Commit | Line | Data |
---|---|---|
495ae4b0 PH |
1 | $Cambridge: exim/doc/doc-txt/Exim3.upgrade,v 1.1 2004/10/07 15:04:35 ph10 Exp $ |
2 | ||
3 | This document contains information about upgrading Exim to the last of the 3.xx | |
4 | releases. It is provided to help anybody who is upgrading to release 4.xx from | |
5 | a release that is earlier than 3.33. It goes back as far as release 2.12. If | |
6 | you are upgrading to release 4.xx from an even earlier release, it is probably | |
7 | best to start again from the default configuration. | |
8 | ||
9 | ||
10 | Upgrading from release 3.16 | |
11 | --------------------------- | |
12 | ||
13 | 1. The way LDAP returns values for multiple attributes has been changed to be | |
14 | the same as the NIS+ lookup. | |
15 | ||
16 | If you specify multiple attributes, they are returned as space-separated | |
17 | strings, quoted if necessary. | |
18 | ||
19 | e.g. ldap:///o=base?attr1,attr2?sub?(uid=fred) | |
20 | ||
21 | used to give: attr1=value one, attr2=value2 | |
22 | now gives: attr1="value one" attr2=value2 | |
23 | ||
24 | If you don't specify any attributes in the search, you now get them in | |
25 | the tagged format as well. | |
26 | ||
27 | e.g. ldap:///o=base??sub?(uid=fred) | |
28 | ||
29 | used to give: top, value one, value2 | |
30 | now gives: objectClass=top attr1="value one" attr2=value2 | |
31 | ||
32 | The reason for these changes is so that the results can be safely parsed - | |
33 | in fact, the existing ${extract{key}{val}} function does this nicely. | |
34 | This in turn allows a single LDAP query to be reused - one query can return | |
35 | the destination delivery address, the quota, and so forth. | |
36 | ||
37 | This is NOT a backwards compatible change, so there is a compile-time option | |
38 | to reverse it in the src/lookups/ldap.c module, for use in emergency. But it is | |
39 | not thought that the old behaviour was particularly useful as it stood, because | |
40 | a field that contained ',' or '=' would make the result unparseable. | |
41 | ||
42 | In the common case where you explicitly ask for a single attribute in your | |
43 | LDAP query, the behaviour is unchanged - the result is not quoted, and if there | |
44 | are multiple values they are comma-separated. | |
45 | ||
46 | 2. The hosts_max_try option in the smtp transport limits the number of IP | |
47 | addresses that will actually be tried during one delivery attempt. The default | |
48 | is 5. Previously, all available addresses were tried. | |
49 | ||
50 | 3. The extension of the "extract" expansion item has resulted in a change to | |
51 | the way Exim decides between the keyed form and the numeric form. If the first | |
52 | argument consists entirely of digits, the numeric form is assumed. This means | |
53 | that it is impossible to have keys that are digit strings, without manipulating | |
54 | the data first (e.g. by using ${sg} to add a letter to each key). | |
55 | ||
56 | ||
57 | Upgrading from release 3.15 | |
58 | --------------------------- | |
59 | ||
60 | 1. The handling of "freeze" and "fail" in system filter files has changed. | |
61 | Previously, any deliveries set up by a filter that ended with "freeze" or | |
62 | "fail" were discarded. This no longer happens; such deliveries are honoured. | |
63 | A consequence of this is that first_delivery becomes false after freezing in a | |
64 | system filter; previously it remained true until a real delivery attempt | |
65 | happened. | |
66 | ||
67 | ||
68 | Upgrading from release 3.13 | |
69 | --------------------------- | |
70 | ||
71 | 1. The handling of maildir_tag has been changed (see NewStuff). There are two | |
72 | small incompatibilities: (a) Exim now inserts a leading colon only if the | |
73 | string begins with an alphanumeric character. So if you were using a string | |
74 | starting with a special character, you will have to add the leading colon to | |
75 | it to remain compatible. (b) The expansion of maildir_tag now happens after the | |
76 | file has been written, and $message_size is updated to the correct file size | |
77 | before the expansion. The tag is not used on the temporary file (it was | |
78 | previously). | |
79 | ||
80 | 2. The handling of Exim's configuration has changed in two ways: | |
81 | ||
82 | (a) Any line may be continued by ending it with a backslash. Trailing white | |
