test from the snapshots or the Git before the documentation is updated. Once
the documentation is updated, this file is reduced to a short list.
+Version 4.92
+--------------
+
+ 1. An "external" authenticator, per RFC 4422 Appendix A.
+
+ 2. A JSON lookup type, and JSON variants of the forall/any expansion conditions.
+
+ 3. Variables $tls_in_cipher_std, $tls_out_cipher_std giving the RFC names
+ for ciphersuites.
+
+Version 4.92
+--------------
+
+ 1. ${l_header:<name>} and ${l_h:<name>} expansion items, giving a colon-sep
+ list when there are multiple headers having a given name. This matters
+ when individual headers are wrapped onto multiple lines; with previous
+ facilities hard to parse.
+
+ 2. The ${readsocket } expansion item now takes a "tls" option, doing the
+ obvious thing.
+
+ 3. EXPERIMENTAL_REQUIRETLS and EXPERIMENTAL_PIPE_CONNECT optional build
+ features. See the experimental.spec file.
+
+ 4. If built with SUPPORT_I18N a "utf8_downconvert" option on the smtp transport.
+
+ 5. A "pipelining" log_selector.
+
+ 6. Builtin macros for supported log_selector and openssl_options values.
+
+ 7. JSON variants of the ${extract } expansion item.
+
+ 8. A "noutf8" debug option, for disabling the UTF-8 characters in debug output.
+
+ 9. TCP Fast Open support on MacOS.
+
Version 4.91
--------------
2. DANE is now supported under GnuTLS version 3.0.0 or later. Both GnuTLS and
OpenSSL versions are moved to mainline support from Experimental.
+ New SMTP transport option "dane_require_tls_ciphers".
3. Feature macros for the compiled-in set of malware scanner interfaces.
under OpenSSL version 1.1.1 or later.
9. DKIM operations can now use the Ed25519 algorithm in addition to RSA, under
- GnuTLS 3.6.0 or later.
+ GnuTLS 3.6.0 or OpenSSL 1.1.1 or later.
10. Builtin feature-macros _CRYPTO_HASH_SHA3 and _CRYPTO_SIGN_ED25519, library
version dependent.
Authentication-Results: header.
13. EXPERIMENTAL_ARC. See the experimental.spec file.
+ See also new util/renew-opendmarc-tlds.sh script for use with DMARC/ARC.
14: A dane:fail event, intended to facilitate reporting.
the running exim instance. If the cluster has master/slave replication, the
list must contain all the master and slave servers.
+16. Add an option to the Avast scanner interface: "pass_unscanned". This
+ allows to treat unscanned files as clean. Files may be unscanned for
+ several reasons: decompression bombs, broken archives.
+
Version 4.90
------------