diff options
Diffstat (limited to 'imap/docs/bugs.txt')
| -rw-r--r-- | imap/docs/bugs.txt | 234 |
1 files changed, 234 insertions, 0 deletions
diff --git a/imap/docs/bugs.txt b/imap/docs/bugs.txt new file mode 100644 index 00000000..5f87b3ef --- /dev/null +++ b/imap/docs/bugs.txt @@ -0,0 +1,234 @@ +/* ======================================================================== + * Copyright 1988-2007 University of Washington + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * + * ======================================================================== + */ + + KNOWN BUGS/MISFEATURES/DEFICIENCIES IN THE IMAP TOOLKIT + Last Updated: 15 November 2007 + +The following are known problems/deficiencies in the imap-2007 toolkit: + + . Possible problems for some installations: + . In some versions of Redhat Linux, SVR4-style timezone name lookup + doesn't work properly due to a bug in glibc. The workaround is to + edit os_lnx.c to include tz_bsd.c instead of tz_sv4.c. Note that + other versions of Linux don't support BSD-style timezone name + lookup, so don't make this change unless it's needed on your system. + . In some systems, the OpenSSL distribution is installed other than at + the standard /usr/local/ssl location. If this is the case on your + system and you want to build with SSL support, you will need to set + the SSLDIR variable, either by including a setting of EXTRASPECIALS + in the make command line, e.g. + build lnp SPECIALAUTHENTICATORS=ssl EXTRASPECIALS="SSLDIR=/usr/ssl" + or by editing .../src/osdep/unix/Makefile + . /tmp, /usr/tmp or /var/tmp (if present), and the mail spool directory + must be protected 1777 (world write with sticky bit); otherwise + mailbox locking and updates won't work. An alternative to 1777 on + the mail spool directory is to install the mlock program that is + bundled with the IMAP toolkit. + . Multiple access protection locking does not work if the mailbox or + /tmp are NFS mounted. + . Shared access mailbox formats (mbx, mtx, mx, and tenex) do not work + well with NFS and such usage is not supported. mmdf and unix formats + are supported for use over NFS; however there won't be any multiple + access locking protection. + . Server startup delays may occur if a reverse DNS (IP address to name) + lookup on the client's IP address does not complete in an expeditious + fashion. This is actually a DNS problem and should be fixed in the + DNS and/or the server's host table. A workaround exists (see the + top-level Makefile for details) but is not recommended and can not + be used at all with Kerberos. + . At the insistance of the security gurus, SSL certification validation + is now on by default. This means that you must now use the new + /novalidate-cert switch if establishing an SSL connection to a server + with a self-signed certificate; i.e. if "imap.example.com" has a + self-signed certificate, you must use a mailbox name such as + {imap.example.com/ssl/novalidate-cert}INBOX + to get an SSL session instead of just + {imap.example.com/ssl}INBOX + . GCC 8.x and above on SGI systems does not correctly pass/return + structures which are smaller than 16 bytes and are not 8 bytes. The + problem is that structures are padded at the wrong end; e.g. a 4 byte + structure is loaded into the lower 4 bytes of the register when it + should be loaded into the upper 4 bytes of the register. This affects + IRIX 6 the most because it is a 64-bit system and 4 byte structures are + common. This compiler bug impacts the use of inet_ntoa() in c-client + and causes syslog messages to show IP addresses as 255.255.255.255 + instead of the correct values. The fix is either to use SGI's C compiler + instead of GCC or link with an implementation of inet_ntoa() that was + built with GCC instead of the standard SGI C library version. + . By default, the UNIX SSL build assumes that RSAREF is not needed, because + RSA Security Inc. released the RSA public key encryption algorithm into + the public domain on September 6, 2000. There is no longer any need to + use RSAREF, and since RSAREF is slower than OpenSSL's RSA routines + there's good reason not to. If for some reason you still want to use + RSAREF, you will need to edit .../src/osdep/unix/Makefile to + change SSLRSA to load libRSAglue and librsaref. + . By default, the UNIX SSL build assumes that no name conflict exists + between OpenSSL and Kerberos 5. If you are using an older version + of Kerberos, you may need to edit .../src/osdep/unix/Makefile + to change SSLCRYPTO so that it loads the OpenSSL libcrypto library + explicitly as libcrypto.a. + . By default, host names are canonicalized via gethostbyname() and + gethostbyaddr() for everything except for SSL certificate validation. + This can represent a security bug due to DNS spoofing, but is more + likely to deliver results that users expect and also may be necessary + to get Kerberos to work. Set variable "trustdns" in mail.c to NIL if + you want to disable this. + + . Bugs: + . It doesn't work to have a "}" character as a user name in /user= in a + mailbox name, even if the user name is quoted. In other words, + {example.com/user="foo}bar"}zap + won't work; foo will be interpreted as an unterminated quoted string + and the remote mailbox name will be + bar"}zap. + . The experimental mx driver has performance problems and shouldn't be used + . docs/internal.txt is out of date (again) + + . UIDPLUS bugs/limitations: + . Not supported in all local file formats (see below). + . There are two known issues with UIDPLUS in the mmdf and unix formats: + (a) If the destination mailbox is currently selected (whether in this + or another session), no COPYUID or APPENDUID is returned. The other + choice was to