Commit | Line | Data |
---|---|---|
ec95d1a6 | 1 | $Cambridge: exim/doc/doc-txt/NewStuff,v 1.143 2007/02/26 14:07:04 ph10 Exp $ |
495ae4b0 PH |
2 | |
3 | New Features in Exim | |
4 | -------------------- | |
5 | ||
38a0a95f PH |
6 | This file contains descriptions of new features that have been added to Exim. |
7 | Before a formal release, there may be quite a lot of detail so that people can | |
8 | test from the snapshots or the CVS before the documentation is updated. Once | |
9 | the documentation is updated, this file is reduced to a short list. | |
10 | ||
b4ed4da0 PH |
11 | Version 4.67 |
12 | ------------ | |
13 | ||
14 | 1. There is a new log selector called smtp_no_mail, which is not included in | |
15 | the default setting. When it is set, a line is written to the main log | |
16 | whenever an accepted SMTP connection terminates without having issued a | |
17 | MAIL command. This includes both the case when the connection is dropped, | |
18 | and the case when QUIT is used. Note that it does not include cases where | |
19 | the connection is rejected right at the start (by an ACL, or because there | |
20 | are too many connections, or whatever). These cases already have their own | |
21 | log lines. | |
22 | ||
23 | The log line that is written contains the identity of the client in the | |
24 | usual way, followed by D= and a time, which records the duration of the | |
25 | connection. If the connection was authenticated, this fact is logged | |
26 | exactly as it is for an incoming message, with an A= item. If the | |
27 | connection was encrypted, CV=, DN=, and X= items may appear as they do for | |
28 | an incoming message, controlled by the same logging options. | |
29 | ||
30 | Finally, if any SMTP commands were issued during the connection, a C= item | |
31 | is added to the line, listing the commands that were used. For example, | |
32 | ||
33 | C=EHLO,QUIT | |
34 | ||
35 | shows that the client issued QUIT straight after EHLO. If there were fewer | |
36 | than 20 commands, they are all listed. If there were more than 20 commands, | |
37 | the last 20 are listed, preceded by "...". However, with the default | |
38 | setting of 10 for smtp_accep_max_nonmail, the connection will in any case | |
39 | be aborted before 20 non-mail commands are processed. | |
40 | ||
431b7361 PH |
41 | 2. When an item in a dnslists list is followed by = and & and a list of IP |
42 | addresses, in order to restrict the match to specific results from the DNS | |
43 | lookup, the behaviour was not clear when the lookup returned more than one | |
44 | IP address. For example, consider the condition | |
45 | ||
46 | dnslists = a.b.c=127.0.0.1 | |
47 | ||
48 | What happens if the DNS lookup for the incoming IP address yields both | |
49 | 127.0.0.1 and 127.0.0.2 by means of two separate DNS records? Is the | |
50 | condition true because at least one given value was found, or is it false | |
51 | because at least one of the found values was not listed? And how does this | |
52 | affect negated conditions? | |
53 | ||
54 | The behaviour of = and & has not been changed; however, the text below | |
55 | documents it more clearly. In addition, two new additional conditions (== | |
56 | and =&) have been added, to permit the "other" behaviour to be configured. | |
57 | ||
58 | A DNS lookup may yield more than one record. Thus, the result of the lookup | |
59 | for a dnslists check may yield more than one IP address. The question then | |
60 | arises as to whether all the looked up addresses must be listed, or whether | |
61 | just one is good enough. Both possibilities are provided for: | |
62 | ||
63 | . If = or & is used, the condition is true if any one of the looked up | |
64 | IP addresses matches one of the listed addresses. Consider: | |
65 | ||
66 | dnslists = a.b.c=127.0.0.1 | |
67 | ||
68 | If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is | |
69 | true because 127.0.0.1 matches. | |
70 | ||
71 | . If == or =& is used, the condition is true only if every one of the | |
72 | looked up IP addresses matches one of the listed addresses. Consider: | |
73 | ||
74 | dnslists = a.b.c==127.0.0.1 | |
75 | ||
76 | If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is | |
77 | false because 127.0.0.2 is not listed. You would need to have | |
78 | ||
79 | dnslists = a.b.c==127.0.0.1,127.0.0.2 | |
80 | ||
81 | for the condition to be true. | |
82 | ||
