------------------------- Contents ------------------------- General Download What's new Recent Changes New Installation Options APOP Command DECNET/OSI namespace support Node mapping via logical names ------------------------- General ------------------------- This is version 2.0-4 of the IUPOP3 server. The last official version made at Indiana University was 1.8-1. This file describes the changes between the original distribution of IUPOP3 version 1.8-1 and this version. All the recent changes are only tested on an OpenVMS 6.2 Alpha system with UCX 3.3 and on OpenVMS VAX 5.3 with CMU V6.6-5A/NETLIB 2.0. Use them at your own risk! Michael Stenns (stenns@vw.tci.uni-hannover.de) ------------------------- Download ------------------------- This version can be accessed from http://www.tci.uni-hannover.de/pub/iupop3/index.htmlx or ftp://www.tci.uni-hannover.de/pub/iupop3/ as zip or tar-gz archives. It can also accessed via email as VMS_SHARE archive from . Just send an email to the address above with sendme IUPOP3_V2_0 as single line in the body of the mail. ------------------------- What's new in 2.0-4 ------------------------- bug with ENABLE_LONG_LINES fixed Mail files are normally in variable length/carriage return carriage control file format, but sometimes the format is different. This affects the internal mail11 data structure interpreted with ENABLE_LONG_LINES enabled, which seems be analog to the on-disk structure of the message. If a message has an unexpected format, ENABLE_LONG_LINES is now disabled for this message and a warning (logging level THREAD) is written to the logfile. ------------------------- What's new in 2.0-3 ------------------------- changes to validation file syntax A username of "*" is now accepted to avoid access restrictions. Example of a validation file: shutdown system stats * loglevel system This means only system may change loglevel or shutdown/restart the server, but every user can get the statistics. changes to message purging behavior Previous versions moved all messages which were marked for deletion to the WASTEBASKET folder and executed the callable mail function mail$mailfile_purge_waste(). Until this function returns no client request can be processed. Under some circumstances (many deleted messages and a large mail directory) this might require too much time. Now deleted messages are moved to a temporarily folder (IUPOP3_TEMP_Wastebasket) and then in small portions to the WASTEBASKET folder. After each purge cycle the other threads are checked and processed if necessary. ------------------------- What's new in 2.0-2 ------------------------- GNUC 2.8.0 on OpenVMS/Alpha now supported There are some compiler warnings, but all seems to work changes to make.com added parameter link_only for supporting the binary distributions some fixes to support GCC 2.8.0 on OpenVMS/Alpha fix to mail_retrieve_message_headers() function with IUPOP3_USE_BOTTOM_HEADERS option set to "FALSE" (that is the default) there were two lines inserted between message header and body instead of one for smtp messages. This causes netscape to not decode mime messages with content-type "message/rfc822". ------------------------- What's new in 2.0-1 ------------------------- changed message id format for decnet mails The message id generated for decnet messages is now 5 bytes longer to ensure it is unique. changes to startup files The startup files IUPOP3.COM and IUPOP3_STARTUP.COM contains some small fixes and additional comments. IUPOP3_LOGICALS.COM is now called from IUPOP3_STARTUP.COM if both files are in the same directory. ------------------------- What's new in beta 18 ------------------------- fixes regarding multiple access of same maildrop After each reaccessing of the maildrop the message list scanned at the start of the session and the current content of the [new]mail folder are now synchronized. This is done using the 64bit binary message arrival date, which is an unique identifier. changed check for releasing Message context The message context is now released when the (estimated) memory usage of a single thread exceeds the half working set size quota. Releasing the message context releases also the dynamik memory accessed by callable mail for this thread. new limits for message headers Header lines are not longer cut after 1024 bytes, but the total header length may not exceed MAX_MAIL_HEADER_SIZE (defined in iupop3_general.h, currently 512 kb). There are no limits for the message body except the 64 kb limit for a single record. ------------------------- What's new in beta 17 ------------------------- more internal checks Some more checks for buffer overflow are done. If this occurs, the server drops all connections and