--- /dev/null
+/* ========================================================================
+ * Copyright 1988-2007 University of Washington
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *
+ * ========================================================================
+ */
+
+ KNOWN BUGS/MISFEATURES/DEFICIENCIES IN THE IMAP TOOLKIT
+ Last Updated: 15 November 2007
+
+The following are known problems/deficiencies in the imap-2007 toolkit:
+
+ . Possible problems for some installations:
+ . In some versions of Redhat Linux, SVR4-style timezone name lookup
+ doesn't work properly due to a bug in glibc. The workaround is to
+ edit os_lnx.c to include tz_bsd.c instead of tz_sv4.c. Note that
+ other versions of Linux don't support BSD-style timezone name
+ lookup, so don't make this change unless it's needed on your system.
+ . In some systems, the OpenSSL distribution is installed other than at
+ the standard /usr/local/ssl location. If this is the case on your
+ system and you want to build with SSL support, you will need to set
+ the SSLDIR variable, either by including a setting of EXTRASPECIALS
+ in the make command line, e.g.
+ build lnp SPECIALAUTHENTICATORS=ssl EXTRASPECIALS="SSLDIR=/usr/ssl"
+ or by editing .../src/osdep/unix/Makefile
+ . /tmp, /usr/tmp or /var/tmp (if present), and the mail spool directory
+ must be protected 1777 (world write with sticky bit); otherwise
+ mailbox locking and updates won't work. An alternative to 1777 on
+ the mail spool directory is to install the mlock program that is
+ bundled with the IMAP toolkit.
+ . Multiple access protection locking does not work if the mailbox or
+ /tmp are NFS mounted.
+ . Shared access mailbox formats (mbx, mtx, mx, and tenex) do not work
+ well with NFS and such usage is not supported. mmdf and unix formats
+ are supported for use over NFS; however there won't be any multiple
+ access locking protection.
+ . Server startup delays may occur if a reverse DNS (IP address to name)
+ lookup on the client's IP address does not complete in an expeditious
+ fashion. This is actually a DNS problem and should be fixed in the
+ DNS and/or the server's host table. A workaround exists (see the
+ top-level Makefile for details) but is not recommended and can not
+ be used at all with Kerberos.
+ . At the insistance of the security gurus, SSL certification validation
+ is now on by default. This means that you must now use the new
+ /novalidate-cert switch if establishing an SSL connection to a server
+ with a self-signed certificate; i.e. if "imap.example.com" has a
+ self-signed certificate, you must use a mailbox name such as
+ {imap.example.com/ssl/novalidate-cert}INBOX
+ to get an SSL session instead of just
+ {imap.example.com/ssl}INBOX
+ . GCC 8.x and above on SGI systems does not correctly pass/return
+ structures which are smaller than 16 bytes and are not 8 bytes. The
+ problem is that structures are padded at the wrong end; e.g. a 4 byte
+ structure is loaded into the lower 4 bytes of the register when it
+ should be loaded into the upper 4 bytes of the register. This affects
+ IRIX 6 the most because it is a 64-bit system and 4 byte structures are
+ common. This compiler bug impacts the use of inet_ntoa() in c-client
+ and causes syslog messages to show IP addresses as 255.255.255.255
+ instead of the correct values. The fix is either to use SGI's C compiler
+ instead of GCC or link with an implementation of inet_ntoa() that was
+ built with GCC instead of the standard SGI C library version.
+ . By default, the UNIX SSL build assumes that RSAREF is not needed, because
+ RSA Security Inc. released the RSA public key encryption algorithm into
+ the public domain on September 6, 2000. There is no longer any need to
+ use RSAREF, and since RSAREF is slower than OpenSSL's RSA routines
+ there's good reason not to. If for some reason you still want to use
+ RSAREF, you will need to edit .../src/osdep/unix/Makefile to
+ change SSLRSA to load libRSAglue and librsaref.
+ . By default, the UNIX SSL build assumes that no name conflict exists
+ between OpenSSL and Kerberos 5. If you are using an older version
+ of Kerberos, you may need to edit .../src/osdep/unix/Makefile
+ to change SSLCRYPTO so that it loads the OpenSSL libcrypto library
+ explicitly as libcrypto.a.
+ . By default, host names are canonicalized via gethostbyname() and
+ gethostbyaddr() for everything except for SSL certificate validation.
+ This can represent a security bug due to DNS spoofing, but is more
+ likely to deliver results that users expect and also may be necessary
+ to get Kerberos to work. Set variable "trustdns" in mail.c to NIL if
+ you want to disable this.
+
+ . Bugs:
+ . It doesn't work to have a "}" character as a user name in /user= in a
+ mailbox name, even if the user name is quoted. In other words,
+ {example.com/user="foo}bar"}zap
+ won't work; foo will be interpreted as an unterminated quoted string
+ and the remote mailbox name will be
+ bar"}zap.
+ . The experimental mx driver has performance problems and shouldn't be used
+ . docs/internal.txt is out of date (again)
+
+ . UIDPLUS bugs/limitations:
+ . Not supported in all local file formats (see below).