83 | When ! is used to negate IP address matching, it inverts the result, giving | |
84 | the precise opposite of the behaviour above. Thus: | |
85 | ||
86 | . If != or !& is used, the condition is true if none of the looked up IP | |
87 | addresses matches one of the listed addresses. Consider: | |
88 | ||
89 | dnslists = a.b.c!&0.0.0.1 | |
90 | ||
91 | If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is | |
92 | false because 127.0.0.1 matches. | |
93 | ||
94 | . If !== or !=& is used, the condition is true there is at least one looked | |
95 | up IP address that does not match. Consider: | |
96 | ||
97 | dnslists = a.b.c!=&0.0.0.1 | |
98 | ||
99 | If the DNS lookup yields both 127.0.0.1 and 127.0.0.2, the condition is | |
100 | true, because 127.0.0.2 does not match. You would need to have | |
101 | ||
102 | dnslists = a.b.c!=&0.0.0.1,0.0.0.2 | |
103 | ||
104 | for the condition to be false. | |
105 | ||
106 | When the DNS lookup yields only a single IP address, there is no difference | |
107 | between = and == and between & and =&. | |
108 | ||
83da1223 PH |
109 | 3. Up till now, the only control over which cipher suites GnuTLS uses has been |
110 | for the cipher algorithms. New options have been added to allow some of the | |
111 | other parameters to be varied. Here is complete documentation for the | |
112 | available features: | |
113 | ||
114 | GnuTLS allows the caller to specify separate lists of permitted key | |
115 | exchange methods, main cipher algorithms, and MAC algorithms. These may be | |
116 | used in any combination to form a specific cipher suite. This is unlike | |
117 | OpenSSL, where complete cipher names can be passed to its control function. | |
118 | GnuTLS also allows a list of acceptable protocols to be supplied. | |
119 | ||
120 | For compatibility with OpenSSL, the tls_require_ciphers option can be set | |
121 | to complete cipher suite names such as RSA_ARCFOUR_SHA, but for GnuTLS this | |
122 | option controls only the cipher algorithms. Exim searches each item in the | |
123 | list for the name of an available algorithm. For example, if the list | |
124 | contains RSA_AES_SHA, then AES is recognized, and the behaviour is exactly | |
125 | the same as if just AES were given. | |
126 | ||
127 | There are additional options called gnutls_require_kx, gnutls_require_mac, | |
128 | and gnutls_require_protocols that can be used to restrict the key exchange | |
129 | methods, MAC algorithms, and protocols, respectively. These options are | |
130 | ignored if OpenSSL is in use. | |
131 | ||
132 | All four options are available as global options, controlling how Exim | |
133 | behaves as a server, and also as options of the smtp transport, controlling | |
134 | how Exim behaves as a client. All the values are string expanded. After | |
135 | expansion, the values must be colon-separated lists, though the separator | |
136 | can be changed in the usual way. | |
137 | ||
138 | Each of the four lists starts out with a default set of algorithms. If the | |
139 | first item in one of the "require" options does _not_ start with an | |
140 | exclamation mark, all the default items are deleted. In this case, only | |
141 | those that are explicitly specified can be used. If the first item in one | |
142 | of the "require" items _does_ start with an exclamation mark, the defaults | |
143 | are left on the list. | |
144 | ||
145 | Then, any item that starts with an exclamation mark causes the relevant | |
146 | entry to be removed from the list, and any item that does not start with an | |
147 | exclamation mark causes a new entry to be added to the list. Unrecognized | |
148 | items in the list are ignored. Thus: | |
149 | ||
150 | tls_require_ciphers = !ARCFOUR | |
151 | ||
152 | allows all the defaults except ARCFOUR, whereas | |
153 | ||
154 | tls_require_ciphers = AES : 3DES | |
155 | ||
156 | allows only cipher suites that use AES or 3DES. For tls_require_ciphers | |
157 | the recognized names are AES_256, AES_128, AES (both of the preceding), | |
158 | 3DES, ARCFOUR_128, ARCFOUR_40, and ARCFOUR (both of the preceding). The | |
159 | default list does not contain all of these; it just has AES_256, AES_128, | |
160 | 3DES, and ARCFOUR_128. | |
161 | ||
162 | For gnutls_require_kx, the recognized names are DHE_RSA, RSA (which | |
163 | includes DHE_RSA), DHE_DSS, and DHE (which includes both DHE_RSA and | |
164 | DHE_DSS). The default list contains RSA, DHE_DSS, DHE_RSA. | |
