Version 1.0.21: - No significant changes. Version 1.0.20: - Added support for authentication mechanism SCRAM-SHA-1 via GNU SASL. - The new command tls_fingerprint allows one to trust one particular TLS certificate, in case tls_trust_file cannot be used for some reason. - The new script mpop-gnome-tool.py manages Gnome Keyring passwords for mpop. Version 1.0.19: - When using OpenSSL, mpop now correctly handles NUL characters in the Common Name and Subject Alternative Name fields of certificates. This fixes a security problem. Note that mpop is not affected by this problem if GnuTLS is used. - Mpop can now handle mail boxes larger than 2 GiB on 32bit systems. Previously, this only worked on 64bit systems. Version 1.0.18: - Delivery to MS Exchange pickup directories is now supported, thanks to Julien Larigaldie. Version 1.0.17: - No significant changes. Version 1.0.16: - Mpop now also reads SYSCONFDIR/netrc if the password was not found in ~/.netrc. - Support for the GNOME keyring was added by Satoru SATOH. Version 1.0.15: - This version fixes two bad bugs that prevented mpop from correctly retrieving mails under certain cicumstances. Version 1.0.14: - The configuration command tls_crl_file was added. This allows to use certificate revocation lists (CRLs) during certificate verification. - The configuration command tls_min_dh_prime_bits was added. This is needed to use TLS/SSL with servers that use a small Diffie-Hellman (DH) prime size. - The configuration command tls_priorities was added. This allows to fine tune TLS/SSL session parameters. Version 1.0.13: - Support for the Mac OS X keychain was added by Jay Soffian. Version 1.0.12: - No significant changes. Version 1.0.11: - The license was updated to GPLv3 or later (source code) and GFDLv1.2 or later (documentation). - Bug fixes and improvements for large POP3 mail boxes with thousands of mails were made. Version 1.0.10: - A bug in the UID handling code was fixed. The bug was introduced in version 1.0.7. As a consequence, if you update from version 1.0.7-1.0.9, the first invocation of this new mpop version will download all mails from the server, even mails that were retrieved before. Version 1.0.9: - Security fix: - APOP authentication is vulnerable to man-in-the-middle attacks. See CVE-2007-1558. Such attacks might lead to password disclosure. Therefore, mpop does not use APOP automatically without TLS anymore. Additionally, mpop's checks on the APOP challenge were too lax in previous versions, making attacks easier than necessary. This has been fixed. - Security improvements: - NTLM authentication is considered insecure because it is undocumented. It is therefore not used automatically without TLS anymore. - TLS requires tls_trust_file or a disabled tls_certcheck now, so that it is not silently vulnerable to man-in-the-middle attacks. Version 1.0.8: - Improved workarounds for POP3 servers that are not exactly RFC conformant. For example, pipelining is now enabled automatically for pop.gmail.com and some other servers. Version 1.0.7: - Mpop now works with the Comcast.net POP3 server, thanks to a patch by Benji Fisher. Version 1.0.6: - The default setting for pipelining is now "auto". "on" and "off" now have a slightly different meaning: they force pipelining on or off regardless of server capabilities. If you use pipelining=on and your POP3 sessions hang, switch to pipelining=auto. Version 1.0.5: - No significant changes. Version 1.0.4: - No significant changes. Version 1.0.3: - A spanish translation was added by Carlos MartÃn Nieto. Thanks a lot! - GNU SASL support works again (it was broken in 1.0.2). Version 1.0.2: - The configuration command tls_force_sslv3 was added. This is needed to use TLS/SSL with some old and broken servers. Version 1.0.1: - The default UIDLS file changed from "~/.mpop_uidls" to "~/.mpop_uidls/%U_at_%H". %U and %H will be replaced with the user and host name of an account. This means that every account uses its own UIDLS file now. !!! IMPORTANT !!! If you update from mpop-1.0.0, you *must* do one of the following: - If your ~/.mpop_uidls file contains no UIDs, delete it. - If you want to keep using it, add the following line to the "defaults" section of your configuration file: uidls_file ~/.mpop_uidls Version 1.0.0: - Added the option --all-accounts (-a) to query all accounts in the configuration file. Changed the short option for --auth-only from -a to -A. Version 0.8.5: - Removed the simple_mbox delivery method because it is unnecessary. Please use the mbox method instead. - Optional support for Internationalized Domain Names (IDN) was added. GNU Libidn is required for this. - mpop will now respond to CTRL+C immediately, because all network operations are now interruptible. - The options of the configure script have changed! Please read the file INSTALL for more information. - Some minor bugfixes and improvements were made. Version 0.8.4: - The only_new command and --only-new