Commit | Line | Data |
---|---|---|
495ae4b0 PH |
1 | This document contains information about upgrading Exim to the last of the 3.xx |
2 | releases. It is provided to help anybody who is upgrading to release 4.xx from | |
3 | a release that is earlier than 3.33. It goes back as far as release 2.12. If | |
4 | you are upgrading to release 4.xx from an even earlier release, it is probably | |
5 | best to start again from the default configuration. | |
6 | ||
7 | ||
8 | Upgrading from release 3.16 | |
9 | --------------------------- | |
10 | ||
11 | 1. The way LDAP returns values for multiple attributes has been changed to be | |
12 | the same as the NIS+ lookup. | |
13 | ||
14 | If you specify multiple attributes, they are returned as space-separated | |
15 | strings, quoted if necessary. | |
16 | ||
17 | e.g. ldap:///o=base?attr1,attr2?sub?(uid=fred) | |
18 | ||
19 | used to give: attr1=value one, attr2=value2 | |
20 | now gives: attr1="value one" attr2=value2 | |
21 | ||
22 | If you don't specify any attributes in the search, you now get them in | |
23 | the tagged format as well. | |
24 | ||
25 | e.g. ldap:///o=base??sub?(uid=fred) | |
26 | ||
27 | used to give: top, value one, value2 | |
28 | now gives: objectClass=top attr1="value one" attr2=value2 | |
29 | ||
30 | The reason for these changes is so that the results can be safely parsed - | |
31 | in fact, the existing ${extract{key}{val}} function does this nicely. | |
32 | This in turn allows a single LDAP query to be reused - one query can return | |
33 | the destination delivery address, the quota, and so forth. | |
34 | ||
35 | This is NOT a backwards compatible change, so there is a compile-time option | |
36 | to reverse it in the src/lookups/ldap.c module, for use in emergency. But it is | |
37 | not thought that the old behaviour was particularly useful as it stood, because | |
38 | a field that contained ',' or '=' would make the result unparseable. | |
39 | ||
40 | In the common case where you explicitly ask for a single attribute in your | |
41 | LDAP query, the behaviour is unchanged - the result is not quoted, and if there | |
42 | are multiple values they are comma-separated. | |
43 | ||
44 | 2. The hosts_max_try option in the smtp transport limits the number of IP | |
45 | addresses that will actually be tried during one delivery attempt. The default | |
46 | is 5. Previously, all available addresses were tried. | |
47 | ||
48 | 3. The extension of the "extract" expansion item has resulted in a change to | |
49 | the way Exim decides between the keyed form and the numeric form. If the first | |
50 | argument consists entirely of digits, the numeric form is assumed. This means | |
51 | that it is impossible to have keys that are digit strings, without manipulating | |
52 | the data first (e.g. by using ${sg} to add a letter to each key). | |
53 | ||
54 | ||
55 | Upgrading from release 3.15 | |
56 | --------------------------- | |
57 | ||
58 | 1. The handling of "freeze" and "fail" in system filter files has changed. | |
59 | Previously, any deliveries set up by a filter that ended with "freeze" or | |
60 | "fail" were discarded. This no longer happens; such deliveries are honoured. | |
61 | A consequence of this is that first_delivery becomes false after freezing in a | |
62 | system filter; previously it remained true until a real delivery attempt | |
63 | happened. | |
64 | ||
65 | ||
66 | Upgrading from release 3.13 | |
67 | --------------------------- | |
68 | ||
69 | 1. The handling of maildir_tag has been changed (see NewStuff). There are two | |
70 | small incompatibilities: (a) Exim now inserts a leading colon only if the | |
71 | string begins with an alphanumeric character. So if you were using a string | |
72 | starting with a special character, you will have to add the leading colon to | |
73 | it to remain compatible. (b) The expansion of maildir_tag now happens after the | |
74 | file has been written, and $message_size is updated to the correct file size | |
75 | before the expansion. The tag is not used on the temporary file (it was | |
76 | previously). | |
77 | ||
78 | 2. The handling of Exim's configuration has changed in two ways: | |
79 | ||
80 | (a) Any line may be continued by ending it with a backslash. Trailing white | |
81 | space after the backslash, and leading white space on continuation lines is | |
