git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
missing type on Solaris dummy
[exim.git]
/
doc
/
doc-docbook
/
spec.xfpt
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index 118b7b5669d0d204e4647e713bb547e2cc2abfe9..bb19e391552490de7e2217a12aa1a8bac782c77f 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-9377,7
+9377,7
@@
If the ACL returns defer the result is a forced-fail. Otherwise the expansion f
.cindex headers "authentication-results:"
.cindex authentication "expansion item"
This item returns a string suitable for insertion as an
.cindex headers "authentication-results:"
.cindex authentication "expansion item"
This item returns a string suitable for insertion as an
-&'Authentication-Results
"
'&
+&'Authentication-Results
:
'&
header line.
The given <&'authserv-id'&> is included in the result; typically this
will be a domain name identifying the system performing the authentications.
header line.
The given <&'authserv-id'&> is included in the result; typically this
will be a domain name identifying the system performing the authentications.
@@
-17736,7
+17736,14
@@
larger prime than requested.
The value of this option is expanded and indicates the source of DH parameters
to be used by Exim.
The value of this option is expanded and indicates the source of DH parameters
to be used by Exim.
-&*Note: The Exim Maintainers strongly recommend using a filename with site-generated
+.new
+This option is ignored for GnuTLS version 3.6.0 and later.
+The library manages parameter negotiation internally.
+.wen
+
+&*Note: The Exim Maintainers strongly recommend,
+for other TLS library versions,
+using a filename with site-generated
local DH parameters*&, which has been supported across all versions of Exim. The
other specific constants available are a fallback so that even when
"unconfigured", Exim can offer Perfect Forward Secrecy in older ciphersuites in TLS.
local DH parameters*&, which has been supported across all versions of Exim. The
other specific constants available are a fallback so that even when
"unconfigured", Exim can offer Perfect Forward Secrecy in older ciphersuites in TLS.
@@
-17832,7
+17839,10
@@
Certificate Authority.
Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
-For GnuTLS 3.5.6 or later the expanded value of this option can be a list
+.new
+For OpenSSL 1.1.0 or later, and
+.wen
+for GnuTLS 3.5.6 or later the expanded value of this option can be a list
of files, to match a list given for the &%tls_certificate%& option.
The ordering of the two lists must match.
of files, to match a list given for the &%tls_certificate%& option.
The ordering of the two lists must match.
@@
-40504,10
+40514,11
@@
defines the location of a text file of valid
top level domains the opendmarc library uses
during domain parsing. Maintained by Mozilla,
the most current version can be downloaded
top level domains the opendmarc library uses
during domain parsing. Maintained by Mozilla,
the most current version can be downloaded
-from a link at &url(http://publicsuffix.org/list/).
+from a link at &url(https://publicsuffix.org/list/, currently pointing
+at https://publicsuffix.org/list/public_suffix_list.dat)
See also util/renew-opendmarc-tlds.sh script.
See also util/renew-opendmarc-tlds.sh script.
-The default for the option is
currently
-/etc/exim/opendmarc.tlds
+The default for the option is
/etc/exim/opendmarc.tlds.
+
The &%dmarc_history_file%& option, if set
.oindex &%dmarc_history_file%&
The &%dmarc_history_file%& option, if set
.oindex &%dmarc_history_file%&
@@
-41028,7
+41039,9
@@
Events have names which correspond to the point in process at which they fire.
The name is placed in the variable &$event_name$& and the event action
expansion must check this, as it will be called for every possible event type.
The name is placed in the variable &$event_name$& and the event action
expansion must check this, as it will be called for every possible event type.
+.new
The current list of events is:
The current list of events is:
+.wen
.display
&`dane:fail after transport `& per connection
&`msg:complete after main `& per message
.display
&`dane:fail after transport `& per connection
&`msg:complete after main `& per message
@@
-41042,6
+41055,7
@@
The current list of events is:
&`tcp:close after transport `& per connection
&`tls:cert before both `& per certificate in verification chain
&`smtp:connect after transport `& per connection
&`tcp:close after transport `& per connection
&`tls:cert before both `& per certificate in verification chain
&`smtp:connect after transport `& per connection
+&`smtp:ehlo after transport `& per connection
.endd
New event types may be added in future.
.endd
New event types may be added in future.
@@
-41068,6
+41082,7
@@
with the event type:
&`msg:host:defer `& error string
&`tls:cert `& verification chain depth
&`smtp:connect `& smtp banner
&`msg:host:defer `& error string
&`tls:cert `& verification chain depth
&`smtp:connect `& smtp banner
+&`smtp:ehlo `& smtp ehlo response
.endd
The :defer events populate one extra variable: &$event_defer_errno$&.
.endd
The :defer events populate one extra variable: &$event_defer_errno$&.