Jeremy Harris [Wed, 4 Feb 2015 15:09:38 +0000 (15:09 +0000)]
Openssl: add peer IP to cert verify log lines
Jeremy Harris [Sat, 31 Jan 2015 22:33:53 +0000 (22:33 +0000)]
constification
Jeremy Harris [Thu, 29 Jan 2015 19:06:45 +0000 (19:06 +0000)]
List separator specifiers in router/transport headers_add/remove. Bug 1581
Jeremy Harris [Thu, 29 Jan 2015 17:42:47 +0000 (17:42 +0000)]
Fix truncation of items in headers_remove lists, this time in routers. Bug 1533
Jeremy Harris [Wed, 28 Jan 2015 21:19:14 +0000 (21:19 +0000)]
Add timeout option to spamd_address server specification. Bug 68
Jeremy Harris [Wed, 28 Jan 2015 00:16:56 +0000 (00:16 +0000)]
Support hostnames and IPv6 addresses for spamd_address. Bug 1259
Jeremy Harris [Tue, 9 Dec 2014 10:42:38 +0000 (10:42 +0000)]
Make useful socket functions more generally available
Jeremy Harris [Tue, 27 Jan 2015 20:30:45 +0000 (20:30 +0000)]
Fix crash in ocsp_url extract
Jeremy Harris [Sun, 25 Jan 2015 18:48:06 +0000 (18:48 +0000)]
Do not panic-log each clamd connection fail. Bug 392
The panic log line for all servers failed is retained.
Jeremy Harris [Sun, 25 Jan 2015 18:36:10 +0000 (18:36 +0000)]
Do not panic-log each spamd connection fail. Bug 392
The panic log line for all servers failed is retained.
Roman [Tue, 20 Jan 2015 22:11:41 +0000 (22:11 +0000)]
Add time, weight and backup modifiers to spamd_address list elements. Bug 670
Heavy refactoring by JH.
Also support mixed/multiple Unix/TCP server specifications.
Andrew Lewis [Sat, 24 Jan 2015 23:42:59 +0000 (23:42 +0000)]
Support Rspamd. Patch from Andrew Lewis, lightly editorialised
by JH. Bug 1573
Jeremy Harris [Sat, 24 Jan 2015 20:01:07 +0000 (20:01 +0000)]
Testsuite: remove old testcase for reverse_host_lookup/defer_ok
Jeremy Harris [Sat, 24 Jan 2015 18:48:48 +0000 (18:48 +0000)]
Support /defer_ok on verify=reverse_host_lookup. Bug 344
Jeremy Harris [Mon, 19 Jan 2015 16:42:31 +0000 (16:42 +0000)]
DANE: if all TLSA records are unusable, retry verification non-dane.
Jeremy Harris [Tue, 20 Jan 2015 21:25:27 +0000 (21:25 +0000)]
Deny cutthrough if the ountbound is LMTP. Bug 1576
Jeremy Harris [Tue, 20 Jan 2015 20:57:15 +0000 (20:57 +0000)]
Testsuite: add testcase for <>-mismatch in To:/From: headers
Jeremy Harris [Tue, 13 Jan 2015 11:19:32 +0000 (11:19 +0000)]
Multi-recipient cutthrough delivery. Bug 1542
Testing and fixes by: Heiko Schlittermann <hs@schlittermann.de>
Jeremy Harris [Tue, 20 Jan 2015 12:11:15 +0000 (12:11 +0000)]
Testsuite: Experimental_Certnames absorbed into mainline
Jeremy Harris [Sun, 18 Jan 2015 21:36:34 +0000 (21:36 +0000)]
Separate make targets for utils and exim. Bug 610
Jeremy Harris [Sun, 18 Jan 2015 21:05:56 +0000 (21:05 +0000)]
Log local IP on delivery log line, under the incoming_interface log selector. Bug 507
Jeremy Harris [Sat, 17 Jan 2015 23:13:20 +0000 (23:13 +0000)]
Docs: fix sort example
Jeremy Harris [Mon, 12 Jan 2015 16:01:38 +0000 (16:01 +0000)]
Make smtp_receive_timeout main option expanded. Bug 564
Jeremy Harris [Tue, 13 Jan 2015 10:59:07 +0000 (10:59 +0000)]
Add cmdline option to append a log message. Bug 418
