047
Wed Aug 14 11:12:52 UTC 2024
Dovecot v2.3.21.1 released....
Wed Jul 6 13:54:47 UTC 2022
CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used....
Mon Jun 21 14:20:13 EEST 2021
Released Dovecot v2.3.15 and Pigeonhole v0.5.15. Also released a fixes-only v2.3.14.1....
Mon Jun 4 14:03:16 EET 2021
We have disclosed three new vulnerabilities in dovecot, please see CVE-2020-28200, CVE-2021-29157 and CVE-2021-33515....
Mon Jan 4 14:03:16 EET 2021
We have disclosed two new vulnerabilities in dovecot, please see CVE-2020-25275 and CVE-2020-24386....
Wed Aug 12 16:25:42 EEST 2020
We are happy to announce that we have CentOS 8 packages available starting from v2.3.11.3. You can find these packages at https://repo.dovecot.org/....
Wed Aug 12 16:14:49 EEST 2020
We have disclosed three new vulnerabilities in dovecot, please see CVE-2020-12100, CVE-2020-12673 and CVE-2020-12674....
Dovecot’s user authentication is extremely flexible and feature-rich, supporting many different authentication databases and mechanisms.
Dovecot is standards compliant. Dovecot passes all IMAP server standard compliancy tests while most other servers fail many of them.
Dovecot’s indexes are self-optimizing. They contain exactly what the user’s client commonly needs, no more and no less.
Dovecot supports easy migration from many existing IMAP and POP3 servers, allowing the change to be transparent to existing users.
Dovecot is self-healing. It tries to fix most of the problems it notices by itself, such as broken index files. The problems are however logged so the administrator can later try to figure out what caused them.
Dovecot supports workarounds for several bugs in IMAP and POP3 clients. Since the workarounds may cause the protocol exchange to be sub-optimal, you can enable only the workarounds you need.
Dovecot tries to be admin-friendly. Common error messages are made as easily understandable as possible. Any crash, no matter how it happened, is considered a bug that will be fixed.
Dovecot’s design and implementation is highly focused on security. You can report any security vulnerabilities via our YesWeHack program or via email to security@dovecot.org.
Dovecot allows mailboxes and their indexes to be modified by multiple computers at the same time, while still performing well. This means that Dovecot works well with clustered filesystems. NFS has caching problems, but you can work around them with director proxies.
Dovecot is easily extensible. Plugins can add new commands, modify existing behavior, add their own data into index files or even add support for new mailbox formats. For example quota and ACL support are completely implemented as plugins.