165 | ||
166 | For gnutls_require_mac, the recognized names are SHA (synonym SHA1), and | |
167 | MD5. The default list contains SHA, MD5. | |
168 | ||
169 | For gnutls_require_protocols, the recognized names are TLS1 and SSL3. | |
170 | The default list contains TLS1, SSL3. | |
171 | ||
172 | In a server, the order of items in these lists is unimportant. The server | |
173 | will advertise the availability of all the relevant cipher suites. However, | |
174 | in a client, the order in the tls_require_ciphers list specifies a | |
175 | preference order for the cipher algorithms. The first one in the client's | |
176 | list that is also advertised by the server is tried first. | |
177 | ||
54fc8428 PH |
178 | 4. There is a new compile-time option called ENABLE_DISABLE_FSYNC. You must |
179 | not set this option unless you really, really, really understand what you | |
180 | are doing. No pre-compiled distributions of Exim should ever set this | |
181 | option. When it is set, Exim compiles a runtime option called | |
182 | disable_fsync. If this is set true, Exim no longer calls fsync() to force | |
183 | updated files' data to be written to disc. Unexpected events such as | |
184 | crashes and power outages may cause data to be lost or scrambled. Beware. | |
185 | ||
186 | When ENABLE_DISABLE_FSYNC is not set, a reference to disable_fsync in a | |
187 | runtime configuration generates an "unknown option" error. | |
188 | ||
b01dd148 PH |
189 | 5. There is a new variable called $smtp_count_at_connection_start. The name |
190 | is deliberately long, in order to emphasize what the contents are. This | |
191 | variable is set greater than zero only in processes spawned by the Exim | |
192 | daemon for handling incoming SMTP connections. When the daemon accepts a | |
193 | new connection, it increments this variable. A copy of the variable is | |
194 | passed to the child process that handles the connection, but its value is | |
195 | fixed, and never changes. It is only an approximation of how many incoming | |
196 | connections there actually are, because many other connections may come and | |
197 | go while a single connection is being processed. When a child process | |
198 | terminates, the daemon decrements the variable. | |
199 | ||
cf8b11a5 PH |
200 | 6. There's a new control called no_pipelining, which does what its name |
201 | suggests. It turns off the advertising of the PIPELINING extension to SMTP. | |
202 | To be useful, this control must be obeyed before Exim sends its response to | |
203 | an EHLO command. Therefore, it should normally appear in an ACL controlled | |
204 | by acl_smtp_connect or acl_smtp_helo. | |
205 | ||
41c7c167 PH |
206 | 7. There are two new variables called $sending_ip_address and $sending_port. |
207 | These are set whenever an SMTP connection to another host has been set up, | |
208 | and they contain the IP address and port of the local interface that is | |
209 | being used. They are of interest only on hosts that have more than on IP | |
210 | address that want to take on different personalities depending on which one | |
211 | is being used. | |
212 | ||
213 | 8. The expansion of the helo_data option in the smtp transport now happens | |
214 | after the connection to the server has been made. This means that it can | |
215 | use the value of $sending_ip_address (see 7 above) to vary the text of the | |
216 | message. For example, if you want the string that is used for helo_data to | |
217 | be obtained by a DNS lookup of the interface address, you could use this: | |
218 | ||
219 | helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}\ | |
220 | {$primary_hostname}} | |
221 | ||
222 | The use of helo_data applies both to sending messages and when doing | |
223 | callouts. | |
224 | ||
9c57cbc0 PH |
225 | 9. There is a new expansion operator ${rfc2047d: that decodes strings that |
226 | are encoded as per RFC 2047. Binary zero bytes are replaced by question | |
227 | marks. Characters are converted into the character set defined by | |
228 | headers_charset. Overlong RFC 2047 "words" are not recognized unless | |
229 | check_rfc2047_length is set false. | |
230 | ||
f3f065bb PH |
231 | 10. There is a new log selector called "pid", which causes the current process |
232 | id to be added to every log line, in square brackets, immediately after the | |
233 | time and date. | |
234 | ||
