summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2012-08-15Bugtrack 1283 - Spec typo fix.Todd Lyons
2012-08-14Bugtrack 1281 - Spec typo fix.Todd Lyons
2012-07-27Bug #198: Add remove_header ACL modifier.Todd Lyons
Used patch from Magnus Holmgren dated 2007-02-20. Added documentation. Added tests to detect proper operation.
2012-07-19Add example ACL usage of ${run in exim spec.Todd Lyons
2012-07-16Doc fixes from Regid Ichira & Andreas MetzlerPhil Pennock
2012-07-12Doc note re 9999 days & 32bit time (SSL certs)Phil Pennock
Thanks to Jay Rouman for highlighting that there can be rollover. I have chosen *not* to reduce the duration, but to leave it and instead provoke thought on the part of those deploying systems, if this bites them.
2012-07-08Merge branch 'master' of git://git.exim.org/eximJeremy Harris
2012-07-08Multiple headers_add/remove options per router/transport - fixes bug 337Jeremy Harris
2012-07-06Make +smtp_confirmation be a default logging option.Todd Lyons
2012-07-01Merge branch 'acl'Jeremy Harris
2012-06-27Acl expansions: tests and documentationJeremy Harris
2012-06-25Let Linux makefile inherit CFLAGS/CFLAGS_DYNAMIC.Phil Pennock
Pulled from Debian 30_dontoverridecflags.dpatch by Andreas Metzler. We just add CFLAGS_DYNAMIC too and some comments. Non-POSIX syntax, but fairly portable; GNU make gained it in 1998, we believe even very old systems should handle it fine.
2012-06-24Add gnutls_enable_pkcs11 option.Phil Pennock
GnuTLS 2.12.0 adds PKCS11 support using p11-kit and by default will autoload modules, which interoperates badly with GNOME keyring integration, configured via paths in environment variables, and Exim invoked by the user (eg, mailq) will then try to load the modules, fail and spew warnings from the module for a library loaded by a library. http://www.gnu.org/software/gnutls/manual/gnutls.html#Smart-cards-and-HSMs documents that to prevent this, explicitly init PKCS11 before calling gnutls_global_init(). So we do so, unless the admin sets the new option. Reported by Andreas Metzler, who confirmed that the added calls fixed the problem for him.
2012-06-12Use custom variables for ACL args, up to nine. Add an arg-count variable.Jeremy Harris
2012-06-12Add ${acl {name}{arg}} expansion item.Jeremy Harris
2012-06-12Merge branch 'lists'Jeremy Harris
2012-06-12Change names to "listnamed" and "listcount".Jeremy Harris
2012-06-10Add ${list:name} and ${nlist:string} expansion operators.Jeremy Harris
2012-06-09Corrections to spec examples - fixes bug 1196Nigel Metheringham
2012-06-09Typo fix in spec - fixes bug 1197Nigel Metheringham
2012-06-06BUGFIX: forced-fail smtp option tls_sni would dereference NULLPhil Pennock
2012-06-05Docs for "G" modifier on numbers in ${if comparisons.Jeremy Harris
2012-06-04Basic documentation for cutthrough.Jeremy Harris
2012-06-04Add $tls_in_* variables; note the old names as deprecated.Jeremy Harris
2012-06-04Add hosts_verify_avoid_tls option to smtp transport.Jeremy Harris
2012-06-04Refactor optional MAIL FROM argsTodd Lyons
2012-06-03Implement -G => "control=suppress_local_fixups"Phil Pennock
fixes bug 1117
2012-06-03Cmdline -L option; also -Ac -Am -X<logfile>Phil Pennock
These are for Sendmail compatibility. bug 1117
2012-06-03ChangeLog: note cyrus plugin use situationPhil Pennock
2012-06-03Cyrus SASL: set host;port properties on auth driverPhil Pennock
2012-06-03DSCP: inbound via control = dscp/<value>Phil Pennock
2012-06-02Docs: pipes in redirect, need for quote cautionPhil Pennock
2012-06-02DSCP: take numeric values too.Phil Pennock
Also fix doc claim that value is unexpanded. Also strip affix whitespace before numeric conversion and fixed string comparison.
2012-06-02DSCP: document; hex print; -bI:dscpPhil Pennock
2012-06-01DNSSEC babystep: dns_use_dnssec & $sender_host_dnssecPhil Pennock
2012-06-01ACKNOWLEDGEMENTS update, covering a few yearsPhil Pennock
2012-06-01tls_dh_min_bits smtp transport optionPhil Pennock
Could not find an API for use with OpenSSL, so GnuTLS only
2012-06-01Make -n combine with -bP to inhibit namesPhil Pennock
2012-06-01Add -bI:help and -bI:sievePhil Pennock
2012-05-31Doc: drop .new/.wen, update previousversion.Phil Pennock
Also, drop fix one place which claimed TLS SNI support was OpenSSL only.
2012-05-30Revert "Lower EXIM_CLIENT_DH_MIN_BITS 1024 -> 512."exim-4_80Phil Pennock
This reverts commit 83f4c7515f3eb06dc070e78edd2694c1d088e5fd. This was not a new check! The call to gnutls_dh_set_prime_bits() was made with DH_BITS in Exim 4.77, so the only difference is that now an administrator can choose at compile time to change the lower bound. So keeping this at 1024 is not a regression and if we can't talk to them now, we couldn't before, and we shouldn't lower security by default. The reverted commit was only acceptable IF it was still better than what we had in Exim 4.77.
2012-05-30Lower EXIM_CLIENT_DH_MIN_BITS 1024 -> 512.Phil Pennock
Wolfgang Breyha saw a real-world site using 768 bits.
2012-05-28Merge openssl_disable_ssl2 branchexim-4_80_RC7Phil Pennock
2012-05-27Doc: fix glitchexim-4_80_RC6Phil Pennock
2012-05-27Doc: SECTgnutlsparam referencing tls_dhparamPhil Pennock
2012-05-27For DH, use standard primes from RFCsPhil Pennock
2012-05-27Deal with GnuTLS DH generation overshootPhil Pennock
2012-05-26FAQ for GnuTLSPhil Pennock
2012-05-25Doc: Provide context for bare numbers from CHAP/SECT.Phil Pennock
2012-05-25Cyrus SASL auth: SSF retrieval was incorrect.Phil Pennock
Exim thought protection layer was required, which is not implemented. Patch from Wolfgang Breyha. Fixes bug 1254
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 19:41:22 +0000