$Id: ChangeLog,v 1.26 2003/07/02 02:40:15 mmondor Exp $ Release: mmmail 0.0.23 devl Date : July 1, 2003 By : Matthew Mondor * Bug fixes - The IP-address based connection rate and DNS cache expire thread used to sometimes waste CPU cycles looping more often that it should, sleeping for 0 seconds between loops. Fixed. - The same was happening to the message rate host-based cache expire thread, which also was fixed. - mmstatd(8) had a bugfix and was upgraded to 0.0.8 * Important - The mmstat(3) key names were modified to be '|' separated rather than '.' separated. Although I have been trying to avoid such a change which obviously requires fixing alot of scripts I am using, it was proven with time that the '.' character was too widely used and that '|' was ideal as a replacement. It is not hard to use a script to use the mmstat(8) reset command and convert all old entries to the new type if necessary. As a result, filenames which comport '.' characters for which counters are maintained are much better to handle and to isolate. The same applies to IP addresses. - The maximum key name length now was bumped from 128 to 256 bytes. As a result, a special log file synchronization will be required as was the case for mmstatd 0.0.7 upgrade (and mmmail 0.0.22 upgrade). This also requires mmstat clients using the mmstat(3) API to be recompiled. * New features - Per-mailbox message/bytes statistics are now being maintained via mmstat(3) in mmsmtpd for incomming messages. - Per-user/box logins/message/bytes/delete statistics are now being maintained via mmstat(3) by mmpop3d. Release: mmmail 0.0.22 devl Date : June 19, 2003 By : Matthew Mondor * Important - Important changes to mmstat(3) and mmstatd(8) were made which require a database synchronization procedure to be performed before upgrading. See mmstatd/ChangeLog for details. - The GROUPS directive in mmsmtpd.conf(5), mmpop3d.conf(5) and mmstatd.conf(5) now expect groups to be comma-separated instead of space-separated. The quotes then of course also become optional if multiple groups are specified. This was made because mmreadcfg(3) library is also used by other of my projects for which comma-separated groups were also required. * Various - Fixed ALIGN_CEIL alignment macros which used to always add bytes even if the value was already aligned properly. As a result a few bytes of memory were often wasted. - Interface of various lower layer functions and macros were improved, and mmftpd was migrated to use the new ones. - When an alias points to an invalid address, an error is now logged about it for the administrator to notice and delete the alias. - mmstatd will now perform much better when used with a large number of keys, and will now retain the real time of the operation if it had to be killed before it can incorporate the recovery logs and sync. - mmsmtpd now uses mmhash(3) for it's FLOOD_PROTECTION cache which enhances performance when many hosts are in the cache, and yields cleaner code. As the number of RCPTs allowed per post is generally small, it still uses linked lists for those with the old 64-bit hash for faster comparition, but sequencial searching is still performed when checking against duplicates. This will change if I ever obtain a request about someone who needs to use enough RCPTs in a post to use a hash table for performance. - mmhash(3) is now used by mmserver(3) as well, which should enhance connection validity and DNS hostname cache performance. * Bug fixes - The SQL SELECT statement in mmpop3d's auth_pass() function was erroneous and often caused POP3 authentication problems. Fixed. Release: mmmail 0.0.21 devl Date : January 9, 2003 By : Matthew Mondor * Bug fixes (thanks to Jeroen Oostendorp for reporting) - HELO would not accept IP addresses. It now will. - The first matching entry in the aliases list would immediately map an address, even if there existed closer matches. The new algorithm will only map the address to the best match. (See important changes section for more details). - The RESOLVE_MX_HELO configuration file keyword was changed to RESOLVE_HELO and it's behavior changed accordingly, to resolve hostname's A record rather than the MX one. It was erroneous to expect SMTP clients to have valid MX records. - The check_nofrom() function, used to check for a match within the nofrom database table, would only match on a hostname basis if resolving client hostnames was enabled and the address could resolve successfully. It now will also always check if the IP address also matches no matter what. * Important changes - When desired, it is important for frontend scripts to be able to generate required password hashes. This has not been easy with the previous method, which did not even use standard base64 encoding but a custom one on the MD5 result. Calling external binaries such as mmpasswd is not ideal. Moreover, I wanted to get rid of the mhash library dependancy. The solution was simple: password hashes now consist of standard crypt(3) generated strings. Both MD5 and DES modes are supported. However, mmpasswd will only generate MD5 ones with crypt(3). This also allows administrators to easily migrate from real system users, as this is the way system user password hashes are stored. An attempt was made to provide a utility to easily convert old hashes to new ones; This however is impossible due to a bug in the previous method which caused the last few bytes of the MD5 results to be lost during the base64 conversion. A recommendation is to generate random passwords for the users, notify them via email and then activate the new version using the new passwords say, a week afterwards. This password format will then remain unchanged for next versions. It is important that people upgrading from 0.0.20 or older execute the provided MySQL script upgrade-0.0.21.sql. Also, the user_passwd field of the user table will need to be updated using the new mmpasswd results for each user password. - The alias table was modified because of the new best matching algorithm which could be slower with large tables. To cope against this, an alias column was added (the upgrade-0.0.21.sql script will also add it). This means that you will have to add the new domains after upgrading, and alter the patterns to no longer hold the domain. * Real asynchroneous functions support - The Pth library has limits in that only one process is used for all threads. The various pth_*() functions, and special care has to be taken to prevent locking the whole process when a single thread needs to perform operations, because of the non-preemptive nature of Pth. Another side effect of using Pth is that SMP systems gain no performance over single CPU systems. Moreover, some functions which can take a while can lock the whole process when no pth_*() wrapper function exists to do it. An obvious example is hostname resolving, which can lock the whole process for long periods on slow networks. - A solution was worked out to allow threads to execute real asynchroneous functions without blocking the main process (and therefore allowing other threads to remain responsive), and to even take advantage of multi-processor systems where available. - The technique uses an AmigaOS-like device task/thread which works over the Pth thread-safe message passing mechanism, to serve the various asynchroneous functions like a daemon would. This device internally uses a pool of real asynchroneous processes to which it dispatches the requests in a distributed manner via unix datagram sockets. - The new ASYNC_PROCESSES configuration file option was added as a result, which allows to specify the number of slave asynchroneous processes to run. - This facility is currently used by mmmail to generate password hashes and to resolve hostnames and MX records (when enabled). * Miscelaneous new features - If the daemons are compiled with -DNODETACH, the main process will not fork(). Useful for debugging. - If compiled with -DNODROPPRIVS, daemons will make sure they are not started by the superuser to accept running, but will then not attempt to perform any modifications on the current permissions. Useful for non-privileged users. - mmstatd can now be specified configuration file to use at startup via command-line argument. - mmstat library will now first check for MMSTATCONF environment variable for the configuration file to use instead of the default "/etc/mmstatd.conf". This can be useful to non-privileged users who want to run mmstatd. The default is to only accept to be started by the superuser and then drop privileges. - mmstat user client utility now supports hreport for more human readable results (although less verbose). - Configuration file option DELAY_ON_ERROR was added to allow to pause at every user command error. Thanks to Jeroen Oostendorp for the idea. - mmstat facility now allows wildcard pattern matching for UPDATE, RESET and DELETE operations which operates atomically on all matching keys for that uid. - STATFAIL_EOF was added to mmsmtpd.conf which allows to maintain statistics via the mmstat service about clients which disconnect improperly. * Other - Optimized the command matching loop by using fast packed hashes - Other optimizations were performed by moving some variables in closer scope, usually resulting in compilers using registers for appropriate variables. This is especially useful for GCC which ignores register directives. - Significant code cleanups - Several environment variables can now be set to modify the behavior of the install.sh script (eg: change installation prefix, default group/user, etc). - The memory pool allocation system was optimized even more, now keeping statistics on the average number of pages in use, so that it scales better. Previously used pages are now privileged as well, which causes unix kernels to allow processes using it to perform more efficiently, as well as the underlaying allocator. - Better synchronization