Dovecot 2.4.2 Secure IMAP Server Adds Experimental IMAP4rev2 Support

Dovecot 2.4.2 open-source secure IMAP server adds experimental IMAP4rev2 support, OAuth2 improvements, and a new libpcre2 regex backend.

Dovecot 2.4.2 Secure IMAP Server Adds Experimental IMAP4rev2 Support

The Dovecot team has announced the release of Dovecot 2.4.2, a new stable update for one of the most widely used open-source IMAP and POP3 servers.

A major issue has been addressed under CVE-2025-30189, which affected several authentication backends including passdb oauth2, passwd, and bsdauth. When authentication caching was enabled, users could be cached with the same cache key — a potentially serious flaw for multi-user environments.

Apart from that, the 2.4.2 release modernizes Dovecot’s build dependencies and configuration internals:

  • New libpcre2 dependency: replaces the legacy regex handling, improving compatibility and performance.
  • Removed libicu dependency: Dovecot now includes its own lightweight Unicode library, simplifying builds and reducing external dependencies.
  • OAuth2 improvements: better handling of JWT tokens and expiration grace via the new oauth2_token_expire_grace setting.
  • Experimental IMAP4rev2 support: partial implementation for early testing of the next-generation IMAP protocol.
  • LMTP pipelining: the LMTP client now supports command pipelining, improving mail delivery efficiency.
  • Improved SSL and proxy handling: when remote servers present invalid certificates, Dovecot now avoids reconnecting unnecessarily.
  • Python 3-based configuration parser: improves maintainability and future-proofs configuration management.

Alongside Dovecot, Pigeonhole 2.4.2 — the Sieve filtering component — receives some notable updates:

  • Adds Unicode-aware regex and extlists support.
  • Uses the new libpcre2-based regex backend.
  • Fixes several configuration and LDAP-related build issues.
  • Improves script storage handling and tool reliability.

Pre-built binaries are available at repo.dovecot.org, with official Docker images published on Docker Hub. Users upgrading are strongly encouraged to review the official 2.3-to-2.4 migration guide due to the new libpcre2 dependency and internal library changes.

Refer to the release announcement or check out the project’s GitHub changelog for more details on all the changes.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts