summaryrefslogtreecommitdiff
path: root/doc/doc-docbook
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2017-01-31 23:55:51 -0500
committerPhil Pennock <pdp@exim.org>2017-01-31 23:55:51 -0500
commitbbfc5a3e3e0d4e150894edce2ae72bff24e4408b (patch)
tree272e229125c82a2ac26d160865437fba1d8e7945 /doc/doc-docbook
parentda88acaeb7d76e5312c8ea799951470eaa5eca0f (diff)
Proxy clarification & nit fixes.
Release: should be cherry-picked into 4.89RC series
Diffstat (limited to 'doc/doc-docbook')
-rw-r--r--doc/doc-docbook/spec.xfpt11
1 files changed, 9 insertions, 2 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 4eb1dcb7a..2be1373b0 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -12257,7 +12257,7 @@ qualified host name. See also &$smtp_active_hostname$&.
&$proxy_local_port$& &&&
&$proxy_session$&
These variables are only available when built with Proxy Protocol
-or Socks5 support
+or SOCKS5 support.
For details see chapter &<<SECTproxyInbound>>&.
.vitem &$prdr_requested$&
@@ -36063,7 +36063,7 @@ The latter can be disabled by turning off the &%outgoing_interface%& option.
&%proxy%&: The internal (closest to the system running Exim) IP address
of the proxy, tagged by PRX=, on the &"<="& line for a message accepted
on a proxied connection
-or the &"=>"& line for a message delivered on a proxied connection..
+or the &"=>"& line for a message delivered on a proxied connection.
See &<<SECTproxyInbound>>& for more information.
.next
.cindex "log" "incoming remote port"
@@ -38553,6 +38553,13 @@ recorded in an ACL (example is below).
Use of a proxy is enabled by setting the &%hosts_proxy%&
main configuration option to a hostlist; connections from these
hosts will use Proxy Protocol.
+Exim supports both version 1 and version 2 of the Proxy Protocol and
+automatically determines which version is in use.
+
+The Proxy Protocol header is the first data received on a TCP connection
+and is inserted before any TLS-on-connect handshake from the client; Exim
+negotiates TLS between Exim-as-server and the remote client, not between
+Exim and the proxy server.
The following expansion variables are usable
(&"internal"& and &"external"& here refer to the interfaces