.cindex headers "authentication-results:"
.cindex authentication "expansion item"
This item returns a string suitable for insertion as an
-&'Authentication-Results"'&
+&'Authentication-Results:'&
header line.
The given <&'authserv-id'&> is included in the result; typically this
will be a domain name identifying the system performing the authentications.
.cindex "UTF-8" "in domain name"
Lots of discussion is going on about internationalized domain names. One
camp is strongly in favour of just using UTF-8 characters, and it seems
-that at least two other MTAs permit this. This option allows Exim users to
-experiment if they wish.
+that at least two other MTAs permit this.
+This option allows Exim users to experiment if they wish.
If it is set true, Exim's domain parsing function allows valid
UTF-8 multicharacters to appear in domain name components, in addition to
-letters, digits, and hyphens. However, just setting this option is not
-enough; if you want to look up these domain names in the DNS, you must also
+letters, digits, and hyphens.
+
+.new
+If Exim is built with internationalization support
+and the SMTPUTF8 ESMTP option is in use (see chapter &<<CHAPi18n>>&)
+this option can be left as default.
+.wen
+Without that,
+if you want to look up such domain names in the DNS, you must also
adjust the value of &%dns_check_names_pattern%& to match the extended form. A
suitable setting is:
.code
Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
-For GnuTLS 3.5.6 or later the expanded value of this option can be a list
+.new
+For OpenSSL 1.1.0 or later, and
+.wen
+for GnuTLS 3.5.6 or later the expanded value of this option can be a list
of files, to match a list given for the &%tls_certificate%& option.
The ordering of the two lists must match.
-The file(s) should be in DER format
+.new
+The file(s) should be in DER format,
+except for GnuTLS 3.6.3 or later when an optional filetype prefix
+can be used. The prefix must be one of "DER" or "PEM", followed by
+a single space. If one is used it sets the format for subsequent
+files in the list; the initial format is DER.
+When a PEM format file is used it may contain multiple proofs,
+for multiple certificate chain element proofs under TLS1.3.
+.wen
.option tls_on_connect_ports main "string list" unset
.cindex SSMTP
top level domains the opendmarc library uses
during domain parsing. Maintained by Mozilla,
the most current version can be downloaded
-from a link at &url(http://publicsuffix.org/list/).
+from a link at &url(https://publicsuffix.org/list/, currently pointing
+at https://publicsuffix.org/list/public_suffix_list.dat)
See also util/renew-opendmarc-tlds.sh script.
-The default for the option is currently
-/etc/exim/opendmarc.tlds
+The default for the option is /etc/exim/opendmarc.tlds.
+
The &%dmarc_history_file%& option, if set
.oindex &%dmarc_history_file%&
projects / exim.git / blobdiff