1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
$Cambridge: exim/doc/doc-txt/NewStuff,v 1.90 2006/02/23 12:41:22 ph10 Exp $
New Features in Exim
--------------------
This file contains descriptions of new features that have been added to Exim,
but have not yet made it into the main manual (which is most conveniently
updated when there is a relatively large batch of changes). The doc/ChangeLog
file contains a listing of all changes, including bug fixes.
Version 4.61
------------
PH/01 There is a new global option called disable_ipv6, which does exactly what
its name implies. If set true, even if the Exim binary has IPv6 support,
no IPv6 activities take place. AAAA records are never looked up for host
names given in manual routing data or elsewhere. AAAA records that are
received from the DNS as additional data for MX records are ignored. Any
IPv6 addresses that are listed in local_interfaces, manualroute route
data, etc. are also ignored. If IP literals are enabled, the ipliteral
router declines to handle IPv6 literal addresses.
PH/02 There are now 20 of each type of ACL variable by default (instead of 10).
It is also possible to change the numbers by setting ACL_CVARS and/or
ACL_MVARS in Local/Makefile. Backward compatibility is maintained if you
upgrade to this release with existing messages containing ACL variable
settings on the queue. However, going in the other direction
(downgrading) will not be compatible; the values of ACL variables will be
lost.
PH/03 If quota_warn_message contains a From: header, Exim now refrains from
adding the default one. Similarly, if it contains a Reply-To: header, the
errors_reply_to option, if set, is not used.
PH/04 The variables $auth1, $auth2, $auth3 are now available in authenticators,
containing the same values as $1, $2, $3. The new variables are provided
because the numerical variables can be reset during string expansions
(for example, during a "match" operation) and so may lose the
authentication data. The preferred variables are now the new ones, with
the use of the numerical ones being deprecated, though the support will
not be removed, at least, not for a long time.
PH/05 The "control=freeze" ACL modifier can now be followed by /no_tell. If
the global option freeze_tell is set, it is ignored for the current
message (that is, nobody is told about the freezing), provided all the
"control=freeze" modifiers that are obeyed in the current message have
the /no_tell option.
PH/06 In both GnuTLS and OpenSSL, an expansion of tls_privatekey that results
in an empty string is now treated as unset.
PH/07 There is a new log selector called sender_verify_fail, which is set by
default. If it is unset, the separate log line that gives details of a
sender verification failure is not written. Log lines for the rejection
of SMTP commands (e.g. RCPT) contain just "sender verify failed", so some
detail is lost.
PH/08 The default for dns_check_names_pattern now allows slashes within names,
as there are now some PTR records that contain slashes. This check is
only to protect against broken name servers that fall over on strange
characters, so the fact that it applies to all lookups doesn't matter.
PH/09 The default for rfc4131_query_timeout has been changed from 30s to 5s.
PH/10 When compiled on FreeBSD, NetBSD, or BSD/OS, the pipe transport has a new
Boolean option called use_classresources, defaulting false. If it is set
true, the setclassresources() function is used to set resource limits
when a pipe transport is run to perform a delivery. The limits for the
uid under which the pipe is to run are obtained from the login class
database.
PH/11 If retry_interval_max is set greater than 24 hours, it is quietly reset
to 24 hours. This avoids potential overflow problems when processing G
and H retry rules, and it seems reasonable to require a retry at least
once a day.
PH/12 When the plaintext authenticator is running as a client, the server
challenges are now checked to ensure they are valid base64 strings. The
default action on failure is to abort the authentication. However, if
client_ignore_invalid_base64 is set true, invalid responses are ignored.
PH/13 When the plaintext authenticator is running as a client, the challenges
from the server are placed in $auth1, $auth2, etc. as they are received.
Thus, the challege that is received in response to sending the first
string (with the AUTH command) can be used in the expansion of the second
string, and so on. Currently, up to 3 challenge strings are available in
this way. If an invalid base64 string is received when client_ignore_
invalid_base64 is set, an empty string is put in the $auth<n> variable.
Version 4.60
------------
The documentation is up-to-date for the 4.60 release. Major new features since
the 4.50 release are:
. Support for SQLite.
. Support for IGNOREQUOTA in LMTP.
. Extensions to the "submission mode" features.
. Support for Client SMTP Authorization (CSA).
. Support for ratelimiting hosts and users.
. New expansion items to help with the BATV "prvs" scheme.
. A "match_ip" condition, that matches an IP address against a list.
There are many more minor changes.
****
|