82 | ignored. This means that quotes are no longer needed just to make it possible | |
83 | to continue an option setting. The difference between quoted and non-quoted | |
84 | strings is that quoted strings are processed for internal backslashed items | |
85 | such as \n. The only possible incompatibility of this change is if any | |
86 | existing configuration has a non-quoted line ended in backslash, which seems | |
87 | a very remote possibility. | |
88 | ||
89 | (b) All lists, with the exception of log_file_path, can now use a different | |
90 | character to colon as the separator. This is specified by starting the list | |
91 | with <x where x is any punctuation character. For example: | |
92 | ||
93 | local_interfaces = <; 127.0.0.1 ; ::1 | |
94 | ||
95 | The new feature is provided to make life easier with IPv6 addresses. It is | |
96 | recommended that its use be confined to circumstances where it really is | |
97 | needed, and that colon be used in most cases. I don't believe this change | |
98 | is incompatible, because I don't think any list item can legitimately begin | |
99 | with a '<' character. | |
100 | ||
101 | 3. Previously, Exim took no action to ensure that the timestamps in its log | |
102 | files were "wall clock time". If the TZ environment variable was set when Exim | |
103 | was called, it could cause strange times to be logged. For the majority of | |
104 | operating systems, I have been able to fix this problem by deleting the entire | |
105 | environment. However, this doesn't work in some systems, and a macro called | |
106 | HANDS_OFF_ENVIRONMENT is defined in their OS/os.h files to suppress the action. | |
107 | These OS are: AIX, DGUX, HP-UX, IRIX, and SCO, and their behaviour should be | |
108 | unchanged from previous releases. On any other OS, if you find you are getting | |
109 | weird timestamps, it may be that your OS needs HANDS_OFF_ENVIRONMENT. | |
110 | ||
111 | 4. As a result of the change described in 3, there may be some cases where Exim | |
112 | runs an external program that previously got passed the environment, and now do | |
113 | not. This does *not* apply to the pipe transport, where the environment has | |
114 | always been set up specifically, as described in the manual. | |
115 | ||
116 | 5. The way in which Exim scans its queue when split_spool_directory is set has | |
117 | changed, but this shouldn't make any noticeable difference. See doc/NewStuff | |
118 | for defails. | |
119 | ||
120 | ||
121 | Upgrading from release 3.03 | |
122 | --------------------------- | |
123 | ||
124 | The from_hack option in the appendfile and pipe transports has been replace by | |
125 | two string options, check_string and escape_string. If your configuration | |
126 | contains any references to from_hack they should be replaced. Exim continues to | |
127 | recognize from_hack as a transitional measure. If no_from_hack is specified in | |
128 | an appendfile transport, the two new options are forced to be unset. Otherwise | |
129 | the setting of from_hack is ignored. | |
130 | ||
131 | ||
132 | Upgrading from release 3.02 | |
133 | --------------------------- | |
134 | ||
135 | The exim_dbmbuild utility has been changed to write a warning to stderr on | |
136 | encountering a duplicate key, and to return a value of 1. Formerly, it ignored | |
137 | all but the last of a set of duplicates; now it ignores all but the first, to | |
138 | make dbm-searched files behave the same way as lsearch-searched files. However, | |
139 | there is an option -lastdup which makes it behave as before. The -nowarn option | |
140 | suppresses the individual warnings, but the number of duplicates is always | |
141 | listed on stdout at the end. | |
142 | ||
143 | ||
144 | Updating from a release prior to 3.00 | |
145 | ------------------------------------- | |
146 | ||
147 | Prior to release 3.00 a lot of options which contained lists of various kinds | |
148 | came in groups such as sender_accept, sender_reject, sender_reject_except. This | |
149 | style of configuration has been abolished. Instead, it is now possible to put | |
150 | negative entries in such lists, so that a single option is all that is | |
151 | required. In addition to this, net lists have been abolished, and instead, | |