Jeremy Harris [Tue, 13 Jan 2015 11:00:44 +0000 (11:00 +0000)]
Docs: bump previous-version
Jeremy Harris [Mon, 12 Jan 2015 19:25:04 +0000 (19:25 +0000)]
Docs: mark up with changebars
Jeremy Harris [Mon, 12 Jan 2015 18:53:12 +0000 (18:53 +0000)]
Testsuite: fix leftover in mime testing
Jeremy Harris [Sun, 11 Jan 2015 18:40:05 +0000 (18:40 +0000)]
Do RE compilations at daemon startup. Bug 1568
Jeremy Harris [Sun, 28 Dec 2014 17:16:54 +0000 (17:16 +0000)]
Support timeout option on malware=
Jeremy Harris [Sat, 27 Dec 2014 20:47:19 +0000 (20:47 +0000)]
Apply timeout consistently to all malware scanner types
Jeremy Harris [Sun, 21 Dec 2014 21:35:04 +0000 (21:35 +0000)]
Testsuite: case for malware= avast
Jeremy Harris [Fri, 21 Nov 2014 18:04:07 +0000 (18:04 +0000)]
Apply timeout to Fsecure malware response. Bug 1549
Jeremy Harris [Tue, 23 Dec 2014 20:16:36 +0000 (20:16 +0000)]
Add support for avast malware scanner. Bug 1033
Originally by Dominic Benson <dominic@lenny.cus.org>
Rebased for current malware.c by JGH.
Testing by Heiko Schlittermann <hs@schlittermann.de>
Jeremy Harris [Sat, 20 Dec 2014 18:05:33 +0000 (18:05 +0000)]
Propagate more error codes internally
Wolfgang Breyha [Fri, 19 Dec 2014 15:51:45 +0000 (15:51 +0000)]
DSN: use the SMTP return messsage for Diagnostic-Code lines. Bug 1559
Minor tweaking by JH.
Jeremy Harris [Tue, 16 Dec 2014 15:20:24 +0000 (15:20 +0000)]
Testsuite: random number used for DSN MIME boundary can have few digits
Jeremy Harris [Tue, 23 Dec 2014 20:07:16 +0000 (20:07 +0000)]
Move DSN support to mainline
Affects bug 893
Jeremy Harris [Sun, 14 Dec 2014 22:41:31 +0000 (22:41 +0000)]
Close dangling file. Bug 1379
Jeremy Harris [Tue, 23 Dec 2014 20:02:53 +0000 (20:02 +0000)]
Emphasize whitespace in hostnames in debug output
Jeremy Harris [Tue, 23 Dec 2014 19:50:07 +0000 (19:50 +0000)]
Disable identd (rfc1413) lookups by default
Jeremy Harris [Sat, 29 Nov 2014 19:52:09 +0000 (19:52 +0000)]
New variable $exim_version. Bug 306
Heiko Schlittermann [Sat, 29 Nov 2014 19:39:58 +0000 (19:39 +0000)]
New variable $config_dir, $config_file. Bug 1553
Jeremy Harris [Tue, 23 Dec 2014 19:43:33 +0000 (19:43 +0000)]
Code tidying
Jeremy Harris [Thu, 27 Nov 2014 16:26:44 +0000 (16:26 +0000)]
Fix buffer overrun in spam= acl condition. Bug 1552
Jeremy Harris [Thu, 27 Nov 2014 16:28:03 +0000 (16:28 +0000)]
Code tidying
Jeremy Harris [Thu, 27 Nov 2014 15:17:24 +0000 (15:17 +0000)]
Reformat to project standard
Jeremy Harris [Sun, 23 Nov 2014 22:38:14 +0000 (22:38 +0000)]
Log certificate verification status by default
Jeremy Harris [Sun, 23 Nov 2014 17:01:14 +0000 (17:01 +0000)]
Make smtp transport try server cert verify by default
This is an exim client checking a server certificate.
Jeremy Harris [Sun, 23 Nov 2014 16:58:06 +0000 (16:58 +0000)]
Make "system" location for certificate CA bundle the default
Jeremy Harris [Sun, 23 Nov 2014 16:10:30 +0000 (16:10 +0000)]
Support use of system default CA bundle
Jeremy Harris [Sat, 22 Nov 2014 19:16:19 +0000 (19:16 +0000)]
Move certificate name checking to mainline, default enabled
This is an exim client checking a server certificate.