with mmstat service, now using persistant keys and has possibility to delete old temporary keys at startup using wildcard matching. Release: mmmail 0.0.20 devl Date : November 8, 2002 By : Matthew Mondor * New features - The new STATFAIL_ADDRESS, STATFAIL_FLOOD, STATFAIL_FULL and STATFAIL_TIMEOUT boolean confguration file options were added, which allow the administrator to view statistics using the mmstat(8) utility, optionally taking action on abnormal functional issues. See mmsmtpd.conf(5) man page for more information. - Added new CHROOT_DIR configuration parameter to optionally allow the server to run enclosed into a chroot(2) jail. - When starting the server it is now possible to specify the configuration file to read. This allows to start several copies using different configurations. * Bug fixes - When multiple groups feature was introduced in 0.0.16 devl, mmmail stopped setting the initial group using setgid(2), assuming that setgroups(2) would. This was not the case, and mmmail would then remain part of the wheel group. It will now set the real and effective primary group, the secondary groups, and then the real and effective user. The first group of the GROUPS configuration file parameter is used for the primary group. Although mmmail does not access files, this bug did not hurt it, but let's not leave anything out considering security. - The pop3d needed to replace any "\n.\n" to "\n..\n" while sending out to of course avoid the client to consider the message completed when it is not the case. This is now done. As a result it cannot send the whole message using a single fdbrwrite() call, it has to perform several ones as needed. - Removed the annoying LOOP: debugging which used to flood syslog. * Other - mmsmtpd now has less overhead when creating new client contexts - Now uses getnameinfo(3) instead of gethostbyaddr(3) to resolve hostnames if RESOLVE_HOSTS is TRUE. This is more suitable with threads, since gethostbyaddr(3) uses static data and required a mutex to be thread-safe. Release: mmmail 0.0.19 devl Date : October 28, 2002 By : Matthew Mondor * Important bug fix - omission of an unlinknode() in the new rate limit feature was fixed. The daemons could lock in a loop taking 100% CPU time. Fixed. Release: mmmail 0.0.18 devl Date : October 26, 2002 By : Matthew Mondor * New features - Anti-DoS connection rate limit feature was added in mmserver library, consequently new CONNECTION_RATE and CONNECTION_PERIOD configuration file options were added. These are on a per-IP address basis. - The bytes statistic counters were bumped to 64-bit. * Bug fixes - Yet again a build/install script bug; Permissions would not be applied properly to newly installed files, the problem started to occur when automatic directory creation was added. This was now fixed. Users should consider upgrading as fast as possible, or to make sure that their configuration files in /etc/ have safe permissions. See the following man pages: mmsmtpd.conf(5), mmpop3d.conf(5). The install script will force safe permissions on the configuration files while preserving them if they already exist. - The staff group would not be created by install.sh if it did not exist. Thanks to Jeroen Oostendorp for reporting this. - The bandwidth shaping system was not accurate enough, as it used to throttle by 4096 bytes blocks, requireing too much CPU time in syscalls for high limits. It was rewritten using a new design which now only sleeps if required after the maximum number of bytes allowed into a second were transfered. So it now uses a second's worth of data resolution rather than a 4096 bytes resolution. Some parts of mmfd library internals and API were modified as a result (See mmfd(3) man page for details). Another side effect is that it takes far less CPU time with high limits. Thanks to Darren Price for the extensive testing and reports, to Eric Weisenhaus and agrajag for reporting these earlier. - There existed a potential race condition when hostname resolving was enabled, which could cause a memory leak. This was fixed. Thanks to Jeroen Oostendorp for reporting it. * Other - When mmmail needs to write out blocks of data it no longer uses mmfd(3) library fdbwrite() buffering call but fdbrwrite() instead to save CPU cycles and avoid buffer size splits. - Some source code auditing and cleaning was made, several optimizations were performed, some buffers were aligned to favorize word-copy/move operations as opposed to single-byte moves, in mmstring library). - I thank everyone who are testing this software, and am again requesting that it be evaluated, as I intend to eventually release mmmail v1 stable. Support for more features will mostly be added into future mmmail devl software, for an eventual mmmail v2. The current design drafts for it can be found at http://mmondor.gobot.ca/software.html under the mmmail TODO entry. For mmmail v1 release to happen, it has to be free of any issues, it is therefore important