Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-11-02 | Fix OCSP proof verification for direct-signed proofs. Bug 1909 | Jeremy Harris | |
2016-10-23 | Update README.UPDATING; fix typos in ChangeLog/NewStuff | Phil Pennock | |
2016-10-23 | Fix bug with aborted server TLS connection, under GnuTLS | Jeremy Harris | |
Longstanding, but exposed by 60d10ce | |||
2016-10-22 | TCP Fast Open | Jeremy Harris | |
2016-10-18 | Unbreak build: crypto hdrs not in system includes | Phil Pennock | |
If using pkg-config to get the paths for various packages and the crypto library headers are not in the system headers, then the hash work broke the Exim build by requiring the CFLAGS manipulation for _all_ builds, not just the TLS libraries. Shows up on MacOS where there's a system OpenSSL but not system OpenSSL headers (because only SecureTransport is supported) and using brew-installed OpenSSL. I've also coded the fix for GnuTLS on the same basis, but that's untested. Fixes bug 1906 | |||
2016-10-15 | New: queuefile transport, under EXPERIMENTAL_QUEUEFILE | Andrew Colin Kissa | |
2016-10-12 | Docs: add warning on SNI-dependent certfile expansion needing a good default | Jeremy Harris | |
2016-10-09 | Docs: add section on builtin macros | Jeremy Harris | |
2016-10-08 | DH parameters update, new values & defaultexim-4_88_RC2 | Phil Pennock | |
* Add three new Exim-specific DH parameter constants; state provenance, but no way for others to verify; this is a signed commit, which is about as much as we can do for the truly paranoid: provide an audit trail. * Add the RFC 7919 DH primes + No TLS feature negotiation, per 7919, but the DH primes can be used if folks so choose * Fixed broken format string in util/gen_pkcs3.c * Tried to make gen_pkcs3.c support q values. + Turns out, q doesn't affect the PEM and that's not a mistake in my initialisation; I've checked with a cryptographer, we're losing some server-side optimizations but not any security properties for our scenario. Fixes: 1895 | |||
2016-10-08 | Fix callouts connection fallback from TLS to cleartext. Bug 1897 | Jeremy Harris | |
2016-10-05 | Docs: add another index entry for delay_warning | Jeremy Harris | |
2016-10-02 | Logging: connection_reject log selector should apply also to the connect acl | Jeremy Harris | |
2016-09-28 | Refactor driver feature-macro generation to be driven by existing tables | Jeremy Harris | |
Would like to do lookup drivers too but unsure about dyn-linked variants | |||
2016-09-28 | Default to filesystem space/inode checking enabled | Jeremy Harris | |
2016-09-25 | Add automatic macros for config-file options. Bug 1819 | Jeremy Harris | |
2016-09-25 | Docs: fix quotes | Jeremy Harris | |
2016-09-23 | Doc: add clarification for DKIM exampleexim-4_88_RC1 | Jeremy Harris | |
2016-09-22 | Defend against symlink attack by another process running as exim | Jeremy Harris | |
Reported-by: http://www.halfdog.net/Security/2016/DebianEximSpoolLocalRoot/ | |||
2016-09-22 | Routing: avoid doing the one_time replacement operation when a redirect ↵ | Jeremy Harris | |
leaves the address unchanged When done, in combination with a defer the retry would see the address as delivered, hence losing mail. | |||
2016-09-18 | ACL: merge the tables used for codition/modifier decode | Jeremy Harris | |
2016-09-18 | ACL: bsearch for controls | Jeremy Harris | |
2016-09-15 | Docs: mention Perl manpages for PCRE. Bug 1881 | Jeremy Harris | |
2016-09-11 | Log EHLO response on getting conn-close response for HELO. Bug 1832 | Jeremy Harris | |
2016-09-05 | Cutthrough: option to reflect 4xx errors from target to initiator | Jeremy Harris | |
2016-09-03 | Docs: prettify code examples. Bug 1284 | Jeremy Harris | |
2016-09-03 | Docs: add note on strict DKIM verification | Jeremy Harris | |
2016-09-01 | Support "G" multiplier on integer configuration values | Jeremy Harris | |
2016-08-22 | Add automatic macros for compile-time feature options | Jeremy Harris | |
2016-08-18 | Delivery: fix transmission down an already-open connection, when | Jeremy Harris | |
one of the group of addresses is unsuitable for it. Bug 1874 Broken-by: 3070ceeeed05, fa41615da702. | |||
2016-08-17 | Delivery: same-host checking for transport runs should include port from ↵ | Jeremy Harris | |
address give by routing | |||
2016-08-14 | DMARC: send forensic reports for reject & quarantine results, and "none" ↵ | Tony Meyer | |
policy. Bug 1846 | |||
2016-08-14 | Expansions: new ${escape8bit:<string>} operator. Bug 1863 | Jeremy Harris | |
2016-08-14 | LMDB: introduce as Experimental. Bug 1856 | Andrew Colin Kissa | |
2016-08-11 | ACL: Ensure that acl_smtp_notquit is called for a conndrop between ↵ | Jasen Betts | |
data-go-ahead and data-ack. Bug 1872 | |||
2016-08-09 | Docs: more index entries for header lines | Jeremy Harris | |
2016-08-08 | Radius: Fix authentication for Radius libraries that return REJECT_RC. Bug 1850 | Leonhard Knauff | |
2016-08-06 | Routing: in a dnslookup, fix fail_defer_domains to defer on missing MX ↵ | Jeremy Harris | |
record. Bug 1867 | |||
2016-08-06 | Merge branch 'CHUNKING' | Jeremy Harris | |
2016-08-04 | Docs: add warning on non-ASCII results from SpamAssassin. Bug 1863 | Jeremy Harris | |
2016-08-04 | Merge branch 'fakereject' | Jeremy Harris | |
2016-08-04 | Logging: visibility of fakereject | Jeremy Harris | |
2016-08-03 | DANE: treat a TLSA response having only non-TLSA records the same as a ↵ | Jeremy Harris | |
no-match response | |||
2016-08-02 | pass advertised facility to continued-transport process | Jeremy Harris | |
2016-08-02 | receive docs | Jeremy Harris | |
2016-08-02 | receive flow processing | Jeremy Harris | |
2016-07-31 | Fix $body_linecount for empty lines | Jeremy Harris | |
2016-07-31 | Logging: Fix logging of errors under PIPELINING | Jeremy Harris | |
2016-07-30 | Expansions: add operators base32, base32d | Jeremy Harris | |
2016-07-27 | Docs: minor clarifications | Jeremy Harris | |
2016-07-25 | Docs: add caution on spamd_address | Jeremy Harris | |