047bdd8c | 235 | 11. Exim has been modified so that it flushes SMTP output before implementing |
4c590bd1 PH |
236 | a delay in an ACL. It also flushes the output before performing a callout, |
237 | as this can take a substantial time. These behaviours can be disabled by | |
238 | obeying control = no_delay_flush or control = no_callout_flush, | |
239 | respectively, at some earlier stage of the connection. The effect of the | |
240 | new default behaviour is to disable the PIPELINING optimization in these | |
241 | situations, in order to avoid unexpected timeouts in clients. | |
047bdd8c | 242 | |
0ce9abe6 PH |
243 | 12. There are two new expansion conditions that iterate over a list. They are |
244 | called forany and forall, and they are used like this: | |
245 | ||
246 | ${if forany{<a list>}{<a condition>}{<yes-string>}{<no-string>}} | |
247 | ${if forall{<a list>}{<a condition>}{<yes-string>}{<no-string>}} | |
248 | ||
249 | The first argument is expanded, and the result is treated as a list. By | |
250 | default, the list separator is a colon, but it can be changed by the normal | |
251 | method. The second argument is interpreted as a condition that is to be | |
252 | applied to each item in the list in turn. During the interpretation of the | |
253 | condition, the current list item is placed in a variable called $item. | |
254 | ||
255 | - For forany, interpretation stops if the condition is true for any item, | |
256 | and the yes-string is then expanded. If the condition is false for all | |
257 | items in the list, the no-string is expanded. | |
258 | ||
259 | - For forall, interpration stops if the condition is false for any item, | |
260 | and the no-string is then expanded. If the condition is true for all | |
261 | items in the list, the yes-string is expanded. | |
262 | ||
263 | Note that negation of forany means that the condition must be false for all | |
264 | items for the overall condition to succeed, and negation of forall means | |
265 | that the condition must be false for at least one item. | |
266 | ||
267 | In this example, the list separator is changed to a comma: | |
268 | ||
269 | ${if forany{<, $recipients}{match{$item}{^user3@}}{yes}{no}} | |
270 | ||
271 | Outside a forany/forall condition, the value of $item is an empty string. | |
272 | Its value is saved and restored while forany/forall is being processed, to | |
273 | enable these expansion items to be nested. | |
274 | ||
0e22dfd1 PH |
275 | 13. There's a new global option called dsn_from that can be used to vary the |
276 | contents of From: lines in bounces and other automatically generated | |
277 | messages ("delivery status notifications" - hence the name of the option). | |
278 | The default setting is: | |
279 | ||
280 | dsn_from = Mail Delivery System <Mailer-Daemon@$qualify_domain> | |
281 | ||
282 | The value is expanded every time it is needed. If the expansion fails, a | |
283 | panic is logged, and the default setting is used. | |
284 | ||
c51b8e75 PH |
285 | 14. The smtp transport has a new option called hosts_avoid_pipelining. It can |
286 | be used to suppress the use of PIPELINING to certain hosts, while still | |
287 | supporting the other SMTP extensions (cf hosts_avoid_tls). | |
288 | ||
75b1493f PH |
289 | 15. By default, exigrep does case-insensitive matches. There is now a -I option |
290 | that makes it case-sensitive. This may give a performance improvement when | |
291 | searching large log files. Without -I, the Perl pattern matches use the /i | |
292 | option; with -I they don't. In both cases it is possible to change the case | |
293 | sensitivity within the pattern using (?i) or (?-i). | |
294 | ||
c3611384 | 295 | 16. A number of new features have been added to string expansions to make it |
29f89cad PH |
296 | easier to process lists of items, typically addresses. These are as |
297 | follows: | |
298 | ||
299 | * ${addresses:<string>} | |
300 | ||
301 | The string (after expansion) is interpreted as a list of addresses in RFC | |
302 | 2822 format, such as can be found in a To: or Cc: header line. The | |
303 | operative address (local-part@domain) is extracted from each item, and the | |
304 | result of the expansion is a colon-separated list, with appropriate | |
305 | doubling of colons should any happen to be present in the email addresses. | |
306 | Syntactically invalid RFC2822 address items are omitted from the output. | |