to report any bug, to mmondor@gobot.ca. It also would be nice if I could release with it a list of systems it is known to work on, so if betatesters find some time to describe their setup to me via email it would be appreciated. I yet have to test it again on ultrasparc with Linux and Solaris for instance. Release: mmmail 0.0.17 devl Date : October 11, 2002 By : Matthew Mondor * Bug fixes - The build scripts did not behave as expected on systems which are using bash for /bin/sh. Some script sections needed modifications to work on both. Now seems to build fine on linux systems. - Various new GCC versions warning issues were fixed. - When installing, some directories were assumed to exist, they will now be created when missing. - A bug in mm_memmov() was fixed. - Some systems, including linux, required libresolv to be linked with the daemons. Fixed. Release: mmmail 0.0.16 devl Date : October 6, 2002 By : Matthew Mondor * New features - Now uses mmstatd(8) for persistant statistics storage and volatile who database. This includes mmstat(8) administration facility. This daemon also comports crash recovery using internal logging. See mmstatd(8) man page for more information. - Processes may now be part of several groups. - It is now possible to set global maximum download and upload limits for the whole server. - Improved installation/upgrade make.sh and install.sh scripts, and use of /bin/sh rather than make because of GNU/BSD make inconsistencies. - mmmail(8), mmsmtpd(8), mmpop3d(8), mmsmtpd.conf(5), mmpop3d.conf(5), mmpasswd(8), mmstatd(8), mmstat(8), mmstat(3), mmstatd.conf(5) man pages were written. * Bug Fixes - Hostname sections starting with alpha characters only used to be accepted, it now will accept alpha-numeric instead for the starting hostname section character. - The "Received:" headers were wrong about the "for" part. The previous way do_data() worked prevented modifying the message header for each RCPT, which was required. do_data() was now rewritten around mmfd(3) fdbreadbuf() and "for" should be adequate as it's a re-implementation. Thanks to Jeroen Oostendorp for reminding me of this bug. - On various systems, including OpenBSD, the NetBSD-style __RCSID and __COPYRIGHT, although useful, caused problems. They were now replaced by custom macros, which should fix compiling issues. Thanks to Dinos Costanti for reporting the issue. * Other - The code used to be compatible with older C compilers, it now was converted to ANSI C. Use of __P() macro is no longer made. - mmsmtpd now reads in messages faster than it used to, do_data() was re-written in a way to avoid two previous memory copying passes on the whole message. It now uses mmfd(3)'s new fdbreadbuf() function. Previously it would call fdbgets() on a buffer, copy the string into a linked list, using strdup(3), and after message reception another buffer would be created by copying all lines from the list sequencially again. These two passes can now be avoided, as fdbreadbuf() causes fdbgets() to write it's lines directly into a single buffer. Of course we still can't avoid the buffer copy/translation pass which occurs to produce the mysql query, however. - Some mmlist node manipulation functions were replaced by macros. mmlist(3) now privileges pre-allocated nodes when inserting them back in the free nodes queue, making a better useage of memory. Release: mmmail 0.0.15 devl Date : July 27, 2002 By : Matthew Mondor * Bug fixes - Fixed bandwidth shaping library, recent versions would totally ignore bandwidth rate specified, because of erroneous 0 initialization. Also fixed a bug where bandwidth would always be lower than requested. Thanks to Eric Weisenhaus, Darren Price and agrajag for reporting these. - Configuration option LOG_LEVEL would not accept values below 1 - Fixed mm_strnicmp() which would sometimes cause various problems - Sometimes fdbgets() status would not be logged in case of error, occuring during mail receipt, not disclosing why 520 Error was sent. - The 520 Error sent when an error occurs receiving mail data was changed to a 452 code error. - Added LOG_LEVEL 4 for extreme verbosity (message DATA lines are logged). Release: mmmail 0.0.14 devl Date : June 4, 2002 By : Matthew Mondor * Bug fixes - The FROM:<> string was compared case-sensitively (thanks to Jeroen Oostendorp) - Various optimizations - A pretty serious bug was fixed (which only affected glibc-based systems), where syslog() would potentially be called with user supplied parts, including fmt sequences. Thanks to Benoît Roussel for providing me with a very detailed security advisory and to Guillaume Pelat for discovering the problem. Release: mmmail 0.0.13 devl Date : May 19, 2002 By : Matthew Mondor * Config file support - Servers now reads /etc/mmsmtpd.conf and /etc/mmpop3d.conf which obsolete previous mmversion.h pre-compilation issues. This also permits to leave the daemon executables to be readable by other users, as passwords get read