restarts with the "%SYSTEM-F-IVBUFLEN, invalid buffer length" error message. fixes around the long line support Header lines are now cut after 1024 bytes (RFC 821 requires a minimum of 512 bytes). A possible access violation error after writing a line terminator with LONG_LINES enabled is now avoided. fixes regarding multiple access of same maildrop Since some betas ago IUPOP3 releases the 'message context' after every nn messages. This is done because each mail accessed with callable mail resides in memory until this context is released. The problem is that callable mail renumbers the maildrop when a new context is opened. If another thread or process has moved or deleted messages since the connection has been opened, thread and maildrop might be out of synchronization. This beta checks now on each message access if this has happened (it compares the message arrival date, which is in 64bit OpenVMS time format). new logical IUPOP3_READ_DIRECT_THRESHOLD Defines the max. file size in bytes where the callable mail routines are used to process the file. Larger files are read with ANSI-C functions. Default is zero, which means no threshold. The callable mail routines read the whole file into memory, even if it contains a lot of megabytes of stuff. new logical IUPOP3_DEFAULT_SENDBUFFER_SIZE Defines the default buffer size in bytes which is allocated for each active thread. Use a value between 1 kb and 128 kb (defined in iupop3_general.h). Default is 4 kb. On sending large messages the send buffer is filled and queued to the network driver. While the driver sends the buffer content, another thread can be processed. Up to 64 kb are queued in a single I/O to the network driver. ------------------------- What's new in beta 16d ------------------------- yet another bugfix release The fix in 16c broke the download of long files when IUPOP3_ENABLE_LONG_LINES was _not_ enabled. This is now corrected. ------------------------- What's new in beta 16c ------------------------- yet another bugfix release Messages with records > 2 kb crashs the server because some data structures becomes overwritten. The new limit should be 64 kb, the largest value that callable mail can handle internally. The maximum real tested record size is ~20 kb. Remark: The documented limit of callable mail ist 256 bytes per record. AFAIK only MX creates mail files with larger records. This bugfix is only needed if you 1st receives your mail via MX and 2nd IUPOP3_ENABLE_LONG_LINES is enabled. ------------------------- What's new in beta 16b ------------------------- compiler switch bug in make.com solved On VAX with both VAXC and DECC installed, wrong switches were used when VAXC was the default compiler. small changes for NETLIB If compiled for NETLIB, a string descriptor is needed for network writes. This string descriptor is now moved to the threads private data structure to avoid crashed under some circumstances. (did not cause the crashs, fix removed in beta 17) ------------------------- What's new in beta 16 ------------------------- removed make option [NO]RUN_TIME_OPTIONS The use of the run-time configuration options (the IUPOP3_* logicals) cannot longer be disabled. changed behavior of make options All logicals with boolean values can be specified as make options (without the IUPOP3_ prefix). If specified, the default value for this option will change from FALSE to TRUE. new users no longer rejected Access to an account which had never reached any mail message before was rejected with the -ERR Getting mail user info: %MAIL-E-NOSUCHUSR, no such user !AS error message because no mailfile did exist. Now the access is accepted and IUPOP3 handles this like an empty maildrop. newmail count after deleting foreign messages now decremented deleting of foreign messages is ignored, they are moved to the MAIL folder or to the folder pointed by the IUPOP3_FOREIGN_FOLDER enviroment variable instead. In previous betas the NEWMAIL counter was not corrected after "deleting" of such a message. ------------------------- What's new in beta 15 ------------------------- new logical IUPOP3_ENABLE_LONG_LINES Enables passing of lines longer than 256 bytes to the client using undocumented features of the callable mail routines. AFAIK only MX creates messages with long lines. Special thanks to Andy Harper for writing the necessary functions. ------------------------- What's new in beta 14 ------------------------- changes to UCX emulation for MULTINET make.com knows now MULTINET, MULTINET_UCX and MULTINET_NATIVE as parameters for the MULTINET TCP/IP stack. MULTINET and MULTINET_UCX uses the UCX emulation. The source code is compiled with the UCX macro and on a VAX linked against