-. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.38 2008/02/26 11:46:33 fanf2 Exp $
+. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.41 2008/04/13 11:45:58 tom Exp $
.
. /////////////////////////////////////////////////////////////////////////////
. This is the primary source of the Exim Manual. It is an xfpt document that is
.section "GnuTLS parameter computation" "SECID181"
-GnuTLS uses RSA and D-H parameters that may take a substantial amount of time
+GnuTLS uses D-H parameters that may take a substantial amount of time
to compute. It is unreasonable to re-compute them for every TLS session.
Therefore, Exim keeps this data in a file in its spool directory, called
&_gnutls-params_&. The file is owned by the Exim user and is readable only by
-its owner. Every Exim process that start up GnuTLS reads the RSA and D-H
+its owner. Every Exim process that start up GnuTLS reads the D-H
parameters from this file. If the file does not exist, the first Exim process
that needs it computes the data and writes it to a temporary file which is
renamed once it is complete. It does not matter if several Exim processes do
.cindex "&ACL;" "testing a DNS list"
In its simplest form, the &%dnslists%& condition tests whether the calling host
is on at least one of a number of DNS lists by looking up the inverted IP
-address in one or more DNS domains. For example, if the calling host's IP
+address in one or more DNS domains. (Note that DNS list domains are not mail
+domains, so the &`+`& syntax for named lists doesn't work - it is used for
+special options instead.) For example, if the calling host's IP
address is 192.168.62.43, and the ACL statement is
.code
deny dnslists = blackholes.mail-abuse.org : \