from the config files. Of course configuration files should remain only accessible by root. - Defaults are set, configuration file is parsed, then command line arguments parsed which may override some of the configuration file settings. - Syslog facility can now be specified. * Bug fixes - When the mysql server was down, and mmsql lib's mmsql_glock() was called by the daemons, 100% CPU time would be used in an endless loop. The loop boundaries and rate are now controlled properly. - When a mail box is full, mmsmtpd now issues a 402 message instead of the previous 502 code, which would prevent some MTAs from retrying later on. - When too many DATA lines were sent through mmsmtpd for a message, it would previously not output the proper error message properly, instead two messages were being sent, the error one, and the successful one, confusing most smtp clients. - Thanks to Jeroen Oostendorp for beta testing throughly mmmail 0.0.12 and noticing the three above bugs which were fixed in 0.0.13. He also made the MAIL FROM:<> and hops checking support suggestions. - The process ID file was not created. - Detected and fixed misuse of snprintf(), of which the returned value should not be trusted. * Support for MAIL FROM:<> added - These used to be considered illegal, it now is possible for the admin to allow them (crond and some intranet MTAs seem to use it). - Only clients connecting from allowed list of hosts/addresses can use it, the new nofrom MySQL table has been added for this purpose. - * and ? pattern matching is allowed, and addresses or hosts can be used. * Implemented maximum hops checking support - New configuration file option can be set to limit the number of maximum hops in a message in order to accept it. This helps filtering invalid emails and spam. * Install/Upgrade shortcut - A make.sh script was now written which allows to compile and then install or upgrade mmmail faster. - Written scripts/upgrade.sql to allow easy transition from mmmail 0.0.12 or older to mmmail 0.0.13, without deleting the current database info, since new tables and fields were introduced. * Useful debug logging - When using level 3 verbosity logging, replies will also be logged via syslog to specified facility. This is especially useful for beta-testers and debugging. * (finally) Implemented aliasing - Thanks to Ryan Werber, Daniel DeMaggio and Jeroen Oostendorp for suggestions and ideas. - Allows to setup aliases based on * and ? pattern matching, the new MySQL table alias has been created for this purpose. * Implemented message flood (mail bombing) protection - Thanks to Daniel DeMaggio and Jeroen Oostendorp for the idea. - FLOOD_PROTECTION boolean, FLOOD_CACHE size, FLOOD_MESSAGES and FLOOD_EXPIRES configuration file options added. - This is based on a per client host basis, addresses/hostnames are cached with statistics in a hash table. * Added various fields along the SQL tables - Allows automatic scripts to identify/inactivate/delete unused boxes or users using new datetime fields. - Statistics on the number of logins for a user are now stored. - Added an admin field to the user box, so that it becomes possible for a frontend to allow an administrator to create users and mailboxes for them. This however in the future should be restructured to be on a per-host basis instead. Thanks to Christoph Dworzak and Daniel DeMaggio for providing the idea. - Added a user active boolean field to the user SQL table to permit easily disabling access temporarily to a user without having to take out his mail boxes or user entry from the database. * Introduced a 64-bit hash function - Internally used to improve various table lookups (already supplied RCPTs and the FLOOD_PROTECTION cache for instance) - Hash function was tested against duplicates with /usr/share/dict/words and find / inputs with success * Server too busy messages introduced - When the maximum number of IP addresses have been reached, or when too many connections from the same address occurs, a protocol-friendly message is now sent before closing the connections. Some clients have been confused with previous behavior. * Multiple interfaces support - Adminstrator may now specify several IP addresses to bind() to, as well as a server hostname for each, using LISTEN_IPS and SERVER_NAMES config file parameters. * Now using getpwnam() and getgrnam() for more configurability - Used to read /etc/passwd and /etc/group directly. Release: mmmail 0.0.12 devl Date : April 22, 2002 By : Matthew Mondor * Fixed a nasty bug - As the mmfd library was lately fully redesigned some daemon code would not properly use the status results when a connection was unexpectedly lost. - This rendered easy to crash the daemon flooding with alot of connections not exiting using standard QUIT command. * Better disconnection logging - The the general status/reason of the disconnection is now also logged with the statistics via syslog. * Compilation issues resolved - Fixed a