exim.git
5 years agoAvoid leaving $domain live with bogus info, during server connection startup
Jeremy Harris [Fri, 23 Nov 2018 23:55:36 +0000 (23:55 +0000)]
Avoid leaving $domain live with bogus info, during server connection startup

(cherry picked from commit cde93db00d4f5cff864070ebfed2d0c36e532e71)

5 years agoFix cyrus-sasl authenticator for $authenticated_fail_id. Bug 2338
Jeremy Harris [Sat, 24 Nov 2018 16:01:42 +0000 (16:01 +0000)]
Fix cyrus-sasl authenticator for $authenticated_fail_id.  Bug 2338

Cherry-picked from: 49ff55b6a9

6 years agoFix bad use of library, copying string over itself
Jeremy Harris [Sat, 20 Oct 2018 20:03:30 +0000 (21:03 +0100)]
Fix bad use of library, copying string over itself

(cherry picked from commit e30f4f43de211b14bd405a3d0e1579b9bd814908)

6 years agoLogging: do not log a missing proxy address, on delivery non-proxied.
Jeremy Harris [Wed, 26 Sep 2018 09:59:05 +0000 (10:59 +0100)]
Logging: do not log a missing proxy address, on delivery non-proxied.

Broken-by: e6d2a9894d
(cherry picked from commit eb58ddf5828a161dec94f131ff2c5c926c868354)

6 years agoDANE: ignore undersized TLSA records
Jeremy Harris [Fri, 21 Sep 2018 11:40:53 +0000 (12:40 +0100)]
DANE: ignore undersized TLSA records

(cherry picked from commit 834dec3ec34411a106695fec7b89622c17980feb)

6 years agoTestsuite: handle OpenSSL 1.1.1
Jeremy Harris [Fri, 21 Sep 2018 12:31:36 +0000 (13:31 +0100)]
Testsuite: handle OpenSSL 1.1.1
There are no functional changes as a result of this.

(Cherry-picked from 9e9ad3eea1)

6 years agoTestsuite: track newer GnuTLS behaviour
Jeremy Harris [Fri, 21 Sep 2018 12:25:58 +0000 (13:25 +0100)]
Testsuite: track newer GnuTLS behaviour
There are no non-debug functional changes as a result of this.

(cherry picked from commits 8008accd321813a1e03290901366ce316645af5a)

6 years agoDANE: fix TA-mode verify under GnuTLS. Bug 2311
Jeremy Harris [Fri, 21 Sep 2018 12:18:00 +0000 (13:18 +0100)]
DANE: fix TA-mode verify under GnuTLS.  Bug 2311

(cherry picked from commit 570cb1bdbc6ea378b2dcaf6ebabb45a5610ed1ef)

6 years agoFix filter noerror command. Bug 2318
Matthias Kurz [Sun, 16 Sep 2018 20:20:44 +0000 (21:20 +0100)]
Fix filter noerror command.  Bug 2318

(cherry picked from commit 25beaee4c28ed29a37078e6c68fa3d18ced6ec8c)

6 years agotests: propagate CPPFLAGS into build invocations
Phil Pennock [Sat, 15 Sep 2018 00:55:33 +0000 (20:55 -0400)]
tests: propagate CPPFLAGS into build invocations

With openssl installed by brew on macOS, OpenSSL headers are not in a
normal place.  I can fiddle with LDFLAGS/CPPFLAGS to get them available,
but then the `./configure` step succeeds and build fails.

Propagating the CPPFLAGS into the generated Makefile lets the build
succeed and we get a `client-ssl` binary output.

(cherry picked from commit be4bdb96db7556f34c5f298f1c473d53f3700bd9)
Signed-off-by: Phil Pennock <pdp@exim.org>
6 years agoRestore Darwin OS configuration
Phil Pennock [Fri, 14 Sep 2018 17:43:02 +0000 (13:43 -0400)]
Restore Darwin OS configuration

MacStadium are providing us with free Mac Mini hosting as part of their
FOSS support.  I'm about to set it up.  Let's have out-of-repo tuning in
place before I begin.

