summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2016-05-16 19:58:20 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2016-05-16 19:58:20 +0100
commitfc16abb4d06c7ae375b227bd83473412c8985c6f (patch)
treef5b3332573a250826efe59249aa222e3e13c2fda /doc
parent2d5fdd539c5abd1d180dfb476ef87ae3332285ed (diff)
Logging: dnssec status on accept & delivery lines
Diffstat (limited to 'doc')
-rw-r--r--doc/doc-docbook/spec.xfpt10
-rw-r--r--doc/doc-txt/NewStuff4
2 files changed, 13 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index ba32403d6..736a45800 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -35528,6 +35528,7 @@ the following table:
&`CV `& certificate verification status
&`D `& duration of &"no mail in SMTP session"&
&`DN `& distinguished name from peer certificate
+&`DS `& DNSSEC secured lookups
&`DT `& on &`=>`& lines: time taken for a delivery
&`F `& sender address (on delivery lines)
&`H `& host name and IP address
@@ -35618,6 +35619,7 @@ selection marked by asterisks:
&` deliver_time `& time taken to perform delivery
&` delivery_size `& add &`S=`&&'nnn'& to => lines
&`*dnslist_defer `& defers of DNS list (aka RBL) lookups
+&` dnssec `& DNSSEC secured lookups
&`*etrn `& ETRN commands
&`*host_lookup_failed `& as it says
&` ident_timeout `& timeout for ident connection
@@ -35725,6 +35727,14 @@ the &"=>"& line, tagged with S=.
&%dnslist_defer%&: A log entry is written if an attempt to look up a host in a
DNS black list suffers a temporary error.
.next
+.cindex log dnssec
+.cindex dnssec logging
+&%dnssec%&: For message acceptance and (attempted) delivery log lines, when
+dns lookups gave secure results a tag of DS is added.
+For acceptance this covers the reverse and forward lookups for host name verification.
+It does not cover helo-name verification.
+For delivery this covers the SRV, MX, A and/or AAAA lookups.
+.next
.cindex "log" "ETRN commands"
.cindex "ETRN" "logging"
&%etrn%&: Every valid ETRN command that is received is logged, before the ACL
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 07e6f1dba..659c830bd 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -9,9 +9,11 @@ the documentation is updated, this file is reduced to a short list.
Version 4.88
------------
- 1. The new perl_tainmode option allows to run the embedded perl
+ 1. The new perl_taintmode option allows to run the embedded perl
interpreter in taint mode.
+ 2. New log_selector: dnssec, adds a "DS" tag to acceptance and delivery lines.
+
Version 4.87
------------