Exim changelog for Version 3.10 - last non-testing release was 3.03

New Features and user visible changes

  1. The option log_queue_run_level specifies the log level for the messages "Start queue run" and "End queue run". The default is 0.
  2. Addition of forbid_lookup, forbid_existstest and forbid_perl to the forwardfile director.
  3. All directors except smartuser had current_directory and home_directory options, to set values used at transport time. These options have now been made generic, so now apply to all directors.
  4. If SUPPORT_MOVE_FROZEN_MESSAGES is set at compile time, the new option move_frozen_messages causes frozen messages and their message logs to be moved from the input and msglog directories on the spool to Finput and Fmsglog. There is currently no support in Exim or the standard utilities for handling such moved messages and they won't show up in lists generated by -bp or eximon.
  5. If no transport is specified for a smartuser director, the new_address field may now specify a comma-separated list of new addresses, and :blackhole:, :defer: and :fail: can also be used there. In otherwords, new_address is like a line from an alias file (except that :include: is not supported).
  6. The exigrep utility now automatically zcats any log file whose name ends in COMPRESS_SUFFIX, using ZCAT_COMMAND, as defined in Local/Makefile.
  7. The expansion condition first_delivery is true for the first delivery attempt on a message; queue_running is true when a delivery attempt is caused by a queue runner.
  8. When log_refused_recipients is set, each log line now has a reason for refusal such as "(RBL)" or "(sender_reject_recipients)".
  9. The magic string "+warn_unknown" behaves like "+allow_unknown", but it writes a log line every time it lets through a host whose name can't be looked up.
  10. If EXIMON_LOG_FILE_PATH is set in the environment when eximon starts up, it overrides the configuration setting. This makes it possible to have eximon tailing log data that is written to syslog, provided that MAIL.INFO messages are routed to a separate file.
  11. Policy rejections of recipients can now be overridden for certain senders by setting recipients_reject_except_senders.
  12. When all deferred addresses have the same domain, it is set in $domain during the expansion of delay_warning_condition. For pipes, files, or autoreplies, this is the domain of the parent.
  13. -Rr (and -Rrf, -Rrff) treat the string as a regular expression.
  14. Added -S (with all variations), which works like -R except that it checks the message's sender instead of the undelivered recipients. If both -R and -S are given, both conditions must be satisfied.
  15. The new expansion variable $message_age contains the length of time since the message was received as a number of seconds.
  16. The syntax of LDAP queries has been extended to allow the passing of more information than is available in the LDAP URL. An LDAP query may now consist of a URL preceded by any number of "name=value" settings, separated by spaces. If a value contains spaces it must be enclosed in double quotes, and when double quotes are used, backslash is interpreted in the usual way inside them. The following names are recognized:
    USER
    set the DN for authenticating the LDAP bind
    PASS
    set the password
    SIZE
    set the limit for the number of entries returned
    TIME
    set the maximum waiting time for a query
  17. Callers whose gid is Exim's gid are now automatically trusted (only the uid was looked at previously).
  18. There's a new option called admin_groups. If the current or any of the supplementary groups of the caller is in this list, the caller has admin user privileges.
  19. There is now support for PAM (Pluggable Authentication Modules), a facility which is available in the latest releases of Solaris and in some GNU/Linux distributions (see http://ftp.at.kernel.org/pub/linux/libs/pam/).
  20. The file that the exiwhat mechanism uses for process status information is no longer bundled with the log files. Instead, "exim-process.info" in the spool directory is used.
  21. Exim can now be configured to log to syslog as well as or instead of to local log files.
  22. There's a new expansion operator called "mask" which converts an IP address to binary, masks off the least significant bits, and converts the result back to text, with mask appended. For example: ${mask:10.111.131.206/28} returns the string "10.111.131.192/28".
  23. There exist some rare networking situations (for example, packet radio) where it is helpful to be able to translate IP addresses generated by normal routing mechanisms into other IP addresses, thus performing a kind of manual IP routing. This should be done only if the normal IP routing of the TCP/IP stack is inadequate or broken. Exim now has this capability.
  24. A new option called retry_data_expire (default 7d) specifies that retry data older than this should be ignored. This means that if, for example, a host hasn't been tried for 7 days, Exim will behave as if it had no knowledge of past failures.
  25. To help with formulating lookup queries, there is a new expansion operator ${quote_:} which quotes the characters of the string in a lookup-specific way. For example, the safest way to write a NIS+ query is [name="${quote_nisplus:$local_part}"]
  26. The from_hack option in the appendfile and pipe transports has been replaced by two string options, check_string and escape_string. When set, the start of each line is tested for matching check_string, and if it does, those characters are replaced by the contents of escape_string.
  27. The appendfile transport has a new option called file_format, defaulting unset. If set, it requests the transport to check the format of an existing file before adding to it.
  28. There is a new expansion condition called crypteq, which is automatically available if Exim is built to support any authentication mechanisms. Otherwise, it is necessary to define SUPPORT_CRYPTEQ to get it included in the binary. The crypteq condition has two arguments. The first is encrypted and compared against the second, which is already encrypted. Two encryption types are currently supported: