X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/31beb7972466a33a88770eacbce13490f2ddadc2..190404d75c168ce1e6dbf6ee08bdbbf62b365e4b:/src/src/EDITME diff --git a/src/src/EDITME b/src/src/EDITME index 72e26ce0e..cbb080545 100644 --- a/src/src/EDITME +++ b/src/src/EDITME @@ -363,6 +363,12 @@ PCRE_CONFIG=yes # PCRE_LIBS=-lpcre +#------------------------------------------------------------------------------ +# Uncomment the following line to add DANE support +# Note: Enabling this unconditionally overrides DISABLE_DNSSEC +# For DANE under GnuTLS we need an additional library. See TLS_LIBS below. +# SUPPORT_DANE=yes + #------------------------------------------------------------------------------ # Additional libraries and include directories may be required for some # lookup styles (e.g. LDAP, MYSQL or PGSQL). LOOKUP_LIBS is included only on @@ -398,15 +404,24 @@ EXIM_MONITOR=eximon.bin # WITH_CONTENT_SCAN=yes -#------------------------------------------------------------------------------ -# If you're using ClamAV and are backporting fixes to an old version, instead -# of staying current (which is the more usual approach) then you may need to -# use an older API which uses a STREAM command, now deprecated, instead of -# zINSTREAM. If you need to set this, please let the Exim developers know, as -# if nobody reports a need for it, we'll remove this option and clean up the -# code. zINSTREAM was introduced with ClamAV 0.95. -# -# WITH_OLD_CLAMAV_STREAM=yes +# If you have content scanning you may wish to only include some of the scanner +# interfaces. Uncomment any of these lines to remove that code. + +# DISABLE_MAL_FFROTD=yes +# DISABLE_MAL_FFROT6D=yes +# DISABLE_MAL_DRWEB=yes +# DISABLE_MAL_FSECURE=yes +# DISABLE_MAL_SOPHIE=yes +# DISABLE_MAL_CLAM=yes +# DISABLE_MAL_AVAST=yes +# DISABLE_MAL_SOCK=yes +# DISABLE_MAL_CMDLINE=yes + +# These scanners are claimed to be no longer existent. + +DISABLE_MAL_AVE=yes +DISABLE_MAL_KAV=yes +DISABLE_MAL_MKS=yes #------------------------------------------------------------------------------ @@ -434,7 +449,7 @@ EXIM_MONITOR=eximon.bin # By default, Exim has support for checking the AD bit in a DNS response, to # determine if DNSSEC validation was successful. If your system libraries # do not support that bit, then set DISABLE_DNSSEC to "yes" -# Note: Enabling EXPERIMENTAL_DANE unconditionally overrides this setting. +# Note: Enabling SUPPORT_DANE unconditionally overrides this setting. # DISABLE_DNSSEC=yes @@ -454,14 +469,6 @@ EXIM_MONITOR=eximon.bin # EXPERIMENTAL_DCC=yes -# Uncomment the following lines to add SPF support. You need to have libspf2 -# installed on your system (www.libspf2.org). Depending on where it is installed -# you may have to edit the CFLAGS and LDFLAGS lines. - -# EXPERIMENTAL_SPF=yes -# CFLAGS += -I/usr/local/include -# LDFLAGS += -lspf2 - # Uncomment the following lines to add SRS (Sender rewriting scheme) support. # You need to have libsrs_alt installed on your system (srs.mirtol.com). # Depending on where it is installed you may have to edit the CFLAGS and @@ -472,12 +479,16 @@ EXIM_MONITOR=eximon.bin # LDFLAGS += -lsrs_alt # Uncomment the following line to add DMARC checking capability, implemented -# using libopendmarc libraries. You must have SPF support enabled also. +# using libopendmarc libraries. You must have SPF and DKIM support enabled also. # EXPERIMENTAL_DMARC=yes # DMARC_TLD_FILE= /etc/exim/opendmarc.tlds # CFLAGS += -I/usr/local/include # LDFLAGS += -lopendmarc +# Uncomment the following line to add ARC (Authenticated Received Chain) +# support. You must have SPF and DKIM support enabled also. +# EXPERIMENTAL_ARC=yes + # Uncomment the following lines to add Brightmail AntiSpam support. You need # to have the Brightmail client SDK installed. Please check the experimental # documentation for implementation details. You need to edit the CFLAGS and @@ -487,11 +498,6 @@ EXIM_MONITOR=eximon.bin # CFLAGS += -I/opt/brightmail/bsdk-6.0/include # LDFLAGS += -lxml2_single -lbmiclient_single -L/opt/brightmail/bsdk-6.0/lib -# Uncomment the following line to add DANE support -# Note: Enabling this unconditionally overrides DISABLE_DNSSEC -# Note: DANE is only supported when using OpenSSL -# EXPERIMENTAL_DANE=yes - # Uncomment the following to include extra information in fail DSN message (bounces) # EXPERIMENTAL_DSN_INFO=yes @@ -505,6 +511,11 @@ EXIM_MONITOR=eximon.bin # Uncomment the following line to add queuefile transport support # EXPERIMENTAL_QUEUEFILE=yes +# Uncomment the following to add REQUIRETLS support. +# You must also have SUPPORT_TLS enabled. +# Ref: https://datatracker.ietf.org/doc/draft-fenton-smtp-require-tls +# EXPERIMENTAL_REQUIRETLS=yes + ############################################################################### # THESE ARE THINGS YOU MIGHT WANT TO SPECIFY # ############################################################################### @@ -797,6 +808,9 @@ HEADERS_CHARSET="ISO-8859-1" # or # TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt +# For DANE under GnuTLS we need an additional library. +# TLS_LIBS += -lgnutls-dane + # TLS_LIBS is included only on the command for linking Exim itself, not on any # auxiliary programs. If the include files are not in a standard place, you can # set TLS_INCLUDE to specify where they are, for example: @@ -966,6 +980,16 @@ ZCAT_COMMAND=/usr/bin/zcat # LDFLAGS += -lidn -lidn2 +#------------------------------------------------------------------------------ +# Uncomment the following lines to add SPF support. You need to have libspf2 +# installed on your system (www.libspf2.org). Depending on where it is installed +# you may have to edit the CFLAGS and LDFLAGS lines. + +# SUPPORT_SPF=yes +# CFLAGS += -I/usr/local/include +# LDFLAGS += -lspf2 + + #------------------------------------------------------------------------------ # Support for authentication via Radius is also available. The Exim support, # which is intended for use in conjunction with the SMTP AUTH facilities,