multinet_root:[multinet.library]ucx$ipc.olb. MULTINET_NATIVE gives the old behavior. There is also now a TCPWARE_UCX make parameter. On VAX the source code is then linked against tcpware:ucx$ipc.olb. bug with password expiration check solved Beta 13b failed on accounts where no password lifetime was specified. ------------------------- What's new in beta 13b ------------------------- changes to MULTINET header files All MULTINET header files are now included with full path specified (e.g. "multinet_root:[multinet.include.x]y.h") as suggested in the MULTINET documentation at http://www.tgv.cisco.com:8000/BOOK . There seems still some conflicts with DECC 5.6. bug with expiration date solved In beta 13 access to accounts where an expiration date was specified were rejected if the account hasn't expired. ------------------------- What's new in beta 13 ------------------------- changed behavior of make.com More checks are made to check the existance of CIADEF.H. If missing a warning is issued. changed startup file IUPOP3_STARTUP.COM It contains now the changes from A. Harper to prevent failing if started from a rooted logical (thanks). minor changes to IUPOP3.C Changed path for some header files ( -> etc.). Previously some MULTINET prototypes seemed not defined correctly. new logical IUPOP3_AUTH_COMMANDS RFC 1939 makes the user/pass and apop authorization commands optional. A value of "user" means only the user/pass combination is allowed, "apop" means only the apop command is recognized, and any other value means both commands are allowed (this is the default). additional self-restart features IUPOP3 monitors some of it's process quotas in regular intervals. The results can be viewed with the "xtnd info" command. If one of the following resources goes low, IUPOP3 restarts itself. /* min. values for some of the quotas */ MIN_ASTCNT 1 /* minimum remaining AST quota */ MIN_ENQCNT 5 /* minimum remaining lock request quota */ MIN_FILCNT 2 /* minimum remaining open file quota */ MIN_PAGFILCNT 500 /* minimum remaining paging file quota */ This values are defined within IUPOP3_GENERAL.H. The restart error count will be increased on each restart. After a value of 50 is reached, the process will terminate. The "XTND RESTART" command resets the error count. ------------------------- What's new in beta 12 ------------------------- new logical IUPOP3_CLIENT_TIMEOUT Same as the -timeout commandline option. Defines the client timeout in minutes. Valid values are between 1 and 24*60-1. RFC 1939 recommends a minimum value of 10 minutes. changed behavior of make.com RUN_TIME_OPTIONS is now the default make option unless NORUN_TIME_OPTIONS is specified. Additional checks are made for the existance of CIADEF.H (needed for scan_intrusion system service). This can be overwritten by specifieing either SCAN_INTRUSION or NOSCAN_INTRUSION as a make option. new organization of startup files The definition of the logicals interpreted by IUPOP3 has moved to the new file IUPOP3_LOGICALS.COM. IUPOP3_LOGICALS.COM must be called before IUPOP3_STARTUP.COM. IUPOP3_STARTUP.COM need not longer to be modified by the user. new support for DSN link artikels A "from" line which looks like DSN%SERVICE "from" date is converted to "SERVICE.DSN@localhost" and processed like a DECNET message. Previously such a message was misinterpreted as smtp mail. ------------------------- What's new in beta 11 ------------------------- minimum message length set to 350 octets even for an empty message a minimum length of 350 octets will be reported, which is the estimated length for the generated RFC 822 headers (such a short message must be a decnet mail). new logical IUPOP3_FOREIGN_FOLDER IUPOP3 ignores delete operations on foreign mails because they can only be handled local; only an informational message is send to the client. With this logical defined IUPOP3 moves the foreign mail to the specified folder instead of ignoring the delete operation. Example: $DEFINE/SYSTEM IUPOP3_FOREIGN_FOLDER "FOREIGN-MAIL" ------------------------- What's new in beta 10b ------------------------- changes applied to make.com (again) passing the version number via the "arch" macro breaks with DECC 5.5 VAX. The version number is only needed for the SCAN_INTRUSION switch if the __VMS_VER macro is not defined. For old OpenVMS versions a NO_SCAN_INTRUSION macro is defined instead. bug with foreign messages fixed Foreign messages are VMS binary mails created with an undocumented mail switch (send/foreign). IUPOP3 sends an informational message in this case. This behavior breaked in one of the early betas; the message body was send, but no message header. ------------------------- What's new in beta 10 ------------------------- changes applied to