summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2014-04-24 00:49:56 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2014-04-24 14:02:19 +0100
commitfd3b6a4ad699259b80dcaed6287ec01ab5ec0105 (patch)
tree6e5f0a344816c8e54a16b744e963c1509caeee39 /doc
parentdeae092e544ecfb3d8a362a260fc00ec01f0883f (diff)
dnssec_strict, _lax, _never modifiers for dnsdb lookups
Lacking testsuite coverage
Diffstat (limited to 'doc')
-rw-r--r--doc/doc-docbook/spec.xfpt21
-rw-r--r--doc/doc-txt/ChangeLog3
2 files changed, 21 insertions, 3 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 6f0a16f37..612d147a5 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -6959,11 +6959,16 @@ The data from each lookup is concatenated, with newline separators by default,
in the same way that multiple DNS records for a single item are handled. A
different separator can be specified, as described above.
+Modifiers for &(dnsdb)& lookups are givien by optional keywords,
+each followed by a comma,
+that may appear before the record type.
+
The &(dnsdb)& lookup fails only if all the DNS lookups fail. If there is a
temporary DNS error for any of them, the behaviour is controlled by
-an optional keyword followed by a comma that may appear before the record
-type. The possible keywords are &"defer_strict"&, &"defer_never"&, and
-&"defer_lax"&. With &"strict"& behaviour, any temporary DNS error causes the
+a defer-option modifier.
+The possible keywords are
+&"defer_strict"&, &"defer_never"&, and &"defer_lax"&.
+With &"strict"& behaviour, any temporary DNS error causes the
whole lookup to defer. With &"never"& behaviour, a temporary DNS error is
ignored, and the behaviour is as if the DNS lookup failed to find anything.
With &"lax"& behaviour, all the queries are attempted, but a temporary DNS
@@ -6976,6 +6981,16 @@ ${lookup dnsdb{a=one.host.com:two.host.com}}
Thus, in the default case, as long as at least one of the DNS lookups
yields some data, the lookup succeeds.
+Use of &(DNSSEC)& is controlled by a dnssec modifier.
+The possible keywords are
+&"dnssec_strict"&, &"dnssec_lax"&, and &"dnssec_never"&.
+With &"strict"& or &"lax"& DNSSEC information is requested
+with the lookup.
+With &"strict"& a response from the DNS resolver that
+is not labelled as authenticated data
+is treated as equivalent to a temporary DNS error.
+The default is &"never".
+
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 30b27a012..649b730f0 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -91,6 +91,9 @@ TL/08 Bugzilla 1453: New LDAP "SERVERS=" option allows admin to override list
of ldap servers used for a specific lookup. Patch provided by Heiko
Schlichting.
+JH/18 New options dnssec_lax, dnssec_strict on dnsdb lookups.
+
+
Exim version 4.82
-----------------