From: Heiko Schlittermann (HS12-RIPE) Date: Sat, 3 Apr 2021 07:29:13 +0000 (+0200) Subject: update doc X-Git-Tag: exim-4.95-RC0~14^2~10 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/368ecb000c58995c5f61443d45d43942f1f431d0 update doc (cherry picked from commit 77cc1ad3058e4ef7ae82adb914ccff0be9fe2c8b) --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index c59468716..05d8e6ed1 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -239,6 +239,14 @@ failure report bounce message + + de-tainting + tainting, de-tainting + + + detainting + tainting, de-tainting + dialup intermittently connected hosts @@ -9606,6 +9614,8 @@ reasons, and expansion of data deriving from the sender (&"tainted data"&) .new is not permitted (including acessing a file using a tainted name). +The main config option &%allow_insecure_tainted_data%& can be used as +mitigation during uprades to more secure configurations. .wen .new @@ -14590,6 +14600,7 @@ listed in more than one group. .section "Miscellaneous" "SECID96" .table2 .row &%add_environment%& "environment variables" +.row &%allow_insecure_tainted_data%& "turn taint errors into warnings" .row &%bi_command%& "to run for &%-bi%& command line option" .row &%debug_store%& "do extra internal checks" .row &%disable_ipv6%& "do no IPv6 processing" @@ -15201,6 +15212,18 @@ domains (defined in the named domain list &%local_domains%& in the default configuration). This &"magic string"& matches the domain literal form of all the local host's IP addresses. +.new +.option allow_insecure_tainted_data main boolean false +.cindex "de-tainting" +.oindex "allow_insecure_tainted_data" +The handling of tainted data may break older (pre 4.94) configurations. +Setting this option to "true" turns taint errors (which result in a temporary +message rejection) into warnings. This option is meant as mitigation only +and deprecated already today. Future releases of Exim may ignore it. +The &%taint%& log selector can be used to suppress even the warnings. +.wen + + .option allow_mx_to_ip main boolean false .cindex "MX record" "pointing to IP address" @@ -38750,6 +38773,7 @@ selection marked by asterisks: &` smtp_protocol_error `& SMTP protocol errors &` smtp_syntax_error `& SMTP syntax errors &` subject `& contents of &'Subject:'& on <= lines +&`*taint `& taint errors or warnings &`*tls_certificate_verified `& certificate verification status &`*tls_cipher `& TLS cipher suite on <= and => lines &` tls_peerdn `& TLS peer DN on <= and => lines @@ -39145,6 +39169,11 @@ using a CA trust anchor, &`CV=dane`& if using a DNS trust anchor, and &`CV=no`& if not. .next +.cindex "log" "Taint warnings" +&%taint%&: Log warnings about tainted data. This selector can't be +turned of if &%allow_insecure_tainted_data%& is false (which is the +default). +.next .cindex "log" "TLS cipher" .cindex "TLS" "logging cipher" &%tls_cipher%&: When a message is sent or received over an encrypted diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 46a69c1d7..0ef9ab25e 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -56,6 +56,51 @@ Version 4.95 16. Main option "hosts_require_helo", requiring HELO or EHLO before MAIL. +Version 4.95 +------------ + + 1. The fast-ramp two phase queue run support, previously experimental, is + now supported by default. + + 2. The native SRS support, previously experimental, is now supported. It is + not built unless specified in the Local/Makefile. + + 3. TLS resumption support, previously experimental, is now supported and + included in default builds. + + 4. Single-key LMDB lookups, previously experimental, are now supported. + The support is not built unless specified in the Local/Makefile. + + 5. Option "message_linelength_limit" on the smtp transport to enforce (by + default) the RFC 998 character limit. + + 6. An option to ignore the cache on a lookup. + + 7. Quota checking during reception (i.e. at SMTP time) for appendfile- + transport-managed quotas. + + 8. Sqlite lookups accept a "file=" option to specify a per-operation + db file, replacing the previous prefix to the SQL string (which had + issues when the SQL used tainted values). + + 9. Lsearch lookups accept a "ret=full" option, to return both the portion + of the line matching the key, and the remainder. + +10. A command-line option to have a daemon not create a notifier socket. + +11. Faster TLS startup. When various configuration options contain no + expandable elements, the information can be preloaded and cached rather + than the provious behaviour of always loading at startup time for every + connection. This helps particularly for the CA bundle. + +12. Proxy Protocol Timeout is configurable via "proxy_protocol_timeout" + main config option. + +13. Option "smtp_accept_msx_per_connection" is now expanded. + +13. A main config option "allow_insecure_tainted_data" allows to turn + taint errors into warnings. + Version 4.94 ------------