make.com - commandline more "userfriendly" Now all make parameters could be part of a comma separated list. In previous betas this applied only to make (== compile) options. Example: $ @make run_time_options,fast_scan mms decc "/from_source" netlib is now equivalent to $ @make run_time_options,fast_scan,mms,decc,/from_source,netlib Remark: - if "help" or "?" is detected on the commandline, a help text is displayed. - UCX, WINS, MULTINET, NETLIB, MMS, MMK, NOMMS, DECC, GNUC and VAXC are known keywords. - all parameters starting with "/" are tried as mms or mmk options. - all other parameters are converted to uppercase and used as make options. - passing OpenVMS version number to the compiler Some older compilers (VAXC, DECC < 5.3) do not define the __VMS_VER preprocessor macro. If __VMS_VER does not exist, the version number detected by make.com is used instead. timeout value for network writes In rare situations a hanging client could block the server. Now all network writes have a timeout value. GNUC on OpenVMS VAX now supported Some nice warnings in iupop3.c and passwd_v53.c, that's all. Tested with gcc 2.7.1 and 2.7.2 on OpenVMS VAX 5.3 with CMU/NETLIB. socket write quota (SO_SNDBUF) not longer changed Previous versions used a value of 8 kb for better perfomance of nonblocked network writes. The current betas uses a internal 8 kb buffer which they queue via the $QIO interface to the stack, so enlarging the socket buffer quota is not longer necessary. option SEND_ORIG_HEADER renamed to USE_BOTTOM_HEADERS This option allows under UCX to let the RFC 822 mail headers at the end of the mail message. ------------------------- What's new in beta 9 ------------------------- prefix for logicals changed to IUPOP3_ This was done in beta 8 but not documented. Because the old prefix IUPOP3$ is still accepted, nobody has noticed this... new logicals IUPOP3_SCAN_INTRUSION = boolean Determines, if IUPOP3 generates intrusion records. On OpenVMS versions prior to 6.2/alpha or 6.1/vax this option has no effect. Intrusion records could know be generated for both the user/pass and apop authorization mechanism. IUPOP3_APOP_CHECK_DUPLICATE = boolean Using the interactive login password for the apop command would be a security risk because both client and server must know it as clear text. If this option is set to true IUPOP3 rejects the apop access if both passwords are the same. IUPOP3_DEFAULT_TO_SMTP = boolean Default value for mails where IUPOP3 fails to determine if it is from decnet or internet. IUPOP3_PURGE_MAILBOXES = boolean If set to false the wastebasket folder will never be purged by IUPOP3. IUPOP3_PURGE_RECLAIM_THRESHOLD = number Determines the amount of deleted message bytes needed for invocation of a purge/reclaim operation. If set to zero no purge/reclaim operation will be performed. The -purge_reclaim command line option defaults this value to 32k. IUPOP3_MAX_MESSAGES = number Number of messages a client can access in a single session. Same as the -maxmsg command line option. small changes to startup files IUPOP3.COM is now started with the required privileges instead of setprv. In most cases IUPOP3.COM can be used unchanged. IUPOP3_STARTUP.COM needs still some changes. The default location for IUPOP3_STARTUP.COM is IUPOP3_ROOT:[000000] (it defines it's location as this logical). decnet header changes At least one client (ms internet explorer) ignores the date header and uses the date in the received header instead. This beta generates now a received header for decnet mails. changed date format in decnet headers The old format was like "Tues, 06 May 97 14:44:22", the new is like "Tues, 06 May 1997 14:44:22 +0200". The timezone information is evaluated from the SYS$TIMEZONE_DIFFERENTIAL logical. On old VMS versions this logical has to be defined, on newer versions it should already exists. SYS$TIMEZONE_DIFFERENTIAL contains the difference to GMT in seconds. ------------------------- What's new in beta 8 ------------------------- new command "XTND kill nn" This stops thread nn immediately. The same users as for the XTND SHUTDOWN command are validated. new command "XTND help" This lists the available XTND commands. No validation is required. new command "XTND restart" The server stops with an error condition after all threads haved finished. This lets the process enter the error trap part of iupop3.com and the server restarts if this file is properly configured (see below). The same users as for the XTND SHUTDOWN command are validated. new command "XTND info" This displays some infos about the resources currently used. This may help to configure the process quotas better and to decide if it is time to restart. The same users as for the XTND STATS command are validated. new behavior of mail purging In version 1.8 (and the previous betas) the -purge_reclaim commandline qualifier was needed for message purging. If this qualifier was not specified, the messages were only moved to the wastebasket folder on a delete directive. Now the server does the following steps for deleted messages: 1) the message is moved to the wastebasket folder. 