-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.101 2005/03/29 10:56:48 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.158 2005/06/16 15:48:58 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
+Exim version 4.52
+-----------------
+
+TF/01 Added support for Client SMTP Authorization. See NewStuff for details.
+
+PH/01 When a transport filter timed out in a pipe delivery, and the pipe
+ command itself ended in error, the underlying message about the transport
+ filter timeout was being overwritten with the pipe command error. Now the
+ underlying error message should be appended to the second error message.
+
+TK/01 Fix poll() being unavailable on Mac OSX 10.2.
+
+PH/02 Reduce the amount of output that "make" produces by default. Full output
+ can still be requested.
+
+PH/03 The warning log line about a condition test deferring for a "warn" verb
+ was being output only once per connection, rather than after each
+ occurrence (because it was using the same function as for successful
+ "warn" verbs). This seems wrong, so I have changed it.
+
+TF/02 Two buglets in acl.c which caused Exim to read a few bytes of memory that
+ it should not have, which might have caused a crash in the right
+ circumstances, but probably never did.
+
+PH/04 Installed a modified version of Tony Finch's patch to make submission
+ mode fix the return path as well as the Sender: header line, and to
+ add a /name= option so that you can make the user's friendly name appear
+ in the header line.
+
+TF/03 Added the control = fakedefer ACL modifier.
+
+TF/04 Added the ratelimit ACL condition. See NewStuff for details. Thanks to
+ Mark Lowes for thorough testing.
+
+TK/02 Rewrote SPF support to work with libspf2 versions >1.2.0.
+
+TK/03 Merged latest SRS patch from Miles Wilton.
+
+PH/05 There's a shambles in IRIX6 - it defines EX_OK in unistd.h which conflicts
+ with the definition in sysexits.h (which is #included earlier).
+ Fortunately, Exim does not actually use EX_OK. The code used to try to
+ preserve the sysexits.h value, by assumimg that macro definitions were
+ scanned for macro replacements. I have been disabused of this notion,
+ so now the code just undefines EX_OK before #including unistd.h.
+
+PH/06 There is a timeout for writing blocks of data, set by, e.g. data_timeout
+ in the smtp transport. When a block could not be written in a single
+ write() function, the timeout was being re-applied to each part-write.
+ This seems wrong - if the receiver was accepting one byte at a time it
+ would take for ever. The timeout is now adjusted when this happens. It
+ doesn't have to be particularly precise.
+
+TK/04 Added simple SPF lookup method in EXPERIMENTAL_SPF. See NewStuff for
+ details. Thanks to Chris Webb <chris@arachsys.com> for the patch!
+
+PH/07 Added "fullpostmaster" verify option, which does a check to <postmaster>
+ without a domain if the check to <postmaster@domain> fails.
+
+SC/01 Eximstats: added -xls and the ability to specify output files
+ (patch written by Frank Heydlauf).
+
+SC/02 Eximstats: use FileHandles for outputing results.
+
+SC/03 Eximstats: allow any combination of xls, txt, and html output.
+
+SC/04 Eximstats: fixed display of large numbers with -nvr option
+
+SC/05 Eximstats: fixed merging of reports with empty tables.
+
+SC/06 Eximstats: added the -include_original_destination flag
+
+SC/07 Eximstats: removed tabs and trailing whitespace.
+
+TK/05 Malware: Improve on aveserver error handling. Patch from Alex Miller.
+
+TK/06 MBOX spool code: Add real "From " MBOX separator line
+ so the .eml file is really in mbox format (even though
+ most programs do not really care). Patch from Alex Miller.
+
+TK/07 MBOX spool code: Add X-Envelope-From: and X-Envelope-To: headers.
+ The latter is generated from $received_to and is only set if the
+ message has one envelope recipient. SA can use these headers,
+ obviously out-of-the-box. Patch from Alex Miller.
+
+PH/08 The ${def test on a variable was returning false if the variable's
+ value was "0", contrary to what the specification has always said!
+ The result should be true unless the variable is empty.
+
+PH/09 The syntax error of a character other than { following "${if
+ def:variable_name" (after optional whitespace) was not being diagnosed.