152 | host lists can now contain items that specify networks as well as hosts. The | |
153 | names of some of these options have also been changed. | |
154 | ||
155 | As a result of these changes, most configuration files used for earlier | |
156 | versions of Exim need to be changed. The opportunity has therefore been taken | |
157 | to remove a number of other obsolete features and options. | |
158 | ||
159 | A Perl script is built in the file util/convert4r3 to assist in updating Exim | |
160 | configuration files. It reads a configuration file on the standard input, | |
161 | writes a modified file on the standard output, and writes comments about what | |
162 | it has done to the standard error file. It assumes that the input is a valid | |
163 | Exim configuration file. A typical call to the conversion script might be | |
164 | ||
165 | util/convert4r3 </opt/exim/configure >/opt/exim/configure.new | |
166 | ||
167 | The way the script merges an accept/reject/reject_except triple into a single | |
168 | accept option is to put the reject_except list first, followed by the reject | |
169 | list with every item negated, followed by the accept list. For example, if an | |
170 | old configuration file contains | |
171 | ||
172 | sender_host_accept_relay = *.c.d : e.f.g | |
173 | sender_host_reject_relay = *.b.c.d | |
174 | sender_host_reject_relay_except = a.b.c.d | |
175 | ||
176 | the new configuration will contain | |
177 | ||
178 | host_accept_relay = a.b.c.d : ! *.b.c.d : *.c.d : e.f.g | |
179 | ||
180 | The same ordering is used to merge a triple into a reject option, but this time | |
181 | the first and third sublists are negated. For example, if an old configuration | |
182 | file contains | |
183 | ||
184 | sender_host_accept = *.c.d : e.f.g | |
185 | sender_host_reject = *.b.c.d | |
186 | sender_host_reject_except = a.b.c.d | |
187 | ||
188 | the new configuration file will contain | |
189 | ||
190 | host_reject = ! a.b.c.d : *.b.c.d : ! *.c.d : ! e.f.g : * | |
191 | ||
192 | The output file should be checked before trying to use it. Each option change | |
193 | is preceded by an identifying comment. There are several specific things that | |
194 | you should look out for when checking: | |
195 | ||
196 | (1) If you are using macros to contain lists of items, and these have to be | |
197 | negated in the new world, convert4r3 won't get it right. For example, if | |
198 | the old configuration contains | |
199 | ||
200 | ACCEPTHOSTS = *.c.d : e.f.g | |
201 | sender_host_reject = ACCEPTHOSTS | |
202 | ||
203 | then the rewritten configuration will be | |
204 | ||
205 | ACCEPTHOSTS = *.c.d : e.f.g | |
206 | host_reject = !ACCEPTHOSTS | |
207 | ||
208 | but because this is just textual macro handling, that is equivalent to | |
209 | ||
210 | host_reject = !*.c.d : e.f.g | |
211 | ||
212 | which is not the correct translation, because the second item is not | |
213 | negated. There is unfortunately no easy way to use a macro to provide a | |
214 | list of things that are sometimes negated. | |
215 | ||
216 | (2) The conversion adds some settings of file_transport, pipe_transport, and | |
217 | reply_transport to aliasfile and forwardfile directors. This is done | |
218 | because the global implicit defaults for these options have been removed. | |
219 | The default configuration now contains explicit settings, so convert4r3 | |
220 | makes these additions to be compatible with that. If your aliasfile and | |
221 | forwardfile directors do not make use of the pipe, file, or autoreply | |
222 | facilities, you can remove these new settings. | |
223 | ||
224 | (3) If you are using +allow_unknown in a host list which also has an exception | |
225 | list, you may need to move +allow_unknown in the new configuration. For | |
226 | example, if the old configuration contains | |
227 | ||
228 | sender_host_reject = +allow_unknown : *.b.c | |
229 | sender_host_reject_except = *.a.b.c | |
230 | ||
231 | then the rewritten configuration will be | |
232 | ||
233 | host_reject = ! *.a.b.c : +allow_unknown : *.b.c | |
234 | ||
235 | Because the negated item contains a wild card, the reverse lookup for the | |
236 | host name will occur before +allow_unknown is encountered, and therefore | |
237 | +allow_unknown will have no effect. It should be moved to the start of the | |
238 | list. | |
239 | ||
240 | One way of upgrading Exim from a pre-3.00 release to a post-3.00 release is as | |
241 | follows: | |
242 | ||
243 | 1. Suppose your configuration file is called /opt/exim/configure, and you want | |
244 | to continue with this name after upgrading. The first thing to do is to make | |
245 | another copy of this file called, say, /opt/exim/configure.pre-3.00. | |
246 | ||
247 | 2. Rebuild your existing Exim to use the copy of the configuration file instead | |
248 | of the standard file. Install this version of Exim under a special name such | |
249 | as exim-2.12, and point a symbolic link called "exim" at it. Then HUP your | |
250 | daemon. You can check on the name of the configuration file by running | |
251 | ||
252 | exim -bP configure_file | |
253 | ||
254 | Ensure that everything is running smoothly. | |
255 | ||
256 | 3. Build the new release, configured to use the standard configuration file. | |
257 | ||
258 | 4. Use the convert4r3 utility to upgrade your configuration file for the new | |
259 | release. After running it, check the file by hand. | |
260 | ||
261 | 5. If any of the options that convert4r3 rewrote contained regular expressions | |
262 | that had backslashes in them, and were not previously in quotes, they will | |
263 | need modification if convert4r3 has put them into quotes. Either re-arrange | |
264 | the option to remove the quoting, or escape each backslash. For example, if | |
265 | you had | |
266 | ||
267 | sender_reject_recipients = ^\d{8}@ | |
268 | sender_reject_except = ^\d{8}@x.y.z | |
269 | ||
270 | convert4r3 will have combined the two settings into | |
271 | ||
272 | sender_reject_recipients = "! ^\d{8}@x.y.z : \ | |
273 | ^\d{8}@" | |
274 | ||
275 | This must be changed to | |
276 | ||
277 | sender_reject_recipients = ! ^\d{8}@x.y.z : ^\d{8}@ | |
278 | or | |
279 | sender_reject_recipients = "! ^\\d{8}@x.y.z : ^\\d{8}@" | |
280 | ||
281 | In the second case, the quoted string could of course still be split | |
282 | over several lines. | |
283 | ||
284 | 6. If your configuration refers to any external lists of networks, check them | |
285 | to ensure that all the masks are in the single-number form, because Exim no | |
286 | longer recognizes the dotted quad form of mask. For example, if an item in | |
287 | a netlist file is | |
288 | ||
289 | 131.111.8.0/255.255.255.0 | |
290 | ||
291 | you must change it to | |
292 | ||
293 | 131.111.8.0/24 | |
294 | ||
295 | Otherwise Exim will not recognize it as a masked IP address, and will treat | |
296 | it as a host name. The convert4r3 utility makes this conversion for networks | |
297 | that are mentioned inline in the configuration, but it does not handle | |
298 | referenced files. | |
299 | ||
300 | 7. Check the newly-built Exim as much as possible without installing; you can, | |
301 | for example, use a command such as | |
302 | ||
303 | ./exim -bV | |
304 | ||
305 | in the build directory to test that it successfully reads the new | |
306 | configuration file. You can also do tests using -bt and -bh. | |
307 | ||
308 | 8. Install the new release under a special name such as exim-3.00. | |
309 | ||
310 | 9. You can then easily change between the new and old releases simply by moving | |
311 | the symbolic link and HUPping your daemon. | |
312 | ||
313 | ||
314 | Details of syntax changes at 3.00 | |
315 | ================================= | |
316 | ||
317 | 1. A bare file name without a preceding search type may appear in a domain | |
318 | list; this causes each line of the file to be read and processed as if it were | |
319 | an item in the list, except that it cannot itself be a bare file name (that is, | |
320 | this facility cannot be used recursively). Wild cards and regular expressions | |
321 | may be used in the lines of the file just as in the main list. | |
322 | For example, if | |
323 | ||
324 | local_domains = /etc/local-domains | |
325 | ||
326 | then the file could contain lines like | |
327 | ||
328 | *.mydomain.com | |
329 | ||
330 | This is different to an lsearch file, which operates like any other lookup type | |
331 | and does an exact search for the key. If a # character appears anywhere in a | |
332 | line of the file, it and all following characters are ignored. Blank lines are | |
333 | also ignored. | |
334 | ||
