-PH/01 The format in which GnuTLS parameters are written to the gnutls-param
- file in the spool directory has been changed. This change has been made
- to alleviate problems that some people had with the generation of the
- parameters by Exim when /dev/random was exhausted. In this situation,
- Exim would hang until /dev/random acquired some more entropy.
-
- The new code exports and imports the DH and RSA parameters in PEM
- format. This means that the parameters can be generated externally using
- the certtool command that is part of GnuTLS.
-
- To replace the parameters with new ones, instead of deleting the file
- and letting Exim re-create it, you can generate new parameters using
- certtool and, when this has been done, replace Exim's cache file by
- renaming. The relevant commands are something like this:
-
- # rm -f new.params
- # touch new.params
- # chown exim:exim new.params
- # chmod 0400 new.params
- # certtool --generate-privkey --bits 512 >new.params
- # echo "" >>new.params
- # certtool --generate-dh-params --bits 1024 >> new.params
- # mv new.params params
-
- If Exim never has to generate the parameters itself, the possibility of
- stalling is removed.
+1. There is a new Boolean option called filter_prepend_home for the redirect
+ router. It defaults true, for backward compatibility. If a "save" command in
+ an Exim filter has a relative path for its argument, and $home is defined,
+ it is automatically prepended to the relative path. This action can now be
+ prevented by setting filter_prepend_home false.
+
+2. There is a new acl, set by acl_not_smtp_start, which is run right at the
+ start of receiving a non-SMTP message, before any of the message has been
+ read. (This is the analogue of the acl_smtp_predata ACL for SMTP input.) The
+ result of this ACL is ignored; it cannot be used to reject a message. If
+ you really need to, you could set a value in an ACL variable here and reject
+ based on that in the acl_not_smtp ACL. However, this ACL can be used to set
+ controls, and in particular, it can be used to set control=suppress_local_
+ fixups, which cannot be used in the acl_not_smtp ACL because by the time
+ that ACL is run, it is too late. When the acl_not_smtp_start ACL is run, the
+ sender and recipients are known, so the "senders" and "sender_domains"
+ conditions and $sender_address and $recipients variables can be used.
+ Variables such as $authenticated_ sender are also available. It is possible
+ to specify added header lines in this ACL.
+
+
+Version 4.62
+------------