83 | space after the backslash, and leading white space on continuation lines is | |
84 | ignored. This means that quotes are no longer needed just to make it possible | |
85 | to continue an option setting. The difference between quoted and non-quoted | |
86 | strings is that quoted strings are processed for internal backslashed items | |
87 | such as \n. The only possible incompatibility of this change is if any | |
88 | existing configuration has a non-quoted line ended in backslash, which seems | |
89 | a very remote possibility. | |
90 | ||
91 | (b) All lists, with the exception of log_file_path, can now use a different | |
92 | character to colon as the separator. This is specified by starting the list | |
93 | with <x where x is any punctuation character. For example: | |
94 | ||
95 | local_interfaces = <; 127.0.0.1 ; ::1 | |
96 | ||
97 | The new feature is provided to make life easier with IPv6 addresses. It is | |
98 | recommended that its use be confined to circumstances where it really is | |
99 | needed, and that colon be used in most cases. I don't believe this change | |
100 | is incompatible, because I don't think any list item can legitimately begin | |
101 | with a '<' character. | |
102 | ||
103 | 3. Previously, Exim took no action to ensure that the timestamps in its log | |
104 | files were "wall clock time". If the TZ environment variable was set when Exim | |
105 | was called, it could cause strange times to be logged. For the majority of | |
106 | operating systems, I have been able to fix this problem by deleting the entire | |
107 | environment. However, this doesn't work in some systems, and a macro called | |
108 | HANDS_OFF_ENVIRONMENT is defined in their OS/os.h files to suppress the action. | |
109 | These OS are: AIX, DGUX, HP-UX, IRIX, and SCO, and their behaviour should be | |
110 | unchanged from previous releases. On any other OS, if you find you are getting | |
111 | weird timestamps, it may be that your OS needs HANDS_OFF_ENVIRONMENT. | |
112 | ||
113 | 4. As a result of the change described in 3, there may be some cases where Exim | |
114 | runs an external program that previously got passed the environment, and now do | |
115 | not. This does *not* apply to the pipe transport, where the environment has | |
116 | always been set up specifically, as described in the manual. | |
117 | ||
118 | 5. The way in which Exim scans its queue when split_spool_directory is set has | |
119 | changed, but this shouldn't make any noticeable difference. See doc/NewStuff | |
120 | for defails. | |
121 | ||
122 | ||
123 | Upgrading from release 3.03 | |
124 | --------------------------- | |
125 | ||
126 | The from_hack option in the appendfile and pipe transports has been replace by | |
127 | two string options, check_string and escape_string. If your configuration | |
128 | contains any references to from_hack they should be replaced. Exim continues to | |
129 | recognize from_hack as a transitional measure. If no_from_hack is specified in | |
130 | an appendfile transport, the two new options are forced to be unset. Otherwise | |
131 | the setting of from_hack is ignored. | |
132 | ||
133 | ||
134 | Upgrading from release 3.02 | |
135 | --------------------------- | |
136 | ||
137 | The exim_dbmbuild utility has been changed to write a warning to stderr on | |
138 | encountering a duplicate key, and to return a value of 1. Formerly, it ignored | |
139 | all but the last of a set of duplicates; now it ignores all but the first, to | |
140 | make dbm-searched files behave the same way as lsearch-searched files. However, | |
141 | there is an option -lastdup which makes it behave as before. The -nowarn option | |
142 | suppresses the individual warnings, but the number of duplicates is always | |
143 | listed on stdout at the end. | |
144 | ||
145 | ||
146 | Updating from a release prior to 3.00 | |
147 | ------------------------------------- | |
148 | ||
149 | Prior to release 3.00 a lot of options which contained lists of various kinds | |
150 | came in groups such as sender_accept, sender_reject, sender_reject_except. This | |
151 | style of configuration has been abolished. Instead, it is now possible to put | |
152 | negative entries in such lists, so that a single option is all that is | |
