-- allow full user@domain mappings in multidrop matching
- (is this perhaps a 6.4.0 issue?) see Andrew Longland-Meech's
- multidrop problems on fetchmail-users
-- Patterson: --logfile w/ ~/blah confuses fetchmail;
- see thread [fetchmail-users] option -v not working...
+Note that there is a separate todo.html with different content than this.
+
+soon - MUST:
+- blacklist DigiNotar/Comodo/Türktrust hacks/certs, possibly with Chrome's serial#
+ list?
+- check if wildcards from X.509 are handled as strictly as required by
+ the RFCs.
+- audit if there are further untrusted data report_*() calls.
+- Debian Bug #475239, MIME decoder may break up words (need to quote results)
+- put bare IP addresses in brackets for SMTP (check if there are RFC
+ 1123/5321/5322 differences)
+- Fix further occurrences of SMTP reply code handling:
+ - for proper smtp_reponse caching of multiline codes (there are some)
+ - for stomping over control characters.
+- check if smtpname and smtpaddress in particular work as advertised,
+ thread "Fetchmail with Postfix virtual users" around 2009-09-23 on
+ fetchmail-users@, by Joost Roeleveld and Gerard Seibert.
+- virtual domain DOCUMENTATION (rewriting @example.com to
+ @virtual.example.com possible? Joost Roeleveld, thread "Fetchmail with
+ Postfix virtual users" around 2009-09-23 on fetchmail-users@).
+
+soon - SHOULD:
+- support NIL and strings where they are alternatives to literals
+- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
+ seems non-trivial to fix: in imap_idle(), we wait for untagged
+ responses, and may be deep in SSL_peek -- and that restarts the
+ underlying blocking read() from the socket, so we never break out of
+ the SSL_peek() with SIGUSR1.
+- add repoll for all kinds of auth failures
+ (requires framework to track which auth failed in auto mode)
+- SockOpen sometimes exits with errno == 0, confusing users (found with
+ Google RealTime on Twitter)
+- make sure the man page completely lists all options (f. i. sslcertpath) in
+ the tables.
+- allow \Deleted without \Seen, rf.
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466299
+- document IMAP4 ACL requirements
+- CRYPTO: log configured server name on certificate mismatch (perhaps pay
+ attention to via entries and stuff like that)
+- CRYPTO: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618
+ * write a table of combinations of TLS/SSL options
+- add To: header to warning mails (authfail for instance)
+- Fix TOCTOU race around prc_filecheck*
+- Read CAPABILITY from greeting if present, saves one round trip.
+- Check if LAST argument is properly validated against message count.
+- add Message-ID: header and other SHOULD headers to warning mails?
+- report actual SMTP error with "SMTP listener refused delivery", sugg.
+ Richard Brooksby, fetchmail-users 2010-04-06.
+
+soon - MAY:
+- find a better replacement for sscanf parsing - we don't usually
+ detect errors in format strings such as "* %d FETCH " because we don't
+ check if the FETCH is (a) present, (b) consumed.
+- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471176
+ => fetchmail: support utf-8 encoding in log file
+ Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719
+ => syslog messages are localised
+ http://lists.debian.org/debian-devel/2006/11/msg01068.html
+- when logging to syslog, disable locale?
+- Get rid of peeking in socket.c? MSG_PEEK seems non-portable.
+- revise ticker, and add something like .........20%.... ... 100%
+ (suggested by Yue Wu)
+
+questionable:
+- Convert POP3 UIDs to X-UIDL?
+- fetch IMAP message in one go (fetchmail-devel by Adam Simpkins
+ <simpkins@cisco.com> around Nov 2nd)?
+
+7.0:
+- Properly free host/user entries (through C++ class instantiation and destructors...)
+- Remove stupid options, such as spambounce, or deferred bounces for anything
+ but wrong addresses
+- Do not ever guess envelope from content headers such as To:/Cc:/Resent-To: or
+ similar.
+- Replace sscanf/fscanf by functions that do range checking
+ (strtol/strtoul), and make arguments unsigned long.
+- drop LAST support
+- use PS_PROTOCOL for pre-/post-connect command failures - 6.3 uses
+ PS_SYNTAX, and that's not necessarily the case. At least if the
+ command terminates with a signal, we should report PS_PROTOCOL.
+- revisit maximum allowed rcfile permissions, fix inconsistency
+ (silently allowing g+x).
+- make UID code more efficient, parsing is O(n^2), should be no worse
+ than O(n log n), lookup is O(n), should be O(log n).
+ * Idea for C: use <search.h> tfind/tsearch. Need to split idlist up
+ so it only keeps the ids, and use an array to track status.
+- help systematic debugging
+ - by making logging more strict (Postfix's msg_* as example??)
+ - by adding a --loggingtest or something that emits
+ a set of test log messages at various severity levels, in order to
+ make sure people get complete logs.
+ - by adding messages where fetchmail stuffed its output.
+- Debian Bug #454291 fetchmail --quit: should check, that pid file
+ really contains pid of fetchmail process (Dmitry Nezhevenko)
+ => use fcntl() lock?
+- feature to skip first N or all messages upon first download, or fetch
+ last N.