(cherry picked from commit a3d83c9e8d57ba51cd246435b14604f995551802)
Signed-off-by: Phil Pennock <pdp@exim.org>
6 years agoFix cutthrough delivery for more than one iteration of address redirection. Bug...
Jeremy Harris [Sat, 11 Aug 2018 13:56:59 +0000 (14:56 +0100)]
Fix cutthrough delivery for more than one iteration of address redirection.  Bug 2296

(cherry picked from commit d16931c81f3e500fa6eafe5ec1c5d8e7db63e65a
                and commit 8a6b4e02cd384193a5566e8601bdd97249b22284)

6 years agoFix non-EVENTS build
Jeremy Harris [Fri, 20 Jul 2018 15:19:34 +0000 (16:19 +0100)]
Fix non-EVENTS build

Broken-by: c4b57fddca
(cherry picked from commit 8d3dc2397dd769bf4654b0678be8d2acf0956ddd)

6 years agoI18N: Fix protocol recorded for a multi-SMTPUTF8-message connection. Bug 2287
Jeremy Harris [Wed, 18 Jul 2018 21:16:38 +0000 (22:16 +0100)]
I18N: Fix protocol recorded for a multi-SMTPUTF8-message connection.  Bug 2287

(cherry picked from commit 946515bfe62796f6c0d6554e9e1e227f33253e7c)

6 years agoARC: Fix verification to do AS checks in reverse order
Jeremy Harris [Mon, 25 Jun 2018 11:08:37 +0000 (12:08 +0100)]
ARC: Fix verification to do AS checks in reverse order

Broken from the original introduction (617d39327e)

6 years agoTestsuite: missing output files
Jeremy Harris [Thu, 21 Jun 2018 17:22:56 +0000 (18:22 +0100)]
Testsuite: missing output files

6 years agoDKIM: Fix signing for body lines starting with a pair of dots. Bug 2284
Jeremy Harris [Thu, 21 Jun 2018 16:03:38 +0000 (17:03 +0100)]
DKIM: Fix signing for body lines starting with a pair of dots.  Bug 2284

Broken-by: 42055a3385
6 years agoARC: Fix signing for case when DKIM signing failed
Jeremy Harris [Thu, 7 Jun 2018 15:24:31 +0000 (16:24 +0100)]
ARC: Fix signing for case when DKIM signing failed

6 years agoFix logging of cmdline args when starting in an unlinked cwd. Bug 2274
Jeremy Harris [Wed, 6 Jun 2018 10:19:23 +0000 (11:19 +0100)]
Fix logging of cmdline args when starting in an unlinked cwd.  Bug 2274

6 years agoUse serial number 1 for self-generated selfsigned certificate
Jeremy Harris [Thu, 24 May 2018 15:31:27 +0000 (16:31 +0100)]
Use serial number 1 for self-generated selfsigned certificate

Broken-by: 23bb69826c
(cherry picked from commit 1613fd68b5931757016c3c25fdc3b0f37827e7f1)

6 years agoContent scanning: Fix locking on message spool files. Bug 2275
Jeremy Harris [Fri, 11 May 2018 17:02:29 +0000 (18:02 +0100)]
Content scanning: Fix locking on message spool files.  Bug 2275

(cherry picked from commit 1bd642c265dae5643f16d023879043b7576f66a9)

6 years agoARC: fix crash on signing with missing key file
Jeremy Harris [Fri, 11 May 2018 15:26:17 +0000 (16:26 +0100)]
ARC: fix crash on signing with missing key file

Cherry-picked from: 97e939dfe2

6 years agotidying
Jeremy Harris [Mon, 7 May 2018 13:44:31 +0000 (14:44 +0100)]
tidying

6 years agoCutthrough: fix race resulting in duplicate-delivery. Bug 2273
Jeremy Harris [Sat, 5 May 2018 21:47:58 +0000 (22:47 +0100)]
Cutthrough: fix race resulting in duplicate-delivery.  Bug 2273

Cherry-picked from: cfbb0d24e8

6 years agoDKIM: enforce limit of 20 on received DKIM-Signature: headers. Bug 2269
Jeremy Harris [Mon, 23 Apr 2018 10:26:52 +0000 (11:26 +0100)]
DKIM: enforce limit of 20 on received DKIM-Signature: headers.  Bug 2269

