This file contains descriptions of new features that have been added to Exim.
Before a formal release, there may be quite a lot of detail so that people can
-test from the snapshots or the CVS before the documentation is updated. Once
+test from the snapshots or the Git before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.90
+------------
+
+ 1. PKG_CONFIG_PATH can now be set in Local/Makefile;
+ wildcards will be expanded, values are collapsed.
+
+ 2. The ${readsocket } expansion now takes an option to not shutdown the
+ connection after sending the query string. The default remains to do so.
+
+ 3. An smtp transport option "hosts_noproxy_tls" to control whether multiple
+ deliveries on a single TCP connection can maintain a TLS connection
+ open. By default disabled for all hosts, doing so saves the cost of
+ making new TLS sessions, at the cost of having to proxy the data via
+ another process. Logging is also affected.
+
+ 4. A malware connection type for the FPSCAND protocol.
+
+ 5. An option for recipient verify callouts to hold the connection open for
+ further recipients and for delivery.
+
+ 6. The reproducible build $SOURCE_DATE_EPOCH environment variable is now
+ supported.
+
+ 7. Optionally, an alternate format for spool data-files which matches the
+ wire format - meaning more efficient reception and transmission (at the
+ cost of difficulty with standard Unix tools). Only used for messages
+ received using the ESMTP CHUNKING option, and when a new main-section
+ option "spool_wireformat" (false by default) is set.
+
+ 8. New main configuration option "commandline_checks_require_admin" to
+ restrict who can use various introspection options.
+
+ 9. New option modifier "no_check" for quota and quota_filecount
+ appendfile transport.
+
+10. Variable $smtp_command_history returning a comma-sep list of recent
+ SMTP commands.
+
+11. Millisecond timetamps in logs, on log_selector "millisec". Also affects
+ log elements QT, DT and D, and timstamps in debug output.
+
+12. TCP Fast Open logging. As a server, logs when the SMTP banner was sent
+ while still in SYN_RECV state; as a client logs when the connection
+ is opened with a TFO cookie. Support varies between platforms
+ (Linux does both. FreeBSD server only, others unknown).
+
+13. DKIM support for multiple signing, by domain and/or key-selector.
+ DKIM support for multiple hashes.
+
+
+Version 4.89
+------------
+
+ 1. Allow relative config file names for ".include"
+
+ 2. A main-section config option "debug_store" to control the checks on
+ variable locations during store-reset. Normally false but can be enabled
+ when a memory corrution issue is suspected on a production system.
+
+
Version 4.88
------------
N can be 224, 256 (default), 384, 512.
With GnuTLS 3.5.0 or later, only.
- 5. Facility for named queues: A commandline argument can specify
+ 5. Facility for named queues: A command-line argument can specify
the queue name for a queue operation, and an ACL modifier can set
the queue to be used for a message. A $queue_name variable gives
visibility.
9. Expansion operator escape8bit, like escape but not touching newline etc..
10. Feature macros, generated from compile options. All start with "_HAVE_"
- and go on with some roughly recognisable name. Use the "-bP macros"
- command-line option to see what is present.
+ and go on with some roughly recognisable name. Driver macros, for
+ router, transport and authentication drivers; names starting with "_DRIVER_".
+ Option macros, for each configuration-file option; all start with "_OPT_".
+ Use the "-bP macros" command-line option to see what is present.
11. Integer values for options can take a "G" multiplier.
returns from the target back to the initiator, rather than spooling the
message.
+13. New built-in constants available for tls_dhparam and default changed.
+
+14. If built with EXPERIMENTAL_QUEUEFILE, a queuefile transport, for writing
+ out copies of the message spool files for use by 3rd-party scanners.