335 | 2. Any item in a domain list (including a bare file name) can be preceded by an | |
336 | exclamation mark character, to indicate negation. White space after the ! is | |
337 | ignored. If the domain matches the rest of the item, it is *not* in the set of | |
338 | domains that the option is defining. If the end of the list is reached, the | |
339 | domain is accepted if the last item was a negative one, but not if it was a | |
340 | positive one. If ! precedes a bare file name, then all items in the file are | |
341 | negated, unless they are preceded by another exclamation mark. For example: | |
342 | ||
343 | relay_domains = !a.b.c : *.b.c | |
344 | ||
345 | sets up a.b.c as an exception to the more general item *.b.c, because lists are | |
346 | processed from left to right. If the domain that is being checked matches | |
347 | neither a.b.c nor *.b.c, then it is not accepted as a relay domain, because the | |
348 | last item in the list is a positive item. However, if the option were just | |
349 | ||
350 | relay_domains = !a.b.c | |
351 | ||
352 | then all domains other than a.b.c would be relay domains, because the last item | |
353 | in the list is a negative item. In effect, a list that ends with a negative | |
354 | item has ": *" appended to it. | |
355 | ||
356 | 3. Negation and bare file names are available as above in lists of local parts | |
357 | (e.g. in local_parts options) and complete addresses (address lists). For the | |
358 | special "@@" lookup form in address lists, negation also can be used in the | |
359 | list of local parts that is looked up for the domain. For example, with | |
360 | ||
361 | sender_reject_recipients = @@dbm;/etc/reject-by-domain | |
362 | ||
363 | the file could contain lines like this: | |
364 | ||
365 | baddomain.com: !postmaster : !hostmaster : * | |
366 | ||
367 | If a local part that actually begins with ! is required, it has to be specified | |
368 | using a regular expression. Because local parts may legitimately contain # | |
369 | characters, a comment in the file is recognized only if # is followed by white | |
370 | space or the end of the line. | |
371 | ||
372 | 4. Host lists may now contain network items, as in the former net list options, | |
373 | which have all been abolished. The only form of network masking is the /n | |
374 | variety. Negation and bare file names can appear in host lists, and there is a | |
375 | new type of item which allows masked network numbers to be used as keys in | |
376 | lookups, thus making it possible to used DBM files for faster checking when the | |
377 | list of networks is large. | |
378 | ||
379 | The complete list of types of item which can now appear in a host list is: | |
380 | ||
381 | . An item may be a bare file name; each line of the file may take the form of | |
382 | any of the items below, but it may not itself be another bare file name. If | |
383 | the file name is preceded by ! then all items in the file are negated, unless | |
384 | they are preceded by another exclamation mark. Comments in the file are | |
385 | introduced by # and blank lines are ignored. | |
386 | ||
387 | . If the entire item is "*" it matches any host. | |
388 | ||
389 | . If the item is in the form of an IP address, it is matched against the IP | |
390 | address of the incoming call. | |
391 | ||
392 | . If the item is in the form of an IP address followed by a slash and a mask | |
393 | length (e.g. 131.111.0.0/16) then it is matched against the IP address of the | |
394 | incoming call, subject to the mask. | |
395 | ||
396 | . If the item is of the form "net<number>-<search-type>;<search-data>", for | |
397 | example: | |
398 | ||
399 | net24-dbm;/networks.db | |
400 | ||
401 | then the IP address of the incoming call is masked using <number> as the mask | |
402 | length; a textual string is then constructed from the masked value, followed | |
403 | by the mask, and this is then used as the key for the lookup. For example, if | |
404 | the incoming IP address is 192.152.34.6 then the key that is looked up for | |
405 | the above example is "192.152.34.0/24". | |
406 | ||
407 | . If the entire item is "@" the primary host name is used as the the match | |
408 | item, and the following applies: | |
409 | ||
410 | . If the item is a plain domain name, then a forward DNS lookup is done on that | |