+- download only messages whose headers match a filter (by Toby, Usenet
+ Nov 2007 de.comm.software.mailserver
+ Message-ID: <1195033726.123704.296060@k79g2000hse.googlegroups.com>)
+- feature request by Daniel Goering <g_daniel@gmx.net> on
+ fetchmail-devel 2007-11-15: populate .fetchids from current messages.
+ (it'll probably be useful to limit this to "all but the 10 latest" or
+ "all before date this-and-that")
+- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374514
+ "Deleting fetchids file" vs. POP3 - probably unneeded if we use IMAP UIDs.
+- CRYPTO: change SSL/TLS UI incompatibly, making it easier to use
+- CRYPTO: allow selection of SSL/TLS Ciphers
+- CRYPTO: perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2,
+ but we should abandon that anyways).
+- CRYPTO: perhaps port to NSS? Check license and features and required procedure
+ changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS)
+- CRYPTO: make the SSL default v3 (rather than v23).
+- CRYPTO: force sslcertck
+- CRYPTO: by default forbid cleartext or other compromising password
+ schemes over insecure connections?
+- put more hints to the FAQ (should we call it FGA?) as first support place
+- make sure we print socket error messages such as connection reset by
+ peer to hint users the problem is not in fetchmail
+- require envelope option for multidrop ; if not found in header, defer message?
+- > b) When the envelope header is specified, but it isn't found, a
+ > warning is logged and the mail is forwarded to the postmaster
+ > ("WARNING: Envelope header $HEADER found, cannot identify the
+ > recipient. Forwarding to the postmaster")
+ Rob MacGregor 2007-03-16 Patch to the man page, fetchmail-devel@
+- integrate Isaac Wilcox's test rig
+- look at Tony Earnshaw's .spec file
+- look at Gentoo patches
+- remove dead replacement functions: strdup (Andreas Krennmair), ...
+- more SMTP/LMTP error detail on message rejections even outside verbose mode.
+ Ian D. Allen, fetchmail-users. Two messages with examples.
+ What goes here? fetchmailrc location, server, port, user, folder, anything else?
+- see if "AUTH SSH" can be made to work for POP3
+- revisit BerliOS patches
- check recent list mail
- check Debian BTS and other bug trackers
-- better logging (log all headers)
-- check strict envelope N Received parsing, mail from Admin Att on
- fetchmail-users
-- document Received: parsing expectations
-- revise FAQ, continue in section T.
+- better logging (log all headers, log forward destination + method)
+- check strict envelope N Received parsing,
+ see mail from Admin Att on fetchmail-users
- 6.3.4-pending-deletes.patch
-- Add info whether Keywords are global, server or user keywords
-- merge BerliOS IMAP AUTHENTICATE EXTERNAL patch
- fetchmail -s with running daemon complains rather than silently
restarting daemon
+- send warning message when connection fails?
+- check FAQ O5 - do we really prefer From: over envelope?!?
+- add code to allow safe authentication schemes if TLS fails
+- make APOP an authenticator, integrate with regular auto authentication
+ but stuff it at the end
+- allow forcing RETR (RETR vs. TOP, fetchmail-users, drbob 2008-01-11)
+- CRYPTO: use SASL?
+- make logfile more useful (redirect not only in daemon mode)
+- close/reopen logfile on certain signals (for newsyslog/logrotate
+ support)
+- for virtual mapping, we don't currently support local user aliases or
+ regexp matching with replacement. This would be useful for hosting
+ several virtual domains in one multidrop mailbox, as in
+ qmail/courier's:
+
+ @one.example:bob-one
+ @two.example:bob-two
+
+ Result:
+ some@one.example maps to bob-one-some@serverdomain
+ another@two.example maps to bob-two-example@serverdomain
+
+ we can strip the bob-*, but but we don't support domain catchalls
+ here, and we cannot currently delegate or rewrite the remaining
+ one-* or two-* users in a useful way. All local parts of the upstream
+ domains must be known and mapped in the configuration file.
+ (See fetchmail-users, Michelle Konzack, 2009-05-03, "4 multidrop but one
+ destination server" and followup)
+
+ This probably entails some form of extended user mapping inside
+ fetchmail, for map_name() in transact.c, and possibly
+ find_server_names() ibidem.
+- more verbose diagnostics, what, why, how, ... (what does fetchmail do, what
+ does it expect, what does it get instead, what does that mean, how can the
+ user fix it; references to the manual)
+
+- grarpamp suggested, on the fetchmail list in later April 2013, more
+ config file flexibility and explicitness, by marking polls, hosts,
+ accounts. See thread.
+
+- more selection options, Debian Bug#705291.
+
+- add a way to specify multiple fingerprints per host
+
+- add a way to specify non-MD5 fingerprints per host. SHA1 can be told
+ from its mere length; other digest algorithms would require some sort
+ of prefix. We may require the prefix for SHA1, too, for clarity.
+
+- more useful logging, suggested by Jerry, fetchmail-users, 17 May 2013
+ should include date, time, message-id, and 250 Ok message from
+ listener that got forwarded to.
+
+DOCUMENTATION:
+- Add info whether Keywords are global, server or user keywords
+- consolidate multidrop documentation
+- HOWTO (on configuration, and on SSL in particular)