(cherry picked from commit 64b67b658a37dd780cc1b2fd0ef87febe461a0ba)

6 years agoFix spec
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Apr 2018 15:20:58 +0000 (17:20 +0200)]
Fix spec

Thanks to Mike Brudenell

(cherry picked from commit 4ae6e648660146fd44e7aa00669d00e49c17c31a)

6 years agoFix OpenSSL non-OCSP build
Jeremy Harris [Mon, 16 Apr 2018 17:45:04 +0000 (18:45 +0100)]
Fix OpenSSL non-OCSP build

(cherry picked from commit 37f0ce65959019e417ff79b9d0959e13470c5290)

6 years agoFix typo in arc. Bug 2262
Jeremy Harris [Mon, 16 Apr 2018 08:15:17 +0000 (09:15 +0100)]
Fix typo in arc.  Bug 2262

(cherry picked from commit 69a82da3e9018b082cee870030ecc557497301df)

6 years ago Avoid doing logging in signal-handlers. Bug 1007
Jeremy Harris [Mon, 23 Apr 2018 11:41:31 +0000 (12:41 +0100)]
    Avoid doing logging in signal-handlers.  Bug 1007

        Cherry-picked from 9723f96673, with the LOCAL_SCAN changes removed

6 years agoBelated README.UPDATING notes for Exim 4.91
Phil Pennock [Mon, 16 Apr 2018 19:24:34 +0000 (15:24 -0400)]
Belated README.UPDATING notes for Exim 4.91

People skip versions and move past them later, so while it's too late
for 4.91, this will still help people moving to 4.92 from pre-4.91 in
future.

Note that none of these strictly needed to be documented here:
experimental features, features marked as deprecated for many many
years, etc.  But let's err on the side of caution and include "things
which will break if you try to upgrade without changing Local/Makefile".

6 years agoTestsuite: tidyup after myslq testing exim-4_91
Jeremy Harris [Sat, 14 Apr 2018 23:18:10 +0000 (00:18 +0100)]
Testsuite: tidyup after myslq testing

6 years agoLogging: fix syslog logging for syslog_timestamp=no and log_selector +millisec
Jeremy Harris [Sat, 14 Apr 2018 22:31:05 +0000 (23:31 +0100)]
Logging: fix syslog logging for syslog_timestamp=no and log_selector +millisec
         also syslog_pid=no and log_selector +pid

6 years agoDocs: typo
Jeremy Harris [Fri, 13 Apr 2018 16:02:15 +0000 (17:02 +0100)]
Docs: typo

6 years agoDKIM downgrade example again; this time debugged
Phil Pennock [Fri, 13 Apr 2018 22:51:23 +0000 (18:51 -0400)]
DKIM downgrade example again; this time debugged

As well as previous commit's `len_3` -> `length_3`, we were missing
braces around the expansion operator, resulting in trying to dereference
an unknown variable `$length_3`, and we were missing the outer braces
from the `or` expansion condition.

We really need a better way to test ACL expansion without a full harness. :(

This bug-fixed version is now running on my system.

6 years agoFix length expansion operator in DKIM downgrade example
Phil Pennock [Fri, 13 Apr 2018 22:35:20 +0000 (18:35 -0400)]
Fix length expansion operator in DKIM downgrade example

6 years agoDKIM: add support for the SubjectPublicKeyInfo wrapped form of pubkey
Jeremy Harris [Fri, 13 Apr 2018 10:51:50 +0000 (11:51 +0100)]
DKIM: add support for the SubjectPublicKeyInfo wrapped form of pubkey

6 years agoDocs: add known broken-version info for OpenSSL behavior
Jeremy Harris [Thu, 12 Apr 2018 15:55:42 +0000 (16:55 +0100)]
Docs: add known broken-version info for OpenSSL behavior

6 years agoMention MTA-STS in DANE context; nit fixes
Phil Pennock [Thu, 12 Apr 2018 02:04:28 +0000 (22:04 -0400)]
Mention MTA-STS in DANE context; nit fixes

Did an audit of text changed since commit 6aa6fc9c5 to look for issues
which stood out, fixed those.  Spelling mistakes, markup issues, minor
grammatical infelicities.