153 | required. In addition to this, net lists have been abolished, and instead, | |
154 | host lists can now contain items that specify networks as well as hosts. The | |
155 | names of some of these options have also been changed. | |
156 | ||
157 | As a result of these changes, most configuration files used for earlier | |
158 | versions of Exim need to be changed. The opportunity has therefore been taken | |
159 | to remove a number of other obsolete features and options. | |
160 | ||
161 | A Perl script is built in the file util/convert4r3 to assist in updating Exim | |
162 | configuration files. It reads a configuration file on the standard input, | |
163 | writes a modified file on the standard output, and writes comments about what | |
164 | it has done to the standard error file. It assumes that the input is a valid | |
165 | Exim configuration file. A typical call to the conversion script might be | |
166 | ||
167 | util/convert4r3 </opt/exim/configure >/opt/exim/configure.new | |
168 | ||
169 | The way the script merges an accept/reject/reject_except triple into a single | |
170 | accept option is to put the reject_except list first, followed by the reject | |
171 | list with every item negated, followed by the accept list. For example, if an | |
172 | old configuration file contains | |
173 | ||
174 | sender_host_accept_relay = *.c.d : e.f.g | |
175 | sender_host_reject_relay = *.b.c.d | |
176 | sender_host_reject_relay_except = a.b.c.d | |
177 | ||
178 | the new configuration will contain | |
179 | ||
180 | host_accept_relay = a.b.c.d : ! *.b.c.d : *.c.d : e.f.g | |
181 | ||
182 | The same ordering is used to merge a triple into a reject option, but this time | |
183 | the first and third sublists are negated. For example, if an old configuration | |
184 | file contains | |
185 | ||
186 | sender_host_accept = *.c.d : e.f.g | |
187 | sender_host_reject = *.b.c.d | |
188 | sender_host_reject_except = a.b.c.d | |
189 | ||
190 | the new configuration file will contain | |
191 | ||
192 | host_reject = ! a.b.c.d : *.b.c.d : ! *.c.d : ! e.f.g : * | |
193 | ||
194 | The output file should be checked before trying to use it. Each option change | |
195 | is preceded by an identifying comment. There are several specific things that | |
196 | you should look out for when checking: | |
197 | ||
198 | (1) If you are using macros to contain lists of items, and these have to be | |
199 | negated in the new world, convert4r3 won't get it right. For example, if | |
200 | the old configuration contains | |
201 | ||
202 | ACCEPTHOSTS = *.c.d : e.f.g | |
203 | sender_host_reject = ACCEPTHOSTS | |
204 | ||
205 | then the rewritten configuration will be | |
206 | ||
207 | ACCEPTHOSTS = *.c.d : e.f.g | |
208 | host_reject = !ACCEPTHOSTS | |
209 | ||
210 | but because this is just textual macro handling, that is equivalent to | |
211 | ||
212 | host_reject = !*.c.d : e.f.g | |
213 | ||
214 | which is not the correct translation, because the second item is not | |
215 | negated. There is unfortunately no easy way to use a macro to provide a | |
216 | list of things that are sometimes negated. | |
217 | ||
218 | (2) The conversion adds some settings of file_transport, pipe_transport, and | |
219 | reply_transport to aliasfile and forwardfile directors. This is done | |
220 | because the global implicit defaults for these options have been removed. | |
221 | The default configuration now contains explicit settings, so convert4r3 | |
222 | makes these additions to be compatible with that. If your aliasfile and | |
223 | forwardfile directors do not make use of the pipe, file, or autoreply | |
224 | facilities, you can remove these new settings. | |
225 | ||
226 | (3) If you are using +allow_unknown in a host list which also has an exception | |
227 | list, you may need to move +allow_unknown in the new configuration. For | |
228 | example, if the old configuration contains | |
229 | ||
230 | sender_host_reject = +allow_unknown : *.b.c | |
231 | sender_host_reject_except = *.a.b.c | |
232 | ||
233 | then the rewritten configuration will be | |
234 | ||
235 | host_reject = ! *.a.b.c : +allow_unknown : *.b.c | |
236 | ||
237 | Because the negated item contains a wild card, the reverse lookup for the | |
238 | host name will occur before +allow_unknown is encountered, and therefore | |
239 | +allow_unknown will have no effect. It should be moved to the start of the | |
