1 Note that there is a separate todo.html with different content than this.
4 - blacklist DigiNotar/Comodo/Türktrust hacks/certs, possibly with Chrome's serial#
6 - check if wildcards from X.509 are handled as strictly as required by
8 - audit if there are further untrusted data report_*() calls.
9 - Debian Bug #475239, MIME decoder may break up words (need to quote results)
10 - put bare IP addresses in brackets for SMTP (check if there are RFC
11 1123/5321/5322 differences)
12 - Fix further occurrences of SMTP reply code handling:
13 - for proper smtp_reponse caching of multiline codes (there are some)
14 - for stomping over control characters.
15 - check if smtpname and smtpaddress in particular work as advertised,
16 thread "Fetchmail with Postfix virtual users" around 2009-09-23 on
17 fetchmail-users@, by Joost Roeleveld and Gerard Seibert.
18 - virtual domain DOCUMENTATION (rewriting @example.com to
19 @virtual.example.com possible? Joost Roeleveld, thread "Fetchmail with
20 Postfix virtual users" around 2009-09-23 on fetchmail-users@).
23 - support NIL and strings where they are alternatives to literals
24 - Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
25 seems non-trivial to fix: in imap_idle(), we wait for untagged
26 responses, and may be deep in SSL_peek -- and that restarts the
27 underlying blocking read() from the socket, so we never break out of
28 the SSL_peek() with SIGUSR1.
29 - add repoll for all kinds of auth failures
30 (requires framework to track which auth failed in auto mode)
31 - SockOpen sometimes exits with errno == 0, confusing users (found with
32 Google RealTime on Twitter)
33 - make sure the man page completely lists all options (f. i. sslcertpath) in
35 - allow \Deleted without \Seen, rf.
36 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466299
37 - document IMAP4 ACL requirements
38 - CRYPTO: log configured server name on certificate mismatch (perhaps pay
39 attention to via entries and stuff like that)
40 - CRYPTO: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618
41 * write a table of combinations of TLS/SSL options
42 - add To: header to warning mails (authfail for instance)
43 - Fix TOCTOU race around prc_filecheck*
44 - Read CAPABILITY from greeting if present, saves one round trip.
45 - Check if LAST argument is properly validated against message count.
46 - add Message-ID: header and other SHOULD headers to warning mails?
47 - report actual SMTP error with "SMTP listener refused delivery", sugg.
48 Richard Brooksby, fetchmail-users 2010-04-06.
51 - find a better replacement for sscanf parsing - we don't usually
52 detect errors in format strings such as "* %d FETCH " because we don't
53 check if the FETCH is (a) present, (b) consumed.
54 - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471176
55 => fetchmail: support utf-8 encoding in log file
56 Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719
57 => syslog messages are localised
58 http://lists.debian.org/debian-devel/2006/11/msg01068.html
59 - when logging to syslog, disable locale?
60 - Get rid of peeking in socket.c? MSG_PEEK seems non-portable.
61 - revise ticker, and add something like .........20%.... ... 100%
65 - Convert POP3 UIDs to X-UIDL?
66 - fetch IMAP message in one go (fetchmail-devel by Adam Simpkins
67 <simpkins@cisco.com> around Nov 2nd)?
70 - Properly free host/user entries (through C++ class instantiation and destructors...)
71 - Remove stupid options, such as spambounce, or deferred bounces for anything
73 - Do not ever guess envelope from content headers such as To:/Cc:/Resent-To: or
75 - Replace sscanf/fscanf by functions that do range checking
76 (strtol/strtoul), and make arguments unsigned long.
78 - use PS_PROTOCOL for pre-/post-connect command failures - 6.3 uses
79 PS_SYNTAX, and that's not necessarily the case. At least if the
80 command terminates with a signal, we should report PS_PROTOCOL.
81 - revisit maximum allowed rcfile permissions, fix inconsistency
82 (silently allowing g+x).
83 - make UID code more efficient, parsing is O(n^2), should be no worse
84 than O(n log n), lookup is O(n), should be O(log n).
85 * Idea for C: use <search.h> tfind/tsearch. Need to split idlist up
86 so it only keeps the ids, and use an array to track status.
87 - help systematic debugging
88 - by making logging more strict (Postfix's msg_* as example??)
89 - by adding a --loggingtest or something that emits
90 a set of test log messages at various severity levels, in order to
91 make sure people get complete logs.
92 - by adding messages where fetchmail stuffed its output.
