test from the snapshots or the Git before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.97
+------------
+
+ 1. The expansion-test faciility (exim -be) can set variables.
+
+ 2. An event on a failing SMTP AUTH, for both client and server operations.
+
+ 3. Variable $sender_helo_verified with the result of an ACL "verify = helo".
+
+ 4. Predefined macros for expansion items, operators, conditions and variables.
+
+ 5. The smtp transport option "max_rcpt" is now expanded before use.
+
+ 6. The tls_eccurve option for OpenSSL now takes a list of group names
+
Version 4.96
------------
4. An event for failing TLS connects to the daemon.
- 5. Tainted data used for a query-style lookup should be quoted using the
- expansion item for the lookup type. If not, a warning will be written to
- the main and panic logs. A future release will enforce this by failing
- the lookup.
+ 5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
+
+ 6. Query-style lookups are now checked for quoting, if the query string is
+ built using untrusted data ("tainted"). For now lack of quoting is merely
+ logged; a future release will upgrade this to an error.
- 6. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
+ 7. The expansion conditions match_<list-type> and inlist now set $value for
+ the expansion of the "true" result of the ${if}. With a static list, this
+ can be used for de-tainting.
+ 8. Recipient verify callouts now set $domain_data & $local_part_data, with
+ de-tainted values.
Version 4.95
------------