240 | list. | |
241 | ||
242 | One way of upgrading Exim from a pre-3.00 release to a post-3.00 release is as | |
243 | follows: | |
244 | ||
245 | 1. Suppose your configuration file is called /opt/exim/configure, and you want | |
246 | to continue with this name after upgrading. The first thing to do is to make | |
247 | another copy of this file called, say, /opt/exim/configure.pre-3.00. | |
248 | ||
249 | 2. Rebuild your existing Exim to use the copy of the configuration file instead | |
250 | of the standard file. Install this version of Exim under a special name such | |
251 | as exim-2.12, and point a symbolic link called "exim" at it. Then HUP your | |
252 | daemon. You can check on the name of the configuration file by running | |
253 | ||
254 | exim -bP configure_file | |
255 | ||
256 | Ensure that everything is running smoothly. | |
257 | ||
258 | 3. Build the new release, configured to use the standard configuration file. | |
259 | ||
260 | 4. Use the convert4r3 utility to upgrade your configuration file for the new | |
261 | release. After running it, check the file by hand. | |
262 | ||
263 | 5. If any of the options that convert4r3 rewrote contained regular expressions | |
264 | that had backslashes in them, and were not previously in quotes, they will | |
265 | need modification if convert4r3 has put them into quotes. Either re-arrange | |
266 | the option to remove the quoting, or escape each backslash. For example, if | |
267 | you had | |
268 | ||
269 | sender_reject_recipients = ^\d{8}@ | |
270 | sender_reject_except = ^\d{8}@x.y.z | |
271 | ||
272 | convert4r3 will have combined the two settings into | |
273 | ||
274 | sender_reject_recipients = "! ^\d{8}@x.y.z : \ | |
275 | ^\d{8}@" | |
276 | ||
277 | This must be changed to | |
278 | ||
279 | sender_reject_recipients = ! ^\d{8}@x.y.z : ^\d{8}@ | |
280 | or | |
281 | sender_reject_recipients = "! ^\\d{8}@x.y.z : ^\\d{8}@" | |
282 | ||
283 | In the second case, the quoted string could of course still be split | |
284 | over several lines. | |
285 | ||
286 | 6. If your configuration refers to any external lists of networks, check them | |
287 | to ensure that all the masks are in the single-number form, because Exim no | |
288 | longer recognizes the dotted quad form of mask. For example, if an item in | |
289 | a netlist file is | |
290 | ||
291 | 131.111.8.0/255.255.255.0 | |
292 | ||
293 | you must change it to | |
294 | ||
295 | 131.111.8.0/24 | |
296 | ||
297 | Otherwise Exim will not recognize it as a masked IP address, and will treat | |
298 | it as a host name. The convert4r3 utility makes this conversion for networks | |
299 | that are mentioned inline in the configuration, but it does not handle | |
300 | referenced files. | |
301 | ||
302 | 7. Check the newly-built Exim as much as possible without installing; you can, | |
303 | for example, use a command such as | |
304 | ||
305 | ./exim -bV | |
306 | ||
307 | in the build directory to test that it successfully reads the new | |
308 | configuration file. You can also do tests using -bt and -bh. | |
309 | ||
310 | 8. Install the new release under a special name such as exim-3.00. | |
311 | ||
312 | 9. You can then easily change between the new and old releases simply by moving | |
313 | the symbolic link and HUPping your daemon. | |
314 | ||
315 | ||
316 | Details of syntax changes at 3.00 | |
317 | ================================= | |
318 | ||
319 | 1. A bare file name without a preceding search type may appear in a domain | |
320 | list; this causes each line of the file to be read and processed as if it were | |
321 | an item in the list, except that it cannot itself be a bare file name (that is, | |
322 | this facility cannot be used recursively). Wild cards and regular expressions | |
323 | may be used in the lines of the file just as in the main list. | |
324 | For example, if | |
325 | ||
326 | local_domains = /etc/local-domains | |
327 | ||
328 | then the file could contain lines like | |
329 | ||
330 | *.mydomain.com | |
331 | ||
332 | This is different to an lsearch file, which operates like any other lookup type | |
333 | and does an exact search for the key. If a # character appears anywhere in a | |
334 | line of the file, it and all following characters are ignored. Blank lines are | |
335 | also ignored. | |