307 | ||
308 | It is possible to specify a character other than colon for the output | |
309 | separator by starting the string with > followed by the new separator | |
310 | character. For example: | |
311 | ||
312 | ${addresses:>& The Boss <ceo@up.stairs>, sec@base.ment (dogsbody)} | |
313 | ||
314 | expands to "ceo@up.stairs&sec@base.ment". Compare ${address (singular), | |
315 | which extracts the working address from a single RFC2822 address. | |
316 | ||
317 | * ${map{<string1>}{<string2>}} | |
318 | ||
319 | After expansion, <string1> is interpreted as a list, colon-separated by | |
320 | default, but the separator can be changed in the usual way. For each item | |
321 | in this list, its value is place in $item, and then <string2> is expanded | |
322 | and added to the output as an item in a new list. The separator used for | |
323 | the output list is the same as the one used for the input, but is not | |
324 | included in the output. For example: | |
325 | ||
326 | ${map{a:b:c}{[$item]}} ${map{<- x-y-z}{($item)}} | |
327 | ||
328 | expands to "[a]:[b]:[c] (x)-(y)-(z)". At the end of the expansion, the | |
329 | value of $item is restored to what it was before. | |
330 | ||
331 | * ${filter{<string1>}{<condition>}} | |
332 | ||
333 | After expansion, <string1> is interpreted as a list, colon-separated by | |
334 | default, but the separator can be changed in the usual way. For each item | |
335 | in this list, its value is place in $item, and then the condition is | |
336 | evaluated. If the condition is true, $item is added to the output as an | |
337 | item in a new list; if the condition is false, the item is discarded. The | |
338 | separator used for the output list is the same as the one used for the | |
339 | input, but is not included in the output. For example: | |
340 | ||
341 | ${filter{a:b:c}{!eq{$item}{b}} | |
342 | ||
343 | yields "a:c". At the end of the expansion, the value of $item is restored | |
344 | to what it was before. | |
345 | ||
346 | * ${reduce{<string1>}{<string2>}{<string3>}} | |
347 | ||
348 | The ${reduce expansion operation reduces a list to a single, scalar string. | |
349 | After expansion, <string1> is interpreted as a list, colon-separated by | |
350 | default, but the separator can be changed in the usual way. Then <string2> | |
351 | is expanded and assigned to the $value variable. After this, each item in | |
352 | the <string1> list is assigned to $item in turn, and <string3> is expanded | |
353 | for each of them. The result of that expansion is assigned to $value before | |
354 | the next iteration. When the end of the list is reached, the final value of | |
355 | $value is added to the expansion string. The ${reduce expansion item can be | |
356 | used in a number of ways. For example, to add up a list of numbers: | |
357 | ||
358 | ${reduce {<, 1,2,3}{0}{${eval:$value+$item}}} | |
359 | ||
360 | The result of that expansion would be "6". The maximum of a list of numbers | |
361 | can be found: | |
362 | ||
363 | ${reduce {3:0:9:4:6}{0}{${if >{$item}{$value}{$item}{$value}}}} | |
364 | ||
365 | At the end of a ${reduce expansion, the values of $item and $value is | |
366 | restored to what they were before. | |
367 | ||
c3611384 PH |
368 | 17. There's a new ACL modifier called "continue". It does nothing of itself, |
369 | and processing of the ACL always continues with the next condition or | |
370 | modifier. It is provided so that the side effects of expanding its argument | |
371 | can be used. Typically this would be for updating a database. It is really | |
372 | just a syntactic tidiness, because the following two lines have the same | |
373 | effect: | |
374 | ||
375 | continue = <some expansion> | |
376 | condition = ${if eq{0}{<some expansion>}{true}{true}} | |
377 | ||
ec95d1a6 PH |
378 | 18. It is now possible to use newline and other control characters (those with |
379 | values less than 32, plus DEL) as separators in lists. Such separators must | |
380 | be provided literally at the time the list is processed, but the string | |
381 | expansion that happens first means that you can write them using normal | |
382 | escape sequences. For example, if a new-line separated list of domains is | |
383 | generated by a lookup, you can now process it directly by a line such as | |
384 | this: | |
385 | ||
386 | domains = <\n ${lookup mysql{.....}} | |
387 | ||
388 | This avoids having to change the list separator in such data. Unlike | |
