local-options
+ * [bfa0f10] d/rules: specify libdir manually; previous upload moved modules
+ under /usr/lib/<triplet>, which was bound to break existing setups
+ * [982e826] d/copyright: adjust pigeonhole path and bump years
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 22 Mar 2018 16:56:40 +0200
+
+dovecot (1:2.2.35-1) unstable; urgency=medium
+
+ * [8108cba] New upstream version 2.2.35
+ * [6cbbaa1] Update pigeonhole to 0.4.23 (Closes: #892137)
+ * [9ace5f2] Switch Vcs-* URLs to salsa.d.o
+ * [ef40625] d/rules: call configure via dh_auto_configure.
+ Thanks to Helmut Grohne (Closes: #885854)
+ * [a459455] Drop B-D on libcurl4-gnutls-dev; removed upstream since 2.2
+ * [235af9d] Update upstream signing key
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 20 Mar 2018 11:15:42 +0200
+
+dovecot (1:2.2.34-2) unstable; urgency=high
+
+ * [868dc65] Update pigeonhole to 0.4.22
+ * Set urgency to high due to the security fixes in 2.2.34-1
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 02 Mar 2018 18:36:23 +0200
+
+dovecot (1:2.2.34-1) unstable; urgency=medium
+
+ * [f53dc9a] New upstream version 2.2.34 (Closes: #921529)
+ Fixes the following security issues:
+ + CVE-2017-15130: TLS SNI config lookups may lead to excessive memory
+ usage (Closes: #891820)
+ + CVE-2017-14461: rfc822_parse_domain information leak vulnerability
+ (Closes: #891819)
+ + CVE-2017-15132: auth client leaks memory if SASL authentication is
+ aborted (Closes: #888432)
+ * [0dc98c6] Do not patch all-settings.c; regenerate it at build time
+ instead. Thanks to Aki Tuomi!
+ * [e678e3b] Bump dh compat to 11
+ + B-D on debhelper (>= 11~)
+ + Use dh_installsystemd instead of dh_systemd_enable
+ * [271b290] Bump Standards-Version to 4.1.3; no changes needed
+ * [3cd6715] d/copyright: bump upstream and debian years
+ * [380d1ac] Drop the ENABLED flag from /etc/default/dovecot (but let the
+ initscript handle it if it exists)
+ * [97d6fae] d/watch: switch upstream URL to https://
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 01 Mar 2018 10:55:49 +0200
+
+dovecot (1:2.2.33.2-1) unstable; urgency=medium
+
+ * [8216f38] New upstream version 2.2.33.2
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 11 Nov 2017 20:59:43 +0200
+
+dovecot (1:2.2.33.1-1) unstable; urgency=medium
+
+ * [dbd1132] New upstream version 2.2.33.1
+ + [b3d1f2d] Refresh split-protocols.patch
+ + [e0de123] Update pigeonhole to 0.4.21
+ * [ef6a1eb] Set mail_privileged_group to 'mail' by default (Closes: #711856)
+ * [aeb6cf3] d/copyright: convert to Format 1.0
+ * [5961f9d] Use dh-autoreconf for both, dovecot and pigeonhole.
+ * [85f1f0f] Bump Standards to 4.1.1; no changes needed
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 13 Oct 2017 16:28:14 +0300
+
+dovecot (1:2.2.32-2) unstable; urgency=medium
+
+ * [fa71c69] dovecot-core.postinst: remove dovecot-common's postrm
+ (Closes: #696382)
+ * [e835c67] Ship decode2text.sh as an example (Closes: #767313)
+ * [63fb486] Deprecate dovecot-dbg in favor of auto dbgsyms
+ * [36b44b9] Handle unsupported SSLv2/SSLv3 in the ssl_protocols setting
+ gracefully (Closes: #866752)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 19 Sep 2017 16:59:38 +0300
+
+dovecot (1:2.2.32-1) unstable; urgency=medium
+
+ * [6652d9c] New upstream version 2.2.32.
+ * [c9cb096] Update pigeonhole to 0.4.20.
+ * [b499950] dovecot-core: remove SSL key/cert symlinks on purge
+ (Closes: #867157)
+ * [dbdcc66] dovecot-core.postinst: ignore adduser errors (Closes: #867849)
+ * [476c950] Bump Standards to 4.1.0; no changes needed.
+ * [2914efa] Drop B-D on autotools-dev, it is depended on by debhelper 10.
+ * [305d022] Remove Fabio, Joel and Marco from Uploaders. Thanks for your work!
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 12 Sep 2017 16:15:52 +0300
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+ * [9b058f3] New upstream version 2.2.31
+ + [2b577c1] Bump pigeonhole version to 0.4.19
+ * Enable TLS by default:
+ + [7ca4b1c] Update SSL cert location patch; cert/key should reside under
+ /etc/dovecot/private by default.
+ + [05d3d0f] Use ssl-cert-snakeoil certificates to setup SSL by default
+ (Closes: #376146, #786570)
+ + [862901f] dovecot-core.postinst: manage 10-ssl.conf using ucf
+ (Closes: #850538)
+ + [418df05] README.Debian: document the new TLS setup
+ + [47bade9] dovecot-core.NEWS: document TLS support
+ * [8356bc0] Handle /etc/dovecot/private mode using dpkg-statoverride
+ * dovecot-core.postinst: cleanup
+ + [afbd33f] dovecot-core.postinst: always call adduser
+ + [ee22dc5] dovecot-core.postinst: remove obsolete conffile handling
+ + [7bb298b] dovecot-core.postinst: do not remove the imapd user/group
+ * [815a2d1] README.Debian: cleanup
+ * [91115a3] Use noawait dpkg triggers (lintian warning)
+ * [e845cec] Add basic usage DEP-8 test, doing end-to-end tests involving
+ LDA, IMAP and POP3.
+ * [71c73ef] systemd: convert service to Type=simple and start after
+ network-online.target (Closes: #865546, #825562)
+ * [1534fac] dovecot.service: enable ProtectSystem=full
+ * [d276c69] B-D only on default-libmysqlclient-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 27 Jun 2017 18:18:12 +0300
+
+dovecot (1:2.2.30.2-1) unstable; urgency=medium
+
+ * [401e83d] New upstream version 2.2.30.2
+ * [1ea8321] Bump pigeonhole version to 0.4.18
+ * [97bf8ec] Drop CVE-2017-2669 patch
+ * [9c1bbe2] Drop fix-sha3-on-big-endian.patch
+ * [d3c607b] Refresh dovecot_name.patch
+ * [5c64268] Bump Standards to 4.0.0; no changes needed
+ * [0b884fc] Bump compat to 10
+ + B-D on debhelper (>= 10)
+ + Drop B-D on dh-systemd, now provided by debhelper
+ + Run dh --without=autoreconf, since we use autotools-dev
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 22 Jun 2017 22:22:59 +0300
+
+dovecot (1:2.2.27-3) unstable; urgency=high
+
+ * [117285a] Remove /etc/dovecot/README (Closes: #849290)
+ * [04e8ce3] auth: Do not double-expand key in passdb dict when
+ authenticating (CVE-2017-2669) (Closes: #860049)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 11 Apr 2017 00:46:54 +0300
+
+dovecot (1:2.2.27-2) unstable; urgency=medium
+
+ * [30586e3] Fix SHA3 on big-endian architectures.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 15 Dec 2016 22:24:56 +0200
+
+dovecot (1:2.2.27-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [b1e4693] Imported Upstream version 2.2.27
+ + Includes fix for CVE-2016-8652 (Closes: #846605)
+
+ [ Apollon Oikonomopoulos ]
+ * [b25993a] Drop patches merged upstream:
+ + call_openssl_cleanup_at_deinit.patch
+ + disable_sslv23.patch
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Wed, 14 Dec 2016 21:48:46 +0200
+
+dovecot (1:2.2.26.0-4) unstable; urgency=medium
+
+ * [3015f35] Drop references to SSLv2 in the default SSL protocols (Closes: #844271)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 14 Nov 2016 17:55:26 +0200
+
+dovecot (1:2.2.26.0-3) unstable; urgency=medium
+
+ * [b03027b] Call OPENSSL_cleanup() on dcrypt_openssl unload. Fixes FTBFS
+ with OpenSSL 1.1.0c.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sun, 13 Nov 2016 10:56:30 +0200
+
+dovecot (1:2.2.26.0-2) unstable; urgency=medium
+
+ * [9db7d1b] Fix upgrades from 2.2.25 (Closes: #843028)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 08 Nov 2016 15:06:16 +0200
+
+dovecot (1:2.2.26.0-1) unstable; urgency=medium
+
+ [ Apollon Oikonomopoulos ]
+ * [18fc181] New upstream version 2.2.26.0 (Closes: #828286, #834837)
+ * [3ecfd3c] Update pigeonhole to 0.4.16
+ * [61ff825] Move libdovecot-ldap and libdict_ldap to dovecot-ldap (Closes:
+ #830135).
+ * [b3a1650] Ubuntu: disable -Bsymbolic-functions ld flag.
+ Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+ (Closes: #842151) (LP: #1636781)
+ * [5828ab1] B-D on default-libmysqlclient-dev (but keep plain
+ libmysqlclient-dev as an alternative to ease backports).
+ * [0086110] Drop DRAC plugin.
+ Thanks to Christian Ehrhardt <christian.ehrhardt@canonical.com>
+ (Closes: #842153)
+
+ [ Jaldhar H. Vyas ]
+ * [60808eb] Move aclocal *.m4 files into -dev package.
+ * [52fd869] Move lib95_imap_sieve_plugin.so into dovecot-sieve (Closes:
+ #832046).
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Thu, 07 Jul 2016 10:17:58 +0200
+
+dovecot (1:2.2.25-1) unstable; urgency=medium
+
+ * [cc29a81] Imported Upstream version 2.2.25
+ * [d19bcca] Updated pigeonhole patch to 0.4.14
+ * [16db179] Merged in some features of the Ubuntu dovecot package.
+ + dovecot-core: added lsb-base dependency.
+ + dovecot-core: Added apport hook.
+ + dovecot-imapd,dovecot-pop3d: Added ufw profiles.
+ Thanks to Christian Erhardt <christian.ehrhardt@canonical.com>
+ (Closes: #828864)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 01 Jul 2016 17:07:03 -0400
+
+dovecot (1:2.2.24-1) unstable; urgency=medium
+
+ * [26020b6] Imported Upstream version 2.2.24 (Closes: #818652)
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Mon, 09 May 2016 10:42:08 +0300
+
+dovecot (1:2.2.23-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * Drop missing-expunges.patch, merged upstream
+
+ [ Apollon Oikonomopoulos ]
+ * [8a01915] Imported Upstream version 2.2.23
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Tue, 12 Apr 2016 17:30:03 +0300
+
+dovecot (1:2.2.22-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [2321581] Imported Upstream version 2.2.22
+ * [3fa8a62] Updated pigeonhole patch to 0.4.13
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 18 Mar 2016 19:18:34 -0400
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+ [ Jaldhar H. Vyas ]
+ * [d9c0630] Imported Upstream version 2.2.21 (Closes: #809666, #708539,
+ #801346, 803223)
+ * [5360548] Updated pigeonhole patch to 0.4.12
+ * [5e6783f] Fixed typo in dovecot-core.README.Debian.
+ Thanks to Ingo Wichmann <iw-debian@linuxhotel.de> (Closes: #809717)
+ * [d00d0c7] Create /var/lib/dovecot in the package. (Closes: #801752)
+ * [6510373] Upstream patch for sync problem which could cause expunged
+ messages to keep reappearing. (Closes: #684499)
+ * [040f7fa] dovecot-core: dovecot.socket not enabled on installation
+ (Closes: #814999)
+ * [fc29003] /etc/dovecot/10-ssl.conf no longer managed by ucf or modified by
+ postinst. Thanks to Santiago Vila <sanvila@unex.es> (Closes: #773237)
+ * [0d16e16] Fixed some lintian warnings.
+ * [801ba7e] Added Apollon to uploaders
+
+ [ Apollon Oikonomopoulos ]
+ * [99ef3d8] Build with lz4 support (Closes: #784321)
+ * [92f68aa] Fix nss userdb (Closes: #712764)
+ * [41b9bde] Disable dovecot.socket in existing installations.
+ * [49c5b97] d/rules: specify systemd unit dir manually (Closes: #720854)
+ * [a377ccb] Convert to dh sequencer
+ * [48af954] B-D on debhelper >= 9
+ * [591c315] Bump standards to 3.9.7; no changes needed
+ * [ceb629e] Use dh_installinit --name
+ * [ef8d8ac] d/rules: refactor file installation
+ * [a899bcc] dovecot-core: use dh_installman
+ * [6159e00] d/rules: build in parallel if requested
+ * [51014e6] d/control: use HTTPS Vcs-* URLs
+ * [b385cf5] dovecot-sieve: replace Conflicts with Breaks
+ * [b4a9e68] Add basic DEP-8 tests
+ * [7452649] Add DEP-8 tests for systemd support
+ * [e5101aa] Re-enable PIE and bindnow
+ * [5717808] Fix invoke-rc.d calls and never call init.d directly
+ * [3504241] Drop debconf remains
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 01 Mar 2016 19:31:42 -0500
+
+dovecot (1:2.2.20-1) UNRELEASED; urgency=medium
+
+ * [68d5038] Imported Upstream version 2.2.20
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 13 Dec 2015 10:21:21 -0500
+
+dovecot (1:2.2.19-1) UNRELEASED; urgency=medium
+
+ * [146ef57] Imported Upstream version 2.2.19
+ * [3af7cad] Updated pigeonhole patch to 0.4.9
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 13 Dec 2015 09:41:56 -0500
+
+dovecot (1:2.2.18-2) unstable; urgency=high
+
+ * [3f3bf71] Updated pigeonhole patch to 0.4.8 (Closes: #792669)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 23 Aug 2015 23:16:28 -0400
+
+dovecot (1:2.2.18-1) unstable; urgency=medium
+
+ * [cce20a5] Imported Upstream version 2.2.18. Closes: #786760
+ * [36d2ec1] Refresh patch dovecot_name.patch.
+ * [109e6f8] Drop patch cve-2015-3420.patch: applied upstream.
+ * [6c59f09] Depend on krb5-multidev rather than libkrb5-dev.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 24 May 2015 15:01:19 +0000
+
+dovecot (1:2.2.16-1) unstable; urgency=medium
+
+ * [e9d9193] Imported Upstream version 2.2.16
+ * [976c256] Remove gbp- prefix from section names in debian/gbp.conf.
+ * [762b9a6] Add Dutch translation. Thanks, Frans Spiesschaert. Closes: #766203
+ * [dea3dd6] Drop bye_logout_not_sent.patch: already included upstream.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Mon, 04 May 2015 12:23:05 +0000
+
+dovecot (1:2.2.13-12) unstable; urgency=high
+
+ * [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
+ leading to a crash of the login process with newer versions of OpenSSL.
+ Closes: #783649 (CVE-2015-3420)
+
+ -- Jelmer Vernooij <jelmer@debian.org> Mon, 04 May 2015 11:38:30 +0000
+
+dovecot (1:2.2.13-11) unstable; urgency=high
+
+ * [ebc0377] Don't allow install of dovecot-sieve without a new enough
+ dovecot-core. (Closes: #772885)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 14 Dec 2014 12:27:50 -0500
+
+dovecot (1:2.2.13-10) unstable; urgency=high
+
+ [ Jelmer Vernooij ]
+ * [93db7f0] Fix path to 90-sieve-extprograms.conf in dovecot-sieve.postinst.
+ Closes: #772703, #772711
+
+ [ Jaldhar H. Vyas ]
+ * [8c627a4] Add another db_stop this time for triggers. Die #770695 die!
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 10 Dec 2014 19:56:20 -0500
+
+dovecot (1:2.2.13-9) unstable; urgency=high
+
+ * [5b689f6] Made some overlooked configuration files into conffiles;
+ deleted excess files from /usr/share/doc/dovecot-core.
+ * [83f2fc4] Explicitly stop debconf in dovecot-core postinst which hopefully
+ fixes the last of the install hangs.
+ Thanks to Chris Gilbert <zeke.gilbert@gmail.com> (Closes: #770695)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 09 Dec 2014 06:17:23 -0500
+
+dovecot (1:2.2.13-8) unstable; urgency=medium
+
+ * [b2f652f] Turn off SSL by default and leave SSL cert locations commented
+ out. Hopefully this will be a satisfactory lowest common denominator for
+ new installs without messing with upgrades.
+ (Closes: #771334, #771407)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 02 Dec 2014 00:21:30 -0500
+
+dovecot (1:2.2.13-7) unstable; urgency=high
+
+ * [daea09a] Commented out cert locations so install doesn't bomb if the
+ certs haven't been created yet.
+ (Closes: #706216, #732263, #767154, #768253, #769461, #770697)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 28 Nov 2014 00:27:03 -0500
+
+dovecot (1:2.2.13-6) unstable; urgency=medium
+
+ * [f7205c0] dovecot-dev: removed dependency on dovecot-core
+ * [e393868] Removed SSL certificate generation from postinst. From now on
+ you have to do this yourself. See dovecot-core's README.debian for
+ instructions. (Closes: #730828)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 25 Oct 2014 23:31:42 -0400
+
+dovecot (1:2.2.13-5) unstable; urgency=medium
+
+ * Fix name of organizationName field in SSL configuration for self-
+ signed certs. Closes: #760653
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sat, 06 Sep 2014 23:19:51 +0200
+
+dovecot (1:2.2.13-4) unstable; urgency=medium
+
+ * Add Provides with dovecot ABI version, for plugins to depend on.
+ Closes: #456021
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 20 Jul 2014 19:31:09 +0200
+
+dovecot (1:2.2.13-3) unstable; urgency=medium
+
+ * Build-depend on clucene 2.3 or later, which upstream lists as the
+ minimum version. Closes: #754141
+ * Use configuration file for openssl certificate configuration.
+ * Use canonical address for Vcs-Browser header.
+ * Remove unnecessary asterisk from NEWS entry; fixes lintian warning.
+ * Remove unused lintian override for usr/lib/dovecot/imap.
+ * dovecot-core: Ignore lintian warnings for empty directories.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Tue, 08 Jul 2014 01:48:08 +0200
+
+dovecot (1:2.2.13-2) unstable; urgency=medium
+
+ * [bd5e34b] Patches from upstreams' hg repo to fix BYE and LOGOUT not being
+ sent. (Closes: #751682)
+ * [452e336] Czech translation for debconf.
+ Thanks to Michal Šimůnek (Closes: #751389)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 25 Jun 2014 01:38:59 -0400
+
+dovecot (1:2.2.13-1) unstable; urgency=medium
+
+ * [0680040] Imported Upstream version 2.2.13
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 25 May 2014 18:45:38 +0200
+
+dovecot (1:2.2.13~rc1-1) unstable; urgency=medium
+
+ * [7751508] Imported Upstream version 2.2.13~rc1
+ + Fixes denial of service vulnerability (CVE-2014-3430). Closes: #747549
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sat, 10 May 2014 14:34:14 +0200
+
+dovecot (1:2.2.12-3) unstable; urgency=medium
+
+ * [0383db0] Break long line.
+ * [c961b6a] Fix installation of sieve plugins. Closes: #742770, #684271
+ * [388d2bf] Strip body.rfc5173.txt from the pigeonhole patch, as it is
+ non-free. Closes: #745398
+
+ -- Jelmer Vernooij <jelmer@debian.org> Wed, 23 Apr 2014 02:56:56 +0200
+
+dovecot (1:2.2.12-2) unstable; urgency=medium
+
+ * [c882a38] Add build dependencies libstemmer-dev and libexttextcat-dev,
+ used by dovecot-lucene.
+ * [67762d4] Use autotools-dev to update config.guess and config.sub.
+ * [33e79b7] Update Japenese po file. Thanks, victory. Closes: #730171
+ * [cbf213b] Add non-standard-dir-perm override for /etc/dovecot/private.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Sun, 23 Mar 2014 17:57:04 +0000
+
+dovecot (1:2.2.12-1) experimental; urgency=medium
+
+ * [52b67de] Update watch file for 2.2 series.
+ * [c4eac1f] Verify upstream tarball signature in watch file.
+ * [3a81ff9] Imported Upstream version 2.2.12
+ * [8950a86] Bump standards version to 3.9.5 (no changes).
+ * [cd82417] Add myself to uploaders.
+
+ -- Jelmer Vernooij <jelmer@debian.org> Thu, 06 Mar 2014 22:45:19 +0000
+
+dovecot (1:2.2.10-1) unstable; urgency=low
+
+ * [0496c52] Imported Upstream version 2.2.10
+ * [515dd61] Added new package for Lucene full text search support.
+ Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+ (Closes: #685979)
+ * [718a68e] Fix old private key location in README.Debian.
+ Thanks to Jelmer Vernooij <jelmer@debian.org> for the patch.
+ (Closes: #702385)
+ * [42da568] dovecot-solr: Make sure solr-schema.xml gets installed.
+ (In /usr/share/dovecot)
+ (Closes: #695185)
+ * [77acbf7] Added /usr/share/dovecot/dovecot-abi file in dovecot-dev to
+ document -- you guessed it! -- the dovecot ABI version.
+ * [feb597a] Added support for xz compression.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 06 Mar 2014 02:51:34 -0500
+
+dovecot (1:2.2.9-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [77468cf] Imported Upstream version 2.2.9
+ * [43e08f3] Place dovenull user in its own group. (Closes: #725164)
+ * [e1a3e9c] Handled the fact that dovecot-db.conf.ext is no longer used.
+ (Closes: #728107, #730403)
+
+ [Debconf translation updates]
+ * Russian (Yuri Kozlov). (Closes: #729106)
+ * German (Chris Leick). (Closes: #729358)
+ * Danish (Joe Hansen). (Closes: #729425)
+ * French (Julien Patriarca). (Closes: #729966)
+ * Portuguese (Américo Monteiro). (Closes: #730006)
+ * Polish (Michał Kułach). (Closes: #730061)
+ * Italian (Beatrice Torracca). (Closes: #730136)
+ * Japanese (victory). (Closes: #73017)
+ * Swedish (Martin Bagge / brother). (Closes: #730188)
+ * Spanish; (Camaleón). (Closes: #730354)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 16 Jan 2014 15:42:13 -0500
+
+dovecot (1:2.2.8-1) UNRELEASED; urgency=low
+
+ * [6157a2b] New upstream version 2.2.8
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Nov 2013 16:54:46 -0500
+
+dovecot (1:2.2.5-1) experimental; urgency=low
+ [ Micah Anderson ]
+ * [a0035bf] New upstream version 2.2.5
+ * [a053c49] Update pigeonhole patch to 0.4.1
+ * [689cd67] refreshed patches
+
+ [ Jaldhar H. Vyas ]
+ * Caused bugs and then fixed them again.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 09 Sep 2013 00:57:32 -0400
+
+dovecot (1:2.1.17-2) unstable; urgency=low
+
+ * [e8286e0] New version of drac patch taken from Ubuntu which works better
+ with 2.x (Closes: #716764)
+ * [23acb40] Add a patch from Ubuntu to report the distro name in the login
+ banner why not.
+ * [f8d566e] Don't need dovecot-common package anymore; get rid of it.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 07 Sep 2013 14:58:05 -0400
+
+dovecot (1:2.1.17-1) experimental; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [fa0d6aa] Re-enable mbox write locking patch to comply with policy 11.6
+ (Closes: #720502)
+ * [38691fb] New upstream version (Closes: #719021)
+ * [1361144] prompts in dovecot-core postinst debconfiscated.
+ * IN MEMORIAM: Goldy the Goldfish (2000-2013) You were a prince (or
+ perhaps princess?) among fish and we shall all miss you dearly.
+ May your karmas merit much punya in future lives.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 23 Aug 2013 01:46:20 -0400
+
+dovecot (1:2.1.16-1) experimental; urgency=low
+
+ * [9741bd8] New Upstream version
+ * [3476489] Updated pigeonhole patch to 0.3.5
+ * [d4f236f] Removed some patches which are no longer required.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 14 Jun 2013 16:25:19 -0400
+
+dovecot (1:2.1.7-8) experimental; urgency=low
+
+ * This version is not actually intended for upload. It merely undoes
+ some changes made for the the wheezy release. Namely, the following
+ features are back:
+ - TCP Wrappers support
+ - Hurd compatibility support
+ - Triggers.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 13 Jun 2013 16:14:21 -0400
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+ * If you are upgrading from stable or earlier versions of this package
+ from testing/unstable please carefully read
+ /usr/share/doc/dovecot-core/README.Debian.gz for important information
+ about changes.
+ * [0d74b31] Move Breaks/Replaces mailavenger from dovecot-common to
+ dovecot-core (Closes: #694376)
+ * [a8030a1] Revamped dovecot-cores README.Debian by adding any info I could
+ think of in order to ease upgrade problems. (Closes: #696820)
+ * [04798d3] Don't touch 10-ssl.conf at all. Eventually I will DTRT with
+ regards to the default generated ssl certificates but in the mean time
+ this will do the least mischief. (Closes: #696817)
+ * [fde17d1] Patch to make /etc/dovecot/readme point to the right place for
+ the example configuration. (Closes: #698941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.1.7-6) unstable; urgency=high
+
+ * WARNING: in order to get this package into wheezy some functionality
+ from the previous release had to be removed. Namely:
+ - TCP Wrappers support
+ - Hurd compatibility support
+ - Triggers
+ All this will be coming back in the next version but for now, if you need
+ any of it, stick with -5.
+ * [1f869e0] NEWS.Debian was not getting added to the package (Closes: #693621)
+ * [564c5e2] Add breaks and replaces mailavenger for debian-common
+ (Closes: #694376)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 14 Dec 2012 17:01:33 -0500
+
+dovecot (1:2.1.7-5) unstable; urgency=high
+
+ * [132bc3b] Remove call to ntp-wait in init script. Dovecot handles a
+ skewed clock much better now. (Closes: #693225)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 14 Nov 2012 14:45:29 -0500
+
+dovecot (1:2.1.7-4) unstable; urgency=high
+
+ * [68ef7ad] piuparts complained /etc/dovecot/private was left unowned on
+ purge which is against policy (Closes: #692944)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Nov 2012 23:45:07 -0500
+
+dovecot (1:2.1.7-3) unstable; urgency=high
+
+ [ Jaldhar H. Vyas ]
+ * [03d5499] Do not generate new dovecot cert if key or cert is already
+ present (Closes: #685896,#631257) Thanks to Alexander Ufimtsev
+ <alexu@ucd.ie> and Jörg-Volker Peetz <jvpeetz@web.de> for patches.
+ * [5be6c2a] You should be able to upgrade and remove dovecot-managesieved
+ without errors (Closes: #665487)
+ * [1a9ad5c] Fixes instances where UTF-8 was misused instead of mUTF-7
+ (Closes: #680035)
+ * [c0ac3ba] Backport of fix for failure to autocreate mailboxes
+ (Closes: #623440) This also requires setting the default mail_location.
+ * [ba1d3f5] Fix FTBFS on Hurd (Closes: #686931) via upstream patch backported
+ from mercurial.
+ * [cfa92b5] Upgrade pigeonhole page to 0.3.1 (Closes: #688407)
+ * [58f01c2] Generated certificates will now be created in /etc/dovecot
+ (Closes: #608719)
+ * [8e40ea5] Patch to build with PIE and bindnow
+ by intrigeri@debian.org (Closes: #679017)
+ * [87d982b] Use libwrap (Closes: #685850)
+ * [ebb5421] Start after nslcd (Closes: #692632)
+ * [2db5c1a] Add support for dpkg triggers. This means dovecot will not be
+ repeatedly restarted when installing or removing lots of plugins
+ (Closes: #601744)
+ * [bc66629] Patch to document -k in dsync.1
+ by Luca Capello <luca@pca.it> (Closes: #680992)
+ * [ba67766] Add lintian overrides.
+
+ [ Marco Nenciarini ]
+ * [ffba408] Updated watch file
+ * [9777434] Install missing default configuration files from upstream
+ * [9496828] Backport fix for segfault in managesieve triggered by
+ CHECKSCRIPT command. (Closes: #688197)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 10 Nov 2012 03:50:30 -0500
+
+dovecot (1:2.1.7-2) unstable; urgency=low
+
+ * [e23a136] Just a quick upload to make dovecot buildable on non-linux
+ platforms again. (Closes: #676817) I did it by removing the systemd
+ build-dep altogether. sd-daemon.[ch] is included in the source so if
+ systemd is installed on a system, it should be detected and socket
+ activation should happen. That is, assuming I've got everything right
+ (and documented) which is something I'll be looking into for the next
+ version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Jun 2012 23:54:47 -0400
+
+dovecot (1:2.1.7-1) unstable; urgency=low
+
+ * [7668742] Imported upstream 2.1.7 (Closes: #663243)
+ + doveadm.1 documents the move command. (Closes: #641750)
+ * [4db927a] Patch to enable systemd support. (Closes: #672266)
+ Thanks Riku Voipio.
+ * [e17ac86] Previous attempt at setting hardening flags did not include the
+ drac plugin. Simon Ruderich provided an extra patch.
+ (Closes: #653530)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 30 May 2012 16:27:21 -0400
+
+dovecot (1:2.1.4-1) experimental; urgency=low
+
+ * [6cc1e7d] Imported upstream 2.1.4
+
+ -- Micah Anderson <micah@debian.org> Tue, 10 Apr 2012 11:33:05 -0400
+
+dovecot (1:2.1.3-1) experimental; urgency=low
+
+ * [49ecc33] Imported upstream 2.1.3
+
+ -- Micah Anderson <micah@debian.org> Fri, 16 Mar 2012 22:04:46 -0400
+
+dovecot (1:2.1.2-1) experimental; urgency=low
+
+ * [70c3f6e] Imported upstream 2.1.2
+ * Add missing dependency on dpkg-dev 1.16.1
+
+ -- Micah Anderson <micah@debian.org> Thu, 15 Mar 2012 20:26:35 -0400
+
+dovecot (1:2.1.1-1) experimental; urgency=low
+
+ * [e113636] Imported upstream 2.1.1
+ * Updated pigeonhole patch to 0.3.0, supporting 2.1
+
+ -- Micah Anderson <micah@debian.org> Tue, 13 Mar 2012 23:08:06 -0400
+
+dovecot (1:2.0.18-1) unstable; urgency=low
+
+ * [85ae320] Imported Upstream version 2.0.18
+ * [9cfd1da] Upped standards version to 3.9.3
+ * [afb4164] Patch to dovecot-core/postinst so that permissions of symlinked
+ certificates aren't modified. (Closes: #646508)
+ Thanks Michael Kuhn.
+ * [bf642ee] Patch to enable hardened build flags. (Closes: #653530)
+ Thanks Moritz Muehlenhoff.
+ * [00b0d0c] Updated pigeonhole to 0.2.6
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 09 Mar 2012 00:55:13 -0500
+
+dovecot (1:2.0.15-1) unstable; urgency=low
+
+ * [a22575a] New upstream version 2.0.15: (Closes: #642045)
+ + doveadm altmove: Added -r parameter to move mails back to primary
+ storage.
+ - v2.0.14: Index reading could have eaten a lot of memory in some
+ situations
+ - doveadm index no longer affects future caching decisions
+ - mbox: Fixed crash during mail delivery when mailbox didn't yet have
+ GUID assigned to it.
+ - zlib+mbox: Fetching last message from compressed mailboxes crashed.
+ - lib-sql: Fixed load balancing and error
+ * [8ce5abc] Update pigeonhole to release 0.2.4
+ * [87658d2] Add dovecot-solr to dovecot-core's Suggests line.
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 19 Sep 2011 19:26:48 +0200
+
+dovecot (1:2.0.14-3) unstable; urgency=low
+
+ * [f37a9ec] Enable solr full text search plugin. (LP: #620959)
+ * [cdd8b84] Build dovecot-common as architecture-all package.
+ * [af90444] Fix mail_plugin_dir default value in conf.d/10-mail.conf
+ (Closes: #624294)
+ * [61347cb] Bump debhelper build-depends to (>= 7.2.3~) because we use
+ dh_bugfiles.
+ * [4b757b6] Fix wrong configuration files path in sieve manpages.
+
+ -- Marco Nenciarini <mnencia@debian.org> Fri, 16 Sep 2011 02:26:21 +0200
+
+dovecot (1:2.0.14-2) unstable; urgency=low
+
+ [ Marco Nenciarini ]
+ * [a6896d6] Rename dovecot-common to dovecot-core. (Closes: #624835)
+ * [c36ca96] Manage protocols during package configuration and
+ deconfiguration phases.
+ * [599b55b] Update pigeonhole to release 0.2.3.
+ * [c654db0] Add a bug-script which will append doveconf -n output to bug
+ reports.
+ * [5270323] Add notes about upgrading from 1.2 to README.Debian.
+ (Closes: #635351)
+ * [5cd77a3] Add build-arch and build-indep target to debian/rules as
+ required by lintian.
+ * [be05d2a] Avoid ucf question when upgrading from squeeze and the only
+ difference in dovecot.conf is at the "protocols" line.
+ * [3c73782] Remove ucf backups during purge.
+ * [3ccf508] Make /etc/dovecot/*.ext readable by dovecot group members.
+ (Closes: #639005)
+ * [665bcc5] Use -c ${CONF} when calling doveconf to determine PIDBASE.
+ Thanks to Jonathan Hall (Closes: #627794)
+ * [325042c] Purge obsolete unmodified config files from /etc.
+ (Closes: #629397)
+ * [a9b9afb] Modified init script to report failures. (Closes: #629654)
+ * [d4622fd] Make dovecot-core suggesting all other packages containing
+ additional features.
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 15 Sep 2011 19:43:55 +0200
+
+dovecot (1:2.0.14-1) unstable; urgency=low
+
+ * [50a947e] New upstream version 2.0.14: (Closes: #640143)
+ + doveadm: Added support for running mail commands by proxying to
+ another doveadm server.
+ + Added "doveadm proxy list" and "doveadm proxy kick" commands to
+ list/kick proxy connections (via a new "ipc" service).
+ + Added "doveadm director move" to assign user from one server to
+ another, killing any existing connections.
+ + Added "doveadm director ring status" command.
+ + userdb extra fields can now return name+=value to append to an
+ existing name, e.g. "mail_plugins+= quota".
+ - script-login attempted an unnecessary config lookup, which usually
+ failed with "Permission denied".
+ - lmtp: Fixed parsing quoted strings with spaces as local-part for
+ MAIL FROM and RCPT TO.
+ - imap: FETCH BODY[HEADER.FIELDS (..)] may have crashed or not
+ returned all data sometimes.
+ - ldap: Fixed random assert-crashing with with sasl_bind=yes.
+ - Fixes to handling mail chroots
+ - Fixed renaming mailboxes under different parent with FS layout when
+ using separate ALT, INDEX or CONTROL paths.
+ - zlib: Fixed reading concatenated .gz files.
+ * [0297425] Use xz compression for dbg packages.
+ * [4464ccf] Support parallel builds in debian/rules
+ * [19667f0] Acknowledge NMU 1:2.0.13-1.1.
+ Thanks to Luk Claes
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 06 Sep 2011 23:18:46 +0200
+
+dovecot (1:2.0.13-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Don't ship .la files (Closes: #621297).
+
+ -- Luk Claes <luk@debian.org> Sat, 18 Jun 2011 12:31:28 +0200
+
+dovecot (1:2.0.13-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * [8af9e4d] New upstream version 2.0.13:
+ + Added "doveadm index" command to add unindexed messages into
+ index/cache. If full text search is enabled, it also adds unindexed
+ messages to the fts database.
+ + added "doveadm director dump" command.
+ + pop3: Added support for showing messages in "POP3 order", which can
+ be different from IMAP message order. This can be useful for
+ migrations from other servers. Implemented it for Maildir as 'O'
+ field in dovecot-uidlist.
+ - doveconf: Fixed a wrong "subsection has ssl=yes" warning.
+ - mdbox purge: Fixed wrong warning about corrupted extrefs.
+ - sdbox: INBOX GUID changed when INBOX was autocreated, leading to
+ trouble with dsync.
+ - script-login binary wasn't actually dropping privileges to the
+ user/group/chroot specified by its service settings.
+ - Fixed potential crashes and other problems when parsing header names
+ that contained NUL characters. (CVE-2011-1929)
+ (Closes: #627443)
+
+ -- Marco Nenciarini <mnencia@debian.org> Sat, 21 May 2011 23:58:06 +0200
+
+dovecot (1:2.0.12-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * [66cbb94] New upstream major release. Imported Upstream version 2.0.12
+ * [a48c7fd] Updated standards version
+
+ [ Marco Nenciarini ]
+ * [5c6b334] Updated watch file
+ * [0ba683e] Updated init script to new configuration scheme. (Closes: #593527)
+ * [8370be4] Fix upgrading from rename-it.nl packages
+ * [ae804e3] Update changelog
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 25 Apr 2011 17:03:26 -0400
+
+dovecot (1:2.0.11-1) experimental; urgency=low
+
+ * [a4764a4] New upstream major release (Closes: #573889, #580929,
+ #597476, #603951, #606089, #606646, #606649, #608075, #612369, #610919)
+ * [461f667] Updated copyright and package descriptions. Thanks Stephan
+ Bosch.
+ * [7fbd92a] Drop all patches but drac support. Update pigeonhole to
+ release 0.2.1
+ * [05a5a1e] Update debian/rules to work with dovecot 2.0. Thanks
+ Stephan Bosch.
+ * [a36193e] Update debian/dovecot-common.{postinst,postrm} to handle
+ the new config file layout. Thanks Stephan Bosch.
+ * [3589afd] Remove debian/dovecot.1 manpage because is provided by
+ upstream.
+ * [f1703e1] Remove debian/dovecotpw.1 manpage as there is no dovecotpw
+ executable in dovecot 2.0. Same feature is provided through 'doveadm
+ pw' command.
+ * [e30283d] Remove expire-tool.sh wrapper as there is no expire-tool
+ in dovecot 2.0. Same feature is provided through 'doveadm expunge'
+ command.
+ * [3385061] Remove daily cron script and the related configuration
+ from the default file.
+ * [bec19a0] Update debian/dovecot-common.NEWS.Debian with upgrading
+ instructions
+ * [1e56f1c] Call dh_makeshlibs with --no-script option to avoid
+ {postinst,postrm}-has-useless-call-to-ldconfig lintian errors.
+ * [325f055] Disable numbers in patches (requires git-buildpackage >=0.5.13)
+ * [74d6ebe] Added debian/source/local-options with "unapply-patches".
+ * [0edef17] Set default protocols value as empty and enable each
+ protocol in its own configuration file in
+ /usr/share/dovecot/protocols.d (LP: #661453)
+ * [e88860c] Removed code about upgrading from pre-etch packages.
+ * [95c5d47] Removed obsolete Build-Conflict (Closes: #614053)
+ * [41dddf4] Move configurations for imapd and pop3d to the appropriate
+ packages. (Closes: #606648)
+ * [b8b66dc] Removed obsolete README.Debian and NEWS.Debian from
+ dovecot-pop3d and dovecot-imapd packages
+ * [0bda8ac] Added packages dovecot-lmtpd and dovecot-managesieved.
+ * [9a954f1] Build databases, ldap and gssapi support as plugins
+ * [1a3f323] Deregister obsolete configuration files from ucf in
+ dovecot-common postinst on upgrades.
+ * [fae4b76] Added packages dovecot-pgsql, dovecot-mysql, dovecot-sqlite,
+ dovecot-ldap, dovecot-gssapi and dovecot-sieve (Closes: #251433)
+ * [aa8983d] Imported Upstream version 2.0.11
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 07 Mar 2011 18:23:59 +0100
+
+dovecot (1:1.2.15-3) unstable; urgency=low
+
+ * [096c373] Fix file overwrite error when upgrading from lenny
+ (Closes: #601980)
+ * [37b3220] Add --no-create-home to adduser invocation in dovecot-
+ common.postinst script (Closes: #601767)
+ * [b00b527] Fall back to `hostname` if `hostname -f` invocation fails
+ (Closes: #562780)
+ * [9102fec] Make self-generated certificates key length 2048 bits.
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 02 Nov 2010 11:12:53 +0100
+
+dovecot (1:1.2.15-2) unstable; urgency=low
+
+ * [a0744a5] Switch vcs fields to git
+ * [d8a1bd4] Add debian/gbp.conf to make easy the usage of git-
+ buildpackage
+ * [c0dc21f] Warn that the generated SSL certificate will expire in 10
+ years instead of 365 days, as it's the lifetime of of self-generated
+ certificates since 1:1.2.13-1
+ * [6472d63] Switch to gbp-pq patch management.
+ * [bf2fc17] Upgraded sieve plugin to version 0.1.18
+ * [6b9809d] Upgraded managesieve plugin to version 0.11.12
+ * [d67cd17] Upgraded dovecot-managesieve.patch to version 0.11.12
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 28 Oct 2010 22:50:19 +0200
+
+dovecot (1:1.2.15-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * New upstream release (Closes: #587036,#597529)
+ * Updated policy version to 3.9.1.0 (no changes needed)
+
+ [ Jaldhar H. Vyas ]
+ * [SECURITY] Fixes two bugs with acls which could have allowed a user to
+ gain improper access or admin rights to shared mailboxes.
+ (Closes: #599521)
+ * Warn that the generated SSL certificate will expire in 365 days. Thanks
+ Phillip Weis. (Closes: #576455)
+ * Wherever the path to sendmail is given as /usr/lib/sendmail, change to
+ /usr/sbin/sendmail. (Closes: #570814,#595671)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 08 Oct 2010 17:34:19 -0400
+
+dovecot (1:1.2.13-1) unstable; urgency=low
+
+ [ Jaldhar H. Vyas ]
+ * dovecot-common: Upped expiration date of self-generated certificates to
+ 10 years from 1 year. (Closes: #587371)
+
+ [ Marco Nenciarini ]
+ * New upstream release:
+ - Fixed iconv() crash when it was processing several kilobytes of
+ broken continuous input. This mainly could have caused a problem
+ with IMAP SEARCH. Possibly also with some Sieve checks.
+ - If MIME encoded-words contained line feeds, Dovecot logged
+ cache corruption errors.
+ - mbox: Renaming mailbox under newly created dir didn't move index
+ directory.
+ - mbox: When generating envelope to From_-line, don't append a second
+ @owndomain if username already has one.
+ * Updated policy version to 3.9.0.0 (no changes needed)
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 26 Jul 2010 17:03:38 +0200
+
+dovecot (1:1.2.12-1) unstable; urgency=low
+
+ * New upstream release
+ * Upgraded sieve plugin to version 0.1.17
+ * Refreshed dovecot-managesieve.patch
+ * debian/patches/sieve-fix-imapflags.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org> Sat, 26 Jun 2010 18:14:15 +0200
+
+dovecot (1:1.2.11-1) unstable; urgency=high
+
+ * New upstream release
+ * urgency set to high, because under particular circumstances you could
+ cause a DoS by sending a message with a huge header.
+ * sieve: Fix addflags command in deprecated imapflags extension
+ (Closes: #570058)
+ * Include a daily expire script with a setting in /etc/default/dovecot
+ to enable it. The new script is disabled by default as it requires
+ some configurations by the system administrator. Thanks to Hans Spaans
+ * Mark expire-tool.sh as a bash script
+ * Bump Standards-Version to 3.8.4, no changes needed
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 08 Mar 2010 22:25:46 +0100
+
+dovecot (1:1.2.10-1) unstable; urgency=low
+
+ * New upstream release (Closes: #566796)
+ * Upgraded sieve plugin to version 0.1.15
+ * Upgraded managesieve plugin to version 0.11.11
+ * Upgraded dovecot-managesieve.patch to version 0.11.11
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 25 Jan 2010 17:21:09 +0100
+
+dovecot (1:1.2.9-2) unstable; urgency=low
+
+ * Upgraded sieve plugin to version 0.1.14
+ * Upgraded managesieve plugin to version 0.11.10
+ * Upgraded dovecot-managesieve.patch to version 0.11.10
+ * debian/patches/dovecot-example.patch: Refreshed.
+ * Added expire-tool wrapper script (Closes: #565538)
+ * Added ${misc:Depends} to the dependencies of each binary package,
+ to make lintian happy (debhelper-but-no-misc-depends)
+
+ -- Marco Nenciarini <mnencia@debian.org> Sun, 17 Jan 2010 09:39:42 +0100
+
+dovecot (1:1.2.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/gold-fix.patch: Removed. Fixed upstream.
+
+ -- Marco Nenciarini <mnencia@debian.org> Thu, 17 Dec 2009 10:52:53 +0100
+
+dovecot (1:1.2.8-2) unstable; urgency=low
+
+ * Moved libexec to lib corrections in dovecot-managesieve.patch and
+ dovecot-managesieve-dist.patch to dovecot-example.patch
+ * debian/patches/dovecot-mboxlocking.patch: Regenerated to avoid FTBFS
+ when quilt isn't installed.
+ * debian/patches/quota-mountpoint.patch: Removed. Not needed anymore.
+ * debian/patches/dovecot-quota.patch: Removed. Quotas aren't properly
+ enabled unless mail_plugins = quota imap_quota.
+ * debian/patches/gold-fix.patch: Fixed configure script to build even
+ with binutils-gold or --no-add-needed linker flag (Closes: #554306)
+ * debian/dovecot-common.init: fixed LSB headers. Thanks to Pascal Volk.
+ (Closes: #558040)
+ * debian/changelog: added CVE references to previous changelog entry.
+ * debian/rules: checked up the build system. It's not fragile anymore.
+ (Closes: 493803)
+ * debian/dovecot-common.postinst: Now invoking dpkg-reconfigure
+ on dovecot-common is enough to generate new certificates
+ if the previous ones were removed. (Closes: #545582)
+ * debian/rules: No longer install convert-tool in /usr/bin.
+ It isn't an user utility and it should stay in /usr/lib/dovecot
+ like all other similar tool.
+
+ -- Marco Nenciarini <mnencia@debian.org> Tue, 08 Dec 2009 12:24:04 +0100
+
+dovecot (1:1.2.8-1) unstable; urgency=high
+
+ [ Marco Nenciarini ]
+ * New upstream release. (Closes: #557601)
+ * [SECURITY] Fixes local information disclosure and denial of service.
+ (see: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
+ and CVE-2009-3897)
+ * Added myself to uploaders.
+ * Switched to the new source format "3.0 (quilt)":
+ - removed dpatch from build-depends
+ - removed debian/README.source because now we use only standard
+ dpkg features
+ - regenerated all patches
+ * Prepared to switch to multi-origin source:
+ - recreated dovecot-libsieve.patch and dovecot-managesieve-dist.patch
+ starting from the upstream tarball
+ - removed all autotools related build-depends and build-conflict
+ - renamed dovecot-libsieve and dovecot-managesieve directories
+ to libsieve and managesieve.
+ * debian/rules: Moved the configuration of libsieve and managesieve from
+ the build phase to the configuration phase
+
+ [ Jaldhar H. Vyas ]
+ * Added dovecot-dbg package with debugging symbols. Thanks Stephan Bosch.
+ (Closes: #554710)
+ * Fixed some stray libexec'isms in the default configuration.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 23 Nov 2009 17:04:14 -0500
+
+dovecot (1:1.2.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/dovecot-common.init:
+ - use $CONF when starting the daemon. (Closes: #549944)
+ - always output start/stop messages. (Closes: #523810)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 14 Nov 2009 11:28:33 +0100
+
+dovecot (1:1.2.6-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/v1.2.5-exec-mail_fix.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 12 Oct 2009 06:56:55 +0000
+
+dovecot (1:1.2.5-2) unstable; urgency=low
+
+ * debian/dpatches/v1.2.5-exec-mail_fix.dpatch: added.
+ (Closes: #546694, #546695)
+ * debian/dovecot-common.dirs: removed /etc, /etc/ssl/{private,certs}, they
+ are handled by openssl; this should fix the piuparts test.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Sep 2009 20:53:52 +0200
+
+dovecot (1:1.2.5-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 14 Sep 2009 14:34:06 +0200
+
+dovecot (1:1.2.4-2) unstable; urgency=low
+
+ * debian/patches/dovecot-libsieve.dpatch: updated to 0.1.12.
+ (Closes: #539527)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 02 Sep 2009 07:28:23 +0200
+
+dovecot (1:1.2.4-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #537186, #540058)
+ * Bumped Standards-Version to 3.8.3, no changes needed.
+ * debian/control: only suggests ntp. (Closes: #542152)
+ * debian/patches/dovecot-managesieve-dist.dpatch: updated to the 0.11.9
+ release. (Closes: #539527)
+ * debian/rules: dovecot should be started with sequence number 20.
+ (Closes: #543473)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 29 Aug 2009 17:27:59 +0200
+
+dovecot (1:1.2.2-2) unstable; urgency=high
+
+ * Er that should be fcntl not fnctl. (Closes: #539474, #539486)
+ * For the sake of completeness, fixed some errors in the example config file.
+ (They are in the !include statements which are commented out by default
+ so it is unlikely that most users will actually be affected.)
+ (Closes: #539391)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 01 Aug 2009 11:38:03 -0400
+
+dovecot (1:1.2.2-1) unstable; urgency=low
+
+ [Joel Johnson]
+ * New upstream version, updated ManageSieve patch
+ - fixes index corruption condition (Closes: #537388)
+ * Set default for mbox_write_locks to "fnctl dotlock" according to
+ Debian Policy (Closes: #537326)
+ * Set MySQL build dependency to use version-agnostic -dev package
+ * Drop postgres-configure patch, functionality included upstream
+ * Updated dovecot-libsieve to version 0.1.9
+ - fixes subaddress matching (Closes: #537386)
+ - check additional address-list headers (Closes: #537379)
+
+ [Jaldhar H. Vyas]
+ * Remove unneeded build-dependencies on byacc and flex now that we no longer
+ use cmusieve.
+
+ -- Joel Johnson <mrjoel@lixil.net> Tue, 28 Jul 2009 20:35:57 -0600
+
+dovecot (1:1.2.1-2) unstable; urgency=low
+
+ * Update to use default automake (Closes: #536880) now that current upstream
+ successfully builds with 1.10 (was previously a problem in bug 473754.
+ * Updated Standards-Version to 3.8.2 (no action required)
+ * Remove ./var/run directories to fix lintian warnings.
+ * Updated dovecot-libsieve patch to version 0.1.8, removed autogen.sh,
+ tests, and doc/rfc
+ * Updated dovecot-managesieve patch to version 0.11.7
+ * Updated dovecot-managesieve-dist patch to Mercurial revision 12b9733ee8b0
+ (0.11.7+), removed lib-cmusieve, doc/rfs, autogen.sh
+ * Add additional upgrading note to README.Debian to clarify the ManageSieve
+ configuration changes needed - existing configurations break if not
+ updated! (Closes: #537158)
+ * Include the ChangeLog and README for sieve and ManageSieve
+
+ -- Joel Johnson <mrjoel@lixil.net> Wed, 15 Jul 2009 20:29:33 -0600
+
+dovecot (1:1.2.1-1) unstable; urgency=low
+
+ [ Joel Johnson ]
+ * New upstream release
+ * Update packaging for 1.2 release
+ - update SIEVE patch to use Dovecot rewrite (version 0.1.7,
+ removed RFCs and tests for a DFSG patch)
+ - update ManageSieve patch and software to hg revision 2c9b4b4ab6a8
+ (0.11.6+) for 1.2.1 support
+ + removed lib-cmusieve since building against newer sieve
+ + removed doc/rfc for DFSG compliance
+ + removed autogen.sh since we run autotools during the build
+ - updated other misc patches
+
+ -- Joel Johnson <mrjoel@lixil.net> Sun, 12 Jul 2009 11:15:01 -0600
+
+dovecot (1:1.1.16-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #531599)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 04 Jun 2009 12:38:59 +0200
+
+dovecot (1:1.1.15-1) unstable; urgency=low
+
+ * New upstream release; sorry, no time to include extra upstream patches
+ which are not released, feel free to submit them as dpatch files and I will
+ add them to the package. (Closes: #529923)
+ * debian/control: updated Standards-Version, no changes needed.
+ * debian/dovecot-common.init: patched to support ENABLED=0 in
+ /etc/default/dovecot, useful if dovecot is used as local-only IMAP server
+ through PREAUTH interface. (Closes: #524302)
+ * debian/dovecot-common.README.Debian: simplified, we only point the user to
+ wiki.dovecot.org; added a note about how to regenerate the SSL certificate.
+ (Closes: #528934)
+ * debian/dovecot-common.postrm: do not break if /etc/ssl/certs does not
+ exist. (Closes: #524865)
+ * debian/patches/dovecot-managesieve-dist: updated to 0.10.6.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 31 May 2009 20:13:26 +0200
+
+dovecot (1:1.1.13-2) unstable; urgency=high
+
+ * New upload, urgency set to high: the package in testing is broken.
+ * debian/dovecot-common.init: fixed a typo.
+ * debian/patches/dovecot-example.dpatch: fixed a few paths.
+ (Closes: #521544)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 29 Mar 2009 21:16:02 +0200
+
+dovecot (1:1.1.13-1) unstable; urgency=low
+
+ * New upstream release.
+ * This version fixes problems accessing mailboxes in some setups.
+ (Closes: #520310)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 19 Mar 2009 17:31:56 +0100
+
+dovecot (1:1.1.12-1) unstable; urgency=low
+
+ * New upstream release, it fixes some wrong defaults in the configuration
+ file. (Closes: #518631)
+ * debian/rules: add support for libdb. (Closes: #518630)
+ * debian/dovecot-common.postinst: create the dovecot certificate only at
+ install time. (Closes: #518738, #518598)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 16 Mar 2009 14:26:32 +0100
+
+dovecot (1:1.1.11-4) unstable; urgency=low
+
+ * debian/dovecot-common.init: fixed a typo from the last upload.
+ (Closes: #518504)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 06 Mar 2009 18:39:09 +0100
+
+dovecot (1:1.1.11-3) unstable; urgency=low
+
+ * debian/dovecot-common.init: applied patch from HÃ¥kon Stordahl to call
+ ntp-wait if available. (Closes: #517808)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 04 Mar 2009 17:38:59 +0100
+
+dovecot (1:1.1.11-2) unstable; urgency=low
+
+ * debian/dovecot-common.init: fixed a bug in the init script, adding a
+ missing slash in the PIDFILE path. (Closes: #516845)
+ * debian/dovecot-common.init: fixed a bug in the init script, sending the HUP
+ signal for reloading the configuration. (Closes: #512197)
+ * debian/dovecot-common.init: check if /etc/inetd.conf exists.
+ (Closes: #509259, #497148)
+ * debian/control: dovecot-common suggests ntp and ntpdate. (Closes: #511060)
+ * debian/dovecot-common.postinst: migration hook for default_mail_env =>
+ mail_location. (Closes: #517073)
+ * debian/dovecot.1: fixed the path of the configuration file.
+ (Closes: #501493)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 27 Feb 2009 17:24:09 +0100
+
+dovecot (1:1.1.11-1) unstable; urgency=low
+
+ * New upstream release, upload to unstable. (Closes: #507122)
+ * debian/patches/dovecot-quota.dpatch: fixed a bug in the imap quota plugin.
+ (Closes: #484677)
+ * debian/dovecot-common.init: added the status action, thanks Fladischer
+ Michael for the patch. (Closes: #509694)
+ * debian/dovecotpw.1: added manpage for dovecotpw, thanks Xavier Luthi for
+ the patch. (Closes: #504712)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 20 Feb 2009 20:39:38 +0100
+
+dovecot (1:1.1.9-1) experimental; urgency=low
+
+ [ Fabio Tranchitella ]
+ * debian/control: dovecot-common suggests ntp.
+
+ [ Joel Johnson ]
+ * New upstream release
+ * updated managesieve patch to apply against new version
+
+ -- Joel Johnson <mrjoel@lixil.net> Sat, 24 Jan 2009 04:12:42 +0000
+
+dovecot (1:1.1.8-1) experimental; urgency=low
+
+ * New upstream release.
+ * debian/control: added LDA to the description of dovecot-common.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 07 Jan 2009 23:14:29 +0100
+
+dovecot (1:1.1.7-1) experimental; urgency=low
+
+ * New upstream release
+ * Updated dovecot-ssh.patch for new release
+ * Updated MANAGESIEVE to 0.10.4
+ * Fix package to support double compilation
+ - Properly clean dovecot-managesieve as pointed out by Stephan Bosch
+ - Add --copy directive to automake invocation
+
+ -- Joel Johnson <mrjoel@lixil.net> Thu, 04 Dec 2008 20:52:11 -0700
+
+dovecot (1:1.1.2-3) experimental; urgency=low
+
+ * debian/control: added libbz2-dev to the Build-Depends to enable the bzip2
+ support. (Closes: #495129)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 14 Aug 2008 20:45:41 +0200
+
+dovecot (1:1.1.2-2) experimental; urgency=low
+
+ * Merged changes in the unstable package.
+ * debian/control: added replaces for the imap and pop modules from the
+ -common to the the -imap and -pop packages. (Closes: #493798)
+ * debian/rules: applied some of the suggestions from Matthias Kloses,
+ thanks! (Refs: #493803)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 05 Aug 2008 21:20:33 +0200
+
+dovecot (1:1.1.2-1) experimental; urgency=low
+
+ * New upstream release
+ * Trivial update to autocreate patch
+
+ -- Joel Johnson <mrjoel@lixil.net> Sat, 26 Jul 2008 08:18:39 -0600
+
+dovecot (1:1.1.1-1) experimental; urgency=low
+
+ [ Joel Johnson ]
+ * New upstream release (Closes: #487989)
+ * Updated policy version to 3.8.0.1 (no changes needed)
+ * Updated watch file to watch new release directory
+ * Actually install dovecot.8 since we have it
+ * Removed quota_v2 patch (was unreachable code): upstream now defaults
+ to quota v1 if _LINUX_QUOTA_VERSION is not defined
+ * Removed pam-error-information patch: included upstream
+ * Removed mbox_snarf patch: included upstream
+ * Removed full MANAGESIEVE patch (replaced with new 1.1 approach)
+ * Merged protocols_none_by_default patch into dovecot-example patch
+ * Updated drac patch to build against 1.1
+ * Updated autocreate patch with 1.1 version
+ * Updated dovecot-sieve to 1.1.5
+ * Added dovecot-managesieve patch against dovecot tree
+ * Added dovecot-managesieve source for building module
+
+ [ Fabio Tranchitella ]
+ * Added Joel Johnson to the uploaders; thanks for your work!
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 20 Jul 2008 19:09:23 +0200
+
+dovecot (1:1.0.15-2) unstable; urgency=low
+
+ * debian/dovecot.1: added "This includes doing a syntax check" to the -a
+ option.
+ * debian/rules: now the package builds two times in a row without problems.
+ (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Jul 2008 19:56:18 +0200
+
+dovecot (1:1.0.15-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: clean the package before unpatching. (Closes: #490201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 22 Jun 2008 09:06:01 +0200
+
+dovecot (1:1.0.14-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/inbox_creation.dpatch: removed, merged upstream.
+ * debian/patches/allow_nets.dpatch: removed, merged upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 03 Jun 2008 10:07:13 +0200
+
+dovecot (1:1.0.13-6) unstable; urgency=low
+
+ * debian/patches/inbox_creation.dpatch: added, use mail_privileged_group's
+ group when creating inboxes if the unprivileged user fails; upstream:
+ http://hg.dovecot.org/dovecot-1.0/rev/932768a879c6 (Closes: #471716)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 28 May 2008 12:58:17 +0200
+
+dovecot (1:1.0.13-5) unstable; urgency=low
+
+ * debian/patches/allow_nets.dpatch: added, allow_nets didn't work correctly
+ with big endian machines; patch from upstream, thanks Timo:
+ http://hg.dovecot.org/dovecot-1.0/rev/71c02fdf1b59
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 15 May 2008 14:48:14 +0200
+
+dovecot (1:1.0.13-4) unstable; urgency=low
+
+ * debian/patches/dovecot-MANAGESIEVE-9.3.dpatch: updated managesieve to
+ version 9.3.
+ * debian/dovecot-common.README.Debian: added a note about how to configure
+ dovecot to log to file instead of using syslog.
+ * debian/dovecot.1: added a SIGNALS section. (Closes: #479059)
+ * dovecot-sieve: updated to the last hg release (5c3ba11994cb).
+ (Closes: #479104)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 05 May 2008 17:28:21 +0200
+
+dovecot (1:1.0.13-3) unstable; urgency=low
+
+ * debian/rules: do not install anymore the ldap and sql example
+ configuration files under /etc. (Closes: #472674)
+ * debian/dovecot-common.postinst: really chmod
+ /etc/dovecot/dovecot-{ldap,sql}.conf files to 0600.
+ * debian/devecot-common.init: do not start the service if dovecot.conf
+ doesn't exist. (Closes: #475888)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 27 Apr 2008 22:42:37 +0200
+
+dovecot (1:1.0.13-2) unstable; urgency=low
+
+ * debian/rules: use aclocal-1.9 instead of aclocal. (Closes: #473754)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 01 Apr 2008 15:30:32 +0200
+
+dovecot (1:1.0.13-1) unstable; urgency=high
+
+ * New upstream release, fixes a security issue:
+ http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 09 Mar 2008 19:22:20 +0100
+
+dovecot (1:1.0.12-1) unstable; urgency=high
+
+ * New upstream release. (Closes: #469457)
+ * debian/patches/dovecot-MANAGESIEVE-9.2.dpatch: updated, thanks to Marco
+ Nenciarini for the patch.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 06 Mar 2008 15:53:07 +0100
+
+dovecot (1:1.0.10-4) unstable; urgency=low
+
+ * debian/patches/autocreate.dpatch: added, thanks to Walter Reiner.
+ * debian/rules: use --with-ioloop=best instead of --with-ioloop=epoll, as
+ suggested by Timo. (Closes: #466296)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 18 Feb 2008 09:29:39 +0100
+
+dovecot (1:1.0.10-3) unstable; urgency=low
+
+ * debian/patches/dovecot-MANAGESIEVE-9.1.dpatch: added, thanks to Aleksey
+ Midenkov for providing a patch. (Closes: #416166)
+ * debian/dovecot-common.init: added $time to Should-Start. (Closes: #461543)
+ * debian/dovecot-common.postinst: do not add the dovecot user to the mail
+ group, it is not required by upstream. (Closes: #457123)
+ * debian/control: updated Standards-Version to 3.7.3, no changes required.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 10 Feb 2008 18:37:55 +0100
+
+dovecot (1:1.0.10-2) unstable; urgency=low
+
+ * debian/patches/mbox_snarf.dpatch: added, thanks to Bernd Kuhls.
+ (Closes: #462319)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 24 Jan 2008 10:12:02 +0100
+
+dovecot (1:1.0.10-1) unstable; urgency=high
+
+ * New upstream release, fixes a security bug.
+ * debian/patches/exec_check_for_none.dpatch: updated.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 30 Dec 2007 10:29:26 +0100
+
+dovecot (1:1.0.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/control: added the Vcs-Svn and Vcs-Browser fields.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 12 Dec 2007 08:10:11 +0100
+
+dovecot (1:1.0.8-2) unstable; urgency=low
+
+ * Provides a dovecot-dev package, thanks to Josh Triplett for providing a
+ patch. (Closes: #444812)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 04 Dec 2007 09:22:59 +0100
+
+dovecot (1:1.0.8-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/unsupported-sasl-mech.dpatch: merged with upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 29 Nov 2007 13:36:39 +0100
+
+dovecot (1:1.0.7-3) unstable; urgency=low
+
+ * debian/patches/dovecot-ssl.dpatch: provide mechanism to discover if ssl
+ client certificate is verified, patch from Stephen Gran. (Closes: #446555)
+ * debian/patches/pam-error-information.dpatch: fill auth information in pam
+ error, patch backported from upstream RCS. (Closes: #439246)
+ * debian/patches/unsupported-sasl-mech.dpatch: should use NO (not BAD) for
+ unsupported SASL mech, patch backported from upstream RCS. (Closes: #449324)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 14 Nov 2007 21:33:55 +0100
+
+dovecot (1:1.0.7-2) unstable; urgency=low
+
+ * debian/dovecot-common.postinst:
+ + don't fail if dovecot-ldap.conf or dovecot-sql.conf are removed; thanks
+ to Mathias Gug. (Closes: #448401)
+ + fix permissions of /var/run/dovecot and /var/run/dovecot/login.
+ (Closes: #446051)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 04 Nov 2007 10:06:06 +0100
+
+dovecot (1:1.0.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: remove drac.so in the clean target. (Closes: #442548)
+ * debian/dovecot-common.init: implemented the reload action.
+ (Closes: #441032)
+ * Update protocols option in configuration when installing/removing
+ -imapd/-pop3d packages. Thanks to Soren Hansen and Mathias Gug from
+ Ubuntu for providing a patch. (Closes: #447201)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 02 Nov 2007 23:06:17 +0100
+
+dovecot (1:1.0.5-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 10 Sep 2007 09:25:59 +0200
+
+dovecot (1:1.0.3-3) unstable; urgency=low
+
+ * debian/dovecot-common.init: don't use the init script name to locate the
+ configuration file because it is not reliable. If you really want to start
+ multiple servers, just copy the init script and use the optional default
+ file to override the variables. (Closes: #437228)
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 16 Aug 2007 09:17:01 +0200
+
+dovecot (1:1.0.3-2) unstable; urgency=low
+
+ * debian/rules: removed the --with-notify=inotify switch, it should be
+ detected automatically.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 09 Aug 2007 09:39:50 +0200
+
+dovecot (1:1.0.3-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #434038, #432601)
+ * This release doesn't build dbox support out-of-the-box. (Closes: #431615)
+ * dovecot-sieve: updated to the last hg's tip. (Closes: #434079)
+ * debian/dovecot-*.README.Debian: don't call /etc/init.d scripts directly.
+ (Closes: #431991)
+ * debian/dovecot-common.init: updated with patches from Tom Metro, thanks!
+ (Closes: #426480, #422674)
+ * debian/dovecot-common.postinst: fixed a missing variable DOMAINNAME.
+ (Closes: #425917)
+ * debian/rules: moved the init script to the level 24, after the ntpdate
+ one. (Closes: #432723)
+ * debian/patches/00list: added dovecot-drac, again. (Closes: #353039)
+ * debian/rules: build with inotify and epoll support. (Closes: #419281)
+ * debian/dovecot.1: added a simple manpage for dovecot. (Closes: #426702)
+ * debian/copyright: added copyright exceptions as suggested by Timo.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 04 Aug 2007 20:11:36 +0200
+
+dovecot (1:1.0.0-1) unstable; urgency=low
+
+ * New upstream release, the final 1.0.0. Bumped epoch, because we used the
+ wrong version scheming in the past and I think it is worth to do so now
+ that 1.0.0 has been released.
+ * debian/watch: updated.