+ An expansion such as ${if def:sender_ident:{xxx}{yyy}} in which an
+ accidental colon was present, for example, could give incorrect results.
+
+PH/10 Tidied the code in a number of places where the st_size field of a stat()
+ result is used (not including appendfile, where other changes are about
+ to be made).
+
+PH/11 Upgraded appendfile so that quotas larger than 2G are now supported.
+ This involved changing a lot of size variables from int to off_t. It
+ should work with maildirs and everything.
+
+TK/08 Apply fix provided by Michael Haardt to prevent deadlock in case of
+ spamd dying while we are connected to it.
+
+TF/05 Fixed a ${extract error message typo reported by Jeremy Harris
+ <jgh@wizmail.org>
+
+PH/12 Applied Alex Kiernan's patch for the API change for the error callback
+ function for BDB 4.3.
+
+PH/13 Changed auto_thaw such that it does not apply to bounce messages.
+
+PH/14 Imported PCRE 6.0; this was more than just a trivial operation because
+ the sources for PCRE have been re-arranged and more files are now
+ involved.
+
+PH/15 The code I had for printing potentially long long variables in PH/11
+ above was not the best (it lost precision). The length of off_t variables
+ is now inspected at build time, and an appropriate printing format (%ld
+ or %lld) is chosen and #defined by OFF_T_FMT. We also define ASSUME_
+ LONG_LONG_SUPPORT if the length is greater than 4. This is needed for the
+ internal formatting function string_vformat().
+
+PH/16 Applied Matthew Newton's patch to exicyclog: "If log_file_path is set in
+ the configuration file to be ":syslog", then the script "guesses" where
+ the logs files are, rather than using the compiled in default. In our
+ case the guess is not the same as the compiled default, so the script
+ suddenly stopped working when I started to use syslog. The patch checks
+ to see if log_file_path is "". If so, it attempts to read it from exim
+ with no configuration file to get the compiled in version, before it
+ falls back to the previous guessing code."
+
+
Exim version 4.51
-----------------
"previously delivered" was not happening when checking to see if an
address could be batched with a previous (undelivered) one; under
certain circumstances this could lead to multiple deliveries to the same
- address. A one-line patch to add the appropriate test fixes the bug.
+ address.
PH/05 Renamed the macro SOCKLEN_T as EXIM_SOCKLEN_T because AIX uses SOCKLEN_T
in its include files, and this causes problems building Exim.
PH/10 Added a nasty fudge to try to recognize and flatten LDAP passwords in
an address' error message when a string expansion fails (syntax or
- whatever). Otherwise not only does the password appear in the log, it may
- also be put in a bounce message.
+ whatever). Otherwise the password may appear in the log. Following change
+ PH/42 below, there is no longer a chance of it appearing in a bounce
+ message.
PH/11 Installed exipick version 20050225.0 from John Jetmore.
where they are NOT allowed) were getting very unwieldy; rewrote them as a
negation of where the condition IS allowed.
+PH/16 Installed updated OS/os.c-cygwin from the Cygwin maintainer.
+
+PH/17 The API for radiusclient changed at release 0.4.0. Unfortunately, the
+ header file does not have a version number, so I've had to invent a new
+ value for RADIUS_LIB_TYPE, namely "RADIUSCLIENTNEW" to request the new
+ API. The code is untested by me (my Linux distribution still has 0.3.2 of
+ radiusclient), but it was contributed by a Radius user.
+
+PH/18 Installed Lars Mainka's patch for the support of CRL collections in
+ files or directories, for OpenSSL.
+
+PH/19 When an Exim process that is running as root has to create an Exim log
+ file, it does so in a subprocess that runs as exim:exim so as to get the
+ ownership right at creation (otherwise, other Exim processes might see
+ the file with the wrong ownership). There was no test for failure of this
+ fork() call, which would lead to the process getting stuck as it waited
+ for a non-existent subprocess. Forks do occasionally fail when resources
+ run out. I reviewed all the other calls to fork(); they all seem to check
+ for failure.