2) if the user has not disabled the automatic deleted message purge, the messages in the wastebasket folder are purged. 3) if the -purge_reclaim commandline qualifier is specified and the deleted messages bytes exceeds 32k, a purge/reclaim operation is performed. Purging of a mailbox deletes the entrys in the wastebasked folder and the associated external mail files, but some data within mail.mai remains unavailable. This data is called "deleted message bytes". A purge/reclaim operation makes them available, but the mail.mai file has to be locked during this action. changed start command files The structure of this files based on the suggestions posted by Andy Harper some days ago. IUPOP3_STARTUP.COM (former start_iupop3.com) defines the needed logicals and starts IUPOP3.COM via loginout as detached process. The following directories are used: IUPOP3_ROOT:[000000] Root of IUPOP3 tree IUPOP3_ROOT:[bin] Directory for the IUPOP3 executables IUPOP3_ROOT:[log] Directory for log files The executable produced by make.com is now called iupop3_vax.exe or iupop3_alpha.exe for better support of mixed cluster enviroments. The logical iupop3_exe points to IUPOP3_ROOT:[bin] and iupop3_log to IUPOP3_ROOT:[log]. The minimal files required in iupop3_exe are - the executable - IUPOP3.COM - POP_XTND.DAT, the validation file for the xtnd commands. IUPOP3.COM is changed to support the new logicals and to implement a restart mechanism in the error trap section of the file. fixed bugs A wrapper routine around strerror() inhibits crashs caused by a NULL pointer return. Strerror() was first used in beta 7. Accesses with invalid usernames do not longer produce threads which never time out. This bug was implemented in an early beta. If IUPOP3 receives more than 255 bytes of data without a carriage return/ linefeed line terminator, a buffer overflows and the server could crash. This does not longer occur. (This bug is also in version 1.8). If IUPOP3 receives a password with more than 32 characters, a buffer overflow could crash the server. This bug is also solved. ------------------------- What's new in beta 7 ------------------------- new make option RUN_TIME_OPTIONS If specified this makes some other make options run-time changeable. Instead of specifing at compile time they can be defined as logicals after prefixing them with "IUPOP3$". For example instead of $@make IGNORE_MAIL11_HEADERS the combination $@make RUN_TIME_OPTIONS and $define/system IUPOP3$IGNORE_MAIL11_HEADERS true can be used. This applys to the following options: PERSONAL_NAME, IGNORE_MAIL11_HEADERS, SEND_ORIG_HEADER, USE_MAIL_FOLDER, IGNORE_EXPIRED_PASSWORDS and FAST_SCAN. Accepted values of true are T[RUE], 1, ON and for false F[ALSE], 0, OFF. Specifying those options additional to the RUN_TIME_OPTIONS option at compile time changes the default value of that option. new command "XTND OPTIONS show | set" XTND OPTIONS SHOW display the current status of the adjustable make options. XTND OPTIONS SET applys the current values of the enviroment variables to the options after all clients are disconnected. The same users as for the XTND SHUTDOWN command are validated. additional TCP/IP transport NETLIB supported NETLIB is a interface to most (all?) of the TCP/IP stacks available for OpenVMS. Programs build against NETLIB run on all stacks supported by NETLIB. NETLIB must be installed prior to running the program. Tested with OpenVMS 6.1 alpha/UCX 3.3 and VAX/VMS V5.3-1/CMU V6.6-5A. The tested NETLIB version was 2.0. ------------------------- What's new in beta 6 ------------------------- new behavior of the logfile flush timer IUPOP3 1.8 flushes the logfile every three minutes. This was done via a close/open operation on the file. This did fail if the file was accessed by another process during the flush operation. Now the flush is done via fflush/fsync without closing the file and the file is updated within 30 seconds after a write to it. number of required timer queue entrys added to start_iupop3.com start_iupop3.com contains now a additional line with "/queue_limit=20". fixed bug in mail_retrieve_message_headers() under some circumstances (a decnet mail was misinterpreted as internet mail) the number of message lines left to retrieve were wrong determined. This can happen if the from lines looks like "From : name". ------------------------- What's new in beta 5 ------------------------- new command "XTND NETSTATS" gives some informations about network accesses changed behavior for missing external messages IUPOP3 1.8 generated missing external mail files with an error message. This version does not create any mail file. The error message is generated on the fly. From client view there should no difference. changed behavior for entering update state In the update state messages marked as retrieved or deleted are moved to the mail or wastebasket folders (and probably deleted). IUPOP3 1.8 entered the update state even after a broken connection or a client timeout. For RFC 1725 and RFC 1939 compatibility the update state may only be entered after a quit command in transaction state. This beta is now conform to the standard. new method for detecting client timeouts IUPOP3 1.8 used the $setimr system service for this purpose. This required one timer queue entry per client. Normal timer queue quotas are 20 for system and 10 for user accounts, which is not sufficient to support up to 30 client threads. Now the threads are checked in regular intervals for timeouts, requiring no additional timer queue entrys. ------------------------- What's new in beta 4 ------------------------- new commandline option -timeout N This defines the client timeout in minutes. Default is like in the old versions 2 minutes. The internet standard (RFC 1939) defines a minimum value of 10 minutes. N can be any value between 1 and 1439 (24 * 60 - 1). new make option FAST_SCAN With this option enabled the size of the messages is estimated by their number of records (currently assuming 47 chars per line) rather than scanning through the mail directory. On a test mailbox (> 100 msg) the cpu time opening the maildrop is reduced from >1 to 0.02 seconds (and 1 cpu second could be 2-4 seconds in real life). The progress bar of the pop clients becomes less accurate - that's all. some bug fixes Through all versions of IUPOP3 the read buffer was too small to support the maximum record lenght (255 bytes) of the callable mail routines. This could cause a buffer overflow and some bytes could be lost. (Thanks to Karol Zielonko who solved the bug). A buffer overflow in beta 3 could overwrite the value of a pointer causing a program crash. A bug either in OpenVMS 6.1 alpha or in UCX 3.3 lets netclose() fail on a broken pipe. The socket is closed but the associated file descriptor remains unavailable. If this happens too often the server hung. The error status is now cleared before netclose is called. ------------------------- What's new in beta 1-3 ------------------------- This version supports additional two pop3 commands uidl and apop and some other patches/enhancements previously discussed on the iupop3-users@indiana.edu mailing list. See each section of this file for details. This beta adds no additional commands or make options. Changes are new commandline option -default_type [decnet | smtp] This defines how the server handles messages with only "name" in the from field. The server does currently not know if this are decnet or smtp messages. scanning for RFC 822 headers in mail_retrieve_message_headers This solves a old bug relating to the top command. The top command (top msg n) should return the header plus n lines of message msg. With version 1.8 this works only for decnet messages. The RFC 822 headers may not exceed 8192 bytes. handling a bug in callable mail of OpenVMS/VAX 6.? For very large messages (>1MB ?) the callable mail returns the MAIL$_NOMOREREC status code at the begin of the transfer. IUPOP3 tries to process the external file direct in this case. some fixes for OpenVMS 7.1 Because some callable mail routines now return word instead of longword values, this routines shouldn't be called with uninitialized values. And OpenVMS 7.1 has now a ioctl routine in the RTL's. improved performance IUPOP3 know uses a internal buffer (8 kb) in some routines to reduce qio's to the network. The unblock ast timer know increases from 50 msec up to 3 seconds instead of a constant value of 2 seconds. This reduces download time on fast connections. Michael Stenns Email: stenns@vw.tci.uni-hannover.de ------------------------- Recent Changes ------------------------- 8-Jul-1996 add the uidl command 16-Aug-1996 change of the errno.h behavior for multinet in IUPOP3_VMS.C. 21-Aug-1996 change of valid_vms_user() to check for expired accounts. 