389 | printing character separators, which can be included in list items by | |
390 | doubling, it is not possible to include a control character as data when it | |
391 | is set as the separator. Two such characters in succession are interpreted | |
392 | as enclosing an empty list item. | |
393 | ||
b4ed4da0 PH |
394 | |
395 | Version 4.66 | |
396 | ------------ | |
397 | ||
398 | No new features were added to 4.66. | |
399 | ||
400 | ||
401 | Version 4.65 | |
402 | ------------ | |
403 | ||
404 | No new features were added to 4.65. | |
405 | ||
38a0a95f PH |
406 | |
407 | Version 4.64 | |
408 | ------------ | |
409 | ||
af561417 PH |
410 | 1. ACL variables can now be given arbitrary names, as long as they start with |
411 | "acl_c" or "acl_m" (for connection variables and message variables), are at | |
412 | least six characters long, with the sixth character being either a digit or | |
883335dc | 413 | an underscore. |
af561417 PH |
414 | |
415 | 2. There is a new ACL modifier called log_reject_target. It makes it possible | |
883335dc | 416 | to specify which logs are used for messages about ACL rejections. |
af561417 PH |
417 | |
418 | 3. There is a new authenticator called "dovecot". This is an interface to the | |
419 | authentication facility of the Dovecot POP/IMAP server, which can support a | |
883335dc | 420 | number of authentication methods. |
af561417 PH |
421 | |
422 | 4. The variable $message_headers_raw provides a concatenation of all the | |
423 | messages's headers without any decoding. This is in contrast to | |
424 | $message_headers, which does RFC2047 decoding on the header contents. | |
425 | ||
883335dc PH |
426 | 5. In a DNS black list, if two domain names, comma-separated, are given, the |
427 | second is used first to do an initial check, making use of any IP value | |
428 | restrictions that are set. If there is a match, the first domain is used, | |
429 | without any IP value restrictions, to get the TXT record. | |
af561417 | 430 | |
883335dc | 431 | 6. All authenticators now have a server_condition option. |
af561417 PH |
432 | |
433 | 7. There is a new command-line option called -Mset. It is useful only in | |
434 | conjunction with -be (that is, when testing string expansions). It must be | |
435 | followed by a message id; Exim loads the given message from its spool | |
883335dc | 436 | before doing the expansions. |
af561417 PH |
437 | |
438 | 8. Another similar new command-line option is called -bem. It operates like | |
883335dc PH |
439 | -be except that it must be followed by the name of a file that contains a |
440 | message. | |
af561417 PH |
441 | |
442 | 9. When an address is delayed because of a 4xx response to a RCPT command, it | |
443 | is now the combination of sender and recipient that is delayed in | |
883335dc | 444 | subsequent queue runs until its retry time is reached. |
af561417 PH |
445 | |
446 | 10. Unary negation and the bitwise logical operators and, or, xor, not, and | |
883335dc | 447 | shift, have been added to the eval: and eval10: expansion items. |
48c7f9e2 | 448 | |
194cc0e4 PH |
449 | 11. The variables $interface_address and $interface_port have been renamed |
450 | as $received_ip_address and $received_port, to make it clear that they | |
451 | relate to message reception rather than delivery. (The old names remain | |
452 | available for compatibility.) | |
453 | ||
883335dc PH |
454 | 12. The "message" modifier can now be used on "accept" and "discard" acl verbs |
455 | to vary the message that is sent when an SMTP command is accepted. | |
4e88a19f | 456 | |
495ae4b0 | 457 | |
4608d683 PH |
458 | Version 4.63 |
459 | ------------ | |
460 | ||
461 | 1. There is a new Boolean option called filter_prepend_home for the redirect | |
38a0a95f | 462 | router. |
4608d683 | 463 | |
45b91596 PH |
464 | 2. There is a new acl, set by acl_not_smtp_start, which is run right at the |
465 | start of receiving a non-SMTP message, before any of the message has been | |
38a0a95f | 466 | read. |
45b91596 | 467 | |
a5bd321b PH |
468 | 3. When an SMTP error message is specified in a "message" modifier in an ACL, |
469 | or in a :fail: or :defer: message in a redirect router, Exim now checks the | |
38a0a95f | 470 | start of the message for an SMTP error code. |
a5bd321b | 471 | |
6ec97b1b | 472 | 4. There is a new parameter for LDAP lookups called "referrals", which takes |