conflict which occurred between the BSD and linux usleep() function not using the same argument type (unsigned long vs useconds_t) - mmpasswd would not compile properly on linux Release: mmmail 0.0.11 devl Date : April 17, 2002 By : Matthew Mondor * Implemented bandwidth management support - mmfd library finally supports bandwidth shaping as well as buffering, mmmail daemons now also take adventage of this, administrator may optionally decide the speeds limits in KB/s for both reading and writing data from with each client. * Implemented transfer statistics - Detailed statistics on the number of bytes transfered in both directions, with number of RCPT/messages received/sent and DELE commands are now logged via syslog at logout. * More descriptive logging on DoS attempts - When a connection is rejected because the maximum number of IP addresses is reached, or that maximum number of connections for an IP address is exceeded, mmserver library now reports the offending IP address and reason via syslog. Release: mmmail 0.0.10 devl Date : March 24, 2002 By : Matthew Mondor * Moved to CVS with unified libraries - Less prone to some bugs caused by inconsistencies among code modules * More efficient memory management - mmlist's buffering capabilities now used by mmmail suite daemons * More efficient I/O - New mmfd library provides fast buffering around fds increasing execution speed considerably, mmsmtpd used to read in messages slowly especially * Bugfixes - Some SMTP clients sending mixed-case hostnames at HELO would be refused access, fixed. - Under some circumstances it would theoretically be possible to crash mmpop3d (a loop could possibly read outside of it's heap) although I could not observe the effects, auditing the code after CVS transition made me discover it. - Some memory would not be freed immediately after mmsmtpd processed a message. - French accents and the like would be stripped out of messages by mmsmtpd, fixed (mmfd.c). - Will no longer refuse to start if lingering sockets with TIME_WAIT exist Release: mmmail 0.0.8a devl Date : January 14, 2002 By : Matthew Mondor * Backported - This release consist of an update to mmmail 0.0.8, with only part of the changes of 0.0.9 (mmsmtpd on 0.0.9 seems to segfault, and I couldn't find time to debug it, and needed to update my production servers to work as soon as possible). - The changes fixes the wrong connection IDs in logging, and the fdgets() modification was applied as well as the LIST Out of range problem patch. Release: mmmail 0.0.9 devl Date : January 6, 2002 By : Matthew Mondor * Fixed wrong connection IDs - If more than one connection at once were originating from the same IP address, the connection ID would remain the same. Fixed. This is essencial to properly associates commands executed by each connection together. * Modified mmfd.c's fdgets() function - The line input function would cause telnet control sequences to be inserted in the command string, as non-printable characters. They are now ignored. This would cause some commands issued by rare clients to not be recognized. * Debugged LIST - The LIST POP3 command when called with a message number parameter would often fail with an out of range error. Fixed. * Performance enhancements - mmmail now uses the new mmlist and mmstr libraries just like mmftpd for internal buffering preventing malloc() and free() from being called too often. Moreover, general performance of linked lists related code should be enhanced. - The administrator can set the new BUFFERS variable in the mmversion.h files to higher values for servers under more load for more buffering. Release: mmmail 0.0.8 devl Date : November 26, 2001 By : Matthew Mondor * Fixed some of the error limits code, thanks to Ryan Werber for reporting - Some commands such as RECV used to increase the errors number variable which caused a POP3 client to fail finishing fetching all messages from a box with many messages. Fixed. Release: mmmail 0.0.7 devl Date : November 24, 2001 By : Matthew Mondor * Fixed broken TOP POP3 command, thanks to Tyler Mitchell for reporting it - When rewriting many parts of the POP3 daemon for mmmail 0.0.6 version, a bug was introduced which caused TOP command to always return invalid range errors. Fixed. - Moreover, TOP since the first mmmail version never worked as expected by most users, where TOP 0 would display the message header lines, and any higher number would be lines counted after that header. Fixed. - As an anti-dos feature using TOP on the same message twice was not permitted unless RSET was used. Now behaves normally. - As POP3 protocol does not provide a help system, TOP command now mentions that PAGE could also be used on it's result line. Release: mmmail 0.0.6 devl Date : November 21, 2001 By : Matthew Mondor * mmmail and mmmail-pth were fusionned - As alot of work as been performed on the pth daemon lately, and a single edition is preferable to maintain, mmmail officially uses