Jeremy Harris [Fri, 21 Nov 2014 15:15:15 +0000 (15:15 +0000)]
As client, request PRDR by default if the server offers it
Jeremy Harris [Fri, 21 Nov 2014 13:44:26 +0000 (13:44 +0000)]
Update RFC conformance notes
Jeremy Harris [Thu, 20 Nov 2014 16:32:35 +0000 (16:32 +0000)]
Refactor common uses of list-checking
Jeremy Harris [Sun, 16 Nov 2014 17:47:50 +0000 (17:47 +0000)]
Make the multi_domain smtp transport option expanded
Jeremy Harris [Sun, 16 Nov 2014 14:14:35 +0000 (14:14 +0000)]
Make the retry_include_ip_address smtp transport option expanded. Bug 1545
Jeremy Harris [Mon, 12 Jan 2015 18:58:02 +0000 (18:58 +0000)]
Clean docs for next release
Jeremy Harris [Mon, 5 Jan 2015 23:40:11 +0000 (23:40 +0000)]
Docs: move description of modifiers on dnsdb lookups to a separate section
Jeremy Harris [Sun, 4 Jan 2015 09:22:58 +0000 (09:22 +0000)]
Docs: expand/reword entry on cutthrough delivery option
Jeremy Harris [Thu, 1 Jan 2015 21:47:10 +0000 (21:47 +0000)]
Avoid crash with badly-terminated non-recognised mime parameter
Jeremy Harris [Tue, 30 Dec 2014 20:39:02 +0000 (20:39 +0000)]
Fix crash in mime acl when a parameter is unterminated
Verified-by: Wolfgang Breyha <wbreyha@gmx.net>
Jeremy Harris [Tue, 30 Dec 2014 11:40:41 +0000 (11:40 +0000)]
Update ChangeLog
Jeremy Harris [Sat, 27 Dec 2014 20:35:08 +0000 (20:35 +0000)]
Testsuite: case for malware= cmdline
Jeremy Harris [Thu, 25 Dec 2014 13:30:12 +0000 (13:30 +0000)]
Fix null-indirection in certextract expansion
Found-by: Roman Rybalko
Jeremy Harris [Wed, 24 Dec 2014 17:05:39 +0000 (17:05 +0000)]
Docs thinko
Jeremy Harris [Mon, 22 Dec 2014 15:34:22 +0000 (15:34 +0000)]
Use TIME_T_FMT for formatting tv_sec. Bug 1561
Todd Lyons [Mon, 22 Dec 2014 13:30:59 +0000 (05:30 -0800)]
Bug 1547: Omit RFCs from release tarball docs dir
RFC Drafts and RFCs have licenses which are problematic for Debian
distribution. Omit them from the release tarball.
Jeremy Harris [Sun, 21 Dec 2014 21:32:13 +0000 (21:32 +0000)]
Testsuite: cases for malware= interfaces to f-protd, aveserver, fsecure, soophie & clamav
There are running against scripts not the rea thing
so only useful for spotting gross breakage.
Wolfgang Breyha [Fri, 19 Dec 2014 15:51:45 +0000 (15:51 +0000)]
EXPERIMENTAL_DSN: use the SMTP return messsage for Diagnostic-Code lines. Bug 1559
Minor tweaking by JH.
Jeremy Harris [Tue, 16 Dec 2014 15:02:48 +0000 (15:02 +0000)]
Testsuite: move testcase (requires plaintext authenticator)
Jeremy Harris [Sun, 14 Dec 2014 18:58:45 +0000 (18:58 +0000)]
Testsuite: additional crypto cypher useable
Seen on Fedora 21 / OpenSSL 1.0.1j-fips
Jeremy Harris [Sun, 14 Dec 2014 17:31:44 +0000 (17:31 +0000)]
Revert "Testsuite: Use explicit interface for send to localhost"
This reverts commit
30079bc1d20c0473d012ef33654358cfadb0a2ff.
The buildfarm member running FreeBSD 10.0 was not fixed by that commit,
as was hoped.
Jeremy Harris [Sun, 14 Dec 2014 15:15:34 +0000 (15:15 +0000)]
Account properly for quoted or 2047-encoded MIME parameters while walking headers. Bug 1558
Jeremy Harris [Sat, 13 Dec 2014 20:18:39 +0000 (20:18 +0000)]
Testsuite: Use explicit interface for send to localhost
FreeBSD is more lax in its choice of local address to bind; the
difference is just noise in testcase output.