336 | ||
337 | 2. Any item in a domain list (including a bare file name) can be preceded by an | |
338 | exclamation mark character, to indicate negation. White space after the ! is | |
339 | ignored. If the domain matches the rest of the item, it is *not* in the set of | |
340 | domains that the option is defining. If the end of the list is reached, the | |
341 | domain is accepted if the last item was a negative one, but not if it was a | |
342 | positive one. If ! precedes a bare file name, then all items in the file are | |
343 | negated, unless they are preceded by another exclamation mark. For example: | |
344 | ||
345 | relay_domains = !a.b.c : *.b.c | |
346 | ||
347 | sets up a.b.c as an exception to the more general item *.b.c, because lists are | |
348 | processed from left to right. If the domain that is being checked matches | |
349 | neither a.b.c nor *.b.c, then it is not accepted as a relay domain, because the | |
350 | last item in the list is a positive item. However, if the option were just | |
351 | ||
352 | relay_domains = !a.b.c | |
353 | ||
354 | then all domains other than a.b.c would be relay domains, because the last item | |
355 | in the list is a negative item. In effect, a list that ends with a negative | |
356 | item has ": *" appended to it. | |
357 | ||
358 | 3. Negation and bare file names are available as above in lists of local parts | |
359 | (e.g. in local_parts options) and complete addresses (address lists). For the | |
360 | special "@@" lookup form in address lists, negation also can be used in the | |
361 | list of local parts that is looked up for the domain. For example, with | |
362 | ||
363 | sender_reject_recipients = @@dbm;/etc/reject-by-domain | |
364 | ||
365 | the file could contain lines like this: | |
366 | ||
367 | baddomain.com: !postmaster : !hostmaster : * | |
368 | ||
369 | If a local part that actually begins with ! is required, it has to be specified | |
370 | using a regular expression. Because local parts may legitimately contain # | |
371 | characters, a comment in the file is recognized only if # is followed by white | |
372 | space or the end of the line. | |
373 | ||
374 | 4. Host lists may now contain network items, as in the former net list options, | |
375 | which have all been abolished. The only form of network masking is the /n | |
376 | variety. Negation and bare file names can appear in host lists, and there is a | |
377 | new type of item which allows masked network numbers to be used as keys in | |
378 | lookups, thus making it possible to used DBM files for faster checking when the | |
379 | list of networks is large. | |
380 | ||
381 | The complete list of types of item which can now appear in a host list is: | |
382 | ||
383 | . An item may be a bare file name; each line of the file may take the form of | |
384 | any of the items below, but it may not itself be another bare file name. If | |
385 | the file name is preceded by ! then all items in the file are negated, unless | |
386 | they are preceded by another exclamation mark. Comments in the file are | |
387 | introduced by # and blank lines are ignored. | |
388 | ||
389 | . If the entire item is "*" it matches any host. | |
390 | ||
391 | . If the item is in the form of an IP address, it is matched against the IP | |
392 | address of the incoming call. | |
393 | ||
394 | . If the item is in the form of an IP address followed by a slash and a mask | |
395 | length (e.g. 131.111.0.0/16) then it is matched against the IP address of the | |
396 | incoming call, subject to the mask. | |
397 | ||
398 | . If the item is of the form "net<number>-<search-type>;<search-data>", for | |
399 | example: | |
400 | ||
401 | net24-dbm;/networks.db | |
402 | ||
403 | then the IP address of the incoming call is masked using <number> as the mask | |
404 | length; a textual string is then constructed from the masked value, followed | |
405 | by the mask, and this is then used as the key for the lookup. For example, if | |
406 | the incoming IP address is 192.152.34.6 then the key that is looked up for | |
407 | the above example is "192.152.34.0/24". | |
408 | ||
409 | . If the entire item is "@" the primary host name is used as the the match | |
410 | item, and the following applies: | |
411 | ||
412 | . If the item is a plain domain name, then a forward DNS lookup is done on that | |
