+- Properly free host/user entries (through C++ class instantiation and destructors...)
+- Remove stupid options, such as spambounce, or deferred bounces for anything
+ but wrong addresses
+- Do not ever guess envelope from content headers such as To:/Cc:/Resent-To: or
+ similar.
+- Replace sscanf/fscanf by functions that do range checking
+ (strtol/strtoul), and make arguments unsigned long.
+- drop LAST support
+- use PS_PROTOCOL for pre-/post-connect command failures - 6.3 uses
+ PS_SYNTAX, and that's not necessarily the case. At least if the
+ command terminates with a signal, we should report PS_PROTOCOL.
+- revisit maximum allowed rcfile permissions, fix inconsistency
+ (silently allowing g+x).
+- make UID code more efficient, parsing is O(n^2), should be no worse
+ than O(n log n), lookup is O(n), should be O(log n).
+ * Idea for C: use <search.h> tfind/tsearch. Need to split idlist up
+ so it only keeps the ids, and use an array to track status.
+- help systematic debugging
+ - by making logging more strict (Postfix's msg_* as example??)
+ - by adding a --loggingtest or something that emits
+ a set of test log messages at various severity levels, in order to
+ make sure people get complete logs.
+ - by adding messages where fetchmail stuffed its output.
+- Debian Bug #454291 fetchmail --quit: should check, that pid file
+ really contains pid of fetchmail process (Dmitry Nezhevenko)
+ => use fcntl() lock?
+- feature to skip first N or all messages upon first download, or fetch
+ last N.
+- download only messages whose headers match a filter (by Toby, Usenet
+ Nov 2007 de.comm.software.mailserver
+ Message-ID: <1195033726.123704.296060@k79g2000hse.googlegroups.com>)
+- feature request by Daniel Goering <g_daniel@gmx.net> on
+ fetchmail-devel 2007-11-15: populate .fetchids from current messages.
+ (it'll probably be useful to limit this to "all but the 10 latest" or
+ "all before date this-and-that")
+- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374514
+ "Deleting fetchids file" vs. POP3 - probably unneeded if we use IMAP UIDs.
+- CRYPTO: change SSL/TLS UI incompatibly, making it easier to use
+- CRYPTO: allow selection of SSL/TLS Ciphers
+- CRYPTO: perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2,
+ but we should abandon that anyways).
+- CRYPTO: perhaps port to NSS? Check license and features and required procedure
+ changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS)
+- CRYPTO: make the SSL default v3 (rather than v23).
+- CRYPTO: remove sslfingerprint? too easily abused (see NEWS)
+- CRYPTO: force sslcertck
+- CRYPTO: by default forbid cleartext or other compromising password
+ schemes over insecure connections?