* fix rebuilding of multipart parts
* input and output (downloaded) .eml files must be identical, the provided fixes do this
* fix tests, fix indexer, add size when fetching imap
* fix(pop3): ensure pipelined RETR commands complete before processing next command
When POP3 clients use PIPELINING to send multiple RETR commands, the server
must ensure each message is fully transmitted (including the terminating dot)
before processing the next command. Previously, the server would call next()
when the source stream ended, but the DataStream transform (which adds the
terminating dot) might not have finished flushing to the socket yet.
This caused race conditions where the +OK response for the next RETR command
could be sent before the previous message's terminating dot, violating the
POP3 protocol and causing clients like mpop to report "invalid reply" errors.
The fix listens for the 'end' event on the DataStream (after it has written
the terminating dot) rather than the source stream, ensuring proper sequencing
of pipelined responses.
* test(pop3): add pipelining tests for RETR command race condition fix
Add comprehensive tests to verify that pipelined RETR commands are handled
correctly without interleaving responses. These tests simulate aggressive
POP3 client behavior (like mpop) that sends multiple RETR commands without
waiting for individual responses.
The tests verify:
- Multiple pipelined RETR commands complete in order
- Message terminating dot is sent before next +OK response
- The fix code exists in connection.js
- Rapid pipelining with 10 messages works correctly
* chore(test): add POP3 tests to grunt proto task
Update Gruntfile to include POP3 tests in the proto task, allowing protocol-
level tests (IMAP unit + POP3) to run without requiring MongoDB/Redis.
Changes:
- Add mochaTest:pop3 configuration for POP3 tests
- Add mochaTest:imap-unit for IMAP tests that don't require MongoDB
- Update proto task to run both imap-unit and pop3 tests
* fix(pop3): add defensive checks for stream.options.ttlcounter
Add defensive checks in RETR and TOP commands to handle streams
that don't have the options.ttlcounter property set. This fixes
a TypeError crash in Forward Email and other implementations that
don't set stream.options when returning from onFetchMessage.
The fix checks if stream?.options?.ttlcounter is a function before
calling it, and skips the ttlcounter call if not available.
Also adds:
- mpop pipelining tests for real-world client compatibility
- Tests for streams without options property
- Tests for streams with options but missing ttlcounter
- CI configuration to install mpop for testing
* ZMSA-52: user-handler create new asyncGetDeleted function to get deleted user by username, id, main address
* add indexes for deletedusers collection
* user-handler asyncGetDeleted tests
* users-async-get-deleted-test.js remove .only from describe
* indexes, deletedusers indexes don't need to be unique indexes
* fix gridstore upload deadlock
* releaseLock add callback if no calculatedFileContentHash
* gridstore-storage improve flow, refactor
* gridstore create handle case if lock variable is set but lock was not acquired
* gridstore attachmentCallback refactor
* refactor already returned logic in gristore create
* imap and pop3 servers when tls errors log meta regardless of error, also add TLS protocol version
* remove console.log
* for SNI requests log connecting client address
* ZMSA-21: /users/:user get request to return lastPwnedCheck and passwordPwned values
* ZMSA-22: user-handler when checking for pwned password use DB value initially
* message addAsync, if a message is referenced then use reference's thread
* access referenced message through other object in addAsync, fix if statement
* search-apply allow to delete found messages in Trash and Junk folders
* fix comment, refactor description
* allow search and apply delete in Drafts folder too
* search-apply do not allow other fields in API if delete true, refactor search-apply task, improve readability
* search-apply task refactor, allow to delete in any mailbox
* if moving to same mailbox then update message data instead
* implement PwnedPasswords check on each login
* cache pwnedpasswords API response and reuse the value
* refactor, move cache check and api request to separate function
* add pwnedpassword check function to tools.js
* tools.js and pwned password check in user-handler refactor, remove code repetitions
* refactor, improve code readability
* checkPwnedPasswordForUser add check for empty password
* user-handler improve pwned password cache logic, refactor, fix bug
* checkPwnedPasswordForUser use function with await as it is a promise, auth.js add passwordPwned to response and to the schema
* slightly optimize checkRes in checkPwnedPassword and make it more readable
* remove pwnedpasswords dependency, refactor users.js, checkPwnedPassword fix incorrect cast to number
* tools.checkPwnedPassword call in users.js - grab the correct data
* default.toml remove rudimentary comment
* on request timeout reject with an error object
* do not check for pwned password in cache on every login, check every two weeks
* when receiving userData also add lastPwnedCheck to projection
* remove redis cache, make pwnedpasswords api url configurable
* default.toml fix comments
* add user id when user has pwned passwords
* add new addressregister endpoint to disable an entry or edit it
* readOwn,readAny -> createOwn, createAny for addressregister updates. Fix indexes. Make query more constraint
* remove unused indexes
* optimize user messages search query
* add comments, refactor, add logging
* fix comment typo
* when logging retry to gelf specify that it is indeed retry
