Search | Directories | Reference Tools
UW Home > Discover UW > IT Connect > IMAP Information Center 

UW IMAP Server Documentation


/* ========================================================================
 * Copyright 1988-2006 University of Washington
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * 
 * ========================================================================
 */

	   KNOWN BUGS/MISFEATURES/DEFICIENCIES IN THE IMAP TOOLKIT
			Last Updated: 30 August 2006

The following are known problems/deficiencies in the imap-2006 toolkit:

 . Possible problems for some installations:
   . In some versions of Redhat Linux, SVR4-style timezone name lookup
      doesn't work properly due to a bug in glibc.  The workaround is to
      edit os_lnx.c to include tz_bsd.c instead of tz_sv4.c.  Note that
      other versions of Linux don't support BSD-style timezone name
      lookup, so don't make this change unless it's needed on your system.
   . In some systems, the OpenSSL distribution is installed other than at
      the standard /usr/local/ssl location.  If this is the case on your
      system and you want to build with SSL support, you will need to set
      the SSLDIR variable, either by including a setting of EXTRASPECIALS
      in the make command line, e.g.
       build lnp SPECIALAUTHENTICATORS=ssl EXTRASPECIALS="SSLDIR=/usr/ssl"
      or by editing imap-2006/src/osdep/unix/Makefile
   . /tmp, /usr/tmp or /var/tmp (if present), and the mail spool directory
      must be protected 1777 (world write with sticky bit); otherwise
      mailbox locking and updates won't work.  An alternative to 1777 on
      the mail spool directory is to install the mlock program that is
      bundled with the IMAP toolkit.
   . Multiple access protection locking does not work if the mailbox or
      /tmp are NFS mounted.
   . Shared access mailbox formats (mbx, mtx, mx, and tenex) do not work
      well with NFS and such usage is not supported.  mmdf and unix formats
      are supported for use over NFS; however there won't be any multiple
      access locking protection.
   . Server startup delays may occur if a reverse DNS (IP address to name)
      lookup on the client's IP address does not complete in an expeditious
      fashion.  This is actually a DNS problem and should be fixed in the
      DNS and/or the server's host table.  A workaround exists (see the
      top-level Makefile for details) but is not recommended and can not
      be used at all with Kerberos.
   . At the insistance of the security gurus, SSL certification validation
      is now on by default.  This means that you must now use the new
      /novalidate-cert switch if establishing an SSL connection to a server
      with a self-signed certificate; i.e. if "imap.example.com" has a
      self-signed certificate, you must use a mailbox name such as
       {imap.example.com/ssl/novalidate-cert}INBOX
      to get an SSL session instead of just
       {imap.example.com/ssl}INBOX
   . GCC 8.x and above on SGI systems does not correctly pass/return
      structures which are smaller than 16 bytes and are not 8 bytes.  The
      problem is that structures are padded at the wrong end; e.g. a 4 byte
      structure is loaded into the lower 4 bytes of the register when it
      should be loaded into the upper 4 bytes of the register.  This affects
      IRIX 6 the most because it is a 64-bit system and 4 byte structures are
      common.  This compiler bug impacts the use of inet_ntoa() in c-client
      and causes syslog messages to show IP addresses as 255.255.255.255
      instead of the correct values.  The fix is either to use SGI's C compiler
      instead of GCC or link with an implementation of inet_ntoa() that was
      built with GCC instead of the standard SGI C library version.
   . By default, the UNIX SSL build assumes that RSAREF is not needed, because
      RSA Security Inc. released the RSA public key encryption algorithm into
      the public domain on September 6, 2000.  There is no longer any need to
      use RSAREF, and since RSAREF is slower than OpenSSL's RSA routines
      there's good reason not to.  If for some reason you still want to use
      RSAREF, you will need to edit imap-2006/src/osdep/unix/Makefile to
      change SSLRSA to load libRSAglue and librsaref.
   . By default, the UNIX SSL build assumes that no name conflict exists
      between OpenSSL and Kerberos 5.  If you are using an older version
      of Kerberos, you may need to edit imap-2006/src/osdep/unix/Makefile
      to change SSLCRYPTO so that it loads the OpenSSL libcrypto library
      explicitly as libcrypto.a.
   . By default, host names are canonicalized via gethostbyname() and
      gethostbyaddr() for everything except for SSL certificate validation.
      This can represent a security bug due to DNS spoofing, but is more
      likely to deliver results that users expect and also may be necessary
      to get Kerberos to work.  Set variable "trustdns" in mail.c to NIL if
      you want to disable this.

 . Bugs:
   . It doesn't work to have a "}" character as a user name in /user= in a
      mailbox name, even if the user name is quoted.  In other words,
       {example.com/user="foo}bar"}zap
      won't work; foo will be interpreted as an unterminated quoted string
      and the remote mailbox name will be
       bar"}zap.
   . The experimental mx driver has performance problems and shouldn't be used
   . docs/internal.txt is out of date (again)

 . UIDPLUS bugs/limitations:
   . Not supported in all local file formats (see below).
   . There are two known issues with UIDPLUS in the mmdf and unix formats:
     (a) There is a known timing race if the destination mailbox is
         currently selected by a different IMAP server session.  If the
         timing race is lost, then all UID in the mailbox will be reassigned
         by the IMAP session which has the mailbox selected (thus making the
         returned APPENDUID/COPYUID data useless).
          This timing race occurs if the IMAP server doing APPEND/COPY does
         multiple APPEND or COPY operations and the other IMAP server does
         not see each new message before the next APPEND/COPY happens.
         Aggregate COPY or MULTIAPPEND does not have this problem.
          This issue can be avoided by using aggregate COPY and MULTIAPPEND,
         or by inserting enough of a delay between separate copies so that
         the other session has an opportunity to see the new message.
     (b) There is a known failure if the destination mailbox is currently
         selected by legacy software (e.g. older versions of the IMAP
         server, Pine, etc.).  In this case, all UIDs end up being
         reassigned by the legacy software.
     Note that if Pine is rebuilt with imap-2006 version of the c-client
     library, it will not have the (b) issue but it will have the (a)
     issue.