+ . There are two known issues with UIDPLUS in the mmdf and unix formats:
+ (a) If the destination mailbox is currently selected (whether in this
+ or another session), no COPYUID or APPENDUID is returned. The other
+ choice was to assign a UID based upon the uid_last value and hope
+ that the session selecting the mailbox would pick it up and update
+ uid_last. The problem was a timing race if another message was
+ copied/appended to that mailbox before the selecting session updated
+ the mailbox. If the timing race is lost, then all UID in the mailbox
+ would be reassigned by the selecting session, thus making the
+ returned APPENDUID/COPYUID data useless and causing a performance
+ problem.
+ Earlier versions did the "hope for the best" method. This was
+ revoked in favor of not returning COPYUID/APPENDUID.
+ Although this violates RFC 4315, there is a loophole which, although
+ for other purposes, permits this behavior.
+ (b) There is a known failure if the destination mailbox is currently
+ selected by legacy software (e.g. older versions of the IMAP
+ server, Pine, etc.). In this case, all UIDs end up being
+ reassigned by the legacy software.
+
+ . Annoyances:
+ . Friendly host names (e.g. "server" instead of "server.foo.com") can't be
+ used in a mailbox name with SSL certificate validation; you have to enter
+ the fully-qualified domain name. This is a requirement established by
+ the security gurus.
+
+ . IMAP client limitations:
+ . No SASL protection mechanisms (SASL authentication mechanisms are
+ supported)
+
+ . NNTP client limitations:
+ . Non-standard IMAP SCAN extension not supported
+
+ . POP client limitations:
+ . No SASL protection mechanisms (SASL authentication mechanisms are
+ supported)
+ . No POP3 UID support
+ . Non-standard IMAP SCAN extension not supported
+
+ . SMTP client limitations:
+ . No SASL protection mechanisms (SASL authentication mechanisms are
+ supported)
+ . No support for use of TURN, ETRN, and pipelining.
+ . No support for enhanced status codes
+
+ . UNIX limitations:
+ . IPv6 is supported but is not the default on most platforms; you have to
+ use IP=6 in the make command
+ . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile,
+ tenex, unix
+ . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI
+ . Sticky UIDs are not supported in the mh, mtx, and tenex drivers
+ . Creation of keywords is not supported in the mh, mtx, and tenex drivers
+ . Copy and append of keywords only works in the mbx driver.
+ . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit
+ mailboxes to have inferior names
+ . SSL temporary key should be seeded better than it is.
+ . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats.
+ . Non-standard IMAP SCAN extension not support for mh and news formats.
+
+ . Amiga limitations:
+ . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile,
+ tenex, unix
+ . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS
+ . Sticky UIDs are not supported in the mh, mtx, and tenex drivers
+ . Creation of keywords is not supported in the mh, mtx, and tenex drivers
+ . Copy and append of keywords only works in the mbx driver.
+ . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit
+ mailboxes to have inferior names
+ . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats.
+ . Non-standard IMAP SCAN extension not supported for mh and news formats.
+
+ . Win32 (Win9x/NT/Windows 2000) limitations:
+ . IPv6 is supported in W2K builds but is not the default; you have to use
+ IP=6 in the nmake command
+ . Supported local file formats: mbx, mtx, tenex, unix
+ . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI
+ . No server SSL or TLS support.
+ . No server authentication for GSSAPI
+ . No server authentication for CRAM-MD5 on NT-based Windows (NT/2K/XP);
+ it does work on DOS-based Windows (9x/Me).
+ . Sticky UIDs are not supported in the mtxnt and tenexnt drivers
+ . Creation of keywords is not supported in the mtxnt and tenexnt drivers
+ . Copy and append of keywords only works in the mbxnt driver.
+ . No support for TCP open timeouts
+ . Flat file formats (mbx, mtx, tenex, unix) do not permit mailboxes to have
+ inferior names
+ . UIDPLUS support is limited to the unix and mbx formats.
+
+ . Win16 (Win3.1)/DOS limitations:
+ . IPv6 not supported
+ . Supported local file formats: bezerk, mtx
+ . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
+ . Supported TCPs: B&W, Novell, PC-NFs, PC/TCP, Waterloo, Winsock
+ . Sticky UIDs are not supported on local files
+ . Creation of keywords are not supported on local files
+ . Bezerk driver is read-only and does not handle LF-only newlines well
+ . No support for any TCP timeouts on Waterloo DOS
+ . No support for TCP open timeouts on Winsock and generic DOS
+ . Flat file formats (bezerk, mtx) do not permit mailboxes to have inferior
+ names
+ . Does not work well unless a mailgets routine is armed when fetching
+ texts.
+
+ . Mac limitations:
+ . IPv6 not supported
+ . No local file drivers
+ . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
+ . Does not output human-friendly time zone string
+
+ . TOPS-20 limitations:
+ . IPv6 not supported
+ . No local file drivers
+ . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
+ . No support for any TCP timeouts
+
+ . VMS limitations:
+ . IPv6 not supported
+ . No local file drivers
+ . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
+ . Supported TCPs: Multinet, Netlib
+ . No support for any TCP timeouts on VMS Netlib
+ . No support for TCP open timeouts on VMS Multinet
+ . Time zone must be configured at build time
+ . Does not output human-friendly time zone string
+
+ . Windows CE limitations:
+ . IPv6 not yet supported
+ . No local file drivers
+ . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
+ . No support for TCP open timeouts
+ . Not finished, only builds c-client library
+
+ . OS/2 limitations:
+ . IPv6 not supported
+ . Not finished, does not build
projects / uw-imap / commitdiff