. /////////////////////////////////////////////////////////////////////////////
.set previousversion "4.72"
-.set version "4.73"
+.set version "4.74"
.set ACL "access control lists (ACLs)"
.set I " "
+.section "Dynamically loaded lookup module support" "SECTdynamicmodules"
+.cindex "lookup modules"
+.cindex "dynamic modules"
+.cindex ".so building"
+On some platforms, Exim supports not compiling all lookup types directly into
+the main binary, instead putting some into external modules which can be loaded
+on demand.
+This permits packagers to build Exim with support for lookups with extensive
+library dependencies without requiring all users to install all of those
+dependencies.
+Most, but not all, lookup types can be built this way.
+
+Set &`LOOKUP_MODULE_DIR`& to the directory into which the modules will be
+installed; Exim will only load modules from that directory, as a security
+measure. You will need to set &`CFLAGS_DYNAMIC`& if not already defined
+for your OS; see &_OS/Makefile-Linux_& for an example.
+Some other requirements for adjusting &`EXTRALIBS`& may also be necessary,
+see &_src/EDITME_& for details.
+
+Then, for each module to be loaded dynamically, define the relevant
+&`LOOKUP_`&<&'lookup_type'&> flags to have the value "2" instead of "yes".
+For example, this will build in lsearch but load sqlite and mysql support
+on demand:
+.code
+LOOKUP_LSEARCH=yes
+LOOKUP_SQLITE=2
+LOOKUP_MYSQL=2
+.endd
+
+
.section "The building process" "SECID29"
.cindex "build directory"
Once &_Local/Makefile_& (and &_Local/eximon.conf_&, if required) have been
directory containing certificate files. This does not work with GnuTLS; the
option must be set to the name of a single file if you are using GnuTLS.
+These certificates should be for the certificate authorities trusted, rather
+than the public cert of individual clients. With both OpenSSL and GnuTLS, if
+the value is a file then the certificates are sent by Exim as a server to
+connecting clients, defining the list of accepted certificate authorities.
+Thus the values defined should be considered public data. To avoid this,
+use OpenSSL with a directory.
+
.option tls_verify_hosts main "host list&!!" unset
.cindex "TLS" "client certificate verification"
your resources.
+.new
+.section "The SMTP DKIM ACL" "SECTDKIMACL"
+The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support
+enabled (which is the default).
+
+The ACL test specified by &%acl_smtp_dkim%& happens after a message has been
+received, and is executed for each DKIM signature found in a message. If not
+otherwise specified, the default action is to accept.
+
+For details on the operation of DKIM, see chapter &<<CHID12>>&.
+.wen
+
+
.section "The SMTP MIME ACL" "SECID194"
The &%acl_smtp_mime%& option is available only when Exim is compiled with the
content-scanning extension. For details, see chapter &<<CHAPexiscan>>&.
+.section "Dynamic module directory" "SECTdynmoddir"
+Any dynamically loadable modules must be installed into the directory
+defined in &`LOOKUP_MODULE_DIR`& in &_Local/Makefile_& for Exim to permit
+loading it.
+
+
+
.section "Use of sprintf()" "SECID279"
.cindex "&[sprintf()]&"
A large number of occurrences of &"sprintf"& in the code are actually calls to
git://git.exim.org / exim.git / blobdiff