The public/private CA stuff in the DANE text might push people away from
public CAs, but the existence of MTA-STS means that one of those is
probably the best choice.  Mention what exim.org does, to provide
slightly firmer guidance without pressure.

List the `dkim_hash` values, `sha512` appears to be new since that text
was last touched.

6 years agoDoc: website updates and so forth
Phil Pennock [Thu, 12 Apr 2018 01:06:54 +0000 (21:06 -0400)]
Doc: website updates and so forth

I've added <https://downloads.exim.org/> as a new vhost which doesn't
reference FTP and loses the `/pub/exim` prefix.

Fixed various other outdated claims and documented Jeremy's PGP key as
the main key for releases, with mine (Phil's) and Heiko's as fallbacks.

Mention the `.xz` files.

6 years agoAdd `receive_time` to list of log_selector values
Phil Pennock [Mon, 9 Apr 2018 21:52:19 +0000 (17:52 -0400)]
Add `receive_time` to list of log_selector values

6 years agobugfix: heimdal interaction, check length
Phil Pennock [Mon, 9 Apr 2018 21:49:57 +0000 (17:49 -0400)]
bugfix: heimdal interaction, check length

clang noted that taking the address of a struct member will never be 0,
so checking against 0 was wrong.  It was a `.length` member.  I've
compiled RC4 with this change and deployed it to my box and I can still
authenticate fine.

6 years agoARC: fix signing when DKIM-signing is also being done
Jeremy Harris [Mon, 9 Apr 2018 14:08:34 +0000 (15:08 +0100)]
ARC: fix signing when DKIM-signing is also being done

The ordering of headers being signed was wrong when a message
being forwarded arrived with a dkim signature

6 years agoDMARC: fix history file
Jeremy Harris [Mon, 9 Apr 2018 10:19:47 +0000 (11:19 +0100)]
DMARC: fix history file

Too many variables were being cleared between connections
Broken-by: c780096c29 4.91 RC2
6 years agoBetter(?!?) fallback for stat: Perl
Phil Pennock [Mon, 9 Apr 2018 03:46:26 +0000 (23:46 -0400)]
Better(?!?) fallback for stat: Perl

We use Perl extensively in other scripts.

*sigh*

6 years agostat portability
Phil Pennock [Mon, 9 Apr 2018 02:43:36 +0000 (22:43 -0400)]
stat portability

I forgot how much I loathe basic stuff like "get the size of a file,
portably, in shell".  Bleh.

6 years agoAdded util/renew-opendmarc-tlds.sh script to renew PSL
Phil Pennock [Mon, 9 Apr 2018 02:28:56 +0000 (22:28 -0400)]
Added util/renew-opendmarc-tlds.sh script to renew PSL

6 years agoOpenSSL: Revert the disabling of the session-cache. Bug 2255
Jeremy Harris [Sun, 8 Apr 2018 21:45:39 +0000 (22:45 +0100)]
OpenSSL: Revert the disabling of the session-cache.  Bug 2255

Session cacheing is never useful, as we use a new context for every TLS startup.
However, removing the support triggers odd behaviour from Outlook Express (only
when there is an IMAP server on the same machine as Exim): an initial connect
from the OE client fails, the immediate retry works.

6 years agoARC: fix verify to not evaluate the top AMS twice exim-4_91_RC4
Jeremy Harris [Sat, 7 Apr 2018 21:44:39 +0000 (22:44 +0100)]
ARC: fix verify to not evaluate the top AMS twice

6 years agoLogging: fix DKIM precis received log line element.
Jeremy Harris [Fri, 6 Apr 2018 09:48:00 +0000 (10:48 +0100)]
Logging: fix DKIM precis received log line element.

