+33. It is now permitted to omit both strings after an "if" condition; if the
+ condition is true, the result is "true". As before, when the second string
+ is omitted, a false condition yields an empty string. This makes it less
+ cumbersome to write custom ACL and router conditions.
+
+34. Failure to deliver a bounce message always caused it to be frozen, even if
+ there was an errors_to setting on the router. The errors_to setting is now
+ respected.
+
+35. If an IPv6 address is given for -bh or -bhc, it is now converted to the
+ canonical form (fully expanded) before being placed in
+ $sender_host_address.
+
+36. The table in the code that translates DNS record types into text (T_A to
+ "A" for instance) was missing entries for NS and CNAME. It is just possible
+ that this could have caused confusion if both these types were looked up
+ for the same domain, because the text type is used as part of Exim's
+ per-process caching. But the chance of anyone hitting this buglet seems
+ very small.
+
+37. The dnsdb lookup has been extended in a number of ways.
+
+ (1) There is a new type, "zns", which walks up the domain tree until it
+ finds some nameserver records. It should be used with care.
+
+ (2) There is a new type, "mxh", which is like "mx" except that it returns
+ just the host names, not the priorities.
+
+ (3) It is now possible to give a list of domains (or IP addresses) to be
+ looked up. The behaviour when one of the lookups defers can be
+ controlled by a keyword.
+
+ (4) It is now possible to specify the separator character for use when
+ multiple records are returned.
+
+38. The dnslists ACL condition has been extended: it is now possible to supply
+ a list of IP addresses and/or domains to be looked up in a particular DNS
+ domain.
+
+39. Added log_selector=+queue_time_overall.
+
+40. When running the queue in the test harness, wait just a tad after forking a
+ delivery process, to get repeatability of debugging output.
+
+41. Include certificate and key file names in error message when GnuTLS fails
+ to set them up, because the GnuTLS error message doesn't include the name
+ of the failing file when there is a problem reading it.
+
+42. Allow both -bf and -bF in the same test run.
+
+43. Did the same fix as 41 above for OpenSSL, which had the same infelicity.
+
+44. The "Exiscan patch" is now merged into the mainline Exim source.
+
+45. Sometimes the final signoff response after QUIT could fail to get
+ transmitted in the non-TLS case. Testing !tls_active instead of tls_active
+ < 0 before doing a fflush(). This bug looks as though it goes back to the
+ introduction of TLS in release 3.20, but "sometimes" must have been rare
+ because the tests only now provoked it.
+
+46. Reset the locale to "C" after calling embedded Perl, in case it was changed
+ (this can affect the format of dates).
+
+47. exim_tidydb, when checking for the continued existence of a message for
+ which it has found a message-specific retry record, was not finding
+ messages that were in split spool directories. Consequently, it was
+ deleting retry records that should have stayed in existence.
+
+48. Steve fixed some bugs in eximstats.
+
+49. The SPA authentication driver was not abandoning authentication and moving
+ on to the next authenticator when an expansion was forced to fail,
+ contradicting the general specification for all authenticators. Instead it
+ was generating a temporary error. It now behaves as specified.
+
+50. The default ordering of permitted cipher suites for GnuTLS was pessimal
+ (the order specifies the preference for clients). The order is now AES256,
+ AES128, 3DES, ARCFOUR128.
+
+51. Small patch to Sieve code - explicitly set From: when generating an
+ autoreply.
+
+52. Exim crashed if a remote delivery caused a very long error message to be
+ recorded - for instance if somebody sent an entire SpamAssassin report back
+ as a large number of 550 error lines. This bug was coincidentally fixed by
+ increasing the size of one of Exim's internal buffers (big_buffer) that
+ happened as part of the Exiscan merge. However, to be on the safe side, I
+ have made the code more robust (and fixed the comments that describe what
+ is going on).
+
+53. Now that there can be additional text after "Completed" in log lines (if
+ the queue_time_overall log selector is set), a one-byte patch to exigrep
+ was needed to allow it to recognize "Completed" as not the last thing in
+ the line.
+
+54. The LDAP lookup was not handling a return of LDAP_RES_SEARCH_REFERENCE. A
+ patch that reportedly fixes this has been added. I am not expert enough to
+ create a test for it. This is what the patch creator wrote:
+
+ "I found a little strange behaviour of ldap code when working with
+ Windows 2003 AD Domain, where users was placed in more than one
+ Organization Units. When I tried to give exim partial DN, the exit code
+ of ldap_search was unknown to exim because of LDAP_RES_SEARCH_REFERENCE.
+ But simultaneously result of request was absolutely normal ldap result,
+ so I produce this patch..."
+
+55. Some experimental protocols are using DNS PTR records for new purposes. The
+ keys for these records are domain names, not reversed IP addresses. The
+ dnsdb lookup now tests whether it's key is an IP address. If not, it leaves
+ it alone. Component reversal etc. now happens only for IP addresses.
+
+56. Improve error message when ldap_search() fails in OpenLDAP or Solaris LDAP.
+
+57. Double the size of the debug message buffer (to 2048) so that more of very
+ long debug lines gets shown.
+