5-Sep-1996 Parse VMS "From:" header to recognize DECnet/OSI format 5-Sep-1996 Use logical names to map decnet names to RFC822 format 5-Jan-1997 add the apop command 12-Jan-1997 add the IGNORE_EXPIRED_PASSWORDS and SCAN_INTRUSION make options 12-Jan-1997 add a help commandline option for make.com 19-Jan-1997 top command works now correct for smtp (RFC822) messages 19-Jan-1997 new commandline option -default_type [decnet | smtp] ------------------------- New Installation Options ------------------------- There are four additional make options: IGNORE_EXPIRED_PASSWORDS Instructs the server not to check for expired passwords. This applies both to the user/pass combination and the apop command because the check is done in the valid_vms_user routine. SCAN_INTRUSION: substitute a new routine for PWDcheck: it controls the correctness of the given password via the sys$hash_password SS and before returning a code to the caller checks via sys$scan_intrusion if there is a current intrusion attempt from the address of the POP client for the same username. The code returned by PWDcheck reflects the answer of sys$scan_intrusion, that moreover updates the intrusion database. After a single password error the SHOW INTRUSION DCL command gives the following answer NETWORK SUSPECT 1 16:23:30.23 IUPOP3::193.76.205.67:uno The last field contains the source of the suspect intrusion. At least OpenVMS/VAX 6.1 or OpenVMS/Alpha 6.2 is required. The IUPOP3 process needs the security privilege. SEND_ORIG_HEADER This may be only of interrest for UCX users. If not configured otherwise UCX puts the original mail header behind the message after the line "================== RFC 822 Headers ==================". When compiled with this option IUPOP3 removes the line above and sends the text behind (the original header) at the top of the message. Use it in conjunction with the IGNORE_MAIL11_HEADERS option. MAIL_FOLDER With this option enabled IUPOP3 offers the MAIL instead of the NEWMAIL folder. All messages in the NEWMAIL folder is moved to the MAIL folder before the MAIL folder is opened. This has the advantage that the mail did not disappear after read and you can see the mails read with other clients (like VMS Mail). The disadvantage is that IUPOP3 may need significant more resources, both memory and cpu utilisation. Because most clients don't like if they see only a part of the maildrop, the maximum messages shown per connection must be set to a very high value. The default is 500 with this option enabled and 20 otherwise. The value can also be set through the -maxmsg command line option (see readme.txt). Commandline parameters of the make.com script can now specified in any order. Currently supportet are: help | ucx | wins | multinet | mms | mmk | nomms make_option | "/mms_parameter" Examples: $ @MAKE help $ @MAKE UCX MMS "IGNORE_MAIL11_HEADERS,PERSONAL_NAME" $ @MAKE ignore_mail11_headers,personal_name mms $ @MAKE ignore_mail11_headers, personal_name mms "/from_sources" $ @MAKE IGNORE_MAIL11_HEADERS, MAIL_FOLDER SEND_ORIG_HEADER ------------------------- APOP Command ------------------------- The APOP command implements a additional authorization mechanism. On connect the client get a time stamp from the server, combines it with the password and sents the MD5 digest string of this combination back to the server. Security is enhanced because the digest string changes on every connect. The POP server has to know the password (shared secret) as clear text. It is read from the first line of the file "pop_secret.dat" in the user's mail directory. The filename is the same as the UCX 4.x server use. In this implementation the shared secret has to be from eight up to 512 characters and is case sensitive. It should not be the same as the password for interactive login! ------------------------- DECNET/OSI namespace support ------------------------- When mail is delivered via DECnet, the VMS From: line can be any of these formats: username [ If no DECnet ] node::username [ if DECnet phase IV ] namespace:.node::username [ if DECnet Phase V ] Previously, IUPOP3 did not support the last of these. Now the namespace portion is removed, to leave just "node::username". Andy Harper Kings College London ------------------------------- Node mapping via logical names ------------------------------- The DECnet address is mapped by IUPOP3 as follows: nodename::username ---> username@nodename With this enhancement, the nodename is subjected to a further translation using logical names of the form "IUPOP3_NODE_nodename' and the translation, if any, replaces the "nodename" string. For example: if the logical name IUPOP3_NODE_BLACK is defined as "CAMPUS.EDU" and the DECnet address is: BLACK::JOHN The resultant string translation goes like this: 1. BLACK::JOHN --> JOHN@BLACK 2. Translate IUPOP3_NODE_BLACK to get "CAMPUS.EDU" 3. Replace BLACK by CAMPUS.EDU to get JOHN@CAMPUS.EDU This is very useful for mapping systems in a cluster. Andy Harper Kings College London