Broken-by: 2c47372fad
6 years agocompiler quietening
Heiko Schlittermann (HS12-RIPE) [Wed, 4 Apr 2018 19:39:36 +0000 (21:39 +0200)]
compiler quietening

6 years agocompiler quietening
Jeremy Harris [Wed, 4 Apr 2018 11:38:38 +0000 (12:38 +0100)]
compiler quietening

6 years agoActually reap node2 process in redis cluster test
Graeme Fowler [Wed, 4 Apr 2018 10:30:21 +0000 (11:30 +0100)]
Actually reap node2 process in redis cluster test

6 years agoAvast: rework interface exim-4_91_RC3
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Apr 2018 20:11:57 +0000 (22:11 +0200)]
Avast: rework interface

6 years agoAvast: implement pass_unscanned option
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Apr 2018 15:39:39 +0000 (17:39 +0200)]
Avast: implement pass_unscanned option

6 years agoAvast: improve compliance with avast-protocol(5)
Heiko Schlittermann (HS12-RIPE) [Fri, 30 Mar 2018 22:06:47 +0000 (00:06 +0200)]
Avast: improve compliance with avast-protocol(5)

Treat scanner errors as malware. Defer on scanner tmpfail
only.

6 years agoTestsuite: ignore config-optional -bP output
Jeremy Harris [Sat, 31 Mar 2018 13:23:31 +0000 (14:23 +0100)]
Testsuite: ignore config-optional -bP output

6 years agoDocs: tidy the ChangeLog file
Jeremy Harris [Fri, 30 Mar 2018 23:07:55 +0000 (00:07 +0100)]
Docs: tidy the ChangeLog file

6 years agoMerge branch 'dane_require_tls_ciphers'
Phil Pennock [Sat, 31 Mar 2018 02:28:20 +0000 (22:28 -0400)]
Merge branch 'dane_require_tls_ciphers'

New SMTP Transport option for simplified improved security for DANE.

6 years agoTestsuite: avoid ipv6 use in dane_require_tls_ciphers testcases
Jeremy Harris [Fri, 30 Mar 2018 16:36:30 +0000 (17:36 +0100)]
Testsuite: avoid ipv6 use in dane_require_tls_ciphers testcases

6 years agoTestcases for dane_require_tls_ciphers
Jeremy Harris [Fri, 30 Mar 2018 14:50:35 +0000 (15:50 +0100)]
Testcases for dane_require_tls_ciphers

6 years agoImplement dane_require_tls_ciphers (theoretically)
Phil Pennock [Thu, 29 Mar 2018 03:01:34 +0000 (23:01 -0400)]
Implement dane_require_tls_ciphers (theoretically)

It compiles with OpenSSL, on Darwin (if restore Darwin OS).
It doesn't crash immediately, but more testing is needed from a place
where port 25 is not just blocked.

6 years agoDocument new dane_require_tls_ciphers
Phil Pennock [Thu, 29 Mar 2018 01:41:20 +0000 (21:41 -0400)]
Document new dane_require_tls_ciphers

Haven't written the code yet, but writing the docs first helped me
affirm that this makes sense and feels clean.  Code in next commit.

6 years agoARC: log signing-spec errors in mainlog only, not paniclog
Jeremy Harris [Wed, 28 Mar 2018 13:15:23 +0000 (14:15 +0100)]
ARC: log signing-spec errors in mainlog only, not paniclog

6 years agoARC: enhance debug for signing; explicitly init signing context
Jeremy Harris [Tue, 27 Mar 2018 21:01:03 +0000 (22:01 +0100)]
ARC: enhance debug for signing; explicitly init signing context

6 years agoFix non-ARC build
Jeremy Harris [Mon, 26 Mar 2018 17:44:33 +0000 (18:44 +0100)]
Fix non-ARC build

6 years agoARC: add guard in verify against lack of the dkim-verify context
Jeremy Harris [Mon, 26 Mar 2018 16:30:47 +0000 (17:30 +0100)]
ARC: add guard in verify against lack of the dkim-verify context
needed for body-hashing

6 years agoCutthrough: for an onward finaldot timeout, generate an initator 450 in defer=pass...
Jeremy Harris [Mon, 26 Mar 2018 15:59:29 +0000 (16:59 +0100)]
Cutthrough: for an onward finaldot timeout, generate an initator 450 in defer=pass mode