93 - Debian Bug #454291 fetchmail --quit: should check, that pid file
94 really contains pid of fetchmail process (Dmitry Nezhevenko)
96 - feature to skip first N or all messages upon first download, or fetch
98 - download only messages whose headers match a filter (by Toby, Usenet
99 Nov 2007 de.comm.software.mailserver
100 Message-ID: <1195033726.123704.296060@k79g2000hse.googlegroups.com>)
101 - feature request by Daniel Goering <g_daniel@gmx.net> on
102 fetchmail-devel 2007-11-15: populate .fetchids from current messages.
103 (it'll probably be useful to limit this to "all but the 10 latest" or
104 "all before date this-and-that")
105 - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374514
106 "Deleting fetchids file" vs. POP3 - probably unneeded if we use IMAP UIDs.
107 - CRYPTO: change SSL/TLS UI incompatibly, making it easier to use
108 - CRYPTO: allow selection of SSL/TLS Ciphers
109 - CRYPTO: perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2,
110 but we should abandon that anyways).
111 - CRYPTO: perhaps port to NSS? Check license and features and required procedure
112 changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS)
113 - CRYPTO: make the SSL default v3 (rather than v23).
114 - CRYPTO: force sslcertck
115 - CRYPTO: by default forbid cleartext or other compromising password
116 schemes over insecure connections?
117 - put more hints to the FAQ (should we call it FGA?) as first support place
118 - make sure we print socket error messages such as connection reset by
119 peer to hint users the problem is not in fetchmail
120 - require envelope option for multidrop ; if not found in header, defer message?
121 - > b) When the envelope header is specified, but it isn't found, a
122 > warning is logged and the mail is forwarded to the postmaster
123 > ("WARNING: Envelope header $HEADER found, cannot identify the
124 > recipient. Forwarding to the postmaster")
125 Rob MacGregor 2007-03-16 Patch to the man page, fetchmail-devel@
126 - integrate Isaac Wilcox's test rig
127 - look at Tony Earnshaw's .spec file
128 - look at Gentoo patches
129 - remove dead replacement functions: strdup (Andreas Krennmair), ...
130 - more SMTP/LMTP error detail on message rejections even outside verbose mode.
131 Ian D. Allen, fetchmail-users. Two messages with examples.
132 What goes here? fetchmailrc location, server, port, user, folder, anything else?
133 - see if "AUTH SSH" can be made to work for POP3
134 - revisit BerliOS patches
135 - check recent list mail
136 - check Debian BTS and other bug trackers
137 - better logging (log all headers, log forward destination + method)
138 - check strict envelope N Received parsing,
139 see mail from Admin Att on fetchmail-users
140 - 6.3.4-pending-deletes.patch
141 - fetchmail -s with running daemon complains rather than silently
143 - send warning message when connection fails?
144 - check FAQ O5 - do we really prefer From: over envelope?!?
145 - add code to allow safe authentication schemes if TLS fails
146 - make APOP an authenticator, integrate with regular auto authentication
147 but stuff it at the end
148 - allow forcing RETR (RETR vs. TOP, fetchmail-users, drbob 2008-01-11)
150 - make logfile more useful (redirect not only in daemon mode)
151 - close/reopen logfile on certain signals (for newsyslog/logrotate
153 - for virtual mapping, we don't currently support local user aliases or
154 regexp matching with replacement. This would be useful for hosting
155 several virtual domains in one multidrop mailbox, as in
162 some@one.example maps to bob-one-some@serverdomain
163 another@two.example maps to bob-two-example@serverdomain
165 we can strip the bob-*, but but we don't support domain catchalls
166 here, and we cannot currently delegate or rewrite the remaining
167 one-* or two-* users in a useful way. All local parts of the upstream
168 domains must be known and mapped in the configuration file.
169 (See fetchmail-users, Michelle Konzack, 2009-05-03, "4 multidrop but one
170 destination server" and followup)
172 This probably entails some form of extended user mapping inside
173 fetchmail, for map_name() in transact.c, and possibly
174 find_server_names() ibidem.
175 - more verbose diagnostics, what, why, how, ... (what does fetchmail do, what
176 does it expect, what does it get instead, what does that mean, how can the
177 user fix it; references to the manual)
179 - grarpamp suggested, on the fetchmail list in later April 2013, more
180 config file flexibility and explicitness, by marking polls, hosts,
181 accounts. See thread.
183 - more selection options, Debian Bug#705291.
185 - add a way to specify multiple fingerprints per host
187 - add a way to specify non-MD5 fingerprints per host. SHA1 can be told
188 from its mere length; other digest algorithms would require some sort
189 of prefix. We may require the prefix for SHA1, too, for clarity.
192 - Add info whether Keywords are global, server or user keywords
193 - consolidate multidrop documentation
194 - HOWTO (on configuration, and on SSL in particular)