411 | name to find its IP address(es), and the result is compared with the IP | |
412 | address of the incoming call. | |
413 | ||
414 | The remaining items require the host name to be obtained by a reverse DNS | |
415 | lookup. If the lookup fails, Exim takes a hard line by default and access is | |
416 | not permitted. If the list is an "accept" list, Exim behaves as if the current | |
417 | host is not in the set defined by the list, whereas if it is a "reject" list, | |
418 | it behaves as if it is. | |
419 | ||
420 | To change this behaviour, the special item "+allow_unknown" may appear in the | |
421 | list (at top level - it is not recognized in an indirected file); if any | |
422 | subsequent items require a host name, and the reverse DNS lookup fails, Exim | |
423 | permits the access, that is, its behaviour is the opposite to the default. | |
424 | ||
425 | . If the item starts with "*" then the remainder of the item must match the end | |
426 | of the host name. For example, *.b.c matches all hosts whose names end in | |
427 | .b.c. This special simple form is provided because this is a very common | |
428 | requirement. Other kinds of wildcarding require the use of a regular | |
429 | expression. | |
430 | ||
431 | . If the item starts with "^" then it is taken to be a regular expression which | |
432 | is matched against the host name. For example, ^(a|b)\.c\.d$ matches either | |
433 | of the two hosts a.c.d or b.c.d. If the option string in which this occurs is | |
434 | given in quotes, then the backslash characters must be doubled, because they | |
435 | are significant in quoted strings. The following two settings are exactly | |
436 | equivalent: | |
437 | ||
438 | host_accept = ^(a|b)\.c\.d$ | |
439 | host_accept = "^(a|b)\\.c\\.d$" | |
440 | ||
441 | . If the item is of the form <search-type>;<filename or query>, for example | |
442 | ||
443 | dbm;/host/accept/list | |
444 | ||
445 | then the host name is looked up using the search type and file name or query | |
446 | (as appropriate). The actual data that is looked up is not used. | |
447 | ||
448 | 5. Early versions of Exim required commas and semicolons to terminate option | |
449 | settings in drivers. This hasn't been the case for quite some time. The code to | |
450 | handle them has now been removed. | |
451 | ||
452 | ||
453 | Details of option changes at 3.00 | |
454 | ================================= | |
455 | ||
456 | Main options | |
457 | ------------ | |
458 | ||
459 | * address_directory_transport, address_directory2_transport, | |
460 | address_file_transport, address_pipe_transport, and address_reply_transport | |
461 | have been abolished as obsolete. The aliasfile and forwardfile directors | |
462 | have been able for some time to set the transports they want to use for | |
463 | these special kinds of delivery; there seems little need for global | |
464 | defaults. The default configuration has been altered to add settings for | |
465 | file_transport and pipe_transport to the aliasfile and forwardfile | |
466 | directors, and to add reply_transport to forwardfile. | |
467 | ||
468 | * check_dns_names, a deprecated synonym for dns_check_names, has been | |
469 | abolished. | |
470 | ||
471 | * helo_accept_junk_nets is abolished; nets can now appear in | |
472 | helo_accept_junk_hosts. | |
473 | ||
474 | * helo_verify_except_hosts and helo_verify_except_nets have been abolished, | |
475 | and helo_verify has been changed from a boolean to a host list, listing | |
476 | those hosts for which HELO verification is required. | |
477 | ||
478 | * the obsolete option helo_verify_nets (a synonym for host_lookup_nets) has | |
479 | been abolished. Note that host_lookup_nets itself has been replaced by | |
480 | host_lookup. | |
481 | ||
482 | * hold_domains_except has been abolished. Use negated items in hold_domains. | |
483 | ||
484 | * host_lookup_nets has been replaced by host_lookup, which can contain hosts | |
485 | and nets. | |
486 | ||
487 | * ignore_fromline_nets has been replaced by ignore_fromline_hosts. | |
488 | ||
489 | * If message_filter is set and the filter generates any deliveries to files, | |
490 | pipes, or any autoreplies, then the appropriate message_filter_*_transport | |
491 | options must be set to define the transports, following the abolition of | |
492 | the global defaults (see above). | |
