logstash-input-imap 3.0.5 → 3.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9fb5b80285d27882a5ad6482a1ab5b3575183a06b0bd79e5e1761cf89654477
-  data.tar.gz: b69e4dfb03630e9887e96a15722f99b3b91b1d33b29a8e3a0df6fc929b64c73f
+  metadata.gz: 61f403ebf9de18a49ba8f7f930ea04484670701909dd70f8d5e67a31706c0806
+  data.tar.gz: 1ec42dda0d258f515c8e2cb67e0ef3f3bd5e7fe61dc16b5916bb3afa020d1dab
 SHA512:
-  metadata.gz: 4df4488f0562f79f2b64f326f8ea36719c28c25c68fe4f3df7d5b41cd19c67dc14581f2e8e2b9ee9a189d3e593f737a54d64d75e7a28f58df3b54117b8d9b7f1
-  data.tar.gz: 76337b8d03883f8631dc9a310f55204990ee62e2e1861a8be48428fed8b77a05893afc4048c2d134759fd17b1608807c347e1bf759bfdcb547955a102a5ce71a
+  metadata.gz: e588b5e14d17cc88139fd5a869102a47e42f17f9d0777f59808c2f599bbdf0d76ff4566f21a8ebe4e8761a0665ec10b68c69071beda4be8e40ce541c9de245b3
+  data.tar.gz: baf7c0d8f3ee32cd367c2537b9ede816a1aa2d39741edbf80ffec53792bd80b4395864afc4cd4645e796069f2a79a73dac44551bd6e35553cec4685ee6b7f368

data/CHANGELOG.md

@@ -1,3 +1,19 @@
+## 3.2.0
+  - Feat: ECS compatibility [#55](https://github.com/logstash-plugins/logstash-input-imap/pull/55)
+    * added (optional) `headers_target` configuration option
+    * added (optional) `attachments_target` configuration option
+  - Fix: plugin should not close `$stdin`, while being stopped 
+
+## 3.1.0
+  - Adds an option to recursively search the message parts for attachment and inline attachment filenames. If the save_attachments option is set to true, the content of attachments is included in the `attachments.data` field. The attachment data can then be used by the Elasticsearch Ingest Attachment Processor Plugin.
+  [#48](https://github.com/logstash-plugins/logstash-input-imap/pull/48)
+
+## 3.0.7
+  - Added facility to use IMAP uid to retrieve new mails instead of "NOT SEEN" [#36](https://github.com/logstash-plugins/logstash-input-imap/pull/36)
+
+## 3.0.6
+  - Docs: Set the default_codec doc attribute.
+
 ## 3.0.5
   - Update gemspec summary
 

data/LICENSE

@@ -1,13 +1,202 @@
-Copyright (c) 2012–2016 Elasticsearch <http://www.elastic.co>
 
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
 
-    http://www.apache.org/licenses/LICENSE-2.0
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2020 Elastic and contributors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.md

@@ -1,6 +1,6 @@
 # Logstash Plugin
 
-[![Travis Build Status](https://travis-ci.org/logstash-plugins/logstash-input-imap.svg)](https://travis-ci.org/logstash-plugins/logstash-input-imap)
+[![Travis Build Status](https://travis-ci.com/logstash-plugins/logstash-input-imap.svg)](https://travis-ci.com/logstash-plugins/logstash-input-imap)
 
 This is a plugin for [Logstash](https://github.com/elastic/logstash).
 

data/docs/index.asciidoc

@@ -1,5 +1,6 @@
 :plugin: imap
 :type: input
+:default_codec: plain
 
 ///////////////////////////////////////////
 START - GENERATED VARIABLES, DO NOT EDIT!
@@ -25,6 +26,15 @@ Read mails from IMAP server
 Periodically scan an IMAP folder (`INBOX` by default) and move any read messages
 to the trash.
 
+[id="plugins-{type}s-{plugin}-ecs"]
+==== Compatibility with the Elastic Common Schema (ECS)
+
+The plugin includes sensible defaults that change based on <<plugins-{type}s-{plugin}-ecs_compatibility,ECS compatibility mode>>.
+When ECS compatibility is disabled, mail headers and attachments are targeted at the root level.
+When targeting an ECS version, headers and attachments target `@metadata` sub-fields unless configured otherwise in order
+to avoid conflict with ECS fields.
+See <<plugins-{type}s-{plugin}-headers_target>>, and <<plugins-{type}s-{plugin}-attachments_target>>.
+
 [id="plugins-{type}s-{plugin}-options"]
 ==== Imap Input Configuration Options
 