+ * Rebuilt with a new glibc in unstable, now we have inotify support.
+ (Closes: #395306)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 16 Apr 2007 08:42:32 +0200
+
+dovecot (1.0.rc31-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 09 Apr 2007 11:55:45 +0200
+
+dovecot (1.0.rc30-2) unstable; urgency=low
+
+ * debian/dovecot-common.init: check if /etc/inetd.conf exists before
+ calling sed on it. (Closes: #417299)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 08 Apr 2007 16:58:30 +0200
+
+dovecot (1.0.rc30-1) unstable; urgency=low
+
+ * New upstream release.
+ *
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 07 Apr 2007 11:17:45 +0200
+
+dovecot (1.0.rc29-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/rules: ship convert-tool in dovecot-common. (Closes: #416909)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 31 Mar 2007 14:15:39 +0200
+
+dovecot (1.0.rc28-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 25 Mar 2007 14:02:28 +0200
+
+dovecot (1.0.rc27-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 14 Mar 2007 14:39:04 +0100
+
+dovecot (1.0.rc26-4) unstable; urgency=low
+
+ * debian/dovecot-common.postinst: fixed a typo. (Closes: #414672)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 13 Mar 2007 08:45:47 +0100
+
+dovecot (1.0.rc26-3) unstable; urgency=low
+
+ * debian/control: depends on ucf (>= 2.0020). (Closes: #414032)
+ * debian/dovecot-common.postinst: handles better chmod/chown on package
+ upgrade. (Closes: #414257)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 12 Mar 2007 10:03:34 +0100
+
+dovecot (1.0.rc26-2) unstable; urgency=low
+
+ * debian/control:
+ + dovecot-{imapd,pop3d}: depends on the same-source dovecot-common.
+ (Closes: #414032)
+ * debian/rules: fixed permission for dovecot.conf. (Closes: #413995)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 9 Mar 2007 12:57:50 +0100
+
+dovecot (1.0.rc26-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add support for ucf, thanks to Vincent Danjean for providing a full patch.
+ (Closes: #413081)
+ * debian/dovecot-common.init: create /var/run directories at start-up time.
+ (Closes: #376143)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 7 Mar 2007 11:26:56 +0100
+
+dovecot (1.0.rc25-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 2 Mar 2007 13:44:44 +0100
+
+dovecot (1.0.rc24-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 23 Feb 2007 15:47:30 +0100
+
+dovecot (1.0.rc23-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/patches/documentation.dpatch, debian/patches/xfs_quotas.dpatch:
+ removed, applied upstream.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 21 Feb 2007 09:34:44 +0100
+
+dovecot (1.0.rc22-2) UNRELEASED; urgency=low
+
+ * debian/watch: added.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 9 Feb 2007 12:15:34 +0100
+
+dovecot (1.0.rc22-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 7 Feb 2007 09:38:34 +0100
+
+dovecot (1.0.rc21-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 5 Feb 2007 16:23:33 +0100
+
+dovecot (1.0.rc19-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 24 Jan 2007 00:03:38 +0100
+
+dovecot (1.0.rc18-2) unstable; urgency=low
+
+ * dovecot-sieve: updated to cvs version 1.0.1.
+ * debian/README.Debian: updated for the new setting mail_location, which
+ substitutes the old default_mail_env. (Closes: #408025)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 23 Jan 2007 10:15:36 +0100
+
+dovecot (1.0.rc18-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 22 Jan 2007 18:15:02 +0100
+
+dovecot (1.0.rc17-1) unstable; urgency=low
+
+ * New upstream release.
+ * Updated dovecot-sieve from CVS.
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 12 Jan 2007 09:42:47 +0100
+
+dovecot (1.0.rc15-2) unstable; urgency=medium
+
+ * debian/dovecot-common.README.Debian: updated details about raw logging;
+ thanks Chris Moore for providing a patch. (Closes: #400689)
+ * debian/patches/dovecot-example.dpatch: added a missing slash for an
+ absolute path. (Closes: #400830)
+ * debian/patches/dovecotpw.dpatch: applied patched to fix argument parsing
+ on some architectures. (Closes: #402075)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 18 Dec 2006 18:34:31 +0100
+
+dovecot (1.0.rc15-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Fixes a security bug: Off-by-one buffer overflow with mmap_disable=yes.
+ (See: http://www.dovecot.org/list/dovecot-news/2006-November/000023.html)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 20 Nov 2006 12:47:39 +0100
+
+dovecot (1.0.rc14-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 16 Nov 2006 09:37:38 +0100
+
+dovecot (1.0.rc13-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/rules:
+ + preserve upstream config.guess and config.sub. (Closes: #397404)
+ + really clean dovecot-sieve/src on clean target. (Closes: #397407)
+ * debian/control: added build-conflict with automake1.4. (Closes: #397409)
+ * dovecot-sieve/src/Makefile.am: move sieve plug-ins under
+ usr/lib/dovecot/lda/modules; thanks to Chris Vanden Berghe for pointing
+ this out.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 7 Nov 2006 09:26:56 +0100
+
+dovecot (1.0.rc12-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 5 Nov 2006 16:52:52 +0100
+
+dovecot (1.0.rc10-3) unstable; urgency=medium
+
+ * debian/rules: fixed two typos in the configure call. (Closes: #395016)
+ * Included dovecot-sieve plug-in from CVS. (Closes: #394885)
+ * Urgency medium: we are near the freeze, and this release must be part
+ of etch.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 31 Oct 2006 06:30:45 +0000
+
+dovecot (1.0.rc10-2) unstable; urgency=low
+
+ * debian/patches/dovecot-example.dpatch: commented out a close brace.
+ (Closes: #394785)
+
+ -- Fabio Tranchitella <kobold@debian.org> Mon, 23 Oct 2006 08:17:13 +0000
+
+dovecot (1.0.rc10-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #393004)
+ * debian/patches/dovecot-example.dpatch:
+ + added specific comments to the mail_extra_groups option.
+ (Closes: #383453)
+ + removed duplicated LDA section. (Closes: #391632)
+ * debian/dovecot.8: fixed a layout error. (Closes: #393080)
+ * debian/dovecot-common.init: added LSB headers.
+ * Switched to the upstream dovecot deliver (LDA).
+ * debian/patches/quota_v2.dpatch: added, thanks to Jonas Smedegaard.
+ (Closes: #377563)
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 22 Oct 2006 08:55:16 +0000
+
+dovecot (1.0.rc7-1) unstable; urgency=low
+
+ * New upstream release. (Closes: #377840, #385101)
+ * debian/patches/dovecot-example.dpatch: set a default value for
+ pop3_uidl_format. (Closes: #383883)
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 29 Aug 2006 10:38:17 +0200
+
+dovecot (1.0.rc6-1) unstable; urgency=low
+
+ * New upstream release:
+ + Fixed imap segfaults on small mbox files (2 bytes). (Closes: #377840)
+ + Fixed a known bug in dovecot's IDLE handler. (Closes: #351828)
+ + Added support for quota2. (Closes: #377563)
+ * debian/control: converted build-depends on linux-kernel-headers to
+ build-conflicts to help the GNU/kFreeBSD port. (Closes: #377479)
+ * debian/control: changed maintainer to "Dovecot Maintainers"; no changes
+ to the email addresses.
+
+ -- Fabio Tranchitella <kobold@debian.org> Tue, 15 Aug 2006 10:58:57 +0200
+
+dovecot (1.0.rc2-2) unstable; urgency=low
+
+ * patched the quota plugin to fix a missing symbol (Closes: #377018)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 7 Jul 2006 10:50:04 -0400
+
+dovecot (1.0.rc2-1) unstable; urgency=high
+
+ * New upstream release
+ * Update dovecot-lda to the latest version (05132006)
+ * IPv6 with SSL/TLS should work now. (Closes: #374783)
+ * go back to using poll instead of epoll. (Closes: #376222)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Jul 2006 00:47:56 -0400
+
+dovecot (1.0.rc1-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add a build-dependency on linux-kernel-headers for the xfs quotas
+ stuff. Make it higher than the version in sarge because sarges xfs
+ includes are too old. If any knowledgeable person would like to
+ give me a patch for this, please do. (Closes: #374793)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 28 Jun 2006 11:42:07 -0400
+
+dovecot (1.0.beta9-1) unstable; urgency=low
+
+ * New upstream release
+ * Added XFS quota support. Thanks Pawel Jarosz <pj@rsi.pl>
+ (Closes: #373936)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 19 Jun 2006 16:55:20 -0400
+
+dovecot (1.0.beta8-4) unstable; urgency=high
+
+ * Unfortunately, the patch in the last version broke the mysql module.
+ Fixed thanks to Martin Pitt. (Closes: #369359, #373227)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Jun 2006 16:27:43 -0400
+
+dovecot (1.0.beta8-3) unstable; urgency=high
+
+ * [SECURITY] SQL injection could occur in the postgresql module with
+ certain client character encodings. (See CVE-2006-2314)
+ Used the patch from upstream and Martin Pitt <martin.pitt@ubuntu.com>.
+ Thanks Martin. (Closes: #369359)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 11 Jun 2006 15:33:55 -0400
+
+dovecot (1.0.beta8-2) unstable; urgency=high
+
+ * Don't chown/chmod ssl certificate unless we created it.
+ (Closes: #364766)
+ * Upstream fixed the crash if passwd-file had entries without passwords.
+ (Closes: #361536)
+ * fixed up the last versions changelog to better describe the security
+ problem which was fixed there.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 21 May 2006 13:16:17 -0400
+
+dovecot (1.0.beta8-1) unstable; urgency=high
+
+ * New upstream release.
+ * [SECURITY] Fixes a directory traversal vulnerability.
+ (see: http://www.dovecot.org/list/dovecot-news/2006-May/000006.html
+ and CVE-2006-2414)
+ * Set urgency to high: this version fixes a security bug
+ * Standards-Version: 3.7.2, no changes needed.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sat, 13 May 2006 22:46:16 +0200
+
+dovecot (1.0.beta7-1) unstable; urgency=low
+
+ * New upstream version.
+ * Added sqlite support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 12 Apr 2006 23:25:41 -0400
+
+dovecot (1.0.beta5-1) unstable; urgency=low
+
+ * New upstream version. Also updated dovecot-lda from CVS.
+ * debian/control. Added build-depends on flex to prevent FTBFS.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Apr 2006 16:22:46 -0400
+
+dovecot (1.0.beta3-3) unstable; urgency=low
+
+ * Compile against the newer mysql library. (Closes: #356729)
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 22 Mar 2006 13:43:04 +0000
+
+dovecot (1.0.beta3-2) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * debian/control: added build-depends on byacc.
+ * debian/rules: removed --with-vpopmail option, because libvpopmail-dev
+ is in contrib and we don't wanto to have dovecot build-depends on it.
+ * debian/patches/dovecot-example.dpatch: added two small commented
+ block of configuration for dovecot-lda.
+
+ -- Fabio Tranchitella <kobold@debian.org> Sun, 26 Feb 2006 20:59:06 +0000
+
+dovecot (1.0.beta3-1) unstable; urgency=high
+
+ [Fabio Tranchitella]
+ * New upstream release, which fixes two security related bugs.
+ CVE-2006-0730 (Closes: #353341)
+ * Included dovecot-lda (ver. 20060209). (Closes: #353307, #347348, #333962)
+
+ [ Jaldhar H. Vyas ]
+ * Removed the code for upgrading impad.pem. This might bite if you if
+ you try and upgrade a woody version of dovecot to this one. So
+ don't do that. (Closes: #337715)
+ * dovecot-imapd,dovecot-pop3d: depend on dovecot-common >= 1.0beta3-1
+ as the way SSL parameters are generated has changed. (Closes: #353404)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 17 Feb 2006 22:06:21 -0500
+
+dovecot (1.0.beta2-1) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * New upstream release.
+ * debian/rules: compile with vpopmail support. (Closes: #347838)
+ * debian/patches: removed zlib patch (merged with upstream).
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 2 Feb 2006 21:38:32 +0000
+
+dovecot (1.0.alpha5-1) unstable; urgency=low
+
+ [Fabio Tranchitella]
+ * New upstream release.
+ * Compile dovecot with Kerberos support. (Closes: #338384)
+ * Fixed a small typo in mbox specification. (Closes: #339789)
+ * Added man page for maildirmake.dovecot, thanks to Henry Precheur.
+ (Closes: #340498)
+ * Use /usr/lib/dovecot/modules as basedir for dynamic modules.
+ Upstream suggests /usr/lib/dovecot, but we already use it as
+ libexec directory.
+
+ -- Fabio Tranchitella <kobold@debian.org> Wed, 21 Dec 2005 13:44:38 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+ [Jaldhar H. Vyas]
+ * New upstream version.
+ * Made sure the default dovecot.conf includes mail_extra_groups=mail
+ (Closes: #336476) somehow this edit got lost at some point.
+ * use ISO8601 date format as default value for log_timestamp in
+ /etc/dovecot/dovecot.conf (Closes: #333059)
+ * stop shipping {arch} directories in source (Closes: #334646)
+ * Include plugin for compressed mboxen (Closes: #332384)
+ * updated NEWS.Debian to warn users that the dovecot.conf syntax has
+ changed (Closes: #334209)
+ * Remember, remember, the 5th of November.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Nov 2005 23:19:19 -0500
+
+dovecot (1.0.alpha3-2) unstable; urgency=low
+
+ [Jaldhar H. Vyas]
+ * dovecot-common: When creating the dovecot user in the postinst,
+ the --ingroup option to adduser to add dovecot to group
+ mail isn't used anymore.
+ (Closes: #330960, #331106)
+ * commented out userdb passdb from default configuration. Most
+ people won't need that. (Closes: #330978)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Oct 2005 14:25:33 -0400
+
+dovecot (1.0.alpha3-1) unstable; urgency=low
+
+ [ Fabio Tranchitella ]
+ * New upstream release (dovecot-1.0.alpha.3)
+ * debian/patches/ipv6_v6only.dpatch: removed, upstream accepted it.
+ * debian/dovecot-common.postinst: removed bashisms.
+ * debian/dovecot-common.postinst: add dovecot user to group mail.
+ (Closes: #323921)
+ * debian/control: removed conflicts with imap-server and pop3-server,
+ added replaces instead. (Closes: #324480)
+ [ Jaldhar H. Vyas ]
+ * No longer crashes when using LDAP as userdb/passdb (Closes: #320388)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 26 Sep 2005 01:42:09 -0400
+
+dovecot (0.99.20050712-2) unstable; urgency=low
+
+ * Fabio Tranchitella <kobold@debian.org>
+ + debian/control: dovecot-common has to depend on adduser.
+ + debian/patches/documentation.dpatch: some cosmetic fixes about mysql
+ backend.
+ * Jaldhar H. Vyas <jaldhar@debian.org>
+ + debian/control: tighten dovecot-imapd and dovecot-pop3d's dependency on
+ dovecot-common (Closes: #319465)
+ + debian/patches/dovecot-example.dpatch: some more fixes to default
+ configuration. (Closes: #319413, #319941)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 29 Jul 2005 15:37:52 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+ * Fabio Tranchitella <kobold@debian.org>
+ + New upstream version (dovecot-stable, last update 20050712).
+ (Closes: #312893)
+ + debian/control: Standards-Version: 3.6.2 (no changes needed).
+ + debian/patches/dovecot-sql.dpatch: use the right path for mysql socket.
+ (Closes: #298874)
+ * Jaldhar H. Vyas <jaldhar@debian.org>
+ + Removed dovecot package as it was just a woody->sarge transitional
+ pseudo-package.
+ + Apply patch to debian/dovecot-common.init to help when manually
+ starting dovecot. Thanks Roland Stigge. (Closes: #309679)
+ + Apply patch to src/lib/network.c to support IPV6_V6ONLY. Thanks
+ Marco D'Itri. (Closes: #308652)
+ + depend on the latest postgresql library.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.14-1) unstable; urgency=low
+
+ * New upstream version.
+ * dovecot-common: another postinst regexp fix for SSL cert/key files.
+ (Closes: #294989)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 12 Feb 2005 21:34:33 -0500
+
+dovecot (0.99.13-6) unstable; urgency=high
+
+ * dovecot-common: *sigh* another init script fix. Hopefully we now
+ fully deal with dovecot being run from inetd. Thanks again to Magnus
+ Holmgren. (Closes: #293348)
+ * High again so -5 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 7 Feb 2005 02:58:30 -0500
+
+dovecot (0.99.13-5) unstable; urgency=high
+
+ * dovecot-common: typo in postinst resulted in incorrect generation of
+ keys for first-time installers. Hence urgency high.
+ * dovecot-common: In init script, make extra check to make sure an
+ IMAP or POP3 server called from inetd is dovecot and not some other
+ random inferior product. (Closes: #293348)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Feb 2005 13:56:31 -0500
+
+dovecot (0.99.13-4) unstable; urgency=low
+
+ * build depend on libmysqlclient12
+ * dovecot-common: Allow STARTTLS to work when dovecot is run from inetd
+ Thanks Magnus Holmgren (Closes: #290985)
+ * dovecot-common: let init script exit if dovecot is being run from inetd
+ Thanks Magnus Holmgren (Closes: #292195)
+ * dovecot-common: fix a number of problems in postinst
+ + fails if /etc/ssl/certs or /etc/ssl/private doesn't exist
+ + certs cannot be generated and upgrade fails if openssl is not
+ configured. Fail more gracefully if this is the case.
+ + read the name and path for the cert from dovecot.conf instead of
+ hardcoding it.
+ Thanks Frederic Pauget (Closes: #292344)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 30 Jan 2005 15:20:03 -0500
+
+dovecot (0.99.13-3) unstable; urgency=high
+
+ * Oops -2 had to be urgency=high so -1 doesn't get into sarge.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 8 Jan 2005 12:11:38 -0500
+
+dovecot (0.99.13-2) unstable; urgency=low
+
+ * dovecot-imapd, dovecot-pop3d: It occurred to me that the effects of
+ fixing #288391 will cause confusion in the minds of new installers so I
+ should add a warning in README.Debian and NEWS.Debian in a vain
+ effort to stave off swarms of bug reports. (Vain, because no one
+ actually reads documentation anyway.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 8 Jan 2005 11:29:59 -0500
+
+dovecot (0.99.13-1) unstable; urgency=high
+
+ * New upstream version.
+ * dovecot-imapd, dovecot-pop3d: No longer mess with dovecot.conf in postinst
+ (Closes: #288391)
+ * urgency high due to #288391 being a release-critical bug.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 7 Jan 2005 17:37:08 -0500
+
+dovecot (0.99.12-1) unstable; urgency=low
+
+ * New upstream version. (Yes I know 0.99.13 is just around the corner.)
+ * SASL is re-enabled so this bug ("Dovecot seems not to require SASL")
+ is no longer valid (Closes: #272093)
+ * Configuration files moved to /etc/dovecot (Closes: #276183)
+ * Permissions on /var/run/dovecot and /var/run/dovecot/login no longer
+ give warnings. (Closes: #283996)
+ * SSL certificate is world readable (Closes: #277114).
+ * Thanks to Jan Buren, much extra documentation has been added to
+ /usr/share/doc/dovecot-common/README.Debian
+ * Lintian overrides added.
+ * Happy new year to all you Gregorians
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Dec 2004 15:55:07 -0500
+
+dovecot (0.99.11-3) unstable; urgency=medium
+
+ * applied dovecot-large-header-fix patch to prevent 100% CPU
+ utilization when dealing with really large headers.
+ (Closes: #271458)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 13 Sep 2004 20:20:23 -0400
+
+dovecot (0.99.11-2) unstable; urgency=low
+
+ * Eliminated duplicate stanza in dovecot.conf (Closes: #270181)
+ * Reapplied CRAM-MD5 patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 6 Sep 2004 01:24:53 -0400
+
+dovecot (0.99.11-1) unstable; urgency=low
+
+ * New upstream release.
+ * patch to give bug reporting address in configure.ac.
+ Thanks Matthias Andree.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 4 Sep 2004 14:24:57 -0400
+
+dovecot (0.99.10.9-2) unstable; urgency=low
+
+ * screw mipsel.
+ * Added PAM_RHOST patch. Thanks Dean Gaudet. (Closes: #264712)
+ * Added CRAM-MD5 patch. Thanks Joshua Goodall.
+ * Added unexpected EOF patch from Timo.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 17 Aug 2004 01:13:20 -0400
+
+dovecot (0.99.10.9-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 2 Aug 2004 18:56:02 -0400
+
+dovecot (0.99.10.8-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 30 Jul 2004 08:17:51 -0400
+
+dovecot (0.99.10.7-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 14 Jul 2004 07:29:49 -0400
+
+dovecot (0.99.10.6-3) unstable; urgency=low
+
+ * Patched so dovecot follows symlinks to directories again.
+ (Closes: #256061)
+ * Changed the priority of init script so it is run after postgresql
+ (Closes: #256068)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 24 Jun 2004 23:57:50 -0400
+
+dovecot (0.99.10.6-2) unstable; urgency=high
+
+ * I needed to enable one more parameter in the configuration in order
+ to get dot-locking working. Hence this should still be high urgency.
+ (Really Closes: #185335)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 21 Jun 2004 20:02:29 -0400
+
+dovecot (0.99.10.6-1) unstable; urgency=high
+
+ * New upstream version.
+ + finally fixes dot-locking so I think it deserves high priority for
+ sarge. (Closes: #185335)
+ * dovecot: fixed a typo in description (Closes: #254415)
+ * dovecot-common: man page for dovecot added. Thanks Kai Hendry.
+ (Closes: #253482)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 19 Jun 2004 23:18:39 -0400
+
+dovecot (0.99.10.5-4) unstable; urgency=high
+
+ * Crap, typo in dovecot-common.postinst sorry. This should only
+ affect new installs though.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 11 Jun 2004 22:30:41 -0400
+
+dovecot (0.99.10.5-3) unstable; urgency=high
+
+ * SECURITY: set permissions on config files to 0600 to prevent
+ disclosure of sensitive information to local users. (Closes: #253760)
+ * SECURITY: Tightened permissions on generated SSL certificate.
+ (Closes: #253833)
+ * Made a note that dovecot-openssl.conf is not needed on Debian
+ because we generate a certificate in dovecot-commons' postinst.
+ (Closes: #253774)
+ * Added maildir-autocreate patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 11 Jun 2004 09:12:07 -0400
+
+dovecot (0.99.10.5-2) unstable; urgency=low
+
+ * Added maildir-stat patch.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 10 Jun 2004 14:39:28 -0400
+
+dovecot (0.99.10.5-1) unstable; urgency=low
+
+ * New upstream version.
+ * Enabled mysql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 27 May 2004 13:21:42 -0400
+
+dovecot (0.99.10.4-5) unstable; urgency=high
+
+ * Switched to using openssl as dovecot segfaults with gnutls7 and is
+ not compatible with gnutls10 (Closes: #244570)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 19 Apr 2004 22:45:21 -0400
+
+dovecot (0.99.10.4-4) unstable; urgency=low
+
+ * Added a patch to src/auth/db-pgsql.c from Zsolt VARGA.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 30 Mar 2004 12:49:31 -0500
+
+dovecot (0.99.10.4-3) unstable; urgency=high
+
+ * dovecot-common: Fix postinst to no longer delete /etc/pam.d/imap
+ (Closes: #232832)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 15 Mar 2004 10:27:52 -0500
+
+dovecot (0.99.10.4-2) unstable; urgency=low
+
+ * dovecot-common: now replaces: dovecot for smoother upgrades.
+ (Closes: #223666)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 11 Dec 2003 09:18:12 -0500
+
+dovecot (0.99.10.4-1) unstable; urgency=low
+
+ * New upstream version
+ + This fixes the corruption of .subscriptions files with folders in
+ maildir format. (Closes: #222272)
+ * Some extra information included in dovecot-common.README.Debian.
+ (Closes: #221106) There should probably be more so if you have ideas
+ let me know.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 1 Dec 2003 23:41:00 -0500
+
+dovecot (0.99.10.2-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 11 Nov 2003 17:21:45 -0500
+
+dovecot (0.99.10-11) unstable; urgency=low
+
+ * Build depend on gnutls 7 instead of 5 (Closes: #219523)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 6 Nov 2003 22:25:00 -0500
+
+dovecot (0.99.10-10) unstable; urgency=low
+
+ * maildirmake.dovecot will now let you create maildirs whose names
+ have spaces in them and chown them to a specified user. Thanks Paul
+ Slootman (Closes: #219168)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 4 Nov 2003 20:00:25 +0000
+
+dovecot (0.99.10-9) unstable; urgency=low
+
+ * Don't use SASL2 as upstream says the support is broken.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 23 Sep 2003 16:27:11 +0000
+
+dovecot (0.99.10-8) unstable; urgency=low
+
+ * Patched so suid works on 2.6 kernels. Thanks Peter Gervai.
+ (Closes: #211420)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 17 Sep 2003 17:59:10 +0000
+
+dovecot (0.99.10-7) unstable; urgency=low
+
+ * Yet another init script fix. It should be ok now. Thanks once again
+ to Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 27 Aug 2003 10:56:04 -0400
+
+dovecot (0.99.10-6) unstable; urgency=low
+
+ * fix some errors in init script (closes: #207464)
+ Thanks to Adam Lackorzynski and Alexis Iglauer.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 27 Aug 2003 09:02:23 -0400
+
+dovecot (0.99.10-5) unstable; urgency=high
+
+ * dovecot-pop3d, dovecot-imapd: make sure init script doesn't
+ attempt to start the daemons if unconfigured thus preventing
+ segfault on startup. (Closes: #206992, #207140)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 25 Aug 2003 16:40:53 -0400
+
+dovecot (0.99.10-4) unstable; urgency=low
+
+ * Updated PAM configuration to the new scheme and added appropriate
+ dependency.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 22 Aug 2003 12:54:54 -0400
+
+dovecot (0.99.10-3) unstable; urgency=low
+
+ * dovecot-pop3d: Patch for proper PAM service name.
+ * dovecot-imapd, dovecot-pop3d: Make sure there is an appropriate
+ entry in the protocol = line in /etc/dovecot.conf so the service
+ will start up without errors. (Closes: #204213)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 21 Aug 2003 13:47:00 -0400
+
+dovecot (0.99.10-2.1) unstable; urgency=low
+
+ * Non-maintainer upload at request of maintainer.
+ * Fix segfault on alpha caused by time_t size. Closes: #203892.
+ * Fix segfault when user's home directory is left empty.
+
+ -- Scott James Remnant <scott@netsplit.com> Wed, 6 Aug 2003 01:47:16 +0100
+
+dovecot (0.99.10-2) unstable; urgency=low
+
+ * corrected paths to example and configuration files in sample config
+ (Closes: #199740)
+ * Added postgresql support.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 3 Jul 2003 16:45:49 -0400
+
+dovecot (0.99.10-1) unstable; urgency=low
+
+ * New upstream release.
+ * PAM service name has changed to dovecot (for IMAP and POP3.) I've included
+ code to move /etc/pam.d/imap to /etc/pam.d/dovecot but if things suddenly
+ stop working, this is the first thing to check.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Thu, 26 Jun 2003 22:31:07 -0400
+
+dovecot (0.99.10-0.rc2) unstable; urgency=low
+
+ * New upstream release. Fixes broken imaps support.
+ * Typo in configure options that broke LDAP support on woody corrected.
+ * Only start /usr/sbin/dovecot if either the IMAP or POP3 servers are
+ installed. (Closes: #192066)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 23 Jun 2003 23:26:04 -0400
+
+dovecot (0.99.9.1-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 4 May 2003 21:49:55 -0400
+
+dovecot (0.99.9-1) unstable; urgency=low
+
+ * New upstream release.
+ * The IMAP and POP3 servers have been split into separate package so you
+ don't have to install both. There is also a dovecot-common package
+ for the parts they share. The dovecot package is now a dummy just for
+ transitioning to this new scheme. (Closes: #187826)
+ * Allow chmod in maildirmake.dovecot to fail gracefully (Closes: #191244)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 30 Apr 2003 08:53:46 -0400
+
+dovecot (0.99.8.1-4) unstable; urgency=low
+
+ * Added a build-depends on libsasl-dev (Closes: #187516)
+ * Enabled pop3 service. However it is still turned off in the config file by
+ default so as to not surprise anyone who thought they only had an IMAP
+ server.
+ * Consequently, changed "IMAP server" in descriptions etc. to "mail server".
+ * only skip key generation if both /etc/ssl/certs/dovecot.pem and
+ /etc/ssl/private/dovecot.pem exist. (Closes: #187638)
+ * post-0.99.8.1 patch: Fix renaming subfolders with maildir.
+ * post-0.99.8.1 patch: Fix other maildir subfolder problems.
+ * post-0.99.8.1 patch: Fix partial body fetches.
+ * post-0.99.8.1 patch: Fix using LITERAL+APPEND.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sat, 5 Apr 2003 14:13:52 -0500
+
+dovecot (0.99.8.1-3) unstable; urgency=low
+
+ * Fixed bashism and perlism(!) in maildirmake.dovecot. Thanks Clint
+ Adams. (Closes: #185768)
+ * Enabled LDAP support. The configuration is in /etc/dovecot-ldap.conf
+ but is commented out.
+ * Happy new year to all Debian users still on the Julian calendar.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Tue, 25 Mar 2003 09:25:37 -0500
+
+dovecot (0.99.8.1-2) unstable; urgency=low
+
+ * Make a separate check for /etc/ssl/private/imapd.pem in case we don't
+ have it. (Closes: #185334)
+ * Move check for dovecot user and creation code to postinsts' configure
+ phase. (Closes: #185333)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 19 Mar 2003 01:50:10 -0500
+
+dovecot (0.99.8.1-1) unstable; urgency=low
+
+ * new upstream release. (Closes: #184131) Does not include the POP3
+ server or LDAP and SASL support for now so we can get into the archive
+ quickly. Fixes segfaults in imap-master (Closes: #184231) Fixes
+ faulty mail autodetection presets (Closes: #179625)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Sun, 16 Mar 2003 15:47:54 -0500
+
+dovecot (0.99.7-4) unstable; urgency=low
+
+ * Fixed location of handlers. (Closes: #179273)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Jan 2003 18:37:23 -0500
+
+dovecot (0.99.7-3) unstable; urgency=low
+
+ * doh pam file should be called imap not dovecot (Closes: #179180)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 31 Jan 2003 14:12:29 -0500
+
+dovecot (0.99.7-2) unstable; urgency=low
+
+ * Added two upstream patches to fix broken plain authentication and
+ building with vpopmail support (which is not enabled in the Debian
+ package yet.)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 17 Jan 2003 14:24:22 -0500
+
+dovecot (0.99.7-1) unstable; urgency=low
+
+ * New upstream release.
+ * Syslog no longer fills up with entries when dovecot is misconfigured.
+ (Closes: #175507)
+ * startup is logged now. shutdowns were already logged. (Closes: #175509)
+ * dovecot will not remove your SSL certificates now. (Closes: #175282)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 15 Jan 2003 00:58:23 -0500
+
+dovecot (0.99.6rc2-1) unstable; urgency=low
+
+ * New upstream release.
+ * Includes patch which stops dovecot from dying on alpha (Closes: #175577)
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 8 Jan 2003 14:22:09 -0500
+
+dovecot (0.99.5-1) unstable; urgency=low
+
+ * New upstream release with many fixes and improvements.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Fri, 3 Jan 2003 00:53:26 -0500
+
+dovecot (0.99.4-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 18 Dec 2002 09:44:39 -0500
--- /dev/null
+#log_debug=category=auth
+#auth_debug_passwords = yes
+##
+## Authentication processes
+##
+
+# Enable LOGIN command and all other plaintext authentications even if
+# SSL/TLS is not used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed,
+# unless ssl = required.
+#auth_allow_cleartext = yes
+
+# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
+# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
+#auth_cache_size = 0
+# Time to live for cached data. After TTL expires the cached record is no
+# longer used, *except* if the main database lookup returns internal failure.
+# We also try to handle password changes automatically: If user's previous
+# authentication was successful, but this one wasn't, the cache isn't used.
+# For now this works only with plaintext authentication.
+#auth_cache_ttl = 1 hour
+# TTL for negative hits (user not found, password mismatch).
+# 0 disables caching them completely.
+#auth_cache_negative_ttl = 1 hour
+
+# Space separated list of realms for SASL authentication mechanisms that need
+# them. You can leave it empty if you don't want to support multiple realms.
+# Many clients simply use the first one listed here, so keep the default realm
+# first.
+#auth_realms =
+#
+# Default realm/domain to use if none was specified. This is used for both
+# SASL realms and appending @domain to username in plaintext logins.
+#auth_default_domain =
+
+# List of allowed characters in username. If the user-given username contains
+# a character not listed in here, the login automatically fails. This is just
+# an extra check to make sure user can't exploit any potential quote escaping
+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
+# set this value to empty.
+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
+
+# Username character translations before it's looked up from databases. The
+# value contains series of from -> to characters. For example "#@/@" means
+# that '#' and '/' characters are translated to '@'.
+#auth_username_translation =
+
+# Username formatting before it's looked up from databases.
+#auth_username_format = %{user|lower}
+#auth_username_format = %{user|username|lower}
+
+# If you want to allow master users to log in by specifying the master
+# username within the normal username string (ie. not using SASL mechanism's
+# support for it), you can specify the separator character here. The format
+# is then <username><separator><master username>. UW-IMAP uses "*" as the
+# separator, so that could be a good choice.
+#auth_master_user_separator =
+
+# Username to use for users logging in with ANONYMOUS SASL mechanism
+#auth_anonymous_username = anonymous
+
+# Host name to use in GSSAPI principal names. The default is to use the
+# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
+# entries.