option were re-added, but with a slightly different meaning. The default behaviour is compatible to previous 0.8.x versions. Version 0.8.3: - UIDLS files created by versions prior to 0.5.0 are not accepted anymore. Version 0.8.2: - Removed the OpenSSL exception note from the license information. Version 0.8.1: - Bugfix: Don't leave stale messages on the server. Version 0.8.0: - Fixed handling of servers that do not support pipelining. - mpop will now always remember mails that were already retrieved and delivered, even in case of errors or program termination. These mails will never be retrieved a second time. The only_new command and only-new option were therefore removed. - The 'connect_timeout' setting was replaced by a 'timeout' setting that applies to all network operations. Version 0.7.0: - Native language support (NLS) was added. Currently the only supported language besides english is german, but it is easy to add more translations (hint, hint)! - When delivering mail, mpop adds a Received header now - The parameters pipeline_min and pipeline_max are no longer configurable; they are compile time constants now. - Minor improvements all over the place Version 0.6.3: - No new festures, just bugfixes. Version 0.6.2: - Delivery to maildir folder is now possible. Example: delivery maildir ~/Mail/incoming - Filter scripts can now use the envelope from address and the size of a mail. Example: filter ~/bin/my-pop3-filter.sh --from=%F --size=%S Version 0.6.1: - This is a hotfix release because of the following error: If TLS is not used and a mail with a line longer than 1023 characters is read, a null character was wrongly inserted into that line. Version 0.6.0: - Implemented delivery to mbox mailboxes. There are now two methods to deliver mails: mda and mbox. You can choose one with the new "delivery" command. BEWARE: When switching from 0.5.0, you need to convert your configuration file to use the new command by inserting "delivery" before all "mda" commands. Version 0.5.0: - Speed improvements through network efficient POP3 command usage and faster UID comparison. Use the pipelining command to speed up your POP3 sessions. - Added support for the .netrc file: If a password is needed but none is given, mpop will try to find it in ~/.netrc, and if that fails, mpop will prompt you for it. - Nicer output Version 0.4.3: - One important bugfix (potential segfault) Version 0.4.2: - mpop can now keep track of already retrieved mails. Use only_new=on (or --only-new=on on the command line) to process only new messages and ignore already retrieved messages. The file to store the lists of unique IDs of already retrieved messages in is ~/.mpop_uidls by default. This can be changed with uidls_file/--uidls-file. Version 0.4.1: - Added the new connect_timeout command and --connect-timeout option. - Added specialisation to account definitions. See documentation of the account command and the example files. Version 0.4.0: - The default_mda command is obsolete: there's a new defaults command to set default values for all following commands. - The password will be prompted for if non is given in the configuration file - The user configuration file is required to have no more permissions than 0600 (user read/write). - Added support for AUTH EXTERNAL - Various cleanups - You need GnuTLS >= 1.2.0 now if you want GnuTLS support. Version 0.3.1: - --serverinfo is now usable without valid authentication data Version 0.3.0: - You can now filter your mails before downloading them by inspecting only the mail headers: use the new filter command or --filter option. Your POP3 server must support the POP3 TOP command for this to work. - Added --mda option - Various bugfixes and cleanups Version 0.2.0: - Update to the latest msmtp code base: - New command line options; see the man page or the --help text - Optional GNU SASL support. In addition to the built-in USER/PASS and APOP methods, there's support for PLAIN, CRAM-MD5, DIGEST-MD5, GSSAPI, LOGIN, and NTLM. Beware: This has not been tested yet! - TLS certificate information output with --serverinfo and -debug - Long option support on all platforms (thanks to gnulib) - Enhanced almost all commands to allow unsetting of features - Changed commands: "tls_nostarttls" is replaced by "tls_starttls off" and "tls_nocertcheck" by "tls_certcheck off" Version 0.1.4: - IPv6 support on Windows systems - *Lots* of small bug fixes and improvements Version 0.1.3: - When an error occurs, the so far successfully delivered mails will not be undeleted on the server anymore. This should prevent double download of mails. Version 0.1.2: - This version can be compiled without TLS/SSL support; use --disable-ssl if you really want that. Version 0.1.1: - New commands: default_mda, killsize, skipsize - Important bug fixes Version 0.1.0: - initial public release; 90% of the code comes from msmtp read the TODO file to find out about missing and untested features!