413 | name to find its IP address(es), and the result is compared with the IP | |
414 | address of the incoming call. | |
415 | ||
416 | The remaining items require the host name to be obtained by a reverse DNS | |
417 | lookup. If the lookup fails, Exim takes a hard line by default and access is | |
418 | not permitted. If the list is an "accept" list, Exim behaves as if the current | |
419 | host is not in the set defined by the list, whereas if it is a "reject" list, | |
420 | it behaves as if it is. | |
421 | ||
422 | To change this behaviour, the special item "+allow_unknown" may appear in the | |
423 | list (at top level - it is not recognized in an indirected file); if any | |
424 | subsequent items require a host name, and the reverse DNS lookup fails, Exim | |
425 | permits the access, that is, its behaviour is the opposite to the default. | |
426 | ||
427 | . If the item starts with "*" then the remainder of the item must match the end | |
428 | of the host name. For example, *.b.c matches all hosts whose names end in | |
429 | .b.c. This special simple form is provided because this is a very common | |
430 | requirement. Other kinds of wildcarding require the use of a regular | |
431 | expression. | |
432 | ||
433 | . If the item starts with "^" then it is taken to be a regular expression which | |
434 | is matched against the host name. For example, ^(a|b)\.c\.d$ matches either | |
435 | of the two hosts a.c.d or b.c.d. If the option string in which this occurs is | |
436 | given in quotes, then the backslash characters must be doubled, because they | |
437 | are significant in quoted strings. The following two settings are exactly | |
438 | equivalent: | |
439 | ||
440 | host_accept = ^(a|b)\.c\.d$ | |
441 | host_accept = "^(a|b)\\.c\\.d$" | |
442 | ||
443 | . If the item is of the form <search-type>;<filename or query>, for example | |
444 | ||
445 | dbm;/host/accept/list | |
446 | ||
447 | then the host name is looked up using the search type and file name or query | |
448 | (as appropriate). The actual data that is looked up is not used. | |
449 | ||
450 | 5. Early versions of Exim required commas and semicolons to terminate option | |
451 | settings in drivers. This hasn't been the case for quite some time. The code to | |
452 | handle them has now been removed. | |
453 | ||
454 | ||
455 | Details of option changes at 3.00 | |
456 | ================================= | |
457 | ||
458 | Main options | |
459 | ------------ | |
460 | ||
461 | * address_directory_transport, address_directory2_transport, | |
462 | address_file_transport, address_pipe_transport, and address_reply_transport | |
463 | have been abolished as obsolete. The aliasfile and forwardfile directors | |
464 | have been able for some time to set the transports they want to use for | |
465 | these special kinds of delivery; there seems little need for global | |
466 | defaults. The default configuration has been altered to add settings for | |
467 | file_transport and pipe_transport to the aliasfile and forwardfile | |
468 | directors, and to add reply_transport to forwardfile. | |
469 | ||
470 | * check_dns_names, a deprecated synonym for dns_check_names, has been | |
471 | abolished. | |
472 | ||
473 | * helo_accept_junk_nets is abolished; nets can now appear in | |
474 | helo_accept_junk_hosts. | |
475 | ||
476 | * helo_verify_except_hosts and helo_verify_except_nets have been abolished, | |
477 | and helo_verify has been changed from a boolean to a host list, listing | |
478 | those hosts for which HELO verification is required. | |
479 | ||
480 | * the obsolete option helo_verify_nets (a synonym for host_lookup_nets) has | |
481 | been abolished. Note that host_lookup_nets itself has been replaced by | |
482 | host_lookup. | |
483 | ||
484 | * hold_domains_except has been abolished. Use negated items in hold_domains. | |
485 | ||
486 | * host_lookup_nets has been replaced by host_lookup, which can contain hosts | |
487 | and nets. | |
488 | ||
489 | * ignore_fromline_nets has been replaced by ignore_fromline_hosts. | |
490 | ||
491 | * If message_filter is set and the filter generates any deliveries to files, | |
492 | pipes, or any autoreplies, then the appropriate message_filter_*_transport | |
493 | options must be set to define the transports, following the abolition of | |
