X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/a923e0c2c33738db08ce0af58c13130d0719d09e..ce41ebd827abe9be836bb7f39ebe945867628c34:/doc/doc-docbook/spec.xfpt diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 98ca33d23..9f10d1730 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -25515,6 +25515,38 @@ helo_data = ${lookup dnsdb{ptr=$sending_ip_address} \ The use of &%helo_data%& applies both to sending messages and when doing callouts. +.new +.option host_name_extract smtp "string list&!!" "see below" +.cindex "load balancer" "hosts behind" +.cindex TLS resumption +Some mail-accepting sites +(notably Microsoft) +operate many servers behind a network load-balancer. When this is done, +with separated TLS session caches, TLS session resuption becomes problematic. +It will only succeed when the same server happens to be selected by the +load-balancer, matching the session stored in the client's cache. + +Exim can pull out a server name, if there is one, from the response to the +client's SMTP EHLO command. +The default value of this option: +.code + ${if and { {match {$host} {.outlook.com\$}} \ + {match {$item} {\N^250-([\w.]+)\s\N}} \ + } {$1}} +.endd +suffices for one known case. +During the expansion of this option the &$item$& variable will have the +server's EHLO response. +The result of the option expansion is included in the key used to store and +retrieve the TLS session, for session resumption. + +Operators of high-load sites may wish to evaluate their logs for indications +of other destination sites operating load-balancers, and develop a suitable +expression for this option. +The smtp:ehlo event and the &$tls_out_resumption$& variable +will be useful for such work. +.wen + .option hosts smtp "string list&!!" unset Hosts are associated with an address by a router such as &(dnslookup)&, which finds the hosts by looking up the address domain in the DNS, or by @@ -39924,8 +39956,9 @@ The entire contents of a database are written to the standard output by the &'exim_dumpdb'& program, .new taking as arguments the spool and database names. -An option &'-z'& may be given to regest times in UTC; +An option &'-z'& may be given to request times in UTC; otherwise times are in the local timezone. +An option &'-k'& may be given to dump only the record keys. .wen For example, to dump the retry database: .code