* -bmalware, note that not running as invoking user and emphasize that it's
for debugging Exim, not for general scanning.
* permit_codedump ? coRedump.
* Anon SSL lacking cert has been confirmed, fix works, remove the
"(I believe)" (which also might have been inferred to mean I did the
diagnosis; I didn't, I just convinced myself that Martin's analysis was
correct).
-. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.85 2010/06/07 08:42:15 pdp Exp $
+. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.86 2010/06/09 01:30:16 pdp Exp $
.
. /////////////////////////////////////////////////////////////////////////////
. This is the primary source of the Exim Manual. It is an xfpt document that is
.
. /////////////////////////////////////////////////////////////////////////////
. This is the primary source of the Exim Manual. It is an xfpt document that is
this option, so if av_scanner's value is dependent upon an expansion then
the expansion should have defaults which apply to this invocation. Exim will
have changed working directory before resolving the filename, so using fully
this option, so if av_scanner's value is dependent upon an expansion then
the expansion should have defaults which apply to this invocation. Exim will
have changed working directory before resolving the filename, so using fully
-qualified pathnames is advisable. This option requires admin privileges.
+qualified pathnames is advisable. Exim will be running as the Exim user
+when it tries to open the file, rather than as the invoking user.
+This option requires admin privileges.
+
+The &%-bmalware%& option will not be extended to be more generally useful,
+there are better tools for file-scanning. This option exists to help
+administrators verify their Exim and AV scanner configuration.
.vitem &%-bt%&
.oindex "&%-bt%&"
.vitem &%-bt%&
.oindex "&%-bt%&"
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.630 2010/06/07 08:42:15 pdp Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.631 2010/06/09 01:30:16 pdp Exp $
Change log file for Exim from version 4.21
-------------------------------------------
Change log file for Exim from version 4.21
-------------------------------------------
PP/04 Bugzilla 995: provide better SSL diagnostics on failed reads.
PP/04 Bugzilla 995: provide better SSL diagnostics on failed reads.
-PP/05 Bugzilla 834: provide a permit_codedump option for pipe transports.
+PP/05 Bugzilla 834: provide a permit_coredump option for pipe transports.
PP/06 Adjust NTLM authentication to handle SASL Initial Response.
PP/07 If TLS negotiated an anonymous cipher, we could end up with SSL but
PP/06 Adjust NTLM authentication to handle SASL Initial Response.
PP/07 If TLS negotiated an anonymous cipher, we could end up with SSL but
- without a peer certificate (I believe), leading to a segfault because of
- an assumption that peers always have certificates. Be a little more
+ without a peer certificate, leading to a segfault because of an
+ assumption that peers always have certificates. Be a little more
paranoid. Problem reported by Martin Tscholak.
PP/08 Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
paranoid. Problem reported by Martin Tscholak.
PP/08 Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content