+#auth_gssapi_hostname =
+
+# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
+# default (usually /etc/krb5.keytab) if not specified. You may need to change
+# the auth service to run as root to be able to read this file.
+#auth_krb5_keytab =
+
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper. <https://doc.dovecot.org/latest/core/config/auth/mechanisms/winbind.html>
+#auth_use_winbind = no
+
+# Path for Samba's ntlm_auth helper binary.
+#auth_winbind_helper_path = /usr/bin/ntlm_auth
+
+# Time to delay before replying to failed authentications.
+#auth_failure_delay = 2 secs
+
+# Require a valid SSL client certificate or the authentication fails.
+#auth_ssl_require_client_cert = no
+
+# Take the username from client's SSL certificate, using
+# X509_NAME_get_text_by_NID() which returns the subject's DN's
+# CommonName.
+#auth_ssl_username_from_cert = no
+
+# Space separated list of wanted authentication mechanisms:
+# plain login digest-md5 cram-md5 ntlm anonymous gssapi
+# gss-spnego xoauth2 oauthbearer
+# NOTE: See also auth_allow_cleartext setting.
+#auth_mechanisms = plain login
+
+##
+## Password and user databases
+##
+
+#
+# Password database is used to verify user's password (and nothing more).
+# You can have multiple passdbs and userdbs. This is useful if you want to
+# allow both system users (/etc/passwd) and virtual users to login without
+# duplicating the system users into virtual database.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/passdb.html>
+#
+# User database specifies where mails are located and what user/group IDs
+# own them. For single-UID configuration use "static" userdb.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/userdb.html>
+
+#!include auth-deny.conf.ext
+#!include auth-master.conf.ext
+#!include auth-oauth2.conf.ext
+
+!include auth-system.conf.ext
+#!include auth-sql.conf.ext
+#!include auth-ldap.conf.ext
+#!include auth-passwdfile.conf.ext
+#!include auth-static.conf.ext
--- /dev/null
+##
+## Log destination.
+##
+
+# Log file to use for error messages. "syslog" logs to syslog,
+# /dev/stderr logs to stderr.
+#log_path = syslog
+
+# Log file to use for informational messages. Defaults to log_path.
+#info_log_path =
+# Log file to use for debug messages. Defaults to info_log_path.
+#debug_log_path =
+
+# Syslog facility to use if you're logging to syslog. Usually if you don't
+# want to use "mail", you'll use local0..local7. Also other standard
+# facilities are supported.
+#syslog_facility = mail
+
+##
+## Logging verbosity and debugging.
+##
+
+# Log unsuccessful authentication attempts and the reasons why they failed.
+#auth_verbose = yes
+
+# In case of password mismatches, log the attempted password. Valid values are
+# no, plain and sha1. sha1 can be useful for detecting brute force password
+# attempts vs. user simply trying the same password over and over again.
+#auth_verbose_passwords = no
+
+# To chain multiple logging conditions you can use,
+# log_debug=$SET:log_debug or category=xxx
+
+# Even more verbose logging for debugging purposes. Shows for example SQL
+# queries.
+#log_debug=category=auth
+#
+# In case of password mismatches, log the passwords and used scheme so the
+# problem can be debugged. Enabling this also enables auth_debug.
+#auth_debug_passwords = yes
+
+# Enable mail process debugging. This can help you figure out why Dovecot
+# isn't finding your mails.
+#log_debug=category=mail
+
+# Show protocol level SSL errors.
+#log_debug=category=ssl
+
+# mail_log plugin provides more event logging for mail processes.
+#mail_plugins {
+# notify = yes
+# mail_log = yes
+#}
+# Events to log. Also available: flag_change append
+#mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append
+# Available fields: uid, box, msgid, from, subject, size, vsize, flags
+# size and vsize are available only for expunge and copy events.
+#mail_log_fields = uid box msgid size from subject vsize flags
+# only log cached fields
+#mail_log_cached_only = yes
+
+##
+## Log formatting.
+##
+
+# Prefix for each line written to log file. % codes are in strftime(3)
+# format.
+#log_timestamp = "%b %d %H:%M:%S "
+
+# Space-separated list of elements we want to log. The elements which have
+# a non-empty variable value are joined together to form a comma-separated
+# string.
+#login_log_format_elements = user=<%{user}> method=%{mechanism} rip=%{remote_ip} lip=%{local_ip} mpid=%{mail_pid} %{secured} session=<%{session}>
+
+# Login log format. %{elements} contains login_log_format_elements string, %{message} contains
+# the data we want to log.
+#login_log_format = %{message}: %{elements}
+
+# Log prefix for mail processes. See
+# https://doc.dovecot.org/latest/core/settings/variables.html#mail-service-user-variables
+# for list of possible variables.
+#mail_log_prefix = "%{service}(%{user})<%{process:pid}><%{session}>: "
+
+# Format to use for logging mail deliveries. See https://doc.dovecot.org/latest/core/summaries/settings.html#deliver_log_format
+# for list of possible variables.
+#deliver_log_format = msgid=%{msgid}: %{message} (subject=%{subject} from=%{from} size=%{size})
--- /dev/null
+##
+## Mailbox locations and namespaces
+##
+
+# Location for users' mailboxes. The default is empty, which means that Dovecot
+# tries to find the mailboxes automatically. This won't work if the user
+# doesn't yet have any mail, so you should explicitly tell Dovecot the full
+# location.
+#
+# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
+# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
+# kept. This is called the "root mail directory", and it must be the first
+# path given in the mail_location setting.
+#
+# There are a few special variables you can use, eg.:
+#
+# %{user} - username
+# %{user|username} - user part in user@domain, same as %u if there's no domain
+# %{user|domain} - domain part in user@domain, empty if there's no domain
+# %{home} - home directory
+#
+# See https://doc.dovecot.org/latest/core/settings/variables.html for full list
+# of variables.
+#
+# Example:
+# mail_driver = maildir
+# mail_path = ~/Maildir
+# mail_inbox_path = ~/Maildir/.INBOX
+#
+
+# Debian defaults
+# Note that upstream considers mbox deprecated and strongly recommends
+# against its use in production environments. See further information
+# at
+# https://doc.dovecot.org/2.4.0/core/config/mailbox/formats/mbox.html
+mail_driver = mbox
+mail_home = /home/%{user|username}
+mail_path = %{home}/mail
+mail_inbox_path = /var/mail/%{user}
+
+# If you need to set multiple mailbox locations or want to change default
+# namespace settings, you can do it by defining namespace sections.
+#
+# You can have private, shared and public namespaces. Private namespaces
+# are for user's personal mails. Shared namespaces are for accessing other
+# users' mailboxes that have been shared. Public namespaces are for shared
+# mailboxes that are managed by sysadmin. If you create any shared or public
+# namespaces you'll typically want to enable ACL plugin also, otherwise all
+# users can access all the shared mailboxes, assuming they have permissions
+# on filesystem level to do so.
+namespace inbox {
+ # Namespace type: private, shared or public
+ #type = private
+
+ # Hierarchy separator to use. You should use the same separator for all
+ # namespaces or some clients get confused. '/' is usually a good one.
+ # The default however depends on the underlying mail storage format.
+ #separator =
+
+ # Prefix required to access this namespace. This needs to be different for
+ # all namespaces. For example "Public/".
+ #prefix =
+
+ # Physical location of the mailbox. This is in same format as
+ # mail location, which is also the default for it.
+ # mail_driver =
+ # mail_path =
+ #
+ # There can be only one INBOX, and this setting defines which namespace
+ # has it.
+ inbox = yes
+
+ # If namespace is hidden, it's not advertised to clients via NAMESPACE
+ # extension. You'll most likely also want to set list=no. This is mostly
+ # useful when converting from another server with different namespaces which
+ # you want to deprecate but still keep working. For example you can create
+ # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/".
+ #hidden = no
+
+ # Show the mailboxes under this namespace with LIST command. This makes the
+ # namespace visible for clients that don't support NAMESPACE extension.
+ # "children" value lists child mailboxes, but hides the namespace prefix.
+ #list = yes
+
+ # Namespace handles its own subscriptions. If set to "no", the parent
+ # namespace handles them (empty prefix should always have this as "yes")
+ #subscriptions = yes
+
+ # See 15-mailboxes.conf for definitions of special mailboxes.
+}
+
+# Example shared namespace configuration
+#namespace shared {
+ #type = shared
+ #separator = /
+
+ # Mailboxes are visible under "shared/user@domain/"
+ # $user, $domain and $username are expanded to the destination user.
+ #prefix = shared/$user/
+
+ # Mail location for other users' mailboxes. Note that %{variables} and ~/
+ # expands to the logged in user's data. %{owner_user} and %{owner_home}
+ # destination user's data.
+ #mail_driver = maildir
+ #mail_path = %{owner_home}/Maildir
+ #mail_index_path = ~/Maildir/shared/%{owner_user}
+
+ # Use the default namespace for saving subscriptions.
+ #subscriptions = no
+
+ # List the shared/ namespace only if there are visible shared mailboxes.
+ #list = children
+#}
+# Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"?
+#mail_shared_explicit_inbox = no
+
+# System user and group used to access mails. If you use multiple, userdb
+# can override these by returning uid or gid fields. You can use either numbers
+# or names. <https://doc.dovecot.org/latest/core/config/system_users.html#uids>
+#mail_uid =
+#mail_gid =
+
+# Group to enable temporarily for privileged operations. Currently this is
+# used only with INBOX when either its initial creation or dotlocking fails.
+# Typically this is set to "mail" to give access to /var/mail.
+mail_privileged_group = mail
+
+# Grant access to these supplementary groups for mail processes. Typically
+# these are used to set up access to shared mailboxes. Note that it may be
+# dangerous to set these if users can create symlinks (e.g. if "mail" group is
+# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
+# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
+#mail_access_groups =
+
+# Allow full filesystem access to clients. There's no access checks other than
+# what the operating system does for the active UID/GID. It works with both
+# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
+# or ~user/.
+#mail_full_filesystem_access = no
+
+# Dictionary for key=value mailbox attributes. This is used for example by
+# URLAUTH and METADATA extensions.
+#mail_attribute {
+# dict file {
+# path = %{home}/Maildir/dovecot-attributes
+# }
+#}
+
+# A comment or note that is associated with the server. This value is
+# accessible for authenticated users through the IMAP METADATA server
+# entry "/shared/comment".
+#mail_server_comment = ""
+
+# Indicates a method for contacting the server administrator. According to
+# RFC 5464, this value MUST be a URI (e.g., a mailto: or tel: URL), but that
+# is currently not enforced. Use for example mailto:admin@example.com. This
+# value is accessible for authenticated users through the IMAP METADATA server
+# entry "/shared/admin".
+#mail_server_admin =
+
+##
+## Mail processes
+##
+
+# Don't use mmap() at all. This is required if you store indexes to shared
+# filesystems (NFS or clustered filesystem).
+#mmap_disable = no
+
+# Rely on O_EXCL to work when creating dotlock files. NFS supports O_EXCL
+# since version 3, so this should be safe to use nowadays by default.
+#dotlock_use_excl = yes
+
+# When to use fsync() or fdatasync() calls:
+# optimized (default): Whenever necessary to avoid losing important data
+# always: Useful with e.g. NFS when write()s are delayed
+# never: Never use it (best performance, but crashes can lose data)
+#mail_fsync = optimized
+
+# Locking method for index files. Alternatives are fcntl, flock and dotlock.
+# Dotlocking uses some tricks which may create more disk I/O than other locking
+# methods. NFS users: flock doesn't work, remember to change mmap_disable.
+#lock_method = fcntl
+
+# Directory where mails can be temporarily stored. Usually it's used only for
+# mails larger than >= 128 kB. It's used by various parts of Dovecot, for
+# example LDA/LMTP while delivering large mails or zlib plugin for keeping
+# uncompressed mails.
+#mail_temp_dir = /tmp
+
+# Valid UID range for users, defaults to 500 and above. This is mostly
+# to make sure that users can't log in as daemons or other system users.
+# Note that denying root logins is hardcoded to dovecot binary and can't
+# be done even if first_valid_uid is set to 0.
+#first_valid_uid = 500
+#last_valid_uid = 0
+
+# Valid GID range for users, defaults to non-root/wheel. Users having
+# non-valid GID as primary group ID aren't allowed to log in. If user
+# belongs to supplementary groups with non-valid GIDs, those groups are
+# not set.
+#first_valid_gid = 1
+#last_valid_gid = 0
+
+# Maximum allowed length for mail keyword name. It's only forced when trying
+# to create new keywords.
+#mail_max_keyword_length = 50
+
+# ':' separated list of directories under which chrooting is allowed for mail
+# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
+# This setting doesn't affect login_chroot, mail_chroot or auth chroot
+# settings. If this setting is empty, "/./" in home dirs are ignored.
+# WARNING: Never add directories here which local users can modify, that
+# may lead to root exploit. Usually this should be done only if you don't
+# allow shell access for users. <doc/wiki/Chrooting.txt>
+#valid_chroot_dirs =
+
+# Default chroot directory for mail processes. This can be overridden for
+# specific users in user database by giving /./ in user's home directory
+# (eg. /home/./user chroots into /home). Note that usually there is no real
+# need to do chrooting, Dovecot doesn't allow users to access files outside
+# their mail directory anyway. If your home directories are prefixed with
+# the chroot directory, append "/." to mail_chroot. <doc/wiki/Chrooting.txt>
+#mail_chroot =
+
+# UNIX socket path to master authentication server to find users.
+# This is used by imap (for shared users) and lda.
+#auth_socket_path = /var/run/dovecot/auth-userdb
+
+# Directory where to look up mail plugins.
+#mail_plugin_dir = /usr/lib/dovecot
+
+# Space separated list of plugins to load for all services. Plugins specific to
+# IMAP, LDA, etc. are added to this list in their own .conf files.
+#mail_plugins =
+#
+# To add plugins, use
+#mail_plugins {
+# plugin = yes
+#}
+
+##
+## Mailbox handling optimizations
+##
+
+# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are
+# also required for IMAP NOTIFY extension to be enabled.
+#mailbox_list_index = yes
+
+# Trust mailbox list index to be up-to-date. This reduces disk I/O at the cost
+# of potentially returning out-of-date results after e.g. server crashes.
+# The results will be automatically fixed once the folders are opened.
+#mailbox_list_index_very_dirty_syncs = yes
+
+# Should INBOX be kept up-to-date in the mailbox list index? By default it's
+# not, because most of the mailbox accesses will open INBOX anyway.
+#mailbox_list_index_include_inbox = no
+
+# The minimum number of mails in a mailbox before updates are done to cache
+# file. This allows optimizing Dovecot's behavior to do less disk writes at
+# the cost of more disk reads.
+#mail_cache_min_mail_count = 0
+
+# When IDLE command is running, mailbox is checked once in a while to see if
+# there are any new mails or other changes. This setting defines the minimum
+# time to wait between those checks. Dovecot can also use inotify and
+# kqueue to find out immediately when changes occur.
+#mailbox_idle_check_interval = 30 secs
+
+# Save mails with CR+LF instead of plain LF. This makes sending those mails
+# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
+# But it also creates a bit more disk I/O which may just make it slower.
+# Also note that if other software reads the mboxes/maildirs, they may handle
+# the extra CRs wrong and cause problems.
+#mail_save_crlf = no
+
+# Max number of mails to keep open and prefetch to memory. This only works with
+# some mailbox formats and/or operating systems.
+#mail_prefetch_count = 0
+
+# How often to scan for stale temporary files and delete them (0 = never).
+# These should exist only after Dovecot dies in the middle of saving mails.
+#mail_temp_scan_interval = 1w
+
+# How many slow mail accesses sorting can perform before it returns failure.
+# With IMAP the reply is: NO [LIMIT] Requested sort would have taken too long.
+# The untagged SORT reply is still returned, but it's likely not correct.
+#mail_sort_max_read_count = 0
+
+protocol !indexer-worker {
+ # If folder vsize calculation requires opening more than this many mails from
+ # disk (i.e. mail sizes aren't in cache already), return failure and finish
+ # the calculation via indexer process. Disabled by default. This setting must
+ # be 0 for indexer-worker processes.
+ #mail_vsize_bg_after_count = 0
+}
+
+##
+## Maildir-specific settings
+##
+
+# By default LIST command returns all entries in maildir beginning with a dot.
+# Enabling this option makes Dovecot return only entries which are directories.
+# This is done by stat()ing each entry, so it causes more disk I/O.
+# (For systems setting struct dirent->d_type, this check is free and it's
+# done always regardless of this setting)
+#maildir_stat_dirs = no
+
+# When copying a message, do it with hard links whenever possible. This makes
+# the performance much better, and it's unlikely to have any side effects.
+#maildir_copy_with_hardlinks = yes
+
+# Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only
+# when its mtime changes unexpectedly or when we can't find the mail otherwise.
+#maildir_very_dirty_syncs = no
+
+# If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for
+# getting the mail's physical size, except when recalculating Maildir++ quota.
+# This can be useful in systems where a lot of the Maildir filenames have a
+# broken size. The performance hit for enabling this is very small.
+#maildir_broken_filename_sizes = no
+
+# Always move mails from new/ directory to cur/, even when the \Recent flags
+# aren't being reset.
+#maildir_empty_new = no
+
+##
+## mbox-specific settings
+##
+
+# Which locking methods to use for locking mbox. There are four available:
+# dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
+# solution. If you want to use /var/mail/ like directory, the users
+# will need write access to that directory.
+# dotlock_try: Same as dotlock, but if it fails because of permissions or
+# because there isn't enough disk space, just skip it.
+# fcntl : Use this if possible. Works with NFS too if lockd is used.
+# flock : May not exist in all systems. Doesn't work with NFS.
+# lockf : May not exist in all systems. Doesn't work with NFS.
+#
+# You can use multiple locking methods; if you do the order they're declared
+# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+# locking methods as well. Some operating systems don't allow using some of
+# them simultaneously.
+#mbox_read_locks = fcntl
+#mbox_write_locks = dotlock fcntl
+
+# Maximum time to wait for lock (all of them) before aborting.
+#mbox_lock_timeout = 5 mins
+
+# If dotlock exists but the mailbox isn't modified in any way, override the
+# lock file after this much time.
+#mbox_dotlock_change_timeout = 2 mins
+
+# When mbox changes unexpectedly we have to fully read it to find out what
+# changed. If the mbox is large this can take a long time. Since the change
+# is usually just a newly appended mail, it'd be faster to simply read the
+# new mails. If this setting is enabled, Dovecot does this but still safely
+# fallbacks to re-reading the whole mbox file whenever something in mbox isn't
+# how it's expected to be. The only real downside to this setting is that if
+# some other MUA changes message flags, Dovecot doesn't notice it immediately.
+# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK
+# commands.
+#mbox_dirty_syncs = yes
+
+# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE,
+# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.
+#mbox_very_dirty_syncs = no
+
+# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK
+# commands and when closing the mailbox). This is especially useful for POP3
+# where clients often delete all mails. The downside is that our changes
+# aren't immediately visible to other MUAs.
+#mbox_lazy_writes = yes
+
+# If mbox size is smaller than this (e.g. 100k), don't write index files.
+# If an index file already exists it's still read, just not updated.
+#mbox_min_index_size = 0
+
+# Mail header selection algorithm to use for MD5 POP3 UIDLs when
+# pop3_uidl_format=%m. For backwards compatibility we use apop3d inspired
+# algorithm, but it fails if the first Received: header isn't unique in all
+# mails. An alternative algorithm is "all" that selects all headers.
+#mbox_md5 = apop3d
+
+##
+## mdbox-specific settings
+##
+
+# Maximum dbox file size until it's rotated.
+#mdbox_rotate_size = 10M
+
+# Maximum dbox file age until it's rotated. Typically in days. Day begins
+# from midnight, so 1d = today, 2d = yesterday, etc. 0 = check disabled.
+#mdbox_rotate_interval = 0
+
+# When creating new mdbox files, immediately preallocate their size to
+# mdbox_rotate_size. This setting currently works only in Linux with some
+# filesystems (ext4, xfs).
+#mdbox_preallocate_space = no
+
+# Settings to control adding $HasAttachment or $HasNoAttachment keywords.
+# By default, all MIME parts with Content-Disposition=attachment, or inlines
+# with filename parameter are consired attachments.
+# add-flags - Add the keywords when saving new mails or when fetching can
+# do it efficiently.
+# content-type=type or !type - Include/exclude content type. Excluding will
+# never consider the matched MIME part as attachment. Including will only
+# negate an exclusion (e.g. content-type=!foo/* content-type=foo/bar).
+# exclude-inlined - Exclude any Content-Disposition=inline MIME part.
+#mail_attachment_detection_options =
--- /dev/null
+#default_process_limit = 100
+#default_client_limit = 1000
+
+# Default VSZ (virtual memory size) limit for service processes. This is mainly
+# intended to catch and kill processes that leak memory before they eat up
+# everything.
+#default_vsz_limit = 256M
+
+# Login user is internally used by login processes. This is the most untrusted
+# user in Dovecot system. It shouldn't have access to anything at all.
+#default_login_user = dovenull
+
+# Internal user is used by unprivileged processes. It should be separate from
+# login user, so that login processes can't disturb other processes.
+#default_internal_user = dovecot
+
+service imap-login {
+ inet_listener imap {
+ #port = 143
+ }
+ inet_listener imaps {
+ #port = 993
+ #ssl = yes
+ }
+
+ # Number of connections to handle before starting a new process. Typically
+ # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+ # is faster. <d>
+ #service_restart_request_count = 1
+
+ # Number of processes to always keep waiting for more connections.
+ #process_min_avail = 0
+
+ # If you set service_restart_request_count=0, you probably need to grow this.
+ #vsz_limit = 256M # default
+}
+
+service pop3-login {
+ inet_listener pop3 {
+ #port = 110
+ }
+ inet_listener pop3s {
+ #port = 995
+ #ssl = yes
+ }
+}
+
+service submission-login {
+ inet_listener submission {
+ #port = 587
+ }
+ inet_listener submissions {
+ #port = 465
+ }
+}
+
+service lmtp {
+ unix_listener lmtp {
+ #mode = 0666
+ }
+
+ # Create inet listener only if you can't use the above UNIX socket
+ #inet_listener lmtp {
+ # Avoid making LMTP visible for the entire internet
+ #listen = 127.0.0.1
+ #port = 24
+ #}
+}
+
+service imap {
+ # Most of the memory goes to mmap()ing files. You may need to increase this
+ # limit if you have huge mailboxes.
+ #vsz_limit = 256M # default
+
+ # Max. number of IMAP processes (connections)
+ #process_limit = 1024
+}
+
+service pop3 {
+ # Max. number of POP3 processes (connections)
+ #process_limit = 1024
+}
+
+service submission {
+ # Max. number of SMTP Submission processes (connections)
+ #process_limit = 1024
+}
+
+service auth {
+ # auth_socket_path points to this userdb socket by default. It's typically
+ # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
+ # full permissions to this socket are able to get a list of all usernames and
+ # get the results of everyone's userdb lookups.
+ #
+ # The default 0666 mode allows anyone to connect to the socket, but the
+ # userdb lookups will succeed only if the userdb returns an "uid" field that
+ # matches the caller process's UID. Also if caller's uid or gid matches the
+ # socket's uid or gid the lookup succeeds. Anything else causes a failure.
+ #
+ # To give the caller full permissions to lookup all users, set the mode to
+ # something else than 0666 and Dovecot lets the kernel enforce the
+ # permissions (e.g. 0777 allows everyone full permissions).
+ unix_listener auth-userdb {
+ #mode = 0666
+ #user =
+ #group =
+ }
+
+ # Postfix smtp-auth
+ #unix_listener /var/spool/postfix/private/auth {
+ # mode = 0666
+ #}
+
+ # Auth process is run as this user.
+ #user = $SET:default_internal_user
+}
+
+service auth-worker {
+ # Auth worker process is run as root by default, so that it can access
+ # /etc/shadow. If this isn't necessary, the user should be changed to
+ # $SET:default_internal_user.
+ #user = root
+}
+
+service dict {
+ # If dict proxy is used, mail processes should have access to its socket.
+ # For example: mode=0660, group=vmail and global mail_access_groups=vmail
+ unix_listener dict {
+ #mode = 0600
+ #user =
+ #group =
+ }
+}
--- /dev/null
+##
+## Statistics and metrics
+##
+
+# Dovecot supports gathering statistics from events.
+# Currently there are no statistics logged by default, and therefore they must
+# be explicitly added using the metric configuration blocks.
+#
+# Unlike old stats, the new statistics do not require any plugins loaded.
+#
+# See https://doc.dovecot.org/latest/core/config/statistics.html for details
+
+##
+## Example metrics
+##
+
+#metric auth_success {
+# filter = (event=auth_request_finished AND success=yes)
+#}
+#
+#metric auth_failure {
+# filter = (event=auth_request_finished AND NOT success=yes)
+## See exporter config later in this file
+## can be used to replace auth_verbose=yes
+# exporter = log
+#}
+#
+#metric imap_command {
+# filter = event=imap_command_finished
+# group_by cmd_name {
+# method discrete {
+# }
+# }
+# group_by tagged_reply_state {
+# method discrete {
+# }
+# }
+#}
+#
+#metric smtp_command {
+# filter = event=smtp_server_command_finished and protocol=submission
+# group_by cmd_name {
+# method discrete {
+# }
+# }
+# group_by status_code {
+# method discrete {
+# }
+# }
+# group_by duration {
+# method exponential {
+# base = 10
+# min_magnitude = 1
+# max_magnitude = 5
+# }
+# }
+#}
+#
+#metric lmtp_command {
+# filter = event=smtp_server_command_finished and protocol=lmtp
+# group_by cmd_name {
+# method discrete {
+# }
+# }
+# group_by status_code {
+# method discrete {
+# }
+# }
+# group_by duration {
+# method exponential {
+# base = 10
+# min_magnitude = 1
+# max_magnitude = 5
+# }
+# }
+#}
+#
+#metric mail_delivery {
+# filter = event=mail_delivery_finished
+# group_by duration {
+# method exponential {
+# base = 10
+# min_magnitude = 1
+# max_magnitude = 5
+# }
+# }
+#}
+
+##
+## Prometheus
+##
+
+# To allow access to statistics with Prometheus, enable http listener
+# on stats process. Stats will be available on /metrics path.
+#
+# See https://doc.dovecot.org/latest/core/config/statistics.html#openmetrics for more
+# details.
+
+#service stats {
+# inet_listener http {
+# port = 9900
+# }
+#}
+
+##
+## Event exporting
+##
+
+# You can also export individual events.
+#
+# See https://doc.dovecot.org/configuration_manual/event_export/ for more
+# details.
+
+#event_exporter log {
+# format = json
+# time_format = rfc3339
+#}
+#
+#metric imap_commands {
+# exporter = log
+# filter = event=imap_command_finished
+#}
--- /dev/null
+##
+## SSL settings
+##
+
+# SSL/TLS support: yes, no, required. <https://doc.dovecot.org/latest/core/config/ssl.html>
+ssl = yes
+
+# PEM encoded X.509 SSL/TLS certificate and private key. By default, Debian
+# installs a self-signed certificate. This is useful for testing, but you
+# should obtain a real certificate from a recognized certificate authority.
+#
+# These files are opened before dropping root privileges, so keep the key file
+# unreadable by anyone but root. Included /usr/share/dovecot/mkcert.sh can be
+# used to easily generate self-signed certificate, just make sure to update the
+# domains in dovecot-openssl.cnf
+#
+# Preferred permissions: root:root 0444
+ssl_server_cert_file = /etc/dovecot/private/dovecot.pem
+# Preferred permissions: root:root 0400
+ssl_server_key_file = /etc/dovecot/private/dovecot.key
+
+# If key file is password protected, give the password here. Alternatively
+# give it when starting dovecot with -p parameter. Since this file is often
+# world-readable, you may want to place this setting instead to a different
+# root owned 0600 file by using ssl_key_password = <path.
+#ssl_server_key_password =
+
+# PEM encoded trusted certificate authority. Set this only if you intend to use
+# ssl_request_client_cert=yes. The file should contain the CA certificate(s)
+# followed by the matching CRL(s). (e.g. ssl_server_ca_file = /etc/ssl/certs/ca.pem)
+#ssl_server_ca_file =
+
+# Require that CRL check succeeds for client certificates.
+#ssl_server_require_crl = yes
+
+# Request client to send a certificate. If you also want to require it, set
+# auth_ssl_require_client_cert=yes in auth section.
+#ssl_server_request_client_cert = no
+
+# Which field from certificate to use for username. commonName and
+# x500UniqueIdentifier are the usual choices. You'll also need to set
+# auth_ssl_username_from_cert=yes.
+#ssl_server_cert_username_field = commonName
+
+# SSL protocols to use. Debian systems specify TLSv1.2 by default, which should
+# be reasonbly secure and compatible with existing clients.
+ssl_min_protocol = TLSv1.2
+# Diffie-Hellman parameters are no longer required and should be phased out.
+# They do not work with ECDH(E) and require DH(E) ciphers.
+#ssl_server_dh_file = /etc/dovecot/dh.pem
+
+# SSL ciphers to use
+#ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+
+# SSL crypto device to use, for valid values run "openssl engine"
+#ssl_crypto_device = /dev/crypto
--- /dev/null
+##
+## LDA specific settings (also used by LMTP)
+##
+
+# Address to use when sending rejection mails.
+# Default is postmaster@%d. %d expands to recipient domain.
+#postmaster_address =
+
+# Hostname to use in various parts of sent mails (e.g. in Message-Id) and
+# in LMTP replies. Default is the system's real hostname@domain.
+#hostname =
+
+# If user is over quota, return with temporary failure instead of
+# bouncing the mail.
+#quota_full_tempfail = no
+
+# Binary to use for sending mails.
+#sendmail_path = /usr/sbin/sendmail
+
+# If non-empty, send mails via this SMTP host[:port] instead of sendmail.
+#submission_host =
+
+# Subject: header to use for rejection mails. You can use the same variables
+# as for rejection_reason below.
+#rejection_subject = Rejected: %s
+
+# Human readable error message for rejection mails. You can use variables:
+# %n = CRLF, %r = reason, %s = original subject, %t = recipient
+#rejection_reason = Your message to <%t> was automatically rejected:%n%r
+
+# Delimiter character between local-part and detail in email address.
+#recipient_delimiter = +
+
+# Header where the original recipient address (SMTP's RCPT TO: address) is taken
+# from if not available elsewhere. With dovecot-lda -a parameter overrides this.
+# A commonly used header for this is X-Original-To.
+#lda_original_recipient_header =
+
+# Should saving a mail to a nonexistent mailbox automatically create it?
+#lda_mailbox_autocreate = no
+
+# Should automatically created mailboxes be also automatically subscribed?
+#lda_mailbox_autosubscribe = no
+
+protocol lda {
+ # Boolean list of plugins to load
+ #mail_plugins {
+ # sieve = yes
+ #}
+}
--- /dev/null
+##
+## Mailbox definitions
+##
+
+# Each mailbox is specified in a separate mailbox section. The section name
+# specifies the mailbox name. If it has spaces, you can put the name
+# "in quotes". These sections can contain the following mailbox settings:
+#
+# auto:
+# Indicates whether the mailbox with this name is automatically created
+# implicitly when it is first accessed. The user can also be automatically
+# subscribed to the mailbox after creation. The following values are
+# defined for this setting:
+#
+# no - Never created automatically.
+# create - Automatically created, but no automatic subscription.
+# subscribe - Automatically created and subscribed.
+#
+# special_use:
+# A space-separated list of SPECIAL-USE flags (RFC 6154) to use for the
+# mailbox. There are no validity checks, so you could specify anything
+# you want in here, but it's not a good idea to use flags other than the
+# standard ones specified in the RFC:
+#
+# \All - This (virtual) mailbox presents all messages in the
+# user's message store.
+# \Archive - This mailbox is used to archive messages.
+# \Drafts - This mailbox is used to hold draft messages.
+# \Flagged - This (virtual) mailbox presents all messages in the
+# user's message store marked with the IMAP \Flagged flag.
+# \Important - This (virtual) mailbox presents all messages in the
+# user's message store deemed important to user.
+# \Junk - This mailbox is where messages deemed to be junk mail
+# are held.
+# \Sent - This mailbox is used to hold copies of messages that
+# have been sent.
+# \Trash - This mailbox is used to hold messages that have been
+# deleted.
+#
+# comment:
+# Defines a default comment or note associated with the mailbox. This
+# value is accessible through the IMAP METADATA mailbox entries
+# "/shared/comment" and "/private/comment". Users with sufficient
+# privileges can override the default value for entries with a custom
+# value.
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+ # These mailboxes are widely used and could perhaps be created automatically:
+ mailbox Drafts {
+ special_use = \Drafts
+ }
+ mailbox Junk {
+ special_use = \Junk
+ }
+ mailbox Trash {
+ special_use = \Trash
+ }
+
+ # For \Sent mailboxes there are two widely used names. We'll mark both of
+ # them as \Sent. User typically deletes one of them if duplicates are created.
+ mailbox Sent {
+ special_use = \Sent
+ }
+ mailbox "Sent Messages" {
+ special_use = \Sent
+ }
+
+ # If you have a virtual "All messages" mailbox:
+ #mailbox virtual/All {
+ # special_use = \All
+ # comment = All my messages
+ #}
+
+ # If you have a virtual "Flagged" mailbox:
+ #mailbox virtual/Flagged {
+ # special_use = \Flagged
+ # comment = All my flagged messages
+ #}
+
+ # If you have a virtual "Important" mailbox:
+ #mailbox virtual/Important {
+ # special_use = \Important
+ # comment = All my important messages
+ #}
+}
--- /dev/null
+##
+## IMAP specific settings
+##
+
+# If nothing happens for this long while client is IDLEing, move the connection
+# to imap-hibernate process and close the old imap process. This saves memory,
+# because connections use very little memory in imap-hibernate process. The
+# downside is that recreating the imap process back uses some resources.
