-SRS (Sender Rewriting Scheme) Support (using libsrs_alt)
---------------------------------------------------------------
-See also the main docs, for an alternative native support implementation.
-
-Exim can be built with SRS support using Miles Wilton's
-libsrs_alt library. The current version of the supported
-library is 0.5, there are reports of 1.0 working.
-
-In order to use SRS, you must get a copy of libsrs_alt from
-
-https://opsec.eu/src/srs/
-
-(not the original source, which has disappeared.)
-
-Unpack the tarball, then refer to MTAs/README.EXIM
-to proceed. You need to set
-
-EXPERIMENTAL_SRS_ALT=yes
-
-in your Local/Makefile.
-
-The built-in support, included by SUPPORT_SRS,
-shuold *not* be enabled if you wish to use the libsrs_alt
-version.
-
-The following main-section options become available:
- srs_config string
- srs_hashlength int
- srs_hashmin int
- srs_maxage int
- srs_secrets string
- srs_usehash bool
- srs_usetimestamp bool
-
-The redirect router gains these options (all of type string, unset by default):
- srs
- srs_alias
- srs_condition
- srs_dbinsert
- srs_dbselect
-
-The following variables become available:
- $srs_db_address
- $srs_db_key
- $srs_orig_recipient
- $srs_orig_sender
- $srs_recipient
- $srs_status
-
-The predefined feature-macro _HAVE_SRS will be present.
-Additional delivery log line elements, tagged with "SRS=" will show the srs sender.
-For configuration information see https://github.com/Exim/exim/wiki/SRS .
-
-
-
-
DCC Support
--------------------------------------------------------------
Distributed Checksum Clearinghouse; http://www.rhyolite.com/dcc/
You must also have DKIM present (not disabled), and you very likely
want to have SPF enabled.
+It is possible to build as a dynamic-load module: set also SUPPORT_ARC=2.
+
Verification
--
add_header = :at_start:${authresults {<admd-identifier>}}
Note that it would be wise to strip incoming messages of A-R headers
- that claim to be from our own <admd-identifier>.
+ that claim to be from our own <admd-identifier>. Eg:
+
+ remove_header = \N^(?i)Authentication-Results\s*::\s*example.org;\N
There are four new variables:
Logging protocol unusual states
---------------------------------------------------------------
An extra log_selector, "protocol_detail" has been added in the default build.
-The name may change in future, hence the Experimenal status.
+The name may change in future, hence the Experimental status.
Currrently the only effect is to enable logging, under TLS,
of a TCP RST received directly after a QUIT (in server mode).
the TCP connection. Previously this resulted is an error from SSL_write
being logged.
+
+
+XCLIENT proxy support
+---------------------------------------------------------------
+Per https://www.postfix.org/XCLIENT_README.html
+
+XCLIENT is an ESMTP extension supporting an inbound proxy.
+The only client immplementation known is in Nginx
+(https://nginx.org/en/docs/mail/ngx_mail_proxy_module.html)
+
+If compiled with EXPERIMENTAL_XCLIENT=yes :-
+
+As a server, Exim will advertise XCLIENT support (conditional on a new option
+"hosts_xclient") and service XCLIENT commands with parameters
+ ADDR
+ NAME
+ PORT
+ LOGIN
+ DESTADDR
+ DESTPORT
+A fresh HELO/EHLO is required after a succesful XCLIENT, and the usual
+values are derived from that (making the HELO and PROTO paramemters redundant).
+
+An XCLIENT command must give both ADDR and PORT parameters if no previous
+XCLIENT has succeeded in the SMTP session.
+
+After a success:
+ $proxy_session variable becomes "yes"
+ $proxy_local_address, $proxy_local_port have the proxy "inside" values
+ $proxy_external_address, $proxy_external_port have the proxy "outside" values
+ $sender_host_address, $sender_host_port have the remot client values
+
+
+
+
--------------------------------------------------------------
End of file
--------------------------------------------------------------