 . Annoyances:
   . Friendly host names (e.g. "server" instead of "server.foo.com") can't be
      used in a mailbox name with SSL certificate validation; you have to enter
      the fully-qualified domain name.  This is a requirement established by
      the security gurus.

 . IMAP client limitations:
   . No SASL protection mechanisms (SASL authentication mechanisms are
      supported)

 . NNTP client limitations:
   . Non-standard IMAP SCAN extension not supported

 . POP client limitations:
   . No SASL protection mechanisms (SASL authentication mechanisms are
      supported)
   . No POP3 UID support
   . Non-standard IMAP SCAN extension not supported

 . SMTP client limitations:
   . No SASL protection mechanisms (SASL authentication mechanisms are
      supported)
   . No support for use of TURN, ETRN, and pipelining.
   . No support for enhanced status codes

 . UNIX limitations:
   . IPv6 is supported but is not the default; you have to use IP=6 in the make
      command
   . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile,
      tenex, unix
   . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI
   . Sticky UIDs are not supported in the mh, mtx, and tenex drivers
   . Creation of keywords is not supported in the mh, mtx, and tenex drivers
   . Copy and append of keywords only works in the mbx driver.
   . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit
      mailboxes to have inferior names
   . SSL temporary key should be seeded better than it is.
   . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats.
   . Non-standard IMAP SCAN extension not support for mh and news formats.

 . Amiga limitations:
   . Supported local file formats: mbx, mh, mmdf, mix, mtx, mx, news, phile,
      tenex, unix
   . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS
   . Sticky UIDs are not supported in the mh, mtx, and tenex drivers
   . Creation of keywords is not supported in the mh, mtx, and tenex drivers
   . Copy and append of keywords only works in the mbx driver.
   . Flat file formats (mbx, mmdf, mtx, phile, tenex, unix) do not permit
      mailboxes to have inferior names
   . UIDPLUS support is limited to the unix, mmdf, mbx, mx, and mix formats.
   . Non-standard IMAP SCAN extension not supported for mh and news formats.

 . Win32 (Win9x/NT/Windows 2000) limitations:
   . IPv6 is supported in W2K builds but is not the default; you have to use
      IP=6 in the nmake command
   . Supported local file formats: mbx, mtx, tenex, unix
   . Supported SASL mechanisms: CRAM-MD5, PLAIN, LOGIN, ANONYMOUS, GSSAPI
   . No server SSL or TLS support.
   . No server authentication for GSSAPI
   . No server authentication for CRAM-MD5 on NT-based Windows (NT/2K/XP);
      it does work on DOS-based Windows (9x/Me).
   . Sticky UIDs are not supported in the mtxnt and tenexnt drivers
   . Creation of keywords is not supported in the mtxnt and tenexnt drivers
   . Copy and append of keywords only works in the mbxnt driver.
   . No support for TCP open timeouts
   . Flat file formats (mbx, mtx, tenex, unix) do not permit mailboxes to have
      inferior names
   . UIDPLUS support is limited to the unix and mbx formats.

 . Win16 (Win3.1)/DOS limitations:
   . IPv6 not supported
   . Supported local file formats: bezerk, mtx
   . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
   . Supported TCPs: B&W, Novell, PC-NFs, PC/TCP, Waterloo, Winsock
   . Sticky UIDs are not supported on local files
   . Creation of keywords are not supported on local files
   . Bezerk driver is read-only and does not handle LF-only newlines well
   . No support for any TCP timeouts on Waterloo DOS
   . No support for TCP open timeouts on Winsock and generic DOS
   . Flat file formats (bezerk, mtx) do not permit mailboxes to have inferior
      names
   . Does not work well unless a mailgets routine is armed when fetching
      texts.

 . Mac limitations:
   . IPv6 not supported
   . No local file drivers
   . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
   . Does not output human-friendly time zone string

 . TOPS-20 limitations:
   . IPv6 not supported
   . No local file drivers
   . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
   . No support for any TCP timeouts

 . VMS limitations:
   . IPv6 not supported
   . No local file drivers
   . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
   . Supported TCPs: Multinet, Netlib
   . No support for any TCP timeouts on VMS Netlib
   . No support for TCP open timeouts on VMS Multinet
   . Time zone must be configured at build time
   . Does not output human-friendly time zone string

 . Windows CE limitations:
   . IPv6 not yet supported
   . No local file drivers
   . Supported SASL mechanisms: CRAM-MD5, LOGIN, ANONYMOUS
   . No support for TCP open timeouts
   . Not finished, only builds c-client library

 . OS/2 limitations:
   . IPv6 not supported
   . Not finished, does not build



| Back to IMAP Server Documentation