+#imap_hibernate_timeout = 0
+
+# Maximum IMAP command line length. Some clients generate very long command
+# lines with huge mailboxes, so you may need to raise this if you get
+# "Too long argument" or "IMAP command line too large" errors often.
+#imap_max_line_length = 64k
+
+# IMAP logout format string:
+# %{input} - total number of bytes read from client
+# %{output} - total number of bytes sent to client
+# %{fetch_hdr_count} - Number of mails with mail header data sent to client
+# %{fetch_hdr_bytes} - Number of bytes with mail header data sent to client
+# %{fetch_body_count} - Number of mails with mail body data sent to client
+# %{fetch_body_bytes} - Number of bytes with mail body data sent to client
+# %{deleted} - Number of mails where client added \Deleted flag
+# %{expunged} - Number of mails that client expunged, which does not
+# include automatically expunged mails
+# %{autoexpunged} - Number of mails that were automatically expunged after
+# client disconnected
+# %{trashed} - Number of mails that client copied/moved to the
+# special_use=\Trash mailbox.
+# %{appended} - Number of mails saved during the session
+#imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} \
+# trashed=%{trashed} hdr_count=%{fetch_hdr_count} \
+# hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} \
+# body_bytes=%{fetch_body_bytes}
+
+# Amend or override the IMAP capability response. To override, set the value
+# with imap_capability =
+#
+# To amend, you can use a boolean list to specify which capabilities to turn
+# on and off
+#imap_capability {
+# SPECIAL-USE = yes
+# "LITERAL+" = no
+#}
+
+# How long to wait between "OK Still here" notifications when client is
+# IDLEing.
+#imap_idle_notify_interval = 2 mins
+
+# ID field names and values to send to clients. Using * as the value makes
+# Dovecot use the default value. The following fields have default values
+# currently: name, version, os, os-version, support-url, support-email,
+# revision.
+#imap_id_send =
+
+# Use imap_id_received event to log IMAP id
+
+# Workarounds for various client bugs:
+# delay-newmail:
+# Send EXISTS/RECENT new mail notifications only when replying to NOOP
+# and CHECK commands. Some clients ignore them otherwise, for example OSX
+# Mail (<v2.1). Outlook Express breaks more badly though, without this it
+# may show user "Message no longer in server" errors. Note that OE6 still
+# breaks even with this workaround if synchronization is set to
+# "Headers Only".
+# tb-extra-mailbox-sep:
+# Thunderbird gets somehow confused with LAYOUT=fs (mbox and dbox) and
+# adds extra '/' suffixes to mailbox names. This option causes Dovecot to
+# ignore the extra '/' instead of treating it as invalid mailbox name.
+# tb-lsub-flags:
+# Show \Noselect flags for LSUB replies with LAYOUT=fs (e.g. mbox).
+# This makes Thunderbird realize they aren't selectable and show them
+# greyed out, instead of only later giving "not selectable" popup error.
+#
+# This is a boolean list
+#imap_client_workarounds {
+# delay-newmail = yes
+#}
+
+# Host allowed in URLAUTH URLs sent by client. "*" allows all.
+#imap_urlauth_host =
+
+# Enable IMAP LITERAL- extension (replaces LITERAL+)
+#imap_literal_minus = no
+
+# What happens when FETCH fails due to some internal error:
+# disconnect-immediately:
+# The FETCH is aborted immediately and the IMAP client is disconnected.
+# disconnect-after:
+# The FETCH runs for all the requested mails returning as much data as
+# possible. The client is finally disconnected without a tagged reply.
+# no-after:
+# Same as disconnect-after, but tagged NO reply is sent instead of
+# disconnecting the client. If the client attempts to FETCH the same failed
+# mail more than once, the client is disconnected. This is to avoid clients
+# from going into infinite loops trying to FETCH a broken mail.
+#imap_fetch_failure = disconnect-immediately
+
+protocol imap {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins {
+ # imap_sieve = yes
+ #}
+
+ # Maximum number of IMAP connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+}
--- /dev/null
+##
+#i
+## LMTP specific settings
+##
+
+# Support proxying to other LMTP/SMTP servers by performing passdb lookups.
+#lmtp_proxy = no
+
+# When recipient address includes the detail (e.g. user+detail), try to save
+# the mail to the detail mailbox. See also recipient_delimiter and
+# lda_mailbox_autocreate settings.
+#lmtp_save_to_detail_mailbox = no
+
+# Verify quota before replying to RCPT TO. This adds a small overhead.
+#lmtp_rcpt_check_quota = no
+
+# Add "Received:" header to mails delivered.
+#lmtp_add_received_header = yes
+
+# Which recipient address to use for Delivered-To: header and Received:
+# header. The default is "final", which is the same as the one given to
+# RCPT TO command. "original" uses the address given in RCPT TO's ORCPT
+# parameter, "none" uses nothing. Note that "none" is currently always used
+# when a mail has multiple recipients.
+#lmtp_hdr_delivery_address = final
+
+# Workarounds for various client bugs:
+# whitespace-before-path:
+# Allow one or more spaces or tabs between `MAIL FROM:' and path and between
+# `RCPT TO:' and path.
+# mailbox-for-path:
+# Allow using bare Mailbox syntax (i.e., without <...>) instead of full path
+# syntax.
+#
+#lmtp_client_workarounds {
+# whitespace-before-path = yes
+#}
+
+protocol lmtp {
+ #mail_plugins {
+ # sieve = yes
+ #}
+
+ # This strips the domain name before delivery, since the default
+ # userdb in Debian is /etc/passwd, which doesn't include domain
+ # names in the user. If you're using a different userdb backend
+ # that does include domain names, you may wish to remove this. See
+ # https://doc.dovecot.org/2.4.0/howto/lmtp/exim.html and
+ # https://doc.dovecot.org/2.4.0/core/summaries/settings.html#auth_username_format
+ auth_username_format = %{user | username}
+}
--- /dev/null
+##
+## ManageSieve specific settings
+##
+
+# Uncomment to enable managesieve protocol:
+protocols {
+ sieve = yes
+}
+
+# Service definitions
+
+service managesieve-login {
+ inet_listener sieve {
+ port = 4190
+ }
+
+ inet_listener sieve_deprecated {
+ port = 2000
+ }
+
+ # Number of connections to handle before starting a new process. Typically
+ # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+ # is faster. <https://doc.dovecot.org/latest/core/admin/login_processes.html>
+ #service_restart_request_count = 1
+
+ # Number of processes to always keep waiting for more connections.
+ #process_min_avail = 0
+
+ # If you set service_restart_request_count=0, you probably need to grow this.
+ #vsz_limit = 64M
+}
+
+service managesieve {
+ # Max. number of ManageSieve processes (connections)
+ #process_limit = 1024
+}
+
+# Service configuration
+
+protocol sieve {
+ # Maximum ManageSieve command line length in bytes. ManageSieve usually does
+ # not involve overly long command lines, so this setting will not normally
+ # need adjustment
+ #managesieve_max_line_length = 65536
+
+ # Maximum number of ManageSieve connections allowed for a user from each IP
+ # address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+
+ # Space separated list of plugins to load (none known to be useful so far).
+ # Do NOT try to load IMAP plugins here.
+ #mail_plugins =
+
+ # MANAGESIEVE logout format string:
+ #managesieve_logout_format = bytes=%{input}/%{output}
+
+ # To fool ManageSieve clients that are focused on CMU's timesieved you can
+ # specify the IMPLEMENTATION capability that Dovecot reports to clients.
+ # For example: 'Cyrus timsieved v2.2.13'
+ #managesieve_implementation_string = 'Cyrus timsieved v2.2.13'
+
+ # Explicitly specify the SIEVE and NOTIFY capability reported by the server
+ # before login. If left unassigned these will be reported dynamically
+ # according to what the Sieve interpreter supports by default (after login
+ # this may differ depending on the user).
+ #managesieve_sieve_capability {
+ #}
+ #managesieve_notify_capability {
+ #}
+
+ # The maximum number of compile errors that are returned to the client upon
+ # script upload or script verification.
+ #managesieve_max_compile_errors = 5
+
+ # Refer to 90-sieve.conf for script quota configuration and configuration of
+ # Sieve execution limits.
+}
--- /dev/null
+##
+## POP3 specific settings
+##
+
+# Don't try to set mails non-recent or seen with POP3 sessions. This is
+# mostly intended to reduce disk I/O. With maildir it doesn't move files
+# from new/ to cur/, with mbox it doesn't write Status-header.
+#pop3_no_flag_updates = no
+
+# Support LAST command which exists in old POP3 specs, but has been removed
+# from new ones. Some clients still wish to use this though. Enabling this
+# makes RSET command clear all \Seen flags from messages.
+#pop3_enable_last = no
+
+# If mail has X-UIDL header, use it as the mail's UIDL.
+#pop3_reuse_xuidl = no
+
+# Allow only one POP3 session to run simultaneously for the same user.
+#pop3_lock_session = no
+
+# POP3 requires message sizes to be listed as if they had CR+LF linefeeds.
+# Many POP3 servers violate this by returning the sizes with LF linefeeds,
+# because it's faster to get. When this setting is enabled, Dovecot still
+# tries to do the right thing first, but if that requires opening the
+# message, it fallbacks to the easier (but incorrect) size.
+#pop3_fast_size_lookups = no
+
+# POP3 UIDL (unique mail identifier) format to use. You can use following
+# variables with variable extension as described in
+# https://doc.dovecot.org/latest/core/settings/variables.html
+#
+# %{uidvalidity} - Mailbox's IMAP UIDVALIDITY
+# %{uid} - Mail's IMAP UID
+# %{md5} - MD5 sum of the mailbox headers in hex (mbox only)
+# %{filename} - filename (maildir only)
+# %{guid} - Mail's GUID
+#
+# If you want UIDL compatibility with other POP3 servers, use:
+# UW's ipop3d : %{uid | hex(8)}%{uidvalidity | hex(8)}
+# Courier : %{filename} or %{uidvalidity}-%{uid} (both might be used simultaneously)
+# Cyrus (<= 2.1.3) : %{uid}
+# Cyrus (>= 2.1.4) : %{uidvalidity}.%{uid}
+# Dovecot v0.99.x : %{uidvalidity}.%{uid}
+# tpop3d : %{filename|md5}
+#
+# Note that Outlook 2003 seems to have problems with %{uidvalidity}.%{uid} format which was
+# Dovecot's default, so if you're building a new server it would be a good
+# idea to change this. %{uid | hex(8)}%{uidvalidity | hex(8)} should be pretty fail-safe.
+#
+#pop3_uidl_format = %{uid | hex(8)}%{uidvalidity | hex(8)}
+
+# Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+# won't change those UIDLs. Currently this works only with Maildir.
+#pop3_save_uidl = no
+
+# What to do about duplicate UIDLs if they exist?
+# allow: Show duplicates to clients.
+# rename: Append a temporary -2, -3, etc. counter after the UIDL.
+#pop3_uidl_duplicates = allow
+
+# This option changes POP3 behavior so that it's not possible to actually
+# delete mails via POP3, only hide them from future POP3 sessions. The mails
+# will still be counted towards user's quota until actually deleted via IMAP.
+# Use e.g. "$POP3Deleted" as the value (it will be visible as IMAP keyword).
+# Make sure you can legally archive mails before enabling this setting.
+#pop3_deleted_flag =
+
+# POP3 logout format string:
+# %{input} - Bytes read from the client
+# %{output} - Bytes sent to the client
+# %{top_count} - Number of TOP commands run
+# %{top_bytes} - Bytes sent to the client because of TOP commands
+# %{retr_count} - Number of RETR commands run
+# %{retr_bytes} - Bytes sent to the client because of RETR commands
+# %{deleted_count} - Number of deleted messages
+# %{deleted_bytes} - Number of bytes in deleted messages
+# %{message_count} - Number of messages before deletion
+# %{message_bytes} - Mailbox size, in bytes, before deletion
+# %{uidl_change} - The old and the new UIDL hash (which can be useful for identifying unexpected changes in UIDLs)
+#pop3_logout_format = top=%{top_count}/%{top_bytes}, retr=%{retr_count}/%{retr_bytes}, del=%{deleted_count}/%{deleted_bytes}, size=%{message_bytes}
+
+# Workarounds for various client bugs:
+# outlook-no-nuls:
+# Outlook and Outlook Express hang if mails contain NUL characters.
+# This setting replaces them with 0x80 character.
+# oe-ns-eoh:
+# Outlook Express and Netscape Mail breaks if end of headers-line is
+# missing. This option simply sends it if it's missing.
+#pop3_client_workarounds {
+# outlook-no-nuls = yes
+#}
+
+protocol pop3 {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins {
+ #}
+
+ # Maximum number of POP3 connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+}
--- /dev/null
+##
+## Settings specific to SMTP Submission
+##
+
+# SMTP Submission logout format string:
+# %{input} - total number of bytes read from client
+# %{output}- total number of bytes sent to client
+# %{command_count} - Number of commands received from client
+# %{reply_count} - Number of replies sent to client
+# %{session} - Session ID of the login session
+# %{transaction_id} - ID of the current transaction, if any
+#submission_logout_format = in=%{input} out=%{output}
+
+# Host name reported by the SMTP service, for example to the client in the
+# initial greeting and to the relay server in the HELO/EHLO command.
+# Default is the system's real hostname@domain.
+#hostname =
+
+# Maximum size of messages accepted for relay. This announced in the SIZE
+# capability. If not configured, this is either determined from the relay
+# server or left unlimited if no limit is known (relay will reply with error
+# if some unknown limit exists there, which is duly passed to our client).
+#submission_max_mail_size =
+
+# Maximum number of recipients accepted per connection (default: unlimited)
+#submission_max_recipients =
+
+# Workarounds for various client bugs:
+# whitespace-before-path:
+# Allow one or more spaces or tabs between `MAIL FROM:' and path and between
+# `RCPT TO:' and path.
+# mailbox-for-path:
+# Allow using bare Mailbox syntax (i.e., without <...>) instead of full path
+# syntax.
+#
+#submission_client_workarounds {
+# whitespace-before-path = yes
+#}
+
+# Relay server configuration:
+#
+# The Dovecot SMTP submission service directly proxies the mail transaction
+# to the SMTP relay configured here.
+
+# Host name for the relay server (required)
+#submission_relay_host =
+
+# Port for the relay server
+#submission_relay_port = 25
+
+# Is the relay server trusted? This determines whether we try to send
+# (Postfix-specific) XCLIENT data to the relay server
+#submission_relay_trusted = no
+
+# Authentication data for the relay server if authentication is required
+#submission_relay_user =
+#submission_relay_master_user =
+#submission_relay_password =
+
+# SSL configuration for connection to relay server
+#
+# submission_relay_ssl:
+# Indicates whether SSL is used for the connection to the relay server. The
+# following values are defined for this setting:
+#
+# no - No SSL is used
+# smtps - An SMTPS connection (immediate SSL) is used
+# starttls - The STARTTLS command is used to establish SSL layer
+#submission_relay_ssl = no
+
+# submission_relay_ssl_verify:
+# Configures whether the SSL certificate of the relay server is to be
+# verified.
+#submission_relay_ssl_verify = yes
+
+# Write protocol logs for relay connection to this directory for debugging
+#submission_relay_rawlog_dir =
+
+# BURL is configured implicitly by IMAP URLAUTH
+
+# Part of the SMTP capabilities that the submission service can offer to the
+# client (as listed in the EHLO reply) depend on those capabilities also being
+# provided by the relay server. These capabilities currently are:
+#
+# - 8BITMIME
+# - BINARYMIME
+# - DSN
+# - VRFY (always returns 252 without support)
+#
+# By default, the submission service first connects to the relay server to
+# determine the support for such capabilities before sending the initial EHLO
+# reply to the client. If the list of capabilities returned by the relay server
+# is somehow unreliable or it is undesirable to start the connection to the
+# relay server before the first mail transaction is started, the backend
+# capabilities can be configured explicitly using the
+# submission_backend_capabilities setting. This is a space-separated list of
+# SMTP capability names. This setting is only relevant for capabilities that
+# depend on support from the relay server: including (or omitting) capabilities
+# that are not listed above has no effect. When this setting is explicitly set
+# to the empty string, none of the capabilities is enabled. To achieve the
+# default behavior, this setting must be left unconfigured.
+#submission_backend_capabilities =
+
+protocol submission {
+ # Space-separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins {
+ #}
+
+ # Maximum number of SMTP submission connections allowed for a user from
+ # each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+}
+
--- /dev/null
+##
+## Dictionary server settings
+##
+
+# Dictionary can be used to store key=value lists. This is used by several
+# plugins. The dictionary can be accessed either directly or though a
+# dictionary server. The following dict block maps dictionary names to URIs
+# when the server is used. These can then be referenced using URIs in format
+# "proxy::<name>".
+
+dict_server {
+# dict quota {
+# driver = sql
+# sql_driver = mysql
+# hostname = localhost
+#
+# dict_map priv/quota/storage {
+# sql_table = quota
+# username_field = username
+# value_field bytes {
+# type = uint
+# }
+# }
+#
+# dict_map priv/quota/messages {
+# sql_table = quota
+# username_field = username
+# value_field messages {
+# type = uint
+# }
+# }
+# }
+}
+
--- /dev/null
+##
+## Mailbox access control lists.
+##
+
+# vfile backend reads ACLs from "dovecot-acl" file from mail directory.
+# You can also optionally give a global ACL directory path where ACLs are
+# applied to all users' mailboxes. The global ACL directory contains
+# one file for each mailbox, eg. INBOX or sub.mailbox. cache_secs parameter
+# specifies how many seconds to wait between stat()ing dovecot-acl file
+# to see if it changed.
+
+#acl_driver = vfile
+## Deprecated ACL global path
+#acl_global_path = /etc/dovecot/global-acls
+#acl_cache_ttl = 5m
+
+## New inline ACLs
+#mailbox INBOX {
+# acl user=testuser {
+# rights = lri
+# }
+#}
+
+# To let users LIST mailboxes shared by other users, Dovecot needs a
+# shared mailbox dictionary. For example:
+#acl_sharing_map {
+# dict file {
+# path = /var/lib/dovecot/shared-mailboxes
+# }
+#}
--- /dev/null
+mail_plugins {
+ fts = yes
+ fts_flatcurve = yes
+}
+
+fts_autoindex = yes
+
+language_filters = normalizer-icu snowball stopwords
+
+language_tokenizers = generic email-address
+language_tokenizer_generic_algorithm = simple
+
+language en {
+ default = yes
+ filters = lowercase snowball english-possessive stopwords
+}
+
+fts flatcurve {
+ # All of these are optional, and indicate the default values.
+ # They are listed here for documentation purposes; most people should not
+ # need to define/override in their config.
+ # commit_limit = 500
+ # max_term_size = 30
+ # min_term_size = 2
+ # optimize_limit = 10
+ # rotate_count = 5000
+ # rotate_time = 5000
+ substring_search = yes
+}
--- /dev/null
+##
+## Plugin settings
+##
+
+# All wanted plugins must be listed in mail_plugins setting before any of the
+# settings take effect. See <https://doc.dovecot.org/latest/> for list of plugins and
+# their configuration. Note that %{variable} expansion is done for all values.
+
+## See https://doc.dovecot.org/latest/core/plugins/fts.html for FTS information
+
+fts_autoindex = yes
+fts_autoindex_max_recent_msgs = 999
+fts_search_add_missing = yes
+
+## for attachment decoding
+
+#fts_decoder_driver = tika
+#fts_decoder_tika_url = http://localhost:9998/tika/
+
+## for solr
+#fts solr {
+# url = http://localhost:8983/solr/dovecot/
+#}
+
+# See 90-fts-flatcurve.conf in the dovecot-flatcurve package for
+# settings specific to that driver
--- /dev/null
+##
+## Quota configuration.
+##
+
+# Note that you also have to enable quota plugin in mail_plugins setting.
+## <https://doc.dovecot.org/latest/core/plugins/quota.html>
+
+##
+## Quota limits
+##
+
+# Quota limits are set using "quota_rule" parameters. To get per-user quota
+# limits, you can set/override them by returning "quota_rule" extra field
+# from userdb. It's also possible to give mailbox-specific limits, for example
+# to give additional 100 MB when saving to Trash:
+
+#mail_plugins {
+# quota = yes
+#}
+
+#quota "User quota" {
+# storage_size = 1G
+#}
+#
+#namespace inbox {
+# mailbox Trash {
+# quota_storage_extra = 100M
+# }
+#}
+
+##
+## Quota warnings
+##
+
+# You can execute a given command when user exceeds a specified quota limit.
+# Each quota root has separate limits. Only the command for the first
+# exceeded limit is excecuted, so put the highest limit first.
+# The commands are executed via script service by connecting to the named
+# UNIX socket (quota-warning below).
+# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
+
+#quota "User quota" {
+# warning warn-95 {
+# quota_storage_percentage = 95
+# execute quota-warning {
+# args = 95 %{user}
+# }
+# }
+# warning warn-80 {
+# quota_storage_percentage = 80
+# execute quota-warning {
+# args = 80 %{user}
+# }
+# }
+#}
+
+# Example quota-warning service. The unix listener's permissions should be
+# set in a way that mail processes can connect to it. Below example assumes
+# that mail processes run as vmail user. If you use mode=0666, all system users
+# can generate quota warnings to anyone.
+#service quota-warning {
+# executable = script /usr/local/bin/quota-warning.sh
+# user = dovecot
+# unix_listener quota-warning {
+# user = vmail
+# }
+#}
+
+##
+## Quota backends
+##
+
+# Multiple backends are supported:
+# count: Default and recommended, quota driver tracks the quota internally within Dovecot's index files.
+# maildir: Maildir++ quota
+# fs: Read-only support for filesystem quota
+#quota "User quota" {
+# driver = count
+#}
--- /dev/null
+# Sieve Extprograms plugin configuration
+
+# Don't forget to add the sieve_extprograms plugin to the sieve_plugins setting.
+# Also enable the extensions you need (one or more of vnd.dovecot.pipe,
+# vnd.dovecot.filter and vnd.dovecot.execute) by adding these to the
+# sieve_extensions or sieve_global_extensions settings. Restricting these
+# extensions to a global context using sieve_global_extensions is recommended.
+
+# The directory where the program sockets are located for the
+# vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+# respectively. The name of each unix socket contained in that directory
+# directly maps to a program-name referenced from the Sieve script.
+#sieve_pipe_socket_dir = sieve-pipe
+#sieve_filter_socket_dir = sieve-filter
+#sieve_execute_socket_dir = sieve-execute
+
+# The directory where the scripts are located for direct execution by the
+# vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+# respectively. The name of each script contained in that directory
+# directly maps to a program-name referenced from the Sieve script.
+#sieve_pipe_bin_dir = /usr/lib/dovecot/sieve-pipe
+#sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
+#sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
+
+# An example program service called 'do-something' to pipe messages to
+#service do-something {
+ # Define the executed script as parameter to the sieve service
+ #executable = script /usr/lib/dovecot/sieve-pipe/do-something.sh
+
+ # Use some unprivileged user for executing the program
+ #user = dovenull
+
+ # The unix socket located in the sieve_pipe_socket_dir (as defined in the
+ # plugin {} section above)
+ #unix_listener sieve-pipe/do-something {
+ # LDA/LMTP must have access
+ # user = vmail
+ # mode = 0600
+ #}
+#}
+
--- /dev/null
+##
+## Settings for the Sieve interpreter
+##
+
+# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
+# by adding it to the respective mail_plugins { sieve = yes } settings.
+
+# See https://doc.dovecot.org/latest/core/plugins/sieve.html
+
+# Personal sieve script location
+#sieve_script personal {
+# driver = file
+# path = ~/sieve
+# active_path = ~/.dovecot.sieve
+#}
+
+# Default sieve script location
+#sieve_script default {
+# type = default
+# name = default
+# driver = file
+# path = /etc/dovecot/sieve/default/
+#}
+
+
+# Which Sieve language extensions are available to users. By default, all
+# supported extensions are available, except for deprecated extensions or
+# those that are still under development. Some system administrators may want
+# to disable certain Sieve extensions or enable those that are not available
+# by default. This setting can use 'yes' and 'no' to specify differences relative
+# to the default. For example `imapflags = yes' will enable the
+# deprecated imapflags extension in addition to all extensions were already
+# enabled by default.
+#sieve_extensions {
+# mboxmetadata = yes
+# vnd.dovecot.debug = yes
+#}
+
+# Which Sieve language extensions are ONLY available in global scripts. This
+# can be used to restrict the use of certain Sieve extensions to administrator
+# control, for instance when these extensions can cause security concerns.
+# This setting has higher precedence than the `sieve_extensions' setting
+# (above), meaning that the extensions enabled with this setting are never
+# available to the user's personal script no matter what is specified for the
+# `sieve_extensions' setting. The syntax of this setting is similar to the
+# `sieve_extensions' setting, with the difference that extensions are
+# enabled or disabled for exclusive use in global scripts. Currently, no
+# extensions are marked as such by default.
+#sieve_global_extensions =
+
+# The Pigeonhole Sieve interpreter can have plugins of its own. Using this
+# setting, the used plugins can be specified. Check the Dovecot documentation
+# https://doc.dovecot.org/latest/core/plugins/sieve.html
+
+#sieve_plugins = sieve_imapsieve sieve_extprograms
+#sieve_pipe_bin_dir = /usr/share/dovecot-pigeonhole/sieve
+#sieve_execute_bin_dir = /usr/share/dovecot-pigeonhole/sieve
+#sieve_global_extensions {
+# vnd.dovecot.pipe = yes
+# vnd.dovecot.execute = yes
+#}
+#imapsieve_url =
+
+# The separator that is expected between the :user and :detail
+# address parts introduced by the subaddress extension. This may
+# also be a sequence of characters (e.g. '--'). The current
+# implementation looks for the separator from the left of the
+# localpart and uses the first one encountered. The :user part is
+# left of the separator and the :detail part is right. This setting
+# is also used by Dovecot's LMTP service.
+#recipient_delimiter = +-_
+
+# The maximum size of a Sieve script. The compiler will refuse to compile any
+# script larger than this limit. If set to 0, no limit on the script size is
+# enforced.
+#sieve_max_script_size = 1M
+
+# The maximum number of actions that can be performed during a single script
+# execution. If set to 0, no limit on the total number of actions is enforced.
+#sieve_max_actions = 32
+
+# The maximum number of redirect actions that can be performed during a single
+# script execution. If set to 0, no redirect actions are allowed.
+#sieve_max_redirects = 4
+
+# The maximum number of personal Sieve scripts a single user can have. If set
+# to 0, no limit on the number of scripts is enforced.
+# (Currently only relevant for ManageSieve)
+#sieve_quota_script_count = 0
+
+# The maximum amount of disk storage a single user's scripts may occupy. If
+# set to 0, no limit on the used amount of disk storage is enforced.
+# (Currently only relevant for ManageSieve)
+#sieve_quota_storage_size = 0
+
+
+#mailbox Spam {
+## From elsewhere to Spam folder
+# sieve_script report-spam {
+# type = before
+# cause = copy
+# path = /etc/dovecot/report-spam.sieve
+# }
+#}
+
+## From Spam folder to elsewhere
+#imapsieve_from Spam {
+# sieve_script report-ham {
+# type = before
+# cause = copy
+# path = /etc/dovecot/report-ham.sieve
+# }
+#}
--- /dev/null
+# Deny access for users. Included from auth.conf.
+
+# Users can be (temporarily) disabled by adding a passdb with deny=yes.
+# If the user is found from that database, authentication will fail.
+# The deny passdb should always be specified before others, so it gets
+# checked first.
+
+# Example deny passdb using passwd-file. You can use any passdb though.
+#passdb deny {
+# driver = passwd-file
+# deny = yes
+#
+## File contains a list of usernames, one per line
+# passwd_file_path = /etc/dovecot/deny-users
+#}
--- /dev/null
+# Authentication for LDAP users. Included from auth.conf.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/databases/ldap.html>
+
+## See <https://doc.dovecot.org/latest/core/config/dict.html#ldap>
+
+#ldap_uris = ldap://localhost
+#ldap_auth_dn = cn=admin
+#ldap_auth_dn_password = supersecret
+
+#passdb ldap {
+# ldap_filter = (&(objectClass=posixAccount)(uid=%{user}))
+# ldap_bind = no
+
+# fields {
+ # user=%{ldap:uid}
+ # password=%{ldap:userPassword}
+ # userdb_home=%{ldap:homeDirectory}
+ # userdb_uid=%{ldap:uidNumber}
+ # userdb_gid=%{ldap:gidNumber}
+# }
+#}
+
+# "prefetch" user database means that the passdb already provided the
+# needed information and there's no need to do a separate userdb lookup.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/prefetch.html>
+#userdb prefetch {
+#}
+
+#userdb ldap {
+# ldap_filter = (&(objectClass=posixAccount)(uid=%{user}))
+
+# Default fields can be used to specify defaults that LDAP may override
+# fields {
+# home=/home/virtual/%{user}
+# }
+#}
+
+# If you don't have any user-specific settings, you can avoid the userdb LDAP
+# lookup by using userdb static instead of userdb ldap, for example:
+# <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
+#userdb static {
+ #fields {
+ # uid = vmail
+ # gid = vmail
+ # home = /var/vmail/%{user}
+ #}
+#}
--- /dev/null
+# Authentication for master users. Included from auth.conf.
+
+# By adding master=yes setting inside a passdb you make the passdb a list
+# of "master users", who can log in as anyone else.
+# <https://doc.dovecot.org/latest/core/config/auth/master_users.html>
+
+# Example master user passdb using passwd-file. You can use any passdb though.
+#passdb master-passwd-file {
+# driver = passwd-file
+# master = yes
+# passwd_file_path = /etc/dovecot/master-users
+#}
--- /dev/null
+#auth_mechanisms {
+# xoauth2 = yes
+# oauthbearer = yes
+#}
+#oauth2 {
+# tokeninfo_url = https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=
+# introspection_url = https://www.googleapis.com/oauth2/v2/userinfo
+# #force_introspection = yes
+# username_attribute = email
+#}
+
+# with local validation
+#oauth2 {
+# introspection_mode = local
+# username_attribute = email
+# oauth2_local_validation {
+# dict fs {
+# fs posix {
+# prefix = /etc/dovecot/oauth2-keys/
+# }
+# }
+# }
+#}
--- /dev/null
+# Authentication for passwd-file users. Included from auth.conf.
+#
+# passwd-like file with specified location.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/passwd_file.html>
+
+#passdb passwd-file {
+# default_password_scheme = crypt
+# auth_username_format = %{user}
+# passwd_file_path = /etc/dovecot/users
+#}
+
+#userdb passwd-file {
+# auth_username_format=%{user}
+# passwd_file_path = /etc/dovecot/users
+
+# fields {
+# quota_rule:default=*:storage=1G
+# home=/home/virtual/%{user}
+# }
+#}
--- /dev/null
+# Authentication for SQL users. Included from auth.conf.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/databases/sql.html>
+
+# For the sql passdb module, you'll need a database with a table that
+# contains fields for at least the username and password. If you want to
+# use the user@domain syntax, you might want to have a separate domain
+# field as well.
+#
+# If your users all have the same uig/gid, and have predictable home
+# directories, you can use the static userdb module to generate the home
+# dir based on the username and domain. In this case, you won't need fields
+# for home, uid, or gid in the database.
+#
+# If you prefer to use the sql userdb module, you'll want to add fields
+# for home, uid, and gid. Here is an example table:
+#
+# CREATE TABLE users (
+# username VARCHAR(128) NOT NULL,
+# domain VARCHAR(128) NOT NULL,
+# password VARCHAR(64) NOT NULL,
+# home VARCHAR(255) NOT NULL,
+# uid INTEGER NOT NULL,
+# gid INTEGER NOT NULL,
+# active CHAR(1) DEFAULT 'Y' NOT NULL
+# );
+
+# Database driver: mysql, pgsql, sqlite
+#sql_driver = mysql
+
+# Database connection string. This is driver-specific setting.
+#
+# HA / round-robin load-balancing is supported by giving multiple host
+# settings, like: host=sql1.host.org host=sql2.host.org
+#
+# pgsql:
+# For available options, see the PostgreSQL documention for the
+# PQconnectdb function of libpq.
+# Use maxconns=n (default 5) to change how many connections Dovecot can
+# create to pgsql.
+#
+# mysql:
+# Basic options emulate PostgreSQL option names:
+# host, port, user, password, dbname
+#
+# But also adds some new settings:
+# client_flags - See MySQL manual
+# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
+# ssl_cert, ssl_key - For sending client-side certificates to server
+# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
+# option_file - Read options from the given file instead of
+# the default my.cnf location
+# option_group - Read options from the given group (default: client)
+#
+# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
+# Note that currently you can't use spaces in parameters.
+#
+# sqlite:
+# The path to the database file.
+#
+# Examples:
+# mysql 192.168.1.1 {
+# dbname = users
+# }
+# mysql sql.example.com {
+# ssl = yes
+# user = virtual
+# password = blarg
+# dbname = virtual
+# }
+# sqlite /etc/dovecot/authdb.sqlite {
+# }
+#
+#mysql /var/run/mysqld/mysqld.sock {
+# user = dovecot
+# password = dvmail
+# dbname = dovecot
+#}
+#mysql localhost {
+# ...
