-Preamble
-========
-
-Normally The Exim Maintainers ensure that a configuration which works
-with version N will work with version N+1, within a major version number
-(eg, 4).
-
-Occasionally this will not be the case; usually, those changes will be
-at the end of a long notice period where admins have been encouraged to
-move away and even then, we are hesitant to fully break things without
-strong cause to move away.
-
-This does not apply to "experimental" features, which can be withdrawn
-or changed with little notice, although we still endeavour to limit
-that. We may choose to note those changes here too.
-
-The most likely cause of a backwards-incompatible change is a security
-improvement, where the benefits for everyone strongly outweigh the needs
-of the few.
-
-
-Changes
-=======
-
-Exim version 4.73
------------------
-
- * The Exim run-time user can no longer be root; this was always
- strongly discouraged, but is now prohibited both at build and
- run-time. If you need Exim to run routinely as root, you'll need to
- patch the source and accept the risk. Here be dragons.
-
- * Exim will no longer accept a configuration file owned by the Exim
- run-time user, unless that account is explicitly the value in
- CONFIGURE_OWNER, which we discourage. Exim now checks to ensure that
- files are not writable by other accounts.
-
- * The ALT_CONFIG_ROOT_ONLY build option is no longer optional and is forced
- on; the Exim user can, by default, no longer use -C/-D and retain privilege.
- Two new build options mitigate this.
-
- * TRUSTED_CONFIG_LIST defines a file containing a whitelist of config
- files that are trusted to be selected by the Exim user; one per line.
- This is the recommended approach going forward.
-
- * WHITELIST_D_MACROS defines a colon-separated list of macro names which
- the Exim run-time user may safely pass without dropping privileges.
- Because changes to this involve a recompile, this is not the recommended
- approach but may ease transition. The values of the macros, when
- overriden, are constrained to match this regex: ^[A-Za-z0-9_/.-]*$
-
- * The system_filter_user option now defaults to the Exim run-time user,
- rather than root. You can still set it explicitly to root and this
- can be done with prior versions too, letting you roll versions
- without needing to change this configuration option.
-
- * ClamAV must be at least version 0.95 unless WITH_OLD_CLAMAV_STREAM is
- defined at build time.
-