+
+PH/20 When checking for unexpected SMTP input at connect time (before writing
+ the banner), Exim was not dealing correctly with a non-positive return
+ from the read() function. If the client had disconnected by this time,
+ the result was a log entry for a synchronization error with an empty
+ string after "input=" when read() returned zero. If read() returned -1
+ (an event I could not check), uninitialized data bytes were printed.
+ There were reports of junk text (parts of files, etc) appearing after
+ "input=".
+
+PH/21 Added acl_not_smtp_mime to allow for MIME scanning for non-SMTP messages.
+
+PH/22 Added support for macro redefinition, and (re)definition in between
+ driver and ACL definitions.
+
+PH/23 The cyrus_sasl authenticator was expanding server_hostname, but then
+ forgetting to use the resulting value; it was using the unexpanded value.
+
+PH/24 The cyrus_sasl authenticator was advertising mechanisms for which it
+ hadn't been configured. The fix is from Juergen Kreileder, who
+ understands it better than I do:
+
+ "Here's what I see happening with three configured cyrus_sasl
+ authenticators configured (plain, login, cram-md5):
+
+ On startup auth_cyrus_sasl_init() gets called for each of these.
+ This means three calls to sasl_listmech() without a specified mech_list.
+ => SASL tests which mechs of all available mechs actually work
+ => three warnings about OTP not working
+ => the returned list contains: plain, login, cram-md5, digest-md5, ...
+
+ With the patch, sasl_listmech() also gets called three times. But now
+ SASL's mech_list option is set to the server_mech specified in the the
+ authenticator. Or in other words, the answer from sasl_listmech()
+ gets limited to just the mech you're testing for (which is different
+ for each call.)
+ => the return list contains just 'plain' or 'login', 'cram-md5' or
+ nothing depending on the value of ob->server_mech.
+
+ I've just tested the patch: Authentication still works fine,
+ unavailable mechs specified in the exim configuration are still
+ caught, and the auth.log warnings about OTP are gone."
+
+PH/25 When debugging is enabled, the contents of the command line are added
+ to the debugging output, even when log_selector=+arguments is not
+ specified.
+
+PH/26 Change scripts/os-type so that when "uname -s" returns just "GNU", the
+ answer is "GNU", and only if the return is "GNU/something" is the answer
+ "Linux".
+
+PH/27 $acl_verify_message is now set immediately after the failure of a
+ verification in an ACL, and so is available in subsequent modifiers. In
+ particular, the message can be preserved by coding like this:
+
+ warn !verify = sender
+ set acl_m0 = $acl_verify_message
+
+ Previously, $acl_verify_message was set only while expanding "message"
+ and "log_message" when a very denied access.
+
+PH/28 Modified OS/os.c-Linux with
+
+ -#ifndef OS_LOAD_AVERAGE
+ +#if !defined(OS_LOAD_AVERAGE) && defined(__linux__)
+
+ to make Exim compile on kfreebsd-gnu. (I'm totally confused about the
+ nomenclature these days.)
+
+PH/29 Installed patch from the Sieve maintainer that adds the options
+ sieve_useraddress and sieve_subaddress to the redirect router.
+
+PH/30 In these circumstances:
+ . Two addresses routed to the same list of hosts;
+ . First host does not offer TLS;
+ . First host accepts first address;
+ . First host gives temporary error to second address;
+ . Second host offers TLS and a TLS session is established;
+ . Second host accepts second address.
+ Exim incorrectly logged both deliveries with the TLS parameters (cipher
+ and peerdn, if requested) that were in fact used only for the second
+ address.
+
+PH/31 When doing a callout as part of verifying an address, Exim was not paying
+ attention to any local part prefix or suffix that was matched by the
+ router that accepted the address. It now behaves in the same way as it
+ does for delivery: the affixes are removed from the local part unless
+ rcpt_include_affixes is set on the transport.
+
+PH/32 Add the sender address, as F=<...>, to the log line when logging a
+ timeout during the DATA phase of an incoming message.
