A new log_selector, +tls_sni, has been added, to log received SNI values
for Exim as a server.
- Currently OpenSSL only.
-
8. The existing "accept_8bitmime" option now defaults to true. This means
that Exim is deliberately not strictly RFC compliant. We're following
Dan Bernstein's advice in http://cr.yp.to/smtp/8bitmime.html by default.
"socket activation", but forcing the activated socket to fd 0. We're
interested in adding more support for modern variants.
+10. ${eval } now uses 64-bit values on supporting platforms. A new "G" suffix
+ for numbers indicates multiplication by 1024^3.
+
+11. The GnuTLS support has been revamped; the three options gnutls_require_kx,
+ gnutls_require_mac & gnutls_require_protocols are no longer supported.
+ tls_require_ciphers is now parsed by gnutls_priority_init(3) as a priority
+ string, documentation for which is at:
+ http://www.gnu.org/software/gnutls/manual/html_node/Priority-Strings.html
+
+ SNI support has been added to Exim's GnuTLS integration too.
+
+ For sufficiently recent GnuTLS libraries, ${randint:..} will now use
+ gnutls_rnd(), asking for GNUTLS_RND_NONCE level randomness.
+
+12. With OpenSSL, if built with EXPERIMENTAL_OCSP, a new option tls_ocsp_file
+ is now available. If the contents of the file are valid, then Exim will
+ send that back in response to a TLS status request; this is OCSP Stapling.
+ Exim will not maintain the contents of the file in any way: administrators
+ are responsible for ensuring that it is up-to-date.
+
+ See "experimental-spec.txt" for more details.
+
+13. ${lookup dnsdb{ }} supports now SPF record types. They are handled
+ identically to TXT record lookups.
+
Version 4.77
------------
projects / exim.git / blobdiff