@@ -33,18 +43,24 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 [cols="<,<,<",options="header",]
 |=======================================================================
 |Setting |Input type|Required
+| <<plugins-{type}s-{plugin}-attachments_target>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-check_interval>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-content_type>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-delete>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-ecs_compatibility>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-expunge>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-fetch_count>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-folder>> |<<string,string>>|No
+| <<plugins-{type}s-{plugin}-headers_target>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-host>> |<<string,string>>|Yes
 | <<plugins-{type}s-{plugin}-lowercase_headers>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-password>> |<<password,password>>|Yes
 | <<plugins-{type}s-{plugin}-port>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-save_attachments>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-secure>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-sincedb_path>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-strip_attachments>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-uid_tracking>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-user>> |<<string,string>>|Yes
 | <<plugins-{type}s-{plugin}-verify_cert>> |<<boolean,boolean>>|No
 |=======================================================================
@@ -54,8 +70,18 @@ input plugins.
 
 &nbsp;
 
+[id="plugins-{type}s-{plugin}-attachments_target"]
+===== `attachments_target`
+
+  * Value type is <<string,string>>
+  * Default value depends on whether <<plugins-{type}s-{plugin}-ecs_compatibility>> is enabled:
+    ** ECS Compatibility disabled: `"[attachments]"`
+    ** ECS Compatibility enabled: `"[@metadata][input][imap][attachments]"
+
+The name of the field under which mail attachments information will be added, if <<plugins-{type}s-{plugin}-save_attachments>> is set.
+
 [id="plugins-{type}s-{plugin}-check_interval"]
-===== `check_interval` 
+===== `check_interval`
 
   * Value type is <<number,number>>
   * Default value is `300`
@@ -63,24 +89,38 @@ input plugins.
 
 
 [id="plugins-{type}s-{plugin}-content_type"]
-===== `content_type` 
+===== `content_type`
 
   * Value type is <<string,string>>
   * Default value is `"text/plain"`
 
-For multipart messages, use the first part that has this
-content-type as the event message.
+For multipart messages, use the first part that has this content-type as the event message.
 
 [id="plugins-{type}s-{plugin}-delete"]
-===== `delete` 
+===== `delete`
 
   * Value type is <<boolean,boolean>>
   * Default value is `false`
 
 
 
+[id="plugins-{type}s-{plugin}-ecs_compatibility"]
+===== `ecs_compatibility`
+
+  * Value type is <<string,string>>
+  * Supported values are:
+    ** `disabled`: does not use ECS-compatible field names (for example, `From` header field is added to the event)
+    ** `v1`, `v8`: avoids field names that might conflict with Elastic Common Schema (for example, the `From` header is added as metadata)
+  * Default value depends on which version of Logstash is running:
+    ** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
+    ** Otherwise, the default value is `disabled`.
+
+Controls this plugin's compatibility with the {ecs-ref}[Elastic Common Schema (ECS)].
+The value of this setting affects the _default_ value of <<plugins-{type}s-{plugin}-headers_target>> and
+<<plugins-{type}s-{plugin}-attachments_target>>.
+
 [id="plugins-{type}s-{plugin}-expunge"]
-===== `expunge` 
+===== `expunge`
 
   * Value type is <<boolean,boolean>>
   * Default value is `false`
@@ -88,7 +128,7 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-fetch_count"]
-===== `fetch_count` 
+===== `fetch_count`
 
   * Value type is <<number,number>>
   * Default value is `50`
@@ -96,15 +136,28 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-folder"]
-===== `folder` 
+===== `folder`
 
   * Value type is <<string,string>>
   * Default value is `"INBOX"`
 
 
 
+[id="plugins-{type}s-{plugin}-headers_target"]
+===== `headers_target`
+
+  * Value type is <<string,string>>
+  * Default value depends on whether <<plugins-{type}s-{plugin}-ecs_compatibility>> is enabled:
+    ** ECS Compatibility disabled: no default value (for example, the subject header is stored under the `"subject"` name)
+    ** ECS Compatibility enabled: `"[@metadata][input][imap][headers]"`
+
+The name of the field under which mail headers will be added.
+
+Setting `headers_target => ''` skips headers processing and no header is added to the event.
+Except the date header, if present, which is always used as the event's `@timestamp`.
+
 [id="plugins-{type}s-{plugin}-host"]
-===== `host` 
+===== `host`
 
   * This is a required setting.
   * Value type is <<string,string>>
@@ -113,7 +166,7 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-lowercase_headers"]
-===== `lowercase_headers` 
+===== `lowercase_headers`
 
   * Value type is <<boolean,boolean>>
   * Default value is `true`
@@ -121,7 +174,7 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-password"]
-===== `password` 
+===== `password`
 
   * This is a required setting.
   * Value type is <<password,password>>
@@ -130,31 +183,64 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-port"]
-===== `port` 
+===== `port`
 
   * Value type is <<number,number>>
   * There is no default value for this setting.
 
