X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/cd19f9a79c20f9c0c9d650a8aa21d9cc54a66620..a1caa6da6f72e8c5b8b24678e32c4953a26a2b48:/doc/doc-docbook/spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 316860aae..d71d3696f 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -2886,6 +2886,11 @@ available to admin users.
 
 The word &"set"& at the start of a line, followed by a single space,
 is recognised specially as defining a value for a variable.
+.new
+.cindex "tainted data" "expansion testing"
+If the sequence &",t"& is inserted before the space,
+the value is marked as tainted.
+.wen
 The syntax is otherwise the same as the ACL modifier &"set ="&.
 
 .cmdopt -bem <&'filename'&>
@@ -30765,6 +30770,10 @@ and the &%acl_smtp_mime%& ACLs.
 The &%acl_smtp_dkim%& ACL is available only when Exim is compiled with DKIM support
 enabled (which is the default).
 
+If, for a specific message, an ACL control
+&*dkim_disable_verify*&
+has been set, this &%acl_smtp_dkim%& ACL is not called.
+
 The ACL test specified by &%acl_smtp_dkim%& happens after a message has been
 received, and is executed for each DKIM signature found in a message.  If not
 otherwise specified, the default action is to accept.
@@ -41596,8 +41605,11 @@ Exim's DKIM implementation allows for
 .olist
 Signing outgoing messages: This function is implemented in the SMTP transport.
 It can co-exist with all other Exim features
-(including transport filters)
-except cutthrough delivery.
+(including transport filters) except cutthrough delivery.
+.new
+However, signing options may not depend on headers modified by
+routers, the transport or a transport filter.
+.wen
 .next
 Verifying signatures in incoming messages: This is implemented by an additional
 ACL (acl_smtp_dkim), which can be called several times per message, with