Jeremy Harris [Tue, 9 Dec 2014 10:41:00 +0000 (10:41 +0000)]
Docs clarification
Jeremy Harris [Fri, 5 Dec 2014 15:17:10 +0000 (15:17 +0000)]
Docs typo
Jeremy Harris [Thu, 4 Dec 2014 19:17:47 +0000 (19:17 +0000)]
Fail a DANE-mode verify on totally missing certificate
Jeremy Harris [Thu, 4 Dec 2014 18:39:28 +0000 (18:39 +0000)]
Docs: clarify interaction of DANE and CA-based certificate verification options
Jeremy Harris [Wed, 3 Dec 2014 21:09:54 +0000 (21:09 +0000)]
Testsuite: add more DANE testcases
Todd Lyons [Mon, 1 Dec 2014 15:24:17 +0000 (07:24 -0800)]
Set previous version in doc XML
Jeremy Harris [Sun, 30 Nov 2014 17:34:00 +0000 (17:34 +0000)]
Docs: update drweb malware scanner interface description
Jeremy Harris [Sat, 29 Nov 2014 22:20:05 +0000 (22:20 +0000)]
Compiler quietening. Bug 1555
Jeremy Harris [Sat, 29 Nov 2014 21:50:23 +0000 (21:50 +0000)]
Document interface to f-protd av_scanner type. Bug 923
Jeremy Harris [Sat, 29 Nov 2014 19:05:28 +0000 (19:05 +0000)]
Testsuite: treat ECONNRESET the same as ECONNREFUSED on the new connection
Jeremy Harris [Sat, 29 Nov 2014 17:30:27 +0000 (17:30 +0000)]
Testsuite: fix feature name
Jeremy Harris [Sat, 29 Nov 2014 16:28:15 +0000 (16:28 +0000)]
Compiler quietening
Jeremy Harris [Fri, 28 Nov 2014 19:26:10 +0000 (19:26 +0000)]
Git: ignore a few more nonsource files
Jeremy Harris [Fri, 28 Nov 2014 19:10:05 +0000 (19:10 +0000)]
Testsuite: avoid ipv6 when testing retry data
Some test hosts cannot do ipv6. We assume that ipv4 is available.
Jeremy Harris [Thu, 27 Nov 2014 16:26:44 +0000 (16:26 +0000)]
Fix buffer overrun in spam= acl condition. Bug 1552
Jeremy Harris [Wed, 26 Nov 2014 17:40:00 +0000 (17:40 +0000)]
Testsuite: sort output of retry DB dumps
Different systems will have dump output in different order
so to tidy up the Solaris runs, sort pairs of lines by the
leading "word".
Jeremy Harris [Tue, 25 Nov 2014 22:12:42 +0000 (22:12 +0000)]
Testsuite: "echo -n" portability - use printf(1) if possible
Jeremy Harris [Tue, 25 Nov 2014 17:11:50 +0000 (17:11 +0000)]
Error the build if DANE included but DNSSEC not available
Nigel Metheringham [Tue, 25 Nov 2014 08:46:52 +0000 (08:46 +0000)]
Docs typo in index entry. Fixes: #1551
Jeremy Harris [Sun, 23 Nov 2014 16:16:11 +0000 (16:16 +0000)]
Document OpenSSL behaviour on system default CA bundle
Jeremy Harris [Sat, 22 Nov 2014 19:19:09 +0000 (19:19 +0000)]
Docs: fix missing quotes
Jeremy Harris [Fri, 21 Nov 2014 16:52:38 +0000 (16:52 +0000)]
Docs: crossref $sending_ip_address. Bug 1319
Jeremy Harris [Fri, 21 Nov 2014 15:12:17 +0000 (15:12 +0000)]
Testsuite: case 0601 logging ordering
Jeremy Harris [Fri, 21 Nov 2014 13:52:22 +0000 (13:52 +0000)]
Update RFC conformance notes
Jeremy Harris [Fri, 21 Nov 2014 13:21:48 +0000 (13:21 +0000)]
Testsuite: debugging Solaris run ordering issue. Log +received_recipients
Jeremy Harris [Thu, 20 Nov 2014 20:17:32 +0000 (20:17 +0000)]
When following a CNAME chain, if any lookup is insecure the whole must be too