pth library as of this edition. I mostly run it on netbsd personally and the pth editions run awesome on it. I also run a linux server with it in a production environment, so I consider it stable and efficient enough. * Not using regex(7) anymore - In order to make the command interpreter much faster, unvulnerable to possible regex related bugs, and to make it more portable (yes, I have noticed that besides POSIX pthreads, POSIX regex have problems on some systems and required different regex pattern strings), I am now parsing the commands myself. SMTP and POP3 commands are very simple to parse. Moreover, jump tables are now used instead of switch/case. This permits general better performance when using libpth especially, since it only provides non-preemptive scheduling, among all threads, using a single process's CPU time. * UID and GID now internally evaluated from names - The UID and GID to run as are now specified to the daemons as names as found in /etc/passwd and /etc/group. The daemons now perform necessary convertions to numerical values. * Better permissions sanity checking when run from inetd - Will now refuse to run if it can't make sure it runs as required user and group * HELO may optionally be required - Will prevent the use of MAIL before HELO was used, if the admin wants * Less strict on MAIL and RCPT format - Some SMTP clients and servers used to not fully respect the strict RFC MAIL FROM: and RCPT TO: forms, adding spaces or omitting < >. mmsmtpd will now work with those. * Customizable logging level - The admin may now setup wanted logging level for each daemon. * mmtcpfwd-like connection ID logging - When connection/disconnection logging is wanted, now uses connection IDs which permit to effectively link the events together. * Implemented unstandard POP3 PAGE command - As TOP often is not powerful enough to properly allow reading messages via a telnet client for instance, PAGE was implemented, where consists of the message to be read, of the page number to be displayed, and the number of lines per page of the terminal (with a maximum limit of 60). * README was updated - As many changes were performed in both daemons, although I personally tested them a bit, next release should be a stable one, once this one has been more tested on production systems. Release: mmmail pth-0.0.5 devl Date : October 2, 2001 By : Matthew Mondor * mmsql_glock() and mmsql_gunlock() used to be implemented around flock() - This required mmsmtpd/mmpop3d daemons to share a common filesystem as /tmp/mmail-mmsql.lock file was used. - Now uses MySQL's special GET_LOCK() and RELEASE_LOCK() functions. - The daemons should now be able to run on two different hosts * Fixed a small memory leak in mmpop3d - mhash allocates data for the hash, which has to be freed although it's documentation never mentionned it, when I noticed the leak and re-read the auth code I found logic that mhash_end() couldn't free the hash which we need to use afterwards, adding a free() fixed it. * Note: The pth library version with which mmmail-pth was thoughly tested consists of libpth14 (v1.4). I noticed that on linux, pth seems tricky. These daemons run fine on NetBSD with libpth12-14, although it only seemed to work fine on linux with libpth14. It used to segfault with libpth13 on linux. Release: mmmail pth-0.0.4 devl Date : September 28, 2001 By : Matthew Mondor * Fixed a bug which occured at times around strncpy() which implementation varies from clib to clib. - Unexpected mail box full issues were fixed Release: mmmail pth-0.0.3 devl Date : Aug 12, 2001 By : Matthew Mondor * Portability issues - As using POSIX threads cause portability issues among implementations, this one was fixed to use the GNU portable pth thread library. It is not really made to fully replace the other implementation using POSIX threads, I also may merge them together eventually but are only two concurrent versions at present time. Release: mmmail 0.0.3 devl Date : July 9, 2001 By : Matthew Mondor * Data integrity enhancement - mmsql_glock() and mmsql_gunlock() implemented in between mmsmtpd and mmpop3d to prevent mailbox corruption which could happen if they were both writing and deleting messages at once. This never happened but as two SQL commands are required for mail insertion or deletion, it is better to make sure that nothing can interfere between them. * Revision - Removed all // comments and replaced them by /* */ ones to follow standard C conventions - Updated the README file * Security enhancement - The daemons no longer return to the client the strings they send when they are unrecognized or invalid commands. Release: mmmail 0.0.2 devl Date : June 3, 2001 By : Matthew Mondor * Bugfix - Now uses mysql_ping() regularly to re-establish connection with the MySQL server if it was lost, very useful for remote server connections though TCP/IP. Release: mmmail 0.0.1 devl Date : May 29, 2001 By : Matthew Mondor * Initial development release