Release Notes: This release fixes denial of service vulnerabilities CVE-2007-4565 and CVE-2008-2711. It also fixes a data loss bug with IMAP in --keep --flush configurations. Fetchmail no longer complains about invalid sslproto when POP3 CAPA probing fails. .fetchids and .fetchmailrc can now be symlinks. fetchmailconf now quotes folder names when writing the configuration. An --sslcommonname option was added to help working with misnamed certificates. Several build systems improvements were made.
Release Notes: This is the final candidate for fetchmail-6.3.0. The FAQ was revised, and now also ships in A4 duplex printable PDF format. The manual page was revised to allow copy and paste. An IMAP bug to guard against bogus message sizes on 64-bit platforms was fixed. The Japanese translation was updated. Fetchmail can be installed again on systems without Python.
Release Notes: fetchmail now defaults to "localhost" for SMTP, even with Kerberos. The SMTP/LMTP retry logic was fixed, and some memory holes were plugged. Backslashes at the end of configuration lines now work more intuitively. Fetchmail's IMAP client no longer mistakes unrelated information for untagged responses. In "oversized messages" warnings, the account name is mentioned. The Albanian translation is back. The manual page was updated. Some other fixes were made.
Release Notes: A problem where the program would try to connect on the external rather the loopback interface was fixed along with a crash that occurred when it couldn't find its own host name. A workaround was added for broken IMAP servers (such as qmail with Courier-IMAP) that send whole messages rather than just headers. Some error messages were corrected to be more clearly understandable and the manual page was updated. POP2 support was marked as legacy/going away.
Release Notes: Security bug CVE-2005-3088 (password exposure in fetchmailconf) was fixed. Further fixes around the -P/--port/--service options were made. Missed lock file error checks were added. NTLM/MSN can be configured in fetchmailconf, and their use now causes an error if not compiled into fetchmail. Daemon mode reinitialization was fixed. The --quit option was fixed. fetchmail now tries to obtain its FQDN host name by default. SSL connections are now shut down properly. The manual page was clarified in several places.
Release Notes: The --service option was revived. SSL socket setup problems now result in a socket error (not an auth error as before). getaddrinfo() errors are logged. A bogus service name resolver error was fixed. The config dump now properly describes the --envelope setting. The documentation was updated. envelope <num> Delivered-To was fixed. Build problems on newer Mac OS X, Solaris (with --disable-nls), FreeBSD 4 (Kerberos IV), and systems where SSL requires -ldl were resolved.
Release Notes: A Mac OS X build problem was fixed. AUTH NTLM was fixed to work outside MSN, and AUTH MSN (for MSN) was added. When polling multiple IMAP folders, fetchmail properly expunges between switching them. The expunged message count was fixed.
Release Notes: The "--limit --flush" option combination was replaced by a new --limitflush option that is less dangerous. A bug in the --with-hesiod option was fixed. Building on non-Linux systems now works again. Various documentation updates were made. More IPv6 support was added. --with-gssapi fixes were done. The --enable-inet6 option was removed. BSMTP envelopes were fixed, and fetchmailconf is prevented from waiting for input from an invisible password prompt.
Release Notes: Three important multidrop bugs that could lead to server addresses/aliases not being recognized were fixed. The netsec and -T options and their code was removed as the inet6_apps library this depended on is long gone. The gettext code was removed from the fetchmail package, which is now shipped as bzip2. The Python script is now optimized and byte-compiled upon installation. Some internal code shuffling and cleanups were made resulting in fewer "make" recursions and the removal of alloca().
Release Notes: A remote root vulnerability in POP3/UIDL handling was fixed (CAN-2005-2335, requisite compromised/malicious POP3 server). Tracepolls now works. A socket leak with SSL failures was plugged. The Received: header no longer contains garbage with smtphost set. The PID file is now FHS compliant. --silent now also works for ODMR. Warning emails now have a From: header. IMAP can use passwords of arbitrary length from the rc file. Oversized messages are now deleted with --flush unless in daemon mode. lock_release was renamed to fix a Darwin namespace collision. The manual page was corrected and updated.