+[id="plugins-{type}s-{plugin}-save_attachments"]
+===== `save_attachments`
+
+  * Value type is <<boolean,boolean>>
+  * Default value is `false`
 
+When set to true the content of attachments will be included in the `attachments.data` field.
 
 [id="plugins-{type}s-{plugin}-secure"]
-===== `secure` 
+===== `secure`
 
   * Value type is <<boolean,boolean>>
   * Default value is `true`
 
+[id="plugins-{type}s-{plugin}-sincedb_path"]
+===== `sincedb_path`
+
+  * Value type is <<string,string>>
+  * There is no default value for this setting.
 
+Path of the sincedb database file (keeps track of the UID of the last processed
+mail) that will be written to disk. The default will write sincedb file to
+`<path.data>/plugins/inputs/imap` directory.
+NOTE: it must be a file path and not a directory path.
 
 [id="plugins-{type}s-{plugin}-strip_attachments"]
-===== `strip_attachments` 
+===== `strip_attachments`
 
   * Value type is <<boolean,boolean>>
   * Default value is `false`
 
 
 
+[id="plugins-{type}s-{plugin}-uid_tracking"]
+===== `uid_tracking`
+
+  * Value type is <<boolean,boolean>>
+  * Default value is `false`
+
+When the IMAP input plugin connects to the mailbox for the first time and
+the UID of the last processed mail is not yet known, the unread mails are
+first downloaded and the UID of the last processed mail is saved. From
+this point on, if `uid_tracking` is set to `true`, all new mail will be
+downloaded regardless of whether they are marked as read or unread. This
+allows users or other services to use the mailbox simultaneously with the
+IMAP input plugin. UID of the last processed mail is always saved regardles
+of the `uid_tracking` value, so you can switch its value as needed. In
+transition from the previous IMAP input plugin version, first process at least
+one mail with `uid_tracking` set to `false` to save the UID of the last
+processed mail and then switch `uid_tracking` to `true`.
+
 [id="plugins-{type}s-{plugin}-user"]
-===== `user` 
+===== `user`
 
   * This is a required setting.
   * Value type is <<string,string>>
@@ -163,7 +249,7 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-verify_cert"]
-===== `verify_cert` 
+===== `verify_cert`
 
   * Value type is <<boolean,boolean>>
   * Default value is `true`
@@ -173,4 +259,6 @@ content-type as the event message.
 
 
 [id="plugins-{type}s-{plugin}-common-options"]
-include::{include_path}/{type}.asciidoc[]
+include::{include_path}/{type}.asciidoc[]
+
+:default_codec!:

data/lib/logstash/inputs/imap.rb

@@ -3,13 +3,22 @@ require "logstash/inputs/base"
 require "logstash/namespace"
 require "logstash/timestamp"
 require "stud/interval"
-require "socket" # for Socket.gethostname
+require 'fileutils'
+
+require 'logstash/plugin_mixins/ecs_compatibility_support'
+require 'logstash/plugin_mixins/ecs_compatibility_support/target_check'
+require 'logstash/plugin_mixins/validator_support/field_reference_validation_adapter'
 
 # Read mails from IMAP server
 #
 # Periodically scan an IMAP folder (`INBOX` by default) and move any read messages
 # to the trash.
 class LogStash::Inputs::IMAP < LogStash::Inputs::Base
+
+  include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
+
+  extend LogStash::PluginMixins::ValidatorSupport::FieldReferenceValidationAdapter
+
   config_name "imap"
 
   default :codec, "plain"
@@ -24,16 +33,57 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
 
   config :folder, :validate => :string, :default => 'INBOX'
   config :fetch_count, :validate => :number, :default => 50
-  config :lowercase_headers, :validate => :boolean, :default => true
   config :check_interval, :validate => :number, :default => 300
+
+  config :lowercase_headers, :validate => :boolean, :default => true
+
+  config :headers_target, :validate => :field_reference # ECS default: [@metadata][input][imap][headers]
+
   config :delete, :validate => :boolean, :default => false
   config :expunge, :validate => :boolean, :default => false
+
   config :strip_attachments, :validate => :boolean, :default => false
-  
-  # For multipart messages, use the first part that has this
-  # content-type as the event message.
+  config :save_attachments, :validate => :boolean, :default => false
+
+  # Legacy default: [attachments]
+  # ECS default: [@metadata][input][imap][attachments]
+  config :attachments_target, :validate => :field_reference
+
+  # For multipart messages, use the first part that has this content-type as the event message.
   config :content_type, :validate => :string, :default => "text/plain"
 