494 | the global defaults (see above). | |
495 | ||
496 | * queue_remote and queue_remote_except have been abolished and replaced by | |
497 | queue_remote_domains, which lists those domains that should be queued. The | |
498 | effect of queue_remote=true is now obtained by queue_remote_domains=*. | |
499 | ||
500 | * queue_smtp and queue_smtp_except have been abolished and replaced by | |
501 | queue_smtp_domains, which lists those domains that should be queued after | |
502 | routing. The effect of queue_smtp=true is now obtained by | |
503 | queue_smtp_domains=*. | |
504 | ||
505 | * rbl_except_nets has been abolished and replaced by rbl_hosts, which can | |
506 | contain hosts and nets. This defaults to "*" and defines the set of hosts | |
507 | for which RBL checking is done. | |
508 | ||
509 | * receiver_unqualified_nets is abolished; nets can now appear in | |
510 | receiver_unqualified_hosts. | |
511 | ||
512 | * receiver_verify_except_hosts and receiver_verify_except_nets have been | |
513 | abolished and replaced by receiver_verify_hosts, which defaults to "*". | |
514 | This is used, however, only when receiver_verify is set - together with the | |
515 | other conditions (receiver_verify_addresses, receiver_verify_senders). | |
516 | ||
517 | * receiver_verify_senders_except has been abolished; the functionality is now | |
518 | available by using negation in receiver_verify_senders. | |
519 | ||
520 | * rfc1413_except_hosts and rfc1413_except_nets have been abolished, and | |
521 | replaced by rfc1413_hosts, which defaults to "*". | |
522 | ||
523 | * sender_accept, sender_accept_recipients and sender_reject_except have | |
524 | been abolished; the functionality is now available via sender_reject and | |
525 | sender_reject_recipients. | |
526 | ||
527 | * sender_host_accept, sender_net_accept, sender_host_reject, | |
528 | sender_net_reject, sender_host_reject_except, sender_net_reject_except, | |
529 | sender_host_reject_recipients and sender_net_reject_recipients | |
530 | have all been abolished, and replaced by the options host_reject and | |
531 | host_reject_recipients. | |
532 | ||
533 | * sender_host_accept_relay, sender_net_accept_relay, | |
534 | sender_host_reject_relay, sender_host_reject_relay_except, | |
535 | sender_net_reject_relay, and sender_net_reject_relay_except are abolished, | |
536 | and replaced by host_accept_relay. This defaults unset, and this means that | |
537 | all relaying is now by default locked out in the Exim binary. Previously, | |
538 | if no relaying options were set, relaying was permitted. | |
539 | ||
540 | * sender_unqualified_nets has been abolished; nets can now appear in | |
541 | sender_unqualified_hosts. | |
542 | ||
543 | * sender_verify_except_hosts and sender_verify_except_nets have been | |
544 | abolished and replaced by sender_verify_hosts, which defaults to "*". This | |
545 | is used, however, only when sender_verify is set (to make it similar to | |
546 | receiver_verify, even though there aren't at present any other conditions.) | |
547 | ||
548 | * sender_verify_log_details has been abolished. This was a little-used | |
549 | debugging option. | |
550 | ||
551 | * smtp_etrn_nets has been abolished; nets can now appear in smtp_etrn_hosts. | |
552 | ||
553 | * smtp_expn_nets has been abolished; nets can now appear in smtp_expn_hosts. | |
554 | ||
555 | * smtp_log_connections, a deprecated synonym for log_smtp_connections, has | |
556 | been abolished. | |
557 | ||
558 | * smtp_reserve_nets is abolished; nets can now appear in smtp_reserve_hosts. | |
559 | ||
560 | Generic director and router options | |
561 | ----------------------------------- | |
562 | ||
563 | * except_domains, except_local_parts, and except_senders have been abolished. | |
564 | Use negated items in domains, local_parts, and senders instead, for | |
565 | example, replace | |
566 | ||
567 | except_domains = a.b.c | |
568 | ||
569 | with | |
570 | ||
571 | domains = !a.b.c | |
572 | ||
573 | If you already have a domains setting, add any negative items to the front | |
574 | of it. | |
575 | ||
576 | The aliasfile director | |
577 | ---------------------- | |
578 | ||
579 | * The option "directory", an obsolete synonym for home_directory, has been | |
580 | abolished. | |
581 | ||
582 | The forwardfile director | |
583 | ------------------------ | |
