Commit | Line | Data |
---|---|---|
e05f33e0 PH |
1 | $Cambridge: exim/doc/doc-misc/LongTermIssues,v 1.1 2004/10/08 10:38:47 ph10 Exp $ |
2 | ||
3 | Exim Long Term Issues | |
4 | --------------------- | |
5 | ||
6 | I restarted this list from scratch for Exim 4. I amalgamated it with another | |
7 | list when creating the CVS repository (October 2004). But it still probably | |
8 | needs a substantial spring clean. Some of it is very old now. | |
9 | ||
10 | ||
11 | AUTOCONF | |
12 | -------- | |
13 | ||
14 | Somebody once tried to \(autoconf)\ Exim, but found it too big a job. I now | |
15 | have some experience with using \(autoconf)\ for PCRE, and I think maybe some | |
16 | use could be made of it. I don't, however, believe that \(all)\ Exim build-time | |
17 | configuration should be done that way. The reason is that, unlike something | |
18 | like PCRE, there is quite a lot of information that is "user choice". Giving it | |
19 | all as options to a \(configure)\ command does not seem the best way of doing | |
20 | things. | |
21 | ||
22 | Whenever I build something that needs more than a couple of obvious options to | |
23 | \(configure)\, I always save them in a file anyway, so I know what I did for | |
24 | next time. Therefore, I think it is sensible to retain the current Local file | |
25 | structure for all the user choice configuration. | |
26 | ||
27 | However, it might be helpful to use \(autoconf)\ to dig out various bits of | |
28 | information about the operating system. At present, the \(OS/Makefile-*)\ files | |
29 | have hard-wired settings, and maybe this information could be figured out by | |
30 | running \(autoconf)\, which would save having to keep maintaining these files. | |
31 | ||
32 | I would arrange things so that \(configure)\ is run automatically the first | |
33 | time that \(make)\ is run, but it would be possible to run it manually first, | |
34 | to override defaults. (For example, if you have both \(cc)\ and \(gcc)\ | |
35 | installed on your system, as I do, you need to be able to specify which to | |
36 | use.) I will need to do some experiments to see exactly how this would work. | |
37 | ||
38 | ||
39 | EXIMON and other utilities | |
40 | -------------------------- | |
41 | ||
42 | . Consider optionally making it possible to link with something other than | |
43 | Athena widgets - for example, gtk. Or indeed re-write the whole thing! | |
44 | ||
45 | ||
46 | GENERAL | |
47 | ------- | |
48 | ||
49 | . Convert os.c into a directory of separate functions, with the macro | |
50 | switches defined elsewhere. Then make it into a library. | |
51 | ||
52 | . Use a pointer to an address structure for expanding $domain etc, to make it | |
53 | easier to save/restore this collection of variables. But note that $domain | |
54 | and $local_part aren't always in an address. Check out when these are set. | |
55 | Note also the new $address_data possibility. | |
56 | ||
57 | . Spool_in and spool_out - speed up by using a table? | |
58 | ||
59 | . Find a more compact way of encoding the options interpretation, and also of | |
60 | checking for incompatible options. | |
61 | ||
62 | . Find a more compact way of passing an open SMTP channel without having | |
63 | to use options. What about the TLS state information? Could use a pipe to | |
64 | pass more data. | |
65 | ||
66 | . Some people have suggested separately loadable modules. But do all systems | |
67 | have them? Is this going too far for just a few specialist users? In | |
68 | particular, people want to be able to replace the logging with his own code. | |
69 | Can we arrange this without going for the separately loaded modules? (cf the | |
70 | incoming checking code.) | |
71 | ||
72 | . SIGHUP the daemon - don't close the sockets; instead pass a list of them | |
73 | somewhere for the new daemon to pick up. Iff started by exim or root, of | |
74 | course. There might be quite a long list of them - argv might not be the best | |
75 | idea. If this were done, then a non-setuid exim daemon could be SIGHUPped. | |
76 | ||
77 | . Parallel deliveries. Currently dead host information doesn't get propagated | |
78 | between them very well. Is there anyway this could be improved? | |
79 | ||
80 | . In some environments the use of gethostbyname() seems to cause problems. | |
81 | Check out its use, and see if having a "force DNS" option could be helpful. | |
82 | But people would have to know what they were doing. | |
83 | ||
84 | . accept_max_per_host is a slow, linear search. If smtp_accept_max is large, | |
85 | this can be very slow. Is there some way we can speed this up? Some kind of | |
86 | index based on the IP address? Remember, this is in the daemon, so it must | |
87 | not consume store. | |
88 | ||
89 | . Change the names of all the pcre_ stuff to, say, PCRE_ so that Exim can be | |
90 | linked with libraries or whatever that also use an external PCRE library. | |
91 | ||
92 | . Look at code in pidentd for running Exim in wait mode from inetd and re-using | |
93 | the socket. This would allow it to run more tidily as non-root. | |
94 | ||
95 | . Think up some scheme for checking for orphan files in the spool directories. | |
96 | Perhaps -bp should always do it, but it would be nice to have it done | |
97 | automatically now and again. Maybe we just leave this for a cron job? Perhaps | |
98 | a new -bx, e.g. -bpck or something. Better, perhaps, is a separate Perl | |
99 | script. Orphan = a file that is over 24h old (or 1s when test harness) and | |
100 | either doesn't end in -D or -H, or is a -D without a matching -H (or vice | |
101 | versa). | |
102 | ||
103 | . Make set_process_info buffer bigger, and put the overflowed message at the | |
104 | end, thereby leaving the start. | |
105 | ||
106 | . Swamping with delays in checking for reserved hosts - the connections are | |
107 | counted in the total allowed. Can we improve on this somehow? Maybe shared | |
108 | memory can help here. Think about different states and different limits. | |
109 | ||
110 | . Lists that must use colons: can we check for other cases, and fix them up | |
111 | before passing them on? Is it worth it? | |
112 | ||
113 | . Linux for S/390 - create configuration? | |
114 | ||
115 | . Process receiving error message fails - can we get more info, such as the | |
116 | stdout/stderr? | |
117 | ||
118 | . dbmbuild - if renaming one of .dir/.pag fails, reinstate the other. Should | |
119 | there be a lock? | |
120 | ||
121 | . Write a script to check for format problems in the source - formats that are | |
122 | not fixed strings and are built from outside code. | |
123 | ||
124 | . freeze_tell: Don't if message is a bounce message containing From: the local | |
125 | machine - even if the bounce comes from another host. | |
126 | ||
127 | . Add additional data into the "frozen" log message at end of delivery, e.g. if | |
128 | remote host was the local host or whatever. At least some cross referencing. | |
129 | ||
130 | . Someone had a requirement to install the Exim binary in a different place to | |
131 | the utilities, etc. Also, for different builds on the same host and | |
132 | architecture. | |
133 | ||
134 | . Include (part of?) the ppid in the message id? Or a random number? | |
135 | ||
136 | . Re-implement the code in readconf that reads error names for retry rules. | |
137 | Make it use a table for most of the error types. Then see if we can usefully | |
138 | add any additional error types. | |
139 | ||
140 | . Should there be "exim -bP acls" etc? It would mean inventing some kind of | |
141 | "hide" facility within the ACL syntax. | |
142 | ||
143 | . VERY LONG TERM: the message ID is too small now, with the recent changes to | |
144 | cram in the sub-second time. It would be a big project to extend it; Exim | |
145 | would have to recognize both forms for a while, and become stable, before | |
146 | generating the new form. Probably a runtime switch needed. The new form needs | |
147 | at least microsecond time (or more?) and should probably cope with 64-bit | |
148 | pids, just to be safe (or leave expansion space that could be used for that). | |
149 | It should also be able to hold big enough things in base 36. | |
150 | ||
151 | . Take a look at libexec. | |
152 | ||
153 | . Sort out the stcncpy/strlcpy issue once and for all. Time things. | |
154 | ||
155 | . Error in transport filter. See test 407. All 3 processes see errors - which | |
156 | one should be noticed? Transport_filter_temp_errors may be needed. | |
157 | ||
158 | . Think about 5xx thresholds -- too many and you're out. What about 4xx? | |
159 | ||
160 | . autoreply - should it call /usr/sbin/sendmail? Provide a way of not passing | |
161 | -C and -D when creating the message ('cause it won't be privileged). | |
162 | ||
163 | . Strings containing \000 - anything we can do? | |
164 | ||
165 | . OpenSSL - can we pass an opened file for certificate? Repeatedly? | |
166 | Otherwise pre-initialize while root? There do seem to be functions for | |
167 | manipulating certificates, but documentation is scarce. Can we just load the | |
168 | certificate in as root in the server? | |
169 | ||
170 | . Consider using poll() to close unwanted fds. Is this efficient? Perhaps it | |
171 | doesn't matter for the daemon. | |
172 | ||
173 | . On a 64-bit system there are some cast warnings for casting addresses to | |
174 | ints. Either we must find a way of not warning, or we'll have to use unions | |
175 | to get round it. | |
176 | ||
177 | . Run splint on the source? | |
178 | ||
179 | . It has been suggested that rejection because not authenticated should use | |
180 | 530 and not 550, but this is hard to detect because of the way ACLs work. | |
181 | ||
182 | . When there is a sender verify failure, $acl_verify_message contains "sender | |
183 | verify failed", not the details of the failure. Should this change? Some of | |
184 | the waffly details are added later in smtp_in.c. In the ACL that text is in | |
185 | sender_verified_failed->user_message. | |
186 | ||
187 | . An empty string for a transport filter currently causes an error. Should it | |
188 | ignore? Tricky because of special expansion rules for commands. | |
189 | ||
190 | . GFDL for documentation (www.gnu.org/licenses/fdl.html)? The 1.2 version of | |
191 | this licence is still quite new (it is dated November 2002) so I think | |
192 | waiting for reaction/opinion is the best plan. There are Debian concerns | |
193 | about this licence. At very least, no Invariant Sections and no Cover Texts | |
194 | can be used. | |
195 | ||
196 | . Allow $recipients in other places. Not clear what this value should be if, | |
197 | say, the system filter has overridden them. Default would be envelope | |
198 | recipients, as now. | |
199 | ||
200 | End |