+  # Whether to use IMAP uid to track last processed message
+  config :uid_tracking, :validate => :boolean, :default => false
+
+  # Path to file with last run time metadata
+  config :sincedb_path, :validate => :string, :required => false
+
+  def initialize(*params)
+    super
+
+    if original_params.include?('headers_target')
+      @headers_target = normalize_field_ref(headers_target)
+    else
+      # NOTE: user specified `headers_target => ''` means disable headers (@headers_target == nil)
+      # unlike our default here (@headers_target == '') causes setting headers at top level ...
+      @headers_target = ecs_compatibility != :disabled ? '[@metadata][input][imap][headers]' : ''
+    end
+
+    if original_params.include?('attachments_target')
+      @attachments_target = normalize_field_ref(attachments_target)
+    else
+      @attachments_target = ecs_compatibility != :disabled ? '[@metadata][input][imap][attachments]' : '[attachments]'
+    end
+  end
+
+  # @note a '' target value is normalized to nil
+  def normalize_field_ref(target)
+    return nil if target.nil? || target.empty?
+    # so we can later event.set("#{target}[#{name}]", ...)
+    target.match?(/\A[^\[\]]+\z/) ? "[#{target}]" : target
+  end
+  private :normalize_field_ref
+
   def register
     require "net/imap" # in stdlib
     require "mail" # gem 'mail'
@@ -50,6 +100,23 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
       end
     end
 
+    # Load last processed IMAP uid from file if exists
+    if @sincedb_path.nil?
+      datapath = File.join(LogStash::SETTINGS.get_value("path.data"), "plugins", "inputs", "imap")
+      # Ensure that the filepath exists before writing, since it's deeply nested.
+      FileUtils::mkdir_p datapath
+      @sincedb_path = File.join(datapath, ".sincedb_" + Digest::MD5.hexdigest("#{@user}_#{@host}_#{@port}_#{@folder}"))
+      @logger.debug? && @logger.debug("Generated sincedb path", sincedb_path: @sincedb_path)
+    end
+    @logger.info("Using", sincedb_path: @sincedb_path)
+    if File.exist?(@sincedb_path)
+      if File.directory?(@sincedb_path)
+        raise ArgumentError.new("The \"sincedb_path\" argument must point to a file, received a directory: \"#{@sincedb_path}\"")
+      end
+      @uid_last_value = File.read(@sincedb_path).to_i
+      @logger.debug? && @logger.debug("Loaded from sincedb", uid_last_value: @uid_last_value)
+    end
+
     @content_type_re = Regexp.new("^" + @content_type)
   end # def register
 
@@ -75,39 +142,73 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
     # EOFError, OpenSSL::SSL::SSLError
     imap = connect
     imap.select(@folder)
-    ids = imap.search("NOT SEEN")
+    if @uid_tracking && @uid_last_value
+      # If there are no new messages, uid_search returns @uid_last_value
+      # because it is the last message, so we need to delete it.
+      ids = imap.uid_search(["UID", (@uid_last_value+1..-1)]).delete_if { |uid|
+        uid <= @uid_last_value
+      }
+    else
+      ids = imap.uid_search("NOT SEEN")
+    end
 
     ids.each_slice(@fetch_count) do |id_set|
-      items = imap.fetch(id_set, "RFC822")
+      items = imap.uid_fetch(id_set, ["BODY.PEEK[]", "UID"])
       items.each do |item|
-        next unless item.attr.has_key?("RFC822")
-        mail = Mail.read_from_string(item.attr["RFC822"])
+        next unless item.attr.has_key?("BODY[]")
+        mail = Mail.read_from_string(item.attr["BODY[]"])
         if @strip_attachments
           queue << parse_mail(mail.without_attachments!)
         else
           queue << parse_mail(mail)
         end
+        # Mark message as processed
+        @uid_last_value = item.attr["UID"]
+        imap.uid_store(@uid_last_value, '+FLAGS', @delete || @expunge ? :Deleted : :Seen)
+
+        # Stop message processing if it is requested
+        break if stop?
       end
 
-      imap.store(id_set, '+FLAGS', @delete ? :Deleted : :Seen)
-  
+      # Expunge deleted messages
+      imap.expunge() if @expunge
+
+      # Stop message fetching if it is requested
+      break if stop?
     end
 