584 | ||
585 | * The option "directory", an obsolete synonym for file_directory, has been | |
586 | abolished. | |
587 | ||
588 | * The option forbid_filter_log, an obsolete synonym for | |
589 | forbid_filter_logwrite, has been abolished. | |
590 | ||
591 | The localuser director | |
592 | ---------------------- | |
593 | ||
594 | * The option "directory", an obsolete synonym for match_directory, has been | |
595 | abolished. | |
596 | ||
597 | The lookuphost router | |
598 | --------------------- | |
599 | ||
600 | * mx_domains_except and its obsolete old name non_mx_domains have been | |
601 | abolished. Use negated items in mx_domains. | |
602 | ||
603 | The pipe transport | |
604 | ------------------ | |
605 | ||
606 | * The option "directory", an obsolete synonym for home_directory, has been | |
607 | abolished. | |
608 | ||
609 | The smtp transport | |
610 | ------------------ | |
611 | ||
612 | * mx_domains_except and its obsolete old name non_mx_domains have been | |
613 | abolished. Use negated items in mx_domains. | |
614 | ||
615 | * serialize_nets has been abolished; nets may now appear in serialize_hosts. | |
616 | ||
617 | ||
618 | Other items relevant to upgrading from Exim 2.12 | |
619 | ================================================ | |
620 | ||
621 | 1. RFC 2505 (Anti-Spam Recommendations for SMTP MTAs) recommends that the | |
622 | checking of addresses for spam blocks should be done entirely caselessly. | |
623 | Previously, although Exim retained the case of the local part, in accordance | |
624 | with the RFC 821 rule that local parts are case sensitive, some of the string | |
625 | comparisons were nevertheless done caselessly, but file lookups used the | |
626 | unmodified address. | |
627 | ||
628 | The way addresses are compared with options whose values are address lists has | |
629 | been changed. At the start of the comparison, both the local part and the | |
630 | domain are now forced to lower case, and any comparisons that are done with | |
631 | in-line strings are done caselessly. For example, | |
632 | ||
633 | sender_reject = A@b.c | |
634 | ||
635 | rejects both A@b.c and a@b.c. Any lookups that occur use lowercased strings as | |
636 | their keys. If the @@ lookup facility is used, the lookup is done on the lower | |
637 | cased domain name, but any subsequent string comparisons on local parts are | |
638 | done caselessly. | |
639 | ||
640 | To retain possibility of caseful matching, the pseudo-item "+caseful" can | |
641 | appear in an address list. It causes any subsequent items to do caseful matches | |
642 | on local parts. The domain, however, remains lower cased. | |
643 | ||
644 | 2. The handling of incoming batched SMTP has been re-worked so as to behave in | |
645 | a more useful way in cases of error: | |
646 | ||
647 | (i) The option sender_verify_batch now defaults false. | |
648 | (ii) EOF is no longer interpreted as end-of-message; the "." line must be | |
649 | present. | |
650 | (iii) Exim stops immediately in cases of error, writing information to stdout | |
651 | and stderr, and setting the return code to 1 if some messages have been | |
652 | accepted, and 2 otherwise. | |
653 | ||
654 | 3. The first message delivered by -R, and all messages delivered by -Rf and -qf | |
655 | are "forced" in the sense that retry information is over-ridden. Previously, | |
656 | Exim also forcibly thawed any of these messages that was frozen. This no longer | |
657 | happens. Additional options -Rff and -qff have been implemented to force | |
658 | thawing as well as delivery. | |
659 | ||
660 | 4. When recipients are being rejected because the sending host is in an RBL | |
661 | list, Exim used just to show the RBL text, if any, as part of the rejection | |
662 | response. Now, if prohibition_message is set, it expands that string instead, | |
663 | with the RBL message available in $rbl_text, and $prohibition_reason set to | |
664 | "rbl_reject". | |
665 | ||
666 | 5. When a trusted caller passed a message to Exim, it used to check the From: | |
667 | header against the caller's login (even though the caller was trusted) unless | |
668 | the -f option had been used to supply a different sender. This has been changed | |
669 | so that From: is never checked if the caller is trusted. | |
670 | ||
671 | Philip Hazel | |
672 | May 1999 | |
673 |