Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | TLS overhaul, bumping version to 6.4 | Matthias Andree | 2015-01-26 | 1 | -54/+77 |
| | | | | | | | | | | | | | | | Removes SSLv2, enables TLSv1.1 and v1.2 more easily, permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS. Only negotiates TLSv1 and newer by default, SSLv3 must now be specified explicitly, as a consequence of the POODLE attack. This is meant to be a minimally upgraded version, and cannot be usefully done as a 6.3.X release. It is strongly recommended that users review their configuration - especially --sslproto - per instructions in the NEWS file and manual page. It has changed semantics and in many cases --sslproto auto or perhaps --sslproto tls1.2+ should be used now. | ||||
* | More warnings on idle vs. multiple mailboxes. | Matthias Andree | 2014-11-22 | 1 | -7/+8 |
| | | | | In response to Jeremy Chadwick's trouble 2014-11-19, fetchmail-users. | ||||
* | Convert most references from berlios.de to sourceforge.net. | Matthias Andree | 2014-05-21 | 1 | -5/+8 |
| | | | | Re-sign EN and SAs because that broke signatures. | ||||
* | Fix typo around forcecr documentation. | Matthias Andree | 2013-06-21 | 1 | -1/+1 |
| | |||||
* | Bump version. | Matthias Andree | 2013-04-23 | 1 | -1/+1 |
| | |||||
* | Make SMTP error handling point to --softbounce. | Matthias Andree | 2013-03-07 | 1 | -5/+7 |
| | | | | | The fetchmail manual page now refers the user to --softbounce from the SMTP/ESMTP ERROR HANDLING section. Reported by Anton Shterenlikht. | ||||
* | Remove obsolete "OpenSSL default fingerprint is MD5" claim. | Matthias Andree | 2013-03-06 | 1 | -4/+4 |
| | | | | | | | The fetchmail manual page no longer claims that MD5 were the default OpenSSL hash format (for use with --sslfingerprint). Reported by Jakob Wilk, PARTIAL fix for Debian Bug#700266. | ||||
* | Bump version. | Matthias Andree | 2013-02-03 | 1 | -1/+1 |
| | |||||
* | Repair --logfile regression of 6.3.23, | Matthias Andree | 2012-12-13 | 1 | -3/+2 |
| | | | | reported by Heinz Diehl. | ||||
* | Move forward to prepare a 6.3.23 release and request translation. | Matthias Andree | 2012-12-05 | 1 | -1/+1 |
| | |||||
* | Clean up logfile vs. syslog handling. | Matthias Andree | 2012-09-23 | 1 | -5/+10 |
| | | | | | In case logfile overrides syslog, send a message to the latter stating where logging goes. Also revise manual page. | ||||
* | Bump version to 6.3.22. | Matthias Andree | 2012-05-03 | 1 | -1/+1 |
| | |||||
* | Fix CVE-2011-3389 by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS... | Matthias Andree | 2012-05-03 | 1 | -0/+10 |
| | | | | | | | ...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE is a non-empty environment variable. Suggested by Apple. | ||||
* | Fix build on SSLv2-disabled OpenSSL setups | Matthias Andree | 2011-10-26 | 1 | -1/+2 |
| | | | | | | | | On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to fix the build) and print a run-time error that the OS does not support SSLv2. Fixes Debian Bug #622054, but note that that bug report has a more thorough patch that does away with SSLv2 altogether. | ||||
* | Mention that user@server must be unique. | Matthias Andree | 2011-09-06 | 1 | -1/+5 |
| | |||||
* | Bump version to 6.3.21, mark release date. | Matthias Andree | 2011-08-21 | 1 | -1/+1 |
| | |||||
* | Bump version to 6.3.20. | Matthias Andree | 2011-06-06 | 1 | -1/+1 |
| | |||||
* | Drop FETCHMAIL_IMAP_DELETED_REMAINS_UNSEEN dud again. | Matthias Andree | 2011-05-26 | 1 | -10/+1 |
| | |||||
* | Bump version. | Matthias Andree | 2011-05-23 | 1 | -1/+1 |
| | |||||
* | Reinstate SSLv2 support on legacy_63 branch. | Matthias Andree | 2011-05-17 | 1 | -3/+2 |
| | | | | | Revert "Remove support for SSLv2 (fixes Debian Bug #622054)." This reverts commit c22a3afca46c83ee6d53a6ee58deb122f309c460. | ||||
* | Reword FETCHMAIL_IMAP_DELETED_REMAINS_UNSEEN, ... | Matthias Andree | 2011-05-17 | 1 | -4/+5 |
| | | | | | mentioning that some MS Exchange versions send a "deleted without being read" notification in this situation. | ||||
