Unless you really know what you are doing, leave it alone.
4. If not built with DISABLE_DNSSEC, Exim now has the main option
- dns_use_dnssec; if set to 1 then Exim will initialise the resolver library
+ dns_dnssec_ok; if set to 1 then Exim will initialise the resolver library
to send the DO flag to your recursive resolver. If you have a recursive
resolver, which can set the Authenticated Data (AD) flag in results, Exim
- can now detect this.
+ can now detect this. Exim does not perform validation itself, instead
+ relying upon a trusted path to the resolver.
Current status: work-in-progress; $sender_host_dnssec variable added.
for specific access to the information for each connection. The old names
are present for now but deprecated.
- Not yet supported: IGNOREQUOTA, SIZE, PIPELINING, AUTH.
+ Not yet supported: IGNOREQUOTA, SIZE, PIPELINING.
8. New expansion operators ${listnamed:name} to get the content of a named list
and ${listcount:string} to count the items in a list.
15. New 8bitmime status logging option for received messages. Log field "M8S".
-
16. New authenticated_sender logging option, adding to log field "A".
17. New expansion variables $router_name and $transport_name. Useful
particularly for debug_print as -bt commandline option does not
- require privilege whereas -d does. As a side-effect the router accepting
- for verification is visible in ACLs.
+ require privilege whereas -d does.
+
+18. If built with EXPERIMENTAL_PRDR, per-recipient data responses per a
+ proposed extension to SMTP from Eric Hall.
+
+19. The pipe transport has gained the force_command option, to allow
+ decorating commands from user .forward pipe aliases with prefix
+ wrappers, for instance.
+
+20. Callout connections can now AUTH; the same controls as normal delivery
+ connections apply.
+
+21. Support for DMARC, using opendmarc libs, can be enabled. It adds new
+ options: dmarc_forensic_sender, dmarc_history_file, and dmarc_tld_file.
+ It adds new expansion variables $dmarc_ar_header, $dmarc_status,
+ $dmarc_status_text, and $dmarc_used_domain. It adds a new acl modifier
+ dmarc_status. It adds new control flags dmarc_disable_verify and
+ dmarc_enable_forensic.
+
+22. Add expansion variable $authenticated_fail_id, which is the username
+ provided to the authentication method which failed. It is available
+ for use in subsequent ACL processing (typically quit or notquit ACLs).
+
+23. New ACL modifer "udpsend" can construct a UDP packet to send to a given
+ UDP host and port.
+24. New ${hexquote:..string..} expansion operator converts non-printable
+ characters in the string to \xNN form.
Version 4.80
gnutls_require_mac & gnutls_require_protocols are no longer supported.
tls_require_ciphers is now parsed by gnutls_priority_init(3) as a priority
string, documentation for which is at:
- http://www.gnu.org/software/gnutls/manual/html_node/Priority-Strings.html
+ http://www.gnutls.org/manual/html_node/Priority-Strings.html
SNI support has been added to Exim's GnuTLS integration too.