+#}
+
+#passdb sql {
+# default_password_scheme = SHA256
+
+# passdb query to retrieve the password. It can return fields:
+# password - The user's password. This field must be returned.
+# user - user@domain from the database. Needed with case-insensitive lookups.
+# username and domain - An alternative way to represent the "user" field.
+#
+# The "user" field is often necessary with case-insensitive lookups to avoid
+# e.g. "name" and "nAme" logins creating two different mail directories. If
+# your user and domain names are in separate fields, you can return "username"
+# and "domain" fields instead of "user".
+#
+# The query can also return other fields which have a special meaning, see
+# https://doc.dovecot.org/latest/core/config/auth/passdb.html#extra-fields
+#
+# Commonly used available substitutions (see https://doc.dovecot.org/latest/core/settings/variables.html
+# for full list):
+# %{user} = entire user@domain
+# %{user|username} = user part of user@domain
+# %{user|domain} = domain part of user@domain
+#
+# Note that these can be used only as input to SQL query. If the query outputs
+# any of these substitutions, they're not touched. Otherwise it would be
+# difficult to have eg. usernames containing '%' characters.
+#
+# Example:
+# query = SELECT userid AS user, pw AS password \
+# FROM users WHERE userid = '%u' AND active = 'Y'
+#
+# query = \
+# SELECT userid as username, domain, password \
+# FROM users WHERE userid = '%{user|username}' AND domain = '%{user|domain}'
+#}
+
+#userdb sql {
+# userdb query to retrieve the user information. It can return fields:
+# uid - System UID (overrides mail_uid setting)
+# gid - System GID (overrides mail_gid setting)
+# home - Home directory
+# mail_driver - Mail driver
+# mail_path - Mail storage path
+#
+# None of these are strictly required. If you use a single UID and GID, and
+# home or mail directory fits to a template string, you could use userdb static
+# instead. For a list of all fields that can be returned, see
+# Examples:
+# query = SELECT home, uid, gid FROM users WHERE userid = '%{user}'
+# query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%{user}'
+# query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%{user}'
+#
+# query = \
+# SELECT home, uid, gid \
+# FROM users WHERE userid = '%{user|username}' AND domain = '%{user|domain}'
+
+# Query to get a list of all usernames.
+# iterate_query = SELECT username AS user,domain FROM users
+
+# userdb_ldap {
+# iterate_fields {
+# home = /var/vmail/%{home}
+# }
+# }
+#}
+
+#passdb static {
+# fields {
+# user=%{user|username|lower}
+# noauthenticate=yes
+# }
+## you can remove next line if you want to always normalize your usernames
+# skip = authenticated
+#}
+
+# "prefetch" user database means that the passdb already provided the
+# needed information and there's no need to do a separate userdb lookup.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/prefetch.html>
+#userdb prefetch {
+#}
+
+#userdb static {
+# fields {
+# user=%{user|lower}
+# }
+# you can remove next line if you want to always normalize your usernames
+# skip = found
+#}
+
+# If you don't have any user-specific settings, you can avoid the user_query
+# by using userdb static instead of userdb sql, for example:
+# <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
+#userdb static {
+ #fields {
+ # uid = vmail
+ # gid = vmail
+ # home = /var/vmail/%{user}
+ #}
+#}
--- /dev/null
+# Static passdb. Included from auth.conf.
+
+# This can be used for situations where Dovecot doesn't need to verify the
+# username or the password, or if there is a single password for all users:
+#
+# - proxy frontend, where the backend verifies the password
+# - proxy backend, where the frontend already verified the password
+# - authentication with SSL certificates
+# - simple testing
+#
+# Each passdb must have unique name, but if you onlu use it once per driver
+# you can use driver name as passdb/userdb section name.
+
+#passdb static {
+# fields {
+# proxy = y
+# host = %{user|md5|substr(1)}.example.com
+# nopassword = y
+# }
+#}
+
+#passdb static2 {
+# driver = static
+# fields {
+# password = test
+# }
+#}
+
+#userdb static {
+# fields {
+# uid = vmail
+# gid = vmail
+# home = /home/%{user}
+# }
+#}
--- /dev/null
+# Authentication for system users. Included from auth.conf.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/passdb.html>
+# <https://doc.dovecot.org/latest/core/config/auth/userdb.html>
+
+# Driver is only needed if the section name is not same as driver's name.
+
+# PAM authentication. Preferred nowadays by most systems.
+# PAM is typically used with either userdb passwd or userdb static.
+# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
+# authentication to actually work. <https://doc.dovecot.org/latest/core/config/auth/databases/pam.html>
+passdb pam {
+# driver = pam
+# session = yes
+# setcred = yes
+# failure_show_msg = yes
+# max_requests = 20
+# service_name = dovecot
+# skip = authenticated
+# fields {
+# }
+}
+
+userdb passwd {
+}
+
+# System users (NSS, /etc/passwd, or similiar).
+# In many systems nowadays this uses Name Service Switch, which is
+# configured in /etc/nsswitch.conf. <https://doc.dovecot.org/latest/core/config/auth/databases/passwd.html>
+#passdb passwb {
+#}
+
+# PAM-like authentication for OpenBSD.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/bsd.html>
+#passdb bsdauth {
+#}
+
+##
+## User databases
+##
+
+# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
+# uses Name Service Switch, which is configured in /etc/nsswitch.conf.
+#userdb passwd-file {
+ #driver = passwd-file
+ #auth_username_format=%{user|lower}
+ #passwd_file_path = /etc/passwd
+ #fields {
+ # user= %{user|lower}
+ # name = %{user|lower}
+ # home = /var/vmail/%{user}
+ #}
+ #skip = found
+#}
+
+# Static settings generated from template <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
+#userdb static {
+ #driver = static
+ # Can return anything a userdb could normally return. For example:
+ # fields {
+ # uid = 500
+ # gid = 500
+ # home = /var/mail/%{user}
+ # }
+ # LDA and LMTP needs to look up users only from the userdb. This of course
+ # doesn't work with static userdb because there is no list of users.
+ # Normally static userdb handles this by doing a passdb lookup. This works
+ # with most passdbs, with PAM being the most notable exception. If you do
+ # the user verification another way, you can add allow_all_users=yes
+ # in which case the passdb lookup is skipped.
+ #allow_all_users = yes
+#}
--- /dev/null
+## Dovecot configuration file
+
+# If you're in a hurry, see https://doc.dovecot.org/latest/core/config/guides/quick.html
+
+# "doveconf -n" command gives a clean output of the changed settings. Use it
+# instead of copy&pasting files when posting to the Dovecot mailing list.
+
+# '#' character and everything after it is treated as comments. Extra spaces
+# and tabs are ignored. If you want to use either of these explicitly, put the
+# value inside quotes, eg.: key = "# char and trailing whitespace "
+
+# Default values are shown for each setting, it's not required to uncomment
+# those. These are exceptions to this though: No sections (e.g. namespace {})
+# or plugin settings are added by default, they're listed only as examples.
+# Paths are also just examples with the real defaults being based on configure
+# options. The paths listed here are for configure --prefix=/usr/local
+# --sysconfdir=/usr/local/etc --localstatedir=/var
+
+dovecot_config_version = 2.4.0
+dovecot_storage_version = 2.4.0
+
+# Protocols we want to be serving.
+#protocols = imap pop3 lmtp
+!include_try /usr/share/dovecot/protocols.d/*.protocol
+
+# A comma separated list of IPs or hosts where to listen in for connections.
+# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
+# If you want to specify non-default ports or anything more complex,
+# edit conf.d/master.conf.
+#listen = *, ::
+
+# Base directory where to store runtime data.
+#base_dir = /var/run/dovecot/
+
+# Name of this instance. In multi-instance setup doveadm and other commands
+# can use -i <instance_name> to select which instance is used (an alternative
+# to -c <config_path>). The instance name is also added to Dovecot processes
+# in ps output.
+#instance_name = dovecot
+
+# Greeting message for clients.
+#login_greeting = Dovecot ready.
+
+# Space separated list of trusted network ranges. Connections from these
+# IPs are allowed to override their IP addresses and ports (for logging and
+# for authentication checks). disable_plaintext_auth is also ignored for
+# these networks, unless ssl=required.
+# Typically you'd specify your IMAP proxy servers here.
+#login_trusted_networks =
+
+# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
+# proxying. This isn't necessary normally, but may be useful if the destination
+# IP is e.g. a load balancer's IP.
+#auth_proxy_self =
+
+# Show more verbose process titles (in ps). Currently shows user name and
+# IP address. Useful for seeing who are actually using the IMAP processes
+# (eg. shared mailboxes or if same uid is used for multiple accounts).
+#verbose_proctitle = yes
+
+# Should all processes be killed when Dovecot master process shuts down.
+# Setting this to "no" means that Dovecot can be upgraded without
+# forcing existing client connections to close (although that could also be
+# a problem if the upgrade is e.g. because of a security fix).
+#shutdown_clients = yes
+
+# If non-zero, run mail commands via this many connections to doveadm server,
+# instead of running them directly in the same process.
+#doveadm_worker_count = 0
+# UNIX socket or host:port used for connecting to doveadm server
+#doveadm_socket_path = doveadm-server
+
+# Space separated list of environment variables that are preserved on Dovecot
+# startup and passed down to all of its child processes. You can also give
+# key=value pairs to always set specific settings.
+#import_environment {
+# TZ=%{env:TZ}
+#}
+
+# Most of the actual configuration gets included below. The filenames are
+# first sorted by their ASCII value and parsed in that order. The 00-prefixes
+# in filenames are intended to make it easier to understand the ordering.
+!include conf.d/*.conf
+
+# A config file can also tried to be included without giving an error if
+# it's not found:
+!include_try local.conf
--- /dev/null
+Source: dovecot
+Section: mail
+Priority: optional
+Maintainer: Dovecot Maintainers <dovecot@packages.debian.org>
+Uploaders: Noah Meyerhans <noahm@debian.org>
+Build-Depends: debhelper-compat (= 13),
+ default-libmysqlclient-dev,
+ krb5-multidev,
+ libapparmor-dev [linux-any],
+ libbz2-dev,
+ libcap-dev [linux-any],
+ libcdb-dev,
+ libdb-dev,
+ libexpat-dev,
+ libexttextcat-dev,
+ libicu-dev,
+ libldap2-dev,
+ liblua5.4-dev,
+ liblz4-dev,
+ liblzma-dev,
+ libpam0g-dev,
+ libpq-dev,
+ libsasl2-dev,
+ libsodium-dev,
+ libsqlite3-dev,
+ libssl-dev,
+ libstemmer-dev,
+ libsystemd-dev [linux-any],
+ libtirpc-dev,
+ libunwind-dev,
+ libwrap0-dev,
+ libxapian-dev,
+ libzstd-dev,
+ lsb-release,
+ lua-json <!nocheck>,
+ pkgconf,
+ zlib1g-dev
+Standards-Version: 4.7.0
+Rules-Requires-Root: no
+Homepage: https://dovecot.org/
+Vcs-Git: https://salsa.debian.org/debian/dovecot.git
+Vcs-Browser: https://salsa.debian.org/debian/dovecot
+
+Package: dovecot-core
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends: adduser,
+ libpam-runtime,
+ openssl,
+ ssl-cert,
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: dovecot-flatcurve,
+ dovecot-gssapi,
+ dovecot-imapd,
+ dovecot-ldap,
+ dovecot-lmtpd,
+ dovecot-managesieved,
+ dovecot-mysql,
+ dovecot-pgsql,
+ dovecot-pop3d,
+ dovecot-sieve,
+ dovecot-solr,
+ dovecot-sqlite,
+ dovecot-submissiond,
+ ntp
+Provides: dovecot-abi-${dovecot:ABI-Version}, dovecot-common
+Replaces: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Breaks: dovecot-common (<< 1:2.0.14-2~), mailavenger (<< 0.8.1-4)
+Description: secure POP3/IMAP server - core files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot main server and its command line utility.
+
+Package: dovecot-dev
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-common (<< 1:2.0.14-2~), dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - header files
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains header files needed to compile plugins for the Dovecot
+ mail server.
+
+Package: dovecot-imapd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: ufw
+Provides: imap-server
+Description: secure POP3/IMAP server - IMAP daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot IMAP server.
+
+Package: dovecot-pop3d
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests: ufw
+Provides: pop3-server
+Description: secure POP3/IMAP server - POP3 daemon
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot POP3 server.
+
+Package: dovecot-lmtpd
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - LMTP server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot LMTP server.
+
+Package: dovecot-managesieved
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ dovecot-sieve (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-common (<< 1:2.0.14-2~)
+Breaks: dovecot-common (<< 1:2.0.14-2~)
+Description: secure POP3/IMAP server - ManageSieve server
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot ManageSieve server.
+
+Package: dovecot-pgsql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - PostgreSQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides PostgreSQL support for Dovecot.
+
+Package: dovecot-mysql
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - MySQL support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides MySQL support for Dovecot.
+
+Package: dovecot-sqlite
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - SQLite support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides SQLite support for Dovecot.
+
+Package: dovecot-ldap
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces: dovecot-core (<< 1:2.2.26.0-1~)
+Breaks: dovecot-core (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - LDAP support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides LDAP support for Dovecot.
+
+Package: dovecot-gssapi
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - GSSAPI support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides GSSAPI authentication support for Dovecot.
+
+Package: dovecot-sieve
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Breaks: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Replaces: dovecot-core (<= 1:2.2.13-6), dovecot-imapd (<< 1:2.2.26.0-1~)
+Description: secure POP3/IMAP server - Sieve filters support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Sieve filters support for Dovecot.
+
+Package: dovecot-flatcurve
+Architecture: any
+Conflicts: dovecot-fts-flatcurve
+Replaces: dovecot-fts-flatcurve
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: secure POP3/IMAP server - Flatcurve support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Flatcurve full text search support for Dovecot.
+
+Package: dovecot-solr
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Solr support
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package provides Solr full text search support for Dovecot.
+
+Package: dovecot-submissiond
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}),
+ ucf,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Breaks: dovecot-submission (<< 1:2.3.1-2~)
+Replaces: dovecot-submission (<< 1:2.3.1-2~)
+Description: secure POP3/IMAP server - mail submission agent
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains the Dovecot Mail Submission Agent which implements a
+ basic SMTP submission service with BURL support.
+
+Package: dovecot-auth-lua
+Architecture: any
+Depends: dovecot-core (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Description: secure POP3/IMAP server - Lua authentication plugin
+ Dovecot is a mail server whose major goals are security and extreme
+ reliability. It tries very hard to handle all error conditions and verify
+ that all data is valid, making it nearly impossible to crash. It supports
+ mbox/Maildir and its own dbox/mdbox formats, and should also be pretty
+ fast, extensible, and portable.
+ .
+ This package contains an authentication plugin allowing password and user
+ databases to be implemented in Lua.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: dovecot
+Upstream-Contact: Timo Sirainen <tss@iki.fi>
+ Dovecot Mailing List <dovecot@dovecot.org>
+Comment: This package was debianized by Jaldhar H. Vyas <jaldhar@debian.org> on
+ Tue, 3 Dec 2002 01:10:07 -0500.
+Source: https://github.com/dovecot/core
+Files-Excluded-pigeonhole: doc/rfc
+
+Files: *
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: LGPL-2.1
+
+Files: src/lib/*
+ src/lib-sql/*
+Copyright: (c) 2001-2022 Dovecot authors
+Comment: see AUTHORS
+License: MIT
+
+Files: src/auth/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+ (c) 2005 Jelmer Vernooij <jelmer@samba.org>
+ (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+ (c) 2007 Dmitry Butskoy <dmitry@butskoy.name>
+ (C) 2006 Simon L Jackson
+ (c) 2015-2017 Dovecot Oy
+License: MIT
+
+Files: src/lib-auth/password-scheme-md5crypt.c
+Copyright: Poul-Henning Kamp <phk@login.dknet.dk>
+License: Beerware
+ "THE BEER-WARE LICENSE" (Revision 42):
+ <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
+ can do whatever you want with this stuff. If we meet some day, and you think
+ this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
+
+Files: src/lib-otp/*
+Copyright: (c) 2004-2006 Andrey Panin <pazke@donpac.ru>
+ (c) Copyright 1997-2005 Simon Tatham
+License: MIT
+
+Files: src/lib/md5.c
+Copyright: N/A
+License: public-domain-solardiz
+ Written by Solar Designer <solar@openwall.com> in 2001, and placed in the
+ public domain. There's absolutely no warrant.
+
+Files: src/lib/sha1.*
+Copyright: Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+License: BSD-3-Clause
+
+Files: src/lib/sha2.* src/lib/sha3.*
+Copyright: Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
+License: BSD-3-Clause
+
+Files: src/lib/byteorder.h src/lib/test-byteorder.c
+Copyright: (c) 2016-2017 Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
+License: MIT
+
+Files: src/lib/hmac.*
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+ (c) 2011-2016 Florian Zeitz <florob@babelmonkeys.de>
+License: MIT
+
+Files: src/lib/hmac-cram-md5.c
+Copyright: (c) 2003 Joshua Goodall <joshua@roughtrade.net>
+License: MIT
+
+Files: src/lib/ioloop-iolist.c
+Copyright: (c) 2004 Andrey Panin <pazke@donpac.ru>
+License: MIT
+
+Files: src/lib/ioloop-kqueue.c src/lib/ioloop-notify-kqueue.c
+Copyright: (c) 2005 Vaclav Haisman <v.haisman@sh.cvut.cz>
+License: MIT
+
+Files: src/lib/UnicodeData.txt
+Copyright: Copyright (C) 1991-2007 Unicode, Inc.
+License: Unicode-DFS-2015
+
+Files: src/lib-language/stopwords/*
+Copyright: Copyright (c) 2001, Dr Martin Porter
+ Copyright (c) 2002, Richard Boulton.
+Comment: License obtained from http://snowball.tartarus.org/license.html
+License: BSD-3-Clause
+
+Files: src/lib-language/stopwords/stopwords_en.txt
+Copyright: Apache Software Foundation
+License: Apache-2.0
+
+Files: src/lib-language/stopwords/stopwords_ro.txt
+Copyright: (c) 2005, Jacques Savoy.
+License: BSD-2-Clause
+
+Files: debian/*
+Copyright: (c) 2006-2016 Jaldhar H. Vyas <jaldhar@debian.org>
+ (c) 2006-2009 Fabio Tranchitella <kobold@debian.org>
+ (c) 2008-2009 Joel Johnson <mrjoel@lixil.net>
+ (c) 2009-2012 Marco Nenciarini <mnencia@debian.org>
+ (c) 2011-2013 Micah Anderson <micah@debian.org>
+ (c) 2014-2015 Jelmer Vernooij <jelmer@debian.org>
+ (c) 2016-2018 Apollon Oikonomopoulos <apoikos@debian.org>
+ (c) 2020-2022 Noah Meyerhans <noahm@debian.org>
+ (c) 2020-2022 Christian Göttsche <cgzones@googlemail.com>
+License: GPL-2+
+
+Files: pigeonhole/*
+Copyright: (c) 2002-2021 Stephan Bosch <stephan@rename-it.nl>
+ (c) 2002-2021 Dovecot authors
+Comment: Source obtained from https://pigeonhole.dovecot.org/
+License: LGPL-2.1
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the "Software"),
+ to deal in the Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ and/or sell copies of the Software, and to permit persons to whom the
+ Software is furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ DEALINGS IN THE SOFTWARE.
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+ .
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this program. If not, see
+ <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the full text of the GNU Lesser General Public License can
+ be found at /usr/share/common-licenses/LGPL-2.1.
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the full text of the Apache License, Version 2.0 can be
+ found at /usr/share/common-licenses/Apache-2.0.
+
+License: BSD-3-Clause
+ All rights reserved.
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+License: BSD-2-Clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ .
+ 1. Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the full text of the GNU General Public License version 2
+ can be found at /usr/share/common-licenses/GPL-2.
+
+License: Unicode-DFS-2015
+ Copyright © 1991-2015 Unicode, Inc. All rights reserved. Distributed under the
+ Terms of Use in http://www.unicode.org/copyright.html.
+ .
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of the Unicode data files and any associated documentation (the "Data Files")
+ or Unicode software and any associated documentation (the "Software") to deal
+ in the Data Files or Software without restriction, including without limitation
+ the rights to use, copy, modify, merge, publish, distribute, and/or sell copies
+ of the Data Files or Software, and to permit persons to whom the Data Files or
+ Software are furnished to do so, provided that
+ .
+ (a) this copyright and permission notice appear with all copies of the Data
+ Files or Software,
+ (b) this copyright and permission notice appear in associated documentation,
+ and
+ (c) there is clear notice in each modified Data File or in the Software as
+ well as in the documentation associated with the Data File(s) or Software
+ that the data or software has been modified.
+ .
+ THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
+ KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD
+ PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN
+ THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
+ DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+ WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE DATA FILES OR
+ SOFTWARE.
+ .
+ Except as contained in this notice, the name of a copyright holder shall not
+ be used in advertising or otherwise to promote the sale, use or other dealings
+ in these Data Files or Software without prior written authorization of the
+ copyright holder.
--- /dev/null
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM
+fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq
+ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI
+ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
++S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI
+HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
+-----END DH PARAMETERS-----
--- /dev/null
+dovecot (1:2.4.1+dfsg1-1) unstable; urgency=medium
+
+ Dovecot 2.4 is a major upgrade from the previous 2.3 branch and introduces
+ an incompatible configuration language. Please see
+ https://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html for
+ details on transitioning to the new language. The default configuration
+ shipped by Debian has been updated for compatibility with the new
+ configuration, but any locally maintained configuration will need to be
+ updated.
+
+ -- Noah Meyerhans <noahm@debian.org> Mon, 10 Mar 2025 13:28:20 -0400
+
+dovecot (1:2.3.2-1) unstable; urgency=medium
+
+ Upgrading to the 2.3 series may require manual configuration changes.
+ Some settings have been removed, while others have had their defaults
+ changed. Please see
+
+ /usr/share/doc/dovecot-core/wiki/Upgrading.2.3.txt.gz
+
+ or the online version at
+
+ https://wiki2.dovecot.org/Upgrading/2.3
+
+ for more information and review your configuration accordingly.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sat, 24 Mar 2018 00:34:07 +0200
+
+dovecot (1:2.2.31-1) unstable; urgency=medium
+
+ TLS is now enabled by default, using the ssl-cert-snakeoil certificate
+ provided by the ssl-cert package. Upgrades from older versions will be
+ prompted to accept the new configuration and enable TLS. If you have already
+ configured TLS yourself, you'll most probably want to keep your settings
+ intact.
+
+ See /usr/share/doc/dovecot-core/README.Debian for more information on the
+ certificate's default location and how to install your own certificates.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Sun, 25 Jun 2017 01:09:28 +0300
+
+dovecot (1:2.2.21-1) unstable; urgency=medium
+
+ This release disables the dovecot.socket systemd unit by default. The unit is
+ disabled only if the dovecot.service unit is already enabled, making sure
+ that dovecot will start on system boot. If you are upgrading dovecot and
+ previously relied on dovecot.socket and dovecot.service being both enabled,
+ please re-enable dovecot.socket manually using
+
+ systemctl enable dovecot.socket
+
+ Future package updates will not disable the socket unit again. For details
+ regarding this decision, please see Debian bugs #803915 and #814999.
+
+ -- Apollon Oikonomopoulos <apoikos@debian.org> Fri, 19 Feb 2016 16:54:27 +0200
+
+dovecot (1:2.1.7-7) unstable; urgency=high
+
+ If you are upgrading from stable or the earlier 2.1.7 packages in testing,
+ you are advised to backup your configuration files before continuing.
+ Carefully read /usr/share/doc/dovecot-core/README.Debian.gz for important
+ information about problems that might affect your upgrade.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Mon, 04 Feb 2013 16:27:17 -0500
+
+dovecot (1:2.0.5-1) experimental; urgency=low
+
+ * A lot of settings have changed. Dovecot v2.0 can still use most of
+ the v1.x configuration files, but it logs a lot of warnings at
+ startup. A quick and easy way to convert your old config file to
+ v2.0 format is:
+
+ doveconf -n -c dovecot-1.conf > dovecot-2.conf
+
+ This command logs a warning about each obsolete setting it
+ converts to the new format. You can either go through the warnings
+ to figure out what changes exactly were done, or you can simply
+ trust doveconf and replace your old config with the newly
+ generated one.
+
+ * Dovecot uses two system users for internal purposes now by
+ default: "dovenull" and "dovecot". "dovenull" user is used by
+ completely untrustworthy processes, while "dovecot" user is used
+ for slightly more trusted processes.
+
+ * In conf.d/10-mail.conf, the default mail_location is set to
+ mbox:~/mail:INBOX=/var/mail/%u
+ This has to be set because Dovecots auto-detection of mailboxes fails
+ when a user has no mail. I tried to provide a reasonable default
+ but advanced users will certainly want to change this.
+
+ Related to this, you might see an error in the logs about dovecot not
+ being able to chgrp certain files. This is because the default user
+ mailboxes in Debian belong to group mail which dovecot is not part of
+ (nor should be.) The Debian package has been patched so that the error
+ will not be fatal but for a more permanent solution, see here:
+ http://wiki2.dovecot.org/Errors/ChgrpNoPerm for some discussion. Or
+ you can set mail_location (and the equivalent settings in your MDA) so
+ that mailboxes are in the users home directory.
+
+ * No more convert plugin, use dsync instead
+
+ * No more expire-tool, use doveadm expunge instead. Also expire
+ configuration is different.
+
+ * Post-login scripts are configured differently and need to be modified
+
+ * Quota warnings are configured differently and the script may need
+ to be modified (most environment settings like $USER are gone)
+
+ * Global ACL filenames now require namespace prefix (e.g. if you use
+ "INBOX." prefix, /etc/acls/foo needs to be renamed to
+ /etc/acls/INBOX.foo
+
+ * Maildir: Permissions for newly created mail files are no longer
+ copied from dovecot-shared file, but instead from the mail
+ directory (e.g. for "foo" mailbox, they're taken from
+ ~/Maildir/.foo directory)
+
+ * dbox: v2.0 format is slightly different, but backwards
+ compatible. The main problem is that v2.0 no longer supports
+ maildir-dbox hybrid resulting from "fast Maildir migration". If
+ you have any Maildir files in your dbox, you need to convert them
+ somehow (some examples). You might also consider using dsync to
+ get rid of the old unused metadata in your dbox files.
+
+
+ * Pre-login and post-login CAPABILITY reply is now
+ different. Dovecot expects clients to recognize new automatically
+ sent capabilities. This should work with all commonly used
+ clients, but some rarely used clients might have problems. Either
+ get the client fixed, or set imap_capability manually.
+
+ * ManageSieve protocol was assigned an official port by IANA:
+ 4190. This is used by Pigeonhole by default now. If you want to
+ listen also on the old 2000 port, see the example in
+ /usr/share/doc/dovecot-common/wiki/ManageSieve.Configuration.txt.gz
+
+ * deliver binary was renamed to dovecot-lda (but a symlink still
+ exists for now)
+
+ * deliver -n parameter was replaced by lda_mailbox_autocreate
+ setting. The default also changed to "no".
+
+ * deliver -s parameter was replaced by lda_mailbox_autosubscribe
+ setting. The default is "no", as before.
+
+ -- Marco Nenciarini <mnencia@debian.org> Mon, 18 Oct 2010 12:59:14 +0200
+
+dovecot (1:1.0.12-1) unstable; urgency=low
+
+ * mail_extra_groups=mail setting is often used insecurely to give Dovecot
+ access to create dotlocks to /var/mail directory. The setting has been
+ replaced by mail_privileged_group and mail_access_groups.
+ Read also: http://dovecot.org/list/dovecot/2008-March/029196.html
+
+ -- Fabio Tranchitella <kobold@debian.org> Thu, 06 Mar 2008 15:46:03 +0100
+
+dovecot (1.0.beta3-1) unstable; urgency=low
+
+ * Starting from this release, dovecot-lda is included in dovecot-common.
+ The previous executable deliver has been removed from the upstream
+ source package.
+ * Other new features recently added include
+ + vpopmail support
+ + quota support
+ + GSSAPI support
+ * All these new features mean there are some configuration file changes
+ please review the default /etc/dovecot/dovecot.conf and merge in any
+ new bits. (If you don't use any new features, your configuration should
+ remain compatible.)
+
+ -- Fabio Tranchitella <kobold@debian.org> Fri, 17 Feb 2006 17:05:37 +0000
+
+dovecot (1.0.alpha4-1) unstable; urgency=low
+
+ * This is the 1.0alpha branch. Once again there have been incompatible
+ changes to the syntax of /etc/dovecot/dovecot.conf.
+ * The dovecot-common package now includes the zlib plugin for compressed
+ mboxen. Make sure you have mail_use_modules=yes in imap and/or pop3
+ section in /etc/dovecot/dovecot.conf if you want to use this.
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
+
+dovecot (0.99.20050712-1) unstable; urgency=low
+
+ * This is the 1.0stable development branch. There have been major
+ changes and new features have been added so check your configuration
+ carefully. In particular, /etc/dovecot/dovecot-mysql.conf and
+ /etc/dovecot/dovecot-pgsql.conf have been replaced by
+ /etc/dovecot/dovecot-sql.conf .
+
+ -- Jaldhar H. Vyas <jaldhar@debian.org> Wed, 20 Jul 2005 06:30:37 -0400
--- /dev/null
+Dovecot Debian package
+======================
+
+Please refer to http://wiki2.dovecot.org for the full documentation of this
+package and its configuration.
+
+Note that the default value for mbox_write_locks differs between Debian and
+upstream Dovecot:
+ Debian: mbox_write_locks = "fnctl dotlock"
+ Dovecot: mbox_write_locks = "dotlock fnctl"
+
+TLS setup
+---------
+
+TLS is enabled by default on new installations. Dovecot will use the
+self-signed certificate provided by ssl-cert-snakeoil by default. The
+certificate and key are accessed via symbolic links in /etc/dovecot/private.
+
+If you wish to use your own certificates, feel free to replace the symbolic
+links in /etc/dovecot/private with the actual certificate/key of your
+preference, or place the certificate and key at the location of your preference
+and update /etc/dovecot/conf.d/10-ssl.conf accordingly.
+
+dovenull group
+--------------
+
+Upstream recommends that for security's sake, the dovenull user should belong
+to its own private group to which no one else belongs. Prior to 2.2.9-1, the
+dovenull user was in the nogroup group which contains other users. This has
+been rectified for new installs but upgraders should make the change
+themselves like this:
+
+# addgroup --system --group dovenull
+# usermod -g dovenull dovenull
+
--- /dev/null
+package-status: dovecot-common dovecot-core dovecot-dev dovecot-gssapi dovecot-imapd dovecot-ldap dovecot-lmtpd dovecot-managesieved dovecot-mysql dovecot-pgsql dovecot-pop3d dovecot-sieve dovecot-sqlite
--- /dev/null
+#!/bin/bash
+
+set -e
+
+pecho() {
+ echo "$@"
+ echo "$@"|sed 's/./-/g'
+}
+
+
+if [ -x /usr/bin/doveconf ]
+then
+ echo
+ cat <<-EOF
+ You can append "doveconf -n" output to the bug report. It will help the
+ maintainers to better understand your configuration.
+ It normally doesn't contain any sensitive information, but you should
+ review it before sending.
+ EOF
+ echo
+ yesno "Do you want to append \"doveconf -n\" output to your bug report? " yep
+ if [ "$REPLY" == yep ]
+ then
+ echo >&3
+ pecho "dovecot configuration" >&3
+ /usr/bin/doveconf -n >&3
+ fi
+fi
--- /dev/null
+etc/dovecot/conf.d
+etc/dovecot/private
+usr/share/dovecot/protocols.d
+var/lib/dovecot
--- /dev/null
+NEWS
+TODO
--- /dev/null
+# /etc/default/dovecot
+
+# Set to '1' to allow Dovecot daemons to produce core dumps
+#ALLOW_COREDUMPS=1
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: dovecot
+# Required-Start: $local_fs $remote_fs $network $syslog $time
+# Required-Stop: $local_fs $remote_fs $network $syslog
+# Should-Start: postgresql mysql slapd winbind nslcd
+# Should-Stop: postgresql mysql slapd winbind nslcd
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Dovecot init script
+# Description: Init script for dovecot services
+### END INIT INFO
+
+# Author: Miquel van Smoorenburg <miquels@cistron.nl>.
+# Modified for Debian GNU/Linux
+# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="IMAP/POP3 mail server"
+NAME=dovecot
+DAEMON=/usr/sbin/dovecot
+DAEMON_ARGS=""
+SCRIPTNAME=/etc/init.d/$NAME
+CONF=/etc/dovecot/${NAME}.conf
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Exit if the configuration file doesn't exist
+[ -f "$CONF" ] || exit 0
+
+# Exit if explicitly told to
+[ "$ENABLED" != "0" ] || exit 0
+
+# Allow core dumps if requested
+[ "$ALLOW_COREDUMPS" != "1" ] || ulimit -c unlimited
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# conf file readable?