assign a UID based upon the uid_last value and hope + that the session selecting the mailbox would pick it up and update + uid_last. The problem was a timing race if another message was + copied/appended to that mailbox before the selecting session updated + the mailbox. If the timing race is lost, then all UID in the mailbox + would be reassigned by the selecting session, thus making the + returned APPENDUID/COPYUID data useless and causing a performance + problem. + Earlier versions did the "hope for the best" method. This was + revoked in favor of not returning COPYUID/APPENDUID. + Although this violates RFC 4315, there is a loophole which, although + for other purposes, permits this behavior. + (b) There is a known failure if the destination mailbox is currently + selected by legacy software (e.g. older versions of the IMAP + server, Pine, etc.). In this case, all UIDs end up being + reassigned by the legacy software. + + . Annoyances: + . Friendly host names (e.g. "server" instead of "server.foo.com") can't be + used in a mailbox name with SSL certificate validation; you have to enter + the fully-qualified domain name. This is a requirement established by + the security gurus. + + . IMAP client limitations: + . No SASL protection mechanisms (SASL authentication mechanisms are + supported) + + . NNTP client limitations: + . Non-standard IMAP SCAN extension not supported + + . POP client limitations: + . No SASL protection mechanisms (SASL authentication mechanisms are + supported) + . No POP3 UID support + . Non-standard IMAP SCAN extension not supported + + . SMTP client limitations: + . No SASL protection mechanisms (SASL authentication mechanisms are + supported) + . No support for use of TURN, ETRN, and pipelining. + . No support for enhanced status codes + + . UNIX limitations: + . IPv6 is supported but is not the default on most platforms; you have to + use IP=6 in the make command + . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile, + tenex, unix + . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI + . Sticky UIDs are not supported in the mh, mtx, and tenex drivers + . Creation of keywords is not supported in the mh, mtx, and tenex drivers + . Copy and append of keywords only works in the mbx driver. + . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit + mailboxes to have inferior names + . SSL temporary key should be seeded better than it is. + . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats. + . Non-standard IMAP SCAN extension not support for mh and news formats. + + . Amiga limitations: + . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile, + tenex, unix + . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS + . Sticky UIDs are not supported in the mh, mtx, and tenex drivers + . Creation of keywords is not supported in the mh, mtx, and tenex drivers + . Copy and append of keywords only works in the mbx driver. + . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit + mailboxes to have inferior names + . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats. + . Non-standard IMAP SCAN extension not supported for mh and news formats. + + . Win32 (Win9x/NT/Windows 2000) limitations: + . IPv6 is supported in W2K builds but is not the default; you have to use + IP=6 in the nmake command + . Supported local file formats: mbx, mtx, tenex, unix + . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI + . No server SSL or TLS support. + . No server authentication for GSSAPI + . No server authentication for CRAM-MD5 on NT-based Windows (NT/2K/XP); + it does work on DOS-based Windows (9x/Me). + . Sticky UIDs are not supported in the mtxnt and tenexnt drivers + . Creation of keywords is not supported in the mtxnt and tenexnt drivers + . Copy and append of keywords only works in the mbxnt driver. + . No support for TCP open timeouts + . Flat file formats (mbx, mtx, tenex, unix) do not permit mailboxes to have + inferior names + . UIDPLUS support is limited to the unix and mbx formats. + + . Win16 (Win3.1)/DOS limitations: + . IPv6 not supported + . Supported local file formats: bezerk, mtx + . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS + . Supported TCPs: B&W, Novell, PC-NFs, PC/TCP, Waterloo, Winsock + . Sticky UIDs are not supported on local files + . Creation of keywords are not supported on local files + . Bezerk driver is read-only and does not handle LF-only newlines well + . No support for any TCP timeouts on Waterloo DOS + . No support for TCP open timeouts on Winsock and generic DOS + . Flat file formats (bezerk, mtx) do not permit mailboxes to have inferior + names + . Does not work well unless a mailgets routine is armed when fetching + texts. + + . Mac limitations: + . IPv6 not supported + . No local file drivers + . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS + . Does not output human-friendly time zone string + + . TOPS-20 limitations: + . IPv6 not supported + . No local file drivers + . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS + . No support for any TCP timeouts + + . VMS limitations: + . IPv6 not supported + . No local file drivers + . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS + . Supported TCPs: Multinet, Netlib + . No support for any TCP timeouts on VMS Netlib + . No support for TCP open timeouts on VMS Multinet + . Time zone must be configured at build time + . Does not output human-friendly time zone string + + . Windows CE limitations: + . IPv6 not yet supported + . No local file drivers + . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS + . No support for TCP open timeouts + . Not finished, only builds c-client library + + . OS/2 limitations: + . IPv6 not supported + . Not finished, does not build |