38a0a95f | 473 | one of the settings "follow" (the default) or "nofollow". |
6ec97b1b | 474 | |
e22ca4ac JJ |
475 | 5. Version 20070721.2 of exipick now included, offering these new options: |
476 | --reverse | |
477 | After all other sorting options have bee processed, reverse order | |
478 | before displaying messages (-R is synonym). | |
479 | --random | |
480 | Randomize order of matching messages before displaying. | |
481 | --size | |
482 | Instead of displaying the matching messages, display the sum | |
483 | of their sizes. | |
484 | --sort <variable>[,<variable>...] | |
485 | Before displaying matching messages, sort the messages according to | |
486 | each messages value for each variable. | |
487 | --not | |
488 | Negate the value for every test (returns inverse output from the | |
489 | same criteria without --not). | |
490 | ||
4608d683 | 491 | |
1cce3af8 PH |
492 | Version 4.62 |
493 | ------------ | |
494 | ||
495 | 1. The ${readsocket expansion item now supports Internet domain sockets as well | |
496 | as Unix domain sockets. If the first argument begins "inet:", it must be of | |
497 | the form "inet:host:port". The port is mandatory; it may be a number or the | |
498 | name of a TCP port in /etc/services. The host may be a name, or it may be an | |
499 | IP address. An ip address may optionally be enclosed in square brackets. | |
500 | This is best for IPv6 addresses. For example: | |
501 | ||
502 | ${readsocket{inet:[::1]:1234}{<request data>}... | |
503 | ||
504 | Only a single host name may be given, but if looking it up yield more than | |
505 | one IP address, they are each tried in turn until a connection is made. Once | |
506 | a connection has been made, the behaviour is as for ${readsocket with a Unix | |
507 | domain socket. | |
508 | ||
f7fd3850 PH |
509 | 2. If a redirect router sets up file or pipe deliveries for more than one |
510 | incoming address, and the relevant transport has batch_max set greater than | |
511 | one, a batch delivery now occurs. | |
512 | ||
d6629cdc PH |
513 | 3. The appendfile transport has a new option called maildirfolder_create_regex. |
514 | Its value is a regular expression. For a maildir delivery, this is matched | |
515 | against the maildir directory; if it matches, Exim ensures that a | |
516 | maildirfolder file is created alongside the new, cur, and tmp directories. | |
517 | ||
1cce3af8 | 518 | |
7e66e54d PH |
519 | Version 4.61 |
520 | ------------ | |
521 | ||
4f578862 PH |
522 | The documentation is up-to-date for the 4.61 release. Major new features since |
523 | the 4.60 release are: | |
524 | ||
525 | . An option called disable_ipv6, to disable the use of IPv6 completely. | |
526 | ||
527 | . An increase in the number of ACL variables to 20 of each type. | |
528 | ||
529 | . A change to use $auth1, $auth2, and $auth3 in authenticators instead of $1, | |
530 | $2, $3, (though those are still set) because the numeric variables get used | |
531 | for other things in complicated expansions. | |
532 | ||
843a41e8 | 533 | . The default for rfc1413_query_timeout has been changed from 30s to 5s. |
4f578862 PH |
534 | |
535 | . It is possible to use setclassresources() on some BSD OS to control the | |
536 | resources used in pipe deliveries. | |
537 | ||
538 | . A new ACL modifier called add_header, which can be used with any verb. | |
539 | ||
540 | . More errors are detectable in retry rules. | |
541 | ||
542 | There are a number of other additions too. | |
71fafd95 | 543 | |
7e66e54d | 544 | |
425ae40f | 545 | Version 4.60 |
b5aea5e1 PH |
546 | ------------ |
547 | ||
425ae40f PH |
548 | The documentation is up-to-date for the 4.60 release. Major new features since |
549 | the 4.50 release are: | |
1a46a8c5 | 550 | |
425ae40f | 551 | . Support for SQLite. |
1a46a8c5 | 552 | |
425ae40f | 553 | . Support for IGNOREQUOTA in LMTP. |
1a46a8c5 | 554 | |
425ae40f | 555 | . Extensions to the "submission mode" features. |
1a46a8c5 | 556 | |
425ae40f | 557 | . Support for Client SMTP Authorization (CSA). |
1a46a8c5 | 558 | |
425ae40f | 559 | . Support for ratelimiting hosts and users. |
b5aea5e1 | 560 | |
425ae40f | 561 | . New expansion items to help with the BATV "prvs" scheme. |
b5aea5e1 | 562 | |
425ae40f | 563 | . A "match_ip" condition, that matches an IP address against a list. |
35edf2ff | 564 | |
425ae40f | 565 | There are many more minor changes. |
495ae4b0 PH |
566 | |
567 | **** |