-  # Enable an 'expunge' IMAP command after the items.each loop
-    if @expunge 
-    # Force messages to be marked as "Deleted", the above may or may not be working as expected. "Seen" means nothing if you are going to
-    # delete a message after processing.
-      imap.store(id_set, '+FLAGS', [:Deleted])
-      imap.expunge()
+  rescue => e
+    @logger.error("Encountered error #{e.class}", :message => e.message, :backtrace => e.backtrace)
+    # Do not raise error, check_mail will be invoked in the next run time
+  ensure
+    # Close the connection (and ignore errors)
+    imap.close rescue nil
+    imap.disconnect rescue nil
+
+    # Always save @uid_last_value so when tracking is switched from
+    # "NOT SEEN" to "UID" we will continue from first unprocessed message
+    if @uid_last_value
+      @logger.debug? && @logger.debug("Saving to sincedb", uid_last_value: @uid_last_value)
+      File.write(@sincedb_path, @uid_last_value)
     end
+  end
 
-    imap.close
-    imap.disconnect
+  def parse_attachments(mail)
+    attachments = []
+    mail.attachments.each do |attachment|
+      if @save_attachments
+        attachments << { "filename" => attachment.filename, "data" => attachment.body.encoded }
+      else
+        attachments << { "filename" => attachment.filename}
+      end
+    end
+    return attachments
   end
 
   def parse_mail(mail)
     # Add a debug message so we can track what message might cause an error later
-    @logger.debug? && @logger.debug("Working with message_id", :message_id => mail.message_id)
+    @logger.debug? && @logger.debug("Processing mail", message_id: mail.message_id)
+
     # TODO(sissel): What should a multipart message look like as an event?
     # For now, just take the plain-text part and set it as the message.
     if mail.parts.count == 0
@@ -117,36 +218,20 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
       # Multipart message; use the first text/plain part we find
       part = mail.parts.find { |p| p.content_type.match @content_type_re } || mail.parts.first
       message = part.decoded
+
+      # Parse attachments
+      attachments = parse_attachments(mail)
     end
 
     @codec.decode(message) do |event|
       # Use the 'Date' field as the timestamp
       event.timestamp = LogStash::Timestamp.new(mail.date.to_time)
 
-      # Add fields: Add message.header_fields { |h| h.name=> h.value }
-      mail.header_fields.each do |header|
-        # 'header.name' can sometimes be a Mail::Multibyte::Chars, get it in String form
-        name = @lowercase_headers ? header.name.to_s.downcase : header.name.to_s
-        # Call .decoded on the header in case it's in encoded-word form.
-        # Details at:
-        #   https://github.com/mikel/mail/blob/master/README.md#encodings
-        #   http://tools.ietf.org/html/rfc2047#section-2
-        value = transcode_to_utf8(header.decoded.to_s)
-
-        # Assume we already processed the 'date' above.
-        next if name == "Date"
-
-        case (field = event.get(name))
-        when String
-          # promote string to array if a header appears multiple times
-          # (like 'received')
-          event.set(name, [field, value])
-        when Array
-          field << value
-          event.set(name, field)
-        when nil
-          event.set(name, value)
-        end
+      process_headers(mail, event) if @headers_target
+
+      # Add attachments
+      if attachments && attachments.length > 0 && @attachments_target
+        event.set(@attachments_target, attachments)
       end
 
       decorate(event)
@@ -154,9 +239,35 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
     end
   end
 
+  def process_headers(mail, event)
+    # Add fields: Add message.header_fields { |h| h.name=> h.value }
+    mail.header_fields.each do |header|
+      # 'header.name' can sometimes be a Mail::Multibyte::Chars, get it in String form
+      name = header.name.to_s
+      name = name.downcase if @lowercase_headers
+
+      # Call .decoded on the header in case it's in encoded-word form.
+      # Details at:
+      #   https://github.com/mikel/mail/blob/master/README.md#encodings
+      #   http://tools.ietf.org/html/rfc2047#section-2
+      value = transcode_to_utf8(header.decoded)
+
+      targeted_name = "#{@headers_target}[#{name}]"
+      case (field = event.get(targeted_name))
+      when String
+        # promote string to array if a header appears multiple times (like 'received')
+        event.set(targeted_name, [field, value])
+      when Array
+        field << value
+        event.set(targeted_name, field)
+      when nil
+        event.set(targeted_name, value)
+      end
+    end
+  end
+
   def stop
     Stud.stop!(@run_thread)
-    $stdin.close
   end
 
   private
@@ -165,8 +276,7 @@ class LogStash::Inputs::IMAP < LogStash::Inputs::Base
   # the mail gem will set the correct encoding on header strings decoding
   # and we want to transcode it to utf8
   def transcode_to_utf8(s)
-    unless s.nil?
-      s.encode(Encoding::UTF_8, :invalid => :replace, :undef => :replace)
-    end
+    return nil if s.nil?
+    s.encode(Encoding::UTF_8, :invalid => :replace, :undef => :replace)
   end
 end

data/logstash-input-imap.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-input-imap'
-  s.version         = '3.0.5'
+  s.version         = '3.2.0'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Reads mail from an IMAP server"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -21,6 +21,8 @@ Gem::Specification.new do |s|
 
