Cyrus IMAP 3.2.0 Release Notes¶
Download from GitHub:
Major changes since the 3.0.x series¶
Sieve bug fixes and features
Replication safety improvements
Caldav and Carddav improvements
Support for JMAP core protocol (RFC 8620)
Support for JMAP Mail (RFC 8621)
Experimental support for JMAP Contacts (requires jmap_nonstandard_extensions: yes in imapd.conf(5))
Experimental support for JMAP Calendars (requires jmap_nonstandard_extensions: yes in imapd.conf(5))
Xapian bug fixes
Improvements to Annotations handling
DRAC support has been deprecated
Support for Prometheus stats
SNMP stats support has been deprecated
Removed support for the Sphinx backend to squatter searches
New cyrus.index format v16 included since 3.1.5 - adds unseen count and createdmodseq to index header, savedate and createdmodseq to index records
Support for WebSockets
Support for HTTP/2.0
Support for SCRAM authentication for httpd
Experimental support for Zeroskip database format
Intermediate mailboxes are now recorded in mailboxes database
Conversations database format update - adds flags and internaldate fields, and is now versioned for future-compatibility. You will need to rebuild your conversations databases with ctl_conversationsdb(8) and the -b switch to benefit from this
IMAP FETCH accepts two new data items, MAILBOXIDS and MAILBOXES, which respectively return the unique ids or names of the containing mailboxes of each message in the sequence (for best performance, rebuild your conversations databases as above)
mbpath(8) is now much more useful
Twoskip database format now supports shared locks, and ensures record headers do not span disk block boundaries
All Cyrus binaries now use real sysexits exit codes instead of mapping nearly everything to EX_TEMPFAIL
CyrusDB errors now syslog the actual error instead of just "cyrusdb error"
New allowdeleted imapd.conf(5) option (default off), which allows admin users to see deleted mailboxes and expunged messages over IMAP
cyr_virusscan(8) now supports custom templates for notifications sent about infected messages that have been deleted
imapd.conf(5) options that represent a time duration now accept 'd', 'h', 'm', 's' suffixes rather than arbitrary units
The tls_server_cert and tls_server_key imapd.conf(5) options now allow two certificate/key pairs (e.g. RSA and EC) to be used. Thanks Дилян Палаузов
Mailbox create/delete/rename are now performed under a lock on the user's namespace, to prevent races (especially during big renames)
The cyr_info(8) conf-lint subcommand no longer complains about channel-prefixed sync options
New master_bind_errors_fatal imapd.conf(5) option (default off), with which master will refuse to start if any of the configured services are unable to successfully bind their port. The default and legacy behaviour is for master to start with the affected services disabled, and not try to start them again until a SIGHUP is received
New autocreate_acl imapd.conf(5) option, for specifying ACLs to use when mailboxes are created by autocreate_inbox_folders
New zoneinfo_dir imapd.conf(5) option, for specifying the directory Cyrus should look for timezone definitions in. The default is to let libical find them itself. If the tzdist http module is enabled, this option is mandatory.
The iso-8859-1 charset is now treated as an alias for windows-1252, as per WHATWG Encoding for emails and websites
Updates to default configuration¶
The cyr_info(8) conf, conf-all and conf-default subcommands now accept an -s <version> argument to highlight imapd.conf(5) options that are new or whose behaviour has changed since the specified version. We recommend using this when evaluating a new Cyrus version to check which configuration options you will need to re-examine and maybe change during the process.
The specialusealways option is now enabled by default. It must explicitly be disabled for interoperability with legacy clients that can't handle RFC 6154 attributes in extended LIST commands.
The values accepted by expunge_mode have changed, please see the documentation for more information about the changes.
The legacy GETANNOTATIONS/SETANNOTATIONS IMAP commands will no longer work unless annotation_enable_legacy_commands is enabled.
The outbox_sendlater option and its functionality have been removed.
The tzdist http module now finds its timezone data directory according to the new zoneinfo_dir imapd.conf(5) option, instead of being hardcoded to "{configdirectory}/zoneinfo". If you are using this module, you MUST now set this option explicitly. Calendaring services will use the same timezone definitions.
Security fixes¶
Contains fix for CVE-2017-14230
Contains fix for CVE-2019-18928
Contains fix for CVE-2019-19783
Significant bugfixes¶
Contains fix for Issue #2839