+
+PH/33 Sieve envelope tests were broken for match types other than :is. I have
+ applied a patch sanctioned by the Sieve maintainer.
+
+PH/34 Change 4.50/80 broke Exim in that it could no longer handle cases where
+ the uid or gid is negative. A case of a negative gid caused this to be
+ noticed. The fix allows for either to be negative.
+
+PH/35 ACL_WHERE_MIME is now declared unconditionally, to avoid too much code
+ clutter, but the tables that are indexed by ACL_WHERE_xxx values had been
+ overlooked.
+
+PH/36 The change PH/12 above was broken. Fixed it.
+
+PH/37 Exim used to check for duplicate addresses in the middle of routing, on
+ the grounds that routing the same address twice would always produce the
+ same answer. This might have been true once, but it is certainly no
+ longer true now. Routing a child address may depend on the previous
+ routing that produced that child. Some complicated redirection strategies
+ went wrong when messages had multiple recipients, and made Exim's
+ behaviour dependent on the order in which the addresses were given.
+
+ I have moved the duplicate checking until after the routing is complete.
+ Exim scans the addresses that are assigned to local and remote
+ transports, and removes any duplicates. This means that more work will be
+ done, as duplicates will always all be routed, but duplicates are
+ presumably rare, so I don't expect this is of any significance.
+
+ For deliveries to pipes, files, and autoreplies, the duplicate checking
+ still happens during the routing process, since they are not going to be
+ routed further.
+
+PH/38 Installed a patch from Ian Freislich, with the agreement of Tom Kistner.
+ It corrects a timeout issue with spamd. This is Ian's comment: "The
+ background is that sometimes spamd either never reads data from a
+ connection it has accepted, or it never writes response data. The exiscan
+ spam.[ch] uses a 3600 second timeout on spamd socket reads, further, it
+ blindly assumes that writes won't block so it may never time out."
+
+PH/39 Allow G after quota size as well as K and M.
+
+PH/40 The value set for $authenticated_id in an authenticator may not contain
+ binary zeroes or newlines because the value is written to log lines and
+ to spool files. There was no check on this. Now the value is run through
+ the string_printing() function so that such characters are converted to
+ printable escape sequences.
+
+PH/41 $message_linecount is a new variable that contains the total number of
+ lines in the message. Compare $body_linecount, which is the count for the
+ body only.
+
+PH/42 Exim no longer gives details of delivery errors for specific addresses in
+ bounce and delay warning messages, except in certain special cases, which
+ are as follows:
+
+ (a) An SMTP error message from a remote host;
+ (b) A message specified in a :fail: redirection;
+ (c) A message specified in a "fail" command in a system filter;
+ (d) A message specified in a FAIL return from the queryprogram router;
+ (e) A message specified by the cannot_route_message router option.
+
+ In these cases only, Exim does include the error details in bounce and
+ warning messages. There are also a few cases where bland messages such
+ as "unrouteable address" or "local delivery error" are given.
+
+PH/43 $value is now also set for the "else" part of a ${run expansion.
+
+PH/44 Applied patch from the Sieve maintainer: "The vacation draft is still
+ being worked on, but at least Exim now implements the latest version to
+ play with."
+
+PH/45 In a pipe transport, although a timeout while waiting for the pipe
+ process to complete was treated as a delivery failure, a timeout while
+ writing the message to the pipe was logged, but erroneously treated as a
+ successful delivery. Such timeouts include transport filter timeouts. For
+ consistency with the overall process timeout, these timeouts are now
+ treated as errors, giving rise to delivery failures by default. However,
+ there is now a new Boolean option for the pipe transport called
+ timeout_defer, which, if set TRUE, converts the failures into defers for
+ both kinds of timeout. A transport filter timeout is now identified in
+ the log output.
+
+PH/46 The "scripts/Configure-config.h" script calls "make" at one point. On
+ systems where "make" and "gmake" are different, calling "gmake" at top
+ level broke things. I've arranged for the value of $(MAKE) to be passed
+ from the Makefile to this script so that it can call the same version of
+ "make".
+
A note about Exim versions 4.44 and 4.50
----------------------------------------