Update docs for suggested Ident and PRDR settings

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 7c34bbbc78fb158fe552dbf43a4b348caa7c136a..e512f2b4acc8e8bdbe244290949921e08ebae848 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -5557,16 +5557,21 @@ unreachable.
 The next two lines are concerned with &'ident'& callbacks, as defined by RFC
 1413 (hence their names):
 .code
-rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_hosts = *
+rfc1413_query_timeout = 0s
+.endd
+These settings cause Exim to avoid ident callbacks for all incoming SMTP calls.
+Few hosts offer RFC1413 service these days; calls have to be
+terminated by a timeout and this needlessly delays the startup
+of an incoming SMTP connection.
+If you have hosts for which you trust RFC1413 and need this
+information, you can change this.
+
+This line enables an efficiency SMTP option.  It is negociated by clients
+and not expected to cause problems but can be disabled if needed.
+.code
+prdr_enable = true
 .endd
-These settings cause Exim to make ident callbacks for all incoming SMTP calls.
-You can limit the hosts to which these calls are made, or change the timeout
-that is used. If you set the timeout to zero, all ident calls are disabled.
-Although they are cheap and can provide useful information for tracing problem
-messages, some hosts and firewalls have problems with ident calls. This can
-result in a timeout instead of an immediate refused connection, leading to
-delays on starting up an incoming SMTP session.
 
 When Exim receives messages over SMTP connections, it expects all addresses to
 be fully qualified with a domain, as required by the SMTP definition. However,
@@ -6002,9 +6007,14 @@ One remote transport and four local transports are defined.
 .code
 remote_smtp:
   driver = smtp
+  hosts_try_prdr = *
 .endd
-This transport is used for delivering messages over SMTP connections. All its
-options are defaulted. The list of remote hosts comes from the router.
+This transport is used for delivering messages over SMTP connections.
+The list of remote hosts comes from the router.
+The &%hosts_try_prdr%& option enables an efficiency SMTP option.
+It is negotiated between client and server
+and not expected to cause problems but can be disabled if needed.
+All other options are defaulted.
 .code
 local_delivery:
   driver = appendfile
@@ -26663,6 +26673,8 @@ See also the &%prdr_enable%& global option
 and the &%hosts_try_prdr%& smtp transport option.
 
 This ACL is evaluated after &%acl_smtp_dkim%& but before &%acl_smtp_data%&.
+If the ACL is not defined, processing completes as if
+the feature was not requested by the client.
 
 .section "The QUIT ACL" "SECTQUITACL"
 .cindex "QUIT, ACL for"

diff --git a/test/runtest b/test/runtest
index cd15a7f38d8369d3d69d8a00acbacf8dc5fa218f..5216eaded4df43a38714c93c46b3d57e1b93a091 100755 (executable)
--- a/test/runtest
+++ b/test/runtest
@@ -498,6 +498,7 @@ RESET_AFTER_EXTRA_LINE_READ:
   # treat the standard algorithms the same.
   # So far, have seen:
   #   TLSv1:AES256-SHA:256
+  #   TLSv1.1:AES256-SHA:256
   #   TLSv1.2:AES256-GCM-SHA384:256
   #   TLSv1.2:DHE-RSA-AES256-SHA:256
   #   TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128