diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2016-05-16 19:58:20 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2016-05-16 19:58:20 +0100 |
commit | fc16abb4d06c7ae375b227bd83473412c8985c6f (patch) | |
tree | f5b3332573a250826efe59249aa222e3e13c2fda /doc | |
parent | 2d5fdd539c5abd1d180dfb476ef87ae3332285ed (diff) |
Logging: dnssec status on accept & delivery lines
Diffstat (limited to 'doc')
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 10 | ||||
-rw-r--r-- | doc/doc-txt/NewStuff | 4 |
2 files changed, 13 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index ba32403d6..736a45800 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -35528,6 +35528,7 @@ the following table: &`CV `& certificate verification status &`D `& duration of &"no mail in SMTP session"& &`DN `& distinguished name from peer certificate +&`DS `& DNSSEC secured lookups &`DT `& on &`=>`& lines: time taken for a delivery &`F `& sender address (on delivery lines) &`H `& host name and IP address @@ -35618,6 +35619,7 @@ selection marked by asterisks: &` deliver_time `& time taken to perform delivery &` delivery_size `& add &`S=`&&'nnn'& to => lines &`*dnslist_defer `& defers of DNS list (aka RBL) lookups +&` dnssec `& DNSSEC secured lookups &`*etrn `& ETRN commands &`*host_lookup_failed `& as it says &` ident_timeout `& timeout for ident connection @@ -35725,6 +35727,14 @@ the &"=>"& line, tagged with S=. &%dnslist_defer%&: A log entry is written if an attempt to look up a host in a DNS black list suffers a temporary error. .next +.cindex log dnssec +.cindex dnssec logging +&%dnssec%&: For message acceptance and (attempted) delivery log lines, when +dns lookups gave secure results a tag of DS is added. +For acceptance this covers the reverse and forward lookups for host name verification. +It does not cover helo-name verification. +For delivery this covers the SRV, MX, A and/or AAAA lookups. +.next .cindex "log" "ETRN commands" .cindex "ETRN" "logging" &%etrn%&: Every valid ETRN command that is received is logged, before the ACL diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 07e6f1dba..659c830bd 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -9,9 +9,11 @@ the documentation is updated, this file is reduced to a short list. Version 4.88 ------------ - 1. The new perl_tainmode option allows to run the embedded perl + 1. The new perl_taintmode option allows to run the embedded perl interpreter in taint mode. + 2. New log_selector: dnssec, adds a "DS" tag to acceptance and delivery lines. + Version 4.87 ------------ |