   # Gem dependencies
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
+  s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~> 1.3'
+  s.add_runtime_dependency 'logstash-mixin-validator_support', '~> 1.0'
   s.add_runtime_dependency 'logstash-codec-plain'
   s.add_runtime_dependency 'mail', '~> 2.6.3'
   s.add_runtime_dependency 'mime-types', '2.6.2'

data/spec/inputs/imap_spec.rb

@@ -1,9 +1,11 @@
 # encoding: utf-8
 require "logstash/devutils/rspec/spec_helper"
+require "logstash/devutils/rspec/shared_examples"
+require 'logstash/plugin_mixins/ecs_compatibility_support/spec_helper'
 require "logstash/inputs/imap"
 require "mail"
 require "net/imap"
-
+require "base64"
 
 describe LogStash::Inputs::IMAP do
 
@@ -25,7 +27,7 @@ describe LogStash::Inputs::IMAP do
         allow(imap).to receive(:store)
         allow(ids).to receive(:each_slice).and_return([])
 
-        allow(imap).to receive(:search).with("NOT SEEN").and_return(ids)
+        allow(imap).to receive(:uid_search).with("NOT SEEN").and_return(ids)
         allow(Net::IMAP).to receive(:new).and_return(imap)
       end
     end
@@ -33,103 +35,233 @@ describe LogStash::Inputs::IMAP do
 
 end
 
-describe LogStash::Inputs::IMAP do
+describe LogStash::Inputs::IMAP, :ecs_compatibility_support do
   user = "logstash"
   password = "secret"
   msg_time = Time.new
   msg_text = "foo\nbar\nbaz"
   msg_html = "<p>a paragraph</p>\n\n"
+  msg_binary = "\x42\x43\x44"
+  msg_unencoded = "raw text 🐐"
+
+  let(:config) do
+    { "host" => "localhost", "user" => "#{user}", "password" => "#{password}" }
+  end
+
+  subject(:input) do
+    LogStash::Inputs::IMAP.new config
+  end
 
-  subject do
+  let(:mail) do
     Mail.new do
       from     "me@example.com"
       to       "you@example.com"
       subject  "logstash imap input test"
       date     msg_time
       body     msg_text
+      message_id '<123@message.id>' # 'Message-ID' header
+      # let's have some headers:
+      header['X-Priority'] = '3'
+      header['X-Bot-ID'] = '111'
+      header['X-AES-Category'] = 'LEGIT'
+      header['X-Spam-Category'] = 'LEGIT'
+      header['Spam-Stopper-Id'] = '464bbb1a-1b86-4006-8a09-ce797fb56346'
+      header['Spam-Stopper-v2'] = 'Yes'
+      header['X-Mailer'] = 'Microsoft Outlook Express 6.00.2800.1106'
+      header['X-MimeOLE'] = 'Produced By Microsoft MimeOLE V6.00.2800.1106'
       add_file :filename => "some.html", :content => msg_html
+      add_file :filename => "image.png", :content => msg_binary
+      add_file :filename => "unencoded.data", :content => msg_unencoded, :content_transfer_encoding => "7bit"
     end
   end
 
-  context "with both text and html parts" do
+  before do
+    input.register
+  end
+
+  ecs_compatibility_matrix(:disabled, :v1, :v8) do |ecs_select|
+
+    let(:ecs_compatibility?) { ecs_select.active_mode != :disabled }
+
+    let (:config) { super().merge('ecs_compatibility' => ecs_select.active_mode) }
+
     context "when no content-type selected" do
       it "should select text/plain part" do
-        config = {"type" => "imap", "host" => "localhost",
-                  "user" => "#{user}", "password" => "#{password}"}
-
-        input = LogStash::Inputs::IMAP.new config
-        input.register
-        event = input.parse_mail(subject)
-        insist { event.get("message") } == msg_text
+        event = input.parse_mail(mail)
+        expect( event.get("message") ).to eql msg_text
       end
     end
 
     context "when text/html content-type selected" do
+      let(:config) { super().merge("content_type" => "text/html") }
+
       it "should select text/html part" do
-        config = {"type" => "imap", "host" => "localhost",
-                  "user" => "#{user}", "password" => "#{password}",
-                  "content_type" => "text/html"}
+        event = input.parse_mail(mail)
+        expect( event.get("message") ).to eql msg_html
+      end
+    end
 
