| 1 | $Cambridge: exim/doc/doc-txt/NewStuff,v 1.32 2005/04/04 10:33:49 ph10 Exp $ |
| 2 | |
| 3 | New Features in Exim |
| 4 | -------------------- |
| 5 | |
| 6 | This file contains descriptions of new features that have been added to Exim, |
| 7 | but have not yet made it into the main manual (which is most conveniently |
| 8 | updated when there is a relatively large batch of changes). The doc/ChangeLog |
| 9 | file contains a listing of all changes, including bug fixes. |
| 10 | |
| 11 | |
| 12 | Version 4.51 |
| 13 | ------------ |
| 14 | |
| 15 | PH/01 The format in which GnuTLS parameters are written to the gnutls-param |
| 16 | file in the spool directory has been changed. This change has been made |
| 17 | to alleviate problems that some people had with the generation of the |
| 18 | parameters by Exim when /dev/random was exhausted. In this situation, |
| 19 | Exim would hang until /dev/random acquired some more entropy. |
| 20 | |
| 21 | The new code exports and imports the DH and RSA parameters in PEM |
| 22 | format. This means that the parameters can be generated externally using |
| 23 | the certtool command that is part of GnuTLS. |
| 24 | |
| 25 | To replace the parameters with new ones, instead of deleting the file |
| 26 | and letting Exim re-create it, you can generate new parameters using |
| 27 | certtool and, when this has been done, replace Exim's cache file by |
| 28 | renaming. The relevant commands are something like this: |
| 29 | |
| 30 | # rm -f new.params |
| 31 | # touch new.params |
| 32 | # chown exim:exim new.params |
| 33 | # chmod 0400 new.params |
| 34 | # certtool --generate-privkey --bits 512 >new.params |
| 35 | # echo "" >>new.params |
| 36 | # certtool --generate-dh-params --bits 1024 >> new.params |
| 37 | # mv new.params params |
| 38 | |
| 39 | If Exim never has to generate the parameters itself, the possibility of |
| 40 | stalling is removed. |
| 41 | |
| 42 | PH/02 A new expansion item for dynamically loading and calling a locally- |
| 43 | written C function is now provided, if Exim is compiled with |
| 44 | |
| 45 | EXPAND_DLFUNC=yes |
| 46 | |
| 47 | set in Local/Makefile. The facility is not included by default (a |
| 48 | suitable error is given if you try to use it when it is not there.) |
| 49 | |
| 50 | If you enable EXPAND_DLFUNC, you should also be aware of the new redirect |
| 51 | router option forbid_filter_dlfunc. If you have unprivileged users on |
| 52 | your system who are permitted to create filter files, you might want to |
| 53 | set forbid_filter_dlfunc=true in the appropriate router, to stop them |
| 54 | using ${dlfunc to run code within Exim. |
| 55 | |
| 56 | You load and call an external function like this: |
| 57 | |
| 58 | ${dlfunc{/some/file}{function}{arg1}{arg2}...} |
| 59 | |
| 60 | Once loaded, Exim remembers the dynamically loaded object so that it |
| 61 | doesn't reload the same object file in the same Exim process (but of |
| 62 | course Exim does start new processes frequently). |
| 63 | |
| 64 | There may be from zero to eight arguments to the function. When compiling |
| 65 | a local function that is to be called in this way, local_scan.h should be |
| 66 | included. The Exim variables and functions that are defined by that API |
| 67 | are also available for dynamically loaded functions. The function itself |
| 68 | must have the following type: |
| 69 | |
| 70 | int dlfunction(uschar **yield, int argc, uschar *argv[]) |
| 71 | |
| 72 | Where "uschar" is a typedef for "unsigned char" in local_scan.h. The |
| 73 | function should return one of the following values: |
| 74 | |
| 75 | OK Success. The string that is placed in "yield" is put into |
| 76 | the expanded string that is being built. |
| 77 | |
| 78 | FAIL A non-forced expansion failure occurs, with the error |
| 79 | message taken from "yield", if it is set. |
| 80 | |
| 81 | FAIL_FORCED A forced expansion failure occurs, with the error message |
| 82 | taken from "yield" if it is set. |
| 83 | |
| 84 | ERROR Same as FAIL, except that a panic log entry is written. |
| 85 | |
| 86 | When compiling a function that is to be used in this way with gcc, |
| 87 | you need to add -shared to the gcc command. Also, in the Exim build-time |
| 88 | configuration, you must add -export-dynamic to EXTRALIBS. |
| 89 | |
| 90 | TF/01 $received_time is a new expansion variable containing the time and date |
| 91 | as a number of seconds since the start of the Unix epoch when the |
| 92 | current message was received. |
| 93 | |
| 94 | PH/03 There is a new value for RADIUS_LIB_TYPE that can be set in |
| 95 | Local/Makefile. It is RADIUSCLIENTNEW, and it requests that the new API, |
| 96 | in use from radiusclient 0.4.0 onwards, be used. It does not appear to be |
| 97 | possible to detect the different versions automatically. |
| 98 | |
| 99 | PH/04 There is a new option called acl_not_smtp_mime that allows you to scan |
| 100 | MIME parts in non-SMTP messages. It operates in exactly the same way as |
| 101 | acl_smtp_mime |
| 102 | |
| 103 | |
| 104 | Version 4.50 |
| 105 | ------------ |
| 106 | |
| 107 | The documentation is up-to-date for the 4.50 release. |
| 108 | |
| 109 | **** |