Cutthrough: fix race resulting in duplicate-delivery. Bug 2273

[exim.git] / doc / doc-docbook / spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index a35a8bf267e04e6f4da70986ba3a7a816d64b657..94b97fab0f1fe99041f537e9cfdc56cbfa6f22ef 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -30790,7 +30790,7 @@ restrictions, to get the TXT record. As a byproduct of this, there is also
 a check that the IP being tested is indeed on the first list. The first
 domain is the one that is put in &$dnslist_domain$&. For example:
 .code
 a check that the IP being tested is indeed on the first list. The first
 domain is the one that is put in &$dnslist_domain$&. For example:
 .code

-reject message  = \
+deny message  = \

          rejected because $sender_host_address is blacklisted \
          at $dnslist_domain\n$dnslist_text
        dnslists = \
          rejected because $sender_host_address is blacklisted \
          at $dnslist_domain\n$dnslist_text
        dnslists = \


@@ -30808,7 +30808,7 @@ If you are interested in more than one merged list, the same list must be
 given several times, but because the results of the DNS lookups are cached,
 the DNS calls themselves are not repeated. For example:
 .code
 given several times, but because the results of the DNS lookups are cached,
 the DNS calls themselves are not repeated. For example:
 .code

-reject dnslists = \
+deny dnslists = \

          http.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.2 : \
          socks.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.3 : \
          misc.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.4 : \
          http.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.2 : \
          socks.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.3 : \
          misc.dnsbl.sorbs.net,dnsbl.sorbs.net=127.0.0.4 : \


@@ -39071,7 +39071,7 @@ certtool --load_privkey=dkim_ed25519.private --pubkey_info --outder | tail -c +1
 Note that the format
 of Ed25519 keys in DNS has not yet been decided; this release supports
 both of the leading candidates at this time, a future release will
 Note that the format
 of Ed25519 keys in DNS has not yet been decided; this release supports
 both of the leading candidates at this time, a future release will

-probably drop support for whichever proposal loses
+probably drop support for whichever proposal loses.

 .wen
 
 .option dkim_hash smtp string&!! sha256
 .wen
 
 .option dkim_hash smtp string&!! sha256


@@ -39221,13 +39221,13 @@ This variable can be overwritten using an ACL 'set' modifier.
 This might, for instance, be done to enforce a policy restriction on
 hash-method or key-size:
 .code
 This might, for instance, be done to enforce a policy restriction on
 hash-method or key-size:
 .code

-  warn condition =     ${if eq {$dkim_verify_status}{pass}}
-       condition =     ${if eq {$len_3:$dkim_algo}{rsa}}
-       condition =     ${if or {eq {$dkim_algo}{rsa-sha1}} \
-                               {< {$dkim_key_length}{1024}} }
-       logwrite =      NOTE: forcing dkim verify fail (was pass)
-       set dkim_verify_status = fail
-       set dkim_verify_reason = hash too weak or key too short
+  warn condition       = ${if eq {$dkim_verify_status}{pass}}
+       condition       = ${if eq {${length_3:$dkim_algo}}{rsa}}
+       condition       = ${if or {{eq {$dkim_algo}{rsa-sha1}} \
+                                  {< {$dkim_key_length}{1024}}}}
+       logwrite        = NOTE: forcing DKIM verify fail (was pass)
+       set dkim_verify_status = fail
+       set dkim_verify_reason = hash too weak or key too short

 .endd
 
 After all the DKIM ACL runs have completed, the value becomes a
 .endd
 
 After all the DKIM ACL runs have completed, the value becomes a