* | Add FETCHMAIL_IMAP_DELETED_REMAINS_UNSEEN env' var. | Matthias Andree | 2011-05-03 | 1 | -0/+8 |
| | | | | | Requested by Jonathan Buschmann, to suppress read-notifications on servers such as MS Exchange or HP OpenMail. | ||||
* | Fix grammar. | Matthias Andree | 2011-04-29 | 1 | -1/+1 |
| | |||||
* | Remove support for SSLv2 (fixes Debian Bug #622054). | Matthias Andree | 2011-04-11 | 1 | -2/+3 |
| | | | | | | | | | | | | | SSLv2 has been deprecated since 1996, and is insecure. Remove --sslproto SSL2 support. Set SSL_OP_NO_SSLvSSL_CTX 2 option so that the SSLv23 multi-version client no longer negotiates SSLv2. Note that some distributions (such as Debian) build OpenSSL 1.0.0 without SSLv2 support, so on those, the build would fail. Fixes Debian Bug #622054 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622054 | ||||
* | Bump manpage version. | Matthias Andree | 2010-12-05 | 1 | -1/+1 |
| | |||||
* | Import Debian's 02_man_page.patch to fix typos and escape dashes. | Hector Garcia | 2010-12-03 | 1 | -4/+4 |
| | |||||
* | Document Sunil's forced-STARTTLS change. | Matthias Andree | 2010-11-19 | 1 | -7/+9 |
| | |||||
* | The manual page now links to IANA for GSSAPI service names. | Matthias Andree | 2010-10-22 | 1 | -2/+5 |
| | |||||
* | Bump versions in preparation of release. | Matthias Andree | 2010-10-09 | 1 | -1/+1 |
| | |||||
* | POP3: autoprobe NTLM. | Matthias Andree | 2010-10-09 | 1 | -2/+2 |
| | |||||
* | Fix typo: cleartest -> cleartext. | Matthias Andree | 2010-10-05 | 1 | -1/+1 |
| | |||||
* | Fix excess boldface. | Matthias Andree | 2010-10-05 | 1 | -1/+2 |
| | |||||
* | Mention --principal for KRB4 only, and deprecate. | Matthias Andree | 2010-09-27 | 1 | -2/+3 |
| | |||||
* | Bump version to 6.3.17. | Matthias Andree | 2010-05-06 | 1 | -1/+1 |
| | |||||
* | --sslcert{file|path} overrides default store, add environment var... | Matthias Andree | 2010-04-23 | 1 | -36/+35 |
| | | | | | | | | | | If at least one of --sslcertfile and --sslcertpath is given, fetchmail skips loading the default OpenSSL X.509 trusted CA cert locations. If the environment variable FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS is set to a non-empty value, fetchmail will additionally load the default locations. The old FETCHMAIL_NO_DEFAULT_X509_PATHS variable was dropped. | ||||
* | Add --sslcertfile option and FETCHMAIL_NO_DEFAULT_X509_PATHS env var, | Matthias Andree | 2010-04-18 | 1 | -9/+44 |
| | | | | and always load the default X.509 trust stores, unless the latter is set. | ||||
* | Improve SSL error messages for common issues | Matthias Andree | 2010-04-18 | 1 | -4/+4 |
| | |||||
* | Mention c_rehash requirement after OpenSSL upgrades. | Matthias Andree | 2010-04-13 | 1 | -1/+2 |
| | |||||
* | Fix typo in the man page: spambounce -> softbounce | Michael Banack | 2010-04-09 | 1 | -1/+1 |
| | | | | Fixes BerliOS Bug #17067. | ||||
* | Bump version. | Matthias Andree | 2010-04-06 | 1 | -1/+1 |
| | |||||
* | Extend documentation on recent OpenSSL fix. | Matthias Andree | 2010-04-06 | 1 | -0/+9 |
| | |||||
* | Update for 6.3.15 release. | Matthias Andree | 2010-03-28 | 1 | -1/+1 |
| | |||||
* | Bump version. | Matthias Andree | 2010-03-19 | 1 | -1/+1 |
| | |||||
* | Bump version to -beta2. | Matthias Andree | 2010-02-26 | 1 | -1/+1 |
| | |||||
* | Mark --bsmtp - unsuitable for delivery and subject to removal. | Matthias Andree | 2010-02-26 | 1 | -6/+12 |
| | |||||
* | Document --bsmtp precedence over --mda. | Matthias Andree | 2010-02-26 | 1 | -1/+2 |
| | |||||
* | Rename bad-header pass to bad-header accept, ... | Matthias Andree | 2010-02-24 | 1 | -3/+3 |
| | | | | to resolve an ambiguity found by Frédéric Marchal. | ||||
* | Bump version to 6.3.15-beta1. | Matthias Andree | 2010-02-24 | 1 | -1/+1 |
| | |||||
* | Feature: bad-header {reject|pass} | Matthias Andree | 2010-02-24 | 1 | -0/+12 |
| | |||||
* | Add section on troubleshooting, ... | Matthias Andree | 2010-02-22 | 1 | -0/+33 |
| | | | | ...just in case somebody actually reads the manual in seach for help. |