Thx for your work on Dovecot, but this release is a massive downgrade of
the community edition and unusable for me needs. I'll go over the
problems by quoting the problematic changes.
On 24.01.25 11:42, Aki Tuomi via dovecot wrote:
Dovecot Core NEWS
-----------------
* config: dovecot_config_version must be the first non-comment
line in configuration file.
* config: dovecot_storage_version must be in the configuration
file.
* config: Many configuration options have changed so old configuration
files do not work without rewrite. See
https://doc.dovecot.org/main/installation/upgrade/2.3-to-2.4.html
* config: New variable expansion syntax has been introduced, see
https://doc.dovecot.org/main/core/settings/variables.html
* config: Some default settings have changed.
* config: plugin {} section has been removed.
* *-login: With ssl=required, connections from login_trusted_networks
are now also required to be SSL/TLS encrypted.
* acl: Use ACL settings instead of Global ACL Directories.
* auth-worker: auth_worker_max_count is replaced with
service auth-worker { process_limit }.
* auth: Weak password schemes are disabled by default, use
auth_allow_weak_schemes to enable them.
* auth_debug, mail_debug: Use log_debug filter instead.
* config: All sections require a name, for example passdb/userdb:
passdb static {
password=secret
}
* db2: Remove Berkeley DB support.
* dict-memcached: This is removed, use Redis instead.
Only minor annoyances so far...
* director: Feature has been removed. See potential replacement at
https://github.com/dovecot/tools/blob/main/director.lua
Oh that would suck, but luckily I'm only using a replicated pair of
Dovecot servers behind HAProxy...
* doveadm: USER environment variable is only supported with
--no-userdb-lookup. One of -u, -F or -A must be used
otherwise.
* doveconf: Option -n is now default when running doveconf.
* dsync: Use doveadm sync instead, legacy symlink has been removed.
* fs-sis: Feature is now deprecated and has been made read-only.
It will be removed in future release.
Oh shit that will reduce my storage requirements by roughly a factor 5
because my users love sending large attachments to multiple recipients.
* fts-lucene, fts-squat: These have been removed, use fts-flatcurve or
fts-solr instead.
Sigh, but okay I've been meaning to move to Xaphian anyway.
* imap-login: IMAP compression is now handled in proxies.
* imap_quota: SETQUOTA / quota_set has been removed.
* imap_zlib: This plugin is no longer needed, it's always enabled.
* imapc: All features are enabled by default, imapc_features can be used
to explicitly disable features that are not wanted.
* lib-storage: mbox driver is now frozen.
* mail_compress: XZ and LZMA algorithm support has been removed.
* mailbox-alias: Plugin has been removed.
* old_stats, auth_stats: These have been removed.
* openssl: Minimum supported version of OpenSSL is now 1.1.1.
* openssl: Add support for OpenSSL 3.x
* quota-dict, quota-dirsize: These have been removed, use quota-count
instead. You can use quota_clone to copy quota usage to some database.
* replicator: Feature has been removed. Use NFS or some other shared
filesystem instead, or run doveadm sync in crontab.
*WTF?!?* This is a *the* feature that made me pick Dovecot. The NFS
service would be just an other single point of failure and comes with a
whole range of problematic corner cases since NFS doesn't provide the
same semantics or performance as a local file system. A fact well
documented at https://doc.dovecot.org/main/core/config/guides/nfs.html.
I understand the old director architecture was easy to get wrong, hard
to support, and not easy to deploy on Cloud platform, but why remove the
replicator? This feels like an underhanded way to cripple Dovecot CE to
make it effectively unusable for anything more serious than a single
server deployment. Why does Dovecot CE lack the option to trigger
"doveadm sync" itself when it can trigger indexers if it isn't an
intentional **downgrade**? Please let this be an oversight that will be
fixed long before Dovecot 2.3.x goes EoL, because intentionally taking
replication out would force me to reevaluate if Dovecot can be trusted
to not change the deal further in future releases.
* stats: The bytes_in and bytes_out field in several events have been
renamed as net_in_bytes and net_out_bytes.
* zlib: Renamed to mail_compress plugin.
+ Experimental SMTPUTF8 and IMAP UTF8=ACCEPT support has been added.
Needs --enable-experimental-mail-utf8 configure option and
mail_utf8_extensions=yes setting.
+ Long running mail commands can be aborted with Ctrl-C / doveadm kick.
+ auth: LDAP driver now supports multi-value attributes.
+ auth: Add support for SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS.
+ auth: Add support for TLS channel binding.
+ auth: Support sending JA3 hash to policy server.
+ configure: Detect latest Lua version.
+ *-login: Support for TLS Server Name has been improved to allow pre-login
settings. For example capabilities to be changed based on TLS Server Name.
+ *-login: Support for TLS ALPN has been added, connections with mismatching
application are now refused. Missing ALPN is accepted.
+ fts-flatcurve: New Xapian based FTS plugin has been added.
+ imap: Support for INPROGRESS untagged messages as per RFC 9585.
+ lib-lua: Expose Dovecot DNS client.
+ lib-lua: Expose Dovecot HTTP client.
+ lib-sasl: Support SCRAM-SHA mechanisms.
+ lmtp: SNI support has been added which allows settings to be applied
based on TLS Server Name.
+ sqlite: Support WAL mode.
+ stats: Submetric name size has been increased.
+ submission: Add submission_add_received_header setting to protect
sender identity by suppressing the Received: header.
- Many bugs have been fixed.
Nice to see Xapian be included as the new default, allowing SQLite reads
while writing, and better SMTP submission handling.
Pigeonhole NEWS
---------------
* Change configuration syntax to match new Dovecot configuration syntax.
* vacation: Reduce default days to 60 from infinity
* vacation: vacation_max_period=0 is now an error.
* Version has been changed to match Dovecot version.
+ Added i;unicode-casecmp comparator.
- Lots of bugs have been fixed.
More of the sort of reasonable improvements one likes to find in change
logs.
Sorry to sound snarky and ungrateful, but I really don't know what to
make of the removal of replication and single instance storage This
smells of ripping features out of Dovecot CE to force users that rely on
those features on to Dovecot Pro and I would very much like to be wrong
about that. Is anyone able to shed some light on why these features
(replicator, SIS) have been removed from Dovecot CE v2.4.0?
-- Jan Bramkamp
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