+
+15. A new option on the smtp transport, hosts_try_fastopen. If the system
+ supports it (on Linux it must be enabled in the kernel by the sysadmin)
+ try to use RFC 7413 "TCP Fast Open". No data is sent on the SYN segment
+ but it permits a peer that also supports the facility to send its SMTP
+ banner immediately after the SYN,ACK segment rather then waiting for
+ another ACK - so saving up to one roundtrip time. Because it requires
+ previous communication with the peer (we save a cookie from it) this
+ will only become active on frequently-contacted destinations.
+
+16. A new syslog_pid option to suppress PID duplication in syslog lines.
+
Version 4.87
------------
synonym of the latter). Add support in base64 for certificates.
8. New main configuration option "bounce_return_linesize_limit" to
- avoid oversize bodies in bounces. The dafault value matches RFC
+ avoid oversize bodies in bounces. The default value matches RFC
limits.
9. New $initial_cwd expansion variable.
5. Assorted options on malware= and spam= scanners.
- 6. A commandline option to write a comment into the logfile.
+ 6. A command-line option to write a comment into the logfile.
7. If built with EXPERIMENTAL_SOCKS feature enabled, the smtp transport can
be configured to make connections via socks5 proxies.
------------
1. If built with EXPERIMENTAL_DANE feature enabled, Exim will follow the
- DANE smtp draft to assess a secure chain of trust of the certificate
+ DANE SMTP draft to assess a secure chain of trust of the certificate
used to establish the TLS connection based on a TLSA record in the
domain of the sender.
12. OCSP stapling is now supported by default.
13. If built with the EXPERIMENTAL_DSN feature enabled, Exim will output
- Delivery Status Notification messages in MIME format, and negociate
+ Delivery Status Notification messages in MIME format, and negotiate
DSN features per RFC 3461.
ignored.
7. New cutthrough routing feature. Requested by a "control = cutthrough_delivery"
- ACL modifier; works for single-recipient mails which are recieved on and
+ ACL modifier; works for single-recipient mails which are received on and
deliverable via SMTP. Using the connection made for a recipient verify,
if requested before the verify, or a new one made for the purpose while
the inbound connection is still active. The bulk of the mail item is copied
direct from the inbound socket to the outbound (as well as the spool file).
When the source notifies the end of data, the data acceptance by the destination
- is negociated before the acceptance is sent to the source. If the destination
+ is negotiated before the acceptance is sent to the source. If the destination
does not accept the mail item, for example due to content-scanning, the item
is not accepted from the source and therefore there is no need to generate
a bounce mail. This is of benefit when providing a secondary-MX service.
The downside is that delays are under the control of the ultimate destination
system not your own.
- The Recieved-by: header on items delivered by cutthrough is generated
+ The Received-by: header on items delivered by cutthrough is generated
early in reception rather than at the end; this will affect any timestamp
included. The log line showing delivery is recorded before that showing
reception; it uses a new ">>" tag instead of "=>".
16. New authenticated_sender logging option, adding to log field "A".
17. New expansion variables $router_name and $transport_name. Useful
- particularly for debug_print as -bt commandline option does not
+ particularly for debug_print as -bt command-line option does not
require privilege whereas -d does.
18. If built with EXPERIMENTAL_PRDR, per-recipient data responses per a
It adds new expansion variables $dmarc_ar_header, $dmarc_status,
$dmarc_status_text, and $dmarc_used_domain. It adds a new acl modifier
dmarc_status. It adds new control flags dmarc_disable_verify and
- dmarc_enable_forensic.
+ dmarc_enable_forensic. The default for the dmarc_tld_file option is
+ "/etc/exim/opendmarc.tlds" and can be changed via EDITME.
22. Add expansion variable $authenticated_fail_id, which is the username
provided to the authentication method which failed. It is available
for use in subsequent ACL processing (typically quit or notquit ACLs).
-23. New ACL modifer "udpsend" can construct a UDP packet to send to a given
+23. New ACL modifier "udpsend" can construct a UDP packet to send to a given
UDP host and port.
24. New ${hexquote:..string..} expansion operator converts non-printable