-        input = LogStash::Inputs::IMAP.new config
-        input.register
-        event = input.parse_mail(subject)
-        insist { event.get("message") } == msg_html
+    context "mail headers" do
+      let(:config) { super().merge("lowercase_headers" => true) } # default
+
+      before { @event = input.parse_mail(mail) }
+
+      it "sets all header fields" do
+        if ecs_compatibility?
+          expect( @event.get("[@metadata][input][imap][headers][x-spam-category]") ).to eql 'LEGIT'
+          expect( @event.get("[@metadata][input][imap][headers][x-aes-category]") ).to eql 'LEGIT'
+          expect( @event.get("[@metadata][input][imap][headers][x-bot-id]") ).to eql '111'
+          ['spam-stopper-id', 'spam-stopper-v2', 'x-mimeole', 'message-id', 'x-priority'].each do |name|
+            expect( @event.include?("[@metadata][input][imap][headers][#{name}]") ).to be true
+          end
+          expect( @event.get("[@metadata][input][imap][headers][from]") ).to eql 'me@example.com'
+          expect( @event.get("[@metadata][input][imap][headers][to]") ).to eql 'you@example.com'
+          expect( @event.get("[@metadata][input][imap][headers][subject]") ).to eql 'logstash imap input test'
+        else
+          expect( @event.get("x-spam-category") ).to eql 'LEGIT'
+          expect( @event.get("x-aes-category") ).to eql 'LEGIT'
+          expect( @event.get("x-bot-id") ).to eql '111'
+          ['spam-stopper-id', 'spam-stopper-v2', 'x-mimeole', 'message-id', 'x-priority'].each do |name|
+            expect( @event.include?(name) ).to be true
+          end
+          expect( @event.get("from") ).to eql 'me@example.com'
+          expect( @event.get("to") ).to eql 'you@example.com'
+          expect( @event.get("subject") ).to eql 'logstash imap input test'
+        end
+      end
+
+      it 'does include the date header' do
+        expect( @event.include?('date') ).to be true unless ecs_compatibility?
+        expect( @event.include?('Date') ).to be false
       end
     end
-  end
 
-  context "when subject is in RFC 2047 encoded-word format" do
-    it "should be decoded" do
-      subject.subject = "=?iso-8859-1?Q?foo_:_bar?="
-      config = {"type" => "imap", "host" => "localhost",
-                "user" => "#{user}", "password" => "#{password}"}
+    context "mail headers (not lower-cased)" do
+      let(:config) { super().merge("lowercase_headers" => false) }
+
+      before { @event = input.parse_mail(mail) }
+
+      it "sets all header fields" do
+        if ecs_compatibility?
+          expect( @event.get("[@metadata][input][imap][headers][X-Spam-Category]") ).to eql 'LEGIT'
+          expect( @event.get("[@metadata][input][imap][headers][X-AES-Category]") ).to eql 'LEGIT'
+          expect( @event.get("[@metadata][input][imap][headers][X-Bot-ID]") ).to eql '111'
+          ['Spam-Stopper-Id', 'Spam-Stopper-v2', 'X-MimeOLE', 'Message-ID', 'X-Priority'].each do |name|
+            expect( @event.include?("[@metadata][input][imap][headers][#{name}]") ).to be true
+          end
+          expect( @event.get("[@metadata][input][imap][headers][From]") ).to eql 'me@example.com'
+          expect( @event.get("[@metadata][input][imap][headers][To]") ).to eql 'you@example.com'
+          expect( @event.get("[@metadata][input][imap][headers][Subject]") ).to eql 'logstash imap input test'
+        else
+          expect( @event.get("X-Spam-Category") ).to eql 'LEGIT'
+          expect( @event.get("X-AES-Category") ).to eql 'LEGIT'
+          expect( @event.get("X-Bot-ID") ).to eql '111'
+          ['Spam-Stopper-Id', 'Spam-Stopper-v2', 'X-MimeOLE', 'Message-ID', 'X-Priority'].each do |name|
+            expect( @event.include?(name) ).to be true
+          end
+          expect( @event.get("From") ).to eql 'me@example.com'
+          expect( @event.get("To") ).to eql 'you@example.com'
+          expect( @event.get("Subject") ).to eql 'logstash imap input test'
+        end
+      end
 
-      input = LogStash::Inputs::IMAP.new config
-      input.register
-      event = input.parse_mail(subject)
-      insist { event.get("subject") } == "foo : bar"
+      it 'does include the date header' do
+        expect( @event.include?('Date') ).to be true unless ecs_compatibility?
+      end
     end
-  end
 