6 years agoARC: cutthrough delivery may not be used with ARC signing
Jeremy Harris [Mon, 26 Mar 2018 14:59:25 +0000 (15:59 +0100)]
ARC: cutthrough delivery may not be used with ARC signing

6 years agoCutthrough: enforce non-use in combination with DKIM signing or transport filter
Jeremy Harris [Mon, 26 Mar 2018 14:53:49 +0000 (15:53 +0100)]
Cutthrough: enforce non-use in combination with DKIM signing or transport filter

Broken-by: 02b41d7106
6 years agoAdd ARC signing caveats
Phil Pennock [Mon, 26 Mar 2018 16:24:48 +0000 (12:24 -0400)]
Add ARC signing caveats

6 years agoSPF: remove the deprecated "err_temp" and "err_perm" result names
Jeremy Harris [Mon, 26 Mar 2018 12:49:52 +0000 (13:49 +0100)]
SPF: remove the deprecated "err_temp" and "err_perm" result names

6 years agoDKIM: document proper Ed25519 key-generation methods; remove helper program
Jeremy Harris [Mon, 26 Mar 2018 12:30:13 +0000 (13:30 +0100)]
DKIM: document proper Ed25519 key-generation methods; remove helper program

6 years agoExpand directory opetion for queuefile transport
Jeremy Harris [Mon, 26 Mar 2018 11:23:59 +0000 (12:23 +0100)]
Expand directory opetion for queuefile transport

6 years agoRemove extraneus line - benign but pointless.
Jeremy Harris [Mon, 26 Mar 2018 11:20:50 +0000 (12:20 +0100)]
Remove extraneus line - benign but pointless.

Broken-by: 9e70917d0a
6 years agoTestsuite: for SPF tests, avoid using the ipv4 address
Jeremy Harris [Sun, 25 Mar 2018 16:14:41 +0000 (17:14 +0100)]
Testsuite: for SPF tests, avoid using the ipv4 address

6 years agoAdd non-mtp source info to ${authres }
Jeremy Harris [Sun, 25 Mar 2018 15:42:34 +0000 (16:42 +0100)]
Add non-mtp source info to ${authres }

6 years agoDKIM: document generation of RSA keys
Jeremy Harris [Sun, 25 Mar 2018 13:08:36 +0000 (14:08 +0100)]
DKIM: document generation of RSA keys

6 years agoDKIM: document Ed25519 private key generation under OpenSSL (1.1.1+)
Jeremy Harris [Sat, 24 Mar 2018 23:35:00 +0000 (23:35 +0000)]
DKIM: document Ed25519 private key generation under OpenSSL (1.1.1+)

6 years agoDKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage notes...
Jeremy Harris [Sat, 24 Mar 2018 15:19:27 +0000 (15:19 +0000)]
DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage notes to docs

6 years agoDocs: more on ${authresults }
Jeremy Harris [Sat, 24 Mar 2018 18:38:15 +0000 (18:38 +0000)]
Docs: more on ${authresults }

6 years agoARC: give more detail with "bad signing-spec" message
Jeremy Harris [Sat, 24 Mar 2018 13:53:50 +0000 (13:53 +0000)]
ARC: give more detail with "bad signing-spec" message

6 years agoMark variables that are unused before release of store in the queue-list loop
Jeremy Harris [Sat, 24 Mar 2018 13:43:01 +0000 (13:43 +0000)]
Mark variables that are unused before release of store in the queue-list loop

6 years agoAddress jgh notes re OpenSSL
Phil Pennock [Fri, 23 Mar 2018 22:34:21 +0000 (18:34 -0400)]
Address jgh notes re OpenSSL

* `/usr/local` is fair, on Linux, but I deliberately picked something
  specific to OpenSSL to make the context clear and limit bad
  interactions with other locally-installed software.
* `RPATH` and `RUNPATH` are not the same and are deeply twisty in their
  interactions.
  <https://blog.qt.io/blog/2011/10/28/rpath-and-runpath/> is a decent
  summary.

6 years agoARC: For signing, accept A-R header lacking ARC info as equivalent to "none"
Jeremy Harris [Fri, 23 Mar 2018 16:45:03 +0000 (16:45 +0000)]
ARC: For signing, accept A-R header lacking ARC info as equivalent to "none"

6 years agoDocs: typo
Jeremy Harris [Fri, 23 Mar 2018 16:42:47 +0000 (16:42 +0000)]
Docs: typo

6 years agoFix spool_wireformat final-dot on LMTP transport. Bug 2258
Jeremy Harris [Fri, 23 Mar 2018 12:18:53 +0000 (12:18 +0000)]
Fix spool_wireformat final-dot on LMTP transport.  Bug 2258

Broken-by: 328c5688db
6 years agoARC: add independent-source testcase. Fix signatures by not line-terminating
Jeremy Harris [Fri, 23 Mar 2018 11:06:35 +0000 (11:06 +0000)]
ARC: add independent-source testcase.  Fix signatures by not line-terminating
last header line being hashed.

6 years agoexiqsumm fix: Check @ARGV exists before testing it
Graeme Fowler [Fri, 23 Mar 2018 12:00:54 +0000 (12:00 +0000)]
exiqsumm fix: Check @ARGV exists before testing it

6 years agoSet a TERM handler to terminate properly if running as PID 1
Heiko Schlittermann (HS12-RIPE) [Thu, 22 Mar 2018 22:32:53 +0000 (23:32 +0100)]
Set a TERM handler to terminate properly if running as PID 1

6 years agoSPF: additional variable $spf_result_guessed; tweak authresults string indicating...
Jeremy Harris [Thu, 22 Mar 2018 13:26:58 +0000 (13:26 +0000)]
SPF: additional variable $spf_result_guessed; tweak authresults string indicating guess

6 years agoPipe transport, part two. Bug 2257 exim-4_91_RC2
Jeremy Harris [Wed, 21 Mar 2018 11:34:22 +0000 (11:34 +0000)]
Pipe transport, part two.  Bug 2257

6 years agoARC: AS header should have no c= tag
Jeremy Harris [Tue, 20 Mar 2018 22:11:24 +0000 (22:11 +0000)]
ARC: AS header should have no c= tag

6 years agoARC: on the smtp transport option take empty or forced-fail to disable signing
Jeremy Harris [Tue, 20 Mar 2018 19:58:00 +0000 (19:58 +0000)]
ARC: on the smtp transport option take empty or forced-fail to disable signing

6 years agoNot all the world is binutils ld
Phil Pennock [Wed, 21 Mar 2018 01:43:16 +0000 (21:43 -0400)]
Not all the world is binutils ld

6 years agoFix pipe transport to not use a socket-only syscall. Bug 2257
Jeremy Harris [Tue, 20 Mar 2018 17:54:47 +0000 (17:54 +0000)]
Fix pipe transport to not use a socket-only syscall.  Bug 2257

Broken-by: 42055a3385
6 years agoDKIM: harden signature header parsing
Jeremy Harris [Tue, 20 Mar 2018 16:40:31 +0000 (16:40 +0000)]
DKIM: harden signature header parsing

6 years agoLibreSSL version numbering differe from OpenSSL
Jeremy Harris [Mon, 19 Mar 2018 00:37:28 +0000 (00:37 +0000)]
LibreSSL version numbering differe from OpenSSL

6 years agoDMARC: tescase
Jeremy Harris [Sun, 18 Mar 2018 19:07:50 +0000 (19:07 +0000)]
DMARC: tescase

Extremely basic; we have no control of the DNS use of the dmarc library

6 years agoDMARC: if ACL condition not called, do not add anything to authres string
Jeremy Harris [Sun, 18 Mar 2018 18:56:13 +0000 (18:56 +0000)]
DMARC: if ACL condition not called, do not add anything to authres string

Previously "skipped" was added; that is no only done for an actual
call which could not be completed

6 years agoUnbreak DMARC
Jeremy Harris [Sun, 18 Mar 2018 18:48:13 +0000 (18:48 +0000)]
Unbreak DMARC

Broken-by: c780096c29