+if [ ! -r ${CONF} ]; then
+ log_daemon_msg "${CONF}: not readable" "$NAME" && log_end_msg 1;
+ exit 1;
+fi
+
+# dont check for inetd.conf if its not installed
+if [ -f /etc/inetd.conf ]; then
+ # The init script should do nothing if dovecot or another imap/pop3 server
+ # is being run from inetd, and dovecot is configured to run as an imap or
+ # pop3 service
+ for p in `sed -r "s/^ *(([^:]+|\[[^]]+]|\*):)?(pop3s?|imaps?)[ \t].*/\3/;t;d" \
+ /etc/inetd.conf`
+ do
+ for q in `doveconf -n -h protocols`
+ do
+ if [ $p = $q ]; then
+ log_daemon_msg "protocol ${p} configured both in inetd and in dovecot" "$NAME" && log_end_msg 1
+ exit 0
+ fi
+ done
+ done
+fi
+
+# determine the location of the PID file
+# override by setting base_dir in conf file or PIDBASE in /etc/defaults/$NAME
+PIDBASE=${PIDBASE:-`doveconf -n -c ${CONF} -h base_dir`}
+PIDFILE=${PIDBASE:-/var/run/dovecot}/master.pid
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test -- -c ${CONF} > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -c ${CONF} \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ restart)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session
+
--- /dev/null
+src/plugins/fts/decode2text.sh
--- /dev/null
+debian/dh.pem usr/share/dovecot
+debian/dovecot-openssl.cnf usr/share/dovecot
+debian/maildirmake.dovecot usr/bin
--- /dev/null
+# hardening flags are set and blhc succeeds; might need some investigation
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/config]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/gdbhelper]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/libdovecot-storage.so.0.0.0]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/modules/lib20_fts_plugin.so]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script-login]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/script]
+dovecot-core: hardening-no-fortify-functions [usr/lib/dovecot/xml2text]
+dovecot-core: package-contains-empty-directory [usr/share/dovecot/protocols.d/]
+dovecot-core: package-contains-empty-directory [usr/lib/dovecot/modules/dict/]
+dovecot-core: spelling-error-in-readme-debian dovenull dovenull (duplicate word) dovenull [usr/share/doc/dovecot-core/README.Debian]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libold_stats_mail.so]
+dovecot-core: library-not-linked-against-libc [usr/lib/dovecot/modules/old-stats/libstats_auth.so]
+dovecot-core [armel]: library-not-linked-against-libc usr/lib/dovecot/modules/lib20_listescape_plugin.so
+# ignore internal libraries without dependency information
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/lib20_listescape_plugin.so]
+dovecot-core: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libpigeonhole_settings.so]
+# ignore extra man pages
+dovecot-core: spare-manual-page [usr/share/man/man1/deliver.1.gz]
+# keep all man pages in section 1 for now
+dovecot-core: manual-page-for-system-command [usr/sbin/dovecot]
+# ignore executable-in-usr-lib, maybe move to libexec at some point
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/anvil]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/auth]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/config]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dict]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dns-client]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/doveadm-server]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/dovecot-lda]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/gdbhelper]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/health-check.sh]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/indexer-worker]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/log]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/quota-status]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/rawlog]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/script-login]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/stats]
+dovecot-core: executable-in-usr-lib [usr/lib/dovecot/xml2text]
+# ignore equal stub files
+dovecot-core: duplicate-files usr/share/doc/dovecot-core/wiki/Pigeonhole.ManageSieve.Install.txt usr/share/doc/dovecot-core/wiki/Plugins.Stats.txt
+# ignore stopwords txt files not in /usr/share/doc
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_da.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_de.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_en.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_es.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fi.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_fr.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_it.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_nl.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_no.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_pt.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ro.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_ru.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_sv.txt]
+dovecot-core: package-contains-documentation-outside-usr-share-doc [usr/share/dovecot/stopwords/stopwords_tr.txt]
+# ulimit -c might be specified but is supported by bash and dash
+dovecot-core: bash-term-in-posix-shell '| ulimit' [etc/init.d/dovecot:43]
--- /dev/null
+debian/maildirmake.dovecot.1
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="dovecot.conf \
+ conf.d/10-auth.conf \
+ conf.d/10-logging.conf \
+ conf.d/10-mail.conf \
+ conf.d/10-master.conf \
+ conf.d/10-metrics.conf \
+ conf.d/10-ssl.conf \
+ conf.d/15-lda.conf \
+ conf.d/15-mailboxes.conf \
+ conf.d/30-dict-server.conf \
+ conf.d/90-acl.conf \
+ conf.d/90-fts.conf \
+ conf.d/90-quota.conf \
+ conf.d/auth-deny.conf.ext \
+ conf.d/auth-master.conf.ext \
+ conf.d/auth-oauth2.conf.ext \
+ conf.d/auth-passwdfile.conf.ext \
+ conf.d/auth-sql.conf.ext \
+ conf.d/auth-static.conf.ext \
+ conf.d/auth-system.conf.ext"
+
+ OLD_CONFFILES="conf.d/auth-vpopmail.conf.ext \
+ dovecot-dict-auth.conf.ext \
+ dovecot-dict-sql.conf.ext \
+ dovecot-sql.conf.ext \
+ conf.d/10-director.conf \
+ conf.d/10-tcpwrapper.conf \
+ conf.d/90-plugin.conf"
+
+ ## Users
+ #
+
+ adduser --system --group --home /usr/lib/dovecot --gecos "Dovecot mail server" \
+ --no-create-home --disabled-password --quiet dovecot || true
+
+ adduser --system --group --home /nonexistent --no-create-home --gecos "Dovecot login user" \
+ --disabled-password --quiet dovenull || true
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-core "/etc/dovecot/$conffile"
+ if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+ [ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+ chmod 0640 "/etc/dovecot/$conffile"
+ chgrp dovecot "/etc/dovecot/$conffile"
+ fi
+ done
+
+ for oldconffile in $OLD_CONFFILES ; do
+ if [ -e "/etc/dovecot/$oldconffile" ]; then
+ modified=$(ucfq -w /etc/dovecot/$oldconffile | cut -d: -f4)
+ if [ "$modified" = "No" ]; then
+ echo "Removing unmodified obsolete configuration file '/etc/dovecot/$oldconffile'"
+ rm -f "/etc/dovecot/$oldconffile"
+ else
+ echo "Locally modified configuration file '/etc/dovecot/$oldconffile' is obsolete. Please remove."
+ fi
+ ucf --purge "/etc/dovecot/$oldconffile"
+ ucfr --purge dovecot-core "/etc/dovecot/$oldconffile"
+ fi
+ done
+
+
+ if ! dpkg-statoverride --list /etc/dovecot/private >/dev/null; then
+ dpkg-statoverride --quiet --update --add root root 0700 /etc/dovecot/private
+ fi
+
+ # SSL configuration
+ # Use the ssl-cert-snakeoil certificate in the following cases:
+ # - On new installations
+ if [ -z "$2" ]; then
+ if [ ! -e /etc/dovecot/private/dovecot.key ] && \
+ [ ! -e /etc/dovecot/private/dovecot.pem ] && \
+ [ -e /etc/ssl/certs/ssl-cert-snakeoil.pem ] && \
+ [ -e /etc/ssl/private/ssl-cert-snakeoil.key ]; then
+ ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/dovecot/private/dovecot.pem
+ ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/dovecot/private/dovecot.key
+ fi
+ fi
+fi
+
+if [ "$1" = "triggered" ]; then
+ if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot restart
+ fi
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-core | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-core "$conffile"
+ fi
+ done
+
+ userdel dovecot || true;
+ userdel dovenull || true;
+
+ if [ -d /run/dovecot ]; then
+ rm -rf /run/dovecot
+ fi
+
+ # Remove dovecot.pem and dovecot.key only if they are symlinks; otherwise
+ # we might remove CA-issued certificates that are difficult and/or
+ # expensive to replace.
+ for file in /etc/dovecot/private/dovecot.pem /etc/dovecot/private/dovecot.key; do
+ if [ -h "$file" ]; then
+ rm -f "$file"
+ else
+ echo "${file} is not a symbolic link, skipping removal." >&2
+ fi
+ done
+fi
+
+if [ "$1" = "triggered" ]; then
+ if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot start
+ fi
+fi
+
+#DEBHELPER#
--- /dev/null
+interest-noawait register-dovecot-plugin
+interest-noawait /usr/lib/dovecot/modules
--- /dev/null
+/usr/share/dovecot/dovecot-abi contains that portion of DOVECOT_ABI_VERSION
+from configure.ac outside parentheses (i.e not including the package version.)
+It might look something like this:
+
+2.2.ABIv10
+
+...packages providing plugins for dovecot can use this information in their
+dependencies to avoid having to update every time there is a minor update to
+the dovecot package.
+
--- /dev/null
+# plugins probably need the package name
+dovecot-dev: package-name-defined-in-config-h usr/include/dovecot/config.h
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-flatcurve
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/90-fts-flatcurve.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-ldap "/etc/dovecot/$conffile"
+ if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+ [ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+ chmod 0600 "/etc/dovecot/$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-flatcurve | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-flatcurve "$conffile"
+ fi
+ done
+
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-gssapi
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-imapd
--- /dev/null
+# hardening flags are set and blhc succeeds; might need some investigation
+dovecot-imapd: hardening-no-fortify-functions [usr/lib/dovecot/imap]
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-imap.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-imapd "/etc/dovecot/$conffile"
+ done
+
+ cat <<EOF > /usr/share/dovecot/protocols.d/imapd.protocol
+protocols {
+ imap = yes
+}
+EOF
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-imapd | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-imapd "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/imapd.protocol
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
--- /dev/null
+[Dovecot IMAP]
+title=Secure mail server (IMAP)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=143/tcp
+
+[Dovecot Secure IMAP]
+title=Secure mail server (IMAPS)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=993/tcp
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-ldap
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/auth-ldap.conf.ext"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-ldap "/etc/dovecot/$conffile"
+ if [ "$conffile" != "dovecot.conf" ] && [ -f "/etc/dovecot/$conffile" ] &&
+ [ "$(echo "$conffile" | cut -b -7)" != "conf.d/" ]; then
+ chmod 0600 "/etc/dovecot/$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ CONFFILES="/etc/dovecot/dovecot-ldap.conf.ext \
+ /etc/dovecot/conf.d/auth-ldap.conf.ext"
+
+ for conffile in $CONFFILES; do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-ldap "$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-lmtpd
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-lmtp.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-lmtpd "/etc/dovecot/$conffile"
+ done
+
+ cat <<EOF > /usr/share/dovecot/protocols.d/lmtpd.protocol
+protocols {
+ lmtp = yes
+}
+EOF
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-lmtpd | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-lmtpd "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/lmtpd.protocol
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+Removing dovecot-managesieved
+-----------------------------
+
+If you remove (i.e. with dpkg -r or aptitude remove) this package you will
+get an error something like this:
+
+doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf:
+service(managesieve-login): executable is empty
+
+To avoid it, make sure
+/etc/dovecot/conf.d/etc/dovecot/conf.d/20-managesieve.conf has been deleted,
+moved or completely commented out first. Alternatively, purge the package
+instead of removing it.
+
+If you do not do this, dovecot-core will be left in an unconfigured state
+because the error will cause a trigger to fail. To fix this simply reinstall
+dovecot-core.
--- /dev/null
+pigeonhole/doc/example-config/conf.d/??-managesieve* usr/share/dovecot/conf.d
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-managesieved
--- /dev/null
+dovecot-managesieved: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/settings/libmanagesieve_settings.so]
+dovecot-managesieved: library-not-linked-against-libc [usr/lib/dovecot/modules/settings/libmanagesieve_settings.so]
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-managesieve.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-managesieved "/etc/dovecot/$conffile"
+ done
+
+ cat <<EOF > /usr/share/dovecot/protocols.d/managesieved.protocol
+protocols {
+ sieve = yes
+}
+EOF
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-managesieved | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-managesieved "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/managesieved.protocol
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-mysql
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+#
+# SSLeay configuration file for Dovecot.
+#
+
+RANDFILE = /dev/urandom
+
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+prompt = no
+policy = policy_anything
+req_extensions = v3_req
+x509_extensions = v3_req
+
+[ req_distinguished_name ]
+organizationName = Dovecot mail server
+organizationalUnitName = @commonName@
+commonName = @commonName@
+emailAddress = @emailAddress@
+
+[ v3_req ]
+basicConstraints = CA:FALSE
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pgsql
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-pop3d
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-pop3.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-pop3d "/etc/dovecot/$conffile"
+ done
+
+ cat <<EOF > /usr/share/dovecot/protocols.d/pop3d.protocol
+protocols {
+ pop3 = yes
+}
+EOF
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-pop3d | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-pop3d "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/pop3d.protocol
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+[Dovecot POP3]
+title=Secure mail server (POP3)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=110/tcp
+
+[Dovecot Secure POP3]
+title=Secure mail server (POP3S)
+description=Dovecot is a mail server whose major goals are security and extreme
+ reliability.
+ports=995/tcp
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sieve
--- /dev/null
+# ignore internal library without dependency information
+dovecot-sieve: shared-library-lacks-prerequisites [usr/lib/dovecot/modules/sieve/lib90_sieve_imapsieve_plugin.so]
+# alias for sieve-dump
+dovecot-sieve: spare-manual-page [usr/share/man/man1/sieved.1.gz]
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/90-sieve.conf \
+ conf.d/90-sieve-extprograms.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ ucfr dovecot-sieve "/etc/dovecot/$conffile"
+ done
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-sieve | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-sieve "$conffile"
+ fi
+ done
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+After installing this package, the solr XML schema can be found in
+/usr/share/dovecot/solr-schema-*.xml
--- /dev/null
+doc/solr-*.xml usr/share/dovecot
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-solr
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+/usr/share/bug/dovecot-core /usr/share/bug/dovecot-sqlite
--- /dev/null
+activate-noawait register-dovecot-plugin
+
--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+ CONFFILES="conf.d/20-submission.conf"
+
+ for conffile in $CONFFILES ; do
+ # Tell ucf that the file in /usr/share/dovecot is the latest
+ # maintainer version, and let it handle how to manage the real
+ # configuration file in /etc/dovecot.
+ ucf --three-way "/usr/share/dovecot/$conffile" "/etc/dovecot/$conffile"
+ # Use --force to allow hijacking the file from dovecot-submission
+ ucfr --force dovecot-submissiond "/etc/dovecot/$conffile"
+ done
+
+ if [ -f /usr/share/dovecot/protocols.d/submission.protocol ]; then
+ rm -f /usr/share/dovecot/protocols.d/submission.protocol
+ fi
+ cat <<EOF > /usr/share/dovecot/protocols.d/submissiond.protocol
+protocols {
+ submission = yes
+}
+EOF
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "purge" ] ; then
+ for conffile in $(ucfq --with-colons dovecot-submissiond | cut -d: -f1); do
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist .ucf-new .ucf-old .ucf-dist; do
+ rm -f "$conffile$ext"
+ done
+ # remove the configuration file itself
+ rm -f "$conffile"
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ ucf --purge "$conffile"
+ fi
+ if which ucfr >/dev/null; then
+ ucfr --purge dovecot-submissiond "$conffile"
+ fi
+ done
+
+fi
+
+if [ "$1" = "purge" ] || [ "$1" = "remove" ]; then
+ rm -f /usr/share/dovecot/protocols.d/submissiond.protocol
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+ deb-systemd-invoke stop dovecot.socket || true
+fi
+
+if [ -x "/etc/init.d/dovecot" ]; then
+ invoke-rc.d dovecot stop
+fi
+
+#DEBHELPER#
--- /dev/null
+activate-noawait register-dovecot-plugin
--- /dev/null
+[DEFAULT]
+pristine-tar = True
+sign-tags = True
+component=pigeonhole
+
+[buildpackage]
+export-dir = ../build-area/
+
+[dch]
+meta = True
+id-length = 7
+
+[pq]
+patch-numbers = False
--- /dev/null
+#!/bin/sh
+#
+# maildirmake.dovecot -- create maildirs
+# Copyright (c) 2003, Jaldhar H. Vyas
+# "Do what thou wilt" shall be the whole of the license.
+#
+dir="$1"
+owner="$2"
+if [ -z "$dir" ]; then
+ echo "Must supply a directory path"
+ exit 1
+fi
+
+if [ "$dir" = "-h" ]; then
+ echo "usage: $0 directory [user]"
+ exit 0
+fi
+
+umask 077
+mkdir -p "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+chmod 0700 "$dir" "$dir/cur" "$dir/new" "$dir/tmp" || exit 1
+
+if [ -n "$owner" ]; then
+ chown -R "$owner" "$dir" || exit 1
+fi
+
+exit 0
+
--- /dev/null
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH "MAILDIRMAKE.DOVECOT" "1" "23 November 2005"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+maildirmake.dovecot \- creates maildirs and maildir subfolders
+.SH SYNOPSIS
+.B maildirmake.dovecot
+\fBdirectory\fR [ \fRowner\fR ] \fR
+.br
+.SH DESCRIPTION
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBmaildirmake.dovecot\fP creates a maildir and its maildir subfolders (cur, new, tmp).
+\fBdirectory\fP is the name of the new maildir. If \fBdirectory\fP exists cur, new, tmp directories are created inside it.
+.TP
+You can specify \fBowner\fP to change directories ownership if you have ownership modification permission.
+.TP
+\fBmaildirmake.dovecot\fP is very basic. It is strongly recommended to use \fBmaildirmake\fP if you want to do serious maildir management.
+.SH OPTIONS
+.TP
+\fB-h\fP
+Show options summary and exits immediately.
+.SH SEE ALSO
+.BR maildirmake (1).
+.BR maildir (5).
+.SH AUTHOR
+.TP
+dovecot was written by Timo Sirainen <tss@iki.fi>. maildirmake.dovecot script was written by Jaldhar H. Vyas
+.PP
+This manual page was written by Henry Precheur <henry@precheur.org>,
+for the Debian project (but may be used by others).
--- /dev/null
+From 0d490d6453b4779bc711f1b998e6d09ae2aab8a8 Mon Sep 17 00:00:00 2001
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 26 May 2025 09:37:35 +0300
+Subject: [PATCH] lda: Fix using USER environment if -d hasn't been specified
+
+This became broken at some point.
+---
+ src/lda/main.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+Index: dovecot/src/lda/main.c
+===================================================================
+--- dovecot.orig/src/lda/main.c
++++ dovecot/src/lda/main.c
+@@ -453,9 +453,6 @@ int main(int argc, char *argv[])
+ i_fatal_status(EX_USAGE, "Unknown argument: %s", argv[optind]);
+ }
+
+- if (master_service_settings_read_simple(master_service, &error) < 0)
+- i_fatal("%s", error);
+-
+ process_euid = geteuid();
+ if ((service_flags & MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP) != 0)
+ ;
+@@ -485,6 +482,13 @@ int main(int argc, char *argv[])
+ i_fatal_status(EX_USAGE,
+ "destination user parameter (-d user) not given");
+ }
++ struct master_service_settings_input set_input = {
++ .preserve_user = TRUE,
++ };
++ struct master_service_settings_output set_output;
++ if (master_service_settings_read(master_service, &set_input,
++ &set_output, &error) < 0)
++ i_fatal("%s", error);
+ master_service_init_finish(master_service);
+
+ dinput.mail_from = mail_from;
--- /dev/null
+From 42864e4182c7bfe2931fdf888f3cb4ba77953dee Mon Sep 17 00:00:00 2001
+From: Timo Sirainen <timo.sirainen@open-xchange.com>
+Date: Mon, 26 May 2025 09:45:56 +0300
+Subject: [PATCH] lda: Default mail_home=$HOME environment if not using userdb
+ lookup
+
+The previous code to do this was removed by
+e57d5b9002f910c095ee5b55821395fcf1da016a
+---
+ src/lda/main.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+Index: dovecot/src/lda/main.c
+===================================================================
+--- dovecot.orig/src/lda/main.c
++++ dovecot/src/lda/main.c
+@@ -478,12 +478,17 @@ int main(int argc, char *argv[])
+ "Couldn't lookup our username (uid=%s)",
+ dec2str(process_euid));
+ }
++ struct settings_root *set_root =
++ master_service_get_settings_root(master_service);
++ settings_root_override(set_root, "mail_home", home,
++ SETTINGS_OVERRIDE_TYPE_DEFAULT);
+ } else {
+ i_fatal_status(EX_USAGE,
+ "destination user parameter (-d user) not given");
+ }
+ struct master_service_settings_input set_input = {
+ .preserve_user = TRUE,
++ .preserve_home = TRUE,
+ };
+ struct master_service_settings_output set_output;
+ if (master_service_settings_read(master_service, &set_input,
--- /dev/null
+From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 22 Dec 2022 17:00:53 +0100
+Subject: Use _FORTIFY_SOURCE level 3
+
+Forwarded: not-needed
+---
+ m4/dovecot.m4 | 6 +++---
+ pigeonhole/m4/dovecot.m4 | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+Index: dovecot/m4/dovecot.m4
+===================================================================
+--- dovecot.orig/m4/dovecot.m4
++++ dovecot/m4/dovecot.m4
+@@ -9,7 +9,7 @@ dnl modifications, as long as this notic
+ # serial 42
+
+ dnl
+-dnl Check for support for D_FORTIFY_SOURCE=2
++dnl Check for support for D_FORTIFY_SOURCE=3
+ dnl
+
+ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+@@ -17,8 +17,8 @@ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+ AS_IF([test "$enable_hardening" = yes], [
+ case "$host" in
+ *)
+- gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2], [
+- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
++ gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3], [
++ CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
+ ],
+ [],
+ [AC_LANG_PROGRAM()]
+Index: dovecot/pigeonhole/m4/dovecot.m4
+===================================================================
+--- dovecot.orig/pigeonhole/m4/dovecot.m4
++++ dovecot/pigeonhole/m4/dovecot.m4
+@@ -9,7 +9,7 @@ dnl modifications, as long as this notic
+ # serial 41
+
+ dnl
+-dnl Check for support for D_FORTIFY_SOURCE=2
++dnl Check for support for D_FORTIFY_SOURCE=3
+ dnl
+
+ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+@@ -17,8 +17,8 @@ AC_DEFUN([AC_CC_D_FORTIFY_SOURCE],[
+ AS_IF([test "$enable_hardening" = yes], [
+ case "$host" in
+ *)
+- gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2], [
+- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
++ gl_COMPILER_OPTION_IF([-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3], [
++ CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3"
+ ],
+ [],
+ [AC_LANG_PROGRAM()]
--- /dev/null
+Description: Fix GSSAPI regression
+ Dovecot 2.4 introduced a regression that broke GSSAPI authentication for
+ some clients. This patch contains a fix provided by the upstream maintainers.
+Origin: https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/message/O54EAGLIXXHMOH7BQCCKHHB3Z32HDWVR/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104549
+Last-Update: 2025-05-02
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: dovecot/src/auth/mech-gssapi.c
+===================================================================
+--- dovecot.orig/src/auth/mech-gssapi.c
++++ dovecot/src/auth/mech-gssapi.c
+@@ -672,7 +672,7 @@ mech_gssapi_auth_initial(struct auth_req
+
+ if (data_size == 0) {
+ /* The client should go first */
+- auth_request_handler_reply_continue(request, NULL, 0);
++ auth_request_handler_reply_continue(request, uchar_empty_ptr, 0);
+ } else {
+ mech_gssapi_auth_continue(request, data, data_size);
+ }
--- /dev/null
+From 09cc148e4bbbae91514b6ff58bd71c15f95e4e8a Mon Sep 17 00:00:00 2001
+From: Jakob Haufe <sur5r@sur5r.net>
+Date: Sun, 25 May 2025 15:04:50 +0200
+Subject: [PATCH] Fix LDAP SASL auth support
+
+961275fdb54878fdfa4ee1b9f1a4f00e82bf4a83 moved code without creating a
+way to have HAVE_LDAP_SASL defined there.
+
+Copy the preprocessor block from src/auth/db-ldap.c to fix this.
+---
+ src/auth/db-ldap-settings.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/src/auth/db-ldap-settings.c b/src/auth/db-ldap-settings.c
+index 6c8feb334e..9245fcabd2 100644
+--- a/src/auth/db-ldap-settings.c
++++ b/src/auth/db-ldap-settings.c
+@@ -137,6 +137,18 @@ const struct setting_parser_info ldap_post_setting_parser_info = {
+
+ /* <settings checks> */
+
++#define HAVE_LDAP_SASL
++#ifdef HAVE_SASL_SASL_H
++# include <sasl/sasl.h>
++#elif defined (HAVE_SASL_H)
++# include <sasl.h>
++#else
++# undef HAVE_LDAP_SASL
++#endif
++#if !defined(SASL_VERSION_MAJOR) || SASL_VERSION_MAJOR < 2
++# undef HAVE_LDAP_SASL
++#endif
++
+ static int ldap_parse_deref(const char *str, int *ref_r)
+ {
+ if (strcasecmp(str, "never") == 0)
+--
+2.47.2
+
--- /dev/null
+Index: dovecot/src/lib/test-event-filter.c
+===================================================================
+--- dovecot.orig/src/lib/test-event-filter.c
++++ dovecot/src/lib/test-event-filter.c
+@@ -1003,32 +1003,32 @@ static void test_event_filter_interval_v
+ { "field > 1mins", 60 * 1000 * 1000, FALSE },
+ { "field < 1mins", 60 * 1000 * 1000, FALSE },
+
+- { "field = 1hours", 60L * 60 * 1000 * 1000, TRUE },
+- { "field = 1h", 60L * 60 * 1000 * 1000, TRUE },
+- { "field = 3600000000", 60L * 60 * 1000 * 1000, TRUE },
+- { "field >= 1hours", 60L * 60 * 1000 * 1000, TRUE },
+- { "field <= 1hours", 60L * 60 * 1000 * 1000, TRUE },
+- { "field > 1mins", 60L * 60 * 1000 * 1000, TRUE },
+- { "field > 1hours", 60L * 60 * 1000 * 1000, FALSE },
+- { "field < 1hours", 60L * 60 * 1000 * 1000, FALSE },
++ { "field = 1hours", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field = 1h", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field = 3600000000", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field >= 1hours", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field <= 1hours", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field > 1mins", 60LL * 60 * 1000 * 1000, TRUE },
++ { "field > 1hours", 60LL * 60 * 1000 * 1000, FALSE },
++ { "field < 1hours", 60LL * 60 * 1000 * 1000, FALSE },
+
+- { "field = 1days", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field = 1d", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field = 86400000000", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field >= 1days", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field <= 1days", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field > 1hours", 24L * 60 * 60 * 1000 * 1000, TRUE },
+- { "field > 1days", 24L * 60 * 60 * 1000 * 1000, FALSE },
+- { "field < 1days", 24L * 60 * 60 * 1000 * 1000, FALSE },
++ { "field = 1days", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field = 1d", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field = 86400000000", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field >= 1days", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field <= 1days", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field > 1hours", 24LL * 60 * 60 * 1000 * 1000, TRUE },
++ { "field > 1days", 24LL * 60 * 60 * 1000 * 1000, FALSE },
++ { "field < 1days", 24LL * 60 * 60 * 1000 * 1000, FALSE },
+
+- { "field = 1weeks", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field = 1w", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field = 604800000000", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field >= 1weeks", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field <= 1weeks", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field > 1days", 7L * 24 * 60 * 60 * 1000 * 1000, TRUE },
+- { "field > 1weeks", 7L * 24 * 60 * 60 * 1000 * 1000, FALSE },
+- { "field < 1weeks", 7L * 24 * 60 * 60 * 1000 * 1000, FALSE },
++ { "field = 1weeks", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field = 1w", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field = 604800000000", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field >= 1weeks", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field <= 1weeks", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field > 1days", 7LL * 24 * 60 * 60 * 1000 * 1000, TRUE },
++ { "field > 1weeks", 7LL * 24 * 60 * 60 * 1000 * 1000, FALSE },
++ { "field < 1weeks", 7LL * 24 * 60 * 60 * 1000 * 1000, FALSE },
+ };
+
+ struct event_filter *filter;
--- /dev/null
+Description: Fix groff errors in upstream manpages
+Author: Noah Meyerhans <noahm@debian.org>
+Forwarded: no
+Last-Update: 2025-05-02
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: dovecot/doc/man/dovecot-lda.1
+===================================================================
+--- dovecot.orig/doc/man/dovecot-lda.1
++++ dovecot/doc/man/dovecot-lda.1
+@@ -1,5 +1,6 @@
+-.TH "" "" "March 2025" "78ffb79" "Dovecot"
+-dovecot-lda - Dovecot's local mail delivery agent
++.TH "DOVECOT-LDA" "1" "March 2025" "78ffb79" "Dovecot"
++.SH "NAME"
++\fBdovecot-lda\fR - Dovecot's local mail delivery agent
+ .SH "SYNOPSIS"
+ .P
+ \fBdovecot-lda\fR \[lB]\fB-ek\fR\[rB] \[lB]\fB-a\fR \fIaddress\fR\[rB] \[lB]\fB-c\fR \fIconfig_file\fR\[rB] \[lB]\fB-d\fR \fIusername\fR\[rB] \[lB]\fB-f\fR \fIenvelope_sender\fR\[rB] \[lB]\fB-m\fR \fImailbox\fR\[rB] \[lB]\fB-o\fR \fIsetting=value\fR\[rB] \[lB]\fB-p\fR \fIpath\fR\[rB] \[lB]\fB-r\fR \fIaddress\fR\[rB]
+Index: dovecot/doc/man/doveadm-deduplicate.1
+===================================================================
+--- dovecot.orig/doc/man/doveadm-deduplicate.1
++++ dovecot/doc/man/doveadm-deduplicate.1
+@@ -6,7 +6,7 @@
+ \fBdoveadm\fR \[lB]\fIGLOBAL OPTIONS\fR\[rB] \fBdeduplicate\fR \[lB]\fB-u\fR \fIuser\fR | \fB-A\fR | \fB-F\fR \fIfile\fR | \fB--no-userdb-lookup\fR\[rB] \[lB]\fB-S\fR \fIsocket_path\fR\[rB] \[lB]\fB-m\fR\[rB] \fIsearch_query\fR
+ .SH "DESCRIPTION"
+ .P
+-. doveadm(1) will delete the newest duplicated messages from the mailbox and keep the oldest.
++doveadm(1) will delete the newest duplicated messages from the mailbox and keep the oldest.
+ .P
+ Deduplication across multiple mailboxes is not supported.
+ .SH "GLOBAL OPTIONS"
+@@ -157,7 +157,7 @@ Run the \fIcommand\fR only for the given
+ .RS 0
+ .RS 4
+ .P
+-' will be sufficient. See doveadm-search-query(7) for details.
++will be sufficient. See doveadm-search-query(7) for details.
+ .RE 0
+
+ .RE 0
+@@ -179,7 +179,7 @@ guid uid
+ 8aad0f0a30169f4bea620000ca356bad 18756
+ 923e301ab9219b4b4f440000ca356bad 18748
+ 923e301ab9219b4b4f440000ca356bad 18753
+-...
++\fR...
+ .fi
+ .RE
+ .P
+@@ -196,7 +196,7 @@ guid uid
+ 8aad0f0a30169f4bea620000ca356bad 18751
+ 923e301ab9219b4b4f440000ca356bad 18748
+ a7999e1530739c4bd26d0000ca356bad 18749
+-...
++\fR...
+ .fi
+ .RE
+ .SH "REPORTING BUGS"
+Index: dovecot/doc/man/doveadm-fetch.1
+===================================================================
+--- dovecot.orig/doc/man/doveadm-fetch.1
++++ dovecot/doc/man/doveadm-fetch.1
+@@ -377,7 +377,7 @@ The date-time attribute when present, ot
+ .RS 0
+ .RS 4
+ .P
+-Fetch messages matching this search query. See doveadm-search-query(1) for details.
++Fetch messages matching this search query. See doveadm-search-query(7) for details.
+ .RE 0
+
+ .RE 0
--- /dev/null
+#split-protocols.patch
+#fix-mail_plugin_dir-default.patch
+#ssl-cert-location.patch
+#tcpwrapper.patch
+#default-mail_location.patch
+#mboxlocking.patch
+#dovecot_name.patch
+#ssl-dh-params-location.patch
+skip-rfc-subdir.patch
+#Correct-misspellings.patch
+#test-backtrace.patch
+#doveadm-director.1-drop-acute-accent.patch
+#Fix-32bit-sign-comparisons.patch
+#Improve-cross-compile-support.patch
+#Silence-LTO-related-compiler-warning.patch
+#md4-md5-disable-optimization-causing-unaligned-access.patch
+#Support-openssl-3.0.patch
+#Debug-flaky-unit-test.patch
+#auth-Fix-handling-passdbs-with-identical-driver-args-but-.patch
+#auth-Add-a-comment-about-updating-userdb_find.patch
+#Fix-uninitialized-read-in-doveadm-oldstats.patch
+0001-lda-Fix-using-USER-environment-if-d-hasn-t-been-spec.patch
+0002-lda-Default-mail_home-HOME-environment-if-not-using-.patch
+Use-_FORTIFY_SOURCE-level-3.patch
+fit-32-bit-test-integers.patch
+bug1104549-gssapi-regression.patch
+fix-man-errors.patch
+bug1106784_Fix-LDAP-SASL-auth-support.patch
--- /dev/null
+From: Noah Meyerhans <noahm@debian.org>
+Date: Thu, 21 May 2020 21:48:59 -0700
+Subject: Don't try to build doc/rfc subdir components
+Forwarded: not-needed
+---
+ pigeonhole/configure.ac | 1 -
+ pigeonhole/doc/Makefile.am | 1 -
+ pigeonhole/doc/Makefile.in | 1 -
+ 3 files changed, 3 deletions(-)
+
+Index: dovecot/pigeonhole/configure.ac
+===================================================================
+--- dovecot.orig/pigeonhole/configure.ac
++++ dovecot/pigeonhole/configure.ac
+@@ -258,7 +258,6 @@ doc/Makefile
+ doc/man/Makefile
+ doc/example-config/Makefile
+ doc/example-config/conf.d/Makefile
+-doc/rfc/Makefile
+ doc/extensions/Makefile
+ doc/locations/Makefile
+ doc/plugins/Makefile
+Index: dovecot/pigeonhole/doc/Makefile.am
+===================================================================
+--- dovecot.orig/pigeonhole/doc/Makefile.am
++++ dovecot/pigeonhole/doc/Makefile.am
+@@ -1,7 +1,6 @@
+ SUBDIRS = \
+ man \
+ example-config \
+- rfc \
+ extensions \
+ locations \
+ plugins
--- /dev/null
+# Dutch translation of dovecot debconf templates.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the dovecot package.
+# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dovecot\n"
+"Report-Msgid-Bugs-To: dovecot@packages.debian.org\n"
+"POT-Creation-Date: 2013-11-07 07:06+0100\n"
+"PO-Revision-Date: 2014-10-04 22:25+0200\n"
+"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
+"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
+"Language: nl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Wrong location for SSL certificates"
+msgstr "De SSL-certificaten staan op een verkeerde plaats"
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid ""
+"This machine uses SSL certificates for Dovecot. These certificates should be "
+"moved from /etc/ssl to /etc/dovecot and Dovecot's configuration file (/etc/"
+"dovecot/conf.d/10-ssl.conf) should be updated accordingly."
+msgstr ""
+"Deze computer gebruikt SSL-certificaten voor Dovecot. Deze certificaten "
+"moeten verplaatst worden van /etc/ssl naar /etc/dovecot en het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) moet in "
+"die zin aangepast worden."
+
+#. Type: error
+#. Description
+#: ../dovecot-core.templates:2001
+msgid "Please read /usr/share/doc/dovecot-core/README.Debian.gz for details."
+msgstr ""
+"Raadpleeg /usr/share/doc/dovecot-core/README.Debian.gz voor de details."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid "Create a self-signed SSL certificate?"
+msgstr "Een door uzelf ondertekend SSL-certificaat aanmaken?"
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"An SSL certificate is needed in order to use IMAP or POP3 over SSL/TLS. No "
+"such certificate was found."
+msgstr ""
+"U heeft een SSL-certificaat nodig om IMAP of POP3 over SSL/TLS te kunnen "
+"gebruiken. Een dergelijk certificaat werd niet gevonden."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"Please choose whether you want to create one now. This will then be a self-"
+"signed certificate."
+msgstr ""
+"Geef aan of u nu een dergelijk certificaat wilt aanmaken. In dat geval zal "
+"het een door uzelf ondertekend certificaat zijn."
+
+#. Type: boolean
+#. Description
+#: ../dovecot-core.templates:3001
+msgid ""
+"If you choose not to create a certificate, please adapt Dovecot's "
+"configuration file (/etc/dovecot/conf.d/10-ssl.conf)."
+msgstr ""
+"Indien u ervoor kiest om geen certificaat aan te maken, dan moet u het "
+"configuratiebestand van Dovecot (/etc/dovecot/conf.d/10-ssl.conf) wijzigen."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Host name:"
+msgstr "Computernaam"
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid "Please enter the host name to use in the SSL certificate."
+msgstr ""
+"Geef aan welke computernaam gebruikt moet worden in het SSL-certificaat."
+
+#. Type: string
+#. Description
+#: ../dovecot-core.templates:4001
+msgid ""
+"It will become the \"commonName\" field of the generated SSL certificate."
+msgstr ""
+"Die komt terecht in het veld \"commonName\" van het SSL-certificaat dat "
+"aangemaakt wordt."
--- /dev/null
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+SHELL=/bin/bash -O extglob
+PIGEONHOLE_DIR=$(CURDIR)/pigeonhole
+
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all optimize=+lto
+
+# LP: 1636781 - strip incompatible default linker option
+ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes),yes)
+ export DEB_LDFLAGS_MAINT_STRIP = -Wl,-Bsymbolic-functions
+endif
+
+DOV_DEB_CFLAGS=
+DOV_DEB_CXXFLAGS=
+DOV_DEB_LDFLAGS=
+
+# Ensure that stacktrace generation works:
+DOV_DEB_LDFLAGS += -rdynamic
+include /usr/share/dpkg/architecture.mk
+ifneq ($(filter armel armhf hppa mips64el mipsel riscv64 sparc64, $(DEB_HOST_ARCH)),)
+ DOV_DEB_CFLAGS += -funwind-tables
+ DOV_DEB_CXXFLAGS += -funwind-tables
+endif
+
+# Extra hardening flags, not for hppa.
+ifeq ($(filter hppa, $(DEB_HOST_ARCH)),)
+ DOV_DEB_CFLAGS += -fstack-clash-protection
+ DOV_DEB_CXXFLAGS += -fstack-clash-protection
+ DOV_DEB_LDFLAGS += -fstack-clash-protection
+endif
+
+export DEB_CFLAGS_MAINT_APPEND = $(DOV_DEB_CFLAGS)
+export DEB_CXXFLAGS_MAINT_APPEND = $(DOV_DEB_CXXFLAGS)
+export DEB_LDFLAGS_MAINT_APPEND = $(DOV_DEB_LDFLAGS)
+
+
+ifeq ($(DEB_HOST_ARCH_OS),linux)
+ CONFIGURE_APPARMOR = --with-apparmor
+endif
+
+ifeq (i386,$(DEB_HOST_ARCH))
+ CONFIGURE_Y2038=--disable-year2038
+else
+ CONFIGURE_Y2038=--enable-year2038
+endif
+
+CLEANFILES=src/lib-settings/settings-history-core.c \
+ src/lib-dict-backend/dict-drivers-register.c \
+ src/lib-sql/test-database.db \
+ pigeonhole/src/plugins/settings/pigeonhole-settings-dynamic.c
+
+# Macros to help move files to the module packages
+CORE_DIR=$(CURDIR)/debian/dovecot-core
+PKG_DIR=$(CURDIR)/debian/dovecot-PKG
+MOVE=install -d $(PKG_DIR:PKG=$(2))/$(dir $(1)); mv $(CORE_DIR)/$(1) $(PKG_DIR:PKG=$(2))/$(dir $(1));
+
+# Files to move from dovecot-core to the individual packages. Files added to
+# <addon>_files will be automatically moved from dovecot's tree to the
+# respective package.
+auth-lua_files = usr/lib/dovecot/modules/auth/libauthdb_lua.so
+
+imapd_files = usr/lib/dovecot/imap* \
+ usr/lib/dovecot/modules/lib??_imap_!(*sieve*) \
+ usr/share/dovecot/conf.d/??-imap*
+
+pop3d_files = usr/lib/dovecot/pop3* \
+ usr/share/dovecot/conf.d/??-pop3*
+
+lmtpd_files = usr/lib/dovecot/lmtp* \
+ usr/share/dovecot/conf.d/??-lmtp*
+
+managesieved_files = usr/lib/dovecot/managesieve* \
+ usr/lib/dovecot/modules/settings/libmanagesieve* \
+ usr/share/dovecot/conf.d/??-managesieve.conf
+
+submissiond_files = usr/lib/dovecot/submission* \
+ usr/share/dovecot/conf.d/??-submission.conf
+
+pgsql_files = usr/lib/dovecot/modules/auth/libdriver_pgsql* \
+ usr/lib/dovecot/modules/dict/libdriver_pgsql* \
+ usr/lib/dovecot/modules/libdriver_pgsql*
+
+mysql_files = usr/lib/dovecot/modules/auth/libdriver_mysql* \
+ usr/lib/dovecot/modules/dict/libdriver_mysql* \
+ usr/lib/dovecot/modules/libdriver_mysql*
+
+sqlite_files = usr/lib/dovecot/modules/auth/libdriver_sqlite* \
+ usr/lib/dovecot/modules/dict/libdriver_sqlite* \
+ usr/lib/dovecot/modules/libdriver_sqlite*
+
+gssapi_files = usr/lib/dovecot/modules/auth/libmech_gssapi*
+
+ldap_files = usr/lib/dovecot/modules/auth/libauthdb_ldap* \
+ usr/lib/dovecot/modules/dict/libdict_ldap* \
+ usr/lib/dovecot/libdovecot-ldap* \
+ usr/share/dovecot/*-ldap.conf.ext \
+ usr/share/dovecot/conf.d/*-ldap.conf.ext
+
+sieve_files = usr/bin/sieve* \
+ usr/lib/dovecot/modules/lib??_sieve* \
+ usr/lib/dovecot/modules/lib??_imap_*sieve* \
+ usr/lib/dovecot/modules/doveadm/lib??_doveadm_sieve* \
+ usr/lib/dovecot/modules/sieve \
+ usr/lib/dovecot/libdovecot-sieve* \
+ usr/share/man/man1/sieve* \
+ usr/share/dovecot/conf.d/??-sieve.conf \
+ usr/share/dovecot/conf.d/??-sieve-extprograms.conf
+
+flatcurve_files = usr/lib/dovecot/modules/lib??_fts_flatcurve_* \
+ usr/share/dovecot/conf.d/??-fts-flatcurve.conf
+
+solr_files = usr/lib/dovecot/modules/lib??_fts_solr_*
+
+dev_files = usr/include/* \
+ usr/lib/dovecot/dovecot-config \
+ usr/share/aclocal/*.m4
+
+%:
+ dh $@
+
+override_dh_autoreconf:
+ dh_autoreconf debian/autogen.sh
+
+override_dh_auto_configure:
+ KRB5CONFIG=krb5-config.mit systemdsystemunitdir=/usr/lib/systemd/system dh_auto_configure -- \
+ --enable-experimental-mail-utf8 \
+ --with-ldap=plugin \
+ --with-ssl=openssl \
+ --with-sql=plugin \
+ --with-pgsql \
+ --with-mysql \
+ --with-sqlite \
+ --with-gssapi=plugin \
+ --with-solr \
+ --with-flatcurve \
+ --with-ioloop=best \
+ --with-icu \
+ $(CONFIGURE_APPARMOR) \
+ --with-lz4 \
+ --with-lua=plugin \
+ --with-sodium \
+ --libdir=\$${prefix}/lib \
+ --libexecdir=\$${prefix}/lib \
+ --docdir=\$${prefix}/share/doc/dovecot-core \
+ --with-moduledir=\$${prefix}/lib/dovecot/modules \
+ --with-rundir=/run/dovecot \
+ --disable-rpath \
+ --disable-static \
+ $(CONFIGURE_Y2038)
+
+ifeq (i386,$(DEB_HOST_ARCH))
+ sed -i 's/TIME_T_MAX_BITS 32/TIME_T_MAX_BITS 31/' config.h
+endif
+
+ $(MAKE) dovecot-config
+# remove unreproducible '-ffile-prefix-map=/build/1st/dovecot-2.3.10.1+dfsg1=.'
+# '-fdebug-prefix-map=/build/dovecot-O55xqn/dovecot-2.3.10.1+dfsg1=.'
+ sed -i 's/\s\+-ffile-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+ sed -i 's/\s\+-fdebug-prefix-map=\S\+=.\s\+/ /g' dovecot-config
+
+# Pigeonhole
+ touch $(PIGEONHOLE_DIR)/stamp.h.in
+ dh_auto_configure -D $(PIGEONHOLE_DIR) -- \
+ --with-dovecot=../ \
+ --libdir=\$${prefix}/lib \
+ --libexecdir=\$${prefix}/lib \
+ --disable-static \
+ --with-ldap=plugin
+
+override_dh_auto_build:
+# Remove all-settings.c and let it be re-generated from the (patched)
+# component settings files.
+ rm -f src/config/all-settings.c
+# Create doc/stamp-man, which may have been removed on an earlier
+# 'clean' invocation, so we don't try to download docs content from
+# the internet:
+ touch doc/stamp-man
+ dh_auto_build
+ dh_auto_build -D $(PIGEONHOLE_DIR)
+
+override_dh_auto_clean:
+ dh_auto_clean
+ dh_auto_clean -D $(PIGEONHOLE_DIR)
+ -rm -f $(CLEANFILES)
+
+override_dh_auto_install:
+# Install everything under dovecot-core
+ $(MAKE) install DESTDIR=$(CORE_DIR)
+ $(MAKE) -C $(PIGEONHOLE_DIR) install DESTDIR=$(CORE_DIR)
+ rm `find $(CURDIR)/debian -name '*.la'`
+ rm $(CORE_DIR)/usr/lib/dovecot/decode2text.sh
+
+override_dh_install:
+# dh_auto_install has installed everything in the dovecot-core package.
+# Run dh_install to install additional files from the source directory
+# or debian/ to the individual packages. NOTE: there is nothing in
+# debian/tmp!
+ dh_install
+ install -D -m 0755 $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh \
+ $(CORE_DIR)/usr/share/dovecot/mkcert.sh
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/mkcert.sh
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/dovecot-openssl.cnf
+ rm $(CORE_DIR)/usr/share/doc/dovecot-core/solr-*.xml
+
+# We want the dovecot.conf managed by ucf, not the upstream default:
+ rm -f $(CORE_DIR)/etc/dovecot/dovecot.conf
+ cp -r debian/conf/* $(CORE_DIR)/usr/share/dovecot/
+ $(foreach package,$(patsubst dovecot-%,%,$(shell dh_listpackages)),\
+ $(foreach file,$($(package)_files),\
+ $(call MOVE,$(file),$(package))))
+
+ rmdir $(CORE_DIR)/usr/include
+ rmdir $(CORE_DIR)/usr/share/aclocal
+ install -d $(PKG_DIR:PKG=dev)/usr/share/dovecot
+ grep ABI_VERSION config.h | awk '{print $$NF}' | tr -d \" \
+ | tr '[A-Z]' '[a-z]' > $(PKG_DIR:PKG=dev)/usr/share/dovecot/dovecot-abi
+# sanity check the ABI:
+ grep -F -q abi $(PKG_DIR:PKG=dev)/usr/share/dovecot/dovecot-abi
+
+# Install apport hook
+ install -D -m 644 debian/source_dovecot.py $(CURDIR)/debian/dovecot-core/usr/share/apport/package-hooks/dovecot-core.py
+
+ install -D -m644 debian/dovecot-imapd.ufw.profile debian/dovecot-imapd/etc/ufw/applications.d/dovecot-imapd
+ install -D -m644 debian/dovecot-pop3d.ufw.profile debian/dovecot-pop3d/etc/ufw/applications.d/dovecot-pop3d
+
+override_dh_installpam:
+ dh_installpam -pdovecot-core --name=dovecot
+
+override_dh_installinit:
+ dh_installinit -pdovecot-core --name=dovecot -u"defaults 20"
+
+override_dh_installsystemd:
+ dh_installsystemd -pdovecot-core dovecot.service
+ dh_installsystemd -pdovecot-core --no-enable dovecot.socket
+
+override_dh_gencontrol:
+ dh_gencontrol -- -Vdovecot:ABI-Version=$(shell cat $(CURDIR)/debian/dovecot-dev/usr/share/dovecot/dovecot-abi)
+
+override_dh_makeshlibs:
+# Do not add an ldconfig trigger; none of the dovecot shared libraries
+# are public.
+ dh_makeshlibs -n
+
+override_dh_installdocs:
+ dh_installdocs
+ cp pigeonhole/README $(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.README
+ cp pigeonhole/NEWS $(CORE_DIR)/usr/share/doc/dovecot-core/pigeonhole.NEWS
--- /dev/null
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+# The test suite does not pass reprotest
+variables:
+ SALSA_CI_DISABLE_REPROTEST: 1
+ SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1
+ SALSA_CI_DISABLE_BUILD_PACKAGE_TWICE: 0
+
+test-build-twice:
+ extends: .test-build-package-twice
+ timeout: 2h
--- /dev/null
+3.0 (quilt)
--- /dev/null
+dovecot source: intra-source-package-circular-dependency dovecot-core dovecot-sieve
--- /dev/null
+#!/usr/bin/python3
+
+'''Dovecot Apport interface
+
+Copyright (C) 2010 Canonical Ltd/
+Author: Chuck Short <chuck.short@canonical.com>
+
+This program is free software; you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the
+Free Software Foundation; either version 2 of the License, or (at your
+option) any later version. See http://www.gnu.org/copyleft/gpl.html for
+the full text of the license.
+'''
+
+from apport.hookutils import *
+
+def add_info(report, ui):
+ response = ui.yesno("The output of dovecot -n may help developers diagnose your bug more quickly, however, it may contain sensitive information. Do you want to include it in your bug report?")
+
+ if response is None: #user canceled
+ raise StopIteration
+
+ elif response:
+ report['DovecotConf'] = root_command_output(['/usr/sbin/dovecot', '-n'])
+
+
+ elif not response:
+ ui.information("The contents of dovecot -n will NOT be includeded in the bug report")
+
+ packages = ['dovecot-common', 'dovecot-core', 'dovecot-dev', 'dovecot-pop3d', 'dovecot-imapd', 'mail-stack-delivery', 'dovecot-postfix']
+ versions = ''
+ for package in packages:
+ try:
+ version = package.get_version(package)
+ except:
+ version = 'N/A'
+ versions += '%s %s\n' %(package, version)
+ report['DovecotInstalledVersions'] = versions
--- /dev/null
+Tests: doveadm
+Depends: dovecot-core
+Restrictions: needs-root
+
+Tests: systemd
+Depends: dovecot-core, systemd-sysv
+
+Test-Command: run-parts --report --exit-on-error debian/tests/usage
+Depends: dovecot-imapd, dovecot-pop3d, python3
+Restrictions: needs-root, breaks-testbed, allow-stderr
+
+Tests: testmails
+Restrictions: needs-root, breaks-testbed
+Depends: dovecot-imapd, dovecot-pop3d, lsb-release, python3, python3-passlib
--- /dev/null
+#!/bin/sh
+
+set -e
+
+echo "Checking if dovecot is running"
+doveadm -f flow instance list | grep -q 'running=yes'
+echo "OK"
--- /dev/null
+#!/bin/sh
+
+set -e
+
+echo "Checking whether dovecot.service is enabled"
+systemctl is-enabled dovecot.service
+
+echo "Checking whether dovecot.service is a native unit"
+source=$(systemctl show -pSourcePath dovecot.service | cut -d = -f 2)
+if [ -n "$source" ]; then
+ echo $source
+ exit 1
+else
+ echo "OK (no SourcePath found)"
+fi
+
+echo "Checking whether dovecot.socket is inactive"
+status=$(systemctl show -pActiveState dovecot.socket | cut -d = -f 2)
+echo $status
+if [ "$status" != inactive ]; then
+ exit 1
+fi
--- /dev/null
+#!/usr/bin/python3
+
+import grp
+import imaplib
+import os
+import os.path
+import poplib
+import pwd
+import random
+import string
+import subprocess
+import sys
+import unittest
+
+from passlib.hash import des_crypt
+
+
+def random_string(length):
+ '''Return a random string, consisting of ASCII letters, with given
+ length.'''
+
+ s = ''
+ maxind = len(string.ascii_letters)-1
+ for _ in range(length):
+ s += string.ascii_letters[random.randint(0, maxind)]
+ return s.lower()
+
+
+def login_exists(login):
+ '''Checks whether the given login exists on the system.'''
+
+ try:
+ pwd.getpwnam(login)
+ return True
+ except KeyError:
+ return False
+
+
+def get_distribution():
+ '''Return the name of the Linux Distribution we are running.'''
+ cmd = ['lsb_release', '-si']
+ output = subprocess.check_output(cmd)
+ return output.strip()
+
+
+class TestUser:
+ '''Create a temporary test user and remove it again on close.'''
+
+ def __init__(self):
+ '''Create a new user account with a random password.'''
+
+ self.login = None
+
+ while True:
+ login = random_string(8)
+ if not login_exists(login):
+ break
+
+ self.salt = random_string(2)
+ self.password = random_string(8)
+ self.crypted = des_crypt.using(salt=self.salt).hash(self.password)
+
+ subprocess.check_call(['useradd', '-p', self.crypted, '-m', login])
+
+ self.login = login
+ p = pwd.getpwnam(self.login)
+ self.uid = p[2]
+ self.gid = p[3]
+
+ def __del__(self):
+ '''Remove the created user account.'''
+
+ if self.login:
+ self.close()
+
+ def close(self):
+ '''Remove the created user account.'''
+
+ subprocess.check_call(['userdel', '-f', '-r', self.login])
+ self.login = None
+
+
+class DovecotBasics(unittest.TestCase):
+ '''Base operational tests for Dovecot server.'''
+
+ def setUp(self):
+ '''Create test scenario.
+
+ We want to test the default setup, but pre-setup an mbox on a tmp user
+ '''
+
+ self.distribution = get_distribution()
+ self.user = TestUser()
+
+ # create fresh test mailbox with one new and one old mail
+ self.mailbox = '/var/mail/' + self.user.login
+ self.orig_mbox = '''From test1@test1.com Fri Nov 17 02:21:08 2006
+Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+Status: N
+
+Some really important news.
+
+From test2@test1.com Tue Nov 28 11:29:34 2006
+Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+Status: R
+
+More news.
+
+Get cracking!
+'''
+ with open(self.mailbox, 'w') as f:
+ f.write(self.orig_mbox)
+ os.chown(self.mailbox, self.user.uid, grp.getgrnam('mail')[2])
+ os.chmod(self.mailbox, 0o660)
+
+ def tearDown(self):
+ self.user.close()
+
+ def _test_pop3_proto(self, pop):
+ '''Internal factorization of POP3 protocol checks with an established
+ connection.'''
+
+ # check empty password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertRaises(poplib.error_proto, pop.pass_, '')
+
+ # check wrong password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertRaises(poplib.error_proto, pop.pass_, '123')
+
+ # check correct password
+ self.assertEqual(pop.user(self.user.login), b'+OK')
+ self.assertEqual(pop.pass_(self.user.password), b'+OK Logged in.')
+
+ # check messages
+ self.assertEqual(pop.stat()[0], 2, b'2 available messages')
+ self.assertEqual(pop.list()[1], [b'1 163', b'2 161'])
+ self.assertEqual('\n'.join(l.decode() for l in pop.retr(1)[1]), '''Date: Thu, 16 Nov 2006 17:12:23 -0800
+From: Test User 1 <test1@test1.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 1
+
+Some really important news.''')
+ self.assertEqual('\n'.join(l.decode() for l in pop.retr(2)[1]), '''Date: Tue, 28 Nov 2006 11:29:34 +0100
+From: Test User 2 <test2@test2.com>
+To: Dovecot tester <dovecot@test.com>
+Subject: Test 2
+
+More news.
+
+Get cracking!''')
+
+ self.assertEqual(pop.quit(), b'+OK Logging out.')
+
+ def test_pop3(self):
+ '''Test POP3 protocol.'''
+
+ pop = poplib.POP3('localhost')
+ self.assertEqual(pop.getwelcome(), b'+OK Dovecot ready.')
+
+ self._test_pop3_proto(pop)
+
+ def test_pop3s(self):
+ '''Test POP3S protocol.'''
+
+ pop = poplib.POP3_SSL('localhost')
+ self.assertEqual(pop.getwelcome(), b'+OK Dovecot ready.')
+
+ self._test_pop3_proto(pop)
+
+ def _test_imap_proto(self, imap):
+ '''Internal factorization of IMAP4 protocol checks with an established
+ connection.'''
+
+ # invalid passwords
+ self.assertRaises(imaplib.IMAP4.error, imap.login,
+ self.user.login, '')
+ self.assertRaises(imaplib.IMAP4.error, imap.login,
+ self.user.login, '123')
+
+ # correct password
+ imap.login(self.user.login, self.user.password)
+
+ # list mailboxes
+ status, imlist = imap.list()
+ self.assertEqual(status, 'OK')
+ self.assertTrue(imlist[0].decode().endswith('INBOX'))
+
+ # check mails
+ imap.select()
+ self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1 2']))
+ self.assertEqual(imap.fetch('1', '(FLAGS)'),
+ ('OK', [b'1 (FLAGS (\\Recent))']))
+ self.assertEqual(imap.fetch('2', '(FLAGS)'),
+ ('OK', [b'2 (FLAGS (\\Seen \\Recent))']))
+ self.assertEqual(imap.fetch('1', '(BODY[TEXT])')[1][0][1],
+ b'Some really important news.\r\n')
+ self.assertEqual(imap.fetch('2', '(BODY[TEXT])')[1][0][1],
+ b'More news.\r\n\r\nGet cracking!')
+
+ self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+ [(b'1 (RFC822 {163}',
+ b'''Date: Thu, 16 Nov 2006 17:12:23 -0800\r
+From: Test User 1 <test1@test1.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 1\r
+\r
+Some really important news.\r
+'''), b')'])
+
+ # delete mail 1
+ self.assertEqual(imap.store('1', '+FLAGS', '\\Deleted')[0], 'OK')
+ self.assertEqual(imap.expunge()[0], 'OK')
+ self.assertEqual(imap.search(None, 'ALL'), ('OK', [b'1']))
+
+ # old mail 2 is mail 1 now
+ self.assertEqual(imap.fetch('1', '(RFC822)')[1],
+ [(b'1 (RFC822 {161}',
+ b'''Date: Tue, 28 Nov 2006 11:29:34 +0100\r
+From: Test User 2 <test2@test2.com>\r
+To: Dovecot tester <dovecot@test.com>\r
+Subject: Test 2\r
+\r
+More news.\r
+\r
+Get cracking!'''), b')'])
+ imap.close()
+ imap.logout()
+
+ def test_imap(self):
+ '''Test IMAP4 protocol.'''
+
+ imap = imaplib.IMAP4('localhost')
+ self._test_imap_proto(imap)
+
+ def test_imaps(self):
+ '''Test IMAP4S protocol.'''
+
+ imap = imaplib.IMAP4_SSL('localhost')
+ self._test_imap_proto(imap)
+
+
+if __name__ == '__main__':
+ os.dup2(1, 2)
+ suite = unittest.TestSuite()
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(DovecotBasics))
+ result = unittest.TextTestRunner(verbosity=2).run(suite)
+ sys.exit(not result.wasSuccessful())
--- /dev/null
+#!/bin/sh
+
+set -e
+
+echo "Setting up dovecot for the test"
+# Move aside 10-auth.conf to disable passwd-based auth
+if [ -f /etc/dovecot/conf.d/10-auth.conf ]; then
+ mv /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.bak
+fi
+
+cat >/etc/dovecot/local.conf <<-EOF
+mail_driver = maildir
+mail_path = ~/Maildir
+mail_inbox_path = ~/Maildir
+
+auth_mechanisms = plain
+
+passdb static {
+ driver = static
+ passdb_static_password = test
+}
+
+userdb static {
+ driver = static
+ fields {
+ uid=nobody
+ gid=nogroup
+ home=/srv/dovecot-dep8/%u
+ }
+}
+EOF
+
+mkdir -p /srv/dovecot-dep8
+chown nobody:nogroup /srv/dovecot-dep8
+
+echo "Restarting the service"
+systemctl restart dovecot
+
+echo "Sending a test message via the LDA"
+/usr/lib/dovecot/dovecot-lda -f "test@example.com" -d dep8 <<EOF
+Return-Path: <test@example.com>
+Message-Id: <dep8-test-1@debian.org>
+From: Test User <test@example.com>
+To: dep8 <dep8@example.com>
+Subject: DEP-8 test
+
+This is just a test
+EOF
+
+echo "Verifying that the email was correctly delivered"
+if [ -z "$(doveadm search -u dep8 header message-id dep8-test-1@debian.org)" ]; then
+ echo "Message not found"
+ exit 1
+fi
+
+echo "Done"
+echo
--- /dev/null
+#!/usr/bin/python3
+import imaplib
+
+imaplib.Debug = 4
+
+print("Testing IMAP")
+print("Connecting")
+client = imaplib.IMAP4('localhost')
+
+print("Checking for STARTTLS capability")
+assert 'STARTTLS' in client.capabilities
+
+client.starttls()
+
+print("Logging in")
+client.login('dep8', 'test')
+
+print("Selecting INBOX")
+client.select()
+
+print("Looking for the test message")
+res, uids = client.search(None, 'HEADER', 'MESSAGE-ID', '"<dep8-test-1@debian.org>"')
+
+assert res == 'OK'
+assert len(uids[0]) > 0
+
+uid = uids[0].split()[0]
+
+print("Fetching and verifying test message")
+res, data = client.fetch(uid, '(RFC822)')
+
+assert res == 'OK'
+
+lines = data[0][1].splitlines()
+
+assert b'Subject: DEP-8 test' in lines
+
+print("Done")
--- /dev/null
+#!/usr/bin/python3
+import poplib
+
+print("Testing POP3")
+print("Connecting")
+client = poplib.POP3('localhost')
+client.set_debuglevel(2)
+
+print("Checking for STARTTLS capability")
+assert 'STLS' in client.capa()
+
+client.stls()
+
+print("Logging in")
+client.user('dep8')
+client.pass_('test')
+
+print("Listing INBOX")
+res, data, _ = client.list()
+assert res.startswith(b'+OK')
+
+print("Fetching and verifying test message")
+for entry in data:
+ _id, _ = entry.split(maxsplit=1)
+ res, body, _ = client.retr(int(_id))
+ if b'Subject: DEP-8 test' in body:
+ break
+else:
+ raise AssertionError("Test message not found")
+
+print("Done")
--- /dev/null
+Name: dovecot
+Repository: https://github.com/dovecot/core
+Repository-Browse: https://github.com/dovecot/core
+Contact: Dovecot Mailing List <dovecot at dovecot.org>
+Bug-Submit: Dovecot Mailing List <dovecot at dovecot.org>
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEZ49ZxhYJKwYBBAHaRw8BAQdABhVJFqsoq7gZeXhY/xcz5Vc0i+vM/Df8RDSW
+lzPHsoC0MkRvdmVjb3QgQ29tbXVuaXR5IEVkaXRpb24gPGRvdmVjb3QtY2VAZG92
+ZWNvdC5vcmc+iJAEExYIADgWIQTvCIIHn9TtMr+LI7KhsJ74TtxSGQUCZ49ZxgIb
+AwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRChsJ74TtxSGUgvAP9gNC6pZKBV
+micPYvE2UOTvX8WoEcjWI1UptTxFsHXOjwEA6DZiPoPn9Vvl4PuyG8TavjDslOL8
+pfn+XKZho2WoAgSJAjMEEAEKAB0WIQQr50qrPudU37nIDTMYo0iu7UCdoQUCZ49a
+xgAKCRAYo0iu7UCdoVPOD/452ZnhEYW2/VxgDmD7DNaaxdfL/vKifc9MP2sJm+a2
+T95zHpm/erV2xw3gPpKcLuMaPhkexf6MMhoh9GnUnwEuoOfMWhMAn26RNPFvuUL0
+a73qoxRY9D+Q/PUNjNsNFj/3c8VIC3DeQhO77wVblLWr9+7J9GrzKtBCkb7zC5Xf
+8zjLkCWZ15S0kVKNvBsZzEzLYVN/+Kk1s1WP4x1gnQdPm8N7+b4XAQSOUXLjkL5S
+vGyIUuHwnYHQJeH51L+q8SpzEr59K9OiVYOCm0ICl28xjOjIC9Ym7a8W5Xa5new3
+ScxNeTuxRItYeDyxXi+YIYGHWYGjmppmlq3VksXirUHfgNoipVSbmGxCukShSsfH
+f/40iO8DRFRnsUN2lzN4TCcT1ayQvKoyMFuoXQJonuLdbc7E+YLNIPsW66+aoAuW
+g+5j2QFMFxAJS9IoTCsVQv52MuCj2X5KgwmBcYSgWGpoog9Yx+aaVQQ+X++9FX8r
+RcnyOGOBaA6htH4g1kUOWwZ/NxObRiA7QLo4Rz6CJrU7ueRIaeSCCXTxCb5dJDeE
+IB1MZh1artKZ6Rko+cv/Vy0Ojb0JfPDDoQyhblPIXhlJN8/4zFCjxilMDA9CTAB6
+kY1TVGp138CDnJHZvCdvbrlWf7ktw3+CGKQsZq96Jf756L28dTA42E+WqCBFMZna
+V7g4BGePWcYSCisGAQQBl1UBBQEBB0A50U//EHUvujYRMNqQ3XMVt8lxU7HtdmsH
+Bamh6BjmLgMBCAeIeAQYFggAIBYhBO8Iggef1O0yv4sjsqGwnvhO3FIZBQJnj1nG
+AhsMAAoJEKGwnvhO3FIZEZQBAKuMI//Cjl38pD68fQfcnIMDV2YnXjvaswe7jbDr
+Jyo4AQDr/VanhFwPxSlZ3MKY4PWyLw4Fm9mTT2ofcluFttRsDg==
+=eQ4x
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+# watch control file for uscan
+version=4
+# core
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, uversionmangle=s/\.-[0-9]+//, oversionmangle=s/(.*)/$1+dfsg1/" \
+ https://dovecot.org/releases/2.4/dovecot-([\.0-9]+)(-[0-9]+)?\.tar\.gz debian
+# pigeonhole
+opts="pgpmode=auto, dversionmangle=s/\+dfsg\d*//, uversionmangle=s/\.-[0-9]//, oversionmangle=s/(.*)/$1+dfsg1/, component=pigeonhole" \
+ https://pigeonhole.dovecot.org/releases/2.4/dovecot-pigeonhole-([\.0-9]+)(-[0-9]+)?\.tar\.gz ignore uupdate
projects / dovecot.git / commitdiff