X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/8ccd00b14ecc7c3c806882a54a9216f531571716..6e773413c0c0d4bb52b7a9af4c23ab83e26aa26b:/doc/doc-txt/NewStuff diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index ac06ebfc6..90aefc4fe 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,6 +6,116 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the CVS before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.88 +------------ + + 1. The new perl_taintmode option allows to run the embedded perl + interpreter in taint mode. + + 2. New log_selector: dnssec, adds a "DS" tag to acceptance and delivery lines. + + 3. Speculative debugging, via a "kill" option to the "control=debug" ACL + modifier. + + 4. New expansion item ${sha3:} / ${sha3_:}. + N can be 224, 256 (default), 384, 512. + With GnuTLS 3.5.0 or later, only. + + +Version 4.87 +------------ + + 1. The ACL conditions regex and mime_regex now capture substrings + into numeric variables $regex1 to 9, like the "match" expansion condition. + + 2. New $callout_address variable records the address used for a spam=, + malware= or verify= callout. + + 3. Transports now take a "max_parallel" option, to limit concurrency. + + 4. Expansion operators ${ipv6norm:} and ${ipv6denorm:}. + The latter expands to a 8-element colon-sep set of hex digits including + leading zeroes. A trailing ipv4-style dotted-decimal set is converted + to hex. Pure ipv4 addresses are converted to IPv4-mapped IPv6. + The former operator strips leading zeroes and collapses the longest + set of 0-groups to a double-colon. + + 5. New "-bP config" support, to dump the effective configuration. + + 6. New $dkim_key_length variable. + + 7. New base64d and base64 expansion items (the existing str2b64 being a + synonym of the latter). Add support in base64 for certificates. + + 8. New main configuration option "bounce_return_linesize_limit" to + avoid oversize bodies in bounces. The dafault value matches RFC + limits. + + 9. New $initial_cwd expansion variable. + + +Version 4.86 +------------ + + 1. Support for using the system standard CA bundle. + + 2. New expansion items $config_file, $config_dir, containing the file + and directory name of the main configuration file. Also $exim_version. + + 3. New "malware=" support for Avast. + + 4. New "spam=" variant option for Rspamd. + + 5. Assorted options on malware= and spam= scanners. + + 6. A commandline option to write a comment into the logfile. + + 7. If built with EXPERIMENTAL_SOCKS feature enabled, the smtp transport can + be configured to make connections via socks5 proxies. + + 8. If built with EXPERIMENTAL_INTERNATIONAL, support is included for + the transmission of UTF-8 envelope addresses. + + 9. If built with EXPERIMENTAL_INTERNATIONAL, an expansion item for a commonly + used encoding of Maildir folder names. + +10. A logging option for slow DNS lookups. + +11. New ${env {}} expansion. + +12. A non-SMTP authenticator using information from TLS client certificates. + +13. Main option "tls_eccurve" for selecting an Elliptic Curve for TLS. + Patch originally by Wolfgang Breyha. + +14. Main option "dns_trust_aa" for trusting your local nameserver at the + same level as DNSSEC. + + +Version 4.85 +------------ + + 1. If built with EXPERIMENTAL_DANE feature enabled, Exim will follow the + DANE smtp draft to assess a secure chain of trust of the certificate + used to establish the TLS connection based on a TLSA record in the + domain of the sender. + + 2. The EXPERIMENTAL_TPDA feature has been renamed to EXPERIMENTAL_EVENT + and several new events have been created. The reason is because it has + been expanded beyond just firing events during the transport phase. Any + existing TPDA transport options will have to be rewritten to use a new + $event_name expansion variable in a condition. Refer to the + experimental-spec.txt for details and examples. + + 3. The EXPERIMENTAL_CERTNAMES features is an enhancement to verify that + server certs used for TLS match the result of the MX lookup. It does + not use the same mechanism as DANE. + + +Version 4.84 +------------ + + Version 4.83 ------------ @@ -24,7 +134,7 @@ Version 4.83 4. New malware type "sock". Talks over a Unix or TCP socket, sending one command line and matching a regex against the return data for trigger - and a second regex to extract malware_name. The mail spoofile name can + and a second regex to extract malware_name. The mail spoolfile name can be included in the command line. 5. The smtp transport now supports options "tls_verify_hosts" and @@ -39,8 +149,7 @@ Version 4.83 7. New command-line option -C for exiqgrep to specify alternate exim.conf file when searching the queue. - 8. EXPERIMENTAL_OCSP now supports GnuTLS also, if you have version 3.1.3 - or later of that. + 8. OCSP now supports GnuTLS also, if you have version 3.1.3 or later of that. 9. Support for DNSSEC on outbound connections. @@ -51,6 +160,12 @@ Version 4.83 11. PRDR is now supported dy default. +12. OCSP stapling is now supported by default. + +13. If built with the EXPERIMENTAL_DSN feature enabled, Exim will output + Delivery Status Notification messages in MIME format, and negociate + DSN features per RFC 3461. + Version 4.82 ------------ @@ -170,7 +285,7 @@ Version 4.82 "aaaa" and "a" lookups is done and the full set of results returned. 14. New expansion variable $headers_added with content from ACL add_header - modifier (but not yet added to messsage). + modifier (but not yet added to message). 15. New 8bitmime status logging option for received messages. Log field "M8S".