X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=doc%2Fdoc-txt%2FNewStuff;h=659c830bdaead00ae1e0a9b831d024450a70d5eb;hp=9eebd089f95b1dffe74ef3e0ec9bf24a9b847cb1;hb=fc16abb4d06c7ae375b227bd83473412c8985c6f;hpb=9aa512a1898155484e00ee089057d28f2432b30e diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 9eebd089f..659c830bd 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,6 +6,109 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the CVS before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.88 +------------ + + 1. The new perl_taintmode option allows to run the embedded perl + interpreter in taint mode. + + 2. New log_selector: dnssec, adds a "DS" tag to acceptance and delivery lines. + + +Version 4.87 +------------ + + 1. The ACL conditions regex and mime_regex now capture substrings + into numeric variables $regex1 to 9, like the "match" expansion condition. + + 2. New $callout_address variable records the address used for a spam=, + malware= or verify= callout. + + 3. Transports now take a "max_parallel" option, to limit concurrency. + + 4. Expansion operators ${ipv6norm:} and ${ipv6denorm:}. + The latter expands to a 8-element colon-sep set of hex digits including + leading zeroes. A trailing ipv4-style dotted-decimal set is converted + to hex. Pure ipv4 addresses are converted to IPv4-mapped IPv6. + The former operator strips leading zeroes and collapses the longest + set of 0-groups to a double-colon. + + 5. New "-bP config" support, to dump the effective configuration. + + 6. New $dkim_key_length variable. + + 7. New base64d and base64 expansion items (the existing str2b64 being a + synonym of the latter). Add support in base64 for certificates. + + 8. New main configuration option "bounce_return_linesize_limit" to + avoid oversize bodies in bounces. The dafault value matches RFC + limits. + + 9. New $initial_cwd expansion variable. + + +Version 4.86 +------------ + + 1. Support for using the system standard CA bundle. + + 2. New expansion items $config_file, $config_dir, containing the file + and directory name of the main configuration file. Also $exim_version. + + 3. New "malware=" support for Avast. + + 4. New "spam=" variant option for Rspamd. + + 5. Assorted options on malware= and spam= scanners. + + 6. A commandline option to write a comment into the logfile. + + 7. If built with EXPERIMENTAL_SOCKS feature enabled, the smtp transport can + be configured to make connections via socks5 proxies. + + 8. If built with EXPERIMENTAL_INTERNATIONAL, support is included for + the transmission of UTF-8 envelope addresses. + + 9. If built with EXPERIMENTAL_INTERNATIONAL, an expansion item for a commonly + used encoding of Maildir folder names. + +10. A logging option for slow DNS lookups. + +11. New ${env {}} expansion. + +12. A non-SMTP authenticator using information from TLS client certificates. + +13. Main option "tls_eccurve" for selecting an Elliptic Curve for TLS. + Patch originally by Wolfgang Breyha. + +14. Main option "dns_trust_aa" for trusting your local nameserver at the + same level as DNSSEC. + + +Version 4.85 +------------ + + 1. If built with EXPERIMENTAL_DANE feature enabled, Exim will follow the + DANE smtp draft to assess a secure chain of trust of the certificate + used to establish the TLS connection based on a TLSA record in the + domain of the sender. + + 2. The EXPERIMENTAL_TPDA feature has been renamed to EXPERIMENTAL_EVENT + and several new events have been created. The reason is because it has + been expanded beyond just firing events during the transport phase. Any + existing TPDA transport options will have to be rewritten to use a new + $event_name expansion variable in a condition. Refer to the + experimental-spec.txt for details and examples. + + 3. The EXPERIMENTAL_CERTNAMES features is an enhancement to verify that + server certs used for TLS match the result of the MX lookup. It does + not use the same mechanism as DANE. + + +Version 4.84 +------------ + + Version 4.83 ------------ @@ -24,7 +127,7 @@ Version 4.83 4. New malware type "sock". Talks over a Unix or TCP socket, sending one command line and matching a regex against the return data for trigger - and a second regex to extract malware_name. The mail spoofile name can + and a second regex to extract malware_name. The mail spoolfile name can be included in the command line. 5. The smtp transport now supports options "tls_verify_hosts" and @@ -39,8 +142,7 @@ Version 4.83 7. New command-line option -C for exiqgrep to specify alternate exim.conf file when searching the queue. - 8. EXPERIMENTAL_OCSP now supports GnuTLS also, if you have version 3.1.3 - or later of that. + 8. OCSP now supports GnuTLS also, if you have version 3.1.3 or later of that. 9. Support for DNSSEC on outbound connections. @@ -49,6 +151,14 @@ Version 4.83 work over them for generating fingerprints, and a new sha256 operator for them added. +11. PRDR is now supported dy default. + +12. OCSP stapling is now supported by default. + +13. If built with the EXPERIMENTAL_DSN feature enabled, Exim will output + Delivery Status Notification messages in MIME format, and negociate + DSN features per RFC 3461. + Version 4.82 ------------ @@ -168,7 +278,7 @@ Version 4.82 "aaaa" and "a" lookups is done and the full set of results returned. 14. New expansion variable $headers_added with content from ACL add_header - modifier (but not yet added to messsage). + modifier (but not yet added to message). 15. New 8bitmime status logging option for received messages. Log field "M8S".