Recent activity

maddy 0.4.2 released 10 days ago

From Max Mazurov to ~foxcpp/maddy

Among other minor fixes, binary packages (including Docker image) for this release
were built using Go 1.15.5 that includes a fix for CVE-2020-28362 - DoS 
vulnerability in Go TLS client.

## Change log

* check/milter: Add missing handler for milter.ActTempFail ('t') (thanks @hugmouse!)
* msgpipeline: Fix log messages missing for sub-pipelines
* msgpipeline: Fix effective_rcpt in log messages being wrong when sub-pipelines do rewriting
* endpoint/smtp: Fix handling of empty messages in auto-buffer code
* endpoint/smtp: Auto-create directory for "fs" buffer mode

--
Cheers,

maddy 0.4.0 released 3 months ago

From Max Mazurov to ~foxcpp/maddy

**GitHub is having problems uploading artifacts, grab them 
from https://foxcpp.dev/maddy-builds/0.4.0/** 
This is now the primary source of build artifacts and source
tarballs.

## GPLv3

After short discussion and collecting necessary agreements, decision was
made to change Maddy Mail Server source code license to GNU Public
License Version 3.

See GH#253 for details.

## Deprecated functionality, breaking changes for 0.5

maddy 0.3.3 released 4 months ago

From Max Mazurov to ~foxcpp/maddy

**Note:** We are in the progress of changing maddy source code license from MIT to GPLv3.
This is the last release to have all code available under MIT license.

**Note:** GitHub refused to accept maddy-0.3.3+gd95e4f9-x86_64-linux-musl.tar.zst attachment.
A good reminder that artifacts for all releases are available from https://foxcpp.dev/maddy-builds/

Change log follows...

## Bug fixes

* Fix CRLF mangled into LF by net/textproto and incorrect RFC822.SIZE reported
  by go-imap-sql as a result of that.
    (18657def692614a487c56eb5d387c73a568a4b88)

maddy 0.3.2 released 5 months ago

From Max Mazurov to ~foxcpp/maddy

## Change log

### SECURITY ISSUES

* Update golang.org/x/text to v0.3.3 (fixes potential DoS)

See CVE-2020-14040 and https://go-review.googlesource.com/c/text/+/238238
for details.

### Bug fixes

For imapsql IMAP backend:
* Fix handling of * seqset
* Add missing counters update for EXPUNGE

Re: [PATCH] Do not panic if BouncerServ command without handler is sent 5 months ago

From Max Mazurov to ~emersion/public-inbox

Woops, I forgot to include this in Subject. It is a patch for soju.

[PATCH] Do not panic if BouncerServ command without handler is sent 5 months ago

From fox.cpp to ~emersion/public-inbox

---
 service.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/service.go b/service.go
index 1aab5e5..c7faa8c 100644
--- a/service.go
+++ b/service.go
@@ -71,6 +71,20 @@ func handleServicePRIVMSG(dc *downstreamConn, text string) {
		return
	}

	if cmd.handle == nil {
		if len(cmd.children) > 0 {
[message trimmed]

[PATCH soju] Fix handling of empty response to SASL challenge 5 months ago

From fox.cpp to ~emersion/public-inbox

---
 upstream.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/upstream.go b/upstream.go
index 82c2417..35cfb49 100644
--- a/upstream.go
+++ b/upstream.go
@@ -507,7 +507,7 @@ func (uc *upstreamConn) handleMessage(msg *irc.Message) error {

		// TODO: send response in multiple chunks if >= 400 bytes
		var respStr = "+"
		if resp != nil {
		if len(resp) != 0 {
[message trimmed]

maddy 0.3.1 released 5 months ago

From Max Mazurov to ~foxcpp/maddy

Several bugs were discovered shortly after 0.3.0 release
so here is 0.3.1.

## Change log

### Bug fixes

* limits: Fix "rate" directive parser handling for 2 arguments
* endpoint/smtp: Fix panic if connection is closed in the middle of receiving body
* endpoint/smtp: Fix limit leak in case of aborted transaction

### Documentation improvements

* Change github to github.com in 0.3 migration guide (#237)

maddy 0.3.0 released 6 months ago

From Max Mazurov to ~foxcpp/maddy

**Stability:** This version is believed to be stable enough for use in use
non-critical deployments.

## Change log

### Breaking changes

* Minimal supported Go version is increased to Go 1.14

maddy keeps tracking latest Go version to benefit from language and
library improvements.

build.sh script will automatically download a newer toolchain version
if system installed version is too old.

[PATCH soju v3] Implement upstream SASL EXTERNAL support 6 months ago

From fox.cpp to ~emersion/public-inbox

---
Remove 'network sasl' command.
Reset CertFP credentials when mechanism is changed to PLAIN.
Prevent erasing CertFP credentials on NickServ authentication.
 db.go          |  36 ++++++++---
 doc/soju.1.scd |  21 +++++++
 downstream.go  |   6 ++
 service.go     | 164 +++++++++++++++++++++++++++++++++++++++++++++++++
 upstream.go    |  32 +++++++++-
 5 files changed, 251 insertions(+), 8 deletions(-)

diff --git a/db.go b/db.go
index 20ebb4e..31bc146 100644
--- a/db.go
[message trimmed]