493 | ||
494 | * queue_remote and queue_remote_except have been abolished and replaced by | |
495 | queue_remote_domains, which lists those domains that should be queued. The | |
496 | effect of queue_remote=true is now obtained by queue_remote_domains=*. | |
497 | ||
498 | * queue_smtp and queue_smtp_except have been abolished and replaced by | |
499 | queue_smtp_domains, which lists those domains that should be queued after | |
500 | routing. The effect of queue_smtp=true is now obtained by | |
501 | queue_smtp_domains=*. | |
502 | ||
503 | * rbl_except_nets has been abolished and replaced by rbl_hosts, which can | |
504 | contain hosts and nets. This defaults to "*" and defines the set of hosts | |
505 | for which RBL checking is done. | |
506 | ||
507 | * receiver_unqualified_nets is abolished; nets can now appear in | |
508 | receiver_unqualified_hosts. | |
509 | ||
510 | * receiver_verify_except_hosts and receiver_verify_except_nets have been | |
511 | abolished and replaced by receiver_verify_hosts, which defaults to "*". | |
512 | This is used, however, only when receiver_verify is set - together with the | |
513 | other conditions (receiver_verify_addresses, receiver_verify_senders). | |
514 | ||
515 | * receiver_verify_senders_except has been abolished; the functionality is now | |
516 | available by using negation in receiver_verify_senders. | |
517 | ||
518 | * rfc1413_except_hosts and rfc1413_except_nets have been abolished, and | |
519 | replaced by rfc1413_hosts, which defaults to "*". | |
520 | ||
521 | * sender_accept, sender_accept_recipients and sender_reject_except have | |
522 | been abolished; the functionality is now available via sender_reject and | |
523 | sender_reject_recipients. | |
524 | ||
525 | * sender_host_accept, sender_net_accept, sender_host_reject, | |
526 | sender_net_reject, sender_host_reject_except, sender_net_reject_except, | |
527 | sender_host_reject_recipients and sender_net_reject_recipients | |
528 | have all been abolished, and replaced by the options host_reject and | |
529 | host_reject_recipients. | |
530 | ||
531 | * sender_host_accept_relay, sender_net_accept_relay, | |
532 | sender_host_reject_relay, sender_host_reject_relay_except, | |
533 | sender_net_reject_relay, and sender_net_reject_relay_except are abolished, | |
534 | and replaced by host_accept_relay. This defaults unset, and this means that | |
535 | all relaying is now by default locked out in the Exim binary. Previously, | |
536 | if no relaying options were set, relaying was permitted. | |
537 | ||
538 | * sender_unqualified_nets has been abolished; nets can now appear in | |
539 | sender_unqualified_hosts. | |
540 | ||
541 | * sender_verify_except_hosts and sender_verify_except_nets have been | |
542 | abolished and replaced by sender_verify_hosts, which defaults to "*". This | |
543 | is used, however, only when sender_verify is set (to make it similar to | |
544 | receiver_verify, even though there aren't at present any other conditions.) | |
545 | ||
546 | * sender_verify_log_details has been abolished. This was a little-used | |
547 | debugging option. | |
548 | ||
549 | * smtp_etrn_nets has been abolished; nets can now appear in smtp_etrn_hosts. | |
550 | ||
551 | * smtp_expn_nets has been abolished; nets can now appear in smtp_expn_hosts. | |
552 | ||
553 | * smtp_log_connections, a deprecated synonym for log_smtp_connections, has | |
554 | been abolished. | |
555 | ||
556 | * smtp_reserve_nets is abolished; nets can now appear in smtp_reserve_hosts. | |
557 | ||
558 | Generic director and router options | |
559 | ----------------------------------- | |
560 | ||
561 | * except_domains, except_local_parts, and except_senders have been abolished. | |
562 | Use negated items in domains, local_parts, and senders instead, for | |
563 | example, replace | |
564 | ||
565 | except_domains = a.b.c | |
566 | ||
567 | with | |
568 | ||
569 | domains = !a.b.c | |
570 | ||
571 | If you already have a domains setting, add any negative items to the front | |
572 | of it. | |
573 | ||
574 | The aliasfile director | |
575 | ---------------------- | |
576 | ||
577 | * The option "directory", an obsolete synonym for home_directory, has been | |
578 | abolished. | |
579 | ||
580 | The forwardfile director | |
581 | ------------------------ | |
582 | ||
