summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2014-06-02Fix tiny ChangeLog typoTodd Lyons
2014-05-31Support service names for tls_on_connect_ports. Bug 72Jeremy Harris
2014-05-30Fix doc for $sender_host_dnssec. Bug 1485Jeremy Harris
2014-05-29Fix delivery $host in client authenticator in verify/callout. Bug 1476Jeremy Harris
2014-05-28Bug 1444: Fix \r\n handling writing spool fileTodd Lyons
Fix a bug which causes DKIM signatures to fail because what gets written to the spool file is different than what gets passed through the DKIM code.
2014-05-23Move OCSP out of EXPERIMENTALJeremy Harris
2014-05-22Bug 1394: Document how to do per host conn limitsTodd Lyons
Since the max connections per host setting is computed and enforced in the master listening process before the fork, there is no easy way to get an accurate connection count once the Proxy Protocol negotiation has been done (i.e. in a child process, after the fork). Rather than try to use a shared mmap file using CAS in the children to manipulate it, we just advise of a crude version of max connections per IP be achieved by using ratelimit per_conn in the connect ACL.
2014-05-22Fix doc for dovecot authenticator. Bugs 1448, 1483Jeremy Harris
2014-05-21RFC3461 support - MIME DSN messages. Bug 118Wolfgang Breyha
2014-05-20Support optional server certificate name checking. Bug 1479Jeremy Harris
Enable EXPERIMENTAL_CERTNAMES to include.
2014-05-13Extractors for certificate time fields support integer output modifierJeremy Harris
2014-05-13Extractor for named RDN element types from a certificate DN field.Jeremy Harris
2014-05-13Updated changelog.Todd Lyons
Accidentally included the fix for Bug 1119 in the same commit fixing Proxy Protocol version 2 to match the API change in May 2014.
2014-05-13Bug 1394: PPv2 header modifedTodd Lyons
The HAProxy dev team adjusted the layout of the 16 byte header to allow it to be used for SSL connections. Had to adjust PPv2 handling code and perl proxy emulation script. Added link to this HAProxy commit in the documentation.
2014-05-13certextract tidyingJeremy Harris
2014-05-13Add doc notes on verifying self-signing hostsJeremy Harris
2014-05-13Update docs for suggested Ident and PRDR settingsJeremy Harris
2014-05-13Move PRDR out of EXPERIMENTALJeremy Harris
2014-05-11New expansion operator sha256 for certificates. Bug 1170Jeremy Harris
2014-05-08Enable operator md5 and sha1 use on certificate variables. Bug 1170Jeremy Harris
2014-05-06OCSP observability: variables $tls_{in,out}_ocspJeremy Harris
and smtp transport option hosts_request_ocsp
2014-05-05Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358Jeremy Harris
2014-05-02Certificate variables and field-extractor expansions. Bug 1358Jeremy Harris
2014-04-29Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
2014-04-29Bug 1454: Option -oMm for message referenceHeiko Schlichting
Includes docs and test suite
2014-04-27Add options dnssec_request_domains, dnssec_require_domains to the smtp transportJeremy Harris
Note there are no testsuite cases included. TODO in this area: - dnssec during verify-callouts - dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup
2014-04-24Support OCSP Stapling under GnuTLS. Bug 1459Jeremy Harris
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP
2014-04-24Dnssec observability: add variable $lookup_dnssec_authenticatedJeremy Harris
2014-04-24Fix typo in markup. Add .new/.wen.Todd Lyons
2014-04-24Bug 609: Add -C option to exiqgrepLars Timmann
Option is a passthrough to the exim process that it spawns that generates the queue list. Fixed Conflicts: doc/doc-txt/ChangeLog
2014-04-24dnssec_strict, _lax, _never modifiers for dnsdb lookupsJeremy Harris
Lacking testsuite coverage
2014-04-23Bug 1453: Add SERVERS ldap server list overrideHeiko Schlichting
2014-04-22exiqgrep: add -a to use all recipients (including delivered)mg
2014-04-20Add options dnssec_request_domains, dnssec_require_domains to the dnslookup ↵Jeremy Harris
router Note there are no testsuite cases included. TODO in this area: - dnssec during verify-callouts - dnssec during dnsdb expansions - dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup - observability of status of requested dnssec
2014-04-20Fix handling of $tls_cipher et.al. in (non-verify) transport. Bug 1455Jeremy Harris
The split of these variables into _in and _out sets introduced by d9b231 in 4.82 was incomplete, leaving the deprecated legacy variables nonfunctional during a transport and associated client authenticator. Fix by repointing the legacy set to the outbound connection set at transport startup (and do not clear out the inbound set at this time, either).
2014-04-19Copyright year updates:Todd Lyons
vim $(git whatchanged --since=2014-01-01 | grep '^:100' | sed 's/^[^M]*M//' | sort -u | fgrep -v test/)
2014-04-19Fix Proxy Protocol v2 handlingTodd Lyons
Change recv() to not use MSGPEEK and eliminated flush_input(). Add proxy_target_address/port expansions. Convert ipv6 decoding to memmove(). Use sizeof() for variable sizing. Correct struct member access. Enhance debug output when passed invalid command/family. Add to and enhance documentation. Client script to test Proxy Protocol, interactive on STDIN/STDOUT, so can be chained (ie a swaks pipe), useful for any service, not just Exim and/or smtp.
2014-04-15Add back deprecated SPF error conditionsTodd Lyons
Previous patch introduced a change that could break existing SPF configurations. Add back the two non-standard "err_temp" and "err_perm" result values, with note that it is deprecated and will be removed in a future release.
2014-04-15Add expansion for DMARC policyTodd Lyons
New variable is $dmarc_domain_policy
2014-04-15Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
Fixed Conflicts: doc/doc-txt/ChangeLog
2014-04-15De-duplicate two documentation sectionsTodd Lyons
2014-04-09More care with headers add/remove lists. Bug 1452Jeremy Harris
As a side-effect, playing games with newlines no longer gives an altered message body/ Testcase 0324 is questionable (though passing)
2014-04-09dnsdb tlsa lookupTodd Lyons
2014-03-19Docs for transport tls_verify_hosts &c.Jeremy Harris
2014-03-18Fix ACL "condition =" for negative number values. Bug 1005Jeremy Harris
Fix conditional "bool{<string>}" for negative number values, to match.
2014-03-16Enforce that only smtp transports can be used for verify callouts. Bug 1445Heiko Schlittermann
2014-03-16Support transport-added headers under cutthrough delivery. Bug 1431Jeremy Harris
2014-03-15Add tls_verify_hosts and tls_try_verify_hosts to smtp transport. Bug 1371Wolfgang Breyha
Code by Wolfgang Breyha, docs and testsuite by Jeremy Harris
2014-03-15TestcasesJeremy Harris
2014-03-15Add documentationJeremy Harris