+TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs
+ with consistent privilege compared to when running as a daemon.
+
+TF/03 Note in the spec that $authenticated_id is not set for local
+ submissions from trusted users.
+
+TF/04 The ratelimit per_rcpt option now works correctly in acl_not_smtp.
+ Thanks to Dean Brooks <dean@iglou.com> for the patch.
+
+TF/05 Make it easier to get SMTP authentication and TLS/SSL support working
+ by adding some example configuration directives to the default
+ configuration file. A little bit of work is required to uncomment the
+ directives and define how usernames and passwords are checked, but
+ there is now a framework to start from.
+
+PH/01 Added #define LDAP_DEPRECATED 1 to ldap.c because some of the "old"
+ functions that Exim currently uses aren't defined in ldap.h for OpenLDAP
+ without this. I don't know how relevant this is to other LDAP libraries.
+
+PH/02 Add the verb name to the "unknown ACL verb" error.
+
+PH/03 Magnus Holmgren's patch for filter_prepend_home.
+
+PH/03 Fixed Bugzilla #101: macro definition between ACLs doesn't work.
+
+PH/04 Applied Magnus Holmgren's patch to fix Bugzilla #98: transport's home
+ directory not expanded when it should be if an expanded home directory
+ was set for the address (which is overridden by the transport).
+
+PH/05 Applied Alex Kiernan's patch to fix Bugzilla #99: a problem with
+ libradius.
+
+PH/06 Added acl_not_smtp_start, based on Johannes Berg's patch, and set the
+ bit to forbid control=suppress_local_fixups in the acl_not_smtp ACL,
+ because it is too late at that time, and has no effect.
+
+PH/07 Changed ${quote_pgsql to quote ' as '' instead of \' because of a
+ security issue with \' (bugzilla #107). I could not use the
+ PQescapeStringConn() function, because it needs a PGconn value as one of
+ its arguments.
+
+PH/08 When testing addresses using -bt, indicate those final addresses that
+ are duplicates that would not cause an additional delivery. At least one
+ person was confused, thinking that -bt output corresponded to deliveries.
+ (Suppressing duplicates isn't a good idea as you lose the information
+ about possibly different redirections that led to the duplicates.)
+
+PH/09 Applied patch from Erik to use select() instead of poll() in spam.c on
+ systems where poll() doesn't work, in particular OS X.
+
+PH/10 Added more information to debugging output for retry time not reached.
+
+PH/11 Applied patch from Arkadiusz Miskiewicz to apply a timeout to read
+ operations in malware.c.
+
+PH/12 Applied patch from Magnus Holmgren to include the "h" tag in Domain Keys
+ signatures.
+
+PH/13 If write_rejectlog was set false when logging was sent to syslog with
+ syslog_duplication set false, log lines that would normally be written
+ both the the main log and to the reject log were not written to syslog at
+ all.
+
+PH/14 In the default configuration, change the use of "message" in ACL warn
+ statements to "add_header".
+
+PH/15 Diagnose a filter syntax error for "seen", "unseen", or "noerror" if not
+ not followed by a command (e.g. "seen endif").
+
+PH/16 Recognize SMTP codes at the start of "message" in ACLs and after :fail:
+ and :defer: in a redirect router. Add forbid_smtp_code to suppress the
+ latter.
+
+PH/17 Added extra conditions to the default value of delay_warning_condition
+ so that it is now:
+
+ ${if or { \
+ { !eq{$h_list-id:$h_list-post:$h_list-subscribe:}{} } \
+ { match{$h_precedence:}{(?i)bulk|list|junk} } \
+ { match{$h_auto-submitted:}{(?i)auto-generated|auto-replied} } \
+ }{no}{yes}}
+
+ The Auto-Submitted: and various List- headers are standardised, whereas I
+ don't think Precedence: ever was.
+
+PH/18 Refactored debugging code in route_finduser() to show more information,
+ in particular, the error code if getpwnam() issues one.
+
+PH/19 Added PQsetClientEncoding(conn, "SQL_ASCII") to the pgsql code module.
+ This is apparently needed in addition to the PH/07 change above to avoid
+ any possible encoding problems.
+
+PH/20 Perl can change the locale. Exim was resetting it after a ${perl call,
+ but not after initializing Perl.
+
+PH/21 Added a call to PQsetNoticeProcessor() to catch pgsql "notices" and
+ output them only if debugging. By default they are written stderr,
+ apparently, which is not desirable.
+
+PH/22 Added Alain Williams' LDAP patch to support setting REFERRALS=off on
+ queries.
+
+JJ/01 exipick: added --reverse (and -R synonym), --random, --size, --sort and
+ --not options
+
+JJ/02 exipick: rewrote --help documentation to hopefully make more clear.
+
+PH/23 Made -oMaa and -oMt work with -bh and -bs to pretend the connection is
+ authenticated or an ident call has been made. Suppress the default
+ values for $authenticated_id and $authenticated_sender (but permit -oMai
+ and -oMas) when testing with -bh.
+
+PH/24 Re-jigged the order of the tests in the default configuration so that the
+ tests for valid domains and recipients precede the DNS black list and CSA
+ tests, on the grounds that those ones are more expensive.
+
+PH/25 Exim was not testing for a space following SMTP commands such as EHLO
+ that require one. Thus, EHLORHUBARB was interpreted as a valid command.
+ This bug exists in every version of Exim that I still have, right back to
+ 0.12.
+
+PH/26 (n)wildlsearch lookups are documented as being done case-insensitively.
+ However, an attempt to turn on case-sensitivity in a regex key by
+ including (?-i) didn't work because the subject string was already
+ lowercased, and the effects were non-intuitive. It turns out that a
+ one-line patch can be used to allow (?-i) to work as expected.
+