583 | * The option "directory", an obsolete synonym for file_directory, has been | |
584 | abolished. | |
585 | ||
586 | * The option forbid_filter_log, an obsolete synonym for | |
587 | forbid_filter_logwrite, has been abolished. | |
588 | ||
589 | The localuser director | |
590 | ---------------------- | |
591 | ||
592 | * The option "directory", an obsolete synonym for match_directory, has been | |
593 | abolished. | |
594 | ||
595 | The lookuphost router | |
596 | --------------------- | |
597 | ||
598 | * mx_domains_except and its obsolete old name non_mx_domains have been | |
599 | abolished. Use negated items in mx_domains. | |
600 | ||
601 | The pipe transport | |
602 | ------------------ | |
603 | ||
604 | * The option "directory", an obsolete synonym for home_directory, has been | |
605 | abolished. | |
606 | ||
607 | The smtp transport | |
608 | ------------------ | |
609 | ||
610 | * mx_domains_except and its obsolete old name non_mx_domains have been | |
611 | abolished. Use negated items in mx_domains. | |
612 | ||
613 | * serialize_nets has been abolished; nets may now appear in serialize_hosts. | |
614 | ||
615 | ||
616 | Other items relevant to upgrading from Exim 2.12 | |
617 | ================================================ | |
618 | ||
619 | 1. RFC 2505 (Anti-Spam Recommendations for SMTP MTAs) recommends that the | |
620 | checking of addresses for spam blocks should be done entirely caselessly. | |
621 | Previously, although Exim retained the case of the local part, in accordance | |
622 | with the RFC 821 rule that local parts are case sensitive, some of the string | |
623 | comparisons were nevertheless done caselessly, but file lookups used the | |
624 | unmodified address. | |
625 | ||
626 | The way addresses are compared with options whose values are address lists has | |
627 | been changed. At the start of the comparison, both the local part and the | |
628 | domain are now forced to lower case, and any comparisons that are done with | |
629 | in-line strings are done caselessly. For example, | |
630 | ||
631 | sender_reject = A@b.c | |
632 | ||
633 | rejects both A@b.c and a@b.c. Any lookups that occur use lowercased strings as | |
634 | their keys. If the @@ lookup facility is used, the lookup is done on the lower | |
635 | cased domain name, but any subsequent string comparisons on local parts are | |
636 | done caselessly. | |
637 | ||
638 | To retain possibility of caseful matching, the pseudo-item "+caseful" can | |
639 | appear in an address list. It causes any subsequent items to do caseful matches | |
640 | on local parts. The domain, however, remains lower cased. | |
641 | ||
642 | 2. The handling of incoming batched SMTP has been re-worked so as to behave in | |
643 | a more useful way in cases of error: | |
644 | ||
645 | (i) The option sender_verify_batch now defaults false. | |
646 | (ii) EOF is no longer interpreted as end-of-message; the "." line must be | |
647 | present. | |
648 | (iii) Exim stops immediately in cases of error, writing information to stdout | |
649 | and stderr, and setting the return code to 1 if some messages have been | |
650 | accepted, and 2 otherwise. | |
651 | ||
652 | 3. The first message delivered by -R, and all messages delivered by -Rf and -qf | |
653 | are "forced" in the sense that retry information is over-ridden. Previously, | |
654 | Exim also forcibly thawed any of these messages that was frozen. This no longer | |
655 | happens. Additional options -Rff and -qff have been implemented to force | |
656 | thawing as well as delivery. | |
657 | ||
658 | 4. When recipients are being rejected because the sending host is in an RBL | |
659 | list, Exim used just to show the RBL text, if any, as part of the rejection | |
660 | response. Now, if prohibition_message is set, it expands that string instead, | |
661 | with the RBL message available in $rbl_text, and $prohibition_reason set to | |
662 | "rbl_reject". | |
663 | ||
664 | 5. When a trusted caller passed a message to Exim, it used to check the From: | |
665 | header against the caller's login (even though the caller was trusted) unless | |
666 | the -f option had been used to supply a different sender. This has been changed | |
667 | so that From: is never checked if the caller is trusted. | |
668 | ||
669 | Philip Hazel | |
670 | May 1999 | |
671 |