-  context "with multiple values for same header" do
-    it "should add 2 values as array in event" do
-      subject.received = "test1"
-      subject.received = "test2"
+    context "headers_target => ''" do
+      let(:config) { super().merge("headers_target" => '') }
+
+      before { @event = input.parse_mail(mail) }
+
+      it "does not set any header fields" do
+        ['From', 'To', 'Subject', 'subject', 'Date', 'date'].each do |name|
+          expect( @event.include?(name) ).to be false # legacy
+          expect( @event.include?("[@metadata][input][imap][headers][#{name}]") ).to be false # ecs
+        end
+      end
+    end
+
+    context "when subject is in RFC 2047 encoded-word format" do
+      before do
+        mail.subject = "=?iso-8859-1?Q?foo_:_bar?="
+      end
+
+      it "should be decoded" do
+        event = input.parse_mail(mail)
+        if ecs_compatibility?
+          expect( event.get("[@metadata][input][imap][headers][subject]") ).to eql "foo : bar"
+        else
+          expect( event.get("subject") ).to eql "foo : bar"
+        end
+      end
+    end
+
+    context "with multiple values for same header" do
+      it "should add 2 values as array in event" do
+        mail.received = "test1"
+        mail.received = "test2"
+
+        event = input.parse_mail(mail)
+        expected_value = ["test1", "test2"]
+        if ecs_compatibility?
+          expect( event.get("[@metadata][input][imap][headers][received]") ).to eql expected_value
+        else
+          expect( event.get("received") ).to eql expected_value
+        end
+      end
 
-      config = {"type" => "imap", "host" => "localhost",
-                "user" => "#{user}", "password" => "#{password}"}
+      it "should add more than 2 values as array in event" do
+        mail.received = "test1"
+        mail.received = "test2"
+        mail.received = "test3"
 
-      input = LogStash::Inputs::IMAP.new config
-      input.register
-      event = input.parse_mail(subject)
-      insist { event.get("received") } == ["test1", "test2"]
+        event = input.parse_mail(mail)
+        expected_value = ["test1", "test2", "test3"]
+        if ecs_compatibility?
+          expect( event.get("[@metadata][input][imap][headers][received]") ).to eql expected_value
+        else
+          expect( event.get("received") ).to eql expected_value
+        end
+      end
     end
 
-    it "should add more than 2 values as array in event" do
-      subject.received = "test1"
-      subject.received = "test2"
-      subject.received = "test3"
+    context "when a header field is nil" do
+      it "should parse mail" do
+        mail.header['X-Custom-Header'] = nil
 
-      config = {"type" => "imap", "host" => "localhost",
-                "user" => "#{user}", "password" => "#{password}"}
+        event = input.parse_mail(mail)
+        expect( event.get("message") ).to eql msg_text
+      end
+    end
 
-      input = LogStash::Inputs::IMAP.new config
-      input.register
-      event = input.parse_mail(subject)
-      insist { event.get("received") } == ["test1", "test2", "test3"]
+    context "attachments" do
+      it "should extract filenames" do
+        event = input.parse_mail(mail)
+        target = ecs_compatibility? ? '[@metadata][input][imap][attachments]' : 'attachments'
+        expect( event.get(target) ).to eql [
+                                                {"filename"=>"some.html"},
+                                                {"filename"=>"image.png"},
+                                                {"filename"=>"unencoded.data"}
+                                            ]
+      end
     end
-  end
 
-  context "when a header field is nil" do
-    it "should parse mail" do
-      subject.header['X-Custom-Header'] = nil
-      config = {"type" => "imap", "host" => "localhost",
-                "user" => "#{user}", "password" => "#{password}"}
+    context "with attachments saving" do
+      let(:config) { super().merge("save_attachments" => true) }
 
-      input = LogStash::Inputs::IMAP.new config
-      input.register
-      event = input.parse_mail(subject)
-      insist { event.get("message") } == msg_text
+      it "should extract the encoded content" do
+        event = input.parse_mail(mail)
+        target = ecs_compatibility? ? '[@metadata][input][imap][attachments]' : 'attachments'
+        expect( event.get(target) ).to eql [
+                                                {"data"=> Base64.encode64(msg_html).encode(crlf_newline: true), "filename"=>"some.html"},
+                                                {"data"=> Base64.encode64(msg_binary).encode(crlf_newline: true), "filename"=>"image.png"},
+                                                {"data"=> msg_unencoded, "filename"=>"unencoded.data"}
+                                            ]
+      end
     end
+
   end
+
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-imap
 version: !ruby/object:Gem::Version
-  version: 3.0.5
+  version: 3.2.0
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-11-07 00:00:00.000000000 Z
+date: 2021-12-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -30,6 +30,34 @@ dependencies:
     - - "<="
       - !ruby/object:Gem::Version
         version: '2.99'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  name: logstash-mixin-ecs_compatibility_support
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  name: logstash-mixin-validator_support
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
@@ -139,8 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.11
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Reads mail from an IMAP server